[PULL 00/37] target-arm queue
[PULL 00/35] target-arm queue
1
More accumulated patches from during the freeze...
1
The following changes since commit 5767815218efd3cbfd409505ed824d5f356044ae:
2
2
3
The following changes since commit c83fcfaf8a54d0d034bd0edf7bbb3b0d16669be9:
3
Merge tag 'for_upstream' of https://git.kernel.org/pub/scm/virt/kvm/mst/qemu into staging (2024-02-14 15:45:52 +0000)
4
5
Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2021-08-26' into staging (2021-08-26 13:42:34 +0100)
6
4
7
are available in the Git repository at:
5
are available in the Git repository at:
8
6
9
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20210826
7
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20240215
10
8
11
for you to fetch changes up to d2e6f370138a7f32bc28b20dcd55374b7a638f39:
9
for you to fetch changes up to f780e63fe731b058fe52d43653600d8729a1b5f2:
12
10
13
hw/arm/xlnx-zynqmp: Add unimplemented APU mmio (2021-08-26 17:02:01 +0100)
11
docs: Add documentation for the mps3-an536 board (2024-02-15 14:32:39 +0000)
14
12
15
----------------------------------------------------------------
13
----------------------------------------------------------------
16
target-arm queue:
14
target-arm queue:
17
* hw/dma/xlnx-zdma, xlnx_csu_dma: Require 'dma' link property to be set
15
* hw/arm/xilinx_zynq: Wire FIQ between CPU <> GIC
18
* hw/arm/Kconfig: no need to enable ACPI_MEMORY_HOTPLUG/ACPI_NVDIMM explicitly
16
* linux-user/aarch64: Choose SYNC as the preferred MTE mode
19
* target/arm/cpu: Introduce sve_vq_supported bitmap
17
* Fix some errors in SVE/SME handling of MTE tags
20
* docs/specs: Convert ACPI spec docs to rST
18
* hw/pci-host/raven.c: Mark raven_io_ops as implementing unaligned accesses
21
* arch_init: Clean up and refactoring
19
* hw/block/tc58128: Don't emit deprecation warning under qtest
22
* hw/core/loader: In gunzip(), check index is in range before use, not after
20
* tests/qtest: Fix handling of npcm7xx and GMAC tests
23
* softmmu/physmem.c: Remove unneeded NULL check in qemu_ram_alloc_from_fd()
21
* hw/arm/virt: Wire up non-secure EL2 virtual timer IRQ
24
* softmmu/physmem.c: Check return value from realpath()
22
* tests/qtest/npcm7xx_emc-test: Connect all NICs to a backend
25
* Zero-initialize sockaddr_in structs
23
* Don't assert on vmload/vmsave of M-profile CPUs
26
* raspi: Use error_fatal for SoC realize errors, not error_abort
24
* hw/arm/smmuv3: add support for stage 1 access fault
27
* target/arm: Avoid assertion trying to use KVM and multiple ASes
25
* hw/arm/stellaris: QOM cleanups
28
* target/arm: Implement HSTR.TTEE
26
* Use new CBAR encoding for all v8 CPUs, not all aarch64 CPUs
29
* target/arm: Implement HSTR.TJDBX
27
* Improve Cortex_R52 IMPDEF sysreg modelling
30
* target/arm: Do hflags rebuild in cpsr_write()
28
* Allow access to SPSR_hyp from hyp mode
31
* hw/arm/xlnx-versal, xlnx-zynqmp: Add unimplemented APU mmio
29
* New board model mps3-an536 (Cortex-R52)
32
30
33
----------------------------------------------------------------
31
----------------------------------------------------------------
34
Andrew Jones (4):
32
Luc Michel (1):
35
target/arm/cpu: Introduce sve_vq_supported bitmap
33
hw/arm/smmuv3: add support for stage 1 access fault
36
target/arm/kvm64: Ensure sve vls map is completely clear
37
target/arm/cpu64: Replace kvm_supported with sve_vq_supported
38
target/arm/cpu64: Validate sve vector lengths are supported
39
34
40
Ani Sinha (1):
35
Nabih Estefan (1):
41
hw/arm/Kconfig: no need to enable ACPI_MEMORY_HOTPLUG/ACPI_NVDIMM explicitly
36
tests/qtest: Fix GMAC test to run on a machine in upstream QEMU
42
37
43
Peter Maydell (26):
38
Peter Maydell (22):
44
docs/specs/acpu_cpu_hotplug: Convert to rST
39
hw/pci-host/raven.c: Mark raven_io_ops as implementing unaligned accesses
45
docs/specs/acpi_mem_hotplug: Convert to rST
40
hw/block/tc58128: Don't emit deprecation warning under qtest
46
docs/specs/acpi_pci_hotplug: Convert to rST
41
tests/qtest/meson.build: Don't include qtests_npcm7xx in qtests_aarch64
47
docs/specs/acpi_nvdimm: Convert to rST
42
tests/qtest/bios-tables-test: Allow changes to virt GTDT
48
MAINTAINERS: Add ACPI specs documents to ACPI and NVDIMM sections
43
hw/arm/virt: Wire up non-secure EL2 virtual timer IRQ
49
softmmu: Use accel_find("xen") instead of xen_available()
44
tests/qtest/bios-tables-tests: Update virt golden reference
50
monitor: Use accel_find("kvm") instead of kvm_available()
45
hw/arm/npcm7xx: Call qemu_configure_nic_device() for GMAC modules
51
softmmu/arch_init.c: Trim down include list
46
tests/qtest/npcm7xx_emc-test: Connect all NICs to a backend
52
meson.build: Define QEMU_ARCH in config-target.h
47
target/arm: Don't get MDCR_EL2 in pmu_counter_enabled() before checking ARM_FEATURE_PMU
53
arch_init.h: Add QEMU_ARCH_HEXAGON
48
target/arm: Use new CBAR encoding for all v8 CPUs, not all aarch64 CPUs
54
arch_init.h: Move QEMU_ARCH_VIRTIO_* to qdev-monitor.c
49
target/arm: The Cortex-R52 has a read-only CBAR
55
arch_init.h: Don't include arch_init.h unnecessarily
50
target/arm: Add Cortex-R52 IMPDEF sysregs
56
stubs: Remove unused arch_type.c stub
51
target/arm: Allow access to SPSR_hyp from hyp mode
57
hw/core/loader: In gunzip(), check index is in range before use, not after
52
hw/misc/mps2-scc: Fix condition for CFG3 register
58
softmmu/physmem.c: Remove unneeded NULL check in qemu_ram_alloc_from_fd()
53
hw/misc/mps2-scc: Factor out which-board conditionals
59
softmmu/physmem.c: Check return value from realpath()
54
hw/misc/mps2-scc: Make changes needed for AN536 FPGA image
60
net: Zero sockaddr_in in parse_host_port()
55
hw/arm/mps3r: Initial skeleton for mps3-an536 board
61
gdbstub: Zero-initialize sockaddr structs
56
hw/arm/mps3r: Add CPUs, GIC, and per-CPU RAM
62
tests/qtest/ipmi-bt-test: Zero-initialize sockaddr struct
57
hw/arm/mps3r: Add UARTs
63
tests/tcg/multiarch/linux-test: Zero-initialize sockaddr structs
58
hw/arm/mps3r: Add GPIO, watchdog, dual-timer, I2C devices
64
raspi: Use error_fatal for SoC realize errors, not error_abort
59
hw/arm/mps3r: Add remaining devices
65
target/arm: Avoid assertion trying to use KVM and multiple ASes
60
docs: Add documentation for the mps3-an536 board
66
hw/arm/virt: Delete EL3 error checksnow provided in CPU realize
67
target/arm: Implement HSTR.TTEE
68
target/arm: Implement HSTR.TJDBX
69
target/arm: Do hflags rebuild in cpsr_write()
70
61
71
Philippe Mathieu-Daudé (4):
62
Philippe Mathieu-Daudé (5):
72
hw/arm/xlnx-zynqmp: Realize qspi controller *after* qspi_dma
63
hw/arm/xilinx_zynq: Wire FIQ between CPU <> GIC
73
hw/dma/xlnx_csu_dma: Run trivial checks early in realize()
64
hw/arm/stellaris: Convert ADC controller to Resettable interface
74
hw/dma/xlnx_csu_dma: Always expect 'dma' link property to be set
65
hw/arm/stellaris: Convert I2C controller to Resettable interface
75
hw/dma/xlnx-zdma Always expect 'dma' link property to be set
66
hw/arm/stellaris: Add missing QOM 'machine' parent
67
hw/arm/stellaris: Add missing QOM 'SoC' parent
76
68
77
Tong Ho (2):
69
Richard Henderson (6):
78
hw/arm/xlnx-versal: Add unimplemented APU mmio
70
linux-user/aarch64: Choose SYNC as the preferred MTE mode
79
hw/arm/xlnx-zynqmp: Add unimplemented APU mmio
71
target/arm: Fix nregs computation in do_{ld,st}_zpa
72
target/arm: Adjust and validate mtedesc sizem1
73
target/arm: Split out make_svemte_desc
74
target/arm: Handle mte in do_ldrq, do_ldro
75
target/arm: Fix SVE/SME gross MTE suppression checks
80
76
81
docs/specs/acpi_cpu_hotplug.rst | 235 +++++++++++++++++++++
77
MAINTAINERS | 3 +-
82
docs/specs/acpi_cpu_hotplug.txt | 160 --------------
78
docs/system/arm/mps2.rst | 37 +-
83
docs/specs/acpi_mem_hotplug.rst | 128 +++++++++++
79
configs/devices/arm-softmmu/default.mak | 1 +
84
docs/specs/acpi_mem_hotplug.txt | 94 ---------
80
hw/arm/smmuv3-internal.h | 1 +
85
docs/specs/acpi_nvdimm.rst | 228 ++++++++++++++++++++
81
include/hw/arm/smmu-common.h | 1 +
86
docs/specs/acpi_nvdimm.txt | 188 -----------------
82
include/hw/arm/virt.h | 2 +
87
.../{acpi_pci_hotplug.txt => acpi_pci_hotplug.rst} | 37 ++--
83
include/hw/misc/mps2-scc.h | 1 +
88
docs/specs/index.rst | 4 +
84
linux-user/aarch64/target_prctl.h | 29 +-
89
meson.build | 2 +
85
target/arm/internals.h | 2 +-
90
include/hw/arm/xlnx-versal.h | 2 +
86
target/arm/tcg/translate-a64.h | 2 +
91
include/hw/arm/xlnx-zynqmp.h | 7 +
87
hw/arm/mps3r.c | 640 ++++++++++++++++++++++++++++++++
92
include/hw/dma/xlnx-zdma.h | 2 +-
88
hw/arm/npcm7xx.c | 1 +
93
include/hw/dma/xlnx_csu_dma.h | 2 +-
89
hw/arm/smmu-common.c | 11 +
94
include/sysemu/arch_init.h | 15 +-
90
hw/arm/smmuv3.c | 1 +
95
target/arm/cpu.h | 17 +-
91
hw/arm/stellaris.c | 47 ++-
96
target/arm/helper.h | 2 +
92
hw/arm/virt-acpi-build.c | 20 +-
97
target/arm/syndrome.h | 7 +
93
hw/arm/virt.c | 60 ++-
98
blockdev.c | 1 -
94
hw/arm/xilinx_zynq.c | 2 +
99
gdbstub.c | 4 +-
95
hw/block/tc58128.c | 4 +-
100
hw/arm/raspi.c | 2 +-
96
hw/misc/mps2-scc.c | 138 ++++++-
101
hw/arm/virt.c | 5 -
97
hw/pci-host/raven.c | 1 +
102
hw/arm/xlnx-versal.c | 4 +
98
target/arm/helper.c | 14 +-
103
hw/arm/xlnx-zynqmp.c | 86 ++++++--
99
target/arm/tcg/cpu32.c | 109 ++++++
104
hw/core/loader.c | 35 ++-
100
target/arm/tcg/op_helper.c | 43 ++-
105
hw/dma/xlnx-zdma.c | 24 +--
101
target/arm/tcg/sme_helper.c | 8 +-
106
hw/dma/xlnx_csu_dma.c | 31 ++-
102
target/arm/tcg/sve_helper.c | 12 +-
107
hw/i386/pc.c | 1 -
103
target/arm/tcg/translate-sme.c | 15 +-
108
hw/i386/pc_piix.c | 1 -
104
target/arm/tcg/translate-sve.c | 83 +++--
109
hw/i386/pc_q35.c | 1 -
105
target/arm/tcg/translate.c | 19 +-
110
hw/mips/jazz.c | 1 -
106
tests/qtest/npcm7xx_emc-test.c | 5 +-
111
hw/mips/malta.c | 1 -
107
tests/qtest/npcm_gmac-test.c | 84 +----
112
hw/ppc/prep.c | 1 -
108
hw/arm/Kconfig | 5 +
113
hw/riscv/sifive_e.c | 1 -
109
hw/arm/meson.build | 1 +
114
hw/riscv/sifive_u.c | 1 -
110
tests/data/acpi/virt/FACP | Bin 276 -> 276 bytes
115
hw/riscv/spike.c | 1 -
111
tests/data/acpi/virt/GTDT | Bin 96 -> 104 bytes
116
hw/riscv/virt.c | 1 -
112
tests/qtest/meson.build | 4 +-
117
linux-user/arm/signal.c | 2 -
113
36 files changed, 1184 insertions(+), 222 deletions(-)
118
monitor/qmp-cmds.c | 3 +-
114
create mode 100644 hw/arm/mps3r.c
119
net/net.c | 2 +
120
softmmu/arch_init.c | 66 ------
121
softmmu/physmem.c | 5 +-
122
softmmu/qdev-monitor.c | 9 +
123
softmmu/vl.c | 6 +-
124
stubs/arch_type.c | 4 -
125
target/arm/cpu.c | 23 ++
126
target/arm/cpu64.c | 118 +++++------
127
target/arm/helper.c | 40 +++-
128
target/arm/kvm64.c | 2 +-
129
target/arm/op_helper.c | 16 ++
130
target/arm/translate.c | 12 ++
131
target/ppc/cpu_init.c | 1 -
132
target/s390x/cpu-sysemu.c | 1 -
133
tests/qtest/ipmi-bt-test.c | 2 +-
134
tests/tcg/multiarch/linux-test.c | 4 +-
135
MAINTAINERS | 5 +
136
hw/arm/Kconfig | 2 -
137
stubs/meson.build | 1 -
138
57 files changed, 949 insertions(+), 707 deletions(-)
139
create mode 100644 docs/specs/acpi_cpu_hotplug.rst
140
delete mode 100644 docs/specs/acpi_cpu_hotplug.txt
141
create mode 100644 docs/specs/acpi_mem_hotplug.rst
142
delete mode 100644 docs/specs/acpi_mem_hotplug.txt
143
create mode 100644 docs/specs/acpi_nvdimm.rst
144
delete mode 100644 docs/specs/acpi_nvdimm.txt
145
rename docs/specs/{acpi_pci_hotplug.txt => acpi_pci_hotplug.rst} (51%)
146
delete mode 100644 stubs/arch_type.c
147
115
diff view generated by jsdifflib
[PULL 26/37] net: Zero sockaddr_in in parse_host_port()
[PULL 01/35] hw/arm/xilinx_zynq: Wire FIQ between CPU <> GIC
1
We don't currently zero-initialize the 'struct sockaddr_in' that
1
From: Philippe Mathieu-Daudé <philmd@linaro.org>
2
parse_host_port() fills in, so any fields we don't explicitly
3
initialize might be left as random garbage. POSIX states that
4
implementations may define extensions in sockaddr_in, and that those
5
extensions must not trigger if zero-initialized. So not zero
6
initializing might result in inadvertently triggering an impdef
7
extension.
8
2
9
memset() the sockaddr_in before we start to fill it in.
3
Similarly to commits dadbb58f59..5ae79fe825 for other ARM boards,
4
connect FIQ output of the GIC CPU interfaces to the CPU.
10
5
11
Fixes: Coverity CID 1005338
6
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
7
Message-id: 20240130152548.17855-1-philmd@linaro.org
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
Reviewed-by: Eric Blake <eblake@redhat.com>
14
Message-id: 20210813150506.7768-2-peter.maydell@linaro.org
15
---
10
---
16
net/net.c | 2 ++
11
hw/arm/xilinx_zynq.c | 2 ++
17
1 file changed, 2 insertions(+)
12
1 file changed, 2 insertions(+)
18
13
19
diff --git a/net/net.c b/net/net.c
14
diff --git a/hw/arm/xilinx_zynq.c b/hw/arm/xilinx_zynq.c
20
index XXXXXXX..XXXXXXX 100644
15
index XXXXXXX..XXXXXXX 100644
21
--- a/net/net.c
16
--- a/hw/arm/xilinx_zynq.c
22
+++ b/net/net.c
17
+++ b/hw/arm/xilinx_zynq.c
23
@@ -XXX,XX +XXX,XX @@ int parse_host_port(struct sockaddr_in *saddr, const char *str,
18
@@ -XXX,XX +XXX,XX @@ static void zynq_init(MachineState *machine)
24
const char *addr, *p, *r;
19
sysbus_mmio_map(busdev, 0, MPCORE_PERIPHBASE);
25
int port, ret = 0;
20
sysbus_connect_irq(busdev, 0,
26
21
qdev_get_gpio_in(DEVICE(cpu), ARM_CPU_IRQ));
27
+ memset(saddr, 0, sizeof(*saddr));
22
+ sysbus_connect_irq(busdev, 1,
28
+
23
+ qdev_get_gpio_in(DEVICE(cpu), ARM_CPU_FIQ));
29
substrings = g_strsplit(str, ":", 2);
24
30
if (!substrings || !substrings[0] || !substrings[1]) {
25
for (n = 0; n < 64; n++) {
31
error_setg(errp, "host address '%s' doesn't contain ':' "
26
pic[n] = qdev_get_gpio_in(dev, n);
32
--
27
--
33
2.20.1
28
2.34.1
34
29
35
30
diff view generated by jsdifflib
[PULL 36/37] hw/arm/xlnx-versal: Add unimplemented APU mmio
[PULL 02/35] linux-user/aarch64: Choose SYNC as the preferred MTE mode
1
From: Tong Ho <tong.ho@xilinx.com>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
Add unimplemented APU mmio region to xlnx-versal for booting
3
The API does not generate an error for setting ASYNC | SYNC; that merely
4
bare-metal guests built with standalone bsp, which access the
4
constrains the selection vs the per-cpu default. For qemu linux-user,
5
region from one of the following places:
5
choose SYNC as the default.
6
https://github.com/Xilinx/embeddedsw/blob/release-2020.2/lib/bsp/standalone/src/arm/ARMv8/64bit/armclang/boot.S#L139
7
https://github.com/Xilinx/embeddedsw/blob/release-2020.2/lib/bsp/standalone/src/arm/ARMv8/64bit/gcc/boot.S#L183
8
6
9
Acked-by: Alistair Francis <alistair.francis@wdc.com>
7
Cc: qemu-stable@nongnu.org
10
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
8
Reported-by: Gustavo Romero <gustavo.romero@linaro.org>
11
Signed-off-by: Tong Ho <tong.ho@xilinx.com>
9
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
12
Message-id: 20210823173818.201259-2-tong.ho@xilinx.com
10
Tested-by: Gustavo Romero <gustavo.romero@linaro.org>
11
Message-id: 20240207025210.8837-2-richard.henderson@linaro.org
13
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
14
---
13
---
15
include/hw/arm/xlnx-versal.h | 2 ++
14
linux-user/aarch64/target_prctl.h | 29 +++++++++++++++++------------
16
hw/arm/xlnx-versal.c | 2 ++
15
1 file changed, 17 insertions(+), 12 deletions(-)
17
2 files changed, 4 insertions(+)
18
16
19
diff --git a/include/hw/arm/xlnx-versal.h b/include/hw/arm/xlnx-versal.h
17
diff --git a/linux-user/aarch64/target_prctl.h b/linux-user/aarch64/target_prctl.h
20
index XXXXXXX..XXXXXXX 100644
18
index XXXXXXX..XXXXXXX 100644
21
--- a/include/hw/arm/xlnx-versal.h
19
--- a/linux-user/aarch64/target_prctl.h
22
+++ b/include/hw/arm/xlnx-versal.h
20
+++ b/linux-user/aarch64/target_prctl.h
23
@@ -XXX,XX +XXX,XX @@ struct Versal {
21
@@ -XXX,XX +XXX,XX @@ static abi_long do_prctl_set_tagged_addr_ctrl(CPUArchState *env, abi_long arg2)
24
#define MM_IOU_SCNTRS_SIZE 0x10000
22
env->tagged_addr_enable = arg2 & PR_TAGGED_ADDR_ENABLE;
25
#define MM_FPD_CRF 0xfd1a0000U
23
26
#define MM_FPD_CRF_SIZE 0x140000
24
if (cpu_isar_feature(aa64_mte, cpu)) {
27
+#define MM_FPD_FPD_APU 0xfd5c0000
25
- switch (arg2 & PR_MTE_TCF_MASK) {
28
+#define MM_FPD_FPD_APU_SIZE 0x100
26
- case PR_MTE_TCF_NONE:
29
27
- case PR_MTE_TCF_SYNC:
30
#define MM_PMC_SD0 0xf1040000U
28
- case PR_MTE_TCF_ASYNC:
31
#define MM_PMC_SD0_SIZE 0x10000
29
- break;
32
diff --git a/hw/arm/xlnx-versal.c b/hw/arm/xlnx-versal.c
30
- default:
33
index XXXXXXX..XXXXXXX 100644
31
- return -EINVAL;
34
--- a/hw/arm/xlnx-versal.c
32
- }
35
+++ b/hw/arm/xlnx-versal.c
33
-
36
@@ -XXX,XX +XXX,XX @@ static void versal_unimp(Versal *s)
34
/*
37
MM_CRL, MM_CRL_SIZE);
35
* Write PR_MTE_TCF to SCTLR_EL1[TCF0].
38
versal_unimp_area(s, "crf", &s->mr_ps,
36
- * Note that the syscall values are consistent with hw.
39
MM_FPD_CRF, MM_FPD_CRF_SIZE);
37
+ *
40
+ versal_unimp_area(s, "apu", &s->mr_ps,
38
+ * The kernel has a per-cpu configuration for the sysadmin,
41
+ MM_FPD_FPD_APU, MM_FPD_FPD_APU_SIZE);
39
+ * /sys/devices/system/cpu/cpu<N>/mte_tcf_preferred,
42
versal_unimp_area(s, "crp", &s->mr_ps,
40
+ * which qemu does not implement.
43
MM_PMC_CRP, MM_PMC_CRP_SIZE);
41
+ *
44
versal_unimp_area(s, "iou-scntr", &s->mr_ps,
42
+ * Because there is no performance difference between the modes, and
43
+ * because SYNC is most useful for debugging MTE errors, choose SYNC
44
+ * as the preferred mode. With this preference, and the way the API
45
+ * uses only two bits, there is no way for the program to select
46
+ * ASYMM mode.
47
*/
48
- env->cp15.sctlr_el[1] =
49
- deposit64(env->cp15.sctlr_el[1], 38, 2, arg2 >> PR_MTE_TCF_SHIFT);
50
+ unsigned tcf = 0;
51
+ if (arg2 & PR_MTE_TCF_SYNC) {
52
+ tcf = 1;
53
+ } else if (arg2 & PR_MTE_TCF_ASYNC) {
54
+ tcf = 2;
55
+ }
56
+ env->cp15.sctlr_el[1] = deposit64(env->cp15.sctlr_el[1], 38, 2, tcf);
57
58
/*
59
* Write PR_MTE_TAG to GCR_EL1[Exclude].
45
--
60
--
46
2.20.1
61
2.34.1
47
48
diff view generated by jsdifflib
[PULL 23/37] hw/core/loader: In gunzip(), check index is in range before use, not after
[PULL 03/35] target/arm: Fix nregs computation in do_{ld,st}_zpa
1
The gunzip() function reads various fields from a passed in source
1
From: Richard Henderson <richard.henderson@linaro.org>
2
buffer in order to skip a header before passing the actual compressed
3
data to the zlib inflate() function. It does check whether the
4
passed in buffer is too small, but unfortunately it checks that only
5
after reading bytes from the src buffer, so it could read off the end
6
of the buffer.
7
2
8
You can see this with valgrind:
3
The field is encoded as [0-3], which is convenient for
4
indexing our array of function pointers, but the true
5
value is [1-4]. Adjust before calling do_mem_zpa.
9
6
10
$ printf "%b" '\x1f\x8b' > /tmp/image
7
Add an assert, and move the comment re passing ZT to
11
$ valgrind qemu-system-aarch64 -display none -M virt -cpu max -kernel /tmp/image
8
the helper back next to the relevant code.
12
[...]
13
==19224== Invalid read of size 1
14
==19224== at 0x67302E: gunzip (loader.c:558)
15
==19224== by 0x673907: load_image_gzipped_buffer (loader.c:788)
16
==19224== by 0xA18032: load_aarch64_image (boot.c:932)
17
==19224== by 0xA18489: arm_setup_direct_kernel_boot (boot.c:1063)
18
==19224== by 0xA18D90: arm_load_kernel (boot.c:1317)
19
==19224== by 0x9F3651: machvirt_init (virt.c:2114)
20
==19224== by 0x794B7A: machine_run_board_init (machine.c:1272)
21
==19224== by 0xD5CAD3: qemu_init_board (vl.c:2618)
22
==19224== by 0xD5CCA6: qmp_x_exit_preconfig (vl.c:2692)
23
==19224== by 0xD5F32E: qemu_init (vl.c:3713)
24
==19224== by 0x5ADDB1: main (main.c:49)
25
==19224== Address 0x3802a873 is 0 bytes after a block of size 3 alloc'd
26
==19224== at 0x4C31B0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
27
==19224== by 0x61E7657: g_file_get_contents (in /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.5600.4)
28
==19224== by 0x673895: load_image_gzipped_buffer (loader.c:771)
29
==19224== by 0xA18032: load_aarch64_image (boot.c:932)
30
==19224== by 0xA18489: arm_setup_direct_kernel_boot (boot.c:1063)
31
==19224== by 0xA18D90: arm_load_kernel (boot.c:1317)
32
==19224== by 0x9F3651: machvirt_init (virt.c:2114)
33
==19224== by 0x794B7A: machine_run_board_init (machine.c:1272)
34
==19224== by 0xD5CAD3: qemu_init_board (vl.c:2618)
35
==19224== by 0xD5CCA6: qmp_x_exit_preconfig (vl.c:2692)
36
==19224== by 0xD5F32E: qemu_init (vl.c:3713)
37
==19224== by 0x5ADDB1: main (main.c:49)
38
9
39
Check that we have enough bytes of data to read the header bytes that
10
Cc: qemu-stable@nongnu.org
40
we read before we read them.
11
Fixes: 206adacfb8d ("target/arm: Add mte helpers for sve scalar + int loads")
12
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
13
Tested-by: Gustavo Romero <gustavo.romero@linaro.org>
14
Message-id: 20240207025210.8837-3-richard.henderson@linaro.org
15
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
16
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
17
---
18
target/arm/tcg/translate-sve.c | 16 ++++++++--------
19
1 file changed, 8 insertions(+), 8 deletions(-)
41
20
42
Fixes: Coverity 1458997
21
diff --git a/target/arm/tcg/translate-sve.c b/target/arm/tcg/translate-sve.c
43
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
44
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
45
Message-id: 20210812141803.20913-1-peter.maydell@linaro.org
46
---
47
hw/core/loader.c | 35 +++++++++++++++++++++++++----------
48
1 file changed, 25 insertions(+), 10 deletions(-)
49
50
diff --git a/hw/core/loader.c b/hw/core/loader.c
51
index XXXXXXX..XXXXXXX 100644
22
index XXXXXXX..XXXXXXX 100644
52
--- a/hw/core/loader.c
23
--- a/target/arm/tcg/translate-sve.c
53
+++ b/hw/core/loader.c
24
+++ b/target/arm/tcg/translate-sve.c
54
@@ -XXX,XX +XXX,XX @@ ssize_t gunzip(void *dst, size_t dstlen, uint8_t *src, size_t srclen)
25
@@ -XXX,XX +XXX,XX @@ static void do_mem_zpa(DisasContext *s, int zt, int pg, TCGv_i64 addr,
55
26
TCGv_ptr t_pg;
56
/* skip header */
27
int desc = 0;
57
i = 10;
28
58
+ if (srclen < 4) {
29
- /*
59
+ goto toosmall;
30
- * For e.g. LD4, there are not enough arguments to pass all 4
60
+ }
31
- * registers as pointers, so encode the regno into the data field.
61
flags = src[3];
32
- * For consistency, do this even for LD1.
62
if (src[2] != DEFLATED || (flags & RESERVED) != 0) {
33
- */
63
puts ("Error: Bad gzipped data\n");
34
+ assert(mte_n >= 1 && mte_n <= 4);
64
return -1;
35
if (s->mte_active[0]) {
36
int msz = dtype_msz(dtype);
37
38
@@ -XXX,XX +XXX,XX @@ static void do_mem_zpa(DisasContext *s, int zt, int pg, TCGv_i64 addr,
39
addr = clean_data_tbi(s, addr);
65
}
40
}
66
- if ((flags & EXTRA_FIELD) != 0)
41
67
+ if ((flags & EXTRA_FIELD) != 0) {
42
+ /*
68
+ if (srclen < 12) {
43
+ * For e.g. LD4, there are not enough arguments to pass all 4
69
+ goto toosmall;
44
+ * registers as pointers, so encode the regno into the data field.
70
+ }
45
+ * For consistency, do this even for LD1.
71
i = 12 + src[10] + (src[11] << 8);
46
+ */
72
- if ((flags & ORIG_NAME) != 0)
47
desc = simd_desc(vsz, vsz, zt | desc);
73
- while (src[i++] != 0)
48
t_pg = tcg_temp_new_ptr();
74
- ;
49
75
- if ((flags & COMMENT) != 0)
50
@@ -XXX,XX +XXX,XX @@ static void do_ld_zpa(DisasContext *s, int zt, int pg,
76
- while (src[i++] != 0)
51
* accessible via the instruction encoding.
77
- ;
52
*/
78
- if ((flags & HEAD_CRC) != 0)
53
assert(fn != NULL);
79
+ }
54
- do_mem_zpa(s, zt, pg, addr, dtype, nreg, false, fn);
80
+ if ((flags & ORIG_NAME) != 0) {
55
+ do_mem_zpa(s, zt, pg, addr, dtype, nreg + 1, false, fn);
81
+ while (i < srclen && src[i++] != 0) {
56
}
82
+ /* do nothing */
57
83
+ }
58
static bool trans_LD_zprr(DisasContext *s, arg_rprr_load *a)
84
+ }
59
@@ -XXX,XX +XXX,XX @@ static void do_st_zpa(DisasContext *s, int zt, int pg, TCGv_i64 addr,
85
+ if ((flags & COMMENT) != 0) {
60
if (nreg == 0) {
86
+ while (i < srclen && src[i++] != 0) {
61
/* ST1 */
87
+ /* do nothing */
62
fn = fn_single[s->mte_active[0]][be][msz][esz];
88
+ }
63
- nreg = 1;
89
+ }
64
} else {
90
+ if ((flags & HEAD_CRC) != 0) {
65
/* ST2, ST3, ST4 -- msz == esz, enforced by encoding */
91
i += 2;
66
assert(msz == esz);
92
+ }
67
fn = fn_multiple[s->mte_active[0]][be][nreg - 1][msz];
93
if (i >= srclen) {
94
- puts ("Error: gunzip out of data in header\n");
95
- return -1;
96
+ goto toosmall;
97
}
68
}
98
69
assert(fn != NULL);
99
s.zalloc = zalloc;
70
- do_mem_zpa(s, zt, pg, addr, msz_dtype(s, msz), nreg, true, fn);
100
@@ -XXX,XX +XXX,XX @@ ssize_t gunzip(void *dst, size_t dstlen, uint8_t *src, size_t srclen)
71
+ do_mem_zpa(s, zt, pg, addr, msz_dtype(s, msz), nreg + 1, true, fn);
101
inflateEnd(&s);
102
103
return dstbytes;
104
+
105
+toosmall:
106
+ puts("Error: gunzip out of data in header\n");
107
+ return -1;
108
}
72
}
109
73
110
/* Load a U-Boot image. */
74
static bool trans_ST_zprr(DisasContext *s, arg_rprr_store *a)
111
--
75
--
112
2.20.1
76
2.34.1
113
114
diff view generated by jsdifflib
[PULL 08/37] target/arm/cpu64: Replace kvm_supported with sve_vq_supported
[PULL 04/35] target/arm: Adjust and validate mtedesc sizem1
1
From: Andrew Jones <drjones@redhat.com>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
Now that we have an ARMCPU member sve_vq_supported we no longer
3
When we added SVE_MTEDESC_SHIFT, we effectively limited the
4
need the local kvm_supported bitmap for KVM's supported vector
4
maximum size of MTEDESC. Adjust SIZEM1 to consume the remaining
5
lengths.
5
bits (32 - 10 - 5 - 12 == 5). Assert that the data to be stored
6
fits within the field (expecting 8 * 4 - 1 == 31, exact fit).
6
7
7
Signed-off-by: Andrew Jones <drjones@redhat.com>
8
Cc: qemu-stable@nongnu.org
8
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
9
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
9
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
10
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
10
Message-id: 20210823160647.34028-4-drjones@redhat.com
11
Tested-by: Gustavo Romero <gustavo.romero@linaro.org>
12
Message-id: 20240207025210.8837-4-richard.henderson@linaro.org
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
---
14
---
13
target/arm/cpu64.c | 19 +++++++++++--------
15
target/arm/internals.h | 2 +-
14
1 file changed, 11 insertions(+), 8 deletions(-)
16
target/arm/tcg/translate-sve.c | 7 ++++---
17
2 files changed, 5 insertions(+), 4 deletions(-)
15
18
16
diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c
19
diff --git a/target/arm/internals.h b/target/arm/internals.h
17
index XXXXXXX..XXXXXXX 100644
20
index XXXXXXX..XXXXXXX 100644
18
--- a/target/arm/cpu64.c
21
--- a/target/arm/internals.h
19
+++ b/target/arm/cpu64.c
22
+++ b/target/arm/internals.h
20
@@ -XXX,XX +XXX,XX @@ void arm_cpu_sve_finalize(ARMCPU *cpu, Error **errp)
23
@@ -XXX,XX +XXX,XX @@ FIELD(MTEDESC, TBI, 4, 2)
21
* any of the above. Finally, if SVE is not disabled, then at least one
24
FIELD(MTEDESC, TCMA, 6, 2)
22
* vector length must be enabled.
25
FIELD(MTEDESC, WRITE, 8, 1)
23
*/
26
FIELD(MTEDESC, ALIGN, 9, 3)
24
- DECLARE_BITMAP(kvm_supported, ARM_MAX_VQ);
27
-FIELD(MTEDESC, SIZEM1, 12, SIMD_DATA_BITS - 12) /* size - 1 */
25
DECLARE_BITMAP(tmp, ARM_MAX_VQ);
28
+FIELD(MTEDESC, SIZEM1, 12, SIMD_DATA_BITS - SVE_MTEDESC_SHIFT - 12) /* size - 1 */
26
uint32_t vq, max_vq = 0;
29
27
30
bool mte_probe(CPUARMState *env, uint32_t desc, uint64_t ptr);
28
- /* Collect the set of vector lengths supported by KVM. */
31
uint64_t mte_check(CPUARMState *env, uint32_t desc, uint64_t ptr, uintptr_t ra);
29
- bitmap_zero(kvm_supported, ARM_MAX_VQ);
32
diff --git a/target/arm/tcg/translate-sve.c b/target/arm/tcg/translate-sve.c
30
+ /*
33
index XXXXXXX..XXXXXXX 100644
31
+ * CPU models specify a set of supported vector lengths which are
34
--- a/target/arm/tcg/translate-sve.c
32
+ * enabled by default. Attempting to enable any vector length not set
35
+++ b/target/arm/tcg/translate-sve.c
33
+ * in the supported bitmap results in an error. When KVM is enabled we
36
@@ -XXX,XX +XXX,XX @@ static void do_mem_zpa(DisasContext *s, int zt, int pg, TCGv_i64 addr,
34
+ * fetch the supported bitmap from the host.
37
{
35
+ */
38
unsigned vsz = vec_full_reg_size(s);
36
if (kvm_enabled() && kvm_arm_sve_supported()) {
39
TCGv_ptr t_pg;
37
- kvm_arm_sve_get_vls(CPU(cpu), kvm_supported);
40
+ uint32_t sizem1;
38
+ kvm_arm_sve_get_vls(CPU(cpu), cpu->sve_vq_supported);
41
int desc = 0;
39
} else if (kvm_enabled()) {
42
40
assert(!cpu_isar_feature(aa64_sve, cpu));
43
assert(mte_n >= 1 && mte_n <= 4);
41
}
44
+ sizem1 = (mte_n << dtype_msz(dtype)) - 1;
42
@@ -XXX,XX +XXX,XX @@ void arm_cpu_sve_finalize(ARMCPU *cpu, Error **errp)
45
+ assert(sizem1 <= R_MTEDESC_SIZEM1_MASK >> R_MTEDESC_SIZEM1_SHIFT);
43
* For KVM we have to automatically enable all supported unitialized
46
if (s->mte_active[0]) {
44
* lengths, even when the smaller lengths are not all powers-of-two.
47
- int msz = dtype_msz(dtype);
45
*/
48
-
46
- bitmap_andnot(tmp, kvm_supported, cpu->sve_vq_init, max_vq);
49
desc = FIELD_DP32(desc, MTEDESC, MIDX, get_mem_index(s));
47
+ bitmap_andnot(tmp, cpu->sve_vq_supported, cpu->sve_vq_init, max_vq);
50
desc = FIELD_DP32(desc, MTEDESC, TBI, s->tbid);
48
bitmap_or(cpu->sve_vq_map, cpu->sve_vq_map, tmp, max_vq);
51
desc = FIELD_DP32(desc, MTEDESC, TCMA, s->tcma);
49
} else {
52
desc = FIELD_DP32(desc, MTEDESC, WRITE, is_write);
50
/* Propagate enabled bits down through required powers-of-two. */
53
- desc = FIELD_DP32(desc, MTEDESC, SIZEM1, (mte_n << msz) - 1);
51
@@ -XXX,XX +XXX,XX @@ void arm_cpu_sve_finalize(ARMCPU *cpu, Error **errp)
54
+ desc = FIELD_DP32(desc, MTEDESC, SIZEM1, sizem1);
52
/* Disabling a supported length disables all larger lengths. */
55
desc <<= SVE_MTEDESC_SHIFT;
53
for (vq = 1; vq <= ARM_MAX_VQ; ++vq) {
56
} else {
54
if (test_bit(vq - 1, cpu->sve_vq_init) &&
57
addr = clean_data_tbi(s, addr);
55
- test_bit(vq - 1, kvm_supported)) {
56
+ test_bit(vq - 1, cpu->sve_vq_supported)) {
57
break;
58
}
59
}
60
max_vq = vq <= ARM_MAX_VQ ? vq - 1 : ARM_MAX_VQ;
61
- bitmap_andnot(cpu->sve_vq_map, kvm_supported,
62
+ bitmap_andnot(cpu->sve_vq_map, cpu->sve_vq_supported,
63
cpu->sve_vq_init, max_vq);
64
if (max_vq == 0 || bitmap_empty(cpu->sve_vq_map, max_vq)) {
65
error_setg(errp, "cannot disable sve%d", vq * 128);
66
@@ -XXX,XX +XXX,XX @@ void arm_cpu_sve_finalize(ARMCPU *cpu, Error **errp)
67
68
if (kvm_enabled()) {
69
/* Ensure the set of lengths matches what KVM supports. */
70
- bitmap_xor(tmp, cpu->sve_vq_map, kvm_supported, max_vq);
71
+ bitmap_xor(tmp, cpu->sve_vq_map, cpu->sve_vq_supported, max_vq);
72
if (!bitmap_empty(tmp, max_vq)) {
73
vq = find_last_bit(tmp, max_vq) + 1;
74
if (test_bit(vq - 1, cpu->sve_vq_map)) {
75
--
58
--
76
2.20.1
59
2.34.1
77
78
diff view generated by jsdifflib
[PULL 37/37] hw/arm/xlnx-zynqmp: Add unimplemented APU mmio
[PULL 05/35] target/arm: Split out make_svemte_desc
1
From: Tong Ho <tong.ho@xilinx.com>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
Add unimplemented APU mmio region to xlnx-zynqmp for booting
3
Share code that creates mtedesc and embeds within simd_desc.
4
bare-metal guests built with standalone bsp, which access the
5
region from one of the following places:
6
https://github.com/Xilinx/embeddedsw/blob/release-2020.2/lib/bsp/standalone/src/arm/ARMv8/64bit/armclang/boot.S#L139
7
https://github.com/Xilinx/embeddedsw/blob/release-2020.2/lib/bsp/standalone/src/arm/ARMv8/64bit/gcc/boot.S#L183
8
4
9
Acked-by: Alistair Francis <alistair.francis@wdc.com>
5
Cc: qemu-stable@nongnu.org
10
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
11
Signed-off-by: Tong Ho <tong.ho@xilinx.com>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
12
Message-id: 20210823173818.201259-3-tong.ho@xilinx.com
8
Tested-by: Gustavo Romero <gustavo.romero@linaro.org>
9
Message-id: 20240207025210.8837-5-richard.henderson@linaro.org
13
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
14
---
11
---
15
include/hw/arm/xlnx-zynqmp.h | 7 +++++++
12
target/arm/tcg/translate-a64.h | 2 ++
16
hw/arm/xlnx-zynqmp.c | 32 ++++++++++++++++++++++++++++++++
13
target/arm/tcg/translate-sme.c | 15 +++--------
17
2 files changed, 39 insertions(+)
14
target/arm/tcg/translate-sve.c | 47 ++++++++++++++++++----------------
15
3 files changed, 31 insertions(+), 33 deletions(-)
18
16
19
diff --git a/include/hw/arm/xlnx-zynqmp.h b/include/hw/arm/xlnx-zynqmp.h
17
diff --git a/target/arm/tcg/translate-a64.h b/target/arm/tcg/translate-a64.h
20
index XXXXXXX..XXXXXXX 100644
18
index XXXXXXX..XXXXXXX 100644
21
--- a/include/hw/arm/xlnx-zynqmp.h
19
--- a/target/arm/tcg/translate-a64.h
22
+++ b/include/hw/arm/xlnx-zynqmp.h
20
+++ b/target/arm/tcg/translate-a64.h
23
@@ -XXX,XX +XXX,XX @@ OBJECT_DECLARE_SIMPLE_TYPE(XlnxZynqMPState, XLNX_ZYNQMP)
21
@@ -XXX,XX +XXX,XX @@ bool logic_imm_decode_wmask(uint64_t *result, unsigned int immn,
24
#define XLNX_ZYNQMP_MAX_RAM_SIZE (XLNX_ZYNQMP_MAX_LOW_RAM_SIZE + \
22
bool sve_access_check(DisasContext *s);
25
XLNX_ZYNQMP_MAX_HIGH_RAM_SIZE)
23
bool sme_enabled_check(DisasContext *s);
26
24
bool sme_enabled_check_with_svcr(DisasContext *s, unsigned);
27
+/*
25
+uint32_t make_svemte_desc(DisasContext *s, unsigned vsz, uint32_t nregs,
28
+ * Unimplemented mmio regions needed to boot some images.
26
+ uint32_t msz, bool is_write, uint32_t data);
29
+ */
27
30
+#define XLNX_ZYNQMP_NUM_UNIMP_AREAS 1
28
/* This function corresponds to CheckStreamingSVEEnabled. */
29
static inline bool sme_sm_enabled_check(DisasContext *s)
30
diff --git a/target/arm/tcg/translate-sme.c b/target/arm/tcg/translate-sme.c
31
index XXXXXXX..XXXXXXX 100644
32
--- a/target/arm/tcg/translate-sme.c
33
+++ b/target/arm/tcg/translate-sme.c
34
@@ -XXX,XX +XXX,XX @@ static bool trans_LDST1(DisasContext *s, arg_LDST1 *a)
35
36
TCGv_ptr t_za, t_pg;
37
TCGv_i64 addr;
38
- int svl, desc = 0;
39
+ uint32_t desc;
40
bool be = s->be_data == MO_BE;
41
bool mte = s->mte_active[0];
42
43
@@ -XXX,XX +XXX,XX @@ static bool trans_LDST1(DisasContext *s, arg_LDST1 *a)
44
tcg_gen_shli_i64(addr, cpu_reg(s, a->rm), a->esz);
45
tcg_gen_add_i64(addr, addr, cpu_reg_sp(s, a->rn));
46
47
- if (mte) {
48
- desc = FIELD_DP32(desc, MTEDESC, MIDX, get_mem_index(s));
49
- desc = FIELD_DP32(desc, MTEDESC, TBI, s->tbid);
50
- desc = FIELD_DP32(desc, MTEDESC, TCMA, s->tcma);
51
- desc = FIELD_DP32(desc, MTEDESC, WRITE, a->st);
52
- desc = FIELD_DP32(desc, MTEDESC, SIZEM1, (1 << a->esz) - 1);
53
- desc <<= SVE_MTEDESC_SHIFT;
54
- } else {
55
+ if (!mte) {
56
addr = clean_data_tbi(s, addr);
57
}
58
- svl = streaming_vec_reg_size(s);
59
- desc = simd_desc(svl, svl, desc);
31
+
60
+
32
struct XlnxZynqMPState {
61
+ desc = make_svemte_desc(s, streaming_vec_reg_size(s), 1, a->esz, a->st, 0);
33
/*< private >*/
62
34
DeviceState parent_obj;
63
fns[a->esz][be][a->v][mte][a->st](tcg_env, t_za, t_pg, addr,
35
@@ -XXX,XX +XXX,XX @@ struct XlnxZynqMPState {
64
tcg_constant_i32(desc));
36
MemoryRegion *ddr_ram;
65
diff --git a/target/arm/tcg/translate-sve.c b/target/arm/tcg/translate-sve.c
37
MemoryRegion ddr_ram_low, ddr_ram_high;
66
index XXXXXXX..XXXXXXX 100644
38
67
--- a/target/arm/tcg/translate-sve.c
39
+ MemoryRegion mr_unimp[XLNX_ZYNQMP_NUM_UNIMP_AREAS];
68
+++ b/target/arm/tcg/translate-sve.c
69
@@ -XXX,XX +XXX,XX @@ static const uint8_t dtype_esz[16] = {
70
3, 2, 1, 3
71
};
72
73
-static void do_mem_zpa(DisasContext *s, int zt, int pg, TCGv_i64 addr,
74
- int dtype, uint32_t mte_n, bool is_write,
75
- gen_helper_gvec_mem *fn)
76
+uint32_t make_svemte_desc(DisasContext *s, unsigned vsz, uint32_t nregs,
77
+ uint32_t msz, bool is_write, uint32_t data)
78
{
79
- unsigned vsz = vec_full_reg_size(s);
80
- TCGv_ptr t_pg;
81
uint32_t sizem1;
82
- int desc = 0;
83
+ uint32_t desc = 0;
84
85
- assert(mte_n >= 1 && mte_n <= 4);
86
- sizem1 = (mte_n << dtype_msz(dtype)) - 1;
87
+ /* Assert all of the data fits, with or without MTE enabled. */
88
+ assert(nregs >= 1 && nregs <= 4);
89
+ sizem1 = (nregs << msz) - 1;
90
assert(sizem1 <= R_MTEDESC_SIZEM1_MASK >> R_MTEDESC_SIZEM1_SHIFT);
91
+ assert(data < 1u << SVE_MTEDESC_SHIFT);
40
+
92
+
41
CadenceGEMState gem[XLNX_ZYNQMP_NUM_GEMS];
93
if (s->mte_active[0]) {
42
CadenceUARTState uart[XLNX_ZYNQMP_NUM_UARTS];
94
desc = FIELD_DP32(desc, MTEDESC, MIDX, get_mem_index(s));
43
XlnxZynqMPCANState can[XLNX_ZYNQMP_NUM_CAN];
95
desc = FIELD_DP32(desc, MTEDESC, TBI, s->tbid);
44
diff --git a/hw/arm/xlnx-zynqmp.c b/hw/arm/xlnx-zynqmp.c
96
@@ -XXX,XX +XXX,XX @@ static void do_mem_zpa(DisasContext *s, int zt, int pg, TCGv_i64 addr,
45
index XXXXXXX..XXXXXXX 100644
97
desc = FIELD_DP32(desc, MTEDESC, WRITE, is_write);
46
--- a/hw/arm/xlnx-zynqmp.c
98
desc = FIELD_DP32(desc, MTEDESC, SIZEM1, sizem1);
47
+++ b/hw/arm/xlnx-zynqmp.c
99
desc <<= SVE_MTEDESC_SHIFT;
48
@@ -XXX,XX +XXX,XX @@
100
- } else {
49
#include "qemu/module.h"
50
#include "hw/arm/xlnx-zynqmp.h"
51
#include "hw/intc/arm_gic_common.h"
52
+#include "hw/misc/unimp.h"
53
#include "hw/boards.h"
54
#include "sysemu/kvm.h"
55
#include "sysemu/sysemu.h"
56
@@ -XXX,XX +XXX,XX @@
57
#define DPDMA_ADDR 0xfd4c0000
58
#define DPDMA_IRQ 116
59
60
+#define APU_ADDR 0xfd5c0000
61
+#define APU_SIZE 0x100
62
+
63
#define IPI_ADDR 0xFF300000
64
#define IPI_IRQ 64
65
66
@@ -XXX,XX +XXX,XX @@ static void xlnx_zynqmp_create_rpu(MachineState *ms, XlnxZynqMPState *s,
67
qdev_realize(DEVICE(&s->rpu_cluster), NULL, &error_fatal);
68
}
69
70
+static void xlnx_zynqmp_create_unimp_mmio(XlnxZynqMPState *s)
71
+{
72
+ static const struct UnimpInfo {
73
+ const char *name;
74
+ hwaddr base;
75
+ hwaddr size;
76
+ } unimp_areas[ARRAY_SIZE(s->mr_unimp)] = {
77
+ { .name = "apu", APU_ADDR, APU_SIZE },
78
+ };
79
+ unsigned int nr;
80
+
81
+ for (nr = 0; nr < ARRAY_SIZE(unimp_areas); nr++) {
82
+ const struct UnimpInfo *info = &unimp_areas[nr];
83
+ DeviceState *dev = qdev_new(TYPE_UNIMPLEMENTED_DEVICE);
84
+ SysBusDevice *sbd = SYS_BUS_DEVICE(dev);
85
+
86
+ assert(info->name && info->base && info->size > 0);
87
+ qdev_prop_set_string(dev, "name", info->name);
88
+ qdev_prop_set_uint64(dev, "size", info->size);
89
+ object_property_add_child(OBJECT(s), info->name, OBJECT(dev));
90
+
91
+ sysbus_realize_and_unref(sbd, &error_fatal);
92
+ sysbus_mmio_map(sbd, 0, info->base);
93
+ }
101
+ }
102
+ return simd_desc(vsz, vsz, desc | data);
94
+}
103
+}
95
+
104
+
96
static void xlnx_zynqmp_init(Object *obj)
105
+static void do_mem_zpa(DisasContext *s, int zt, int pg, TCGv_i64 addr,
106
+ int dtype, uint32_t nregs, bool is_write,
107
+ gen_helper_gvec_mem *fn)
108
+{
109
+ TCGv_ptr t_pg;
110
+ uint32_t desc;
111
+
112
+ if (!s->mte_active[0]) {
113
addr = clean_data_tbi(s, addr);
114
}
115
116
@@ -XXX,XX +XXX,XX @@ static void do_mem_zpa(DisasContext *s, int zt, int pg, TCGv_i64 addr,
117
* registers as pointers, so encode the regno into the data field.
118
* For consistency, do this even for LD1.
119
*/
120
- desc = simd_desc(vsz, vsz, zt | desc);
121
+ desc = make_svemte_desc(s, vec_full_reg_size(s), nregs,
122
+ dtype_msz(dtype), is_write, zt);
123
t_pg = tcg_temp_new_ptr();
124
125
tcg_gen_addi_ptr(t_pg, tcg_env, pred_full_reg_offset(s, pg));
126
@@ -XXX,XX +XXX,XX @@ static void do_mem_zpz(DisasContext *s, int zt, int pg, int zm,
127
int scale, TCGv_i64 scalar, int msz, bool is_write,
128
gen_helper_gvec_mem_scatter *fn)
97
{
129
{
98
MachineState *ms = MACHINE(qdev_get_machine());
130
- unsigned vsz = vec_full_reg_size(s);
99
@@ -XXX,XX +XXX,XX @@ static void xlnx_zynqmp_realize(DeviceState *dev, Error **errp)
131
TCGv_ptr t_zm = tcg_temp_new_ptr();
100
sysbus_mmio_map(SYS_BUS_DEVICE(&s->rtc), 0, RTC_ADDR);
132
TCGv_ptr t_pg = tcg_temp_new_ptr();
101
sysbus_connect_irq(SYS_BUS_DEVICE(&s->rtc), 0, gic_spi[RTC_IRQ]);
133
TCGv_ptr t_zt = tcg_temp_new_ptr();
102
134
- int desc = 0;
103
+ xlnx_zynqmp_create_unimp_mmio(s);
135
-
136
- if (s->mte_active[0]) {
137
- desc = FIELD_DP32(desc, MTEDESC, MIDX, get_mem_index(s));
138
- desc = FIELD_DP32(desc, MTEDESC, TBI, s->tbid);
139
- desc = FIELD_DP32(desc, MTEDESC, TCMA, s->tcma);
140
- desc = FIELD_DP32(desc, MTEDESC, WRITE, is_write);
141
- desc = FIELD_DP32(desc, MTEDESC, SIZEM1, (1 << msz) - 1);
142
- desc <<= SVE_MTEDESC_SHIFT;
143
- }
144
- desc = simd_desc(vsz, vsz, desc | scale);
145
+ uint32_t desc;
146
147
tcg_gen_addi_ptr(t_pg, tcg_env, pred_full_reg_offset(s, pg));
148
tcg_gen_addi_ptr(t_zm, tcg_env, vec_full_reg_offset(s, zm));
149
tcg_gen_addi_ptr(t_zt, tcg_env, vec_full_reg_offset(s, zt));
104
+
150
+
105
for (i = 0; i < XLNX_ZYNQMP_NUM_GDMA_CH; i++) {
151
+ desc = make_svemte_desc(s, vec_full_reg_size(s), 1, msz, is_write, scale);
106
if (!object_property_set_uint(OBJECT(&s->gdma[i]), "bus-width", 128,
152
fn(tcg_env, t_zt, t_pg, t_zm, scalar, tcg_constant_i32(desc));
107
errp)) {
153
}
154
108
--
155
--
109
2.20.1
156
2.34.1
110
111
diff view generated by jsdifflib
[PULL 06/37] target/arm/cpu: Introduce sve_vq_supported bitmap
[PULL 06/35] target/arm: Handle mte in do_ldrq, do_ldro
1
From: Andrew Jones <drjones@redhat.com>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
Allow CPUs that support SVE to specify which SVE vector lengths they
3
These functions "use the standard load helpers", but
4
support by setting them in this bitmap. Currently only the 'max' and
4
fail to clean_data_tbi or populate mtedesc.
5
'host' CPU types supports SVE and 'host' requires KVM which obtains
6
its supported bitmap from the host. So, we only need to initialize the
7
bitmap for 'max' with TCG. And, since 'max' should support all SVE
8
vector lengths we simply fill the bitmap. Future CPU types may have
9
less trivial maps though.
10
5
11
Signed-off-by: Andrew Jones <drjones@redhat.com>
6
Cc: qemu-stable@nongnu.org
12
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
7
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
13
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
14
Message-id: 20210823160647.34028-2-drjones@redhat.com
9
Tested-by: Gustavo Romero <gustavo.romero@linaro.org>
10
Message-id: 20240207025210.8837-6-richard.henderson@linaro.org
15
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
16
---
12
---
17
target/arm/cpu.h | 4 ++++
13
target/arm/tcg/translate-sve.c | 15 +++++++++++++--
18
target/arm/cpu64.c | 2 ++
14
1 file changed, 13 insertions(+), 2 deletions(-)
19
2 files changed, 6 insertions(+)
20
15
21
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
16
diff --git a/target/arm/tcg/translate-sve.c b/target/arm/tcg/translate-sve.c
22
index XXXXXXX..XXXXXXX 100644
17
index XXXXXXX..XXXXXXX 100644
23
--- a/target/arm/cpu.h
18
--- a/target/arm/tcg/translate-sve.c
24
+++ b/target/arm/cpu.h
19
+++ b/target/arm/tcg/translate-sve.c
25
@@ -XXX,XX +XXX,XX @@ struct ARMCPU {
20
@@ -XXX,XX +XXX,XX @@ static void do_ldrq(DisasContext *s, int zt, int pg, TCGv_i64 addr, int dtype)
26
* While processing properties during initialization, corresponding
21
unsigned vsz = vec_full_reg_size(s);
27
* sve_vq_init bits are set for bits in sve_vq_map that have been
22
TCGv_ptr t_pg;
28
* set by properties.
23
int poff;
29
+ *
24
+ uint32_t desc;
30
+ * Bits set in sve_vq_supported represent valid vector lengths for
25
31
+ * the CPU type.
26
/* Load the first quadword using the normal predicated load helpers. */
32
*/
27
+ if (!s->mte_active[0]) {
33
DECLARE_BITMAP(sve_vq_map, ARM_MAX_VQ);
28
+ addr = clean_data_tbi(s, addr);
34
DECLARE_BITMAP(sve_vq_init, ARM_MAX_VQ);
29
+ }
35
+ DECLARE_BITMAP(sve_vq_supported, ARM_MAX_VQ);
36
37
/* Generic timer counter frequency, in Hz */
38
uint64_t gt_cntfrq_hz;
39
diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c
40
index XXXXXXX..XXXXXXX 100644
41
--- a/target/arm/cpu64.c
42
+++ b/target/arm/cpu64.c
43
@@ -XXX,XX +XXX,XX @@ static void aarch64_max_initfn(Object *obj)
44
/* Default to PAUTH on, with the architected algorithm. */
45
qdev_property_add_static(DEVICE(obj), &arm_cpu_pauth_property);
46
qdev_property_add_static(DEVICE(obj), &arm_cpu_pauth_impdef_property);
47
+
30
+
48
+ bitmap_fill(cpu->sve_vq_supported, ARM_MAX_VQ);
31
poff = pred_full_reg_offset(s, pg);
32
if (vsz > 16) {
33
/*
34
@@ -XXX,XX +XXX,XX @@ static void do_ldrq(DisasContext *s, int zt, int pg, TCGv_i64 addr, int dtype)
35
36
gen_helper_gvec_mem *fn
37
= ldr_fns[s->mte_active[0]][s->be_data == MO_BE][dtype][0];
38
- fn(tcg_env, t_pg, addr, tcg_constant_i32(simd_desc(16, 16, zt)));
39
+ desc = make_svemte_desc(s, 16, 1, dtype_msz(dtype), false, zt);
40
+ fn(tcg_env, t_pg, addr, tcg_constant_i32(desc));
41
42
/* Replicate that first quadword. */
43
if (vsz > 16) {
44
@@ -XXX,XX +XXX,XX @@ static void do_ldro(DisasContext *s, int zt, int pg, TCGv_i64 addr, int dtype)
45
unsigned vsz_r32;
46
TCGv_ptr t_pg;
47
int poff, doff;
48
+ uint32_t desc;
49
50
if (vsz < 32) {
51
/*
52
@@ -XXX,XX +XXX,XX @@ static void do_ldro(DisasContext *s, int zt, int pg, TCGv_i64 addr, int dtype)
49
}
53
}
50
54
51
aarch64_add_sve_properties(obj);
55
/* Load the first octaword using the normal predicated load helpers. */
56
+ if (!s->mte_active[0]) {
57
+ addr = clean_data_tbi(s, addr);
58
+ }
59
60
poff = pred_full_reg_offset(s, pg);
61
if (vsz > 32) {
62
@@ -XXX,XX +XXX,XX @@ static void do_ldro(DisasContext *s, int zt, int pg, TCGv_i64 addr, int dtype)
63
64
gen_helper_gvec_mem *fn
65
= ldr_fns[s->mte_active[0]][s->be_data == MO_BE][dtype][0];
66
- fn(tcg_env, t_pg, addr, tcg_constant_i32(simd_desc(32, 32, zt)));
67
+ desc = make_svemte_desc(s, 32, 1, dtype_msz(dtype), false, zt);
68
+ fn(tcg_env, t_pg, addr, tcg_constant_i32(desc));
69
70
/*
71
* Replicate that first octaword.
52
--
72
--
53
2.20.1
73
2.34.1
54
55
diff view generated by jsdifflib
[PULL 03/37] hw/dma/xlnx_csu_dma: Always expect 'dma' link property to be set
[PULL 07/35] target/arm: Fix SVE/SME gross MTE suppression checks
1
From: Philippe Mathieu-Daudé <philmd@redhat.com>
1
From: Richard Henderson <richard.henderson@linaro.org>
2
2
3
Simplify by always passing a MemoryRegion property to the device.
3
The TBI and TCMA bits are located within mtedesc, not desc.
4
Doing so we can move the AddressSpace field to the device struct,
5
removing need for heap allocation.
6
4
7
Update the Xilinx ZynqMP SoC model to pass the default system
5
Cc: qemu-stable@nongnu.org
8
memory instead of a NULL value.
9
10
Suggested-by: Peter Maydell <peter.maydell@linaro.org>
11
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
12
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
13
Message-id: 20210819163422.2863447-4-philmd@redhat.com
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Tested-by: Gustavo Romero <gustavo.romero@linaro.org>
9
Message-id: 20240207025210.8837-7-richard.henderson@linaro.org
14
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15
---
11
---
16
include/hw/dma/xlnx_csu_dma.h | 2 +-
12
target/arm/tcg/sme_helper.c | 8 ++++----
17
hw/arm/xlnx-zynqmp.c | 4 ++++
13
target/arm/tcg/sve_helper.c | 12 ++++++------
18
hw/dma/xlnx_csu_dma.c | 21 ++++++++++-----------
14
2 files changed, 10 insertions(+), 10 deletions(-)
19
3 files changed, 15 insertions(+), 12 deletions(-)
20
15
21
diff --git a/include/hw/dma/xlnx_csu_dma.h b/include/hw/dma/xlnx_csu_dma.h
16
diff --git a/target/arm/tcg/sme_helper.c b/target/arm/tcg/sme_helper.c
22
index XXXXXXX..XXXXXXX 100644
17
index XXXXXXX..XXXXXXX 100644
23
--- a/include/hw/dma/xlnx_csu_dma.h
18
--- a/target/arm/tcg/sme_helper.c
24
+++ b/include/hw/dma/xlnx_csu_dma.h
19
+++ b/target/arm/tcg/sme_helper.c
25
@@ -XXX,XX +XXX,XX @@ typedef struct XlnxCSUDMA {
20
@@ -XXX,XX +XXX,XX @@ void sme_ld1_mte(CPUARMState *env, void *za, uint64_t *vg,
26
MemoryRegion iomem;
21
desc = extract32(desc, 0, SIMD_DATA_SHIFT + SVE_MTEDESC_SHIFT);
27
MemTxAttrs attr;
22
28
MemoryRegion *dma_mr;
23
/* Perform gross MTE suppression early. */
29
- AddressSpace *dma_as;
24
- if (!tbi_check(desc, bit55) ||
30
+ AddressSpace dma_as;
25
- tcma_check(desc, bit55, allocation_tag_from_addr(addr))) {
31
qemu_irq irq;
26
+ if (!tbi_check(mtedesc, bit55) ||
32
StreamSink *tx_dev; /* Used as generic StreamSink */
27
+ tcma_check(mtedesc, bit55, allocation_tag_from_addr(addr))) {
33
ptimer_state *src_timer;
28
mtedesc = 0;
34
diff --git a/hw/arm/xlnx-zynqmp.c b/hw/arm/xlnx-zynqmp.c
29
}
30
31
@@ -XXX,XX +XXX,XX @@ void sme_st1_mte(CPUARMState *env, void *za, uint64_t *vg, target_ulong addr,
32
desc = extract32(desc, 0, SIMD_DATA_SHIFT + SVE_MTEDESC_SHIFT);
33
34
/* Perform gross MTE suppression early. */
35
- if (!tbi_check(desc, bit55) ||
36
- tcma_check(desc, bit55, allocation_tag_from_addr(addr))) {
37
+ if (!tbi_check(mtedesc, bit55) ||
38
+ tcma_check(mtedesc, bit55, allocation_tag_from_addr(addr))) {
39
mtedesc = 0;
40
}
41
42
diff --git a/target/arm/tcg/sve_helper.c b/target/arm/tcg/sve_helper.c
35
index XXXXXXX..XXXXXXX 100644
43
index XXXXXXX..XXXXXXX 100644
36
--- a/hw/arm/xlnx-zynqmp.c
44
--- a/target/arm/tcg/sve_helper.c
37
+++ b/hw/arm/xlnx-zynqmp.c
45
+++ b/target/arm/tcg/sve_helper.c
38
@@ -XXX,XX +XXX,XX @@ static void xlnx_zynqmp_realize(DeviceState *dev, Error **errp)
46
@@ -XXX,XX +XXX,XX @@ void sve_ldN_r_mte(CPUARMState *env, uint64_t *vg, target_ulong addr,
39
gic_spi[adma_ch_intr[i]]);
47
desc = extract32(desc, 0, SIMD_DATA_SHIFT + SVE_MTEDESC_SHIFT);
48
49
/* Perform gross MTE suppression early. */
50
- if (!tbi_check(desc, bit55) ||
51
- tcma_check(desc, bit55, allocation_tag_from_addr(addr))) {
52
+ if (!tbi_check(mtedesc, bit55) ||
53
+ tcma_check(mtedesc, bit55, allocation_tag_from_addr(addr))) {
54
mtedesc = 0;
40
}
55
}
41
56
42
+ if (!object_property_set_link(OBJECT(&s->qspi_dma), "dma",
57
@@ -XXX,XX +XXX,XX @@ void sve_ldnfff1_r_mte(CPUARMState *env, void *vg, target_ulong addr,
43
+ OBJECT(system_memory), errp)) {
58
desc = extract32(desc, 0, SIMD_DATA_SHIFT + SVE_MTEDESC_SHIFT);
44
+ return;
59
45
+ }
60
/* Perform gross MTE suppression early. */
46
if (!sysbus_realize(SYS_BUS_DEVICE(&s->qspi_dma), errp)) {
61
- if (!tbi_check(desc, bit55) ||
47
return;
62
- tcma_check(desc, bit55, allocation_tag_from_addr(addr))) {
63
+ if (!tbi_check(mtedesc, bit55) ||
64
+ tcma_check(mtedesc, bit55, allocation_tag_from_addr(addr))) {
65
mtedesc = 0;
48
}
66
}
49
diff --git a/hw/dma/xlnx_csu_dma.c b/hw/dma/xlnx_csu_dma.c
67
50
index XXXXXXX..XXXXXXX 100644
68
@@ -XXX,XX +XXX,XX @@ void sve_stN_r_mte(CPUARMState *env, uint64_t *vg, target_ulong addr,
51
--- a/hw/dma/xlnx_csu_dma.c
69
desc = extract32(desc, 0, SIMD_DATA_SHIFT + SVE_MTEDESC_SHIFT);
52
+++ b/hw/dma/xlnx_csu_dma.c
70
53
@@ -XXX,XX +XXX,XX @@ static uint32_t xlnx_csu_dma_read(XlnxCSUDMA *s, uint8_t *buf, uint32_t len)
71
/* Perform gross MTE suppression early. */
54
for (i = 0; i < len && (result == MEMTX_OK); i += s->width) {
72
- if (!tbi_check(desc, bit55) ||
55
uint32_t mlen = MIN(len - i, s->width);
73
- tcma_check(desc, bit55, allocation_tag_from_addr(addr))) {
56
74
+ if (!tbi_check(mtedesc, bit55) ||
57
- result = address_space_rw(s->dma_as, addr, s->attr,
75
+ tcma_check(mtedesc, bit55, allocation_tag_from_addr(addr))) {
58
+ result = address_space_rw(&s->dma_as, addr, s->attr,
76
mtedesc = 0;
59
buf + i, mlen, false);
60
}
61
} else {
62
- result = address_space_rw(s->dma_as, addr, s->attr, buf, len, false);
63
+ result = address_space_rw(&s->dma_as, addr, s->attr, buf, len, false);
64
}
77
}
65
78
66
if (result == MEMTX_OK) {
67
@@ -XXX,XX +XXX,XX @@ static uint32_t xlnx_csu_dma_write(XlnxCSUDMA *s, uint8_t *buf, uint32_t len)
68
for (i = 0; i < len && (result == MEMTX_OK); i += s->width) {
69
uint32_t mlen = MIN(len - i, s->width);
70
71
- result = address_space_rw(s->dma_as, addr, s->attr,
72
+ result = address_space_rw(&s->dma_as, addr, s->attr,
73
buf, mlen, true);
74
buf += mlen;
75
}
76
} else {
77
- result = address_space_rw(s->dma_as, addr, s->attr, buf, len, true);
78
+ result = address_space_rw(&s->dma_as, addr, s->attr, buf, len, true);
79
}
80
81
if (result != MEMTX_OK) {
82
@@ -XXX,XX +XXX,XX @@ static void xlnx_csu_dma_realize(DeviceState *dev, Error **errp)
83
return;
84
}
85
86
+ if (!s->dma_mr) {
87
+ error_setg(errp, TYPE_XLNX_CSU_DMA " 'dma' link not set");
88
+ return;
89
+ }
90
+ address_space_init(&s->dma_as, s->dma_mr, "csu-dma");
91
+
92
reg_array =
93
register_init_block32(dev, xlnx_csu_dma_regs_info[!!s->is_dst],
94
XLNX_CSU_DMA_R_MAX,
95
@@ -XXX,XX +XXX,XX @@ static void xlnx_csu_dma_realize(DeviceState *dev, Error **errp)
96
s->src_timer = ptimer_init(xlnx_csu_dma_src_timeout_hit,
97
s, PTIMER_POLICY_DEFAULT);
98
99
- if (s->dma_mr) {
100
- s->dma_as = g_malloc0(sizeof(AddressSpace));
101
- address_space_init(s->dma_as, s->dma_mr, NULL);
102
- } else {
103
- s->dma_as = &address_space_memory;
104
- }
105
-
106
s->attr = MEMTXATTRS_UNSPECIFIED;
107
108
s->r_size_last_word = 0;
109
--
79
--
110
2.20.1
80
2.34.1
111
112
diff view generated by jsdifflib
[PULL 27/37] gdbstub: Zero-initialize sockaddr structs
[PULL 08/35] hw/pci-host/raven.c: Mark raven_io_ops as implementing unaligned accesses
1
Zero-initialize sockaddr_in and sockaddr_un structs that we're about
1
The raven_io_ops MemoryRegionOps is the only one in the source tree
2
to fill in and pass to bind() or connect(), to ensure we don't leave
2
which sets .valid.unaligned to indicate that it should support
3
possible implementation-defined extension fields as uninitialized
3
unaligned accesses and which does not also set .impl.unaligned to
4
garbage.
4
indicate that its read and write functions can do the unaligned
5
handling themselves. This is a problem, because at the moment the
6
core memory system does not implement the support for handling
7
unaligned accesses by doing a series of aligned accesses and
8
combining them (system/memory.c:access_with_adjusted_size() has a
9
TODO comment noting this).
5
10
11
Fortunately raven_io_read() and raven_io_write() will correctly deal
12
with the case of being passed an unaligned address, so we can fix the
13
missing unaligned access support by setting .impl.unaligned in the
14
MemoryRegionOps struct.
15
16
Fixes: 9a1839164c9c8f06 ("raven: Implement non-contiguous I/O region")
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
17
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Eric Blake <eblake@redhat.com>
18
Tested-by: Cédric Le Goater <clg@redhat.com>
8
Message-id: 20210813150506.7768-3-peter.maydell@linaro.org
19
Reviewed-by: Cédric Le Goater <clg@redhat.com>
20
Message-id: 20240112134640.1775041-1-peter.maydell@linaro.org
9
---
21
---
10
gdbstub.c | 4 ++--
22
hw/pci-host/raven.c | 1 +
11
1 file changed, 2 insertions(+), 2 deletions(-)
23
1 file changed, 1 insertion(+)
12
24
13
diff --git a/gdbstub.c b/gdbstub.c
25
diff --git a/hw/pci-host/raven.c b/hw/pci-host/raven.c
14
index XXXXXXX..XXXXXXX 100644
26
index XXXXXXX..XXXXXXX 100644
15
--- a/gdbstub.c
27
--- a/hw/pci-host/raven.c
16
+++ b/gdbstub.c
28
+++ b/hw/pci-host/raven.c
17
@@ -XXX,XX +XXX,XX @@ static bool gdb_accept_socket(int gdb_fd)
29
@@ -XXX,XX +XXX,XX @@ static const MemoryRegionOps raven_io_ops = {
18
30
.write = raven_io_write,
19
static int gdbserver_open_socket(const char *path)
31
.endianness = DEVICE_LITTLE_ENDIAN,
20
{
32
.impl.max_access_size = 4,
21
- struct sockaddr_un sockaddr;
33
+ .impl.unaligned = true,
22
+ struct sockaddr_un sockaddr = {};
34
.valid.unaligned = true,
23
int fd, ret;
35
};
24
25
fd = socket(AF_UNIX, SOCK_STREAM, 0);
26
@@ -XXX,XX +XXX,XX @@ static int gdbserver_open_socket(const char *path)
27
28
static bool gdb_accept_tcp(int gdb_fd)
29
{
30
- struct sockaddr_in sockaddr;
31
+ struct sockaddr_in sockaddr = {};
32
socklen_t len;
33
int fd;
34
36
35
--
37
--
36
2.20.1
38
2.34.1
37
39
38
40
diff view generated by jsdifflib
[PULL 30/37] raspi: Use error_fatal for SoC realize errors, not error_abort
[PULL 09/35] hw/block/tc58128: Don't emit deprecation warning under qtest
1
The SoC realize can fail for legitimate reasons, because it propagates
1
Suppress the deprecation warning when we're running under qtest,
2
errors up from CPU realize, which in turn can be provoked by user
2
to avoid "make check" including warning messages in its output.
3
error in setting commandline options. Use error_fatal so we report
4
the error message to the user and exit, rather than asserting
5
via error_abort.
6
3
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
5
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
9
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
6
Message-id: 20240206154151.155620-1-peter.maydell@linaro.org
10
Message-id: 20210816135842.25302-2-peter.maydell@linaro.org
11
---
7
---
12
hw/arm/raspi.c | 2 +-
8
hw/block/tc58128.c | 4 +++-
13
1 file changed, 1 insertion(+), 1 deletion(-)
9
1 file changed, 3 insertions(+), 1 deletion(-)
14
10
15
diff --git a/hw/arm/raspi.c b/hw/arm/raspi.c
11
diff --git a/hw/block/tc58128.c b/hw/block/tc58128.c
16
index XXXXXXX..XXXXXXX 100644
12
index XXXXXXX..XXXXXXX 100644
17
--- a/hw/arm/raspi.c
13
--- a/hw/block/tc58128.c
18
+++ b/hw/arm/raspi.c
14
+++ b/hw/block/tc58128.c
19
@@ -XXX,XX +XXX,XX @@ static void raspi_machine_init(MachineState *machine)
15
@@ -XXX,XX +XXX,XX @@ static sh7750_io_device tc58128 = {
20
object_property_add_const_link(OBJECT(&s->soc), "ram", OBJECT(machine->ram));
16
21
object_property_set_int(OBJECT(&s->soc), "board-rev", board_rev,
17
int tc58128_init(struct SH7750State *s, const char *zone1, const char *zone2)
22
&error_abort);
18
{
23
- qdev_realize(DEVICE(&s->soc), NULL, &error_abort);
19
- warn_report_once("The TC58128 flash device is deprecated");
24
+ qdev_realize(DEVICE(&s->soc), NULL, &error_fatal);
20
+ if (!qtest_enabled()) {
25
21
+ warn_report_once("The TC58128 flash device is deprecated");
26
/* Create and plug in the SD cards */
22
+ }
27
di = drive_get_next(IF_SD);
23
init_dev(&tc58128_devs[0], zone1);
24
init_dev(&tc58128_devs[1], zone2);
25
return sh7750_register_io_device(s, &tc58128);
28
--
26
--
29
2.20.1
27
2.34.1
30
28
31
29
diff view generated by jsdifflib
[PULL 29/37] tests/tcg/multiarch/linux-test: Zero-initialize sockaddr structs
[PULL 10/35] tests/qtest/meson.build: Don't include qtests_npcm7xx in qtests_aarch64
1
Zero-initialize sockaddr_in and sockaddr_un structs that we're about
1
We deliberately don't include qtests_npcm7xx in qtests_aarch64,
2
to fill in and pass to bind() or connect(), to ensure we don't leave
2
because we already get the coverage of those tests via qtests_arm,
3
possible implementation-defined extension fields as uninitialized
3
and we don't want to use extra CI minutes testing them twice.
4
garbage.
5
4
5
In commit 327b680877b79c4b we added it to qtests_aarch64; revert
6
that change.
7
8
Fixes: 327b680877b79c4b ("tests/qtest: Creating qtest for GMAC Module")
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Eric Blake <eblake@redhat.com>
10
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
8
Message-id: 20210813150506.7768-5-peter.maydell@linaro.org
11
Message-id: 20240206163043.315535-1-peter.maydell@linaro.org
9
---
12
---
10
tests/tcg/multiarch/linux-test.c | 4 ++--
13
tests/qtest/meson.build | 1 -
11
1 file changed, 2 insertions(+), 2 deletions(-)
14
1 file changed, 1 deletion(-)
12
15
13
diff --git a/tests/tcg/multiarch/linux-test.c b/tests/tcg/multiarch/linux-test.c
16
diff --git a/tests/qtest/meson.build b/tests/qtest/meson.build
14
index XXXXXXX..XXXXXXX 100644
17
index XXXXXXX..XXXXXXX 100644
15
--- a/tests/tcg/multiarch/linux-test.c
18
--- a/tests/qtest/meson.build
16
+++ b/tests/tcg/multiarch/linux-test.c
19
+++ b/tests/qtest/meson.build
17
@@ -XXX,XX +XXX,XX @@ static void test_time(void)
20
@@ -XXX,XX +XXX,XX @@ qtests_aarch64 = \
18
static int server_socket(void)
21
(config_all_devices.has_key('CONFIG_RASPI') ? ['bcm2835-dma-test'] : []) + \
19
{
22
(config_all_accel.has_key('CONFIG_TCG') and \
20
int val, fd;
23
config_all_devices.has_key('CONFIG_TPM_TIS_I2C') ? ['tpm-tis-i2c-test'] : []) + \
21
- struct sockaddr_in sockaddr;
24
- (config_all_devices.has_key('CONFIG_NPCM7XX') ? qtests_npcm7xx : []) + \
22
+ struct sockaddr_in sockaddr = {};
25
['arm-cpu-features',
23
26
'numa-test',
24
/* server socket */
27
'boot-serial-test',
25
fd = chk_error(socket(PF_INET, SOCK_STREAM, 0));
26
@@ -XXX,XX +XXX,XX @@ static int server_socket(void)
27
static int client_socket(uint16_t port)
28
{
29
int fd;
30
- struct sockaddr_in sockaddr;
31
+ struct sockaddr_in sockaddr = {};
32
33
/* server socket */
34
fd = chk_error(socket(PF_INET, SOCK_STREAM, 0));
35
--
28
--
36
2.20.1
29
2.34.1
37
30
38
31
diff view generated by jsdifflib
[PULL 28/37] tests/qtest/ipmi-bt-test: Zero-initialize sockaddr struct
[PULL 11/35] tests/qtest/bios-tables-test: Allow changes to virt GTDT
1
Zero-initialize the sockaddr_in struct that we're about to fill in
1
Allow changes to the virt GTDT -- we are going to add the IRQ
2
and pass to bind(), to ensure we don't leave possible
2
entry for a new timer to it.
3
implementation-defined extension fields as uninitialized garbage.
4
3
5
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
6
Reviewed-by: Eric Blake <eblake@redhat.com>
5
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
7
Reviewed-by: Corey Minyard <cminyard@mvista.com>
6
Message-id: 20240122143537.233498-2-peter.maydell@linaro.org
8
Acked-by: Thomas Huth <thuth@redhat.com>
9
Message-id: 20210813150506.7768-4-peter.maydell@linaro.org
10
---
7
---
11
tests/qtest/ipmi-bt-test.c | 2 +-
8
tests/qtest/bios-tables-test-allowed-diff.h | 2 ++
12
1 file changed, 1 insertion(+), 1 deletion(-)
9
1 file changed, 2 insertions(+)
13
10
14
diff --git a/tests/qtest/ipmi-bt-test.c b/tests/qtest/ipmi-bt-test.c
11
diff --git a/tests/qtest/bios-tables-test-allowed-diff.h b/tests/qtest/bios-tables-test-allowed-diff.h
15
index XXXXXXX..XXXXXXX 100644
12
index XXXXXXX..XXXXXXX 100644
16
--- a/tests/qtest/ipmi-bt-test.c
13
--- a/tests/qtest/bios-tables-test-allowed-diff.h
17
+++ b/tests/qtest/ipmi-bt-test.c
14
+++ b/tests/qtest/bios-tables-test-allowed-diff.h
18
@@ -XXX,XX +XXX,XX @@ static void test_enable_irq(void)
15
@@ -1 +1,3 @@
19
*/
16
/* List of comma-separated changed AML files to ignore */
20
static void open_socket(void)
17
+"tests/data/acpi/virt/FACP",
21
{
18
+"tests/data/acpi/virt/GTDT",
22
- struct sockaddr_in myaddr;
23
+ struct sockaddr_in myaddr = {};
24
socklen_t addrlen;
25
26
myaddr.sin_family = AF_INET;
27
--
19
--
28
2.20.1
20
2.34.1
29
30
diff view generated by jsdifflib
[PULL 32/37] hw/arm/virt: Delete EL3 error checksnow provided in CPU realize
[PULL 12/35] hw/arm/virt: Wire up non-secure EL2 virtual timer IRQ
1
Now that the CPU realize function will fail cleanly if we ask for EL3
1
Armv8.1+ CPUs have the Virtual Host Extension (VHE) which adds a
2
when KVM is enabled, we don't need to check for errors explicitly in
2
non-secure EL2 virtual timer. We implemented the timer itself in the
3
the virt board code. The reported message is slightly different;
3
CPU model, but never wired up its IRQ line to the GIC.
4
it is now:
4
5
qemu-system-aarch64: Cannot enable KVM when guest CPU has EL3 enabled
5
Wire up the IRQ line (this is always safe whether the CPU has the
6
instead of:
6
interrupt or not, since it always creates the outbound IRQ line).
7
qemu-system-aarch64: mach-virt: KVM does not support Security extensions
7
Report it to the guest via dtb and ACPI if the CPU has the feature.
8
8
9
We don't delete the MTE check because there the logic is more
9
The DTB binding is documented in the kernel's
10
complex; deleting the check would work but makes the error message
10
Documentation/devicetree/bindings/timer/arm\,arch_timer.yaml
11
less helpful, as it would read:
11
and the ACPI table entries are documented in the ACPI specification
12
qemu-system-aarch64: MTE requested, but not supported by the guest CPU
12
version 6.3 or later.
13
instead of:
13
14
qemu-system-aarch64: mach-virt: KVM does not support providing MTE to the guest CPU
14
Because the IRQ line ACPI binding is new in 6.3, we need to bump the
15
FADT table rev to show that we might be using 6.3 features.
16
17
Note that exposing this IRQ in the DTB will trigger a bug in EDK2
18
versions prior to edk2-stable202311, for users who use the virt board
19
with 'virtualization=on' to enable EL2 emulation and are booting an
20
EDK2 guest BIOS, if that EDK2 has assertions enabled. The effect is
21
that EDK2 will assert on bootup:
22
23
ASSERT [ArmTimerDxe] /home/kraxel/projects/qemu/roms/edk2/ArmVirtPkg/Library/ArmVirtTimerFdtClientLib/ArmVirtTimerFdtClientLib.c(72): PropSize == 36 || PropSize == 48
24
25
If you see that assertion you should do one of:
26
* update your EDK2 binaries to edk2-stable202311 or newer
27
* use the 'virt-8.2' versioned machine type
28
* not use 'virtualization=on'
29
30
(The versions shipped with QEMU itself have the fix.)
15
31
16
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
32
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
17
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
33
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
18
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
34
Message-id: 20240122143537.233498-3-peter.maydell@linaro.org
19
Message-id: 20210816135842.25302-4-peter.maydell@linaro.org
20
---
35
---
21
hw/arm/virt.c | 5 -----
36
include/hw/arm/virt.h | 2 ++
22
1 file changed, 5 deletions(-)
37
hw/arm/virt-acpi-build.c | 20 ++++++++++----
23
38
hw/arm/virt.c | 60 ++++++++++++++++++++++++++++++++++------
39
3 files changed, 67 insertions(+), 15 deletions(-)
40
41
diff --git a/include/hw/arm/virt.h b/include/hw/arm/virt.h
42
index XXXXXXX..XXXXXXX 100644
43
--- a/include/hw/arm/virt.h
44
+++ b/include/hw/arm/virt.h
45
@@ -XXX,XX +XXX,XX @@ struct VirtMachineClass {
46
/* Machines < 6.2 have no support for describing cpu topology to guest */
47
bool no_cpu_topology;
48
bool no_tcg_lpa2;
49
+ bool no_ns_el2_virt_timer_irq;
50
};
51
52
struct VirtMachineState {
53
@@ -XXX,XX +XXX,XX @@ struct VirtMachineState {
54
PCIBus *bus;
55
char *oem_id;
56
char *oem_table_id;
57
+ bool ns_el2_virt_timer_irq;
58
};
59
60
#define VIRT_ECAM_ID(high) (high ? VIRT_HIGH_PCIE_ECAM : VIRT_PCIE_ECAM)
61
diff --git a/hw/arm/virt-acpi-build.c b/hw/arm/virt-acpi-build.c
62
index XXXXXXX..XXXXXXX 100644
63
--- a/hw/arm/virt-acpi-build.c
64
+++ b/hw/arm/virt-acpi-build.c
65
@@ -XXX,XX +XXX,XX @@ build_srat(GArray *table_data, BIOSLinker *linker, VirtMachineState *vms)
66
}
67
68
/*
69
- * ACPI spec, Revision 5.1
70
- * 5.2.24 Generic Timer Description Table (GTDT)
71
+ * ACPI spec, Revision 6.5
72
+ * 5.2.25 Generic Timer Description Table (GTDT)
73
*/
74
static void
75
build_gtdt(GArray *table_data, BIOSLinker *linker, VirtMachineState *vms)
76
@@ -XXX,XX +XXX,XX @@ build_gtdt(GArray *table_data, BIOSLinker *linker, VirtMachineState *vms)
77
uint32_t irqflags = vmc->claim_edge_triggered_timers ?
78
1 : /* Interrupt is Edge triggered */
79
0; /* Interrupt is Level triggered */
80
- AcpiTable table = { .sig = "GTDT", .rev = 2, .oem_id = vms->oem_id,
81
+ AcpiTable table = { .sig = "GTDT", .rev = 3, .oem_id = vms->oem_id,
82
.oem_table_id = vms->oem_table_id };
83
84
acpi_table_begin(&table, table_data);
85
@@ -XXX,XX +XXX,XX @@ build_gtdt(GArray *table_data, BIOSLinker *linker, VirtMachineState *vms)
86
build_append_int_noprefix(table_data, 0, 4);
87
/* Platform Timer Offset */
88
build_append_int_noprefix(table_data, 0, 4);
89
-
90
+ if (vms->ns_el2_virt_timer_irq) {
91
+ /* Virtual EL2 Timer GSIV */
92
+ build_append_int_noprefix(table_data, ARCH_TIMER_NS_EL2_VIRT_IRQ, 4);
93
+ /* Virtual EL2 Timer Flags */
94
+ build_append_int_noprefix(table_data, irqflags, 4);
95
+ } else {
96
+ build_append_int_noprefix(table_data, 0, 4);
97
+ build_append_int_noprefix(table_data, 0, 4);
98
+ }
99
acpi_table_end(linker, &table);
100
}
101
102
@@ -XXX,XX +XXX,XX @@ build_madt(GArray *table_data, BIOSLinker *linker, VirtMachineState *vms)
103
static void build_fadt_rev6(GArray *table_data, BIOSLinker *linker,
104
VirtMachineState *vms, unsigned dsdt_tbl_offset)
105
{
106
- /* ACPI v6.0 */
107
+ /* ACPI v6.3 */
108
AcpiFadtData fadt = {
109
.rev = 6,
110
- .minor_ver = 0,
111
+ .minor_ver = 3,
112
.flags = 1 << ACPI_FADT_F_HW_REDUCED_ACPI,
113
.xdsdt_tbl_offset = &dsdt_tbl_offset,
114
};
24
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
115
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
25
index XXXXXXX..XXXXXXX 100644
116
index XXXXXXX..XXXXXXX 100644
26
--- a/hw/arm/virt.c
117
--- a/hw/arm/virt.c
27
+++ b/hw/arm/virt.c
118
+++ b/hw/arm/virt.c
119
@@ -XXX,XX +XXX,XX @@ static void create_randomness(MachineState *ms, const char *node)
120
qemu_fdt_setprop(ms->fdt, node, "rng-seed", seed.rng, sizeof(seed.rng));
121
}
122
123
+/*
124
+ * The CPU object always exposes the NS EL2 virt timer IRQ line,
125
+ * but we don't want to advertise it to the guest in the dtb or ACPI
126
+ * table unless it's really going to do something.
127
+ */
128
+static bool ns_el2_virt_timer_present(void)
129
+{
130
+ ARMCPU *cpu = ARM_CPU(qemu_get_cpu(0));
131
+ CPUARMState *env = &cpu->env;
132
+
133
+ return arm_feature(env, ARM_FEATURE_AARCH64) &&
134
+ arm_feature(env, ARM_FEATURE_EL2) && cpu_isar_feature(aa64_vh, cpu);
135
+}
136
+
137
static void create_fdt(VirtMachineState *vms)
138
{
139
MachineState *ms = MACHINE(vms);
140
@@ -XXX,XX +XXX,XX @@ static void fdt_add_timer_nodes(const VirtMachineState *vms)
141
"arm,armv7-timer");
142
}
143
qemu_fdt_setprop(ms->fdt, "/timer", "always-on", NULL, 0);
144
- qemu_fdt_setprop_cells(ms->fdt, "/timer", "interrupts",
145
- GIC_FDT_IRQ_TYPE_PPI,
146
- INTID_TO_PPI(ARCH_TIMER_S_EL1_IRQ), irqflags,
147
- GIC_FDT_IRQ_TYPE_PPI,
148
- INTID_TO_PPI(ARCH_TIMER_NS_EL1_IRQ), irqflags,
149
- GIC_FDT_IRQ_TYPE_PPI,
150
- INTID_TO_PPI(ARCH_TIMER_VIRT_IRQ), irqflags,
151
- GIC_FDT_IRQ_TYPE_PPI,
152
- INTID_TO_PPI(ARCH_TIMER_NS_EL2_IRQ), irqflags);
153
+ if (vms->ns_el2_virt_timer_irq) {
154
+ qemu_fdt_setprop_cells(ms->fdt, "/timer", "interrupts",
155
+ GIC_FDT_IRQ_TYPE_PPI,
156
+ INTID_TO_PPI(ARCH_TIMER_S_EL1_IRQ), irqflags,
157
+ GIC_FDT_IRQ_TYPE_PPI,
158
+ INTID_TO_PPI(ARCH_TIMER_NS_EL1_IRQ), irqflags,
159
+ GIC_FDT_IRQ_TYPE_PPI,
160
+ INTID_TO_PPI(ARCH_TIMER_VIRT_IRQ), irqflags,
161
+ GIC_FDT_IRQ_TYPE_PPI,
162
+ INTID_TO_PPI(ARCH_TIMER_NS_EL2_IRQ), irqflags,
163
+ GIC_FDT_IRQ_TYPE_PPI,
164
+ INTID_TO_PPI(ARCH_TIMER_NS_EL2_VIRT_IRQ), irqflags);
165
+ } else {
166
+ qemu_fdt_setprop_cells(ms->fdt, "/timer", "interrupts",
167
+ GIC_FDT_IRQ_TYPE_PPI,
168
+ INTID_TO_PPI(ARCH_TIMER_S_EL1_IRQ), irqflags,
169
+ GIC_FDT_IRQ_TYPE_PPI,
170
+ INTID_TO_PPI(ARCH_TIMER_NS_EL1_IRQ), irqflags,
171
+ GIC_FDT_IRQ_TYPE_PPI,
172
+ INTID_TO_PPI(ARCH_TIMER_VIRT_IRQ), irqflags,
173
+ GIC_FDT_IRQ_TYPE_PPI,
174
+ INTID_TO_PPI(ARCH_TIMER_NS_EL2_IRQ), irqflags);
175
+ }
176
}
177
178
static void fdt_add_cpu_nodes(const VirtMachineState *vms)
179
@@ -XXX,XX +XXX,XX @@ static void create_gic(VirtMachineState *vms, MemoryRegion *mem)
180
[GTIMER_VIRT] = ARCH_TIMER_VIRT_IRQ,
181
[GTIMER_HYP] = ARCH_TIMER_NS_EL2_IRQ,
182
[GTIMER_SEC] = ARCH_TIMER_S_EL1_IRQ,
183
+ [GTIMER_HYPVIRT] = ARCH_TIMER_NS_EL2_VIRT_IRQ,
184
};
185
186
for (unsigned irq = 0; irq < ARRAY_SIZE(timer_irq); irq++) {
28
@@ -XXX,XX +XXX,XX @@ static void machvirt_init(MachineState *machine)
187
@@ -XXX,XX +XXX,XX @@ static void machvirt_init(MachineState *machine)
188
qdev_realize(DEVICE(cpuobj), NULL, &error_fatal);
189
object_unref(cpuobj);
29
}
190
}
30
191
+
31
if (vms->secure) {
192
+ /* Now we've created the CPUs we can see if they have the hypvirt timer */
32
- if (kvm_enabled()) {
193
+ vms->ns_el2_virt_timer_irq = ns_el2_virt_timer_present() &&
33
- error_report("mach-virt: KVM does not support Security extensions");
194
+ !vmc->no_ns_el2_virt_timer_irq;
34
- exit(1);
195
+
35
- }
196
fdt_add_timer_nodes(vms);
36
-
197
fdt_add_cpu_nodes(vms);
37
/*
198
38
* The Secure view of the world is the same as the NonSecure,
199
@@ -XXX,XX +XXX,XX @@ DEFINE_VIRT_MACHINE_AS_LATEST(9, 0)
39
* but with a few extra devices. Create it as a container region
200
201
static void virt_machine_8_2_options(MachineClass *mc)
202
{
203
+ VirtMachineClass *vmc = VIRT_MACHINE_CLASS(OBJECT_CLASS(mc));
204
+
205
virt_machine_9_0_options(mc);
206
compat_props_add(mc->compat_props, hw_compat_8_2, hw_compat_8_2_len);
207
+ /*
208
+ * Don't expose NS_EL2_VIRT timer IRQ in DTB on ACPI on 8.2 and
209
+ * earlier machines. (Exposing it tickles a bug in older EDK2
210
+ * guest BIOS binaries.)
211
+ */
212
+ vmc->no_ns_el2_virt_timer_irq = true;
213
}
214
DEFINE_VIRT_MACHINE(8, 2)
215
40
--
216
--
41
2.20.1
217
2.34.1
42
43
diff view generated by jsdifflib
[PULL 20/37] arch_init.h: Move QEMU_ARCH_VIRTIO_* to qdev-monitor.c
[PULL 13/35] tests/qtest/bios-tables-tests: Update virt golden reference
1
The QEMU_ARCH_VIRTIO_* defines are used only in one file,
1
Update the virt golden reference files to say that the FACP is ACPI
2
qdev-monitor.c. Move them to that file.
2
v6.3, and the GTDT table is a revision 3 table with space for the
3
virtual EL2 timer.
4
5
Diffs from iasl:
6
7
@@ -XXX,XX +XXX,XX @@
8
/*
9
* Intel ACPI Component Architecture
10
* AML/ASL+ Disassembler version 20200925 (64-bit version)
11
* Copyright (c) 2000 - 2020 Intel Corporation
12
*
13
- * Disassembly of tests/data/acpi/virt/FACP, Mon Jan 22 13:48:40 2024
14
+ * Disassembly of /tmp/aml-W8RZH2, Mon Jan 22 13:48:40 2024
15
*
16
* ACPI Data Table [FACP]
17
*
18
* Format: [HexOffset DecimalOffset ByteLength] FieldName : FieldValue
19
*/
20
21
[000h 0000 4] Signature : "FACP" [Fixed ACPI Description Table (FADT)]
22
[004h 0004 4] Table Length : 00000114
23
[008h 0008 1] Revision : 06
24
-[009h 0009 1] Checksum : 15
25
+[009h 0009 1] Checksum : 12
26
[00Ah 0010 6] Oem ID : "BOCHS "
27
[010h 0016 8] Oem Table ID : "BXPC "
28
[018h 0024 4] Oem Revision : 00000001
29
[01Ch 0028 4] Asl Compiler ID : "BXPC"
30
[020h 0032 4] Asl Compiler Revision : 00000001
31
32
[024h 0036 4] FACS Address : 00000000
33
[028h 0040 4] DSDT Address : 00000000
34
[02Ch 0044 1] Model : 00
35
[02Dh 0045 1] PM Profile : 00 [Unspecified]
36
[02Eh 0046 2] SCI Interrupt : 0000
37
[030h 0048 4] SMI Command Port : 00000000
38
[034h 0052 1] ACPI Enable Value : 00
39
[035h 0053 1] ACPI Disable Value : 00
40
[036h 0054 1] S4BIOS Command : 00
41
[037h 0055 1] P-State Control : 00
42
@@ -XXX,XX +XXX,XX @@
43
Use APIC Physical Destination Mode (V4) : 0
44
Hardware Reduced (V5) : 1
45
Low Power S0 Idle (V5) : 0
46
47
[074h 0116 12] Reset Register : [Generic Address Structure]
48
[074h 0116 1] Space ID : 00 [SystemMemory]
49
[075h 0117 1] Bit Width : 00
50
[076h 0118 1] Bit Offset : 00
51
[077h 0119 1] Encoded Access Width : 00 [Undefined/Legacy]
52
[078h 0120 8] Address : 0000000000000000
53
54
[080h 0128 1] Value to cause reset : 00
55
[081h 0129 2] ARM Flags (decoded below) : 0003
56
PSCI Compliant : 1
57
Must use HVC for PSCI : 1
58
59
-[083h 0131 1] FADT Minor Revision : 00
60
+[083h 0131 1] FADT Minor Revision : 03
61
[084h 0132 8] FACS Address : 0000000000000000
62
[08Ch 0140 8] DSDT Address : 0000000000000000
63
[094h 0148 12] PM1A Event Block : [Generic Address Structure]
64
[094h 0148 1] Space ID : 00 [SystemMemory]
65
[095h 0149 1] Bit Width : 00
66
[096h 0150 1] Bit Offset : 00
67
[097h 0151 1] Encoded Access Width : 00 [Undefined/Legacy]
68
[098h 0152 8] Address : 0000000000000000
69
70
[0A0h 0160 12] PM1B Event Block : [Generic Address Structure]
71
[0A0h 0160 1] Space ID : 00 [SystemMemory]
72
[0A1h 0161 1] Bit Width : 00
73
[0A2h 0162 1] Bit Offset : 00
74
[0A3h 0163 1] Encoded Access Width : 00 [Undefined/Legacy]
75
[0A4h 0164 8] Address : 0000000000000000
76
77
@@ -XXX,XX +XXX,XX @@
78
[0F5h 0245 1] Bit Width : 00
79
[0F6h 0246 1] Bit Offset : 00
80
[0F7h 0247 1] Encoded Access Width : 00 [Undefined/Legacy]
81
[0F8h 0248 8] Address : 0000000000000000
82
83
[100h 0256 12] Sleep Status Register : [Generic Address Structure]
84
[100h 0256 1] Space ID : 00 [SystemMemory]
85
[101h 0257 1] Bit Width : 00
86
[102h 0258 1] Bit Offset : 00
87
[103h 0259 1] Encoded Access Width : 00 [Undefined/Legacy]
88
[104h 0260 8] Address : 0000000000000000
89
90
[10Ch 0268 8] Hypervisor ID : 00000000554D4551
91
92
Raw Table Data: Length 276 (0x114)
93
94
- 0000: 46 41 43 50 14 01 00 00 06 15 42 4F 43 48 53 20 // FACP......BOCHS
95
+ 0000: 46 41 43 50 14 01 00 00 06 12 42 4F 43 48 53 20 // FACP......BOCHS
96
0010: 42 58 50 43 20 20 20 20 01 00 00 00 42 58 50 43 // BXPC ....BXPC
97
0020: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 // ................
98
0030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 // ................
99
0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 // ................
100
0050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 // ................
101
0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 // ................
102
0070: 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 // ................
103
- 0080: 00 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 // ................
104
+ 0080: 00 03 00 03 00 00 00 00 00 00 00 00 00 00 00 00 // ................
105
0090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 // ................
106
00A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 // ................
107
00B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 // ................
108
00C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 // ................
109
00D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 // ................
110
00E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 // ................
111
00F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 // ................
112
0100: 00 00 00 00 00 00 00 00 00 00 00 00 51 45 4D 55 // ............QEMU
113
0110: 00 00 00 00 // ....
114
115
@@ -XXX,XX +XXX,XX @@
116
/*
117
* Intel ACPI Component Architecture
118
* AML/ASL+ Disassembler version 20200925 (64-bit version)
119
* Copyright (c) 2000 - 2020 Intel Corporation
120
*
121
- * Disassembly of tests/data/acpi/virt/GTDT, Mon Jan 22 13:48:40 2024
122
+ * Disassembly of /tmp/aml-XDSZH2, Mon Jan 22 13:48:40 2024
123
*
124
* ACPI Data Table [GTDT]
125
*
126
* Format: [HexOffset DecimalOffset ByteLength] FieldName : FieldValue
127
*/
128
129
[000h 0000 4] Signature : "GTDT" [Generic Timer Description Table]
130
-[004h 0004 4] Table Length : 00000060
131
-[008h 0008 1] Revision : 02
132
-[009h 0009 1] Checksum : 9C
133
+[004h 0004 4] Table Length : 00000068
134
+[008h 0008 1] Revision : 03
135
+[009h 0009 1] Checksum : 93
136
[00Ah 0010 6] Oem ID : "BOCHS "
137
[010h 0016 8] Oem Table ID : "BXPC "
138
[018h 0024 4] Oem Revision : 00000001
139
[01Ch 0028 4] Asl Compiler ID : "BXPC"
140
[020h 0032 4] Asl Compiler Revision : 00000001
141
142
[024h 0036 8] Counter Block Address : FFFFFFFFFFFFFFFF
143
[02Ch 0044 4] Reserved : 00000000
144
145
[030h 0048 4] Secure EL1 Interrupt : 0000001D
146
[034h 0052 4] EL1 Flags (decoded below) : 00000000
147
Trigger Mode : 0
148
Polarity : 0
149
Always On : 0
150
151
[038h 0056 4] Non-Secure EL1 Interrupt : 0000001E
152
@@ -XXX,XX +XXX,XX @@
153
154
[040h 0064 4] Virtual Timer Interrupt : 0000001B
155
[044h 0068 4] VT Flags (decoded below) : 00000000
156
Trigger Mode : 0
157
Polarity : 0
158
Always On : 0
159
160
[048h 0072 4] Non-Secure EL2 Interrupt : 0000001A
161
[04Ch 0076 4] NEL2 Flags (decoded below) : 00000000
162
Trigger Mode : 0
163
Polarity : 0
164
Always On : 0
165
[050h 0080 8] Counter Read Block Address : FFFFFFFFFFFFFFFF
166
167
[058h 0088 4] Platform Timer Count : 00000000
168
[05Ch 0092 4] Platform Timer Offset : 00000000
169
+[060h 0096 4] Virtual EL2 Timer GSIV : 00000000
170
+[064h 0100 4] Virtual EL2 Timer Flags : 00000000
171
172
-Raw Table Data: Length 96 (0x60)
173
+Raw Table Data: Length 104 (0x68)
174
175
- 0000: 47 54 44 54 60 00 00 00 02 9C 42 4F 43 48 53 20 // GTDT`.....BOCHS
176
+ 0000: 47 54 44 54 68 00 00 00 03 93 42 4F 43 48 53 20 // GTDTh.....BOCHS
177
0010: 42 58 50 43 20 20 20 20 01 00 00 00 42 58 50 43 // BXPC ....BXPC
178
0020: 01 00 00 00 FF FF FF FF FF FF FF FF 00 00 00 00 // ................
179
0030: 1D 00 00 00 00 00 00 00 1E 00 00 00 04 00 00 00 // ................
180
0040: 1B 00 00 00 00 00 00 00 1A 00 00 00 00 00 00 00 // ................
181
0050: FF FF FF FF FF FF FF FF 00 00 00 00 00 00 00 00 // ................
182
+ 0060: 00 00 00 00 00 00 00 00 // ........
3
183
4
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
184
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
185
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
6
Reviewed-by: Markus Armbruster <armbru@redhat.com>
186
Message-id: 20240122143537.233498-4-peter.maydell@linaro.org
7
Message-id: 20210730105947.28215-7-peter.maydell@linaro.org
8
---
187
---
9
include/sysemu/arch_init.h | 9 ---------
188
tests/qtest/bios-tables-test-allowed-diff.h | 2 --
10
softmmu/qdev-monitor.c | 9 +++++++++
189
tests/data/acpi/virt/FACP | Bin 276 -> 276 bytes
11
2 files changed, 9 insertions(+), 9 deletions(-)
190
tests/data/acpi/virt/GTDT | Bin 96 -> 104 bytes
12
191
3 files changed, 2 deletions(-)
13
diff --git a/include/sysemu/arch_init.h b/include/sysemu/arch_init.h
192
193
diff --git a/tests/qtest/bios-tables-test-allowed-diff.h b/tests/qtest/bios-tables-test-allowed-diff.h
14
index XXXXXXX..XXXXXXX 100644
194
index XXXXXXX..XXXXXXX 100644
15
--- a/include/sysemu/arch_init.h
195
--- a/tests/qtest/bios-tables-test-allowed-diff.h
16
+++ b/include/sysemu/arch_init.h
196
+++ b/tests/qtest/bios-tables-test-allowed-diff.h
17
@@ -XXX,XX +XXX,XX @@ enum {
197
@@ -1,3 +1 @@
18
198
/* List of comma-separated changed AML files to ignore */
19
extern const uint32_t arch_type;
199
-"tests/data/acpi/virt/FACP",
20
200
-"tests/data/acpi/virt/GTDT",
21
-/* default virtio transport per architecture */
201
diff --git a/tests/data/acpi/virt/FACP b/tests/data/acpi/virt/FACP
22
-#define QEMU_ARCH_VIRTIO_PCI (QEMU_ARCH_ALPHA | QEMU_ARCH_ARM | \
23
- QEMU_ARCH_HPPA | QEMU_ARCH_I386 | \
24
- QEMU_ARCH_MIPS | QEMU_ARCH_PPC | \
25
- QEMU_ARCH_RISCV | QEMU_ARCH_SH4 | \
26
- QEMU_ARCH_SPARC | QEMU_ARCH_XTENSA)
27
-#define QEMU_ARCH_VIRTIO_CCW (QEMU_ARCH_S390X)
28
-#define QEMU_ARCH_VIRTIO_MMIO (QEMU_ARCH_M68K)
29
-
30
#endif
31
diff --git a/softmmu/qdev-monitor.c b/softmmu/qdev-monitor.c
32
index XXXXXXX..XXXXXXX 100644
202
index XXXXXXX..XXXXXXX 100644
33
--- a/softmmu/qdev-monitor.c
203
GIT binary patch
34
+++ b/softmmu/qdev-monitor.c
204
delta 25
35
@@ -XXX,XX +XXX,XX @@ typedef struct QDevAlias
205
gcmbQjG=+)F&CxkPgpq-PO=u!l<;2F$$vli407<0<)c^nh
36
uint32_t arch_mask;
206
37
} QDevAlias;
207
delta 28
38
208
kcmbQjG=+)F&CxkPgpq-PO>`nx<-|!<6Akz$^DuG%0AAS!ssI20
39
+/* default virtio transport per architecture */
209
40
+#define QEMU_ARCH_VIRTIO_PCI (QEMU_ARCH_ALPHA | QEMU_ARCH_ARM | \
210
diff --git a/tests/data/acpi/virt/GTDT b/tests/data/acpi/virt/GTDT
41
+ QEMU_ARCH_HPPA | QEMU_ARCH_I386 | \
211
index XXXXXXX..XXXXXXX 100644
42
+ QEMU_ARCH_MIPS | QEMU_ARCH_PPC | \
212
GIT binary patch
43
+ QEMU_ARCH_RISCV | QEMU_ARCH_SH4 | \
213
delta 25
44
+ QEMU_ARCH_SPARC | QEMU_ARCH_XTENSA)
214
bcmYeu;BpUf3CUn!U|^m+kt>V?$N&QXMtB4L
45
+#define QEMU_ARCH_VIRTIO_CCW (QEMU_ARCH_S390X)
215
46
+#define QEMU_ARCH_VIRTIO_MMIO (QEMU_ARCH_M68K)
216
delta 16
47
+
217
Xcmc~u;BpUf2}xjJU|^avkt+-UB60)u
48
/* Please keep this table sorted by typename. */
218
49
static const QDevAlias qdev_alias_table[] = {
50
{ "AC97", "ac97" }, /* -soundhw name */
51
--
219
--
52
2.20.1
220
2.34.1
53
54
diff view generated by jsdifflib
[PULL 19/37] arch_init.h: Add QEMU_ARCH_HEXAGON
[PULL 14/35] hw/arm/npcm7xx: Call qemu_configure_nic_device() for GMAC modules
1
When Hexagon was added we forgot to add it to the QEMU_ARCH_*
1
The patchset adding the GMAC ethernet to this SoC crossed in the
2
enumeration. This doesn't cause a visible effect because at the
2
mail with the patchset cleaning up the NIC handling. When we
3
moment Hexagon is linux-user only and the QEMU_ARCH_* constants are
3
create the GMAC modules we must call qemu_configure_nic_device()
4
only used in softmmu, but we might as well add it in, since it's the
4
so that the user has the opportunity to use the -nic commandline
5
only architecture currently missing from the list.
5
option to create a network backend and connect it to the GMACs.
6
6
7
Add the missing call.
8
9
Fixes: 21e5326a7c ("hw/arm: Add GMAC devices to NPCM7XX SoC")
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
11
Reviewed-by: David Woodhouse <dwmw@amazon.co.uk>
9
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
12
Message-id: 20240206171231.396392-2-peter.maydell@linaro.org
10
Reviewed-by: Taylor Simpson <tsimpson@quicinc.com>
11
Message-id: 20210730105947.28215-6-peter.maydell@linaro.org
12
---
13
---
13
include/sysemu/arch_init.h | 1 +
14
hw/arm/npcm7xx.c | 1 +
14
1 file changed, 1 insertion(+)
15
1 file changed, 1 insertion(+)
15
16
16
diff --git a/include/sysemu/arch_init.h b/include/sysemu/arch_init.h
17
diff --git a/hw/arm/npcm7xx.c b/hw/arm/npcm7xx.c
17
index XXXXXXX..XXXXXXX 100644
18
index XXXXXXX..XXXXXXX 100644
18
--- a/include/sysemu/arch_init.h
19
--- a/hw/arm/npcm7xx.c
19
+++ b/include/sysemu/arch_init.h
20
+++ b/hw/arm/npcm7xx.c
20
@@ -XXX,XX +XXX,XX @@ enum {
21
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_realize(DeviceState *dev, Error **errp)
21
QEMU_ARCH_RISCV = (1 << 19),
22
for (i = 0; i < ARRAY_SIZE(s->gmac); i++) {
22
QEMU_ARCH_RX = (1 << 20),
23
SysBusDevice *sbd = SYS_BUS_DEVICE(&s->gmac[i]);
23
QEMU_ARCH_AVR = (1 << 21),
24
24
+ QEMU_ARCH_HEXAGON = (1 << 22),
25
+ qemu_configure_nic_device(DEVICE(sbd), false, NULL);
25
26
/*
26
QEMU_ARCH_NONE = (1 << 31),
27
* The device exists regardless of whether it's connected to a QEMU
27
};
28
* netdev backend. So always instantiate it even if there is no
28
--
29
--
29
2.20.1
30
2.34.1
30
31
diff view generated by jsdifflib
[PULL 18/37] meson.build: Define QEMU_ARCH in config-target.h
[PULL 15/35] tests/qtest/npcm7xx_emc-test: Connect all NICs to a backend
1
Instead of using an ifdef ladder in arch_init.c (which we then have
1
Currently QEMU will warn if there is a NIC on the board that
2
to manually update every time we add or remove a target
2
is not connected to a backend. By default the '-nic user' will
3
architecture), have meson.build put "#define QEMU_ARCH QEMU_ARCH_FOO"
3
get used for all NICs, but if you manually connect a specific
4
in the config-target.h file.
4
NIC to a specific backend, then the other NICs on the board
5
have no backend and will be warned about:
6
7
qemu-system-arm: warning: nic npcm7xx-emc.1 has no peer
8
qemu-system-arm: warning: nic npcm-gmac.0 has no peer
9
qemu-system-arm: warning: nic npcm-gmac.1 has no peer
10
11
So suppress those warnings by manually connecting every NIC
12
on the board to some backend.
5
13
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
14
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
15
Reviewed-by: David Woodhouse <dwmw@amazon.co.uk>
8
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
16
Reviewed-by: Thomas Huth <thuth@redhat.com>
9
Message-id: 20210730105947.28215-5-peter.maydell@linaro.org
17
Message-id: 20240206171231.396392-3-peter.maydell@linaro.org
10
---
18
---
11
meson.build | 2 ++
19
tests/qtest/npcm7xx_emc-test.c | 5 ++++-
12
softmmu/arch_init.c | 41 -----------------------------------------
20
1 file changed, 4 insertions(+), 1 deletion(-)
13
2 files changed, 2 insertions(+), 41 deletions(-)
14
21
15
diff --git a/meson.build b/meson.build
22
diff --git a/tests/qtest/npcm7xx_emc-test.c b/tests/qtest/npcm7xx_emc-test.c
16
index XXXXXXX..XXXXXXX 100644
23
index XXXXXXX..XXXXXXX 100644
17
--- a/meson.build
24
--- a/tests/qtest/npcm7xx_emc-test.c
18
+++ b/meson.build
25
+++ b/tests/qtest/npcm7xx_emc-test.c
19
@@ -XXX,XX +XXX,XX @@ foreach target : target_dirs
26
@@ -XXX,XX +XXX,XX @@ static int *packet_test_init(int module_num, GString *cmd_line)
20
config_target_data.set(k, v)
27
* KISS and use -nic. The driver accepts 'emc0' and 'emc1' as aliases
21
endif
28
* in the 'model' field to specify the device to match.
22
endforeach
29
*/
23
+ config_target_data.set('QEMU_ARCH',
30
- g_string_append_printf(cmd_line, " -nic socket,fd=%d,model=emc%d ",
24
+ 'QEMU_ARCH_' + config_target['TARGET_BASE_ARCH'].to_upper())
31
+ g_string_append_printf(cmd_line, " -nic socket,fd=%d,model=emc%d "
25
config_target_h += {target: configure_file(output: target + '-config-target.h',
32
+ "-nic user,model=npcm7xx-emc "
26
configuration: config_target_data)}
33
+ "-nic user,model=npcm-gmac "
27
34
+ "-nic user,model=npcm-gmac",
28
diff --git a/softmmu/arch_init.c b/softmmu/arch_init.c
35
test_sockets[1], module_num);
29
index XXXXXXX..XXXXXXX 100644
36
30
--- a/softmmu/arch_init.c
37
g_test_queue_destroy(packet_test_clear, test_sockets);
31
+++ b/softmmu/arch_init.c
32
@@ -XXX,XX +XXX,XX @@ int graphic_height = 600;
33
int graphic_depth = 32;
34
#endif
35
36
-
37
-#if defined(TARGET_ALPHA)
38
-#define QEMU_ARCH QEMU_ARCH_ALPHA
39
-#elif defined(TARGET_ARM)
40
-#define QEMU_ARCH QEMU_ARCH_ARM
41
-#elif defined(TARGET_CRIS)
42
-#define QEMU_ARCH QEMU_ARCH_CRIS
43
-#elif defined(TARGET_HPPA)
44
-#define QEMU_ARCH QEMU_ARCH_HPPA
45
-#elif defined(TARGET_I386)
46
-#define QEMU_ARCH QEMU_ARCH_I386
47
-#elif defined(TARGET_M68K)
48
-#define QEMU_ARCH QEMU_ARCH_M68K
49
-#elif defined(TARGET_MICROBLAZE)
50
-#define QEMU_ARCH QEMU_ARCH_MICROBLAZE
51
-#elif defined(TARGET_MIPS)
52
-#define QEMU_ARCH QEMU_ARCH_MIPS
53
-#elif defined(TARGET_NIOS2)
54
-#define QEMU_ARCH QEMU_ARCH_NIOS2
55
-#elif defined(TARGET_OPENRISC)
56
-#define QEMU_ARCH QEMU_ARCH_OPENRISC
57
-#elif defined(TARGET_PPC)
58
-#define QEMU_ARCH QEMU_ARCH_PPC
59
-#elif defined(TARGET_RISCV)
60
-#define QEMU_ARCH QEMU_ARCH_RISCV
61
-#elif defined(TARGET_RX)
62
-#define QEMU_ARCH QEMU_ARCH_RX
63
-#elif defined(TARGET_S390X)
64
-#define QEMU_ARCH QEMU_ARCH_S390X
65
-#elif defined(TARGET_SH4)
66
-#define QEMU_ARCH QEMU_ARCH_SH4
67
-#elif defined(TARGET_SPARC)
68
-#define QEMU_ARCH QEMU_ARCH_SPARC
69
-#elif defined(TARGET_TRICORE)
70
-#define QEMU_ARCH QEMU_ARCH_TRICORE
71
-#elif defined(TARGET_XTENSA)
72
-#define QEMU_ARCH QEMU_ARCH_XTENSA
73
-#elif defined(TARGET_AVR)
74
-#define QEMU_ARCH QEMU_ARCH_AVR
75
-#endif
76
-
77
const uint32_t arch_type = QEMU_ARCH;
78
--
38
--
79
2.20.1
39
2.34.1
80
81
diff view generated by jsdifflib
[PULL 35/37] target/arm: Do hflags rebuild in cpsr_write()
[PULL 16/35] target/arm: Don't get MDCR_EL2 in pmu_counter_enabled() before checking ARM_FEATURE_PMU
1
Currently we rely on all the callsites of cpsr_write() to rebuild the
1
It doesn't make sense to read the value of MDCR_EL2 on a non-A-profile
2
cached hflags if they change one of the CPSR bits which we use as a
2
CPU, and in fact if you try to do it we will assert:
3
TB flag and cache in hflags. This is a bit awkward when we want to
4
change the set of CPSR bits that we cache, because it means we need
5
to re-audit all the cpsr_write() callsites to see which flags they
6
are writing and whether they now need to rebuild the hflags.
7
3
8
Switch instead to making cpsr_write() call arm_rebuild_hflags()
4
#6 0x00007ffff4b95e96 in __GI___assert_fail
9
itself if one of the bits being changed is a cached bit.
5
(assertion=0x5555565a8c70 "!arm_feature(env, ARM_FEATURE_M)", file=0x5555565a6e5c "../../target/arm/helper.c", line=12600, function=0x5555565a9560 <__PRETTY_FUNCTION__.0> "arm_security_space_below_el3") at ./assert/assert.c:101
6
#7 0x0000555555ebf412 in arm_security_space_below_el3 (env=0x555557bc8190) at ../../target/arm/helper.c:12600
7
#8 0x0000555555ea6f89 in arm_is_el2_enabled (env=0x555557bc8190) at ../../target/arm/cpu.h:2595
8
#9 0x0000555555ea942f in arm_mdcr_el2_eff (env=0x555557bc8190) at ../../target/arm/internals.h:1512
10
9
11
We don't do the rebuild for the CPSRWriteRaw write type, because that
10
We might call pmu_counter_enabled() on an M-profile CPU (for example
12
kind of write is generally doing something special anyway. For the
11
from the migration pre/post hooks in machine.c); this should always
13
CPSRWriteRaw callsites in the KVM code and inbound migration we
12
return false because these CPUs don't set ARM_FEATURE_PMU.
14
definitely don't want to recalculate the hflags; the callsites in
15
boot.c and arm-powerctl.c have to do a rebuild-hflags call themselves
16
anyway because of other CPU state changes they make.
17
13
18
This allows us to drop explicit arm_rebuild_hflags() calls in a
14
Avoid the assertion by not calling arm_mdcr_el2_eff() before we
19
couple of places where the only reason we needed to call it was the
15
have done the early return for "PMU not present".
20
CPSR write.
21
16
22
This fixes a bug where we were incorrectly failing to rebuild hflags
17
This fixes an assertion failure if you try to do a loadvm or
23
in the code path for a gdbstub write to CPSR, which meant that you
18
savevm for an M-profile board.
24
could make QEMU assert by breaking into a running guest, altering the
25
CPSR to change the value of, for example, CPSR.E, and then
26
continuing.
27
19
20
Cc: qemu-stable@nongnu.org
21
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2155
28
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
22
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
23
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
29
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
24
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
30
Message-id: 20210817201843.3829-1-peter.maydell@linaro.org
25
Message-id: 20240208153346.970021-1-peter.maydell@linaro.org
31
---
26
---
32
target/arm/cpu.h | 10 ++++++++--
27
target/arm/helper.c | 12 ++++++++++--
33
linux-user/arm/signal.c | 2 --
28
1 file changed, 10 insertions(+), 2 deletions(-)
34
target/arm/helper.c | 5 +++++
35
3 files changed, 13 insertions(+), 4 deletions(-)
36
29
37
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
38
index XXXXXXX..XXXXXXX 100644
39
--- a/target/arm/cpu.h
40
+++ b/target/arm/cpu.h
41
@@ -XXX,XX +XXX,XX @@ uint32_t cpsr_read(CPUARMState *env);
42
typedef enum CPSRWriteType {
43
CPSRWriteByInstr = 0, /* from guest MSR or CPS */
44
CPSRWriteExceptionReturn = 1, /* from guest exception return insn */
45
- CPSRWriteRaw = 2, /* trust values, do not switch reg banks */
46
+ CPSRWriteRaw = 2,
47
+ /* trust values, no reg bank switch, no hflags rebuild */
48
CPSRWriteByGDBStub = 3, /* from the GDB stub */
49
} CPSRWriteType;
50
51
-/* Set the CPSR. Note that some bits of mask must be all-set or all-clear.*/
52
+/*
53
+ * Set the CPSR. Note that some bits of mask must be all-set or all-clear.
54
+ * This will do an arm_rebuild_hflags() if any of the bits in @mask
55
+ * correspond to TB flags bits cached in the hflags, unless @write_type
56
+ * is CPSRWriteRaw.
57
+ */
58
void cpsr_write(CPUARMState *env, uint32_t val, uint32_t mask,
59
CPSRWriteType write_type);
60
61
diff --git a/linux-user/arm/signal.c b/linux-user/arm/signal.c
62
index XXXXXXX..XXXXXXX 100644
63
--- a/linux-user/arm/signal.c
64
+++ b/linux-user/arm/signal.c
65
@@ -XXX,XX +XXX,XX @@ setup_return(CPUARMState *env, struct target_sigaction *ka,
66
env->regs[14] = retcode;
67
env->regs[15] = handler & (thumb ? ~1 : ~3);
68
cpsr_write(env, cpsr, CPSR_IT | CPSR_T | CPSR_E, CPSRWriteByInstr);
69
- arm_rebuild_hflags(env);
70
71
return 0;
72
}
73
@@ -XXX,XX +XXX,XX @@ restore_sigcontext(CPUARMState *env, struct target_sigcontext *sc)
74
__get_user(env->regs[15], &sc->arm_pc);
75
__get_user(cpsr, &sc->arm_cpsr);
76
cpsr_write(env, cpsr, CPSR_USER | CPSR_EXEC, CPSRWriteByInstr);
77
- arm_rebuild_hflags(env);
78
79
err |= !valid_user_regs(env);
80
81
diff --git a/target/arm/helper.c b/target/arm/helper.c
30
diff --git a/target/arm/helper.c b/target/arm/helper.c
82
index XXXXXXX..XXXXXXX 100644
31
index XXXXXXX..XXXXXXX 100644
83
--- a/target/arm/helper.c
32
--- a/target/arm/helper.c
84
+++ b/target/arm/helper.c
33
+++ b/target/arm/helper.c
85
@@ -XXX,XX +XXX,XX @@ void cpsr_write(CPUARMState *env, uint32_t val, uint32_t mask,
34
@@ -XXX,XX +XXX,XX @@ static bool pmu_counter_enabled(CPUARMState *env, uint8_t counter)
86
CPSRWriteType write_type)
35
bool enabled, prohibited = false, filtered;
87
{
36
bool secure = arm_is_secure(env);
88
uint32_t changed_daif;
37
int el = arm_current_el(env);
89
+ bool rebuild_hflags = (write_type != CPSRWriteRaw) &&
38
- uint64_t mdcr_el2 = arm_mdcr_el2_eff(env);
90
+ (mask & (CPSR_M | CPSR_E | CPSR_IL));
39
- uint8_t hpmn = mdcr_el2 & MDCR_HPMN;
91
40
+ uint64_t mdcr_el2;
92
if (mask & CPSR_NZCV) {
41
+ uint8_t hpmn;
93
env->ZF = (~val) & CPSR_Z;
42
94
@@ -XXX,XX +XXX,XX @@ void cpsr_write(CPUARMState *env, uint32_t val, uint32_t mask,
43
+ /*
44
+ * We might be called for M-profile cores where MDCR_EL2 doesn't
45
+ * exist and arm_mdcr_el2_eff() will assert, so this early-exit check
46
+ * must be before we read that value.
47
+ */
48
if (!arm_feature(env, ARM_FEATURE_PMU)) {
49
return false;
95
}
50
}
96
mask &= ~CACHED_CPSR_BITS;
51
97
env->uncached_cpsr = (env->uncached_cpsr & ~mask) | (val & mask);
52
+ mdcr_el2 = arm_mdcr_el2_eff(env);
98
+ if (rebuild_hflags) {
53
+ hpmn = mdcr_el2 & MDCR_HPMN;
99
+ arm_rebuild_hflags(env);
54
+
100
+ }
55
if (!arm_feature(env, ARM_FEATURE_EL2) ||
101
}
56
(counter < hpmn || counter == 31)) {
102
57
e = env->cp15.c9_pmcr & PMCRE;
103
/* Sign/zero extend */
104
--
58
--
105
2.20.1
59
2.34.1
106
60
107
61
diff view generated by jsdifflib
[PULL 01/37] hw/arm/xlnx-zynqmp: Realize qspi controller *after* qspi_dma
[PULL 17/35] tests/qtest: Fix GMAC test to run on a machine in upstream QEMU
1
From: Philippe Mathieu-Daudé <philmd@redhat.com>
1
From: Nabih Estefan <nabihestefan@google.com>
2
2
3
If we link QOM object (a) as a property of QOM object (b),
3
Fix the nocm_gmac-test.c file to run on a nuvoton 7xx machine instead
4
we must set the property *before* (b) is realized.
4
of 8xx. Also fix comments referencing this and values expecting 8xx.
5
5
6
Move QSPI realization *after* QSPI DMA.
6
Change-Id: Iabd0fba14910c3f1e883c4a9521350f3db9ffab8
7
7
Signed-Off-By: Nabih Estefan <nabihestefan@google.com>
8
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
8
Reviewed-by: Tyrone Ting <kfting@nuvoton.com>
9
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
9
Message-id: 20240208194759.2858582-2-nabihestefan@google.com
10
Message-id: 20210819163422.2863447-2-philmd@redhat.com
10
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
11
[PMM: commit message tweaks]
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
---
13
---
13
hw/arm/xlnx-zynqmp.c | 42 ++++++++++++++++++++----------------------
14
tests/qtest/npcm_gmac-test.c | 84 +-----------------------------------
14
1 file changed, 20 insertions(+), 22 deletions(-)
15
tests/qtest/meson.build | 3 +-
16
2 files changed, 4 insertions(+), 83 deletions(-)
15
17
16
diff --git a/hw/arm/xlnx-zynqmp.c b/hw/arm/xlnx-zynqmp.c
18
diff --git a/tests/qtest/npcm_gmac-test.c b/tests/qtest/npcm_gmac-test.c
17
index XXXXXXX..XXXXXXX 100644
19
index XXXXXXX..XXXXXXX 100644
18
--- a/hw/arm/xlnx-zynqmp.c
20
--- a/tests/qtest/npcm_gmac-test.c
19
+++ b/hw/arm/xlnx-zynqmp.c
21
+++ b/tests/qtest/npcm_gmac-test.c
20
@@ -XXX,XX +XXX,XX @@ static void xlnx_zynqmp_realize(DeviceState *dev, Error **errp)
22
@@ -XXX,XX +XXX,XX @@ typedef struct TestData {
21
g_free(bus_name);
23
const GMACModule *module;
22
}
24
} TestData;
23
25
24
- if (!sysbus_realize(SYS_BUS_DEVICE(&s->qspi), errp)) {
26
-/* Values extracted from hw/arm/npcm8xx.c */
25
- return;
27
+/* Values extracted from hw/arm/npcm7xx.c */
28
static const GMACModule gmac_module_list[] = {
29
{
30
.irq = 14,
31
@@ -XXX,XX +XXX,XX @@ static const GMACModule gmac_module_list[] = {
32
.irq = 15,
33
.base_addr = 0xf0804000
34
},
35
- {
36
- .irq = 16,
37
- .base_addr = 0xf0806000
38
- },
39
- {
40
- .irq = 17,
41
- .base_addr = 0xf0808000
26
- }
42
- }
27
- sysbus_mmio_map(SYS_BUS_DEVICE(&s->qspi), 0, QSPI_ADDR);
43
};
28
- sysbus_mmio_map(SYS_BUS_DEVICE(&s->qspi), 1, LQSPI_ADDR);
44
29
- sysbus_connect_irq(SYS_BUS_DEVICE(&s->qspi), 0, gic_spi[QSPI_IRQ]);
45
/* Returns the index of the GMAC module. */
46
@@ -XXX,XX +XXX,XX @@ static uint32_t gmac_read(QTestState *qts, const GMACModule *mod,
47
return qtest_readl(qts, mod->base_addr + regno);
48
}
49
50
-static uint16_t pcs_read(QTestState *qts, const GMACModule *mod,
51
- NPCMRegister regno)
52
-{
53
- uint32_t write_value = (regno & 0x3ffe00) >> 9;
54
- qtest_writel(qts, PCS_BASE_ADDRESS + NPCM_PCS_IND_AC_BA, write_value);
55
- uint32_t read_offset = regno & 0x1ff;
56
- return qtest_readl(qts, PCS_BASE_ADDRESS + read_offset);
57
-}
30
-
58
-
31
- for (i = 0; i < XLNX_ZYNQMP_NUM_QSPI_BUS; i++) {
59
/* Check that GMAC registers are reset to default value */
32
- gchar *bus_name;
60
static void test_init(gconstpointer test_data)
33
- gchar *target_bus;
61
{
62
const TestData *td = test_data;
63
const GMACModule *mod = td->module;
64
- QTestState *qts = qtest_init("-machine npcm845-evb");
65
+ QTestState *qts = qtest_init("-machine npcm750-evb");
66
67
#define CHECK_REG32(regno, value) \
68
do { \
69
g_assert_cmphex(gmac_read(qts, mod, (regno)), ==, (value)); \
70
} while (0)
71
72
-#define CHECK_REG_PCS(regno, value) \
73
- do { \
74
- g_assert_cmphex(pcs_read(qts, mod, (regno)), ==, (value)); \
75
- } while (0)
34
-
76
-
35
- /* Alias controller SPI bus to the SoC itself */
77
CHECK_REG32(NPCM_DMA_BUS_MODE, 0x00020100);
36
- bus_name = g_strdup_printf("qspi%d", i);
78
CHECK_REG32(NPCM_DMA_XMT_POLL_DEMAND, 0);
37
- target_bus = g_strdup_printf("spi%d", i);
79
CHECK_REG32(NPCM_DMA_RCV_POLL_DEMAND, 0);
38
- object_property_add_alias(OBJECT(s), bus_name,
80
@@ -XXX,XX +XXX,XX @@ static void test_init(gconstpointer test_data)
39
- OBJECT(&s->qspi), target_bus);
81
CHECK_REG32(NPCM_GMAC_PTP_TAR, 0);
40
- g_free(bus_name);
82
CHECK_REG32(NPCM_GMAC_PTP_TTSR, 0);
41
- g_free(target_bus);
83
84
- /* TODO Add registers PCS */
85
- if (mod->base_addr == 0xf0802000) {
86
- CHECK_REG_PCS(NPCM_PCS_SR_CTL_ID1, 0x699e);
87
- CHECK_REG_PCS(NPCM_PCS_SR_CTL_ID2, 0);
88
- CHECK_REG_PCS(NPCM_PCS_SR_CTL_STS, 0x8000);
89
-
90
- CHECK_REG_PCS(NPCM_PCS_SR_MII_CTRL, 0x1140);
91
- CHECK_REG_PCS(NPCM_PCS_SR_MII_STS, 0x0109);
92
- CHECK_REG_PCS(NPCM_PCS_SR_MII_DEV_ID1, 0x699e);
93
- CHECK_REG_PCS(NPCM_PCS_SR_MII_DEV_ID2, 0x0ced0);
94
- CHECK_REG_PCS(NPCM_PCS_SR_MII_AN_ADV, 0x0020);
95
- CHECK_REG_PCS(NPCM_PCS_SR_MII_LP_BABL, 0);
96
- CHECK_REG_PCS(NPCM_PCS_SR_MII_AN_EXPN, 0);
97
- CHECK_REG_PCS(NPCM_PCS_SR_MII_EXT_STS, 0xc000);
98
-
99
- CHECK_REG_PCS(NPCM_PCS_SR_TIM_SYNC_ABL, 0x0003);
100
- CHECK_REG_PCS(NPCM_PCS_SR_TIM_SYNC_TX_MAX_DLY_LWR, 0x0038);
101
- CHECK_REG_PCS(NPCM_PCS_SR_TIM_SYNC_TX_MAX_DLY_UPR, 0);
102
- CHECK_REG_PCS(NPCM_PCS_SR_TIM_SYNC_TX_MIN_DLY_LWR, 0x0038);
103
- CHECK_REG_PCS(NPCM_PCS_SR_TIM_SYNC_TX_MIN_DLY_UPR, 0);
104
- CHECK_REG_PCS(NPCM_PCS_SR_TIM_SYNC_RX_MAX_DLY_LWR, 0x0058);
105
- CHECK_REG_PCS(NPCM_PCS_SR_TIM_SYNC_RX_MAX_DLY_UPR, 0);
106
- CHECK_REG_PCS(NPCM_PCS_SR_TIM_SYNC_RX_MIN_DLY_LWR, 0x0048);
107
- CHECK_REG_PCS(NPCM_PCS_SR_TIM_SYNC_RX_MIN_DLY_UPR, 0);
108
-
109
- CHECK_REG_PCS(NPCM_PCS_VR_MII_MMD_DIG_CTRL1, 0x2400);
110
- CHECK_REG_PCS(NPCM_PCS_VR_MII_AN_CTRL, 0);
111
- CHECK_REG_PCS(NPCM_PCS_VR_MII_AN_INTR_STS, 0x000a);
112
- CHECK_REG_PCS(NPCM_PCS_VR_MII_TC, 0);
113
- CHECK_REG_PCS(NPCM_PCS_VR_MII_DBG_CTRL, 0);
114
- CHECK_REG_PCS(NPCM_PCS_VR_MII_EEE_MCTRL0, 0x899c);
115
- CHECK_REG_PCS(NPCM_PCS_VR_MII_EEE_TXTIMER, 0);
116
- CHECK_REG_PCS(NPCM_PCS_VR_MII_EEE_RXTIMER, 0);
117
- CHECK_REG_PCS(NPCM_PCS_VR_MII_LINK_TIMER_CTRL, 0);
118
- CHECK_REG_PCS(NPCM_PCS_VR_MII_EEE_MCTRL1, 0);
119
- CHECK_REG_PCS(NPCM_PCS_VR_MII_DIG_STS, 0x0010);
120
- CHECK_REG_PCS(NPCM_PCS_VR_MII_ICG_ERRCNT1, 0);
121
- CHECK_REG_PCS(NPCM_PCS_VR_MII_MISC_STS, 0);
122
- CHECK_REG_PCS(NPCM_PCS_VR_MII_RX_LSTS, 0);
123
- CHECK_REG_PCS(NPCM_PCS_VR_MII_MP_TX_BSTCTRL0, 0x00a);
124
- CHECK_REG_PCS(NPCM_PCS_VR_MII_MP_TX_LVLCTRL0, 0x007f);
125
- CHECK_REG_PCS(NPCM_PCS_VR_MII_MP_TX_GENCTRL0, 0x0001);
126
- CHECK_REG_PCS(NPCM_PCS_VR_MII_MP_TX_GENCTRL1, 0);
127
- CHECK_REG_PCS(NPCM_PCS_VR_MII_MP_TX_STS, 0);
128
- CHECK_REG_PCS(NPCM_PCS_VR_MII_MP_RX_GENCTRL0, 0x0100);
129
- CHECK_REG_PCS(NPCM_PCS_VR_MII_MP_RX_GENCTRL1, 0x1100);
130
- CHECK_REG_PCS(NPCM_PCS_VR_MII_MP_RX_LOS_CTRL0, 0x000e);
131
- CHECK_REG_PCS(NPCM_PCS_VR_MII_MP_MPLL_CTRL0, 0x0100);
132
- CHECK_REG_PCS(NPCM_PCS_VR_MII_MP_MPLL_CTRL1, 0x0032);
133
- CHECK_REG_PCS(NPCM_PCS_VR_MII_MP_MPLL_STS, 0x0001);
134
- CHECK_REG_PCS(NPCM_PCS_VR_MII_MP_MISC_CTRL2, 0);
135
- CHECK_REG_PCS(NPCM_PCS_VR_MII_MP_LVL_CTRL, 0x0019);
136
- CHECK_REG_PCS(NPCM_PCS_VR_MII_MP_MISC_CTRL0, 0);
137
- CHECK_REG_PCS(NPCM_PCS_VR_MII_MP_MISC_CTRL1, 0);
138
- CHECK_REG_PCS(NPCM_PCS_VR_MII_DIG_CTRL2, 0);
139
- CHECK_REG_PCS(NPCM_PCS_VR_MII_DIG_ERRCNT_SEL, 0);
42
- }
140
- }
43
-
141
-
44
if (!sysbus_realize(SYS_BUS_DEVICE(&s->dp), errp)) {
142
qtest_quit(qts);
45
return;
46
}
47
@@ -XXX,XX +XXX,XX @@ static void xlnx_zynqmp_realize(DeviceState *dev, Error **errp)
48
49
sysbus_mmio_map(SYS_BUS_DEVICE(&s->qspi_dma), 0, QSPI_DMA_ADDR);
50
sysbus_connect_irq(SYS_BUS_DEVICE(&s->qspi_dma), 0, gic_spi[QSPI_IRQ]);
51
- object_property_set_link(OBJECT(&s->qspi), "stream-connected-dma",
52
- OBJECT(&s->qspi_dma), errp);
53
+
54
+ if (!object_property_set_link(OBJECT(&s->qspi), "stream-connected-dma",
55
+ OBJECT(&s->qspi_dma), errp)) {
56
+ return;
57
+ }
58
+ if (!sysbus_realize(SYS_BUS_DEVICE(&s->qspi), errp)) {
59
+ return;
60
+ }
61
+ sysbus_mmio_map(SYS_BUS_DEVICE(&s->qspi), 0, QSPI_ADDR);
62
+ sysbus_mmio_map(SYS_BUS_DEVICE(&s->qspi), 1, LQSPI_ADDR);
63
+ sysbus_connect_irq(SYS_BUS_DEVICE(&s->qspi), 0, gic_spi[QSPI_IRQ]);
64
+
65
+ for (i = 0; i < XLNX_ZYNQMP_NUM_QSPI_BUS; i++) {
66
+ g_autofree gchar *bus_name = g_strdup_printf("qspi%d", i);
67
+ g_autofree gchar *target_bus = g_strdup_printf("spi%d", i);
68
+
69
+ /* Alias controller SPI bus to the SoC itself */
70
+ object_property_add_alias(OBJECT(s), bus_name,
71
+ OBJECT(&s->qspi), target_bus);
72
+ }
73
}
143
}
74
144
75
static Property xlnx_zynqmp_props[] = {
145
diff --git a/tests/qtest/meson.build b/tests/qtest/meson.build
146
index XXXXXXX..XXXXXXX 100644
147
--- a/tests/qtest/meson.build
148
+++ b/tests/qtest/meson.build
149
@@ -XXX,XX +XXX,XX @@ qtests_npcm7xx = \
150
'npcm7xx_sdhci-test',
151
'npcm7xx_smbus-test',
152
'npcm7xx_timer-test',
153
- 'npcm7xx_watchdog_timer-test'] + \
154
+ 'npcm7xx_watchdog_timer-test',
155
+ 'npcm_gmac-test'] + \
156
(slirp.found() ? ['npcm7xx_emc-test'] : [])
157
qtests_aspeed = \
158
['aspeed_hace-test',
76
--
159
--
77
2.20.1
160
2.34.1
78
79
diff view generated by jsdifflib
[PULL 09/37] target/arm/cpu64: Validate sve vector lengths are supported
[PULL 18/35] hw/arm/smmuv3: add support for stage 1 access fault
1
From: Andrew Jones <drjones@redhat.com>
1
From: Luc Michel <luc.michel@amd.com>
2
2
3
Future CPU types may specify which vector lengths are supported.
3
An access fault is raised when the Access Flag is not set in the
4
We can apply nearly the same logic to validate those lengths
4
looked-up PTE and the AFFD field is not set in the corresponding context
5
as we do for KVM's supported vector lengths. We merge the code
5
descriptor. This was already implemented for stage 2. Implement it for
6
where we can, but unfortunately can't completely merge it because
6
stage 1 as well.
7
KVM requires all vector lengths, power-of-two or not, smaller than
8
the maximum enabled length to also be enabled. The architecture
9
only requires all the power-of-two lengths, though, so TCG will
10
only enforce that.
11
7
12
Signed-off-by: Andrew Jones <drjones@redhat.com>
8
Signed-off-by: Luc Michel <luc.michel@amd.com>
13
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
9
Reviewed-by: Mostafa Saleh <smostafa@google.com>
14
Message-id: 20210823160647.34028-5-drjones@redhat.com
10
Reviewed-by: Eric Auger <eric.auger@redhat.com>
11
Tested-by: Mostafa Saleh <smostafa@google.com>
12
Message-id: 20240213082211.3330400-1-luc.michel@amd.com
13
[PMM: tweaked comment text]
15
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
14
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
16
---
15
---
17
target/arm/cpu64.c | 101 ++++++++++++++++++++-------------------------
16
hw/arm/smmuv3-internal.h | 1 +
18
1 file changed, 45 insertions(+), 56 deletions(-)
17
include/hw/arm/smmu-common.h | 1 +
18
hw/arm/smmu-common.c | 11 +++++++++++
19
hw/arm/smmuv3.c | 1 +
20
4 files changed, 14 insertions(+)
19
21
20
diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c
22
diff --git a/hw/arm/smmuv3-internal.h b/hw/arm/smmuv3-internal.h
21
index XXXXXXX..XXXXXXX 100644
23
index XXXXXXX..XXXXXXX 100644
22
--- a/target/arm/cpu64.c
24
--- a/hw/arm/smmuv3-internal.h
23
+++ b/target/arm/cpu64.c
25
+++ b/hw/arm/smmuv3-internal.h
24
@@ -XXX,XX +XXX,XX @@ void arm_cpu_sve_finalize(ARMCPU *cpu, Error **errp)
26
@@ -XXX,XX +XXX,XX @@ static inline int pa_range(STE *ste)
25
break;
27
#define CD_EPD(x, sel) extract32((x)->word[0], (16 * (sel)) + 14, 1)
26
}
28
#define CD_ENDI(x) extract32((x)->word[0], 15, 1)
27
}
29
#define CD_IPS(x) extract32((x)->word[1], 0 , 3)
28
- max_vq = vq <= ARM_MAX_VQ ? vq - 1 : ARM_MAX_VQ;
30
+#define CD_AFFD(x) extract32((x)->word[1], 3 , 1)
29
- bitmap_andnot(cpu->sve_vq_map, cpu->sve_vq_supported,
31
#define CD_TBI(x) extract32((x)->word[1], 6 , 2)
30
- cpu->sve_vq_init, max_vq);
32
#define CD_HD(x) extract32((x)->word[1], 10 , 1)
31
- if (max_vq == 0 || bitmap_empty(cpu->sve_vq_map, max_vq)) {
33
#define CD_HA(x) extract32((x)->word[1], 11 , 1)
32
- error_setg(errp, "cannot disable sve%d", vq * 128);
34
diff --git a/include/hw/arm/smmu-common.h b/include/hw/arm/smmu-common.h
33
- error_append_hint(errp, "Disabling sve%d results in all "
35
index XXXXXXX..XXXXXXX 100644
34
- "vector lengths being disabled.\n",
36
--- a/include/hw/arm/smmu-common.h
35
- vq * 128);
37
+++ b/include/hw/arm/smmu-common.h
36
- error_append_hint(errp, "With SVE enabled, at least one "
38
@@ -XXX,XX +XXX,XX @@ typedef struct SMMUTransCfg {
37
- "vector length must be enabled.\n");
39
bool disabled; /* smmu is disabled */
38
- return;
40
bool bypassed; /* translation is bypassed */
39
- }
41
bool aborted; /* translation is aborted */
40
} else {
42
+ bool affd; /* AF fault disable */
41
/* Disabling a power-of-two disables all larger lengths. */
43
uint32_t iotlb_hits; /* counts IOTLB hits */
42
- if (test_bit(0, cpu->sve_vq_init)) {
44
uint32_t iotlb_misses; /* counts IOTLB misses*/
43
- error_setg(errp, "cannot disable sve128");
45
/* Used by stage-1 only. */
44
- error_append_hint(errp, "Disabling sve128 results in all "
46
diff --git a/hw/arm/smmu-common.c b/hw/arm/smmu-common.c
45
- "vector lengths being disabled.\n");
47
index XXXXXXX..XXXXXXX 100644
46
- error_append_hint(errp, "With SVE enabled, at least one "
48
--- a/hw/arm/smmu-common.c
47
- "vector length must be enabled.\n");
49
+++ b/hw/arm/smmu-common.c
48
- return;
50
@@ -XXX,XX +XXX,XX @@ static int smmu_ptw_64_s1(SMMUTransCfg *cfg,
49
- }
51
pte_addr, pte, iova, gpa,
50
- for (vq = 2; vq <= ARM_MAX_VQ; vq <<= 1) {
52
block_size >> 20);
51
+ for (vq = 1; vq <= ARM_MAX_VQ; vq <<= 1) {
53
}
52
if (test_bit(vq - 1, cpu->sve_vq_init)) {
54
+
53
break;
55
+ /*
54
}
56
+ * QEMU does not currently implement HTTU, so if AFFD and PTE.AF
55
}
57
+ * are 0 we take an Access flag fault. (5.4. Context Descriptor)
56
- max_vq = vq <= ARM_MAX_VQ ? vq - 1 : ARM_MAX_VQ;
58
+ * An Access flag fault takes priority over a Permission fault.
57
- bitmap_complement(cpu->sve_vq_map, cpu->sve_vq_init, max_vq);
59
+ */
60
+ if (!PTE_AF(pte) && !cfg->affd) {
61
+ info->type = SMMU_PTW_ERR_ACCESS;
62
+ goto error;
58
+ }
63
+ }
59
+
64
+
60
+ max_vq = vq <= ARM_MAX_VQ ? vq - 1 : ARM_MAX_VQ;
65
ap = PTE_AP(pte);
61
+ bitmap_andnot(cpu->sve_vq_map, cpu->sve_vq_supported,
66
if (is_permission_fault(ap, perm)) {
62
+ cpu->sve_vq_init, max_vq);
67
info->type = SMMU_PTW_ERR_PERMISSION;
63
+ if (max_vq == 0 || bitmap_empty(cpu->sve_vq_map, max_vq)) {
68
diff --git a/hw/arm/smmuv3.c b/hw/arm/smmuv3.c
64
+ error_setg(errp, "cannot disable sve%d", vq * 128);
69
index XXXXXXX..XXXXXXX 100644
65
+ error_append_hint(errp, "Disabling sve%d results in all "
70
--- a/hw/arm/smmuv3.c
66
+ "vector lengths being disabled.\n",
71
+++ b/hw/arm/smmuv3.c
67
+ vq * 128);
72
@@ -XXX,XX +XXX,XX @@ static int decode_cd(SMMUTransCfg *cfg, CD *cd, SMMUEventInfo *event)
68
+ error_append_hint(errp, "With SVE enabled, at least one "
73
cfg->oas = MIN(oas2bits(SMMU_IDR5_OAS), cfg->oas);
69
+ "vector length must be enabled.\n");
74
cfg->tbi = CD_TBI(cd);
70
+ return;
75
cfg->asid = CD_ASID(cd);
71
}
76
+ cfg->affd = CD_AFFD(cd);
72
77
73
max_vq = find_last_bit(cpu->sve_vq_map, max_vq) + 1;
78
trace_smmuv3_decode_cd(cfg->oas);
74
@@ -XXX,XX +XXX,XX @@ void arm_cpu_sve_finalize(ARMCPU *cpu, Error **errp)
79
75
assert(max_vq != 0);
76
bitmap_clear(cpu->sve_vq_map, max_vq, ARM_MAX_VQ - max_vq);
77
78
- if (kvm_enabled()) {
79
- /* Ensure the set of lengths matches what KVM supports. */
80
- bitmap_xor(tmp, cpu->sve_vq_map, cpu->sve_vq_supported, max_vq);
81
- if (!bitmap_empty(tmp, max_vq)) {
82
- vq = find_last_bit(tmp, max_vq) + 1;
83
- if (test_bit(vq - 1, cpu->sve_vq_map)) {
84
- if (cpu->sve_max_vq) {
85
- error_setg(errp, "cannot set sve-max-vq=%d",
86
- cpu->sve_max_vq);
87
- error_append_hint(errp, "This KVM host does not support "
88
- "the vector length %d-bits.\n",
89
- vq * 128);
90
- error_append_hint(errp, "It may not be possible to use "
91
- "sve-max-vq with this KVM host. Try "
92
- "using only sve<N> properties.\n");
93
- } else {
94
- error_setg(errp, "cannot enable sve%d", vq * 128);
95
- error_append_hint(errp, "This KVM host does not support "
96
- "the vector length %d-bits.\n",
97
- vq * 128);
98
- }
99
+ /* Ensure the set of lengths matches what is supported. */
100
+ bitmap_xor(tmp, cpu->sve_vq_map, cpu->sve_vq_supported, max_vq);
101
+ if (!bitmap_empty(tmp, max_vq)) {
102
+ vq = find_last_bit(tmp, max_vq) + 1;
103
+ if (test_bit(vq - 1, cpu->sve_vq_map)) {
104
+ if (cpu->sve_max_vq) {
105
+ error_setg(errp, "cannot set sve-max-vq=%d", cpu->sve_max_vq);
106
+ error_append_hint(errp, "This CPU does not support "
107
+ "the vector length %d-bits.\n", vq * 128);
108
+ error_append_hint(errp, "It may not be possible to use "
109
+ "sve-max-vq with this CPU. Try "
110
+ "using only sve<N> properties.\n");
111
} else {
112
+ error_setg(errp, "cannot enable sve%d", vq * 128);
113
+ error_append_hint(errp, "This CPU does not support "
114
+ "the vector length %d-bits.\n", vq * 128);
115
+ }
116
+ return;
117
+ } else {
118
+ if (kvm_enabled()) {
119
error_setg(errp, "cannot disable sve%d", vq * 128);
120
error_append_hint(errp, "The KVM host requires all "
121
"supported vector lengths smaller "
122
"than %d bits to also be enabled.\n",
123
max_vq * 128);
124
- }
125
- return;
126
- }
127
- } else {
128
- /* Ensure all required powers-of-two are enabled. */
129
- for (vq = pow2floor(max_vq); vq >= 1; vq >>= 1) {
130
- if (!test_bit(vq - 1, cpu->sve_vq_map)) {
131
- error_setg(errp, "cannot disable sve%d", vq * 128);
132
- error_append_hint(errp, "sve%d is required as it "
133
- "is a power-of-two length smaller than "
134
- "the maximum, sve%d\n",
135
- vq * 128, max_vq * 128);
136
return;
137
+ } else {
138
+ /* Ensure all required powers-of-two are enabled. */
139
+ for (vq = pow2floor(max_vq); vq >= 1; vq >>= 1) {
140
+ if (!test_bit(vq - 1, cpu->sve_vq_map)) {
141
+ error_setg(errp, "cannot disable sve%d", vq * 128);
142
+ error_append_hint(errp, "sve%d is required as it "
143
+ "is a power-of-two length smaller "
144
+ "than the maximum, sve%d\n",
145
+ vq * 128, max_vq * 128);
146
+ return;
147
+ }
148
+ }
149
}
150
}
151
}
152
--
80
--
153
2.20.1
81
2.34.1
154
155
diff view generated by jsdifflib
[PULL 02/37] hw/dma/xlnx_csu_dma: Run trivial checks early in realize()
[PULL 19/35] hw/arm/stellaris: Convert ADC controller to Resettable interface
1
From: Philippe Mathieu-Daudé <philmd@redhat.com>
1
From: Philippe Mathieu-Daudé <philmd@linaro.org>
2
2
3
If some property are not set, we'll return indicating a failure,
3
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
4
so it is pointless to allocate / initialize some fields too early.
4
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
5
Move the trivial checks earlier in realize().
5
Message-id: 20240213155214.13619-2-philmd@linaro.org
6
7
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
8
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
9
Message-id: 20210819163422.2863447-3-philmd@redhat.com
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
7
---
12
hw/dma/xlnx_csu_dma.c | 10 +++++-----
8
hw/arm/stellaris.c | 6 ++++--
13
1 file changed, 5 insertions(+), 5 deletions(-)
9
1 file changed, 4 insertions(+), 2 deletions(-)
14
10
15
diff --git a/hw/dma/xlnx_csu_dma.c b/hw/dma/xlnx_csu_dma.c
11
diff --git a/hw/arm/stellaris.c b/hw/arm/stellaris.c
16
index XXXXXXX..XXXXXXX 100644
12
index XXXXXXX..XXXXXXX 100644
17
--- a/hw/dma/xlnx_csu_dma.c
13
--- a/hw/arm/stellaris.c
18
+++ b/hw/dma/xlnx_csu_dma.c
14
+++ b/hw/arm/stellaris.c
19
@@ -XXX,XX +XXX,XX @@ static void xlnx_csu_dma_realize(DeviceState *dev, Error **errp)
15
@@ -XXX,XX +XXX,XX @@ static void stellaris_adc_trigger(void *opaque, int irq, int level)
20
XlnxCSUDMA *s = XLNX_CSU_DMA(dev);
16
}
21
RegisterInfoArray *reg_array;
17
}
22
18
23
+ if (!s->is_dst && !s->tx_dev) {
19
-static void stellaris_adc_reset(StellarisADCState *s)
24
+ error_setg(errp, "zynqmp.csu-dma: Stream not connected");
20
+static void stellaris_adc_reset_hold(Object *obj)
25
+ return;
21
{
26
+ }
22
+ StellarisADCState *s = STELLARIS_ADC(obj);
27
+
23
int n;
28
reg_array =
24
29
register_init_block32(dev, xlnx_csu_dma_regs_info[!!s->is_dst],
25
for (n = 0; n < 4; n++) {
30
XLNX_CSU_DMA_R_MAX,
26
@@ -XXX,XX +XXX,XX @@ static void stellaris_adc_init(Object *obj)
31
@@ -XXX,XX +XXX,XX @@ static void xlnx_csu_dma_realize(DeviceState *dev, Error **errp)
27
memory_region_init_io(&s->iomem, obj, &stellaris_adc_ops, s,
32
sysbus_init_mmio(SYS_BUS_DEVICE(dev), &s->iomem);
28
"adc", 0x1000);
33
sysbus_init_irq(SYS_BUS_DEVICE(dev), &s->irq);
29
sysbus_init_mmio(sbd, &s->iomem);
34
30
- stellaris_adc_reset(s);
35
- if (!s->is_dst && !s->tx_dev) {
31
qdev_init_gpio_in(dev, stellaris_adc_trigger, 1);
36
- error_setg(errp, "zynqmp.csu-dma: Stream not connected");
32
}
37
- return;
33
38
- }
34
@@ -XXX,XX +XXX,XX @@ static const TypeInfo stellaris_i2c_info = {
39
-
35
static void stellaris_adc_class_init(ObjectClass *klass, void *data)
40
s->src_timer = ptimer_init(xlnx_csu_dma_src_timeout_hit,
36
{
41
s, PTIMER_POLICY_DEFAULT);
37
DeviceClass *dc = DEVICE_CLASS(klass);
38
+ ResettableClass *rc = RESETTABLE_CLASS(klass);
39
40
+ rc->phases.hold = stellaris_adc_reset_hold;
41
dc->vmsd = &vmstate_stellaris_adc;
42
}
42
43
43
--
44
--
44
2.20.1
45
2.34.1
45
46
46
47
diff view generated by jsdifflib
[PULL 04/37] hw/dma/xlnx-zdma Always expect 'dma' link property to be set
[PULL 20/35] hw/arm/stellaris: Convert I2C controller to Resettable interface
1
From: Philippe Mathieu-Daudé <philmd@redhat.com>
1
From: Philippe Mathieu-Daudé <philmd@linaro.org>
2
3
Simplify by always passing a MemoryRegion property to the device.
4
Doing so we can move the AddressSpace field to the device struct,
5
removing need for heap allocation.
6
7
Update the Xilinx ZynqMP / Versal SoC models to pass the default
8
system memory instead of a NULL value.
9
2
10
Suggested-by: Peter Maydell <peter.maydell@linaro.org>
3
Suggested-by: Peter Maydell <peter.maydell@linaro.org>
11
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
4
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
5
Message-id: 20240213155214.13619-3-philmd@linaro.org
12
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
13
Message-id: 20210819163422.2863447-5-philmd@redhat.com
14
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15
---
8
---
16
include/hw/dma/xlnx-zdma.h | 2 +-
9
hw/arm/stellaris.c | 26 ++++++++++++++++++++++----
17
hw/arm/xlnx-versal.c | 2 ++
10
1 file changed, 22 insertions(+), 4 deletions(-)
18
hw/arm/xlnx-zynqmp.c | 8 ++++++++
19
hw/dma/xlnx-zdma.c | 24 ++++++++++++------------
20
4 files changed, 23 insertions(+), 13 deletions(-)
21
11
22
diff --git a/include/hw/dma/xlnx-zdma.h b/include/hw/dma/xlnx-zdma.h
12
diff --git a/hw/arm/stellaris.c b/hw/arm/stellaris.c
23
index XXXXXXX..XXXXXXX 100644
13
index XXXXXXX..XXXXXXX 100644
24
--- a/include/hw/dma/xlnx-zdma.h
14
--- a/hw/arm/stellaris.c
25
+++ b/include/hw/dma/xlnx-zdma.h
15
+++ b/hw/arm/stellaris.c
26
@@ -XXX,XX +XXX,XX @@ struct XlnxZDMA {
16
@@ -XXX,XX +XXX,XX @@ static void stellaris_sys_instance_init(Object *obj)
27
MemoryRegion iomem;
17
s->sysclk = qdev_init_clock_out(DEVICE(s), "SYSCLK");
28
MemTxAttrs attr;
29
MemoryRegion *dma_mr;
30
- AddressSpace *dma_as;
31
+ AddressSpace dma_as;
32
qemu_irq irq_zdma_ch_imr;
33
34
struct {
35
diff --git a/hw/arm/xlnx-versal.c b/hw/arm/xlnx-versal.c
36
index XXXXXXX..XXXXXXX 100644
37
--- a/hw/arm/xlnx-versal.c
38
+++ b/hw/arm/xlnx-versal.c
39
@@ -XXX,XX +XXX,XX @@ static void versal_create_admas(Versal *s, qemu_irq *pic)
40
TYPE_XLNX_ZDMA);
41
dev = DEVICE(&s->lpd.iou.adma[i]);
42
object_property_set_int(OBJECT(dev), "bus-width", 128, &error_abort);
43
+ object_property_set_link(OBJECT(dev), "dma",
44
+ OBJECT(get_system_memory()), &error_fatal);
45
sysbus_realize(SYS_BUS_DEVICE(dev), &error_fatal);
46
47
mr = sysbus_mmio_get_region(SYS_BUS_DEVICE(dev), 0);
48
diff --git a/hw/arm/xlnx-zynqmp.c b/hw/arm/xlnx-zynqmp.c
49
index XXXXXXX..XXXXXXX 100644
50
--- a/hw/arm/xlnx-zynqmp.c
51
+++ b/hw/arm/xlnx-zynqmp.c
52
@@ -XXX,XX +XXX,XX @@ static void xlnx_zynqmp_realize(DeviceState *dev, Error **errp)
53
errp)) {
54
return;
55
}
56
+ if (!object_property_set_link(OBJECT(&s->gdma[i]), "dma",
57
+ OBJECT(system_memory), errp)) {
58
+ return;
59
+ }
60
if (!sysbus_realize(SYS_BUS_DEVICE(&s->gdma[i]), errp)) {
61
return;
62
}
63
@@ -XXX,XX +XXX,XX @@ static void xlnx_zynqmp_realize(DeviceState *dev, Error **errp)
64
}
65
66
for (i = 0; i < XLNX_ZYNQMP_NUM_ADMA_CH; i++) {
67
+ if (!object_property_set_link(OBJECT(&s->adma[i]), "dma",
68
+ OBJECT(system_memory), errp)) {
69
+ return;
70
+ }
71
if (!sysbus_realize(SYS_BUS_DEVICE(&s->adma[i]), errp)) {
72
return;
73
}
74
diff --git a/hw/dma/xlnx-zdma.c b/hw/dma/xlnx-zdma.c
75
index XXXXXXX..XXXXXXX 100644
76
--- a/hw/dma/xlnx-zdma.c
77
+++ b/hw/dma/xlnx-zdma.c
78
@@ -XXX,XX +XXX,XX @@ static bool zdma_load_descriptor(XlnxZDMA *s, uint64_t addr,
79
return false;
80
}
81
82
- descr->addr = address_space_ldq_le(s->dma_as, addr, s->attr, NULL);
83
- descr->size = address_space_ldl_le(s->dma_as, addr + 8, s->attr, NULL);
84
- descr->attr = address_space_ldl_le(s->dma_as, addr + 12, s->attr, NULL);
85
+ descr->addr = address_space_ldq_le(&s->dma_as, addr, s->attr, NULL);
86
+ descr->size = address_space_ldl_le(&s->dma_as, addr + 8, s->attr, NULL);
87
+ descr->attr = address_space_ldl_le(&s->dma_as, addr + 12, s->attr, NULL);
88
return true;
89
}
18
}
90
19
91
@@ -XXX,XX +XXX,XX @@ static void zdma_update_descr_addr(XlnxZDMA *s, bool type,
20
-/* I2C controller. */
92
} else {
21
+/*
93
addr = zdma_get_regaddr64(s, basereg);
22
+ * I2C controller.
94
addr += sizeof(s->dsc_dst);
23
+ * ??? For now we only implement the master interface.
95
- next = address_space_ldq_le(s->dma_as, addr, s->attr, NULL);
24
+ */
96
+ next = address_space_ldq_le(&s->dma_as, addr, s->attr, NULL);
25
97
}
26
#define TYPE_STELLARIS_I2C "stellaris-i2c"
98
27
OBJECT_DECLARE_SIMPLE_TYPE(stellaris_i2c_state, STELLARIS_I2C)
99
zdma_put_regaddr64(s, basereg, next);
28
@@ -XXX,XX +XXX,XX @@ static void stellaris_i2c_write(void *opaque, hwaddr offset,
100
@@ -XXX,XX +XXX,XX @@ static void zdma_write_dst(XlnxZDMA *s, uint8_t *buf, uint32_t len)
29
stellaris_i2c_update(s);
101
}
30
}
102
}
31
103
32
-static void stellaris_i2c_reset(stellaris_i2c_state *s)
104
- address_space_write(s->dma_as, s->dsc_dst.addr, s->attr, buf, dlen);
33
+static void stellaris_i2c_reset_enter(Object *obj, ResetType type)
105
+ address_space_write(&s->dma_as, s->dsc_dst.addr, s->attr, buf, dlen);
34
{
106
if (burst_type == AXI_BURST_INCR) {
35
+ stellaris_i2c_state *s = STELLARIS_I2C(obj);
107
s->dsc_dst.addr += dlen;
108
}
109
@@ -XXX,XX +XXX,XX @@ static void zdma_process_descr(XlnxZDMA *s)
110
len = s->cfg.bus_width / 8;
111
}
112
} else {
113
- address_space_read(s->dma_as, src_addr, s->attr, s->buf, len);
114
+ address_space_read(&s->dma_as, src_addr, s->attr, s->buf, len);
115
if (burst_type == AXI_BURST_INCR) {
116
src_addr += len;
117
}
118
@@ -XXX,XX +XXX,XX @@ static void zdma_realize(DeviceState *dev, Error **errp)
119
XlnxZDMA *s = XLNX_ZDMA(dev);
120
unsigned int i;
121
122
+ if (!s->dma_mr) {
123
+ error_setg(errp, TYPE_XLNX_ZDMA " 'dma' link not set");
124
+ return;
125
+ }
126
+ address_space_init(&s->dma_as, s->dma_mr, "zdma-dma");
127
+
36
+
128
for (i = 0; i < ARRAY_SIZE(zdma_regs_info); ++i) {
37
if (s->mcs & STELLARIS_I2C_MCS_BUSBSY)
129
RegisterInfo *r = &s->regs_info[zdma_regs_info[i].addr / 4];
38
i2c_end_transfer(s->bus);
130
39
+}
131
@@ -XXX,XX +XXX,XX @@ static void zdma_realize(DeviceState *dev, Error **errp)
40
+
132
};
41
+static void stellaris_i2c_reset_hold(Object *obj)
133
}
42
+{
134
43
+ stellaris_i2c_state *s = STELLARIS_I2C(obj);
135
- if (s->dma_mr) {
44
136
- s->dma_as = g_malloc0(sizeof(AddressSpace));
45
s->msa = 0;
137
- address_space_init(s->dma_as, s->dma_mr, NULL);
46
s->mcs = 0;
138
- } else {
47
@@ -XXX,XX +XXX,XX @@ static void stellaris_i2c_reset(stellaris_i2c_state *s)
139
- s->dma_as = &address_space_memory;
48
s->mimr = 0;
140
- }
49
s->mris = 0;
141
s->attr = MEMTXATTRS_UNSPECIFIED;
50
s->mcr = 0;
51
+}
52
+
53
+static void stellaris_i2c_reset_exit(Object *obj)
54
+{
55
+ stellaris_i2c_state *s = STELLARIS_I2C(obj);
56
+
57
stellaris_i2c_update(s);
142
}
58
}
143
59
60
@@ -XXX,XX +XXX,XX @@ static void stellaris_i2c_init(Object *obj)
61
memory_region_init_io(&s->iomem, obj, &stellaris_i2c_ops, s,
62
"i2c", 0x1000);
63
sysbus_init_mmio(sbd, &s->iomem);
64
- /* ??? For now we only implement the master interface. */
65
- stellaris_i2c_reset(s);
66
}
67
68
/* Analogue to Digital Converter. This is only partially implemented,
69
@@ -XXX,XX +XXX,XX @@ type_init(stellaris_machine_init)
70
static void stellaris_i2c_class_init(ObjectClass *klass, void *data)
71
{
72
DeviceClass *dc = DEVICE_CLASS(klass);
73
+ ResettableClass *rc = RESETTABLE_CLASS(klass);
74
75
+ rc->phases.enter = stellaris_i2c_reset_enter;
76
+ rc->phases.hold = stellaris_i2c_reset_hold;
77
+ rc->phases.exit = stellaris_i2c_reset_exit;
78
dc->vmsd = &vmstate_stellaris_i2c;
79
}
80
144
--
81
--
145
2.20.1
82
2.34.1
146
83
147
84
diff view generated by jsdifflib
[PULL 05/37] hw/arm/Kconfig: no need to enable ACPI_MEMORY_HOTPLUG/ACPI_NVDIMM explicitly
[PULL 21/35] hw/arm/stellaris: Add missing QOM 'machine' parent
1
From: Ani Sinha <ani@anisinha.ca>
1
From: Philippe Mathieu-Daudé <philmd@linaro.org>
2
2
3
Since commit
3
QDev objects created with qdev_new() need to manually add
4
36b79e3219d ("hw/acpi/Kconfig: Add missing Kconfig dependencies (build error)"),
4
their parent relationship with object_property_add_child().
5
ACPI_MEMORY_HOTPLUG and ACPI_NVDIMM is implicitly turned on when
6
ACPI_HW_REDUCED is selected. ACPI_HW_REDUCED is already enabled. No need to
7
turn on ACPI_MEMORY_HOTPLUG or ACPI_NVDIMM explicitly. This is a minor cleanup.
8
5
9
Signed-off-by: Ani Sinha <ani@anisinha.ca>
6
This commit plug the devices which aren't part of the SoC;
10
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
7
they will be plugged into a SoC container in the next one.
11
Message-id: 20210819162637.518507-1-ani@anisinha.ca
8
9
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
10
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
11
Message-id: 20240213155214.13619-4-philmd@linaro.org
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
---
13
---
14
hw/arm/Kconfig | 2 --
14
hw/arm/stellaris.c | 4 ++++
15
1 file changed, 2 deletions(-)
15
1 file changed, 4 insertions(+)
16
16
17
diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
17
diff --git a/hw/arm/stellaris.c b/hw/arm/stellaris.c
18
index XXXXXXX..XXXXXXX 100644
18
index XXXXXXX..XXXXXXX 100644
19
--- a/hw/arm/Kconfig
19
--- a/hw/arm/stellaris.c
20
+++ b/hw/arm/Kconfig
20
+++ b/hw/arm/stellaris.c
21
@@ -XXX,XX +XXX,XX @@ config ARM_VIRT
21
@@ -XXX,XX +XXX,XX @@ static void stellaris_init(MachineState *ms, stellaris_board_info *board)
22
select ACPI_PCI
22
&error_fatal);
23
select MEM_DEVICE
23
24
select DIMM
24
ssddev = qdev_new("ssd0323");
25
- select ACPI_MEMORY_HOTPLUG
25
+ object_property_add_child(OBJECT(ms), "oled", OBJECT(ssddev));
26
select ACPI_HW_REDUCED
26
qdev_prop_set_uint8(ssddev, "cs", 1);
27
- select ACPI_NVDIMM
27
qdev_realize_and_unref(ssddev, bus, &error_fatal);
28
select ACPI_APEI
28
29
29
gpio_d_splitter = qdev_new(TYPE_SPLIT_IRQ);
30
config CHEETAH
30
+ object_property_add_child(OBJECT(ms), "splitter",
31
+ OBJECT(gpio_d_splitter));
32
qdev_prop_set_uint32(gpio_d_splitter, "num-lines", 2);
33
qdev_realize_and_unref(gpio_d_splitter, NULL, &error_fatal);
34
qdev_connect_gpio_out(
35
@@ -XXX,XX +XXX,XX @@ static void stellaris_init(MachineState *ms, stellaris_board_info *board)
36
DeviceState *gpad;
37
38
gpad = qdev_new(TYPE_STELLARIS_GAMEPAD);
39
+ object_property_add_child(OBJECT(ms), "gamepad", OBJECT(gpad));
40
for (i = 0; i < ARRAY_SIZE(gpad_keycode); i++) {
41
qlist_append_int(gpad_keycode_list, gpad_keycode[i]);
42
}
31
--
43
--
32
2.20.1
44
2.34.1
33
45
34
46
diff view generated by jsdifflib
[PULL 07/37] target/arm/kvm64: Ensure sve vls map is completely clear
[PULL 22/35] hw/arm/stellaris: Add missing QOM 'SoC' parent
1
From: Andrew Jones <drjones@redhat.com>
1
From: Philippe Mathieu-Daudé <philmd@linaro.org>
2
2
3
bitmap_clear() only clears the given range. While the given
3
QDev objects created with qdev_new() need to manually add
4
range should be sufficient in this case we might as well be
4
their parent relationship with object_property_add_child().
5
100% sure all bits are zeroed by using bitmap_zero().
6
5
7
Signed-off-by: Andrew Jones <drjones@redhat.com>
6
Since we don't model the SoC, just use a QOM container.
8
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
7
9
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
10
Message-id: 20210823160647.34028-3-drjones@redhat.com
9
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
10
Message-id: 20240213155214.13619-5-philmd@linaro.org
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
---
12
---
13
target/arm/kvm64.c | 2 +-
13
hw/arm/stellaris.c | 11 ++++++++++-
14
1 file changed, 1 insertion(+), 1 deletion(-)
14
1 file changed, 10 insertions(+), 1 deletion(-)
15
15
16
diff --git a/target/arm/kvm64.c b/target/arm/kvm64.c
16
diff --git a/hw/arm/stellaris.c b/hw/arm/stellaris.c
17
index XXXXXXX..XXXXXXX 100644
17
index XXXXXXX..XXXXXXX 100644
18
--- a/target/arm/kvm64.c
18
--- a/hw/arm/stellaris.c
19
+++ b/target/arm/kvm64.c
19
+++ b/hw/arm/stellaris.c
20
@@ -XXX,XX +XXX,XX @@ void kvm_arm_sve_get_vls(CPUState *cs, unsigned long *map)
20
@@ -XXX,XX +XXX,XX @@ static void stellaris_init(MachineState *ms, stellaris_board_info *board)
21
uint32_t vq = 0;
21
* 400fe000 system control
22
int i, j;
22
*/
23
23
24
- bitmap_clear(map, 0, ARM_MAX_VQ);
24
+ Object *soc_container;
25
+ bitmap_zero(map, ARM_MAX_VQ);
25
DeviceState *gpio_dev[7], *nvic;
26
qemu_irq gpio_in[7][8];
27
qemu_irq gpio_out[7][8];
28
@@ -XXX,XX +XXX,XX @@ static void stellaris_init(MachineState *ms, stellaris_board_info *board)
29
flash_size = (((board->dc0 & 0xffff) + 1) << 1) * 1024;
30
sram_size = ((board->dc0 >> 18) + 1) * 1024;
31
32
+ soc_container = object_new("container");
33
+ object_property_add_child(OBJECT(ms), "soc", soc_container);
34
+
35
/* Flash programming is done via the SCU, so pretend it is ROM. */
36
memory_region_init_rom(flash, NULL, "stellaris.flash", flash_size,
37
&error_fatal);
38
@@ -XXX,XX +XXX,XX @@ static void stellaris_init(MachineState *ms, stellaris_board_info *board)
39
* need its sysclk output.
40
*/
41
ssys_dev = qdev_new(TYPE_STELLARIS_SYS);
42
+ object_property_add_child(soc_container, "sys", OBJECT(ssys_dev));
26
43
27
/*
44
/*
28
* KVM ensures all host CPUs support the same set of vector lengths.
45
* Most devices come preprogrammed with a MAC address in the user data.
46
@@ -XXX,XX +XXX,XX @@ static void stellaris_init(MachineState *ms, stellaris_board_info *board)
47
sysbus_realize_and_unref(SYS_BUS_DEVICE(ssys_dev), &error_fatal);
48
49
nvic = qdev_new(TYPE_ARMV7M);
50
+ object_property_add_child(soc_container, "v7m", OBJECT(nvic));
51
qdev_prop_set_uint32(nvic, "num-irq", NUM_IRQ_LINES);
52
qdev_prop_set_uint8(nvic, "num-prio-bits", NUM_PRIO_BITS);
53
qdev_prop_set_string(nvic, "cpu-type", ms->cpu_type);
54
@@ -XXX,XX +XXX,XX @@ static void stellaris_init(MachineState *ms, stellaris_board_info *board)
55
56
dev = qdev_new(TYPE_STELLARIS_GPTM);
57
sbd = SYS_BUS_DEVICE(dev);
58
+ object_property_add_child(soc_container, "gptm[*]", OBJECT(dev));
59
qdev_connect_clock_in(dev, "clk",
60
qdev_get_clock_out(ssys_dev, "SYSCLK"));
61
sysbus_realize_and_unref(sbd, &error_fatal);
62
@@ -XXX,XX +XXX,XX @@ static void stellaris_init(MachineState *ms, stellaris_board_info *board)
63
64
if (board->dc1 & (1 << 3)) { /* watchdog present */
65
dev = qdev_new(TYPE_LUMINARY_WATCHDOG);
66
-
67
+ object_property_add_child(soc_container, "wdg", OBJECT(dev));
68
qdev_connect_clock_in(dev, "WDOGCLK",
69
qdev_get_clock_out(ssys_dev, "SYSCLK"));
70
71
@@ -XXX,XX +XXX,XX @@ static void stellaris_init(MachineState *ms, stellaris_board_info *board)
72
SysBusDevice *sbd;
73
74
dev = qdev_new("pl011_luminary");
75
+ object_property_add_child(soc_container, "uart[*]", OBJECT(dev));
76
sbd = SYS_BUS_DEVICE(dev);
77
qdev_prop_set_chr(dev, "chardev", serial_hd(i));
78
sysbus_realize_and_unref(sbd, &error_fatal);
79
@@ -XXX,XX +XXX,XX @@ static void stellaris_init(MachineState *ms, stellaris_board_info *board)
80
DeviceState *enet;
81
82
enet = qdev_new("stellaris_enet");
83
+ object_property_add_child(soc_container, "enet", OBJECT(enet));
84
if (nd) {
85
qdev_set_nic_properties(enet, nd);
86
} else {
29
--
87
--
30
2.20.1
88
2.34.1
31
89
32
90
diff view generated by jsdifflib
[PULL 10/37] docs/specs/acpu_cpu_hotplug: Convert to rST
Deleted patch
1
Do a basic conversion of the acpi_cpu_hotplug spec document to rST.
2
1
3
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
5
Message-id: 20210727170414.3368-2-peter.maydell@linaro.org
6
---
7
docs/specs/acpi_cpu_hotplug.rst | 235 ++++++++++++++++++++++++++++++++
8
docs/specs/acpi_cpu_hotplug.txt | 160 ----------------------
9
docs/specs/index.rst | 1 +
10
3 files changed, 236 insertions(+), 160 deletions(-)
11
create mode 100644 docs/specs/acpi_cpu_hotplug.rst
12
delete mode 100644 docs/specs/acpi_cpu_hotplug.txt
13
14
diff --git a/docs/specs/acpi_cpu_hotplug.rst b/docs/specs/acpi_cpu_hotplug.rst
15
new file mode 100644
16
index XXXXXXX..XXXXXXX
17
--- /dev/null
18
+++ b/docs/specs/acpi_cpu_hotplug.rst
19
@@ -XXX,XX +XXX,XX @@
20
+QEMU<->ACPI BIOS CPU hotplug interface
21
+======================================
22
+
23
+QEMU supports CPU hotplug via ACPI. This document
24
+describes the interface between QEMU and the ACPI BIOS.
25
+
26
+ACPI BIOS GPE.2 handler is dedicated for notifying OS about CPU hot-add
27
+and hot-remove events.
28
+
29
+
30
+Legacy ACPI CPU hotplug interface registers
31
+-------------------------------------------
32
+
33
+CPU present bitmap for:
34
+
35
+- ICH9-LPC (IO port 0x0cd8-0xcf7, 1-byte access)
36
+- PIIX-PM (IO port 0xaf00-0xaf1f, 1-byte access)
37
+- One bit per CPU. Bit position reflects corresponding CPU APIC ID. Read-only.
38
+- The first DWORD in bitmap is used in write mode to switch from legacy
39
+ to modern CPU hotplug interface, write 0 into it to do switch.
40
+
41
+QEMU sets corresponding CPU bit on hot-add event and issues SCI
42
+with GPE.2 event set. CPU present map is read by ACPI BIOS GPE.2 handler
43
+to notify OS about CPU hot-add events. CPU hot-remove isn't supported.
44
+
45
+
46
+Modern ACPI CPU hotplug interface registers
47
+-------------------------------------------
48
+
49
+Register block base address:
50
+
51
+- ICH9-LPC IO port 0x0cd8
52
+- PIIX-PM IO port 0xaf00
53
+
54
+Register block size:
55
+
56
+- ACPI_CPU_HOTPLUG_REG_LEN = 12
57
+
58
+All accesses to registers described below, imply little-endian byte order.
59
+
60
+Reserved registers behavior:
61
+
62
+- write accesses are ignored
63
+- read accesses return all bits set to 0.
64
+
65
+The last stored value in 'CPU selector' must refer to a possible CPU, otherwise
66
+
67
+- reads from any register return 0
68
+- writes to any other register are ignored until valid value is stored into it
69
+
70
+On QEMU start, 'CPU selector' is initialized to a valid value, on reset it
71
+keeps the current value.
72
+
73
+Read access behavior
74
+^^^^^^^^^^^^^^^^^^^^
75
+
76
+offset [0x0-0x3]
77
+ Command data 2: (DWORD access)
78
+
79
+ If value last stored in 'Command field' is:
80
+
81
+ 0:
82
+ reads as 0x0
83
+ 3:
84
+ upper 32 bits of architecture specific CPU ID value
85
+ other values:
86
+ reserved
87
+
88
+offset [0x4]
89
+ CPU device status fields: (1 byte access)
90
+
91
+ bits:
92
+
93
+ 0:
94
+ Device is enabled and may be used by guest
95
+ 1:
96
+ Device insert event, used to distinguish device for which
97
+ no device check event to OSPM was issued.
98
+ It's valid only when bit 0 is set.
99
+ 2:
100
+ Device remove event, used to distinguish device for which
101
+ no device eject request to OSPM was issued. Firmware must
102
+ ignore this bit.
103
+ 3:
104
+ reserved and should be ignored by OSPM
105
+ 4:
106
+ if set to 1, OSPM requests firmware to perform device eject.
107
+ 5-7:
108
+ reserved and should be ignored by OSPM
109
+
110
+offset [0x5-0x7]
111
+ reserved
112
+
113
+offset [0x8]
114
+ Command data: (DWORD access)
115
+
116
+ If value last stored in 'Command field' is one of:
117
+
118
+ 0:
119
+ contains 'CPU selector' value of a CPU with pending event[s]
120
+ 3:
121
+ lower 32 bits of architecture specific CPU ID value
122
+ (in x86 case: APIC ID)
123
+ otherwise:
124
+ contains 0
125
+
126
+Write access behavior
127
+^^^^^^^^^^^^^^^^^^^^^
128
+
129
+offset [0x0-0x3]
130
+ CPU selector: (DWORD access)
131
+
132
+ Selects active CPU device. All following accesses to other
133
+ registers will read/store data from/to selected CPU.
134
+ Valid values: [0 .. max_cpus)
135
+
136
+offset [0x4]
137
+ CPU device control fields: (1 byte access)
138
+
139
+ bits:
140
+
141
+ 0:
142
+ reserved, OSPM must clear it before writing to register.
143
+ 1:
144
+ if set to 1 clears device insert event, set by OSPM
145
+ after it has emitted device check event for the
146
+ selected CPU device
147
+ 2:
148
+ if set to 1 clears device remove event, set by OSPM
149
+ after it has emitted device eject request for the
150
+ selected CPU device.
151
+ 3:
152
+ if set to 1 initiates device eject, set by OSPM when it
153
+ triggers CPU device removal and calls _EJ0 method or by firmware
154
+ when bit #4 is set. In case bit #4 were set, it's cleared as
155
+ part of device eject.
156
+ 4:
157
+ if set to 1, OSPM hands over device eject to firmware.
158
+ Firmware shall issue device eject request as described above
159
+ (bit #3) and OSPM should not touch device eject bit (#3) in case
160
+ it's asked firmware to perform CPU device eject.
161
+ 5-7:
162
+ reserved, OSPM must clear them before writing to register
163
+
164
+offset[0x5]
165
+ Command field: (1 byte access)
166
+
167
+ value:
168
+
169
+ 0:
170
+ selects a CPU device with inserting/removing events and
171
+ following reads from 'Command data' register return
172
+ selected CPU ('CPU selector' value).
173
+ If no CPU with events found, the current 'CPU selector' doesn't
174
+ change and corresponding insert/remove event flags are not modified.
175
+
176
+ 1:
177
+ following writes to 'Command data' register set OST event
178
+ register in QEMU
179
+ 2:
180
+ following writes to 'Command data' register set OST status
181
+ register in QEMU
182
+ 3:
183
+ following reads from 'Command data' and 'Command data 2' return
184
+ architecture specific CPU ID value for currently selected CPU.
185
+ other values:
186
+ reserved
187
+
188
+offset [0x6-0x7]
189
+ reserved
190
+
191
+offset [0x8]
192
+ Command data: (DWORD access)
193
+
194
+ If last stored 'Command field' value is:
195
+
196
+ 1:
197
+ stores value into OST event register
198
+ 2:
199
+ stores value into OST status register, triggers
200
+ ACPI_DEVICE_OST QMP event from QEMU to external applications
201
+ with current values of OST event and status registers.
202
+ other values:
203
+ reserved
204
+
205
+Typical usecases
206
+----------------
207
+
208
+(x86) Detecting and enabling modern CPU hotplug interface
209
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
210
+
211
+QEMU starts with legacy CPU hotplug interface enabled. Detecting and
212
+switching to modern interface is based on the 2 legacy CPU hotplug features:
213
+
214
+#. Writes into CPU bitmap are ignored.
215
+#. CPU bitmap always has bit #0 set, corresponding to boot CPU.
216
+
217
+Use following steps to detect and enable modern CPU hotplug interface:
218
+
219
+#. Store 0x0 to the 'CPU selector' register, attempting to switch to modern mode
220
+#. Store 0x0 to the 'CPU selector' register, to ensure valid selector value
221
+#. Store 0x0 to the 'Command field' register
222
+#. Read the 'Command data 2' register.
223
+ If read value is 0x0, the modern interface is enabled.
224
+ Otherwise legacy or no CPU hotplug interface available
225
+
226
+Get a cpu with pending event
227
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^
228
+
229
+#. Store 0x0 to the 'CPU selector' register.
230
+#. Store 0x0 to the 'Command field' register.
231
+#. Read the 'CPU device status fields' register.
232
+#. If both bit #1 and bit #2 are clear in the value read, there is no CPU
233
+ with a pending event and selected CPU remains unchanged.
234
+#. Otherwise, read the 'Command data' register. The value read is the
235
+ selector of the CPU with the pending event (which is already selected).
236
+
237
+Enumerate CPUs present/non present CPUs
238
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
239
+
240
+#. Set the present CPU count to 0.
241
+#. Set the iterator to 0.
242
+#. Store 0x0 to the 'CPU selector' register, to ensure that it's in
243
+ a valid state and that access to other registers won't be ignored.
244
+#. Store 0x0 to the 'Command field' register to make 'Command data'
245
+ register return 'CPU selector' value of selected CPU
246
+#. Read the 'CPU device status fields' register.
247
+#. If bit #0 is set, increment the present CPU count.
248
+#. Increment the iterator.
249
+#. Store the iterator to the 'CPU selector' register.
250
+#. Read the 'Command data' register.
251
+#. If the value read is not zero, goto 05.
252
+#. Otherwise store 0x0 to the 'CPU selector' register, to put it
253
+ into a valid state and exit.
254
+ The iterator at this point equals "max_cpus".
255
diff --git a/docs/specs/acpi_cpu_hotplug.txt b/docs/specs/acpi_cpu_hotplug.txt
256
deleted file mode 100644
257
index XXXXXXX..XXXXXXX
258
--- a/docs/specs/acpi_cpu_hotplug.txt
259
+++ /dev/null
260
@@ -XXX,XX +XXX,XX @@
261
-QEMU<->ACPI BIOS CPU hotplug interface
262
---------------------------------------
263
-
264
-QEMU supports CPU hotplug via ACPI. This document
265
-describes the interface between QEMU and the ACPI BIOS.
266
-
267
-ACPI BIOS GPE.2 handler is dedicated for notifying OS about CPU hot-add
268
-and hot-remove events.
269
-
270
-============================================
271
-Legacy ACPI CPU hotplug interface registers:
272
---------------------------------------------
273
-CPU present bitmap for:
274
- ICH9-LPC (IO port 0x0cd8-0xcf7, 1-byte access)
275
- PIIX-PM (IO port 0xaf00-0xaf1f, 1-byte access)
276
- One bit per CPU. Bit position reflects corresponding CPU APIC ID. Read-only.
277
- The first DWORD in bitmap is used in write mode to switch from legacy
278
- to modern CPU hotplug interface, write 0 into it to do switch.
279
----------------------------------------------------------------
280
-QEMU sets corresponding CPU bit on hot-add event and issues SCI
281
-with GPE.2 event set. CPU present map is read by ACPI BIOS GPE.2 handler
282
-to notify OS about CPU hot-add events. CPU hot-remove isn't supported.
283
-
284
-=====================================
285
-Modern ACPI CPU hotplug interface registers:
286
--------------------------------------
287
-Register block base address:
288
- ICH9-LPC IO port 0x0cd8
289
- PIIX-PM IO port 0xaf00
290
-Register block size:
291
- ACPI_CPU_HOTPLUG_REG_LEN = 12
292
-
293
-All accesses to registers described below, imply little-endian byte order.
294
-
295
-Reserved resisters behavior:
296
- - write accesses are ignored
297
- - read accesses return all bits set to 0.
298
-
299
-The last stored value in 'CPU selector' must refer to a possible CPU, otherwise
300
- - reads from any register return 0
301
- - writes to any other register are ignored until valid value is stored into it
302
-On QEMU start, 'CPU selector' is initialized to a valid value, on reset it
303
-keeps the current value.
304
-
305
-read access:
306
- offset:
307
- [0x0-0x3] Command data 2: (DWORD access)
308
- if value last stored in 'Command field':
309
- 0: reads as 0x0
310
- 3: upper 32 bits of architecture specific CPU ID value
311
- other values: reserved
312
- [0x4] CPU device status fields: (1 byte access)
313
- bits:
314
- 0: Device is enabled and may be used by guest
315
- 1: Device insert event, used to distinguish device for which
316
- no device check event to OSPM was issued.
317
- It's valid only when bit 0 is set.
318
- 2: Device remove event, used to distinguish device for which
319
- no device eject request to OSPM was issued. Firmware must
320
- ignore this bit.
321
- 3: reserved and should be ignored by OSPM
322
- 4: if set to 1, OSPM requests firmware to perform device eject.
323
- 5-7: reserved and should be ignored by OSPM
324
- [0x5-0x7] reserved
325
- [0x8] Command data: (DWORD access)
326
- contains 0 unless value last stored in 'Command field' is one of:
327
- 0: contains 'CPU selector' value of a CPU with pending event[s]
328
- 3: lower 32 bits of architecture specific CPU ID value
329
- (in x86 case: APIC ID)
330
-
331
-write access:
332
- offset:
333
- [0x0-0x3] CPU selector: (DWORD access)
334
- selects active CPU device. All following accesses to other
335
- registers will read/store data from/to selected CPU.
336
- Valid values: [0 .. max_cpus)
337
- [0x4] CPU device control fields: (1 byte access)
338
- bits:
339
- 0: reserved, OSPM must clear it before writing to register.
340
- 1: if set to 1 clears device insert event, set by OSPM
341
- after it has emitted device check event for the
342
- selected CPU device
343
- 2: if set to 1 clears device remove event, set by OSPM
344
- after it has emitted device eject request for the
345
- selected CPU device.
346
- 3: if set to 1 initiates device eject, set by OSPM when it
347
- triggers CPU device removal and calls _EJ0 method or by firmware
348
- when bit #4 is set. In case bit #4 were set, it's cleared as
349
- part of device eject.
350
- 4: if set to 1, OSPM hands over device eject to firmware.
351
- Firmware shall issue device eject request as described above
352
- (bit #3) and OSPM should not touch device eject bit (#3) in case
353
- it's asked firmware to perform CPU device eject.
354
- 5-7: reserved, OSPM must clear them before writing to register
355
- [0x5] Command field: (1 byte access)
356
- value:
357
- 0: selects a CPU device with inserting/removing events and
358
- following reads from 'Command data' register return
359
- selected CPU ('CPU selector' value).
360
- If no CPU with events found, the current 'CPU selector' doesn't
361
- change and corresponding insert/remove event flags are not modified.
362
- 1: following writes to 'Command data' register set OST event
363
- register in QEMU
364
- 2: following writes to 'Command data' register set OST status
365
- register in QEMU
366
- 3: following reads from 'Command data' and 'Command data 2' return
367
- architecture specific CPU ID value for currently selected CPU.
368
- other values: reserved
369
- [0x6-0x7] reserved
370
- [0x8] Command data: (DWORD access)
371
- if last stored 'Command field' value:
372
- 1: stores value into OST event register
373
- 2: stores value into OST status register, triggers
374
- ACPI_DEVICE_OST QMP event from QEMU to external applications
375
- with current values of OST event and status registers.
376
- other values: reserved
377
-
378
-Typical usecases:
379
- - (x86) Detecting and enabling modern CPU hotplug interface.
380
- QEMU starts with legacy CPU hotplug interface enabled. Detecting and
381
- switching to modern interface is based on the 2 legacy CPU hotplug features:
382
- 1. Writes into CPU bitmap are ignored.
383
- 2. CPU bitmap always has bit#0 set, corresponding to boot CPU.
384
-
385
- Use following steps to detect and enable modern CPU hotplug interface:
386
- 1. Store 0x0 to the 'CPU selector' register,
387
- attempting to switch to modern mode
388
- 2. Store 0x0 to the 'CPU selector' register,
389
- to ensure valid selector value
390
- 3. Store 0x0 to the 'Command field' register,
391
- 4. Read the 'Command data 2' register.
392
- If read value is 0x0, the modern interface is enabled.
393
- Otherwise legacy or no CPU hotplug interface available
394
-
395
- - Get a cpu with pending event
396
- 1. Store 0x0 to the 'CPU selector' register.
397
- 2. Store 0x0 to the 'Command field' register.
398
- 3. Read the 'CPU device status fields' register.
399
- 4. If both bit#1 and bit#2 are clear in the value read, there is no CPU
400
- with a pending event and selected CPU remains unchanged.
401
- 5. Otherwise, read the 'Command data' register. The value read is the
402
- selector of the CPU with the pending event (which is already
403
- selected).
404
-
405
- - Enumerate CPUs present/non present CPUs
406
- 01. Set the present CPU count to 0.
407
- 02. Set the iterator to 0.
408
- 03. Store 0x0 to the 'CPU selector' register, to ensure that it's in
409
- a valid state and that access to other registers won't be ignored.
410
- 04. Store 0x0 to the 'Command field' register to make 'Command data'
411
- register return 'CPU selector' value of selected CPU
412
- 05. Read the 'CPU device status fields' register.
413
- 06. If bit#0 is set, increment the present CPU count.
414
- 07. Increment the iterator.
415
- 08. Store the iterator to the 'CPU selector' register.
416
- 09. Read the 'Command data' register.
417
- 10. If the value read is not zero, goto 05.
418
- 11. Otherwise store 0x0 to the 'CPU selector' register, to put it
419
- into a valid state and exit.
420
- The iterator at this point equals "max_cpus".
421
diff --git a/docs/specs/index.rst b/docs/specs/index.rst
422
index XXXXXXX..XXXXXXX 100644
423
--- a/docs/specs/index.rst
424
+++ b/docs/specs/index.rst
425
@@ -XXX,XX +XXX,XX @@ guest hardware that is specific to QEMU.
426
acpi_hw_reduced_hotplug
427
tpm
428
acpi_hest_ghes
429
+ acpi_cpu_hotplug
430
--
431
2.20.1
432
433
diff view generated by jsdifflib
[PULL 33/37] target/arm: Implement HSTR.TTEE
[PULL 23/35] target/arm: Use new CBAR encoding for all v8 CPUs, not all aarch64 CPUs
1
In v7, the HSTR register has a TTEE bit which allows EL0/EL1 accesses
1
We support two different encodings for the AArch32 IMPDEF
2
to the Thumb2EE TEECR and TEEHBR registers to be trapped to the
2
CBAR register -- older cores like the Cortex A9, A7, A15
3
hypervisor. Implement these traps.
3
have this at 4, c15, c0, 0; newer cores like the
4
Cortex A35, A53, A57 and A72 have it at 1 c15 c0 0.
5
6
When we implemented this we picked which encoding to
7
use based on whether the CPU set ARM_FEATURE_AARCH64.
8
However this isn't right for three cases:
9
* the qemu-system-arm 'max' CPU, which is supposed to be
10
a variant on a Cortex-A57; it ought to use the same
11
encoding the A57 does and which the AArch64 'max'
12
exposes to AArch32 guest code
13
* the Cortex-R52, which is AArch32-only but has the CBAR
14
at the newer encoding (and where we incorrectly are
15
not yet setting ARM_FEATURE_CBAR_RO anyway)
16
* any possible future support for other v8 AArch32
17
only CPUs, or for supporting "boot the CPU into
18
AArch32 mode" on our existing cores like the A57 etc
19
20
Make the decision of the encoding be based on whether
21
the CPU implements the ARM_FEATURE_V8 flag instead.
22
23
This changes the behaviour only for the qemu-system-arm
24
'-cpu max'. We don't expect anybody to be relying on the
25
old behaviour because:
26
* it's not what the real hardware Cortex-A57 does
27
(and that's what our ID register claims we are)
28
* we don't implement the memory-mapped GICv3 support
29
which is the only thing that exists at the peripheral
30
base address pointed to by the register
4
31
5
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
32
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
6
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
33
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
7
Message-id: 20210816180305.20137-2-peter.maydell@linaro.org
34
Message-id: 20240206132931.38376-2-peter.maydell@linaro.org
8
---
35
---
9
target/arm/cpu.h | 2 ++
36
target/arm/helper.c | 2 +-
10
target/arm/helper.c | 18 ++++++++++++++++--
37
1 file changed, 1 insertion(+), 1 deletion(-)
11
2 files changed, 18 insertions(+), 2 deletions(-)
12
38
13
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
14
index XXXXXXX..XXXXXXX 100644
15
--- a/target/arm/cpu.h
16
+++ b/target/arm/cpu.h
17
@@ -XXX,XX +XXX,XX @@ static inline void xpsr_write(CPUARMState *env, uint32_t val, uint32_t mask)
18
#define SCR_ENSCXT (1U << 25)
19
#define SCR_ATA (1U << 26)
20
21
+#define HSTR_TTEE (1 << 16)
22
+
23
/* Return the current FPSCR value. */
24
uint32_t vfp_get_fpscr(CPUARMState *env);
25
void vfp_set_fpscr(CPUARMState *env, uint32_t val);
26
diff --git a/target/arm/helper.c b/target/arm/helper.c
39
diff --git a/target/arm/helper.c b/target/arm/helper.c
27
index XXXXXXX..XXXXXXX 100644
40
index XXXXXXX..XXXXXXX 100644
28
--- a/target/arm/helper.c
41
--- a/target/arm/helper.c
29
+++ b/target/arm/helper.c
42
+++ b/target/arm/helper.c
30
@@ -XXX,XX +XXX,XX @@ static void teecr_write(CPUARMState *env, const ARMCPRegInfo *ri,
43
@@ -XXX,XX +XXX,XX @@ void register_cp_regs_for_features(ARMCPU *cpu)
31
env->teecr = value;
44
* AArch64 cores we might need to add a specific feature flag
32
}
45
* to indicate cores with "flavour 2" CBAR.
33
46
*/
34
+static CPAccessResult teecr_access(CPUARMState *env, const ARMCPRegInfo *ri,
47
- if (arm_feature(env, ARM_FEATURE_AARCH64)) {
35
+ bool isread)
48
+ if (arm_feature(env, ARM_FEATURE_V8)) {
36
+{
49
/* 32 bit view is [31:18] 0...0 [43:32]. */
37
+ /*
50
uint32_t cbar32 = (extract64(cpu->reset_cbar, 18, 14) << 18)
38
+ * HSTR.TTEE only exists in v7A, not v8A, but v8A doesn't have T2EE
51
| extract64(cpu->reset_cbar, 32, 12);
39
+ * at all, so we don't need to check whether we're v8A.
40
+ */
41
+ if (arm_current_el(env) < 2 && !arm_is_secure_below_el3(env) &&
42
+ (env->cp15.hstr_el2 & HSTR_TTEE)) {
43
+ return CP_ACCESS_TRAP_EL2;
44
+ }
45
+ return CP_ACCESS_OK;
46
+}
47
+
48
static CPAccessResult teehbr_access(CPUARMState *env, const ARMCPRegInfo *ri,
49
bool isread)
50
{
51
if (arm_current_el(env) == 0 && (env->teecr & 1)) {
52
return CP_ACCESS_TRAP;
53
}
54
- return CP_ACCESS_OK;
55
+ return teecr_access(env, ri, isread);
56
}
57
58
static const ARMCPRegInfo t2ee_cp_reginfo[] = {
59
{ .name = "TEECR", .cp = 14, .crn = 0, .crm = 0, .opc1 = 6, .opc2 = 0,
60
.access = PL1_RW, .fieldoffset = offsetof(CPUARMState, teecr),
61
.resetvalue = 0,
62
- .writefn = teecr_write },
63
+ .writefn = teecr_write, .accessfn = teecr_access },
64
{ .name = "TEEHBR", .cp = 14, .crn = 1, .crm = 0, .opc1 = 6, .opc2 = 0,
65
.access = PL0_RW, .fieldoffset = offsetof(CPUARMState, teehbr),
66
.accessfn = teehbr_access, .resetvalue = 0 },
67
--
52
--
68
2.20.1
53
2.34.1
69
70
diff view generated by jsdifflib
[PULL 17/37] softmmu/arch_init.c: Trim down include list
[PULL 24/35] target/arm: The Cortex-R52 has a read-only CBAR
1
arch_init.c does very little but has a long list of #include lines.
1
The Cortex-R52 implements the Configuration Base Address Register
2
Remove all the unnecessary ones.
2
(CBAR), as a read-only register. Add ARM_FEATURE_CBAR_RO to this CPU
3
type, so that our implementation provides the register and the
4
associated qdev property.
3
5
4
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
6
Message-id: 20210730105947.28215-4-peter.maydell@linaro.org
8
Message-id: 20240206132931.38376-3-peter.maydell@linaro.org
7
---
9
---
8
softmmu/arch_init.c | 7 -------
10
target/arm/tcg/cpu32.c | 1 +
9
1 file changed, 7 deletions(-)
11
1 file changed, 1 insertion(+)
10
12
11
diff --git a/softmmu/arch_init.c b/softmmu/arch_init.c
13
diff --git a/target/arm/tcg/cpu32.c b/target/arm/tcg/cpu32.c
12
index XXXXXXX..XXXXXXX 100644
14
index XXXXXXX..XXXXXXX 100644
13
--- a/softmmu/arch_init.c
15
--- a/target/arm/tcg/cpu32.c
14
+++ b/softmmu/arch_init.c
16
+++ b/target/arm/tcg/cpu32.c
15
@@ -XXX,XX +XXX,XX @@
17
@@ -XXX,XX +XXX,XX @@ static void cortex_r52_initfn(Object *obj)
16
*/
18
set_feature(&cpu->env, ARM_FEATURE_PMSA);
17
#include "qemu/osdep.h"
19
set_feature(&cpu->env, ARM_FEATURE_NEON);
18
#include "sysemu/arch_init.h"
20
set_feature(&cpu->env, ARM_FEATURE_GENERIC_TIMER);
19
-#include "hw/pci/pci.h"
21
+ set_feature(&cpu->env, ARM_FEATURE_CBAR_RO);
20
-#include "hw/audio/soundhw.h"
22
cpu->midr = 0x411fd133; /* r1p3 */
21
-#include "qapi/error.h"
23
cpu->revidr = 0x00000000;
22
-#include "qemu/config-file.h"
24
cpu->reset_fpsid = 0x41034023;
23
-#include "qemu/error-report.h"
24
-#include "hw/acpi/acpi.h"
25
-#include "qemu/help_option.h"
26
27
#ifdef TARGET_SPARC
28
int graphic_width = 1024;
29
--
25
--
30
2.20.1
26
2.34.1
31
32
diff view generated by jsdifflib
[PULL 11/37] docs/specs/acpi_mem_hotplug: Convert to rST
[PULL 25/35] target/arm: Add Cortex-R52 IMPDEF sysregs
1
Convert the acpi memory hotplug spec to rST.
1
Add the Cortex-R52 IMPDEF sysregs, by defining them here and
2
2
also by enabling the AUXCR feature which defines the ACTLR
3
Note that this includes converting a lot of weird whitespace
3
and HACTLR registers. As is our usual practice, we make these
4
characters to plain old spaces (the rST parser does not like
4
simple reads-as-zero stubs for now.
5
whatever the old ones were).
6
5
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
9
Message-id: 20210727170414.3368-3-peter.maydell@linaro.org
8
Message-id: 20240206132931.38376-4-peter.maydell@linaro.org
10
---
9
---
11
docs/specs/acpi_mem_hotplug.rst | 128 ++++++++++++++++++++++++++++++++
10
target/arm/tcg/cpu32.c | 108 +++++++++++++++++++++++++++++++++++++++++
12
docs/specs/acpi_mem_hotplug.txt | 94 -----------------------
11
1 file changed, 108 insertions(+)
13
docs/specs/index.rst | 1 +
14
3 files changed, 129 insertions(+), 94 deletions(-)
15
create mode 100644 docs/specs/acpi_mem_hotplug.rst
16
delete mode 100644 docs/specs/acpi_mem_hotplug.txt
17
12
18
diff --git a/docs/specs/acpi_mem_hotplug.rst b/docs/specs/acpi_mem_hotplug.rst
13
diff --git a/target/arm/tcg/cpu32.c b/target/arm/tcg/cpu32.c
19
new file mode 100644
14
index XXXXXXX..XXXXXXX 100644
20
index XXXXXXX..XXXXXXX
15
--- a/target/arm/tcg/cpu32.c
21
--- /dev/null
16
+++ b/target/arm/tcg/cpu32.c
22
+++ b/docs/specs/acpi_mem_hotplug.rst
17
@@ -XXX,XX +XXX,XX @@ static void cortex_r5_initfn(Object *obj)
23
@@ -XXX,XX +XXX,XX @@
18
define_arm_cp_regs(cpu, cortexr5_cp_reginfo);
24
+QEMU<->ACPI BIOS memory hotplug interface
19
}
25
+=========================================
20
26
+
21
+static const ARMCPRegInfo cortex_r52_cp_reginfo[] = {
27
+ACPI BIOS GPE.3 handler is dedicated for notifying OS about memory hot-add
22
+ { .name = "CPUACTLR", .cp = 15, .opc1 = 0, .crm = 15,
28
+and hot-remove events.
23
+ .access = PL1_RW, .type = ARM_CP_CONST | ARM_CP_64BIT, .resetvalue = 0 },
29
+
24
+ { .name = "IMP_ATCMREGIONR",
30
+Memory hot-plug interface (IO port 0xa00-0xa17, 1-4 byte access)
25
+ .cp = 15, .opc1 = 0, .crn = 9, .crm = 1, .opc2 = 0,
31
+----------------------------------------------------------------
26
+ .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
32
+
27
+ { .name = "IMP_BTCMREGIONR",
33
+Read access behavior
28
+ .cp = 15, .opc1 = 0, .crn = 9, .crm = 1, .opc2 = 1,
34
+^^^^^^^^^^^^^^^^^^^^
29
+ .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
35
+
30
+ { .name = "IMP_CTCMREGIONR",
36
+[0x0-0x3]
31
+ .cp = 15, .opc1 = 0, .crn = 9, .crm = 1, .opc2 = 2,
37
+ Lo part of memory device phys address
32
+ .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
38
+[0x4-0x7]
33
+ { .name = "IMP_CSCTLR",
39
+ Hi part of memory device phys address
34
+ .cp = 15, .opc1 = 1, .crn = 9, .crm = 1, .opc2 = 0,
40
+[0x8-0xb]
35
+ .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
41
+ Lo part of memory device size in bytes
36
+ { .name = "IMP_BPCTLR",
42
+[0xc-0xf]
37
+ .cp = 15, .opc1 = 1, .crn = 9, .crm = 1, .opc2 = 1,
43
+ Hi part of memory device size in bytes
38
+ .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
44
+[0x10-0x13]
39
+ { .name = "IMP_MEMPROTCLR",
45
+ Memory device proximity domain
40
+ .cp = 15, .opc1 = 1, .crn = 9, .crm = 1, .opc2 = 2,
46
+[0x14]
41
+ .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
47
+ Memory device status fields
42
+ { .name = "IMP_SLAVEPCTLR",
48
+
43
+ .cp = 15, .opc1 = 0, .crn = 11, .crm = 0, .opc2 = 0,
49
+ bits:
44
+ .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
50
+
45
+ { .name = "IMP_PERIPHREGIONR",
51
+ 0:
46
+ .cp = 15, .opc1 = 0, .crn = 15, .crm = 0, .opc2 = 0,
52
+ Device is enabled and may be used by guest
47
+ .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
53
+ 1:
48
+ { .name = "IMP_FLASHIFREGIONR",
54
+ Device insert event, used to distinguish device for which
49
+ .cp = 15, .opc1 = 0, .crn = 15, .crm = 0, .opc2 = 1,
55
+ no device check event to OSPM was issued.
50
+ .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
56
+ It's valid only when bit 1 is set.
51
+ { .name = "IMP_BUILDOPTR",
57
+ 2:
52
+ .cp = 15, .opc1 = 0, .crn = 15, .crm = 2, .opc2 = 0,
58
+ Device remove event, used to distinguish device for which
53
+ .access = PL1_R, .type = ARM_CP_CONST, .resetvalue = 0 },
59
+ no device eject request to OSPM was issued.
54
+ { .name = "IMP_PINOPTR",
60
+ 3-7:
55
+ .cp = 15, .opc1 = 0, .crn = 15, .crm = 2, .opc2 = 7,
61
+ reserved and should be ignored by OSPM
56
+ .access = PL1_R, .type = ARM_CP_CONST, .resetvalue = 0 },
62
+
57
+ { .name = "IMP_QOSR",
63
+[0x15-0x17]
58
+ .cp = 15, .opc1 = 1, .crn = 15, .crm = 3, .opc2 = 1,
64
+ reserved
59
+ .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
65
+
60
+ { .name = "IMP_BUSTIMEOUTR",
66
+Write access behavior
61
+ .cp = 15, .opc1 = 1, .crn = 15, .crm = 3, .opc2 = 2,
67
+^^^^^^^^^^^^^^^^^^^^^
62
+ .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
63
+ { .name = "IMP_INTMONR",
64
+ .cp = 15, .opc1 = 1, .crn = 15, .crm = 3, .opc2 = 4,
65
+ .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
66
+ { .name = "IMP_ICERR0",
67
+ .cp = 15, .opc1 = 2, .crn = 15, .crm = 0, .opc2 = 0,
68
+ .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
69
+ { .name = "IMP_ICERR1",
70
+ .cp = 15, .opc1 = 2, .crn = 15, .crm = 0, .opc2 = 1,
71
+ .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
72
+ { .name = "IMP_DCERR0",
73
+ .cp = 15, .opc1 = 2, .crn = 15, .crm = 1, .opc2 = 0,
74
+ .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
75
+ { .name = "IMP_DCERR1",
76
+ .cp = 15, .opc1 = 2, .crn = 15, .crm = 1, .opc2 = 1,
77
+ .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
78
+ { .name = "IMP_TCMERR0",
79
+ .cp = 15, .opc1 = 2, .crn = 15, .crm = 2, .opc2 = 0,
80
+ .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
81
+ { .name = "IMP_TCMERR1",
82
+ .cp = 15, .opc1 = 2, .crn = 15, .crm = 2, .opc2 = 1,
83
+ .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
84
+ { .name = "IMP_TCMSYNDR0",
85
+ .cp = 15, .opc1 = 2, .crn = 15, .crm = 2, .opc2 = 2,
86
+ .access = PL1_R, .type = ARM_CP_CONST, .resetvalue = 0 },
87
+ { .name = "IMP_TCMSYNDR1",
88
+ .cp = 15, .opc1 = 2, .crn = 15, .crm = 2, .opc2 = 3,
89
+ .access = PL1_R, .type = ARM_CP_CONST, .resetvalue = 0 },
90
+ { .name = "IMP_FLASHERR0",
91
+ .cp = 15, .opc1 = 2, .crn = 15, .crm = 3, .opc2 = 0,
92
+ .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
93
+ { .name = "IMP_FLASHERR1",
94
+ .cp = 15, .opc1 = 2, .crn = 15, .crm = 3, .opc2 = 1,
95
+ .access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
96
+ { .name = "IMP_CDBGDR0",
97
+ .cp = 15, .opc1 = 3, .crn = 15, .crm = 0, .opc2 = 0,
98
+ .access = PL1_R, .type = ARM_CP_CONST, .resetvalue = 0 },
99
+ { .name = "IMP_CBDGBR1",
100
+ .cp = 15, .opc1 = 3, .crn = 15, .crm = 0, .opc2 = 1,
101
+ .access = PL1_R, .type = ARM_CP_CONST, .resetvalue = 0 },
102
+ { .name = "IMP_TESTR0",
103
+ .cp = 15, .opc1 = 4, .crn = 15, .crm = 0, .opc2 = 0,
104
+ .access = PL1_R, .type = ARM_CP_CONST, .resetvalue = 0 },
105
+ { .name = "IMP_TESTR1",
106
+ .cp = 15, .opc1 = 4, .crn = 15, .crm = 0, .opc2 = 1,
107
+ .access = PL1_W, .type = ARM_CP_NOP, .resetvalue = 0 },
108
+ { .name = "IMP_CDBGDCI",
109
+ .cp = 15, .opc1 = 0, .crn = 15, .crm = 15, .opc2 = 0,
110
+ .access = PL1_W, .type = ARM_CP_NOP, .resetvalue = 0 },
111
+ { .name = "IMP_CDBGDCT",
112
+ .cp = 15, .opc1 = 3, .crn = 15, .crm = 2, .opc2 = 0,
113
+ .access = PL1_W, .type = ARM_CP_NOP, .resetvalue = 0 },
114
+ { .name = "IMP_CDBGICT",
115
+ .cp = 15, .opc1 = 3, .crn = 15, .crm = 2, .opc2 = 1,
116
+ .access = PL1_W, .type = ARM_CP_NOP, .resetvalue = 0 },
117
+ { .name = "IMP_CDBGDCD",
118
+ .cp = 15, .opc1 = 3, .crn = 15, .crm = 4, .opc2 = 0,
119
+ .access = PL1_W, .type = ARM_CP_NOP, .resetvalue = 0 },
120
+ { .name = "IMP_CDBGICD",
121
+ .cp = 15, .opc1 = 3, .crn = 15, .crm = 4, .opc2 = 1,
122
+ .access = PL1_W, .type = ARM_CP_NOP, .resetvalue = 0 },
123
+};
68
+
124
+
69
+
125
+
70
+[0x0-0x3]
126
static void cortex_r52_initfn(Object *obj)
71
+ Memory device slot selector, selects active memory device.
127
{
72
+ All following accesses to other registers in 0xa00-0xa17
128
ARMCPU *cpu = ARM_CPU(obj);
73
+ region will read/store data from/to selected memory device.
129
@@ -XXX,XX +XXX,XX @@ static void cortex_r52_initfn(Object *obj)
74
+[0x4-0x7]
130
set_feature(&cpu->env, ARM_FEATURE_NEON);
75
+ OST event code reported by OSPM
131
set_feature(&cpu->env, ARM_FEATURE_GENERIC_TIMER);
76
+[0x8-0xb]
132
set_feature(&cpu->env, ARM_FEATURE_CBAR_RO);
77
+ OST status code reported by OSPM
133
+ set_feature(&cpu->env, ARM_FEATURE_AUXCR);
78
+[0xc-0x13]
134
cpu->midr = 0x411fd133; /* r1p3 */
79
+ reserved, writes into it are ignored
135
cpu->revidr = 0x00000000;
80
+[0x14]
136
cpu->reset_fpsid = 0x41034023;
81
+ Memory device control fields
137
@@ -XXX,XX +XXX,XX @@ static void cortex_r52_initfn(Object *obj)
138
139
cpu->pmsav7_dregion = 16;
140
cpu->pmsav8r_hdregion = 16;
82
+
141
+
83
+ bits:
142
+ define_arm_cp_regs(cpu, cortex_r52_cp_reginfo);
84
+
143
}
85
+ 0:
144
86
+ reserved, OSPM must clear it before writing to register.
145
static void cortex_r5f_initfn(Object *obj)
87
+ Due to BUG in versions prior 2.4 that field isn't cleared
88
+ when other fields are written. Keep it reserved and don't
89
+ try to reuse it.
90
+ 1:
91
+ if set to 1 clears device insert event, set by OSPM
92
+ after it has emitted device check event for the
93
+ selected memory device
94
+ 2:
95
+ if set to 1 clears device remove event, set by OSPM
96
+ after it has emitted device eject request for the
97
+ selected memory device
98
+ 3:
99
+ if set to 1 initiates device eject, set by OSPM when it
100
+ triggers memory device removal and calls _EJ0 method
101
+ 4-7:
102
+ reserved, OSPM must clear them before writing to register
103
+
104
+Selecting memory device slot beyond present range has no effect on platform:
105
+
106
+- write accesses to memory hot-plug registers not documented above are ignored
107
+- read accesses to memory hot-plug registers not documented above return
108
+ all bits set to 1.
109
+
110
+Memory hot remove process diagram
111
+---------------------------------
112
+
113
+::
114
+
115
+ +-------------+ +-----------------------+ +------------------+
116
+ | 1. QEMU | | 2. QEMU | |3. QEMU |
117
+ | device_del +---->+ device unplug request +----->+Send SCI to guest,|
118
+ | | | cb | |return control to |
119
+ | | | | |management |
120
+ +-------------+ +-----------------------+ +------------------+
121
+
122
+ +---------------------------------------------------------------------+
123
+
124
+ +---------------------+ +-------------------------+
125
+ | OSPM: | remove event | OSPM: |
126
+ | send Eject Request, | | Scan memory devices |
127
+ | clear remove event +<-------------+ for event flags |
128
+ | | | |
129
+ +---------------------+ +-------------------------+
130
+ |
131
+ |
132
+ +---------v--------+ +-----------------------+
133
+ | Guest OS: | success | OSPM: |
134
+ | process Ejection +----------->+ Execute _EJ0 method, |
135
+ | request | | set eject bit in flags|
136
+ +------------------+ +-----------------------+
137
+ |failure |
138
+ v v
139
+ +------------------------+ +-----------------------+
140
+ | OSPM: | | QEMU: |
141
+ | set OST event & status | | call device unplug cb |
142
+ | fields | | |
143
+ +------------------------+ +-----------------------+
144
+ | |
145
+ v v
146
+ +------------------+ +-------------------+
147
+ |QEMU: | |QEMU: |
148
+ |Send OST QMP event| |Send device deleted|
149
+ | | |QMP event |
150
+ +------------------+ | |
151
+ +-------------------+
152
diff --git a/docs/specs/acpi_mem_hotplug.txt b/docs/specs/acpi_mem_hotplug.txt
153
deleted file mode 100644
154
index XXXXXXX..XXXXXXX
155
--- a/docs/specs/acpi_mem_hotplug.txt
156
+++ /dev/null
157
@@ -XXX,XX +XXX,XX @@
158
-QEMU<->ACPI BIOS memory hotplug interface
159
---------------------------------------
160
-
161
-ACPI BIOS GPE.3 handler is dedicated for notifying OS about memory hot-add
162
-and hot-remove events.
163
-
164
-Memory hot-plug interface (IO port 0xa00-0xa17, 1-4 byte access):
165
----------------------------------------------------------------
166
-0xa00:
167
- read access:
168
- [0x0-0x3] Lo part of memory device phys address
169
- [0x4-0x7] Hi part of memory device phys address
170
- [0x8-0xb] Lo part of memory device size in bytes
171
- [0xc-0xf] Hi part of memory device size in bytes
172
- [0x10-0x13] Memory device proximity domain
173
- [0x14] Memory device status fields
174
- bits:
175
- 0: Device is enabled and may be used by guest
176
- 1: Device insert event, used to distinguish device for which
177
- no device check event to OSPM was issued.
178
- It's valid only when bit 1 is set.
179
- 2: Device remove event, used to distinguish device for which
180
- no device eject request to OSPM was issued.
181
- 3-7: reserved and should be ignored by OSPM
182
- [0x15-0x17] reserved
183
-
184
- write access:
185
- [0x0-0x3] Memory device slot selector, selects active memory device.
186
- All following accesses to other registers in 0xa00-0xa17
187
- region will read/store data from/to selected memory device.
188
- [0x4-0x7] OST event code reported by OSPM
189
- [0x8-0xb] OST status code reported by OSPM
190
- [0xc-0x13] reserved, writes into it are ignored
191
- [0x14] Memory device control fields
192
- bits:
193
- 0: reserved, OSPM must clear it before writing to register.
194
- Due to BUG in versions prior 2.4 that field isn't cleared
195
- when other fields are written. Keep it reserved and don't
196
- try to reuse it.
197
- 1: if set to 1 clears device insert event, set by OSPM
198
- after it has emitted device check event for the
199
- selected memory device
200
- 2: if set to 1 clears device remove event, set by OSPM
201
- after it has emitted device eject request for the
202
- selected memory device
203
- 3: if set to 1 initiates device eject, set by OSPM when it
204
- triggers memory device removal and calls _EJ0 method
205
- 4-7: reserved, OSPM must clear them before writing to register
206
-
207
-Selecting memory device slot beyond present range has no effect on platform:
208
- - write accesses to memory hot-plug registers not documented above are
209
- ignored
210
- - read accesses to memory hot-plug registers not documented above return
211
- all bits set to 1.
212
-
213
-Memory hot remove process diagram:
214
-----------------------------------
215
- +-------------+     +-----------------------+      +------------------+     
216
- |  1. QEMU    |     | 2. QEMU               |      |3. QEMU           |     
217
- |  device_del +---->+ device unplug request +----->+Send SCI to guest,|     
218
- |             |     |         cb            |      |return control to |     
219
- +-------------+     +-----------------------+      |management        |     
220
-                                                    +------------------+     
221
-                                                                             
222
- +---------------------------------------------------------------------+     
223
-                                                                             
224
- +---------------------+              +-------------------------+            
225
- | OSPM:               | remove event | OSPM:                   |            
226
- | send Eject Request, |              | Scan memory devices     |            
227
- | clear remove event  +<-------------+ for event flags         |            
228
- |                     |              |                         |            
229
- +---------------------+              +-------------------------+            
230
-           |                                                                 
231
-           |                                                                 
232
- +---------v--------+            +-----------------------+                   
233
- | Guest OS:        |  success   | OSPM:                 |                   
234
- | process Ejection +----------->+ Execute _EJ0 method,  |                   
235
- | request          |            | set eject bit in flags|                   
236
- +------------------+            +-----------------------+                   
237
-           |failure                         |                                
238
-           v                                v                                
239
- +------------------------+      +-----------------------+                   
240
- | OSPM:                  |      | QEMU:                 |                   
241
- | set OST event & status |      | call device unplug cb |                   
242
- | fields                 |      |                       |                   
243
- +------------------------+      +-----------------------+                   
244
-          |                                  |                               
245
-          v                                  v                               
246
- +------------------+              +-------------------+                     
247
- |QEMU:             |              |QEMU:              |                     
248
- |Send OST QMP event|              |Send device deleted|                     
249
- |                  |              |QMP event          |                     
250
- +------------------+              |                   |                     
251
-                                   +-------------------+
252
diff --git a/docs/specs/index.rst b/docs/specs/index.rst
253
index XXXXXXX..XXXXXXX 100644
254
--- a/docs/specs/index.rst
255
+++ b/docs/specs/index.rst
256
@@ -XXX,XX +XXX,XX @@ guest hardware that is specific to QEMU.
257
tpm
258
acpi_hest_ghes
259
acpi_cpu_hotplug
260
+ acpi_mem_hotplug
261
--
146
--
262
2.20.1
147
2.34.1
263
264
diff view generated by jsdifflib
[PULL 16/37] monitor: Use accel_find("kvm") instead of kvm_available()
[PULL 26/35] target/arm: Allow access to SPSR_hyp from hyp mode
1
The kvm_available() function reports whether KVM support was
1
Architecturally, the AArch32 MSR/MRS to/from banked register
2
compiled into the QEMU binary; it returns the value of the
2
instructions are UNPREDICTABLE for attempts to access a banked
3
CONFIG_KVM define.
3
register that the guest could access in a more direct way (e.g.
4
using this insn to access r8_fiq when already in FIQ mode). QEMU has
5
chosen to UNDEF on all of these.
4
6
5
The only place in the codebase where we use this function is
7
However, for the case of accessing SPSR_hyp from hyp mode, it turns
6
in qmp_query_kvm(). Now that accelerators are based on QOM
8
out that real hardware permits this, with the same effect as if the
7
classes we can instead use accel_find("kvm") and remove the
9
guest had directly written to SPSR. Further, there is some
8
kvm_available() function.
10
guest code out there that assumes it can do this, because it
11
happens to work on hardware: an example Cortex-R52 startup code
12
fragment uses this, and it got copied into various other places,
13
including Zephyr. Zephyr was fixed to not use this:
14
https://github.com/zephyrproject-rtos/zephyr/issues/47330
15
but other examples are still out there, like the selftest
16
binary for the MPS3-AN536.
17
18
For convenience of being able to run guest code, permit
19
this UNPREDICTABLE access instead of UNDEFing it.
9
20
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
21
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
22
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
12
Message-id: 20210730105947.28215-3-peter.maydell@linaro.org
23
Message-id: 20240206132931.38376-5-peter.maydell@linaro.org
13
---
24
---
14
include/sysemu/arch_init.h | 2 --
25
target/arm/tcg/op_helper.c | 43 ++++++++++++++++++++++++++------------
15
monitor/qmp-cmds.c | 2 +-
26
target/arm/tcg/translate.c | 19 +++++++++++------
16
softmmu/arch_init.c | 9 ---------
27
2 files changed, 43 insertions(+), 19 deletions(-)
17
3 files changed, 1 insertion(+), 12 deletions(-)
18
28
19
diff --git a/include/sysemu/arch_init.h b/include/sysemu/arch_init.h
29
diff --git a/target/arm/tcg/op_helper.c b/target/arm/tcg/op_helper.c
20
index XXXXXXX..XXXXXXX 100644
30
index XXXXXXX..XXXXXXX 100644
21
--- a/include/sysemu/arch_init.h
31
--- a/target/arm/tcg/op_helper.c
22
+++ b/include/sysemu/arch_init.h
32
+++ b/target/arm/tcg/op_helper.c
23
@@ -XXX,XX +XXX,XX @@ enum {
33
@@ -XXX,XX +XXX,XX @@ static void msr_mrs_banked_exc_checks(CPUARMState *env, uint32_t tgtmode,
24
34
*/
25
extern const uint32_t arch_type;
35
int curmode = env->uncached_cpsr & CPSR_M;
26
36
27
-int kvm_available(void);
37
- if (regno == 17) {
38
- /* ELR_Hyp: a special case because access from tgtmode is OK */
39
- if (curmode != ARM_CPU_MODE_HYP && curmode != ARM_CPU_MODE_MON) {
40
- goto undef;
41
+ if (tgtmode == ARM_CPU_MODE_HYP) {
42
+ /*
43
+ * Handle Hyp target regs first because some are special cases
44
+ * which don't want the usual "not accessible from tgtmode" check.
45
+ */
46
+ switch (regno) {
47
+ case 16 ... 17: /* ELR_Hyp, SPSR_Hyp */
48
+ if (curmode != ARM_CPU_MODE_HYP && curmode != ARM_CPU_MODE_MON) {
49
+ goto undef;
50
+ }
51
+ break;
52
+ case 13:
53
+ if (curmode != ARM_CPU_MODE_MON) {
54
+ goto undef;
55
+ }
56
+ break;
57
+ default:
58
+ g_assert_not_reached();
59
}
60
return;
61
}
62
@@ -XXX,XX +XXX,XX @@ static void msr_mrs_banked_exc_checks(CPUARMState *env, uint32_t tgtmode,
63
}
64
}
65
66
- if (tgtmode == ARM_CPU_MODE_HYP) {
67
- /* SPSR_Hyp, r13_hyp: accessible from Monitor mode only */
68
- if (curmode != ARM_CPU_MODE_MON) {
69
- goto undef;
70
- }
71
- }
28
-
72
-
29
/* default virtio transport per architecture */
73
return;
30
#define QEMU_ARCH_VIRTIO_PCI (QEMU_ARCH_ALPHA | QEMU_ARCH_ARM | \
74
31
QEMU_ARCH_HPPA | QEMU_ARCH_I386 | \
75
undef:
32
diff --git a/monitor/qmp-cmds.c b/monitor/qmp-cmds.c
76
@@ -XXX,XX +XXX,XX @@ void HELPER(msr_banked)(CPUARMState *env, uint32_t value, uint32_t tgtmode,
77
78
switch (regno) {
79
case 16: /* SPSRs */
80
- env->banked_spsr[bank_number(tgtmode)] = value;
81
+ if (tgtmode == (env->uncached_cpsr & CPSR_M)) {
82
+ /* Only happens for SPSR_Hyp access in Hyp mode */
83
+ env->spsr = value;
84
+ } else {
85
+ env->banked_spsr[bank_number(tgtmode)] = value;
86
+ }
87
break;
88
case 17: /* ELR_Hyp */
89
env->elr_el[2] = value;
90
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(mrs_banked)(CPUARMState *env, uint32_t tgtmode, uint32_t regno)
91
92
switch (regno) {
93
case 16: /* SPSRs */
94
- return env->banked_spsr[bank_number(tgtmode)];
95
+ if (tgtmode == (env->uncached_cpsr & CPSR_M)) {
96
+ /* Only happens for SPSR_Hyp access in Hyp mode */
97
+ return env->spsr;
98
+ } else {
99
+ return env->banked_spsr[bank_number(tgtmode)];
100
+ }
101
case 17: /* ELR_Hyp */
102
return env->elr_el[2];
103
case 13:
104
diff --git a/target/arm/tcg/translate.c b/target/arm/tcg/translate.c
33
index XXXXXXX..XXXXXXX 100644
105
index XXXXXXX..XXXXXXX 100644
34
--- a/monitor/qmp-cmds.c
106
--- a/target/arm/tcg/translate.c
35
+++ b/monitor/qmp-cmds.c
107
+++ b/target/arm/tcg/translate.c
36
@@ -XXX,XX +XXX,XX @@ KvmInfo *qmp_query_kvm(Error **errp)
108
@@ -XXX,XX +XXX,XX @@ static bool msr_banked_access_decode(DisasContext *s, int r, int sysm, int rn,
37
KvmInfo *info = g_malloc0(sizeof(*info));
109
break;
38
110
case ARM_CPU_MODE_HYP:
39
info->enabled = kvm_enabled();
111
/*
40
- info->present = kvm_available();
112
- * SPSR_hyp and r13_hyp can only be accessed from Monitor mode
41
+ info->present = accel_find("kvm");
113
- * (and so we can forbid accesses from EL2 or below). elr_hyp
42
114
- * can be accessed also from Hyp mode, so forbid accesses from
43
return info;
115
- * EL0 or EL1.
44
}
116
+ * r13_hyp can only be accessed from Monitor mode, and so we
45
diff --git a/softmmu/arch_init.c b/softmmu/arch_init.c
117
+ * can forbid accesses from EL2 or below.
46
index XXXXXXX..XXXXXXX 100644
118
+ * elr_hyp can be accessed also from Hyp mode, so forbid
47
--- a/softmmu/arch_init.c
119
+ * accesses from EL0 or EL1.
48
+++ b/softmmu/arch_init.c
120
+ * SPSR_hyp is supposed to be in the same category as r13_hyp
49
@@ -XXX,XX +XXX,XX @@ int graphic_depth = 32;
121
+ * and UNPREDICTABLE if accessed from anything except Monitor
50
#endif
122
+ * mode. However there is some real-world code that will do
51
123
+ * it because at least some hardware happens to permit the
52
const uint32_t arch_type = QEMU_ARCH;
124
+ * access. (Notably a standard Cortex-R52 startup code fragment
53
-
125
+ * does this.) So we permit SPSR_hyp from Hyp mode also, to allow
54
-int kvm_available(void)
126
+ * this (incorrect) guest code to run.
55
-{
127
*/
56
-#ifdef CONFIG_KVM
128
- if (!arm_dc_feature(s, ARM_FEATURE_EL2) || s->current_el < 2 ||
57
- return 1;
129
- (s->current_el < 3 && *regno != 17)) {
58
-#else
130
+ if (!arm_dc_feature(s, ARM_FEATURE_EL2) || s->current_el < 2
59
- return 0;
131
+ || (s->current_el < 3 && *regno != 16 && *regno != 17)) {
60
-#endif
132
goto undef;
61
-}
133
}
134
break;
62
--
135
--
63
2.20.1
136
2.34.1
64
65
diff view generated by jsdifflib
[PULL 24/37] softmmu/physmem.c: Remove unneeded NULL check in qemu_ram_alloc_from_fd()
[PULL 27/35] hw/misc/mps2-scc: Fix condition for CFG3 register
1
In the alignment check added to qemu_ram_alloc_from_fd() in commit
1
We currently guard the CFG3 register read with
2
ce317be98db0dfdfa, the condition includes a check that 'mr' is not
2
(scc_partno(s) == 0x524 && scc_partno(s) == 0x547)
3
NULL. This check is unnecessary because we can assume that the
3
which is clearly wrong as it is never true.
4
caller always passes us a valid MemoryRegion, and indeed later in the
5
function we assume mr is not NULL when we pass it to file_ram_alloc()
6
as new_block->mr. Remove it.
7
4
8
Fixes: Coverity 1459867
5
This register is present on all board types except AN524
9
Fixes: ce317be98d ("exec: fetch the alignment of Linux devdax pmem character device nodes")
6
and AN527; correct the condition.
7
8
Fixes: 6ac80818941829c0 ("hw/misc/mps2-scc: Implement changes for AN547")
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
Reviewed-by: Jingqi Liu <jingqi.liu@intel.com>
10
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
12
Message-id: 20210812150624.29139-1-peter.maydell@linaro.org
11
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
12
Message-id: 20240206132931.38376-6-peter.maydell@linaro.org
13
---
13
---
14
softmmu/physmem.c | 2 +-
14
hw/misc/mps2-scc.c | 2 +-
15
1 file changed, 1 insertion(+), 1 deletion(-)
15
1 file changed, 1 insertion(+), 1 deletion(-)
16
16
17
diff --git a/softmmu/physmem.c b/softmmu/physmem.c
17
diff --git a/hw/misc/mps2-scc.c b/hw/misc/mps2-scc.c
18
index XXXXXXX..XXXXXXX 100644
18
index XXXXXXX..XXXXXXX 100644
19
--- a/softmmu/physmem.c
19
--- a/hw/misc/mps2-scc.c
20
+++ b/softmmu/physmem.c
20
+++ b/hw/misc/mps2-scc.c
21
@@ -XXX,XX +XXX,XX @@ RAMBlock *qemu_ram_alloc_from_fd(ram_addr_t size, MemoryRegion *mr,
21
@@ -XXX,XX +XXX,XX @@ static uint64_t mps2_scc_read(void *opaque, hwaddr offset, unsigned size)
22
}
22
r = s->cfg2;
23
23
break;
24
file_align = get_file_align(fd);
24
case A_CFG3:
25
- if (file_align > 0 && mr && file_align > mr->align) {
25
- if (scc_partno(s) == 0x524 && scc_partno(s) == 0x547) {
26
+ if (file_align > 0 && file_align > mr->align) {
26
+ if (scc_partno(s) == 0x524 || scc_partno(s) == 0x547) {
27
error_setg(errp, "backing store align 0x%" PRIx64
27
/* CFG3 reserved on AN524 */
28
" is larger than 'align' option 0x%" PRIx64,
28
goto bad_offset;
29
file_align, mr->align);
29
}
30
--
30
--
31
2.20.1
31
2.34.1
32
32
33
33
diff view generated by jsdifflib
[PULL 34/37] target/arm: Implement HSTR.TJDBX
[PULL 28/35] hw/misc/mps2-scc: Factor out which-board conditionals
1
In v7A, the HSTR register has a TJDBX bit which traps NS EL0/EL1
1
The MPS SCC device has a lot of different flavours for the various
2
access to the JOSCR and JMCR trivial Jazelle registers, and also BXJ.
2
different MPS FPGA images, which look mostly similar but have
3
Implement these traps. In v8A this HSTR bit doesn't exist, so don't
3
differences in how particular registers are handled. Currently we
4
trap for v8A CPUs.
4
deal with this with a lot of open-coded checks on scc_partno(), but
5
as we add more board types this is getting a bit hard to read.
6
7
Factor out the conditions into some functions which we can
8
give more descriptive names to.
5
9
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
12
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20210816180305.20137-3-peter.maydell@linaro.org
13
Message-id: 20240206132931.38376-7-peter.maydell@linaro.org
9
---
14
---
10
target/arm/cpu.h | 1 +
15
hw/misc/mps2-scc.c | 45 +++++++++++++++++++++++++++++++--------------
11
target/arm/helper.h | 2 ++
16
1 file changed, 31 insertions(+), 14 deletions(-)
12
target/arm/syndrome.h | 7 +++++++
13
target/arm/helper.c | 17 +++++++++++++++++
14
target/arm/op_helper.c | 16 ++++++++++++++++
15
target/arm/translate.c | 12 ++++++++++++
16
6 files changed, 55 insertions(+)
17
17
18
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
18
diff --git a/hw/misc/mps2-scc.c b/hw/misc/mps2-scc.c
19
index XXXXXXX..XXXXXXX 100644
19
index XXXXXXX..XXXXXXX 100644
20
--- a/target/arm/cpu.h
20
--- a/hw/misc/mps2-scc.c
21
+++ b/target/arm/cpu.h
21
+++ b/hw/misc/mps2-scc.c
22
@@ -XXX,XX +XXX,XX @@ static inline void xpsr_write(CPUARMState *env, uint32_t val, uint32_t mask)
22
@@ -XXX,XX +XXX,XX @@ static int scc_partno(MPS2SCC *s)
23
#define SCR_ATA (1U << 26)
23
return extract32(s->id, 4, 8);
24
25
#define HSTR_TTEE (1 << 16)
26
+#define HSTR_TJDBX (1 << 17)
27
28
/* Return the current FPSCR value. */
29
uint32_t vfp_get_fpscr(CPUARMState *env);
30
diff --git a/target/arm/helper.h b/target/arm/helper.h
31
index XXXXXXX..XXXXXXX 100644
32
--- a/target/arm/helper.h
33
+++ b/target/arm/helper.h
34
@@ -XXX,XX +XXX,XX @@ DEF_HELPER_2(v7m_vlldm, void, env, i32)
35
36
DEF_HELPER_2(v8m_stackcheck, void, env, i32)
37
38
+DEF_HELPER_FLAGS_2(check_bxj_trap, TCG_CALL_NO_WG, void, env, i32)
39
+
40
DEF_HELPER_4(access_check_cp_reg, void, env, ptr, i32, i32)
41
DEF_HELPER_3(set_cp_reg, void, env, ptr, i32)
42
DEF_HELPER_2(get_cp_reg, i32, env, ptr)
43
diff --git a/target/arm/syndrome.h b/target/arm/syndrome.h
44
index XXXXXXX..XXXXXXX 100644
45
--- a/target/arm/syndrome.h
46
+++ b/target/arm/syndrome.h
47
@@ -XXX,XX +XXX,XX @@ enum arm_exception_class {
48
EC_ADVSIMDFPACCESSTRAP = 0x07,
49
EC_FPIDTRAP = 0x08,
50
EC_PACTRAP = 0x09,
51
+ EC_BXJTRAP = 0x0a,
52
EC_CP14RRTTRAP = 0x0c,
53
EC_BTITRAP = 0x0d,
54
EC_ILLEGALSTATE = 0x0e,
55
@@ -XXX,XX +XXX,XX @@ static inline uint32_t syn_btitrap(int btype)
56
return (EC_BTITRAP << ARM_EL_EC_SHIFT) | btype;
57
}
24
}
58
25
59
+static inline uint32_t syn_bxjtrap(int cv, int cond, int rm)
26
+/* Is CFG_REG2 present? */
27
+static bool have_cfg2(MPS2SCC *s)
60
+{
28
+{
61
+ return (EC_BXJTRAP << ARM_EL_EC_SHIFT) | ARM_EL_IL |
29
+ return scc_partno(s) == 0x524 || scc_partno(s) == 0x547;
62
+ (cv << 24) | (cond << 20) | rm;
63
+}
30
+}
64
+
31
+
65
static inline uint32_t syn_insn_abort(int same_el, int ea, int s1ptw, int fsc)
32
+/* Is CFG_REG3 present? */
66
{
33
+static bool have_cfg3(MPS2SCC *s)
67
return (EC_INSNABORT << ARM_EL_EC_SHIFT) | (same_el << ARM_EL_EC_SHIFT)
68
diff --git a/target/arm/helper.c b/target/arm/helper.c
69
index XXXXXXX..XXXXXXX 100644
70
--- a/target/arm/helper.c
71
+++ b/target/arm/helper.c
72
@@ -XXX,XX +XXX,XX @@ static CPAccessResult access_jazelle(CPUARMState *env, const ARMCPRegInfo *ri,
73
return CP_ACCESS_OK;
74
}
75
76
+static CPAccessResult access_joscr_jmcr(CPUARMState *env,
77
+ const ARMCPRegInfo *ri, bool isread)
78
+{
34
+{
79
+ /*
35
+ return scc_partno(s) != 0x524 && scc_partno(s) != 0x547;
80
+ * HSTR.TJDBX traps JOSCR and JMCR accesses, but it exists only
81
+ * in v7A, not in v8A.
82
+ */
83
+ if (!arm_feature(env, ARM_FEATURE_V8) &&
84
+ arm_current_el(env) < 2 && !arm_is_secure_below_el3(env) &&
85
+ (env->cp15.hstr_el2 & HSTR_TJDBX)) {
86
+ return CP_ACCESS_TRAP_EL2;
87
+ }
88
+ return CP_ACCESS_OK;
89
+}
36
+}
90
+
37
+
91
static const ARMCPRegInfo jazelle_regs[] = {
38
+/* Is CFG_REG5 present? */
92
{ .name = "JIDR",
39
+static bool have_cfg5(MPS2SCC *s)
93
.cp = 14, .crn = 0, .crm = 0, .opc1 = 7, .opc2 = 0,
94
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo jazelle_regs[] = {
95
.type = ARM_CP_CONST, .resetvalue = 0 },
96
{ .name = "JOSCR",
97
.cp = 14, .crn = 1, .crm = 0, .opc1 = 7, .opc2 = 0,
98
+ .accessfn = access_joscr_jmcr,
99
.access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
100
{ .name = "JMCR",
101
.cp = 14, .crn = 2, .crm = 0, .opc1 = 7, .opc2 = 0,
102
+ .accessfn = access_joscr_jmcr,
103
.access = PL1_RW, .type = ARM_CP_CONST, .resetvalue = 0 },
104
REGINFO_SENTINEL
105
};
106
diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c
107
index XXXXXXX..XXXXXXX 100644
108
--- a/target/arm/op_helper.c
109
+++ b/target/arm/op_helper.c
110
@@ -XXX,XX +XXX,XX @@ void HELPER(setend)(CPUARMState *env)
111
arm_rebuild_hflags(env);
112
}
113
114
+void HELPER(check_bxj_trap)(CPUARMState *env, uint32_t rm)
115
+{
40
+{
116
+ /*
41
+ return scc_partno(s) == 0x524 || scc_partno(s) == 0x547;
117
+ * Only called if in NS EL0 or EL1 for a BXJ for a v7A CPU;
118
+ * check if HSTR.TJDBX means we need to trap to EL2.
119
+ */
120
+ if (env->cp15.hstr_el2 & HSTR_TJDBX) {
121
+ /*
122
+ * We know the condition code check passed, so take the IMPDEF
123
+ * choice to always report CV=1 COND 0xe
124
+ */
125
+ uint32_t syn = syn_bxjtrap(1, 0xe, rm);
126
+ raise_exception_ra(env, EXCP_HYP_TRAP, syn, 2, GETPC());
127
+ }
128
+}
42
+}
129
+
43
+
130
#ifndef CONFIG_USER_ONLY
44
+/* Is CFG_REG6 present? */
131
/* Function checks whether WFx (WFI/WFE) instructions are set up to be trapped.
45
+static bool have_cfg6(MPS2SCC *s)
132
* The function returns the target EL (1-3) if the instruction is to be trapped;
46
+{
133
diff --git a/target/arm/translate.c b/target/arm/translate.c
47
+ return scc_partno(s) == 0x524;
134
index XXXXXXX..XXXXXXX 100644
48
+}
135
--- a/target/arm/translate.c
49
+
136
+++ b/target/arm/translate.c
50
/* Handle a write via the SYS_CFG channel to the specified function/device.
137
@@ -XXX,XX +XXX,XX @@ static bool trans_BXJ(DisasContext *s, arg_BXJ *a)
51
* Return false on error (reported to guest via SYS_CFGCTRL ERROR bit).
138
if (!ENABLE_ARCH_5J || arm_dc_feature(s, ARM_FEATURE_M)) {
52
*/
139
return false;
53
@@ -XXX,XX +XXX,XX @@ static uint64_t mps2_scc_read(void *opaque, hwaddr offset, unsigned size)
140
}
54
r = s->cfg1;
141
+ /*
55
break;
142
+ * v7A allows BXJ to be trapped via HSTR.TJDBX. We don't waste a
56
case A_CFG2:
143
+ * TBFLAGS bit on a basically-never-happens case, so call a helper
57
- if (scc_partno(s) != 0x524 && scc_partno(s) != 0x547) {
144
+ * function to check for the trap and raise the exception if needed
58
- /* CFG2 reserved on other boards */
145
+ * (passing it the register number for the syndrome value).
59
+ if (!have_cfg2(s)) {
146
+ * v8A doesn't have this HSTR bit.
60
goto bad_offset;
147
+ */
61
}
148
+ if (!arm_dc_feature(s, ARM_FEATURE_V8) &&
62
r = s->cfg2;
149
+ arm_dc_feature(s, ARM_FEATURE_EL2) &&
63
break;
150
+ s->current_el < 2 && s->ns) {
64
case A_CFG3:
151
+ gen_helper_check_bxj_trap(cpu_env, tcg_constant_i32(a->rm));
65
- if (scc_partno(s) == 0x524 || scc_partno(s) == 0x547) {
152
+ }
66
- /* CFG3 reserved on AN524 */
153
/* Trivial implementation equivalent to bx. */
67
+ if (!have_cfg3(s)) {
154
gen_bx(s, load_reg(s, a->rm));
68
goto bad_offset;
155
return true;
69
}
70
/* These are user-settable DIP switches on the board. We don't
71
@@ -XXX,XX +XXX,XX @@ static uint64_t mps2_scc_read(void *opaque, hwaddr offset, unsigned size)
72
r = s->cfg4;
73
break;
74
case A_CFG5:
75
- if (scc_partno(s) != 0x524 && scc_partno(s) != 0x547) {
76
- /* CFG5 reserved on other boards */
77
+ if (!have_cfg5(s)) {
78
goto bad_offset;
79
}
80
r = s->cfg5;
81
break;
82
case A_CFG6:
83
- if (scc_partno(s) != 0x524) {
84
- /* CFG6 reserved on other boards */
85
+ if (!have_cfg6(s)) {
86
goto bad_offset;
87
}
88
r = s->cfg6;
89
@@ -XXX,XX +XXX,XX @@ static void mps2_scc_write(void *opaque, hwaddr offset, uint64_t value,
90
}
91
break;
92
case A_CFG2:
93
- if (scc_partno(s) != 0x524 && scc_partno(s) != 0x547) {
94
- /* CFG2 reserved on other boards */
95
+ if (!have_cfg2(s)) {
96
goto bad_offset;
97
}
98
/* AN524: QSPI Select signal */
99
s->cfg2 = value;
100
break;
101
case A_CFG5:
102
- if (scc_partno(s) != 0x524 && scc_partno(s) != 0x547) {
103
- /* CFG5 reserved on other boards */
104
+ if (!have_cfg5(s)) {
105
goto bad_offset;
106
}
107
/* AN524: ACLK frequency in Hz */
108
s->cfg5 = value;
109
break;
110
case A_CFG6:
111
- if (scc_partno(s) != 0x524) {
112
- /* CFG6 reserved on other boards */
113
+ if (!have_cfg6(s)) {
114
goto bad_offset;
115
}
116
/* AN524: Clock divider for BRAM */
156
--
117
--
157
2.20.1
118
2.34.1
158
119
159
120
diff view generated by jsdifflib
[PULL 15/37] softmmu: Use accel_find("xen") instead of xen_available()
[PULL 29/35] hw/misc/mps2-scc: Make changes needed for AN536 FPGA image
1
The xen_available() function is used only to produce an error
1
The MPS2 SCC device is broadly the same for all FPGA images, but has
2
for some Xen-specific command line options in QEMU binaries where
2
minor differences in the behaviour of the CFG registers depending on
3
Xen support was not compiled in: it just returns the value of
3
the image. In many cases we don't really care about the functionality
4
the CONFIG_XEN define.
4
controlled by these registers and a reads-as-written or similar
5
5
behaviour is sufficient for the moment.
6
Now that accelerators are QOM classes, we can check for
6
7
"does this binary have Xen compiled in" with accel_find("xen"),
7
For the AN536 the required behaviour is:
8
and drop the xen_available() function.
8
9
* A_CFG0 has CPU reset and halt bits
10
- implement as reads-as-written for the moment
11
* A_CFG1 has flash or ATCM address 0 remap handling
12
- QEMU doesn't model this; implement as reads-as-written
13
* A_CFG2 has QSPI select (like AN524)
14
- implemented (no behaviour, as with AN524)
15
* A_CFG3 is MCC_MSB_ADDR "additional MCC addressing bits"
16
- QEMU doesn't care about these, so use the existing
17
RAZ behaviour for convenience
18
* A_CFG4 is board rev (like all other images)
19
- no change needed
20
* A_CFG5 is ACLK frq in hz (like AN524)
21
- implemented as reads-as-written, as for other boards
22
* A_CFG6 is core 0 vector table base address
23
- implemented as reads-as-written for the moment
24
* A_CFG7 is core 1 vector table base address
25
- implemented as reads-as-written for the moment
26
27
Make the changes necessary for this; leave TODO comments where
28
appropriate to indicate where we might want to come back and
29
implement things like CPU reset.
30
31
The other aspects of the device specific to this FPGA image (like the
32
values of the board ID and similar registers) will be set via the
33
device's qdev properties.
9
34
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
35
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
36
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
12
Message-id: 20210730105947.28215-2-peter.maydell@linaro.org
37
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
38
Message-id: 20240206132931.38376-8-peter.maydell@linaro.org
13
---
39
---
14
include/sysemu/arch_init.h | 1 -
40
include/hw/misc/mps2-scc.h | 1 +
15
softmmu/arch_init.c | 9 ---------
41
hw/misc/mps2-scc.c | 101 +++++++++++++++++++++++++++++++++----
16
softmmu/vl.c | 6 +++---
42
2 files changed, 92 insertions(+), 10 deletions(-)
17
3 files changed, 3 insertions(+), 13 deletions(-)
43
18
44
diff --git a/include/hw/misc/mps2-scc.h b/include/hw/misc/mps2-scc.h
19
diff --git a/include/sysemu/arch_init.h b/include/sysemu/arch_init.h
20
index XXXXXXX..XXXXXXX 100644
45
index XXXXXXX..XXXXXXX 100644
21
--- a/include/sysemu/arch_init.h
46
--- a/include/hw/misc/mps2-scc.h
22
+++ b/include/sysemu/arch_init.h
47
+++ b/include/hw/misc/mps2-scc.h
23
@@ -XXX,XX +XXX,XX @@ enum {
48
@@ -XXX,XX +XXX,XX @@ struct MPS2SCC {
24
extern const uint32_t arch_type;
49
uint32_t cfg4;
25
50
uint32_t cfg5;
26
int kvm_available(void);
51
uint32_t cfg6;
27
-int xen_available(void);
52
+ uint32_t cfg7;
28
53
uint32_t cfgdata_rtn;
29
/* default virtio transport per architecture */
54
uint32_t cfgdata_out;
30
#define QEMU_ARCH_VIRTIO_PCI (QEMU_ARCH_ALPHA | QEMU_ARCH_ARM | \
55
uint32_t cfgctrl;
31
diff --git a/softmmu/arch_init.c b/softmmu/arch_init.c
56
diff --git a/hw/misc/mps2-scc.c b/hw/misc/mps2-scc.c
32
index XXXXXXX..XXXXXXX 100644
57
index XXXXXXX..XXXXXXX 100644
33
--- a/softmmu/arch_init.c
58
--- a/hw/misc/mps2-scc.c
34
+++ b/softmmu/arch_init.c
59
+++ b/hw/misc/mps2-scc.c
35
@@ -XXX,XX +XXX,XX @@ int kvm_available(void)
60
@@ -XXX,XX +XXX,XX @@ REG32(CFG3, 0xc)
36
return 0;
61
REG32(CFG4, 0x10)
37
#endif
62
REG32(CFG5, 0x14)
38
}
63
REG32(CFG6, 0x18)
39
-
64
+REG32(CFG7, 0x1c)
40
-int xen_available(void)
65
REG32(CFGDATA_RTN, 0xa0)
41
-{
66
REG32(CFGDATA_OUT, 0xa4)
42
-#ifdef CONFIG_XEN
67
REG32(CFGCTRL, 0xa8)
43
- return 1;
68
@@ -XXX,XX +XXX,XX @@ static int scc_partno(MPS2SCC *s)
44
-#else
69
/* Is CFG_REG2 present? */
45
- return 0;
70
static bool have_cfg2(MPS2SCC *s)
46
-#endif
71
{
47
-}
72
- return scc_partno(s) == 0x524 || scc_partno(s) == 0x547;
48
diff --git a/softmmu/vl.c b/softmmu/vl.c
73
+ return scc_partno(s) == 0x524 || scc_partno(s) == 0x547 ||
49
index XXXXXXX..XXXXXXX 100644
74
+ scc_partno(s) == 0x536;
50
--- a/softmmu/vl.c
75
}
51
+++ b/softmmu/vl.c
76
52
@@ -XXX,XX +XXX,XX @@ void qemu_init(int argc, char **argv, char **envp)
77
/* Is CFG_REG3 present? */
53
has_defaults = 0;
78
static bool have_cfg3(MPS2SCC *s)
54
break;
79
{
55
case QEMU_OPTION_xen_domid:
80
- return scc_partno(s) != 0x524 && scc_partno(s) != 0x547;
56
- if (!(xen_available())) {
81
+ return scc_partno(s) != 0x524 && scc_partno(s) != 0x547 &&
57
+ if (!(accel_find("xen"))) {
82
+ scc_partno(s) != 0x536;
58
error_report("Option not supported for this target");
83
}
59
exit(1);
84
60
}
85
/* Is CFG_REG5 present? */
61
xen_domid = atoi(optarg);
86
static bool have_cfg5(MPS2SCC *s)
62
break;
87
{
63
case QEMU_OPTION_xen_attach:
88
- return scc_partno(s) == 0x524 || scc_partno(s) == 0x547;
64
- if (!(xen_available())) {
89
+ return scc_partno(s) == 0x524 || scc_partno(s) == 0x547 ||
65
+ if (!(accel_find("xen"))) {
90
+ scc_partno(s) == 0x536;
66
error_report("Option not supported for this target");
91
}
67
exit(1);
92
68
}
93
/* Is CFG_REG6 present? */
69
xen_mode = XEN_ATTACH;
94
static bool have_cfg6(MPS2SCC *s)
70
break;
95
{
71
case QEMU_OPTION_xen_domid_restrict:
96
- return scc_partno(s) == 0x524;
72
- if (!(xen_available())) {
97
+ return scc_partno(s) == 0x524 || scc_partno(s) == 0x536;
73
+ if (!(accel_find("xen"))) {
98
+}
74
error_report("Option not supported for this target");
99
+
75
exit(1);
100
+/* Is CFG_REG7 present? */
76
}
101
+static bool have_cfg7(MPS2SCC *s)
102
+{
103
+ return scc_partno(s) == 0x536;
104
+}
105
+
106
+/* Does CFG_REG0 drive the 'remap' GPIO output? */
107
+static bool cfg0_is_remap(MPS2SCC *s)
108
+{
109
+ return scc_partno(s) != 0x536;
110
+}
111
+
112
+/* Is CFG_REG1 driving a set of LEDs? */
113
+static bool cfg1_is_leds(MPS2SCC *s)
114
+{
115
+ return scc_partno(s) != 0x536;
116
}
117
118
/* Handle a write via the SYS_CFG channel to the specified function/device.
119
@@ -XXX,XX +XXX,XX @@ static uint64_t mps2_scc_read(void *opaque, hwaddr offset, unsigned size)
120
if (!have_cfg3(s)) {
121
goto bad_offset;
122
}
123
- /* These are user-settable DIP switches on the board. We don't
124
+ /*
125
+ * These are user-settable DIP switches on the board. We don't
126
* model that, so just return zeroes.
127
+ *
128
+ * TODO: for AN536 this is MCC_MSB_ADDR "additional MCC addressing
129
+ * bits". These change which part of the DDR4 the motherboard
130
+ * configuration controller can see in its memory map (see the
131
+ * appnote section 2.4). QEMU doesn't model the MCC at all, so these
132
+ * bits are not interesting to us; read-as-zero is as good as anything
133
+ * else.
134
*/
135
r = 0;
136
break;
137
@@ -XXX,XX +XXX,XX @@ static uint64_t mps2_scc_read(void *opaque, hwaddr offset, unsigned size)
138
}
139
r = s->cfg6;
140
break;
141
+ case A_CFG7:
142
+ if (!have_cfg7(s)) {
143
+ goto bad_offset;
144
+ }
145
+ r = s->cfg7;
146
+ break;
147
case A_CFGDATA_RTN:
148
r = s->cfgdata_rtn;
149
break;
150
@@ -XXX,XX +XXX,XX @@ static void mps2_scc_write(void *opaque, hwaddr offset, uint64_t value,
151
* we always reflect bit 0 in the 'remap' GPIO output line,
152
* and let the board wire it up or not as it chooses.
153
* TODO on some boards bit 1 is CPU_WAIT.
154
+ *
155
+ * TODO: on the AN536 this register controls reset and halt
156
+ * for both CPUs. For the moment we don't implement this, so the
157
+ * register just reads as written.
158
*/
159
s->cfg0 = value;
160
- qemu_set_irq(s->remap, s->cfg0 & 1);
161
+ if (cfg0_is_remap(s)) {
162
+ qemu_set_irq(s->remap, s->cfg0 & 1);
163
+ }
164
break;
165
case A_CFG1:
166
s->cfg1 = value;
167
- for (size_t i = 0; i < ARRAY_SIZE(s->led); i++) {
168
- led_set_state(s->led[i], extract32(value, i, 1));
169
+ /*
170
+ * On most boards this register drives LEDs.
171
+ *
172
+ * TODO: for AN536 this controls whether flash and ATCM are
173
+ * enabled or disabled on reset. QEMU doesn't model this, and
174
+ * always wires up RAM in the ATCM area and ROM in the flash area.
175
+ */
176
+ if (cfg1_is_leds(s)) {
177
+ for (size_t i = 0; i < ARRAY_SIZE(s->led); i++) {
178
+ led_set_state(s->led[i], extract32(value, i, 1));
179
+ }
180
}
181
break;
182
case A_CFG2:
183
if (!have_cfg2(s)) {
184
goto bad_offset;
185
}
186
- /* AN524: QSPI Select signal */
187
+ /* AN524, AN536: QSPI Select signal */
188
s->cfg2 = value;
189
break;
190
case A_CFG5:
191
if (!have_cfg5(s)) {
192
goto bad_offset;
193
}
194
- /* AN524: ACLK frequency in Hz */
195
+ /* AN524, AN536: ACLK frequency in Hz */
196
s->cfg5 = value;
197
break;
198
case A_CFG6:
199
@@ -XXX,XX +XXX,XX @@ static void mps2_scc_write(void *opaque, hwaddr offset, uint64_t value,
200
goto bad_offset;
201
}
202
/* AN524: Clock divider for BRAM */
203
+ /* AN536: Core 0 vector table base address */
204
+ s->cfg6 = value;
205
+ break;
206
+ case A_CFG7:
207
+ if (!have_cfg7(s)) {
208
+ goto bad_offset;
209
+ }
210
+ /* AN536: Core 1 vector table base address */
211
s->cfg6 = value;
212
break;
213
case A_CFGDATA_OUT:
214
@@ -XXX,XX +XXX,XX @@ static void mps2_scc_finalize(Object *obj)
215
g_free(s->oscclk_reset);
216
}
217
218
+static bool cfg7_needed(void *opaque)
219
+{
220
+ MPS2SCC *s = opaque;
221
+
222
+ return have_cfg7(s);
223
+}
224
+
225
+static const VMStateDescription vmstate_cfg7 = {
226
+ .name = "mps2-scc/cfg7",
227
+ .version_id = 1,
228
+ .minimum_version_id = 1,
229
+ .needed = cfg7_needed,
230
+ .fields = (const VMStateField[]) {
231
+ VMSTATE_UINT32(cfg7, MPS2SCC),
232
+ VMSTATE_END_OF_LIST()
233
+ }
234
+};
235
+
236
static const VMStateDescription mps2_scc_vmstate = {
237
.name = "mps2-scc",
238
.version_id = 3,
239
@@ -XXX,XX +XXX,XX @@ static const VMStateDescription mps2_scc_vmstate = {
240
VMSTATE_VARRAY_UINT32(oscclk, MPS2SCC, num_oscclk,
241
0, vmstate_info_uint32, uint32_t),
242
VMSTATE_END_OF_LIST()
243
+ },
244
+ .subsections = (const VMStateDescription * const []) {
245
+ &vmstate_cfg7,
246
+ NULL
247
}
248
};
249
77
--
250
--
78
2.20.1
251
2.34.1
79
252
80
253
diff view generated by jsdifflib
[PULL 14/37] MAINTAINERS: Add ACPI specs documents to ACPI and NVDIMM sections
[PULL 30/35] hw/arm/mps3r: Initial skeleton for mps3-an536 board
1
Add entries for the ACPI specs documents in docs/specs to
1
The AN536 is another FPGA image for the MPS3 development board. Unlike
2
appropriate sections of MAINTAINERS.
2
the existing FPGA images we already model, this board uses a Cortex-R
3
family CPU, and it does not use any equivalent to the M-profile
4
"Subsystem for Embedded" SoC-equivalent that we model in hw/arm/armsse.c.
5
It's therefore more convenient for us to model it as a completely
6
separate C file.
7
8
This commit adds the basic skeleton of the board model, and the
9
code to create all the RAM and ROM. We assume that we're probably
10
going to want to add more images in future, so use the same
11
base class/subclass setup that mps2-tz.c uses, even though at
12
the moment there's only a single subclass.
13
14
Following commits will add the CPUs and the peripherals.
3
15
4
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
16
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
17
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
6
Message-id: 20210727170414.3368-6-peter.maydell@linaro.org
18
Message-id: 20240206132931.38376-9-peter.maydell@linaro.org
7
---
19
---
8
MAINTAINERS | 5 +++++
20
MAINTAINERS | 3 +-
9
1 file changed, 5 insertions(+)
21
configs/devices/arm-softmmu/default.mak | 1 +
22
hw/arm/mps3r.c | 239 ++++++++++++++++++++++++
23
hw/arm/Kconfig | 5 +
24
hw/arm/meson.build | 1 +
25
5 files changed, 248 insertions(+), 1 deletion(-)
26
create mode 100644 hw/arm/mps3r.c
10
27
11
diff --git a/MAINTAINERS b/MAINTAINERS
28
diff --git a/MAINTAINERS b/MAINTAINERS
12
index XXXXXXX..XXXXXXX 100644
29
index XXXXXXX..XXXXXXX 100644
13
--- a/MAINTAINERS
30
--- a/MAINTAINERS
14
+++ b/MAINTAINERS
31
+++ b/MAINTAINERS
15
@@ -XXX,XX +XXX,XX @@ F: qapi/acpi.json
32
@@ -XXX,XX +XXX,XX @@ F: include/hw/misc/imx7_*.h
16
F: tests/qtest/bios-tables-test*
33
F: hw/pci-host/designware.c
17
F: tests/qtest/acpi-utils.[hc]
34
F: include/hw/pci-host/designware.h
18
F: tests/data/acpi/
35
19
+F: docs/specs/acpi_cpu_hotplug.rst
36
-MPS2
20
+F: docs/specs/acpi_mem_hotplug.rst
37
+MPS2 / MPS3
21
+F: docs/specs/acpi_pci_hotplug.rst
38
M: Peter Maydell <peter.maydell@linaro.org>
22
+F: docs/specs/acpi_hw_reduced_hotplug.rst
39
L: qemu-arm@nongnu.org
23
40
S: Maintained
24
ACPI/HEST/GHES
41
F: hw/arm/mps2.c
25
R: Dongjiu Geng <gengdongjiu1@gmail.com>
42
F: hw/arm/mps2-tz.c
26
@@ -XXX,XX +XXX,XX @@ F: hw/acpi/nvdimm.c
43
+F: hw/arm/mps3r.c
27
F: hw/mem/nvdimm.c
44
F: hw/misc/mps2-*.c
28
F: include/hw/mem/nvdimm.h
45
F: include/hw/misc/mps2-*.h
29
F: docs/nvdimm.txt
46
F: hw/arm/armsse.c
30
+F: docs/specs/acpi_nvdimm.rst
47
diff --git a/configs/devices/arm-softmmu/default.mak b/configs/devices/arm-softmmu/default.mak
31
48
index XXXXXXX..XXXXXXX 100644
32
e1000x
49
--- a/configs/devices/arm-softmmu/default.mak
33
M: Dmitry Fleytman <dmitry.fleytman@gmail.com>
50
+++ b/configs/devices/arm-softmmu/default.mak
51
@@ -XXX,XX +XXX,XX @@ CONFIG_ARM_VIRT=y
52
# CONFIG_INTEGRATOR=n
53
# CONFIG_FSL_IMX31=n
54
# CONFIG_MUSICPAL=n
55
+# CONFIG_MPS3R=n
56
# CONFIG_MUSCA=n
57
# CONFIG_CHEETAH=n
58
# CONFIG_SX1=n
59
diff --git a/hw/arm/mps3r.c b/hw/arm/mps3r.c
60
new file mode 100644
61
index XXXXXXX..XXXXXXX
62
--- /dev/null
63
+++ b/hw/arm/mps3r.c
64
@@ -XXX,XX +XXX,XX @@
65
+/*
66
+ * Arm MPS3 board emulation for Cortex-R-based FPGA images.
67
+ * (For M-profile images see mps2.c and mps2tz.c.)
68
+ *
69
+ * Copyright (c) 2017 Linaro Limited
70
+ * Written by Peter Maydell
71
+ *
72
+ * This program is free software; you can redistribute it and/or modify
73
+ * it under the terms of the GNU General Public License version 2 or
74
+ * (at your option) any later version.
75
+ */
76
+
77
+/*
78
+ * The MPS3 is an FPGA based dev board. This file handles FPGA images
79
+ * which use the Cortex-R CPUs. We model these separately from the
80
+ * M-profile images, because on M-profile the FPGA image is based on
81
+ * a "Subsystem for Embedded" which is similar to an SoC, whereas
82
+ * the R-profile FPGA images don't have that abstraction layer.
83
+ *
84
+ * We model the following FPGA images here:
85
+ * "mps3-an536" -- dual Cortex-R52 as documented in Arm Application Note AN536
86
+ *
87
+ * Application Note AN536:
88
+ * https://developer.arm.com/documentation/dai0536/latest/
89
+ */
90
+
91
+#include "qemu/osdep.h"
92
+#include "qemu/units.h"
93
+#include "qapi/error.h"
94
+#include "exec/address-spaces.h"
95
+#include "cpu.h"
96
+#include "hw/boards.h"
97
+#include "hw/arm/boot.h"
98
+
99
+/* Define the layout of RAM and ROM in a board */
100
+typedef struct RAMInfo {
101
+ const char *name;
102
+ hwaddr base;
103
+ hwaddr size;
104
+ int mrindex; /* index into rams[]; -1 for the system RAM block */
105
+ int flags;
106
+} RAMInfo;
107
+
108
+/*
109
+ * The MPS3 DDR is 3GiB, but on a 32-bit host QEMU doesn't permit
110
+ * emulation of that much guest RAM, so artificially make it smaller.
111
+ */
112
+#if HOST_LONG_BITS == 32
113
+#define MPS3_DDR_SIZE (1 * GiB)
114
+#else
115
+#define MPS3_DDR_SIZE (3 * GiB)
116
+#endif
117
+
118
+/*
119
+ * Flag values:
120
+ * IS_MAIN: this is the main machine RAM
121
+ * IS_ROM: this area is read-only
122
+ */
123
+#define IS_MAIN 1
124
+#define IS_ROM 2
125
+
126
+#define MPS3R_RAM_MAX 9
127
+
128
+typedef enum MPS3RFPGAType {
129
+ FPGA_AN536,
130
+} MPS3RFPGAType;
131
+
132
+struct MPS3RMachineClass {
133
+ MachineClass parent;
134
+ MPS3RFPGAType fpga_type;
135
+ const RAMInfo *raminfo;
136
+};
137
+
138
+struct MPS3RMachineState {
139
+ MachineState parent;
140
+ MemoryRegion ram[MPS3R_RAM_MAX];
141
+};
142
+
143
+#define TYPE_MPS3R_MACHINE "mps3r"
144
+#define TYPE_MPS3R_AN536_MACHINE MACHINE_TYPE_NAME("mps3-an536")
145
+
146
+OBJECT_DECLARE_TYPE(MPS3RMachineState, MPS3RMachineClass, MPS3R_MACHINE)
147
+
148
+static const RAMInfo an536_raminfo[] = {
149
+ {
150
+ .name = "ATCM",
151
+ .base = 0x00000000,
152
+ .size = 0x00008000,
153
+ .mrindex = 0,
154
+ }, {
155
+ /* We model the QSPI flash as simple ROM for now */
156
+ .name = "QSPI",
157
+ .base = 0x08000000,
158
+ .size = 0x00800000,
159
+ .flags = IS_ROM,
160
+ .mrindex = 1,
161
+ }, {
162
+ .name = "BRAM",
163
+ .base = 0x10000000,
164
+ .size = 0x00080000,
165
+ .mrindex = 2,
166
+ }, {
167
+ .name = "DDR",
168
+ .base = 0x20000000,
169
+ .size = MPS3_DDR_SIZE,
170
+ .mrindex = -1,
171
+ }, {
172
+ .name = "ATCM0",
173
+ .base = 0xee000000,
174
+ .size = 0x00008000,
175
+ .mrindex = 3,
176
+ }, {
177
+ .name = "BTCM0",
178
+ .base = 0xee100000,
179
+ .size = 0x00008000,
180
+ .mrindex = 4,
181
+ }, {
182
+ .name = "CTCM0",
183
+ .base = 0xee200000,
184
+ .size = 0x00008000,
185
+ .mrindex = 5,
186
+ }, {
187
+ .name = "ATCM1",
188
+ .base = 0xee400000,
189
+ .size = 0x00008000,
190
+ .mrindex = 6,
191
+ }, {
192
+ .name = "BTCM1",
193
+ .base = 0xee500000,
194
+ .size = 0x00008000,
195
+ .mrindex = 7,
196
+ }, {
197
+ .name = "CTCM1",
198
+ .base = 0xee600000,
199
+ .size = 0x00008000,
200
+ .mrindex = 8,
201
+ }, {
202
+ .name = NULL,
203
+ }
204
+};
205
+
206
+static MemoryRegion *mr_for_raminfo(MPS3RMachineState *mms,
207
+ const RAMInfo *raminfo)
208
+{
209
+ /* Return an initialized MemoryRegion for the RAMInfo. */
210
+ MemoryRegion *ram;
211
+
212
+ if (raminfo->mrindex < 0) {
213
+ /* Means this RAMInfo is for QEMU's "system memory" */
214
+ MachineState *machine = MACHINE(mms);
215
+ assert(!(raminfo->flags & IS_ROM));
216
+ return machine->ram;
217
+ }
218
+
219
+ assert(raminfo->mrindex < MPS3R_RAM_MAX);
220
+ ram = &mms->ram[raminfo->mrindex];
221
+
222
+ memory_region_init_ram(ram, NULL, raminfo->name,
223
+ raminfo->size, &error_fatal);
224
+ if (raminfo->flags & IS_ROM) {
225
+ memory_region_set_readonly(ram, true);
226
+ }
227
+ return ram;
228
+}
229
+
230
+static void mps3r_common_init(MachineState *machine)
231
+{
232
+ MPS3RMachineState *mms = MPS3R_MACHINE(machine);
233
+ MPS3RMachineClass *mmc = MPS3R_MACHINE_GET_CLASS(mms);
234
+ MemoryRegion *sysmem = get_system_memory();
235
+
236
+ for (const RAMInfo *ri = mmc->raminfo; ri->name; ri++) {
237
+ MemoryRegion *mr = mr_for_raminfo(mms, ri);
238
+ memory_region_add_subregion(sysmem, ri->base, mr);
239
+ }
240
+}
241
+
242
+static void mps3r_set_default_ram_info(MPS3RMachineClass *mmc)
243
+{
244
+ /*
245
+ * Set mc->default_ram_size and default_ram_id from the
246
+ * information in mmc->raminfo.
247
+ */
248
+ MachineClass *mc = MACHINE_CLASS(mmc);
249
+ const RAMInfo *p;
250
+
251
+ for (p = mmc->raminfo; p->name; p++) {
252
+ if (p->mrindex < 0) {
253
+ /* Found the entry for "system memory" */
254
+ mc->default_ram_size = p->size;
255
+ mc->default_ram_id = p->name;
256
+ return;
257
+ }
258
+ }
259
+ g_assert_not_reached();
260
+}
261
+
262
+static void mps3r_class_init(ObjectClass *oc, void *data)
263
+{
264
+ MachineClass *mc = MACHINE_CLASS(oc);
265
+
266
+ mc->init = mps3r_common_init;
267
+}
268
+
269
+static void mps3r_an536_class_init(ObjectClass *oc, void *data)
270
+{
271
+ MachineClass *mc = MACHINE_CLASS(oc);
272
+ MPS3RMachineClass *mmc = MPS3R_MACHINE_CLASS(oc);
273
+ static const char * const valid_cpu_types[] = {
274
+ ARM_CPU_TYPE_NAME("cortex-r52"),
275
+ NULL
276
+ };
277
+
278
+ mc->desc = "ARM MPS3 with AN536 FPGA image for Cortex-R52";
279
+ mc->default_cpus = 2;
280
+ mc->min_cpus = mc->default_cpus;
281
+ mc->max_cpus = mc->default_cpus;
282
+ mc->default_cpu_type = ARM_CPU_TYPE_NAME("cortex-r52");
283
+ mc->valid_cpu_types = valid_cpu_types;
284
+ mmc->raminfo = an536_raminfo;
285
+ mps3r_set_default_ram_info(mmc);
286
+}
287
+
288
+static const TypeInfo mps3r_machine_types[] = {
289
+ {
290
+ .name = TYPE_MPS3R_MACHINE,
291
+ .parent = TYPE_MACHINE,
292
+ .abstract = true,
293
+ .instance_size = sizeof(MPS3RMachineState),
294
+ .class_size = sizeof(MPS3RMachineClass),
295
+ .class_init = mps3r_class_init,
296
+ }, {
297
+ .name = TYPE_MPS3R_AN536_MACHINE,
298
+ .parent = TYPE_MPS3R_MACHINE,
299
+ .class_init = mps3r_an536_class_init,
300
+ },
301
+};
302
+
303
+DEFINE_TYPES(mps3r_machine_types);
304
diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
305
index XXXXXXX..XXXXXXX 100644
306
--- a/hw/arm/Kconfig
307
+++ b/hw/arm/Kconfig
308
@@ -XXX,XX +XXX,XX @@ config MAINSTONE
309
select PFLASH_CFI01
310
select SMC91C111
311
312
+config MPS3R
313
+ bool
314
+ default y
315
+ depends on TCG && ARM
316
+
317
config MUSCA
318
bool
319
default y
320
diff --git a/hw/arm/meson.build b/hw/arm/meson.build
321
index XXXXXXX..XXXXXXX 100644
322
--- a/hw/arm/meson.build
323
+++ b/hw/arm/meson.build
324
@@ -XXX,XX +XXX,XX @@ arm_ss.add(when: 'CONFIG_HIGHBANK', if_true: files('highbank.c'))
325
arm_ss.add(when: 'CONFIG_INTEGRATOR', if_true: files('integratorcp.c'))
326
arm_ss.add(when: 'CONFIG_MAINSTONE', if_true: files('mainstone.c'))
327
arm_ss.add(when: 'CONFIG_MICROBIT', if_true: files('microbit.c'))
328
+arm_ss.add(when: 'CONFIG_MPS3R', if_true: files('mps3r.c'))
329
arm_ss.add(when: 'CONFIG_MUSICPAL', if_true: files('musicpal.c'))
330
arm_ss.add(when: 'CONFIG_NETDUINOPLUS2', if_true: files('netduinoplus2.c'))
331
arm_ss.add(when: 'CONFIG_OLIMEX_STM32_H405', if_true: files('olimex-stm32-h405.c'))
34
--
332
--
35
2.20.1
333
2.34.1
36
334
37
335
diff view generated by jsdifflib
[PULL 21/37] arch_init.h: Don't include arch_init.h unnecessarily
[PULL 31/35] hw/arm/mps3r: Add CPUs, GIC, and per-CPU RAM
1
arch_init.h only defines the QEMU_ARCH_* enumeration and the
1
Create the CPUs, the GIC, and the per-CPU RAM block for
2
arch_type global. Don't include it in files that don't use those.
2
the mps3-an536 board.
3
3
4
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
5
Message-id: 20240206132931.38376-10-peter.maydell@linaro.org
6
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
7
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
8
Message-id: 20210730105947.28215-8-peter.maydell@linaro.org
9
---
6
---
10
blockdev.c | 1 -
7
hw/arm/mps3r.c | 180 ++++++++++++++++++++++++++++++++++++++++++++++++-
11
hw/i386/pc.c | 1 -
8
1 file changed, 177 insertions(+), 3 deletions(-)
12
hw/i386/pc_piix.c | 1 -
13
hw/i386/pc_q35.c | 1 -
14
hw/mips/jazz.c | 1 -
15
hw/mips/malta.c | 1 -
16
hw/ppc/prep.c | 1 -
17
hw/riscv/sifive_e.c | 1 -
18
hw/riscv/sifive_u.c | 1 -
19
hw/riscv/spike.c | 1 -
20
hw/riscv/virt.c | 1 -
21
monitor/qmp-cmds.c | 1 -
22
target/ppc/cpu_init.c | 1 -
23
target/s390x/cpu-sysemu.c | 1 -
24
14 files changed, 14 deletions(-)
25
9
26
diff --git a/blockdev.c b/blockdev.c
10
diff --git a/hw/arm/mps3r.c b/hw/arm/mps3r.c
27
index XXXXXXX..XXXXXXX 100644
11
index XXXXXXX..XXXXXXX 100644
28
--- a/blockdev.c
12
--- a/hw/arm/mps3r.c
29
+++ b/blockdev.c
13
+++ b/hw/arm/mps3r.c
30
@@ -XXX,XX +XXX,XX @@
31
#include "sysemu/iothread.h"
32
#include "block/block_int.h"
33
#include "block/trace.h"
34
-#include "sysemu/arch_init.h"
35
#include "sysemu/runstate.h"
36
#include "sysemu/replay.h"
37
#include "qemu/cutils.h"
38
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
39
index XXXXXXX..XXXXXXX 100644
40
--- a/hw/i386/pc.c
41
+++ b/hw/i386/pc.c
42
@@ -XXX,XX +XXX,XX @@
43
#include "hw/xen/start_info.h"
44
#include "ui/qemu-spice.h"
45
#include "exec/memory.h"
46
-#include "sysemu/arch_init.h"
47
#include "qemu/bitmap.h"
48
#include "qemu/config-file.h"
49
#include "qemu/error-report.h"
50
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
51
index XXXXXXX..XXXXXXX 100644
52
--- a/hw/i386/pc_piix.c
53
+++ b/hw/i386/pc_piix.c
54
@@ -XXX,XX +XXX,XX @@
55
#include "sysemu/kvm.h"
56
#include "hw/kvm/clock.h"
57
#include "hw/sysbus.h"
58
-#include "sysemu/arch_init.h"
59
#include "hw/i2c/smbus_eeprom.h"
60
#include "hw/xen/xen-x86.h"
61
#include "exec/memory.h"
62
diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
63
index XXXXXXX..XXXXXXX 100644
64
--- a/hw/i386/pc_q35.c
65
+++ b/hw/i386/pc_q35.c
66
@@ -XXX,XX +XXX,XX @@
14
@@ -XXX,XX +XXX,XX @@
67
#include "qemu/osdep.h"
15
#include "qemu/osdep.h"
68
#include "qemu/units.h"
16
#include "qemu/units.h"
69
#include "hw/loader.h"
17
#include "qapi/error.h"
70
-#include "sysemu/arch_init.h"
18
+#include "qapi/qmp/qlist.h"
71
#include "hw/i2c/smbus_eeprom.h"
19
#include "exec/address-spaces.h"
72
#include "hw/rtc/mc146818rtc.h"
20
#include "cpu.h"
73
#include "sysemu/kvm.h"
74
diff --git a/hw/mips/jazz.c b/hw/mips/jazz.c
75
index XXXXXXX..XXXXXXX 100644
76
--- a/hw/mips/jazz.c
77
+++ b/hw/mips/jazz.c
78
@@ -XXX,XX +XXX,XX @@
79
#include "hw/isa/isa.h"
80
#include "hw/block/fdc.h"
81
#include "sysemu/sysemu.h"
82
-#include "sysemu/arch_init.h"
83
#include "hw/boards.h"
21
#include "hw/boards.h"
84
#include "net/net.h"
22
+#include "hw/qdev-properties.h"
85
#include "hw/scsi/esp.h"
23
#include "hw/arm/boot.h"
86
diff --git a/hw/mips/malta.c b/hw/mips/malta.c
24
+#include "hw/arm/bsa.h"
87
index XXXXXXX..XXXXXXX 100644
25
+#include "hw/intc/arm_gicv3.h"
88
--- a/hw/mips/malta.c
26
89
+++ b/hw/mips/malta.c
27
/* Define the layout of RAM and ROM in a board */
90
@@ -XXX,XX +XXX,XX @@
28
typedef struct RAMInfo {
91
#include "hw/mips/mips.h"
29
@@ -XXX,XX +XXX,XX @@ typedef struct RAMInfo {
92
#include "hw/mips/cpudevs.h"
30
#define IS_ROM 2
93
#include "hw/pci/pci.h"
31
94
-#include "sysemu/arch_init.h"
32
#define MPS3R_RAM_MAX 9
95
#include "qemu/log.h"
33
+#define MPS3R_CPU_MAX 2
96
#include "hw/mips/bios.h"
34
+
97
#include "hw/ide.h"
35
+#define PERIPHBASE 0xf0000000
98
diff --git a/hw/ppc/prep.c b/hw/ppc/prep.c
36
+#define NUM_SPIS 96
99
index XXXXXXX..XXXXXXX 100644
37
100
--- a/hw/ppc/prep.c
38
typedef enum MPS3RFPGAType {
101
+++ b/hw/ppc/prep.c
39
FPGA_AN536,
102
@@ -XXX,XX +XXX,XX @@
40
@@ -XXX,XX +XXX,XX @@ struct MPS3RMachineClass {
103
#include "hw/rtc/mc146818rtc.h"
41
MachineClass parent;
104
#include "hw/isa/pc87312.h"
42
MPS3RFPGAType fpga_type;
105
#include "hw/qdev-properties.h"
43
const RAMInfo *raminfo;
106
-#include "sysemu/arch_init.h"
44
+ hwaddr loader_start;
107
#include "sysemu/kvm.h"
45
};
108
#include "sysemu/reset.h"
46
109
#include "trace.h"
47
struct MPS3RMachineState {
110
diff --git a/hw/riscv/sifive_e.c b/hw/riscv/sifive_e.c
48
MachineState parent;
111
index XXXXXXX..XXXXXXX 100644
49
+ struct arm_boot_info bootinfo;
112
--- a/hw/riscv/sifive_e.c
50
MemoryRegion ram[MPS3R_RAM_MAX];
113
+++ b/hw/riscv/sifive_e.c
51
+ Object *cpu[MPS3R_CPU_MAX];
114
@@ -XXX,XX +XXX,XX @@
52
+ MemoryRegion cpu_sysmem[MPS3R_CPU_MAX];
115
#include "hw/intc/sifive_plic.h"
53
+ MemoryRegion sysmem_alias[MPS3R_CPU_MAX];
116
#include "hw/misc/sifive_e_prci.h"
54
+ MemoryRegion cpu_ram[MPS3R_CPU_MAX];
117
#include "chardev/char.h"
55
+ GICv3State gic;
118
-#include "sysemu/arch_init.h"
56
};
119
#include "sysemu/sysemu.h"
57
120
58
#define TYPE_MPS3R_MACHINE "mps3r"
121
static const MemMapEntry sifive_e_memmap[] = {
59
@@ -XXX,XX +XXX,XX @@ static MemoryRegion *mr_for_raminfo(MPS3RMachineState *mms,
122
diff --git a/hw/riscv/sifive_u.c b/hw/riscv/sifive_u.c
60
return ram;
123
index XXXXXXX..XXXXXXX 100644
61
}
124
--- a/hw/riscv/sifive_u.c
62
125
+++ b/hw/riscv/sifive_u.c
63
+/*
126
@@ -XXX,XX +XXX,XX @@
64
+ * There is no defined secondary boot protocol for Linux for the AN536,
127
#include "hw/intc/sifive_plic.h"
65
+ * because real hardware has a restriction that atomic operations between
128
#include "chardev/char.h"
66
+ * the two CPUs do not function correctly, and so true SMP is not
129
#include "net/eth.h"
67
+ * possible. Therefore for cases where the user is directly booting
130
-#include "sysemu/arch_init.h"
68
+ * a kernel, we treat the system as essentially uniprocessor, and
131
#include "sysemu/device_tree.h"
69
+ * put the secondary CPU into power-off state (as if the user on the
132
#include "sysemu/runstate.h"
70
+ * real hardware had configured the secondary to be halted via the
133
#include "sysemu/sysemu.h"
71
+ * SCC config registers).
134
diff --git a/hw/riscv/spike.c b/hw/riscv/spike.c
72
+ *
135
index XXXXXXX..XXXXXXX 100644
73
+ * Note that the default secondary boot code would not work here anyway
136
--- a/hw/riscv/spike.c
74
+ * as it assumes a GICv2, and we have a GICv3.
137
+++ b/hw/riscv/spike.c
75
+ */
138
@@ -XXX,XX +XXX,XX @@
76
+static void mps3r_write_secondary_boot(ARMCPU *cpu,
139
#include "hw/char/riscv_htif.h"
77
+ const struct arm_boot_info *info)
140
#include "hw/intc/sifive_clint.h"
78
+{
141
#include "chardev/char.h"
79
+ /*
142
-#include "sysemu/arch_init.h"
80
+ * Power the secondary CPU off. This means we don't need to write any
143
#include "sysemu/device_tree.h"
81
+ * boot code into guest memory. Note that the 'cpu' argument to this
144
#include "sysemu/sysemu.h"
82
+ * function is the primary CPU we passed to arm_load_kernel(), not
145
83
+ * the secondary. Loop around all the other CPUs, as the boot.c
146
diff --git a/hw/riscv/virt.c b/hw/riscv/virt.c
84
+ * code does for the "disable secondaries if PSCI is enabled" case.
147
index XXXXXXX..XXXXXXX 100644
85
+ */
148
--- a/hw/riscv/virt.c
86
+ for (CPUState *cs = first_cpu; cs; cs = CPU_NEXT(cs)) {
149
+++ b/hw/riscv/virt.c
87
+ if (cs != first_cpu) {
150
@@ -XXX,XX +XXX,XX @@
88
+ object_property_set_bool(OBJECT(cs), "start-powered-off", true,
151
#include "hw/intc/sifive_plic.h"
89
+ &error_abort);
152
#include "hw/misc/sifive_test.h"
90
+ }
153
#include "chardev/char.h"
91
+ }
154
-#include "sysemu/arch_init.h"
92
+}
155
#include "sysemu/device_tree.h"
93
+
156
#include "sysemu/sysemu.h"
94
+static void mps3r_secondary_cpu_reset(ARMCPU *cpu,
157
#include "hw/pci/pci.h"
95
+ const struct arm_boot_info *info)
158
diff --git a/monitor/qmp-cmds.c b/monitor/qmp-cmds.c
96
+{
159
index XXXXXXX..XXXXXXX 100644
97
+ /* We don't need to do anything here because the CPU will be off */
160
--- a/monitor/qmp-cmds.c
98
+}
161
+++ b/monitor/qmp-cmds.c
99
+
162
@@ -XXX,XX +XXX,XX @@
100
+static void create_gic(MPS3RMachineState *mms, MemoryRegion *sysmem)
163
#include "sysemu/kvm.h"
101
+{
164
#include "sysemu/runstate.h"
102
+ MachineState *machine = MACHINE(mms);
165
#include "sysemu/runstate-action.h"
103
+ DeviceState *gicdev;
166
-#include "sysemu/arch_init.h"
104
+ QList *redist_region_count;
167
#include "sysemu/blockdev.h"
105
+
168
#include "sysemu/block-backend.h"
106
+ object_initialize_child(OBJECT(mms), "gic", &mms->gic, TYPE_ARM_GICV3);
169
#include "qapi/error.h"
107
+ gicdev = DEVICE(&mms->gic);
170
diff --git a/target/ppc/cpu_init.c b/target/ppc/cpu_init.c
108
+ qdev_prop_set_uint32(gicdev, "num-cpu", machine->smp.cpus);
171
index XXXXXXX..XXXXXXX 100644
109
+ qdev_prop_set_uint32(gicdev, "num-irq", NUM_SPIS + GIC_INTERNAL);
172
--- a/target/ppc/cpu_init.c
110
+ redist_region_count = qlist_new();
173
+++ b/target/ppc/cpu_init.c
111
+ qlist_append_int(redist_region_count, machine->smp.cpus);
174
@@ -XXX,XX +XXX,XX @@
112
+ qdev_prop_set_array(gicdev, "redist-region-count", redist_region_count);
175
#include "disas/dis-asm.h"
113
+ object_property_set_link(OBJECT(&mms->gic), "sysmem",
176
#include "exec/gdbstub.h"
114
+ OBJECT(sysmem), &error_fatal);
177
#include "kvm_ppc.h"
115
+ sysbus_realize(SYS_BUS_DEVICE(&mms->gic), &error_fatal);
178
-#include "sysemu/arch_init.h"
116
+ sysbus_mmio_map(SYS_BUS_DEVICE(&mms->gic), 0, PERIPHBASE);
179
#include "sysemu/cpus.h"
117
+ sysbus_mmio_map(SYS_BUS_DEVICE(&mms->gic), 1, PERIPHBASE + 0x100000);
180
#include "sysemu/hw_accel.h"
118
+ /*
181
#include "sysemu/tcg.h"
119
+ * Wire the outputs from each CPU's generic timer and the GICv3
182
diff --git a/target/s390x/cpu-sysemu.c b/target/s390x/cpu-sysemu.c
120
+ * maintenance interrupt signal to the appropriate GIC PPI inputs,
183
index XXXXXXX..XXXXXXX 100644
121
+ * and the GIC's IRQ/FIQ/VIRQ/VFIQ interrupt outputs to the CPU's inputs.
184
--- a/target/s390x/cpu-sysemu.c
122
+ */
185
+++ b/target/s390x/cpu-sysemu.c
123
+ for (int i = 0; i < machine->smp.cpus; i++) {
186
@@ -XXX,XX +XXX,XX @@
124
+ DeviceState *cpudev = DEVICE(mms->cpu[i]);
187
125
+ SysBusDevice *gicsbd = SYS_BUS_DEVICE(&mms->gic);
188
#include "hw/s390x/pv.h"
126
+ int intidbase = NUM_SPIS + i * GIC_INTERNAL;
189
#include "hw/boards.h"
127
+ int irq;
190
-#include "sysemu/arch_init.h"
128
+ /*
191
#include "sysemu/sysemu.h"
129
+ * Mapping from the output timer irq lines from the CPU to the
192
#include "sysemu/tcg.h"
130
+ * GIC PPI inputs used for this board. This isn't a BSA board,
193
#include "hw/core/sysemu-cpu-ops.h"
131
+ * but it uses the standard convention for the PPI numbers.
132
+ */
133
+ const int timer_irq[] = {
134
+ [GTIMER_PHYS] = ARCH_TIMER_NS_EL1_IRQ,
135
+ [GTIMER_VIRT] = ARCH_TIMER_VIRT_IRQ,
136
+ [GTIMER_HYP] = ARCH_TIMER_NS_EL2_IRQ,
137
+ };
138
+
139
+ for (irq = 0; irq < ARRAY_SIZE(timer_irq); irq++) {
140
+ qdev_connect_gpio_out(cpudev, irq,
141
+ qdev_get_gpio_in(gicdev,
142
+ intidbase + timer_irq[irq]));
143
+ }
144
+
145
+ qdev_connect_gpio_out_named(cpudev, "gicv3-maintenance-interrupt", 0,
146
+ qdev_get_gpio_in(gicdev,
147
+ intidbase + ARCH_GIC_MAINT_IRQ));
148
+
149
+ qdev_connect_gpio_out_named(cpudev, "pmu-interrupt", 0,
150
+ qdev_get_gpio_in(gicdev,
151
+ intidbase + VIRTUAL_PMU_IRQ));
152
+
153
+ sysbus_connect_irq(gicsbd, i,
154
+ qdev_get_gpio_in(cpudev, ARM_CPU_IRQ));
155
+ sysbus_connect_irq(gicsbd, i + machine->smp.cpus,
156
+ qdev_get_gpio_in(cpudev, ARM_CPU_FIQ));
157
+ sysbus_connect_irq(gicsbd, i + 2 * machine->smp.cpus,
158
+ qdev_get_gpio_in(cpudev, ARM_CPU_VIRQ));
159
+ sysbus_connect_irq(gicsbd, i + 3 * machine->smp.cpus,
160
+ qdev_get_gpio_in(cpudev, ARM_CPU_VFIQ));
161
+ }
162
+}
163
+
164
static void mps3r_common_init(MachineState *machine)
165
{
166
MPS3RMachineState *mms = MPS3R_MACHINE(machine);
167
@@ -XXX,XX +XXX,XX @@ static void mps3r_common_init(MachineState *machine)
168
MemoryRegion *mr = mr_for_raminfo(mms, ri);
169
memory_region_add_subregion(sysmem, ri->base, mr);
170
}
171
+
172
+ assert(machine->smp.cpus <= MPS3R_CPU_MAX);
173
+ for (int i = 0; i < machine->smp.cpus; i++) {
174
+ g_autofree char *sysmem_name = g_strdup_printf("cpu-%d-memory", i);
175
+ g_autofree char *ramname = g_strdup_printf("cpu-%d-memory", i);
176
+ g_autofree char *alias_name = g_strdup_printf("sysmem-alias-%d", i);
177
+
178
+ /*
179
+ * Each CPU has some private RAM/peripherals, so create the container
180
+ * which will house those, with the whole-machine system memory being
181
+ * used where there's no CPU-specific device. Note that we need the
182
+ * sysmem_alias aliases because we can't put one MR (the original
183
+ * 'sysmem') into more than one other MR.
184
+ */
185
+ memory_region_init(&mms->cpu_sysmem[i], OBJECT(machine),
186
+ sysmem_name, UINT64_MAX);
187
+ memory_region_init_alias(&mms->sysmem_alias[i], OBJECT(machine),
188
+ alias_name, sysmem, 0, UINT64_MAX);
189
+ memory_region_add_subregion_overlap(&mms->cpu_sysmem[i], 0,
190
+ &mms->sysmem_alias[i], -1);
191
+
192
+ mms->cpu[i] = object_new(machine->cpu_type);
193
+ object_property_set_link(mms->cpu[i], "memory",
194
+ OBJECT(&mms->cpu_sysmem[i]), &error_abort);
195
+ object_property_set_int(mms->cpu[i], "reset-cbar",
196
+ PERIPHBASE, &error_abort);
197
+ qdev_realize(DEVICE(mms->cpu[i]), NULL, &error_fatal);
198
+ object_unref(mms->cpu[i]);
199
+
200
+ /* Per-CPU RAM */
201
+ memory_region_init_ram(&mms->cpu_ram[i], NULL, ramname,
202
+ 0x1000, &error_fatal);
203
+ memory_region_add_subregion(&mms->cpu_sysmem[i], 0xe7c01000,
204
+ &mms->cpu_ram[i]);
205
+ }
206
+
207
+ create_gic(mms, sysmem);
208
+
209
+ mms->bootinfo.ram_size = machine->ram_size;
210
+ mms->bootinfo.board_id = -1;
211
+ mms->bootinfo.loader_start = mmc->loader_start;
212
+ mms->bootinfo.write_secondary_boot = mps3r_write_secondary_boot;
213
+ mms->bootinfo.secondary_cpu_reset_hook = mps3r_secondary_cpu_reset;
214
+ arm_load_kernel(ARM_CPU(mms->cpu[0]), machine, &mms->bootinfo);
215
}
216
217
static void mps3r_set_default_ram_info(MPS3RMachineClass *mmc)
218
@@ -XXX,XX +XXX,XX @@ static void mps3r_set_default_ram_info(MPS3RMachineClass *mmc)
219
/* Found the entry for "system memory" */
220
mc->default_ram_size = p->size;
221
mc->default_ram_id = p->name;
222
+ mmc->loader_start = p->base;
223
return;
224
}
225
}
226
@@ -XXX,XX +XXX,XX @@ static void mps3r_an536_class_init(ObjectClass *oc, void *data)
227
};
228
229
mc->desc = "ARM MPS3 with AN536 FPGA image for Cortex-R52";
230
- mc->default_cpus = 2;
231
- mc->min_cpus = mc->default_cpus;
232
- mc->max_cpus = mc->default_cpus;
233
+ /*
234
+ * In the real FPGA image there are always two cores, but the standard
235
+ * initial setting for the SCC SYSCON 0x000 register is 0x21, meaning
236
+ * that the second core is held in reset and halted. Many images built for
237
+ * the board do not expect the second core to run at startup (especially
238
+ * since on the real FPGA image it is not possible to use LDREX/STREX
239
+ * in RAM between the two cores, so a true SMP setup isn't supported).
240
+ *
241
+ * As QEMU's equivalent of this, we support both -smp 1 and -smp 2,
242
+ * with the default being -smp 1. This seems a more intuitive UI for
243
+ * QEMU users than, for instance, having a machine property to allow
244
+ * the user to set the initial value of the SYSCON 0x000 register.
245
+ */
246
+ mc->default_cpus = 1;
247
+ mc->min_cpus = 1;
248
+ mc->max_cpus = 2;
249
mc->default_cpu_type = ARM_CPU_TYPE_NAME("cortex-r52");
250
mc->valid_cpu_types = valid_cpu_types;
251
mmc->raminfo = an536_raminfo;
194
--
252
--
195
2.20.1
253
2.34.1
196
197
diff view generated by jsdifflib
[PULL 13/37] docs/specs/acpi_nvdimm: Convert to rST
[PULL 32/35] hw/arm/mps3r: Add UARTs
1
Convert the ACPI NVDIMM spec document to rST.
1
This board has a lot of UARTs: there is one UART per CPU in the
2
per-CPU peripheral part of the address map, whose interrupts are
3
connected as per-CPU interrupt lines. Then there are 4 UARTs in the
4
normal part of the peripheral space, whose interrupts are shared
5
peripheral interrupts.
6
7
Connect and wire them all up; this involves some OR gates where
8
multiple overflow interrupts are wired into one GIC input.
2
9
3
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
11
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
5
Message-id: 20210727170414.3368-5-peter.maydell@linaro.org
12
Message-id: 20240206132931.38376-11-peter.maydell@linaro.org
6
---
13
---
7
docs/specs/acpi_nvdimm.rst | 228 +++++++++++++++++++++++++++++++++++++
14
hw/arm/mps3r.c | 94 ++++++++++++++++++++++++++++++++++++++++++++++++++
8
docs/specs/acpi_nvdimm.txt | 188 ------------------------------
15
1 file changed, 94 insertions(+)
9
docs/specs/index.rst | 1 +
10
3 files changed, 229 insertions(+), 188 deletions(-)
11
create mode 100644 docs/specs/acpi_nvdimm.rst
12
delete mode 100644 docs/specs/acpi_nvdimm.txt
13
16
14
diff --git a/docs/specs/acpi_nvdimm.rst b/docs/specs/acpi_nvdimm.rst
17
diff --git a/hw/arm/mps3r.c b/hw/arm/mps3r.c
15
new file mode 100644
18
index XXXXXXX..XXXXXXX 100644
16
index XXXXXXX..XXXXXXX
19
--- a/hw/arm/mps3r.c
17
--- /dev/null
20
+++ b/hw/arm/mps3r.c
18
+++ b/docs/specs/acpi_nvdimm.rst
19
@@ -XXX,XX +XXX,XX @@
21
@@ -XXX,XX +XXX,XX @@
20
+QEMU<->ACPI BIOS NVDIMM interface
22
#include "qapi/qmp/qlist.h"
21
+=================================
23
#include "exec/address-spaces.h"
24
#include "cpu.h"
25
+#include "sysemu/sysemu.h"
26
#include "hw/boards.h"
27
+#include "hw/or-irq.h"
28
#include "hw/qdev-properties.h"
29
#include "hw/arm/boot.h"
30
#include "hw/arm/bsa.h"
31
+#include "hw/char/cmsdk-apb-uart.h"
32
#include "hw/intc/arm_gicv3.h"
33
34
/* Define the layout of RAM and ROM in a board */
35
@@ -XXX,XX +XXX,XX @@ typedef struct RAMInfo {
36
37
#define MPS3R_RAM_MAX 9
38
#define MPS3R_CPU_MAX 2
39
+#define MPS3R_UART_MAX 4 /* shared UART count */
40
41
#define PERIPHBASE 0xf0000000
42
#define NUM_SPIS 96
43
@@ -XXX,XX +XXX,XX @@ struct MPS3RMachineState {
44
MemoryRegion sysmem_alias[MPS3R_CPU_MAX];
45
MemoryRegion cpu_ram[MPS3R_CPU_MAX];
46
GICv3State gic;
47
+ /* per-CPU UARTs followed by the shared UARTs */
48
+ CMSDKAPBUART uart[MPS3R_CPU_MAX + MPS3R_UART_MAX];
49
+ OrIRQState cpu_uart_oflow[MPS3R_CPU_MAX];
50
+ OrIRQState uart_oflow;
51
};
52
53
#define TYPE_MPS3R_MACHINE "mps3r"
54
@@ -XXX,XX +XXX,XX @@ struct MPS3RMachineState {
55
56
OBJECT_DECLARE_TYPE(MPS3RMachineState, MPS3RMachineClass, MPS3R_MACHINE)
57
58
+/*
59
+ * Main clock frequency CLK in Hz (50MHz). In the image there are also
60
+ * ACLK, MCLK, GPUCLK and PERIPHCLK at the same frequency; for our
61
+ * model we just roll them all into one.
62
+ */
63
+#define CLK_FRQ 50000000
22
+
64
+
23
+QEMU supports NVDIMM via ACPI. This document describes the basic concepts of
65
static const RAMInfo an536_raminfo[] = {
24
+NVDIMM ACPI and the interface between QEMU and the ACPI BIOS.
66
{
67
.name = "ATCM",
68
@@ -XXX,XX +XXX,XX @@ static void create_gic(MPS3RMachineState *mms, MemoryRegion *sysmem)
69
}
70
}
71
72
+/*
73
+ * Create UART uartno, and map it into the MemoryRegion mem at address baseaddr.
74
+ * The qemu_irq arguments are where we connect the various IRQs from the UART.
75
+ */
76
+static void create_uart(MPS3RMachineState *mms, int uartno, MemoryRegion *mem,
77
+ hwaddr baseaddr, qemu_irq txirq, qemu_irq rxirq,
78
+ qemu_irq txoverirq, qemu_irq rxoverirq,
79
+ qemu_irq combirq)
80
+{
81
+ g_autofree char *s = g_strdup_printf("uart%d", uartno);
82
+ SysBusDevice *sbd;
25
+
83
+
26
+NVDIMM ACPI Background
84
+ assert(uartno < ARRAY_SIZE(mms->uart));
27
+----------------------
85
+ object_initialize_child(OBJECT(mms), s, &mms->uart[uartno],
86
+ TYPE_CMSDK_APB_UART);
87
+ qdev_prop_set_uint32(DEVICE(&mms->uart[uartno]), "pclk-frq", CLK_FRQ);
88
+ qdev_prop_set_chr(DEVICE(&mms->uart[uartno]), "chardev", serial_hd(uartno));
89
+ sbd = SYS_BUS_DEVICE(&mms->uart[uartno]);
90
+ sysbus_realize(sbd, &error_fatal);
91
+ memory_region_add_subregion(mem, baseaddr,
92
+ sysbus_mmio_get_region(sbd, 0));
93
+ sysbus_connect_irq(sbd, 0, txirq);
94
+ sysbus_connect_irq(sbd, 1, rxirq);
95
+ sysbus_connect_irq(sbd, 2, txoverirq);
96
+ sysbus_connect_irq(sbd, 3, rxoverirq);
97
+ sysbus_connect_irq(sbd, 4, combirq);
98
+}
28
+
99
+
29
+NVDIMM is introduced in ACPI 6.0 which defines an NVDIMM root device under
100
static void mps3r_common_init(MachineState *machine)
30
+_SB scope with a _HID of "ACPI0012". For each NVDIMM present or intended
101
{
31
+to be supported by platform, platform firmware also exposes an ACPI
102
MPS3RMachineState *mms = MPS3R_MACHINE(machine);
32
+Namespace Device under the root device.
103
MPS3RMachineClass *mmc = MPS3R_MACHINE_GET_CLASS(mms);
104
MemoryRegion *sysmem = get_system_memory();
105
+ DeviceState *gicdev;
106
107
for (const RAMInfo *ri = mmc->raminfo; ri->name; ri++) {
108
MemoryRegion *mr = mr_for_raminfo(mms, ri);
109
@@ -XXX,XX +XXX,XX @@ static void mps3r_common_init(MachineState *machine)
110
}
111
112
create_gic(mms, sysmem);
113
+ gicdev = DEVICE(&mms->gic);
33
+
114
+
34
+The NVDIMM child devices under the NVDIMM root device are defined with _ADR
115
+ /*
35
+corresponding to the NFIT device handle. The NVDIMM root device and the
116
+ * UARTs 0 and 1 are per-CPU; their interrupts are wired to
36
+NVDIMM devices can have device specific methods (_DSM) to provide additional
117
+ * the relevant CPU's PPI 0..3, aka INTID 16..19
37
+functions specific to a particular NVDIMM implementation.
118
+ */
119
+ for (int i = 0; i < machine->smp.cpus; i++) {
120
+ int intidbase = NUM_SPIS + i * GIC_INTERNAL;
121
+ g_autofree char *s = g_strdup_printf("cpu-uart-oflow-orgate%d", i);
122
+ DeviceState *orgate;
38
+
123
+
39
+This is an example from ACPI 6.0, a platform contains one NVDIMM::
124
+ /* The two overflow IRQs from the UART are ORed together into PPI 3 */
125
+ object_initialize_child(OBJECT(mms), s, &mms->cpu_uart_oflow[i],
126
+ TYPE_OR_IRQ);
127
+ orgate = DEVICE(&mms->cpu_uart_oflow[i]);
128
+ qdev_prop_set_uint32(orgate, "num-lines", 2);
129
+ qdev_realize(orgate, NULL, &error_fatal);
130
+ qdev_connect_gpio_out(orgate, 0,
131
+ qdev_get_gpio_in(gicdev, intidbase + 19));
40
+
132
+
41
+ Scope (\_SB){
133
+ create_uart(mms, i, &mms->cpu_sysmem[i], 0xe7c00000,
42
+ Device (NVDR) // Root device
134
+ qdev_get_gpio_in(gicdev, intidbase + 17), /* tx */
43
+ {
135
+ qdev_get_gpio_in(gicdev, intidbase + 16), /* rx */
44
+ Name (_HID, "ACPI0012")
136
+ qdev_get_gpio_in(orgate, 0), /* txover */
45
+ Method (_STA) {...}
137
+ qdev_get_gpio_in(orgate, 1), /* rxover */
46
+ Method (_FIT) {...}
138
+ qdev_get_gpio_in(gicdev, intidbase + 18) /* combined */);
47
+ Method (_DSM, ...) {...}
139
+ }
48
+ Device (NVD)
140
+ /*
49
+ {
141
+ * UARTs 2 to 5 are whole-system; all overflow IRQs are ORed
50
+ Name(_ADR, h) //where h is NFIT Device Handle for this NVDIMM
142
+ * together into IRQ 17
51
+ Method (_DSM, ...) {...}
143
+ */
52
+ }
144
+ object_initialize_child(OBJECT(mms), "uart-oflow-orgate",
53
+ }
145
+ &mms->uart_oflow, TYPE_OR_IRQ);
54
+ }
146
+ qdev_prop_set_uint32(DEVICE(&mms->uart_oflow), "num-lines",
147
+ MPS3R_UART_MAX * 2);
148
+ qdev_realize(DEVICE(&mms->uart_oflow), NULL, &error_fatal);
149
+ qdev_connect_gpio_out(DEVICE(&mms->uart_oflow), 0,
150
+ qdev_get_gpio_in(gicdev, 17));
55
+
151
+
56
+Methods supported on both NVDIMM root device and NVDIMM device
152
+ for (int i = 0; i < MPS3R_UART_MAX; i++) {
57
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
153
+ hwaddr baseaddr = 0xe0205000 + i * 0x1000;
154
+ int rxirq = 5 + i * 2, txirq = 6 + i * 2, combirq = 13 + i;
58
+
155
+
59
+_DSM (Device Specific Method)
156
+ create_uart(mms, i + MPS3R_CPU_MAX, sysmem, baseaddr,
60
+ It is a control method that enables devices to provide device specific
157
+ qdev_get_gpio_in(gicdev, txirq),
61
+ control functions that are consumed by the device driver.
158
+ qdev_get_gpio_in(gicdev, rxirq),
62
+ The NVDIMM DSM specification can be found at
159
+ qdev_get_gpio_in(DEVICE(&mms->uart_oflow), i * 2),
63
+ http://pmem.io/documents/NVDIMM_DSM_Interface_Example.pdf
160
+ qdev_get_gpio_in(DEVICE(&mms->uart_oflow), i * 2 + 1),
64
+
161
+ qdev_get_gpio_in(gicdev, combirq));
65
+ Arguments:
162
+ }
66
+
163
67
+ Arg0
164
mms->bootinfo.ram_size = machine->ram_size;
68
+ A Buffer containing a UUID (16 Bytes)
165
mms->bootinfo.board_id = -1;
69
+ Arg1
70
+ An Integer containing the Revision ID (4 Bytes)
71
+ Arg2
72
+ An Integer containing the Function Index (4 Bytes)
73
+ Arg3
74
+ A package containing parameters for the function specified by the
75
+ UUID, Revision ID, and Function Index
76
+
77
+ Return Value:
78
+
79
+ If Function Index = 0, a Buffer containing a function index bitfield.
80
+ Otherwise, the return value and type depends on the UUID, revision ID
81
+ and function index which are described in the DSM specification.
82
+
83
+Methods on NVDIMM ROOT Device
84
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
85
+
86
+_FIT(Firmware Interface Table)
87
+ It evaluates to a buffer returning data in the format of a series of NFIT
88
+ Type Structure.
89
+
90
+ Arguments: None
91
+
92
+ Return Value:
93
+ A Buffer containing a list of NFIT Type structure entries.
94
+
95
+ The detailed definition of the structure can be found at ACPI 6.0: 5.2.25
96
+ NVDIMM Firmware Interface Table (NFIT).
97
+
98
+QEMU NVDIMM Implementation
99
+--------------------------
100
+
101
+QEMU uses 4 bytes IO Port starting from 0x0a18 and a RAM-based memory page
102
+for NVDIMM ACPI.
103
+
104
+Memory:
105
+ QEMU uses BIOS Linker/loader feature to ask BIOS to allocate a memory
106
+ page and dynamically patch its address into an int32 object named "MEMA"
107
+ in ACPI.
108
+
109
+ This page is RAM-based and it is used to transfer data between _DSM
110
+ method and QEMU. If ACPI has control, this pages is owned by ACPI which
111
+ writes _DSM input data to it, otherwise, it is owned by QEMU which
112
+ emulates _DSM access and writes the output data to it.
113
+
114
+ ACPI writes _DSM Input Data (based on the offset in the page):
115
+
116
+ [0x0 - 0x3]
117
+ 4 bytes, NVDIMM Device Handle.
118
+
119
+ The handle is completely QEMU internal thing, the values in
120
+ range [1, 0xFFFF] indicate nvdimm device. Other values are
121
+ reserved for other purposes.
122
+
123
+ Reserved handles:
124
+
125
+ - 0 is reserved for nvdimm root device named NVDR.
126
+ - 0x10000 is reserved for QEMU internal DSM function called on
127
+ the root device.
128
+
129
+ [0x4 - 0x7]
130
+ 4 bytes, Revision ID, that is the Arg1 of _DSM method.
131
+
132
+ [0x8 - 0xB]
133
+ 4 bytes. Function Index, that is the Arg2 of _DSM method.
134
+
135
+ [0xC - 0xFFF]
136
+ 4084 bytes, the Arg3 of _DSM method.
137
+
138
+ QEMU writes Output Data (based on the offset in the page):
139
+
140
+ [0x0 - 0x3]
141
+ 4 bytes, the length of result
142
+
143
+ [0x4 - 0xFFF]
144
+ 4092 bytes, the DSM result filled by QEMU
145
+
146
+IO Port 0x0a18 - 0xa1b:
147
+ ACPI writes the address of the memory page allocated by BIOS to this
148
+ port then QEMU gets the control and fills the result in the memory page.
149
+
150
+ Write Access:
151
+
152
+ [0x0a18 - 0xa1b]
153
+ 4 bytes, the address of the memory page allocated by BIOS.
154
+
155
+_DSM process diagram
156
+--------------------
157
+
158
+"MEMA" indicates the address of memory page allocated by BIOS.
159
+
160
+::
161
+
162
+ +----------------------+ +-----------------------+
163
+ | 1. OSPM | | 2. OSPM |
164
+ | save _DSM input data | | write "MEMA" to | Exit to QEMU
165
+ | to the page +----->| IO port 0x0a18 +------------+
166
+ | indicated by "MEMA" | | | |
167
+ +----------------------+ +-----------------------+ |
168
+ |
169
+ v
170
+ +--------------------+ +-----------+ +------------------+--------+
171
+ | 5 QEMU | | 4 QEMU | | 3. QEMU |
172
+ | write _DSM result | | emulate | | get _DSM input data from |
173
+ | to the page +<------+ _DSM +<-----+ the page indicated by the |
174
+ | | | | | value from the IO port |
175
+ +--------+-----------+ +-----------+ +---------------------------+
176
+ |
177
+ | Enter Guest
178
+ |
179
+ v
180
+ +--------------------------+ +--------------+
181
+ | 6 OSPM | | 7 OSPM |
182
+ | result size is returned | | _DSM return |
183
+ | by reading DSM +----->+ |
184
+ | result from the page | | |
185
+ +--------------------------+ +--------------+
186
+
187
+NVDIMM hotplug
188
+--------------
189
+
190
+ACPI BIOS GPE.4 handler is dedicated for notifying OS about nvdimm device
191
+hot-add event.
192
+
193
+QEMU internal use only _DSM functions
194
+-------------------------------------
195
+
196
+Read FIT
197
+^^^^^^^^
198
+
199
+_FIT method uses _DSM method to fetch NFIT structures blob from QEMU
200
+in 1 page sized increments which are then concatenated and returned
201
+as _FIT method result.
202
+
203
+Input parameters:
204
+
205
+Arg0
206
+ UUID {set to 648B9CF2-CDA1-4312-8AD9-49C4AF32BD62}
207
+Arg1
208
+ Revision ID (set to 1)
209
+Arg2
210
+ Function Index, 0x1
211
+Arg3
212
+ A package containing a buffer whose layout is as follows:
213
+
214
+ +----------+--------+--------+-------------------------------------------+
215
+ | Field | Length | Offset | Description |
216
+ +----------+--------+--------+-------------------------------------------+
217
+ | offset | 4 | 0 | offset in QEMU's NFIT structures blob to |
218
+ | | | | read from |
219
+ +----------+--------+--------+-------------------------------------------+
220
+
221
+Output layout in the dsm memory page:
222
+
223
+ +----------+--------+--------+-------------------------------------------+
224
+ | Field | Length | Offset | Description |
225
+ +----------+--------+--------+-------------------------------------------+
226
+ | length | 4 | 0 | length of entire returned data |
227
+ | | | | (including this header) |
228
+ +----------+--------+--------+-------------------------------------------+
229
+ | | | | return status codes |
230
+ | | | | |
231
+ | | | | - 0x0 - success |
232
+ | | | | - 0x100 - error caused by NFIT update |
233
+ | status | 4 | 4 | while read by _FIT wasn't completed |
234
+ | | | | - other codes follow Chapter 3 in |
235
+ | | | | DSM Spec Rev1 |
236
+ +----------+--------+--------+-------------------------------------------+
237
+ | fit data | Varies | 8 | contains FIT data. This field is present |
238
+ | | | | if status field is 0. |
239
+ +----------+--------+--------+-------------------------------------------+
240
+
241
+The FIT offset is maintained by the OSPM itself, current offset plus
242
+the size of the fit data returned by the function is the next offset
243
+OSPM should read. When all FIT data has been read out, zero fit data
244
+size is returned.
245
+
246
+If it returns status code 0x100, OSPM should restart to read FIT (read
247
+from offset 0 again).
248
diff --git a/docs/specs/acpi_nvdimm.txt b/docs/specs/acpi_nvdimm.txt
249
deleted file mode 100644
250
index XXXXXXX..XXXXXXX
251
--- a/docs/specs/acpi_nvdimm.txt
252
+++ /dev/null
253
@@ -XXX,XX +XXX,XX @@
254
-QEMU<->ACPI BIOS NVDIMM interface
255
----------------------------------
256
-
257
-QEMU supports NVDIMM via ACPI. This document describes the basic concepts of
258
-NVDIMM ACPI and the interface between QEMU and the ACPI BIOS.
259
-
260
-NVDIMM ACPI Background
261
-----------------------
262
-NVDIMM is introduced in ACPI 6.0 which defines an NVDIMM root device under
263
-_SB scope with a _HID of “ACPI0012”. For each NVDIMM present or intended
264
-to be supported by platform, platform firmware also exposes an ACPI
265
-Namespace Device under the root device.
266
-
267
-The NVDIMM child devices under the NVDIMM root device are defined with _ADR
268
-corresponding to the NFIT device handle. The NVDIMM root device and the
269
-NVDIMM devices can have device specific methods (_DSM) to provide additional
270
-functions specific to a particular NVDIMM implementation.
271
-
272
-This is an example from ACPI 6.0, a platform contains one NVDIMM:
273
-
274
-Scope (\_SB){
275
- Device (NVDR) // Root device
276
- {
277
- Name (_HID, “ACPI0012”)
278
- Method (_STA) {...}
279
- Method (_FIT) {...}
280
- Method (_DSM, ...) {...}
281
- Device (NVD)
282
- {
283
- Name(_ADR, h) //where h is NFIT Device Handle for this NVDIMM
284
- Method (_DSM, ...) {...}
285
- }
286
- }
287
-}
288
-
289
-Method supported on both NVDIMM root device and NVDIMM device
290
-_DSM (Device Specific Method)
291
- It is a control method that enables devices to provide device specific
292
- control functions that are consumed by the device driver.
293
- The NVDIMM DSM specification can be found at:
294
- http://pmem.io/documents/NVDIMM_DSM_Interface_Example.pdf
295
-
296
- Arguments:
297
- Arg0 – A Buffer containing a UUID (16 Bytes)
298
- Arg1 – An Integer containing the Revision ID (4 Bytes)
299
- Arg2 – An Integer containing the Function Index (4 Bytes)
300
- Arg3 – A package containing parameters for the function specified by the
301
- UUID, Revision ID, and Function Index
302
-
303
- Return Value:
304
- If Function Index = 0, a Buffer containing a function index bitfield.
305
- Otherwise, the return value and type depends on the UUID, revision ID
306
- and function index which are described in the DSM specification.
307
-
308
-Methods on NVDIMM ROOT Device
309
-_FIT(Firmware Interface Table)
310
- It evaluates to a buffer returning data in the format of a series of NFIT
311
- Type Structure.
312
-
313
- Arguments: None
314
-
315
- Return Value:
316
- A Buffer containing a list of NFIT Type structure entries.
317
-
318
- The detailed definition of the structure can be found at ACPI 6.0: 5.2.25
319
- NVDIMM Firmware Interface Table (NFIT).
320
-
321
-QEMU NVDIMM Implementation
322
-==========================
323
-QEMU uses 4 bytes IO Port starting from 0x0a18 and a RAM-based memory page
324
-for NVDIMM ACPI.
325
-
326
-Memory:
327
- QEMU uses BIOS Linker/loader feature to ask BIOS to allocate a memory
328
- page and dynamically patch its address into an int32 object named "MEMA"
329
- in ACPI.
330
-
331
- This page is RAM-based and it is used to transfer data between _DSM
332
- method and QEMU. If ACPI has control, this pages is owned by ACPI which
333
- writes _DSM input data to it, otherwise, it is owned by QEMU which
334
- emulates _DSM access and writes the output data to it.
335
-
336
- ACPI writes _DSM Input Data (based on the offset in the page):
337
- [0x0 - 0x3]: 4 bytes, NVDIMM Device Handle.
338
-
339
- The handle is completely QEMU internal thing, the values in
340
- range [1, 0xFFFF] indicate nvdimm device. Other values are
341
- reserved for other purposes.
342
-
343
- Reserved handles:
344
- 0 is reserved for nvdimm root device named NVDR.
345
- 0x10000 is reserved for QEMU internal DSM function called on
346
- the root device.
347
-
348
- [0x4 - 0x7]: 4 bytes, Revision ID, that is the Arg1 of _DSM method.
349
- [0x8 - 0xB]: 4 bytes. Function Index, that is the Arg2 of _DSM method.
350
- [0xC - 0xFFF]: 4084 bytes, the Arg3 of _DSM method.
351
-
352
- QEMU Writes Output Data (based on the offset in the page):
353
- [0x0 - 0x3]: 4 bytes, the length of result
354
- [0x4 - 0xFFF]: 4092 bytes, the DSM result filled by QEMU
355
-
356
-IO Port 0x0a18 - 0xa1b:
357
- ACPI writes the address of the memory page allocated by BIOS to this
358
- port then QEMU gets the control and fills the result in the memory page.
359
-
360
- write Access:
361
- [0x0a18 - 0xa1b]: 4 bytes, the address of the memory page allocated
362
- by BIOS.
363
-
364
-_DSM process diagram:
365
----------------------
366
-"MEMA" indicates the address of memory page allocated by BIOS.
367
-
368
- +----------------------+   +-----------------------+
369
- |   1. OSPM   |      | 2. OSPM |
370
- | save _DSM input data | | write "MEMA" to | Exit to QEMU
371
- | to the page +----->| IO port 0x0a18 +------------+
372
- | indicated by "MEMA" | | | |
373
- +----------------------+ +-----------------------+ |
374
-  |
375
-  v
376
- +------------- ----+ +-----------+ +------------------+--------+
377
- | 5 QEMU | | 4 QEMU | | 3. QEMU |
378
- | write _DSM result | | emulate | | get _DSM input data from |
379
- | to the page +<------+ _DSM +<-----+ the page indicated by the |
380
- | | | | | value from the IO port |
381
- +--------+-----------+ +-----------+ +---------------------------+
382
- |
383
- | Enter Guest
384
- |
385
- v
386
- +--------------------------+ +--------------+
387
- | 6 OSPM | | 7 OSPM |
388
- | result size is returned | | _DSM return |
389
- | by reading DSM +----->+ |
390
- | result from the page | | |
391
- +--------------------------+ +--------------+
392
-
393
-NVDIMM hotplug
394
---------------
395
-ACPI BIOS GPE.4 handler is dedicated for notifying OS about nvdimm device
396
-hot-add event.
397
-
398
-QEMU internal use only _DSM function
399
-------------------------------------
400
-1) Read FIT
401
- _FIT method uses _DSM method to fetch NFIT structures blob from QEMU
402
- in 1 page sized increments which are then concatenated and returned
403
- as _FIT method result.
404
-
405
- Input parameters:
406
- Arg0 – UUID {set to 648B9CF2-CDA1-4312-8AD9-49C4AF32BD62}
407
- Arg1 – Revision ID (set to 1)
408
- Arg2 - Function Index, 0x1
409
- Arg3 - A package containing a buffer whose layout is as follows:
410
-
411
- +----------+--------+--------+-------------------------------------------+
412
- | Field | Length | Offset | Description |
413
- +----------+--------+--------+-------------------------------------------+
414
- | offset | 4 | 0 | offset in QEMU's NFIT structures blob to |
415
- | | | | read from |
416
- +----------+--------+--------+-------------------------------------------+
417
-
418
- Output layout in the dsm memory page:
419
- +----------+--------+--------+-------------------------------------------+
420
- | Field | Length | Offset | Description |
421
- +----------+--------+--------+-------------------------------------------+
422
- | length | 4 | 0 | length of entire returned data |
423
- | | | | (including this header) |
424
- +----------+-----------------+-------------------------------------------+
425
- | | | | return status codes |
426
- | | | | 0x0 - success |
427
- | | | | 0x100 - error caused by NFIT update while |
428
- | status | 4 | 4 | read by _FIT wasn't completed, other |
429
- | | | | codes follow Chapter 3 in DSM Spec Rev1 |
430
- +----------+-----------------+-------------------------------------------+
431
- | fit data | Varies | 8 | contains FIT data, this field is present |
432
- | | | | if status field is 0; |
433
- +----------+--------+--------+-------------------------------------------+
434
-
435
- The FIT offset is maintained by the OSPM itself, current offset plus
436
- the size of the fit data returned by the function is the next offset
437
- OSPM should read. When all FIT data has been read out, zero fit data
438
- size is returned.
439
-
440
- If it returns status code 0x100, OSPM should restart to read FIT (read
441
- from offset 0 again).
442
diff --git a/docs/specs/index.rst b/docs/specs/index.rst
443
index XXXXXXX..XXXXXXX 100644
444
--- a/docs/specs/index.rst
445
+++ b/docs/specs/index.rst
446
@@ -XXX,XX +XXX,XX @@ guest hardware that is specific to QEMU.
447
acpi_cpu_hotplug
448
acpi_mem_hotplug
449
acpi_pci_hotplug
450
+ acpi_nvdimm
451
--
166
--
452
2.20.1
167
2.34.1
453
168
454
169
diff view generated by jsdifflib
[PULL 22/37] stubs: Remove unused arch_type.c stub
[PULL 33/35] hw/arm/mps3r: Add GPIO, watchdog, dual-timer, I2C devices
1
We added a stub for the arch_type global in commit 5964ed56d9a1 so
1
Add the GPIO, watchdog, dual-timer and I2C devices to the mps3-an536
2
that we could compile blockdev.c into the tools. However, in commit
2
board. These are all simple devices that just need to be created and
3
9db1d3a2be9bf we removed the only use of arch_type from blockdev.c.
3
wired up.
4
The stub is therefore no longer needed, and we can delete it again,
5
together with the QEMU_ARCH_NONE value that only the stub was using.
6
4
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
6
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
9
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
7
Message-id: 20240206132931.38376-12-peter.maydell@linaro.org
10
Message-id: 20210730105947.28215-9-peter.maydell@linaro.org
11
---
8
---
12
include/sysemu/arch_init.h | 2 --
9
hw/arm/mps3r.c | 59 ++++++++++++++++++++++++++++++++++++++++++++++++++
13
stubs/arch_type.c | 4 ----
10
1 file changed, 59 insertions(+)
14
stubs/meson.build | 1 -
15
3 files changed, 7 deletions(-)
16
delete mode 100644 stubs/arch_type.c
17
11
18
diff --git a/include/sysemu/arch_init.h b/include/sysemu/arch_init.h
12
diff --git a/hw/arm/mps3r.c b/hw/arm/mps3r.c
19
index XXXXXXX..XXXXXXX 100644
13
index XXXXXXX..XXXXXXX 100644
20
--- a/include/sysemu/arch_init.h
14
--- a/hw/arm/mps3r.c
21
+++ b/include/sysemu/arch_init.h
15
+++ b/hw/arm/mps3r.c
22
@@ -XXX,XX +XXX,XX @@ enum {
16
@@ -XXX,XX +XXX,XX @@
23
QEMU_ARCH_RX = (1 << 20),
17
#include "sysemu/sysemu.h"
24
QEMU_ARCH_AVR = (1 << 21),
18
#include "hw/boards.h"
25
QEMU_ARCH_HEXAGON = (1 << 22),
19
#include "hw/or-irq.h"
26
-
20
+#include "hw/qdev-clock.h"
27
- QEMU_ARCH_NONE = (1 << 31),
21
#include "hw/qdev-properties.h"
22
#include "hw/arm/boot.h"
23
#include "hw/arm/bsa.h"
24
#include "hw/char/cmsdk-apb-uart.h"
25
+#include "hw/i2c/arm_sbcon_i2c.h"
26
#include "hw/intc/arm_gicv3.h"
27
+#include "hw/misc/unimp.h"
28
+#include "hw/timer/cmsdk-apb-dualtimer.h"
29
+#include "hw/watchdog/cmsdk-apb-watchdog.h"
30
31
/* Define the layout of RAM and ROM in a board */
32
typedef struct RAMInfo {
33
@@ -XXX,XX +XXX,XX @@ struct MPS3RMachineState {
34
CMSDKAPBUART uart[MPS3R_CPU_MAX + MPS3R_UART_MAX];
35
OrIRQState cpu_uart_oflow[MPS3R_CPU_MAX];
36
OrIRQState uart_oflow;
37
+ CMSDKAPBWatchdog watchdog;
38
+ CMSDKAPBDualTimer dualtimer;
39
+ ArmSbconI2CState i2c[5];
40
+ Clock *clk;
28
};
41
};
29
42
30
extern const uint32_t arch_type;
43
#define TYPE_MPS3R_MACHINE "mps3r"
31
diff --git a/stubs/arch_type.c b/stubs/arch_type.c
44
@@ -XXX,XX +XXX,XX @@ static void mps3r_common_init(MachineState *machine)
32
deleted file mode 100644
45
MemoryRegion *sysmem = get_system_memory();
33
index XXXXXXX..XXXXXXX
46
DeviceState *gicdev;
34
--- a/stubs/arch_type.c
47
35
+++ /dev/null
48
+ mms->clk = clock_new(OBJECT(machine), "CLK");
36
@@ -XXX,XX +XXX,XX @@
49
+ clock_set_hz(mms->clk, CLK_FRQ);
37
-#include "qemu/osdep.h"
50
+
38
-#include "sysemu/arch_init.h"
51
for (const RAMInfo *ri = mmc->raminfo; ri->name; ri++) {
39
-
52
MemoryRegion *mr = mr_for_raminfo(mms, ri);
40
-const uint32_t arch_type = QEMU_ARCH_NONE;
53
memory_region_add_subregion(sysmem, ri->base, mr);
41
diff --git a/stubs/meson.build b/stubs/meson.build
54
@@ -XXX,XX +XXX,XX @@ static void mps3r_common_init(MachineState *machine)
42
index XXXXXXX..XXXXXXX 100644
55
qdev_get_gpio_in(gicdev, combirq));
43
--- a/stubs/meson.build
56
}
44
+++ b/stubs/meson.build
57
45
@@ -XXX,XX +XXX,XX @@
58
+ for (int i = 0; i < 4; i++) {
46
-stub_ss.add(files('arch_type.c'))
59
+ /* CMSDK GPIO controllers */
47
stub_ss.add(files('bdrv-next-monitor-owned.c'))
60
+ g_autofree char *s = g_strdup_printf("gpio%d", i);
48
stub_ss.add(files('blk-commit-all.c'))
61
+ create_unimplemented_device(s, 0xe0000000 + i * 0x1000, 0x1000);
49
stub_ss.add(files('blk-exp-close-all.c'))
62
+ }
63
+
64
+ object_initialize_child(OBJECT(mms), "watchdog", &mms->watchdog,
65
+ TYPE_CMSDK_APB_WATCHDOG);
66
+ qdev_connect_clock_in(DEVICE(&mms->watchdog), "WDOGCLK", mms->clk);
67
+ sysbus_realize(SYS_BUS_DEVICE(&mms->watchdog), &error_fatal);
68
+ sysbus_connect_irq(SYS_BUS_DEVICE(&mms->watchdog), 0,
69
+ qdev_get_gpio_in(gicdev, 0));
70
+ sysbus_mmio_map(SYS_BUS_DEVICE(&mms->watchdog), 0, 0xe0100000);
71
+
72
+ object_initialize_child(OBJECT(mms), "dualtimer", &mms->dualtimer,
73
+ TYPE_CMSDK_APB_DUALTIMER);
74
+ qdev_connect_clock_in(DEVICE(&mms->dualtimer), "TIMCLK", mms->clk);
75
+ sysbus_realize(SYS_BUS_DEVICE(&mms->dualtimer), &error_fatal);
76
+ sysbus_connect_irq(SYS_BUS_DEVICE(&mms->dualtimer), 0,
77
+ qdev_get_gpio_in(gicdev, 3));
78
+ sysbus_connect_irq(SYS_BUS_DEVICE(&mms->dualtimer), 1,
79
+ qdev_get_gpio_in(gicdev, 1));
80
+ sysbus_connect_irq(SYS_BUS_DEVICE(&mms->dualtimer), 2,
81
+ qdev_get_gpio_in(gicdev, 2));
82
+ sysbus_mmio_map(SYS_BUS_DEVICE(&mms->dualtimer), 0, 0xe0101000);
83
+
84
+ for (int i = 0; i < ARRAY_SIZE(mms->i2c); i++) {
85
+ static const hwaddr i2cbase[] = {0xe0102000, /* Touch */
86
+ 0xe0103000, /* Audio */
87
+ 0xe0107000, /* Shield0 */
88
+ 0xe0108000, /* Shield1 */
89
+ 0xe0109000}; /* DDR4 EEPROM */
90
+ g_autofree char *s = g_strdup_printf("i2c%d", i);
91
+
92
+ object_initialize_child(OBJECT(mms), s, &mms->i2c[i],
93
+ TYPE_ARM_SBCON_I2C);
94
+ sysbus_realize(SYS_BUS_DEVICE(&mms->i2c[i]), &error_fatal);
95
+ sysbus_mmio_map(SYS_BUS_DEVICE(&mms->i2c[i]), 0, i2cbase[i]);
96
+ if (i != 2 && i != 3) {
97
+ /*
98
+ * internal-only bus: mark it full to avoid user-created
99
+ * i2c devices being plugged into it.
100
+ */
101
+ qbus_mark_full(qdev_get_child_bus(DEVICE(&mms->i2c[i]), "i2c"));
102
+ }
103
+ }
104
+
105
mms->bootinfo.ram_size = machine->ram_size;
106
mms->bootinfo.board_id = -1;
107
mms->bootinfo.loader_start = mmc->loader_start;
50
--
108
--
51
2.20.1
109
2.34.1
52
110
53
111
diff view generated by jsdifflib
[PULL 31/37] target/arm: Avoid assertion trying to use KVM and multiple ASes
[PULL 34/35] hw/arm/mps3r: Add remaining devices
1
KVM cannot support multiple address spaces per CPU; if you try to
1
Add the remaining devices (or unimplemented-device stubs) for
2
create more than one then cpu_address_space_init() will assert.
2
this board: SPI controllers, SCC, FPGAIO, I2S, RTC, the
3
QSPI write-config block, and ethernet.
3
4
4
In the Arm CPU realize function, detect the configurations which
5
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5
would cause us to need more than one AS, and cleanly fail the
6
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
6
realize rather than blundering on into the assertion. This
7
Message-id: 20240206132931.38376-13-peter.maydell@linaro.org
7
turns this:
8
---
8
$ qemu-system-aarch64 -enable-kvm -display none -cpu max -machine raspi3b
9
hw/arm/mps3r.c | 74 ++++++++++++++++++++++++++++++++++++++++++++++++++
9
qemu-system-aarch64: ../../softmmu/physmem.c:747: cpu_address_space_init: Assertion `asidx == 0 || !kvm_enabled()' failed.
10
1 file changed, 74 insertions(+)
10
Aborted
11
11
12
into:
12
diff --git a/hw/arm/mps3r.c b/hw/arm/mps3r.c
13
$ qemu-system-aarch64 -enable-kvm -display none -machine raspi3b
14
qemu-system-aarch64: Cannot enable KVM when guest CPU has EL3 enabled
15
16
and this:
17
$ qemu-system-aarch64 -enable-kvm -display none -machine mps3-an524
18
qemu-system-aarch64: ../../softmmu/physmem.c:747: cpu_address_space_init: Assertion `asidx == 0 || !kvm_enabled()' failed.
19
Aborted
20
21
into:
22
$ qemu-system-aarch64 -enable-kvm -display none -machine mps3-an524
23
qemu-system-aarch64: Cannot enable KVM when using an M-profile guest CPU
24
25
Fixes: https://gitlab.com/qemu-project/qemu/-/issues/528
26
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
27
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
28
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
29
Message-id: 20210816135842.25302-3-peter.maydell@linaro.org
30
---
31
target/arm/cpu.c | 23 +++++++++++++++++++++++
32
1 file changed, 23 insertions(+)
33
34
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
35
index XXXXXXX..XXXXXXX 100644
13
index XXXXXXX..XXXXXXX 100644
36
--- a/target/arm/cpu.c
14
--- a/hw/arm/mps3r.c
37
+++ b/target/arm/cpu.c
15
+++ b/hw/arm/mps3r.c
38
@@ -XXX,XX +XXX,XX @@ static void arm_cpu_realizefn(DeviceState *dev, Error **errp)
16
@@ -XXX,XX +XXX,XX @@
17
#include "hw/char/cmsdk-apb-uart.h"
18
#include "hw/i2c/arm_sbcon_i2c.h"
19
#include "hw/intc/arm_gicv3.h"
20
+#include "hw/misc/mps2-scc.h"
21
+#include "hw/misc/mps2-fpgaio.h"
22
#include "hw/misc/unimp.h"
23
+#include "hw/net/lan9118.h"
24
+#include "hw/rtc/pl031.h"
25
+#include "hw/ssi/pl022.h"
26
#include "hw/timer/cmsdk-apb-dualtimer.h"
27
#include "hw/watchdog/cmsdk-apb-watchdog.h"
28
29
@@ -XXX,XX +XXX,XX @@ struct MPS3RMachineState {
30
CMSDKAPBWatchdog watchdog;
31
CMSDKAPBDualTimer dualtimer;
32
ArmSbconI2CState i2c[5];
33
+ PL022State spi[3];
34
+ MPS2SCC scc;
35
+ MPS2FPGAIO fpgaio;
36
+ UnimplementedDeviceState i2s_audio;
37
+ PL031State rtc;
38
Clock *clk;
39
};
40
41
@@ -XXX,XX +XXX,XX @@ static const RAMInfo an536_raminfo[] = {
42
}
43
};
44
45
+static const int an536_oscclk[] = {
46
+ 24000000, /* 24MHz reference for RTC and timers */
47
+ 50000000, /* 50MHz ACLK */
48
+ 50000000, /* 50MHz MCLK */
49
+ 50000000, /* 50MHz GPUCLK */
50
+ 24576000, /* 24.576MHz AUDCLK */
51
+ 23750000, /* 23.75MHz HDLCDCLK */
52
+ 100000000, /* 100MHz DDR4_REF_CLK */
53
+};
54
+
55
static MemoryRegion *mr_for_raminfo(MPS3RMachineState *mms,
56
const RAMInfo *raminfo)
57
{
58
@@ -XXX,XX +XXX,XX @@ static void mps3r_common_init(MachineState *machine)
59
MPS3RMachineClass *mmc = MPS3R_MACHINE_GET_CLASS(mms);
60
MemoryRegion *sysmem = get_system_memory();
61
DeviceState *gicdev;
62
+ QList *oscclk;
63
64
mms->clk = clock_new(OBJECT(machine), "CLK");
65
clock_set_hz(mms->clk, CLK_FRQ);
66
@@ -XXX,XX +XXX,XX @@ static void mps3r_common_init(MachineState *machine)
39
}
67
}
40
}
68
}
41
69
42
+ if (kvm_enabled()) {
70
+ for (int i = 0; i < ARRAY_SIZE(mms->spi); i++) {
43
+ /*
71
+ g_autofree char *s = g_strdup_printf("spi%d", i);
44
+ * Catch all the cases which might cause us to create more than one
72
+ hwaddr baseaddr = 0xe0104000 + i * 0x1000;
45
+ * address space for the CPU (otherwise we will assert() later in
73
+
46
+ * cpu_address_space_init()).
74
+ object_initialize_child(OBJECT(mms), s, &mms->spi[i], TYPE_PL022);
47
+ */
75
+ sysbus_realize(SYS_BUS_DEVICE(&mms->spi[i]), &error_fatal);
48
+ if (arm_feature(env, ARM_FEATURE_M)) {
76
+ sysbus_mmio_map(SYS_BUS_DEVICE(&mms->spi[i]), 0, baseaddr);
49
+ error_setg(errp,
77
+ sysbus_connect_irq(SYS_BUS_DEVICE(&mms->spi[i]), 0,
50
+ "Cannot enable KVM when using an M-profile guest CPU");
78
+ qdev_get_gpio_in(gicdev, 22 + i));
51
+ return;
52
+ }
53
+ if (cpu->has_el3) {
54
+ error_setg(errp,
55
+ "Cannot enable KVM when guest CPU has EL3 enabled");
56
+ return;
57
+ }
58
+ if (cpu->tag_memory) {
59
+ error_setg(errp,
60
+ "Cannot enable KVM when guest CPUs has MTE enabled");
61
+ return;
62
+ }
63
+ }
79
+ }
64
+
80
+
65
{
81
+ object_initialize_child(OBJECT(mms), "scc", &mms->scc, TYPE_MPS2_SCC);
66
uint64_t scale;
82
+ qdev_prop_set_uint32(DEVICE(&mms->scc), "scc-cfg0", 0);
67
83
+ qdev_prop_set_uint32(DEVICE(&mms->scc), "scc-cfg4", 0x2);
84
+ qdev_prop_set_uint32(DEVICE(&mms->scc), "scc-aid", 0x00200008);
85
+ qdev_prop_set_uint32(DEVICE(&mms->scc), "scc-id", 0x41055360);
86
+ oscclk = qlist_new();
87
+ for (int i = 0; i < ARRAY_SIZE(an536_oscclk); i++) {
88
+ qlist_append_int(oscclk, an536_oscclk[i]);
89
+ }
90
+ qdev_prop_set_array(DEVICE(&mms->scc), "oscclk", oscclk);
91
+ sysbus_realize(SYS_BUS_DEVICE(&mms->scc), &error_fatal);
92
+ sysbus_mmio_map(SYS_BUS_DEVICE(&mms->scc), 0, 0xe0200000);
93
+
94
+ create_unimplemented_device("i2s-audio", 0xe0201000, 0x1000);
95
+
96
+ object_initialize_child(OBJECT(mms), "fpgaio", &mms->fpgaio,
97
+ TYPE_MPS2_FPGAIO);
98
+ qdev_prop_set_uint32(DEVICE(&mms->fpgaio), "prescale-clk", an536_oscclk[1]);
99
+ qdev_prop_set_uint32(DEVICE(&mms->fpgaio), "num-leds", 10);
100
+ qdev_prop_set_bit(DEVICE(&mms->fpgaio), "has-switches", true);
101
+ qdev_prop_set_bit(DEVICE(&mms->fpgaio), "has-dbgctrl", false);
102
+ sysbus_realize(SYS_BUS_DEVICE(&mms->fpgaio), &error_fatal);
103
+ sysbus_mmio_map(SYS_BUS_DEVICE(&mms->fpgaio), 0, 0xe0202000);
104
+
105
+ create_unimplemented_device("clcd", 0xe0209000, 0x1000);
106
+
107
+ object_initialize_child(OBJECT(mms), "rtc", &mms->rtc, TYPE_PL031);
108
+ sysbus_realize(SYS_BUS_DEVICE(&mms->rtc), &error_fatal);
109
+ sysbus_mmio_map(SYS_BUS_DEVICE(&mms->rtc), 0, 0xe020a000);
110
+ sysbus_connect_irq(SYS_BUS_DEVICE(&mms->rtc), 0,
111
+ qdev_get_gpio_in(gicdev, 4));
112
+
113
+ /*
114
+ * In hardware this is a LAN9220; the LAN9118 is software compatible
115
+ * except that it doesn't support the checksum-offload feature.
116
+ */
117
+ lan9118_init(0xe0300000,
118
+ qdev_get_gpio_in(gicdev, 18));
119
+
120
+ create_unimplemented_device("usb", 0xe0301000, 0x1000);
121
+ create_unimplemented_device("qspi-write-config", 0xe0600000, 0x1000);
122
+
123
mms->bootinfo.ram_size = machine->ram_size;
124
mms->bootinfo.board_id = -1;
125
mms->bootinfo.loader_start = mmc->loader_start;
68
--
126
--
69
2.20.1
127
2.34.1
70
128
71
129
diff view generated by jsdifflib
[PULL 12/37] docs/specs/acpi_pci_hotplug: Convert to rST
[PULL 35/35] docs: Add documentation for the mps3-an536 board
1
Convert the PCI hotplug spec document to rST.
1
Add documentation for the mps3-an536 board type.
2
2
3
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
3
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
4
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
5
Message-id: 20240206132931.38376-14-peter.maydell@linaro.org
5
---
6
---
6
...i_pci_hotplug.txt => acpi_pci_hotplug.rst} | 37 ++++++++++---------
7
docs/system/arm/mps2.rst | 37 ++++++++++++++++++++++++++++++++++---
7
docs/specs/index.rst | 1 +
8
1 file changed, 34 insertions(+), 3 deletions(-)
8
2 files changed, 21 insertions(+), 17 deletions(-)
9
rename docs/specs/{acpi_pci_hotplug.txt => acpi_pci_hotplug.rst} (51%)
10
9
11
diff --git a/docs/specs/acpi_pci_hotplug.txt b/docs/specs/acpi_pci_hotplug.rst
10
diff --git a/docs/system/arm/mps2.rst b/docs/system/arm/mps2.rst
12
similarity index 51%
13
rename from docs/specs/acpi_pci_hotplug.txt
14
rename to docs/specs/acpi_pci_hotplug.rst
15
index XXXXXXX..XXXXXXX 100644
11
index XXXXXXX..XXXXXXX 100644
16
--- a/docs/specs/acpi_pci_hotplug.txt
12
--- a/docs/system/arm/mps2.rst
17
+++ b/docs/specs/acpi_pci_hotplug.rst
13
+++ b/docs/system/arm/mps2.rst
18
@@ -XXX,XX +XXX,XX @@
14
@@ -XXX,XX +XXX,XX @@
19
QEMU<->ACPI BIOS PCI hotplug interface
15
-Arm MPS2 and MPS3 boards (``mps2-an385``, ``mps2-an386``, ``mps2-an500``, ``mps2-an505``, ``mps2-an511``, ``mps2-an521``, ``mps3-an524``, ``mps3-an547``)
20
---------------------------------------
16
-=========================================================================================================================================================
21
+======================================
17
+Arm MPS2 and MPS3 boards (``mps2-an385``, ``mps2-an386``, ``mps2-an500``, ``mps2-an505``, ``mps2-an511``, ``mps2-an521``, ``mps3-an524``, ``mps3-an536``, ``mps3-an547``)
22
18
+=========================================================================================================================================================================
23
QEMU supports PCI hotplug via ACPI, for PCI bus 0. This document
19
24
describes the interface between QEMU and the ACPI BIOS.
20
-These board models all use Arm M-profile CPUs.
25
21
+These board models use Arm M-profile or R-profile CPUs.
26
-ACPI GPE block (IO ports 0xafe0-0xafe3, byte access):
22
27
------------------------------------------
23
The Arm MPS2, MPS2+ and MPS3 dev boards are FPGA based (the 2+ has a
28
+ACPI GPE block (IO ports 0xafe0-0xafe3, byte access)
24
bigger FPGA but is otherwise the same as the 2; the 3 has a bigger
29
+----------------------------------------------------
25
@@ -XXX,XX +XXX,XX @@ FPGA image.
30
26
31
Generic ACPI GPE block. Bit 1 (GPE.1) used to notify PCI hotplug/eject
27
QEMU models the following FPGA images:
32
event to ACPI BIOS, via SCI interrupt.
28
33
29
+FPGA images using M-profile CPUs:
34
-PCI slot injection notification pending (IO port 0xae00-0xae03, 4-byte access):
35
----------------------------------------------------------------
36
+PCI slot injection notification pending (IO port 0xae00-0xae03, 4-byte access)
37
+------------------------------------------------------------------------------
38
+
30
+
39
Slot injection notification pending. One bit per slot.
31
``mps2-an385``
40
32
Cortex-M3 as documented in Arm Application Note AN385
41
Read by ACPI BIOS GPE.1 handler to notify OS of injection
33
``mps2-an386``
42
events. Read-only.
34
@@ -XXX,XX +XXX,XX @@ QEMU models the following FPGA images:
43
35
``mps3-an547``
44
-PCI slot removal notification (IO port 0xae04-0xae07, 4-byte access):
36
Cortex-M55 on an MPS3, as documented in Arm Application Note AN547
45
------------------------------------------------------
37
46
+PCI slot removal notification (IO port 0xae04-0xae07, 4-byte access)
38
+FPGA images using R-profile CPUs:
47
+--------------------------------------------------------------------
48
+
39
+
49
Slot removal notification pending. One bit per slot.
40
+``mps3-an536``
50
41
+ Dual Cortex-R52 on an MPS3, as documented in Arm Application Note AN536
51
Read by ACPI BIOS GPE.1 handler to notify OS of removal
52
events. Read-only.
53
54
-PCI device eject (IO port 0xae08-0xae0b, 4-byte access):
55
-----------------------------------------
56
+PCI device eject (IO port 0xae08-0xae0b, 4-byte access)
57
+-------------------------------------------------------
58
59
Write: Used by ACPI BIOS _EJ0 method to request device removal.
60
One bit per slot.
61
62
Read: Hotplug features register. Used by platform to identify features
63
available. Current base feature set (no bits set):
64
- - Read-only "up" register @0xae00, 4-byte access, bit per slot
65
- - Read-only "down" register @0xae04, 4-byte access, bit per slot
66
- - Read/write "eject" register @0xae08, 4-byte access,
67
- write: bit per slot eject, read: hotplug feature set
68
- - Read-only hotplug capable register @0xae0c, 4-byte access, bit per slot
69
70
-PCI removability status (IO port 0xae0c-0xae0f, 4-byte access):
71
------------------------------------------------
72
+- Read-only "up" register @0xae00, 4-byte access, bit per slot
73
+- Read-only "down" register @0xae04, 4-byte access, bit per slot
74
+- Read/write "eject" register @0xae08, 4-byte access,
75
+ write: bit per slot eject, read: hotplug feature set
76
+- Read-only hotplug capable register @0xae0c, 4-byte access, bit per slot
77
+
42
+
78
+PCI removability status (IO port 0xae0c-0xae0f, 4-byte access)
43
Differences between QEMU and real hardware:
79
+--------------------------------------------------------------
44
80
45
- AN385/AN386 remapping of low 16K of memory to either ZBT SSRAM1 or to
81
Used by ACPI BIOS _RMV method to indicate removability status to OS. One
46
@@ -XXX,XX +XXX,XX @@ Differences between QEMU and real hardware:
82
-bit per slot. Read-only
47
flash, but only as simple ROM, so attempting to rewrite the flash
83
+bit per slot. Read-only.
48
from the guest will fail
84
diff --git a/docs/specs/index.rst b/docs/specs/index.rst
49
- QEMU does not model the USB controller in MPS3 boards
85
index XXXXXXX..XXXXXXX 100644
50
+- AN536 does not support runtime control of CPU reset and halt via
86
--- a/docs/specs/index.rst
51
+ the SCC CFG_REG0 register.
87
+++ b/docs/specs/index.rst
52
+- AN536 does not support enabling or disabling the flash and ATCM
88
@@ -XXX,XX +XXX,XX @@ guest hardware that is specific to QEMU.
53
+ interfaces via the SCC CFG_REG1 register.
89
acpi_hest_ghes
54
+- AN536 does not support setting of the initial vector table
90
acpi_cpu_hotplug
55
+ base address via the SCC CFG_REG6 and CFG_REG7 register config,
91
acpi_mem_hotplug
56
+ and does not provide a mechanism for specifying these values at
92
+ acpi_pci_hotplug
57
+ startup, so all guest images must be built to start from TCM
58
+ (i.e. to expect the interrupt vector base at 0 from reset).
59
+- AN536 defaults to only creating a single CPU; this is the equivalent
60
+ of the way the real FPGA image usually runs with the second Cortex-R52
61
+ held in halt via the initial SCC CFG_REG0 register setting. You can
62
+ create the second CPU with ``-smp 2``; both CPUs will then start
63
+ execution immediately on startup.
64
+
65
+Note that for the AN536 the first UART is accessible only by
66
+CPU0, and the second UART is accessible only by CPU1. The
67
+first UART accessible shared between both CPUs is the third
68
+UART. Guest software might therefore be built to use either
69
+the first UART or the third UART; if you don't see any output
70
+from the UART you are looking at, try one of the others.
71
+(Even if the AN536 machine is started with a single CPU and so
72
+no "CPU1-only UART", the UART numbering remains the same,
73
+with the third UART being the first of the shared ones.)
74
75
Machine-specific options
76
""""""""""""""""""""""""
93
--
77
--
94
2.20.1
78
2.34.1
95
79
96
80
diff view generated by jsdifflib
[PULL 25/37] softmmu/physmem.c: Check return value from realpath()
Deleted patch
1
The realpath() function can return NULL on error, so we need to check
2
for it to avoid crashing when we try to strstr() into it.
3
This can happen if we run out of memory, or if /sys/ is not mounted,
4
among other situations.
5
1
6
Fixes: Coverity 1459913, 1460474
7
Fixes: ce317be98db0 ("exec: fetch the alignment of Linux devdax pmem character device nodes")
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Reviewed-by: Jingqi Liu <jingqi.liu@intel.com>
10
Message-id: 20210812151525.31456-1-peter.maydell@linaro.org
11
---
12
softmmu/physmem.c | 3 +++
13
1 file changed, 3 insertions(+)
14
15
diff --git a/softmmu/physmem.c b/softmmu/physmem.c
16
index XXXXXXX..XXXXXXX 100644
17
--- a/softmmu/physmem.c
18
+++ b/softmmu/physmem.c
19
@@ -XXX,XX +XXX,XX @@ static int64_t get_file_align(int fd)
20
path = g_strdup_printf("/sys/dev/char/%d:%d",
21
major(st.st_rdev), minor(st.st_rdev));
22
rpath = realpath(path, NULL);
23
+ if (!rpath) {
24
+ return -errno;
25
+ }
26
27
rc = daxctl_new(&ctx);
28
if (rc) {
29
--
30
2.20.1
31
32
diff view generated by jsdifflib

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.