Series comparison

-[PULL 0/5] target-arm queue
+[PULL v2 00/57] target-arm queue
-Hi; here's a collection of Arm bug fixes for rc2.
+Squashed in a trivial fix for 32-bit hosts:
-thanks
+--- a/target/arm/mve_helper.c
 +++ b/target/arm/mve_helper.c
@@ -XXX,XX +XXX,XX @@ DO_LDAV(vmlsldavxsw, 4, int32_t, true, +=, -=)
                      acc = EVENACC(acc, TO128(n[H##ESIZE(e + 1 * XCHG)] * \
                                               m[H##ESIZE(e)]));          \
                  }                                                       \
 -                acc = int128_add(acc, 1 << 7);                          \
 +                acc = int128_add(acc, int128_make64(1 << 7));           \
              }                                                           \
          }                                                               \
          mve_advance_vpt(env);                                           \
 -- PMM
-The following changes since commit a082fab9d259473a9d5d53307cf83b1223301181:
+The following changes since commit 53f306f316549d20c76886903181413d20842423:
-  Merge tag 'pull-ppc-20221117' of https://gitlab.com/danielhb/qemu into staging (2022-11-17 12:39:38 -0500)
+  Merge remote-tracking branch 'remotes/ehabkost-gl/tags/x86-next-pull-request' into staging (2021-06-21 11:26:04 +0100)
 are available in the Git repository at:
-  https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20221121
+  https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20210624
-for you to fetch changes up to 312b71abce3005ca7294dc0db7d548dc7cc41fbf:
+for you to fetch changes up to 90a76c6316cfe6416fc33814a838fb3928f746ee:
-  target/arm: Limit LPA2 effective output address when TCR.DS == 0 (2022-11-21 11:46:46 +0000)
+  docs/system: arm: Add nRF boards description (2021-06-24 14:58:48 +0100)
 ----------------------------------------------------------------
 target-arm queue:
- * hw/sd: Fix sun4i allwinner-sdhost for U-Boot
+ * Don't require 'virt' board to be compiled in for ACPI GHES code
- * hw/intc: add implementation of GICD_IIDR to Arm GIC
+ * docs: Document which architecture extensions we emulate
- * tests/avocado/boot_linux.py: Bump aarch64 virt test timeout
+ * Fix bugs in M-profile FPCXT_NS accesses
- * target/arm: Limit LPA2 effective output address when TCR.DS == 0
+ * First slice of MVE patches
  * Implement MTE3
  * docs/system: arm: Add nRF boards description
 ----------------------------------------------------------------
-Alex Bennée (2):
+Alexandre Iooss (1):
-      hw/intc: clean-up access to GIC multi-byte registers
+      docs/system: arm: Add nRF boards description
       hw/intc: add implementation of GICD_IIDR to Arm GIC
-Ard Biesheuvel (1):
+Peter Collingbourne (1):
-      target/arm: Limit LPA2 effective output address when TCR.DS == 0
+      target/arm: Implement MTE3
-Peter Maydell (1):
+Peter Maydell (55):
-      tests/avocado/boot_linux.py: Bump aarch64 virt test timeout to 720s
+      hw/acpi: Provide stub version of acpi_ghes_record_errors()
       hw/acpi: Provide function acpi_ghes_present()
       target/arm: Use acpi_ghes_present() to see if we report ACPI memory errors
       docs/system/arm: Document which architecture extensions we emulate
       target/arm/translate-vfp.c: Whitespace fixes
       target/arm: Handle FPU being disabled in FPCXT_NS accesses
       target/arm: Don't NOCP fault for FPCXT_NS accesses
       target/arm: Handle writeback in VLDR/VSTR sysreg with no memory access
       target/arm: Factor FP context update code out into helper function
       target/arm: Split vfp_access_check() into A and M versions
       target/arm: Handle FPU check for FPCXT_NS insns via vfp_access_check_m()
       target/arm: Implement MVE VLDR/VSTR (non-widening forms)
       target/arm: Implement widening/narrowing MVE VLDR/VSTR insns
       target/arm: Implement MVE VCLZ
       target/arm: Implement MVE VCLS
       target/arm: Implement MVE VREV16, VREV32, VREV64
       target/arm: Implement MVE VMVN (register)
       target/arm: Implement MVE VABS
       target/arm: Implement MVE VNEG
       tcg: Make gen_dup_i32/i64() public as tcg_gen_dup_i32/i64
       target/arm: Implement MVE VDUP
       target/arm: Implement MVE VAND, VBIC, VORR, VORN, VEOR
       target/arm: Implement MVE VADD, VSUB, VMUL
       target/arm: Implement MVE VMULH
       target/arm: Implement MVE VRMULH
       target/arm: Implement MVE VMAX, VMIN
       target/arm: Implement MVE VABD
       target/arm: Implement MVE VHADD, VHSUB
       target/arm: Implement MVE VMULL
       target/arm: Implement MVE VMLALDAV
       target/arm: Implement MVE VMLSLDAV
       target/arm: Implement MVE VRMLALDAVH, VRMLSLDAVH
       target/arm: Implement MVE VADD (scalar)
       target/arm: Implement MVE VSUB, VMUL (scalar)
       target/arm: Implement MVE VHADD, VHSUB (scalar)
       target/arm: Implement MVE VBRSR
       target/arm: Implement MVE VPST
       target/arm: Implement MVE VQADD and VQSUB
       target/arm: Implement MVE VQDMULH and VQRDMULH (scalar)
       target/arm: Implement MVE VQDMULL scalar
       target/arm: Implement MVE VQDMULH, VQRDMULH (vector)
       target/arm: Implement MVE VQADD, VQSUB (vector)
       target/arm: Implement MVE VQSHL (vector)
       target/arm: Implement MVE VQRSHL
       target/arm: Implement MVE VSHL insn
       target/arm: Implement MVE VRSHL
       target/arm: Implement MVE VQDMLADH and VQRDMLADH
       target/arm: Implement MVE VQDMLSDH and VQRDMLSDH
       target/arm: Implement MVE VQDMULL (vector)
       target/arm: Implement MVE VRHADD
       target/arm: Implement MVE VADC, VSBC
       target/arm: Implement MVE VCADD
       target/arm: Implement MVE VHCADD
       target/arm: Implement MVE VADDV
       target/arm: Make VMOV scalar <-> gpreg beatwise for MVE
-Strahinja Jankovic (1):
+ docs/system/arm/emulation.rst |  103 ++++
-      hw/sd: Fix sun4i allwinner-sdhost for U-Boot
+ docs/system/arm/nrf.rst       |   51 ++
  docs/system/target-arm.rst    |    7 +
  include/hw/acpi/ghes.h        |    9 +
  include/tcg/tcg-op.h          |    8 +
  include/tcg/tcg.h             |    1 -
  target/arm/helper-mve.h       |  357 +++++++++++++
  target/arm/helper.h           |    2 +
  target/arm/internals.h        |   11 +
  target/arm/translate-a32.h    |    3 +
  target/arm/translate.h        |   10 +
  target/arm/m-nocp.decode      |   24 +
  target/arm/mve.decode         |  240 +++++++++
  target/arm/vfp.decode         |   14 -
  hw/acpi/ghes-stub.c           |   22 +
  hw/acpi/ghes.c                |   17 +
  target/arm/cpu64.c            |    2 +-
  target/arm/kvm64.c            |    6 +-
  target/arm/mte_helper.c       |   82 +--
  target/arm/mve_helper.c       | 1160 +++++++++++++++++++++++++++++++++++++++++
  target/arm/translate-m-nocp.c |  550 +++++++++++++++++++
  target/arm/translate-mve.c    |  759 +++++++++++++++++++++++++++
  target/arm/translate-vfp.c    |  741 +++++++-------------------
  tcg/tcg-op-gvec.c             |   20 +-
  MAINTAINERS                   |    1 +
  hw/acpi/meson.build           |    6 +-
  target/arm/meson.build        |    1 +
 files changed, 3578 insertions(+), 629 deletions(-)
  create mode 100644 docs/system/arm/emulation.rst
  create mode 100644 docs/system/arm/nrf.rst
  create mode 100644 target/arm/helper-mve.h
  create mode 100644 hw/acpi/ghes-stub.c
  create mode 100644 target/arm/mve_helper.c
- include/hw/sd/allwinner-sdhost.h |  1 +
- hw/intc/arm_gic.c                | 28 ++++++++++++-----
- hw/sd/allwinner-sdhost.c         | 67 +++++++++++++++++++++++++++-------------
- target/arm/ptw.c                 |  8 +++++
- tests/avocado/boot_linux.py      |  2 +-
-files changed, 77 insertions(+), 29 deletions(-)

-[PULL 1/5] hw/sd: Fix sun4i allwinner-sdhost for U-Boot
+Deleted patch
-From: Strahinja Jankovic <strahinjapjankovic@gmail.com>
-Trying to run U-Boot for Cubieboard (Allwinner A10) fails because it cannot
-access SD card. The problem is that FIFO register in current
-allwinner-sdhost implementation is at the address corresponding to
-Allwinner H3, but not A10.
-Linux kernel is not affected since Linux driver uses DMA access and does
-not use FIFO register for reading/writing.
-This patch adds new class parameter `is_sun4i` and based on that
-parameter uses register at offset 0x100 either as FIFO register (if
-sun4i) or as threshold register (if not sun4i; in this case register at
-x200 is FIFO register).
-Tested with U-Boot and Linux kernel image built for Cubieboard and
-OrangePi PC.
-Signed-off-by: Strahinja Jankovic <strahinja.p.jankovic@gmail.com>
-Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
-Message-id: 20221112214900.24152-1-strahinja.p.jankovic@gmail.com
-Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
----
- include/hw/sd/allwinner-sdhost.h |  1 +
- hw/sd/allwinner-sdhost.c         | 67 ++++++++++++++++++++++----------
-files changed, 47 insertions(+), 21 deletions(-)
-diff --git a/include/hw/sd/allwinner-sdhost.h b/include/hw/sd/allwinner-sdhost.h
-index XXXXXXX..XXXXXXX 100644
---- a/include/hw/sd/allwinner-sdhost.h
-+++ b/include/hw/sd/allwinner-sdhost.h
-@@ -XXX,XX +XXX,XX @@ struct AwSdHostClass {
-     /** Maximum buffer size in bytes per DMA descriptor */
-     size_t max_desc_size;
-+    bool   is_sun4i;
- };
-diff --git a/hw/sd/allwinner-sdhost.c b/hw/sd/allwinner-sdhost.c
-index XXXXXXX..XXXXXXX 100644
---- a/hw/sd/allwinner-sdhost.c
-+++ b/hw/sd/allwinner-sdhost.c
-@@ -XXX,XX +XXX,XX @@ enum {
-     REG_SD_DLBA       = 0x84,  /* Descriptor List Base Address */
-     REG_SD_IDST       = 0x88,  /* Internal DMA Controller Status */
-     REG_SD_IDIE       = 0x8C,  /* Internal DMA Controller IRQ Enable */
--    REG_SD_THLDC      = 0x100, /* Card Threshold Control */
-+    REG_SD_THLDC      = 0x100, /* Card Threshold Control / FIFO (sun4i only)*/
-     REG_SD_DSBD       = 0x10C, /* eMMC DDR Start Bit Detection Control */
-     REG_SD_RES_CRC    = 0x110, /* Response CRC from card/eMMC */
-     REG_SD_DATA7_CRC  = 0x114, /* CRC Data 7 from card/eMMC */
-@@ -XXX,XX +XXX,XX @@ static void allwinner_sdhost_dma(AwSdHostState *s)
-     }
- }
-+static uint32_t allwinner_sdhost_fifo_read(AwSdHostState *s)
-+{
-+    uint32_t res = 0;
-+
-+    if (sdbus_data_ready(&s->sdbus)) {
-+        sdbus_read_data(&s->sdbus, &res, sizeof(uint32_t));
-+        le32_to_cpus(&res);
-+        allwinner_sdhost_update_transfer_cnt(s, sizeof(uint32_t));
-+        allwinner_sdhost_auto_stop(s);
-+        allwinner_sdhost_update_irq(s);
-+    } else {
-+        qemu_log_mask(LOG_GUEST_ERROR, "%s: no data ready on SD bus\n",
-+                      __func__);
-+    }
-+
-+    return res;
-+}
-+
- static uint64_t allwinner_sdhost_read(void *opaque, hwaddr offset,
-                                       unsigned size)
- {
-     AwSdHostState *s = AW_SDHOST(opaque);
-+    AwSdHostClass *sc = AW_SDHOST_GET_CLASS(s);
-     uint32_t res = 0;
-     switch (offset) {
-@@ -XXX,XX +XXX,XX @@ static uint64_t allwinner_sdhost_read(void *opaque, hwaddr offset,
-     case REG_SD_IDIE:      /* Internal DMA Controller Interrupt Enable */
-         res = s->dmac_irq;
-         break;
--    case REG_SD_THLDC:     /* Card Threshold Control */
--        res = s->card_threshold;
-+    case REG_SD_THLDC:     /* Card Threshold Control or FIFO register (sun4i) */
-+        if (sc->is_sun4i) {
-+            res = allwinner_sdhost_fifo_read(s);
-+        } else {
-+            res = s->card_threshold;
-+        }
-         break;
-     case REG_SD_DSBD:      /* eMMC DDR Start Bit Detection Control */
-         res = s->startbit_detect;
-@@ -XXX,XX +XXX,XX @@ static uint64_t allwinner_sdhost_read(void *opaque, hwaddr offset,
-         res = s->status_crc;
-         break;
-     case REG_SD_FIFO:      /* Read/Write FIFO */
--        if (sdbus_data_ready(&s->sdbus)) {
--            sdbus_read_data(&s->sdbus, &res, sizeof(uint32_t));
--            le32_to_cpus(&res);
--            allwinner_sdhost_update_transfer_cnt(s, sizeof(uint32_t));
--            allwinner_sdhost_auto_stop(s);
--            allwinner_sdhost_update_irq(s);
--        } else {
--            qemu_log_mask(LOG_GUEST_ERROR, "%s: no data ready on SD bus\n",
--                          __func__);
--        }
-+        res = allwinner_sdhost_fifo_read(s);
-         break;
-     default:
-         qemu_log_mask(LOG_GUEST_ERROR, "%s: out-of-bounds offset %"
-@@ -XXX,XX +XXX,XX @@ static uint64_t allwinner_sdhost_read(void *opaque, hwaddr offset,
-     return res;
- }
-+static void allwinner_sdhost_fifo_write(AwSdHostState *s, uint64_t value)
-+{
-+    uint32_t u32 = cpu_to_le32(value);
-+    sdbus_write_data(&s->sdbus, &u32, sizeof(u32));
-+    allwinner_sdhost_update_transfer_cnt(s, sizeof(u32));
-+    allwinner_sdhost_auto_stop(s);
-+    allwinner_sdhost_update_irq(s);
-+}
-+
- static void allwinner_sdhost_write(void *opaque, hwaddr offset,
-                                    uint64_t value, unsigned size)
- {
-     AwSdHostState *s = AW_SDHOST(opaque);
--    uint32_t u32;
-+    AwSdHostClass *sc = AW_SDHOST_GET_CLASS(s);
-     trace_allwinner_sdhost_write(offset, value, size);
-@@ -XXX,XX +XXX,XX @@ static void allwinner_sdhost_write(void *opaque, hwaddr offset,
-         s->dmac_irq = value;
-         allwinner_sdhost_update_irq(s);
-         break;
--    case REG_SD_THLDC:     /* Card Threshold Control */
--        s->card_threshold = value;
-+    case REG_SD_THLDC:     /* Card Threshold Control or FIFO (sun4i) */
-+        if (sc->is_sun4i) {
-+            allwinner_sdhost_fifo_write(s, value);
-+        } else {
-+            s->card_threshold = value;
-+        }
-         break;
-     case REG_SD_DSBD:      /* eMMC DDR Start Bit Detection Control */
-         s->startbit_detect = value;
-         break;
-     case REG_SD_FIFO:      /* Read/Write FIFO */
--        u32 = cpu_to_le32(value);
--        sdbus_write_data(&s->sdbus, &u32, sizeof(u32));
--        allwinner_sdhost_update_transfer_cnt(s, sizeof(u32));
--        allwinner_sdhost_auto_stop(s);
--        allwinner_sdhost_update_irq(s);
-+        allwinner_sdhost_fifo_write(s, value);
-         break;
-     case REG_SD_RES_CRC:   /* Response CRC from card/eMMC */
-     case REG_SD_DATA7_CRC: /* CRC Data 7 from card/eMMC */
-@@ -XXX,XX +XXX,XX @@ static void allwinner_sdhost_sun4i_class_init(ObjectClass *klass, void *data)
- {
-     AwSdHostClass *sc = AW_SDHOST_CLASS(klass);
-     sc->max_desc_size = 8 * KiB;
-+    sc->is_sun4i = true;
- }
- static void allwinner_sdhost_sun5i_class_init(ObjectClass *klass, void *data)
- {
-     AwSdHostClass *sc = AW_SDHOST_CLASS(klass);
-     sc->max_desc_size = 64 * KiB;
-+    sc->is_sun4i = false;
- }
- static const TypeInfo allwinner_sdhost_info = {
---
-.25.1

-[PULL 2/5] hw/intc: clean-up access to GIC multi-byte registers
+Deleted patch
-From: Alex Bennée <alex.bennee@linaro.org>
-gic_dist_readb was returning a word value which just happened to work
-as a result of the way we OR the data together. Lets fix it so only
-the explicit byte is returned for each part of GICD_TYPER. I've
-changed the return type to uint8_t although the overflow is only
-detected with an explicit -Wconversion.
-Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
-Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
-Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
-Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
-Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
----
- hw/intc/arm_gic.c | 16 ++++++++++------
-file changed, 10 insertions(+), 6 deletions(-)
-diff --git a/hw/intc/arm_gic.c b/hw/intc/arm_gic.c
-index XXXXXXX..XXXXXXX 100644
---- a/hw/intc/arm_gic.c
-+++ b/hw/intc/arm_gic.c
-@@ -XXX,XX +XXX,XX @@ static void gic_complete_irq(GICState *s, int cpu, int irq, MemTxAttrs attrs)
-     gic_update(s);
- }
--static uint32_t gic_dist_readb(void *opaque, hwaddr offset, MemTxAttrs attrs)
-+static uint8_t gic_dist_readb(void *opaque, hwaddr offset, MemTxAttrs attrs)
- {
-     GICState *s = (GICState *)opaque;
-     uint32_t res;
-@@ -XXX,XX +XXX,XX @@ static uint32_t gic_dist_readb(void *opaque, hwaddr offset, MemTxAttrs attrs)
-     cm = 1 << cpu;
-     if (offset < 0x100) {
-         if (offset == 0) {      /* GICD_CTLR */
-+            /* We rely here on the only non-zero bits being in byte 0 */
-             if (s->security_extn && !attrs.secure) {
-                 /* The NS bank of this register is just an alias of the
-                  * EnableGrp1 bit in the S bank version.
-@@ -XXX,XX +XXX,XX @@ static uint32_t gic_dist_readb(void *opaque, hwaddr offset, MemTxAttrs attrs)
-                 return s->ctlr;
-             }
-         }
--        if (offset == 4)
--            /* Interrupt Controller Type Register */
--            return ((s->num_irq / 32) - 1)
--                    | ((s->num_cpu - 1) << 5)
--                    | (s->security_extn << 10);
-+        if (offset == 4) {
-+            /* GICD_TYPER byte 0 */
-+            return ((s->num_irq / 32) - 1) | ((s->num_cpu - 1) << 5);
-+        }
-+        if (offset == 5) {
-+            /* GICD_TYPER byte 1 */
-+            return (s->security_extn << 2);
-+        }
-         if (offset < 0x08)
-             return 0;
-         if (offset >= 0x80) {
---
-.25.1

-[PULL 3/5] hw/intc: add implementation of GICD_IIDR to Arm GIC
+Deleted patch
-From: Alex Bennée <alex.bennee@linaro.org>
-a66a24585f (hw/intc/arm_gic: Implement read of GICC_IIDR) implemented
-this for the CPU interface register. The fact we don't implement it
-shows up when running Xen with -d guest_error which is definitely
-wrong because the guest is perfectly entitled to read it.
-Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
-Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
-Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
-Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
----
- hw/intc/arm_gic.c | 12 +++++++++++-
-file changed, 11 insertions(+), 1 deletion(-)
-diff --git a/hw/intc/arm_gic.c b/hw/intc/arm_gic.c
-index XXXXXXX..XXXXXXX 100644
---- a/hw/intc/arm_gic.c
-+++ b/hw/intc/arm_gic.c
-@@ -XXX,XX +XXX,XX @@ static uint8_t gic_dist_readb(void *opaque, hwaddr offset, MemTxAttrs attrs)
-             /* GICD_TYPER byte 1 */
-             return (s->security_extn << 2);
-         }
--        if (offset < 0x08)
-+        if (offset == 8) {
-+            /* GICD_IIDR byte 0 */
-+            return 0x3b; /* Arm JEP106 identity */
-+        }
-+        if (offset == 9) {
-+            /* GICD_IIDR byte 1 */
-+            return 0x04; /* Arm JEP106 identity */
-+        }
-+        if (offset < 0x0c) {
-+            /* All other bytes in this range are RAZ */
-             return 0;
-+        }
-         if (offset >= 0x80) {
-             /* Interrupt Group Registers: these RAZ/WI if this is an NS
-              * access to a GIC with the security extensions, or if the GIC
---
-.25.1

-[PULL 4/5] tests/avocado/boot_linux.py: Bump aarch64 virt test timeout to 720s
+Deleted patch
-The two tests
-tests/avocado/boot_linux.py:BootLinuxAarch64.test_virt_tcg_gicv2
-tests/avocado/boot_linux.py:BootLinuxAarch64.test_virt_tcg_gicv3
-take quite a long time to run, and the current timeout of 240s
-is not enough for the tests to complete on slow machines:
-we've seen these tests time out in the gitlab CI in the
-'avocado-system-alpine' CI job, for instance. The timeout
-is also insufficient for running the test with a debug build
-of QEMU: on my machine the tests take over 10 minutes to run
-in that config.
-Push the timeout up to 720s so that the test definitely has
-enough time to complete.
-Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
-Reviewed-by: Thomas Huth <thuth@redhat.com>
-Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
----
- tests/avocado/boot_linux.py | 2 +-
-file changed, 1 insertion(+), 1 deletion(-)
-diff --git a/tests/avocado/boot_linux.py b/tests/avocado/boot_linux.py
-index XXXXXXX..XXXXXXX 100644
---- a/tests/avocado/boot_linux.py
-+++ b/tests/avocado/boot_linux.py
-@@ -XXX,XX +XXX,XX @@ class BootLinuxAarch64(LinuxTest):
-     :avocado: tags=machine:virt
-     :avocado: tags=machine:gic-version=2
-     """
--    timeout = 240
-+    timeout = 720
-     def add_common_args(self):
-         self.vm.add_args('-bios',
---
-.25.1

-[PULL 5/5] target/arm: Limit LPA2 effective output address when TCR.DS == 0
+Deleted patch
-From: Ard Biesheuvel <ardb@kernel.org>
-With LPA2, the effective output address size is at most 48 bits when
-TCR.DS == 0. This case is currently unhandled in the page table walker,
-where we happily assume LVA/64k granule when outputsize > 48 and
-param.ds == 0, resulting in the wrong conversion to be used from a
-page table descriptor to a physical address.
-    if (outputsize > 48) {
-        if (param.ds) {
-            descaddr |= extract64(descriptor, 8, 2) << 50;
-        } else {
-            descaddr |= extract64(descriptor, 12, 4) << 48;
-        }
-So cap the outputsize to 48 when TCR.DS is cleared, as per the
-architecture.
-Cc: Peter Maydell <peter.maydell@linaro.org>
-Cc: Philippe Mathieu-Daudé <f4bug@amsat.org>
-Cc: Richard Henderson <richard.henderson@linaro.org>
-Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
-Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
-Message-id: 20221116170316.259695-1-ardb@kernel.org
-Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
----
- target/arm/ptw.c | 8 ++++++++
-file changed, 8 insertions(+)
-diff --git a/target/arm/ptw.c b/target/arm/ptw.c
-index XXXXXXX..XXXXXXX 100644
---- a/target/arm/ptw.c
-+++ b/target/arm/ptw.c
-@@ -XXX,XX +XXX,XX @@ static bool get_phys_addr_lpae(CPUARMState *env, S1Translate *ptw,
-         ps = MIN(ps, param.ps);
-         assert(ps < ARRAY_SIZE(pamax_map));
-         outputsize = pamax_map[ps];
-+
-+        /*
-+         * With LPA2, the effective output address (OA) size is at most 48 bits
-+         * unless TCR.DS == 1
-+         */
-+        if (!param.ds && param.gran != Gran64K) {
-+            outputsize = MIN(outputsize, 48);
-+        }
-     } else {
-         param = aa32_va_parameters(env, address, mmu_idx);
-         level = 1;
---
-.25.1

Hi; here's a collection of Arm bug fixes for rc2.

thanks
-- PMM

The following changes since commit a082fab9d259473a9d5d53307cf83b1223301181:

Merge tag 'pull-ppc-20221117' of https://gitlab.com/danielhb/qemu into staging (2022-11-17 12:39:38 -0500)

are available in the Git repository at:

https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20221121

for you to fetch changes up to 312b71abce3005ca7294dc0db7d548dc7cc41fbf:

target/arm: Limit LPA2 effective output address when TCR.DS == 0 (2022-11-21 11:46:46 +0000)

----------------------------------------------------------------
target-arm queue:
 * hw/sd: Fix sun4i allwinner-sdhost for U-Boot
 * hw/intc: add implementation of GICD_IIDR to Arm GIC
 * tests/avocado/boot_linux.py: Bump aarch64 virt test timeout
 * target/arm: Limit LPA2 effective output address when TCR.DS == 0

----------------------------------------------------------------
Alex Bennée (2):
      hw/intc: clean-up access to GIC multi-byte registers
      hw/intc: add implementation of GICD_IIDR to Arm GIC

Ard Biesheuvel (1):
      target/arm: Limit LPA2 effective output address when TCR.DS == 0

Peter Maydell (1):
      tests/avocado/boot_linux.py: Bump aarch64 virt test timeout to 720s

Strahinja Jankovic (1):
      hw/sd: Fix sun4i allwinner-sdhost for U-Boot

include/hw/sd/allwinner-sdhost.h |  1 +
 hw/intc/arm_gic.c                | 28 ++++++++++++-----
 hw/sd/allwinner-sdhost.c         | 67 +++++++++++++++++++++++++++-------------
 target/arm/ptw.c                 |  8 +++++
 tests/avocado/boot_linux.py      |  2 +-
 5 files changed, 77 insertions(+), 29 deletions(-)

From: Strahinja Jankovic <strahinjapjankovic@gmail.com>

Trying to run U-Boot for Cubieboard (Allwinner A10) fails because it cannot
access SD card. The problem is that FIFO register in current
allwinner-sdhost implementation is at the address corresponding to
Allwinner H3, but not A10.
Linux kernel is not affected since Linux driver uses DMA access and does
not use FIFO register for reading/writing.

This patch adds new class parameter `is_sun4i` and based on that
parameter uses register at offset 0x100 either as FIFO register (if
sun4i) or as threshold register (if not sun4i; in this case register at
0x200 is FIFO register).

Tested with U-Boot and Linux kernel image built for Cubieboard and
OrangePi PC.

Signed-off-by: Strahinja Jankovic <strahinja.p.jankovic@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20221112214900.24152-1-strahinja.p.jankovic@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 include/hw/sd/allwinner-sdhost.h |  1 +
 hw/sd/allwinner-sdhost.c         | 67 ++++++++++++++++++++++----------
 2 files changed, 47 insertions(+), 21 deletions(-)

diff --git a/include/hw/sd/allwinner-sdhost.h b/include/hw/sd/allwinner-sdhost.h
index XXXXXXX..XXXXXXX 100644
--- a/include/hw/sd/allwinner-sdhost.h
+++ b/include/hw/sd/allwinner-sdhost.h
@@ -XXX,XX +XXX,XX @@ struct AwSdHostClass {
 
     /** Maximum buffer size in bytes per DMA descriptor */
     size_t max_desc_size;
+    bool   is_sun4i;
 
 };
 
diff --git a/hw/sd/allwinner-sdhost.c b/hw/sd/allwinner-sdhost.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/sd/allwinner-sdhost.c
+++ b/hw/sd/allwinner-sdhost.c
@@ -XXX,XX +XXX,XX @@ enum {
     REG_SD_DLBA       = 0x84,  /* Descriptor List Base Address */
     REG_SD_IDST       = 0x88,  /* Internal DMA Controller Status */
     REG_SD_IDIE       = 0x8C,  /* Internal DMA Controller IRQ Enable */
-    REG_SD_THLDC      = 0x100, /* Card Threshold Control */
+    REG_SD_THLDC      = 0x100, /* Card Threshold Control / FIFO (sun4i only)*/
     REG_SD_DSBD       = 0x10C, /* eMMC DDR Start Bit Detection Control */
     REG_SD_RES_CRC    = 0x110, /* Response CRC from card/eMMC */
     REG_SD_DATA7_CRC  = 0x114, /* CRC Data 7 from card/eMMC */
@@ -XXX,XX +XXX,XX @@ static void allwinner_sdhost_dma(AwSdHostState *s)
     }
 }
 
+static uint32_t allwinner_sdhost_fifo_read(AwSdHostState *s)
+{
+    uint32_t res = 0;
+
+    if (sdbus_data_ready(&s->sdbus)) {
+        sdbus_read_data(&s->sdbus, &res, sizeof(uint32_t));
+        le32_to_cpus(&res);
+        allwinner_sdhost_update_transfer_cnt(s, sizeof(uint32_t));
+        allwinner_sdhost_auto_stop(s);
+        allwinner_sdhost_update_irq(s);
+    } else {
+        qemu_log_mask(LOG_GUEST_ERROR, "%s: no data ready on SD bus\n",
+                      __func__);
+    }
+
+    return res;
+}
+
 static uint64_t allwinner_sdhost_read(void *opaque, hwaddr offset,
                                       unsigned size)
 {
     AwSdHostState *s = AW_SDHOST(opaque);
+    AwSdHostClass *sc = AW_SDHOST_GET_CLASS(s);
     uint32_t res = 0;
 
     switch (offset) {
@@ -XXX,XX +XXX,XX @@ static uint64_t allwinner_sdhost_read(void *opaque, hwaddr offset,
     case REG_SD_IDIE:      /* Internal DMA Controller Interrupt Enable */
         res = s->dmac_irq;
         break;
-    case REG_SD_THLDC:     /* Card Threshold Control */
-        res = s->card_threshold;
+    case REG_SD_THLDC:     /* Card Threshold Control or FIFO register (sun4i) */
+        if (sc->is_sun4i) {
+            res = allwinner_sdhost_fifo_read(s);
+        } else {
+            res = s->card_threshold;
+        }
         break;
     case REG_SD_DSBD:      /* eMMC DDR Start Bit Detection Control */
         res = s->startbit_detect;
@@ -XXX,XX +XXX,XX @@ static uint64_t allwinner_sdhost_read(void *opaque, hwaddr offset,
         res = s->status_crc;
         break;
     case REG_SD_FIFO:      /* Read/Write FIFO */
-        if (sdbus_data_ready(&s->sdbus)) {
-            sdbus_read_data(&s->sdbus, &res, sizeof(uint32_t));
-            le32_to_cpus(&res);
-            allwinner_sdhost_update_transfer_cnt(s, sizeof(uint32_t));
-            allwinner_sdhost_auto_stop(s);
-            allwinner_sdhost_update_irq(s);
-        } else {
-            qemu_log_mask(LOG_GUEST_ERROR, "%s: no data ready on SD bus\n",
-                          __func__);
-        }
+        res = allwinner_sdhost_fifo_read(s);
         break;
     default:
         qemu_log_mask(LOG_GUEST_ERROR, "%s: out-of-bounds offset %"
@@ -XXX,XX +XXX,XX @@ static uint64_t allwinner_sdhost_read(void *opaque, hwaddr offset,
     return res;
 }
 
+static void allwinner_sdhost_fifo_write(AwSdHostState *s, uint64_t value)
+{
+    uint32_t u32 = cpu_to_le32(value);
+    sdbus_write_data(&s->sdbus, &u32, sizeof(u32));
+    allwinner_sdhost_update_transfer_cnt(s, sizeof(u32));
+    allwinner_sdhost_auto_stop(s);
+    allwinner_sdhost_update_irq(s);
+}
+
 static void allwinner_sdhost_write(void *opaque, hwaddr offset,
                                    uint64_t value, unsigned size)
 {
     AwSdHostState *s = AW_SDHOST(opaque);
-    uint32_t u32;
+    AwSdHostClass *sc = AW_SDHOST_GET_CLASS(s);
 
     trace_allwinner_sdhost_write(offset, value, size);
 
@@ -XXX,XX +XXX,XX @@ static void allwinner_sdhost_write(void *opaque, hwaddr offset,
         s->dmac_irq = value;
         allwinner_sdhost_update_irq(s);
         break;
-    case REG_SD_THLDC:     /* Card Threshold Control */
-        s->card_threshold = value;
+    case REG_SD_THLDC:     /* Card Threshold Control or FIFO (sun4i) */
+        if (sc->is_sun4i) {
+            allwinner_sdhost_fifo_write(s, value);
+        } else {
+            s->card_threshold = value;
+        }
         break;
     case REG_SD_DSBD:      /* eMMC DDR Start Bit Detection Control */
         s->startbit_detect = value;
         break;
     case REG_SD_FIFO:      /* Read/Write FIFO */
-        u32 = cpu_to_le32(value);
-        sdbus_write_data(&s->sdbus, &u32, sizeof(u32));
-        allwinner_sdhost_update_transfer_cnt(s, sizeof(u32));
-        allwinner_sdhost_auto_stop(s);
-        allwinner_sdhost_update_irq(s);
+        allwinner_sdhost_fifo_write(s, value);
         break;
     case REG_SD_RES_CRC:   /* Response CRC from card/eMMC */
     case REG_SD_DATA7_CRC: /* CRC Data 7 from card/eMMC */
@@ -XXX,XX +XXX,XX @@ static void allwinner_sdhost_sun4i_class_init(ObjectClass *klass, void *data)
 {
     AwSdHostClass *sc = AW_SDHOST_CLASS(klass);
     sc->max_desc_size = 8 * KiB;
+    sc->is_sun4i = true;
 }
 
 static void allwinner_sdhost_sun5i_class_init(ObjectClass *klass, void *data)
 {
     AwSdHostClass *sc = AW_SDHOST_CLASS(klass);
     sc->max_desc_size = 64 * KiB;
+    sc->is_sun4i = false;
 }
 
 static const TypeInfo allwinner_sdhost_info = {
-- 
2.25.1

From: Alex Bennée <alex.bennee@linaro.org>

gic_dist_readb was returning a word value which just happened to work
as a result of the way we OR the data together. Lets fix it so only
the explicit byte is returned for each part of GICD_TYPER. I've
changed the return type to uint8_t although the overflow is only
detected with an explicit -Wconversion.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 hw/intc/arm_gic.c | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/hw/intc/arm_gic.c b/hw/intc/arm_gic.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/intc/arm_gic.c
+++ b/hw/intc/arm_gic.c
@@ -XXX,XX +XXX,XX @@ static void gic_complete_irq(GICState *s, int cpu, int irq, MemTxAttrs attrs)
     gic_update(s);
 }
 
-static uint32_t gic_dist_readb(void *opaque, hwaddr offset, MemTxAttrs attrs)
+static uint8_t gic_dist_readb(void *opaque, hwaddr offset, MemTxAttrs attrs)
 {
     GICState *s = (GICState *)opaque;
     uint32_t res;
@@ -XXX,XX +XXX,XX @@ static uint32_t gic_dist_readb(void *opaque, hwaddr offset, MemTxAttrs attrs)
     cm = 1 << cpu;
     if (offset < 0x100) {
         if (offset == 0) {      /* GICD_CTLR */
+            /* We rely here on the only non-zero bits being in byte 0 */
             if (s->security_extn && !attrs.secure) {
                 /* The NS bank of this register is just an alias of the
                  * EnableGrp1 bit in the S bank version.
@@ -XXX,XX +XXX,XX @@ static uint32_t gic_dist_readb(void *opaque, hwaddr offset, MemTxAttrs attrs)
                 return s->ctlr;
             }
         }
-        if (offset == 4)
-            /* Interrupt Controller Type Register */
-            return ((s->num_irq / 32) - 1)
-                    | ((s->num_cpu - 1) << 5)
-                    | (s->security_extn << 10);
+        if (offset == 4) {
+            /* GICD_TYPER byte 0 */
+            return ((s->num_irq / 32) - 1) | ((s->num_cpu - 1) << 5);
+        }
+        if (offset == 5) {
+            /* GICD_TYPER byte 1 */
+            return (s->security_extn << 2);
+        }
         if (offset < 0x08)
             return 0;
         if (offset >= 0x80) {
-- 
2.25.1

From: Alex Bennée <alex.bennee@linaro.org>

a66a24585f (hw/intc/arm_gic: Implement read of GICC_IIDR) implemented
this for the CPU interface register. The fact we don't implement it
shows up when running Xen with -d guest_error which is definitely
wrong because the guest is perfectly entitled to read it.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 hw/intc/arm_gic.c | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/hw/intc/arm_gic.c b/hw/intc/arm_gic.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/intc/arm_gic.c
+++ b/hw/intc/arm_gic.c
@@ -XXX,XX +XXX,XX @@ static uint8_t gic_dist_readb(void *opaque, hwaddr offset, MemTxAttrs attrs)
             /* GICD_TYPER byte 1 */
             return (s->security_extn << 2);
         }
-        if (offset < 0x08)
+        if (offset == 8) {
+            /* GICD_IIDR byte 0 */
+            return 0x3b; /* Arm JEP106 identity */
+        }
+        if (offset == 9) {
+            /* GICD_IIDR byte 1 */
+            return 0x04; /* Arm JEP106 identity */
+        }
+        if (offset < 0x0c) {
+            /* All other bytes in this range are RAZ */
             return 0;
+        }
         if (offset >= 0x80) {
             /* Interrupt Group Registers: these RAZ/WI if this is an NS
              * access to a GIC with the security extensions, or if the GIC
-- 
2.25.1

The two tests
tests/avocado/boot_linux.py:BootLinuxAarch64.test_virt_tcg_gicv2
tests/avocado/boot_linux.py:BootLinuxAarch64.test_virt_tcg_gicv3

take quite a long time to run, and the current timeout of 240s
is not enough for the tests to complete on slow machines:
we've seen these tests time out in the gitlab CI in the
'avocado-system-alpine' CI job, for instance. The timeout
is also insufficient for running the test with a debug build
of QEMU: on my machine the tests take over 10 minutes to run
in that config.

Push the timeout up to 720s so that the test definitely has
enough time to complete.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
---
 tests/avocado/boot_linux.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/avocado/boot_linux.py b/tests/avocado/boot_linux.py
index XXXXXXX..XXXXXXX 100644
--- a/tests/avocado/boot_linux.py
+++ b/tests/avocado/boot_linux.py
@@ -XXX,XX +XXX,XX @@ class BootLinuxAarch64(LinuxTest):
     :avocado: tags=machine:virt
     :avocado: tags=machine:gic-version=2
     """
-    timeout = 240
+    timeout = 720
 
     def add_common_args(self):
         self.vm.add_args('-bios',
-- 
2.25.1

From: Ard Biesheuvel <ardb@kernel.org>

With LPA2, the effective output address size is at most 48 bits when
TCR.DS == 0. This case is currently unhandled in the page table walker,
where we happily assume LVA/64k granule when outputsize > 48 and
param.ds == 0, resulting in the wrong conversion to be used from a
page table descriptor to a physical address.

if (outputsize > 48) {
        if (param.ds) {
            descaddr |= extract64(descriptor, 8, 2) << 50;
        } else {
            descaddr |= extract64(descriptor, 12, 4) << 48;
        }

So cap the outputsize to 48 when TCR.DS is cleared, as per the
architecture.

Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: Philippe Mathieu-Daudé <f4bug@amsat.org>
Cc: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20221116170316.259695-1-ardb@kernel.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 target/arm/ptw.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/target/arm/ptw.c b/target/arm/ptw.c
index XXXXXXX..XXXXXXX 100644
--- a/target/arm/ptw.c
+++ b/target/arm/ptw.c
@@ -XXX,XX +XXX,XX @@ static bool get_phys_addr_lpae(CPUARMState *env, S1Translate *ptw,
         ps = MIN(ps, param.ps);
         assert(ps < ARRAY_SIZE(pamax_map));
         outputsize = pamax_map[ps];
+
+        /*
+         * With LPA2, the effective output address (OA) size is at most 48 bits
+         * unless TCR.DS == 1
+         */
+        if (!param.ds && param.gran != Gran64K) {
+            outputsize = MIN(outputsize, 48);
+        }
     } else {
         param = aa32_va_parameters(env, address, mmu_idx);
         level = 1;
-- 
2.25.1

Squashed in a trivial fix for 32-bit hosts:

--- a/target/arm/mve_helper.c
+++ b/target/arm/mve_helper.c
@@ -XXX,XX +XXX,XX @@ DO_LDAV(vmlsldavxsw, 4, int32_t, true, +=, -=)
                     acc = EVENACC(acc, TO128(n[H##ESIZE(e + 1 * XCHG)] * \
                                              m[H##ESIZE(e)]));          \
                 }                                                       \
-                acc = int128_add(acc, 1 << 7);                          \
+                acc = int128_add(acc, int128_make64(1 << 7));           \
             }                                                           \
         }                                                               \
         mve_advance_vpt(env);                                           \

-- PMM

The following changes since commit 53f306f316549d20c76886903181413d20842423:

Merge remote-tracking branch 'remotes/ehabkost-gl/tags/x86-next-pull-request' into staging (2021-06-21 11:26:04 +0100)

are available in the Git repository at:

https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20210624

for you to fetch changes up to 90a76c6316cfe6416fc33814a838fb3928f746ee:

docs/system: arm: Add nRF boards description (2021-06-24 14:58:48 +0100)

----------------------------------------------------------------
target-arm queue:
 * Don't require 'virt' board to be compiled in for ACPI GHES code
 * docs: Document which architecture extensions we emulate
 * Fix bugs in M-profile FPCXT_NS accesses
 * First slice of MVE patches
 * Implement MTE3
 * docs/system: arm: Add nRF boards description

----------------------------------------------------------------
Alexandre Iooss (1):
      docs/system: arm: Add nRF boards description

Peter Collingbourne (1):
      target/arm: Implement MTE3

Peter Maydell (55):
      hw/acpi: Provide stub version of acpi_ghes_record_errors()
      hw/acpi: Provide function acpi_ghes_present()
      target/arm: Use acpi_ghes_present() to see if we report ACPI memory errors
      docs/system/arm: Document which architecture extensions we emulate
      target/arm/translate-vfp.c: Whitespace fixes
      target/arm: Handle FPU being disabled in FPCXT_NS accesses
      target/arm: Don't NOCP fault for FPCXT_NS accesses
      target/arm: Handle writeback in VLDR/VSTR sysreg with no memory access
      target/arm: Factor FP context update code out into helper function
      target/arm: Split vfp_access_check() into A and M versions
      target/arm: Handle FPU check for FPCXT_NS insns via vfp_access_check_m()
      target/arm: Implement MVE VLDR/VSTR (non-widening forms)
      target/arm: Implement widening/narrowing MVE VLDR/VSTR insns
      target/arm: Implement MVE VCLZ
      target/arm: Implement MVE VCLS
      target/arm: Implement MVE VREV16, VREV32, VREV64
      target/arm: Implement MVE VMVN (register)
      target/arm: Implement MVE VABS
      target/arm: Implement MVE VNEG
      tcg: Make gen_dup_i32/i64() public as tcg_gen_dup_i32/i64
      target/arm: Implement MVE VDUP
      target/arm: Implement MVE VAND, VBIC, VORR, VORN, VEOR
      target/arm: Implement MVE VADD, VSUB, VMUL
      target/arm: Implement MVE VMULH
      target/arm: Implement MVE VRMULH
      target/arm: Implement MVE VMAX, VMIN
      target/arm: Implement MVE VABD
      target/arm: Implement MVE VHADD, VHSUB
      target/arm: Implement MVE VMULL
      target/arm: Implement MVE VMLALDAV
      target/arm: Implement MVE VMLSLDAV
      target/arm: Implement MVE VRMLALDAVH, VRMLSLDAVH
      target/arm: Implement MVE VADD (scalar)
      target/arm: Implement MVE VSUB, VMUL (scalar)
      target/arm: Implement MVE VHADD, VHSUB (scalar)
      target/arm: Implement MVE VBRSR
      target/arm: Implement MVE VPST
      target/arm: Implement MVE VQADD and VQSUB
      target/arm: Implement MVE VQDMULH and VQRDMULH (scalar)
      target/arm: Implement MVE VQDMULL scalar
      target/arm: Implement MVE VQDMULH, VQRDMULH (vector)
      target/arm: Implement MVE VQADD, VQSUB (vector)
      target/arm: Implement MVE VQSHL (vector)
      target/arm: Implement MVE VQRSHL
      target/arm: Implement MVE VSHL insn
      target/arm: Implement MVE VRSHL
      target/arm: Implement MVE VQDMLADH and VQRDMLADH
      target/arm: Implement MVE VQDMLSDH and VQRDMLSDH
      target/arm: Implement MVE VQDMULL (vector)
      target/arm: Implement MVE VRHADD
      target/arm: Implement MVE VADC, VSBC
      target/arm: Implement MVE VCADD
      target/arm: Implement MVE VHCADD
      target/arm: Implement MVE VADDV
      target/arm: Make VMOV scalar <-> gpreg beatwise for MVE

docs/system/arm/emulation.rst |  103 ++++
 docs/system/arm/nrf.rst       |   51 ++
 docs/system/target-arm.rst    |    7 +
 include/hw/acpi/ghes.h        |    9 +
 include/tcg/tcg-op.h          |    8 +
 include/tcg/tcg.h             |    1 -
 target/arm/helper-mve.h       |  357 +++++++++++++
 target/arm/helper.h           |    2 +
 target/arm/internals.h        |   11 +
 target/arm/translate-a32.h    |    3 +
 target/arm/translate.h        |   10 +
 target/arm/m-nocp.decode      |   24 +
 target/arm/mve.decode         |  240 +++++++++
 target/arm/vfp.decode         |   14 -
 hw/acpi/ghes-stub.c           |   22 +
 hw/acpi/ghes.c                |   17 +
 target/arm/cpu64.c            |    2 +-
 target/arm/kvm64.c            |    6 +-
 target/arm/mte_helper.c       |   82 +--
 target/arm/mve_helper.c       | 1160 +++++++++++++++++++++++++++++++++++++++++
 target/arm/translate-m-nocp.c |  550 +++++++++++++++++++
 target/arm/translate-mve.c    |  759 +++++++++++++++++++++++++++
 target/arm/translate-vfp.c    |  741 +++++++-------------------
 tcg/tcg-op-gvec.c             |   20 +-
 MAINTAINERS                   |    1 +
 hw/acpi/meson.build           |    6 +-
 target/arm/meson.build        |    1 +
 27 files changed, 3578 insertions(+), 629 deletions(-)
 create mode 100644 docs/system/arm/emulation.rst
 create mode 100644 docs/system/arm/nrf.rst
 create mode 100644 target/arm/helper-mve.h
 create mode 100644 hw/acpi/ghes-stub.c
 create mode 100644 target/arm/mve_helper.c