| 1 | Hi; this pull request has a couple of fixes for bugs in | 1 | Squashed in a trivial fix for 32-bit hosts: |
|---|---|---|---|
| 2 | the Arm page-table-walk code, which arrived in the last | ||
| 3 | day or so. | ||
| 4 | 2 | ||
| 5 | I'm sending this out now in the hope it might just sneak | 3 | --- a/target/arm/mve_helper.c |
| 6 | in before rc2 gets tagged, so the fixes can get more | 4 | +++ b/target/arm/mve_helper.c |
| 7 | testing time before the 7.2 release; but if they don't | 5 | @@ -XXX,XX +XXX,XX @@ DO_LDAV(vmlsldavxsw, 4, int32_t, true, +=, -=) |
| 8 | make it then this should go into rc3. | 6 | acc = EVENACC(acc, TO128(n[H##ESIZE(e + 1 * XCHG)] * \ |
| 7 | m[H##ESIZE(e)])); \ | ||
| 8 | } \ | ||
| 9 | - acc = int128_add(acc, 1 << 7); \ | ||
| 10 | + acc = int128_add(acc, int128_make64(1 << 7)); \ | ||
| 11 | } \ | ||
| 12 | } \ | ||
| 13 | mve_advance_vpt(env); \ | ||
| 9 | 14 | ||
| 10 | thanks | ||
| 11 | -- PMM | 15 | -- PMM |
| 12 | 16 | ||
| 13 | The following changes since commit 6d71357a3b651ec9db126e4862b77e13165427f5: | 17 | The following changes since commit 53f306f316549d20c76886903181413d20842423: |
| 14 | 18 | ||
| 15 | rtl8139: honor large send MSS value (2022-11-21 09:28:43 -0500) | 19 | Merge remote-tracking branch 'remotes/ehabkost-gl/tags/x86-next-pull-request' into staging (2021-06-21 11:26:04 +0100) |
| 16 | 20 | ||
| 17 | are available in the Git repository at: | 21 | are available in the Git repository at: |
| 18 | 22 | ||
| 19 | https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20221122 | 23 | https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20210624 |
| 20 | 24 | ||
| 21 | for you to fetch changes up to 15f8f4671afd22491ce99d28a296514717fead4f: | 25 | for you to fetch changes up to 90a76c6316cfe6416fc33814a838fb3928f746ee: |
| 22 | 26 | ||
| 23 | target/arm: Use signed quantity to represent VMSAv8-64 translation level (2022-11-22 16:10:25 +0000) | 27 | docs/system: arm: Add nRF boards description (2021-06-24 14:58:48 +0100) |
| 24 | 28 | ||
| 25 | ---------------------------------------------------------------- | 29 | ---------------------------------------------------------------- |
| 26 | target-arm: | 30 | target-arm queue: |
| 27 | * Fix broken 5-level pagetable handling | 31 | * Don't require 'virt' board to be compiled in for ACPI GHES code |
| 28 | * Fix debug accesses when EL2 is present | 32 | * docs: Document which architecture extensions we emulate |
| 33 | * Fix bugs in M-profile FPCXT_NS accesses | ||
| 34 | * First slice of MVE patches | ||
| 35 | * Implement MTE3 | ||
| 36 | * docs/system: arm: Add nRF boards description | ||
| 29 | 37 | ||
| 30 | ---------------------------------------------------------------- | 38 | ---------------------------------------------------------------- |
| 31 | Ard Biesheuvel (1): | 39 | Alexandre Iooss (1): |
| 32 | target/arm: Use signed quantity to represent VMSAv8-64 translation level | 40 | docs/system: arm: Add nRF boards description |
| 33 | 41 | ||
| 34 | Peter Maydell (1): | 42 | Peter Collingbourne (1): |
| 35 | target/arm: Don't do two-stage lookup if stage 2 is disabled | 43 | target/arm: Implement MTE3 |
| 36 | 44 | ||
| 37 | target/arm/ptw.c | 11 ++++++----- | 45 | Peter Maydell (55): |
| 38 | 1 file changed, 6 insertions(+), 5 deletions(-) | 46 | hw/acpi: Provide stub version of acpi_ghes_record_errors() |
| 47 | hw/acpi: Provide function acpi_ghes_present() | ||
| 48 | target/arm: Use acpi_ghes_present() to see if we report ACPI memory errors | ||
| 49 | docs/system/arm: Document which architecture extensions we emulate | ||
| 50 | target/arm/translate-vfp.c: Whitespace fixes | ||
| 51 | target/arm: Handle FPU being disabled in FPCXT_NS accesses | ||
| 52 | target/arm: Don't NOCP fault for FPCXT_NS accesses | ||
| 53 | target/arm: Handle writeback in VLDR/VSTR sysreg with no memory access | ||
| 54 | target/arm: Factor FP context update code out into helper function | ||
| 55 | target/arm: Split vfp_access_check() into A and M versions | ||
| 56 | target/arm: Handle FPU check for FPCXT_NS insns via vfp_access_check_m() | ||
| 57 | target/arm: Implement MVE VLDR/VSTR (non-widening forms) | ||
| 58 | target/arm: Implement widening/narrowing MVE VLDR/VSTR insns | ||
| 59 | target/arm: Implement MVE VCLZ | ||
| 60 | target/arm: Implement MVE VCLS | ||
| 61 | target/arm: Implement MVE VREV16, VREV32, VREV64 | ||
| 62 | target/arm: Implement MVE VMVN (register) | ||
| 63 | target/arm: Implement MVE VABS | ||
| 64 | target/arm: Implement MVE VNEG | ||
| 65 | tcg: Make gen_dup_i32/i64() public as tcg_gen_dup_i32/i64 | ||
| 66 | target/arm: Implement MVE VDUP | ||
| 67 | target/arm: Implement MVE VAND, VBIC, VORR, VORN, VEOR | ||
| 68 | target/arm: Implement MVE VADD, VSUB, VMUL | ||
| 69 | target/arm: Implement MVE VMULH | ||
| 70 | target/arm: Implement MVE VRMULH | ||
| 71 | target/arm: Implement MVE VMAX, VMIN | ||
| 72 | target/arm: Implement MVE VABD | ||
| 73 | target/arm: Implement MVE VHADD, VHSUB | ||
| 74 | target/arm: Implement MVE VMULL | ||
| 75 | target/arm: Implement MVE VMLALDAV | ||
| 76 | target/arm: Implement MVE VMLSLDAV | ||
| 77 | target/arm: Implement MVE VRMLALDAVH, VRMLSLDAVH | ||
| 78 | target/arm: Implement MVE VADD (scalar) | ||
| 79 | target/arm: Implement MVE VSUB, VMUL (scalar) | ||
| 80 | target/arm: Implement MVE VHADD, VHSUB (scalar) | ||
| 81 | target/arm: Implement MVE VBRSR | ||
| 82 | target/arm: Implement MVE VPST | ||
| 83 | target/arm: Implement MVE VQADD and VQSUB | ||
| 84 | target/arm: Implement MVE VQDMULH and VQRDMULH (scalar) | ||
| 85 | target/arm: Implement MVE VQDMULL scalar | ||
| 86 | target/arm: Implement MVE VQDMULH, VQRDMULH (vector) | ||
| 87 | target/arm: Implement MVE VQADD, VQSUB (vector) | ||
| 88 | target/arm: Implement MVE VQSHL (vector) | ||
| 89 | target/arm: Implement MVE VQRSHL | ||
| 90 | target/arm: Implement MVE VSHL insn | ||
| 91 | target/arm: Implement MVE VRSHL | ||
| 92 | target/arm: Implement MVE VQDMLADH and VQRDMLADH | ||
| 93 | target/arm: Implement MVE VQDMLSDH and VQRDMLSDH | ||
| 94 | target/arm: Implement MVE VQDMULL (vector) | ||
| 95 | target/arm: Implement MVE VRHADD | ||
| 96 | target/arm: Implement MVE VADC, VSBC | ||
| 97 | target/arm: Implement MVE VCADD | ||
| 98 | target/arm: Implement MVE VHCADD | ||
| 99 | target/arm: Implement MVE VADDV | ||
| 100 | target/arm: Make VMOV scalar <-> gpreg beatwise for MVE | ||
| 101 | |||
| 102 | docs/system/arm/emulation.rst | 103 ++++ | ||
| 103 | docs/system/arm/nrf.rst | 51 ++ | ||
| 104 | docs/system/target-arm.rst | 7 + | ||
| 105 | include/hw/acpi/ghes.h | 9 + | ||
| 106 | include/tcg/tcg-op.h | 8 + | ||
| 107 | include/tcg/tcg.h | 1 - | ||
| 108 | target/arm/helper-mve.h | 357 +++++++++++++ | ||
| 109 | target/arm/helper.h | 2 + | ||
| 110 | target/arm/internals.h | 11 + | ||
| 111 | target/arm/translate-a32.h | 3 + | ||
| 112 | target/arm/translate.h | 10 + | ||
| 113 | target/arm/m-nocp.decode | 24 + | ||
| 114 | target/arm/mve.decode | 240 +++++++++ | ||
| 115 | target/arm/vfp.decode | 14 - | ||
| 116 | hw/acpi/ghes-stub.c | 22 + | ||
| 117 | hw/acpi/ghes.c | 17 + | ||
| 118 | target/arm/cpu64.c | 2 +- | ||
| 119 | target/arm/kvm64.c | 6 +- | ||
| 120 | target/arm/mte_helper.c | 82 +-- | ||
| 121 | target/arm/mve_helper.c | 1160 +++++++++++++++++++++++++++++++++++++++++ | ||
| 122 | target/arm/translate-m-nocp.c | 550 +++++++++++++++++++ | ||
| 123 | target/arm/translate-mve.c | 759 +++++++++++++++++++++++++++ | ||
| 124 | target/arm/translate-vfp.c | 741 +++++++------------------- | ||
| 125 | tcg/tcg-op-gvec.c | 20 +- | ||
| 126 | MAINTAINERS | 1 + | ||
| 127 | hw/acpi/meson.build | 6 +- | ||
| 128 | target/arm/meson.build | 1 + | ||
| 129 | 27 files changed, 3578 insertions(+), 629 deletions(-) | ||
| 130 | create mode 100644 docs/system/arm/emulation.rst | ||
| 131 | create mode 100644 docs/system/arm/nrf.rst | ||
| 132 | create mode 100644 target/arm/helper-mve.h | ||
| 133 | create mode 100644 hw/acpi/ghes-stub.c | ||
| 134 | create mode 100644 target/arm/mve_helper.c | ||
| 135 | diff view generated by jsdifflib |
Deleted patch | |||
|---|---|---|---|
| 1 | In get_phys_addr_with_struct(), we call get_phys_addr_twostage() if | ||
| 2 | the CPU supports EL2. However, we don't check here that stage 2 is | ||
| 3 | actually enabled. Instead we only check that inside | ||
| 4 | get_phys_addr_twostage() to skip stage 2 translation. This means | ||
| 5 | that even if stage 2 is disabled we still tell the stage 1 lookup to | ||
| 6 | do its page table walks via stage 2. | ||
| 7 | 1 | ||
| 8 | This works by luck for normal CPU accesses, but it breaks for debug | ||
| 9 | accesses, which are used by the disassembler and also by semihosting | ||
| 10 | file reads and writes, because the debug case takes a different code | ||
| 11 | path inside S1_ptw_translate(). | ||
| 12 | |||
| 13 | This means that setups that use semihosting for file loads are broken | ||
| 14 | (a regression since 7.1, introduced in recent ptw refactoring), and | ||
| 15 | that sometimes disassembly in debug logs reports "unable to read | ||
| 16 | memory" rather than showing the guest insns. | ||
| 17 | |||
| 18 | Fix the bug by hoisting the "is stage 2 enabled?" check up to | ||
| 19 | get_phys_addr_with_struct(), so that we handle S2 disabled the same | ||
| 20 | way we do the "no EL2" case, with a simple single stage lookup. | ||
| 21 | |||
| 22 | Reported-by: Jens Wiklander <jens.wiklander@linaro.org> | ||
| 23 | Reviewed-by: Richard Henderson <richard.henderson@linaro.org> | ||
| 24 | Signed-off-by: Peter Maydell <peter.maydell@linaro.org> | ||
| 25 | Message-id: 20221121212404.1450382-1-peter.maydell@linaro.org | ||
| 26 | --- | ||
| 27 | target/arm/ptw.c | 7 ++++--- | ||
| 28 | 1 file changed, 4 insertions(+), 3 deletions(-) | ||
| 29 | |||
| 30 | diff --git a/target/arm/ptw.c b/target/arm/ptw.c | ||
| 31 | index XXXXXXX..XXXXXXX 100644 | ||
| 32 | --- a/target/arm/ptw.c | ||
| 33 | +++ b/target/arm/ptw.c | ||
| 34 | @@ -XXX,XX +XXX,XX @@ static bool get_phys_addr_twostage(CPUARMState *env, S1Translate *ptw, | ||
| 35 | |||
| 36 | ret = get_phys_addr_with_struct(env, ptw, address, access_type, result, fi); | ||
| 37 | |||
| 38 | - /* If S1 fails or S2 is disabled, return early. */ | ||
| 39 | - if (ret || regime_translation_disabled(env, ARMMMUIdx_Stage2, is_secure)) { | ||
| 40 | + /* If S1 fails, return early. */ | ||
| 41 | + if (ret) { | ||
| 42 | return ret; | ||
| 43 | } | ||
| 44 | |||
| 45 | @@ -XXX,XX +XXX,XX @@ static bool get_phys_addr_with_struct(CPUARMState *env, S1Translate *ptw, | ||
| 46 | * Otherwise, a stage1+stage2 translation is just stage 1. | ||
| 47 | */ | ||
| 48 | ptw->in_mmu_idx = mmu_idx = s1_mmu_idx; | ||
| 49 | - if (arm_feature(env, ARM_FEATURE_EL2)) { | ||
| 50 | + if (arm_feature(env, ARM_FEATURE_EL2) && | ||
| 51 | + !regime_translation_disabled(env, ARMMMUIdx_Stage2, is_secure)) { | ||
| 52 | return get_phys_addr_twostage(env, ptw, address, access_type, | ||
| 53 | result, fi); | ||
| 54 | } | ||
| 55 | -- | ||
| 56 | 2.25.1 | diff view generated by jsdifflib |
Deleted patch | |||
|---|---|---|---|
| 1 | From: Ard Biesheuvel <ardb@kernel.org> | ||
| 2 | 1 | ||
| 3 | The LPA2 extension implements 52-bit virtual addressing for 4k and 16k | ||
| 4 | translation granules, and for the former, this means an additional level | ||
| 5 | of translation is needed. This means we start counting at -1 instead of | ||
| 6 | 0 when doing a walk, and so 'level' is now a signed quantity, and should | ||
| 7 | be typed as such. So turn it from uint32_t into int32_t. | ||
| 8 | |||
| 9 | This avoids a level of -1 getting misinterpreted as being >= 3, and | ||
| 10 | terminating a page table walk prematurely with a bogus output address. | ||
| 11 | |||
| 12 | Cc: Peter Maydell <peter.maydell@linaro.org> | ||
| 13 | Cc: Philippe Mathieu-Daudé <f4bug@amsat.org> | ||
| 14 | Cc: Richard Henderson <richard.henderson@linaro.org> | ||
| 15 | Signed-off-by: Ard Biesheuvel <ardb@kernel.org> | ||
| 16 | Reviewed-by: Peter Maydell <peter.maydell@linaro.org> | ||
| 17 | Signed-off-by: Peter Maydell <peter.maydell@linaro.org> | ||
| 18 | --- | ||
| 19 | target/arm/ptw.c | 4 ++-- | ||
| 20 | 1 file changed, 2 insertions(+), 2 deletions(-) | ||
| 21 | |||
| 22 | diff --git a/target/arm/ptw.c b/target/arm/ptw.c | ||
| 23 | index XXXXXXX..XXXXXXX 100644 | ||
| 24 | --- a/target/arm/ptw.c | ||
| 25 | +++ b/target/arm/ptw.c | ||
| 26 | @@ -XXX,XX +XXX,XX @@ static bool get_phys_addr_lpae(CPUARMState *env, S1Translate *ptw, | ||
| 27 | ARMCPU *cpu = env_archcpu(env); | ||
| 28 | ARMMMUIdx mmu_idx = ptw->in_mmu_idx; | ||
| 29 | bool is_secure = ptw->in_secure; | ||
| 30 | - uint32_t level; | ||
| 31 | + int32_t level; | ||
| 32 | ARMVAParameters param; | ||
| 33 | uint64_t ttbr; | ||
| 34 | hwaddr descaddr, indexmask, indexmask_grainsize; | ||
| 35 | @@ -XXX,XX +XXX,XX @@ static bool get_phys_addr_lpae(CPUARMState *env, S1Translate *ptw, | ||
| 36 | */ | ||
| 37 | uint32_t sl0 = extract32(tcr, 6, 2); | ||
| 38 | uint32_t sl2 = extract64(tcr, 33, 1); | ||
| 39 | - uint32_t startlevel; | ||
| 40 | + int32_t startlevel; | ||
| 41 | bool ok; | ||
| 42 | |||
| 43 | /* SL2 is RES0 unless DS=1 & 4kb granule. */ | ||
| 44 | -- | ||
| 45 | 2.25.1 | ||
| 46 | |||
| 47 | diff view generated by jsdifflib |