1
arm pullreq for rc1. All minor bugfixes, except for the sve-default-vector-length
1
More accumulated patches from during the freeze...
2
patches, which are somewhere between a bugfix and a new feature.
3
2
4
thanks
3
The following changes since commit c83fcfaf8a54d0d034bd0edf7bbb3b0d16669be9:
5
-- PMM
6
4
7
The following changes since commit c08ccd1b53f488ac86c1f65cf7623dc91acc249a:
5
Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2021-08-26' into staging (2021-08-26 13:42:34 +0100)
8
9
Merge remote-tracking branch 'remotes/rth-gitlab/tags/pull-tcg-20210726' into staging (2021-07-27 08:35:01 +0100)
10
6
11
are available in the Git repository at:
7
are available in the Git repository at:
12
8
13
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20210727
9
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20210826
14
10
15
for you to fetch changes up to e229a179a503f2aee43a76888cf12fbdfe8a3749:
11
for you to fetch changes up to d2e6f370138a7f32bc28b20dcd55374b7a638f39:
16
12
17
hw: aspeed_gpio: Fix memory size (2021-07-27 11:00:00 +0100)
13
hw/arm/xlnx-zynqmp: Add unimplemented APU mmio (2021-08-26 17:02:01 +0100)
18
14
19
----------------------------------------------------------------
15
----------------------------------------------------------------
20
target-arm queue:
16
target-arm queue:
21
* hw/arm/smmuv3: Check 31st bit to see if CD is valid
17
* hw/dma/xlnx-zdma, xlnx_csu_dma: Require 'dma' link property to be set
22
* qemu-options.hx: Fix formatting of -machine memory-backend option
18
* hw/arm/Kconfig: no need to enable ACPI_MEMORY_HOTPLUG/ACPI_NVDIMM explicitly
23
* hw: aspeed_gpio: Fix memory size
19
* target/arm/cpu: Introduce sve_vq_supported bitmap
24
* hw/arm/nseries: Display hexadecimal value with '0x' prefix
20
* docs/specs: Convert ACPI spec docs to rST
25
* Add sve-default-vector-length cpu property
21
* arch_init: Clean up and refactoring
26
* docs: Update path that mentions deprecated.rst
22
* hw/core/loader: In gunzip(), check index is in range before use, not after
27
* hw/intc/armv7m_nvic: for v8.1M VECTPENDING hides S exceptions from NS
23
* softmmu/physmem.c: Remove unneeded NULL check in qemu_ram_alloc_from_fd()
28
* hw/intc/armv7m_nvic: Correct size of ICSR.VECTPENDING
24
* softmmu/physmem.c: Check return value from realpath()
29
* hw/intc/armv7m_nvic: ISCR.ISRPENDING is set for non-enabled pending interrupts
25
* Zero-initialize sockaddr_in structs
30
* target/arm: Report M-profile alignment faults correctly to the guest
26
* raspi: Use error_fatal for SoC realize errors, not error_abort
31
* target/arm: Add missing 'return's after calling v7m_exception_taken()
27
* target/arm: Avoid assertion trying to use KVM and multiple ASes
32
* target/arm: Enforce that M-profile SP low 2 bits are always zero
28
* target/arm: Implement HSTR.TTEE
29
* target/arm: Implement HSTR.TJDBX
30
* target/arm: Do hflags rebuild in cpsr_write()
31
* hw/arm/xlnx-versal, xlnx-zynqmp: Add unimplemented APU mmio
33
32
34
----------------------------------------------------------------
33
----------------------------------------------------------------
35
Joe Komlodi (1):
34
Andrew Jones (4):
36
hw/arm/smmuv3: Check 31st bit to see if CD is valid
35
target/arm/cpu: Introduce sve_vq_supported bitmap
36
target/arm/kvm64: Ensure sve vls map is completely clear
37
target/arm/cpu64: Replace kvm_supported with sve_vq_supported
38
target/arm/cpu64: Validate sve vector lengths are supported
37
39
38
Joel Stanley (1):
40
Ani Sinha (1):
39
hw: aspeed_gpio: Fix memory size
41
hw/arm/Kconfig: no need to enable ACPI_MEMORY_HOTPLUG/ACPI_NVDIMM explicitly
40
42
41
Mao Zhongyi (1):
43
Peter Maydell (26):
42
docs: Update path that mentions deprecated.rst
44
docs/specs/acpu_cpu_hotplug: Convert to rST
45
docs/specs/acpi_mem_hotplug: Convert to rST
46
docs/specs/acpi_pci_hotplug: Convert to rST
47
docs/specs/acpi_nvdimm: Convert to rST
48
MAINTAINERS: Add ACPI specs documents to ACPI and NVDIMM sections
49
softmmu: Use accel_find("xen") instead of xen_available()
50
monitor: Use accel_find("kvm") instead of kvm_available()
51
softmmu/arch_init.c: Trim down include list
52
meson.build: Define QEMU_ARCH in config-target.h
53
arch_init.h: Add QEMU_ARCH_HEXAGON
54
arch_init.h: Move QEMU_ARCH_VIRTIO_* to qdev-monitor.c
55
arch_init.h: Don't include arch_init.h unnecessarily
56
stubs: Remove unused arch_type.c stub
57
hw/core/loader: In gunzip(), check index is in range before use, not after
58
softmmu/physmem.c: Remove unneeded NULL check in qemu_ram_alloc_from_fd()
59
softmmu/physmem.c: Check return value from realpath()
60
net: Zero sockaddr_in in parse_host_port()
61
gdbstub: Zero-initialize sockaddr structs
62
tests/qtest/ipmi-bt-test: Zero-initialize sockaddr struct
63
tests/tcg/multiarch/linux-test: Zero-initialize sockaddr structs
64
raspi: Use error_fatal for SoC realize errors, not error_abort
65
target/arm: Avoid assertion trying to use KVM and multiple ASes
66
hw/arm/virt: Delete EL3 error checksnow provided in CPU realize
67
target/arm: Implement HSTR.TTEE
68
target/arm: Implement HSTR.TJDBX
69
target/arm: Do hflags rebuild in cpsr_write()
43
70
44
Peter Maydell (7):
71
Philippe Mathieu-Daudé (4):
45
qemu-options.hx: Fix formatting of -machine memory-backend option
72
hw/arm/xlnx-zynqmp: Realize qspi controller *after* qspi_dma
46
target/arm: Enforce that M-profile SP low 2 bits are always zero
73
hw/dma/xlnx_csu_dma: Run trivial checks early in realize()
47
target/arm: Add missing 'return's after calling v7m_exception_taken()
74
hw/dma/xlnx_csu_dma: Always expect 'dma' link property to be set
48
target/arm: Report M-profile alignment faults correctly to the guest
75
hw/dma/xlnx-zdma Always expect 'dma' link property to be set
49
hw/intc/armv7m_nvic: ISCR.ISRPENDING is set for non-enabled pending interrupts
50
hw/intc/armv7m_nvic: Correct size of ICSR.VECTPENDING
51
hw/intc/armv7m_nvic: for v8.1M VECTPENDING hides S exceptions from NS
52
76
53
Philippe Mathieu-Daudé (1):
77
Tong Ho (2):
54
hw/arm/nseries: Display hexadecimal value with '0x' prefix
78
hw/arm/xlnx-versal: Add unimplemented APU mmio
79
hw/arm/xlnx-zynqmp: Add unimplemented APU mmio
55
80
56
Richard Henderson (3):
81
docs/specs/acpi_cpu_hotplug.rst | 235 +++++++++++++++++++++
57
target/arm: Correctly bound length in sve_zcr_get_valid_len
82
docs/specs/acpi_cpu_hotplug.txt | 160 --------------
58
target/arm: Export aarch64_sve_zcr_get_valid_len
83
docs/specs/acpi_mem_hotplug.rst | 128 +++++++++++
59
target/arm: Add sve-default-vector-length cpu property
84
docs/specs/acpi_mem_hotplug.txt | 94 ---------
85
docs/specs/acpi_nvdimm.rst | 228 ++++++++++++++++++++
86
docs/specs/acpi_nvdimm.txt | 188 -----------------
87
.../{acpi_pci_hotplug.txt => acpi_pci_hotplug.rst} | 37 ++--
88
docs/specs/index.rst | 4 +
89
meson.build | 2 +
90
include/hw/arm/xlnx-versal.h | 2 +
91
include/hw/arm/xlnx-zynqmp.h | 7 +
92
include/hw/dma/xlnx-zdma.h | 2 +-
93
include/hw/dma/xlnx_csu_dma.h | 2 +-
94
include/sysemu/arch_init.h | 15 +-
95
target/arm/cpu.h | 17 +-
96
target/arm/helper.h | 2 +
97
target/arm/syndrome.h | 7 +
98
blockdev.c | 1 -
99
gdbstub.c | 4 +-
100
hw/arm/raspi.c | 2 +-
101
hw/arm/virt.c | 5 -
102
hw/arm/xlnx-versal.c | 4 +
103
hw/arm/xlnx-zynqmp.c | 86 ++++++--
104
hw/core/loader.c | 35 ++-
105
hw/dma/xlnx-zdma.c | 24 +--
106
hw/dma/xlnx_csu_dma.c | 31 ++-
107
hw/i386/pc.c | 1 -
108
hw/i386/pc_piix.c | 1 -
109
hw/i386/pc_q35.c | 1 -
110
hw/mips/jazz.c | 1 -
111
hw/mips/malta.c | 1 -
112
hw/ppc/prep.c | 1 -
113
hw/riscv/sifive_e.c | 1 -
114
hw/riscv/sifive_u.c | 1 -
115
hw/riscv/spike.c | 1 -
116
hw/riscv/virt.c | 1 -
117
linux-user/arm/signal.c | 2 -
118
monitor/qmp-cmds.c | 3 +-
119
net/net.c | 2 +
120
softmmu/arch_init.c | 66 ------
121
softmmu/physmem.c | 5 +-
122
softmmu/qdev-monitor.c | 9 +
123
softmmu/vl.c | 6 +-
124
stubs/arch_type.c | 4 -
125
target/arm/cpu.c | 23 ++
126
target/arm/cpu64.c | 118 +++++------
127
target/arm/helper.c | 40 +++-
128
target/arm/kvm64.c | 2 +-
129
target/arm/op_helper.c | 16 ++
130
target/arm/translate.c | 12 ++
131
target/ppc/cpu_init.c | 1 -
132
target/s390x/cpu-sysemu.c | 1 -
133
tests/qtest/ipmi-bt-test.c | 2 +-
134
tests/tcg/multiarch/linux-test.c | 4 +-
135
MAINTAINERS | 5 +
136
hw/arm/Kconfig | 2 -
137
stubs/meson.build | 1 -
138
57 files changed, 949 insertions(+), 707 deletions(-)
139
create mode 100644 docs/specs/acpi_cpu_hotplug.rst
140
delete mode 100644 docs/specs/acpi_cpu_hotplug.txt
141
create mode 100644 docs/specs/acpi_mem_hotplug.rst
142
delete mode 100644 docs/specs/acpi_mem_hotplug.txt
143
create mode 100644 docs/specs/acpi_nvdimm.rst
144
delete mode 100644 docs/specs/acpi_nvdimm.txt
145
rename docs/specs/{acpi_pci_hotplug.txt => acpi_pci_hotplug.rst} (51%)
146
delete mode 100644 stubs/arch_type.c
60
147
61
docs/system/arm/cpu-features.rst | 15 ++++++++++
62
configure | 2 +-
63
hw/arm/smmuv3-internal.h | 2 +-
64
target/arm/cpu.h | 5 ++++
65
target/arm/internals.h | 10 +++++++
66
hw/arm/nseries.c | 2 +-
67
hw/gpio/aspeed_gpio.c | 3 +-
68
hw/intc/armv7m_nvic.c | 40 +++++++++++++++++++--------
69
target/arm/cpu.c | 14 ++++++++--
70
target/arm/cpu64.c | 60 ++++++++++++++++++++++++++++++++++++++++
71
target/arm/gdbstub.c | 4 +++
72
target/arm/helper.c | 8 ++++--
73
target/arm/m_helper.c | 24 ++++++++++++----
74
target/arm/translate.c | 3 ++
75
target/i386/cpu.c | 2 +-
76
MAINTAINERS | 2 +-
77
qemu-options.hx | 30 +++++++++++---------
78
17 files changed, 183 insertions(+), 43 deletions(-)
79
diff view generated by jsdifflib
New patch
1
From: Philippe Mathieu-Daudé <philmd@redhat.com>
1
2
3
If we link QOM object (a) as a property of QOM object (b),
4
we must set the property *before* (b) is realized.
5
6
Move QSPI realization *after* QSPI DMA.
7
8
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
9
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
10
Message-id: 20210819163422.2863447-2-philmd@redhat.com
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
---
13
hw/arm/xlnx-zynqmp.c | 42 ++++++++++++++++++++----------------------
14
1 file changed, 20 insertions(+), 22 deletions(-)
15
16
diff --git a/hw/arm/xlnx-zynqmp.c b/hw/arm/xlnx-zynqmp.c
17
index XXXXXXX..XXXXXXX 100644
18
--- a/hw/arm/xlnx-zynqmp.c
19
+++ b/hw/arm/xlnx-zynqmp.c
20
@@ -XXX,XX +XXX,XX @@ static void xlnx_zynqmp_realize(DeviceState *dev, Error **errp)
21
g_free(bus_name);
22
}
23
24
- if (!sysbus_realize(SYS_BUS_DEVICE(&s->qspi), errp)) {
25
- return;
26
- }
27
- sysbus_mmio_map(SYS_BUS_DEVICE(&s->qspi), 0, QSPI_ADDR);
28
- sysbus_mmio_map(SYS_BUS_DEVICE(&s->qspi), 1, LQSPI_ADDR);
29
- sysbus_connect_irq(SYS_BUS_DEVICE(&s->qspi), 0, gic_spi[QSPI_IRQ]);
30
-
31
- for (i = 0; i < XLNX_ZYNQMP_NUM_QSPI_BUS; i++) {
32
- gchar *bus_name;
33
- gchar *target_bus;
34
-
35
- /* Alias controller SPI bus to the SoC itself */
36
- bus_name = g_strdup_printf("qspi%d", i);
37
- target_bus = g_strdup_printf("spi%d", i);
38
- object_property_add_alias(OBJECT(s), bus_name,
39
- OBJECT(&s->qspi), target_bus);
40
- g_free(bus_name);
41
- g_free(target_bus);
42
- }
43
-
44
if (!sysbus_realize(SYS_BUS_DEVICE(&s->dp), errp)) {
45
return;
46
}
47
@@ -XXX,XX +XXX,XX @@ static void xlnx_zynqmp_realize(DeviceState *dev, Error **errp)
48
49
sysbus_mmio_map(SYS_BUS_DEVICE(&s->qspi_dma), 0, QSPI_DMA_ADDR);
50
sysbus_connect_irq(SYS_BUS_DEVICE(&s->qspi_dma), 0, gic_spi[QSPI_IRQ]);
51
- object_property_set_link(OBJECT(&s->qspi), "stream-connected-dma",
52
- OBJECT(&s->qspi_dma), errp);
53
+
54
+ if (!object_property_set_link(OBJECT(&s->qspi), "stream-connected-dma",
55
+ OBJECT(&s->qspi_dma), errp)) {
56
+ return;
57
+ }
58
+ if (!sysbus_realize(SYS_BUS_DEVICE(&s->qspi), errp)) {
59
+ return;
60
+ }
61
+ sysbus_mmio_map(SYS_BUS_DEVICE(&s->qspi), 0, QSPI_ADDR);
62
+ sysbus_mmio_map(SYS_BUS_DEVICE(&s->qspi), 1, LQSPI_ADDR);
63
+ sysbus_connect_irq(SYS_BUS_DEVICE(&s->qspi), 0, gic_spi[QSPI_IRQ]);
64
+
65
+ for (i = 0; i < XLNX_ZYNQMP_NUM_QSPI_BUS; i++) {
66
+ g_autofree gchar *bus_name = g_strdup_printf("qspi%d", i);
67
+ g_autofree gchar *target_bus = g_strdup_printf("spi%d", i);
68
+
69
+ /* Alias controller SPI bus to the SoC itself */
70
+ object_property_add_alias(OBJECT(s), bus_name,
71
+ OBJECT(&s->qspi), target_bus);
72
+ }
73
}
74
75
static Property xlnx_zynqmp_props[] = {
76
--
77
2.20.1
78
79
diff view generated by jsdifflib
New patch
1
From: Philippe Mathieu-Daudé <philmd@redhat.com>
1
2
3
If some property are not set, we'll return indicating a failure,
4
so it is pointless to allocate / initialize some fields too early.
5
Move the trivial checks earlier in realize().
6
7
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
8
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
9
Message-id: 20210819163422.2863447-3-philmd@redhat.com
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
12
hw/dma/xlnx_csu_dma.c | 10 +++++-----
13
1 file changed, 5 insertions(+), 5 deletions(-)
14
15
diff --git a/hw/dma/xlnx_csu_dma.c b/hw/dma/xlnx_csu_dma.c
16
index XXXXXXX..XXXXXXX 100644
17
--- a/hw/dma/xlnx_csu_dma.c
18
+++ b/hw/dma/xlnx_csu_dma.c
19
@@ -XXX,XX +XXX,XX @@ static void xlnx_csu_dma_realize(DeviceState *dev, Error **errp)
20
XlnxCSUDMA *s = XLNX_CSU_DMA(dev);
21
RegisterInfoArray *reg_array;
22
23
+ if (!s->is_dst && !s->tx_dev) {
24
+ error_setg(errp, "zynqmp.csu-dma: Stream not connected");
25
+ return;
26
+ }
27
+
28
reg_array =
29
register_init_block32(dev, xlnx_csu_dma_regs_info[!!s->is_dst],
30
XLNX_CSU_DMA_R_MAX,
31
@@ -XXX,XX +XXX,XX @@ static void xlnx_csu_dma_realize(DeviceState *dev, Error **errp)
32
sysbus_init_mmio(SYS_BUS_DEVICE(dev), &s->iomem);
33
sysbus_init_irq(SYS_BUS_DEVICE(dev), &s->irq);
34
35
- if (!s->is_dst && !s->tx_dev) {
36
- error_setg(errp, "zynqmp.csu-dma: Stream not connected");
37
- return;
38
- }
39
-
40
s->src_timer = ptimer_init(xlnx_csu_dma_src_timeout_hit,
41
s, PTIMER_POLICY_DEFAULT);
42
43
--
44
2.20.1
45
46
diff view generated by jsdifflib
1
From: Joel Stanley <joel@jms.id.au>
1
From: Philippe Mathieu-Daudé <philmd@redhat.com>
2
2
3
The macro used to calculate the maximum memory size of the MMIO region
3
Simplify by always passing a MemoryRegion property to the device.
4
had a mistake, causing all GPIO models to create a mapping of 0x9D8.
4
Doing so we can move the AddressSpace field to the device struct,
5
The intent was to have it be 0x9D8 - 0x800.
5
removing need for heap allocation.
6
6
7
This extra size doesn't matter on ast2400 and ast2500, which have a 4KB
7
Update the Xilinx ZynqMP SoC model to pass the default system
8
region set aside for the GPIO controller.
8
memory instead of a NULL value.
9
9
10
On the ast2600 the 3.3V and 1.8V GPIO controllers are 2KB apart, so the
10
Suggested-by: Peter Maydell <peter.maydell@linaro.org>
11
regions would overlap. Worse was the 1.8V controller would map over the
11
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
12
top of the following peripheral, which happens to be the RTC.
12
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
13
13
Message-id: 20210819163422.2863447-4-philmd@redhat.com
14
The mmio region used by each device is a maximum of 2KB, so avoid the
15
calculations and hard code this as the maximum.
16
17
Fixes: 36d737ee82b2 ("hw/gpio: Add in AST2600 specific implementation")
18
Signed-off-by: Joel Stanley <joel@jms.id.au>
19
Reviewed-by: Rashmica Gupta <rashmica.g@gmail.com>
20
Reviewed-by: Cédric Le Goater <clg@kaod.org>
21
Message-id: 20210713065854.134634-2-joel@jms.id.au
22
[PMM: fix autocorrect error in commit message]
23
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
14
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
24
---
15
---
25
hw/gpio/aspeed_gpio.c | 3 +--
16
include/hw/dma/xlnx_csu_dma.h | 2 +-
26
1 file changed, 1 insertion(+), 2 deletions(-)
17
hw/arm/xlnx-zynqmp.c | 4 ++++
18
hw/dma/xlnx_csu_dma.c | 21 ++++++++++-----------
19
3 files changed, 15 insertions(+), 12 deletions(-)
27
20
28
diff --git a/hw/gpio/aspeed_gpio.c b/hw/gpio/aspeed_gpio.c
21
diff --git a/include/hw/dma/xlnx_csu_dma.h b/include/hw/dma/xlnx_csu_dma.h
29
index XXXXXXX..XXXXXXX 100644
22
index XXXXXXX..XXXXXXX 100644
30
--- a/hw/gpio/aspeed_gpio.c
23
--- a/include/hw/dma/xlnx_csu_dma.h
31
+++ b/hw/gpio/aspeed_gpio.c
24
+++ b/include/hw/dma/xlnx_csu_dma.h
32
@@ -XXX,XX +XXX,XX @@
25
@@ -XXX,XX +XXX,XX @@ typedef struct XlnxCSUDMA {
33
#define GPIO_1_8V_MEM_SIZE 0x9D8
26
MemoryRegion iomem;
34
#define GPIO_1_8V_REG_ARRAY_SIZE ((GPIO_1_8V_MEM_SIZE - \
27
MemTxAttrs attr;
35
GPIO_1_8V_REG_OFFSET) >> 2)
28
MemoryRegion *dma_mr;
36
-#define GPIO_MAX_MEM_SIZE MAX(GPIO_3_6V_MEM_SIZE, GPIO_1_8V_MEM_SIZE)
29
- AddressSpace *dma_as;
37
30
+ AddressSpace dma_as;
38
static int aspeed_evaluate_irq(GPIOSets *regs, int gpio_prev_high, int gpio)
31
qemu_irq irq;
39
{
32
StreamSink *tx_dev; /* Used as generic StreamSink */
40
@@ -XXX,XX +XXX,XX @@ static void aspeed_gpio_realize(DeviceState *dev, Error **errp)
33
ptimer_state *src_timer;
34
diff --git a/hw/arm/xlnx-zynqmp.c b/hw/arm/xlnx-zynqmp.c
35
index XXXXXXX..XXXXXXX 100644
36
--- a/hw/arm/xlnx-zynqmp.c
37
+++ b/hw/arm/xlnx-zynqmp.c
38
@@ -XXX,XX +XXX,XX @@ static void xlnx_zynqmp_realize(DeviceState *dev, Error **errp)
39
gic_spi[adma_ch_intr[i]]);
41
}
40
}
42
41
43
memory_region_init_io(&s->iomem, OBJECT(s), &aspeed_gpio_ops, s,
42
+ if (!object_property_set_link(OBJECT(&s->qspi_dma), "dma",
44
- TYPE_ASPEED_GPIO, GPIO_MAX_MEM_SIZE);
43
+ OBJECT(system_memory), errp)) {
45
+ TYPE_ASPEED_GPIO, 0x800);
44
+ return;
46
45
+ }
47
sysbus_init_mmio(sbd, &s->iomem);
46
if (!sysbus_realize(SYS_BUS_DEVICE(&s->qspi_dma), errp)) {
48
}
47
return;
48
}
49
diff --git a/hw/dma/xlnx_csu_dma.c b/hw/dma/xlnx_csu_dma.c
50
index XXXXXXX..XXXXXXX 100644
51
--- a/hw/dma/xlnx_csu_dma.c
52
+++ b/hw/dma/xlnx_csu_dma.c
53
@@ -XXX,XX +XXX,XX @@ static uint32_t xlnx_csu_dma_read(XlnxCSUDMA *s, uint8_t *buf, uint32_t len)
54
for (i = 0; i < len && (result == MEMTX_OK); i += s->width) {
55
uint32_t mlen = MIN(len - i, s->width);
56
57
- result = address_space_rw(s->dma_as, addr, s->attr,
58
+ result = address_space_rw(&s->dma_as, addr, s->attr,
59
buf + i, mlen, false);
60
}
61
} else {
62
- result = address_space_rw(s->dma_as, addr, s->attr, buf, len, false);
63
+ result = address_space_rw(&s->dma_as, addr, s->attr, buf, len, false);
64
}
65
66
if (result == MEMTX_OK) {
67
@@ -XXX,XX +XXX,XX @@ static uint32_t xlnx_csu_dma_write(XlnxCSUDMA *s, uint8_t *buf, uint32_t len)
68
for (i = 0; i < len && (result == MEMTX_OK); i += s->width) {
69
uint32_t mlen = MIN(len - i, s->width);
70
71
- result = address_space_rw(s->dma_as, addr, s->attr,
72
+ result = address_space_rw(&s->dma_as, addr, s->attr,
73
buf, mlen, true);
74
buf += mlen;
75
}
76
} else {
77
- result = address_space_rw(s->dma_as, addr, s->attr, buf, len, true);
78
+ result = address_space_rw(&s->dma_as, addr, s->attr, buf, len, true);
79
}
80
81
if (result != MEMTX_OK) {
82
@@ -XXX,XX +XXX,XX @@ static void xlnx_csu_dma_realize(DeviceState *dev, Error **errp)
83
return;
84
}
85
86
+ if (!s->dma_mr) {
87
+ error_setg(errp, TYPE_XLNX_CSU_DMA " 'dma' link not set");
88
+ return;
89
+ }
90
+ address_space_init(&s->dma_as, s->dma_mr, "csu-dma");
91
+
92
reg_array =
93
register_init_block32(dev, xlnx_csu_dma_regs_info[!!s->is_dst],
94
XLNX_CSU_DMA_R_MAX,
95
@@ -XXX,XX +XXX,XX @@ static void xlnx_csu_dma_realize(DeviceState *dev, Error **errp)
96
s->src_timer = ptimer_init(xlnx_csu_dma_src_timeout_hit,
97
s, PTIMER_POLICY_DEFAULT);
98
99
- if (s->dma_mr) {
100
- s->dma_as = g_malloc0(sizeof(AddressSpace));
101
- address_space_init(s->dma_as, s->dma_mr, NULL);
102
- } else {
103
- s->dma_as = &address_space_memory;
104
- }
105
-
106
s->attr = MEMTXATTRS_UNSPECIFIED;
107
108
s->r_size_last_word = 0;
49
--
109
--
50
2.20.1
110
2.20.1
51
111
52
112
diff view generated by jsdifflib
1
From: Richard Henderson <richard.henderson@linaro.org>
1
From: Philippe Mathieu-Daudé <philmd@redhat.com>
2
2
3
Rename from sve_zcr_get_valid_len and make accessible
3
Simplify by always passing a MemoryRegion property to the device.
4
from outside of helper.c.
4
Doing so we can move the AddressSpace field to the device struct,
5
removing need for heap allocation.
5
6
6
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
7
Update the Xilinx ZynqMP / Versal SoC models to pass the default
8
system memory instead of a NULL value.
9
10
Suggested-by: Peter Maydell <peter.maydell@linaro.org>
11
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
7
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
12
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
8
Message-id: 20210723203344.968563-3-richard.henderson@linaro.org
13
Message-id: 20210819163422.2863447-5-philmd@redhat.com
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
14
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
15
---
11
target/arm/internals.h | 10 ++++++++++
16
include/hw/dma/xlnx-zdma.h | 2 +-
12
target/arm/helper.c | 4 ++--
17
hw/arm/xlnx-versal.c | 2 ++
13
2 files changed, 12 insertions(+), 2 deletions(-)
18
hw/arm/xlnx-zynqmp.c | 8 ++++++++
19
hw/dma/xlnx-zdma.c | 24 ++++++++++++------------
20
4 files changed, 23 insertions(+), 13 deletions(-)
14
21
15
diff --git a/target/arm/internals.h b/target/arm/internals.h
22
diff --git a/include/hw/dma/xlnx-zdma.h b/include/hw/dma/xlnx-zdma.h
16
index XXXXXXX..XXXXXXX 100644
23
index XXXXXXX..XXXXXXX 100644
17
--- a/target/arm/internals.h
24
--- a/include/hw/dma/xlnx-zdma.h
18
+++ b/target/arm/internals.h
25
+++ b/include/hw/dma/xlnx-zdma.h
19
@@ -XXX,XX +XXX,XX @@ void arm_translate_init(void);
26
@@ -XXX,XX +XXX,XX @@ struct XlnxZDMA {
20
void arm_cpu_synchronize_from_tb(CPUState *cs, const TranslationBlock *tb);
27
MemoryRegion iomem;
21
#endif /* CONFIG_TCG */
28
MemTxAttrs attr;
22
29
MemoryRegion *dma_mr;
23
+/**
30
- AddressSpace *dma_as;
24
+ * aarch64_sve_zcr_get_valid_len:
31
+ AddressSpace dma_as;
25
+ * @cpu: cpu context
32
qemu_irq irq_zdma_ch_imr;
26
+ * @start_len: maximum len to consider
33
27
+ *
34
struct {
28
+ * Return the maximum supported sve vector length <= @start_len.
35
diff --git a/hw/arm/xlnx-versal.c b/hw/arm/xlnx-versal.c
29
+ * Note that both @start_len and the return value are in units
30
+ * of ZCR_ELx.LEN, so the vector bit length is (x + 1) * 128.
31
+ */
32
+uint32_t aarch64_sve_zcr_get_valid_len(ARMCPU *cpu, uint32_t start_len);
33
34
enum arm_fprounding {
35
FPROUNDING_TIEEVEN,
36
diff --git a/target/arm/helper.c b/target/arm/helper.c
37
index XXXXXXX..XXXXXXX 100644
36
index XXXXXXX..XXXXXXX 100644
38
--- a/target/arm/helper.c
37
--- a/hw/arm/xlnx-versal.c
39
+++ b/target/arm/helper.c
38
+++ b/hw/arm/xlnx-versal.c
40
@@ -XXX,XX +XXX,XX @@ int sve_exception_el(CPUARMState *env, int el)
39
@@ -XXX,XX +XXX,XX @@ static void versal_create_admas(Versal *s, qemu_irq *pic)
41
return 0;
40
TYPE_XLNX_ZDMA);
41
dev = DEVICE(&s->lpd.iou.adma[i]);
42
object_property_set_int(OBJECT(dev), "bus-width", 128, &error_abort);
43
+ object_property_set_link(OBJECT(dev), "dma",
44
+ OBJECT(get_system_memory()), &error_fatal);
45
sysbus_realize(SYS_BUS_DEVICE(dev), &error_fatal);
46
47
mr = sysbus_mmio_get_region(SYS_BUS_DEVICE(dev), 0);
48
diff --git a/hw/arm/xlnx-zynqmp.c b/hw/arm/xlnx-zynqmp.c
49
index XXXXXXX..XXXXXXX 100644
50
--- a/hw/arm/xlnx-zynqmp.c
51
+++ b/hw/arm/xlnx-zynqmp.c
52
@@ -XXX,XX +XXX,XX @@ static void xlnx_zynqmp_realize(DeviceState *dev, Error **errp)
53
errp)) {
54
return;
55
}
56
+ if (!object_property_set_link(OBJECT(&s->gdma[i]), "dma",
57
+ OBJECT(system_memory), errp)) {
58
+ return;
59
+ }
60
if (!sysbus_realize(SYS_BUS_DEVICE(&s->gdma[i]), errp)) {
61
return;
62
}
63
@@ -XXX,XX +XXX,XX @@ static void xlnx_zynqmp_realize(DeviceState *dev, Error **errp)
64
}
65
66
for (i = 0; i < XLNX_ZYNQMP_NUM_ADMA_CH; i++) {
67
+ if (!object_property_set_link(OBJECT(&s->adma[i]), "dma",
68
+ OBJECT(system_memory), errp)) {
69
+ return;
70
+ }
71
if (!sysbus_realize(SYS_BUS_DEVICE(&s->adma[i]), errp)) {
72
return;
73
}
74
diff --git a/hw/dma/xlnx-zdma.c b/hw/dma/xlnx-zdma.c
75
index XXXXXXX..XXXXXXX 100644
76
--- a/hw/dma/xlnx-zdma.c
77
+++ b/hw/dma/xlnx-zdma.c
78
@@ -XXX,XX +XXX,XX @@ static bool zdma_load_descriptor(XlnxZDMA *s, uint64_t addr,
79
return false;
80
}
81
82
- descr->addr = address_space_ldq_le(s->dma_as, addr, s->attr, NULL);
83
- descr->size = address_space_ldl_le(s->dma_as, addr + 8, s->attr, NULL);
84
- descr->attr = address_space_ldl_le(s->dma_as, addr + 12, s->attr, NULL);
85
+ descr->addr = address_space_ldq_le(&s->dma_as, addr, s->attr, NULL);
86
+ descr->size = address_space_ldl_le(&s->dma_as, addr + 8, s->attr, NULL);
87
+ descr->attr = address_space_ldl_le(&s->dma_as, addr + 12, s->attr, NULL);
88
return true;
42
}
89
}
43
90
44
-static uint32_t sve_zcr_get_valid_len(ARMCPU *cpu, uint32_t start_len)
91
@@ -XXX,XX +XXX,XX @@ static void zdma_update_descr_addr(XlnxZDMA *s, bool type,
45
+uint32_t aarch64_sve_zcr_get_valid_len(ARMCPU *cpu, uint32_t start_len)
92
} else {
46
{
93
addr = zdma_get_regaddr64(s, basereg);
47
uint32_t end_len;
94
addr += sizeof(s->dsc_dst);
48
95
- next = address_space_ldq_le(s->dma_as, addr, s->attr, NULL);
49
@@ -XXX,XX +XXX,XX @@ uint32_t sve_zcr_len_for_el(CPUARMState *env, int el)
96
+ next = address_space_ldq_le(&s->dma_as, addr, s->attr, NULL);
50
zcr_len = MIN(zcr_len, 0xf & (uint32_t)env->vfp.zcr_el[3]);
51
}
97
}
52
98
53
- return sve_zcr_get_valid_len(cpu, zcr_len);
99
zdma_put_regaddr64(s, basereg, next);
54
+ return aarch64_sve_zcr_get_valid_len(cpu, zcr_len);
100
@@ -XXX,XX +XXX,XX @@ static void zdma_write_dst(XlnxZDMA *s, uint8_t *buf, uint32_t len)
101
}
102
}
103
104
- address_space_write(s->dma_as, s->dsc_dst.addr, s->attr, buf, dlen);
105
+ address_space_write(&s->dma_as, s->dsc_dst.addr, s->attr, buf, dlen);
106
if (burst_type == AXI_BURST_INCR) {
107
s->dsc_dst.addr += dlen;
108
}
109
@@ -XXX,XX +XXX,XX @@ static void zdma_process_descr(XlnxZDMA *s)
110
len = s->cfg.bus_width / 8;
111
}
112
} else {
113
- address_space_read(s->dma_as, src_addr, s->attr, s->buf, len);
114
+ address_space_read(&s->dma_as, src_addr, s->attr, s->buf, len);
115
if (burst_type == AXI_BURST_INCR) {
116
src_addr += len;
117
}
118
@@ -XXX,XX +XXX,XX @@ static void zdma_realize(DeviceState *dev, Error **errp)
119
XlnxZDMA *s = XLNX_ZDMA(dev);
120
unsigned int i;
121
122
+ if (!s->dma_mr) {
123
+ error_setg(errp, TYPE_XLNX_ZDMA " 'dma' link not set");
124
+ return;
125
+ }
126
+ address_space_init(&s->dma_as, s->dma_mr, "zdma-dma");
127
+
128
for (i = 0; i < ARRAY_SIZE(zdma_regs_info); ++i) {
129
RegisterInfo *r = &s->regs_info[zdma_regs_info[i].addr / 4];
130
131
@@ -XXX,XX +XXX,XX @@ static void zdma_realize(DeviceState *dev, Error **errp)
132
};
133
}
134
135
- if (s->dma_mr) {
136
- s->dma_as = g_malloc0(sizeof(AddressSpace));
137
- address_space_init(s->dma_as, s->dma_mr, NULL);
138
- } else {
139
- s->dma_as = &address_space_memory;
140
- }
141
s->attr = MEMTXATTRS_UNSPECIFIED;
55
}
142
}
56
143
57
static void zcr_write(CPUARMState *env, const ARMCPRegInfo *ri,
58
--
144
--
59
2.20.1
145
2.20.1
60
146
61
147
diff view generated by jsdifflib
New patch
1
From: Ani Sinha <ani@anisinha.ca>
1
2
3
Since commit
4
36b79e3219d ("hw/acpi/Kconfig: Add missing Kconfig dependencies (build error)"),
5
ACPI_MEMORY_HOTPLUG and ACPI_NVDIMM is implicitly turned on when
6
ACPI_HW_REDUCED is selected. ACPI_HW_REDUCED is already enabled. No need to
7
turn on ACPI_MEMORY_HOTPLUG or ACPI_NVDIMM explicitly. This is a minor cleanup.
8
9
Signed-off-by: Ani Sinha <ani@anisinha.ca>
10
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
11
Message-id: 20210819162637.518507-1-ani@anisinha.ca
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
---
14
hw/arm/Kconfig | 2 --
15
1 file changed, 2 deletions(-)
16
17
diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
18
index XXXXXXX..XXXXXXX 100644
19
--- a/hw/arm/Kconfig
20
+++ b/hw/arm/Kconfig
21
@@ -XXX,XX +XXX,XX @@ config ARM_VIRT
22
select ACPI_PCI
23
select MEM_DEVICE
24
select DIMM
25
- select ACPI_MEMORY_HOTPLUG
26
select ACPI_HW_REDUCED
27
- select ACPI_NVDIMM
28
select ACPI_APEI
29
30
config CHEETAH
31
--
32
2.20.1
33
34
diff view generated by jsdifflib
1
From: Richard Henderson <richard.henderson@linaro.org>
1
From: Andrew Jones <drjones@redhat.com>
2
2
3
Mirror the behavour of /proc/sys/abi/sve_default_vector_length
3
Allow CPUs that support SVE to specify which SVE vector lengths they
4
under the real linux kernel. We have no way of passing along
4
support by setting them in this bitmap. Currently only the 'max' and
5
a real default across exec like the kernel can, but this is a
5
'host' CPU types supports SVE and 'host' requires KVM which obtains
6
decent way of adjusting the startup vector length of a process.
6
its supported bitmap from the host. So, we only need to initialize the
7
bitmap for 'max' with TCG. And, since 'max' should support all SVE
8
vector lengths we simply fill the bitmap. Future CPU types may have
9
less trivial maps though.
7
10
8
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/482
11
Signed-off-by: Andrew Jones <drjones@redhat.com>
9
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
12
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
10
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
13
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
11
Message-id: 20210723203344.968563-4-richard.henderson@linaro.org
14
Message-id: 20210823160647.34028-2-drjones@redhat.com
12
[PMM: tweaked docs formatting, document -1 special-case,
13
added fixup patch from RTH mentioning QEMU's maximum veclen.]
14
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15
---
16
---
16
docs/system/arm/cpu-features.rst | 15 ++++++++
17
target/arm/cpu.h | 4 ++++
17
target/arm/cpu.h | 5 +++
18
target/arm/cpu64.c | 2 ++
18
target/arm/cpu.c | 14 ++++++--
19
2 files changed, 6 insertions(+)
19
target/arm/cpu64.c | 60 ++++++++++++++++++++++++++++++++
20
4 files changed, 92 insertions(+), 2 deletions(-)
21
20
22
diff --git a/docs/system/arm/cpu-features.rst b/docs/system/arm/cpu-features.rst
23
index XXXXXXX..XXXXXXX 100644
24
--- a/docs/system/arm/cpu-features.rst
25
+++ b/docs/system/arm/cpu-features.rst
26
@@ -XXX,XX +XXX,XX @@ verbose command lines. However, the recommended way to select vector
27
lengths is to explicitly enable each desired length. Therefore only
28
example's (1), (4), and (6) exhibit recommended uses of the properties.
29
30
+SVE User-mode Default Vector Length Property
31
+--------------------------------------------
32
+
33
+For qemu-aarch64, the cpu property ``sve-default-vector-length=N`` is
34
+defined to mirror the Linux kernel parameter file
35
+``/proc/sys/abi/sve_default_vector_length``. The default length, ``N``,
36
+is in units of bytes and must be between 16 and 8192.
37
+If not specified, the default vector length is 64.
38
+
39
+If the default length is larger than the maximum vector length enabled,
40
+the actual vector length will be reduced. Note that the maximum vector
41
+length supported by QEMU is 256.
42
+
43
+If this property is set to ``-1`` then the default vector length
44
+is set to the maximum possible length.
45
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
21
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
46
index XXXXXXX..XXXXXXX 100644
22
index XXXXXXX..XXXXXXX 100644
47
--- a/target/arm/cpu.h
23
--- a/target/arm/cpu.h
48
+++ b/target/arm/cpu.h
24
+++ b/target/arm/cpu.h
49
@@ -XXX,XX +XXX,XX @@ struct ARMCPU {
25
@@ -XXX,XX +XXX,XX @@ struct ARMCPU {
50
/* Used to set the maximum vector length the cpu will support. */
26
* While processing properties during initialization, corresponding
51
uint32_t sve_max_vq;
27
* sve_vq_init bits are set for bits in sve_vq_map that have been
52
28
* set by properties.
53
+#ifdef CONFIG_USER_ONLY
29
+ *
54
+ /* Used to set the default vector length at process start. */
30
+ * Bits set in sve_vq_supported represent valid vector lengths for
55
+ uint32_t sve_default_vq;
31
+ * the CPU type.
56
+#endif
32
*/
57
+
33
DECLARE_BITMAP(sve_vq_map, ARM_MAX_VQ);
58
/*
34
DECLARE_BITMAP(sve_vq_init, ARM_MAX_VQ);
59
* In sve_vq_map each set bit is a supported vector length of
35
+ DECLARE_BITMAP(sve_vq_supported, ARM_MAX_VQ);
60
* (bit-number + 1) * 16 bytes, i.e. each bit number + 1 is the vector
36
61
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
37
/* Generic timer counter frequency, in Hz */
62
index XXXXXXX..XXXXXXX 100644
38
uint64_t gt_cntfrq_hz;
63
--- a/target/arm/cpu.c
64
+++ b/target/arm/cpu.c
65
@@ -XXX,XX +XXX,XX @@ static void arm_cpu_reset(DeviceState *dev)
66
env->cp15.cpacr_el1 = deposit64(env->cp15.cpacr_el1, 16, 2, 3);
67
/* with reasonable vector length */
68
if (cpu_isar_feature(aa64_sve, cpu)) {
69
- env->vfp.zcr_el[1] = MIN(cpu->sve_max_vq - 1, 3);
70
+ env->vfp.zcr_el[1] =
71
+ aarch64_sve_zcr_get_valid_len(cpu, cpu->sve_default_vq - 1);
72
}
73
/*
74
* Enable TBI0 but not TBI1.
75
@@ -XXX,XX +XXX,XX @@ static void arm_cpu_initfn(Object *obj)
76
QLIST_INIT(&cpu->pre_el_change_hooks);
77
QLIST_INIT(&cpu->el_change_hooks);
78
79
-#ifndef CONFIG_USER_ONLY
80
+#ifdef CONFIG_USER_ONLY
81
+# ifdef TARGET_AARCH64
82
+ /*
83
+ * The linux kernel defaults to 512-bit vectors, when sve is supported.
84
+ * See documentation for /proc/sys/abi/sve_default_vector_length, and
85
+ * our corresponding sve-default-vector-length cpu property.
86
+ */
87
+ cpu->sve_default_vq = 4;
88
+# endif
89
+#else
90
/* Our inbound IRQ and FIQ lines */
91
if (kvm_enabled()) {
92
/* VIRQ and VFIQ are unused with KVM but we add them to maintain
93
diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c
39
diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c
94
index XXXXXXX..XXXXXXX 100644
40
index XXXXXXX..XXXXXXX 100644
95
--- a/target/arm/cpu64.c
41
--- a/target/arm/cpu64.c
96
+++ b/target/arm/cpu64.c
42
+++ b/target/arm/cpu64.c
97
@@ -XXX,XX +XXX,XX @@ static void cpu_arm_set_sve(Object *obj, bool value, Error **errp)
43
@@ -XXX,XX +XXX,XX @@ static void aarch64_max_initfn(Object *obj)
98
cpu->isar.id_aa64pfr0 = t;
44
/* Default to PAUTH on, with the architected algorithm. */
99
}
45
qdev_property_add_static(DEVICE(obj), &arm_cpu_pauth_property);
100
46
qdev_property_add_static(DEVICE(obj), &arm_cpu_pauth_impdef_property);
101
+#ifdef CONFIG_USER_ONLY
102
+/* Mirror linux /proc/sys/abi/sve_default_vector_length. */
103
+static void cpu_arm_set_sve_default_vec_len(Object *obj, Visitor *v,
104
+ const char *name, void *opaque,
105
+ Error **errp)
106
+{
107
+ ARMCPU *cpu = ARM_CPU(obj);
108
+ int32_t default_len, default_vq, remainder;
109
+
47
+
110
+ if (!visit_type_int32(v, name, &default_len, errp)) {
48
+ bitmap_fill(cpu->sve_vq_supported, ARM_MAX_VQ);
111
+ return;
112
+ }
113
+
114
+ /* Undocumented, but the kernel allows -1 to indicate "maximum". */
115
+ if (default_len == -1) {
116
+ cpu->sve_default_vq = ARM_MAX_VQ;
117
+ return;
118
+ }
119
+
120
+ default_vq = default_len / 16;
121
+ remainder = default_len % 16;
122
+
123
+ /*
124
+ * Note that the 512 max comes from include/uapi/asm/sve_context.h
125
+ * and is the maximum architectural width of ZCR_ELx.LEN.
126
+ */
127
+ if (remainder || default_vq < 1 || default_vq > 512) {
128
+ error_setg(errp, "cannot set sve-default-vector-length");
129
+ if (remainder) {
130
+ error_append_hint(errp, "Vector length not a multiple of 16\n");
131
+ } else if (default_vq < 1) {
132
+ error_append_hint(errp, "Vector length smaller than 16\n");
133
+ } else {
134
+ error_append_hint(errp, "Vector length larger than %d\n",
135
+ 512 * 16);
136
+ }
137
+ return;
138
+ }
139
+
140
+ cpu->sve_default_vq = default_vq;
141
+}
142
+
143
+static void cpu_arm_get_sve_default_vec_len(Object *obj, Visitor *v,
144
+ const char *name, void *opaque,
145
+ Error **errp)
146
+{
147
+ ARMCPU *cpu = ARM_CPU(obj);
148
+ int32_t value = cpu->sve_default_vq * 16;
149
+
150
+ visit_type_int32(v, name, &value, errp);
151
+}
152
+#endif
153
+
154
void aarch64_add_sve_properties(Object *obj)
155
{
156
uint32_t vq;
157
@@ -XXX,XX +XXX,XX @@ void aarch64_add_sve_properties(Object *obj)
158
object_property_add(obj, name, "bool", cpu_arm_get_sve_vq,
159
cpu_arm_set_sve_vq, NULL, NULL);
160
}
49
}
161
+
50
162
+#ifdef CONFIG_USER_ONLY
51
aarch64_add_sve_properties(obj);
163
+ /* Mirror linux /proc/sys/abi/sve_default_vector_length. */
164
+ object_property_add(obj, "sve-default-vector-length", "int32",
165
+ cpu_arm_get_sve_default_vec_len,
166
+ cpu_arm_set_sve_default_vec_len, NULL, NULL);
167
+#endif
168
}
169
170
void arm_cpu_pauth_finalize(ARMCPU *cpu, Error **errp)
171
--
52
--
172
2.20.1
53
2.20.1
173
54
174
55
diff view generated by jsdifflib
1
From: Joe Komlodi <joe.komlodi@xilinx.com>
1
From: Andrew Jones <drjones@redhat.com>
2
2
3
The bit to see if a CD is valid is the last bit of the first word of the CD.
3
bitmap_clear() only clears the given range. While the given
4
range should be sufficient in this case we might as well be
5
100% sure all bits are zeroed by using bitmap_zero().
4
6
5
Signed-off-by: Joe Komlodi <joe.komlodi@xilinx.com>
7
Signed-off-by: Andrew Jones <drjones@redhat.com>
6
Message-id: 1626728232-134665-2-git-send-email-joe.komlodi@xilinx.com
8
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
7
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
9
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
10
Message-id: 20210823160647.34028-3-drjones@redhat.com
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
---
12
---
10
hw/arm/smmuv3-internal.h | 2 +-
13
target/arm/kvm64.c | 2 +-
11
1 file changed, 1 insertion(+), 1 deletion(-)
14
1 file changed, 1 insertion(+), 1 deletion(-)
12
15
13
diff --git a/hw/arm/smmuv3-internal.h b/hw/arm/smmuv3-internal.h
16
diff --git a/target/arm/kvm64.c b/target/arm/kvm64.c
14
index XXXXXXX..XXXXXXX 100644
17
index XXXXXXX..XXXXXXX 100644
15
--- a/hw/arm/smmuv3-internal.h
18
--- a/target/arm/kvm64.c
16
+++ b/hw/arm/smmuv3-internal.h
19
+++ b/target/arm/kvm64.c
17
@@ -XXX,XX +XXX,XX @@ static inline int pa_range(STE *ste)
20
@@ -XXX,XX +XXX,XX @@ void kvm_arm_sve_get_vls(CPUState *cs, unsigned long *map)
18
21
uint32_t vq = 0;
19
/* CD fields */
22
int i, j;
20
23
21
-#define CD_VALID(x) extract32((x)->word[0], 30, 1)
24
- bitmap_clear(map, 0, ARM_MAX_VQ);
22
+#define CD_VALID(x) extract32((x)->word[0], 31, 1)
25
+ bitmap_zero(map, ARM_MAX_VQ);
23
#define CD_ASID(x) extract32((x)->word[1], 16, 16)
26
24
#define CD_TTB(x, sel) \
27
/*
25
({ \
28
* KVM ensures all host CPUs support the same set of vector lengths.
26
--
29
--
27
2.20.1
30
2.20.1
28
31
29
32
diff view generated by jsdifflib
New patch
1
From: Andrew Jones <drjones@redhat.com>
1
2
3
Now that we have an ARMCPU member sve_vq_supported we no longer
4
need the local kvm_supported bitmap for KVM's supported vector
5
lengths.
6
7
Signed-off-by: Andrew Jones <drjones@redhat.com>
8
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
9
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
10
Message-id: 20210823160647.34028-4-drjones@redhat.com
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
---
13
target/arm/cpu64.c | 19 +++++++++++--------
14
1 file changed, 11 insertions(+), 8 deletions(-)
15
16
diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c
17
index XXXXXXX..XXXXXXX 100644
18
--- a/target/arm/cpu64.c
19
+++ b/target/arm/cpu64.c
20
@@ -XXX,XX +XXX,XX @@ void arm_cpu_sve_finalize(ARMCPU *cpu, Error **errp)
21
* any of the above. Finally, if SVE is not disabled, then at least one
22
* vector length must be enabled.
23
*/
24
- DECLARE_BITMAP(kvm_supported, ARM_MAX_VQ);
25
DECLARE_BITMAP(tmp, ARM_MAX_VQ);
26
uint32_t vq, max_vq = 0;
27
28
- /* Collect the set of vector lengths supported by KVM. */
29
- bitmap_zero(kvm_supported, ARM_MAX_VQ);
30
+ /*
31
+ * CPU models specify a set of supported vector lengths which are
32
+ * enabled by default. Attempting to enable any vector length not set
33
+ * in the supported bitmap results in an error. When KVM is enabled we
34
+ * fetch the supported bitmap from the host.
35
+ */
36
if (kvm_enabled() && kvm_arm_sve_supported()) {
37
- kvm_arm_sve_get_vls(CPU(cpu), kvm_supported);
38
+ kvm_arm_sve_get_vls(CPU(cpu), cpu->sve_vq_supported);
39
} else if (kvm_enabled()) {
40
assert(!cpu_isar_feature(aa64_sve, cpu));
41
}
42
@@ -XXX,XX +XXX,XX @@ void arm_cpu_sve_finalize(ARMCPU *cpu, Error **errp)
43
* For KVM we have to automatically enable all supported unitialized
44
* lengths, even when the smaller lengths are not all powers-of-two.
45
*/
46
- bitmap_andnot(tmp, kvm_supported, cpu->sve_vq_init, max_vq);
47
+ bitmap_andnot(tmp, cpu->sve_vq_supported, cpu->sve_vq_init, max_vq);
48
bitmap_or(cpu->sve_vq_map, cpu->sve_vq_map, tmp, max_vq);
49
} else {
50
/* Propagate enabled bits down through required powers-of-two. */
51
@@ -XXX,XX +XXX,XX @@ void arm_cpu_sve_finalize(ARMCPU *cpu, Error **errp)
52
/* Disabling a supported length disables all larger lengths. */
53
for (vq = 1; vq <= ARM_MAX_VQ; ++vq) {
54
if (test_bit(vq - 1, cpu->sve_vq_init) &&
55
- test_bit(vq - 1, kvm_supported)) {
56
+ test_bit(vq - 1, cpu->sve_vq_supported)) {
57
break;
58
}
59
}
60
max_vq = vq <= ARM_MAX_VQ ? vq - 1 : ARM_MAX_VQ;
61
- bitmap_andnot(cpu->sve_vq_map, kvm_supported,
62
+ bitmap_andnot(cpu->sve_vq_map, cpu->sve_vq_supported,
63
cpu->sve_vq_init, max_vq);
64
if (max_vq == 0 || bitmap_empty(cpu->sve_vq_map, max_vq)) {
65
error_setg(errp, "cannot disable sve%d", vq * 128);
66
@@ -XXX,XX +XXX,XX @@ void arm_cpu_sve_finalize(ARMCPU *cpu, Error **errp)
67
68
if (kvm_enabled()) {
69
/* Ensure the set of lengths matches what KVM supports. */
70
- bitmap_xor(tmp, cpu->sve_vq_map, kvm_supported, max_vq);
71
+ bitmap_xor(tmp, cpu->sve_vq_map, cpu->sve_vq_supported, max_vq);
72
if (!bitmap_empty(tmp, max_vq)) {
73
vq = find_last_bit(tmp, max_vq) + 1;
74
if (test_bit(vq - 1, cpu->sve_vq_map)) {
75
--
76
2.20.1
77
78
diff view generated by jsdifflib
New patch
1
From: Andrew Jones <drjones@redhat.com>
1
2
3
Future CPU types may specify which vector lengths are supported.
4
We can apply nearly the same logic to validate those lengths
5
as we do for KVM's supported vector lengths. We merge the code
6
where we can, but unfortunately can't completely merge it because
7
KVM requires all vector lengths, power-of-two or not, smaller than
8
the maximum enabled length to also be enabled. The architecture
9
only requires all the power-of-two lengths, though, so TCG will
10
only enforce that.
11
12
Signed-off-by: Andrew Jones <drjones@redhat.com>
13
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
14
Message-id: 20210823160647.34028-5-drjones@redhat.com
15
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
16
---
17
target/arm/cpu64.c | 101 ++++++++++++++++++++-------------------------
18
1 file changed, 45 insertions(+), 56 deletions(-)
19
20
diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c
21
index XXXXXXX..XXXXXXX 100644
22
--- a/target/arm/cpu64.c
23
+++ b/target/arm/cpu64.c
24
@@ -XXX,XX +XXX,XX @@ void arm_cpu_sve_finalize(ARMCPU *cpu, Error **errp)
25
break;
26
}
27
}
28
- max_vq = vq <= ARM_MAX_VQ ? vq - 1 : ARM_MAX_VQ;
29
- bitmap_andnot(cpu->sve_vq_map, cpu->sve_vq_supported,
30
- cpu->sve_vq_init, max_vq);
31
- if (max_vq == 0 || bitmap_empty(cpu->sve_vq_map, max_vq)) {
32
- error_setg(errp, "cannot disable sve%d", vq * 128);
33
- error_append_hint(errp, "Disabling sve%d results in all "
34
- "vector lengths being disabled.\n",
35
- vq * 128);
36
- error_append_hint(errp, "With SVE enabled, at least one "
37
- "vector length must be enabled.\n");
38
- return;
39
- }
40
} else {
41
/* Disabling a power-of-two disables all larger lengths. */
42
- if (test_bit(0, cpu->sve_vq_init)) {
43
- error_setg(errp, "cannot disable sve128");
44
- error_append_hint(errp, "Disabling sve128 results in all "
45
- "vector lengths being disabled.\n");
46
- error_append_hint(errp, "With SVE enabled, at least one "
47
- "vector length must be enabled.\n");
48
- return;
49
- }
50
- for (vq = 2; vq <= ARM_MAX_VQ; vq <<= 1) {
51
+ for (vq = 1; vq <= ARM_MAX_VQ; vq <<= 1) {
52
if (test_bit(vq - 1, cpu->sve_vq_init)) {
53
break;
54
}
55
}
56
- max_vq = vq <= ARM_MAX_VQ ? vq - 1 : ARM_MAX_VQ;
57
- bitmap_complement(cpu->sve_vq_map, cpu->sve_vq_init, max_vq);
58
+ }
59
+
60
+ max_vq = vq <= ARM_MAX_VQ ? vq - 1 : ARM_MAX_VQ;
61
+ bitmap_andnot(cpu->sve_vq_map, cpu->sve_vq_supported,
62
+ cpu->sve_vq_init, max_vq);
63
+ if (max_vq == 0 || bitmap_empty(cpu->sve_vq_map, max_vq)) {
64
+ error_setg(errp, "cannot disable sve%d", vq * 128);
65
+ error_append_hint(errp, "Disabling sve%d results in all "
66
+ "vector lengths being disabled.\n",
67
+ vq * 128);
68
+ error_append_hint(errp, "With SVE enabled, at least one "
69
+ "vector length must be enabled.\n");
70
+ return;
71
}
72
73
max_vq = find_last_bit(cpu->sve_vq_map, max_vq) + 1;
74
@@ -XXX,XX +XXX,XX @@ void arm_cpu_sve_finalize(ARMCPU *cpu, Error **errp)
75
assert(max_vq != 0);
76
bitmap_clear(cpu->sve_vq_map, max_vq, ARM_MAX_VQ - max_vq);
77
78
- if (kvm_enabled()) {
79
- /* Ensure the set of lengths matches what KVM supports. */
80
- bitmap_xor(tmp, cpu->sve_vq_map, cpu->sve_vq_supported, max_vq);
81
- if (!bitmap_empty(tmp, max_vq)) {
82
- vq = find_last_bit(tmp, max_vq) + 1;
83
- if (test_bit(vq - 1, cpu->sve_vq_map)) {
84
- if (cpu->sve_max_vq) {
85
- error_setg(errp, "cannot set sve-max-vq=%d",
86
- cpu->sve_max_vq);
87
- error_append_hint(errp, "This KVM host does not support "
88
- "the vector length %d-bits.\n",
89
- vq * 128);
90
- error_append_hint(errp, "It may not be possible to use "
91
- "sve-max-vq with this KVM host. Try "
92
- "using only sve<N> properties.\n");
93
- } else {
94
- error_setg(errp, "cannot enable sve%d", vq * 128);
95
- error_append_hint(errp, "This KVM host does not support "
96
- "the vector length %d-bits.\n",
97
- vq * 128);
98
- }
99
+ /* Ensure the set of lengths matches what is supported. */
100
+ bitmap_xor(tmp, cpu->sve_vq_map, cpu->sve_vq_supported, max_vq);
101
+ if (!bitmap_empty(tmp, max_vq)) {
102
+ vq = find_last_bit(tmp, max_vq) + 1;
103
+ if (test_bit(vq - 1, cpu->sve_vq_map)) {
104
+ if (cpu->sve_max_vq) {
105
+ error_setg(errp, "cannot set sve-max-vq=%d", cpu->sve_max_vq);
106
+ error_append_hint(errp, "This CPU does not support "
107
+ "the vector length %d-bits.\n", vq * 128);
108
+ error_append_hint(errp, "It may not be possible to use "
109
+ "sve-max-vq with this CPU. Try "
110
+ "using only sve<N> properties.\n");
111
} else {
112
+ error_setg(errp, "cannot enable sve%d", vq * 128);
113
+ error_append_hint(errp, "This CPU does not support "
114
+ "the vector length %d-bits.\n", vq * 128);
115
+ }
116
+ return;
117
+ } else {
118
+ if (kvm_enabled()) {
119
error_setg(errp, "cannot disable sve%d", vq * 128);
120
error_append_hint(errp, "The KVM host requires all "
121
"supported vector lengths smaller "
122
"than %d bits to also be enabled.\n",
123
max_vq * 128);
124
- }
125
- return;
126
- }
127
- } else {
128
- /* Ensure all required powers-of-two are enabled. */
129
- for (vq = pow2floor(max_vq); vq >= 1; vq >>= 1) {
130
- if (!test_bit(vq - 1, cpu->sve_vq_map)) {
131
- error_setg(errp, "cannot disable sve%d", vq * 128);
132
- error_append_hint(errp, "sve%d is required as it "
133
- "is a power-of-two length smaller than "
134
- "the maximum, sve%d\n",
135
- vq * 128, max_vq * 128);
136
return;
137
+ } else {
138
+ /* Ensure all required powers-of-two are enabled. */
139
+ for (vq = pow2floor(max_vq); vq >= 1; vq >>= 1) {
140
+ if (!test_bit(vq - 1, cpu->sve_vq_map)) {
141
+ error_setg(errp, "cannot disable sve%d", vq * 128);
142
+ error_append_hint(errp, "sve%d is required as it "
143
+ "is a power-of-two length smaller "
144
+ "than the maximum, sve%d\n",
145
+ vq * 128, max_vq * 128);
146
+ return;
147
+ }
148
+ }
149
}
150
}
151
}
152
--
153
2.20.1
154
155
diff view generated by jsdifflib
New patch
1
Do a basic conversion of the acpi_cpu_hotplug spec document to rST.
1
2
3
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
5
Message-id: 20210727170414.3368-2-peter.maydell@linaro.org
6
---
7
docs/specs/acpi_cpu_hotplug.rst | 235 ++++++++++++++++++++++++++++++++
8
docs/specs/acpi_cpu_hotplug.txt | 160 ----------------------
9
docs/specs/index.rst | 1 +
10
3 files changed, 236 insertions(+), 160 deletions(-)
11
create mode 100644 docs/specs/acpi_cpu_hotplug.rst
12
delete mode 100644 docs/specs/acpi_cpu_hotplug.txt
13
14
diff --git a/docs/specs/acpi_cpu_hotplug.rst b/docs/specs/acpi_cpu_hotplug.rst
15
new file mode 100644
16
index XXXXXXX..XXXXXXX
17
--- /dev/null
18
+++ b/docs/specs/acpi_cpu_hotplug.rst
19
@@ -XXX,XX +XXX,XX @@
20
+QEMU<->ACPI BIOS CPU hotplug interface
21
+======================================
22
+
23
+QEMU supports CPU hotplug via ACPI. This document
24
+describes the interface between QEMU and the ACPI BIOS.
25
+
26
+ACPI BIOS GPE.2 handler is dedicated for notifying OS about CPU hot-add
27
+and hot-remove events.
28
+
29
+
30
+Legacy ACPI CPU hotplug interface registers
31
+-------------------------------------------
32
+
33
+CPU present bitmap for:
34
+
35
+- ICH9-LPC (IO port 0x0cd8-0xcf7, 1-byte access)
36
+- PIIX-PM (IO port 0xaf00-0xaf1f, 1-byte access)
37
+- One bit per CPU. Bit position reflects corresponding CPU APIC ID. Read-only.
38
+- The first DWORD in bitmap is used in write mode to switch from legacy
39
+ to modern CPU hotplug interface, write 0 into it to do switch.
40
+
41
+QEMU sets corresponding CPU bit on hot-add event and issues SCI
42
+with GPE.2 event set. CPU present map is read by ACPI BIOS GPE.2 handler
43
+to notify OS about CPU hot-add events. CPU hot-remove isn't supported.
44
+
45
+
46
+Modern ACPI CPU hotplug interface registers
47
+-------------------------------------------
48
+
49
+Register block base address:
50
+
51
+- ICH9-LPC IO port 0x0cd8
52
+- PIIX-PM IO port 0xaf00
53
+
54
+Register block size:
55
+
56
+- ACPI_CPU_HOTPLUG_REG_LEN = 12
57
+
58
+All accesses to registers described below, imply little-endian byte order.
59
+
60
+Reserved registers behavior:
61
+
62
+- write accesses are ignored
63
+- read accesses return all bits set to 0.
64
+
65
+The last stored value in 'CPU selector' must refer to a possible CPU, otherwise
66
+
67
+- reads from any register return 0
68
+- writes to any other register are ignored until valid value is stored into it
69
+
70
+On QEMU start, 'CPU selector' is initialized to a valid value, on reset it
71
+keeps the current value.
72
+
73
+Read access behavior
74
+^^^^^^^^^^^^^^^^^^^^
75
+
76
+offset [0x0-0x3]
77
+ Command data 2: (DWORD access)
78
+
79
+ If value last stored in 'Command field' is:
80
+
81
+ 0:
82
+ reads as 0x0
83
+ 3:
84
+ upper 32 bits of architecture specific CPU ID value
85
+ other values:
86
+ reserved
87
+
88
+offset [0x4]
89
+ CPU device status fields: (1 byte access)
90
+
91
+ bits:
92
+
93
+ 0:
94
+ Device is enabled and may be used by guest
95
+ 1:
96
+ Device insert event, used to distinguish device for which
97
+ no device check event to OSPM was issued.
98
+ It's valid only when bit 0 is set.
99
+ 2:
100
+ Device remove event, used to distinguish device for which
101
+ no device eject request to OSPM was issued. Firmware must
102
+ ignore this bit.
103
+ 3:
104
+ reserved and should be ignored by OSPM
105
+ 4:
106
+ if set to 1, OSPM requests firmware to perform device eject.
107
+ 5-7:
108
+ reserved and should be ignored by OSPM
109
+
110
+offset [0x5-0x7]
111
+ reserved
112
+
113
+offset [0x8]
114
+ Command data: (DWORD access)
115
+
116
+ If value last stored in 'Command field' is one of:
117
+
118
+ 0:
119
+ contains 'CPU selector' value of a CPU with pending event[s]
120
+ 3:
121
+ lower 32 bits of architecture specific CPU ID value
122
+ (in x86 case: APIC ID)
123
+ otherwise:
124
+ contains 0
125
+
126
+Write access behavior
127
+^^^^^^^^^^^^^^^^^^^^^
128
+
129
+offset [0x0-0x3]
130
+ CPU selector: (DWORD access)
131
+
132
+ Selects active CPU device. All following accesses to other
133
+ registers will read/store data from/to selected CPU.
134
+ Valid values: [0 .. max_cpus)
135
+
136
+offset [0x4]
137
+ CPU device control fields: (1 byte access)
138
+
139
+ bits:
140
+
141
+ 0:
142
+ reserved, OSPM must clear it before writing to register.
143
+ 1:
144
+ if set to 1 clears device insert event, set by OSPM
145
+ after it has emitted device check event for the
146
+ selected CPU device
147
+ 2:
148
+ if set to 1 clears device remove event, set by OSPM
149
+ after it has emitted device eject request for the
150
+ selected CPU device.
151
+ 3:
152
+ if set to 1 initiates device eject, set by OSPM when it
153
+ triggers CPU device removal and calls _EJ0 method or by firmware
154
+ when bit #4 is set. In case bit #4 were set, it's cleared as
155
+ part of device eject.
156
+ 4:
157
+ if set to 1, OSPM hands over device eject to firmware.
158
+ Firmware shall issue device eject request as described above
159
+ (bit #3) and OSPM should not touch device eject bit (#3) in case
160
+ it's asked firmware to perform CPU device eject.
161
+ 5-7:
162
+ reserved, OSPM must clear them before writing to register
163
+
164
+offset[0x5]
165
+ Command field: (1 byte access)
166
+
167
+ value:
168
+
169
+ 0:
170
+ selects a CPU device with inserting/removing events and
171
+ following reads from 'Command data' register return
172
+ selected CPU ('CPU selector' value).
173
+ If no CPU with events found, the current 'CPU selector' doesn't
174
+ change and corresponding insert/remove event flags are not modified.
175
+
176
+ 1:
177
+ following writes to 'Command data' register set OST event
178
+ register in QEMU
179
+ 2:
180
+ following writes to 'Command data' register set OST status
181
+ register in QEMU
182
+ 3:
183
+ following reads from 'Command data' and 'Command data 2' return
184
+ architecture specific CPU ID value for currently selected CPU.
185
+ other values:
186
+ reserved
187
+
188
+offset [0x6-0x7]
189
+ reserved
190
+
191
+offset [0x8]
192
+ Command data: (DWORD access)
193
+
194
+ If last stored 'Command field' value is:
195
+
196
+ 1:
197
+ stores value into OST event register
198
+ 2:
199
+ stores value into OST status register, triggers
200
+ ACPI_DEVICE_OST QMP event from QEMU to external applications
201
+ with current values of OST event and status registers.
202
+ other values:
203
+ reserved
204
+
205
+Typical usecases
206
+----------------
207
+
208
+(x86) Detecting and enabling modern CPU hotplug interface
209
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
210
+
211
+QEMU starts with legacy CPU hotplug interface enabled. Detecting and
212
+switching to modern interface is based on the 2 legacy CPU hotplug features:
213
+
214
+#. Writes into CPU bitmap are ignored.
215
+#. CPU bitmap always has bit #0 set, corresponding to boot CPU.
216
+
217
+Use following steps to detect and enable modern CPU hotplug interface:
218
+
219
+#. Store 0x0 to the 'CPU selector' register, attempting to switch to modern mode
220
+#. Store 0x0 to the 'CPU selector' register, to ensure valid selector value
221
+#. Store 0x0 to the 'Command field' register
222
+#. Read the 'Command data 2' register.
223
+ If read value is 0x0, the modern interface is enabled.
224
+ Otherwise legacy or no CPU hotplug interface available
225
+
226
+Get a cpu with pending event
227
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^
228
+
229
+#. Store 0x0 to the 'CPU selector' register.
230
+#. Store 0x0 to the 'Command field' register.
231
+#. Read the 'CPU device status fields' register.
232
+#. If both bit #1 and bit #2 are clear in the value read, there is no CPU
233
+ with a pending event and selected CPU remains unchanged.
234
+#. Otherwise, read the 'Command data' register. The value read is the
235
+ selector of the CPU with the pending event (which is already selected).
236
+
237
+Enumerate CPUs present/non present CPUs
238
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
239
+
240
+#. Set the present CPU count to 0.
241
+#. Set the iterator to 0.
242
+#. Store 0x0 to the 'CPU selector' register, to ensure that it's in
243
+ a valid state and that access to other registers won't be ignored.
244
+#. Store 0x0 to the 'Command field' register to make 'Command data'
245
+ register return 'CPU selector' value of selected CPU
246
+#. Read the 'CPU device status fields' register.
247
+#. If bit #0 is set, increment the present CPU count.
248
+#. Increment the iterator.
249
+#. Store the iterator to the 'CPU selector' register.
250
+#. Read the 'Command data' register.
251
+#. If the value read is not zero, goto 05.
252
+#. Otherwise store 0x0 to the 'CPU selector' register, to put it
253
+ into a valid state and exit.
254
+ The iterator at this point equals "max_cpus".
255
diff --git a/docs/specs/acpi_cpu_hotplug.txt b/docs/specs/acpi_cpu_hotplug.txt
256
deleted file mode 100644
257
index XXXXXXX..XXXXXXX
258
--- a/docs/specs/acpi_cpu_hotplug.txt
259
+++ /dev/null
260
@@ -XXX,XX +XXX,XX @@
261
-QEMU<->ACPI BIOS CPU hotplug interface
262
---------------------------------------
263
-
264
-QEMU supports CPU hotplug via ACPI. This document
265
-describes the interface between QEMU and the ACPI BIOS.
266
-
267
-ACPI BIOS GPE.2 handler is dedicated for notifying OS about CPU hot-add
268
-and hot-remove events.
269
-
270
-============================================
271
-Legacy ACPI CPU hotplug interface registers:
272
---------------------------------------------
273
-CPU present bitmap for:
274
- ICH9-LPC (IO port 0x0cd8-0xcf7, 1-byte access)
275
- PIIX-PM (IO port 0xaf00-0xaf1f, 1-byte access)
276
- One bit per CPU. Bit position reflects corresponding CPU APIC ID. Read-only.
277
- The first DWORD in bitmap is used in write mode to switch from legacy
278
- to modern CPU hotplug interface, write 0 into it to do switch.
279
----------------------------------------------------------------
280
-QEMU sets corresponding CPU bit on hot-add event and issues SCI
281
-with GPE.2 event set. CPU present map is read by ACPI BIOS GPE.2 handler
282
-to notify OS about CPU hot-add events. CPU hot-remove isn't supported.
283
-
284
-=====================================
285
-Modern ACPI CPU hotplug interface registers:
286
--------------------------------------
287
-Register block base address:
288
- ICH9-LPC IO port 0x0cd8
289
- PIIX-PM IO port 0xaf00
290
-Register block size:
291
- ACPI_CPU_HOTPLUG_REG_LEN = 12
292
-
293
-All accesses to registers described below, imply little-endian byte order.
294
-
295
-Reserved resisters behavior:
296
- - write accesses are ignored
297
- - read accesses return all bits set to 0.
298
-
299
-The last stored value in 'CPU selector' must refer to a possible CPU, otherwise
300
- - reads from any register return 0
301
- - writes to any other register are ignored until valid value is stored into it
302
-On QEMU start, 'CPU selector' is initialized to a valid value, on reset it
303
-keeps the current value.
304
-
305
-read access:
306
- offset:
307
- [0x0-0x3] Command data 2: (DWORD access)
308
- if value last stored in 'Command field':
309
- 0: reads as 0x0
310
- 3: upper 32 bits of architecture specific CPU ID value
311
- other values: reserved
312
- [0x4] CPU device status fields: (1 byte access)
313
- bits:
314
- 0: Device is enabled and may be used by guest
315
- 1: Device insert event, used to distinguish device for which
316
- no device check event to OSPM was issued.
317
- It's valid only when bit 0 is set.
318
- 2: Device remove event, used to distinguish device for which
319
- no device eject request to OSPM was issued. Firmware must
320
- ignore this bit.
321
- 3: reserved and should be ignored by OSPM
322
- 4: if set to 1, OSPM requests firmware to perform device eject.
323
- 5-7: reserved and should be ignored by OSPM
324
- [0x5-0x7] reserved
325
- [0x8] Command data: (DWORD access)
326
- contains 0 unless value last stored in 'Command field' is one of:
327
- 0: contains 'CPU selector' value of a CPU with pending event[s]
328
- 3: lower 32 bits of architecture specific CPU ID value
329
- (in x86 case: APIC ID)
330
-
331
-write access:
332
- offset:
333
- [0x0-0x3] CPU selector: (DWORD access)
334
- selects active CPU device. All following accesses to other
335
- registers will read/store data from/to selected CPU.
336
- Valid values: [0 .. max_cpus)
337
- [0x4] CPU device control fields: (1 byte access)
338
- bits:
339
- 0: reserved, OSPM must clear it before writing to register.
340
- 1: if set to 1 clears device insert event, set by OSPM
341
- after it has emitted device check event for the
342
- selected CPU device
343
- 2: if set to 1 clears device remove event, set by OSPM
344
- after it has emitted device eject request for the
345
- selected CPU device.
346
- 3: if set to 1 initiates device eject, set by OSPM when it
347
- triggers CPU device removal and calls _EJ0 method or by firmware
348
- when bit #4 is set. In case bit #4 were set, it's cleared as
349
- part of device eject.
350
- 4: if set to 1, OSPM hands over device eject to firmware.
351
- Firmware shall issue device eject request as described above
352
- (bit #3) and OSPM should not touch device eject bit (#3) in case
353
- it's asked firmware to perform CPU device eject.
354
- 5-7: reserved, OSPM must clear them before writing to register
355
- [0x5] Command field: (1 byte access)
356
- value:
357
- 0: selects a CPU device with inserting/removing events and
358
- following reads from 'Command data' register return
359
- selected CPU ('CPU selector' value).
360
- If no CPU with events found, the current 'CPU selector' doesn't
361
- change and corresponding insert/remove event flags are not modified.
362
- 1: following writes to 'Command data' register set OST event
363
- register in QEMU
364
- 2: following writes to 'Command data' register set OST status
365
- register in QEMU
366
- 3: following reads from 'Command data' and 'Command data 2' return
367
- architecture specific CPU ID value for currently selected CPU.
368
- other values: reserved
369
- [0x6-0x7] reserved
370
- [0x8] Command data: (DWORD access)
371
- if last stored 'Command field' value:
372
- 1: stores value into OST event register
373
- 2: stores value into OST status register, triggers
374
- ACPI_DEVICE_OST QMP event from QEMU to external applications
375
- with current values of OST event and status registers.
376
- other values: reserved
377
-
378
-Typical usecases:
379
- - (x86) Detecting and enabling modern CPU hotplug interface.
380
- QEMU starts with legacy CPU hotplug interface enabled. Detecting and
381
- switching to modern interface is based on the 2 legacy CPU hotplug features:
382
- 1. Writes into CPU bitmap are ignored.
383
- 2. CPU bitmap always has bit#0 set, corresponding to boot CPU.
384
-
385
- Use following steps to detect and enable modern CPU hotplug interface:
386
- 1. Store 0x0 to the 'CPU selector' register,
387
- attempting to switch to modern mode
388
- 2. Store 0x0 to the 'CPU selector' register,
389
- to ensure valid selector value
390
- 3. Store 0x0 to the 'Command field' register,
391
- 4. Read the 'Command data 2' register.
392
- If read value is 0x0, the modern interface is enabled.
393
- Otherwise legacy or no CPU hotplug interface available
394
-
395
- - Get a cpu with pending event
396
- 1. Store 0x0 to the 'CPU selector' register.
397
- 2. Store 0x0 to the 'Command field' register.
398
- 3. Read the 'CPU device status fields' register.
399
- 4. If both bit#1 and bit#2 are clear in the value read, there is no CPU
400
- with a pending event and selected CPU remains unchanged.
401
- 5. Otherwise, read the 'Command data' register. The value read is the
402
- selector of the CPU with the pending event (which is already
403
- selected).
404
-
405
- - Enumerate CPUs present/non present CPUs
406
- 01. Set the present CPU count to 0.
407
- 02. Set the iterator to 0.
408
- 03. Store 0x0 to the 'CPU selector' register, to ensure that it's in
409
- a valid state and that access to other registers won't be ignored.
410
- 04. Store 0x0 to the 'Command field' register to make 'Command data'
411
- register return 'CPU selector' value of selected CPU
412
- 05. Read the 'CPU device status fields' register.
413
- 06. If bit#0 is set, increment the present CPU count.
414
- 07. Increment the iterator.
415
- 08. Store the iterator to the 'CPU selector' register.
416
- 09. Read the 'Command data' register.
417
- 10. If the value read is not zero, goto 05.
418
- 11. Otherwise store 0x0 to the 'CPU selector' register, to put it
419
- into a valid state and exit.
420
- The iterator at this point equals "max_cpus".
421
diff --git a/docs/specs/index.rst b/docs/specs/index.rst
422
index XXXXXXX..XXXXXXX 100644
423
--- a/docs/specs/index.rst
424
+++ b/docs/specs/index.rst
425
@@ -XXX,XX +XXX,XX @@ guest hardware that is specific to QEMU.
426
acpi_hw_reduced_hotplug
427
tpm
428
acpi_hest_ghes
429
+ acpi_cpu_hotplug
430
--
431
2.20.1
432
433
diff view generated by jsdifflib
New patch
1
1
Convert the acpi memory hotplug spec to rST.
2
3
Note that this includes converting a lot of weird whitespace
4
characters to plain old spaces (the rST parser does not like
5
whatever the old ones were).
6
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
9
Message-id: 20210727170414.3368-3-peter.maydell@linaro.org
10
---
11
docs/specs/acpi_mem_hotplug.rst | 128 ++++++++++++++++++++++++++++++++
12
docs/specs/acpi_mem_hotplug.txt | 94 -----------------------
13
docs/specs/index.rst | 1 +
14
3 files changed, 129 insertions(+), 94 deletions(-)
15
create mode 100644 docs/specs/acpi_mem_hotplug.rst
16
delete mode 100644 docs/specs/acpi_mem_hotplug.txt
17
18
diff --git a/docs/specs/acpi_mem_hotplug.rst b/docs/specs/acpi_mem_hotplug.rst
19
new file mode 100644
20
index XXXXXXX..XXXXXXX
21
--- /dev/null
22
+++ b/docs/specs/acpi_mem_hotplug.rst
23
@@ -XXX,XX +XXX,XX @@
24
+QEMU<->ACPI BIOS memory hotplug interface
25
+=========================================
26
+
27
+ACPI BIOS GPE.3 handler is dedicated for notifying OS about memory hot-add
28
+and hot-remove events.
29
+
30
+Memory hot-plug interface (IO port 0xa00-0xa17, 1-4 byte access)
31
+----------------------------------------------------------------
32
+
33
+Read access behavior
34
+^^^^^^^^^^^^^^^^^^^^
35
+
36
+[0x0-0x3]
37
+ Lo part of memory device phys address
38
+[0x4-0x7]
39
+ Hi part of memory device phys address
40
+[0x8-0xb]
41
+ Lo part of memory device size in bytes
42
+[0xc-0xf]
43
+ Hi part of memory device size in bytes
44
+[0x10-0x13]
45
+ Memory device proximity domain
46
+[0x14]
47
+ Memory device status fields
48
+
49
+ bits:
50
+
51
+ 0:
52
+ Device is enabled and may be used by guest
53
+ 1:
54
+ Device insert event, used to distinguish device for which
55
+ no device check event to OSPM was issued.
56
+ It's valid only when bit 1 is set.
57
+ 2:
58
+ Device remove event, used to distinguish device for which
59
+ no device eject request to OSPM was issued.
60
+ 3-7:
61
+ reserved and should be ignored by OSPM
62
+
63
+[0x15-0x17]
64
+ reserved
65
+
66
+Write access behavior
67
+^^^^^^^^^^^^^^^^^^^^^
68
+
69
+
70
+[0x0-0x3]
71
+ Memory device slot selector, selects active memory device.
72
+ All following accesses to other registers in 0xa00-0xa17
73
+ region will read/store data from/to selected memory device.
74
+[0x4-0x7]
75
+ OST event code reported by OSPM
76
+[0x8-0xb]
77
+ OST status code reported by OSPM
78
+[0xc-0x13]
79
+ reserved, writes into it are ignored
80
+[0x14]
81
+ Memory device control fields
82
+
83
+ bits:
84
+
85
+ 0:
86
+ reserved, OSPM must clear it before writing to register.
87
+ Due to BUG in versions prior 2.4 that field isn't cleared
88
+ when other fields are written. Keep it reserved and don't
89
+ try to reuse it.
90
+ 1:
91
+ if set to 1 clears device insert event, set by OSPM
92
+ after it has emitted device check event for the
93
+ selected memory device
94
+ 2:
95
+ if set to 1 clears device remove event, set by OSPM
96
+ after it has emitted device eject request for the
97
+ selected memory device
98
+ 3:
99
+ if set to 1 initiates device eject, set by OSPM when it
100
+ triggers memory device removal and calls _EJ0 method
101
+ 4-7:
102
+ reserved, OSPM must clear them before writing to register
103
+
104
+Selecting memory device slot beyond present range has no effect on platform:
105
+
106
+- write accesses to memory hot-plug registers not documented above are ignored
107
+- read accesses to memory hot-plug registers not documented above return
108
+ all bits set to 1.
109
+
110
+Memory hot remove process diagram
111
+---------------------------------
112
+
113
+::
114
+
115
+ +-------------+ +-----------------------+ +------------------+
116
+ | 1. QEMU | | 2. QEMU | |3. QEMU |
117
+ | device_del +---->+ device unplug request +----->+Send SCI to guest,|
118
+ | | | cb | |return control to |
119
+ | | | | |management |
120
+ +-------------+ +-----------------------+ +------------------+
121
+
122
+ +---------------------------------------------------------------------+
123
+
124
+ +---------------------+ +-------------------------+
125
+ | OSPM: | remove event | OSPM: |
126
+ | send Eject Request, | | Scan memory devices |
127
+ | clear remove event +<-------------+ for event flags |
128
+ | | | |
129
+ +---------------------+ +-------------------------+
130
+ |
131
+ |
132
+ +---------v--------+ +-----------------------+
133
+ | Guest OS: | success | OSPM: |
134
+ | process Ejection +----------->+ Execute _EJ0 method, |
135
+ | request | | set eject bit in flags|
136
+ +------------------+ +-----------------------+
137
+ |failure |
138
+ v v
139
+ +------------------------+ +-----------------------+
140
+ | OSPM: | | QEMU: |
141
+ | set OST event & status | | call device unplug cb |
142
+ | fields | | |
143
+ +------------------------+ +-----------------------+
144
+ | |
145
+ v v
146
+ +------------------+ +-------------------+
147
+ |QEMU: | |QEMU: |
148
+ |Send OST QMP event| |Send device deleted|
149
+ | | |QMP event |
150
+ +------------------+ | |
151
+ +-------------------+
152
diff --git a/docs/specs/acpi_mem_hotplug.txt b/docs/specs/acpi_mem_hotplug.txt
153
deleted file mode 100644
154
index XXXXXXX..XXXXXXX
155
--- a/docs/specs/acpi_mem_hotplug.txt
156
+++ /dev/null
157
@@ -XXX,XX +XXX,XX @@
158
-QEMU<->ACPI BIOS memory hotplug interface
159
---------------------------------------
160
-
161
-ACPI BIOS GPE.3 handler is dedicated for notifying OS about memory hot-add
162
-and hot-remove events.
163
-
164
-Memory hot-plug interface (IO port 0xa00-0xa17, 1-4 byte access):
165
----------------------------------------------------------------
166
-0xa00:
167
- read access:
168
- [0x0-0x3] Lo part of memory device phys address
169
- [0x4-0x7] Hi part of memory device phys address
170
- [0x8-0xb] Lo part of memory device size in bytes
171
- [0xc-0xf] Hi part of memory device size in bytes
172
- [0x10-0x13] Memory device proximity domain
173
- [0x14] Memory device status fields
174
- bits:
175
- 0: Device is enabled and may be used by guest
176
- 1: Device insert event, used to distinguish device for which
177
- no device check event to OSPM was issued.
178
- It's valid only when bit 1 is set.
179
- 2: Device remove event, used to distinguish device for which
180
- no device eject request to OSPM was issued.
181
- 3-7: reserved and should be ignored by OSPM
182
- [0x15-0x17] reserved
183
-
184
- write access:
185
- [0x0-0x3] Memory device slot selector, selects active memory device.
186
- All following accesses to other registers in 0xa00-0xa17
187
- region will read/store data from/to selected memory device.
188
- [0x4-0x7] OST event code reported by OSPM
189
- [0x8-0xb] OST status code reported by OSPM
190
- [0xc-0x13] reserved, writes into it are ignored
191
- [0x14] Memory device control fields
192
- bits:
193
- 0: reserved, OSPM must clear it before writing to register.
194
- Due to BUG in versions prior 2.4 that field isn't cleared
195
- when other fields are written. Keep it reserved and don't
196
- try to reuse it.
197
- 1: if set to 1 clears device insert event, set by OSPM
198
- after it has emitted device check event for the
199
- selected memory device
200
- 2: if set to 1 clears device remove event, set by OSPM
201
- after it has emitted device eject request for the
202
- selected memory device
203
- 3: if set to 1 initiates device eject, set by OSPM when it
204
- triggers memory device removal and calls _EJ0 method
205
- 4-7: reserved, OSPM must clear them before writing to register
206
-
207
-Selecting memory device slot beyond present range has no effect on platform:
208
- - write accesses to memory hot-plug registers not documented above are
209
- ignored
210
- - read accesses to memory hot-plug registers not documented above return
211
- all bits set to 1.
212
-
213
-Memory hot remove process diagram:
214
-----------------------------------
215
- +-------------+     +-----------------------+      +------------------+     
216
- |  1. QEMU    |     | 2. QEMU               |      |3. QEMU           |     
217
- |  device_del +---->+ device unplug request +----->+Send SCI to guest,|     
218
- |             |     |         cb            |      |return control to |     
219
- +-------------+     +-----------------------+      |management        |     
220
-                                                    +------------------+     
221
-                                                                             
222
- +---------------------------------------------------------------------+     
223
-                                                                             
224
- +---------------------+              +-------------------------+            
225
- | OSPM:               | remove event | OSPM:                   |            
226
- | send Eject Request, |              | Scan memory devices     |            
227
- | clear remove event  +<-------------+ for event flags         |            
228
- |                     |              |                         |            
229
- +---------------------+              +-------------------------+            
230
-           |                                                                 
231
-           |                                                                 
232
- +---------v--------+            +-----------------------+                   
233
- | Guest OS:        |  success   | OSPM:                 |                   
234
- | process Ejection +----------->+ Execute _EJ0 method,  |                   
235
- | request          |            | set eject bit in flags|                   
236
- +------------------+            +-----------------------+                   
237
-           |failure                         |                                
238
-           v                                v                                
239
- +------------------------+      +-----------------------+                   
240
- | OSPM:                  |      | QEMU:                 |                   
241
- | set OST event & status |      | call device unplug cb |                   
242
- | fields                 |      |                       |                   
243
- +------------------------+      +-----------------------+                   
244
-          |                                  |                               
245
-          v                                  v                               
246
- +------------------+              +-------------------+                     
247
- |QEMU:             |              |QEMU:              |                     
248
- |Send OST QMP event|              |Send device deleted|                     
249
- |                  |              |QMP event          |                     
250
- +------------------+              |                   |                     
251
-                                   +-------------------+
252
diff --git a/docs/specs/index.rst b/docs/specs/index.rst
253
index XXXXXXX..XXXXXXX 100644
254
--- a/docs/specs/index.rst
255
+++ b/docs/specs/index.rst
256
@@ -XXX,XX +XXX,XX @@ guest hardware that is specific to QEMU.
257
tpm
258
acpi_hest_ghes
259
acpi_cpu_hotplug
260
+ acpi_mem_hotplug
261
--
262
2.20.1
263
264
diff view generated by jsdifflib
New patch
1
Convert the PCI hotplug spec document to rST.
1
2
3
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
5
---
6
...i_pci_hotplug.txt => acpi_pci_hotplug.rst} | 37 ++++++++++---------
7
docs/specs/index.rst | 1 +
8
2 files changed, 21 insertions(+), 17 deletions(-)
9
rename docs/specs/{acpi_pci_hotplug.txt => acpi_pci_hotplug.rst} (51%)
10
11
diff --git a/docs/specs/acpi_pci_hotplug.txt b/docs/specs/acpi_pci_hotplug.rst
12
similarity index 51%
13
rename from docs/specs/acpi_pci_hotplug.txt
14
rename to docs/specs/acpi_pci_hotplug.rst
15
index XXXXXXX..XXXXXXX 100644
16
--- a/docs/specs/acpi_pci_hotplug.txt
17
+++ b/docs/specs/acpi_pci_hotplug.rst
18
@@ -XXX,XX +XXX,XX @@
19
QEMU<->ACPI BIOS PCI hotplug interface
20
---------------------------------------
21
+======================================
22
23
QEMU supports PCI hotplug via ACPI, for PCI bus 0. This document
24
describes the interface between QEMU and the ACPI BIOS.
25
26
-ACPI GPE block (IO ports 0xafe0-0xafe3, byte access):
27
------------------------------------------
28
+ACPI GPE block (IO ports 0xafe0-0xafe3, byte access)
29
+----------------------------------------------------
30
31
Generic ACPI GPE block. Bit 1 (GPE.1) used to notify PCI hotplug/eject
32
event to ACPI BIOS, via SCI interrupt.
33
34
-PCI slot injection notification pending (IO port 0xae00-0xae03, 4-byte access):
35
----------------------------------------------------------------
36
+PCI slot injection notification pending (IO port 0xae00-0xae03, 4-byte access)
37
+------------------------------------------------------------------------------
38
+
39
Slot injection notification pending. One bit per slot.
40
41
Read by ACPI BIOS GPE.1 handler to notify OS of injection
42
events. Read-only.
43
44
-PCI slot removal notification (IO port 0xae04-0xae07, 4-byte access):
45
------------------------------------------------------
46
+PCI slot removal notification (IO port 0xae04-0xae07, 4-byte access)
47
+--------------------------------------------------------------------
48
+
49
Slot removal notification pending. One bit per slot.
50
51
Read by ACPI BIOS GPE.1 handler to notify OS of removal
52
events. Read-only.
53
54
-PCI device eject (IO port 0xae08-0xae0b, 4-byte access):
55
-----------------------------------------
56
+PCI device eject (IO port 0xae08-0xae0b, 4-byte access)
57
+-------------------------------------------------------
58
59
Write: Used by ACPI BIOS _EJ0 method to request device removal.
60
One bit per slot.
61
62
Read: Hotplug features register. Used by platform to identify features
63
available. Current base feature set (no bits set):
64
- - Read-only "up" register @0xae00, 4-byte access, bit per slot
65
- - Read-only "down" register @0xae04, 4-byte access, bit per slot
66
- - Read/write "eject" register @0xae08, 4-byte access,
67
- write: bit per slot eject, read: hotplug feature set
68
- - Read-only hotplug capable register @0xae0c, 4-byte access, bit per slot
69
70
-PCI removability status (IO port 0xae0c-0xae0f, 4-byte access):
71
------------------------------------------------
72
+- Read-only "up" register @0xae00, 4-byte access, bit per slot
73
+- Read-only "down" register @0xae04, 4-byte access, bit per slot
74
+- Read/write "eject" register @0xae08, 4-byte access,
75
+ write: bit per slot eject, read: hotplug feature set
76
+- Read-only hotplug capable register @0xae0c, 4-byte access, bit per slot
77
+
78
+PCI removability status (IO port 0xae0c-0xae0f, 4-byte access)
79
+--------------------------------------------------------------
80
81
Used by ACPI BIOS _RMV method to indicate removability status to OS. One
82
-bit per slot. Read-only
83
+bit per slot. Read-only.
84
diff --git a/docs/specs/index.rst b/docs/specs/index.rst
85
index XXXXXXX..XXXXXXX 100644
86
--- a/docs/specs/index.rst
87
+++ b/docs/specs/index.rst
88
@@ -XXX,XX +XXX,XX @@ guest hardware that is specific to QEMU.
89
acpi_hest_ghes
90
acpi_cpu_hotplug
91
acpi_mem_hotplug
92
+ acpi_pci_hotplug
93
--
94
2.20.1
95
96
diff view generated by jsdifflib
1
The documentation of the -machine memory-backend has some minor
1
Convert the ACPI NVDIMM spec document to rST.
2
formatting errors:
3
* Misindentation of the initial line meant that the whole option
4
section is incorrectly indented in the HTML output compared to
5
the other -machine options
6
* The examples weren't indented, which meant that they were formatted
7
as plain run-on text including outputting the "::" as text.
8
* The a) b) list has no rst-format markup so it is rendered as
9
a single run-on paragraph
10
11
Fix the formatting.
12
2
13
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
14
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
4
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
15
Message-id: 20210719105257.3599-1-peter.maydell@linaro.org
5
Message-id: 20210727170414.3368-5-peter.maydell@linaro.org
16
---
6
---
17
qemu-options.hx | 30 +++++++++++++++++-------------
7
docs/specs/acpi_nvdimm.rst | 228 +++++++++++++++++++++++++++++++++++++
18
1 file changed, 17 insertions(+), 13 deletions(-)
8
docs/specs/acpi_nvdimm.txt | 188 ------------------------------
9
docs/specs/index.rst | 1 +
10
3 files changed, 229 insertions(+), 188 deletions(-)
11
create mode 100644 docs/specs/acpi_nvdimm.rst
12
delete mode 100644 docs/specs/acpi_nvdimm.txt
19
13
20
diff --git a/qemu-options.hx b/qemu-options.hx
14
diff --git a/docs/specs/acpi_nvdimm.rst b/docs/specs/acpi_nvdimm.rst
15
new file mode 100644
16
index XXXXXXX..XXXXXXX
17
--- /dev/null
18
+++ b/docs/specs/acpi_nvdimm.rst
19
@@ -XXX,XX +XXX,XX @@
20
+QEMU<->ACPI BIOS NVDIMM interface
21
+=================================
22
+
23
+QEMU supports NVDIMM via ACPI. This document describes the basic concepts of
24
+NVDIMM ACPI and the interface between QEMU and the ACPI BIOS.
25
+
26
+NVDIMM ACPI Background
27
+----------------------
28
+
29
+NVDIMM is introduced in ACPI 6.0 which defines an NVDIMM root device under
30
+_SB scope with a _HID of "ACPI0012". For each NVDIMM present or intended
31
+to be supported by platform, platform firmware also exposes an ACPI
32
+Namespace Device under the root device.
33
+
34
+The NVDIMM child devices under the NVDIMM root device are defined with _ADR
35
+corresponding to the NFIT device handle. The NVDIMM root device and the
36
+NVDIMM devices can have device specific methods (_DSM) to provide additional
37
+functions specific to a particular NVDIMM implementation.
38
+
39
+This is an example from ACPI 6.0, a platform contains one NVDIMM::
40
+
41
+ Scope (\_SB){
42
+ Device (NVDR) // Root device
43
+ {
44
+ Name (_HID, "ACPI0012")
45
+ Method (_STA) {...}
46
+ Method (_FIT) {...}
47
+ Method (_DSM, ...) {...}
48
+ Device (NVD)
49
+ {
50
+ Name(_ADR, h) //where h is NFIT Device Handle for this NVDIMM
51
+ Method (_DSM, ...) {...}
52
+ }
53
+ }
54
+ }
55
+
56
+Methods supported on both NVDIMM root device and NVDIMM device
57
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
58
+
59
+_DSM (Device Specific Method)
60
+ It is a control method that enables devices to provide device specific
61
+ control functions that are consumed by the device driver.
62
+ The NVDIMM DSM specification can be found at
63
+ http://pmem.io/documents/NVDIMM_DSM_Interface_Example.pdf
64
+
65
+ Arguments:
66
+
67
+ Arg0
68
+ A Buffer containing a UUID (16 Bytes)
69
+ Arg1
70
+ An Integer containing the Revision ID (4 Bytes)
71
+ Arg2
72
+ An Integer containing the Function Index (4 Bytes)
73
+ Arg3
74
+ A package containing parameters for the function specified by the
75
+ UUID, Revision ID, and Function Index
76
+
77
+ Return Value:
78
+
79
+ If Function Index = 0, a Buffer containing a function index bitfield.
80
+ Otherwise, the return value and type depends on the UUID, revision ID
81
+ and function index which are described in the DSM specification.
82
+
83
+Methods on NVDIMM ROOT Device
84
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
85
+
86
+_FIT(Firmware Interface Table)
87
+ It evaluates to a buffer returning data in the format of a series of NFIT
88
+ Type Structure.
89
+
90
+ Arguments: None
91
+
92
+ Return Value:
93
+ A Buffer containing a list of NFIT Type structure entries.
94
+
95
+ The detailed definition of the structure can be found at ACPI 6.0: 5.2.25
96
+ NVDIMM Firmware Interface Table (NFIT).
97
+
98
+QEMU NVDIMM Implementation
99
+--------------------------
100
+
101
+QEMU uses 4 bytes IO Port starting from 0x0a18 and a RAM-based memory page
102
+for NVDIMM ACPI.
103
+
104
+Memory:
105
+ QEMU uses BIOS Linker/loader feature to ask BIOS to allocate a memory
106
+ page and dynamically patch its address into an int32 object named "MEMA"
107
+ in ACPI.
108
+
109
+ This page is RAM-based and it is used to transfer data between _DSM
110
+ method and QEMU. If ACPI has control, this pages is owned by ACPI which
111
+ writes _DSM input data to it, otherwise, it is owned by QEMU which
112
+ emulates _DSM access and writes the output data to it.
113
+
114
+ ACPI writes _DSM Input Data (based on the offset in the page):
115
+
116
+ [0x0 - 0x3]
117
+ 4 bytes, NVDIMM Device Handle.
118
+
119
+ The handle is completely QEMU internal thing, the values in
120
+ range [1, 0xFFFF] indicate nvdimm device. Other values are
121
+ reserved for other purposes.
122
+
123
+ Reserved handles:
124
+
125
+ - 0 is reserved for nvdimm root device named NVDR.
126
+ - 0x10000 is reserved for QEMU internal DSM function called on
127
+ the root device.
128
+
129
+ [0x4 - 0x7]
130
+ 4 bytes, Revision ID, that is the Arg1 of _DSM method.
131
+
132
+ [0x8 - 0xB]
133
+ 4 bytes. Function Index, that is the Arg2 of _DSM method.
134
+
135
+ [0xC - 0xFFF]
136
+ 4084 bytes, the Arg3 of _DSM method.
137
+
138
+ QEMU writes Output Data (based on the offset in the page):
139
+
140
+ [0x0 - 0x3]
141
+ 4 bytes, the length of result
142
+
143
+ [0x4 - 0xFFF]
144
+ 4092 bytes, the DSM result filled by QEMU
145
+
146
+IO Port 0x0a18 - 0xa1b:
147
+ ACPI writes the address of the memory page allocated by BIOS to this
148
+ port then QEMU gets the control and fills the result in the memory page.
149
+
150
+ Write Access:
151
+
152
+ [0x0a18 - 0xa1b]
153
+ 4 bytes, the address of the memory page allocated by BIOS.
154
+
155
+_DSM process diagram
156
+--------------------
157
+
158
+"MEMA" indicates the address of memory page allocated by BIOS.
159
+
160
+::
161
+
162
+ +----------------------+ +-----------------------+
163
+ | 1. OSPM | | 2. OSPM |
164
+ | save _DSM input data | | write "MEMA" to | Exit to QEMU
165
+ | to the page +----->| IO port 0x0a18 +------------+
166
+ | indicated by "MEMA" | | | |
167
+ +----------------------+ +-----------------------+ |
168
+ |
169
+ v
170
+ +--------------------+ +-----------+ +------------------+--------+
171
+ | 5 QEMU | | 4 QEMU | | 3. QEMU |
172
+ | write _DSM result | | emulate | | get _DSM input data from |
173
+ | to the page +<------+ _DSM +<-----+ the page indicated by the |
174
+ | | | | | value from the IO port |
175
+ +--------+-----------+ +-----------+ +---------------------------+
176
+ |
177
+ | Enter Guest
178
+ |
179
+ v
180
+ +--------------------------+ +--------------+
181
+ | 6 OSPM | | 7 OSPM |
182
+ | result size is returned | | _DSM return |
183
+ | by reading DSM +----->+ |
184
+ | result from the page | | |
185
+ +--------------------------+ +--------------+
186
+
187
+NVDIMM hotplug
188
+--------------
189
+
190
+ACPI BIOS GPE.4 handler is dedicated for notifying OS about nvdimm device
191
+hot-add event.
192
+
193
+QEMU internal use only _DSM functions
194
+-------------------------------------
195
+
196
+Read FIT
197
+^^^^^^^^
198
+
199
+_FIT method uses _DSM method to fetch NFIT structures blob from QEMU
200
+in 1 page sized increments which are then concatenated and returned
201
+as _FIT method result.
202
+
203
+Input parameters:
204
+
205
+Arg0
206
+ UUID {set to 648B9CF2-CDA1-4312-8AD9-49C4AF32BD62}
207
+Arg1
208
+ Revision ID (set to 1)
209
+Arg2
210
+ Function Index, 0x1
211
+Arg3
212
+ A package containing a buffer whose layout is as follows:
213
+
214
+ +----------+--------+--------+-------------------------------------------+
215
+ | Field | Length | Offset | Description |
216
+ +----------+--------+--------+-------------------------------------------+
217
+ | offset | 4 | 0 | offset in QEMU's NFIT structures blob to |
218
+ | | | | read from |
219
+ +----------+--------+--------+-------------------------------------------+
220
+
221
+Output layout in the dsm memory page:
222
+
223
+ +----------+--------+--------+-------------------------------------------+
224
+ | Field | Length | Offset | Description |
225
+ +----------+--------+--------+-------------------------------------------+
226
+ | length | 4 | 0 | length of entire returned data |
227
+ | | | | (including this header) |
228
+ +----------+--------+--------+-------------------------------------------+
229
+ | | | | return status codes |
230
+ | | | | |
231
+ | | | | - 0x0 - success |
232
+ | | | | - 0x100 - error caused by NFIT update |
233
+ | status | 4 | 4 | while read by _FIT wasn't completed |
234
+ | | | | - other codes follow Chapter 3 in |
235
+ | | | | DSM Spec Rev1 |
236
+ +----------+--------+--------+-------------------------------------------+
237
+ | fit data | Varies | 8 | contains FIT data. This field is present |
238
+ | | | | if status field is 0. |
239
+ +----------+--------+--------+-------------------------------------------+
240
+
241
+The FIT offset is maintained by the OSPM itself, current offset plus
242
+the size of the fit data returned by the function is the next offset
243
+OSPM should read. When all FIT data has been read out, zero fit data
244
+size is returned.
245
+
246
+If it returns status code 0x100, OSPM should restart to read FIT (read
247
+from offset 0 again).
248
diff --git a/docs/specs/acpi_nvdimm.txt b/docs/specs/acpi_nvdimm.txt
249
deleted file mode 100644
250
index XXXXXXX..XXXXXXX
251
--- a/docs/specs/acpi_nvdimm.txt
252
+++ /dev/null
253
@@ -XXX,XX +XXX,XX @@
254
-QEMU<->ACPI BIOS NVDIMM interface
255
----------------------------------
256
-
257
-QEMU supports NVDIMM via ACPI. This document describes the basic concepts of
258
-NVDIMM ACPI and the interface between QEMU and the ACPI BIOS.
259
-
260
-NVDIMM ACPI Background
261
-----------------------
262
-NVDIMM is introduced in ACPI 6.0 which defines an NVDIMM root device under
263
-_SB scope with a _HID of “ACPI0012”. For each NVDIMM present or intended
264
-to be supported by platform, platform firmware also exposes an ACPI
265
-Namespace Device under the root device.
266
-
267
-The NVDIMM child devices under the NVDIMM root device are defined with _ADR
268
-corresponding to the NFIT device handle. The NVDIMM root device and the
269
-NVDIMM devices can have device specific methods (_DSM) to provide additional
270
-functions specific to a particular NVDIMM implementation.
271
-
272
-This is an example from ACPI 6.0, a platform contains one NVDIMM:
273
-
274
-Scope (\_SB){
275
- Device (NVDR) // Root device
276
- {
277
- Name (_HID, “ACPI0012”)
278
- Method (_STA) {...}
279
- Method (_FIT) {...}
280
- Method (_DSM, ...) {...}
281
- Device (NVD)
282
- {
283
- Name(_ADR, h) //where h is NFIT Device Handle for this NVDIMM
284
- Method (_DSM, ...) {...}
285
- }
286
- }
287
-}
288
-
289
-Method supported on both NVDIMM root device and NVDIMM device
290
-_DSM (Device Specific Method)
291
- It is a control method that enables devices to provide device specific
292
- control functions that are consumed by the device driver.
293
- The NVDIMM DSM specification can be found at:
294
- http://pmem.io/documents/NVDIMM_DSM_Interface_Example.pdf
295
-
296
- Arguments:
297
- Arg0 – A Buffer containing a UUID (16 Bytes)
298
- Arg1 – An Integer containing the Revision ID (4 Bytes)
299
- Arg2 – An Integer containing the Function Index (4 Bytes)
300
- Arg3 – A package containing parameters for the function specified by the
301
- UUID, Revision ID, and Function Index
302
-
303
- Return Value:
304
- If Function Index = 0, a Buffer containing a function index bitfield.
305
- Otherwise, the return value and type depends on the UUID, revision ID
306
- and function index which are described in the DSM specification.
307
-
308
-Methods on NVDIMM ROOT Device
309
-_FIT(Firmware Interface Table)
310
- It evaluates to a buffer returning data in the format of a series of NFIT
311
- Type Structure.
312
-
313
- Arguments: None
314
-
315
- Return Value:
316
- A Buffer containing a list of NFIT Type structure entries.
317
-
318
- The detailed definition of the structure can be found at ACPI 6.0: 5.2.25
319
- NVDIMM Firmware Interface Table (NFIT).
320
-
321
-QEMU NVDIMM Implementation
322
-==========================
323
-QEMU uses 4 bytes IO Port starting from 0x0a18 and a RAM-based memory page
324
-for NVDIMM ACPI.
325
-
326
-Memory:
327
- QEMU uses BIOS Linker/loader feature to ask BIOS to allocate a memory
328
- page and dynamically patch its address into an int32 object named "MEMA"
329
- in ACPI.
330
-
331
- This page is RAM-based and it is used to transfer data between _DSM
332
- method and QEMU. If ACPI has control, this pages is owned by ACPI which
333
- writes _DSM input data to it, otherwise, it is owned by QEMU which
334
- emulates _DSM access and writes the output data to it.
335
-
336
- ACPI writes _DSM Input Data (based on the offset in the page):
337
- [0x0 - 0x3]: 4 bytes, NVDIMM Device Handle.
338
-
339
- The handle is completely QEMU internal thing, the values in
340
- range [1, 0xFFFF] indicate nvdimm device. Other values are
341
- reserved for other purposes.
342
-
343
- Reserved handles:
344
- 0 is reserved for nvdimm root device named NVDR.
345
- 0x10000 is reserved for QEMU internal DSM function called on
346
- the root device.
347
-
348
- [0x4 - 0x7]: 4 bytes, Revision ID, that is the Arg1 of _DSM method.
349
- [0x8 - 0xB]: 4 bytes. Function Index, that is the Arg2 of _DSM method.
350
- [0xC - 0xFFF]: 4084 bytes, the Arg3 of _DSM method.
351
-
352
- QEMU Writes Output Data (based on the offset in the page):
353
- [0x0 - 0x3]: 4 bytes, the length of result
354
- [0x4 - 0xFFF]: 4092 bytes, the DSM result filled by QEMU
355
-
356
-IO Port 0x0a18 - 0xa1b:
357
- ACPI writes the address of the memory page allocated by BIOS to this
358
- port then QEMU gets the control and fills the result in the memory page.
359
-
360
- write Access:
361
- [0x0a18 - 0xa1b]: 4 bytes, the address of the memory page allocated
362
- by BIOS.
363
-
364
-_DSM process diagram:
365
----------------------
366
-"MEMA" indicates the address of memory page allocated by BIOS.
367
-
368
- +----------------------+   +-----------------------+
369
- |   1. OSPM   |      | 2. OSPM |
370
- | save _DSM input data | | write "MEMA" to | Exit to QEMU
371
- | to the page +----->| IO port 0x0a18 +------------+
372
- | indicated by "MEMA" | | | |
373
- +----------------------+ +-----------------------+ |
374
-  |
375
-  v
376
- +------------- ----+ +-----------+ +------------------+--------+
377
- | 5 QEMU | | 4 QEMU | | 3. QEMU |
378
- | write _DSM result | | emulate | | get _DSM input data from |
379
- | to the page +<------+ _DSM +<-----+ the page indicated by the |
380
- | | | | | value from the IO port |
381
- +--------+-----------+ +-----------+ +---------------------------+
382
- |
383
- | Enter Guest
384
- |
385
- v
386
- +--------------------------+ +--------------+
387
- | 6 OSPM | | 7 OSPM |
388
- | result size is returned | | _DSM return |
389
- | by reading DSM +----->+ |
390
- | result from the page | | |
391
- +--------------------------+ +--------------+
392
-
393
-NVDIMM hotplug
394
---------------
395
-ACPI BIOS GPE.4 handler is dedicated for notifying OS about nvdimm device
396
-hot-add event.
397
-
398
-QEMU internal use only _DSM function
399
-------------------------------------
400
-1) Read FIT
401
- _FIT method uses _DSM method to fetch NFIT structures blob from QEMU
402
- in 1 page sized increments which are then concatenated and returned
403
- as _FIT method result.
404
-
405
- Input parameters:
406
- Arg0 – UUID {set to 648B9CF2-CDA1-4312-8AD9-49C4AF32BD62}
407
- Arg1 – Revision ID (set to 1)
408
- Arg2 - Function Index, 0x1
409
- Arg3 - A package containing a buffer whose layout is as follows:
410
-
411
- +----------+--------+--------+-------------------------------------------+
412
- | Field | Length | Offset | Description |
413
- +----------+--------+--------+-------------------------------------------+
414
- | offset | 4 | 0 | offset in QEMU's NFIT structures blob to |
415
- | | | | read from |
416
- +----------+--------+--------+-------------------------------------------+
417
-
418
- Output layout in the dsm memory page:
419
- +----------+--------+--------+-------------------------------------------+
420
- | Field | Length | Offset | Description |
421
- +----------+--------+--------+-------------------------------------------+
422
- | length | 4 | 0 | length of entire returned data |
423
- | | | | (including this header) |
424
- +----------+-----------------+-------------------------------------------+
425
- | | | | return status codes |
426
- | | | | 0x0 - success |
427
- | | | | 0x100 - error caused by NFIT update while |
428
- | status | 4 | 4 | read by _FIT wasn't completed, other |
429
- | | | | codes follow Chapter 3 in DSM Spec Rev1 |
430
- +----------+-----------------+-------------------------------------------+
431
- | fit data | Varies | 8 | contains FIT data, this field is present |
432
- | | | | if status field is 0; |
433
- +----------+--------+--------+-------------------------------------------+
434
-
435
- The FIT offset is maintained by the OSPM itself, current offset plus
436
- the size of the fit data returned by the function is the next offset
437
- OSPM should read. When all FIT data has been read out, zero fit data
438
- size is returned.
439
-
440
- If it returns status code 0x100, OSPM should restart to read FIT (read
441
- from offset 0 again).
442
diff --git a/docs/specs/index.rst b/docs/specs/index.rst
21
index XXXXXXX..XXXXXXX 100644
443
index XXXXXXX..XXXXXXX 100644
22
--- a/qemu-options.hx
444
--- a/docs/specs/index.rst
23
+++ b/qemu-options.hx
445
+++ b/docs/specs/index.rst
24
@@ -XXX,XX +XXX,XX @@ SRST
446
@@ -XXX,XX +XXX,XX @@ guest hardware that is specific to QEMU.
25
Enables or disables ACPI Heterogeneous Memory Attribute Table
447
acpi_cpu_hotplug
26
(HMAT) support. The default is off.
448
acpi_mem_hotplug
27
449
acpi_pci_hotplug
28
- ``memory-backend='id'``
450
+ acpi_nvdimm
29
+ ``memory-backend='id'``
30
An alternative to legacy ``-mem-path`` and ``mem-prealloc`` options.
31
Allows to use a memory backend as main RAM.
32
33
For example:
34
::
35
- -object memory-backend-file,id=pc.ram,size=512M,mem-path=/hugetlbfs,prealloc=on,share=on
36
- -machine memory-backend=pc.ram
37
- -m 512M
38
+
39
+ -object memory-backend-file,id=pc.ram,size=512M,mem-path=/hugetlbfs,prealloc=on,share=on
40
+ -machine memory-backend=pc.ram
41
+ -m 512M
42
43
Migration compatibility note:
44
- a) as backend id one shall use value of 'default-ram-id', advertised by
45
- machine type (available via ``query-machines`` QMP command), if migration
46
- to/from old QEMU (<5.0) is expected.
47
- b) for machine types 4.0 and older, user shall
48
- use ``x-use-canonical-path-for-ramblock-id=off`` backend option
49
- if migration to/from old QEMU (<5.0) is expected.
50
+
51
+ * as backend id one shall use value of 'default-ram-id', advertised by
52
+ machine type (available via ``query-machines`` QMP command), if migration
53
+ to/from old QEMU (<5.0) is expected.
54
+ * for machine types 4.0 and older, user shall
55
+ use ``x-use-canonical-path-for-ramblock-id=off`` backend option
56
+ if migration to/from old QEMU (<5.0) is expected.
57
+
58
For example:
59
::
60
- -object memory-backend-ram,id=pc.ram,size=512M,x-use-canonical-path-for-ramblock-id=off
61
- -machine memory-backend=pc.ram
62
- -m 512M
63
+
64
+ -object memory-backend-ram,id=pc.ram,size=512M,x-use-canonical-path-for-ramblock-id=off
65
+ -machine memory-backend=pc.ram
66
+ -m 512M
67
ERST
68
69
HXCOMM Deprecated by -machine
70
--
451
--
71
2.20.1
452
2.20.1
72
453
73
454
diff view generated by jsdifflib
1
From: Mao Zhongyi <maozhongyi@cmss.chinamobile.com>
1
Add entries for the ACPI specs documents in docs/specs to
2
appropriate sections of MAINTAINERS.
2
3
3
Missed in commit f3478392 "docs: Move deprecation, build
4
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4
and license info out of system/"
5
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
6
Message-id: 20210727170414.3368-6-peter.maydell@linaro.org
7
---
8
MAINTAINERS | 5 +++++
9
1 file changed, 5 insertions(+)
5
10
6
Signed-off-by: Mao Zhongyi <maozhongyi@cmss.chinamobile.com>
7
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
8
Message-id: 20210723065828.1336760-1-maozhongyi@cmss.chinamobile.com
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
configure | 2 +-
12
target/i386/cpu.c | 2 +-
13
MAINTAINERS | 2 +-
14
3 files changed, 3 insertions(+), 3 deletions(-)
15
16
diff --git a/configure b/configure
17
index XXXXXXX..XXXXXXX 100755
18
--- a/configure
19
+++ b/configure
20
@@ -XXX,XX +XXX,XX @@ fi
21
22
if test -n "${deprecated_features}"; then
23
echo "Warning, deprecated features enabled."
24
- echo "Please see docs/system/deprecated.rst"
25
+ echo "Please see docs/about/deprecated.rst"
26
echo " features: ${deprecated_features}"
27
fi
28
29
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
30
index XXXXXXX..XXXXXXX 100644
31
--- a/target/i386/cpu.c
32
+++ b/target/i386/cpu.c
33
@@ -XXX,XX +XXX,XX @@ static const X86CPUDefinition builtin_x86_defs[] = {
34
* none", but this is just for compatibility while libvirt isn't
35
* adapted to resolve CPU model versions before creating VMs.
36
* See "Runnability guarantee of CPU models" at
37
- * docs/system/deprecated.rst.
38
+ * docs/about/deprecated.rst.
39
*/
40
X86CPUVersion default_cpu_version = 1;
41
42
diff --git a/MAINTAINERS b/MAINTAINERS
11
diff --git a/MAINTAINERS b/MAINTAINERS
43
index XXXXXXX..XXXXXXX 100644
12
index XXXXXXX..XXXXXXX 100644
44
--- a/MAINTAINERS
13
--- a/MAINTAINERS
45
+++ b/MAINTAINERS
14
+++ b/MAINTAINERS
46
@@ -XXX,XX +XXX,XX @@ F: contrib/gitdm/*
15
@@ -XXX,XX +XXX,XX @@ F: qapi/acpi.json
47
16
F: tests/qtest/bios-tables-test*
48
Incompatible changes
17
F: tests/qtest/acpi-utils.[hc]
49
R: libvir-list@redhat.com
18
F: tests/data/acpi/
50
-F: docs/system/deprecated.rst
19
+F: docs/specs/acpi_cpu_hotplug.rst
51
+F: docs/about/deprecated.rst
20
+F: docs/specs/acpi_mem_hotplug.rst
52
21
+F: docs/specs/acpi_pci_hotplug.rst
53
Build System
22
+F: docs/specs/acpi_hw_reduced_hotplug.rst
54
------------
23
24
ACPI/HEST/GHES
25
R: Dongjiu Geng <gengdongjiu1@gmail.com>
26
@@ -XXX,XX +XXX,XX @@ F: hw/acpi/nvdimm.c
27
F: hw/mem/nvdimm.c
28
F: include/hw/mem/nvdimm.h
29
F: docs/nvdimm.txt
30
+F: docs/specs/acpi_nvdimm.rst
31
32
e1000x
33
M: Dmitry Fleytman <dmitry.fleytman@gmail.com>
55
--
34
--
56
2.20.1
35
2.20.1
57
36
58
37
diff view generated by jsdifflib
New patch
1
The xen_available() function is used only to produce an error
2
for some Xen-specific command line options in QEMU binaries where
3
Xen support was not compiled in: it just returns the value of
4
the CONFIG_XEN define.
1
5
6
Now that accelerators are QOM classes, we can check for
7
"does this binary have Xen compiled in" with accel_find("xen"),
8
and drop the xen_available() function.
9
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
12
Message-id: 20210730105947.28215-2-peter.maydell@linaro.org
13
---
14
include/sysemu/arch_init.h | 1 -
15
softmmu/arch_init.c | 9 ---------
16
softmmu/vl.c | 6 +++---
17
3 files changed, 3 insertions(+), 13 deletions(-)
18
19
diff --git a/include/sysemu/arch_init.h b/include/sysemu/arch_init.h
20
index XXXXXXX..XXXXXXX 100644
21
--- a/include/sysemu/arch_init.h
22
+++ b/include/sysemu/arch_init.h
23
@@ -XXX,XX +XXX,XX @@ enum {
24
extern const uint32_t arch_type;
25
26
int kvm_available(void);
27
-int xen_available(void);
28
29
/* default virtio transport per architecture */
30
#define QEMU_ARCH_VIRTIO_PCI (QEMU_ARCH_ALPHA | QEMU_ARCH_ARM | \
31
diff --git a/softmmu/arch_init.c b/softmmu/arch_init.c
32
index XXXXXXX..XXXXXXX 100644
33
--- a/softmmu/arch_init.c
34
+++ b/softmmu/arch_init.c
35
@@ -XXX,XX +XXX,XX @@ int kvm_available(void)
36
return 0;
37
#endif
38
}
39
-
40
-int xen_available(void)
41
-{
42
-#ifdef CONFIG_XEN
43
- return 1;
44
-#else
45
- return 0;
46
-#endif
47
-}
48
diff --git a/softmmu/vl.c b/softmmu/vl.c
49
index XXXXXXX..XXXXXXX 100644
50
--- a/softmmu/vl.c
51
+++ b/softmmu/vl.c
52
@@ -XXX,XX +XXX,XX @@ void qemu_init(int argc, char **argv, char **envp)
53
has_defaults = 0;
54
break;
55
case QEMU_OPTION_xen_domid:
56
- if (!(xen_available())) {
57
+ if (!(accel_find("xen"))) {
58
error_report("Option not supported for this target");
59
exit(1);
60
}
61
xen_domid = atoi(optarg);
62
break;
63
case QEMU_OPTION_xen_attach:
64
- if (!(xen_available())) {
65
+ if (!(accel_find("xen"))) {
66
error_report("Option not supported for this target");
67
exit(1);
68
}
69
xen_mode = XEN_ATTACH;
70
break;
71
case QEMU_OPTION_xen_domid_restrict:
72
- if (!(xen_available())) {
73
+ if (!(accel_find("xen"))) {
74
error_report("Option not supported for this target");
75
exit(1);
76
}
77
--
78
2.20.1
79
80
diff view generated by jsdifflib
New patch
1
The kvm_available() function reports whether KVM support was
2
compiled into the QEMU binary; it returns the value of the
3
CONFIG_KVM define.
1
4
5
The only place in the codebase where we use this function is
6
in qmp_query_kvm(). Now that accelerators are based on QOM
7
classes we can instead use accel_find("kvm") and remove the
8
kvm_available() function.
9
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
12
Message-id: 20210730105947.28215-3-peter.maydell@linaro.org
13
---
14
include/sysemu/arch_init.h | 2 --
15
monitor/qmp-cmds.c | 2 +-
16
softmmu/arch_init.c | 9 ---------
17
3 files changed, 1 insertion(+), 12 deletions(-)
18
19
diff --git a/include/sysemu/arch_init.h b/include/sysemu/arch_init.h
20
index XXXXXXX..XXXXXXX 100644
21
--- a/include/sysemu/arch_init.h
22
+++ b/include/sysemu/arch_init.h
23
@@ -XXX,XX +XXX,XX @@ enum {
24
25
extern const uint32_t arch_type;
26
27
-int kvm_available(void);
28
-
29
/* default virtio transport per architecture */
30
#define QEMU_ARCH_VIRTIO_PCI (QEMU_ARCH_ALPHA | QEMU_ARCH_ARM | \
31
QEMU_ARCH_HPPA | QEMU_ARCH_I386 | \
32
diff --git a/monitor/qmp-cmds.c b/monitor/qmp-cmds.c
33
index XXXXXXX..XXXXXXX 100644
34
--- a/monitor/qmp-cmds.c
35
+++ b/monitor/qmp-cmds.c
36
@@ -XXX,XX +XXX,XX @@ KvmInfo *qmp_query_kvm(Error **errp)
37
KvmInfo *info = g_malloc0(sizeof(*info));
38
39
info->enabled = kvm_enabled();
40
- info->present = kvm_available();
41
+ info->present = accel_find("kvm");
42
43
return info;
44
}
45
diff --git a/softmmu/arch_init.c b/softmmu/arch_init.c
46
index XXXXXXX..XXXXXXX 100644
47
--- a/softmmu/arch_init.c
48
+++ b/softmmu/arch_init.c
49
@@ -XXX,XX +XXX,XX @@ int graphic_depth = 32;
50
#endif
51
52
const uint32_t arch_type = QEMU_ARCH;
53
-
54
-int kvm_available(void)
55
-{
56
-#ifdef CONFIG_KVM
57
- return 1;
58
-#else
59
- return 0;
60
-#endif
61
-}
62
--
63
2.20.1
64
65
diff view generated by jsdifflib
1
The ISCR.ISRPENDING bit is set when an external interrupt is pending.
1
arch_init.c does very little but has a long list of #include lines.
2
This is true whether that external interrupt is enabled or not.
2
Remove all the unnecessary ones.
3
This means that we can't use 's->vectpending == 0' as a shortcut to
4
"ISRPENDING is zero", because s->vectpending indicates only the
5
highest priority pending enabled interrupt.
6
7
Remove the incorrect optimization so that if there is no pending
8
enabled interrupt we fall through to scanning through the whole
9
interrupt array.
10
3
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
5
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
13
Message-id: 20210723162146.5167-5-peter.maydell@linaro.org
6
Message-id: 20210730105947.28215-4-peter.maydell@linaro.org
14
---
7
---
15
hw/intc/armv7m_nvic.c | 9 ++++-----
8
softmmu/arch_init.c | 7 -------
16
1 file changed, 4 insertions(+), 5 deletions(-)
9
1 file changed, 7 deletions(-)
17
10
18
diff --git a/hw/intc/armv7m_nvic.c b/hw/intc/armv7m_nvic.c
11
diff --git a/softmmu/arch_init.c b/softmmu/arch_init.c
19
index XXXXXXX..XXXXXXX 100644
12
index XXXXXXX..XXXXXXX 100644
20
--- a/hw/intc/armv7m_nvic.c
13
--- a/softmmu/arch_init.c
21
+++ b/hw/intc/armv7m_nvic.c
14
+++ b/softmmu/arch_init.c
22
@@ -XXX,XX +XXX,XX @@ static bool nvic_isrpending(NVICState *s)
15
@@ -XXX,XX +XXX,XX @@
23
{
16
*/
24
int irq;
17
#include "qemu/osdep.h"
25
18
#include "sysemu/arch_init.h"
26
- /* We can shortcut if the highest priority pending interrupt
19
-#include "hw/pci/pci.h"
27
- * happens to be external or if there is nothing pending.
20
-#include "hw/audio/soundhw.h"
28
+ /*
21
-#include "qapi/error.h"
29
+ * We can shortcut if the highest priority pending interrupt
22
-#include "qemu/config-file.h"
30
+ * happens to be external; if not we need to check the whole
23
-#include "qemu/error-report.h"
31
+ * vectors[] array.
24
-#include "hw/acpi/acpi.h"
32
*/
25
-#include "qemu/help_option.h"
33
if (s->vectpending > NVIC_FIRST_IRQ) {
26
34
return true;
27
#ifdef TARGET_SPARC
35
}
28
int graphic_width = 1024;
36
- if (s->vectpending == 0) {
37
- return false;
38
- }
39
40
for (irq = NVIC_FIRST_IRQ; irq < s->num_irq; irq++) {
41
if (s->vectors[irq].pending) {
42
--
29
--
43
2.20.1
30
2.20.1
44
31
45
32
diff view generated by jsdifflib
New patch
1
Instead of using an ifdef ladder in arch_init.c (which we then have
2
to manually update every time we add or remove a target
3
architecture), have meson.build put "#define QEMU_ARCH QEMU_ARCH_FOO"
4
in the config-target.h file.
1
5
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
8
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
9
Message-id: 20210730105947.28215-5-peter.maydell@linaro.org
10
---
11
meson.build | 2 ++
12
softmmu/arch_init.c | 41 -----------------------------------------
13
2 files changed, 2 insertions(+), 41 deletions(-)
14
15
diff --git a/meson.build b/meson.build
16
index XXXXXXX..XXXXXXX 100644
17
--- a/meson.build
18
+++ b/meson.build
19
@@ -XXX,XX +XXX,XX @@ foreach target : target_dirs
20
config_target_data.set(k, v)
21
endif
22
endforeach
23
+ config_target_data.set('QEMU_ARCH',
24
+ 'QEMU_ARCH_' + config_target['TARGET_BASE_ARCH'].to_upper())
25
config_target_h += {target: configure_file(output: target + '-config-target.h',
26
configuration: config_target_data)}
27
28
diff --git a/softmmu/arch_init.c b/softmmu/arch_init.c
29
index XXXXXXX..XXXXXXX 100644
30
--- a/softmmu/arch_init.c
31
+++ b/softmmu/arch_init.c
32
@@ -XXX,XX +XXX,XX @@ int graphic_height = 600;
33
int graphic_depth = 32;
34
#endif
35
36
-
37
-#if defined(TARGET_ALPHA)
38
-#define QEMU_ARCH QEMU_ARCH_ALPHA
39
-#elif defined(TARGET_ARM)
40
-#define QEMU_ARCH QEMU_ARCH_ARM
41
-#elif defined(TARGET_CRIS)
42
-#define QEMU_ARCH QEMU_ARCH_CRIS
43
-#elif defined(TARGET_HPPA)
44
-#define QEMU_ARCH QEMU_ARCH_HPPA
45
-#elif defined(TARGET_I386)
46
-#define QEMU_ARCH QEMU_ARCH_I386
47
-#elif defined(TARGET_M68K)
48
-#define QEMU_ARCH QEMU_ARCH_M68K
49
-#elif defined(TARGET_MICROBLAZE)
50
-#define QEMU_ARCH QEMU_ARCH_MICROBLAZE
51
-#elif defined(TARGET_MIPS)
52
-#define QEMU_ARCH QEMU_ARCH_MIPS
53
-#elif defined(TARGET_NIOS2)
54
-#define QEMU_ARCH QEMU_ARCH_NIOS2
55
-#elif defined(TARGET_OPENRISC)
56
-#define QEMU_ARCH QEMU_ARCH_OPENRISC
57
-#elif defined(TARGET_PPC)
58
-#define QEMU_ARCH QEMU_ARCH_PPC
59
-#elif defined(TARGET_RISCV)
60
-#define QEMU_ARCH QEMU_ARCH_RISCV
61
-#elif defined(TARGET_RX)
62
-#define QEMU_ARCH QEMU_ARCH_RX
63
-#elif defined(TARGET_S390X)
64
-#define QEMU_ARCH QEMU_ARCH_S390X
65
-#elif defined(TARGET_SH4)
66
-#define QEMU_ARCH QEMU_ARCH_SH4
67
-#elif defined(TARGET_SPARC)
68
-#define QEMU_ARCH QEMU_ARCH_SPARC
69
-#elif defined(TARGET_TRICORE)
70
-#define QEMU_ARCH QEMU_ARCH_TRICORE
71
-#elif defined(TARGET_XTENSA)
72
-#define QEMU_ARCH QEMU_ARCH_XTENSA
73
-#elif defined(TARGET_AVR)
74
-#define QEMU_ARCH QEMU_ARCH_AVR
75
-#endif
76
-
77
const uint32_t arch_type = QEMU_ARCH;
78
--
79
2.20.1
80
81
diff view generated by jsdifflib
New patch
1
When Hexagon was added we forgot to add it to the QEMU_ARCH_*
2
enumeration. This doesn't cause a visible effect because at the
3
moment Hexagon is linux-user only and the QEMU_ARCH_* constants are
4
only used in softmmu, but we might as well add it in, since it's the
5
only architecture currently missing from the list.
1
6
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
9
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
10
Reviewed-by: Taylor Simpson <tsimpson@quicinc.com>
11
Message-id: 20210730105947.28215-6-peter.maydell@linaro.org
12
---
13
include/sysemu/arch_init.h | 1 +
14
1 file changed, 1 insertion(+)
15
16
diff --git a/include/sysemu/arch_init.h b/include/sysemu/arch_init.h
17
index XXXXXXX..XXXXXXX 100644
18
--- a/include/sysemu/arch_init.h
19
+++ b/include/sysemu/arch_init.h
20
@@ -XXX,XX +XXX,XX @@ enum {
21
QEMU_ARCH_RISCV = (1 << 19),
22
QEMU_ARCH_RX = (1 << 20),
23
QEMU_ARCH_AVR = (1 << 21),
24
+ QEMU_ARCH_HEXAGON = (1 << 22),
25
26
QEMU_ARCH_NONE = (1 << 31),
27
};
28
--
29
2.20.1
30
31
diff view generated by jsdifflib
1
For M-profile, we weren't reporting alignment faults triggered by the
1
The QEMU_ARCH_VIRTIO_* defines are used only in one file,
2
generic TCG code correctly to the guest. These get passed into
2
qdev-monitor.c. Move them to that file.
3
arm_v7m_cpu_do_interrupt() as an EXCP_DATA_ABORT with an A-profile
4
style exception.fsr value of 1. We didn't check for this, and so
5
they fell through into the default of "assume this is an MPU fault"
6
and were reported to the guest as a data access violation MPU fault.
7
8
Report these alignment faults as UsageFaults which set the UNALIGNED
9
bit in the UFSR.
10
3
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
5
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
13
Message-id: 20210723162146.5167-4-peter.maydell@linaro.org
6
Reviewed-by: Markus Armbruster <armbru@redhat.com>
7
Message-id: 20210730105947.28215-7-peter.maydell@linaro.org
14
---
8
---
15
target/arm/m_helper.c | 8 ++++++++
9
include/sysemu/arch_init.h | 9 ---------
16
1 file changed, 8 insertions(+)
10
softmmu/qdev-monitor.c | 9 +++++++++
11
2 files changed, 9 insertions(+), 9 deletions(-)
17
12
18
diff --git a/target/arm/m_helper.c b/target/arm/m_helper.c
13
diff --git a/include/sysemu/arch_init.h b/include/sysemu/arch_init.h
19
index XXXXXXX..XXXXXXX 100644
14
index XXXXXXX..XXXXXXX 100644
20
--- a/target/arm/m_helper.c
15
--- a/include/sysemu/arch_init.h
21
+++ b/target/arm/m_helper.c
16
+++ b/include/sysemu/arch_init.h
22
@@ -XXX,XX +XXX,XX @@ void arm_v7m_cpu_do_interrupt(CPUState *cs)
17
@@ -XXX,XX +XXX,XX @@ enum {
23
env->v7m.sfsr |= R_V7M_SFSR_LSERR_MASK;
18
24
break;
19
extern const uint32_t arch_type;
25
case EXCP_UNALIGNED:
20
26
+ /* Unaligned faults reported by M-profile aware code */
21
-/* default virtio transport per architecture */
27
armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_USAGE, env->v7m.secure);
22
-#define QEMU_ARCH_VIRTIO_PCI (QEMU_ARCH_ALPHA | QEMU_ARCH_ARM | \
28
env->v7m.cfsr[env->v7m.secure] |= R_V7M_CFSR_UNALIGNED_MASK;
23
- QEMU_ARCH_HPPA | QEMU_ARCH_I386 | \
29
break;
24
- QEMU_ARCH_MIPS | QEMU_ARCH_PPC | \
30
@@ -XXX,XX +XXX,XX @@ void arm_v7m_cpu_do_interrupt(CPUState *cs)
25
- QEMU_ARCH_RISCV | QEMU_ARCH_SH4 | \
31
}
26
- QEMU_ARCH_SPARC | QEMU_ARCH_XTENSA)
32
armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_BUS, false);
27
-#define QEMU_ARCH_VIRTIO_CCW (QEMU_ARCH_S390X)
33
break;
28
-#define QEMU_ARCH_VIRTIO_MMIO (QEMU_ARCH_M68K)
34
+ case 0x1: /* Alignment fault reported by generic code */
29
-
35
+ qemu_log_mask(CPU_LOG_INT,
30
#endif
36
+ "...really UsageFault with UFSR.UNALIGNED\n");
31
diff --git a/softmmu/qdev-monitor.c b/softmmu/qdev-monitor.c
37
+ env->v7m.cfsr[env->v7m.secure] |= R_V7M_CFSR_UNALIGNED_MASK;
32
index XXXXXXX..XXXXXXX 100644
38
+ armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_USAGE,
33
--- a/softmmu/qdev-monitor.c
39
+ env->v7m.secure);
34
+++ b/softmmu/qdev-monitor.c
40
+ break;
35
@@ -XXX,XX +XXX,XX @@ typedef struct QDevAlias
41
default:
36
uint32_t arch_mask;
42
/*
37
} QDevAlias;
43
* All other FSR values are either MPU faults or "can't happen
38
39
+/* default virtio transport per architecture */
40
+#define QEMU_ARCH_VIRTIO_PCI (QEMU_ARCH_ALPHA | QEMU_ARCH_ARM | \
41
+ QEMU_ARCH_HPPA | QEMU_ARCH_I386 | \
42
+ QEMU_ARCH_MIPS | QEMU_ARCH_PPC | \
43
+ QEMU_ARCH_RISCV | QEMU_ARCH_SH4 | \
44
+ QEMU_ARCH_SPARC | QEMU_ARCH_XTENSA)
45
+#define QEMU_ARCH_VIRTIO_CCW (QEMU_ARCH_S390X)
46
+#define QEMU_ARCH_VIRTIO_MMIO (QEMU_ARCH_M68K)
47
+
48
/* Please keep this table sorted by typename. */
49
static const QDevAlias qdev_alias_table[] = {
50
{ "AC97", "ac97" }, /* -soundhw name */
44
--
51
--
45
2.20.1
52
2.20.1
46
53
47
54
diff view generated by jsdifflib
New patch
1
arch_init.h only defines the QEMU_ARCH_* enumeration and the
2
arch_type global. Don't include it in files that don't use those.
1
3
4
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
6
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
7
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
8
Message-id: 20210730105947.28215-8-peter.maydell@linaro.org
9
---
10
blockdev.c | 1 -
11
hw/i386/pc.c | 1 -
12
hw/i386/pc_piix.c | 1 -
13
hw/i386/pc_q35.c | 1 -
14
hw/mips/jazz.c | 1 -
15
hw/mips/malta.c | 1 -
16
hw/ppc/prep.c | 1 -
17
hw/riscv/sifive_e.c | 1 -
18
hw/riscv/sifive_u.c | 1 -
19
hw/riscv/spike.c | 1 -
20
hw/riscv/virt.c | 1 -
21
monitor/qmp-cmds.c | 1 -
22
target/ppc/cpu_init.c | 1 -
23
target/s390x/cpu-sysemu.c | 1 -
24
14 files changed, 14 deletions(-)
25
26
diff --git a/blockdev.c b/blockdev.c
27
index XXXXXXX..XXXXXXX 100644
28
--- a/blockdev.c
29
+++ b/blockdev.c
30
@@ -XXX,XX +XXX,XX @@
31
#include "sysemu/iothread.h"
32
#include "block/block_int.h"
33
#include "block/trace.h"
34
-#include "sysemu/arch_init.h"
35
#include "sysemu/runstate.h"
36
#include "sysemu/replay.h"
37
#include "qemu/cutils.h"
38
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
39
index XXXXXXX..XXXXXXX 100644
40
--- a/hw/i386/pc.c
41
+++ b/hw/i386/pc.c
42
@@ -XXX,XX +XXX,XX @@
43
#include "hw/xen/start_info.h"
44
#include "ui/qemu-spice.h"
45
#include "exec/memory.h"
46
-#include "sysemu/arch_init.h"
47
#include "qemu/bitmap.h"
48
#include "qemu/config-file.h"
49
#include "qemu/error-report.h"
50
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
51
index XXXXXXX..XXXXXXX 100644
52
--- a/hw/i386/pc_piix.c
53
+++ b/hw/i386/pc_piix.c
54
@@ -XXX,XX +XXX,XX @@
55
#include "sysemu/kvm.h"
56
#include "hw/kvm/clock.h"
57
#include "hw/sysbus.h"
58
-#include "sysemu/arch_init.h"
59
#include "hw/i2c/smbus_eeprom.h"
60
#include "hw/xen/xen-x86.h"
61
#include "exec/memory.h"
62
diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
63
index XXXXXXX..XXXXXXX 100644
64
--- a/hw/i386/pc_q35.c
65
+++ b/hw/i386/pc_q35.c
66
@@ -XXX,XX +XXX,XX @@
67
#include "qemu/osdep.h"
68
#include "qemu/units.h"
69
#include "hw/loader.h"
70
-#include "sysemu/arch_init.h"
71
#include "hw/i2c/smbus_eeprom.h"
72
#include "hw/rtc/mc146818rtc.h"
73
#include "sysemu/kvm.h"
74
diff --git a/hw/mips/jazz.c b/hw/mips/jazz.c
75
index XXXXXXX..XXXXXXX 100644
76
--- a/hw/mips/jazz.c
77
+++ b/hw/mips/jazz.c
78
@@ -XXX,XX +XXX,XX @@
79
#include "hw/isa/isa.h"
80
#include "hw/block/fdc.h"
81
#include "sysemu/sysemu.h"
82
-#include "sysemu/arch_init.h"
83
#include "hw/boards.h"
84
#include "net/net.h"
85
#include "hw/scsi/esp.h"
86
diff --git a/hw/mips/malta.c b/hw/mips/malta.c
87
index XXXXXXX..XXXXXXX 100644
88
--- a/hw/mips/malta.c
89
+++ b/hw/mips/malta.c
90
@@ -XXX,XX +XXX,XX @@
91
#include "hw/mips/mips.h"
92
#include "hw/mips/cpudevs.h"
93
#include "hw/pci/pci.h"
94
-#include "sysemu/arch_init.h"
95
#include "qemu/log.h"
96
#include "hw/mips/bios.h"
97
#include "hw/ide.h"
98
diff --git a/hw/ppc/prep.c b/hw/ppc/prep.c
99
index XXXXXXX..XXXXXXX 100644
100
--- a/hw/ppc/prep.c
101
+++ b/hw/ppc/prep.c
102
@@ -XXX,XX +XXX,XX @@
103
#include "hw/rtc/mc146818rtc.h"
104
#include "hw/isa/pc87312.h"
105
#include "hw/qdev-properties.h"
106
-#include "sysemu/arch_init.h"
107
#include "sysemu/kvm.h"
108
#include "sysemu/reset.h"
109
#include "trace.h"
110
diff --git a/hw/riscv/sifive_e.c b/hw/riscv/sifive_e.c
111
index XXXXXXX..XXXXXXX 100644
112
--- a/hw/riscv/sifive_e.c
113
+++ b/hw/riscv/sifive_e.c
114
@@ -XXX,XX +XXX,XX @@
115
#include "hw/intc/sifive_plic.h"
116
#include "hw/misc/sifive_e_prci.h"
117
#include "chardev/char.h"
118
-#include "sysemu/arch_init.h"
119
#include "sysemu/sysemu.h"
120
121
static const MemMapEntry sifive_e_memmap[] = {
122
diff --git a/hw/riscv/sifive_u.c b/hw/riscv/sifive_u.c
123
index XXXXXXX..XXXXXXX 100644
124
--- a/hw/riscv/sifive_u.c
125
+++ b/hw/riscv/sifive_u.c
126
@@ -XXX,XX +XXX,XX @@
127
#include "hw/intc/sifive_plic.h"
128
#include "chardev/char.h"
129
#include "net/eth.h"
130
-#include "sysemu/arch_init.h"
131
#include "sysemu/device_tree.h"
132
#include "sysemu/runstate.h"
133
#include "sysemu/sysemu.h"
134
diff --git a/hw/riscv/spike.c b/hw/riscv/spike.c
135
index XXXXXXX..XXXXXXX 100644
136
--- a/hw/riscv/spike.c
137
+++ b/hw/riscv/spike.c
138
@@ -XXX,XX +XXX,XX @@
139
#include "hw/char/riscv_htif.h"
140
#include "hw/intc/sifive_clint.h"
141
#include "chardev/char.h"
142
-#include "sysemu/arch_init.h"
143
#include "sysemu/device_tree.h"
144
#include "sysemu/sysemu.h"
145
146
diff --git a/hw/riscv/virt.c b/hw/riscv/virt.c
147
index XXXXXXX..XXXXXXX 100644
148
--- a/hw/riscv/virt.c
149
+++ b/hw/riscv/virt.c
150
@@ -XXX,XX +XXX,XX @@
151
#include "hw/intc/sifive_plic.h"
152
#include "hw/misc/sifive_test.h"
153
#include "chardev/char.h"
154
-#include "sysemu/arch_init.h"
155
#include "sysemu/device_tree.h"
156
#include "sysemu/sysemu.h"
157
#include "hw/pci/pci.h"
158
diff --git a/monitor/qmp-cmds.c b/monitor/qmp-cmds.c
159
index XXXXXXX..XXXXXXX 100644
160
--- a/monitor/qmp-cmds.c
161
+++ b/monitor/qmp-cmds.c
162
@@ -XXX,XX +XXX,XX @@
163
#include "sysemu/kvm.h"
164
#include "sysemu/runstate.h"
165
#include "sysemu/runstate-action.h"
166
-#include "sysemu/arch_init.h"
167
#include "sysemu/blockdev.h"
168
#include "sysemu/block-backend.h"
169
#include "qapi/error.h"
170
diff --git a/target/ppc/cpu_init.c b/target/ppc/cpu_init.c
171
index XXXXXXX..XXXXXXX 100644
172
--- a/target/ppc/cpu_init.c
173
+++ b/target/ppc/cpu_init.c
174
@@ -XXX,XX +XXX,XX @@
175
#include "disas/dis-asm.h"
176
#include "exec/gdbstub.h"
177
#include "kvm_ppc.h"
178
-#include "sysemu/arch_init.h"
179
#include "sysemu/cpus.h"
180
#include "sysemu/hw_accel.h"
181
#include "sysemu/tcg.h"
182
diff --git a/target/s390x/cpu-sysemu.c b/target/s390x/cpu-sysemu.c
183
index XXXXXXX..XXXXXXX 100644
184
--- a/target/s390x/cpu-sysemu.c
185
+++ b/target/s390x/cpu-sysemu.c
186
@@ -XXX,XX +XXX,XX @@
187
188
#include "hw/s390x/pv.h"
189
#include "hw/boards.h"
190
-#include "sysemu/arch_init.h"
191
#include "sysemu/sysemu.h"
192
#include "sysemu/tcg.h"
193
#include "hw/core/sysemu-cpu-ops.h"
194
--
195
2.20.1
196
197
diff view generated by jsdifflib
New patch
1
We added a stub for the arch_type global in commit 5964ed56d9a1 so
2
that we could compile blockdev.c into the tools. However, in commit
3
9db1d3a2be9bf we removed the only use of arch_type from blockdev.c.
4
The stub is therefore no longer needed, and we can delete it again,
5
together with the QEMU_ARCH_NONE value that only the stub was using.
1
6
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
9
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
10
Message-id: 20210730105947.28215-9-peter.maydell@linaro.org
11
---
12
include/sysemu/arch_init.h | 2 --
13
stubs/arch_type.c | 4 ----
14
stubs/meson.build | 1 -
15
3 files changed, 7 deletions(-)
16
delete mode 100644 stubs/arch_type.c
17
18
diff --git a/include/sysemu/arch_init.h b/include/sysemu/arch_init.h
19
index XXXXXXX..XXXXXXX 100644
20
--- a/include/sysemu/arch_init.h
21
+++ b/include/sysemu/arch_init.h
22
@@ -XXX,XX +XXX,XX @@ enum {
23
QEMU_ARCH_RX = (1 << 20),
24
QEMU_ARCH_AVR = (1 << 21),
25
QEMU_ARCH_HEXAGON = (1 << 22),
26
-
27
- QEMU_ARCH_NONE = (1 << 31),
28
};
29
30
extern const uint32_t arch_type;
31
diff --git a/stubs/arch_type.c b/stubs/arch_type.c
32
deleted file mode 100644
33
index XXXXXXX..XXXXXXX
34
--- a/stubs/arch_type.c
35
+++ /dev/null
36
@@ -XXX,XX +XXX,XX @@
37
-#include "qemu/osdep.h"
38
-#include "sysemu/arch_init.h"
39
-
40
-const uint32_t arch_type = QEMU_ARCH_NONE;
41
diff --git a/stubs/meson.build b/stubs/meson.build
42
index XXXXXXX..XXXXXXX 100644
43
--- a/stubs/meson.build
44
+++ b/stubs/meson.build
45
@@ -XXX,XX +XXX,XX @@
46
-stub_ss.add(files('arch_type.c'))
47
stub_ss.add(files('bdrv-next-monitor-owned.c'))
48
stub_ss.add(files('blk-commit-all.c'))
49
stub_ss.add(files('blk-exp-close-all.c'))
50
--
51
2.20.1
52
53
diff view generated by jsdifflib
New patch
1
The gunzip() function reads various fields from a passed in source
2
buffer in order to skip a header before passing the actual compressed
3
data to the zlib inflate() function. It does check whether the
4
passed in buffer is too small, but unfortunately it checks that only
5
after reading bytes from the src buffer, so it could read off the end
6
of the buffer.
1
7
8
You can see this with valgrind:
9
10
$ printf "%b" '\x1f\x8b' > /tmp/image
11
$ valgrind qemu-system-aarch64 -display none -M virt -cpu max -kernel /tmp/image
12
[...]
13
==19224== Invalid read of size 1
14
==19224== at 0x67302E: gunzip (loader.c:558)
15
==19224== by 0x673907: load_image_gzipped_buffer (loader.c:788)
16
==19224== by 0xA18032: load_aarch64_image (boot.c:932)
17
==19224== by 0xA18489: arm_setup_direct_kernel_boot (boot.c:1063)
18
==19224== by 0xA18D90: arm_load_kernel (boot.c:1317)
19
==19224== by 0x9F3651: machvirt_init (virt.c:2114)
20
==19224== by 0x794B7A: machine_run_board_init (machine.c:1272)
21
==19224== by 0xD5CAD3: qemu_init_board (vl.c:2618)
22
==19224== by 0xD5CCA6: qmp_x_exit_preconfig (vl.c:2692)
23
==19224== by 0xD5F32E: qemu_init (vl.c:3713)
24
==19224== by 0x5ADDB1: main (main.c:49)
25
==19224== Address 0x3802a873 is 0 bytes after a block of size 3 alloc'd
26
==19224== at 0x4C31B0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
27
==19224== by 0x61E7657: g_file_get_contents (in /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.5600.4)
28
==19224== by 0x673895: load_image_gzipped_buffer (loader.c:771)
29
==19224== by 0xA18032: load_aarch64_image (boot.c:932)
30
==19224== by 0xA18489: arm_setup_direct_kernel_boot (boot.c:1063)
31
==19224== by 0xA18D90: arm_load_kernel (boot.c:1317)
32
==19224== by 0x9F3651: machvirt_init (virt.c:2114)
33
==19224== by 0x794B7A: machine_run_board_init (machine.c:1272)
34
==19224== by 0xD5CAD3: qemu_init_board (vl.c:2618)
35
==19224== by 0xD5CCA6: qmp_x_exit_preconfig (vl.c:2692)
36
==19224== by 0xD5F32E: qemu_init (vl.c:3713)
37
==19224== by 0x5ADDB1: main (main.c:49)
38
39
Check that we have enough bytes of data to read the header bytes that
40
we read before we read them.
41
42
Fixes: Coverity 1458997
43
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
44
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
45
Message-id: 20210812141803.20913-1-peter.maydell@linaro.org
46
---
47
hw/core/loader.c | 35 +++++++++++++++++++++++++----------
48
1 file changed, 25 insertions(+), 10 deletions(-)
49
50
diff --git a/hw/core/loader.c b/hw/core/loader.c
51
index XXXXXXX..XXXXXXX 100644
52
--- a/hw/core/loader.c
53
+++ b/hw/core/loader.c
54
@@ -XXX,XX +XXX,XX @@ ssize_t gunzip(void *dst, size_t dstlen, uint8_t *src, size_t srclen)
55
56
/* skip header */
57
i = 10;
58
+ if (srclen < 4) {
59
+ goto toosmall;
60
+ }
61
flags = src[3];
62
if (src[2] != DEFLATED || (flags & RESERVED) != 0) {
63
puts ("Error: Bad gzipped data\n");
64
return -1;
65
}
66
- if ((flags & EXTRA_FIELD) != 0)
67
+ if ((flags & EXTRA_FIELD) != 0) {
68
+ if (srclen < 12) {
69
+ goto toosmall;
70
+ }
71
i = 12 + src[10] + (src[11] << 8);
72
- if ((flags & ORIG_NAME) != 0)
73
- while (src[i++] != 0)
74
- ;
75
- if ((flags & COMMENT) != 0)
76
- while (src[i++] != 0)
77
- ;
78
- if ((flags & HEAD_CRC) != 0)
79
+ }
80
+ if ((flags & ORIG_NAME) != 0) {
81
+ while (i < srclen && src[i++] != 0) {
82
+ /* do nothing */
83
+ }
84
+ }
85
+ if ((flags & COMMENT) != 0) {
86
+ while (i < srclen && src[i++] != 0) {
87
+ /* do nothing */
88
+ }
89
+ }
90
+ if ((flags & HEAD_CRC) != 0) {
91
i += 2;
92
+ }
93
if (i >= srclen) {
94
- puts ("Error: gunzip out of data in header\n");
95
- return -1;
96
+ goto toosmall;
97
}
98
99
s.zalloc = zalloc;
100
@@ -XXX,XX +XXX,XX @@ ssize_t gunzip(void *dst, size_t dstlen, uint8_t *src, size_t srclen)
101
inflateEnd(&s);
102
103
return dstbytes;
104
+
105
+toosmall:
106
+ puts("Error: gunzip out of data in header\n");
107
+ return -1;
108
}
109
110
/* Load a U-Boot image. */
111
--
112
2.20.1
113
114
diff view generated by jsdifflib
1
From: Philippe Mathieu-Daudé <f4bug@amsat.org>
1
In the alignment check added to qemu_ram_alloc_from_fd() in commit
2
ce317be98db0dfdfa, the condition includes a check that 'mr' is not
3
NULL. This check is unnecessary because we can assume that the
4
caller always passes us a valid MemoryRegion, and indeed later in the
5
function we assume mr is not NULL when we pass it to file_ram_alloc()
6
as new_block->mr. Remove it.
2
7
3
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
8
Fixes: Coverity 1459867
4
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
9
Fixes: ce317be98d ("exec: fetch the alignment of Linux devdax pmem character device nodes")
5
Message-id: 20210726150953.1218690-1-f4bug@amsat.org
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
Reviewed-by: Jingqi Liu <jingqi.liu@intel.com>
12
Message-id: 20210812150624.29139-1-peter.maydell@linaro.org
7
---
13
---
8
hw/arm/nseries.c | 2 +-
14
softmmu/physmem.c | 2 +-
9
1 file changed, 1 insertion(+), 1 deletion(-)
15
1 file changed, 1 insertion(+), 1 deletion(-)
10
16
11
diff --git a/hw/arm/nseries.c b/hw/arm/nseries.c
17
diff --git a/softmmu/physmem.c b/softmmu/physmem.c
12
index XXXXXXX..XXXXXXX 100644
18
index XXXXXXX..XXXXXXX 100644
13
--- a/hw/arm/nseries.c
19
--- a/softmmu/physmem.c
14
+++ b/hw/arm/nseries.c
20
+++ b/softmmu/physmem.c
15
@@ -XXX,XX +XXX,XX @@ static uint32_t mipid_txrx(void *opaque, uint32_t cmd, int len)
21
@@ -XXX,XX +XXX,XX @@ RAMBlock *qemu_ram_alloc_from_fd(ram_addr_t size, MemoryRegion *mr,
16
default:
17
bad_cmd:
18
qemu_log_mask(LOG_GUEST_ERROR,
19
- "%s: unknown command %02x\n", __func__, s->cmd);
20
+ "%s: unknown command 0x%02x\n", __func__, s->cmd);
21
break;
22
}
22
}
23
23
24
file_align = get_file_align(fd);
25
- if (file_align > 0 && mr && file_align > mr->align) {
26
+ if (file_align > 0 && file_align > mr->align) {
27
error_setg(errp, "backing store align 0x%" PRIx64
28
" is larger than 'align' option 0x%" PRIx64,
29
file_align, mr->align);
24
--
30
--
25
2.20.1
31
2.20.1
26
32
27
33
diff view generated by jsdifflib
New patch
1
The realpath() function can return NULL on error, so we need to check
2
for it to avoid crashing when we try to strstr() into it.
3
This can happen if we run out of memory, or if /sys/ is not mounted,
4
among other situations.
1
5
6
Fixes: Coverity 1459913, 1460474
7
Fixes: ce317be98db0 ("exec: fetch the alignment of Linux devdax pmem character device nodes")
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Reviewed-by: Jingqi Liu <jingqi.liu@intel.com>
10
Message-id: 20210812151525.31456-1-peter.maydell@linaro.org
11
---
12
softmmu/physmem.c | 3 +++
13
1 file changed, 3 insertions(+)
14
15
diff --git a/softmmu/physmem.c b/softmmu/physmem.c
16
index XXXXXXX..XXXXXXX 100644
17
--- a/softmmu/physmem.c
18
+++ b/softmmu/physmem.c
19
@@ -XXX,XX +XXX,XX @@ static int64_t get_file_align(int fd)
20
path = g_strdup_printf("/sys/dev/char/%d:%d",
21
major(st.st_rdev), minor(st.st_rdev));
22
rpath = realpath(path, NULL);
23
+ if (!rpath) {
24
+ return -errno;
25
+ }
26
27
rc = daxctl_new(&ctx);
28
if (rc) {
29
--
30
2.20.1
31
32
diff view generated by jsdifflib
New patch
1
We don't currently zero-initialize the 'struct sockaddr_in' that
2
parse_host_port() fills in, so any fields we don't explicitly
3
initialize might be left as random garbage. POSIX states that
4
implementations may define extensions in sockaddr_in, and that those
5
extensions must not trigger if zero-initialized. So not zero
6
initializing might result in inadvertently triggering an impdef
7
extension.
1
8
9
memset() the sockaddr_in before we start to fill it in.
10
11
Fixes: Coverity CID 1005338
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
Reviewed-by: Eric Blake <eblake@redhat.com>
14
Message-id: 20210813150506.7768-2-peter.maydell@linaro.org
15
---
16
net/net.c | 2 ++
17
1 file changed, 2 insertions(+)
18
19
diff --git a/net/net.c b/net/net.c
20
index XXXXXXX..XXXXXXX 100644
21
--- a/net/net.c
22
+++ b/net/net.c
23
@@ -XXX,XX +XXX,XX @@ int parse_host_port(struct sockaddr_in *saddr, const char *str,
24
const char *addr, *p, *r;
25
int port, ret = 0;
26
27
+ memset(saddr, 0, sizeof(*saddr));
28
+
29
substrings = g_strsplit(str, ":", 2);
30
if (!substrings || !substrings[0] || !substrings[1]) {
31
error_setg(errp, "host address '%s' doesn't contain ':' "
32
--
33
2.20.1
34
35
diff view generated by jsdifflib
New patch
1
Zero-initialize sockaddr_in and sockaddr_un structs that we're about
2
to fill in and pass to bind() or connect(), to ensure we don't leave
3
possible implementation-defined extension fields as uninitialized
4
garbage.
1
5
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Eric Blake <eblake@redhat.com>
8
Message-id: 20210813150506.7768-3-peter.maydell@linaro.org
9
---
10
gdbstub.c | 4 ++--
11
1 file changed, 2 insertions(+), 2 deletions(-)
12
13
diff --git a/gdbstub.c b/gdbstub.c
14
index XXXXXXX..XXXXXXX 100644
15
--- a/gdbstub.c
16
+++ b/gdbstub.c
17
@@ -XXX,XX +XXX,XX @@ static bool gdb_accept_socket(int gdb_fd)
18
19
static int gdbserver_open_socket(const char *path)
20
{
21
- struct sockaddr_un sockaddr;
22
+ struct sockaddr_un sockaddr = {};
23
int fd, ret;
24
25
fd = socket(AF_UNIX, SOCK_STREAM, 0);
26
@@ -XXX,XX +XXX,XX @@ static int gdbserver_open_socket(const char *path)
27
28
static bool gdb_accept_tcp(int gdb_fd)
29
{
30
- struct sockaddr_in sockaddr;
31
+ struct sockaddr_in sockaddr = {};
32
socklen_t len;
33
int fd;
34
35
--
36
2.20.1
37
38
diff view generated by jsdifflib
New patch
1
Zero-initialize the sockaddr_in struct that we're about to fill in
2
and pass to bind(), to ensure we don't leave possible
3
implementation-defined extension fields as uninitialized garbage.
1
4
5
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
6
Reviewed-by: Eric Blake <eblake@redhat.com>
7
Reviewed-by: Corey Minyard <cminyard@mvista.com>
8
Acked-by: Thomas Huth <thuth@redhat.com>
9
Message-id: 20210813150506.7768-4-peter.maydell@linaro.org
10
---
11
tests/qtest/ipmi-bt-test.c | 2 +-
12
1 file changed, 1 insertion(+), 1 deletion(-)
13
14
diff --git a/tests/qtest/ipmi-bt-test.c b/tests/qtest/ipmi-bt-test.c
15
index XXXXXXX..XXXXXXX 100644
16
--- a/tests/qtest/ipmi-bt-test.c
17
+++ b/tests/qtest/ipmi-bt-test.c
18
@@ -XXX,XX +XXX,XX @@ static void test_enable_irq(void)
19
*/
20
static void open_socket(void)
21
{
22
- struct sockaddr_in myaddr;
23
+ struct sockaddr_in myaddr = {};
24
socklen_t addrlen;
25
26
myaddr.sin_family = AF_INET;
27
--
28
2.20.1
29
30
diff view generated by jsdifflib
New patch
1
Zero-initialize sockaddr_in and sockaddr_un structs that we're about
2
to fill in and pass to bind() or connect(), to ensure we don't leave
3
possible implementation-defined extension fields as uninitialized
4
garbage.
1
5
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Eric Blake <eblake@redhat.com>
8
Message-id: 20210813150506.7768-5-peter.maydell@linaro.org
9
---
10
tests/tcg/multiarch/linux-test.c | 4 ++--
11
1 file changed, 2 insertions(+), 2 deletions(-)
12
13
diff --git a/tests/tcg/multiarch/linux-test.c b/tests/tcg/multiarch/linux-test.c
14
index XXXXXXX..XXXXXXX 100644
15
--- a/tests/tcg/multiarch/linux-test.c
16
+++ b/tests/tcg/multiarch/linux-test.c
17
@@ -XXX,XX +XXX,XX @@ static void test_time(void)
18
static int server_socket(void)
19
{
20
int val, fd;
21
- struct sockaddr_in sockaddr;
22
+ struct sockaddr_in sockaddr = {};
23
24
/* server socket */
25
fd = chk_error(socket(PF_INET, SOCK_STREAM, 0));
26
@@ -XXX,XX +XXX,XX @@ static int server_socket(void)
27
static int client_socket(uint16_t port)
28
{
29
int fd;
30
- struct sockaddr_in sockaddr;
31
+ struct sockaddr_in sockaddr = {};
32
33
/* server socket */
34
fd = chk_error(socket(PF_INET, SOCK_STREAM, 0));
35
--
36
2.20.1
37
38
diff view generated by jsdifflib
1
The VECTPENDING field in the ICSR is 9 bits wide, in bits [20:12] of
1
The SoC realize can fail for legitimate reasons, because it propagates
2
the register. We were incorrectly masking it to 8 bits, so it would
2
errors up from CPU realize, which in turn can be provoked by user
3
report the wrong value if the pending exception was greater than 256.
3
error in setting commandline options. Use error_fatal so we report
4
Fix the bug.
4
the error message to the user and exit, rather than asserting
5
via error_abort.
5
6
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20210723162146.5167-6-peter.maydell@linaro.org
9
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
10
Message-id: 20210816135842.25302-2-peter.maydell@linaro.org
9
---
11
---
10
hw/intc/armv7m_nvic.c | 2 +-
12
hw/arm/raspi.c | 2 +-
11
1 file changed, 1 insertion(+), 1 deletion(-)
13
1 file changed, 1 insertion(+), 1 deletion(-)
12
14
13
diff --git a/hw/intc/armv7m_nvic.c b/hw/intc/armv7m_nvic.c
15
diff --git a/hw/arm/raspi.c b/hw/arm/raspi.c
14
index XXXXXXX..XXXXXXX 100644
16
index XXXXXXX..XXXXXXX 100644
15
--- a/hw/intc/armv7m_nvic.c
17
--- a/hw/arm/raspi.c
16
+++ b/hw/intc/armv7m_nvic.c
18
+++ b/hw/arm/raspi.c
17
@@ -XXX,XX +XXX,XX @@ static uint32_t nvic_readl(NVICState *s, uint32_t offset, MemTxAttrs attrs)
19
@@ -XXX,XX +XXX,XX @@ static void raspi_machine_init(MachineState *machine)
18
/* VECTACTIVE */
20
object_property_add_const_link(OBJECT(&s->soc), "ram", OBJECT(machine->ram));
19
val = cpu->env.v7m.exception;
21
object_property_set_int(OBJECT(&s->soc), "board-rev", board_rev,
20
/* VECTPENDING */
22
&error_abort);
21
- val |= (s->vectpending & 0xff) << 12;
23
- qdev_realize(DEVICE(&s->soc), NULL, &error_abort);
22
+ val |= (s->vectpending & 0x1ff) << 12;
24
+ qdev_realize(DEVICE(&s->soc), NULL, &error_fatal);
23
/* ISRPENDING - set if any external IRQ is pending */
25
24
if (nvic_isrpending(s)) {
26
/* Create and plug in the SD cards */
25
val |= (1 << 22);
27
di = drive_get_next(IF_SD);
26
--
28
--
27
2.20.1
29
2.20.1
28
30
29
31
diff view generated by jsdifflib
New patch
1
KVM cannot support multiple address spaces per CPU; if you try to
2
create more than one then cpu_address_space_init() will assert.
1
3
4
In the Arm CPU realize function, detect the configurations which
5
would cause us to need more than one AS, and cleanly fail the
6
realize rather than blundering on into the assertion. This
7
turns this:
8
$ qemu-system-aarch64 -enable-kvm -display none -cpu max -machine raspi3b
9
qemu-system-aarch64: ../../softmmu/physmem.c:747: cpu_address_space_init: Assertion `asidx == 0 || !kvm_enabled()' failed.
10
Aborted
11
12
into:
13
$ qemu-system-aarch64 -enable-kvm -display none -machine raspi3b
14
qemu-system-aarch64: Cannot enable KVM when guest CPU has EL3 enabled
15
16
and this:
17
$ qemu-system-aarch64 -enable-kvm -display none -machine mps3-an524
18
qemu-system-aarch64: ../../softmmu/physmem.c:747: cpu_address_space_init: Assertion `asidx == 0 || !kvm_enabled()' failed.
19
Aborted
20
21
into:
22
$ qemu-system-aarch64 -enable-kvm -display none -machine mps3-an524
23
qemu-system-aarch64: Cannot enable KVM when using an M-profile guest CPU
24
25
Fixes: https://gitlab.com/qemu-project/qemu/-/issues/528
26
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
27
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
28
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
29
Message-id: 20210816135842.25302-3-peter.maydell@linaro.org
30
---
31
target/arm/cpu.c | 23 +++++++++++++++++++++++
32
1 file changed, 23 insertions(+)
33
34
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
35
index XXXXXXX..XXXXXXX 100644
36
--- a/target/arm/cpu.c
37
+++ b/target/arm/cpu.c
38
@@ -XXX,XX +XXX,XX @@ static void arm_cpu_realizefn(DeviceState *dev, Error **errp)
39
}
40
}
41
42
+ if (kvm_enabled()) {
43
+ /*
44
+ * Catch all the cases which might cause us to create more than one
45
+ * address space for the CPU (otherwise we will assert() later in
46
+ * cpu_address_space_init()).
47
+ */
48
+ if (arm_feature(env, ARM_FEATURE_M)) {
49
+ error_setg(errp,
50
+ "Cannot enable KVM when using an M-profile guest CPU");
51
+ return;
52
+ }
53
+ if (cpu->has_el3) {
54
+ error_setg(errp,
55
+ "Cannot enable KVM when guest CPU has EL3 enabled");
56
+ return;
57
+ }
58
+ if (cpu->tag_memory) {
59
+ error_setg(errp,
60
+ "Cannot enable KVM when guest CPUs has MTE enabled");
61
+ return;
62
+ }
63
+ }
64
+
65
{
66
uint64_t scale;
67
68
--
69
2.20.1
70
71
diff view generated by jsdifflib
1
In do_v7m_exception_exit(), we perform various checks as part of
1
Now that the CPU realize function will fail cleanly if we ask for EL3
2
performing the exception return. If one of these checks fails, the
2
when KVM is enabled, we don't need to check for errors explicitly in
3
architecture requires that we take an appropriate exception on the
3
the virt board code. The reported message is slightly different;
4
existing stackframe. We implement this by calling
4
it is now:
5
v7m_exception_taken() to set up to take the new exception, and then
5
qemu-system-aarch64: Cannot enable KVM when guest CPU has EL3 enabled
6
immediately returning from do_v7m_exception_exit() without proceeding
6
instead of:
7
any further with the unstack-and-exception-return process.
7
qemu-system-aarch64: mach-virt: KVM does not support Security extensions
8
8
9
In a couple of checks that are new in v8.1M, we forgot the "return"
9
We don't delete the MTE check because there the logic is more
10
statement, with the effect that if bad code in the guest tripped over
10
complex; deleting the check would work but makes the error message
11
these checks we would set up to take a UsageFault exception but then
11
less helpful, as it would read:
12
blunder on trying to also unstack and return from the original
12
qemu-system-aarch64: MTE requested, but not supported by the guest CPU
13
exception, with the probable result that the guest would crash.
13
instead of:
14
14
qemu-system-aarch64: mach-virt: KVM does not support providing MTE to the guest CPU
15
Add the missing return statements.
16
15
17
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
16
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
18
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
17
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
19
Message-id: 20210723162146.5167-3-peter.maydell@linaro.org
18
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
19
Message-id: 20210816135842.25302-4-peter.maydell@linaro.org
20
---
20
---
21
target/arm/m_helper.c | 2 ++
21
hw/arm/virt.c | 5 -----
22
1 file changed, 2 insertions(+)
22
1 file changed, 5 deletions(-)
23
23
24
diff --git a/target/arm/m_helper.c b/target/arm/m_helper.c
24
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
25
index XXXXXXX..XXXXXXX 100644
25
index XXXXXXX..XXXXXXX 100644
26
--- a/target/arm/m_helper.c
26
--- a/hw/arm/virt.c
27
+++ b/target/arm/m_helper.c
27
+++ b/hw/arm/virt.c
28
@@ -XXX,XX +XXX,XX @@ static void do_v7m_exception_exit(ARMCPU *cpu)
28
@@ -XXX,XX +XXX,XX @@ static void machvirt_init(MachineState *machine)
29
qemu_log_mask(CPU_LOG_INT, "...taking UsageFault on existing "
29
}
30
"stackframe: NSACR prevents clearing FPU registers\n");
30
31
v7m_exception_taken(cpu, excret, true, false);
31
if (vms->secure) {
32
+ return;
32
- if (kvm_enabled()) {
33
} else if (!cpacr_pass) {
33
- error_report("mach-virt: KVM does not support Security extensions");
34
armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_USAGE,
34
- exit(1);
35
exc_secure);
35
- }
36
@@ -XXX,XX +XXX,XX @@ static void do_v7m_exception_exit(ARMCPU *cpu)
36
-
37
qemu_log_mask(CPU_LOG_INT, "...taking UsageFault on existing "
37
/*
38
"stackframe: CPACR prevents clearing FPU registers\n");
38
* The Secure view of the world is the same as the NonSecure,
39
v7m_exception_taken(cpu, excret, true, false);
39
* but with a few extra devices. Create it as a container region
40
+ return;
41
}
42
}
43
/* Clear s0..s15, FPSCR and VPR */
44
--
40
--
45
2.20.1
41
2.20.1
46
42
47
43
diff view generated by jsdifflib
1
In Arm v8.1M the VECTPENDING field in the ICSR has new behaviour: if
1
In v7, the HSTR register has a TTEE bit which allows EL0/EL1 accesses
2
the register is accessed NonSecure and the highest priority pending
2
to the Thumb2EE TEECR and TEEHBR registers to be trapped to the
3
enabled exception (that would be returned in the VECTPENDING field)
3
hypervisor. Implement these traps.
4
targets Secure, then the VECTPENDING field must read 1 rather than
5
the exception number of the pending exception. Implement this.
6
4
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
6
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
9
Message-id: 20210723162146.5167-7-peter.maydell@linaro.org
7
Message-id: 20210816180305.20137-2-peter.maydell@linaro.org
10
---
8
---
11
hw/intc/armv7m_nvic.c | 31 ++++++++++++++++++++++++-------
9
target/arm/cpu.h | 2 ++
12
1 file changed, 24 insertions(+), 7 deletions(-)
10
target/arm/helper.c | 18 ++++++++++++++++--
11
2 files changed, 18 insertions(+), 2 deletions(-)
13
12
14
diff --git a/hw/intc/armv7m_nvic.c b/hw/intc/armv7m_nvic.c
13
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
15
index XXXXXXX..XXXXXXX 100644
14
index XXXXXXX..XXXXXXX 100644
16
--- a/hw/intc/armv7m_nvic.c
15
--- a/target/arm/cpu.h
17
+++ b/hw/intc/armv7m_nvic.c
16
+++ b/target/arm/cpu.h
18
@@ -XXX,XX +XXX,XX @@ void armv7m_nvic_acknowledge_irq(void *opaque)
17
@@ -XXX,XX +XXX,XX @@ static inline void xpsr_write(CPUARMState *env, uint32_t val, uint32_t mask)
19
nvic_irq_update(s);
18
#define SCR_ENSCXT (1U << 25)
19
#define SCR_ATA (1U << 26)
20
21
+#define HSTR_TTEE (1 << 16)
22
+
23
/* Return the current FPSCR value. */
24
uint32_t vfp_get_fpscr(CPUARMState *env);
25
void vfp_set_fpscr(CPUARMState *env, uint32_t val);
26
diff --git a/target/arm/helper.c b/target/arm/helper.c
27
index XXXXXXX..XXXXXXX 100644
28
--- a/target/arm/helper.c
29
+++ b/target/arm/helper.c
30
@@ -XXX,XX +XXX,XX @@ static void teecr_write(CPUARMState *env, const ARMCPRegInfo *ri,
31
env->teecr = value;
20
}
32
}
21
33
22
+static bool vectpending_targets_secure(NVICState *s)
34
+static CPAccessResult teecr_access(CPUARMState *env, const ARMCPRegInfo *ri,
35
+ bool isread)
23
+{
36
+{
24
+ /* Return true if s->vectpending targets Secure state */
37
+ /*
25
+ if (s->vectpending_is_s_banked) {
38
+ * HSTR.TTEE only exists in v7A, not v8A, but v8A doesn't have T2EE
26
+ return true;
39
+ * at all, so we don't need to check whether we're v8A.
40
+ */
41
+ if (arm_current_el(env) < 2 && !arm_is_secure_below_el3(env) &&
42
+ (env->cp15.hstr_el2 & HSTR_TTEE)) {
43
+ return CP_ACCESS_TRAP_EL2;
27
+ }
44
+ }
28
+ return !exc_is_banked(s->vectpending) &&
45
+ return CP_ACCESS_OK;
29
+ exc_targets_secure(s, s->vectpending);
30
+}
46
+}
31
+
47
+
32
void armv7m_nvic_get_pending_irq_info(void *opaque,
48
static CPAccessResult teehbr_access(CPUARMState *env, const ARMCPRegInfo *ri,
33
int *pirq, bool *ptargets_secure)
49
bool isread)
34
{
50
{
35
@@ -XXX,XX +XXX,XX @@ void armv7m_nvic_get_pending_irq_info(void *opaque,
51
if (arm_current_el(env) == 0 && (env->teecr & 1)) {
36
52
return CP_ACCESS_TRAP;
37
assert(pending > ARMV7M_EXCP_RESET && pending < s->num_irq);
53
}
38
54
- return CP_ACCESS_OK;
39
- if (s->vectpending_is_s_banked) {
55
+ return teecr_access(env, ri, isread);
40
- targets_secure = true;
56
}
41
- } else {
57
42
- targets_secure = !exc_is_banked(pending) &&
58
static const ARMCPRegInfo t2ee_cp_reginfo[] = {
43
- exc_targets_secure(s, pending);
59
{ .name = "TEECR", .cp = 14, .crn = 0, .crm = 0, .opc1 = 6, .opc2 = 0,
44
- }
60
.access = PL1_RW, .fieldoffset = offsetof(CPUARMState, teecr),
45
+ targets_secure = vectpending_targets_secure(s);
61
.resetvalue = 0,
46
62
- .writefn = teecr_write },
47
trace_nvic_get_pending_irq_info(pending, targets_secure);
63
+ .writefn = teecr_write, .accessfn = teecr_access },
48
64
{ .name = "TEEHBR", .cp = 14, .crn = 1, .crm = 0, .opc1 = 6, .opc2 = 0,
49
@@ -XXX,XX +XXX,XX @@ static uint32_t nvic_readl(NVICState *s, uint32_t offset, MemTxAttrs attrs)
65
.access = PL0_RW, .fieldoffset = offsetof(CPUARMState, teehbr),
50
/* VECTACTIVE */
66
.accessfn = teehbr_access, .resetvalue = 0 },
51
val = cpu->env.v7m.exception;
52
/* VECTPENDING */
53
- val |= (s->vectpending & 0x1ff) << 12;
54
+ if (s->vectpending) {
55
+ /*
56
+ * From v8.1M VECTPENDING must read as 1 if accessed as
57
+ * NonSecure and the highest priority pending and enabled
58
+ * exception targets Secure.
59
+ */
60
+ int vp = s->vectpending;
61
+ if (!attrs.secure && arm_feature(&cpu->env, ARM_FEATURE_V8_1M) &&
62
+ vectpending_targets_secure(s)) {
63
+ vp = 1;
64
+ }
65
+ val |= (vp & 0x1ff) << 12;
66
+ }
67
/* ISRPENDING - set if any external IRQ is pending */
68
if (nvic_isrpending(s)) {
69
val |= (1 << 22);
70
--
67
--
71
2.20.1
68
2.20.1
72
69
73
70
diff view generated by jsdifflib
1
For M-profile, unlike A-profile, the low 2 bits of SP are defined to be
1
In v7A, the HSTR register has a TJDBX bit which traps NS EL0/EL1
2
RES0H, which is to say that they must be hardwired to zero so that
2
access to the JOSCR and JMCR trivial Jazelle registers, and also BXJ.
3
guest attempts to write non-zero values to them are ignored.
3
Implement these traps. In v8A this HSTR bit doesn't exist, so don't
4
4
trap for v8A CPUs.
5
Implement this behaviour by masking out the low bits:
6
* for writes to r13 by the gdbstub
7
* for writes to any of the various flavours of SP via MSR
8
* for writes to r13 via store_reg() in generated code
9
10
Note that all the direct uses of cpu_R[] in translate.c are in places
11
where the register is definitely not r13 (usually because that has
12
been checked for as an UNDEFINED or UNPREDICTABLE case and handled as
13
UNDEF).
14
15
All the other writes to regs[13] in C code are either:
16
* A-profile only code
17
* writes of values we can guarantee to be aligned, such as
18
- writes of previous-SP-value plus or minus a 4-aligned constant
19
- writes of the value in an SP limit register (which we already
20
enforce to be aligned)
21
5
22
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
23
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
24
Message-id: 20210723162146.5167-2-peter.maydell@linaro.org
8
Message-id: 20210816180305.20137-3-peter.maydell@linaro.org
25
---
9
---
26
target/arm/gdbstub.c | 4 ++++
10
target/arm/cpu.h | 1 +
27
target/arm/m_helper.c | 14 ++++++++------
11
target/arm/helper.h | 2 ++
28
target/arm/translate.c | 3 +++
12
target/arm/syndrome.h | 7 +++++++
29
3 files changed, 15 insertions(+), 6 deletions(-)
13
target/arm/helper.c | 17 +++++++++++++++++
14
target/arm/op_helper.c | 16 ++++++++++++++++
15
target/arm/translate.c | 12 ++++++++++++
16
6 files changed, 55 insertions(+)
30
17
31
diff --git a/target/arm/gdbstub.c b/target/arm/gdbstub.c
18
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
32
index XXXXXXX..XXXXXXX 100644
19
index XXXXXXX..XXXXXXX 100644
33
--- a/target/arm/gdbstub.c
20
--- a/target/arm/cpu.h
34
+++ b/target/arm/gdbstub.c
21
+++ b/target/arm/cpu.h
35
@@ -XXX,XX +XXX,XX @@ int arm_cpu_gdb_write_register(CPUState *cs, uint8_t *mem_buf, int n)
22
@@ -XXX,XX +XXX,XX @@ static inline void xpsr_write(CPUARMState *env, uint32_t val, uint32_t mask)
36
23
#define SCR_ATA (1U << 26)
37
if (n < 16) {
24
38
/* Core integer register. */
25
#define HSTR_TTEE (1 << 16)
39
+ if (n == 13 && arm_feature(env, ARM_FEATURE_M)) {
26
+#define HSTR_TJDBX (1 << 17)
40
+ /* M profile SP low bits are always 0 */
27
41
+ tmp &= ~3;
28
/* Return the current FPSCR value. */
42
+ }
29
uint32_t vfp_get_fpscr(CPUARMState *env);
43
env->regs[n] = tmp;
30
diff --git a/target/arm/helper.h b/target/arm/helper.h
44
return 4;
45
}
46
diff --git a/target/arm/m_helper.c b/target/arm/m_helper.c
47
index XXXXXXX..XXXXXXX 100644
31
index XXXXXXX..XXXXXXX 100644
48
--- a/target/arm/m_helper.c
32
--- a/target/arm/helper.h
49
+++ b/target/arm/m_helper.c
33
+++ b/target/arm/helper.h
50
@@ -XXX,XX +XXX,XX @@ void HELPER(v7m_msr)(CPUARMState *env, uint32_t maskreg, uint32_t val)
34
@@ -XXX,XX +XXX,XX @@ DEF_HELPER_2(v7m_vlldm, void, env, i32)
51
if (!env->v7m.secure) {
35
52
return;
36
DEF_HELPER_2(v8m_stackcheck, void, env, i32)
53
}
37
54
- env->v7m.other_ss_msp = val;
38
+DEF_HELPER_FLAGS_2(check_bxj_trap, TCG_CALL_NO_WG, void, env, i32)
55
+ env->v7m.other_ss_msp = val & ~3;
56
return;
57
case 0x89: /* PSP_NS */
58
if (!env->v7m.secure) {
59
return;
60
}
61
- env->v7m.other_ss_psp = val;
62
+ env->v7m.other_ss_psp = val & ~3;
63
return;
64
case 0x8a: /* MSPLIM_NS */
65
if (!env->v7m.secure) {
66
@@ -XXX,XX +XXX,XX @@ void HELPER(v7m_msr)(CPUARMState *env, uint32_t maskreg, uint32_t val)
67
68
limit = is_psp ? env->v7m.psplim[false] : env->v7m.msplim[false];
69
70
+ val &= ~0x3;
71
+
39
+
72
if (val < limit) {
40
DEF_HELPER_4(access_check_cp_reg, void, env, ptr, i32, i32)
73
raise_exception_ra(env, EXCP_STKOF, 0, 1, GETPC());
41
DEF_HELPER_3(set_cp_reg, void, env, ptr, i32)
74
}
42
DEF_HELPER_2(get_cp_reg, i32, env, ptr)
75
@@ -XXX,XX +XXX,XX @@ void HELPER(v7m_msr)(CPUARMState *env, uint32_t maskreg, uint32_t val)
43
diff --git a/target/arm/syndrome.h b/target/arm/syndrome.h
76
break;
44
index XXXXXXX..XXXXXXX 100644
77
case 8: /* MSP */
45
--- a/target/arm/syndrome.h
78
if (v7m_using_psp(env)) {
46
+++ b/target/arm/syndrome.h
79
- env->v7m.other_sp = val;
47
@@ -XXX,XX +XXX,XX @@ enum arm_exception_class {
80
+ env->v7m.other_sp = val & ~3;
48
EC_ADVSIMDFPACCESSTRAP = 0x07,
81
} else {
49
EC_FPIDTRAP = 0x08,
82
- env->regs[13] = val;
50
EC_PACTRAP = 0x09,
83
+ env->regs[13] = val & ~3;
51
+ EC_BXJTRAP = 0x0a,
84
}
52
EC_CP14RRTTRAP = 0x0c,
85
break;
53
EC_BTITRAP = 0x0d,
86
case 9: /* PSP */
54
EC_ILLEGALSTATE = 0x0e,
87
if (v7m_using_psp(env)) {
55
@@ -XXX,XX +XXX,XX @@ static inline uint32_t syn_btitrap(int btype)
88
- env->regs[13] = val;
56
return (EC_BTITRAP << ARM_EL_EC_SHIFT) | btype;
89
+ env->regs[13] = val & ~3;
57
}
90
} else {
58
91
- env->v7m.other_sp = val;
59
+static inline uint32_t syn_bxjtrap(int cv, int cond, int rm)
92
+ env->v7m.other_sp = val & ~3;
60
+{
93
}
61
+ return (EC_BXJTRAP << ARM_EL_EC_SHIFT) | ARM_EL_IL |
94
break;
62
+ (cv << 24) | (cond << 20) | rm;
95
case 10: /* MSPLIM */
63
+}
64
+
65
static inline uint32_t syn_insn_abort(int same_el, int ea, int s1ptw, int fsc)
66
{
67
return (EC_INSNABORT << ARM_EL_EC_SHIFT) | (same_el << ARM_EL_EC_SHIFT)
68
diff --git a/target/arm/helper.c b/target/arm/helper.c
69
index XXXXXXX..XXXXXXX 100644
70
--- a/target/arm/helper.c
71
+++ b/target/arm/helper.c
72
@@ -XXX,XX +XXX,XX @@ static CPAccessResult access_jazelle(CPUARMState *env, const ARMCPRegInfo *ri,
73
return CP_ACCESS_OK;
74
}
75
76
+static CPAccessResult access_joscr_jmcr(CPUARMState *env,
77
+ const ARMCPRegInfo *ri, bool isread)
78
+{
79
+ /*
80
+ * HSTR.TJDBX traps JOSCR and JMCR accesses, but it exists only
81
+ * in v7A, not in v8A.
82
+ */
83
+ if (!arm_feature(env, ARM_FEATURE_V8) &&
84
+ arm_current_el(env) < 2 && !arm_is_secure_below_el3(env) &&
85
+ (env->cp15.hstr_el2 & HSTR_TJDBX)) {
86
+ return CP_ACCESS_TRAP_EL2;
87
+ }
88
+ return CP_ACCESS_OK;
89
+}
90
+
91
static const ARMCPRegInfo jazelle_regs[] = {
92
{ .name = "JIDR",
93
.cp = 14, .crn = 0, .crm = 0, .opc1 = 7, .opc2 = 0,
94
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo jazelle_regs[] = {
95
.type = ARM_CP_CONST, .resetvalue = 0 },
96
{ .name = "JOSCR",
97
.cp = 14, .crn = 1, .crm = 0, .opc1 = 7, .opc2 = 0,
98
+ .accessfn = access_joscr_jmcr,
99
.access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
100
{ .name = "JMCR",
101
.cp = 14, .crn = 2, .crm = 0, .opc1 = 7, .opc2 = 0,
102
+ .accessfn = access_joscr_jmcr,
103
.access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
104
REGINFO_SENTINEL
105
};
106
diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c
107
index XXXXXXX..XXXXXXX 100644
108
--- a/target/arm/op_helper.c
109
+++ b/target/arm/op_helper.c
110
@@ -XXX,XX +XXX,XX @@ void HELPER(setend)(CPUARMState *env)
111
arm_rebuild_hflags(env);
112
}
113
114
+void HELPER(check_bxj_trap)(CPUARMState *env, uint32_t rm)
115
+{
116
+ /*
117
+ * Only called if in NS EL0 or EL1 for a BXJ for a v7A CPU;
118
+ * check if HSTR.TJDBX means we need to trap to EL2.
119
+ */
120
+ if (env->cp15.hstr_el2 & HSTR_TJDBX) {
121
+ /*
122
+ * We know the condition code check passed, so take the IMPDEF
123
+ * choice to always report CV=1 COND 0xe
124
+ */
125
+ uint32_t syn = syn_bxjtrap(1, 0xe, rm);
126
+ raise_exception_ra(env, EXCP_HYP_TRAP, syn, 2, GETPC());
127
+ }
128
+}
129
+
130
#ifndef CONFIG_USER_ONLY
131
/* Function checks whether WFx (WFI/WFE) instructions are set up to be trapped.
132
* The function returns the target EL (1-3) if the instruction is to be trapped;
96
diff --git a/target/arm/translate.c b/target/arm/translate.c
133
diff --git a/target/arm/translate.c b/target/arm/translate.c
97
index XXXXXXX..XXXXXXX 100644
134
index XXXXXXX..XXXXXXX 100644
98
--- a/target/arm/translate.c
135
--- a/target/arm/translate.c
99
+++ b/target/arm/translate.c
136
+++ b/target/arm/translate.c
100
@@ -XXX,XX +XXX,XX @@ void store_reg(DisasContext *s, int reg, TCGv_i32 var)
137
@@ -XXX,XX +XXX,XX @@ static bool trans_BXJ(DisasContext *s, arg_BXJ *a)
101
*/
138
if (!ENABLE_ARCH_5J || arm_dc_feature(s, ARM_FEATURE_M)) {
102
tcg_gen_andi_i32(var, var, s->thumb ? ~1 : ~3);
139
return false;
103
s->base.is_jmp = DISAS_JUMP;
104
+ } else if (reg == 13 && arm_dc_feature(s, ARM_FEATURE_M)) {
105
+ /* For M-profile SP bits [1:0] are always zero */
106
+ tcg_gen_andi_i32(var, var, ~3);
107
}
140
}
108
tcg_gen_mov_i32(cpu_R[reg], var);
141
+ /*
109
tcg_temp_free_i32(var);
142
+ * v7A allows BXJ to be trapped via HSTR.TJDBX. We don't waste a
143
+ * TBFLAGS bit on a basically-never-happens case, so call a helper
144
+ * function to check for the trap and raise the exception if needed
145
+ * (passing it the register number for the syndrome value).
146
+ * v8A doesn't have this HSTR bit.
147
+ */
148
+ if (!arm_dc_feature(s, ARM_FEATURE_V8) &&
149
+ arm_dc_feature(s, ARM_FEATURE_EL2) &&
150
+ s->current_el < 2 && s->ns) {
151
+ gen_helper_check_bxj_trap(cpu_env, tcg_constant_i32(a->rm));
152
+ }
153
/* Trivial implementation equivalent to bx. */
154
gen_bx(s, load_reg(s, a->rm));
155
return true;
110
--
156
--
111
2.20.1
157
2.20.1
112
158
113
159
diff view generated by jsdifflib
1
From: Richard Henderson <richard.henderson@linaro.org>
1
Currently we rely on all the callsites of cpsr_write() to rebuild the
2
cached hflags if they change one of the CPSR bits which we use as a
3
TB flag and cache in hflags. This is a bit awkward when we want to
4
change the set of CPSR bits that we cache, because it means we need
5
to re-audit all the cpsr_write() callsites to see which flags they
6
are writing and whether they now need to rebuild the hflags.
2
7
3
Currently, our only caller is sve_zcr_len_for_el, which has
8
Switch instead to making cpsr_write() call arm_rebuild_hflags()
4
already masked the length extracted from ZCR_ELx, so the
9
itself if one of the bits being changed is a cached bit.
5
masking done here is a nop. But we will shortly have uses
6
from other locations, where the length will be unmasked.
7
10
8
Saturate the length to ARM_MAX_VQ instead of truncating to
11
We don't do the rebuild for the CPSRWriteRaw write type, because that
9
the low 4 bits.
12
kind of write is generally doing something special anyway. For the
13
CPSRWriteRaw callsites in the KVM code and inbound migration we
14
definitely don't want to recalculate the hflags; the callsites in
15
boot.c and arm-powerctl.c have to do a rebuild-hflags call themselves
16
anyway because of other CPU state changes they make.
10
17
11
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
18
This allows us to drop explicit arm_rebuild_hflags() calls in a
12
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
19
couple of places where the only reason we needed to call it was the
13
Message-id: 20210723203344.968563-2-richard.henderson@linaro.org
20
CPSR write.
21
22
This fixes a bug where we were incorrectly failing to rebuild hflags
23
in the code path for a gdbstub write to CPSR, which meant that you
24
could make QEMU assert by breaking into a running guest, altering the
25
CPSR to change the value of, for example, CPSR.E, and then
26
continuing.
27
14
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
28
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
29
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
30
Message-id: 20210817201843.3829-1-peter.maydell@linaro.org
15
---
31
---
16
target/arm/helper.c | 4 +++-
32
target/arm/cpu.h | 10 ++++++++--
17
1 file changed, 3 insertions(+), 1 deletion(-)
33
linux-user/arm/signal.c | 2 --
34
target/arm/helper.c | 5 +++++
35
3 files changed, 13 insertions(+), 4 deletions(-)
18
36
37
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
38
index XXXXXXX..XXXXXXX 100644
39
--- a/target/arm/cpu.h
40
+++ b/target/arm/cpu.h
41
@@ -XXX,XX +XXX,XX @@ uint32_t cpsr_read(CPUARMState *env);
42
typedef enum CPSRWriteType {
43
CPSRWriteByInstr = 0, /* from guest MSR or CPS */
44
CPSRWriteExceptionReturn = 1, /* from guest exception return insn */
45
- CPSRWriteRaw = 2, /* trust values, do not switch reg banks */
46
+ CPSRWriteRaw = 2,
47
+ /* trust values, no reg bank switch, no hflags rebuild */
48
CPSRWriteByGDBStub = 3, /* from the GDB stub */
49
} CPSRWriteType;
50
51
-/* Set the CPSR. Note that some bits of mask must be all-set or all-clear.*/
52
+/*
53
+ * Set the CPSR. Note that some bits of mask must be all-set or all-clear.
54
+ * This will do an arm_rebuild_hflags() if any of the bits in @mask
55
+ * correspond to TB flags bits cached in the hflags, unless @write_type
56
+ * is CPSRWriteRaw.
57
+ */
58
void cpsr_write(CPUARMState *env, uint32_t val, uint32_t mask,
59
CPSRWriteType write_type);
60
61
diff --git a/linux-user/arm/signal.c b/linux-user/arm/signal.c
62
index XXXXXXX..XXXXXXX 100644
63
--- a/linux-user/arm/signal.c
64
+++ b/linux-user/arm/signal.c
65
@@ -XXX,XX +XXX,XX @@ setup_return(CPUARMState *env, struct target_sigaction *ka,
66
env->regs[14] = retcode;
67
env->regs[15] = handler & (thumb ? ~1 : ~3);
68
cpsr_write(env, cpsr, CPSR_IT | CPSR_T | CPSR_E, CPSRWriteByInstr);
69
- arm_rebuild_hflags(env);
70
71
return 0;
72
}
73
@@ -XXX,XX +XXX,XX @@ restore_sigcontext(CPUARMState *env, struct target_sigcontext *sc)
74
__get_user(env->regs[15], &sc->arm_pc);
75
__get_user(cpsr, &sc->arm_cpsr);
76
cpsr_write(env, cpsr, CPSR_USER | CPSR_EXEC, CPSRWriteByInstr);
77
- arm_rebuild_hflags(env);
78
79
err |= !valid_user_regs(env);
80
19
diff --git a/target/arm/helper.c b/target/arm/helper.c
81
diff --git a/target/arm/helper.c b/target/arm/helper.c
20
index XXXXXXX..XXXXXXX 100644
82
index XXXXXXX..XXXXXXX 100644
21
--- a/target/arm/helper.c
83
--- a/target/arm/helper.c
22
+++ b/target/arm/helper.c
84
+++ b/target/arm/helper.c
23
@@ -XXX,XX +XXX,XX @@ static uint32_t sve_zcr_get_valid_len(ARMCPU *cpu, uint32_t start_len)
85
@@ -XXX,XX +XXX,XX @@ void cpsr_write(CPUARMState *env, uint32_t val, uint32_t mask,
86
CPSRWriteType write_type)
24
{
87
{
25
uint32_t end_len;
88
uint32_t changed_daif;
26
89
+ bool rebuild_hflags = (write_type != CPSRWriteRaw) &&
27
- end_len = start_len &= 0xf;
90
+ (mask & (CPSR_M | CPSR_E | CPSR_IL));
28
+ start_len = MIN(start_len, ARM_MAX_VQ - 1);
91
29
+ end_len = start_len;
92
if (mask & CPSR_NZCV) {
30
+
93
env->ZF = (~val) & CPSR_Z;
31
if (!test_bit(start_len, cpu->sve_vq_map)) {
94
@@ -XXX,XX +XXX,XX @@ void cpsr_write(CPUARMState *env, uint32_t val, uint32_t mask,
32
end_len = find_last_bit(cpu->sve_vq_map, start_len);
95
}
33
assert(end_len < start_len);
96
mask &= ~CACHED_CPSR_BITS;
97
env->uncached_cpsr = (env->uncached_cpsr & ~mask) | (val & mask);
98
+ if (rebuild_hflags) {
99
+ arm_rebuild_hflags(env);
100
+ }
101
}
102
103
/* Sign/zero extend */
34
--
104
--
35
2.20.1
105
2.20.1
36
106
37
107
diff view generated by jsdifflib
New patch
1
From: Tong Ho <tong.ho@xilinx.com>
1
2
3
Add unimplemented APU mmio region to xlnx-versal for booting
4
bare-metal guests built with standalone bsp, which access the
5
region from one of the following places:
6
https://github.com/Xilinx/embeddedsw/blob/release-2020.2/lib/bsp/standalone/src/arm/ARMv8/64bit/armclang/boot.S#L139
7
https://github.com/Xilinx/embeddedsw/blob/release-2020.2/lib/bsp/standalone/src/arm/ARMv8/64bit/gcc/boot.S#L183
8
9
Acked-by: Alistair Francis <alistair.francis@wdc.com>
10
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
11
Signed-off-by: Tong Ho <tong.ho@xilinx.com>
12
Message-id: 20210823173818.201259-2-tong.ho@xilinx.com
13
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
14
---
15
include/hw/arm/xlnx-versal.h | 2 ++
16
hw/arm/xlnx-versal.c | 2 ++
17
2 files changed, 4 insertions(+)
18
19
diff --git a/include/hw/arm/xlnx-versal.h b/include/hw/arm/xlnx-versal.h
20
index XXXXXXX..XXXXXXX 100644
21
--- a/include/hw/arm/xlnx-versal.h
22
+++ b/include/hw/arm/xlnx-versal.h
23
@@ -XXX,XX +XXX,XX @@ struct Versal {
24
#define MM_IOU_SCNTRS_SIZE 0x10000
25
#define MM_FPD_CRF 0xfd1a0000U
26
#define MM_FPD_CRF_SIZE 0x140000
27
+#define MM_FPD_FPD_APU 0xfd5c0000
28
+#define MM_FPD_FPD_APU_SIZE 0x100
29
30
#define MM_PMC_SD0 0xf1040000U
31
#define MM_PMC_SD0_SIZE 0x10000
32
diff --git a/hw/arm/xlnx-versal.c b/hw/arm/xlnx-versal.c
33
index XXXXXXX..XXXXXXX 100644
34
--- a/hw/arm/xlnx-versal.c
35
+++ b/hw/arm/xlnx-versal.c
36
@@ -XXX,XX +XXX,XX @@ static void versal_unimp(Versal *s)
37
MM_CRL, MM_CRL_SIZE);
38
versal_unimp_area(s, "crf", &s->mr_ps,
39
MM_FPD_CRF, MM_FPD_CRF_SIZE);
40
+ versal_unimp_area(s, "apu", &s->mr_ps,
41
+ MM_FPD_FPD_APU, MM_FPD_FPD_APU_SIZE);
42
versal_unimp_area(s, "crp", &s->mr_ps,
43
MM_PMC_CRP, MM_PMC_CRP_SIZE);
44
versal_unimp_area(s, "iou-scntr", &s->mr_ps,
45
--
46
2.20.1
47
48
diff view generated by jsdifflib
New patch
1
From: Tong Ho <tong.ho@xilinx.com>
1
2
3
Add unimplemented APU mmio region to xlnx-zynqmp for booting
4
bare-metal guests built with standalone bsp, which access the
5
region from one of the following places:
6
https://github.com/Xilinx/embeddedsw/blob/release-2020.2/lib/bsp/standalone/src/arm/ARMv8/64bit/armclang/boot.S#L139
7
https://github.com/Xilinx/embeddedsw/blob/release-2020.2/lib/bsp/standalone/src/arm/ARMv8/64bit/gcc/boot.S#L183
8
9
Acked-by: Alistair Francis <alistair.francis@wdc.com>
10
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
11
Signed-off-by: Tong Ho <tong.ho@xilinx.com>
12
Message-id: 20210823173818.201259-3-tong.ho@xilinx.com
13
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
14
---
15
include/hw/arm/xlnx-zynqmp.h | 7 +++++++
16
hw/arm/xlnx-zynqmp.c | 32 ++++++++++++++++++++++++++++++++
17
2 files changed, 39 insertions(+)
18
19
diff --git a/include/hw/arm/xlnx-zynqmp.h b/include/hw/arm/xlnx-zynqmp.h
20
index XXXXXXX..XXXXXXX 100644
21
--- a/include/hw/arm/xlnx-zynqmp.h
22
+++ b/include/hw/arm/xlnx-zynqmp.h
23
@@ -XXX,XX +XXX,XX @@ OBJECT_DECLARE_SIMPLE_TYPE(XlnxZynqMPState, XLNX_ZYNQMP)
24
#define XLNX_ZYNQMP_MAX_RAM_SIZE (XLNX_ZYNQMP_MAX_LOW_RAM_SIZE + \
25
XLNX_ZYNQMP_MAX_HIGH_RAM_SIZE)
26
27
+/*
28
+ * Unimplemented mmio regions needed to boot some images.
29
+ */
30
+#define XLNX_ZYNQMP_NUM_UNIMP_AREAS 1
31
+
32
struct XlnxZynqMPState {
33
/*< private >*/
34
DeviceState parent_obj;
35
@@ -XXX,XX +XXX,XX @@ struct XlnxZynqMPState {
36
MemoryRegion *ddr_ram;
37
MemoryRegion ddr_ram_low, ddr_ram_high;
38
39
+ MemoryRegion mr_unimp[XLNX_ZYNQMP_NUM_UNIMP_AREAS];
40
+
41
CadenceGEMState gem[XLNX_ZYNQMP_NUM_GEMS];
42
CadenceUARTState uart[XLNX_ZYNQMP_NUM_UARTS];
43
XlnxZynqMPCANState can[XLNX_ZYNQMP_NUM_CAN];
44
diff --git a/hw/arm/xlnx-zynqmp.c b/hw/arm/xlnx-zynqmp.c
45
index XXXXXXX..XXXXXXX 100644
46
--- a/hw/arm/xlnx-zynqmp.c
47
+++ b/hw/arm/xlnx-zynqmp.c
48
@@ -XXX,XX +XXX,XX @@
49
#include "qemu/module.h"
50
#include "hw/arm/xlnx-zynqmp.h"
51
#include "hw/intc/arm_gic_common.h"
52
+#include "hw/misc/unimp.h"
53
#include "hw/boards.h"
54
#include "sysemu/kvm.h"
55
#include "sysemu/sysemu.h"
56
@@ -XXX,XX +XXX,XX @@
57
#define DPDMA_ADDR 0xfd4c0000
58
#define DPDMA_IRQ 116
59
60
+#define APU_ADDR 0xfd5c0000
61
+#define APU_SIZE 0x100
62
+
63
#define IPI_ADDR 0xFF300000
64
#define IPI_IRQ 64
65
66
@@ -XXX,XX +XXX,XX @@ static void xlnx_zynqmp_create_rpu(MachineState *ms, XlnxZynqMPState *s,
67
qdev_realize(DEVICE(&s->rpu_cluster), NULL, &error_fatal);
68
}
69
70
+static void xlnx_zynqmp_create_unimp_mmio(XlnxZynqMPState *s)
71
+{
72
+ static const struct UnimpInfo {
73
+ const char *name;
74
+ hwaddr base;
75
+ hwaddr size;
76
+ } unimp_areas[ARRAY_SIZE(s->mr_unimp)] = {
77
+ { .name = "apu", APU_ADDR, APU_SIZE },
78
+ };
79
+ unsigned int nr;
80
+
81
+ for (nr = 0; nr < ARRAY_SIZE(unimp_areas); nr++) {
82
+ const struct UnimpInfo *info = &unimp_areas[nr];
83
+ DeviceState *dev = qdev_new(TYPE_UNIMPLEMENTED_DEVICE);
84
+ SysBusDevice *sbd = SYS_BUS_DEVICE(dev);
85
+
86
+ assert(info->name && info->base && info->size > 0);
87
+ qdev_prop_set_string(dev, "name", info->name);
88
+ qdev_prop_set_uint64(dev, "size", info->size);
89
+ object_property_add_child(OBJECT(s), info->name, OBJECT(dev));
90
+
91
+ sysbus_realize_and_unref(sbd, &error_fatal);
92
+ sysbus_mmio_map(sbd, 0, info->base);
93
+ }
94
+}
95
+
96
static void xlnx_zynqmp_init(Object *obj)
97
{
98
MachineState *ms = MACHINE(qdev_get_machine());
99
@@ -XXX,XX +XXX,XX @@ static void xlnx_zynqmp_realize(DeviceState *dev, Error **errp)
100
sysbus_mmio_map(SYS_BUS_DEVICE(&s->rtc), 0, RTC_ADDR);
101
sysbus_connect_irq(SYS_BUS_DEVICE(&s->rtc), 0, gic_spi[RTC_IRQ]);
102
103
+ xlnx_zynqmp_create_unimp_mmio(s);
104
+
105
for (i = 0; i < XLNX_ZYNQMP_NUM_GDMA_CH; i++) {
106
if (!object_property_set_uint(OBJECT(&s->gdma[i]), "bus-width", 128,
107
errp)) {
108
--
109
2.20.1
110
111
diff view generated by jsdifflib