[PULL 00/36] target-arm queue
[PULL 00/21] target-arm queue
1
First pullreq for 6.0: mostly my v8.1M work, plus some other
1
The following changes since commit f003dd8d81f7d88f4b1f8802309eaa76f6eb223a:
2
bits and pieces. (I still have a lot of stuff in my to-review
3
folder, which I may or may not get to before the Christmas break...)
4
2
5
thanks
3
Merge tag 'pull-tcg-20230305' of https://gitlab.com/rth7680/qemu into staging (2023-03-06 10:20:04 +0000)
6
-- PMM
7
8
The following changes since commit 5e7b204dbfae9a562fc73684986f936b97f63877:
9
10
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging (2020-12-09 20:08:54 +0000)
11
4
12
are available in the Git repository at:
5
are available in the Git repository at:
13
6
14
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20201210
7
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20230306
15
8
16
for you to fetch changes up to 71f916be1c7e9ede0e37d9cabc781b5a9e8638ff:
9
for you to fetch changes up to 2ddc45954f97cd1d7ee5cbca0def05e980d1da9f:
17
10
18
hw/arm/armv7m: Correct typo in QOM object name (2020-12-10 11:44:56 +0000)
11
hw: arm: allwinner-h3: Fix and complete H3 i2c devices (2023-03-06 15:31:24 +0000)
19
12
20
----------------------------------------------------------------
13
----------------------------------------------------------------
21
target-arm queue:
14
target-arm queue:
22
* hw/arm/smmuv3: Fix up L1STD_SPAN decoding
15
* allwinner-h3: Fix I2C controller model for Sun6i SoCs
23
* xlnx-zynqmp: Support Xilinx ZynqMP CAN controllers
16
* allwinner-h3: Add missing i2c controllers
24
* sbsa-ref: allow to use Cortex-A53/57/72 cpus
17
* Expose M-profile system registers to gdbstub
25
* Various minor code cleanups
18
* Expose pauth information to gdbstub
26
* hw/intc/armv7m_nvic: Make all of system PPB range be RAZWI/BusFault
19
* Support direct boot for Linux/arm64 EFI zboot images
27
* Implement more pieces of ARMv8.1M support
20
* Fix incorrect stage 2 MMU setup validation
28
21
29
----------------------------------------------------------------
22
----------------------------------------------------------------
30
Alex Chen (4):
23
Ard Biesheuvel (1):
31
i.MX25: Fix bad printf format specifiers
24
hw: arm: Support direct boot for Linux/arm64 EFI zboot images
32
i.MX31: Fix bad printf format specifiers
33
i.MX6: Fix bad printf format specifiers
34
i.MX6ul: Fix bad printf format specifiers
35
25
36
Havard Skinnemoen (1):
26
David Reiss (2):
37
tests/qtest/npcm7xx_rng-test: dump random data on failure
27
target/arm: Export arm_v7m_mrs_control
28
target/arm: Export arm_v7m_get_sp_ptr
38
29
39
Kunkun Jiang (1):
30
Richard Henderson (16):
40
hw/arm/smmuv3: Fix up L1STD_SPAN decoding
31
target/arm: Normalize aarch64 gdbstub get/set function names
32
target/arm: Unexport arm_gen_dynamic_sysreg_xml
33
target/arm: Move arm_gen_dynamic_svereg_xml to gdbstub64.c
34
target/arm: Split out output_vector_union_type
35
target/arm: Simplify register counting in arm_gen_dynamic_svereg_xml
36
target/arm: Hoist pred_width in arm_gen_dynamic_svereg_xml
37
target/arm: Fix svep width in arm_gen_dynamic_svereg_xml
38
target/arm: Add name argument to output_vector_union_type
39
target/arm: Simplify iteration over bit widths
40
target/arm: Create pauth_ptr_mask
41
target/arm: Implement gdbstub pauth extension
42
target/arm: Implement gdbstub m-profile systemreg and secext
43
target/arm: Handle m-profile in arm_is_secure
44
target/arm: Stub arm_hcr_el2_eff for m-profile
45
target/arm: Diagnose incorrect usage of arm_is_secure subroutines
46
target/arm: Rewrite check_s2_mmu_setup
41
47
42
Marcin Juszkiewicz (1):
48
qianfan Zhao (2):
43
sbsa-ref: allow to use Cortex-A53/57/72 cpus
49
hw: allwinner-i2c: Fix TWI_CNTR_INT_FLAG on SUN6i SoCs
50
hw: arm: allwinner-h3: Fix and complete H3 i2c devices
44
51
45
Peter Maydell (25):
52
configs/targets/aarch64-linux-user.mak | 2 +-
46
hw/intc/armv7m_nvic: Make all of system PPB range be RAZWI/BusFault
53
configs/targets/aarch64-softmmu.mak | 2 +-
47
target/arm: Implement v8.1M PXN extension
54
configs/targets/aarch64_be-linux-user.mak | 2 +-
48
target/arm: Don't clobber ID_PFR1.Security on M-profile cores
55
include/hw/arm/allwinner-h3.h | 6 +
49
target/arm: Implement VSCCLRM insn
56
include/hw/i2c/allwinner-i2c.h | 6 +
50
target/arm: Implement CLRM instruction
57
include/hw/loader.h | 19 ++
51
target/arm: Enforce M-profile VMRS/VMSR register restrictions
58
target/arm/cpu.h | 17 +-
52
target/arm: Refactor M-profile VMSR/VMRS handling
59
target/arm/internals.h | 34 +++-
53
target/arm: Move general-use constant expanders up in translate.c
60
hw/arm/allwinner-h3.c | 29 +++-
54
target/arm: Implement VLDR/VSTR system register
61
hw/arm/boot.c | 6 +
55
target/arm: Implement M-profile FPSCR_nzcvqc
62
hw/core/loader.c | 91 ++++++++++
56
target/arm: Use new FPCR_NZCV_MASK constant
63
hw/i2c/allwinner-i2c.c | 26 ++-
57
target/arm: Factor out preserve-fp-state from full_vfp_access_check()
64
target/arm/gdbstub.c | 278 ++++++++++++++++++------------
58
target/arm: Implement FPCXT_S fp system register
65
target/arm/gdbstub64.c | 175 ++++++++++++++++++-
59
hw/intc/armv7m_nvic: Update FPDSCR masking for v8.1M
66
target/arm/helper.c | 3 +
60
target/arm: For v8.1M, always clear R0-R3, R12, APSR, EPSR on exception entry
67
target/arm/ptw.c | 173 +++++++++++--------
61
target/arm: In v8.1M, don't set HFSR.FORCED on vector table fetch failures
68
target/arm/tcg/m_helper.c | 90 +++++-----
62
target/arm: Implement v8.1M REVIDR register
69
target/arm/tcg/pauth_helper.c | 26 ++-
63
target/arm: Implement new v8.1M NOCP check for exception return
70
gdb-xml/aarch64-pauth.xml | 15 ++
64
target/arm: Implement new v8.1M VLLDM and VLSTM encodings
71
19 files changed, 742 insertions(+), 258 deletions(-)
65
hw/intc/armv7m_nvic: Support v8.1M CCR.TRD bit
72
create mode 100644 gdb-xml/aarch64-pauth.xml
66
target/arm: Implement CCR_S.TRD behaviour for SG insns
67
hw/intc/armv7m_nvic: Fix "return from inactive handler" check
68
target/arm: Implement M-profile "minimal RAS implementation"
69
hw/intc/armv7m_nvic: Implement read/write for RAS register block
70
hw/arm/armv7m: Correct typo in QOM object name
71
72
Vikram Garhwal (4):
73
hw/net/can: Introduce Xilinx ZynqMP CAN controller
74
xlnx-zynqmp: Connect Xilinx ZynqMP CAN controllers
75
tests/qtest: Introduce tests for Xilinx ZynqMP CAN controller
76
MAINTAINERS: Add maintainer entry for Xilinx ZynqMP CAN controller
77
78
meson.build | 1 +
79
hw/arm/smmuv3-internal.h | 2 +-
80
hw/net/can/trace.h | 1 +
81
include/hw/arm/xlnx-zynqmp.h | 8 +
82
include/hw/intc/armv7m_nvic.h | 2 +
83
include/hw/net/xlnx-zynqmp-can.h | 78 +++
84
target/arm/cpu.h | 46 ++
85
target/arm/m-nocp.decode | 10 +-
86
target/arm/t32.decode | 10 +-
87
target/arm/vfp.decode | 14 +
88
hw/arm/armv7m.c | 4 +-
89
hw/arm/sbsa-ref.c | 23 +-
90
hw/arm/xlnx-zcu102.c | 20 +
91
hw/arm/xlnx-zynqmp.c | 34 ++
92
hw/intc/armv7m_nvic.c | 246 ++++++--
93
hw/misc/imx25_ccm.c | 12 +-
94
hw/misc/imx31_ccm.c | 14 +-
95
hw/misc/imx6_ccm.c | 20 +-
96
hw/misc/imx6_src.c | 2 +-
97
hw/misc/imx6ul_ccm.c | 4 +-
98
hw/misc/imx_ccm.c | 4 +-
99
hw/net/can/xlnx-zynqmp-can.c | 1161 ++++++++++++++++++++++++++++++++++++++
100
target/arm/cpu.c | 5 +-
101
target/arm/helper.c | 7 +-
102
target/arm/m_helper.c | 130 ++++-
103
target/arm/translate.c | 105 +++-
104
tests/qtest/npcm7xx_rng-test.c | 12 +
105
tests/qtest/xlnx-can-test.c | 360 ++++++++++++
106
MAINTAINERS | 8 +
107
hw/Kconfig | 1 +
108
hw/net/can/meson.build | 1 +
109
hw/net/can/trace-events | 9 +
110
target/arm/translate-vfp.c.inc | 511 ++++++++++++++++-
111
tests/qtest/meson.build | 1 +
112
34 files changed, 2713 insertions(+), 153 deletions(-)
113
create mode 100644 hw/net/can/trace.h
114
create mode 100644 include/hw/net/xlnx-zynqmp-can.h
115
create mode 100644 hw/net/can/xlnx-zynqmp-can.c
116
create mode 100644 tests/qtest/xlnx-can-test.c
117
create mode 100644 hw/net/can/trace-events
118
diff view generated by jsdifflib
[PULL 07/36] tests/qtest/npcm7xx_rng-test: dump random data on failure
[PULL 01/21] target/arm: Normalize aarch64 gdbstub get/set function names
1
From: Havard Skinnemoen <hskinnemoen@google.com>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
Dump the collected random data after a randomness test failure.
3
Make the form of the function names between fp and sve the same:
4
- arm_gdb_*_svereg -> aarch64_gdb_*_sve_reg.
5
- aarch64_fpu_gdb_*_reg -> aarch64_gdb_*_fpu_reg.
4
6
5
Note that this relies on the test having called
7
Reviewed-by: Fabiano Rosas <farosas@suse.de>
6
g_test_set_nonfatal_assertions() so we don't abort immediately on the
8
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
7
assertion failure.
9
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
10
Message-id: 20230227213329.793795-2-richard.henderson@linaro.org
9
Signed-off-by: Havard Skinnemoen <hskinnemoen@google.com>
10
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
11
[PMM: minor commit message tweak]
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
---
12
---
14
tests/qtest/npcm7xx_rng-test.c | 12 ++++++++++++
13
target/arm/internals.h | 8 ++++----
15
1 file changed, 12 insertions(+)
14
target/arm/gdbstub.c | 9 +++++----
15
target/arm/gdbstub64.c | 8 ++++----
16
3 files changed, 13 insertions(+), 12 deletions(-)
16
17
17
diff --git a/tests/qtest/npcm7xx_rng-test.c b/tests/qtest/npcm7xx_rng-test.c
18
diff --git a/target/arm/internals.h b/target/arm/internals.h
18
index XXXXXXX..XXXXXXX 100644
19
index XXXXXXX..XXXXXXX 100644
19
--- a/tests/qtest/npcm7xx_rng-test.c
20
--- a/target/arm/internals.h
20
+++ b/tests/qtest/npcm7xx_rng-test.c
21
+++ b/target/arm/internals.h
21
@@ -XXX,XX +XXX,XX @@
22
@@ -XXX,XX +XXX,XX @@ static inline uint64_t pmu_counter_mask(CPUARMState *env)
22
23
}
23
#include "libqtest-single.h"
24
24
#include "qemu/bitops.h"
25
#ifdef TARGET_AARCH64
25
+#include "qemu-common.h"
26
-int arm_gdb_get_svereg(CPUARMState *env, GByteArray *buf, int reg);
26
27
-int arm_gdb_set_svereg(CPUARMState *env, uint8_t *buf, int reg);
27
#define RNG_BASE_ADDR 0xf000b000
28
-int aarch64_fpu_gdb_get_reg(CPUARMState *env, GByteArray *buf, int reg);
28
29
-int aarch64_fpu_gdb_set_reg(CPUARMState *env, uint8_t *buf, int reg);
29
@@ -XXX,XX +XXX,XX @@
30
+int aarch64_gdb_get_sve_reg(CPUARMState *env, GByteArray *buf, int reg);
30
/* Number of bits to collect for randomness tests. */
31
+int aarch64_gdb_set_sve_reg(CPUARMState *env, uint8_t *buf, int reg);
31
#define TEST_INPUT_BITS (128)
32
+int aarch64_gdb_get_fpu_reg(CPUARMState *env, GByteArray *buf, int reg);
32
33
+int aarch64_gdb_set_fpu_reg(CPUARMState *env, uint8_t *buf, int reg);
33
+static void dump_buf_if_failed(const uint8_t *buf, size_t size)
34
void arm_cpu_sve_finalize(ARMCPU *cpu, Error **errp);
34
+{
35
void arm_cpu_sme_finalize(ARMCPU *cpu, Error **errp);
35
+ if (g_test_failed()) {
36
void arm_cpu_pauth_finalize(ARMCPU *cpu, Error **errp);
36
+ qemu_hexdump(stderr, "", buf, size);
37
diff --git a/target/arm/gdbstub.c b/target/arm/gdbstub.c
37
+ }
38
index XXXXXXX..XXXXXXX 100644
38
+}
39
--- a/target/arm/gdbstub.c
39
+
40
+++ b/target/arm/gdbstub.c
40
static void rng_writeb(unsigned int offset, uint8_t value)
41
@@ -XXX,XX +XXX,XX @@ void arm_cpu_register_gdb_regs_for_features(ARMCPU *cpu)
42
*/
43
#ifdef TARGET_AARCH64
44
if (isar_feature_aa64_sve(&cpu->isar)) {
45
- gdb_register_coprocessor(cs, arm_gdb_get_svereg, arm_gdb_set_svereg,
46
- arm_gen_dynamic_svereg_xml(cs, cs->gdb_num_regs),
47
+ int nreg = arm_gen_dynamic_svereg_xml(cs, cs->gdb_num_regs);
48
+ gdb_register_coprocessor(cs, aarch64_gdb_get_sve_reg,
49
+ aarch64_gdb_set_sve_reg, nreg,
50
"sve-registers.xml", 0);
51
} else {
52
- gdb_register_coprocessor(cs, aarch64_fpu_gdb_get_reg,
53
- aarch64_fpu_gdb_set_reg,
54
+ gdb_register_coprocessor(cs, aarch64_gdb_get_fpu_reg,
55
+ aarch64_gdb_set_fpu_reg,
56
34, "aarch64-fpu.xml", 0);
57
}
58
#endif
59
diff --git a/target/arm/gdbstub64.c b/target/arm/gdbstub64.c
60
index XXXXXXX..XXXXXXX 100644
61
--- a/target/arm/gdbstub64.c
62
+++ b/target/arm/gdbstub64.c
63
@@ -XXX,XX +XXX,XX @@ int aarch64_cpu_gdb_write_register(CPUState *cs, uint8_t *mem_buf, int n)
64
return 0;
65
}
66
67
-int aarch64_fpu_gdb_get_reg(CPUARMState *env, GByteArray *buf, int reg)
68
+int aarch64_gdb_get_fpu_reg(CPUARMState *env, GByteArray *buf, int reg)
41
{
69
{
42
writeb(RNG_BASE_ADDR + offset, value);
70
switch (reg) {
43
@@ -XXX,XX +XXX,XX @@ static void test_continuous_monobit(void)
71
case 0 ... 31:
72
@@ -XXX,XX +XXX,XX @@ int aarch64_fpu_gdb_get_reg(CPUARMState *env, GByteArray *buf, int reg)
44
}
73
}
45
46
g_assert_cmpfloat(calc_monobit_p(buf, sizeof(buf)), >, 0.01);
47
+ dump_buf_if_failed(buf, sizeof(buf));
48
}
74
}
49
75
50
/*
76
-int aarch64_fpu_gdb_set_reg(CPUARMState *env, uint8_t *buf, int reg)
51
@@ -XXX,XX +XXX,XX @@ static void test_continuous_runs(void)
77
+int aarch64_gdb_set_fpu_reg(CPUARMState *env, uint8_t *buf, int reg)
78
{
79
switch (reg) {
80
case 0 ... 31:
81
@@ -XXX,XX +XXX,XX @@ int aarch64_fpu_gdb_set_reg(CPUARMState *env, uint8_t *buf, int reg)
52
}
82
}
53
54
g_assert_cmpfloat(calc_runs_p(buf.l, sizeof(buf) * BITS_PER_BYTE), >, 0.01);
55
+ dump_buf_if_failed(buf.c, sizeof(buf));
56
}
83
}
57
84
58
/*
85
-int arm_gdb_get_svereg(CPUARMState *env, GByteArray *buf, int reg)
59
@@ -XXX,XX +XXX,XX @@ static void test_first_byte_monobit(void)
86
+int aarch64_gdb_get_sve_reg(CPUARMState *env, GByteArray *buf, int reg)
60
}
87
{
61
88
ARMCPU *cpu = env_archcpu(env);
62
g_assert_cmpfloat(calc_monobit_p(buf, sizeof(buf)), >, 0.01);
89
63
+ dump_buf_if_failed(buf, sizeof(buf));
90
@@ -XXX,XX +XXX,XX @@ int arm_gdb_get_svereg(CPUARMState *env, GByteArray *buf, int reg)
91
return 0;
64
}
92
}
65
93
66
/*
94
-int arm_gdb_set_svereg(CPUARMState *env, uint8_t *buf, int reg)
67
@@ -XXX,XX +XXX,XX @@ static void test_first_byte_runs(void)
95
+int aarch64_gdb_set_sve_reg(CPUARMState *env, uint8_t *buf, int reg)
68
}
96
{
69
97
ARMCPU *cpu = env_archcpu(env);
70
g_assert_cmpfloat(calc_runs_p(buf.l, sizeof(buf) * BITS_PER_BYTE), >, 0.01);
98
71
+ dump_buf_if_failed(buf.c, sizeof(buf));
72
}
73
74
int main(int argc, char **argv)
75
--
99
--
76
2.20.1
100
2.34.1
77
101
78
102
diff view generated by jsdifflib
[PULL 34/36] target/arm: Implement M-profile "minimal RAS implementation"
[PULL 02/21] target/arm: Unexport arm_gen_dynamic_sysreg_xml
1
For v8.1M the architecture mandates that CPUs must provide at
1
From: Richard Henderson <richard.henderson@linaro.org>
2
least the "minimal RAS implementation" from the Reliability,
3
Availability and Serviceability extension. This consists of:
4
* an ESB instruction which is a NOP
5
-- since it is in the HINT space we need only add a comment
6
* an RFSR register which will RAZ/WI
7
* a RAZ/WI AIRCR.IESB bit
8
-- the code which handles writes to AIRCR does not allow setting
9
of RES0 bits, so we already treat this as RAZ/WI; add a comment
10
noting that this is deliberate
11
* minimal implementation of the RAS register block at 0xe0005000
12
-- this will be in a subsequent commit
13
* setting the ID_PFR0.RAS field to 0b0010
14
-- we will do this when we add the Cortex-M55 CPU model
15
2
3
This function is not used outside gdbstub.c.
4
5
Reviewed-by: Fabiano Rosas <farosas@suse.de>
6
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20230227213329.793795-3-richard.henderson@linaro.org
16
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
17
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
18
Message-id: 20201119215617.29887-26-peter.maydell@linaro.org
19
---
10
---
20
target/arm/cpu.h | 14 ++++++++++++++
11
target/arm/cpu.h | 1 -
21
target/arm/t32.decode | 4 ++++
12
target/arm/gdbstub.c | 2 +-
22
hw/intc/armv7m_nvic.c | 13 +++++++++++++
13
2 files changed, 1 insertion(+), 2 deletions(-)
23
3 files changed, 31 insertions(+)
24
14
25
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
15
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
26
index XXXXXXX..XXXXXXX 100644
16
index XXXXXXX..XXXXXXX 100644
27
--- a/target/arm/cpu.h
17
--- a/target/arm/cpu.h
28
+++ b/target/arm/cpu.h
18
+++ b/target/arm/cpu.h
29
@@ -XXX,XX +XXX,XX @@ FIELD(ID_MMFR4, LSM, 20, 4)
19
@@ -XXX,XX +XXX,XX @@ int arm_cpu_gdb_write_register(CPUState *cpu, uint8_t *buf, int reg);
30
FIELD(ID_MMFR4, CCIDX, 24, 4)
20
* Helpers to dynamically generates XML descriptions of the sysregs
31
FIELD(ID_MMFR4, EVT, 28, 4)
21
* and SVE registers. Returns the number of registers in each set.
32
22
*/
33
+FIELD(ID_PFR0, STATE0, 0, 4)
23
-int arm_gen_dynamic_sysreg_xml(CPUState *cpu, int base_reg);
34
+FIELD(ID_PFR0, STATE1, 4, 4)
24
int arm_gen_dynamic_svereg_xml(CPUState *cpu, int base_reg);
35
+FIELD(ID_PFR0, STATE2, 8, 4)
25
36
+FIELD(ID_PFR0, STATE3, 12, 4)
26
/* Returns the dynamically generated XML for the gdb stub.
37
+FIELD(ID_PFR0, CSV2, 16, 4)
27
diff --git a/target/arm/gdbstub.c b/target/arm/gdbstub.c
38
+FIELD(ID_PFR0, AMU, 20, 4)
28
index XXXXXXX..XXXXXXX 100644
39
+FIELD(ID_PFR0, DIT, 24, 4)
29
--- a/target/arm/gdbstub.c
40
+FIELD(ID_PFR0, RAS, 28, 4)
30
+++ b/target/arm/gdbstub.c
41
+
31
@@ -XXX,XX +XXX,XX @@ static void arm_register_sysreg_for_xml(gpointer key, gpointer value,
42
FIELD(ID_PFR1, PROGMOD, 0, 4)
32
}
43
FIELD(ID_PFR1, SECURITY, 4, 4)
44
FIELD(ID_PFR1, MPROGMOD, 8, 4)
45
@@ -XXX,XX +XXX,XX @@ static inline bool isar_feature_aa32_predinv(const ARMISARegisters *id)
46
return FIELD_EX32(id->id_isar6, ID_ISAR6, SPECRES) != 0;
47
}
33
}
48
34
49
+static inline bool isar_feature_aa32_ras(const ARMISARegisters *id)
35
-int arm_gen_dynamic_sysreg_xml(CPUState *cs, int base_reg)
50
+{
36
+static int arm_gen_dynamic_sysreg_xml(CPUState *cs, int base_reg)
51
+ return FIELD_EX32(id->id_pfr0, ID_PFR0, RAS) != 0;
52
+}
53
+
54
static inline bool isar_feature_aa32_mprofile(const ARMISARegisters *id)
55
{
37
{
56
return FIELD_EX32(id->id_pfr1, ID_PFR1, MPROGMOD) != 0;
38
ARMCPU *cpu = ARM_CPU(cs);
57
diff --git a/target/arm/t32.decode b/target/arm/t32.decode
39
GString *s = g_string_new(NULL);
58
index XXXXXXX..XXXXXXX 100644
59
--- a/target/arm/t32.decode
60
+++ b/target/arm/t32.decode
61
@@ -XXX,XX +XXX,XX @@ CLZ 1111 1010 1011 ---- 1111 .... 1000 .... @rdm
62
# SEV 1111 0011 1010 1111 1000 0000 0000 0100
63
# SEVL 1111 0011 1010 1111 1000 0000 0000 0101
64
65
+ # For M-profile minimal-RAS ESB can be a NOP, which is the
66
+ # default behaviour since it is in the hint space.
67
+ # ESB 1111 0011 1010 1111 1000 0000 0001 0000
68
+
69
# The canonical nop ends in 0000 0000, but the whole rest
70
# of the space is "reserved hint, behaves as nop".
71
NOP 1111 0011 1010 1111 1000 0000 ---- ----
72
diff --git a/hw/intc/armv7m_nvic.c b/hw/intc/armv7m_nvic.c
73
index XXXXXXX..XXXXXXX 100644
74
--- a/hw/intc/armv7m_nvic.c
75
+++ b/hw/intc/armv7m_nvic.c
76
@@ -XXX,XX +XXX,XX @@ static uint32_t nvic_readl(NVICState *s, uint32_t offset, MemTxAttrs attrs)
77
return 0;
78
}
79
return cpu->env.v7m.sfar;
80
+ case 0xf04: /* RFSR */
81
+ if (!cpu_isar_feature(aa32_ras, cpu)) {
82
+ goto bad_offset;
83
+ }
84
+ /* We provide minimal-RAS only: RFSR is RAZ/WI */
85
+ return 0;
86
case 0xf34: /* FPCCR */
87
if (!cpu_isar_feature(aa32_vfp_simd, cpu)) {
88
return 0;
89
@@ -XXX,XX +XXX,XX @@ static void nvic_writel(NVICState *s, uint32_t offset, uint32_t value,
90
R_V7M_AIRCR_PRIGROUP_SHIFT,
91
R_V7M_AIRCR_PRIGROUP_LENGTH);
92
}
93
+ /* AIRCR.IESB is RAZ/WI because we implement only minimal RAS */
94
if (attrs.secure) {
95
/* These bits are only writable by secure */
96
cpu->env.v7m.aircr = value &
97
@@ -XXX,XX +XXX,XX @@ static void nvic_writel(NVICState *s, uint32_t offset, uint32_t value,
98
}
99
break;
100
}
101
+ case 0xf04: /* RFSR */
102
+ if (!cpu_isar_feature(aa32_ras, cpu)) {
103
+ goto bad_offset;
104
+ }
105
+ /* We provide minimal-RAS only: RFSR is RAZ/WI */
106
+ break;
107
case 0xf34: /* FPCCR */
108
if (cpu_isar_feature(aa32_vfp_simd, cpu)) {
109
/* Not all bits here are banked. */
110
--
40
--
111
2.20.1
41
2.34.1
112
42
113
43
diff view generated by jsdifflib
[PULL 18/36] target/arm: Refactor M-profile VMSR/VMRS handling
[PULL 03/21] target/arm: Move arm_gen_dynamic_svereg_xml to gdbstub64.c
1
Currently M-profile borrows the A-profile code for VMSR and VMRS
1
From: Richard Henderson <richard.henderson@linaro.org>
2
(access to the FP system registers), because all it needs to support
2
3
is the FPSCR. In v8.1M things become significantly more complicated
3
The function is only used for aarch64, so move it to the
4
in two ways:
4
file that has the other aarch64 gdbstub stuff. Move the
5
5
declaration to internals.h.
6
* there are several new FP system registers; some have side effects
6
7
on read, and one (FPCXT_NS) needs to avoid the usual
7
Reviewed-by: Fabiano Rosas <farosas@suse.de>
8
vfp_access_check() and the "only if FPU implemented" check
8
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
9
9
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
10
* all sysregs are now accessible both by VMRS/VMSR (which
10
Message-id: 20230227213329.793795-4-richard.henderson@linaro.org
11
reads/writes a general purpose register) and also by VLDR/VSTR
12
(which reads/writes them directly to memory)
13
14
Refactor the structure of how we handle VMSR/VMRS to cope with this:
15
16
* keep the M-profile code entirely separate from the A-profile code
17
18
* abstract out the "read or write the general purpose register" part
19
of the code into a loadfn or storefn function pointer, so we can
20
reuse it for VLDR/VSTR.
21
22
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
23
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
24
Message-id: 20201119215617.29887-8-peter.maydell@linaro.org
25
---
12
---
26
target/arm/cpu.h | 3 +
13
target/arm/cpu.h | 6 ---
27
target/arm/translate-vfp.c.inc | 182 ++++++++++++++++++++++++++++++---
14
target/arm/internals.h | 1 +
28
2 files changed, 171 insertions(+), 14 deletions(-)
15
target/arm/gdbstub.c | 120 -----------------------------------------
16
target/arm/gdbstub64.c | 118 ++++++++++++++++++++++++++++++++++++++++
17
4 files changed, 119 insertions(+), 126 deletions(-)
29
18
30
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
19
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
31
index XXXXXXX..XXXXXXX 100644
20
index XXXXXXX..XXXXXXX 100644
32
--- a/target/arm/cpu.h
21
--- a/target/arm/cpu.h
33
+++ b/target/arm/cpu.h
22
+++ b/target/arm/cpu.h
34
@@ -XXX,XX +XXX,XX @@ enum arm_cpu_mode {
23
@@ -XXX,XX +XXX,XX @@ hwaddr arm_cpu_get_phys_page_attrs_debug(CPUState *cpu, vaddr addr,
35
#define ARM_VFP_FPINST 9
24
int arm_cpu_gdb_read_register(CPUState *cpu, GByteArray *buf, int reg);
36
#define ARM_VFP_FPINST2 10
25
int arm_cpu_gdb_write_register(CPUState *cpu, uint8_t *buf, int reg);
37
26
38
+/* QEMU-internal value meaning "FPSCR, but we care only about NZCV" */
27
-/*
39
+#define QEMU_VFP_FPSCR_NZCV 0xffff
28
- * Helpers to dynamically generates XML descriptions of the sysregs
40
+
29
- * and SVE registers. Returns the number of registers in each set.
41
/* iwMMXt coprocessor control registers. */
30
- */
42
#define ARM_IWMMXT_wCID 0
31
-int arm_gen_dynamic_svereg_xml(CPUState *cpu, int base_reg);
43
#define ARM_IWMMXT_wCon 1
32
-
44
diff --git a/target/arm/translate-vfp.c.inc b/target/arm/translate-vfp.c.inc
33
/* Returns the dynamically generated XML for the gdb stub.
34
* Returns a pointer to the XML contents for the specified XML file or NULL
35
* if the XML name doesn't match the predefined one.
36
diff --git a/target/arm/internals.h b/target/arm/internals.h
45
index XXXXXXX..XXXXXXX 100644
37
index XXXXXXX..XXXXXXX 100644
46
--- a/target/arm/translate-vfp.c.inc
38
--- a/target/arm/internals.h
47
+++ b/target/arm/translate-vfp.c.inc
39
+++ b/target/arm/internals.h
48
@@ -XXX,XX +XXX,XX @@ static bool trans_VDUP(DisasContext *s, arg_VDUP *a)
40
@@ -XXX,XX +XXX,XX @@ static inline uint64_t pmu_counter_mask(CPUARMState *env)
49
return true;
50
}
41
}
51
42
52
+/*
43
#ifdef TARGET_AARCH64
53
+ * M-profile provides two different sets of instructions that can
44
+int arm_gen_dynamic_svereg_xml(CPUState *cpu, int base_reg);
54
+ * access floating point system registers: VMSR/VMRS (which move
45
int aarch64_gdb_get_sve_reg(CPUARMState *env, GByteArray *buf, int reg);
55
+ * to/from a general purpose register) and VLDR/VSTR sysreg (which
46
int aarch64_gdb_set_sve_reg(CPUARMState *env, uint8_t *buf, int reg);
56
+ * move directly to/from memory). In some cases there are also side
47
int aarch64_gdb_get_fpu_reg(CPUARMState *env, GByteArray *buf, int reg);
57
+ * effects which must happen after any write to memory (which could
48
diff --git a/target/arm/gdbstub.c b/target/arm/gdbstub.c
58
+ * cause an exception). So we implement the common logic for the
49
index XXXXXXX..XXXXXXX 100644
59
+ * sysreg access in gen_M_fp_sysreg_write() and gen_M_fp_sysreg_read(),
50
--- a/target/arm/gdbstub.c
60
+ * which take pointers to callback functions which will perform the
51
+++ b/target/arm/gdbstub.c
61
+ * actual "read/write general purpose register" and "read/write
52
@@ -XXX,XX +XXX,XX @@ static int arm_gen_dynamic_sysreg_xml(CPUState *cs, int base_reg)
62
+ * memory" operations.
53
return cpu->dyn_sysreg_xml.num;
63
+ */
54
}
64
+
55
65
+/*
56
-struct TypeSize {
66
+ * Emit code to store the sysreg to its final destination; frees the
57
- const char *gdb_type;
67
+ * TCG temp 'value' it is passed.
58
- int size;
68
+ */
59
- const char sz, suffix;
69
+typedef void fp_sysreg_storefn(DisasContext *s, void *opaque, TCGv_i32 value);
60
-};
70
+/*
61
-
71
+ * Emit code to load the value to be copied to the sysreg; returns
62
-static const struct TypeSize vec_lanes[] = {
72
+ * a new TCG temporary
63
- /* quads */
73
+ */
64
- { "uint128", 128, 'q', 'u' },
74
+typedef TCGv_i32 fp_sysreg_loadfn(DisasContext *s, void *opaque);
65
- { "int128", 128, 'q', 's' },
75
+
66
- /* 64 bit */
76
+/* Common decode/access checks for fp sysreg read/write */
67
- { "ieee_double", 64, 'd', 'f' },
77
+typedef enum FPSysRegCheckResult {
68
- { "uint64", 64, 'd', 'u' },
78
+ FPSysRegCheckFailed, /* caller should return false */
69
- { "int64", 64, 'd', 's' },
79
+ FPSysRegCheckDone, /* caller should return true */
70
- /* 32 bit */
80
+ FPSysRegCheckContinue, /* caller should continue generating code */
71
- { "ieee_single", 32, 's', 'f' },
81
+} FPSysRegCheckResult;
72
- { "uint32", 32, 's', 'u' },
82
+
73
- { "int32", 32, 's', 's' },
83
+static FPSysRegCheckResult fp_sysreg_checks(DisasContext *s, int regno)
74
- /* 16 bit */
75
- { "ieee_half", 16, 'h', 'f' },
76
- { "uint16", 16, 'h', 'u' },
77
- { "int16", 16, 'h', 's' },
78
- /* bytes */
79
- { "uint8", 8, 'b', 'u' },
80
- { "int8", 8, 'b', 's' },
81
-};
82
-
83
-
84
-int arm_gen_dynamic_svereg_xml(CPUState *cs, int base_reg)
85
-{
86
- ARMCPU *cpu = ARM_CPU(cs);
87
- GString *s = g_string_new(NULL);
88
- DynamicGDBXMLInfo *info = &cpu->dyn_svereg_xml;
89
- g_autoptr(GString) ts = g_string_new("");
90
- int i, j, bits, reg_width = (cpu->sve_max_vq * 128);
91
- info->num = 0;
92
- g_string_printf(s, "<?xml version=\"1.0\"?>");
93
- g_string_append_printf(s, "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">");
94
- g_string_append_printf(s, "<feature name=\"org.gnu.gdb.aarch64.sve\">");
95
-
96
- /* First define types and totals in a whole VL */
97
- for (i = 0; i < ARRAY_SIZE(vec_lanes); i++) {
98
- int count = reg_width / vec_lanes[i].size;
99
- g_string_printf(ts, "svev%c%c", vec_lanes[i].sz, vec_lanes[i].suffix);
100
- g_string_append_printf(s,
101
- "<vector id=\"%s\" type=\"%s\" count=\"%d\"/>",
102
- ts->str, vec_lanes[i].gdb_type, count);
103
- }
104
- /*
105
- * Now define a union for each size group containing unsigned and
106
- * signed and potentially float versions of each size from 128 to
107
- * 8 bits.
108
- */
109
- for (bits = 128, i = 0; bits >= 8; bits /= 2, i++) {
110
- const char suf[] = { 'q', 'd', 's', 'h', 'b' };
111
- g_string_append_printf(s, "<union id=\"svevn%c\">", suf[i]);
112
- for (j = 0; j < ARRAY_SIZE(vec_lanes); j++) {
113
- if (vec_lanes[j].size == bits) {
114
- g_string_append_printf(s, "<field name=\"%c\" type=\"svev%c%c\"/>",
115
- vec_lanes[j].suffix,
116
- vec_lanes[j].sz, vec_lanes[j].suffix);
117
- }
118
- }
119
- g_string_append(s, "</union>");
120
- }
121
- /* And now the final union of unions */
122
- g_string_append(s, "<union id=\"svev\">");
123
- for (bits = 128, i = 0; bits >= 8; bits /= 2, i++) {
124
- const char suf[] = { 'q', 'd', 's', 'h', 'b' };
125
- g_string_append_printf(s, "<field name=\"%c\" type=\"svevn%c\"/>",
126
- suf[i], suf[i]);
127
- }
128
- g_string_append(s, "</union>");
129
-
130
- /* Finally the sve prefix type */
131
- g_string_append_printf(s,
132
- "<vector id=\"svep\" type=\"uint8\" count=\"%d\"/>",
133
- reg_width / 8);
134
-
135
- /* Then define each register in parts for each vq */
136
- for (i = 0; i < 32; i++) {
137
- g_string_append_printf(s,
138
- "<reg name=\"z%d\" bitsize=\"%d\""
139
- " regnum=\"%d\" type=\"svev\"/>",
140
- i, reg_width, base_reg++);
141
- info->num++;
142
- }
143
- /* fpscr & status registers */
144
- g_string_append_printf(s, "<reg name=\"fpsr\" bitsize=\"32\""
145
- " regnum=\"%d\" group=\"float\""
146
- " type=\"int\"/>", base_reg++);
147
- g_string_append_printf(s, "<reg name=\"fpcr\" bitsize=\"32\""
148
- " regnum=\"%d\" group=\"float\""
149
- " type=\"int\"/>", base_reg++);
150
- info->num += 2;
151
-
152
- for (i = 0; i < 16; i++) {
153
- g_string_append_printf(s,
154
- "<reg name=\"p%d\" bitsize=\"%d\""
155
- " regnum=\"%d\" type=\"svep\"/>",
156
- i, cpu->sve_max_vq * 16, base_reg++);
157
- info->num++;
158
- }
159
- g_string_append_printf(s,
160
- "<reg name=\"ffr\" bitsize=\"%d\""
161
- " regnum=\"%d\" group=\"vector\""
162
- " type=\"svep\"/>",
163
- cpu->sve_max_vq * 16, base_reg++);
164
- g_string_append_printf(s,
165
- "<reg name=\"vg\" bitsize=\"64\""
166
- " regnum=\"%d\" type=\"int\"/>",
167
- base_reg++);
168
- info->num += 2;
169
- g_string_append_printf(s, "</feature>");
170
- cpu->dyn_svereg_xml.desc = g_string_free(s, false);
171
-
172
- return cpu->dyn_svereg_xml.num;
173
-}
174
-
175
-
176
const char *arm_gdb_get_dynamic_xml(CPUState *cs, const char *xmlname)
177
{
178
ARMCPU *cpu = ARM_CPU(cs);
179
diff --git a/target/arm/gdbstub64.c b/target/arm/gdbstub64.c
180
index XXXXXXX..XXXXXXX 100644
181
--- a/target/arm/gdbstub64.c
182
+++ b/target/arm/gdbstub64.c
183
@@ -XXX,XX +XXX,XX @@ int aarch64_gdb_set_sve_reg(CPUARMState *env, uint8_t *buf, int reg)
184
185
return 0;
186
}
187
+
188
+struct TypeSize {
189
+ const char *gdb_type;
190
+ short size;
191
+ char sz, suffix;
192
+};
193
+
194
+static const struct TypeSize vec_lanes[] = {
195
+ /* quads */
196
+ { "uint128", 128, 'q', 'u' },
197
+ { "int128", 128, 'q', 's' },
198
+ /* 64 bit */
199
+ { "ieee_double", 64, 'd', 'f' },
200
+ { "uint64", 64, 'd', 'u' },
201
+ { "int64", 64, 'd', 's' },
202
+ /* 32 bit */
203
+ { "ieee_single", 32, 's', 'f' },
204
+ { "uint32", 32, 's', 'u' },
205
+ { "int32", 32, 's', 's' },
206
+ /* 16 bit */
207
+ { "ieee_half", 16, 'h', 'f' },
208
+ { "uint16", 16, 'h', 'u' },
209
+ { "int16", 16, 'h', 's' },
210
+ /* bytes */
211
+ { "uint8", 8, 'b', 'u' },
212
+ { "int8", 8, 'b', 's' },
213
+};
214
+
215
+int arm_gen_dynamic_svereg_xml(CPUState *cs, int base_reg)
84
+{
216
+{
85
+ if (!dc_isar_feature(aa32_fpsp_v2, s)) {
217
+ ARMCPU *cpu = ARM_CPU(cs);
86
+ return FPSysRegCheckFailed;
218
+ GString *s = g_string_new(NULL);
87
+ }
219
+ DynamicGDBXMLInfo *info = &cpu->dyn_svereg_xml;
88
+
220
+ g_autoptr(GString) ts = g_string_new("");
89
+ switch (regno) {
221
+ int i, j, bits, reg_width = (cpu->sve_max_vq * 128);
90
+ case ARM_VFP_FPSCR:
222
+ info->num = 0;
91
+ case QEMU_VFP_FPSCR_NZCV:
223
+ g_string_printf(s, "<?xml version=\"1.0\"?>");
92
+ break;
224
+ g_string_append_printf(s, "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">");
93
+ default:
225
+ g_string_append_printf(s, "<feature name=\"org.gnu.gdb.aarch64.sve\">");
94
+ return FPSysRegCheckFailed;
226
+
95
+ }
227
+ /* First define types and totals in a whole VL */
96
+
228
+ for (i = 0; i < ARRAY_SIZE(vec_lanes); i++) {
97
+ if (!vfp_access_check(s)) {
229
+ int count = reg_width / vec_lanes[i].size;
98
+ return FPSysRegCheckDone;
230
+ g_string_printf(ts, "svev%c%c", vec_lanes[i].sz, vec_lanes[i].suffix);
99
+ }
231
+ g_string_append_printf(s,
100
+
232
+ "<vector id=\"%s\" type=\"%s\" count=\"%d\"/>",
101
+ return FPSysRegCheckContinue;
233
+ ts->str, vec_lanes[i].gdb_type, count);
234
+ }
235
+ /*
236
+ * Now define a union for each size group containing unsigned and
237
+ * signed and potentially float versions of each size from 128 to
238
+ * 8 bits.
239
+ */
240
+ for (bits = 128, i = 0; bits >= 8; bits /= 2, i++) {
241
+ const char suf[] = { 'q', 'd', 's', 'h', 'b' };
242
+ g_string_append_printf(s, "<union id=\"svevn%c\">", suf[i]);
243
+ for (j = 0; j < ARRAY_SIZE(vec_lanes); j++) {
244
+ if (vec_lanes[j].size == bits) {
245
+ g_string_append_printf(s, "<field name=\"%c\" type=\"svev%c%c\"/>",
246
+ vec_lanes[j].suffix,
247
+ vec_lanes[j].sz, vec_lanes[j].suffix);
248
+ }
249
+ }
250
+ g_string_append(s, "</union>");
251
+ }
252
+ /* And now the final union of unions */
253
+ g_string_append(s, "<union id=\"svev\">");
254
+ for (bits = 128, i = 0; bits >= 8; bits /= 2, i++) {
255
+ const char suf[] = { 'q', 'd', 's', 'h', 'b' };
256
+ g_string_append_printf(s, "<field name=\"%c\" type=\"svevn%c\"/>",
257
+ suf[i], suf[i]);
258
+ }
259
+ g_string_append(s, "</union>");
260
+
261
+ /* Finally the sve prefix type */
262
+ g_string_append_printf(s,
263
+ "<vector id=\"svep\" type=\"uint8\" count=\"%d\"/>",
264
+ reg_width / 8);
265
+
266
+ /* Then define each register in parts for each vq */
267
+ for (i = 0; i < 32; i++) {
268
+ g_string_append_printf(s,
269
+ "<reg name=\"z%d\" bitsize=\"%d\""
270
+ " regnum=\"%d\" type=\"svev\"/>",
271
+ i, reg_width, base_reg++);
272
+ info->num++;
273
+ }
274
+ /* fpscr & status registers */
275
+ g_string_append_printf(s, "<reg name=\"fpsr\" bitsize=\"32\""
276
+ " regnum=\"%d\" group=\"float\""
277
+ " type=\"int\"/>", base_reg++);
278
+ g_string_append_printf(s, "<reg name=\"fpcr\" bitsize=\"32\""
279
+ " regnum=\"%d\" group=\"float\""
280
+ " type=\"int\"/>", base_reg++);
281
+ info->num += 2;
282
+
283
+ for (i = 0; i < 16; i++) {
284
+ g_string_append_printf(s,
285
+ "<reg name=\"p%d\" bitsize=\"%d\""
286
+ " regnum=\"%d\" type=\"svep\"/>",
287
+ i, cpu->sve_max_vq * 16, base_reg++);
288
+ info->num++;
289
+ }
290
+ g_string_append_printf(s,
291
+ "<reg name=\"ffr\" bitsize=\"%d\""
292
+ " regnum=\"%d\" group=\"vector\""
293
+ " type=\"svep\"/>",
294
+ cpu->sve_max_vq * 16, base_reg++);
295
+ g_string_append_printf(s,
296
+ "<reg name=\"vg\" bitsize=\"64\""
297
+ " regnum=\"%d\" type=\"int\"/>",
298
+ base_reg++);
299
+ info->num += 2;
300
+ g_string_append_printf(s, "</feature>");
301
+ info->desc = g_string_free(s, false);
302
+
303
+ return info->num;
102
+}
304
+}
103
+
104
+static bool gen_M_fp_sysreg_write(DisasContext *s, int regno,
105
+
106
+ fp_sysreg_loadfn *loadfn,
107
+ void *opaque)
108
+{
109
+ /* Do a write to an M-profile floating point system register */
110
+ TCGv_i32 tmp;
111
+
112
+ switch (fp_sysreg_checks(s, regno)) {
113
+ case FPSysRegCheckFailed:
114
+ return false;
115
+ case FPSysRegCheckDone:
116
+ return true;
117
+ case FPSysRegCheckContinue:
118
+ break;
119
+ }
120
+
121
+ switch (regno) {
122
+ case ARM_VFP_FPSCR:
123
+ tmp = loadfn(s, opaque);
124
+ gen_helper_vfp_set_fpscr(cpu_env, tmp);
125
+ tcg_temp_free_i32(tmp);
126
+ gen_lookup_tb(s);
127
+ break;
128
+ default:
129
+ g_assert_not_reached();
130
+ }
131
+ return true;
132
+}
133
+
134
+static bool gen_M_fp_sysreg_read(DisasContext *s, int regno,
135
+ fp_sysreg_storefn *storefn,
136
+ void *opaque)
137
+{
138
+ /* Do a read from an M-profile floating point system register */
139
+ TCGv_i32 tmp;
140
+
141
+ switch (fp_sysreg_checks(s, regno)) {
142
+ case FPSysRegCheckFailed:
143
+ return false;
144
+ case FPSysRegCheckDone:
145
+ return true;
146
+ case FPSysRegCheckContinue:
147
+ break;
148
+ }
149
+
150
+ switch (regno) {
151
+ case ARM_VFP_FPSCR:
152
+ tmp = tcg_temp_new_i32();
153
+ gen_helper_vfp_get_fpscr(tmp, cpu_env);
154
+ storefn(s, opaque, tmp);
155
+ break;
156
+ case QEMU_VFP_FPSCR_NZCV:
157
+ /*
158
+ * Read just NZCV; this is a special case to avoid the
159
+ * helper call for the "VMRS to CPSR.NZCV" insn.
160
+ */
161
+ tmp = load_cpu_field(vfp.xregs[ARM_VFP_FPSCR]);
162
+ tcg_gen_andi_i32(tmp, tmp, 0xf0000000);
163
+ storefn(s, opaque, tmp);
164
+ break;
165
+ default:
166
+ g_assert_not_reached();
167
+ }
168
+ return true;
169
+}
170
+
171
+static void fp_sysreg_to_gpr(DisasContext *s, void *opaque, TCGv_i32 value)
172
+{
173
+ arg_VMSR_VMRS *a = opaque;
174
+
175
+ if (a->rt == 15) {
176
+ /* Set the 4 flag bits in the CPSR */
177
+ gen_set_nzcv(value);
178
+ tcg_temp_free_i32(value);
179
+ } else {
180
+ store_reg(s, a->rt, value);
181
+ }
182
+}
183
+
184
+static TCGv_i32 gpr_to_fp_sysreg(DisasContext *s, void *opaque)
185
+{
186
+ arg_VMSR_VMRS *a = opaque;
187
+
188
+ return load_reg(s, a->rt);
189
+}
190
+
191
+static bool gen_M_VMSR_VMRS(DisasContext *s, arg_VMSR_VMRS *a)
192
+{
193
+ /*
194
+ * Accesses to R15 are UNPREDICTABLE; we choose to undef.
195
+ * FPSCR -> r15 is a special case which writes to the PSR flags;
196
+ * set a->reg to a special value to tell gen_M_fp_sysreg_read()
197
+ * we only care about the top 4 bits of FPSCR there.
198
+ */
199
+ if (a->rt == 15) {
200
+ if (a->l && a->reg == ARM_VFP_FPSCR) {
201
+ a->reg = QEMU_VFP_FPSCR_NZCV;
202
+ } else {
203
+ return false;
204
+ }
205
+ }
206
+
207
+ if (a->l) {
208
+ /* VMRS, move FP system register to gp register */
209
+ return gen_M_fp_sysreg_read(s, a->reg, fp_sysreg_to_gpr, a);
210
+ } else {
211
+ /* VMSR, move gp register to FP system register */
212
+ return gen_M_fp_sysreg_write(s, a->reg, gpr_to_fp_sysreg, a);
213
+ }
214
+}
215
+
216
static bool trans_VMSR_VMRS(DisasContext *s, arg_VMSR_VMRS *a)
217
{
218
TCGv_i32 tmp;
219
bool ignore_vfp_enabled = false;
220
221
- if (!dc_isar_feature(aa32_fpsp_v2, s)) {
222
- return false;
223
+ if (arm_dc_feature(s, ARM_FEATURE_M)) {
224
+ return gen_M_VMSR_VMRS(s, a);
225
}
226
227
- if (arm_dc_feature(s, ARM_FEATURE_M)) {
228
- /*
229
- * The only M-profile VFP vmrs/vmsr sysreg is FPSCR.
230
- * Accesses to R15 are UNPREDICTABLE; we choose to undef.
231
- * (FPSCR -> r15 is a special case which writes to the PSR flags.)
232
- */
233
- if (a->reg != ARM_VFP_FPSCR) {
234
- return false;
235
- }
236
- if (a->rt == 15 && !a->l) {
237
- return false;
238
- }
239
+ if (!dc_isar_feature(aa32_fpsp_v2, s)) {
240
+ return false;
241
}
242
243
switch (a->reg) {
244
--
305
--
245
2.20.1
306
2.34.1
246
307
247
308
diff view generated by jsdifflib
[PULL 23/36] target/arm: Factor out preserve-fp-state from full_vfp_access_check()
[PULL 04/21] target/arm: Split out output_vector_union_type
1
Factor out the code which handles M-profile lazy FP state preservation
1
From: Richard Henderson <richard.henderson@linaro.org>
2
from full_vfp_access_check(); accesses to the FPCXT_NS register are
3
a special case which need to do just this part (corresponding in the
4
pseudocode to the PreserveFPState() function), and not the full
5
set of actions matching the pseudocode ExecuteFPCheck() which
6
normal FP instructions need to do.
7
2
3
Create a subroutine for creating the union of unions
4
of the various type sizes that a vector may contain.
5
6
Reviewed-by: Fabiano Rosas <farosas@suse.de>
7
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
8
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
9
Message-id: 20230227213329.793795-5-richard.henderson@linaro.org
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
10
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
11
Message-id: 20201119215617.29887-13-peter.maydell@linaro.org
12
---
11
---
13
target/arm/translate-vfp.c.inc | 45 ++++++++++++++++++++--------------
12
target/arm/gdbstub64.c | 83 +++++++++++++++++++++++-------------------
14
1 file changed, 27 insertions(+), 18 deletions(-)
13
1 file changed, 45 insertions(+), 38 deletions(-)
15
14
16
diff --git a/target/arm/translate-vfp.c.inc b/target/arm/translate-vfp.c.inc
15
diff --git a/target/arm/gdbstub64.c b/target/arm/gdbstub64.c
17
index XXXXXXX..XXXXXXX 100644
16
index XXXXXXX..XXXXXXX 100644
18
--- a/target/arm/translate-vfp.c.inc
17
--- a/target/arm/gdbstub64.c
19
+++ b/target/arm/translate-vfp.c.inc
18
+++ b/target/arm/gdbstub64.c
20
@@ -XXX,XX +XXX,XX @@ static inline long vfp_f16_offset(unsigned reg, bool top)
19
@@ -XXX,XX +XXX,XX @@ int aarch64_gdb_set_sve_reg(CPUARMState *env, uint8_t *buf, int reg)
21
return offs;
20
return 0;
22
}
21
}
23
22
24
+/*
23
-struct TypeSize {
25
+ * Generate code for M-profile lazy FP state preservation if needed;
24
- const char *gdb_type;
26
+ * this corresponds to the pseudocode PreserveFPState() function.
25
- short size;
27
+ */
26
- char sz, suffix;
28
+static void gen_preserve_fp_state(DisasContext *s)
27
-};
29
+{
28
-
30
+ if (s->v7m_lspact) {
29
-static const struct TypeSize vec_lanes[] = {
31
+ /*
30
- /* quads */
32
+ * Lazy state saving affects external memory and also the NVIC,
31
- { "uint128", 128, 'q', 'u' },
33
+ * so we must mark it as an IO operation for icount (and cause
32
- { "int128", 128, 'q', 's' },
34
+ * this to be the last insn in the TB).
33
- /* 64 bit */
35
+ */
34
- { "ieee_double", 64, 'd', 'f' },
36
+ if (tb_cflags(s->base.tb) & CF_USE_ICOUNT) {
35
- { "uint64", 64, 'd', 'u' },
37
+ s->base.is_jmp = DISAS_UPDATE_EXIT;
36
- { "int64", 64, 'd', 's' },
38
+ gen_io_start();
37
- /* 32 bit */
39
+ }
38
- { "ieee_single", 32, 's', 'f' },
40
+ gen_helper_v7m_preserve_fp_state(cpu_env);
39
- { "uint32", 32, 's', 'u' },
41
+ /*
40
- { "int32", 32, 's', 's' },
42
+ * If the preserve_fp_state helper doesn't throw an exception
41
- /* 16 bit */
43
+ * then it will clear LSPACT; we don't need to repeat this for
42
- { "ieee_half", 16, 'h', 'f' },
44
+ * any further FP insns in this TB.
43
- { "uint16", 16, 'h', 'u' },
45
+ */
44
- { "int16", 16, 'h', 's' },
46
+ s->v7m_lspact = false;
45
- /* bytes */
47
+ }
46
- { "uint8", 8, 'b', 'u' },
47
- { "int8", 8, 'b', 's' },
48
-};
49
-
50
-int arm_gen_dynamic_svereg_xml(CPUState *cs, int base_reg)
51
+static void output_vector_union_type(GString *s, int reg_width)
52
{
53
- ARMCPU *cpu = ARM_CPU(cs);
54
- GString *s = g_string_new(NULL);
55
- DynamicGDBXMLInfo *info = &cpu->dyn_svereg_xml;
56
+ struct TypeSize {
57
+ const char *gdb_type;
58
+ short size;
59
+ char sz, suffix;
60
+ };
61
+
62
+ static const struct TypeSize vec_lanes[] = {
63
+ /* quads */
64
+ { "uint128", 128, 'q', 'u' },
65
+ { "int128", 128, 'q', 's' },
66
+ /* 64 bit */
67
+ { "ieee_double", 64, 'd', 'f' },
68
+ { "uint64", 64, 'd', 'u' },
69
+ { "int64", 64, 'd', 's' },
70
+ /* 32 bit */
71
+ { "ieee_single", 32, 's', 'f' },
72
+ { "uint32", 32, 's', 'u' },
73
+ { "int32", 32, 's', 's' },
74
+ /* 16 bit */
75
+ { "ieee_half", 16, 'h', 'f' },
76
+ { "uint16", 16, 'h', 'u' },
77
+ { "int16", 16, 'h', 's' },
78
+ /* bytes */
79
+ { "uint8", 8, 'b', 'u' },
80
+ { "int8", 8, 'b', 's' },
81
+ };
82
+
83
+ static const char suf[] = { 'q', 'd', 's', 'h', 'b' };
84
+
85
g_autoptr(GString) ts = g_string_new("");
86
- int i, j, bits, reg_width = (cpu->sve_max_vq * 128);
87
- info->num = 0;
88
- g_string_printf(s, "<?xml version=\"1.0\"?>");
89
- g_string_append_printf(s, "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">");
90
- g_string_append_printf(s, "<feature name=\"org.gnu.gdb.aarch64.sve\">");
91
+ int i, j, bits;
92
93
/* First define types and totals in a whole VL */
94
for (i = 0; i < ARRAY_SIZE(vec_lanes); i++) {
95
@@ -XXX,XX +XXX,XX @@ int arm_gen_dynamic_svereg_xml(CPUState *cs, int base_reg)
96
* 8 bits.
97
*/
98
for (bits = 128, i = 0; bits >= 8; bits /= 2, i++) {
99
- const char suf[] = { 'q', 'd', 's', 'h', 'b' };
100
g_string_append_printf(s, "<union id=\"svevn%c\">", suf[i]);
101
for (j = 0; j < ARRAY_SIZE(vec_lanes); j++) {
102
if (vec_lanes[j].size == bits) {
103
@@ -XXX,XX +XXX,XX @@ int arm_gen_dynamic_svereg_xml(CPUState *cs, int base_reg)
104
/* And now the final union of unions */
105
g_string_append(s, "<union id=\"svev\">");
106
for (bits = 128, i = 0; bits >= 8; bits /= 2, i++) {
107
- const char suf[] = { 'q', 'd', 's', 'h', 'b' };
108
g_string_append_printf(s, "<field name=\"%c\" type=\"svevn%c\"/>",
109
suf[i], suf[i]);
110
}
111
g_string_append(s, "</union>");
48
+}
112
+}
49
+
113
+
50
/*
114
+int arm_gen_dynamic_svereg_xml(CPUState *cs, int base_reg)
51
* Check that VFP access is enabled. If it is, do the necessary
115
+{
52
* M-profile lazy-FP handling and then return true.
116
+ ARMCPU *cpu = ARM_CPU(cs);
53
@@ -XXX,XX +XXX,XX @@ static bool full_vfp_access_check(DisasContext *s, bool ignore_vfp_enabled)
117
+ GString *s = g_string_new(NULL);
54
/* Handle M-profile lazy FP state mechanics */
118
+ DynamicGDBXMLInfo *info = &cpu->dyn_svereg_xml;
55
119
+ int i, reg_width = (cpu->sve_max_vq * 128);
56
/* Trigger lazy-state preservation if necessary */
120
+ info->num = 0;
57
- if (s->v7m_lspact) {
121
+ g_string_printf(s, "<?xml version=\"1.0\"?>");
58
- /*
122
+ g_string_append_printf(s, "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">");
59
- * Lazy state saving affects external memory and also the NVIC,
123
+ g_string_append_printf(s, "<feature name=\"org.gnu.gdb.aarch64.sve\">");
60
- * so we must mark it as an IO operation for icount (and cause
124
+
61
- * this to be the last insn in the TB).
125
+ output_vector_union_type(s, reg_width);
62
- */
126
63
- if (tb_cflags(s->base.tb) & CF_USE_ICOUNT) {
127
/* Finally the sve prefix type */
64
- s->base.is_jmp = DISAS_UPDATE_EXIT;
128
g_string_append_printf(s,
65
- gen_io_start();
66
- }
67
- gen_helper_v7m_preserve_fp_state(cpu_env);
68
- /*
69
- * If the preserve_fp_state helper doesn't throw an exception
70
- * then it will clear LSPACT; we don't need to repeat this for
71
- * any further FP insns in this TB.
72
- */
73
- s->v7m_lspact = false;
74
- }
75
+ gen_preserve_fp_state(s);
76
77
/* Update ownership of FP context: set FPCCR.S to match current state */
78
if (s->v8m_fpccr_s_wrong) {
79
--
129
--
80
2.20.1
130
2.34.1
81
82
diff view generated by jsdifflib
[PULL 08/36] i.MX25: Fix bad printf format specifiers
[PULL 05/21] target/arm: Simplify register counting in arm_gen_dynamic_svereg_xml
1
From: Alex Chen <alex.chen@huawei.com>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
We should use printf format specifier "%u" instead of "%d" for
3
Rather than increment base_reg and num, compute num from the change
4
argument of type "unsigned int".
4
to base_reg at the end. Clean up some nearby comments.
5
5
6
Reported-by: Euler Robot <euler.robot@huawei.com>
6
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
7
Signed-off-by: Alex Chen <alex.chen@huawei.com>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20201126111109.112238-2-alex.chen@huawei.com
8
Message-id: 20230227213329.793795-6-richard.henderson@linaro.org
9
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
10
---
12
hw/misc/imx25_ccm.c | 12 ++++++------
11
target/arm/gdbstub64.c | 27 ++++++++++++++++-----------
13
1 file changed, 6 insertions(+), 6 deletions(-)
12
1 file changed, 16 insertions(+), 11 deletions(-)
14
13
15
diff --git a/hw/misc/imx25_ccm.c b/hw/misc/imx25_ccm.c
14
diff --git a/target/arm/gdbstub64.c b/target/arm/gdbstub64.c
16
index XXXXXXX..XXXXXXX 100644
15
index XXXXXXX..XXXXXXX 100644
17
--- a/hw/misc/imx25_ccm.c
16
--- a/target/arm/gdbstub64.c
18
+++ b/hw/misc/imx25_ccm.c
17
+++ b/target/arm/gdbstub64.c
19
@@ -XXX,XX +XXX,XX @@ static const char *imx25_ccm_reg_name(uint32_t reg)
18
@@ -XXX,XX +XXX,XX @@ static void output_vector_union_type(GString *s, int reg_width)
20
case IMX25_CCM_LPIMR1_REG:
19
g_string_append(s, "</union>");
21
return "lpimr1";
20
}
22
default:
21
23
- sprintf(unknown, "[%d ?]", reg);
22
-int arm_gen_dynamic_svereg_xml(CPUState *cs, int base_reg)
24
+ sprintf(unknown, "[%u ?]", reg);
23
+int arm_gen_dynamic_svereg_xml(CPUState *cs, int orig_base_reg)
25
return unknown;
24
{
25
ARMCPU *cpu = ARM_CPU(cs);
26
GString *s = g_string_new(NULL);
27
DynamicGDBXMLInfo *info = &cpu->dyn_svereg_xml;
28
- int i, reg_width = (cpu->sve_max_vq * 128);
29
- info->num = 0;
30
+ int reg_width = cpu->sve_max_vq * 128;
31
+ int base_reg = orig_base_reg;
32
+ int i;
33
+
34
g_string_printf(s, "<?xml version=\"1.0\"?>");
35
g_string_append_printf(s, "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">");
36
g_string_append_printf(s, "<feature name=\"org.gnu.gdb.aarch64.sve\">");
37
38
+ /* Create the vector union type. */
39
output_vector_union_type(s, reg_width);
40
41
- /* Finally the sve prefix type */
42
+ /* Create the predicate vector type. */
43
g_string_append_printf(s,
44
"<vector id=\"svep\" type=\"uint8\" count=\"%d\"/>",
45
reg_width / 8);
46
47
- /* Then define each register in parts for each vq */
48
+ /* Define the vector registers. */
49
for (i = 0; i < 32; i++) {
50
g_string_append_printf(s,
51
"<reg name=\"z%d\" bitsize=\"%d\""
52
" regnum=\"%d\" type=\"svev\"/>",
53
i, reg_width, base_reg++);
54
- info->num++;
26
}
55
}
27
}
56
+
28
@@ -XXX,XX +XXX,XX @@ static uint32_t imx25_ccm_get_mpll_clk(IMXCCMState *dev)
57
/* fpscr & status registers */
29
freq = imx_ccm_calc_pll(s->reg[IMX25_CCM_MPCTL_REG], CKIH_FREQ);
58
g_string_append_printf(s, "<reg name=\"fpsr\" bitsize=\"32\""
59
" regnum=\"%d\" group=\"float\""
60
@@ -XXX,XX +XXX,XX @@ int arm_gen_dynamic_svereg_xml(CPUState *cs, int base_reg)
61
g_string_append_printf(s, "<reg name=\"fpcr\" bitsize=\"32\""
62
" regnum=\"%d\" group=\"float\""
63
" type=\"int\"/>", base_reg++);
64
- info->num += 2;
65
66
+ /* Define the predicate registers. */
67
for (i = 0; i < 16; i++) {
68
g_string_append_printf(s,
69
"<reg name=\"p%d\" bitsize=\"%d\""
70
" regnum=\"%d\" type=\"svep\"/>",
71
i, cpu->sve_max_vq * 16, base_reg++);
72
- info->num++;
30
}
73
}
31
74
g_string_append_printf(s,
32
- DPRINTF("freq = %d\n", freq);
75
"<reg name=\"ffr\" bitsize=\"%d\""
33
+ DPRINTF("freq = %u\n", freq);
76
" regnum=\"%d\" group=\"vector\""
34
77
" type=\"svep\"/>",
35
return freq;
78
cpu->sve_max_vq * 16, base_reg++);
36
}
79
+
37
@@ -XXX,XX +XXX,XX @@ static uint32_t imx25_ccm_get_mcu_clk(IMXCCMState *dev)
80
+ /* Define the vector length pseudo-register. */
38
81
g_string_append_printf(s,
39
freq = freq / (1 + EXTRACT(s->reg[IMX25_CCM_CCTL_REG], ARM_CLK_DIV));
82
"<reg name=\"vg\" bitsize=\"64\""
40
83
" regnum=\"%d\" type=\"int\"/>",
41
- DPRINTF("freq = %d\n", freq);
84
base_reg++);
42
+ DPRINTF("freq = %u\n", freq);
85
- info->num += 2;
43
86
- g_string_append_printf(s, "</feature>");
44
return freq;
87
- info->desc = g_string_free(s, false);
45
}
88
46
@@ -XXX,XX +XXX,XX @@ static uint32_t imx25_ccm_get_ahb_clk(IMXCCMState *dev)
89
+ g_string_append_printf(s, "</feature>");
47
freq = imx25_ccm_get_mcu_clk(dev)
90
+
48
/ (1 + EXTRACT(s->reg[IMX25_CCM_CCTL_REG], AHB_CLK_DIV));
91
+ info->desc = g_string_free(s, false);
49
92
+ info->num = base_reg - orig_base_reg;
50
- DPRINTF("freq = %d\n", freq);
93
return info->num;
51
+ DPRINTF("freq = %u\n", freq);
52
53
return freq;
54
}
55
@@ -XXX,XX +XXX,XX @@ static uint32_t imx25_ccm_get_ipg_clk(IMXCCMState *dev)
56
57
freq = imx25_ccm_get_ahb_clk(dev) / 2;
58
59
- DPRINTF("freq = %d\n", freq);
60
+ DPRINTF("freq = %u\n", freq);
61
62
return freq;
63
}
64
@@ -XXX,XX +XXX,XX @@ static uint32_t imx25_ccm_get_clock_frequency(IMXCCMState *dev, IMXClk clock)
65
break;
66
}
67
68
- DPRINTF("Clock = %d) = %d\n", clock, freq);
69
+ DPRINTF("Clock = %d) = %u\n", clock, freq);
70
71
return freq;
72
}
94
}
73
--
95
--
74
2.20.1
96
2.34.1
75
97
76
98
diff view generated by jsdifflib
[PULL 09/36] i.MX31: Fix bad printf format specifiers
[PULL 06/21] target/arm: Hoist pred_width in arm_gen_dynamic_svereg_xml
1
From: Alex Chen <alex.chen@huawei.com>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
We should use printf format specifier "%u" instead of "%d" for
3
Reviewed-by: Fabiano Rosas <farosas@suse.de>
4
argument of type "unsigned int".
4
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
5
5
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
6
Reported-by: Euler Robot <euler.robot@huawei.com>
6
Message-id: 20230227213329.793795-7-richard.henderson@linaro.org
7
Signed-off-by: Alex Chen <alex.chen@huawei.com>
8
Message-id: 20201126111109.112238-3-alex.chen@huawei.com
9
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
8
---
12
hw/misc/imx31_ccm.c | 14 +++++++-------
9
target/arm/gdbstub64.c | 5 +++--
13
hw/misc/imx_ccm.c | 4 ++--
10
1 file changed, 3 insertions(+), 2 deletions(-)
14
2 files changed, 9 insertions(+), 9 deletions(-)
15
11
16
diff --git a/hw/misc/imx31_ccm.c b/hw/misc/imx31_ccm.c
12
diff --git a/target/arm/gdbstub64.c b/target/arm/gdbstub64.c
17
index XXXXXXX..XXXXXXX 100644
13
index XXXXXXX..XXXXXXX 100644
18
--- a/hw/misc/imx31_ccm.c
14
--- a/target/arm/gdbstub64.c
19
+++ b/hw/misc/imx31_ccm.c
15
+++ b/target/arm/gdbstub64.c
20
@@ -XXX,XX +XXX,XX @@ static const char *imx31_ccm_reg_name(uint32_t reg)
16
@@ -XXX,XX +XXX,XX @@ int arm_gen_dynamic_svereg_xml(CPUState *cs, int orig_base_reg)
21
case IMX31_CCM_PDR2_REG:
17
GString *s = g_string_new(NULL);
22
return "PDR2";
18
DynamicGDBXMLInfo *info = &cpu->dyn_svereg_xml;
23
default:
19
int reg_width = cpu->sve_max_vq * 128;
24
- sprintf(unknown, "[%d ?]", reg);
20
+ int pred_width = cpu->sve_max_vq * 16;
25
+ sprintf(unknown, "[%u ?]", reg);
21
int base_reg = orig_base_reg;
26
return unknown;
22
int i;
23
24
@@ -XXX,XX +XXX,XX @@ int arm_gen_dynamic_svereg_xml(CPUState *cs, int orig_base_reg)
25
g_string_append_printf(s,
26
"<reg name=\"p%d\" bitsize=\"%d\""
27
" regnum=\"%d\" type=\"svep\"/>",
28
- i, cpu->sve_max_vq * 16, base_reg++);
29
+ i, pred_width, base_reg++);
27
}
30
}
28
}
31
g_string_append_printf(s,
29
@@ -XXX,XX +XXX,XX @@ static uint32_t imx31_ccm_get_pll_ref_clk(IMXCCMState *dev)
32
"<reg name=\"ffr\" bitsize=\"%d\""
30
freq = CKIH_FREQ;
33
" regnum=\"%d\" group=\"vector\""
31
}
34
" type=\"svep\"/>",
32
35
- cpu->sve_max_vq * 16, base_reg++);
33
- DPRINTF("freq = %d\n", freq);
36
+ pred_width, base_reg++);
34
+ DPRINTF("freq = %u\n", freq);
37
35
38
/* Define the vector length pseudo-register. */
36
return freq;
39
g_string_append_printf(s,
37
}
38
@@ -XXX,XX +XXX,XX @@ static uint32_t imx31_ccm_get_mpll_clk(IMXCCMState *dev)
39
freq = imx_ccm_calc_pll(s->reg[IMX31_CCM_MPCTL_REG],
40
imx31_ccm_get_pll_ref_clk(dev));
41
42
- DPRINTF("freq = %d\n", freq);
43
+ DPRINTF("freq = %u\n", freq);
44
45
return freq;
46
}
47
@@ -XXX,XX +XXX,XX @@ static uint32_t imx31_ccm_get_mcu_main_clk(IMXCCMState *dev)
48
freq = imx31_ccm_get_mpll_clk(dev);
49
}
50
51
- DPRINTF("freq = %d\n", freq);
52
+ DPRINTF("freq = %u\n", freq);
53
54
return freq;
55
}
56
@@ -XXX,XX +XXX,XX @@ static uint32_t imx31_ccm_get_hclk_clk(IMXCCMState *dev)
57
freq = imx31_ccm_get_mcu_main_clk(dev)
58
/ (1 + EXTRACT(s->reg[IMX31_CCM_PDR0_REG], MAX));
59
60
- DPRINTF("freq = %d\n", freq);
61
+ DPRINTF("freq = %u\n", freq);
62
63
return freq;
64
}
65
@@ -XXX,XX +XXX,XX @@ static uint32_t imx31_ccm_get_ipg_clk(IMXCCMState *dev)
66
freq = imx31_ccm_get_hclk_clk(dev)
67
/ (1 + EXTRACT(s->reg[IMX31_CCM_PDR0_REG], IPG));
68
69
- DPRINTF("freq = %d\n", freq);
70
+ DPRINTF("freq = %u\n", freq);
71
72
return freq;
73
}
74
@@ -XXX,XX +XXX,XX @@ static uint32_t imx31_ccm_get_clock_frequency(IMXCCMState *dev, IMXClk clock)
75
break;
76
}
77
78
- DPRINTF("Clock = %d) = %d\n", clock, freq);
79
+ DPRINTF("Clock = %d) = %u\n", clock, freq);
80
81
return freq;
82
}
83
diff --git a/hw/misc/imx_ccm.c b/hw/misc/imx_ccm.c
84
index XXXXXXX..XXXXXXX 100644
85
--- a/hw/misc/imx_ccm.c
86
+++ b/hw/misc/imx_ccm.c
87
@@ -XXX,XX +XXX,XX @@ uint32_t imx_ccm_get_clock_frequency(IMXCCMState *dev, IMXClk clock)
88
freq = klass->get_clock_frequency(dev, clock);
89
}
90
91
- DPRINTF("(clock = %d) = %d\n", clock, freq);
92
+ DPRINTF("(clock = %d) = %u\n", clock, freq);
93
94
return freq;
95
}
96
@@ -XXX,XX +XXX,XX @@ uint32_t imx_ccm_calc_pll(uint32_t pllreg, uint32_t base_freq)
97
freq = ((2 * (base_freq >> 10) * (mfi * mfd + mfn)) /
98
(mfd * pd)) << 10;
99
100
- DPRINTF("(pllreg = 0x%08x, base_freq = %d) = %d\n", pllreg, base_freq,
101
+ DPRINTF("(pllreg = 0x%08x, base_freq = %u) = %d\n", pllreg, base_freq,
102
freq);
103
104
return freq;
105
--
40
--
106
2.20.1
41
2.34.1
107
42
108
43
diff view generated by jsdifflib
[PULL 36/36] hw/arm/armv7m: Correct typo in QOM object name
[PULL 07/21] target/arm: Fix svep width in arm_gen_dynamic_svereg_xml
1
Correct a typo in the name we give the NVIC object.
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
Define svep based on the size of the predicates,
4
not the primary vector registers.
5
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20230227213329.793795-8-richard.henderson@linaro.org
3
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
5
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
6
Message-id: 20201119215617.29887-28-peter.maydell@linaro.org
7
---
10
---
8
hw/arm/armv7m.c | 2 +-
11
target/arm/gdbstub64.c | 2 +-
9
1 file changed, 1 insertion(+), 1 deletion(-)
12
1 file changed, 1 insertion(+), 1 deletion(-)
10
13
11
diff --git a/hw/arm/armv7m.c b/hw/arm/armv7m.c
14
diff --git a/target/arm/gdbstub64.c b/target/arm/gdbstub64.c
12
index XXXXXXX..XXXXXXX 100644
15
index XXXXXXX..XXXXXXX 100644
13
--- a/hw/arm/armv7m.c
16
--- a/target/arm/gdbstub64.c
14
+++ b/hw/arm/armv7m.c
17
+++ b/target/arm/gdbstub64.c
15
@@ -XXX,XX +XXX,XX @@ static void armv7m_instance_init(Object *obj)
18
@@ -XXX,XX +XXX,XX @@ int arm_gen_dynamic_svereg_xml(CPUState *cs, int orig_base_reg)
16
19
/* Create the predicate vector type. */
17
memory_region_init(&s->container, obj, "armv7m-container", UINT64_MAX);
20
g_string_append_printf(s,
18
21
"<vector id=\"svep\" type=\"uint8\" count=\"%d\"/>",
19
- object_initialize_child(obj, "nvnic", &s->nvic, TYPE_NVIC);
22
- reg_width / 8);
20
+ object_initialize_child(obj, "nvic", &s->nvic, TYPE_NVIC);
23
+ pred_width / 8);
21
object_property_add_alias(obj, "num-irq",
24
22
OBJECT(&s->nvic), "num-irq");
25
/* Define the vector registers. */
23
26
for (i = 0; i < 32; i++) {
24
--
27
--
25
2.20.1
28
2.34.1
26
27
diff view generated by jsdifflib
[PULL 33/36] hw/intc/armv7m_nvic: Fix "return from inactive handler" check
[PULL 08/21] target/arm: Add name argument to output_vector_union_type
1
In commit 077d7449100d824a4 we added code to handle the v8M
1
From: Richard Henderson <richard.henderson@linaro.org>
2
requirement that returns from NMI or HardFault forcibly deactivate
3
those exceptions regardless of what interrupt the guest is trying to
4
deactivate. Unfortunately this broke the handling of the "illegal
5
exception return because the returning exception number is not
6
active" check for those cases. In the pseudocode this test is done
7
on the exception the guest asks to return from, but because our
8
implementation was doing this in armv7m_nvic_complete_irq() after the
9
new "deactivate NMI/HardFault regardless" code we ended up doing the
10
test on the VecInfo for that exception instead, which usually meant
11
failing to raise the illegal exception return fault.
12
2
13
In the case for "configurable exception targeting the opposite
3
This will make the function usable between SVE and SME.
14
security state" we detected the illegal-return case but went ahead
15
and deactivated the VecInfo anyway, which is wrong because that is
16
the VecInfo for the other security state.
17
4
18
Rearrange the code so that we first identify the illegal return
5
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
19
cases, then see if we really need to deactivate NMI or HardFault
6
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
20
instead, and finally do the deactivation.
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20230227213329.793795-9-richard.henderson@linaro.org
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
target/arm/gdbstub64.c | 28 ++++++++++++++--------------
12
1 file changed, 14 insertions(+), 14 deletions(-)
21
13
22
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
14
diff --git a/target/arm/gdbstub64.c b/target/arm/gdbstub64.c
23
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
24
Message-id: 20201119215617.29887-25-peter.maydell@linaro.org
25
---
26
hw/intc/armv7m_nvic.c | 59 +++++++++++++++++++++++--------------------
27
1 file changed, 32 insertions(+), 27 deletions(-)
28
29
diff --git a/hw/intc/armv7m_nvic.c b/hw/intc/armv7m_nvic.c
30
index XXXXXXX..XXXXXXX 100644
15
index XXXXXXX..XXXXXXX 100644
31
--- a/hw/intc/armv7m_nvic.c
16
--- a/target/arm/gdbstub64.c
32
+++ b/hw/intc/armv7m_nvic.c
17
+++ b/target/arm/gdbstub64.c
33
@@ -XXX,XX +XXX,XX @@ int armv7m_nvic_complete_irq(void *opaque, int irq, bool secure)
18
@@ -XXX,XX +XXX,XX @@ int aarch64_gdb_set_sve_reg(CPUARMState *env, uint8_t *buf, int reg)
19
return 0;
20
}
21
22
-static void output_vector_union_type(GString *s, int reg_width)
23
+static void output_vector_union_type(GString *s, int reg_width,
24
+ const char *name)
34
{
25
{
35
NVICState *s = (NVICState *)opaque;
26
struct TypeSize {
36
VecInfo *vec = NULL;
27
const char *gdb_type;
37
- int ret;
28
@@ -XXX,XX +XXX,XX @@ static void output_vector_union_type(GString *s, int reg_width)
38
+ int ret = 0;
29
};
39
30
40
assert(irq > ARMV7M_EXCP_RESET && irq < s->num_irq);
31
static const char suf[] = { 'q', 'd', 's', 'h', 'b' };
41
32
-
42
+ trace_nvic_complete_irq(irq, secure);
33
- g_autoptr(GString) ts = g_string_new("");
43
+
34
int i, j, bits;
44
+ if (secure && exc_is_banked(irq)) {
35
45
+ vec = &s->sec_vectors[irq];
36
/* First define types and totals in a whole VL */
46
+ } else {
37
for (i = 0; i < ARRAY_SIZE(vec_lanes); i++) {
47
+ vec = &s->vectors[irq];
38
- int count = reg_width / vec_lanes[i].size;
48
+ }
39
- g_string_printf(ts, "svev%c%c", vec_lanes[i].sz, vec_lanes[i].suffix);
49
+
40
g_string_append_printf(s,
50
+ /*
41
- "<vector id=\"%s\" type=\"%s\" count=\"%d\"/>",
51
+ * Identify illegal exception return cases. We can't immediately
42
- ts->str, vec_lanes[i].gdb_type, count);
52
+ * return at this point because we still need to deactivate
43
+ "<vector id=\"%s%c%c\" type=\"%s\" count=\"%d\"/>",
53
+ * (either this exception or NMI/HardFault) first.
44
+ name, vec_lanes[i].sz, vec_lanes[i].suffix,
54
+ */
45
+ vec_lanes[i].gdb_type, reg_width / vec_lanes[i].size);
55
+ if (!exc_is_banked(irq) && exc_targets_secure(s, irq) != secure) {
46
}
56
+ /*
57
+ * Return from a configurable exception targeting the opposite
58
+ * security state from the one we're trying to complete it for.
59
+ * Clear vec because it's not really the VecInfo for this
60
+ * (irq, secstate) so we mustn't deactivate it.
61
+ */
62
+ ret = -1;
63
+ vec = NULL;
64
+ } else if (!vec->active) {
65
+ /* Return from an inactive interrupt */
66
+ ret = -1;
67
+ } else {
68
+ /* Legal return, we will return the RETTOBASE bit value to the caller */
69
+ ret = nvic_rettobase(s);
70
+ }
71
+
47
+
72
/*
48
/*
73
* For negative priorities, v8M will forcibly deactivate the appropriate
49
* Now define a union for each size group containing unsigned and
74
* NMI or HardFault regardless of what interrupt we're being asked to
50
* signed and potentially float versions of each size from 128 to
75
@@ -XXX,XX +XXX,XX @@ int armv7m_nvic_complete_irq(void *opaque, int irq, bool secure)
51
* 8 bits.
52
*/
53
for (bits = 128, i = 0; bits >= 8; bits /= 2, i++) {
54
- g_string_append_printf(s, "<union id=\"svevn%c\">", suf[i]);
55
+ g_string_append_printf(s, "<union id=\"%sn%c\">", name, suf[i]);
56
for (j = 0; j < ARRAY_SIZE(vec_lanes); j++) {
57
if (vec_lanes[j].size == bits) {
58
- g_string_append_printf(s, "<field name=\"%c\" type=\"svev%c%c\"/>",
59
- vec_lanes[j].suffix,
60
+ g_string_append_printf(s, "<field name=\"%c\" type=\"%s%c%c\"/>",
61
+ vec_lanes[j].suffix, name,
62
vec_lanes[j].sz, vec_lanes[j].suffix);
63
}
64
}
65
g_string_append(s, "</union>");
76
}
66
}
77
67
+
78
if (!vec) {
68
/* And now the final union of unions */
79
- if (secure && exc_is_banked(irq)) {
69
- g_string_append(s, "<union id=\"svev\">");
80
- vec = &s->sec_vectors[irq];
70
+ g_string_append_printf(s, "<union id=\"%s\">", name);
81
- } else {
71
for (bits = 128, i = 0; bits >= 8; bits /= 2, i++) {
82
- vec = &s->vectors[irq];
72
- g_string_append_printf(s, "<field name=\"%c\" type=\"svevn%c\"/>",
83
- }
73
- suf[i], suf[i]);
84
- }
74
+ g_string_append_printf(s, "<field name=\"%c\" type=\"%sn%c\"/>",
85
-
75
+ suf[i], name, suf[i]);
86
- trace_nvic_complete_irq(irq, secure);
87
-
88
- if (!vec->active) {
89
- /* Tell the caller this was an illegal exception return */
90
- return -1;
91
- }
92
-
93
- /*
94
- * If this is a configurable exception and it is currently
95
- * targeting the opposite security state from the one we're trying
96
- * to complete it for, this counts as an illegal exception return.
97
- * We still need to deactivate whatever vector the logic above has
98
- * selected, though, as it might not be the same as the one for the
99
- * requested exception number.
100
- */
101
- if (!exc_is_banked(irq) && exc_targets_secure(s, irq) != secure) {
102
- ret = -1;
103
- } else {
104
- ret = nvic_rettobase(s);
105
+ return ret;
106
}
76
}
107
77
g_string_append(s, "</union>");
108
vec->active = 0;
78
}
79
@@ -XXX,XX +XXX,XX @@ int arm_gen_dynamic_svereg_xml(CPUState *cs, int orig_base_reg)
80
g_string_append_printf(s, "<feature name=\"org.gnu.gdb.aarch64.sve\">");
81
82
/* Create the vector union type. */
83
- output_vector_union_type(s, reg_width);
84
+ output_vector_union_type(s, reg_width, "svev");
85
86
/* Create the predicate vector type. */
87
g_string_append_printf(s,
109
--
88
--
110
2.20.1
89
2.34.1
111
90
112
91
diff view generated by jsdifflib
[PULL 24/36] target/arm: Implement FPCXT_S fp system register
[PULL 09/21] target/arm: Simplify iteration over bit widths
1
Implement the new-in-v8.1M FPCXT_S floating point system register.
1
From: Richard Henderson <richard.henderson@linaro.org>
2
This is for saving and restoring the secure floating point context,
3
and it reads and writes bits [27:0] from the FPSCR and the
4
CONTROL.SFPA bit in bit [31].
5
2
3
Order suf[] by the log8 of the width.
4
Use ARRAY_SIZE instead of hard-coding 128.
5
6
This changes the order of the union definitions,
7
but retains the order of the union-of-union members.
8
9
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
11
Message-id: 20230227213329.793795-10-richard.henderson@linaro.org
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20201119215617.29887-14-peter.maydell@linaro.org
9
---
13
---
10
target/arm/translate-vfp.c.inc | 58 ++++++++++++++++++++++++++++++++++
14
target/arm/gdbstub64.c | 10 ++++++----
11
1 file changed, 58 insertions(+)
15
1 file changed, 6 insertions(+), 4 deletions(-)
12
16
13
diff --git a/target/arm/translate-vfp.c.inc b/target/arm/translate-vfp.c.inc
17
diff --git a/target/arm/gdbstub64.c b/target/arm/gdbstub64.c
14
index XXXXXXX..XXXXXXX 100644
18
index XXXXXXX..XXXXXXX 100644
15
--- a/target/arm/translate-vfp.c.inc
19
--- a/target/arm/gdbstub64.c
16
+++ b/target/arm/translate-vfp.c.inc
20
+++ b/target/arm/gdbstub64.c
17
@@ -XXX,XX +XXX,XX @@ static FPSysRegCheckResult fp_sysreg_checks(DisasContext *s, int regno)
21
@@ -XXX,XX +XXX,XX @@ static void output_vector_union_type(GString *s, int reg_width,
18
return false;
22
{ "int8", 8, 'b', 's' },
19
}
23
};
20
break;
24
21
+ case ARM_VFP_FPCXT_S:
25
- static const char suf[] = { 'q', 'd', 's', 'h', 'b' };
22
+ if (!arm_dc_feature(s, ARM_FEATURE_V8_1M)) {
26
- int i, j, bits;
23
+ return false;
27
+ static const char suf[] = { 'b', 'h', 's', 'd', 'q' };
24
+ }
28
+ int i, j;
25
+ if (!s->v8m_secure) {
29
26
+ return false;
30
/* First define types and totals in a whole VL */
27
+ }
31
for (i = 0; i < ARRAY_SIZE(vec_lanes); i++) {
28
+ break;
32
@@ -XXX,XX +XXX,XX @@ static void output_vector_union_type(GString *s, int reg_width,
29
default:
33
* signed and potentially float versions of each size from 128 to
30
return FPSysRegCheckFailed;
34
* 8 bits.
31
}
35
*/
32
@@ -XXX,XX +XXX,XX @@ static bool gen_M_fp_sysreg_write(DisasContext *s, int regno,
36
- for (bits = 128, i = 0; bits >= 8; bits /= 2, i++) {
33
tcg_temp_free_i32(tmp);
37
+ for (i = 0; i < ARRAY_SIZE(suf); i++) {
34
break;
38
+ int bits = 8 << i;
35
}
39
+
36
+ case ARM_VFP_FPCXT_S:
40
g_string_append_printf(s, "<union id=\"%sn%c\">", name, suf[i]);
37
+ {
41
for (j = 0; j < ARRAY_SIZE(vec_lanes); j++) {
38
+ TCGv_i32 sfpa, control, fpscr;
42
if (vec_lanes[j].size == bits) {
39
+ /* Set FPSCR[27:0] and CONTROL.SFPA from value */
43
@@ -XXX,XX +XXX,XX @@ static void output_vector_union_type(GString *s, int reg_width,
40
+ tmp = loadfn(s, opaque);
44
41
+ sfpa = tcg_temp_new_i32();
45
/* And now the final union of unions */
42
+ tcg_gen_shri_i32(sfpa, tmp, 31);
46
g_string_append_printf(s, "<union id=\"%s\">", name);
43
+ control = load_cpu_field(v7m.control[M_REG_S]);
47
- for (bits = 128, i = 0; bits >= 8; bits /= 2, i++) {
44
+ tcg_gen_deposit_i32(control, control, sfpa,
48
+ for (i = ARRAY_SIZE(suf) - 1; i >= 0; i--) {
45
+ R_V7M_CONTROL_SFPA_SHIFT, 1);
49
g_string_append_printf(s, "<field name=\"%c\" type=\"%sn%c\"/>",
46
+ store_cpu_field(control, v7m.control[M_REG_S]);
50
suf[i], name, suf[i]);
47
+ fpscr = load_cpu_field(vfp.xregs[ARM_VFP_FPSCR]);
48
+ tcg_gen_andi_i32(fpscr, fpscr, FPCR_NZCV_MASK);
49
+ tcg_gen_andi_i32(tmp, tmp, ~FPCR_NZCV_MASK);
50
+ tcg_gen_or_i32(fpscr, fpscr, tmp);
51
+ store_cpu_field(fpscr, vfp.xregs[ARM_VFP_FPSCR]);
52
+ tcg_temp_free_i32(tmp);
53
+ tcg_temp_free_i32(sfpa);
54
+ break;
55
+ }
56
default:
57
g_assert_not_reached();
58
}
59
@@ -XXX,XX +XXX,XX @@ static bool gen_M_fp_sysreg_read(DisasContext *s, int regno,
60
tcg_gen_andi_i32(tmp, tmp, FPCR_NZCV_MASK);
61
storefn(s, opaque, tmp);
62
break;
63
+ case ARM_VFP_FPCXT_S:
64
+ {
65
+ TCGv_i32 control, sfpa, fpscr;
66
+ /* Bits [27:0] from FPSCR, bit [31] from CONTROL.SFPA */
67
+ tmp = tcg_temp_new_i32();
68
+ sfpa = tcg_temp_new_i32();
69
+ gen_helper_vfp_get_fpscr(tmp, cpu_env);
70
+ tcg_gen_andi_i32(tmp, tmp, ~FPCR_NZCV_MASK);
71
+ control = load_cpu_field(v7m.control[M_REG_S]);
72
+ tcg_gen_andi_i32(sfpa, control, R_V7M_CONTROL_SFPA_MASK);
73
+ tcg_gen_shli_i32(sfpa, sfpa, 31 - R_V7M_CONTROL_SFPA_SHIFT);
74
+ tcg_gen_or_i32(tmp, tmp, sfpa);
75
+ tcg_temp_free_i32(sfpa);
76
+ /*
77
+ * Store result before updating FPSCR etc, in case
78
+ * it is a memory write which causes an exception.
79
+ */
80
+ storefn(s, opaque, tmp);
81
+ /*
82
+ * Now we must reset FPSCR from FPDSCR_NS, and clear
83
+ * CONTROL.SFPA; so we'll end the TB here.
84
+ */
85
+ tcg_gen_andi_i32(control, control, ~R_V7M_CONTROL_SFPA_MASK);
86
+ store_cpu_field(control, v7m.control[M_REG_S]);
87
+ fpscr = load_cpu_field(v7m.fpdscr[M_REG_NS]);
88
+ gen_helper_vfp_set_fpscr(cpu_env, fpscr);
89
+ tcg_temp_free_i32(fpscr);
90
+ gen_lookup_tb(s);
91
+ break;
92
+ }
93
default:
94
g_assert_not_reached();
95
}
51
}
96
--
52
--
97
2.20.1
53
2.34.1
98
99
diff view generated by jsdifflib
[PULL 19/36] target/arm: Move general-use constant expanders up in translate.c
[PULL 10/21] target/arm: Create pauth_ptr_mask
1
The constant-expander functions like negate, plus_2, etc, are
1
From: Richard Henderson <richard.henderson@linaro.org>
2
generally useful; move them up in translate.c so we can use them in
3
the VFP/Neon decoders as well as in the A32/T32/T16 decoders.
4
2
3
Keep the logic for pauth within pauth_helper.c, and expose
4
a helper function for use with the gdbstub pac extension.
5
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20230227213329.793795-11-richard.henderson@linaro.org
5
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
6
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
7
Message-id: 20201119215617.29887-9-peter.maydell@linaro.org
8
---
10
---
9
target/arm/translate.c | 46 +++++++++++++++++++++++-------------------
11
target/arm/internals.h | 10 ++++++++++
10
1 file changed, 25 insertions(+), 21 deletions(-)
12
target/arm/tcg/pauth_helper.c | 26 ++++++++++++++++++++++----
13
2 files changed, 32 insertions(+), 4 deletions(-)
11
14
12
diff --git a/target/arm/translate.c b/target/arm/translate.c
15
diff --git a/target/arm/internals.h b/target/arm/internals.h
13
index XXXXXXX..XXXXXXX 100644
16
index XXXXXXX..XXXXXXX 100644
14
--- a/target/arm/translate.c
17
--- a/target/arm/internals.h
15
+++ b/target/arm/translate.c
18
+++ b/target/arm/internals.h
16
@@ -XXX,XX +XXX,XX @@ static void arm_gen_condlabel(DisasContext *s)
19
@@ -XXX,XX +XXX,XX @@ int exception_target_el(CPUARMState *env);
17
}
20
bool arm_singlestep_active(CPUARMState *env);
21
bool arm_generate_debug_exceptions(CPUARMState *env);
22
23
+/**
24
+ * pauth_ptr_mask:
25
+ * @env: cpu context
26
+ * @ptr: selects between TTBR0 and TTBR1
27
+ * @data: selects between TBI and TBID
28
+ *
29
+ * Return a mask of the bits of @ptr that contain the authentication code.
30
+ */
31
+uint64_t pauth_ptr_mask(CPUARMState *env, uint64_t ptr, bool data);
32
+
33
/* Add the cpreg definitions for debug related system registers */
34
void define_debug_regs(ARMCPU *cpu);
35
36
diff --git a/target/arm/tcg/pauth_helper.c b/target/arm/tcg/pauth_helper.c
37
index XXXXXXX..XXXXXXX 100644
38
--- a/target/arm/tcg/pauth_helper.c
39
+++ b/target/arm/tcg/pauth_helper.c
40
@@ -XXX,XX +XXX,XX @@ static uint64_t pauth_addpac(CPUARMState *env, uint64_t ptr, uint64_t modifier,
41
return pac | ext | ptr;
18
}
42
}
19
43
20
+/*
44
-static uint64_t pauth_original_ptr(uint64_t ptr, ARMVAParameters param)
21
+ * Constant expanders for the decoders.
45
+static uint64_t pauth_ptr_mask_internal(ARMVAParameters param)
22
+ */
46
{
23
+
47
- /* Note that bit 55 is used whether or not the regime has 2 ranges. */
24
+static int negate(DisasContext *s, int x)
48
- uint64_t extfield = sextract64(ptr, 55, 1);
25
+{
49
int bot_pac_bit = 64 - param.tsz;
26
+ return -x;
50
int top_pac_bit = 64 - 8 * param.tbi;
51
52
- return deposit64(ptr, bot_pac_bit, top_pac_bit - bot_pac_bit, extfield);
53
+ return MAKE_64BIT_MASK(bot_pac_bit, top_pac_bit - bot_pac_bit);
27
+}
54
+}
28
+
55
+
29
+static int plus_2(DisasContext *s, int x)
56
+static uint64_t pauth_original_ptr(uint64_t ptr, ARMVAParameters param)
30
+{
57
+{
31
+ return x + 2;
58
+ uint64_t mask = pauth_ptr_mask_internal(param);
59
+
60
+ /* Note that bit 55 is used whether or not the regime has 2 ranges. */
61
+ if (extract64(ptr, 55, 1)) {
62
+ return ptr | mask;
63
+ } else {
64
+ return ptr & ~mask;
65
+ }
32
+}
66
+}
33
+
67
+
34
+static int times_2(DisasContext *s, int x)
68
+uint64_t pauth_ptr_mask(CPUARMState *env, uint64_t ptr, bool data)
35
+{
69
+{
36
+ return x * 2;
70
+ ARMMMUIdx mmu_idx = arm_stage1_mmu_idx(env);
37
+}
71
+ ARMVAParameters param = aa64_va_parameters(env, ptr, mmu_idx, data);
38
+
72
+
39
+static int times_4(DisasContext *s, int x)
73
+ return pauth_ptr_mask_internal(param);
40
+{
74
}
41
+ return x * 4;
75
42
+}
76
static uint64_t pauth_auth(CPUARMState *env, uint64_t ptr, uint64_t modifier,
43
+
44
/* Flags for the disas_set_da_iss info argument:
45
* lower bits hold the Rt register number, higher bits are flags.
46
*/
47
@@ -XXX,XX +XXX,XX @@ static void arm_skip_unless(DisasContext *s, uint32_t cond)
48
49
50
/*
51
- * Constant expanders for the decoders.
52
+ * Constant expanders used by T16/T32 decode
53
*/
54
55
-static int negate(DisasContext *s, int x)
56
-{
57
- return -x;
58
-}
59
-
60
-static int plus_2(DisasContext *s, int x)
61
-{
62
- return x + 2;
63
-}
64
-
65
-static int times_2(DisasContext *s, int x)
66
-{
67
- return x * 2;
68
-}
69
-
70
-static int times_4(DisasContext *s, int x)
71
-{
72
- return x * 4;
73
-}
74
-
75
/* Return only the rotation part of T32ExpandImm. */
76
static int t32_expandimm_rot(DisasContext *s, int x)
77
{
78
--
77
--
79
2.20.1
78
2.34.1
80
81
diff view generated by jsdifflib
[PULL 20/36] target/arm: Implement VLDR/VSTR system register
[PULL 11/21] target/arm: Implement gdbstub pauth extension
1
Implement the new-in-v8.1M VLDR/VSTR variants which directly
1
From: Richard Henderson <richard.henderson@linaro.org>
2
read or write FP system registers to memory.
3
2
3
The extension is primarily defined by the Linux kernel NT_ARM_PAC_MASK
4
ptrace register set.
5
6
The original gdb feature consists of two masks, data and code, which are
7
used to mask out the authentication code within a pointer. Following
8
discussion with Luis Machado, add two more masks in order to support
9
pointers within the high half of the address space (i.e. TTBR1 vs TTBR0).
10
11
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1105
12
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
13
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
14
Message-id: 20230227213329.793795-12-richard.henderson@linaro.org
4
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
6
Message-id: 20201119215617.29887-10-peter.maydell@linaro.org
7
---
16
---
8
target/arm/vfp.decode | 14 ++++++
17
configs/targets/aarch64-linux-user.mak | 2 +-
9
target/arm/translate-vfp.c.inc | 91 ++++++++++++++++++++++++++++++++++
18
configs/targets/aarch64-softmmu.mak | 2 +-
10
2 files changed, 105 insertions(+)
19
configs/targets/aarch64_be-linux-user.mak | 2 +-
20
target/arm/internals.h | 2 ++
21
target/arm/gdbstub.c | 5 ++++
22
target/arm/gdbstub64.c | 34 +++++++++++++++++++++++
23
gdb-xml/aarch64-pauth.xml | 15 ++++++++++
24
7 files changed, 59 insertions(+), 3 deletions(-)
25
create mode 100644 gdb-xml/aarch64-pauth.xml
11
26
12
diff --git a/target/arm/vfp.decode b/target/arm/vfp.decode
27
diff --git a/configs/targets/aarch64-linux-user.mak b/configs/targets/aarch64-linux-user.mak
13
index XXXXXXX..XXXXXXX 100644
28
index XXXXXXX..XXXXXXX 100644
14
--- a/target/arm/vfp.decode
29
--- a/configs/targets/aarch64-linux-user.mak
15
+++ b/target/arm/vfp.decode
30
+++ b/configs/targets/aarch64-linux-user.mak
16
@@ -XXX,XX +XXX,XX @@ VLDR_VSTR_hp ---- 1101 u:1 .0 l:1 rn:4 .... 1001 imm:8 vd=%vd_sp
31
@@ -XXX,XX +XXX,XX @@
17
VLDR_VSTR_sp ---- 1101 u:1 .0 l:1 rn:4 .... 1010 imm:8 vd=%vd_sp
32
TARGET_ARCH=aarch64
18
VLDR_VSTR_dp ---- 1101 u:1 .0 l:1 rn:4 .... 1011 imm:8 vd=%vd_dp
33
TARGET_BASE_ARCH=arm
19
34
-TARGET_XML_FILES= gdb-xml/aarch64-core.xml gdb-xml/aarch64-fpu.xml
20
+# M-profile VLDR/VSTR to sysreg
35
+TARGET_XML_FILES= gdb-xml/aarch64-core.xml gdb-xml/aarch64-fpu.xml gdb-xml/aarch64-pauth.xml
21
+%vldr_sysreg 22:1 13:3
36
TARGET_HAS_BFLT=y
22
+%imm7_0x4 0:7 !function=times_4
37
CONFIG_SEMIHOSTING=y
23
+
38
CONFIG_ARM_COMPATIBLE_SEMIHOSTING=y
24
+&vldr_sysreg rn reg imm a w p
39
diff --git a/configs/targets/aarch64-softmmu.mak b/configs/targets/aarch64-softmmu.mak
25
+@vldr_sysreg .... ... . a:1 . . . rn:4 ... . ... .. ....... \
26
+ reg=%vldr_sysreg imm=%imm7_0x4 &vldr_sysreg
27
+
28
+# P=0 W=0 is SEE "Related encodings", so split into two patterns
29
+VLDR_sysreg ---- 110 1 . . w:1 1 .... ... 0 111 11 ....... @vldr_sysreg p=1
30
+VLDR_sysreg ---- 110 0 . . 1 1 .... ... 0 111 11 ....... @vldr_sysreg p=0 w=1
31
+VSTR_sysreg ---- 110 1 . . w:1 0 .... ... 0 111 11 ....... @vldr_sysreg p=1
32
+VSTR_sysreg ---- 110 0 . . 1 0 .... ... 0 111 11 ....... @vldr_sysreg p=0 w=1
33
+
34
# We split the load/store multiple up into two patterns to avoid
35
# overlap with other insns in the "Advanced SIMD load/store and 64-bit move"
36
# grouping:
37
diff --git a/target/arm/translate-vfp.c.inc b/target/arm/translate-vfp.c.inc
38
index XXXXXXX..XXXXXXX 100644
40
index XXXXXXX..XXXXXXX 100644
39
--- a/target/arm/translate-vfp.c.inc
41
--- a/configs/targets/aarch64-softmmu.mak
40
+++ b/target/arm/translate-vfp.c.inc
42
+++ b/configs/targets/aarch64-softmmu.mak
41
@@ -XXX,XX +XXX,XX @@ static bool trans_VMSR_VMRS(DisasContext *s, arg_VMSR_VMRS *a)
43
@@ -XXX,XX +XXX,XX @@
42
return true;
44
TARGET_ARCH=aarch64
45
TARGET_BASE_ARCH=arm
46
TARGET_SUPPORTS_MTTCG=y
47
-TARGET_XML_FILES= gdb-xml/aarch64-core.xml gdb-xml/aarch64-fpu.xml gdb-xml/arm-core.xml gdb-xml/arm-vfp.xml gdb-xml/arm-vfp3.xml gdb-xml/arm-vfp-sysregs.xml gdb-xml/arm-neon.xml gdb-xml/arm-m-profile.xml gdb-xml/arm-m-profile-mve.xml
48
+TARGET_XML_FILES= gdb-xml/aarch64-core.xml gdb-xml/aarch64-fpu.xml gdb-xml/arm-core.xml gdb-xml/arm-vfp.xml gdb-xml/arm-vfp3.xml gdb-xml/arm-vfp-sysregs.xml gdb-xml/arm-neon.xml gdb-xml/arm-m-profile.xml gdb-xml/arm-m-profile-mve.xml gdb-xml/aarch64-pauth.xml
49
TARGET_NEED_FDT=y
50
diff --git a/configs/targets/aarch64_be-linux-user.mak b/configs/targets/aarch64_be-linux-user.mak
51
index XXXXXXX..XXXXXXX 100644
52
--- a/configs/targets/aarch64_be-linux-user.mak
53
+++ b/configs/targets/aarch64_be-linux-user.mak
54
@@ -XXX,XX +XXX,XX @@
55
TARGET_ARCH=aarch64
56
TARGET_BASE_ARCH=arm
57
TARGET_BIG_ENDIAN=y
58
-TARGET_XML_FILES= gdb-xml/aarch64-core.xml gdb-xml/aarch64-fpu.xml
59
+TARGET_XML_FILES= gdb-xml/aarch64-core.xml gdb-xml/aarch64-fpu.xml gdb-xml/aarch64-pauth.xml
60
TARGET_HAS_BFLT=y
61
CONFIG_SEMIHOSTING=y
62
CONFIG_ARM_COMPATIBLE_SEMIHOSTING=y
63
diff --git a/target/arm/internals.h b/target/arm/internals.h
64
index XXXXXXX..XXXXXXX 100644
65
--- a/target/arm/internals.h
66
+++ b/target/arm/internals.h
67
@@ -XXX,XX +XXX,XX @@ int aarch64_gdb_get_sve_reg(CPUARMState *env, GByteArray *buf, int reg);
68
int aarch64_gdb_set_sve_reg(CPUARMState *env, uint8_t *buf, int reg);
69
int aarch64_gdb_get_fpu_reg(CPUARMState *env, GByteArray *buf, int reg);
70
int aarch64_gdb_set_fpu_reg(CPUARMState *env, uint8_t *buf, int reg);
71
+int aarch64_gdb_get_pauth_reg(CPUARMState *env, GByteArray *buf, int reg);
72
+int aarch64_gdb_set_pauth_reg(CPUARMState *env, uint8_t *buf, int reg);
73
void arm_cpu_sve_finalize(ARMCPU *cpu, Error **errp);
74
void arm_cpu_sme_finalize(ARMCPU *cpu, Error **errp);
75
void arm_cpu_pauth_finalize(ARMCPU *cpu, Error **errp);
76
diff --git a/target/arm/gdbstub.c b/target/arm/gdbstub.c
77
index XXXXXXX..XXXXXXX 100644
78
--- a/target/arm/gdbstub.c
79
+++ b/target/arm/gdbstub.c
80
@@ -XXX,XX +XXX,XX @@ void arm_cpu_register_gdb_regs_for_features(ARMCPU *cpu)
81
aarch64_gdb_set_fpu_reg,
82
34, "aarch64-fpu.xml", 0);
83
}
84
+ if (isar_feature_aa64_pauth(&cpu->isar)) {
85
+ gdb_register_coprocessor(cs, aarch64_gdb_get_pauth_reg,
86
+ aarch64_gdb_set_pauth_reg,
87
+ 4, "aarch64-pauth.xml", 0);
88
+ }
89
#endif
90
} else {
91
if (arm_feature(env, ARM_FEATURE_NEON)) {
92
diff --git a/target/arm/gdbstub64.c b/target/arm/gdbstub64.c
93
index XXXXXXX..XXXXXXX 100644
94
--- a/target/arm/gdbstub64.c
95
+++ b/target/arm/gdbstub64.c
96
@@ -XXX,XX +XXX,XX @@ int aarch64_gdb_set_sve_reg(CPUARMState *env, uint8_t *buf, int reg)
97
return 0;
43
}
98
}
44
99
45
+static void fp_sysreg_to_memory(DisasContext *s, void *opaque, TCGv_i32 value)
100
+int aarch64_gdb_get_pauth_reg(CPUARMState *env, GByteArray *buf, int reg)
46
+{
101
+{
47
+ arg_vldr_sysreg *a = opaque;
102
+ switch (reg) {
48
+ uint32_t offset = a->imm;
103
+ case 0: /* pauth_dmask */
49
+ TCGv_i32 addr;
104
+ case 1: /* pauth_cmask */
50
+
105
+ case 2: /* pauth_dmask_high */
51
+ if (!a->a) {
106
+ case 3: /* pauth_cmask_high */
52
+ offset = - offset;
107
+ /*
53
+ }
108
+ * Note that older versions of this feature only contained
54
+
109
+ * pauth_{d,c}mask, for use with Linux user processes, and
55
+ addr = load_reg(s, a->rn);
110
+ * thus exclusively in the low half of the address space.
56
+ if (a->p) {
111
+ *
57
+ tcg_gen_addi_i32(addr, addr, offset);
112
+ * To support system mode, and to debug kernels, two new regs
58
+ }
113
+ * were added to cover the high half of the address space.
59
+
114
+ * For the purpose of pauth_ptr_mask, we can use any well-formed
60
+ if (s->v8m_stackcheck && a->rn == 13 && a->w) {
115
+ * address within the address space half -- here, 0 and -1.
61
+ gen_helper_v8m_stackcheck(cpu_env, addr);
116
+ */
62
+ }
117
+ {
63
+
118
+ bool is_data = !(reg & 1);
64
+ gen_aa32_st_i32(s, value, addr, get_mem_index(s),
119
+ bool is_high = reg & 2;
65
+ MO_UL | MO_ALIGN | s->be_data);
120
+ uint64_t mask = pauth_ptr_mask(env, -is_high, is_data);
66
+ tcg_temp_free_i32(value);
121
+ return gdb_get_reg64(buf, mask);
67
+
68
+ if (a->w) {
69
+ /* writeback */
70
+ if (!a->p) {
71
+ tcg_gen_addi_i32(addr, addr, offset);
72
+ }
122
+ }
73
+ store_reg(s, a->rn, addr);
123
+ default:
74
+ } else {
124
+ return 0;
75
+ tcg_temp_free_i32(addr);
76
+ }
125
+ }
77
+}
126
+}
78
+
127
+
79
+static TCGv_i32 memory_to_fp_sysreg(DisasContext *s, void *opaque)
128
+int aarch64_gdb_set_pauth_reg(CPUARMState *env, uint8_t *buf, int reg)
80
+{
129
+{
81
+ arg_vldr_sysreg *a = opaque;
130
+ /* All pseudo registers are read-only. */
82
+ uint32_t offset = a->imm;
131
+ return 0;
83
+ TCGv_i32 addr;
84
+ TCGv_i32 value = tcg_temp_new_i32();
85
+
86
+ if (!a->a) {
87
+ offset = - offset;
88
+ }
89
+
90
+ addr = load_reg(s, a->rn);
91
+ if (a->p) {
92
+ tcg_gen_addi_i32(addr, addr, offset);
93
+ }
94
+
95
+ if (s->v8m_stackcheck && a->rn == 13 && a->w) {
96
+ gen_helper_v8m_stackcheck(cpu_env, addr);
97
+ }
98
+
99
+ gen_aa32_ld_i32(s, value, addr, get_mem_index(s),
100
+ MO_UL | MO_ALIGN | s->be_data);
101
+
102
+ if (a->w) {
103
+ /* writeback */
104
+ if (!a->p) {
105
+ tcg_gen_addi_i32(addr, addr, offset);
106
+ }
107
+ store_reg(s, a->rn, addr);
108
+ } else {
109
+ tcg_temp_free_i32(addr);
110
+ }
111
+ return value;
112
+}
132
+}
113
+
133
+
114
+static bool trans_VLDR_sysreg(DisasContext *s, arg_vldr_sysreg *a)
134
static void output_vector_union_type(GString *s, int reg_width,
115
+{
135
const char *name)
116
+ if (!arm_dc_feature(s, ARM_FEATURE_V8_1M)) {
136
{
117
+ return false;
137
diff --git a/gdb-xml/aarch64-pauth.xml b/gdb-xml/aarch64-pauth.xml
118
+ }
138
new file mode 100644
119
+ if (a->rn == 15) {
139
index XXXXXXX..XXXXXXX
120
+ return false;
140
--- /dev/null
121
+ }
141
+++ b/gdb-xml/aarch64-pauth.xml
122
+ return gen_M_fp_sysreg_write(s, a->reg, memory_to_fp_sysreg, a);
142
@@ -XXX,XX +XXX,XX @@
123
+}
143
+<?xml version="1.0"?>
144
+<!-- Copyright (C) 2018-2022 Free Software Foundation, Inc.
124
+
145
+
125
+static bool trans_VSTR_sysreg(DisasContext *s, arg_vldr_sysreg *a)
146
+ Copying and distribution of this file, with or without modification,
126
+{
147
+ are permitted in any medium without royalty provided the copyright
127
+ if (!arm_dc_feature(s, ARM_FEATURE_V8_1M)) {
148
+ notice and this notice are preserved. -->
128
+ return false;
129
+ }
130
+ if (a->rn == 15) {
131
+ return false;
132
+ }
133
+ return gen_M_fp_sysreg_read(s, a->reg, fp_sysreg_to_memory, a);
134
+}
135
+
149
+
136
static bool trans_VMOV_half(DisasContext *s, arg_VMOV_single *a)
150
+<!DOCTYPE feature SYSTEM "gdb-target.dtd">
137
{
151
+<feature name="org.gnu.gdb.aarch64.pauth">
138
TCGv_i32 tmp;
152
+ <reg name="pauth_dmask" bitsize="64"/>
153
+ <reg name="pauth_cmask" bitsize="64"/>
154
+ <reg name="pauth_dmask_high" bitsize="64"/>
155
+ <reg name="pauth_cmask_high" bitsize="64"/>
156
+</feature>
157
+
139
--
158
--
140
2.20.1
159
2.34.1
141
142
diff view generated by jsdifflib
[PULL 01/36] hw/arm/smmuv3: Fix up L1STD_SPAN decoding
[PULL 12/21] target/arm: Export arm_v7m_mrs_control
1
From: Kunkun Jiang <jiangkunkun@huawei.com>
1
From: David Reiss <dreiss@meta.com>
2
2
3
Accroding to the SMMUv3 spec, the SPAN field of Level1 Stream Table
3
Allow the function to be used outside of m_helper.c.
4
Descriptor is 5 bits([4:0]).
4
Rename with an "arm_" prefix.
5
5
6
Fixes: 9bde7f0674f(hw/arm/smmuv3: Implement translate callback)
7
Signed-off-by: Kunkun Jiang <jiangkunkun@huawei.com>
8
Message-id: 20201124023711.1184-1-jiangkunkun@huawei.com
9
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
10
Acked-by: Eric Auger <eric.auger@redhat.com>
7
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
8
Signed-off-by: David Reiss <dreiss@meta.com>
9
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
10
Message-id: 20230227213329.793795-13-richard.henderson@linaro.org
11
[rth: Split out of a larger patch]
12
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
---
14
---
13
hw/arm/smmuv3-internal.h | 2 +-
15
target/arm/internals.h | 3 +++
14
1 file changed, 1 insertion(+), 1 deletion(-)
16
target/arm/tcg/m_helper.c | 6 +++---
17
2 files changed, 6 insertions(+), 3 deletions(-)
15
18
16
diff --git a/hw/arm/smmuv3-internal.h b/hw/arm/smmuv3-internal.h
19
diff --git a/target/arm/internals.h b/target/arm/internals.h
17
index XXXXXXX..XXXXXXX 100644
20
index XXXXXXX..XXXXXXX 100644
18
--- a/hw/arm/smmuv3-internal.h
21
--- a/target/arm/internals.h
19
+++ b/hw/arm/smmuv3-internal.h
22
+++ b/target/arm/internals.h
20
@@ -XXX,XX +XXX,XX @@ static inline uint64_t l1std_l2ptr(STEDesc *desc)
23
@@ -XXX,XX +XXX,XX @@ void arm_cpu_pauth_finalize(ARMCPU *cpu, Error **errp);
21
return hi << 32 | lo;
24
void arm_cpu_lpa2_finalize(ARMCPU *cpu, Error **errp);
25
#endif
26
27
+/* Read the CONTROL register as the MRS instruction would. */
28
+uint32_t arm_v7m_mrs_control(CPUARMState *env, uint32_t secure);
29
+
30
#ifdef CONFIG_USER_ONLY
31
static inline void define_cortex_a72_a57_a53_cp_reginfo(ARMCPU *cpu) { }
32
#else
33
diff --git a/target/arm/tcg/m_helper.c b/target/arm/tcg/m_helper.c
34
index XXXXXXX..XXXXXXX 100644
35
--- a/target/arm/tcg/m_helper.c
36
+++ b/target/arm/tcg/m_helper.c
37
@@ -XXX,XX +XXX,XX @@ static uint32_t v7m_mrs_xpsr(CPUARMState *env, uint32_t reg, unsigned el)
38
return xpsr_read(env) & mask;
22
}
39
}
23
40
24
-#define L1STD_SPAN(stm) (extract32((stm)->word[0], 0, 4))
41
-static uint32_t v7m_mrs_control(CPUARMState *env, uint32_t secure)
25
+#define L1STD_SPAN(stm) (extract32((stm)->word[0], 0, 5))
42
+uint32_t arm_v7m_mrs_control(CPUARMState *env, uint32_t secure)
26
43
{
27
#endif
44
uint32_t value = env->v7m.control[secure];
45
46
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(v7m_mrs)(CPUARMState *env, uint32_t reg)
47
case 0 ... 7: /* xPSR sub-fields */
48
return v7m_mrs_xpsr(env, reg, 0);
49
case 20: /* CONTROL */
50
- return v7m_mrs_control(env, 0);
51
+ return arm_v7m_mrs_control(env, 0);
52
default:
53
/* Unprivileged reads others as zero. */
54
return 0;
55
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(v7m_mrs)(CPUARMState *env, uint32_t reg)
56
case 0 ... 7: /* xPSR sub-fields */
57
return v7m_mrs_xpsr(env, reg, el);
58
case 20: /* CONTROL */
59
- return v7m_mrs_control(env, env->v7m.secure);
60
+ return arm_v7m_mrs_control(env, env->v7m.secure);
61
case 0x94: /* CONTROL_NS */
62
/*
63
* We have to handle this here because unprivileged Secure code
28
--
64
--
29
2.20.1
65
2.34.1
30
66
31
67
diff view generated by jsdifflib
[PULL 32/36] target/arm: Implement CCR_S.TRD behaviour for SG insns
[PULL 13/21] target/arm: Export arm_v7m_get_sp_ptr
1
v8.1M introduces a new TRD flag in the CCR register, which enables
1
From: David Reiss <dreiss@meta.com>
2
checking for stack frame integrity signatures on SG instructions.
3
Add the code in the SG insn implementation for the new behaviour.
4
2
3
Allow the function to be used outside of m_helper.c.
4
Move to be outside of ifndef CONFIG_USER_ONLY block.
5
Rename from get_v7m_sp_ptr.
6
7
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
8
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
9
Signed-off-by: David Reiss <dreiss@meta.com>
10
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
11
Message-id: 20230227213329.793795-14-richard.henderson@linaro.org
12
[rth: Split out of a larger patch]
13
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
5
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
14
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
6
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
7
Message-id: 20201119215617.29887-24-peter.maydell@linaro.org
8
---
15
---
9
target/arm/m_helper.c | 86 +++++++++++++++++++++++++++++++++++++++++++
16
target/arm/internals.h | 10 +++++
10
1 file changed, 86 insertions(+)
17
target/arm/tcg/m_helper.c | 84 +++++++++++++++++++--------------------
18
2 files changed, 51 insertions(+), 43 deletions(-)
11
19
12
diff --git a/target/arm/m_helper.c b/target/arm/m_helper.c
20
diff --git a/target/arm/internals.h b/target/arm/internals.h
13
index XXXXXXX..XXXXXXX 100644
21
index XXXXXXX..XXXXXXX 100644
14
--- a/target/arm/m_helper.c
22
--- a/target/arm/internals.h
15
+++ b/target/arm/m_helper.c
23
+++ b/target/arm/internals.h
16
@@ -XXX,XX +XXX,XX @@ static bool v7m_read_half_insn(ARMCPU *cpu, ARMMMUIdx mmu_idx,
24
@@ -XXX,XX +XXX,XX @@ void arm_cpu_lpa2_finalize(ARMCPU *cpu, Error **errp);
17
return true;
25
/* Read the CONTROL register as the MRS instruction would. */
26
uint32_t arm_v7m_mrs_control(CPUARMState *env, uint32_t secure);
27
28
+/*
29
+ * Return a pointer to the location where we currently store the
30
+ * stack pointer for the requested security state and thread mode.
31
+ * This pointer will become invalid if the CPU state is updated
32
+ * such that the stack pointers are switched around (eg changing
33
+ * the SPSEL control bit).
34
+ */
35
+uint32_t *arm_v7m_get_sp_ptr(CPUARMState *env, bool secure,
36
+ bool threadmode, bool spsel);
37
+
38
#ifdef CONFIG_USER_ONLY
39
static inline void define_cortex_a72_a57_a53_cp_reginfo(ARMCPU *cpu) { }
40
#else
41
diff --git a/target/arm/tcg/m_helper.c b/target/arm/tcg/m_helper.c
42
index XXXXXXX..XXXXXXX 100644
43
--- a/target/arm/tcg/m_helper.c
44
+++ b/target/arm/tcg/m_helper.c
45
@@ -XXX,XX +XXX,XX @@ void HELPER(v7m_blxns)(CPUARMState *env, uint32_t dest)
46
arm_rebuild_hflags(env);
18
}
47
}
19
48
20
+static bool v7m_read_sg_stack_word(ARMCPU *cpu, ARMMMUIdx mmu_idx,
49
-static uint32_t *get_v7m_sp_ptr(CPUARMState *env, bool secure, bool threadmode,
21
+ uint32_t addr, uint32_t *spdata)
50
- bool spsel)
51
-{
52
- /*
53
- * Return a pointer to the location where we currently store the
54
- * stack pointer for the requested security state and thread mode.
55
- * This pointer will become invalid if the CPU state is updated
56
- * such that the stack pointers are switched around (eg changing
57
- * the SPSEL control bit).
58
- * Compare the v8M ARM ARM pseudocode LookUpSP_with_security_mode().
59
- * Unlike that pseudocode, we require the caller to pass us in the
60
- * SPSEL control bit value; this is because we also use this
61
- * function in handling of pushing of the callee-saves registers
62
- * part of the v8M stack frame (pseudocode PushCalleeStack()),
63
- * and in the tailchain codepath the SPSEL bit comes from the exception
64
- * return magic LR value from the previous exception. The pseudocode
65
- * opencodes the stack-selection in PushCalleeStack(), but we prefer
66
- * to make this utility function generic enough to do the job.
67
- */
68
- bool want_psp = threadmode && spsel;
69
-
70
- if (secure == env->v7m.secure) {
71
- if (want_psp == v7m_using_psp(env)) {
72
- return &env->regs[13];
73
- } else {
74
- return &env->v7m.other_sp;
75
- }
76
- } else {
77
- if (want_psp) {
78
- return &env->v7m.other_ss_psp;
79
- } else {
80
- return &env->v7m.other_ss_msp;
81
- }
82
- }
83
-}
84
-
85
static bool arm_v7m_load_vector(ARMCPU *cpu, int exc, bool targets_secure,
86
uint32_t *pvec)
87
{
88
@@ -XXX,XX +XXX,XX @@ static bool v7m_push_callee_stack(ARMCPU *cpu, uint32_t lr, bool dotailchain,
89
!mode;
90
91
mmu_idx = arm_v7m_mmu_idx_for_secstate_and_priv(env, M_REG_S, priv);
92
- frame_sp_p = get_v7m_sp_ptr(env, M_REG_S, mode,
93
- lr & R_V7M_EXCRET_SPSEL_MASK);
94
+ frame_sp_p = arm_v7m_get_sp_ptr(env, M_REG_S, mode,
95
+ lr & R_V7M_EXCRET_SPSEL_MASK);
96
want_psp = mode && (lr & R_V7M_EXCRET_SPSEL_MASK);
97
if (want_psp) {
98
limit = env->v7m.psplim[M_REG_S];
99
@@ -XXX,XX +XXX,XX @@ static void do_v7m_exception_exit(ARMCPU *cpu)
100
* use 'frame_sp_p' after we do something that makes it invalid.
101
*/
102
bool spsel = env->v7m.control[return_to_secure] & R_V7M_CONTROL_SPSEL_MASK;
103
- uint32_t *frame_sp_p = get_v7m_sp_ptr(env,
104
- return_to_secure,
105
- !return_to_handler,
106
- spsel);
107
+ uint32_t *frame_sp_p = arm_v7m_get_sp_ptr(env, return_to_secure,
108
+ !return_to_handler, spsel);
109
uint32_t frameptr = *frame_sp_p;
110
bool pop_ok = true;
111
ARMMMUIdx mmu_idx;
112
@@ -XXX,XX +XXX,XX @@ static bool do_v7m_function_return(ARMCPU *cpu)
113
threadmode = !arm_v7m_is_handler_mode(env);
114
spsel = env->v7m.control[M_REG_S] & R_V7M_CONTROL_SPSEL_MASK;
115
116
- frame_sp_p = get_v7m_sp_ptr(env, true, threadmode, spsel);
117
+ frame_sp_p = arm_v7m_get_sp_ptr(env, true, threadmode, spsel);
118
frameptr = *frame_sp_p;
119
120
/*
121
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(v7m_tt)(CPUARMState *env, uint32_t addr, uint32_t op)
122
}
123
124
#endif /* !CONFIG_USER_ONLY */
125
+
126
+uint32_t *arm_v7m_get_sp_ptr(CPUARMState *env, bool secure, bool threadmode,
127
+ bool spsel)
22
+{
128
+{
23
+ /*
129
+ /*
24
+ * Read a word of data from the stack for the SG instruction,
130
+ * Return a pointer to the location where we currently store the
25
+ * writing the value into *spdata. If the load succeeds, return
131
+ * stack pointer for the requested security state and thread mode.
26
+ * true; otherwise pend an appropriate exception and return false.
132
+ * This pointer will become invalid if the CPU state is updated
27
+ * (We can't use data load helpers here that throw an exception
133
+ * such that the stack pointers are switched around (eg changing
28
+ * because of the context we're called in, which is halfway through
134
+ * the SPSEL control bit).
29
+ * arm_v7m_cpu_do_interrupt().)
135
+ * Compare the v8M ARM ARM pseudocode LookUpSP_with_security_mode().
136
+ * Unlike that pseudocode, we require the caller to pass us in the
137
+ * SPSEL control bit value; this is because we also use this
138
+ * function in handling of pushing of the callee-saves registers
139
+ * part of the v8M stack frame (pseudocode PushCalleeStack()),
140
+ * and in the tailchain codepath the SPSEL bit comes from the exception
141
+ * return magic LR value from the previous exception. The pseudocode
142
+ * opencodes the stack-selection in PushCalleeStack(), but we prefer
143
+ * to make this utility function generic enough to do the job.
30
+ */
144
+ */
31
+ CPUState *cs = CPU(cpu);
145
+ bool want_psp = threadmode && spsel;
32
+ CPUARMState *env = &cpu->env;
33
+ MemTxAttrs attrs = {};
34
+ MemTxResult txres;
35
+ target_ulong page_size;
36
+ hwaddr physaddr;
37
+ int prot;
38
+ ARMMMUFaultInfo fi = {};
39
+ ARMCacheAttrs cacheattrs = {};
40
+ uint32_t value;
41
+
146
+
42
+ if (get_phys_addr(env, addr, MMU_DATA_LOAD, mmu_idx, &physaddr,
147
+ if (secure == env->v7m.secure) {
43
+ &attrs, &prot, &page_size, &fi, &cacheattrs)) {
148
+ if (want_psp == v7m_using_psp(env)) {
44
+ /* MPU/SAU lookup failed */
149
+ return &env->regs[13];
45
+ if (fi.type == ARMFault_QEMU_SFault) {
46
+ qemu_log_mask(CPU_LOG_INT,
47
+ "...SecureFault during stack word read\n");
48
+ env->v7m.sfsr |= R_V7M_SFSR_AUVIOL_MASK | R_V7M_SFSR_SFARVALID_MASK;
49
+ env->v7m.sfar = addr;
50
+ armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_SECURE, false);
51
+ } else {
150
+ } else {
52
+ qemu_log_mask(CPU_LOG_INT,
151
+ return &env->v7m.other_sp;
53
+ "...MemManageFault during stack word read\n");
54
+ env->v7m.cfsr[M_REG_S] |= R_V7M_CFSR_DACCVIOL_MASK |
55
+ R_V7M_CFSR_MMARVALID_MASK;
56
+ env->v7m.mmfar[M_REG_S] = addr;
57
+ armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_MEM, false);
58
+ }
152
+ }
59
+ return false;
153
+ } else {
60
+ }
154
+ if (want_psp) {
61
+ value = address_space_ldl(arm_addressspace(cs, attrs), physaddr,
155
+ return &env->v7m.other_ss_psp;
62
+ attrs, &txres);
156
+ } else {
63
+ if (txres != MEMTX_OK) {
157
+ return &env->v7m.other_ss_msp;
64
+ /* BusFault trying to read the data */
65
+ qemu_log_mask(CPU_LOG_INT,
66
+ "...BusFault during stack word read\n");
67
+ env->v7m.cfsr[M_REG_NS] |=
68
+ (R_V7M_CFSR_PRECISERR_MASK | R_V7M_CFSR_BFARVALID_MASK);
69
+ env->v7m.bfar = addr;
70
+ armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_BUS, false);
71
+ return false;
72
+ }
73
+
74
+ *spdata = value;
75
+ return true;
76
+}
77
+
78
static bool v7m_handle_execute_nsc(ARMCPU *cpu)
79
{
80
/*
81
@@ -XXX,XX +XXX,XX @@ static bool v7m_handle_execute_nsc(ARMCPU *cpu)
82
*/
83
qemu_log_mask(CPU_LOG_INT, "...really an SG instruction at 0x%08" PRIx32
84
", executing it\n", env->regs[15]);
85
+
86
+ if (cpu_isar_feature(aa32_m_sec_state, cpu) &&
87
+ !arm_v7m_is_handler_mode(env)) {
88
+ /*
89
+ * v8.1M exception stack frame integrity check. Note that we
90
+ * must perform the memory access even if CCR_S.TRD is zero
91
+ * and we aren't going to check what the data loaded is.
92
+ */
93
+ uint32_t spdata, sp;
94
+
95
+ /*
96
+ * We know we are currently NS, so the S stack pointers must be
97
+ * in other_ss_{psp,msp}, not in regs[13]/other_sp.
98
+ */
99
+ sp = v7m_using_psp(env) ? env->v7m.other_ss_psp : env->v7m.other_ss_msp;
100
+ if (!v7m_read_sg_stack_word(cpu, mmu_idx, sp, &spdata)) {
101
+ /* Stack access failed and an exception has been pended */
102
+ return false;
103
+ }
104
+
105
+ if (env->v7m.ccr[M_REG_S] & R_V7M_CCR_TRD_MASK) {
106
+ if (((spdata & ~1) == 0xfefa125a) ||
107
+ !(env->v7m.control[M_REG_S] & 1)) {
108
+ goto gen_invep;
109
+ }
110
+ }
158
+ }
111
+ }
159
+ }
112
+
160
+}
113
env->regs[14] &= ~1;
114
env->v7m.control[M_REG_S] &= ~R_V7M_CONTROL_SFPA_MASK;
115
switch_v7m_security_state(env, true);
116
--
161
--
117
2.20.1
162
2.34.1
118
163
119
164
diff view generated by jsdifflib
[PULL 15/36] target/arm: Implement VSCCLRM insn
[PULL 14/21] target/arm: Implement gdbstub m-profile systemreg and secext
1
Implement the v8.1M VSCCLRM insn, which zeros floating point
1
From: Richard Henderson <richard.henderson@linaro.org>
2
registers if there is an active floating point context.
2
3
This requires support in write_neon_element32() for the MO_32
3
The upstream gdb xml only implements {MSP,PSP}{,_NS,S}, but
4
element size, so add it.
4
go ahead and implement the other system registers as well.
5
5
6
Because we want to use arm_gen_condlabel(), we need to move
6
Since there is significant overlap between the two, implement
7
the definition of that function up in translate.c so it is
7
them with common code. The only exception is the systemreg
8
before the #include of translate-vfp.c.inc.
8
view of CONTROL, which merges the banked bits as per MRS.
9
9
10
Signed-off-by: David Reiss <dreiss@meta.com>
11
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
12
Message-id: 20230227213329.793795-15-richard.henderson@linaro.org
13
[rth: Substatial rewrite using enumerator and shared code.]
14
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
16
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
12
Message-id: 20201119215617.29887-5-peter.maydell@linaro.org
13
---
17
---
14
target/arm/cpu.h | 9 ++++
18
target/arm/cpu.h | 2 +
15
target/arm/m-nocp.decode | 8 +++-
19
target/arm/gdbstub.c | 178 +++++++++++++++++++++++++++++++++++++++++++
16
target/arm/translate.c | 21 +++++----
20
2 files changed, 180 insertions(+)
17
target/arm/translate-vfp.c.inc | 84 ++++++++++++++++++++++++++++++++++
18
4 files changed, 111 insertions(+), 11 deletions(-)
19
21
20
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
22
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
21
index XXXXXXX..XXXXXXX 100644
23
index XXXXXXX..XXXXXXX 100644
22
--- a/target/arm/cpu.h
24
--- a/target/arm/cpu.h
23
+++ b/target/arm/cpu.h
25
+++ b/target/arm/cpu.h
24
@@ -XXX,XX +XXX,XX @@ static inline bool isar_feature_aa32_mprofile(const ARMISARegisters *id)
26
@@ -XXX,XX +XXX,XX @@ struct ArchCPU {
25
return FIELD_EX32(id->id_pfr1, ID_PFR1, MPROGMOD) != 0;
27
28
DynamicGDBXMLInfo dyn_sysreg_xml;
29
DynamicGDBXMLInfo dyn_svereg_xml;
30
+ DynamicGDBXMLInfo dyn_m_systemreg_xml;
31
+ DynamicGDBXMLInfo dyn_m_secextreg_xml;
32
33
/* Timers used by the generic (architected) timer */
34
QEMUTimer *gt_timer[NUM_GTIMERS];
35
diff --git a/target/arm/gdbstub.c b/target/arm/gdbstub.c
36
index XXXXXXX..XXXXXXX 100644
37
--- a/target/arm/gdbstub.c
38
+++ b/target/arm/gdbstub.c
39
@@ -XXX,XX +XXX,XX @@ static int arm_gen_dynamic_sysreg_xml(CPUState *cs, int base_reg)
40
return cpu->dyn_sysreg_xml.num;
26
}
41
}
27
42
28
+static inline bool isar_feature_aa32_m_sec_state(const ARMISARegisters *id)
43
+typedef enum {
44
+ M_SYSREG_MSP,
45
+ M_SYSREG_PSP,
46
+ M_SYSREG_PRIMASK,
47
+ M_SYSREG_CONTROL,
48
+ M_SYSREG_BASEPRI,
49
+ M_SYSREG_FAULTMASK,
50
+ M_SYSREG_MSPLIM,
51
+ M_SYSREG_PSPLIM,
52
+} MProfileSysreg;
53
+
54
+static const struct {
55
+ const char *name;
56
+ int feature;
57
+} m_sysreg_def[] = {
58
+ [M_SYSREG_MSP] = { "msp", ARM_FEATURE_M },
59
+ [M_SYSREG_PSP] = { "psp", ARM_FEATURE_M },
60
+ [M_SYSREG_PRIMASK] = { "primask", ARM_FEATURE_M },
61
+ [M_SYSREG_CONTROL] = { "control", ARM_FEATURE_M },
62
+ [M_SYSREG_BASEPRI] = { "basepri", ARM_FEATURE_M_MAIN },
63
+ [M_SYSREG_FAULTMASK] = { "faultmask", ARM_FEATURE_M_MAIN },
64
+ [M_SYSREG_MSPLIM] = { "msplim", ARM_FEATURE_V8 },
65
+ [M_SYSREG_PSPLIM] = { "psplim", ARM_FEATURE_V8 },
66
+};
67
+
68
+static uint32_t *m_sysreg_ptr(CPUARMState *env, MProfileSysreg reg, bool sec)
69
+{
70
+ uint32_t *ptr;
71
+
72
+ switch (reg) {
73
+ case M_SYSREG_MSP:
74
+ ptr = arm_v7m_get_sp_ptr(env, sec, false, true);
75
+ break;
76
+ case M_SYSREG_PSP:
77
+ ptr = arm_v7m_get_sp_ptr(env, sec, true, true);
78
+ break;
79
+ case M_SYSREG_MSPLIM:
80
+ ptr = &env->v7m.msplim[sec];
81
+ break;
82
+ case M_SYSREG_PSPLIM:
83
+ ptr = &env->v7m.psplim[sec];
84
+ break;
85
+ case M_SYSREG_PRIMASK:
86
+ ptr = &env->v7m.primask[sec];
87
+ break;
88
+ case M_SYSREG_BASEPRI:
89
+ ptr = &env->v7m.basepri[sec];
90
+ break;
91
+ case M_SYSREG_FAULTMASK:
92
+ ptr = &env->v7m.faultmask[sec];
93
+ break;
94
+ case M_SYSREG_CONTROL:
95
+ ptr = &env->v7m.control[sec];
96
+ break;
97
+ default:
98
+ return NULL;
99
+ }
100
+ return arm_feature(env, m_sysreg_def[reg].feature) ? ptr : NULL;
101
+}
102
+
103
+static int m_sysreg_get(CPUARMState *env, GByteArray *buf,
104
+ MProfileSysreg reg, bool secure)
105
+{
106
+ uint32_t *ptr = m_sysreg_ptr(env, reg, secure);
107
+
108
+ if (ptr == NULL) {
109
+ return 0;
110
+ }
111
+ return gdb_get_reg32(buf, *ptr);
112
+}
113
+
114
+static int arm_gdb_get_m_systemreg(CPUARMState *env, GByteArray *buf, int reg)
29
+{
115
+{
30
+ /*
116
+ /*
31
+ * Return true if M-profile state handling insns
117
+ * Here, we emulate MRS instruction, where CONTROL has a mix of
32
+ * (VSCCLRM, CLRM, FPCTX access insns) are implemented
118
+ * banked and non-banked bits.
33
+ */
119
+ */
34
+ return FIELD_EX32(id->id_pfr1, ID_PFR1, SECURITY) >= 3;
120
+ if (reg == M_SYSREG_CONTROL) {
35
+}
121
+ return gdb_get_reg32(buf, arm_v7m_mrs_control(env, env->v7m.secure));
36
+
122
+ }
37
static inline bool isar_feature_aa32_fp16_arith(const ARMISARegisters *id)
123
+ return m_sysreg_get(env, buf, reg, env->v7m.secure);
124
+}
125
+
126
+static int arm_gdb_set_m_systemreg(CPUARMState *env, uint8_t *buf, int reg)
127
+{
128
+ return 0; /* TODO */
129
+}
130
+
131
+static int arm_gen_dynamic_m_systemreg_xml(CPUState *cs, int orig_base_reg)
132
+{
133
+ ARMCPU *cpu = ARM_CPU(cs);
134
+ CPUARMState *env = &cpu->env;
135
+ GString *s = g_string_new(NULL);
136
+ int base_reg = orig_base_reg;
137
+ int i;
138
+
139
+ g_string_printf(s, "<?xml version=\"1.0\"?>");
140
+ g_string_append_printf(s, "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">");
141
+ g_string_append_printf(s, "<feature name=\"org.gnu.gdb.arm.m-system\">\n");
142
+
143
+ for (i = 0; i < ARRAY_SIZE(m_sysreg_def); i++) {
144
+ if (arm_feature(env, m_sysreg_def[i].feature)) {
145
+ g_string_append_printf(s,
146
+ "<reg name=\"%s\" bitsize=\"32\" regnum=\"%d\"/>\n",
147
+ m_sysreg_def[i].name, base_reg++);
148
+ }
149
+ }
150
+
151
+ g_string_append_printf(s, "</feature>");
152
+ cpu->dyn_m_systemreg_xml.desc = g_string_free(s, false);
153
+ cpu->dyn_m_systemreg_xml.num = base_reg - orig_base_reg;
154
+
155
+ return cpu->dyn_m_systemreg_xml.num;
156
+}
157
+
158
+#ifndef CONFIG_USER_ONLY
159
+/*
160
+ * For user-only, we see the non-secure registers via m_systemreg above.
161
+ * For secext, encode the non-secure view as even and secure view as odd.
162
+ */
163
+static int arm_gdb_get_m_secextreg(CPUARMState *env, GByteArray *buf, int reg)
164
+{
165
+ return m_sysreg_get(env, buf, reg >> 1, reg & 1);
166
+}
167
+
168
+static int arm_gdb_set_m_secextreg(CPUARMState *env, uint8_t *buf, int reg)
169
+{
170
+ return 0; /* TODO */
171
+}
172
+
173
+static int arm_gen_dynamic_m_secextreg_xml(CPUState *cs, int orig_base_reg)
174
+{
175
+ ARMCPU *cpu = ARM_CPU(cs);
176
+ GString *s = g_string_new(NULL);
177
+ int base_reg = orig_base_reg;
178
+ int i;
179
+
180
+ g_string_printf(s, "<?xml version=\"1.0\"?>");
181
+ g_string_append_printf(s, "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">");
182
+ g_string_append_printf(s, "<feature name=\"org.gnu.gdb.arm.secext\">\n");
183
+
184
+ for (i = 0; i < ARRAY_SIZE(m_sysreg_def); i++) {
185
+ g_string_append_printf(s,
186
+ "<reg name=\"%s_ns\" bitsize=\"32\" regnum=\"%d\"/>\n",
187
+ m_sysreg_def[i].name, base_reg++);
188
+ g_string_append_printf(s,
189
+ "<reg name=\"%s_s\" bitsize=\"32\" regnum=\"%d\"/>\n",
190
+ m_sysreg_def[i].name, base_reg++);
191
+ }
192
+
193
+ g_string_append_printf(s, "</feature>");
194
+ cpu->dyn_m_secextreg_xml.desc = g_string_free(s, false);
195
+ cpu->dyn_m_secextreg_xml.num = base_reg - orig_base_reg;
196
+
197
+ return cpu->dyn_m_secextreg_xml.num;
198
+}
199
+#endif
200
+
201
const char *arm_gdb_get_dynamic_xml(CPUState *cs, const char *xmlname)
38
{
202
{
39
/* Sadly this is encoded differently for A-profile and M-profile */
203
ARMCPU *cpu = ARM_CPU(cs);
40
diff --git a/target/arm/m-nocp.decode b/target/arm/m-nocp.decode
204
@@ -XXX,XX +XXX,XX @@ const char *arm_gdb_get_dynamic_xml(CPUState *cs, const char *xmlname)
41
index XXXXXXX..XXXXXXX 100644
205
return cpu->dyn_sysreg_xml.desc;
42
--- a/target/arm/m-nocp.decode
206
} else if (strcmp(xmlname, "sve-registers.xml") == 0) {
43
+++ b/target/arm/m-nocp.decode
207
return cpu->dyn_svereg_xml.desc;
44
@@ -XXX,XX +XXX,XX @@
208
+ } else if (strcmp(xmlname, "arm-m-system.xml") == 0) {
45
# If the coprocessor is not present or disabled then we will generate
209
+ return cpu->dyn_m_systemreg_xml.desc;
46
# the NOCP exception; otherwise we let the insn through to the main decode.
210
+#ifndef CONFIG_USER_ONLY
47
211
+ } else if (strcmp(xmlname, "arm-m-secext.xml") == 0) {
48
+%vd_dp 22:1 12:4
212
+ return cpu->dyn_m_secextreg_xml.desc;
49
+%vd_sp 12:4 22:1
213
+#endif
50
+
214
}
51
&nocp cp
215
return NULL;
52
53
{
54
# Special cases which do not take an early NOCP: VLLDM and VLSTM
55
VLLDM_VLSTM 1110 1100 001 l:1 rn:4 0000 1010 0000 0000
56
- # TODO: VSCCLRM (new in v8.1M) is similar:
57
- #VSCCLRM 1110 1100 1-01 1111 ---- 1011 ---- ---0
58
+ # VSCCLRM (new in v8.1M) is similar:
59
+ VSCCLRM 1110 1100 1.01 1111 .... 1011 imm:7 0 vd=%vd_dp size=3
60
+ VSCCLRM 1110 1100 1.01 1111 .... 1010 imm:8 vd=%vd_sp size=2
61
62
NOCP 111- 1110 ---- ---- ---- cp:4 ---- ---- &nocp
63
NOCP 111- 110- ---- ---- ---- cp:4 ---- ---- &nocp
64
diff --git a/target/arm/translate.c b/target/arm/translate.c
65
index XXXXXXX..XXXXXXX 100644
66
--- a/target/arm/translate.c
67
+++ b/target/arm/translate.c
68
@@ -XXX,XX +XXX,XX @@ void arm_translate_init(void)
69
a64_translate_init();
70
}
216
}
71
217
@@ -XXX,XX +XXX,XX @@ void arm_cpu_register_gdb_regs_for_features(ARMCPU *cpu)
72
+/* Generate a label used for skipping this instruction */
218
arm_gen_dynamic_sysreg_xml(cs, cs->gdb_num_regs),
73
+static void arm_gen_condlabel(DisasContext *s)
219
"system-registers.xml", 0);
74
+{
220
75
+ if (!s->condjmp) {
221
+ if (arm_feature(env, ARM_FEATURE_M)) {
76
+ s->condlabel = gen_new_label();
222
+ gdb_register_coprocessor(cs,
77
+ s->condjmp = 1;
223
+ arm_gdb_get_m_systemreg, arm_gdb_set_m_systemreg,
78
+ }
224
+ arm_gen_dynamic_m_systemreg_xml(cs, cs->gdb_num_regs),
79
+}
225
+ "arm-m-system.xml", 0);
80
+
226
+#ifndef CONFIG_USER_ONLY
81
/* Flags for the disas_set_da_iss info argument:
227
+ if (arm_feature(env, ARM_FEATURE_M_SECURITY)) {
82
* lower bits hold the Rt register number, higher bits are flags.
228
+ gdb_register_coprocessor(cs,
83
*/
229
+ arm_gdb_get_m_secextreg, arm_gdb_set_m_secextreg,
84
@@ -XXX,XX +XXX,XX @@ static void write_neon_element64(TCGv_i64 src, int reg, int ele, MemOp memop)
230
+ arm_gen_dynamic_m_secextreg_xml(cs, cs->gdb_num_regs),
85
long off = neon_element_offset(reg, ele, memop);
231
+ "arm-m-secext.xml", 0);
86
232
+ }
87
switch (memop) {
233
+#endif
88
+ case MO_32:
234
+ }
89
+ tcg_gen_st32_i64(src, cpu_env, off);
90
+ break;
91
case MO_64:
92
tcg_gen_st_i64(src, cpu_env, off);
93
break;
94
@@ -XXX,XX +XXX,XX @@ static void gen_srs(DisasContext *s,
95
s->base.is_jmp = DISAS_UPDATE_EXIT;
96
}
235
}
97
98
-/* Generate a label used for skipping this instruction */
99
-static void arm_gen_condlabel(DisasContext *s)
100
-{
101
- if (!s->condjmp) {
102
- s->condlabel = gen_new_label();
103
- s->condjmp = 1;
104
- }
105
-}
106
-
107
/* Skip this instruction if the ARM condition is false */
108
static void arm_skip_unless(DisasContext *s, uint32_t cond)
109
{
110
diff --git a/target/arm/translate-vfp.c.inc b/target/arm/translate-vfp.c.inc
111
index XXXXXXX..XXXXXXX 100644
112
--- a/target/arm/translate-vfp.c.inc
113
+++ b/target/arm/translate-vfp.c.inc
114
@@ -XXX,XX +XXX,XX @@ static bool trans_VLLDM_VLSTM(DisasContext *s, arg_VLLDM_VLSTM *a)
115
return true;
116
}
117
118
+static bool trans_VSCCLRM(DisasContext *s, arg_VSCCLRM *a)
119
+{
120
+ int btmreg, topreg;
121
+ TCGv_i64 zero;
122
+ TCGv_i32 aspen, sfpa;
123
+
124
+ if (!dc_isar_feature(aa32_m_sec_state, s)) {
125
+ /* Before v8.1M, fall through in decode to NOCP check */
126
+ return false;
127
+ }
128
+
129
+ /* Explicitly UNDEF because this takes precedence over NOCP */
130
+ if (!arm_dc_feature(s, ARM_FEATURE_M_MAIN) || !s->v8m_secure) {
131
+ unallocated_encoding(s);
132
+ return true;
133
+ }
134
+
135
+ if (!dc_isar_feature(aa32_vfp_simd, s)) {
136
+ /* NOP if we have neither FP nor MVE */
137
+ return true;
138
+ }
139
+
140
+ /*
141
+ * If FPCCR.ASPEN != 0 && CONTROL_S.SFPA == 0 then there is no
142
+ * active floating point context so we must NOP (without doing
143
+ * any lazy state preservation or the NOCP check).
144
+ */
145
+ aspen = load_cpu_field(v7m.fpccr[M_REG_S]);
146
+ sfpa = load_cpu_field(v7m.control[M_REG_S]);
147
+ tcg_gen_andi_i32(aspen, aspen, R_V7M_FPCCR_ASPEN_MASK);
148
+ tcg_gen_xori_i32(aspen, aspen, R_V7M_FPCCR_ASPEN_MASK);
149
+ tcg_gen_andi_i32(sfpa, sfpa, R_V7M_CONTROL_SFPA_MASK);
150
+ tcg_gen_or_i32(sfpa, sfpa, aspen);
151
+ arm_gen_condlabel(s);
152
+ tcg_gen_brcondi_i32(TCG_COND_EQ, sfpa, 0, s->condlabel);
153
+
154
+ if (s->fp_excp_el != 0) {
155
+ gen_exception_insn(s, s->pc_curr, EXCP_NOCP,
156
+ syn_uncategorized(), s->fp_excp_el);
157
+ return true;
158
+ }
159
+
160
+ topreg = a->vd + a->imm - 1;
161
+ btmreg = a->vd;
162
+
163
+ /* Convert to Sreg numbers if the insn specified in Dregs */
164
+ if (a->size == 3) {
165
+ topreg = topreg * 2 + 1;
166
+ btmreg *= 2;
167
+ }
168
+
169
+ if (topreg > 63 || (topreg > 31 && !(topreg & 1))) {
170
+ /* UNPREDICTABLE: we choose to undef */
171
+ unallocated_encoding(s);
172
+ return true;
173
+ }
174
+
175
+ /* Silently ignore requests to clear D16-D31 if they don't exist */
176
+ if (topreg > 31 && !dc_isar_feature(aa32_simd_r32, s)) {
177
+ topreg = 31;
178
+ }
179
+
180
+ if (!vfp_access_check(s)) {
181
+ return true;
182
+ }
183
+
184
+ /* Zero the Sregs from btmreg to topreg inclusive. */
185
+ zero = tcg_const_i64(0);
186
+ if (btmreg & 1) {
187
+ write_neon_element64(zero, btmreg >> 1, 1, MO_32);
188
+ btmreg++;
189
+ }
190
+ for (; btmreg + 1 <= topreg; btmreg += 2) {
191
+ write_neon_element64(zero, btmreg >> 1, 0, MO_64);
192
+ }
193
+ if (btmreg == topreg) {
194
+ write_neon_element64(zero, btmreg >> 1, 0, MO_32);
195
+ btmreg++;
196
+ }
197
+ assert(btmreg == topreg + 1);
198
+ /* TODO: when MVE is implemented, zero VPR here */
199
+ return true;
200
+}
201
+
202
static bool trans_NOCP(DisasContext *s, arg_nocp *a)
203
{
204
/*
205
--
236
--
206
2.20.1
237
2.34.1
207
208
diff view generated by jsdifflib
[PULL 31/36] hw/intc/armv7m_nvic: Support v8.1M CCR.TRD bit
[PULL 15/21] target/arm: Handle m-profile in arm_is_secure
1
v8.1M introduces a new TRD flag in the CCR register, which enables
1
From: Richard Henderson <richard.henderson@linaro.org>
2
checking for stack frame integrity signatures on SG instructions.
3
This bit is not banked, and is always RAZ/WI to Non-secure code.
4
Adjust the code for handling CCR reads and writes to handle this.
5
2
3
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1421
4
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
5
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
6
Message-id: 20230227225832.816605-2-richard.henderson@linaro.org
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20201119215617.29887-23-peter.maydell@linaro.org
9
---
8
---
10
target/arm/cpu.h | 2 ++
9
target/arm/cpu.h | 3 +++
11
hw/intc/armv7m_nvic.c | 26 ++++++++++++++++++--------
10
1 file changed, 3 insertions(+)
12
2 files changed, 20 insertions(+), 8 deletions(-)
13
11
14
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
12
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
15
index XXXXXXX..XXXXXXX 100644
13
index XXXXXXX..XXXXXXX 100644
16
--- a/target/arm/cpu.h
14
--- a/target/arm/cpu.h
17
+++ b/target/arm/cpu.h
15
+++ b/target/arm/cpu.h
18
@@ -XXX,XX +XXX,XX @@ FIELD(V7M_CCR, STKOFHFNMIGN, 10, 1)
16
@@ -XXX,XX +XXX,XX @@ static inline bool arm_is_el3_or_mon(CPUARMState *env)
19
FIELD(V7M_CCR, DC, 16, 1)
17
/* Return true if the processor is in secure state */
20
FIELD(V7M_CCR, IC, 17, 1)
18
static inline bool arm_is_secure(CPUARMState *env)
21
FIELD(V7M_CCR, BP, 18, 1)
19
{
22
+FIELD(V7M_CCR, LOB, 19, 1)
20
+ if (arm_feature(env, ARM_FEATURE_M)) {
23
+FIELD(V7M_CCR, TRD, 20, 1)
21
+ return env->v7m.secure;
24
25
/* V7M SCR bits */
26
FIELD(V7M_SCR, SLEEPONEXIT, 1, 1)
27
diff --git a/hw/intc/armv7m_nvic.c b/hw/intc/armv7m_nvic.c
28
index XXXXXXX..XXXXXXX 100644
29
--- a/hw/intc/armv7m_nvic.c
30
+++ b/hw/intc/armv7m_nvic.c
31
@@ -XXX,XX +XXX,XX @@ static uint32_t nvic_readl(NVICState *s, uint32_t offset, MemTxAttrs attrs)
32
}
33
return cpu->env.v7m.scr[attrs.secure];
34
case 0xd14: /* Configuration Control. */
35
- /* The BFHFNMIGN bit is the only non-banked bit; we
36
- * keep it in the non-secure copy of the register.
37
+ /*
38
+ * Non-banked bits: BFHFNMIGN (stored in the NS copy of the register)
39
+ * and TRD (stored in the S copy of the register)
40
*/
41
val = cpu->env.v7m.ccr[attrs.secure];
42
val |= cpu->env.v7m.ccr[M_REG_NS] & R_V7M_CCR_BFHFNMIGN_MASK;
43
@@ -XXX,XX +XXX,XX @@ static void nvic_writel(NVICState *s, uint32_t offset, uint32_t value,
44
cpu->env.v7m.scr[attrs.secure] = value;
45
break;
46
case 0xd14: /* Configuration Control. */
47
+ {
48
+ uint32_t mask;
49
+
50
if (!arm_feature(&cpu->env, ARM_FEATURE_M_MAIN)) {
51
goto bad_offset;
52
}
53
54
/* Enforce RAZ/WI on reserved and must-RAZ/WI bits */
55
- value &= (R_V7M_CCR_STKALIGN_MASK |
56
- R_V7M_CCR_BFHFNMIGN_MASK |
57
- R_V7M_CCR_DIV_0_TRP_MASK |
58
- R_V7M_CCR_UNALIGN_TRP_MASK |
59
- R_V7M_CCR_USERSETMPEND_MASK |
60
- R_V7M_CCR_NONBASETHRDENA_MASK);
61
+ mask = R_V7M_CCR_STKALIGN_MASK |
62
+ R_V7M_CCR_BFHFNMIGN_MASK |
63
+ R_V7M_CCR_DIV_0_TRP_MASK |
64
+ R_V7M_CCR_UNALIGN_TRP_MASK |
65
+ R_V7M_CCR_USERSETMPEND_MASK |
66
+ R_V7M_CCR_NONBASETHRDENA_MASK;
67
+ if (arm_feature(&cpu->env, ARM_FEATURE_V8_1M) && attrs.secure) {
68
+ /* TRD is always RAZ/WI from NS */
69
+ mask |= R_V7M_CCR_TRD_MASK;
70
+ }
71
+ value &= mask;
72
73
if (arm_feature(&cpu->env, ARM_FEATURE_V8)) {
74
/* v8M makes NONBASETHRDENA and STKALIGN be RES1 */
75
@@ -XXX,XX +XXX,XX @@ static void nvic_writel(NVICState *s, uint32_t offset, uint32_t value,
76
77
cpu->env.v7m.ccr[attrs.secure] = value;
78
break;
79
+ }
22
+ }
80
case 0xd24: /* System Handler Control and State (SHCSR) */
23
if (arm_is_el3_or_mon(env)) {
81
if (!arm_feature(&cpu->env, ARM_FEATURE_V7)) {
24
return true;
82
goto bad_offset;
25
}
83
--
26
--
84
2.20.1
27
2.34.1
85
86
diff view generated by jsdifflib
[PULL 13/36] target/arm: Implement v8.1M PXN extension
[PULL 16/21] target/arm: Stub arm_hcr_el2_eff for m-profile
1
In v8.1M the PXN architecture extension adds a new PXN bit to the
1
From: Richard Henderson <richard.henderson@linaro.org>
2
MPU_RLAR registers, which forbids execution of code in the region
3
from a privileged mode.
4
2
5
This is another feature which is just in the generic "in v8.1M" set
3
M-profile doesn't have HCR_EL2. While we could test features
6
and has no ID register field indicating its presence.
4
before each call, zero is a generally safe return value to
5
disable the code in the caller. This test is required to
6
avoid an assert in arm_is_secure_below_el3.
7
7
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
10
Message-id: 20230227225832.816605-3-richard.henderson@linaro.org
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
10
Message-id: 20201119215617.29887-3-peter.maydell@linaro.org
11
---
12
---
12
target/arm/helper.c | 7 ++++++-
13
target/arm/helper.c | 3 +++
13
1 file changed, 6 insertions(+), 1 deletion(-)
14
1 file changed, 3 insertions(+)
14
15
15
diff --git a/target/arm/helper.c b/target/arm/helper.c
16
diff --git a/target/arm/helper.c b/target/arm/helper.c
16
index XXXXXXX..XXXXXXX 100644
17
index XXXXXXX..XXXXXXX 100644
17
--- a/target/arm/helper.c
18
--- a/target/arm/helper.c
18
+++ b/target/arm/helper.c
19
+++ b/target/arm/helper.c
19
@@ -XXX,XX +XXX,XX @@ bool pmsav8_mpu_lookup(CPUARMState *env, uint32_t address,
20
@@ -XXX,XX +XXX,XX @@ uint64_t arm_hcr_el2_eff_secstate(CPUARMState *env, bool secure)
20
} else {
21
21
uint32_t ap = extract32(env->pmsav8.rbar[secure][matchregion], 1, 2);
22
uint64_t arm_hcr_el2_eff(CPUARMState *env)
22
uint32_t xn = extract32(env->pmsav8.rbar[secure][matchregion], 0, 1);
23
{
23
+ bool pxn = false;
24
+ if (arm_feature(env, ARM_FEATURE_M)) {
24
+
25
+ return 0;
25
+ if (arm_feature(env, ARM_FEATURE_V8_1M)) {
26
+ }
26
+ pxn = extract32(env->pmsav8.rlar[secure][matchregion], 4, 1);
27
return arm_hcr_el2_eff_secstate(env, arm_is_secure_below_el3(env));
27
+ }
28
}
28
29
29
if (m_is_system_region(env, address)) {
30
/* System space is always execute never */
31
@@ -XXX,XX +XXX,XX @@ bool pmsav8_mpu_lookup(CPUARMState *env, uint32_t address,
32
}
33
34
*prot = simple_ap_to_rw_prot(env, mmu_idx, ap);
35
- if (*prot && !xn) {
36
+ if (*prot && !xn && !(pxn && !is_user)) {
37
*prot |= PAGE_EXEC;
38
}
39
/* We don't need to look the attribute up in the MAIR0/MAIR1
40
--
30
--
41
2.20.1
31
2.34.1
42
43
diff view generated by jsdifflib
[PULL 25/36] hw/intc/armv7m_nvic: Update FPDSCR masking for v8.1M
[PULL 17/21] target/arm: Diagnose incorrect usage of arm_is_secure subroutines
1
The FPDSCR register has a similar layout to the FPSCR. In v8.1M it
1
From: Richard Henderson <richard.henderson@linaro.org>
2
gains new fields FZ16 (if half-precision floating point is supported)
3
and LTPSIZE (always reads as 4). Update the reset value and the code
4
that handles writes to this register accordingly.
5
2
3
In several places we use arm_is_secure_below_el3 and
4
arm_is_el3_or_mon separately from arm_is_secure.
5
These functions make no sense for m-profile, and
6
would indicate prior incorrect feature testing.
7
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
9
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
10
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
11
Message-id: 20230227225832.816605-4-richard.henderson@linaro.org
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20201119215617.29887-16-peter.maydell@linaro.org
9
---
13
---
10
target/arm/cpu.h | 5 +++++
14
target/arm/cpu.h | 5 ++++-
11
hw/intc/armv7m_nvic.c | 9 ++++++++-
15
1 file changed, 4 insertions(+), 1 deletion(-)
12
target/arm/cpu.c | 3 +++
13
3 files changed, 16 insertions(+), 1 deletion(-)
14
16
15
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
17
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
16
index XXXXXXX..XXXXXXX 100644
18
index XXXXXXX..XXXXXXX 100644
17
--- a/target/arm/cpu.h
19
--- a/target/arm/cpu.h
18
+++ b/target/arm/cpu.h
20
+++ b/target/arm/cpu.h
19
@@ -XXX,XX +XXX,XX @@ void vfp_set_fpscr(CPUARMState *env, uint32_t val);
21
@@ -XXX,XX +XXX,XX @@ static inline int arm_feature(CPUARMState *env, int feature)
20
#define FPCR_IXE (1 << 12) /* Inexact exception trap enable */
22
void arm_cpu_finalize_features(ARMCPU *cpu, Error **errp);
21
#define FPCR_IDE (1 << 15) /* Input Denormal exception trap enable */
23
22
#define FPCR_FZ16 (1 << 19) /* ARMv8.2+, FP16 flush-to-zero */
24
#if !defined(CONFIG_USER_ONLY)
23
+#define FPCR_RMODE_MASK (3 << 22) /* Rounding mode */
25
-/* Return true if exception levels below EL3 are in secure state,
24
#define FPCR_FZ (1 << 24) /* Flush-to-zero enable bit */
26
+/*
25
#define FPCR_DN (1 << 25) /* Default NaN enable bit */
27
+ * Return true if exception levels below EL3 are in secure state,
26
+#define FPCR_AHP (1 << 26) /* Alternative half-precision */
28
* or would be following an exception return to that level.
27
#define FPCR_QC (1 << 27) /* Cumulative saturation bit */
29
* Unlike arm_is_secure() (which is always a question about the
28
#define FPCR_V (1 << 28) /* FP overflow flag */
30
* _current_ state of the CPU) this doesn't care about the current
29
#define FPCR_C (1 << 29) /* FP carry flag */
31
@@ -XXX,XX +XXX,XX @@ void arm_cpu_finalize_features(ARMCPU *cpu, Error **errp);
30
#define FPCR_Z (1 << 30) /* FP zero flag */
32
*/
31
#define FPCR_N (1 << 31) /* FP negative flag */
33
static inline bool arm_is_secure_below_el3(CPUARMState *env)
32
34
{
33
+#define FPCR_LTPSIZE_SHIFT 16 /* LTPSIZE, M-profile only */
35
+ assert(!arm_feature(env, ARM_FEATURE_M));
34
+#define FPCR_LTPSIZE_MASK (7 << FPCR_LTPSIZE_SHIFT)
36
if (arm_feature(env, ARM_FEATURE_EL3)) {
35
+
37
return !(env->cp15.scr_el3 & SCR_NS);
36
#define FPCR_NZCV_MASK (FPCR_N | FPCR_Z | FPCR_C | FPCR_V)
38
} else {
37
#define FPCR_NZCVQC_MASK (FPCR_NZCV_MASK | FPCR_QC)
39
@@ -XXX,XX +XXX,XX @@ static inline bool arm_is_secure_below_el3(CPUARMState *env)
38
40
/* Return true if the CPU is AArch64 EL3 or AArch32 Mon */
39
diff --git a/hw/intc/armv7m_nvic.c b/hw/intc/armv7m_nvic.c
41
static inline bool arm_is_el3_or_mon(CPUARMState *env)
40
index XXXXXXX..XXXXXXX 100644
42
{
41
--- a/hw/intc/armv7m_nvic.c
43
+ assert(!arm_feature(env, ARM_FEATURE_M));
42
+++ b/hw/intc/armv7m_nvic.c
44
if (arm_feature(env, ARM_FEATURE_EL3)) {
43
@@ -XXX,XX +XXX,XX @@ static void nvic_writel(NVICState *s, uint32_t offset, uint32_t value,
45
if (is_a64(env) && extract32(env->pstate, 2, 2) == 3) {
44
break;
46
/* CPU currently in AArch64 state and EL3 */
45
case 0xf3c: /* FPDSCR */
46
if (cpu_isar_feature(aa32_vfp_simd, cpu)) {
47
- value &= 0x07c00000;
48
+ uint32_t mask = FPCR_AHP | FPCR_DN | FPCR_FZ | FPCR_RMODE_MASK;
49
+ if (cpu_isar_feature(any_fp16, cpu)) {
50
+ mask |= FPCR_FZ16;
51
+ }
52
+ value &= mask;
53
+ if (cpu_isar_feature(aa32_lob, cpu)) {
54
+ value |= 4 << FPCR_LTPSIZE_SHIFT;
55
+ }
56
cpu->env.v7m.fpdscr[attrs.secure] = value;
57
}
58
break;
59
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
60
index XXXXXXX..XXXXXXX 100644
61
--- a/target/arm/cpu.c
62
+++ b/target/arm/cpu.c
63
@@ -XXX,XX +XXX,XX @@ static void arm_cpu_reset(DeviceState *dev)
64
* always reset to 4.
65
*/
66
env->v7m.ltpsize = 4;
67
+ /* The LTPSIZE field in FPDSCR is constant and reads as 4. */
68
+ env->v7m.fpdscr[M_REG_NS] = 4 << FPCR_LTPSIZE_SHIFT;
69
+ env->v7m.fpdscr[M_REG_S] = 4 << FPCR_LTPSIZE_SHIFT;
70
}
71
72
if (arm_feature(env, ARM_FEATURE_M_SECURITY)) {
73
--
47
--
74
2.20.1
48
2.34.1
75
49
76
50
diff view generated by jsdifflib
[PULL 03/36] xlnx-zynqmp: Connect Xilinx ZynqMP CAN controllers
[PULL 18/21] target/arm: Rewrite check_s2_mmu_setup
1
From: Vikram Garhwal <fnu.vikram@xilinx.com>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
Connect CAN0 and CAN1 on the ZynqMP.
3
Integrate neighboring code from get_phys_addr_lpae which computed
4
4
starting level, as it is easier to validate when doing both at the
5
Reviewed-by: Francisco Iglesias <francisco.iglesias@xilinx.com>
5
same time. Mirror the checks at the start of AArch{64,32}.S2Walk,
6
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
6
especially S2InvalidSL and S2InconsistentSL.
7
Signed-off-by: Vikram Garhwal <fnu.vikram@xilinx.com>
7
8
Message-id: 1605728926-352690-3-git-send-email-fnu.vikram@xilinx.com
8
This reverts 49ba115bb74, which was incorrect -- there is nothing
9
in the ARM pseudocode that depends on TxSZ, i.e. outputsize; the
10
pseudocode is consistent in referencing PAMax.
11
12
Fixes: 49ba115bb74 ("target/arm: Pass outputsize down to check_s2_mmu_setup")
13
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
14
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15
Message-id: 20230227225832.816605-5-richard.henderson@linaro.org
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
16
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
17
---
11
include/hw/arm/xlnx-zynqmp.h | 8 ++++++++
18
target/arm/ptw.c | 173 ++++++++++++++++++++++++++---------------------
12
hw/arm/xlnx-zcu102.c | 20 ++++++++++++++++++++
19
1 file changed, 97 insertions(+), 76 deletions(-)
13
hw/arm/xlnx-zynqmp.c | 34 ++++++++++++++++++++++++++++++++++
20
14
3 files changed, 62 insertions(+)
21
diff --git a/target/arm/ptw.c b/target/arm/ptw.c
15
16
diff --git a/include/hw/arm/xlnx-zynqmp.h b/include/hw/arm/xlnx-zynqmp.h
17
index XXXXXXX..XXXXXXX 100644
22
index XXXXXXX..XXXXXXX 100644
18
--- a/include/hw/arm/xlnx-zynqmp.h
23
--- a/target/arm/ptw.c
19
+++ b/include/hw/arm/xlnx-zynqmp.h
24
+++ b/target/arm/ptw.c
20
@@ -XXX,XX +XXX,XX @@
25
@@ -XXX,XX +XXX,XX @@ static ARMVAParameters aa32_va_parameters(CPUARMState *env, uint32_t va,
21
#include "hw/intc/arm_gic.h"
26
* check_s2_mmu_setup
22
#include "hw/net/cadence_gem.h"
27
* @cpu: ARMCPU
23
#include "hw/char/cadence_uart.h"
28
* @is_aa64: True if the translation regime is in AArch64 state
24
+#include "hw/net/xlnx-zynqmp-can.h"
29
- * @startlevel: Suggested starting level
25
#include "hw/ide/ahci.h"
30
- * @inputsize: Bitsize of IPAs
26
#include "hw/sd/sdhci.h"
31
+ * @tcr: VTCR_EL2 or VSTCR_EL2
27
#include "hw/ssi/xilinx_spips.h"
32
+ * @ds: Effective value of TCR.DS.
28
@@ -XXX,XX +XXX,XX @@
33
+ * @iasize: Bitsize of IPAs
29
#include "hw/cpu/cluster.h"
34
* @stride: Page-table stride (See the ARM ARM)
30
#include "target/arm/cpu.h"
35
*
31
#include "qom/object.h"
36
- * Returns true if the suggested S2 translation parameters are OK and
32
+#include "net/can_emu.h"
37
- * false otherwise.
33
38
+ * Decode the starting level of the S2 lookup, returning INT_MIN if
34
#define TYPE_XLNX_ZYNQMP "xlnx,zynqmp"
39
+ * the configuration is invalid.
35
OBJECT_DECLARE_SIMPLE_TYPE(XlnxZynqMPState, XLNX_ZYNQMP)
40
*/
36
@@ -XXX,XX +XXX,XX @@ OBJECT_DECLARE_SIMPLE_TYPE(XlnxZynqMPState, XLNX_ZYNQMP)
41
-static bool check_s2_mmu_setup(ARMCPU *cpu, bool is_aa64, int level,
37
#define XLNX_ZYNQMP_NUM_RPU_CPUS 2
42
- int inputsize, int stride, int outputsize)
38
#define XLNX_ZYNQMP_NUM_GEMS 4
43
+static int check_s2_mmu_setup(ARMCPU *cpu, bool is_aa64, uint64_t tcr,
39
#define XLNX_ZYNQMP_NUM_UARTS 2
44
+ bool ds, int iasize, int stride)
40
+#define XLNX_ZYNQMP_NUM_CAN 2
45
{
41
+#define XLNX_ZYNQMP_CAN_REF_CLK (24 * 1000 * 1000)
46
- const int grainsize = stride + 3;
42
#define XLNX_ZYNQMP_NUM_SDHCI 2
47
- int startsizecheck;
43
#define XLNX_ZYNQMP_NUM_SPIS 2
48
-
44
#define XLNX_ZYNQMP_NUM_GDMA_CH 8
49
- /*
45
@@ -XXX,XX +XXX,XX @@ struct XlnxZynqMPState {
50
- * Negative levels are usually not allowed...
46
51
- * Except for FEAT_LPA2, 4k page table, 52-bit address space, which
47
CadenceGEMState gem[XLNX_ZYNQMP_NUM_GEMS];
52
- * begins with level -1. Note that previous feature tests will have
48
CadenceUARTState uart[XLNX_ZYNQMP_NUM_UARTS];
53
- * eliminated this combination if it is not enabled.
49
+ XlnxZynqMPCANState can[XLNX_ZYNQMP_NUM_CAN];
54
- */
50
SysbusAHCIState sata;
55
- if (level < (inputsize == 52 && stride == 9 ? -1 : 0)) {
51
SDHCIState sdhci[XLNX_ZYNQMP_NUM_SDHCI];
56
- return false;
52
XilinxSPIPS spi[XLNX_ZYNQMP_NUM_SPIS];
57
- }
53
@@ -XXX,XX +XXX,XX @@ struct XlnxZynqMPState {
58
-
54
bool virt;
59
- startsizecheck = inputsize - ((3 - level) * stride + grainsize);
55
/* Has the RPU subsystem? */
60
- if (startsizecheck < 1 || startsizecheck > stride + 4) {
56
bool has_rpu;
61
- return false;
57
+
62
- }
58
+ /* CAN bus. */
63
+ int sl0, sl2, startlevel, granulebits, levels;
59
+ CanBusState *canbus[XLNX_ZYNQMP_NUM_CAN];
64
+ int s1_min_iasize, s1_max_iasize;
60
};
65
61
66
+ sl0 = extract32(tcr, 6, 2);
62
#endif
67
if (is_aa64) {
63
diff --git a/hw/arm/xlnx-zcu102.c b/hw/arm/xlnx-zcu102.c
68
+ /*
64
index XXXXXXX..XXXXXXX 100644
69
+ * AArch64.S2InvalidTxSZ: While we checked tsz_oob near the top of
65
--- a/hw/arm/xlnx-zcu102.c
70
+ * get_phys_addr_lpae, that used aa64_va_parameters which apply
66
+++ b/hw/arm/xlnx-zcu102.c
71
+ * to aarch64. If Stage1 is aarch32, the min_txsz is larger.
67
@@ -XXX,XX +XXX,XX @@
72
+ * See AArch64.S2MinTxSZ, where min_tsz is 24, translated to
68
#include "sysemu/qtest.h"
73
+ * inputsize is 64 - 24 = 40.
69
#include "sysemu/device_tree.h"
74
+ */
70
#include "qom/object.h"
75
+ if (iasize < 40 && !arm_el_is_aa64(&cpu->env, 1)) {
71
+#include "net/can_emu.h"
76
+ goto fail;
72
77
+ }
73
struct XlnxZCU102 {
78
+
74
MachineState parent_obj;
79
+ /*
75
@@ -XXX,XX +XXX,XX @@ struct XlnxZCU102 {
80
+ * AArch64.S2InvalidSL: Interpretation of SL depends on the page size,
76
bool secure;
81
+ * so interleave AArch64.S2StartLevel.
77
bool virt;
82
+ */
78
83
switch (stride) {
79
+ CanBusState *canbus[XLNX_ZYNQMP_NUM_CAN];
84
- case 13: /* 64KB Pages. */
80
+
85
- if (level == 0 || (level == 1 && outputsize <= 42)) {
81
struct arm_boot_info binfo;
86
- return false;
82
};
87
+ case 9: /* 4KB */
83
88
+ /* SL2 is RES0 unless DS=1 & 4KB granule. */
84
@@ -XXX,XX +XXX,XX @@ static void xlnx_zcu102_init(MachineState *machine)
89
+ sl2 = extract64(tcr, 33, 1);
85
object_property_set_bool(OBJECT(&s->soc), "virtualization", s->virt,
90
+ if (ds && sl2) {
86
&error_fatal);
91
+ if (sl0 != 0) {
87
92
+ goto fail;
88
+ for (i = 0; i < XLNX_ZYNQMP_NUM_CAN; i++) {
93
+ }
89
+ gchar *bus_name = g_strdup_printf("canbus%d", i);
94
+ startlevel = -1;
90
+
95
+ } else {
91
+ object_property_set_link(OBJECT(&s->soc), bus_name,
96
+ startlevel = 2 - sl0;
92
+ OBJECT(s->canbus[i]), &error_fatal);
97
+ switch (sl0) {
93
+ g_free(bus_name);
98
+ case 2:
99
+ if (arm_pamax(cpu) < 44) {
100
+ goto fail;
101
+ }
102
+ break;
103
+ case 3:
104
+ if (!cpu_isar_feature(aa64_st, cpu)) {
105
+ goto fail;
106
+ }
107
+ startlevel = 3;
108
+ break;
109
+ }
110
}
111
break;
112
- case 11: /* 16KB Pages. */
113
- if (level == 0 || (level == 1 && outputsize <= 40)) {
114
- return false;
115
+ case 11: /* 16KB */
116
+ switch (sl0) {
117
+ case 2:
118
+ if (arm_pamax(cpu) < 42) {
119
+ goto fail;
120
+ }
121
+ break;
122
+ case 3:
123
+ if (!ds) {
124
+ goto fail;
125
+ }
126
+ break;
127
}
128
+ startlevel = 3 - sl0;
129
break;
130
- case 9: /* 4KB Pages. */
131
- if (level == 0 && outputsize <= 42) {
132
- return false;
133
+ case 13: /* 64KB */
134
+ switch (sl0) {
135
+ case 2:
136
+ if (arm_pamax(cpu) < 44) {
137
+ goto fail;
138
+ }
139
+ break;
140
+ case 3:
141
+ goto fail;
142
}
143
+ startlevel = 3 - sl0;
144
break;
145
default:
146
g_assert_not_reached();
147
}
148
-
149
- /* Inputsize checks. */
150
- if (inputsize > outputsize &&
151
- (arm_el_is_aa64(&cpu->env, 1) || inputsize > 40)) {
152
- /* This is CONSTRAINED UNPREDICTABLE and we choose to fault. */
153
- return false;
154
- }
155
} else {
156
- /* AArch32 only supports 4KB pages. Assert on that. */
157
+ /*
158
+ * Things are simpler for AArch32 EL2, with only 4k pages.
159
+ * There is no separate S2InvalidSL function, but AArch32.S2Walk
160
+ * begins with walkparms.sl0 in {'1x'}.
161
+ */
162
assert(stride == 9);
163
-
164
- if (level == 0) {
165
- return false;
166
+ if (sl0 >= 2) {
167
+ goto fail;
168
}
169
+ startlevel = 2 - sl0;
170
}
171
- return true;
172
+
173
+ /* AArch{64,32}.S2InconsistentSL are functionally equivalent. */
174
+ levels = 3 - startlevel;
175
+ granulebits = stride + 3;
176
+
177
+ s1_min_iasize = levels * stride + granulebits + 1;
178
+ s1_max_iasize = s1_min_iasize + (stride - 1) + 4;
179
+
180
+ if (iasize >= s1_min_iasize && iasize <= s1_max_iasize) {
181
+ return startlevel;
94
+ }
182
+ }
95
+
183
+
96
qdev_realize(DEVICE(&s->soc), NULL, &error_fatal);
184
+ fail:
97
185
+ return INT_MIN;
98
/* Create and plug in the SD cards */
99
@@ -XXX,XX +XXX,XX @@ static void xlnx_zcu102_machine_instance_init(Object *obj)
100
s->secure = false;
101
/* Default to virt (EL2) being disabled */
102
s->virt = false;
103
+ object_property_add_link(obj, "xlnx-zcu102.canbus0", TYPE_CAN_BUS,
104
+ (Object **)&s->canbus[0],
105
+ object_property_allow_set_link,
106
+ 0);
107
+
108
+ object_property_add_link(obj, "xlnx-zcu102.canbus1", TYPE_CAN_BUS,
109
+ (Object **)&s->canbus[1],
110
+ object_property_allow_set_link,
111
+ 0);
112
}
186
}
113
187
114
static void xlnx_zcu102_machine_class_init(ObjectClass *oc, void *data)
188
/**
115
diff --git a/hw/arm/xlnx-zynqmp.c b/hw/arm/xlnx-zynqmp.c
189
@@ -XXX,XX +XXX,XX @@ static bool get_phys_addr_lpae(CPUARMState *env, S1Translate *ptw,
116
index XXXXXXX..XXXXXXX 100644
190
*/
117
--- a/hw/arm/xlnx-zynqmp.c
191
level = 4 - (inputsize - 4) / stride;
118
+++ b/hw/arm/xlnx-zynqmp.c
192
} else {
119
@@ -XXX,XX +XXX,XX @@ static const int uart_intr[XLNX_ZYNQMP_NUM_UARTS] = {
193
- /*
120
21, 22,
194
- * For stage 2 translations the starting level is specified by the
121
};
195
- * VTCR_EL2.SL0 field (whose interpretation depends on the page size)
122
196
- */
123
+static const uint64_t can_addr[XLNX_ZYNQMP_NUM_CAN] = {
197
- uint32_t sl0 = extract32(tcr, 6, 2);
124
+ 0xFF060000, 0xFF070000,
198
- uint32_t sl2 = extract64(tcr, 33, 1);
125
+};
199
- int32_t startlevel;
126
+
200
- bool ok;
127
+static const int can_intr[XLNX_ZYNQMP_NUM_CAN] = {
201
-
128
+ 23, 24,
202
- /* SL2 is RES0 unless DS=1 & 4kb granule. */
129
+};
203
- if (param.ds && stride == 9 && sl2) {
130
+
204
- if (sl0 != 0) {
131
static const uint64_t sdhci_addr[XLNX_ZYNQMP_NUM_SDHCI] = {
205
- level = 0;
132
0xFF160000, 0xFF170000,
206
- goto do_translation_fault;
133
};
207
- }
134
@@ -XXX,XX +XXX,XX @@ static void xlnx_zynqmp_init(Object *obj)
208
- startlevel = -1;
135
TYPE_CADENCE_UART);
209
- } else if (!aarch64 || stride == 9) {
136
}
210
- /* AArch32 or 4KB pages */
137
211
- startlevel = 2 - sl0;
138
+ for (i = 0; i < XLNX_ZYNQMP_NUM_CAN; i++) {
212
-
139
+ object_initialize_child(obj, "can[*]", &s->can[i],
213
- if (cpu_isar_feature(aa64_st, cpu)) {
140
+ TYPE_XLNX_ZYNQMP_CAN);
214
- startlevel &= 3;
141
+ }
215
- }
142
+
216
- } else {
143
object_initialize_child(obj, "sata", &s->sata, TYPE_SYSBUS_AHCI);
217
- /* 16KB or 64KB pages */
144
218
- startlevel = 3 - sl0;
145
for (i = 0; i < XLNX_ZYNQMP_NUM_SDHCI; i++) {
219
- }
146
@@ -XXX,XX +XXX,XX @@ static void xlnx_zynqmp_realize(DeviceState *dev, Error **errp)
220
-
147
gic_spi[uart_intr[i]]);
221
- /* Check that the starting level is valid. */
148
}
222
- ok = check_s2_mmu_setup(cpu, aarch64, startlevel,
149
223
- inputsize, stride, outputsize);
150
+ for (i = 0; i < XLNX_ZYNQMP_NUM_CAN; i++) {
224
- if (!ok) {
151
+ object_property_set_int(OBJECT(&s->can[i]), "ext_clk_freq",
225
+ int startlevel = check_s2_mmu_setup(cpu, aarch64, tcr, param.ds,
152
+ XLNX_ZYNQMP_CAN_REF_CLK, &error_abort);
226
+ inputsize, stride);
153
+
227
+ if (startlevel == INT_MIN) {
154
+ object_property_set_link(OBJECT(&s->can[i]), "canbus",
228
+ level = 0;
155
+ OBJECT(s->canbus[i]), &error_fatal);
229
goto do_translation_fault;
156
+
230
}
157
+ sysbus_realize(SYS_BUS_DEVICE(&s->can[i]), &err);
231
level = startlevel;
158
+ if (err) {
159
+ error_propagate(errp, err);
160
+ return;
161
+ }
162
+ sysbus_mmio_map(SYS_BUS_DEVICE(&s->can[i]), 0, can_addr[i]);
163
+ sysbus_connect_irq(SYS_BUS_DEVICE(&s->can[i]), 0,
164
+ gic_spi[can_intr[i]]);
165
+ }
166
+
167
object_property_set_int(OBJECT(&s->sata), "num-ports", SATA_NUM_PORTS,
168
&error_abort);
169
if (!sysbus_realize(SYS_BUS_DEVICE(&s->sata), errp)) {
170
@@ -XXX,XX +XXX,XX @@ static Property xlnx_zynqmp_props[] = {
171
DEFINE_PROP_BOOL("has_rpu", XlnxZynqMPState, has_rpu, false),
172
DEFINE_PROP_LINK("ddr-ram", XlnxZynqMPState, ddr_ram, TYPE_MEMORY_REGION,
173
MemoryRegion *),
174
+ DEFINE_PROP_LINK("canbus0", XlnxZynqMPState, canbus[0], TYPE_CAN_BUS,
175
+ CanBusState *),
176
+ DEFINE_PROP_LINK("canbus1", XlnxZynqMPState, canbus[1], TYPE_CAN_BUS,
177
+ CanBusState *),
178
DEFINE_PROP_END_OF_LIST()
179
};
180
181
--
232
--
182
2.20.1
233
2.34.1
183
184
diff view generated by jsdifflib
[PULL 02/36] hw/net/can: Introduce Xilinx ZynqMP CAN controller
[PULL 19/21] hw: arm: Support direct boot for Linux/arm64 EFI zboot images
1
From: Vikram Garhwal <fnu.vikram@xilinx.com>
1
From: Ard Biesheuvel <ardb@kernel.org>
2
2
3
The Xilinx ZynqMP CAN controller is developed based on SocketCAN, QEMU CAN bus
3
Fedora 39 will ship its arm64 kernels in the new generic EFI zboot
4
implementation. Bus connection and socketCAN connection for each CAN module
4
format, using gzip compression for the payload.
5
can be set through command lines.
6
5
7
Example for using single CAN:
6
For doing EFI boot in QEMU, this is completely transparent, as the
8
-object can-bus,id=canbus0 \
7
firmware or bootloader will take care of this. However, for direct
9
-machine xlnx-zcu102.canbus0=canbus0 \
8
kernel boot without firmware, we will lose the ability to boot such
10
-object can-host-socketcan,id=socketcan0,if=vcan0,canbus=canbus0
9
distro kernels unless we deal with the new format directly.
11
10
12
Example for connecting both CAN to same virtual CAN on host machine:
11
EFI zboot images contain metadata in the header regarding the placement
13
-object can-bus,id=canbus0 -object can-bus,id=canbus1 \
12
of the compressed payload inside the image, and the type of compression
14
-machine xlnx-zcu102.canbus0=canbus0 \
13
used. This means we can wire up the existing gzip support without too
15
-machine xlnx-zcu102.canbus1=canbus1 \
14
much hassle, by parsing the header and grabbing the payload from inside
16
-object can-host-socketcan,id=socketcan0,if=vcan0,canbus=canbus0 \
15
the loaded zboot image.
17
-object can-host-socketcan,id=socketcan1,if=vcan0,canbus=canbus1
18
16
19
To create virtual CAN on the host machine, please check the QEMU CAN docs:
17
Cc: Peter Maydell <peter.maydell@linaro.org>
20
https://github.com/qemu/qemu/blob/master/docs/can.txt
18
Cc: Alex Bennée <alex.bennee@linaro.org>
21
19
Cc: Richard Henderson <richard.henderson@linaro.org>
22
Signed-off-by: Vikram Garhwal <fnu.vikram@xilinx.com>
20
Cc: Philippe Mathieu-Daudé <f4bug@amsat.org>
23
Message-id: 1605728926-352690-2-git-send-email-fnu.vikram@xilinx.com
21
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
22
Message-id: 20230303160109.3626966-1-ardb@kernel.org
24
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
23
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
24
[PMM: tweaked comment formatting, fixed checkpatch nits]
25
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
25
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
26
---
26
---
27
meson.build | 1 +
27
include/hw/loader.h | 19 ++++++++++
28
hw/net/can/trace.h | 1 +
28
hw/arm/boot.c | 6 +++
29
include/hw/net/xlnx-zynqmp-can.h | 78 ++
29
hw/core/loader.c | 91 +++++++++++++++++++++++++++++++++++++++++++++
30
hw/net/can/xlnx-zynqmp-can.c | 1161 ++++++++++++++++++++++++++++++
30
3 files changed, 116 insertions(+)
31
hw/Kconfig | 1 +
32
hw/net/can/meson.build | 1 +
33
hw/net/can/trace-events | 9 +
34
7 files changed, 1252 insertions(+)
35
create mode 100644 hw/net/can/trace.h
36
create mode 100644 include/hw/net/xlnx-zynqmp-can.h
37
create mode 100644 hw/net/can/xlnx-zynqmp-can.c
38
create mode 100644 hw/net/can/trace-events
39
31
40
diff --git a/meson.build b/meson.build
32
diff --git a/include/hw/loader.h b/include/hw/loader.h
41
index XXXXXXX..XXXXXXX 100644
33
index XXXXXXX..XXXXXXX 100644
42
--- a/meson.build
34
--- a/include/hw/loader.h
43
+++ b/meson.build
35
+++ b/include/hw/loader.h
44
@@ -XXX,XX +XXX,XX @@ if have_system
36
@@ -XXX,XX +XXX,XX @@ ssize_t load_image_gzipped_buffer(const char *filename, uint64_t max_sz,
45
'hw/misc',
37
uint8_t **buffer);
46
'hw/misc/macio',
38
ssize_t load_image_gzipped(const char *filename, hwaddr addr, uint64_t max_sz);
47
'hw/net',
39
48
+ 'hw/net/can',
40
+/**
49
'hw/nvram',
41
+ * unpack_efi_zboot_image:
50
'hw/pci',
42
+ * @buffer: pointer to a variable holding the address of a buffer containing the
51
'hw/pci-host',
43
+ * image
52
diff --git a/hw/net/can/trace.h b/hw/net/can/trace.h
44
+ * @size: pointer to a variable holding the size of the buffer
53
new file mode 100644
45
+ *
54
index XXXXXXX..XXXXXXX
46
+ * Check whether the buffer contains a EFI zboot image, and if it does, extract
55
--- /dev/null
47
+ * the compressed payload and decompress it into a new buffer. If successful,
56
+++ b/hw/net/can/trace.h
48
+ * the old buffer is freed, and the *buffer and size variables pointed to by the
57
@@ -0,0 +1 @@
49
+ * function arguments are updated to refer to the newly populated buffer.
58
+#include "trace/trace-hw_net_can.h"
50
+ *
59
diff --git a/include/hw/net/xlnx-zynqmp-can.h b/include/hw/net/xlnx-zynqmp-can.h
51
+ * Returns 0 if the image could not be identified as a EFI zboot image.
60
new file mode 100644
52
+ * Returns -1 if the buffer contents were identified as a EFI zboot image, but
61
index XXXXXXX..XXXXXXX
53
+ * unpacking failed for any reason.
62
--- /dev/null
54
+ * Returns the size of the decompressed payload if decompression was performed
63
+++ b/include/hw/net/xlnx-zynqmp-can.h
55
+ * successfully.
64
@@ -XXX,XX +XXX,XX @@
56
+ */
57
+ssize_t unpack_efi_zboot_image(uint8_t **buffer, int *size);
58
+
59
#define ELF_LOAD_FAILED -1
60
#define ELF_LOAD_NOT_ELF -2
61
#define ELF_LOAD_WRONG_ARCH -3
62
diff --git a/hw/arm/boot.c b/hw/arm/boot.c
63
index XXXXXXX..XXXXXXX 100644
64
--- a/hw/arm/boot.c
65
+++ b/hw/arm/boot.c
66
@@ -XXX,XX +XXX,XX @@ static uint64_t load_aarch64_image(const char *filename, hwaddr mem_base,
67
return -1;
68
}
69
size = len;
70
+
71
+ /* Unpack the image if it is a EFI zboot image */
72
+ if (unpack_efi_zboot_image(&buffer, &size) < 0) {
73
+ g_free(buffer);
74
+ return -1;
75
+ }
76
}
77
78
/* check the arm64 magic header value -- very old kernels may not have it */
79
diff --git a/hw/core/loader.c b/hw/core/loader.c
80
index XXXXXXX..XXXXXXX 100644
81
--- a/hw/core/loader.c
82
+++ b/hw/core/loader.c
83
@@ -XXX,XX +XXX,XX @@ ssize_t load_image_gzipped(const char *filename, hwaddr addr, uint64_t max_sz)
84
return bytes;
85
}
86
87
+/* The PE/COFF MS-DOS stub magic number */
88
+#define EFI_PE_MSDOS_MAGIC "MZ"
89
+
65
+/*
90
+/*
66
+ * QEMU model of the Xilinx ZynqMP CAN controller.
91
+ * The Linux header magic number for a EFI PE/COFF
92
+ * image targetting an unspecified architecture.
93
+ */
94
+#define EFI_PE_LINUX_MAGIC "\xcd\x23\x82\x81"
95
+
96
+/*
97
+ * Bootable Linux kernel images may be packaged as EFI zboot images, which are
98
+ * self-decompressing executables when loaded via EFI. The compressed payload
99
+ * can also be extracted from the image and decompressed by a non-EFI loader.
67
+ *
100
+ *
68
+ * Copyright (c) 2020 Xilinx Inc.
101
+ * The de facto specification for this format is at the following URL:
69
+ *
102
+ *
70
+ * Written-by: Vikram Garhwal<fnu.vikram@xilinx.com>
103
+ * https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/drivers/firmware/efi/libstub/zboot-header.S
71
+ *
104
+ *
72
+ * Based on QEMU CAN Device emulation implemented by Jin Yang, Deniz Eren and
105
+ * This definition is based on Linux upstream commit 29636a5ce87beba.
73
+ * Pavel Pisa.
74
+ *
75
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
76
+ * of this software and associated documentation files (the "Software"), to deal
77
+ * in the Software without restriction, including without limitation the rights
78
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
79
+ * copies of the Software, and to permit persons to whom the Software is
80
+ * furnished to do so, subject to the following conditions:
81
+ *
82
+ * The above copyright notice and this permission notice shall be included in
83
+ * all copies or substantial portions of the Software.
84
+ *
85
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
86
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
87
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
88
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
89
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
90
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
91
+ * THE SOFTWARE.
92
+ */
106
+ */
93
+
107
+struct linux_efi_zboot_header {
94
+#ifndef XLNX_ZYNQMP_CAN_H
108
+ uint8_t msdos_magic[2]; /* PE/COFF 'MZ' magic number */
95
+#define XLNX_ZYNQMP_CAN_H
109
+ uint8_t reserved0[2];
96
+
110
+ uint8_t zimg[4]; /* "zimg" for Linux EFI zboot images */
97
+#include "hw/register.h"
111
+ uint32_t payload_offset; /* LE offset to compressed payload */
98
+#include "net/can_emu.h"
112
+ uint32_t payload_size; /* LE size of the compressed payload */
99
+#include "net/can_host.h"
113
+ uint8_t reserved1[8];
100
+#include "qemu/fifo32.h"
114
+ char compression_type[32]; /* Compression type, NUL terminated */
101
+#include "hw/ptimer.h"
115
+ uint8_t linux_magic[4]; /* Linux header magic */
102
+#include "hw/qdev-clock.h"
116
+ uint32_t pe_header_offset; /* LE offset to the PE header */
103
+
104
+#define TYPE_XLNX_ZYNQMP_CAN "xlnx.zynqmp-can"
105
+
106
+#define XLNX_ZYNQMP_CAN(obj) \
107
+ OBJECT_CHECK(XlnxZynqMPCANState, (obj), TYPE_XLNX_ZYNQMP_CAN)
108
+
109
+#define MAX_CAN_CTRLS 2
110
+#define XLNX_ZYNQMP_CAN_R_MAX (0x84 / 4)
111
+#define MAILBOX_CAPACITY 64
112
+#define CAN_TIMER_MAX 0XFFFFUL
113
+#define CAN_DEFAULT_CLOCK (24 * 1000 * 1000)
114
+
115
+/* Each CAN_FRAME will have 4 * 32bit size. */
116
+#define CAN_FRAME_SIZE 4
117
+#define RXFIFO_SIZE (MAILBOX_CAPACITY * CAN_FRAME_SIZE)
118
+
119
+typedef struct XlnxZynqMPCANState {
120
+ SysBusDevice parent_obj;
121
+ MemoryRegion iomem;
122
+
123
+ qemu_irq irq;
124
+
125
+ CanBusClientState bus_client;
126
+ CanBusState *canbus;
127
+
128
+ struct {
129
+ uint32_t ext_clk_freq;
130
+ } cfg;
131
+
132
+ RegisterInfo reg_info[XLNX_ZYNQMP_CAN_R_MAX];
133
+ uint32_t regs[XLNX_ZYNQMP_CAN_R_MAX];
134
+
135
+ Fifo32 rx_fifo;
136
+ Fifo32 tx_fifo;
137
+ Fifo32 txhpb_fifo;
138
+
139
+ ptimer_state *can_timer;
140
+} XlnxZynqMPCANState;
141
+
142
+#endif
143
diff --git a/hw/net/can/xlnx-zynqmp-can.c b/hw/net/can/xlnx-zynqmp-can.c
144
new file mode 100644
145
index XXXXXXX..XXXXXXX
146
--- /dev/null
147
+++ b/hw/net/can/xlnx-zynqmp-can.c
148
@@ -XXX,XX +XXX,XX @@
149
+/*
150
+ * QEMU model of the Xilinx ZynqMP CAN controller.
151
+ * This implementation is based on the following datasheet:
152
+ * https://www.xilinx.com/support/documentation/user_guides/ug1085-zynq-ultrascale-trm.pdf
153
+ *
154
+ * Copyright (c) 2020 Xilinx Inc.
155
+ *
156
+ * Written-by: Vikram Garhwal<fnu.vikram@xilinx.com>
157
+ *
158
+ * Based on QEMU CAN Device emulation implemented by Jin Yang, Deniz Eren and
159
+ * Pavel Pisa
160
+ *
161
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
162
+ * of this software and associated documentation files (the "Software"), to deal
163
+ * in the Software without restriction, including without limitation the rights
164
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
165
+ * copies of the Software, and to permit persons to whom the Software is
166
+ * furnished to do so, subject to the following conditions:
167
+ *
168
+ * The above copyright notice and this permission notice shall be included in
169
+ * all copies or substantial portions of the Software.
170
+ *
171
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
172
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
173
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
174
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
175
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
176
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
177
+ * THE SOFTWARE.
178
+ */
179
+
180
+#include "qemu/osdep.h"
181
+#include "hw/sysbus.h"
182
+#include "hw/register.h"
183
+#include "hw/irq.h"
184
+#include "qapi/error.h"
185
+#include "qemu/bitops.h"
186
+#include "qemu/log.h"
187
+#include "qemu/cutils.h"
188
+#include "sysemu/sysemu.h"
189
+#include "migration/vmstate.h"
190
+#include "hw/qdev-properties.h"
191
+#include "net/can_emu.h"
192
+#include "net/can_host.h"
193
+#include "qemu/event_notifier.h"
194
+#include "qom/object_interfaces.h"
195
+#include "hw/net/xlnx-zynqmp-can.h"
196
+#include "trace.h"
197
+
198
+#ifndef XLNX_ZYNQMP_CAN_ERR_DEBUG
199
+#define XLNX_ZYNQMP_CAN_ERR_DEBUG 0
200
+#endif
201
+
202
+#define MAX_DLC 8
203
+#undef ERROR
204
+
205
+REG32(SOFTWARE_RESET_REGISTER, 0x0)
206
+ FIELD(SOFTWARE_RESET_REGISTER, CEN, 1, 1)
207
+ FIELD(SOFTWARE_RESET_REGISTER, SRST, 0, 1)
208
+REG32(MODE_SELECT_REGISTER, 0x4)
209
+ FIELD(MODE_SELECT_REGISTER, SNOOP, 2, 1)
210
+ FIELD(MODE_SELECT_REGISTER, LBACK, 1, 1)
211
+ FIELD(MODE_SELECT_REGISTER, SLEEP, 0, 1)
212
+REG32(ARBITRATION_PHASE_BAUD_RATE_PRESCALER_REGISTER, 0x8)
213
+ FIELD(ARBITRATION_PHASE_BAUD_RATE_PRESCALER_REGISTER, BRP, 0, 8)
214
+REG32(ARBITRATION_PHASE_BIT_TIMING_REGISTER, 0xc)
215
+ FIELD(ARBITRATION_PHASE_BIT_TIMING_REGISTER, SJW, 7, 2)
216
+ FIELD(ARBITRATION_PHASE_BIT_TIMING_REGISTER, TS2, 4, 3)
217
+ FIELD(ARBITRATION_PHASE_BIT_TIMING_REGISTER, TS1, 0, 4)
218
+REG32(ERROR_COUNTER_REGISTER, 0x10)
219
+ FIELD(ERROR_COUNTER_REGISTER, REC, 8, 8)
220
+ FIELD(ERROR_COUNTER_REGISTER, TEC, 0, 8)
221
+REG32(ERROR_STATUS_REGISTER, 0x14)
222
+ FIELD(ERROR_STATUS_REGISTER, ACKER, 4, 1)
223
+ FIELD(ERROR_STATUS_REGISTER, BERR, 3, 1)
224
+ FIELD(ERROR_STATUS_REGISTER, STER, 2, 1)
225
+ FIELD(ERROR_STATUS_REGISTER, FMER, 1, 1)
226
+ FIELD(ERROR_STATUS_REGISTER, CRCER, 0, 1)
227
+REG32(STATUS_REGISTER, 0x18)
228
+ FIELD(STATUS_REGISTER, SNOOP, 12, 1)
229
+ FIELD(STATUS_REGISTER, ACFBSY, 11, 1)
230
+ FIELD(STATUS_REGISTER, TXFLL, 10, 1)
231
+ FIELD(STATUS_REGISTER, TXBFLL, 9, 1)
232
+ FIELD(STATUS_REGISTER, ESTAT, 7, 2)
233
+ FIELD(STATUS_REGISTER, ERRWRN, 6, 1)
234
+ FIELD(STATUS_REGISTER, BBSY, 5, 1)
235
+ FIELD(STATUS_REGISTER, BIDLE, 4, 1)
236
+ FIELD(STATUS_REGISTER, NORMAL, 3, 1)
237
+ FIELD(STATUS_REGISTER, SLEEP, 2, 1)
238
+ FIELD(STATUS_REGISTER, LBACK, 1, 1)
239
+ FIELD(STATUS_REGISTER, CONFIG, 0, 1)
240
+REG32(INTERRUPT_STATUS_REGISTER, 0x1c)
241
+ FIELD(INTERRUPT_STATUS_REGISTER, TXFEMP, 14, 1)
242
+ FIELD(INTERRUPT_STATUS_REGISTER, TXFWMEMP, 13, 1)
243
+ FIELD(INTERRUPT_STATUS_REGISTER, RXFWMFLL, 12, 1)
244
+ FIELD(INTERRUPT_STATUS_REGISTER, WKUP, 11, 1)
245
+ FIELD(INTERRUPT_STATUS_REGISTER, SLP, 10, 1)
246
+ FIELD(INTERRUPT_STATUS_REGISTER, BSOFF, 9, 1)
247
+ FIELD(INTERRUPT_STATUS_REGISTER, ERROR, 8, 1)
248
+ FIELD(INTERRUPT_STATUS_REGISTER, RXNEMP, 7, 1)
249
+ FIELD(INTERRUPT_STATUS_REGISTER, RXOFLW, 6, 1)
250
+ FIELD(INTERRUPT_STATUS_REGISTER, RXUFLW, 5, 1)
251
+ FIELD(INTERRUPT_STATUS_REGISTER, RXOK, 4, 1)
252
+ FIELD(INTERRUPT_STATUS_REGISTER, TXBFLL, 3, 1)
253
+ FIELD(INTERRUPT_STATUS_REGISTER, TXFLL, 2, 1)
254
+ FIELD(INTERRUPT_STATUS_REGISTER, TXOK, 1, 1)
255
+ FIELD(INTERRUPT_STATUS_REGISTER, ARBLST, 0, 1)
256
+REG32(INTERRUPT_ENABLE_REGISTER, 0x20)
257
+ FIELD(INTERRUPT_ENABLE_REGISTER, ETXFEMP, 14, 1)
258
+ FIELD(INTERRUPT_ENABLE_REGISTER, ETXFWMEMP, 13, 1)
259
+ FIELD(INTERRUPT_ENABLE_REGISTER, ERXFWMFLL, 12, 1)
260
+ FIELD(INTERRUPT_ENABLE_REGISTER, EWKUP, 11, 1)
261
+ FIELD(INTERRUPT_ENABLE_REGISTER, ESLP, 10, 1)
262
+ FIELD(INTERRUPT_ENABLE_REGISTER, EBSOFF, 9, 1)
263
+ FIELD(INTERRUPT_ENABLE_REGISTER, EERROR, 8, 1)
264
+ FIELD(INTERRUPT_ENABLE_REGISTER, ERXNEMP, 7, 1)
265
+ FIELD(INTERRUPT_ENABLE_REGISTER, ERXOFLW, 6, 1)
266
+ FIELD(INTERRUPT_ENABLE_REGISTER, ERXUFLW, 5, 1)
267
+ FIELD(INTERRUPT_ENABLE_REGISTER, ERXOK, 4, 1)
268
+ FIELD(INTERRUPT_ENABLE_REGISTER, ETXBFLL, 3, 1)
269
+ FIELD(INTERRUPT_ENABLE_REGISTER, ETXFLL, 2, 1)
270
+ FIELD(INTERRUPT_ENABLE_REGISTER, ETXOK, 1, 1)
271
+ FIELD(INTERRUPT_ENABLE_REGISTER, EARBLST, 0, 1)
272
+REG32(INTERRUPT_CLEAR_REGISTER, 0x24)
273
+ FIELD(INTERRUPT_CLEAR_REGISTER, CTXFEMP, 14, 1)
274
+ FIELD(INTERRUPT_CLEAR_REGISTER, CTXFWMEMP, 13, 1)
275
+ FIELD(INTERRUPT_CLEAR_REGISTER, CRXFWMFLL, 12, 1)
276
+ FIELD(INTERRUPT_CLEAR_REGISTER, CWKUP, 11, 1)
277
+ FIELD(INTERRUPT_CLEAR_REGISTER, CSLP, 10, 1)
278
+ FIELD(INTERRUPT_CLEAR_REGISTER, CBSOFF, 9, 1)
279
+ FIELD(INTERRUPT_CLEAR_REGISTER, CERROR, 8, 1)
280
+ FIELD(INTERRUPT_CLEAR_REGISTER, CRXNEMP, 7, 1)
281
+ FIELD(INTERRUPT_CLEAR_REGISTER, CRXOFLW, 6, 1)
282
+ FIELD(INTERRUPT_CLEAR_REGISTER, CRXUFLW, 5, 1)
283
+ FIELD(INTERRUPT_CLEAR_REGISTER, CRXOK, 4, 1)
284
+ FIELD(INTERRUPT_CLEAR_REGISTER, CTXBFLL, 3, 1)
285
+ FIELD(INTERRUPT_CLEAR_REGISTER, CTXFLL, 2, 1)
286
+ FIELD(INTERRUPT_CLEAR_REGISTER, CTXOK, 1, 1)
287
+ FIELD(INTERRUPT_CLEAR_REGISTER, CARBLST, 0, 1)
288
+REG32(TIMESTAMP_REGISTER, 0x28)
289
+ FIELD(TIMESTAMP_REGISTER, CTS, 0, 1)
290
+REG32(WIR, 0x2c)
291
+ FIELD(WIR, EW, 8, 8)
292
+ FIELD(WIR, FW, 0, 8)
293
+REG32(TXFIFO_ID, 0x30)
294
+ FIELD(TXFIFO_ID, IDH, 21, 11)
295
+ FIELD(TXFIFO_ID, SRRRTR, 20, 1)
296
+ FIELD(TXFIFO_ID, IDE, 19, 1)
297
+ FIELD(TXFIFO_ID, IDL, 1, 18)
298
+ FIELD(TXFIFO_ID, RTR, 0, 1)
299
+REG32(TXFIFO_DLC, 0x34)
300
+ FIELD(TXFIFO_DLC, DLC, 28, 4)
301
+REG32(TXFIFO_DATA1, 0x38)
302
+ FIELD(TXFIFO_DATA1, DB0, 24, 8)
303
+ FIELD(TXFIFO_DATA1, DB1, 16, 8)
304
+ FIELD(TXFIFO_DATA1, DB2, 8, 8)
305
+ FIELD(TXFIFO_DATA1, DB3, 0, 8)
306
+REG32(TXFIFO_DATA2, 0x3c)
307
+ FIELD(TXFIFO_DATA2, DB4, 24, 8)
308
+ FIELD(TXFIFO_DATA2, DB5, 16, 8)
309
+ FIELD(TXFIFO_DATA2, DB6, 8, 8)
310
+ FIELD(TXFIFO_DATA2, DB7, 0, 8)
311
+REG32(TXHPB_ID, 0x40)
312
+ FIELD(TXHPB_ID, IDH, 21, 11)
313
+ FIELD(TXHPB_ID, SRRRTR, 20, 1)
314
+ FIELD(TXHPB_ID, IDE, 19, 1)
315
+ FIELD(TXHPB_ID, IDL, 1, 18)
316
+ FIELD(TXHPB_ID, RTR, 0, 1)
317
+REG32(TXHPB_DLC, 0x44)
318
+ FIELD(TXHPB_DLC, DLC, 28, 4)
319
+REG32(TXHPB_DATA1, 0x48)
320
+ FIELD(TXHPB_DATA1, DB0, 24, 8)
321
+ FIELD(TXHPB_DATA1, DB1, 16, 8)
322
+ FIELD(TXHPB_DATA1, DB2, 8, 8)
323
+ FIELD(TXHPB_DATA1, DB3, 0, 8)
324
+REG32(TXHPB_DATA2, 0x4c)
325
+ FIELD(TXHPB_DATA2, DB4, 24, 8)
326
+ FIELD(TXHPB_DATA2, DB5, 16, 8)
327
+ FIELD(TXHPB_DATA2, DB6, 8, 8)
328
+ FIELD(TXHPB_DATA2, DB7, 0, 8)
329
+REG32(RXFIFO_ID, 0x50)
330
+ FIELD(RXFIFO_ID, IDH, 21, 11)
331
+ FIELD(RXFIFO_ID, SRRRTR, 20, 1)
332
+ FIELD(RXFIFO_ID, IDE, 19, 1)
333
+ FIELD(RXFIFO_ID, IDL, 1, 18)
334
+ FIELD(RXFIFO_ID, RTR, 0, 1)
335
+REG32(RXFIFO_DLC, 0x54)
336
+ FIELD(RXFIFO_DLC, DLC, 28, 4)
337
+ FIELD(RXFIFO_DLC, RXT, 0, 16)
338
+REG32(RXFIFO_DATA1, 0x58)
339
+ FIELD(RXFIFO_DATA1, DB0, 24, 8)
340
+ FIELD(RXFIFO_DATA1, DB1, 16, 8)
341
+ FIELD(RXFIFO_DATA1, DB2, 8, 8)
342
+ FIELD(RXFIFO_DATA1, DB3, 0, 8)
343
+REG32(RXFIFO_DATA2, 0x5c)
344
+ FIELD(RXFIFO_DATA2, DB4, 24, 8)
345
+ FIELD(RXFIFO_DATA2, DB5, 16, 8)
346
+ FIELD(RXFIFO_DATA2, DB6, 8, 8)
347
+ FIELD(RXFIFO_DATA2, DB7, 0, 8)
348
+REG32(AFR, 0x60)
349
+ FIELD(AFR, UAF4, 3, 1)
350
+ FIELD(AFR, UAF3, 2, 1)
351
+ FIELD(AFR, UAF2, 1, 1)
352
+ FIELD(AFR, UAF1, 0, 1)
353
+REG32(AFMR1, 0x64)
354
+ FIELD(AFMR1, AMIDH, 21, 11)
355
+ FIELD(AFMR1, AMSRR, 20, 1)
356
+ FIELD(AFMR1, AMIDE, 19, 1)
357
+ FIELD(AFMR1, AMIDL, 1, 18)
358
+ FIELD(AFMR1, AMRTR, 0, 1)
359
+REG32(AFIR1, 0x68)
360
+ FIELD(AFIR1, AIIDH, 21, 11)
361
+ FIELD(AFIR1, AISRR, 20, 1)
362
+ FIELD(AFIR1, AIIDE, 19, 1)
363
+ FIELD(AFIR1, AIIDL, 1, 18)
364
+ FIELD(AFIR1, AIRTR, 0, 1)
365
+REG32(AFMR2, 0x6c)
366
+ FIELD(AFMR2, AMIDH, 21, 11)
367
+ FIELD(AFMR2, AMSRR, 20, 1)
368
+ FIELD(AFMR2, AMIDE, 19, 1)
369
+ FIELD(AFMR2, AMIDL, 1, 18)
370
+ FIELD(AFMR2, AMRTR, 0, 1)
371
+REG32(AFIR2, 0x70)
372
+ FIELD(AFIR2, AIIDH, 21, 11)
373
+ FIELD(AFIR2, AISRR, 20, 1)
374
+ FIELD(AFIR2, AIIDE, 19, 1)
375
+ FIELD(AFIR2, AIIDL, 1, 18)
376
+ FIELD(AFIR2, AIRTR, 0, 1)
377
+REG32(AFMR3, 0x74)
378
+ FIELD(AFMR3, AMIDH, 21, 11)
379
+ FIELD(AFMR3, AMSRR, 20, 1)
380
+ FIELD(AFMR3, AMIDE, 19, 1)
381
+ FIELD(AFMR3, AMIDL, 1, 18)
382
+ FIELD(AFMR3, AMRTR, 0, 1)
383
+REG32(AFIR3, 0x78)
384
+ FIELD(AFIR3, AIIDH, 21, 11)
385
+ FIELD(AFIR3, AISRR, 20, 1)
386
+ FIELD(AFIR3, AIIDE, 19, 1)
387
+ FIELD(AFIR3, AIIDL, 1, 18)
388
+ FIELD(AFIR3, AIRTR, 0, 1)
389
+REG32(AFMR4, 0x7c)
390
+ FIELD(AFMR4, AMIDH, 21, 11)
391
+ FIELD(AFMR4, AMSRR, 20, 1)
392
+ FIELD(AFMR4, AMIDE, 19, 1)
393
+ FIELD(AFMR4, AMIDL, 1, 18)
394
+ FIELD(AFMR4, AMRTR, 0, 1)
395
+REG32(AFIR4, 0x80)
396
+ FIELD(AFIR4, AIIDH, 21, 11)
397
+ FIELD(AFIR4, AISRR, 20, 1)
398
+ FIELD(AFIR4, AIIDE, 19, 1)
399
+ FIELD(AFIR4, AIIDL, 1, 18)
400
+ FIELD(AFIR4, AIRTR, 0, 1)
401
+
402
+static void can_update_irq(XlnxZynqMPCANState *s)
403
+{
404
+ uint32_t irq;
405
+
406
+ /* Watermark register interrupts. */
407
+ if ((fifo32_num_free(&s->tx_fifo) / CAN_FRAME_SIZE) >
408
+ ARRAY_FIELD_EX32(s->regs, WIR, EW)) {
409
+ ARRAY_FIELD_DP32(s->regs, INTERRUPT_STATUS_REGISTER, TXFWMEMP, 1);
410
+ }
411
+
412
+ if ((fifo32_num_used(&s->rx_fifo) / CAN_FRAME_SIZE) >
413
+ ARRAY_FIELD_EX32(s->regs, WIR, FW)) {
414
+ ARRAY_FIELD_DP32(s->regs, INTERRUPT_STATUS_REGISTER, RXFWMFLL, 1);
415
+ }
416
+
417
+ /* RX Interrupts. */
418
+ if (fifo32_num_used(&s->rx_fifo) >= CAN_FRAME_SIZE) {
419
+ ARRAY_FIELD_DP32(s->regs, INTERRUPT_STATUS_REGISTER, RXNEMP, 1);
420
+ }
421
+
422
+ /* TX interrupts. */
423
+ if (fifo32_is_empty(&s->tx_fifo)) {
424
+ ARRAY_FIELD_DP32(s->regs, INTERRUPT_STATUS_REGISTER, TXFEMP, 1);
425
+ }
426
+
427
+ if (fifo32_is_full(&s->tx_fifo)) {
428
+ ARRAY_FIELD_DP32(s->regs, INTERRUPT_STATUS_REGISTER, TXFLL, 1);
429
+ }
430
+
431
+ if (fifo32_is_full(&s->txhpb_fifo)) {
432
+ ARRAY_FIELD_DP32(s->regs, INTERRUPT_STATUS_REGISTER, TXBFLL, 1);
433
+ }
434
+
435
+ irq = s->regs[R_INTERRUPT_STATUS_REGISTER];
436
+ irq &= s->regs[R_INTERRUPT_ENABLE_REGISTER];
437
+
438
+ trace_xlnx_can_update_irq(s->regs[R_INTERRUPT_STATUS_REGISTER],
439
+ s->regs[R_INTERRUPT_ENABLE_REGISTER], irq);
440
+ qemu_set_irq(s->irq, irq);
441
+}
442
+
443
+static void can_ier_post_write(RegisterInfo *reg, uint64_t val)
444
+{
445
+ XlnxZynqMPCANState *s = XLNX_ZYNQMP_CAN(reg->opaque);
446
+
447
+ can_update_irq(s);
448
+}
449
+
450
+static uint64_t can_icr_pre_write(RegisterInfo *reg, uint64_t val)
451
+{
452
+ XlnxZynqMPCANState *s = XLNX_ZYNQMP_CAN(reg->opaque);
453
+
454
+ s->regs[R_INTERRUPT_STATUS_REGISTER] &= ~val;
455
+ can_update_irq(s);
456
+
457
+ return 0;
458
+}
459
+
460
+static void can_config_reset(XlnxZynqMPCANState *s)
461
+{
462
+ /* Reset all the configuration registers. */
463
+ register_reset(&s->reg_info[R_SOFTWARE_RESET_REGISTER]);
464
+ register_reset(&s->reg_info[R_MODE_SELECT_REGISTER]);
465
+ register_reset(
466
+ &s->reg_info[R_ARBITRATION_PHASE_BAUD_RATE_PRESCALER_REGISTER]);
467
+ register_reset(&s->reg_info[R_ARBITRATION_PHASE_BIT_TIMING_REGISTER]);
468
+ register_reset(&s->reg_info[R_STATUS_REGISTER]);
469
+ register_reset(&s->reg_info[R_INTERRUPT_STATUS_REGISTER]);
470
+ register_reset(&s->reg_info[R_INTERRUPT_ENABLE_REGISTER]);
471
+ register_reset(&s->reg_info[R_INTERRUPT_CLEAR_REGISTER]);
472
+ register_reset(&s->reg_info[R_WIR]);
473
+}
474
+
475
+static void can_config_mode(XlnxZynqMPCANState *s)
476
+{
477
+ register_reset(&s->reg_info[R_ERROR_COUNTER_REGISTER]);
478
+ register_reset(&s->reg_info[R_ERROR_STATUS_REGISTER]);
479
+
480
+ /* Put XlnxZynqMPCAN in configuration mode. */
481
+ ARRAY_FIELD_DP32(s->regs, STATUS_REGISTER, CONFIG, 1);
482
+ ARRAY_FIELD_DP32(s->regs, INTERRUPT_STATUS_REGISTER, WKUP, 0);
483
+ ARRAY_FIELD_DP32(s->regs, INTERRUPT_STATUS_REGISTER, SLP, 0);
484
+ ARRAY_FIELD_DP32(s->regs, INTERRUPT_STATUS_REGISTER, BSOFF, 0);
485
+ ARRAY_FIELD_DP32(s->regs, INTERRUPT_STATUS_REGISTER, ERROR, 0);
486
+ ARRAY_FIELD_DP32(s->regs, INTERRUPT_STATUS_REGISTER, RXOFLW, 0);
487
+ ARRAY_FIELD_DP32(s->regs, INTERRUPT_STATUS_REGISTER, RXOK, 0);
488
+ ARRAY_FIELD_DP32(s->regs, INTERRUPT_STATUS_REGISTER, TXOK, 0);
489
+ ARRAY_FIELD_DP32(s->regs, INTERRUPT_STATUS_REGISTER, ARBLST, 0);
490
+
491
+ can_update_irq(s);
492
+}
493
+
494
+static void update_status_register_mode_bits(XlnxZynqMPCANState *s)
495
+{
496
+ bool sleep_status = ARRAY_FIELD_EX32(s->regs, STATUS_REGISTER, SLEEP);
497
+ bool sleep_mode = ARRAY_FIELD_EX32(s->regs, MODE_SELECT_REGISTER, SLEEP);
498
+ /* Wake up interrupt bit. */
499
+ bool wakeup_irq_val = sleep_status && (sleep_mode == 0);
500
+ /* Sleep interrupt bit. */
501
+ bool sleep_irq_val = sleep_mode && (sleep_status == 0);
502
+
503
+ /* Clear previous core mode status bits. */
504
+ ARRAY_FIELD_DP32(s->regs, STATUS_REGISTER, LBACK, 0);
505
+ ARRAY_FIELD_DP32(s->regs, STATUS_REGISTER, SLEEP, 0);
506
+ ARRAY_FIELD_DP32(s->regs, STATUS_REGISTER, SNOOP, 0);
507
+ ARRAY_FIELD_DP32(s->regs, STATUS_REGISTER, NORMAL, 0);
508
+
509
+ /* set current mode bit and generate irqs accordingly. */
510
+ if (ARRAY_FIELD_EX32(s->regs, MODE_SELECT_REGISTER, LBACK)) {
511
+ ARRAY_FIELD_DP32(s->regs, STATUS_REGISTER, LBACK, 1);
512
+ } else if (ARRAY_FIELD_EX32(s->regs, MODE_SELECT_REGISTER, SLEEP)) {
513
+ ARRAY_FIELD_DP32(s->regs, STATUS_REGISTER, SLEEP, 1);
514
+ ARRAY_FIELD_DP32(s->regs, INTERRUPT_STATUS_REGISTER, SLP,
515
+ sleep_irq_val);
516
+ } else if (ARRAY_FIELD_EX32(s->regs, MODE_SELECT_REGISTER, SNOOP)) {
517
+ ARRAY_FIELD_DP32(s->regs, STATUS_REGISTER, SNOOP, 1);
518
+ } else {
519
+ /*
520
+ * If all bits are zero then XlnxZynqMPCAN is set in normal mode.
521
+ */
522
+ ARRAY_FIELD_DP32(s->regs, STATUS_REGISTER, NORMAL, 1);
523
+ /* Set wakeup interrupt bit. */
524
+ ARRAY_FIELD_DP32(s->regs, INTERRUPT_STATUS_REGISTER, WKUP,
525
+ wakeup_irq_val);
526
+ }
527
+
528
+ can_update_irq(s);
529
+}
530
+
531
+static void can_exit_sleep_mode(XlnxZynqMPCANState *s)
532
+{
533
+ ARRAY_FIELD_DP32(s->regs, MODE_SELECT_REGISTER, SLEEP, 0);
534
+ update_status_register_mode_bits(s);
535
+}
536
+
537
+static void generate_frame(qemu_can_frame *frame, uint32_t *data)
538
+{
539
+ frame->can_id = data[0];
540
+ frame->can_dlc = FIELD_EX32(data[1], TXFIFO_DLC, DLC);
541
+
542
+ frame->data[0] = FIELD_EX32(data[2], TXFIFO_DATA1, DB3);
543
+ frame->data[1] = FIELD_EX32(data[2], TXFIFO_DATA1, DB2);
544
+ frame->data[2] = FIELD_EX32(data[2], TXFIFO_DATA1, DB1);
545
+ frame->data[3] = FIELD_EX32(data[2], TXFIFO_DATA1, DB0);
546
+
547
+ frame->data[4] = FIELD_EX32(data[3], TXFIFO_DATA2, DB7);
548
+ frame->data[5] = FIELD_EX32(data[3], TXFIFO_DATA2, DB6);
549
+ frame->data[6] = FIELD_EX32(data[3], TXFIFO_DATA2, DB5);
550
+ frame->data[7] = FIELD_EX32(data[3], TXFIFO_DATA2, DB4);
551
+}
552
+
553
+static bool tx_ready_check(XlnxZynqMPCANState *s)
554
+{
555
+ if (ARRAY_FIELD_EX32(s->regs, SOFTWARE_RESET_REGISTER, SRST)) {
556
+ g_autofree char *path = object_get_canonical_path(OBJECT(s));
557
+
558
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Attempting to transfer data while"
559
+ " data while controller is in reset mode.\n",
560
+ path);
561
+ return false;
562
+ }
563
+
564
+ if (ARRAY_FIELD_EX32(s->regs, SOFTWARE_RESET_REGISTER, CEN) == 0) {
565
+ g_autofree char *path = object_get_canonical_path(OBJECT(s));
566
+
567
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Attempting to transfer"
568
+ " data while controller is in configuration mode. Reset"
569
+ " the core so operations can start fresh.\n",
570
+ path);
571
+ return false;
572
+ }
573
+
574
+ if (ARRAY_FIELD_EX32(s->regs, STATUS_REGISTER, SNOOP)) {
575
+ g_autofree char *path = object_get_canonical_path(OBJECT(s));
576
+
577
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Attempting to transfer"
578
+ " data while controller is in SNOOP MODE.\n",
579
+ path);
580
+ return false;
581
+ }
582
+
583
+ return true;
584
+}
585
+
586
+static void transfer_fifo(XlnxZynqMPCANState *s, Fifo32 *fifo)
587
+{
588
+ qemu_can_frame frame;
589
+ uint32_t data[CAN_FRAME_SIZE];
590
+ int i;
591
+ bool can_tx = tx_ready_check(s);
592
+
593
+ if (!can_tx) {
594
+ g_autofree char *path = object_get_canonical_path(OBJECT(s));
595
+
596
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Controller is not enabled for data"
597
+ " transfer.\n", path);
598
+ can_update_irq(s);
599
+ return;
600
+ }
601
+
602
+ while (!fifo32_is_empty(fifo)) {
603
+ for (i = 0; i < CAN_FRAME_SIZE; i++) {
604
+ data[i] = fifo32_pop(fifo);
605
+ }
606
+
607
+ if (ARRAY_FIELD_EX32(s->regs, STATUS_REGISTER, LBACK)) {
608
+ /*
609
+ * Controller is in loopback. In Loopback mode, the CAN core
610
+ * transmits a recessive bitstream on to the XlnxZynqMPCAN Bus.
611
+ * Any message transmitted is looped back to the RX line and
612
+ * acknowledged. The XlnxZynqMPCAN core receives any message
613
+ * that it transmits.
614
+ */
615
+ if (fifo32_is_full(&s->rx_fifo)) {
616
+ ARRAY_FIELD_DP32(s->regs, INTERRUPT_STATUS_REGISTER, RXOFLW, 1);
617
+ } else {
618
+ for (i = 0; i < CAN_FRAME_SIZE; i++) {
619
+ fifo32_push(&s->rx_fifo, data[i]);
620
+ }
621
+
622
+ ARRAY_FIELD_DP32(s->regs, INTERRUPT_STATUS_REGISTER, RXOK, 1);
623
+ }
624
+ } else {
625
+ /* Normal mode Tx. */
626
+ generate_frame(&frame, data);
627
+
628
+ trace_xlnx_can_tx_data(frame.can_id, frame.can_dlc,
629
+ frame.data[0], frame.data[1],
630
+ frame.data[2], frame.data[3],
631
+ frame.data[4], frame.data[5],
632
+ frame.data[6], frame.data[7]);
633
+ can_bus_client_send(&s->bus_client, &frame, 1);
634
+ }
635
+ }
636
+
637
+ ARRAY_FIELD_DP32(s->regs, INTERRUPT_STATUS_REGISTER, TXOK, 1);
638
+ ARRAY_FIELD_DP32(s->regs, STATUS_REGISTER, TXBFLL, 0);
639
+
640
+ if (ARRAY_FIELD_EX32(s->regs, STATUS_REGISTER, SLEEP)) {
641
+ can_exit_sleep_mode(s);
642
+ }
643
+
644
+ can_update_irq(s);
645
+}
646
+
647
+static uint64_t can_srr_pre_write(RegisterInfo *reg, uint64_t val)
648
+{
649
+ XlnxZynqMPCANState *s = XLNX_ZYNQMP_CAN(reg->opaque);
650
+
651
+ ARRAY_FIELD_DP32(s->regs, SOFTWARE_RESET_REGISTER, CEN,
652
+ FIELD_EX32(val, SOFTWARE_RESET_REGISTER, CEN));
653
+
654
+ if (FIELD_EX32(val, SOFTWARE_RESET_REGISTER, SRST)) {
655
+ trace_xlnx_can_reset(val);
656
+
657
+ /* First, core will do software reset then will enter in config mode. */
658
+ can_config_reset(s);
659
+ }
660
+
661
+ if (ARRAY_FIELD_EX32(s->regs, SOFTWARE_RESET_REGISTER, CEN) == 0) {
662
+ can_config_mode(s);
663
+ } else {
664
+ /*
665
+ * Leave config mode. Now XlnxZynqMPCAN core will enter normal,
666
+ * sleep, snoop or loopback mode depending upon LBACK, SLEEP, SNOOP
667
+ * register states.
668
+ */
669
+ ARRAY_FIELD_DP32(s->regs, STATUS_REGISTER, CONFIG, 0);
670
+
671
+ ptimer_transaction_begin(s->can_timer);
672
+ ptimer_set_count(s->can_timer, 0);
673
+ ptimer_transaction_commit(s->can_timer);
674
+
675
+ /* XlnxZynqMPCAN is out of config mode. It will send pending data. */
676
+ transfer_fifo(s, &s->txhpb_fifo);
677
+ transfer_fifo(s, &s->tx_fifo);
678
+ }
679
+
680
+ update_status_register_mode_bits(s);
681
+
682
+ return s->regs[R_SOFTWARE_RESET_REGISTER];
683
+}
684
+
685
+static uint64_t can_msr_pre_write(RegisterInfo *reg, uint64_t val)
686
+{
687
+ XlnxZynqMPCANState *s = XLNX_ZYNQMP_CAN(reg->opaque);
688
+ uint8_t multi_mode;
689
+
690
+ /*
691
+ * Multiple mode set check. This is done to make sure user doesn't set
692
+ * multiple modes.
693
+ */
694
+ multi_mode = FIELD_EX32(val, MODE_SELECT_REGISTER, LBACK) +
695
+ FIELD_EX32(val, MODE_SELECT_REGISTER, SLEEP) +
696
+ FIELD_EX32(val, MODE_SELECT_REGISTER, SNOOP);
697
+
698
+ if (multi_mode > 1) {
699
+ g_autofree char *path = object_get_canonical_path(OBJECT(s));
700
+
701
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Attempting to config"
702
+ " several modes simultaneously. One mode will be selected"
703
+ " according to their priority: LBACK > SLEEP > SNOOP.\n",
704
+ path);
705
+ }
706
+
707
+ if (ARRAY_FIELD_EX32(s->regs, SOFTWARE_RESET_REGISTER, CEN) == 0) {
708
+ /* We are in configuration mode, any mode can be selected. */
709
+ s->regs[R_MODE_SELECT_REGISTER] = val;
710
+ } else {
711
+ bool sleep_mode_bit = FIELD_EX32(val, MODE_SELECT_REGISTER, SLEEP);
712
+
713
+ ARRAY_FIELD_DP32(s->regs, MODE_SELECT_REGISTER, SLEEP, sleep_mode_bit);
714
+
715
+ if (FIELD_EX32(val, MODE_SELECT_REGISTER, LBACK)) {
716
+ g_autofree char *path = object_get_canonical_path(OBJECT(s));
717
+
718
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Attempting to set"
719
+ " LBACK mode without setting CEN bit as 0.\n",
720
+ path);
721
+ } else if (FIELD_EX32(val, MODE_SELECT_REGISTER, SNOOP)) {
722
+ g_autofree char *path = object_get_canonical_path(OBJECT(s));
723
+
724
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Attempting to set"
725
+ " SNOOP mode without setting CEN bit as 0.\n",
726
+ path);
727
+ }
728
+
729
+ update_status_register_mode_bits(s);
730
+ }
731
+
732
+ return s->regs[R_MODE_SELECT_REGISTER];
733
+}
734
+
735
+static uint64_t can_brpr_pre_write(RegisterInfo *reg, uint64_t val)
736
+{
737
+ XlnxZynqMPCANState *s = XLNX_ZYNQMP_CAN(reg->opaque);
738
+
739
+ /* Only allow writes when in config mode. */
740
+ if (ARRAY_FIELD_EX32(s->regs, SOFTWARE_RESET_REGISTER, CEN)) {
741
+ return s->regs[R_ARBITRATION_PHASE_BAUD_RATE_PRESCALER_REGISTER];
742
+ }
743
+
744
+ return val;
745
+}
746
+
747
+static uint64_t can_btr_pre_write(RegisterInfo *reg, uint64_t val)
748
+{
749
+ XlnxZynqMPCANState *s = XLNX_ZYNQMP_CAN(reg->opaque);
750
+
751
+ /* Only allow writes when in config mode. */
752
+ if (ARRAY_FIELD_EX32(s->regs, SOFTWARE_RESET_REGISTER, CEN)) {
753
+ return s->regs[R_ARBITRATION_PHASE_BIT_TIMING_REGISTER];
754
+ }
755
+
756
+ return val;
757
+}
758
+
759
+static uint64_t can_tcr_pre_write(RegisterInfo *reg, uint64_t val)
760
+{
761
+ XlnxZynqMPCANState *s = XLNX_ZYNQMP_CAN(reg->opaque);
762
+
763
+ if (FIELD_EX32(val, TIMESTAMP_REGISTER, CTS)) {
764
+ ptimer_transaction_begin(s->can_timer);
765
+ ptimer_set_count(s->can_timer, 0);
766
+ ptimer_transaction_commit(s->can_timer);
767
+ }
768
+
769
+ return 0;
770
+}
771
+
772
+static void update_rx_fifo(XlnxZynqMPCANState *s, const qemu_can_frame *frame)
773
+{
774
+ bool filter_pass = false;
775
+ uint16_t timestamp = 0;
776
+
777
+ /* If no filter is enabled. Message will be stored in FIFO. */
778
+ if (!((ARRAY_FIELD_EX32(s->regs, AFR, UAF1)) |
779
+ (ARRAY_FIELD_EX32(s->regs, AFR, UAF2)) |
780
+ (ARRAY_FIELD_EX32(s->regs, AFR, UAF3)) |
781
+ (ARRAY_FIELD_EX32(s->regs, AFR, UAF4)))) {
782
+ filter_pass = true;
783
+ }
784
+
785
+ /*
786
+ * Messages that pass any of the acceptance filters will be stored in
787
+ * the RX FIFO.
788
+ */
789
+ if (ARRAY_FIELD_EX32(s->regs, AFR, UAF1)) {
790
+ uint32_t id_masked = s->regs[R_AFMR1] & frame->can_id;
791
+ uint32_t filter_id_masked = s->regs[R_AFMR1] & s->regs[R_AFIR1];
792
+
793
+ if (filter_id_masked == id_masked) {
794
+ filter_pass = true;
795
+ }
796
+ }
797
+
798
+ if (ARRAY_FIELD_EX32(s->regs, AFR, UAF2)) {
799
+ uint32_t id_masked = s->regs[R_AFMR2] & frame->can_id;
800
+ uint32_t filter_id_masked = s->regs[R_AFMR2] & s->regs[R_AFIR2];
801
+
802
+ if (filter_id_masked == id_masked) {
803
+ filter_pass = true;
804
+ }
805
+ }
806
+
807
+ if (ARRAY_FIELD_EX32(s->regs, AFR, UAF3)) {
808
+ uint32_t id_masked = s->regs[R_AFMR3] & frame->can_id;
809
+ uint32_t filter_id_masked = s->regs[R_AFMR3] & s->regs[R_AFIR3];
810
+
811
+ if (filter_id_masked == id_masked) {
812
+ filter_pass = true;
813
+ }
814
+ }
815
+
816
+ if (ARRAY_FIELD_EX32(s->regs, AFR, UAF4)) {
817
+ uint32_t id_masked = s->regs[R_AFMR4] & frame->can_id;
818
+ uint32_t filter_id_masked = s->regs[R_AFMR4] & s->regs[R_AFIR4];
819
+
820
+ if (filter_id_masked == id_masked) {
821
+ filter_pass = true;
822
+ }
823
+ }
824
+
825
+ if (!filter_pass) {
826
+ trace_xlnx_can_rx_fifo_filter_reject(frame->can_id, frame->can_dlc);
827
+ return;
828
+ }
829
+
830
+ /* Store the message in fifo if it passed through any of the filters. */
831
+ if (filter_pass && frame->can_dlc <= MAX_DLC) {
832
+
833
+ if (fifo32_is_full(&s->rx_fifo)) {
834
+ ARRAY_FIELD_DP32(s->regs, INTERRUPT_STATUS_REGISTER, RXOFLW, 1);
835
+ } else {
836
+ timestamp = CAN_TIMER_MAX - ptimer_get_count(s->can_timer);
837
+
838
+ fifo32_push(&s->rx_fifo, frame->can_id);
839
+
840
+ fifo32_push(&s->rx_fifo, deposit32(0, R_RXFIFO_DLC_DLC_SHIFT,
841
+ R_RXFIFO_DLC_DLC_LENGTH,
842
+ frame->can_dlc) |
843
+ deposit32(0, R_RXFIFO_DLC_RXT_SHIFT,
844
+ R_RXFIFO_DLC_RXT_LENGTH,
845
+ timestamp));
846
+
847
+ /* First 32 bit of the data. */
848
+ fifo32_push(&s->rx_fifo, deposit32(0, R_TXFIFO_DATA1_DB3_SHIFT,
849
+ R_TXFIFO_DATA1_DB3_LENGTH,
850
+ frame->data[0]) |
851
+ deposit32(0, R_TXFIFO_DATA1_DB2_SHIFT,
852
+ R_TXFIFO_DATA1_DB2_LENGTH,
853
+ frame->data[1]) |
854
+ deposit32(0, R_TXFIFO_DATA1_DB1_SHIFT,
855
+ R_TXFIFO_DATA1_DB1_LENGTH,
856
+ frame->data[2]) |
857
+ deposit32(0, R_TXFIFO_DATA1_DB0_SHIFT,
858
+ R_TXFIFO_DATA1_DB0_LENGTH,
859
+ frame->data[3]));
860
+ /* Last 32 bit of the data. */
861
+ fifo32_push(&s->rx_fifo, deposit32(0, R_TXFIFO_DATA2_DB7_SHIFT,
862
+ R_TXFIFO_DATA2_DB7_LENGTH,
863
+ frame->data[4]) |
864
+ deposit32(0, R_TXFIFO_DATA2_DB6_SHIFT,
865
+ R_TXFIFO_DATA2_DB6_LENGTH,
866
+ frame->data[5]) |
867
+ deposit32(0, R_TXFIFO_DATA2_DB5_SHIFT,
868
+ R_TXFIFO_DATA2_DB5_LENGTH,
869
+ frame->data[6]) |
870
+ deposit32(0, R_TXFIFO_DATA2_DB4_SHIFT,
871
+ R_TXFIFO_DATA2_DB4_LENGTH,
872
+ frame->data[7]));
873
+
874
+ ARRAY_FIELD_DP32(s->regs, INTERRUPT_STATUS_REGISTER, RXOK, 1);
875
+ trace_xlnx_can_rx_data(frame->can_id, frame->can_dlc,
876
+ frame->data[0], frame->data[1],
877
+ frame->data[2], frame->data[3],
878
+ frame->data[4], frame->data[5],
879
+ frame->data[6], frame->data[7]);
880
+ }
881
+
882
+ can_update_irq(s);
883
+ }
884
+}
885
+
886
+static uint64_t can_rxfifo_pre_read(RegisterInfo *reg, uint64_t val)
887
+{
888
+ XlnxZynqMPCANState *s = XLNX_ZYNQMP_CAN(reg->opaque);
889
+
890
+ if (!fifo32_is_empty(&s->rx_fifo)) {
891
+ val = fifo32_pop(&s->rx_fifo);
892
+ } else {
893
+ ARRAY_FIELD_DP32(s->regs, INTERRUPT_STATUS_REGISTER, RXUFLW, 1);
894
+ }
895
+
896
+ can_update_irq(s);
897
+ return val;
898
+}
899
+
900
+static void can_filter_enable_post_write(RegisterInfo *reg, uint64_t val)
901
+{
902
+ XlnxZynqMPCANState *s = XLNX_ZYNQMP_CAN(reg->opaque);
903
+
904
+ if (ARRAY_FIELD_EX32(s->regs, AFR, UAF1) &&
905
+ ARRAY_FIELD_EX32(s->regs, AFR, UAF2) &&
906
+ ARRAY_FIELD_EX32(s->regs, AFR, UAF3) &&
907
+ ARRAY_FIELD_EX32(s->regs, AFR, UAF4)) {
908
+ ARRAY_FIELD_DP32(s->regs, STATUS_REGISTER, ACFBSY, 1);
909
+ } else {
910
+ ARRAY_FIELD_DP32(s->regs, STATUS_REGISTER, ACFBSY, 0);
911
+ }
912
+}
913
+
914
+static uint64_t can_filter_mask_pre_write(RegisterInfo *reg, uint64_t val)
915
+{
916
+ XlnxZynqMPCANState *s = XLNX_ZYNQMP_CAN(reg->opaque);
917
+ uint32_t reg_idx = (reg->access->addr) / 4;
918
+ uint32_t filter_number = (reg_idx - R_AFMR1) / 2;
919
+
920
+ /* modify an acceptance filter, the corresponding UAF bit should be '0'. */
921
+ if (!(s->regs[R_AFR] & (1 << filter_number))) {
922
+ s->regs[reg_idx] = val;
923
+
924
+ trace_xlnx_can_filter_mask_pre_write(filter_number, s->regs[reg_idx]);
925
+ } else {
926
+ g_autofree char *path = object_get_canonical_path(OBJECT(s));
927
+
928
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Acceptance filter %d"
929
+ " mask is not set as corresponding UAF bit is not 0.\n",
930
+ path, filter_number + 1);
931
+ }
932
+
933
+ return s->regs[reg_idx];
934
+}
935
+
936
+static uint64_t can_filter_id_pre_write(RegisterInfo *reg, uint64_t val)
937
+{
938
+ XlnxZynqMPCANState *s = XLNX_ZYNQMP_CAN(reg->opaque);
939
+ uint32_t reg_idx = (reg->access->addr) / 4;
940
+ uint32_t filter_number = (reg_idx - R_AFIR1) / 2;
941
+
942
+ if (!(s->regs[R_AFR] & (1 << filter_number))) {
943
+ s->regs[reg_idx] = val;
944
+
945
+ trace_xlnx_can_filter_id_pre_write(filter_number, s->regs[reg_idx]);
946
+ } else {
947
+ g_autofree char *path = object_get_canonical_path(OBJECT(s));
948
+
949
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Acceptance filter %d"
950
+ " id is not set as corresponding UAF bit is not 0.\n",
951
+ path, filter_number + 1);
952
+ }
953
+
954
+ return s->regs[reg_idx];
955
+}
956
+
957
+static void can_tx_post_write(RegisterInfo *reg, uint64_t val)
958
+{
959
+ XlnxZynqMPCANState *s = XLNX_ZYNQMP_CAN(reg->opaque);
960
+
961
+ bool is_txhpb = reg->access->addr > A_TXFIFO_DATA2;
962
+
963
+ bool initiate_transfer = (reg->access->addr == A_TXFIFO_DATA2) ||
964
+ (reg->access->addr == A_TXHPB_DATA2);
965
+
966
+ Fifo32 *f = is_txhpb ? &s->txhpb_fifo : &s->tx_fifo;
967
+
968
+ if (!fifo32_is_full(f)) {
969
+ fifo32_push(f, val);
970
+ } else {
971
+ g_autofree char *path = object_get_canonical_path(OBJECT(s));
972
+
973
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: TX FIFO is full.\n", path);
974
+ }
975
+
976
+ /* Initiate the message send if TX register is written. */
977
+ if (initiate_transfer &&
978
+ ARRAY_FIELD_EX32(s->regs, SOFTWARE_RESET_REGISTER, CEN)) {
979
+ transfer_fifo(s, f);
980
+ }
981
+
982
+ can_update_irq(s);
983
+}
984
+
985
+static const RegisterAccessInfo can_regs_info[] = {
986
+ { .name = "SOFTWARE_RESET_REGISTER",
987
+ .addr = A_SOFTWARE_RESET_REGISTER,
988
+ .rsvd = 0xfffffffc,
989
+ .pre_write = can_srr_pre_write,
990
+ },{ .name = "MODE_SELECT_REGISTER",
991
+ .addr = A_MODE_SELECT_REGISTER,
992
+ .rsvd = 0xfffffff8,
993
+ .pre_write = can_msr_pre_write,
994
+ },{ .name = "ARBITRATION_PHASE_BAUD_RATE_PRESCALER_REGISTER",
995
+ .addr = A_ARBITRATION_PHASE_BAUD_RATE_PRESCALER_REGISTER,
996
+ .rsvd = 0xffffff00,
997
+ .pre_write = can_brpr_pre_write,
998
+ },{ .name = "ARBITRATION_PHASE_BIT_TIMING_REGISTER",
999
+ .addr = A_ARBITRATION_PHASE_BIT_TIMING_REGISTER,
1000
+ .rsvd = 0xfffffe00,
1001
+ .pre_write = can_btr_pre_write,
1002
+ },{ .name = "ERROR_COUNTER_REGISTER",
1003
+ .addr = A_ERROR_COUNTER_REGISTER,
1004
+ .rsvd = 0xffff0000,
1005
+ .ro = 0xffffffff,
1006
+ },{ .name = "ERROR_STATUS_REGISTER",
1007
+ .addr = A_ERROR_STATUS_REGISTER,
1008
+ .rsvd = 0xffffffe0,
1009
+ .w1c = 0x1f,
1010
+ },{ .name = "STATUS_REGISTER", .addr = A_STATUS_REGISTER,
1011
+ .reset = 0x1,
1012
+ .rsvd = 0xffffe000,
1013
+ .ro = 0x1fff,
1014
+ },{ .name = "INTERRUPT_STATUS_REGISTER",
1015
+ .addr = A_INTERRUPT_STATUS_REGISTER,
1016
+ .reset = 0x6000,
1017
+ .rsvd = 0xffff8000,
1018
+ .ro = 0x7fff,
1019
+ },{ .name = "INTERRUPT_ENABLE_REGISTER",
1020
+ .addr = A_INTERRUPT_ENABLE_REGISTER,
1021
+ .rsvd = 0xffff8000,
1022
+ .post_write = can_ier_post_write,
1023
+ },{ .name = "INTERRUPT_CLEAR_REGISTER",
1024
+ .addr = A_INTERRUPT_CLEAR_REGISTER,
1025
+ .rsvd = 0xffff8000,
1026
+ .pre_write = can_icr_pre_write,
1027
+ },{ .name = "TIMESTAMP_REGISTER",
1028
+ .addr = A_TIMESTAMP_REGISTER,
1029
+ .rsvd = 0xfffffffe,
1030
+ .pre_write = can_tcr_pre_write,
1031
+ },{ .name = "WIR", .addr = A_WIR,
1032
+ .reset = 0x3f3f,
1033
+ .rsvd = 0xffff0000,
1034
+ },{ .name = "TXFIFO_ID", .addr = A_TXFIFO_ID,
1035
+ .post_write = can_tx_post_write,
1036
+ },{ .name = "TXFIFO_DLC", .addr = A_TXFIFO_DLC,
1037
+ .rsvd = 0xfffffff,
1038
+ .post_write = can_tx_post_write,
1039
+ },{ .name = "TXFIFO_DATA1", .addr = A_TXFIFO_DATA1,
1040
+ .post_write = can_tx_post_write,
1041
+ },{ .name = "TXFIFO_DATA2", .addr = A_TXFIFO_DATA2,
1042
+ .post_write = can_tx_post_write,
1043
+ },{ .name = "TXHPB_ID", .addr = A_TXHPB_ID,
1044
+ .post_write = can_tx_post_write,
1045
+ },{ .name = "TXHPB_DLC", .addr = A_TXHPB_DLC,
1046
+ .rsvd = 0xfffffff,
1047
+ .post_write = can_tx_post_write,
1048
+ },{ .name = "TXHPB_DATA1", .addr = A_TXHPB_DATA1,
1049
+ .post_write = can_tx_post_write,
1050
+ },{ .name = "TXHPB_DATA2", .addr = A_TXHPB_DATA2,
1051
+ .post_write = can_tx_post_write,
1052
+ },{ .name = "RXFIFO_ID", .addr = A_RXFIFO_ID,
1053
+ .ro = 0xffffffff,
1054
+ .post_read = can_rxfifo_pre_read,
1055
+ },{ .name = "RXFIFO_DLC", .addr = A_RXFIFO_DLC,
1056
+ .rsvd = 0xfff0000,
1057
+ .post_read = can_rxfifo_pre_read,
1058
+ },{ .name = "RXFIFO_DATA1", .addr = A_RXFIFO_DATA1,
1059
+ .post_read = can_rxfifo_pre_read,
1060
+ },{ .name = "RXFIFO_DATA2", .addr = A_RXFIFO_DATA2,
1061
+ .post_read = can_rxfifo_pre_read,
1062
+ },{ .name = "AFR", .addr = A_AFR,
1063
+ .rsvd = 0xfffffff0,
1064
+ .post_write = can_filter_enable_post_write,
1065
+ },{ .name = "AFMR1", .addr = A_AFMR1,
1066
+ .pre_write = can_filter_mask_pre_write,
1067
+ },{ .name = "AFIR1", .addr = A_AFIR1,
1068
+ .pre_write = can_filter_id_pre_write,
1069
+ },{ .name = "AFMR2", .addr = A_AFMR2,
1070
+ .pre_write = can_filter_mask_pre_write,
1071
+ },{ .name = "AFIR2", .addr = A_AFIR2,
1072
+ .pre_write = can_filter_id_pre_write,
1073
+ },{ .name = "AFMR3", .addr = A_AFMR3,
1074
+ .pre_write = can_filter_mask_pre_write,
1075
+ },{ .name = "AFIR3", .addr = A_AFIR3,
1076
+ .pre_write = can_filter_id_pre_write,
1077
+ },{ .name = "AFMR4", .addr = A_AFMR4,
1078
+ .pre_write = can_filter_mask_pre_write,
1079
+ },{ .name = "AFIR4", .addr = A_AFIR4,
1080
+ .pre_write = can_filter_id_pre_write,
1081
+ }
1082
+};
117
+};
1083
+
118
+
1084
+static void xlnx_zynqmp_can_ptimer_cb(void *opaque)
119
+/*
120
+ * Check whether *buffer points to a Linux EFI zboot image in memory.
121
+ *
122
+ * If it does, attempt to decompress it to a new buffer, and free the old one.
123
+ * If any of this fails, return an error to the caller.
124
+ *
125
+ * If the image is not a Linux EFI zboot image, do nothing and return success.
126
+ */
127
+ssize_t unpack_efi_zboot_image(uint8_t **buffer, int *size)
1085
+{
128
+{
1086
+ /* No action required on the timer rollover. */
129
+ const struct linux_efi_zboot_header *header;
1087
+}
130
+ uint8_t *data = NULL;
131
+ int ploff, plsize;
132
+ ssize_t bytes;
1088
+
133
+
1089
+static const MemoryRegionOps can_ops = {
134
+ /* ignore if this is too small to be a EFI zboot image */
1090
+ .read = register_read_memory,
135
+ if (*size < sizeof(*header)) {
1091
+ .write = register_write_memory,
1092
+ .endianness = DEVICE_LITTLE_ENDIAN,
1093
+ .valid = {
1094
+ .min_access_size = 4,
1095
+ .max_access_size = 4,
1096
+ },
1097
+};
1098
+
1099
+static void xlnx_zynqmp_can_reset_init(Object *obj, ResetType type)
1100
+{
1101
+ XlnxZynqMPCANState *s = XLNX_ZYNQMP_CAN(obj);
1102
+ unsigned int i;
1103
+
1104
+ for (i = R_RXFIFO_ID; i < ARRAY_SIZE(s->reg_info); ++i) {
1105
+ register_reset(&s->reg_info[i]);
1106
+ }
1107
+
1108
+ ptimer_transaction_begin(s->can_timer);
1109
+ ptimer_set_count(s->can_timer, 0);
1110
+ ptimer_transaction_commit(s->can_timer);
1111
+}
1112
+
1113
+static void xlnx_zynqmp_can_reset_hold(Object *obj)
1114
+{
1115
+ XlnxZynqMPCANState *s = XLNX_ZYNQMP_CAN(obj);
1116
+ unsigned int i;
1117
+
1118
+ for (i = 0; i < R_RXFIFO_ID; ++i) {
1119
+ register_reset(&s->reg_info[i]);
1120
+ }
1121
+
1122
+ /*
1123
+ * Reset FIFOs when CAN model is reset. This will clear the fifo writes
1124
+ * done by post_write which gets called from register_reset function,
1125
+ * post_write handle will not be able to trigger tx because CAN will be
1126
+ * disabled when software_reset_register is cleared first.
1127
+ */
1128
+ fifo32_reset(&s->rx_fifo);
1129
+ fifo32_reset(&s->tx_fifo);
1130
+ fifo32_reset(&s->txhpb_fifo);
1131
+}
1132
+
1133
+static bool xlnx_zynqmp_can_can_receive(CanBusClientState *client)
1134
+{
1135
+ XlnxZynqMPCANState *s = container_of(client, XlnxZynqMPCANState,
1136
+ bus_client);
1137
+
1138
+ if (ARRAY_FIELD_EX32(s->regs, SOFTWARE_RESET_REGISTER, SRST)) {
1139
+ g_autofree char *path = object_get_canonical_path(OBJECT(s));
1140
+
1141
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Controller is in reset state.\n",
1142
+ path);
1143
+ return false;
1144
+ }
1145
+
1146
+ if ((ARRAY_FIELD_EX32(s->regs, SOFTWARE_RESET_REGISTER, CEN)) == 0) {
1147
+ g_autofree char *path = object_get_canonical_path(OBJECT(s));
1148
+
1149
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Controller is disabled. Incoming"
1150
+ " messages will be discarded.\n", path);
1151
+ return false;
1152
+ }
1153
+
1154
+ return true;
1155
+}
1156
+
1157
+static ssize_t xlnx_zynqmp_can_receive(CanBusClientState *client,
1158
+ const qemu_can_frame *buf, size_t buf_size) {
1159
+ XlnxZynqMPCANState *s = container_of(client, XlnxZynqMPCANState,
1160
+ bus_client);
1161
+ const qemu_can_frame *frame = buf;
1162
+
1163
+ if (buf_size <= 0) {
1164
+ g_autofree char *path = object_get_canonical_path(OBJECT(s));
1165
+
1166
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Error in the data received.\n",
1167
+ path);
1168
+ return 0;
136
+ return 0;
1169
+ }
137
+ }
1170
+
138
+
1171
+ if (ARRAY_FIELD_EX32(s->regs, STATUS_REGISTER, SNOOP)) {
139
+ header = (struct linux_efi_zboot_header *)*buffer;
1172
+ /* Snoop Mode: Just keep the data. no response back. */
140
+
1173
+ update_rx_fifo(s, frame);
141
+ /* ignore if this is not a Linux EFI zboot image */
1174
+ } else if ((ARRAY_FIELD_EX32(s->regs, STATUS_REGISTER, SLEEP))) {
142
+ if (memcmp(&header->msdos_magic, EFI_PE_MSDOS_MAGIC, 2) != 0 ||
1175
+ /*
143
+ memcmp(&header->zimg, "zimg", 4) != 0 ||
1176
+ * XlnxZynqMPCAN is in sleep mode. Any data on bus will bring it to wake
144
+ memcmp(&header->linux_magic, EFI_PE_LINUX_MAGIC, 4) != 0) {
1177
+ * up state.
145
+ return 0;
1178
+ */
1179
+ can_exit_sleep_mode(s);
1180
+ update_rx_fifo(s, frame);
1181
+ } else if ((ARRAY_FIELD_EX32(s->regs, STATUS_REGISTER, SLEEP)) == 0) {
1182
+ update_rx_fifo(s, frame);
1183
+ } else {
1184
+ /*
1185
+ * XlnxZynqMPCAN will not participate in normal bus communication
1186
+ * and will not receive any messages transmitted by other CAN nodes.
1187
+ */
1188
+ trace_xlnx_can_rx_discard(s->regs[R_STATUS_REGISTER]);
1189
+ }
146
+ }
1190
+
147
+
1191
+ return 1;
148
+ if (strcmp(header->compression_type, "gzip") != 0) {
149
+ fprintf(stderr,
150
+ "unable to handle EFI zboot image with \"%.*s\" compression\n",
151
+ (int)sizeof(header->compression_type) - 1,
152
+ header->compression_type);
153
+ return -1;
154
+ }
155
+
156
+ ploff = ldl_le_p(&header->payload_offset);
157
+ plsize = ldl_le_p(&header->payload_size);
158
+
159
+ if (ploff < 0 || plsize < 0 || ploff + plsize > *size) {
160
+ fprintf(stderr, "unable to handle corrupt EFI zboot image\n");
161
+ return -1;
162
+ }
163
+
164
+ data = g_malloc(LOAD_IMAGE_MAX_GUNZIP_BYTES);
165
+ bytes = gunzip(data, LOAD_IMAGE_MAX_GUNZIP_BYTES, *buffer + ploff, plsize);
166
+ if (bytes < 0) {
167
+ fprintf(stderr, "failed to decompress EFI zboot image\n");
168
+ g_free(data);
169
+ return -1;
170
+ }
171
+
172
+ g_free(*buffer);
173
+ *buffer = g_realloc(data, bytes);
174
+ *size = bytes;
175
+ return bytes;
1192
+}
176
+}
1193
+
177
+
1194
+static CanBusClientInfo can_xilinx_bus_client_info = {
178
/*
1195
+ .can_receive = xlnx_zynqmp_can_can_receive,
179
* Functions for reboot-persistent memory regions.
1196
+ .receive = xlnx_zynqmp_can_receive,
180
* - used for vga bios and option roms.
1197
+};
1198
+
1199
+static int xlnx_zynqmp_can_connect_to_bus(XlnxZynqMPCANState *s,
1200
+ CanBusState *bus)
1201
+{
1202
+ s->bus_client.info = &can_xilinx_bus_client_info;
1203
+
1204
+ if (can_bus_insert_client(bus, &s->bus_client) < 0) {
1205
+ return -1;
1206
+ }
1207
+ return 0;
1208
+}
1209
+
1210
+static void xlnx_zynqmp_can_realize(DeviceState *dev, Error **errp)
1211
+{
1212
+ XlnxZynqMPCANState *s = XLNX_ZYNQMP_CAN(dev);
1213
+
1214
+ if (s->canbus) {
1215
+ if (xlnx_zynqmp_can_connect_to_bus(s, s->canbus) < 0) {
1216
+ g_autofree char *path = object_get_canonical_path(OBJECT(s));
1217
+
1218
+ error_setg(errp, "%s: xlnx_zynqmp_can_connect_to_bus"
1219
+ " failed.", path);
1220
+ return;
1221
+ }
1222
+ }
1223
+
1224
+ /* Create RX FIFO, TXFIFO, TXHPB storage. */
1225
+ fifo32_create(&s->rx_fifo, RXFIFO_SIZE);
1226
+ fifo32_create(&s->tx_fifo, RXFIFO_SIZE);
1227
+ fifo32_create(&s->txhpb_fifo, CAN_FRAME_SIZE);
1228
+
1229
+ /* Allocate a new timer. */
1230
+ s->can_timer = ptimer_init(xlnx_zynqmp_can_ptimer_cb, s,
1231
+ PTIMER_POLICY_DEFAULT);
1232
+
1233
+ ptimer_transaction_begin(s->can_timer);
1234
+
1235
+ ptimer_set_freq(s->can_timer, s->cfg.ext_clk_freq);
1236
+ ptimer_set_limit(s->can_timer, CAN_TIMER_MAX, 1);
1237
+ ptimer_run(s->can_timer, 0);
1238
+ ptimer_transaction_commit(s->can_timer);
1239
+}
1240
+
1241
+static void xlnx_zynqmp_can_init(Object *obj)
1242
+{
1243
+ XlnxZynqMPCANState *s = XLNX_ZYNQMP_CAN(obj);
1244
+ SysBusDevice *sbd = SYS_BUS_DEVICE(obj);
1245
+
1246
+ RegisterInfoArray *reg_array;
1247
+
1248
+ memory_region_init(&s->iomem, obj, TYPE_XLNX_ZYNQMP_CAN,
1249
+ XLNX_ZYNQMP_CAN_R_MAX * 4);
1250
+ reg_array = register_init_block32(DEVICE(obj), can_regs_info,
1251
+ ARRAY_SIZE(can_regs_info),
1252
+ s->reg_info, s->regs,
1253
+ &can_ops,
1254
+ XLNX_ZYNQMP_CAN_ERR_DEBUG,
1255
+ XLNX_ZYNQMP_CAN_R_MAX * 4);
1256
+
1257
+ memory_region_add_subregion(&s->iomem, 0x00, &reg_array->mem);
1258
+ sysbus_init_mmio(sbd, &s->iomem);
1259
+ sysbus_init_irq(SYS_BUS_DEVICE(obj), &s->irq);
1260
+}
1261
+
1262
+static const VMStateDescription vmstate_can = {
1263
+ .name = TYPE_XLNX_ZYNQMP_CAN,
1264
+ .version_id = 1,
1265
+ .minimum_version_id = 1,
1266
+ .fields = (VMStateField[]) {
1267
+ VMSTATE_FIFO32(rx_fifo, XlnxZynqMPCANState),
1268
+ VMSTATE_FIFO32(tx_fifo, XlnxZynqMPCANState),
1269
+ VMSTATE_FIFO32(txhpb_fifo, XlnxZynqMPCANState),
1270
+ VMSTATE_UINT32_ARRAY(regs, XlnxZynqMPCANState, XLNX_ZYNQMP_CAN_R_MAX),
1271
+ VMSTATE_PTIMER(can_timer, XlnxZynqMPCANState),
1272
+ VMSTATE_END_OF_LIST(),
1273
+ }
1274
+};
1275
+
1276
+static Property xlnx_zynqmp_can_properties[] = {
1277
+ DEFINE_PROP_UINT32("ext_clk_freq", XlnxZynqMPCANState, cfg.ext_clk_freq,
1278
+ CAN_DEFAULT_CLOCK),
1279
+ DEFINE_PROP_LINK("canbus", XlnxZynqMPCANState, canbus, TYPE_CAN_BUS,
1280
+ CanBusState *),
1281
+ DEFINE_PROP_END_OF_LIST(),
1282
+};
1283
+
1284
+static void xlnx_zynqmp_can_class_init(ObjectClass *klass, void *data)
1285
+{
1286
+ DeviceClass *dc = DEVICE_CLASS(klass);
1287
+ ResettableClass *rc = RESETTABLE_CLASS(klass);
1288
+
1289
+ rc->phases.enter = xlnx_zynqmp_can_reset_init;
1290
+ rc->phases.hold = xlnx_zynqmp_can_reset_hold;
1291
+ dc->realize = xlnx_zynqmp_can_realize;
1292
+ device_class_set_props(dc, xlnx_zynqmp_can_properties);
1293
+ dc->vmsd = &vmstate_can;
1294
+}
1295
+
1296
+static const TypeInfo can_info = {
1297
+ .name = TYPE_XLNX_ZYNQMP_CAN,
1298
+ .parent = TYPE_SYS_BUS_DEVICE,
1299
+ .instance_size = sizeof(XlnxZynqMPCANState),
1300
+ .class_init = xlnx_zynqmp_can_class_init,
1301
+ .instance_init = xlnx_zynqmp_can_init,
1302
+};
1303
+
1304
+static void can_register_types(void)
1305
+{
1306
+ type_register_static(&can_info);
1307
+}
1308
+
1309
+type_init(can_register_types)
1310
diff --git a/hw/Kconfig b/hw/Kconfig
1311
index XXXXXXX..XXXXXXX 100644
1312
--- a/hw/Kconfig
1313
+++ b/hw/Kconfig
1314
@@ -XXX,XX +XXX,XX @@ config XILINX_AXI
1315
config XLNX_ZYNQMP
1316
bool
1317
select REGISTER
1318
+ select CAN_BUS
1319
diff --git a/hw/net/can/meson.build b/hw/net/can/meson.build
1320
index XXXXXXX..XXXXXXX 100644
1321
--- a/hw/net/can/meson.build
1322
+++ b/hw/net/can/meson.build
1323
@@ -XXX,XX +XXX,XX @@ softmmu_ss.add(when: 'CONFIG_CAN_PCI', if_true: files('can_pcm3680_pci.c'))
1324
softmmu_ss.add(when: 'CONFIG_CAN_PCI', if_true: files('can_mioe3680_pci.c'))
1325
softmmu_ss.add(when: 'CONFIG_CAN_CTUCANFD', if_true: files('ctucan_core.c'))
1326
softmmu_ss.add(when: 'CONFIG_CAN_CTUCANFD_PCI', if_true: files('ctucan_pci.c'))
1327
+softmmu_ss.add(when: 'CONFIG_XLNX_ZYNQMP', if_true: files('xlnx-zynqmp-can.c'))
1328
diff --git a/hw/net/can/trace-events b/hw/net/can/trace-events
1329
new file mode 100644
1330
index XXXXXXX..XXXXXXX
1331
--- /dev/null
1332
+++ b/hw/net/can/trace-events
1333
@@ -XXX,XX +XXX,XX @@
1334
+# xlnx-zynqmp-can.c
1335
+xlnx_can_update_irq(uint32_t isr, uint32_t ier, uint32_t irq) "ISR: 0x%08x IER: 0x%08x IRQ: 0x%08x"
1336
+xlnx_can_reset(uint32_t val) "Resetting controller with value = 0x%08x"
1337
+xlnx_can_rx_fifo_filter_reject(uint32_t id, uint8_t dlc) "Frame: ID: 0x%08x DLC: 0x%02x"
1338
+xlnx_can_filter_id_pre_write(uint8_t filter_num, uint32_t value) "Filter%d ID: 0x%08x"
1339
+xlnx_can_filter_mask_pre_write(uint8_t filter_num, uint32_t value) "Filter%d MASK: 0x%08x"
1340
+xlnx_can_tx_data(uint32_t id, uint8_t dlc, uint8_t db0, uint8_t db1, uint8_t db2, uint8_t db3, uint8_t db4, uint8_t db5, uint8_t db6, uint8_t db7) "Frame: ID: 0x%08x DLC: 0x%02x DATA: 0x%02x 0x%02x 0x%02x 0x%02x 0x%02x 0x%02x 0x%02x 0x%02x"
1341
+xlnx_can_rx_data(uint32_t id, uint32_t dlc, uint8_t db0, uint8_t db1, uint8_t db2, uint8_t db3, uint8_t db4, uint8_t db5, uint8_t db6, uint8_t db7) "Frame: ID: 0x%08x DLC: 0x%02x DATA: 0x%02x 0x%02x 0x%02x 0x%02x 0x%02x 0x%02x 0x%02x 0x%02x"
1342
+xlnx_can_rx_discard(uint32_t status) "Controller is not enabled for bus communication. Status Register: 0x%08x"
1343
--
181
--
1344
2.20.1
182
2.34.1
1345
183
1346
184
diff view generated by jsdifflib
[PULL 04/36] tests/qtest: Introduce tests for Xilinx ZynqMP CAN controller
Deleted patch
1
From: Vikram Garhwal <fnu.vikram@xilinx.com>
2
1
3
The QTests perform five tests on the Xilinx ZynqMP CAN controller:
4
Tests the CAN controller in loopback, sleep and snoop mode.
5
Tests filtering of incoming CAN messages.
6
7
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
8
Reviewed-by: Francisco Iglesias <francisco.iglesias@xilinx.com>
9
Signed-off-by: Vikram Garhwal <fnu.vikram@xilinx.com>
10
Message-id: 1605728926-352690-4-git-send-email-fnu.vikram@xilinx.com
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
---
13
tests/qtest/xlnx-can-test.c | 360 ++++++++++++++++++++++++++++++++++++
14
tests/qtest/meson.build | 1 +
15
2 files changed, 361 insertions(+)
16
create mode 100644 tests/qtest/xlnx-can-test.c
17
18
diff --git a/tests/qtest/xlnx-can-test.c b/tests/qtest/xlnx-can-test.c
19
new file mode 100644
20
index XXXXXXX..XXXXXXX
21
--- /dev/null
22
+++ b/tests/qtest/xlnx-can-test.c
23
@@ -XXX,XX +XXX,XX @@
24
+/*
25
+ * QTests for the Xilinx ZynqMP CAN controller.
26
+ *
27
+ * Copyright (c) 2020 Xilinx Inc.
28
+ *
29
+ * Written-by: Vikram Garhwal<fnu.vikram@xilinx.com>
30
+ *
31
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
32
+ * of this software and associated documentation files (the "Software"), to deal
33
+ * in the Software without restriction, including without limitation the rights
34
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
35
+ * copies of the Software, and to permit persons to whom the Software is
36
+ * furnished to do so, subject to the following conditions:
37
+ *
38
+ * The above copyright notice and this permission notice shall be included in
39
+ * all copies or substantial portions of the Software.
40
+ *
41
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
42
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
43
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
44
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
45
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
46
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
47
+ * THE SOFTWARE.
48
+ */
49
+
50
+#include "qemu/osdep.h"
51
+#include "libqos/libqtest.h"
52
+
53
+/* Base address. */
54
+#define CAN0_BASE_ADDR 0xFF060000
55
+#define CAN1_BASE_ADDR 0xFF070000
56
+
57
+/* Register addresses. */
58
+#define R_SRR_OFFSET 0x00
59
+#define R_MSR_OFFSET 0x04
60
+#define R_SR_OFFSET 0x18
61
+#define R_ISR_OFFSET 0x1C
62
+#define R_ICR_OFFSET 0x24
63
+#define R_TXID_OFFSET 0x30
64
+#define R_TXDLC_OFFSET 0x34
65
+#define R_TXDATA1_OFFSET 0x38
66
+#define R_TXDATA2_OFFSET 0x3C
67
+#define R_RXID_OFFSET 0x50
68
+#define R_RXDLC_OFFSET 0x54
69
+#define R_RXDATA1_OFFSET 0x58
70
+#define R_RXDATA2_OFFSET 0x5C
71
+#define R_AFR 0x60
72
+#define R_AFMR1 0x64
73
+#define R_AFIR1 0x68
74
+#define R_AFMR2 0x6C
75
+#define R_AFIR2 0x70
76
+#define R_AFMR3 0x74
77
+#define R_AFIR3 0x78
78
+#define R_AFMR4 0x7C
79
+#define R_AFIR4 0x80
80
+
81
+/* CAN modes. */
82
+#define CONFIG_MODE 0x00
83
+#define NORMAL_MODE 0x00
84
+#define LOOPBACK_MODE 0x02
85
+#define SNOOP_MODE 0x04
86
+#define SLEEP_MODE 0x01
87
+#define ENABLE_CAN (1 << 1)
88
+#define STATUS_NORMAL_MODE (1 << 3)
89
+#define STATUS_LOOPBACK_MODE (1 << 1)
90
+#define STATUS_SNOOP_MODE (1 << 12)
91
+#define STATUS_SLEEP_MODE (1 << 2)
92
+#define ISR_TXOK (1 << 1)
93
+#define ISR_RXOK (1 << 4)
94
+
95
+static void match_rx_tx_data(const uint32_t *buf_tx, const uint32_t *buf_rx,
96
+ uint8_t can_timestamp)
97
+{
98
+ uint16_t size = 0;
99
+ uint8_t len = 4;
100
+
101
+ while (size < len) {
102
+ if (R_RXID_OFFSET + 4 * size == R_RXDLC_OFFSET) {
103
+ g_assert_cmpint(buf_rx[size], ==, buf_tx[size] + can_timestamp);
104
+ } else {
105
+ g_assert_cmpint(buf_rx[size], ==, buf_tx[size]);
106
+ }
107
+
108
+ size++;
109
+ }
110
+}
111
+
112
+static void read_data(QTestState *qts, uint64_t can_base_addr, uint32_t *buf_rx)
113
+{
114
+ uint32_t int_status;
115
+
116
+ /* Read the interrupt on CAN rx. */
117
+ int_status = qtest_readl(qts, can_base_addr + R_ISR_OFFSET) & ISR_RXOK;
118
+
119
+ g_assert_cmpint(int_status, ==, ISR_RXOK);
120
+
121
+ /* Read the RX register data for CAN. */
122
+ buf_rx[0] = qtest_readl(qts, can_base_addr + R_RXID_OFFSET);
123
+ buf_rx[1] = qtest_readl(qts, can_base_addr + R_RXDLC_OFFSET);
124
+ buf_rx[2] = qtest_readl(qts, can_base_addr + R_RXDATA1_OFFSET);
125
+ buf_rx[3] = qtest_readl(qts, can_base_addr + R_RXDATA2_OFFSET);
126
+
127
+ /* Clear the RX interrupt. */
128
+ qtest_writel(qts, CAN1_BASE_ADDR + R_ICR_OFFSET, ISR_RXOK);
129
+}
130
+
131
+static void send_data(QTestState *qts, uint64_t can_base_addr,
132
+ const uint32_t *buf_tx)
133
+{
134
+ uint32_t int_status;
135
+
136
+ /* Write the TX register data for CAN. */
137
+ qtest_writel(qts, can_base_addr + R_TXID_OFFSET, buf_tx[0]);
138
+ qtest_writel(qts, can_base_addr + R_TXDLC_OFFSET, buf_tx[1]);
139
+ qtest_writel(qts, can_base_addr + R_TXDATA1_OFFSET, buf_tx[2]);
140
+ qtest_writel(qts, can_base_addr + R_TXDATA2_OFFSET, buf_tx[3]);
141
+
142
+ /* Read the interrupt on CAN for tx. */
143
+ int_status = qtest_readl(qts, can_base_addr + R_ISR_OFFSET) & ISR_TXOK;
144
+
145
+ g_assert_cmpint(int_status, ==, ISR_TXOK);
146
+
147
+ /* Clear the interrupt for tx. */
148
+ qtest_writel(qts, CAN0_BASE_ADDR + R_ICR_OFFSET, ISR_TXOK);
149
+}
150
+
151
+/*
152
+ * This test will be transferring data from CAN0 and CAN1 through canbus. CAN0
153
+ * initiate the data transfer to can-bus, CAN1 receives the data. Test compares
154
+ * the data sent from CAN0 with received on CAN1.
155
+ */
156
+static void test_can_bus(void)
157
+{
158
+ const uint32_t buf_tx[4] = { 0xFF, 0x80000000, 0x12345678, 0x87654321 };
159
+ uint32_t buf_rx[4] = { 0x00, 0x00, 0x00, 0x00 };
160
+ uint32_t status = 0;
161
+ uint8_t can_timestamp = 1;
162
+
163
+ QTestState *qts = qtest_init("-machine xlnx-zcu102"
164
+ " -object can-bus,id=canbus0"
165
+ " -machine xlnx-zcu102.canbus0=canbus0"
166
+ " -machine xlnx-zcu102.canbus1=canbus0"
167
+ );
168
+
169
+ /* Configure the CAN0 and CAN1. */
170
+ qtest_writel(qts, CAN0_BASE_ADDR + R_SRR_OFFSET, ENABLE_CAN);
171
+ qtest_writel(qts, CAN0_BASE_ADDR + R_MSR_OFFSET, NORMAL_MODE);
172
+ qtest_writel(qts, CAN1_BASE_ADDR + R_SRR_OFFSET, ENABLE_CAN);
173
+ qtest_writel(qts, CAN1_BASE_ADDR + R_MSR_OFFSET, NORMAL_MODE);
174
+
175
+ /* Check here if CAN0 and CAN1 are in normal mode. */
176
+ status = qtest_readl(qts, CAN0_BASE_ADDR + R_SR_OFFSET);
177
+ g_assert_cmpint(status, ==, STATUS_NORMAL_MODE);
178
+
179
+ status = qtest_readl(qts, CAN1_BASE_ADDR + R_SR_OFFSET);
180
+ g_assert_cmpint(status, ==, STATUS_NORMAL_MODE);
181
+
182
+ send_data(qts, CAN0_BASE_ADDR, buf_tx);
183
+
184
+ read_data(qts, CAN1_BASE_ADDR, buf_rx);
185
+ match_rx_tx_data(buf_tx, buf_rx, can_timestamp);
186
+
187
+ qtest_quit(qts);
188
+}
189
+
190
+/*
191
+ * This test is performing loopback mode on CAN0 and CAN1. Data sent from TX of
192
+ * each CAN0 and CAN1 are compared with RX register data for respective CAN.
193
+ */
194
+static void test_can_loopback(void)
195
+{
196
+ uint32_t buf_tx[4] = { 0xFF, 0x80000000, 0x12345678, 0x87654321 };
197
+ uint32_t buf_rx[4] = { 0x00, 0x00, 0x00, 0x00 };
198
+ uint32_t status = 0;
199
+
200
+ QTestState *qts = qtest_init("-machine xlnx-zcu102"
201
+ " -object can-bus,id=canbus0"
202
+ " -machine xlnx-zcu102.canbus0=canbus0"
203
+ " -machine xlnx-zcu102.canbus1=canbus0"
204
+ );
205
+
206
+ /* Configure the CAN0 in loopback mode. */
207
+ qtest_writel(qts, CAN0_BASE_ADDR + R_SRR_OFFSET, CONFIG_MODE);
208
+ qtest_writel(qts, CAN0_BASE_ADDR + R_MSR_OFFSET, LOOPBACK_MODE);
209
+ qtest_writel(qts, CAN0_BASE_ADDR + R_SRR_OFFSET, ENABLE_CAN);
210
+
211
+ /* Check here if CAN0 is set in loopback mode. */
212
+ status = qtest_readl(qts, CAN0_BASE_ADDR + R_SR_OFFSET);
213
+
214
+ g_assert_cmpint(status, ==, STATUS_LOOPBACK_MODE);
215
+
216
+ send_data(qts, CAN0_BASE_ADDR, buf_tx);
217
+ read_data(qts, CAN0_BASE_ADDR, buf_rx);
218
+ match_rx_tx_data(buf_tx, buf_rx, 0);
219
+
220
+ /* Configure the CAN1 in loopback mode. */
221
+ qtest_writel(qts, CAN1_BASE_ADDR + R_SRR_OFFSET, CONFIG_MODE);
222
+ qtest_writel(qts, CAN1_BASE_ADDR + R_MSR_OFFSET, LOOPBACK_MODE);
223
+ qtest_writel(qts, CAN1_BASE_ADDR + R_SRR_OFFSET, ENABLE_CAN);
224
+
225
+ /* Check here if CAN1 is set in loopback mode. */
226
+ status = qtest_readl(qts, CAN1_BASE_ADDR + R_SR_OFFSET);
227
+
228
+ g_assert_cmpint(status, ==, STATUS_LOOPBACK_MODE);
229
+
230
+ send_data(qts, CAN1_BASE_ADDR, buf_tx);
231
+ read_data(qts, CAN1_BASE_ADDR, buf_rx);
232
+ match_rx_tx_data(buf_tx, buf_rx, 0);
233
+
234
+ qtest_quit(qts);
235
+}
236
+
237
+/*
238
+ * Enable filters for CAN1. This will filter incoming messages with ID. In this
239
+ * test message will pass through filter 2.
240
+ */
241
+static void test_can_filter(void)
242
+{
243
+ uint32_t buf_tx[4] = { 0x14, 0x80000000, 0x12345678, 0x87654321 };
244
+ uint32_t buf_rx[4] = { 0x00, 0x00, 0x00, 0x00 };
245
+ uint32_t status = 0;
246
+ uint8_t can_timestamp = 1;
247
+
248
+ QTestState *qts = qtest_init("-machine xlnx-zcu102"
249
+ " -object can-bus,id=canbus0"
250
+ " -machine xlnx-zcu102.canbus0=canbus0"
251
+ " -machine xlnx-zcu102.canbus1=canbus0"
252
+ );
253
+
254
+ /* Configure the CAN0 and CAN1. */
255
+ qtest_writel(qts, CAN0_BASE_ADDR + R_SRR_OFFSET, ENABLE_CAN);
256
+ qtest_writel(qts, CAN0_BASE_ADDR + R_MSR_OFFSET, NORMAL_MODE);
257
+ qtest_writel(qts, CAN1_BASE_ADDR + R_SRR_OFFSET, ENABLE_CAN);
258
+ qtest_writel(qts, CAN1_BASE_ADDR + R_MSR_OFFSET, NORMAL_MODE);
259
+
260
+ /* Check here if CAN0 and CAN1 are in normal mode. */
261
+ status = qtest_readl(qts, CAN0_BASE_ADDR + R_SR_OFFSET);
262
+ g_assert_cmpint(status, ==, STATUS_NORMAL_MODE);
263
+
264
+ status = qtest_readl(qts, CAN1_BASE_ADDR + R_SR_OFFSET);
265
+ g_assert_cmpint(status, ==, STATUS_NORMAL_MODE);
266
+
267
+ /* Set filter for CAN1 for incoming messages. */
268
+ qtest_writel(qts, CAN1_BASE_ADDR + R_AFR, 0x0);
269
+ qtest_writel(qts, CAN1_BASE_ADDR + R_AFMR1, 0xF7);
270
+ qtest_writel(qts, CAN1_BASE_ADDR + R_AFIR1, 0x121F);
271
+ qtest_writel(qts, CAN1_BASE_ADDR + R_AFMR2, 0x5431);
272
+ qtest_writel(qts, CAN1_BASE_ADDR + R_AFIR2, 0x14);
273
+ qtest_writel(qts, CAN1_BASE_ADDR + R_AFMR3, 0x1234);
274
+ qtest_writel(qts, CAN1_BASE_ADDR + R_AFIR3, 0x5431);
275
+ qtest_writel(qts, CAN1_BASE_ADDR + R_AFMR4, 0xFFF);
276
+ qtest_writel(qts, CAN1_BASE_ADDR + R_AFIR4, 0x1234);
277
+
278
+ qtest_writel(qts, CAN1_BASE_ADDR + R_AFR, 0xF);
279
+
280
+ send_data(qts, CAN0_BASE_ADDR, buf_tx);
281
+
282
+ read_data(qts, CAN1_BASE_ADDR, buf_rx);
283
+ match_rx_tx_data(buf_tx, buf_rx, can_timestamp);
284
+
285
+ qtest_quit(qts);
286
+}
287
+
288
+/* Testing sleep mode on CAN0 while CAN1 is in normal mode. */
289
+static void test_can_sleepmode(void)
290
+{
291
+ uint32_t buf_tx[4] = { 0x14, 0x80000000, 0x12345678, 0x87654321 };
292
+ uint32_t buf_rx[4] = { 0x00, 0x00, 0x00, 0x00 };
293
+ uint32_t status = 0;
294
+ uint8_t can_timestamp = 1;
295
+
296
+ QTestState *qts = qtest_init("-machine xlnx-zcu102"
297
+ " -object can-bus,id=canbus0"
298
+ " -machine xlnx-zcu102.canbus0=canbus0"
299
+ " -machine xlnx-zcu102.canbus1=canbus0"
300
+ );
301
+
302
+ /* Configure the CAN0. */
303
+ qtest_writel(qts, CAN0_BASE_ADDR + R_SRR_OFFSET, CONFIG_MODE);
304
+ qtest_writel(qts, CAN0_BASE_ADDR + R_MSR_OFFSET, SLEEP_MODE);
305
+ qtest_writel(qts, CAN0_BASE_ADDR + R_SRR_OFFSET, ENABLE_CAN);
306
+
307
+ qtest_writel(qts, CAN1_BASE_ADDR + R_SRR_OFFSET, ENABLE_CAN);
308
+ qtest_writel(qts, CAN1_BASE_ADDR + R_MSR_OFFSET, NORMAL_MODE);
309
+
310
+ /* Check here if CAN0 is in SLEEP mode and CAN1 in normal mode. */
311
+ status = qtest_readl(qts, CAN0_BASE_ADDR + R_SR_OFFSET);
312
+ g_assert_cmpint(status, ==, STATUS_SLEEP_MODE);
313
+
314
+ status = qtest_readl(qts, CAN1_BASE_ADDR + R_SR_OFFSET);
315
+ g_assert_cmpint(status, ==, STATUS_NORMAL_MODE);
316
+
317
+ send_data(qts, CAN1_BASE_ADDR, buf_tx);
318
+
319
+ /*
320
+ * Once CAN1 sends data on can-bus. CAN0 should exit sleep mode.
321
+ * Check the CAN0 status now. It should exit the sleep mode and receive the
322
+ * incoming data.
323
+ */
324
+ status = qtest_readl(qts, CAN0_BASE_ADDR + R_SR_OFFSET);
325
+ g_assert_cmpint(status, ==, STATUS_NORMAL_MODE);
326
+
327
+ read_data(qts, CAN0_BASE_ADDR, buf_rx);
328
+
329
+ match_rx_tx_data(buf_tx, buf_rx, can_timestamp);
330
+
331
+ qtest_quit(qts);
332
+}
333
+
334
+/* Testing Snoop mode on CAN0 while CAN1 is in normal mode. */
335
+static void test_can_snoopmode(void)
336
+{
337
+ uint32_t buf_tx[4] = { 0x14, 0x80000000, 0x12345678, 0x87654321 };
338
+ uint32_t buf_rx[4] = { 0x00, 0x00, 0x00, 0x00 };
339
+ uint32_t status = 0;
340
+ uint8_t can_timestamp = 1;
341
+
342
+ QTestState *qts = qtest_init("-machine xlnx-zcu102"
343
+ " -object can-bus,id=canbus0"
344
+ " -machine xlnx-zcu102.canbus0=canbus0"
345
+ " -machine xlnx-zcu102.canbus1=canbus0"
346
+ );
347
+
348
+ /* Configure the CAN0. */
349
+ qtest_writel(qts, CAN0_BASE_ADDR + R_SRR_OFFSET, CONFIG_MODE);
350
+ qtest_writel(qts, CAN0_BASE_ADDR + R_MSR_OFFSET, SNOOP_MODE);
351
+ qtest_writel(qts, CAN0_BASE_ADDR + R_SRR_OFFSET, ENABLE_CAN);
352
+
353
+ qtest_writel(qts, CAN1_BASE_ADDR + R_SRR_OFFSET, ENABLE_CAN);
354
+ qtest_writel(qts, CAN1_BASE_ADDR + R_MSR_OFFSET, NORMAL_MODE);
355
+
356
+ /* Check here if CAN0 is in SNOOP mode and CAN1 in normal mode. */
357
+ status = qtest_readl(qts, CAN0_BASE_ADDR + R_SR_OFFSET);
358
+ g_assert_cmpint(status, ==, STATUS_SNOOP_MODE);
359
+
360
+ status = qtest_readl(qts, CAN1_BASE_ADDR + R_SR_OFFSET);
361
+ g_assert_cmpint(status, ==, STATUS_NORMAL_MODE);
362
+
363
+ send_data(qts, CAN1_BASE_ADDR, buf_tx);
364
+
365
+ read_data(qts, CAN0_BASE_ADDR, buf_rx);
366
+
367
+ match_rx_tx_data(buf_tx, buf_rx, can_timestamp);
368
+
369
+ qtest_quit(qts);
370
+}
371
+
372
+int main(int argc, char **argv)
373
+{
374
+ g_test_init(&argc, &argv, NULL);
375
+
376
+ qtest_add_func("/net/can/can_bus", test_can_bus);
377
+ qtest_add_func("/net/can/can_loopback", test_can_loopback);
378
+ qtest_add_func("/net/can/can_filter", test_can_filter);
379
+ qtest_add_func("/net/can/can_test_snoopmode", test_can_snoopmode);
380
+ qtest_add_func("/net/can/can_test_sleepmode", test_can_sleepmode);
381
+
382
+ return g_test_run();
383
+}
384
diff --git a/tests/qtest/meson.build b/tests/qtest/meson.build
385
index XXXXXXX..XXXXXXX 100644
386
--- a/tests/qtest/meson.build
387
+++ b/tests/qtest/meson.build
388
@@ -XXX,XX +XXX,XX @@ qtests_aarch64 = \
389
['arm-cpu-features',
390
'numa-test',
391
'boot-serial-test',
392
+ 'xlnx-can-test',
393
'migration-test']
394
395
qtests_s390x = \
396
--
397
2.20.1
398
399
diff view generated by jsdifflib
[PULL 05/36] MAINTAINERS: Add maintainer entry for Xilinx ZynqMP CAN controller
Deleted patch
1
From: Vikram Garhwal <fnu.vikram@xilinx.com>
2
1
3
Reviewed-by: Francisco Iglesias <francisco.iglesias@xilinx.com>
4
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
5
Signed-off-by: Vikram Garhwal <fnu.vikram@xilinx.com>
6
Message-id: 1605728926-352690-5-git-send-email-fnu.vikram@xilinx.com
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
---
9
MAINTAINERS | 8 ++++++++
10
1 file changed, 8 insertions(+)
11
12
diff --git a/MAINTAINERS b/MAINTAINERS
13
index XXXXXXX..XXXXXXX 100644
14
--- a/MAINTAINERS
15
+++ b/MAINTAINERS
16
@@ -XXX,XX +XXX,XX @@ F: hw/net/opencores_eth.c
17
18
Devices
19
-------
20
+Xilinx CAN
21
+M: Vikram Garhwal <fnu.vikram@xilinx.com>
22
+M: Francisco Iglesias <francisco.iglesias@xilinx.com>
23
+S: Maintained
24
+F: hw/net/can/xlnx-*
25
+F: include/hw/net/xlnx-*
26
+F: tests/qtest/xlnx-can-test*
27
+
28
EDU
29
M: Jiri Slaby <jslaby@suse.cz>
30
S: Maintained
31
--
32
2.20.1
33
34
diff view generated by jsdifflib
[PULL 35/36] hw/intc/armv7m_nvic: Implement read/write for RAS register block
[PULL 20/21] hw: allwinner-i2c: Fix TWI_CNTR_INT_FLAG on SUN6i SoCs
1
The RAS feature has a block of memory-mapped registers at offset
1
From: qianfan Zhao <qianfanguijin@163.com>
2
0x5000 within the PPB. For a "minimal RAS" implementation we provide
3
no error records and so the only registers that exist in the block
4
are ERRIIDR and ERRDEVID.
5
2
6
The "RAZ/WI for privileged, BusFault for nonprivileged" behaviour
3
TWI_CNTR_INT_FLAG is W1C(write 1 to clear and write 0 has non-effect)
7
of the "nvic-default" region is actually valid for minimal-RAS,
4
register on SUN6i based SoCs, we should lower interrupt when the guest
8
so the main benefit of providing an explicit implementation of
5
set this bit.
9
the register block is more accurate LOG_UNIMP messages, and a
10
framework for where we could add a real RAS implementation later
11
if necessary.
12
6
7
The linux kernel will hang in irq handler(mv64xxx_i2c_intr) if no
8
device connected on the i2c bus, next is the trace log:
9
10
allwinner_i2c_write write CNTR(0x0c): 0xc4 A_ACK BUS_EN INT_EN
11
allwinner_i2c_write write CNTR(0x0c): 0xcc A_ACK INT_FLAG BUS_EN INT_EN
12
allwinner_i2c_read read CNTR(0x0c): 0xcc A_ACK INT_FLAG BUS_EN INT_EN
13
allwinner_i2c_read read STAT(0x10): 0x20 STAT_M_ADDR_WR_NACK
14
allwinner_i2c_write write CNTR(0x0c): 0x54 A_ACK M_STP BUS_EN
15
allwinner_i2c_write write CNTR(0x0c): 0x4c A_ACK INT_FLAG BUS_EN
16
allwinner_i2c_read read CNTR(0x0c): 0x4c A_ACK INT_FLAG BUS_EN
17
allwinner_i2c_read read STAT(0x10): 0xf8 STAT_IDLE
18
allwinner_i2c_write write CNTR(0x0c): 0x54 A_ACK M_STP BUS_EN
19
allwinner_i2c_write write CNTR(0x0c): 0x4c A_ACK INT_FLAG BUS_EN
20
allwinner_i2c_read read CNTR(0x0c): 0x4c A_ACK INT_FLAG BUS_EN
21
allwinner_i2c_read read STAT(0x10): 0xf8 STAT_IDLE
22
...
23
24
Fix it.
25
26
Signed-off-by: qianfan Zhao <qianfanguijin@163.com>
27
Reviewed-by: Strahinja Jankovic <strahinja.p.jankovic@gmail.com>
28
Tested-by: Strahinja Jankovic <strahinja.p.jankovic@gmail.com>
29
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
13
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
30
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
14
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
15
Message-id: 20201119215617.29887-27-peter.maydell@linaro.org
16
---
31
---
17
include/hw/intc/armv7m_nvic.h | 1 +
32
include/hw/i2c/allwinner-i2c.h | 6 ++++++
18
hw/intc/armv7m_nvic.c | 56 +++++++++++++++++++++++++++++++++++
33
hw/i2c/allwinner-i2c.c | 26 ++++++++++++++++++++++++--
19
2 files changed, 57 insertions(+)
34
2 files changed, 30 insertions(+), 2 deletions(-)
20
35
21
diff --git a/include/hw/intc/armv7m_nvic.h b/include/hw/intc/armv7m_nvic.h
36
diff --git a/include/hw/i2c/allwinner-i2c.h b/include/hw/i2c/allwinner-i2c.h
22
index XXXXXXX..XXXXXXX 100644
37
index XXXXXXX..XXXXXXX 100644
23
--- a/include/hw/intc/armv7m_nvic.h
38
--- a/include/hw/i2c/allwinner-i2c.h
24
+++ b/include/hw/intc/armv7m_nvic.h
39
+++ b/include/hw/i2c/allwinner-i2c.h
25
@@ -XXX,XX +XXX,XX @@ struct NVICState {
40
@@ -XXX,XX +XXX,XX @@
26
MemoryRegion sysreg_ns_mem;
41
#include "qom/object.h"
27
MemoryRegion systickmem;
42
28
MemoryRegion systick_ns_mem;
43
#define TYPE_AW_I2C "allwinner.i2c"
29
+ MemoryRegion ras_mem;
44
+
30
MemoryRegion container;
45
+/** Allwinner I2C sun6i family and newer (A31, H2+, H3, etc) */
31
MemoryRegion defaultmem;
46
+#define TYPE_AW_I2C_SUN6I TYPE_AW_I2C "-sun6i"
32
47
+
33
diff --git a/hw/intc/armv7m_nvic.c b/hw/intc/armv7m_nvic.c
48
OBJECT_DECLARE_SIMPLE_TYPE(AWI2CState, AW_I2C)
49
50
#define AW_I2C_MEM_SIZE 0x24
51
@@ -XXX,XX +XXX,XX @@ struct AWI2CState {
52
uint8_t srst;
53
uint8_t efr;
54
uint8_t lcr;
55
+
56
+ bool irq_clear_inverted;
57
};
58
59
#endif /* ALLWINNER_I2C_H */
60
diff --git a/hw/i2c/allwinner-i2c.c b/hw/i2c/allwinner-i2c.c
34
index XXXXXXX..XXXXXXX 100644
61
index XXXXXXX..XXXXXXX 100644
35
--- a/hw/intc/armv7m_nvic.c
62
--- a/hw/i2c/allwinner-i2c.c
36
+++ b/hw/intc/armv7m_nvic.c
63
+++ b/hw/i2c/allwinner-i2c.c
37
@@ -XXX,XX +XXX,XX @@ static const MemoryRegionOps nvic_systick_ops = {
64
@@ -XXX,XX +XXX,XX @@ static void allwinner_i2c_write(void *opaque, hwaddr offset,
38
.endianness = DEVICE_NATIVE_ENDIAN,
65
s->stat = STAT_FROM_STA(STAT_IDLE);
66
s->cntr &= ~TWI_CNTR_M_STP;
67
}
68
- if ((s->cntr & TWI_CNTR_INT_FLAG) == 0) {
69
- /* Interrupt flag cleared */
70
+
71
+ if (!s->irq_clear_inverted && !(s->cntr & TWI_CNTR_INT_FLAG)) {
72
+ /* Write 0 to clear this flag */
73
+ qemu_irq_lower(s->irq);
74
+ } else if (s->irq_clear_inverted && (s->cntr & TWI_CNTR_INT_FLAG)) {
75
+ /* Write 1 to clear this flag */
76
+ s->cntr &= ~TWI_CNTR_INT_FLAG;
77
qemu_irq_lower(s->irq);
78
}
79
+
80
if ((s->cntr & TWI_CNTR_A_ACK) == 0) {
81
if (STAT_TO_STA(s->stat) == STAT_M_DATA_RX_ACK) {
82
s->stat = STAT_FROM_STA(STAT_M_DATA_RX_NACK);
83
@@ -XXX,XX +XXX,XX @@ static const TypeInfo allwinner_i2c_type_info = {
84
.class_init = allwinner_i2c_class_init,
39
};
85
};
40
86
87
+static void allwinner_i2c_sun6i_init(Object *obj)
88
+{
89
+ AWI2CState *s = AW_I2C(obj);
41
+
90
+
42
+static MemTxResult ras_read(void *opaque, hwaddr addr,
91
+ s->irq_clear_inverted = true;
43
+ uint64_t *data, unsigned size,
44
+ MemTxAttrs attrs)
45
+{
46
+ if (attrs.user) {
47
+ return MEMTX_ERROR;
48
+ }
49
+
50
+ switch (addr) {
51
+ case 0xe10: /* ERRIIDR */
52
+ /* architect field = Arm; product/variant/revision 0 */
53
+ *data = 0x43b;
54
+ break;
55
+ case 0xfc8: /* ERRDEVID */
56
+ /* Minimal RAS: we implement 0 error record indexes */
57
+ *data = 0;
58
+ break;
59
+ default:
60
+ qemu_log_mask(LOG_UNIMP, "Read RAS register offset 0x%x\n",
61
+ (uint32_t)addr);
62
+ *data = 0;
63
+ break;
64
+ }
65
+ return MEMTX_OK;
66
+}
92
+}
67
+
93
+
68
+static MemTxResult ras_write(void *opaque, hwaddr addr,
94
+static const TypeInfo allwinner_i2c_sun6i_type_info = {
69
+ uint64_t value, unsigned size,
95
+ .name = TYPE_AW_I2C_SUN6I,
70
+ MemTxAttrs attrs)
96
+ .parent = TYPE_SYS_BUS_DEVICE,
71
+{
97
+ .instance_size = sizeof(AWI2CState),
72
+ if (attrs.user) {
98
+ .instance_init = allwinner_i2c_sun6i_init,
73
+ return MEMTX_ERROR;
99
+ .class_init = allwinner_i2c_class_init,
74
+ }
75
+
76
+ switch (addr) {
77
+ default:
78
+ qemu_log_mask(LOG_UNIMP, "Write to RAS register offset 0x%x\n",
79
+ (uint32_t)addr);
80
+ break;
81
+ }
82
+ return MEMTX_OK;
83
+}
84
+
85
+static const MemoryRegionOps ras_ops = {
86
+ .read_with_attrs = ras_read,
87
+ .write_with_attrs = ras_write,
88
+ .endianness = DEVICE_NATIVE_ENDIAN,
89
+};
100
+};
90
+
101
+
91
/*
102
static void allwinner_i2c_register_types(void)
92
* Unassigned portions of the PPB space are RAZ/WI for privileged
103
{
93
* accesses, and fault for non-privileged accesses.
104
type_register_static(&allwinner_i2c_type_info);
94
@@ -XXX,XX +XXX,XX @@ static void armv7m_nvic_realize(DeviceState *dev, Error **errp)
105
+ type_register_static(&allwinner_i2c_sun6i_type_info);
95
&s->systick_ns_mem, 1);
96
}
97
98
+ if (cpu_isar_feature(aa32_ras, s->cpu)) {
99
+ memory_region_init_io(&s->ras_mem, OBJECT(s),
100
+ &ras_ops, s, "nvic_ras", 0x1000);
101
+ memory_region_add_subregion(&s->container, 0x5000, &s->ras_mem);
102
+ }
103
+
104
sysbus_init_mmio(SYS_BUS_DEVICE(dev), &s->container);
105
}
106
}
106
107
108
type_init(allwinner_i2c_register_types)
107
--
109
--
108
2.20.1
110
2.34.1
109
110
diff view generated by jsdifflib
[PULL 06/36] sbsa-ref: allow to use Cortex-A53/57/72 cpus
[PULL 21/21] hw: arm: allwinner-h3: Fix and complete H3 i2c devices
1
From: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
1
From: qianfan Zhao <qianfanguijin@163.com>
2
2
3
Trusted Firmware now supports A72 on sbsa-ref by default [1] so enable
3
Allwinner h3 has 4 twi(i2c) devices named twi0, twi1, twi2 and r_twi.
4
it for QEMU as well. A53 was already enabled there.
4
The registers are compatible with TYPE_AW_I2C_SUN6I, write 1 to clear
5
control register's INT_FLAG bit.
5
6
6
1. https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/7117
7
Signed-off-by: qianfan Zhao <qianfanguijin@163.com>
7
8
Reviewed-by: Strahinja Jankovic <strahinja.p.jankovic@gmail.com>
8
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
9
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
10
Message-id: 20201120141705.246690-1-marcin.juszkiewicz@linaro.org
11
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
9
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
---
11
---
14
hw/arm/sbsa-ref.c | 23 ++++++++++++++++++++---
12
include/hw/arm/allwinner-h3.h | 6 ++++++
15
1 file changed, 20 insertions(+), 3 deletions(-)
13
hw/arm/allwinner-h3.c | 29 +++++++++++++++++++++++++----
14
2 files changed, 31 insertions(+), 4 deletions(-)
16
15
17
diff --git a/hw/arm/sbsa-ref.c b/hw/arm/sbsa-ref.c
16
diff --git a/include/hw/arm/allwinner-h3.h b/include/hw/arm/allwinner-h3.h
18
index XXXXXXX..XXXXXXX 100644
17
index XXXXXXX..XXXXXXX 100644
19
--- a/hw/arm/sbsa-ref.c
18
--- a/include/hw/arm/allwinner-h3.h
20
+++ b/hw/arm/sbsa-ref.c
19
+++ b/include/hw/arm/allwinner-h3.h
21
@@ -XXX,XX +XXX,XX @@ static const int sbsa_ref_irqmap[] = {
20
@@ -XXX,XX +XXX,XX @@ enum {
22
[SBSA_GWDT] = 16,
21
AW_H3_DEV_UART3,
22
AW_H3_DEV_EMAC,
23
AW_H3_DEV_TWI0,
24
+ AW_H3_DEV_TWI1,
25
+ AW_H3_DEV_TWI2,
26
AW_H3_DEV_DRAMCOM,
27
AW_H3_DEV_DRAMCTL,
28
AW_H3_DEV_DRAMPHY,
29
@@ -XXX,XX +XXX,XX @@ enum {
30
AW_H3_DEV_GIC_VCPU,
31
AW_H3_DEV_RTC,
32
AW_H3_DEV_CPUCFG,
33
+ AW_H3_DEV_R_TWI,
34
AW_H3_DEV_SDRAM
23
};
35
};
24
36
25
+static const char * const valid_cpus[] = {
37
@@ -XXX,XX +XXX,XX @@ struct AwH3State {
26
+ ARM_CPU_TYPE_NAME("cortex-a53"),
38
AwSidState sid;
27
+ ARM_CPU_TYPE_NAME("cortex-a57"),
39
AwSdHostState mmc0;
28
+ ARM_CPU_TYPE_NAME("cortex-a72"),
40
AWI2CState i2c0;
29
+};
41
+ AWI2CState i2c1;
42
+ AWI2CState i2c2;
43
+ AWI2CState r_twi;
44
AwSun8iEmacState emac;
45
AwRtcState rtc;
46
GICState gic;
47
diff --git a/hw/arm/allwinner-h3.c b/hw/arm/allwinner-h3.c
48
index XXXXXXX..XXXXXXX 100644
49
--- a/hw/arm/allwinner-h3.c
50
+++ b/hw/arm/allwinner-h3.c
51
@@ -XXX,XX +XXX,XX @@ const hwaddr allwinner_h3_memmap[] = {
52
[AW_H3_DEV_UART2] = 0x01c28800,
53
[AW_H3_DEV_UART3] = 0x01c28c00,
54
[AW_H3_DEV_TWI0] = 0x01c2ac00,
55
+ [AW_H3_DEV_TWI1] = 0x01c2b000,
56
+ [AW_H3_DEV_TWI2] = 0x01c2b400,
57
[AW_H3_DEV_EMAC] = 0x01c30000,
58
[AW_H3_DEV_DRAMCOM] = 0x01c62000,
59
[AW_H3_DEV_DRAMCTL] = 0x01c63000,
60
@@ -XXX,XX +XXX,XX @@ const hwaddr allwinner_h3_memmap[] = {
61
[AW_H3_DEV_GIC_VCPU] = 0x01c86000,
62
[AW_H3_DEV_RTC] = 0x01f00000,
63
[AW_H3_DEV_CPUCFG] = 0x01f01c00,
64
+ [AW_H3_DEV_R_TWI] = 0x01f02400,
65
[AW_H3_DEV_SDRAM] = 0x40000000
66
};
67
68
@@ -XXX,XX +XXX,XX @@ struct AwH3Unimplemented {
69
{ "uart1", 0x01c28400, 1 * KiB },
70
{ "uart2", 0x01c28800, 1 * KiB },
71
{ "uart3", 0x01c28c00, 1 * KiB },
72
- { "twi1", 0x01c2b000, 1 * KiB },
73
- { "twi2", 0x01c2b400, 1 * KiB },
74
{ "scr", 0x01c2c400, 1 * KiB },
75
{ "gpu", 0x01c40000, 64 * KiB },
76
{ "hstmr", 0x01c60000, 4 * KiB },
77
@@ -XXX,XX +XXX,XX @@ struct AwH3Unimplemented {
78
{ "r_prcm", 0x01f01400, 1 * KiB },
79
{ "r_twd", 0x01f01800, 1 * KiB },
80
{ "r_cir-rx", 0x01f02000, 1 * KiB },
81
- { "r_twi", 0x01f02400, 1 * KiB },
82
{ "r_uart", 0x01f02800, 1 * KiB },
83
{ "r_pio", 0x01f02c00, 1 * KiB },
84
{ "r_pwm", 0x01f03800, 1 * KiB },
85
@@ -XXX,XX +XXX,XX @@ enum {
86
AW_H3_GIC_SPI_UART2 = 2,
87
AW_H3_GIC_SPI_UART3 = 3,
88
AW_H3_GIC_SPI_TWI0 = 6,
89
+ AW_H3_GIC_SPI_TWI1 = 7,
90
+ AW_H3_GIC_SPI_TWI2 = 8,
91
AW_H3_GIC_SPI_TIMER0 = 18,
92
AW_H3_GIC_SPI_TIMER1 = 19,
93
+ AW_H3_GIC_SPI_R_TWI = 44,
94
AW_H3_GIC_SPI_MMC0 = 60,
95
AW_H3_GIC_SPI_EHCI0 = 72,
96
AW_H3_GIC_SPI_OHCI0 = 73,
97
@@ -XXX,XX +XXX,XX @@ static void allwinner_h3_init(Object *obj)
98
99
object_initialize_child(obj, "rtc", &s->rtc, TYPE_AW_RTC_SUN6I);
100
101
- object_initialize_child(obj, "twi0", &s->i2c0, TYPE_AW_I2C);
102
+ object_initialize_child(obj, "twi0", &s->i2c0, TYPE_AW_I2C_SUN6I);
103
+ object_initialize_child(obj, "twi1", &s->i2c1, TYPE_AW_I2C_SUN6I);
104
+ object_initialize_child(obj, "twi2", &s->i2c2, TYPE_AW_I2C_SUN6I);
105
+ object_initialize_child(obj, "r_twi", &s->r_twi, TYPE_AW_I2C_SUN6I);
106
}
107
108
static void allwinner_h3_realize(DeviceState *dev, Error **errp)
109
@@ -XXX,XX +XXX,XX @@ static void allwinner_h3_realize(DeviceState *dev, Error **errp)
110
sysbus_connect_irq(SYS_BUS_DEVICE(&s->i2c0), 0,
111
qdev_get_gpio_in(DEVICE(&s->gic), AW_H3_GIC_SPI_TWI0));
112
113
+ sysbus_realize(SYS_BUS_DEVICE(&s->i2c1), &error_fatal);
114
+ sysbus_mmio_map(SYS_BUS_DEVICE(&s->i2c1), 0, s->memmap[AW_H3_DEV_TWI1]);
115
+ sysbus_connect_irq(SYS_BUS_DEVICE(&s->i2c1), 0,
116
+ qdev_get_gpio_in(DEVICE(&s->gic), AW_H3_GIC_SPI_TWI1));
30
+
117
+
31
+static bool cpu_type_valid(const char *cpu)
118
+ sysbus_realize(SYS_BUS_DEVICE(&s->i2c2), &error_fatal);
32
+{
119
+ sysbus_mmio_map(SYS_BUS_DEVICE(&s->i2c2), 0, s->memmap[AW_H3_DEV_TWI2]);
33
+ int i;
120
+ sysbus_connect_irq(SYS_BUS_DEVICE(&s->i2c2), 0,
121
+ qdev_get_gpio_in(DEVICE(&s->gic), AW_H3_GIC_SPI_TWI2));
34
+
122
+
35
+ for (i = 0; i < ARRAY_SIZE(valid_cpus); i++) {
123
+ sysbus_realize(SYS_BUS_DEVICE(&s->r_twi), &error_fatal);
36
+ if (strcmp(cpu, valid_cpus[i]) == 0) {
124
+ sysbus_mmio_map(SYS_BUS_DEVICE(&s->r_twi), 0, s->memmap[AW_H3_DEV_R_TWI]);
37
+ return true;
125
+ sysbus_connect_irq(SYS_BUS_DEVICE(&s->r_twi), 0,
38
+ }
126
+ qdev_get_gpio_in(DEVICE(&s->gic), AW_H3_GIC_SPI_R_TWI));
39
+ }
40
+ return false;
41
+}
42
+
127
+
43
static uint64_t sbsa_ref_cpu_mp_affinity(SBSAMachineState *sms, int idx)
128
/* Unimplemented devices */
44
{
129
for (i = 0; i < ARRAY_SIZE(unimplemented); i++) {
45
uint8_t clustersz = ARM_DEFAULT_CPUS_PER_CLUSTER;
130
create_unimplemented_device(unimplemented[i].device_name,
46
@@ -XXX,XX +XXX,XX @@ static void sbsa_ref_init(MachineState *machine)
47
const CPUArchIdList *possible_cpus;
48
int n, sbsa_max_cpus;
49
50
- if (strcmp(machine->cpu_type, ARM_CPU_TYPE_NAME("cortex-a57"))) {
51
- error_report("sbsa-ref: CPU type other than the built-in "
52
- "cortex-a57 not supported");
53
+ if (!cpu_type_valid(machine->cpu_type)) {
54
+ error_report("mach-virt: CPU type %s not supported", machine->cpu_type);
55
exit(1);
56
}
57
58
--
131
--
59
2.20.1
132
2.34.1
60
61
diff view generated by jsdifflib
[PULL 10/36] i.MX6: Fix bad printf format specifiers
Deleted patch
1
From: Alex Chen <alex.chen@huawei.com>
2
1
3
We should use printf format specifier "%u" instead of "%d" for
4
argument of type "unsigned int".
5
6
Reported-by: Euler Robot <euler.robot@huawei.com>
7
Signed-off-by: Alex Chen <alex.chen@huawei.com>
8
Message-id: 20201126111109.112238-4-alex.chen@huawei.com
9
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
12
hw/misc/imx6_ccm.c | 20 ++++++++++----------
13
hw/misc/imx6_src.c | 2 +-
14
2 files changed, 11 insertions(+), 11 deletions(-)
15
16
diff --git a/hw/misc/imx6_ccm.c b/hw/misc/imx6_ccm.c
17
index XXXXXXX..XXXXXXX 100644
18
--- a/hw/misc/imx6_ccm.c
19
+++ b/hw/misc/imx6_ccm.c
20
@@ -XXX,XX +XXX,XX @@ static const char *imx6_ccm_reg_name(uint32_t reg)
21
case CCM_CMEOR:
22
return "CMEOR";
23
default:
24
- sprintf(unknown, "%d ?", reg);
25
+ sprintf(unknown, "%u ?", reg);
26
return unknown;
27
}
28
}
29
@@ -XXX,XX +XXX,XX @@ static const char *imx6_analog_reg_name(uint32_t reg)
30
case USB_ANALOG_DIGPROG:
31
return "USB_ANALOG_DIGPROG";
32
default:
33
- sprintf(unknown, "%d ?", reg);
34
+ sprintf(unknown, "%u ?", reg);
35
return unknown;
36
}
37
}
38
@@ -XXX,XX +XXX,XX @@ static uint64_t imx6_analog_get_pll2_clk(IMX6CCMState *dev)
39
freq *= 20;
40
}
41
42
- DPRINTF("freq = %d\n", (uint32_t)freq);
43
+ DPRINTF("freq = %u\n", (uint32_t)freq);
44
45
return freq;
46
}
47
@@ -XXX,XX +XXX,XX @@ static uint64_t imx6_analog_get_pll2_pfd0_clk(IMX6CCMState *dev)
48
freq = imx6_analog_get_pll2_clk(dev) * 18
49
/ EXTRACT(dev->analog[CCM_ANALOG_PFD_528], PFD0_FRAC);
50
51
- DPRINTF("freq = %d\n", (uint32_t)freq);
52
+ DPRINTF("freq = %u\n", (uint32_t)freq);
53
54
return freq;
55
}
56
@@ -XXX,XX +XXX,XX @@ static uint64_t imx6_analog_get_pll2_pfd2_clk(IMX6CCMState *dev)
57
freq = imx6_analog_get_pll2_clk(dev) * 18
58
/ EXTRACT(dev->analog[CCM_ANALOG_PFD_528], PFD2_FRAC);
59
60
- DPRINTF("freq = %d\n", (uint32_t)freq);
61
+ DPRINTF("freq = %u\n", (uint32_t)freq);
62
63
return freq;
64
}
65
@@ -XXX,XX +XXX,XX @@ static uint64_t imx6_analog_get_periph_clk(IMX6CCMState *dev)
66
break;
67
}
68
69
- DPRINTF("freq = %d\n", (uint32_t)freq);
70
+ DPRINTF("freq = %u\n", (uint32_t)freq);
71
72
return freq;
73
}
74
@@ -XXX,XX +XXX,XX @@ static uint64_t imx6_ccm_get_ahb_clk(IMX6CCMState *dev)
75
freq = imx6_analog_get_periph_clk(dev)
76
/ (1 + EXTRACT(dev->ccm[CCM_CBCDR], AHB_PODF));
77
78
- DPRINTF("freq = %d\n", (uint32_t)freq);
79
+ DPRINTF("freq = %u\n", (uint32_t)freq);
80
81
return freq;
82
}
83
@@ -XXX,XX +XXX,XX @@ static uint64_t imx6_ccm_get_ipg_clk(IMX6CCMState *dev)
84
freq = imx6_ccm_get_ahb_clk(dev)
85
/ (1 + EXTRACT(dev->ccm[CCM_CBCDR], IPG_PODF));
86
87
- DPRINTF("freq = %d\n", (uint32_t)freq);
88
+ DPRINTF("freq = %u\n", (uint32_t)freq);
89
90
return freq;
91
}
92
@@ -XXX,XX +XXX,XX @@ static uint64_t imx6_ccm_get_per_clk(IMX6CCMState *dev)
93
freq = imx6_ccm_get_ipg_clk(dev)
94
/ (1 + EXTRACT(dev->ccm[CCM_CSCMR1], PERCLK_PODF));
95
96
- DPRINTF("freq = %d\n", (uint32_t)freq);
97
+ DPRINTF("freq = %u\n", (uint32_t)freq);
98
99
return freq;
100
}
101
@@ -XXX,XX +XXX,XX @@ static uint32_t imx6_ccm_get_clock_frequency(IMXCCMState *dev, IMXClk clock)
102
break;
103
}
104
105
- DPRINTF("Clock = %d) = %d\n", clock, freq);
106
+ DPRINTF("Clock = %d) = %u\n", clock, freq);
107
108
return freq;
109
}
110
diff --git a/hw/misc/imx6_src.c b/hw/misc/imx6_src.c
111
index XXXXXXX..XXXXXXX 100644
112
--- a/hw/misc/imx6_src.c
113
+++ b/hw/misc/imx6_src.c
114
@@ -XXX,XX +XXX,XX @@ static const char *imx6_src_reg_name(uint32_t reg)
115
case SRC_GPR10:
116
return "SRC_GPR10";
117
default:
118
- sprintf(unknown, "%d ?", reg);
119
+ sprintf(unknown, "%u ?", reg);
120
return unknown;
121
}
122
}
123
--
124
2.20.1
125
126
diff view generated by jsdifflib
[PULL 11/36] i.MX6ul: Fix bad printf format specifiers
Deleted patch
1
From: Alex Chen <alex.chen@huawei.com>
2
1
3
We should use printf format specifier "%u" instead of "%d" for
4
argument of type "unsigned int".
5
6
Reported-by: Euler Robot <euler.robot@huawei.com>
7
Signed-off-by: Alex Chen <alex.chen@huawei.com>
8
Message-id: 20201126111109.112238-5-alex.chen@huawei.com
9
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
12
hw/misc/imx6ul_ccm.c | 4 ++--
13
1 file changed, 2 insertions(+), 2 deletions(-)
14
15
diff --git a/hw/misc/imx6ul_ccm.c b/hw/misc/imx6ul_ccm.c
16
index XXXXXXX..XXXXXXX 100644
17
--- a/hw/misc/imx6ul_ccm.c
18
+++ b/hw/misc/imx6ul_ccm.c
19
@@ -XXX,XX +XXX,XX @@ static const char *imx6ul_ccm_reg_name(uint32_t reg)
20
case CCM_CMEOR:
21
return "CMEOR";
22
default:
23
- sprintf(unknown, "%d ?", reg);
24
+ sprintf(unknown, "%u ?", reg);
25
return unknown;
26
}
27
}
28
@@ -XXX,XX +XXX,XX @@ static const char *imx6ul_analog_reg_name(uint32_t reg)
29
case USB_ANALOG_DIGPROG:
30
return "USB_ANALOG_DIGPROG";
31
default:
32
- sprintf(unknown, "%d ?", reg);
33
+ sprintf(unknown, "%u ?", reg);
34
return unknown;
35
}
36
}
37
--
38
2.20.1
39
40
diff view generated by jsdifflib
[PULL 12/36] hw/intc/armv7m_nvic: Make all of system PPB range be RAZWI/BusFault
Deleted patch
1
For M-profile CPUs, the range from 0xe0000000 to 0xe00fffff is the
2
Private Peripheral Bus range, which includes all of the memory mapped
3
devices and registers that are part of the CPU itself, including the
4
NVIC, systick timer, and debug and trace components like the Data
5
Watchpoint and Trace unit (DWT). Within this large region, the range
6
0xe000e000 to 0xe000efff is the System Control Space (NVIC, system
7
registers, systick) and 0xe002e000 to 0exe002efff is its Non-secure
8
alias.
9
1
10
The architecture is clear that within the SCS unimplemented registers
11
should be RES0 for privileged accesses and generate BusFault for
12
unprivileged accesses, and we currently implement this.
13
14
It is less clear about how to handle accesses to unimplemented
15
regions of the wider PPB. Unprivileged accesses should definitely
16
cause BusFaults (R_DQQS), but the behaviour of privileged accesses is
17
not given as a general rule. However, the register definitions of
18
individual registers for components like the DWT all state that they
19
are RES0 if the relevant component is not implemented, so the
20
simplest way to provide that is to provide RAZ/WI for the whole range
21
for privileged accesses. (The v7M Arm ARM does say that reserved
22
registers should be UNK/SBZP.)
23
24
Expand the container MemoryRegion that the NVIC exposes so that
25
it covers the whole PPB space. This means:
26
* moving the address that the ARMV7M device maps it to down by
27
0xe000 bytes
28
* moving the off and the offsets within the container of all the
29
subregions forward by 0xe000 bytes
30
* adding a new default MemoryRegion that covers the whole container
31
at a lower priority than anything else and which provides the
32
RAZWI/BusFault behaviour
33
34
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
35
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
36
Message-id: 20201119215617.29887-2-peter.maydell@linaro.org
37
---
38
include/hw/intc/armv7m_nvic.h | 1 +
39
hw/arm/armv7m.c | 2 +-
40
hw/intc/armv7m_nvic.c | 78 ++++++++++++++++++++++++++++++-----
41
3 files changed, 69 insertions(+), 12 deletions(-)
42
43
diff --git a/include/hw/intc/armv7m_nvic.h b/include/hw/intc/armv7m_nvic.h
44
index XXXXXXX..XXXXXXX 100644
45
--- a/include/hw/intc/armv7m_nvic.h
46
+++ b/include/hw/intc/armv7m_nvic.h
47
@@ -XXX,XX +XXX,XX @@ struct NVICState {
48
MemoryRegion systickmem;
49
MemoryRegion systick_ns_mem;
50
MemoryRegion container;
51
+ MemoryRegion defaultmem;
52
53
uint32_t num_irq;
54
qemu_irq excpout;
55
diff --git a/hw/arm/armv7m.c b/hw/arm/armv7m.c
56
index XXXXXXX..XXXXXXX 100644
57
--- a/hw/arm/armv7m.c
58
+++ b/hw/arm/armv7m.c
59
@@ -XXX,XX +XXX,XX @@ static void armv7m_realize(DeviceState *dev, Error **errp)
60
sysbus_connect_irq(sbd, 0,
61
qdev_get_gpio_in(DEVICE(s->cpu), ARM_CPU_IRQ));
62
63
- memory_region_add_subregion(&s->container, 0xe000e000,
64
+ memory_region_add_subregion(&s->container, 0xe0000000,
65
sysbus_mmio_get_region(sbd, 0));
66
67
for (i = 0; i < ARRAY_SIZE(s->bitband); i++) {
68
diff --git a/hw/intc/armv7m_nvic.c b/hw/intc/armv7m_nvic.c
69
index XXXXXXX..XXXXXXX 100644
70
--- a/hw/intc/armv7m_nvic.c
71
+++ b/hw/intc/armv7m_nvic.c
72
@@ -XXX,XX +XXX,XX @@ static const MemoryRegionOps nvic_systick_ops = {
73
.endianness = DEVICE_NATIVE_ENDIAN,
74
};
75
76
+/*
77
+ * Unassigned portions of the PPB space are RAZ/WI for privileged
78
+ * accesses, and fault for non-privileged accesses.
79
+ */
80
+static MemTxResult ppb_default_read(void *opaque, hwaddr addr,
81
+ uint64_t *data, unsigned size,
82
+ MemTxAttrs attrs)
83
+{
84
+ qemu_log_mask(LOG_UNIMP, "Read of unassigned area of PPB: offset 0x%x\n",
85
+ (uint32_t)addr);
86
+ if (attrs.user) {
87
+ return MEMTX_ERROR;
88
+ }
89
+ *data = 0;
90
+ return MEMTX_OK;
91
+}
92
+
93
+static MemTxResult ppb_default_write(void *opaque, hwaddr addr,
94
+ uint64_t value, unsigned size,
95
+ MemTxAttrs attrs)
96
+{
97
+ qemu_log_mask(LOG_UNIMP, "Write of unassigned area of PPB: offset 0x%x\n",
98
+ (uint32_t)addr);
99
+ if (attrs.user) {
100
+ return MEMTX_ERROR;
101
+ }
102
+ return MEMTX_OK;
103
+}
104
+
105
+static const MemoryRegionOps ppb_default_ops = {
106
+ .read_with_attrs = ppb_default_read,
107
+ .write_with_attrs = ppb_default_write,
108
+ .endianness = DEVICE_NATIVE_ENDIAN,
109
+ .valid.min_access_size = 1,
110
+ .valid.max_access_size = 8,
111
+};
112
+
113
static int nvic_post_load(void *opaque, int version_id)
114
{
115
NVICState *s = opaque;
116
@@ -XXX,XX +XXX,XX @@ static void nvic_systick_trigger(void *opaque, int n, int level)
117
static void armv7m_nvic_realize(DeviceState *dev, Error **errp)
118
{
119
NVICState *s = NVIC(dev);
120
- int regionlen;
121
122
/* The armv7m container object will have set our CPU pointer */
123
if (!s->cpu || !arm_feature(&s->cpu->env, ARM_FEATURE_M)) {
124
@@ -XXX,XX +XXX,XX @@ static void armv7m_nvic_realize(DeviceState *dev, Error **errp)
125
M_REG_S));
126
}
127
128
- /* The NVIC and System Control Space (SCS) starts at 0xe000e000
129
+ /*
130
+ * This device provides a single sysbus memory region which
131
+ * represents the whole of the "System PPB" space. This is the
132
+ * range from 0xe0000000 to 0xe00fffff and includes the NVIC,
133
+ * the System Control Space (system registers), the systick timer,
134
+ * and for CPUs with the Security extension an NS banked version
135
+ * of all of these.
136
+ *
137
+ * The default behaviour for unimplemented registers/ranges
138
+ * (for instance the Data Watchpoint and Trace unit at 0xe0001000)
139
+ * is to RAZ/WI for privileged access and BusFault for non-privileged
140
+ * access.
141
+ *
142
+ * The NVIC and System Control Space (SCS) starts at 0xe000e000
143
* and looks like this:
144
* 0x004 - ICTR
145
* 0x010 - 0xff - systick
146
@@ -XXX,XX +XXX,XX @@ static void armv7m_nvic_realize(DeviceState *dev, Error **errp)
147
* generally code determining which banked register to use should
148
* use attrs.secure; code determining actual behaviour of the system
149
* should use env->v7m.secure.
150
+ *
151
+ * The container covers the whole PPB space. Within it the priority
152
+ * of overlapping regions is:
153
+ * - default region (for RAZ/WI and BusFault) : -1
154
+ * - system register regions : 0
155
+ * - systick : 1
156
+ * This is because the systick device is a small block of registers
157
+ * in the middle of the other system control registers.
158
*/
159
- regionlen = arm_feature(&s->cpu->env, ARM_FEATURE_V8) ? 0x21000 : 0x1000;
160
- memory_region_init(&s->container, OBJECT(s), "nvic", regionlen);
161
- /* The system register region goes at the bottom of the priority
162
- * stack as it covers the whole page.
163
- */
164
+ memory_region_init(&s->container, OBJECT(s), "nvic", 0x100000);
165
+ memory_region_init_io(&s->defaultmem, OBJECT(s), &ppb_default_ops, s,
166
+ "nvic-default", 0x100000);
167
+ memory_region_add_subregion_overlap(&s->container, 0, &s->defaultmem, -1);
168
memory_region_init_io(&s->sysregmem, OBJECT(s), &nvic_sysreg_ops, s,
169
"nvic_sysregs", 0x1000);
170
- memory_region_add_subregion(&s->container, 0, &s->sysregmem);
171
+ memory_region_add_subregion(&s->container, 0xe000, &s->sysregmem);
172
173
memory_region_init_io(&s->systickmem, OBJECT(s),
174
&nvic_systick_ops, s,
175
"nvic_systick", 0xe0);
176
177
- memory_region_add_subregion_overlap(&s->container, 0x10,
178
+ memory_region_add_subregion_overlap(&s->container, 0xe010,
179
&s->systickmem, 1);
180
181
if (arm_feature(&s->cpu->env, ARM_FEATURE_V8)) {
182
memory_region_init_io(&s->sysreg_ns_mem, OBJECT(s),
183
&nvic_sysreg_ns_ops, &s->sysregmem,
184
"nvic_sysregs_ns", 0x1000);
185
- memory_region_add_subregion(&s->container, 0x20000, &s->sysreg_ns_mem);
186
+ memory_region_add_subregion(&s->container, 0x2e000, &s->sysreg_ns_mem);
187
memory_region_init_io(&s->systick_ns_mem, OBJECT(s),
188
&nvic_sysreg_ns_ops, &s->systickmem,
189
"nvic_systick_ns", 0xe0);
190
- memory_region_add_subregion_overlap(&s->container, 0x20010,
191
+ memory_region_add_subregion_overlap(&s->container, 0x2e010,
192
&s->systick_ns_mem, 1);
193
}
194
195
--
196
2.20.1
197
198
diff view generated by jsdifflib
[PULL 14/36] target/arm: Don't clobber ID_PFR1.Security on M-profile cores
Deleted patch
1
In arm_cpu_realizefn() we check whether the board code disabled EL3
2
via the has_el3 CPU object property, which we create if the CPU
3
starts with the ARM_FEATURE_EL3 feature bit. If it is disabled, then
4
we turn off ARM_FEATURE_EL3 and also zero out the relevant fields in
5
the ID_PFR1 and ID_AA64PFR0 registers.
6
1
7
This codepath was incorrectly being taken for M-profile CPUs, which
8
do not have an EL3 and don't set ARM_FEATURE_EL3, but which may have
9
the M-profile Security extension and so should have non-zero values
10
in the ID_PFR1.Security field.
11
12
Restrict the handling of the feature flag to A/R-profile cores.
13
14
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
16
Message-id: 20201119215617.29887-4-peter.maydell@linaro.org
17
---
18
target/arm/cpu.c | 2 +-
19
1 file changed, 1 insertion(+), 1 deletion(-)
20
21
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
22
index XXXXXXX..XXXXXXX 100644
23
--- a/target/arm/cpu.c
24
+++ b/target/arm/cpu.c
25
@@ -XXX,XX +XXX,XX @@ static void arm_cpu_realizefn(DeviceState *dev, Error **errp)
26
}
27
}
28
29
- if (!cpu->has_el3) {
30
+ if (!arm_feature(env, ARM_FEATURE_M) && !cpu->has_el3) {
31
/* If the has_el3 CPU property is disabled then we need to disable the
32
* feature.
33
*/
34
--
35
2.20.1
36
37
diff view generated by jsdifflib
[PULL 16/36] target/arm: Implement CLRM instruction
Deleted patch
1
In v8.1M the new CLRM instruction allows zeroing an arbitrary set of
2
the general-purpose registers and APSR. Implement this.
3
1
4
The encoding is a subset of the LDMIA T2 encoding, using what would
5
be Rn=0b1111 (which UNDEFs for LDMIA).
6
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
9
Message-id: 20201119215617.29887-6-peter.maydell@linaro.org
10
---
11
target/arm/t32.decode | 6 +++++-
12
target/arm/translate.c | 38 ++++++++++++++++++++++++++++++++++++++
13
2 files changed, 43 insertions(+), 1 deletion(-)
14
15
diff --git a/target/arm/t32.decode b/target/arm/t32.decode
16
index XXXXXXX..XXXXXXX 100644
17
--- a/target/arm/t32.decode
18
+++ b/target/arm/t32.decode
19
@@ -XXX,XX +XXX,XX @@ UXTAB 1111 1010 0101 .... 1111 .... 10.. .... @rrr_rot
20
21
STM_t32 1110 1000 10.0 .... ................ @ldstm i=1 b=0
22
STM_t32 1110 1001 00.0 .... ................ @ldstm i=0 b=1
23
-LDM_t32 1110 1000 10.1 .... ................ @ldstm i=1 b=0
24
+{
25
+ # Rn=15 UNDEFs for LDM; M-profile CLRM uses that encoding
26
+ CLRM 1110 1000 1001 1111 list:16
27
+ LDM_t32 1110 1000 10.1 .... ................ @ldstm i=1 b=0
28
+}
29
LDM_t32 1110 1001 00.1 .... ................ @ldstm i=0 b=1
30
31
&rfe !extern rn w pu
32
diff --git a/target/arm/translate.c b/target/arm/translate.c
33
index XXXXXXX..XXXXXXX 100644
34
--- a/target/arm/translate.c
35
+++ b/target/arm/translate.c
36
@@ -XXX,XX +XXX,XX @@ static bool trans_LDM_t16(DisasContext *s, arg_ldst_block *a)
37
return do_ldm(s, a, 1);
38
}
39
40
+static bool trans_CLRM(DisasContext *s, arg_CLRM *a)
41
+{
42
+ int i;
43
+ TCGv_i32 zero;
44
+
45
+ if (!dc_isar_feature(aa32_m_sec_state, s)) {
46
+ return false;
47
+ }
48
+
49
+ if (extract32(a->list, 13, 1)) {
50
+ return false;
51
+ }
52
+
53
+ if (!a->list) {
54
+ /* UNPREDICTABLE; we choose to UNDEF */
55
+ return false;
56
+ }
57
+
58
+ zero = tcg_const_i32(0);
59
+ for (i = 0; i < 15; i++) {
60
+ if (extract32(a->list, i, 1)) {
61
+ /* Clear R[i] */
62
+ tcg_gen_mov_i32(cpu_R[i], zero);
63
+ }
64
+ }
65
+ if (extract32(a->list, 15, 1)) {
66
+ /*
67
+ * Clear APSR (by calling the MSR helper with the same argument
68
+ * as for "MSR APSR_nzcvqg, Rn": mask = 0b1100, SYSM=0)
69
+ */
70
+ TCGv_i32 maskreg = tcg_const_i32(0xc << 8);
71
+ gen_helper_v7m_msr(cpu_env, maskreg, zero);
72
+ tcg_temp_free_i32(maskreg);
73
+ }
74
+ tcg_temp_free_i32(zero);
75
+ return true;
76
+}
77
+
78
/*
79
* Branch, branch with link
80
*/
81
--
82
2.20.1
83
84
diff view generated by jsdifflib
[PULL 17/36] target/arm: Enforce M-profile VMRS/VMSR register restrictions
Deleted patch
1
For M-profile before v8.1M, the only valid register for VMSR/VMRS is
2
the FPSCR. We have a comment that states this, but the actual logic
3
to forbid accesses for any other register value is missing, so we
4
would end up with A-profile style behaviour. Add the missing check.
5
1
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20201119215617.29887-7-peter.maydell@linaro.org
9
---
10
target/arm/translate-vfp.c.inc | 5 ++++-
11
1 file changed, 4 insertions(+), 1 deletion(-)
12
13
diff --git a/target/arm/translate-vfp.c.inc b/target/arm/translate-vfp.c.inc
14
index XXXXXXX..XXXXXXX 100644
15
--- a/target/arm/translate-vfp.c.inc
16
+++ b/target/arm/translate-vfp.c.inc
17
@@ -XXX,XX +XXX,XX @@ static bool trans_VMSR_VMRS(DisasContext *s, arg_VMSR_VMRS *a)
18
* Accesses to R15 are UNPREDICTABLE; we choose to undef.
19
* (FPSCR -> r15 is a special case which writes to the PSR flags.)
20
*/
21
- if (a->rt == 15 && (!a->l || a->reg != ARM_VFP_FPSCR)) {
22
+ if (a->reg != ARM_VFP_FPSCR) {
23
+ return false;
24
+ }
25
+ if (a->rt == 15 && !a->l) {
26
return false;
27
}
28
}
29
--
30
2.20.1
31
32
diff view generated by jsdifflib
[PULL 21/36] target/arm: Implement M-profile FPSCR_nzcvqc
Deleted patch
1
v8.1M defines a new FP system register FPSCR_nzcvqc; this behaves
2
like the existing FPSCR, except that it reads and writes only bits
3
[31:27] of the FPSCR (the N, Z, C, V and QC flag bits). (Unlike the
4
FPSCR, the special case for Rt=15 of writing the CPSR.NZCV is not
5
permitted.)
6
1
7
Implement the register. Since we don't yet implement MVE, we handle
8
the QC bit as RES0, with todo comments for where we will need to add
9
support later.
10
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
13
Message-id: 20201119215617.29887-11-peter.maydell@linaro.org
14
---
15
target/arm/cpu.h | 13 +++++++++++++
16
target/arm/translate-vfp.c.inc | 27 +++++++++++++++++++++++++++
17
2 files changed, 40 insertions(+)
18
19
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
20
index XXXXXXX..XXXXXXX 100644
21
--- a/target/arm/cpu.h
22
+++ b/target/arm/cpu.h
23
@@ -XXX,XX +XXX,XX @@ void vfp_set_fpscr(CPUARMState *env, uint32_t val);
24
#define FPCR_FZ (1 << 24) /* Flush-to-zero enable bit */
25
#define FPCR_DN (1 << 25) /* Default NaN enable bit */
26
#define FPCR_QC (1 << 27) /* Cumulative saturation bit */
27
+#define FPCR_V (1 << 28) /* FP overflow flag */
28
+#define FPCR_C (1 << 29) /* FP carry flag */
29
+#define FPCR_Z (1 << 30) /* FP zero flag */
30
+#define FPCR_N (1 << 31) /* FP negative flag */
31
+
32
+#define FPCR_NZCV_MASK (FPCR_N | FPCR_Z | FPCR_C | FPCR_V)
33
+#define FPCR_NZCVQC_MASK (FPCR_NZCV_MASK | FPCR_QC)
34
35
static inline uint32_t vfp_get_fpsr(CPUARMState *env)
36
{
37
@@ -XXX,XX +XXX,XX @@ enum arm_cpu_mode {
38
#define ARM_VFP_FPEXC 8
39
#define ARM_VFP_FPINST 9
40
#define ARM_VFP_FPINST2 10
41
+/* These ones are M-profile only */
42
+#define ARM_VFP_FPSCR_NZCVQC 2
43
+#define ARM_VFP_VPR 12
44
+#define ARM_VFP_P0 13
45
+#define ARM_VFP_FPCXT_NS 14
46
+#define ARM_VFP_FPCXT_S 15
47
48
/* QEMU-internal value meaning "FPSCR, but we care only about NZCV" */
49
#define QEMU_VFP_FPSCR_NZCV 0xffff
50
diff --git a/target/arm/translate-vfp.c.inc b/target/arm/translate-vfp.c.inc
51
index XXXXXXX..XXXXXXX 100644
52
--- a/target/arm/translate-vfp.c.inc
53
+++ b/target/arm/translate-vfp.c.inc
54
@@ -XXX,XX +XXX,XX @@ static FPSysRegCheckResult fp_sysreg_checks(DisasContext *s, int regno)
55
case ARM_VFP_FPSCR:
56
case QEMU_VFP_FPSCR_NZCV:
57
break;
58
+ case ARM_VFP_FPSCR_NZCVQC:
59
+ if (!arm_dc_feature(s, ARM_FEATURE_V8_1M)) {
60
+ return false;
61
+ }
62
+ break;
63
default:
64
return FPSysRegCheckFailed;
65
}
66
@@ -XXX,XX +XXX,XX @@ static bool gen_M_fp_sysreg_write(DisasContext *s, int regno,
67
tcg_temp_free_i32(tmp);
68
gen_lookup_tb(s);
69
break;
70
+ case ARM_VFP_FPSCR_NZCVQC:
71
+ {
72
+ TCGv_i32 fpscr;
73
+ tmp = loadfn(s, opaque);
74
+ /*
75
+ * TODO: when we implement MVE, write the QC bit.
76
+ * For non-MVE, QC is RES0.
77
+ */
78
+ tcg_gen_andi_i32(tmp, tmp, FPCR_NZCV_MASK);
79
+ fpscr = load_cpu_field(vfp.xregs[ARM_VFP_FPSCR]);
80
+ tcg_gen_andi_i32(fpscr, fpscr, ~FPCR_NZCV_MASK);
81
+ tcg_gen_or_i32(fpscr, fpscr, tmp);
82
+ store_cpu_field(fpscr, vfp.xregs[ARM_VFP_FPSCR]);
83
+ tcg_temp_free_i32(tmp);
84
+ break;
85
+ }
86
default:
87
g_assert_not_reached();
88
}
89
@@ -XXX,XX +XXX,XX @@ static bool gen_M_fp_sysreg_read(DisasContext *s, int regno,
90
gen_helper_vfp_get_fpscr(tmp, cpu_env);
91
storefn(s, opaque, tmp);
92
break;
93
+ case ARM_VFP_FPSCR_NZCVQC:
94
+ /*
95
+ * TODO: MVE has a QC bit, which we probably won't store
96
+ * in the xregs[] field. For non-MVE, where QC is RES0,
97
+ * we can just fall through to the FPSCR_NZCV case.
98
+ */
99
case QEMU_VFP_FPSCR_NZCV:
100
/*
101
* Read just NZCV; this is a special case to avoid the
102
--
103
2.20.1
104
105
diff view generated by jsdifflib
[PULL 22/36] target/arm: Use new FPCR_NZCV_MASK constant
Deleted patch
1
We defined a constant name for the mask of NZCV bits in the FPCR/FPSCR
2
in the previous commit; use it in a couple of places in existing code,
3
where we're masking out everything except NZCV for the "load to Rt=15
4
sets CPSR.NZCV" special case.
5
1
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20201119215617.29887-12-peter.maydell@linaro.org
9
---
10
target/arm/translate-vfp.c.inc | 4 ++--
11
1 file changed, 2 insertions(+), 2 deletions(-)
12
13
diff --git a/target/arm/translate-vfp.c.inc b/target/arm/translate-vfp.c.inc
14
index XXXXXXX..XXXXXXX 100644
15
--- a/target/arm/translate-vfp.c.inc
16
+++ b/target/arm/translate-vfp.c.inc
17
@@ -XXX,XX +XXX,XX @@ static bool gen_M_fp_sysreg_read(DisasContext *s, int regno,
18
* helper call for the "VMRS to CPSR.NZCV" insn.
19
*/
20
tmp = load_cpu_field(vfp.xregs[ARM_VFP_FPSCR]);
21
- tcg_gen_andi_i32(tmp, tmp, 0xf0000000);
22
+ tcg_gen_andi_i32(tmp, tmp, FPCR_NZCV_MASK);
23
storefn(s, opaque, tmp);
24
break;
25
default:
26
@@ -XXX,XX +XXX,XX @@ static bool trans_VMSR_VMRS(DisasContext *s, arg_VMSR_VMRS *a)
27
case ARM_VFP_FPSCR:
28
if (a->rt == 15) {
29
tmp = load_cpu_field(vfp.xregs[ARM_VFP_FPSCR]);
30
- tcg_gen_andi_i32(tmp, tmp, 0xf0000000);
31
+ tcg_gen_andi_i32(tmp, tmp, FPCR_NZCV_MASK);
32
} else {
33
tmp = tcg_temp_new_i32();
34
gen_helper_vfp_get_fpscr(tmp, cpu_env);
35
--
36
2.20.1
37
38
diff view generated by jsdifflib
[PULL 26/36] target/arm: For v8.1M, always clear R0-R3, R12, APSR, EPSR on exception entry
Deleted patch
1
In v8.0M, on exception entry the registers R0-R3, R12, APSR and EPSR
2
are zeroed for an exception taken to Non-secure state; for an
3
exception taken to Secure state they become UNKNOWN, and we chose to
4
leave them at their previous values.
5
1
6
In v8.1M the behaviour is specified more tightly and these registers
7
are always zeroed regardless of the security state that the exception
8
targets (see rule R_KPZV). Implement this.
9
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
12
Message-id: 20201119215617.29887-17-peter.maydell@linaro.org
13
---
14
target/arm/m_helper.c | 16 ++++++++++++----
15
1 file changed, 12 insertions(+), 4 deletions(-)
16
17
diff --git a/target/arm/m_helper.c b/target/arm/m_helper.c
18
index XXXXXXX..XXXXXXX 100644
19
--- a/target/arm/m_helper.c
20
+++ b/target/arm/m_helper.c
21
@@ -XXX,XX +XXX,XX @@ static void v7m_exception_taken(ARMCPU *cpu, uint32_t lr, bool dotailchain,
22
* Clear registers if necessary to prevent non-secure exception
23
* code being able to see register values from secure code.
24
* Where register values become architecturally UNKNOWN we leave
25
- * them with their previous values.
26
+ * them with their previous values. v8.1M is tighter than v8.0M
27
+ * here and always zeroes the caller-saved registers regardless
28
+ * of the security state the exception is targeting.
29
*/
30
if (arm_feature(env, ARM_FEATURE_M_SECURITY)) {
31
- if (!targets_secure) {
32
+ if (!targets_secure || arm_feature(env, ARM_FEATURE_V8_1M)) {
33
/*
34
* Always clear the caller-saved registers (they have been
35
* pushed to the stack earlier in v7m_push_stack()).
36
@@ -XXX,XX +XXX,XX @@ static void v7m_exception_taken(ARMCPU *cpu, uint32_t lr, bool dotailchain,
37
* v7m_push_callee_stack()).
38
*/
39
int i;
40
+ /*
41
+ * r4..r11 are callee-saves, zero only if background
42
+ * state was Secure (EXCRET.S == 1) and exception
43
+ * targets Non-secure state
44
+ */
45
+ bool zero_callee_saves = !targets_secure &&
46
+ (lr & R_V7M_EXCRET_S_MASK);
47
48
for (i = 0; i < 13; i++) {
49
- /* r4..r11 are callee-saves, zero only if EXCRET.S == 1 */
50
- if (i < 4 || i > 11 || (lr & R_V7M_EXCRET_S_MASK)) {
51
+ if (i < 4 || i > 11 || zero_callee_saves) {
52
env->regs[i] = 0;
53
}
54
}
55
--
56
2.20.1
57
58
diff view generated by jsdifflib
[PULL 27/36] target/arm: In v8.1M, don't set HFSR.FORCED on vector table fetch failures
Deleted patch
1
In v8.1M, vector table fetch failures don't set HFSR.FORCED (see rule
2
R_LLRP). (In previous versions of the architecture this was either
3
required or IMPDEF.)
4
1
5
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
6
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
7
Message-id: 20201119215617.29887-18-peter.maydell@linaro.org
8
---
9
target/arm/m_helper.c | 6 +++++-
10
1 file changed, 5 insertions(+), 1 deletion(-)
11
12
diff --git a/target/arm/m_helper.c b/target/arm/m_helper.c
13
index XXXXXXX..XXXXXXX 100644
14
--- a/target/arm/m_helper.c
15
+++ b/target/arm/m_helper.c
16
@@ -XXX,XX +XXX,XX @@ load_fail:
17
* The HardFault is Secure if BFHFNMINS is 0 (meaning that all HFs are
18
* secure); otherwise it targets the same security state as the
19
* underlying exception.
20
+ * In v8.1M HardFaults from vector table fetch fails don't set FORCED.
21
*/
22
if (!(cpu->env.v7m.aircr & R_V7M_AIRCR_BFHFNMINS_MASK)) {
23
exc_secure = true;
24
}
25
- env->v7m.hfsr |= R_V7M_HFSR_VECTTBL_MASK | R_V7M_HFSR_FORCED_MASK;
26
+ env->v7m.hfsr |= R_V7M_HFSR_VECTTBL_MASK;
27
+ if (!arm_feature(env, ARM_FEATURE_V8_1M)) {
28
+ env->v7m.hfsr |= R_V7M_HFSR_FORCED_MASK;
29
+ }
30
armv7m_nvic_set_pending_derived(env->nvic, ARMV7M_EXCP_HARD, exc_secure);
31
return false;
32
}
33
--
34
2.20.1
35
36
diff view generated by jsdifflib
[PULL 28/36] target/arm: Implement v8.1M REVIDR register
Deleted patch
1
In v8.1M a REVIDR register is defined, which is at address 0xe00ecfc
2
and is a read-only IMPDEF register providing implementation specific
3
minor revision information, like the v8A REVIDR_EL1. Implement this.
4
1
5
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
6
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
7
Message-id: 20201119215617.29887-19-peter.maydell@linaro.org
8
---
9
hw/intc/armv7m_nvic.c | 5 +++++
10
1 file changed, 5 insertions(+)
11
12
diff --git a/hw/intc/armv7m_nvic.c b/hw/intc/armv7m_nvic.c
13
index XXXXXXX..XXXXXXX 100644
14
--- a/hw/intc/armv7m_nvic.c
15
+++ b/hw/intc/armv7m_nvic.c
16
@@ -XXX,XX +XXX,XX @@ static uint32_t nvic_readl(NVICState *s, uint32_t offset, MemTxAttrs attrs)
17
}
18
return val;
19
}
20
+ case 0xcfc:
21
+ if (!arm_feature(&cpu->env, ARM_FEATURE_V8_1M)) {
22
+ goto bad_offset;
23
+ }
24
+ return cpu->revidr;
25
case 0xd00: /* CPUID Base. */
26
return cpu->midr;
27
case 0xd04: /* Interrupt Control State (ICSR) */
28
--
29
2.20.1
30
31
diff view generated by jsdifflib
[PULL 29/36] target/arm: Implement new v8.1M NOCP check for exception return
Deleted patch
1
In v8.1M a new exception return check is added which may cause a NOCP
2
UsageFault (see rule R_XLTP): before we clear s0..s15 and the FPSCR
3
we must check whether access to CP10 from the Security state of the
4
returning exception is disabled; if it is then we must take a fault.
5
1
6
(Note that for our implementation CPPWR is always RAZ/WI and so can
7
never cause CP10 accesses to fail.)
8
9
The other v8.1M change to this register-clearing code is that if MVE
10
is implemented VPR must also be cleared, so add a TODO comment to
11
that effect.
12
13
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
14
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
15
Message-id: 20201119215617.29887-20-peter.maydell@linaro.org
16
---
17
target/arm/m_helper.c | 22 +++++++++++++++++++++-
18
1 file changed, 21 insertions(+), 1 deletion(-)
19
20
diff --git a/target/arm/m_helper.c b/target/arm/m_helper.c
21
index XXXXXXX..XXXXXXX 100644
22
--- a/target/arm/m_helper.c
23
+++ b/target/arm/m_helper.c
24
@@ -XXX,XX +XXX,XX @@ static void do_v7m_exception_exit(ARMCPU *cpu)
25
v7m_exception_taken(cpu, excret, true, false);
26
return;
27
} else {
28
- /* Clear s0..s15 and FPSCR */
29
+ if (arm_feature(env, ARM_FEATURE_V8_1M)) {
30
+ /* v8.1M adds this NOCP check */
31
+ bool nsacr_pass = exc_secure ||
32
+ extract32(env->v7m.nsacr, 10, 1);
33
+ bool cpacr_pass = v7m_cpacr_pass(env, exc_secure, true);
34
+ if (!nsacr_pass) {
35
+ armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_USAGE, true);
36
+ env->v7m.cfsr[M_REG_S] |= R_V7M_CFSR_NOCP_MASK;
37
+ qemu_log_mask(CPU_LOG_INT, "...taking UsageFault on existing "
38
+ "stackframe: NSACR prevents clearing FPU registers\n");
39
+ v7m_exception_taken(cpu, excret, true, false);
40
+ } else if (!cpacr_pass) {
41
+ armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_USAGE,
42
+ exc_secure);
43
+ env->v7m.cfsr[exc_secure] |= R_V7M_CFSR_NOCP_MASK;
44
+ qemu_log_mask(CPU_LOG_INT, "...taking UsageFault on existing "
45
+ "stackframe: CPACR prevents clearing FPU registers\n");
46
+ v7m_exception_taken(cpu, excret, true, false);
47
+ }
48
+ }
49
+ /* Clear s0..s15 and FPSCR; TODO also VPR when MVE is implemented */
50
int i;
51
52
for (i = 0; i < 16; i += 2) {
53
--
54
2.20.1
55
56
diff view generated by jsdifflib
[PULL 30/36] target/arm: Implement new v8.1M VLLDM and VLSTM encodings
Deleted patch
1
v8.1M adds new encodings of VLLDM and VLSTM (where bit 7 is set).
2
The only difference is that:
3
* the old T1 encodings UNDEF if the implementation implements 32
4
Dregs (this is currently architecturally impossible for M-profile)
5
* the new T2 encodings have the implementation-defined option to
6
read from memory (discarding the data) or write UNKNOWN values to
7
memory for the stack slots that would be D16-D31
8
1
9
We choose not to make those accesses, so for us the two
10
instructions behave identically assuming they don't UNDEF.
11
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
14
Message-id: 20201119215617.29887-21-peter.maydell@linaro.org
15
---
16
target/arm/m-nocp.decode | 2 +-
17
target/arm/translate-vfp.c.inc | 25 +++++++++++++++++++++++++
18
2 files changed, 26 insertions(+), 1 deletion(-)
19
20
diff --git a/target/arm/m-nocp.decode b/target/arm/m-nocp.decode
21
index XXXXXXX..XXXXXXX 100644
22
--- a/target/arm/m-nocp.decode
23
+++ b/target/arm/m-nocp.decode
24
@@ -XXX,XX +XXX,XX @@
25
26
{
27
# Special cases which do not take an early NOCP: VLLDM and VLSTM
28
- VLLDM_VLSTM 1110 1100 001 l:1 rn:4 0000 1010 0000 0000
29
+ VLLDM_VLSTM 1110 1100 001 l:1 rn:4 0000 1010 op:1 000 0000
30
# VSCCLRM (new in v8.1M) is similar:
31
VSCCLRM 1110 1100 1.01 1111 .... 1011 imm:7 0 vd=%vd_dp size=3
32
VSCCLRM 1110 1100 1.01 1111 .... 1010 imm:8 vd=%vd_sp size=2
33
diff --git a/target/arm/translate-vfp.c.inc b/target/arm/translate-vfp.c.inc
34
index XXXXXXX..XXXXXXX 100644
35
--- a/target/arm/translate-vfp.c.inc
36
+++ b/target/arm/translate-vfp.c.inc
37
@@ -XXX,XX +XXX,XX @@ static bool trans_VLLDM_VLSTM(DisasContext *s, arg_VLLDM_VLSTM *a)
38
!arm_dc_feature(s, ARM_FEATURE_V8)) {
39
return false;
40
}
41
+
42
+ if (a->op) {
43
+ /*
44
+ * T2 encoding ({D0-D31} reglist): v8.1M and up. We choose not
45
+ * to take the IMPDEF option to make memory accesses to the stack
46
+ * slots that correspond to the D16-D31 registers (discarding
47
+ * read data and writing UNKNOWN values), so for us the T2
48
+ * encoding behaves identically to the T1 encoding.
49
+ */
50
+ if (!arm_dc_feature(s, ARM_FEATURE_V8_1M)) {
51
+ return false;
52
+ }
53
+ } else {
54
+ /*
55
+ * T1 encoding ({D0-D15} reglist); undef if we have 32 Dregs.
56
+ * This is currently architecturally impossible, but we add the
57
+ * check to stay in line with the pseudocode. Note that we must
58
+ * emit code for the UNDEF so it takes precedence over the NOCP.
59
+ */
60
+ if (dc_isar_feature(aa32_simd_r32, s)) {
61
+ unallocated_encoding(s);
62
+ return true;
63
+ }
64
+ }
65
+
66
/*
67
* If not secure, UNDEF. We must emit code for this
68
* rather than returning false so that this takes
69
--
70
2.20.1
71
72
diff view generated by jsdifflib

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.