1
The following changes since commit 003ba52a8b327180e284630b289c6ece5a3e08b9:
1
Hi; here's a target-arm pullreq to go in before softfreeze.
2
This is actually pretty much entirely bugfixes (since the
3
SEL2 timers we implement here are a missing part of a feature
4
we claim to already implement).
2
5
3
Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging (2023-02-16 11:16:39 +0000)
6
thanks
7
-- PMM
8
9
The following changes since commit 98c7362b1efe651327385a25874a73e008c6549e:
10
11
Merge tag 'accel-cpus-20250306' of https://github.com/philmd/qemu into staging (2025-03-07 07:39:49 +0800)
4
12
5
are available in the Git repository at:
13
are available in the Git repository at:
6
14
7
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20230216
15
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20250307
8
16
9
for you to fetch changes up to caf01d6a435d9f4a95aeae2f9fc6cb8b889b1fb8:
17
for you to fetch changes up to 0ce0739d46983e5e88fa9c149cb305689c9d8c6f:
10
18
11
tests/qtest: Restrict tpm-tis-devices-{swtpm}-test to CONFIG_TCG (2023-02-16 16:28:53 +0000)
19
target/rx: Remove TCG_CALL_NO_WG from helpers which write env (2025-03-07 15:03:20 +0000)
12
20
13
----------------------------------------------------------------
21
----------------------------------------------------------------
14
target-arm queue:
22
target-arm queue:
15
* Some mostly M-profile-related code cleanups
23
* hw/arm/smmu-common: Remove the repeated ttb field
16
* avocado: Retire the boot_linux.py AArch64 TCG tests
24
* hw/gpio: npcm7xx: fixup out-of-bounds access
17
* hw/arm/smmuv3: Add GBPA register
25
* tests/functional/test_arm_sx1: Check whether the serial console is working
18
* arm/virt: don't try to spell out the accelerator
26
* target/arm: Fix minor bugs in generic timer register handling
19
* hw/arm: Attach PSPI module to NPCM7XX SoC
27
* target/arm: Implement SEL2 physical and virtual timers
20
* Some cleanup/refactoring patches aiming towards
28
* target/arm: Correct STRD, LDRD atomicity and fault behaviour
21
allowing building Arm targets without CONFIG_TCG
29
* target/arm: Make dummy debug registers RAZ, not NOP
30
* util/qemu-timer.c: Don't warp timer from timerlist_rearm()
31
* include/exec/memop.h: Expand comment for MO_ATOM_SUBALIGN
32
* hw/arm/smmu: Introduce smmu_configs_inv_sid_range() helper
33
* target/rx: Set exception vector base to 0xffffff80
34
* target/rx: Remove TCG_CALL_NO_WG from helpers which write env
22
35
23
----------------------------------------------------------------
36
----------------------------------------------------------------
24
Alex Bennée (1):
37
Alex Bennée (4):
25
tests/avocado: retire the Aarch64 TCG tests from boot_linux.py
38
target/arm: Implement SEL2 physical and virtual timers
39
target/arm: Document the architectural names of our GTIMERs
40
hw/arm: enable secure EL2 timers for virt machine
41
hw/arm: enable secure EL2 timers for sbsa machine
26
42
27
Claudio Fontana (3):
43
JianChunfu (2):
28
target/arm: rename handle_semihosting to tcg_handle_semihosting
44
hw/arm/smmu-common: Remove the repeated ttb field
29
target/arm: wrap psci call with tcg_enabled
45
hw/arm/smmu: Introduce smmu_configs_inv_sid_range() helper
30
target/arm: wrap call to aarch64_sve_change_el in tcg_enabled()
31
46
32
Cornelia Huck (1):
47
Keith Packard (2):
33
arm/virt: don't try to spell out the accelerator
48
target/rx: Set exception vector base to 0xffffff80
49
target/rx: Remove TCG_CALL_NO_WG from helpers which write env
34
50
35
Fabiano Rosas (7):
51
Patrick Venture (1):
36
target/arm: Move PC alignment check
52
hw/gpio: npcm7xx: fixup out-of-bounds access
37
target/arm: Move cpregs code out of cpu.h
38
tests/avocado: Skip tests that require a missing accelerator
39
tests/avocado: Tag TCG tests with accel:tcg
40
target/arm: Use "max" as default cpu for the virt machine with KVM
41
tests/qtest: arm-cpu-features: Match tests to required accelerators
42
tests/qtest: Restrict tpm-tis-devices-{swtpm}-test to CONFIG_TCG
43
53
44
Hao Wu (3):
54
Peter Maydell (11):
45
MAINTAINERS: Add myself to maintainers and remove Havard
55
target/arm: Apply correct timer offset when calculating deadlines
46
hw/ssi: Add Nuvoton PSPI Module
56
target/arm: Don't apply CNTVOFF_EL2 for EL2_VIRT timer
47
hw/arm: Attach PSPI module to NPCM7XX SoC
57
target/arm: Make CNTPS_* UNDEF from Secure EL1 when Secure EL2 is enabled
58
target/arm: Always apply CNTVOFF_EL2 for CNTV_TVAL_EL02 accesses
59
target/arm: Refactor handling of timer offset for direct register accesses
60
target/arm: Correct LDRD atomicity and fault behaviour
61
target/arm: Correct STRD atomicity
62
target/arm: Drop unused address_offset from op_addr_{rr, ri}_post()
63
target/arm: Make dummy debug registers RAZ, not NOP
64
util/qemu-timer.c: Don't warp timer from timerlist_rearm()
65
include/exec/memop.h: Expand comment for MO_ATOM_SUBALIGN
48
66
49
Jean-Philippe Brucker (2):
67
Thomas Huth (1):
50
hw/arm/smmu-common: Support 64-bit addresses
68
tests/functional/test_arm_sx1: Check whether the serial console is working
51
hw/arm/smmu-common: Fix TTB1 handling
52
69
53
Mostafa Saleh (1):
70
MAINTAINERS | 1 +
54
hw/arm/smmuv3: Add GBPA register
71
hw/arm/smmu-internal.h | 5 -
72
include/exec/memop.h | 8 +-
73
include/hw/arm/bsa.h | 2 +
74
include/hw/arm/smmu-common.h | 7 +-
75
target/arm/cpu.h | 2 +
76
target/arm/gtimer.h | 14 +-
77
target/arm/internals.h | 5 +-
78
target/rx/helper.h | 34 ++--
79
hw/arm/sbsa-ref.c | 2 +
80
hw/arm/smmu-common.c | 21 +++
81
hw/arm/smmuv3.c | 19 +--
82
hw/arm/virt.c | 2 +
83
hw/gpio/npcm7xx_gpio.c | 3 +-
84
target/arm/cpu.c | 4 +
85
target/arm/debug_helper.c | 7 +-
86
target/arm/helper.c | 324 ++++++++++++++++++++++++++++++++-------
87
target/arm/tcg/op_helper.c | 8 +-
88
target/arm/tcg/translate.c | 147 +++++++++++-------
89
target/rx/helper.c | 2 +-
90
util/qemu-timer.c | 4 -
91
hw/arm/trace-events | 3 +-
92
tests/functional/test_arm_sx1.py | 7 +-
93
23 files changed, 455 insertions(+), 176 deletions(-)
55
94
56
Philippe Mathieu-Daudé (12):
57
hw/intc/armv7m_nvic: Use OBJECT_DECLARE_SIMPLE_TYPE() macro
58
target/arm: Simplify arm_v7m_mmu_idx_for_secstate() for user emulation
59
target/arm: Reduce arm_v7m_mmu_idx_[all/for_secstate_and_priv]() scope
60
target/arm: Constify ID_PFR1 on user emulation
61
target/arm: Convert CPUARMState::eabi to boolean
62
target/arm: Avoid resetting CPUARMState::eabi field
63
target/arm: Restrict CPUARMState::gicv3state to sysemu
64
target/arm: Restrict CPUARMState::arm_boot_info to sysemu
65
target/arm: Restrict CPUARMState::nvic to sysemu
66
target/arm: Store CPUARMState::nvic as NVICState*
67
target/arm: Declare CPU <-> NVIC helpers in 'hw/intc/armv7m_nvic.h'
68
hw/arm: Add missing XLNX_ZYNQMP_ARM -> USB_DWC3 Kconfig dependency
69
70
MAINTAINERS | 8 +-
71
docs/system/arm/nuvoton.rst | 2 +-
72
hw/arm/smmuv3-internal.h | 7 +
73
include/hw/arm/npcm7xx.h | 2 +
74
include/hw/arm/smmu-common.h | 2 -
75
include/hw/arm/smmuv3.h | 1 +
76
include/hw/intc/armv7m_nvic.h | 128 +++++++++++++++++-
77
include/hw/ssi/npcm_pspi.h | 53 ++++++++
78
linux-user/user-internals.h | 2 +-
79
target/arm/cpregs.h | 98 ++++++++++++++
80
target/arm/cpu.h | 228 ++-------------------------------
81
target/arm/internals.h | 14 --
82
hw/arm/npcm7xx.c | 25 +++-
83
hw/arm/smmu-common.c | 4 +-
84
hw/arm/smmuv3.c | 43 ++++++-
85
hw/arm/virt.c | 10 +-
86
hw/intc/armv7m_nvic.c | 38 ++----
87
hw/ssi/npcm_pspi.c | 221 ++++++++++++++++++++++++++++++++
88
linux-user/arm/cpu_loop.c | 4 +-
89
target/arm/cpu.c | 5 +-
90
target/arm/cpu_tcg.c | 3 +
91
target/arm/helper.c | 31 +++--
92
target/arm/m_helper.c | 86 +++++++------
93
target/arm/machine.c | 18 +--
94
tests/qtest/arm-cpu-features.c | 28 ++--
95
hw/arm/Kconfig | 1 +
96
hw/ssi/meson.build | 2 +-
97
hw/ssi/trace-events | 5 +
98
tests/avocado/avocado_qemu/__init__.py | 4 +
99
tests/avocado/boot_linux.py | 48 ++-----
100
tests/avocado/boot_linux_console.py | 1 +
101
tests/avocado/machine_aarch64_virt.py | 63 ++++++++-
102
tests/avocado/reverse_debugging.py | 8 ++
103
tests/qtest/meson.build | 4 +-
104
34 files changed, 798 insertions(+), 399 deletions(-)
105
create mode 100644 include/hw/ssi/npcm_pspi.h
106
create mode 100644 hw/ssi/npcm_pspi.c
107
diff view generated by jsdifflib
Deleted patch
1
From: Philippe Mathieu-Daudé <philmd@linaro.org>
2
1
3
Manually convert to OBJECT_DECLARE_SIMPLE_TYPE() macro,
4
similarly to automatic conversion from commit 8063396bf3
5
("Use OBJECT_DECLARE_SIMPLE_TYPE when possible").
6
7
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
8
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
9
Message-id: 20230206223502.25122-2-philmd@linaro.org
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
12
include/hw/intc/armv7m_nvic.h | 5 +----
13
1 file changed, 1 insertion(+), 4 deletions(-)
14
15
diff --git a/include/hw/intc/armv7m_nvic.h b/include/hw/intc/armv7m_nvic.h
16
index XXXXXXX..XXXXXXX 100644
17
--- a/include/hw/intc/armv7m_nvic.h
18
+++ b/include/hw/intc/armv7m_nvic.h
19
@@ -XXX,XX +XXX,XX @@
20
#include "qom/object.h"
21
22
#define TYPE_NVIC "armv7m_nvic"
23
-
24
-typedef struct NVICState NVICState;
25
-DECLARE_INSTANCE_CHECKER(NVICState, NVIC,
26
- TYPE_NVIC)
27
+OBJECT_DECLARE_SIMPLE_TYPE(NVICState, NVIC)
28
29
/* Highest permitted number of exceptions (architectural limit) */
30
#define NVIC_MAX_VECTORS 512
31
--
32
2.34.1
33
34
diff view generated by jsdifflib
1
From: Jean-Philippe Brucker <jean-philippe@linaro.org>
1
From: JianChunfu <jansef.jian@hj-micro.com>
2
2
3
Addresses targeting the second translation table (TTB1) in the SMMU have
3
SMMUTransCfg->ttb is never used in QEMU, TT base address
4
all upper bits set. Ensure the IOMMU region covers all 64 bits.
4
can be accessed by SMMUTransCfg->tt[i]->ttb.
5
5
6
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
6
Signed-off-by: JianChunfu <jansef.jian@hj-micro.com>
7
Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
8
Reviewed-by: Eric Auger <eric.auger@redhat.com>
7
Reviewed-by: Eric Auger <eric.auger@redhat.com>
9
Message-id: 20230214171921.1917916-2-jean-philippe@linaro.org
8
Message-id: 20250221031034.69822-1-jansef.jian@hj-micro.com
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
10
---
12
include/hw/arm/smmu-common.h | 2 --
11
include/hw/arm/smmu-common.h | 1 -
13
hw/arm/smmu-common.c | 2 +-
12
1 file changed, 1 deletion(-)
14
2 files changed, 1 insertion(+), 3 deletions(-)
15
13
16
diff --git a/include/hw/arm/smmu-common.h b/include/hw/arm/smmu-common.h
14
diff --git a/include/hw/arm/smmu-common.h b/include/hw/arm/smmu-common.h
17
index XXXXXXX..XXXXXXX 100644
15
index XXXXXXX..XXXXXXX 100644
18
--- a/include/hw/arm/smmu-common.h
16
--- a/include/hw/arm/smmu-common.h
19
+++ b/include/hw/arm/smmu-common.h
17
+++ b/include/hw/arm/smmu-common.h
20
@@ -XXX,XX +XXX,XX @@
18
@@ -XXX,XX +XXX,XX @@ typedef struct SMMUTransCfg {
21
#define SMMU_PCI_DEVFN_MAX 256
19
/* Used by stage-1 only. */
22
#define SMMU_PCI_DEVFN(sid) (sid & 0xFF)
20
bool aa64; /* arch64 or aarch32 translation table */
23
21
bool record_faults; /* record fault events */
24
-#define SMMU_MAX_VA_BITS 48
22
- uint64_t ttb; /* TT base address */
25
-
23
uint8_t oas; /* output address width */
26
/*
24
uint8_t tbi; /* Top Byte Ignore */
27
* Page table walk error types
25
int asid;
28
*/
29
diff --git a/hw/arm/smmu-common.c b/hw/arm/smmu-common.c
30
index XXXXXXX..XXXXXXX 100644
31
--- a/hw/arm/smmu-common.c
32
+++ b/hw/arm/smmu-common.c
33
@@ -XXX,XX +XXX,XX @@ static AddressSpace *smmu_find_add_as(PCIBus *bus, void *opaque, int devfn)
34
35
memory_region_init_iommu(&sdev->iommu, sizeof(sdev->iommu),
36
s->mrtypename,
37
- OBJECT(s), name, 1ULL << SMMU_MAX_VA_BITS);
38
+ OBJECT(s), name, UINT64_MAX);
39
address_space_init(&sdev->as,
40
MEMORY_REGION(&sdev->iommu), name);
41
trace_smmu_add_mr(name);
42
--
26
--
43
2.34.1
27
2.43.0
diff view generated by jsdifflib
1
From: Fabiano Rosas <farosas@suse.de>
1
From: Patrick Venture <venture@google.com>
2
2
3
Move this earlier to make the next patch diff cleaner. While here
3
The reg isn't validated to be a possible register before
4
update the comment slightly to not give the impression that the
4
it's dereferenced for one case. The mmio space registered
5
misalignment affects only TCG.
5
for the gpio device is 4KiB but there aren't that many
6
registers in the struct.
6
7
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Cc: qemu-stable@nongnu.org
9
Fixes: 526dbbe0874 ("hw/gpio: Add GPIO model for Nuvoton NPCM7xx")
10
Signed-off-by: Patrick Venture <venture@google.com>
8
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
11
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
9
Signed-off-by: Fabiano Rosas <farosas@suse.de>
12
Message-id: 20250226024603.493148-1-venture@google.com
10
Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
---
14
---
13
target/arm/machine.c | 18 +++++++++---------
15
hw/gpio/npcm7xx_gpio.c | 3 +--
14
1 file changed, 9 insertions(+), 9 deletions(-)
16
1 file changed, 1 insertion(+), 2 deletions(-)
15
17
16
diff --git a/target/arm/machine.c b/target/arm/machine.c
18
diff --git a/hw/gpio/npcm7xx_gpio.c b/hw/gpio/npcm7xx_gpio.c
17
index XXXXXXX..XXXXXXX 100644
19
index XXXXXXX..XXXXXXX 100644
18
--- a/target/arm/machine.c
20
--- a/hw/gpio/npcm7xx_gpio.c
19
+++ b/target/arm/machine.c
21
+++ b/hw/gpio/npcm7xx_gpio.c
20
@@ -XXX,XX +XXX,XX @@ static int cpu_post_load(void *opaque, int version_id)
22
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_gpio_regs_write(void *opaque, hwaddr addr, uint64_t v,
21
}
23
return;
22
}
24
}
23
25
24
+ /*
26
- diff = s->regs[reg] ^ value;
25
+ * Misaligned thumb pc is architecturally impossible. Fail the
26
+ * incoming migration. For TCG it would trigger the assert in
27
+ * thumb_tr_translate_insn().
28
+ */
29
+ if (!is_a64(env) && env->thumb && (env->regs[15] & 1)) {
30
+ return -1;
31
+ }
32
+
33
hw_breakpoint_update_all(cpu);
34
hw_watchpoint_update_all(cpu);
35
36
@@ -XXX,XX +XXX,XX @@ static int cpu_post_load(void *opaque, int version_id)
37
}
38
}
39
40
- /*
41
- * Misaligned thumb pc is architecturally impossible.
42
- * We have an assert in thumb_tr_translate_insn to verify this.
43
- * Fail an incoming migrate to avoid this assert.
44
- */
45
- if (!is_a64(env) && env->thumb && (env->regs[15] & 1)) {
46
- return -1;
47
- }
48
-
27
-
49
if (!kvm_enabled()) {
28
switch (reg) {
50
pmu_op_finish(&cpu->env);
29
case NPCM7XX_GPIO_TLOCK1:
51
}
30
case NPCM7XX_GPIO_TLOCK2:
31
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_gpio_regs_write(void *opaque, hwaddr addr, uint64_t v,
32
case NPCM7XX_GPIO_PU:
33
case NPCM7XX_GPIO_PD:
34
case NPCM7XX_GPIO_IEM:
35
+ diff = s->regs[reg] ^ value;
36
s->regs[reg] = value;
37
npcm7xx_gpio_update_pins(s, diff);
38
break;
52
--
39
--
53
2.34.1
40
2.43.0
54
41
55
42
diff view generated by jsdifflib
1
From: Hao Wu <wuhaotsh@google.com>
1
From: Thomas Huth <thuth@redhat.com>
2
2
3
Nuvoton's PSPI is a general purpose SPI module which enables
3
The kernel that is used in the sx1 test prints the usual Linux log
4
connections to SPI-based peripheral devices.
4
onto the serial console, but this test currently ignores it. To
5
make sure that the serial device is working properly, let's check
6
for some strings in the output here.
5
7
6
Signed-off-by: Hao Wu <wuhaotsh@google.com>
8
While we're at it, also add the test to the corresponding section
7
Reviewed-by: Chris Rauer <crauer@google.com>
9
in the MAINTAINERS file.
8
Reviewed-by: Philippe Mathieu-Daude <philmd@linaro.org>
10
9
Message-id: 20230208235433.3989937-3-wuhaotsh@google.com
11
Signed-off-by: Thomas Huth <thuth@redhat.com>
12
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
13
Message-id: 20250226104833.1176253-1-thuth@redhat.com
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
14
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
15
---
12
MAINTAINERS | 6 +-
16
MAINTAINERS | 1 +
13
include/hw/ssi/npcm_pspi.h | 53 +++++++++
17
tests/functional/test_arm_sx1.py | 7 ++++---
14
hw/ssi/npcm_pspi.c | 221 +++++++++++++++++++++++++++++++++++++
18
2 files changed, 5 insertions(+), 3 deletions(-)
15
hw/ssi/meson.build | 2 +-
16
hw/ssi/trace-events | 5 +
17
5 files changed, 283 insertions(+), 4 deletions(-)
18
create mode 100644 include/hw/ssi/npcm_pspi.h
19
create mode 100644 hw/ssi/npcm_pspi.c
20
19
21
diff --git a/MAINTAINERS b/MAINTAINERS
20
diff --git a/MAINTAINERS b/MAINTAINERS
22
index XXXXXXX..XXXXXXX 100644
21
index XXXXXXX..XXXXXXX 100644
23
--- a/MAINTAINERS
22
--- a/MAINTAINERS
24
+++ b/MAINTAINERS
23
+++ b/MAINTAINERS
25
@@ -XXX,XX +XXX,XX @@ M: Tyrone Ting <kfting@nuvoton.com>
24
@@ -XXX,XX +XXX,XX @@ S: Maintained
26
M: Hao Wu <wuhaotsh@google.com>
25
F: hw/*/omap*
27
L: qemu-arm@nongnu.org
26
F: include/hw/arm/omap.h
28
S: Supported
27
F: docs/system/arm/sx1.rst
29
-F: hw/*/npcm7xx*
28
+F: tests/functional/test_arm_sx1.py
30
-F: include/hw/*/npcm7xx*
29
31
-F: tests/qtest/npcm7xx*
30
IPack
32
+F: hw/*/npcm*
31
M: Alberto Garcia <berto@igalia.com>
33
+F: include/hw/*/npcm*
32
diff --git a/tests/functional/test_arm_sx1.py b/tests/functional/test_arm_sx1.py
34
+F: tests/qtest/npcm*
33
index XXXXXXX..XXXXXXX 100755
35
F: pc-bios/npcm7xx_bootrom.bin
34
--- a/tests/functional/test_arm_sx1.py
36
F: roms/vbootrom
35
+++ b/tests/functional/test_arm_sx1.py
37
F: docs/system/arm/nuvoton.rst
36
@@ -XXX,XX +XXX,XX @@ def test_arm_sx1_initrd(self):
38
diff --git a/include/hw/ssi/npcm_pspi.h b/include/hw/ssi/npcm_pspi.h
37
self.vm.add_args('-append', f'kunit.enable=0 rdinit=/sbin/init {self.CONSOLE_ARGS}')
39
new file mode 100644
38
self.vm.add_args('-no-reboot')
40
index XXXXXXX..XXXXXXX
39
self.launch_kernel(zimage_path,
41
--- /dev/null
40
- initrd=initrd_path)
42
+++ b/include/hw/ssi/npcm_pspi.h
41
+ initrd=initrd_path,
43
@@ -XXX,XX +XXX,XX @@
42
+ wait_for='Boot successful')
44
+/*
43
self.vm.wait(timeout=120)
45
+ * Nuvoton Peripheral SPI Module
44
46
+ *
45
def test_arm_sx1_sd(self):
47
+ * Copyright 2023 Google LLC
46
@@ -XXX,XX +XXX,XX @@ def test_arm_sx1_sd(self):
48
+ *
47
self.vm.add_args('-no-reboot')
49
+ * This program is free software; you can redistribute it and/or modify it
48
self.vm.add_args('-snapshot')
50
+ * under the terms of the GNU General Public License as published by the
49
self.vm.add_args('-drive', f'format=raw,if=sd,file={sd_fs_path}')
51
+ * Free Software Foundation; either version 2 of the License, or
50
- self.launch_kernel(zimage_path)
52
+ * (at your option) any later version.
51
+ self.launch_kernel(zimage_path, wait_for='Boot successful')
53
+ *
52
self.vm.wait(timeout=120)
54
+ * This program is distributed in the hope that it will be useful, but WITHOUT
53
55
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
54
def test_arm_sx1_flash(self):
56
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
55
@@ -XXX,XX +XXX,XX @@ def test_arm_sx1_flash(self):
57
+ * for more details.
56
self.vm.add_args('-no-reboot')
58
+ */
57
self.vm.add_args('-snapshot')
59
+#ifndef NPCM_PSPI_H
58
self.vm.add_args('-drive', f'format=raw,if=pflash,file={flash_path}')
60
+#define NPCM_PSPI_H
59
- self.launch_kernel(zimage_path)
61
+
60
+ self.launch_kernel(zimage_path, wait_for='Boot successful')
62
+#include "hw/ssi/ssi.h"
61
self.vm.wait(timeout=120)
63
+#include "hw/sysbus.h"
62
64
+
63
if __name__ == '__main__':
65
+/*
66
+ * Number of registers in our device state structure. Don't change this without
67
+ * incrementing the version_id in the vmstate.
68
+ */
69
+#define NPCM_PSPI_NR_REGS 3
70
+
71
+/**
72
+ * NPCMPSPIState - Device state for one Flash Interface Unit.
73
+ * @parent: System bus device.
74
+ * @mmio: Memory region for register access.
75
+ * @spi: The SPI bus mastered by this controller.
76
+ * @regs: Register contents.
77
+ * @irq: The interrupt request queue for this module.
78
+ *
79
+ * Each PSPI has a shared bank of registers, and controls up to four chip
80
+ * selects. Each chip select has a dedicated memory region which may be used to
81
+ * read and write the flash connected to that chip select as if it were memory.
82
+ */
83
+typedef struct NPCMPSPIState {
84
+ SysBusDevice parent;
85
+
86
+ MemoryRegion mmio;
87
+
88
+ SSIBus *spi;
89
+ uint16_t regs[NPCM_PSPI_NR_REGS];
90
+ qemu_irq irq;
91
+} NPCMPSPIState;
92
+
93
+#define TYPE_NPCM_PSPI "npcm-pspi"
94
+OBJECT_DECLARE_SIMPLE_TYPE(NPCMPSPIState, NPCM_PSPI)
95
+
96
+#endif /* NPCM_PSPI_H */
97
diff --git a/hw/ssi/npcm_pspi.c b/hw/ssi/npcm_pspi.c
98
new file mode 100644
99
index XXXXXXX..XXXXXXX
100
--- /dev/null
101
+++ b/hw/ssi/npcm_pspi.c
102
@@ -XXX,XX +XXX,XX @@
103
+/*
104
+ * Nuvoton NPCM Peripheral SPI Module (PSPI)
105
+ *
106
+ * Copyright 2023 Google LLC
107
+ *
108
+ * This program is free software; you can redistribute it and/or modify it
109
+ * under the terms of the GNU General Public License as published by the
110
+ * Free Software Foundation; either version 2 of the License, or
111
+ * (at your option) any later version.
112
+ *
113
+ * This program is distributed in the hope that it will be useful, but WITHOUT
114
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
115
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
116
+ * for more details.
117
+ */
118
+
119
+#include "qemu/osdep.h"
120
+
121
+#include "hw/irq.h"
122
+#include "hw/registerfields.h"
123
+#include "hw/ssi/npcm_pspi.h"
124
+#include "migration/vmstate.h"
125
+#include "qapi/error.h"
126
+#include "qemu/error-report.h"
127
+#include "qemu/log.h"
128
+#include "qemu/module.h"
129
+#include "qemu/units.h"
130
+
131
+#include "trace.h"
132
+
133
+REG16(PSPI_DATA, 0x0)
134
+REG16(PSPI_CTL1, 0x2)
135
+ FIELD(PSPI_CTL1, SPIEN, 0, 1)
136
+ FIELD(PSPI_CTL1, MOD, 2, 1)
137
+ FIELD(PSPI_CTL1, EIR, 5, 1)
138
+ FIELD(PSPI_CTL1, EIW, 6, 1)
139
+ FIELD(PSPI_CTL1, SCM, 7, 1)
140
+ FIELD(PSPI_CTL1, SCIDL, 8, 1)
141
+ FIELD(PSPI_CTL1, SCDV, 9, 7)
142
+REG16(PSPI_STAT, 0x4)
143
+ FIELD(PSPI_STAT, BSY, 0, 1)
144
+ FIELD(PSPI_STAT, RBF, 1, 1)
145
+
146
+static void npcm_pspi_update_irq(NPCMPSPIState *s)
147
+{
148
+ int level = 0;
149
+
150
+ /* Only fire IRQ when the module is enabled. */
151
+ if (FIELD_EX16(s->regs[R_PSPI_CTL1], PSPI_CTL1, SPIEN)) {
152
+ /* Update interrupt as BSY is cleared. */
153
+ if ((!FIELD_EX16(s->regs[R_PSPI_STAT], PSPI_STAT, BSY)) &&
154
+ FIELD_EX16(s->regs[R_PSPI_CTL1], PSPI_CTL1, EIW)) {
155
+ level = 1;
156
+ }
157
+
158
+ /* Update interrupt as RBF is set. */
159
+ if (FIELD_EX16(s->regs[R_PSPI_STAT], PSPI_STAT, RBF) &&
160
+ FIELD_EX16(s->regs[R_PSPI_CTL1], PSPI_CTL1, EIR)) {
161
+ level = 1;
162
+ }
163
+ }
164
+ qemu_set_irq(s->irq, level);
165
+}
166
+
167
+static uint16_t npcm_pspi_read_data(NPCMPSPIState *s)
168
+{
169
+ uint16_t value = s->regs[R_PSPI_DATA];
170
+
171
+ /* Clear stat bits as the value are read out. */
172
+ s->regs[R_PSPI_STAT] = 0;
173
+
174
+ return value;
175
+}
176
+
177
+static void npcm_pspi_write_data(NPCMPSPIState *s, uint16_t data)
178
+{
179
+ uint16_t value = 0;
180
+
181
+ if (FIELD_EX16(s->regs[R_PSPI_CTL1], PSPI_CTL1, MOD)) {
182
+ value = ssi_transfer(s->spi, extract16(data, 8, 8)) << 8;
183
+ }
184
+ value |= ssi_transfer(s->spi, extract16(data, 0, 8));
185
+ s->regs[R_PSPI_DATA] = value;
186
+
187
+ /* Mark data as available */
188
+ s->regs[R_PSPI_STAT] = R_PSPI_STAT_BSY_MASK | R_PSPI_STAT_RBF_MASK;
189
+}
190
+
191
+/* Control register read handler. */
192
+static uint64_t npcm_pspi_ctrl_read(void *opaque, hwaddr addr,
193
+ unsigned int size)
194
+{
195
+ NPCMPSPIState *s = opaque;
196
+ uint16_t value;
197
+
198
+ switch (addr) {
199
+ case A_PSPI_DATA:
200
+ value = npcm_pspi_read_data(s);
201
+ break;
202
+
203
+ case A_PSPI_CTL1:
204
+ value = s->regs[R_PSPI_CTL1];
205
+ break;
206
+
207
+ case A_PSPI_STAT:
208
+ value = s->regs[R_PSPI_STAT];
209
+ break;
210
+
211
+ default:
212
+ qemu_log_mask(LOG_GUEST_ERROR,
213
+ "%s: write to invalid offset 0x%" PRIx64 "\n",
214
+ DEVICE(s)->canonical_path, addr);
215
+ return 0;
216
+ }
217
+ trace_npcm_pspi_ctrl_read(DEVICE(s)->canonical_path, addr, value);
218
+ npcm_pspi_update_irq(s);
219
+
220
+ return value;
221
+}
222
+
223
+/* Control register write handler. */
224
+static void npcm_pspi_ctrl_write(void *opaque, hwaddr addr, uint64_t v,
225
+ unsigned int size)
226
+{
227
+ NPCMPSPIState *s = opaque;
228
+ uint16_t value = v;
229
+
230
+ trace_npcm_pspi_ctrl_write(DEVICE(s)->canonical_path, addr, value);
231
+
232
+ switch (addr) {
233
+ case A_PSPI_DATA:
234
+ npcm_pspi_write_data(s, value);
235
+ break;
236
+
237
+ case A_PSPI_CTL1:
238
+ s->regs[R_PSPI_CTL1] = value;
239
+ break;
240
+
241
+ case A_PSPI_STAT:
242
+ qemu_log_mask(LOG_GUEST_ERROR,
243
+ "%s: write to read-only register PSPI_STAT: 0x%08"
244
+ PRIx64 "\n", DEVICE(s)->canonical_path, v);
245
+ break;
246
+
247
+ default:
248
+ qemu_log_mask(LOG_GUEST_ERROR,
249
+ "%s: write to invalid offset 0x%" PRIx64 "\n",
250
+ DEVICE(s)->canonical_path, addr);
251
+ return;
252
+ }
253
+ npcm_pspi_update_irq(s);
254
+}
255
+
256
+static const MemoryRegionOps npcm_pspi_ctrl_ops = {
257
+ .read = npcm_pspi_ctrl_read,
258
+ .write = npcm_pspi_ctrl_write,
259
+ .endianness = DEVICE_LITTLE_ENDIAN,
260
+ .valid = {
261
+ .min_access_size = 1,
262
+ .max_access_size = 2,
263
+ .unaligned = false,
264
+ },
265
+ .impl = {
266
+ .min_access_size = 2,
267
+ .max_access_size = 2,
268
+ .unaligned = false,
269
+ },
270
+};
271
+
272
+static void npcm_pspi_enter_reset(Object *obj, ResetType type)
273
+{
274
+ NPCMPSPIState *s = NPCM_PSPI(obj);
275
+
276
+ trace_npcm_pspi_enter_reset(DEVICE(obj)->canonical_path, type);
277
+ memset(s->regs, 0, sizeof(s->regs));
278
+}
279
+
280
+static void npcm_pspi_realize(DeviceState *dev, Error **errp)
281
+{
282
+ NPCMPSPIState *s = NPCM_PSPI(dev);
283
+ SysBusDevice *sbd = SYS_BUS_DEVICE(dev);
284
+ Object *obj = OBJECT(dev);
285
+
286
+ s->spi = ssi_create_bus(dev, "pspi");
287
+ memory_region_init_io(&s->mmio, obj, &npcm_pspi_ctrl_ops, s,
288
+ "mmio", 4 * KiB);
289
+ sysbus_init_mmio(sbd, &s->mmio);
290
+ sysbus_init_irq(sbd, &s->irq);
291
+}
292
+
293
+static const VMStateDescription vmstate_npcm_pspi = {
294
+ .name = "npcm-pspi",
295
+ .version_id = 0,
296
+ .minimum_version_id = 0,
297
+ .fields = (VMStateField[]) {
298
+ VMSTATE_UINT16_ARRAY(regs, NPCMPSPIState, NPCM_PSPI_NR_REGS),
299
+ VMSTATE_END_OF_LIST(),
300
+ },
301
+};
302
+
303
+
304
+static void npcm_pspi_class_init(ObjectClass *klass, void *data)
305
+{
306
+ ResettableClass *rc = RESETTABLE_CLASS(klass);
307
+ DeviceClass *dc = DEVICE_CLASS(klass);
308
+
309
+ dc->desc = "NPCM Peripheral SPI Module";
310
+ dc->realize = npcm_pspi_realize;
311
+ dc->vmsd = &vmstate_npcm_pspi;
312
+ rc->phases.enter = npcm_pspi_enter_reset;
313
+}
314
+
315
+static const TypeInfo npcm_pspi_types[] = {
316
+ {
317
+ .name = TYPE_NPCM_PSPI,
318
+ .parent = TYPE_SYS_BUS_DEVICE,
319
+ .instance_size = sizeof(NPCMPSPIState),
320
+ .class_init = npcm_pspi_class_init,
321
+ },
322
+};
323
+DEFINE_TYPES(npcm_pspi_types);
324
diff --git a/hw/ssi/meson.build b/hw/ssi/meson.build
325
index XXXXXXX..XXXXXXX 100644
326
--- a/hw/ssi/meson.build
327
+++ b/hw/ssi/meson.build
328
@@ -XXX,XX +XXX,XX @@
329
softmmu_ss.add(when: 'CONFIG_ASPEED_SOC', if_true: files('aspeed_smc.c'))
330
softmmu_ss.add(when: 'CONFIG_MSF2', if_true: files('mss-spi.c'))
331
-softmmu_ss.add(when: 'CONFIG_NPCM7XX', if_true: files('npcm7xx_fiu.c'))
332
+softmmu_ss.add(when: 'CONFIG_NPCM7XX', if_true: files('npcm7xx_fiu.c', 'npcm_pspi.c'))
333
softmmu_ss.add(when: 'CONFIG_PL022', if_true: files('pl022.c'))
334
softmmu_ss.add(when: 'CONFIG_SIFIVE_SPI', if_true: files('sifive_spi.c'))
335
softmmu_ss.add(when: 'CONFIG_SSI', if_true: files('ssi.c'))
336
diff --git a/hw/ssi/trace-events b/hw/ssi/trace-events
337
index XXXXXXX..XXXXXXX 100644
338
--- a/hw/ssi/trace-events
339
+++ b/hw/ssi/trace-events
340
@@ -XXX,XX +XXX,XX @@ npcm7xx_fiu_ctrl_write(const char *id, uint64_t addr, uint32_t data) "%s offset:
341
npcm7xx_fiu_flash_read(const char *id, int cs, uint64_t addr, unsigned int size, uint64_t value) "%s[%d] offset: 0x%08" PRIx64 " size: %u value: 0x%" PRIx64
342
npcm7xx_fiu_flash_write(const char *id, unsigned cs, uint64_t addr, unsigned int size, uint64_t value) "%s[%d] offset: 0x%08" PRIx64 " size: %u value: 0x%" PRIx64
343
344
+# npcm_pspi.c
345
+npcm_pspi_enter_reset(const char *id, int reset_type) "%s reset type: %d"
346
+npcm_pspi_ctrl_read(const char *id, uint64_t addr, uint16_t data) "%s offset: 0x%03" PRIx64 " value: 0x%04" PRIx16
347
+npcm_pspi_ctrl_write(const char *id, uint64_t addr, uint16_t data) "%s offset: 0x%03" PRIx64 " value: 0x%04" PRIx16
348
+
349
# ibex_spi_host.c
350
351
ibex_spi_host_reset(const char *msg) "%s"
352
--
64
--
353
2.34.1
65
2.43.0
66
67
diff view generated by jsdifflib
1
From: Claudio Fontana <cfontana@suse.de>
1
When we are calculating timer deadlines, the correct definition of
2
whether or not to apply an offset to the physical count is described
3
in the Arm ARM DDI4087 rev L.a section D12.2.4.1. This is different
4
from when the offset should be applied for a direct read of the
5
counter sysreg.
2
6
3
for "all" builds (tcg + kvm), we want to avoid doing
7
We got this right for the EL1 physical timer and for the EL1 virtual
4
the psci check if tcg is built-in, but not enabled.
8
timer, but got all the rest wrong: they should be using a zero offset
9
always.
5
10
6
Signed-off-by: Claudio Fontana <cfontana@suse.de>
11
Factor the offset calculation out into a function that has a comment
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
12
documenting exactly which offset it is calculating and which gets the
8
Signed-off-by: Fabiano Rosas <farosas@suse.de>
13
HYP, SEC, and HYPVIRT cases right.
9
Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
14
15
Cc: qemu-stable@nongnu.org
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
16
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
17
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
18
Message-id: 20250204125009.2281315-2-peter.maydell@linaro.org
11
---
19
---
12
target/arm/helper.c | 3 ++-
20
target/arm/helper.c | 29 +++++++++++++++++++++++++++--
13
1 file changed, 2 insertions(+), 1 deletion(-)
21
1 file changed, 27 insertions(+), 2 deletions(-)
14
22
15
diff --git a/target/arm/helper.c b/target/arm/helper.c
23
diff --git a/target/arm/helper.c b/target/arm/helper.c
16
index XXXXXXX..XXXXXXX 100644
24
index XXXXXXX..XXXXXXX 100644
17
--- a/target/arm/helper.c
25
--- a/target/arm/helper.c
18
+++ b/target/arm/helper.c
26
+++ b/target/arm/helper.c
19
@@ -XXX,XX +XXX,XX @@
27
@@ -XXX,XX +XXX,XX @@ static uint64_t gt_phys_cnt_offset(CPUARMState *env)
20
#include "hw/irq.h"
28
return gt_phys_raw_cnt_offset(env);
21
#include "sysemu/cpu-timers.h"
29
}
22
#include "sysemu/kvm.h"
30
23
+#include "sysemu/tcg.h"
31
+static uint64_t gt_indirect_access_timer_offset(CPUARMState *env, int timeridx)
24
#include "qapi/qapi-commands-machine-target.h"
32
+{
25
#include "qapi/error.h"
33
+ /*
26
#include "qemu/guest-random.h"
34
+ * Return the timer offset to use for indirect accesses to the timer.
27
@@ -XXX,XX +XXX,XX @@ void arm_cpu_do_interrupt(CPUState *cs)
35
+ * This is the Offset value as defined in D12.2.4.1 "Operation of the
28
env->exception.syndrome);
36
+ * CompareValue views of the timers".
29
}
37
+ *
30
38
+ * The condition here is not always the same as the condition for
31
- if (arm_is_psci_call(cpu, cs->exception_index)) {
39
+ * whether to apply an offset register when doing a direct read of
32
+ if (tcg_enabled() && arm_is_psci_call(cpu, cs->exception_index)) {
40
+ * the counter sysreg; those conditions are described in the
33
arm_handle_psci_call(cpu);
41
+ * access pseudocode for each counter register.
34
qemu_log_mask(CPU_LOG_INT, "...handled as PSCI call\n");
42
+ */
35
return;
43
+ switch (timeridx) {
44
+ case GTIMER_PHYS:
45
+ return gt_phys_raw_cnt_offset(env);
46
+ case GTIMER_VIRT:
47
+ return env->cp15.cntvoff_el2;
48
+ case GTIMER_HYP:
49
+ case GTIMER_SEC:
50
+ case GTIMER_HYPVIRT:
51
+ return 0;
52
+ default:
53
+ g_assert_not_reached();
54
+ }
55
+}
56
+
57
static void gt_recalc_timer(ARMCPU *cpu, int timeridx)
58
{
59
ARMGenericTimer *gt = &cpu->env.cp15.c14_timer[timeridx];
60
@@ -XXX,XX +XXX,XX @@ static void gt_recalc_timer(ARMCPU *cpu, int timeridx)
61
* Timer enabled: calculate and set current ISTATUS, irq, and
62
* reset timer to when ISTATUS next has to change
63
*/
64
- uint64_t offset = timeridx == GTIMER_VIRT ?
65
- cpu->env.cp15.cntvoff_el2 : gt_phys_raw_cnt_offset(&cpu->env);
66
+ uint64_t offset = gt_indirect_access_timer_offset(&cpu->env, timeridx);
67
uint64_t count = gt_get_countervalue(&cpu->env);
68
/* Note that this must be unsigned 64 bit arithmetic: */
69
int istatus = count - offset >= gt->cval;
36
--
70
--
37
2.34.1
71
2.43.0
38
72
39
73
diff view generated by jsdifflib
1
From: Claudio Fontana <cfontana@suse.de>
1
The CNTVOFF_EL2 offset register should only be applied for accessses
2
to CNTVCT_EL0 and for the EL1 virtual timer (CNTV_*). We were
3
incorrectly applying it for the EL2 virtual timer (CNTHV_*).
2
4
3
Signed-off-by: Claudio Fontana <cfontana@suse.de>
5
Cc: qemu-stable@nongnu.org
4
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
5
Signed-off-by: Fabiano Rosas <farosas@suse.de>
6
Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
8
Message-id: 20250204125009.2281315-3-peter.maydell@linaro.org
8
---
9
---
9
target/arm/helper.c | 12 +++++++-----
10
target/arm/helper.c | 2 --
10
1 file changed, 7 insertions(+), 5 deletions(-)
11
1 file changed, 2 deletions(-)
11
12
12
diff --git a/target/arm/helper.c b/target/arm/helper.c
13
diff --git a/target/arm/helper.c b/target/arm/helper.c
13
index XXXXXXX..XXXXXXX 100644
14
index XXXXXXX..XXXXXXX 100644
14
--- a/target/arm/helper.c
15
--- a/target/arm/helper.c
15
+++ b/target/arm/helper.c
16
+++ b/target/arm/helper.c
16
@@ -XXX,XX +XXX,XX @@ static void arm_cpu_do_interrupt_aarch64(CPUState *cs)
17
@@ -XXX,XX +XXX,XX @@ static uint64_t gt_tval_read(CPUARMState *env, const ARMCPRegInfo *ri,
17
unsigned int cur_el = arm_current_el(env);
18
18
int rt;
19
switch (timeridx) {
19
20
case GTIMER_VIRT:
20
- /*
21
- case GTIMER_HYPVIRT:
21
- * Note that new_el can never be 0. If cur_el is 0, then
22
offset = gt_virt_cnt_offset(env);
22
- * el0_a64 is is_a64(), else el0_a64 is ignored.
23
break;
23
- */
24
case GTIMER_PHYS:
24
- aarch64_sve_change_el(env, cur_el, new_el, is_a64(env));
25
@@ -XXX,XX +XXX,XX @@ static void gt_tval_write(CPUARMState *env, const ARMCPRegInfo *ri,
25
+ if (tcg_enabled()) {
26
26
+ /*
27
switch (timeridx) {
27
+ * Note that new_el can never be 0. If cur_el is 0, then
28
case GTIMER_VIRT:
28
+ * el0_a64 is is_a64(), else el0_a64 is ignored.
29
- case GTIMER_HYPVIRT:
29
+ */
30
offset = gt_virt_cnt_offset(env);
30
+ aarch64_sve_change_el(env, cur_el, new_el, is_a64(env));
31
break;
31
+ }
32
case GTIMER_PHYS:
32
33
if (cur_el < new_el) {
34
/*
35
--
33
--
36
2.34.1
34
2.43.0
37
35
38
36
diff view generated by jsdifflib
1
From: Claudio Fontana <cfontana@suse.de>
1
When we added Secure EL2 support, we missed that this needs an update
2
to the access code for the EL3 physical timer registers. These are
3
supposed to UNDEF from Secure EL1 when Secure EL2 is enabled.
2
4
3
make it clearer from the name that this is a tcg-only function.
5
(Note for stable backporting: for backports to branches where
6
CP_ACCESS_UNDEFINED is not defined, the old name to use instead
7
is CP_ACCESS_TRAP_UNCATEGORIZED.)
4
8
5
Signed-off-by: Claudio Fontana <cfontana@suse.de>
9
Cc: qemu-stable@nongnu.org
6
Signed-off-by: Fabiano Rosas <farosas@suse.de>
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
9
Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
12
Message-id: 20250204125009.2281315-4-peter.maydell@linaro.org
11
---
13
---
12
target/arm/helper.c | 4 ++--
14
target/arm/helper.c | 3 +++
13
1 file changed, 2 insertions(+), 2 deletions(-)
15
1 file changed, 3 insertions(+)
14
16
15
diff --git a/target/arm/helper.c b/target/arm/helper.c
17
diff --git a/target/arm/helper.c b/target/arm/helper.c
16
index XXXXXXX..XXXXXXX 100644
18
index XXXXXXX..XXXXXXX 100644
17
--- a/target/arm/helper.c
19
--- a/target/arm/helper.c
18
+++ b/target/arm/helper.c
20
+++ b/target/arm/helper.c
19
@@ -XXX,XX +XXX,XX @@ static void arm_cpu_do_interrupt_aarch64(CPUState *cs)
21
@@ -XXX,XX +XXX,XX @@ static CPAccessResult gt_stimer_access(CPUARMState *env,
20
* trapped to the hypervisor in KVM.
22
if (!arm_is_secure(env)) {
21
*/
23
return CP_ACCESS_UNDEFINED;
22
#ifdef CONFIG_TCG
24
}
23
-static void handle_semihosting(CPUState *cs)
25
+ if (arm_is_el2_enabled(env)) {
24
+static void tcg_handle_semihosting(CPUState *cs)
26
+ return CP_ACCESS_UNDEFINED;
25
{
27
+ }
26
ARMCPU *cpu = ARM_CPU(cs);
28
if (!(env->cp15.scr_el3 & SCR_ST)) {
27
CPUARMState *env = &cpu->env;
29
return CP_ACCESS_TRAP_EL3;
28
@@ -XXX,XX +XXX,XX @@ void arm_cpu_do_interrupt(CPUState *cs)
30
}
29
*/
30
#ifdef CONFIG_TCG
31
if (cs->exception_index == EXCP_SEMIHOST) {
32
- handle_semihosting(cs);
33
+ tcg_handle_semihosting(cs);
34
return;
35
}
36
#endif
37
--
31
--
38
2.34.1
32
2.43.0
39
33
40
34
diff view generated by jsdifflib
1
From: Philippe Mathieu-Daudé <philmd@linaro.org>
1
Currently we handle CNTV_TVAL_EL02 by calling gt_tval_read() for the
2
EL1 virt timer. This is almost correct, but the underlying
3
CNTV_TVAL_EL0 register behaves slightly differently. CNTV_TVAL_EL02
4
always applies the CNTVOFF_EL2 offset; CNTV_TVAL_EL0 doesn't do so if
5
we're at EL2 and HCR_EL2.E2H is 1.
2
6
3
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
7
We were getting this wrong, because we ended up in
4
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
8
gt_virt_cnt_offset() and did the E2H check.
5
Message-id: 20230206223502.25122-5-philmd@linaro.org
9
10
Factor out the tval read/write calculation from the selection of the
11
offset, so that we can special case gt_virt_tval_read() and
12
gt_virt_tval_write() to unconditionally pass CNTVOFF_EL2.
13
14
Cc: qemu-stable@nongnu.org
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
16
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
17
Message-id: 20250204125009.2281315-5-peter.maydell@linaro.org
7
---
18
---
8
target/arm/helper.c | 12 ++++++++++--
19
target/arm/helper.c | 36 +++++++++++++++++++++++++++---------
9
1 file changed, 10 insertions(+), 2 deletions(-)
20
1 file changed, 27 insertions(+), 9 deletions(-)
10
21
11
diff --git a/target/arm/helper.c b/target/arm/helper.c
22
diff --git a/target/arm/helper.c b/target/arm/helper.c
12
index XXXXXXX..XXXXXXX 100644
23
index XXXXXXX..XXXXXXX 100644
13
--- a/target/arm/helper.c
24
--- a/target/arm/helper.c
14
+++ b/target/arm/helper.c
25
+++ b/target/arm/helper.c
15
@@ -XXX,XX +XXX,XX @@ static void define_pmu_regs(ARMCPU *cpu)
26
@@ -XXX,XX +XXX,XX @@ static void gt_cval_write(CPUARMState *env, const ARMCPRegInfo *ri,
27
gt_recalc_timer(env_archcpu(env), timeridx);
28
}
29
30
+static uint64_t do_tval_read(CPUARMState *env, int timeridx, uint64_t offset)
31
+{
32
+ return (uint32_t)(env->cp15.c14_timer[timeridx].cval -
33
+ (gt_get_countervalue(env) - offset));
34
+}
35
+
36
static uint64_t gt_tval_read(CPUARMState *env, const ARMCPRegInfo *ri,
37
int timeridx)
38
{
39
@@ -XXX,XX +XXX,XX @@ static uint64_t gt_tval_read(CPUARMState *env, const ARMCPRegInfo *ri,
40
break;
16
}
41
}
42
43
- return (uint32_t)(env->cp15.c14_timer[timeridx].cval -
44
- (gt_get_countervalue(env) - offset));
45
+ return do_tval_read(env, timeridx, offset);
46
+}
47
+
48
+static void do_tval_write(CPUARMState *env, int timeridx, uint64_t value,
49
+ uint64_t offset)
50
+{
51
+ trace_arm_gt_tval_write(timeridx, value);
52
+ env->cp15.c14_timer[timeridx].cval = gt_get_countervalue(env) - offset +
53
+ sextract64(value, 0, 32);
54
+ gt_recalc_timer(env_archcpu(env), timeridx);
17
}
55
}
18
56
19
+#ifndef CONFIG_USER_ONLY
57
static void gt_tval_write(CPUARMState *env, const ARMCPRegInfo *ri,
20
/*
58
@@ -XXX,XX +XXX,XX @@ static void gt_tval_write(CPUARMState *env, const ARMCPRegInfo *ri,
21
* We don't know until after realize whether there's a GICv3
59
offset = gt_phys_cnt_offset(env);
22
* attached, and that is what registers the gicv3 sysregs.
60
break;
23
@@ -XXX,XX +XXX,XX @@ static uint64_t id_pfr1_read(CPUARMState *env, const ARMCPRegInfo *ri)
61
}
24
return pfr1;
62
-
63
- trace_arm_gt_tval_write(timeridx, value);
64
- env->cp15.c14_timer[timeridx].cval = gt_get_countervalue(env) - offset +
65
- sextract64(value, 0, 32);
66
- gt_recalc_timer(env_archcpu(env), timeridx);
67
+ do_tval_write(env, timeridx, value, offset);
25
}
68
}
26
69
27
-#ifndef CONFIG_USER_ONLY
70
static void gt_ctl_write(CPUARMState *env, const ARMCPRegInfo *ri,
28
static uint64_t id_aa64pfr0_read(CPUARMState *env, const ARMCPRegInfo *ri)
71
@@ -XXX,XX +XXX,XX @@ static void gt_virt_cval_write(CPUARMState *env, const ARMCPRegInfo *ri,
72
73
static uint64_t gt_virt_tval_read(CPUARMState *env, const ARMCPRegInfo *ri)
29
{
74
{
30
ARMCPU *cpu = env_archcpu(env);
75
- return gt_tval_read(env, ri, GTIMER_VIRT);
31
@@ -XXX,XX +XXX,XX @@ void register_cp_regs_for_features(ARMCPU *cpu)
76
+ /*
32
.opc0 = 3, .opc1 = 0, .crn = 0, .crm = 1, .opc2 = 1,
77
+ * This is CNTV_TVAL_EL02; unlike the underlying CNTV_TVAL_EL0
33
.access = PL1_R, .type = ARM_CP_NO_RAW,
78
+ * we always apply CNTVOFF_EL2. Special case that here rather
34
.accessfn = access_aa32_tid3,
79
+ * than going into the generic gt_tval_read() and then having
35
+#ifdef CONFIG_USER_ONLY
80
+ * to re-detect that it's this register.
36
+ .type = ARM_CP_CONST,
81
+ * Note that the accessfn/perms mean we know we're at EL2 or EL3 here.
37
+ .resetvalue = cpu->isar.id_pfr1,
82
+ */
38
+#else
83
+ return do_tval_read(env, GTIMER_VIRT, env->cp15.cntvoff_el2);
39
+ .type = ARM_CP_NO_RAW,
84
}
40
+ .accessfn = access_aa32_tid3,
85
41
.readfn = id_pfr1_read,
86
static void gt_virt_tval_write(CPUARMState *env, const ARMCPRegInfo *ri,
42
- .writefn = arm_cp_write_ignore },
87
uint64_t value)
43
+ .writefn = arm_cp_write_ignore
88
{
44
+#endif
89
- gt_tval_write(env, ri, GTIMER_VIRT, value);
45
+ },
90
+ /* Similarly for writes to CNTV_TVAL_EL02 */
46
{ .name = "ID_DFR0", .state = ARM_CP_STATE_BOTH,
91
+ do_tval_write(env, GTIMER_VIRT, value, env->cp15.cntvoff_el2);
47
.opc0 = 3, .opc1 = 0, .crn = 0, .crm = 1, .opc2 = 2,
92
}
48
.access = PL1_R, .type = ARM_CP_CONST,
93
94
static void gt_virt_ctl_write(CPUARMState *env, const ARMCPRegInfo *ri,
49
--
95
--
50
2.34.1
96
2.43.0
51
97
52
98
diff view generated by jsdifflib
1
From: Philippe Mathieu-Daudé <philmd@linaro.org>
1
When reading or writing the timer registers, sometimes we need to
2
2
apply one of the timer offsets. Specifically, this happens for
3
arm_v7m_mmu_idx_all() and arm_v7m_mmu_idx_for_secstate_and_priv()
3
direct reads of the counter registers CNTPCT_EL0 and CNTVCT_EL0 (and
4
are only used for system emulation in m_helper.c.
4
their self-synchronized variants CNTVCTSS_EL0 and CNTPCTSS_EL0). It
5
Move the definitions to avoid prototype forward declarations.
5
also applies for direct reads and writes of the CNT*_TVAL_EL*
6
6
registers that provide the 32-bit downcounting view of each timer.
7
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
7
8
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
We currently do this with duplicated code in gt_tval_read() and
9
Message-id: 20230206223502.25122-4-philmd@linaro.org
9
gt_tval_write() and a special-case in gt_virt_cnt_read() and
10
gt_cnt_read(). Refactor this so that we handle it all in a single
11
function gt_direct_access_timer_offset(), to parallel how we handle
12
the offset for indirect accesses.
13
14
The call in the WFIT helper previously to gt_virt_cnt_offset() is
15
now to gt_direct_access_timer_offset(); this is the correct
16
behaviour, but it's not immediately obvious that it shouldn't be
17
considered an indirect access, so we add an explanatory comment.
18
19
This commit should make no behavioural changes.
20
21
(Cc to stable because the following bugfix commit will
22
depend on this one.)
23
24
Cc: qemu-stable@nongnu.org
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
25
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
26
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
27
Message-id: 20250204125009.2281315-6-peter.maydell@linaro.org
11
---
28
---
12
target/arm/internals.h | 14 --------
29
target/arm/internals.h | 5 +-
13
target/arm/m_helper.c | 74 +++++++++++++++++++++---------------------
30
target/arm/helper.c | 103 +++++++++++++++++++------------------
14
2 files changed, 37 insertions(+), 51 deletions(-)
31
target/arm/tcg/op_helper.c | 8 ++-
32
3 files changed, 62 insertions(+), 54 deletions(-)
15
33
16
diff --git a/target/arm/internals.h b/target/arm/internals.h
34
diff --git a/target/arm/internals.h b/target/arm/internals.h
17
index XXXXXXX..XXXXXXX 100644
35
index XXXXXXX..XXXXXXX 100644
18
--- a/target/arm/internals.h
36
--- a/target/arm/internals.h
19
+++ b/target/arm/internals.h
37
+++ b/target/arm/internals.h
20
@@ -XXX,XX +XXX,XX @@ static inline ARMMMUIdx core_to_aa64_mmu_idx(int mmu_idx)
38
@@ -XXX,XX +XXX,XX @@ int delete_hw_watchpoint(target_ulong addr, target_ulong len, int type);
21
39
uint64_t gt_get_countervalue(CPUARMState *env);
22
int arm_mmu_idx_to_el(ARMMMUIdx mmu_idx);
40
/*
23
41
* Return the currently applicable offset between the system counter
24
-/*
42
- * and CNTVCT_EL0 (this will be either 0 or the value of CNTVOFF_EL2).
25
- * Return the MMU index for a v7M CPU with all relevant information
43
+ * and the counter for the specified timer, as used for direct register
26
- * manually specified.
44
+ * accesses.
27
- */
45
*/
28
-ARMMMUIdx arm_v7m_mmu_idx_all(CPUARMState *env,
46
-uint64_t gt_virt_cnt_offset(CPUARMState *env);
29
- bool secstate, bool priv, bool negpri);
47
+uint64_t gt_direct_access_timer_offset(CPUARMState *env, int timeridx);
30
-
48
31
-/*
49
/*
32
- * Return the MMU index for a v7M CPU in the specified security and
50
* Return mask of ARMMMUIdxBit values corresponding to an "invalidate
33
- * privilege state.
51
diff --git a/target/arm/helper.c b/target/arm/helper.c
34
- */
35
-ARMMMUIdx arm_v7m_mmu_idx_for_secstate_and_priv(CPUARMState *env,
36
- bool secstate, bool priv);
37
-
38
/* Return the MMU index for a v7M CPU in the specified security state */
39
ARMMMUIdx arm_v7m_mmu_idx_for_secstate(CPUARMState *env, bool secstate);
40
41
diff --git a/target/arm/m_helper.c b/target/arm/m_helper.c
42
index XXXXXXX..XXXXXXX 100644
52
index XXXXXXX..XXXXXXX 100644
43
--- a/target/arm/m_helper.c
53
--- a/target/arm/helper.c
44
+++ b/target/arm/m_helper.c
54
+++ b/target/arm/helper.c
45
@@ -XXX,XX +XXX,XX @@ ARMMMUIdx arm_v7m_mmu_idx_for_secstate(CPUARMState *env, bool secstate)
55
@@ -XXX,XX +XXX,XX @@ static uint64_t gt_phys_raw_cnt_offset(CPUARMState *env)
46
56
return 0;
47
#else /* !CONFIG_USER_ONLY */
57
}
48
58
49
+static ARMMMUIdx arm_v7m_mmu_idx_all(CPUARMState *env,
59
-static uint64_t gt_phys_cnt_offset(CPUARMState *env)
50
+ bool secstate, bool priv, bool negpri)
60
-{
61
- if (arm_current_el(env) >= 2) {
62
- return 0;
63
- }
64
- return gt_phys_raw_cnt_offset(env);
65
-}
66
-
67
static uint64_t gt_indirect_access_timer_offset(CPUARMState *env, int timeridx)
68
{
69
/*
70
@@ -XXX,XX +XXX,XX @@ static uint64_t gt_indirect_access_timer_offset(CPUARMState *env, int timeridx)
71
}
72
}
73
74
+uint64_t gt_direct_access_timer_offset(CPUARMState *env, int timeridx)
51
+{
75
+{
52
+ ARMMMUIdx mmu_idx = ARM_MMU_IDX_M;
76
+ /*
77
+ * Return the timer offset to use for direct accesses to the
78
+ * counter registers CNTPCT and CNTVCT, and for direct accesses
79
+ * to the CNT*_TVAL registers.
80
+ *
81
+ * This isn't exactly the same as the indirect-access offset,
82
+ * because here we also care about what EL the register access
83
+ * is being made from.
84
+ *
85
+ * This corresponds to the access pseudocode for the registers.
86
+ */
87
+ uint64_t hcr;
53
+
88
+
54
+ if (priv) {
89
+ switch (timeridx) {
55
+ mmu_idx |= ARM_MMU_IDX_M_PRIV;
90
+ case GTIMER_PHYS:
91
+ if (arm_current_el(env) >= 2) {
92
+ return 0;
93
+ }
94
+ return gt_phys_raw_cnt_offset(env);
95
+ case GTIMER_VIRT:
96
+ switch (arm_current_el(env)) {
97
+ case 2:
98
+ hcr = arm_hcr_el2_eff(env);
99
+ if (hcr & HCR_E2H) {
100
+ return 0;
101
+ }
102
+ break;
103
+ case 0:
104
+ hcr = arm_hcr_el2_eff(env);
105
+ if ((hcr & (HCR_E2H | HCR_TGE)) == (HCR_E2H | HCR_TGE)) {
106
+ return 0;
107
+ }
108
+ break;
109
+ }
110
+ return env->cp15.cntvoff_el2;
111
+ case GTIMER_HYP:
112
+ case GTIMER_SEC:
113
+ case GTIMER_HYPVIRT:
114
+ return 0;
115
+ default:
116
+ g_assert_not_reached();
56
+ }
117
+ }
57
+
58
+ if (negpri) {
59
+ mmu_idx |= ARM_MMU_IDX_M_NEGPRI;
60
+ }
61
+
62
+ if (secstate) {
63
+ mmu_idx |= ARM_MMU_IDX_M_S;
64
+ }
65
+
66
+ return mmu_idx;
67
+}
118
+}
68
+
119
+
69
+static ARMMMUIdx arm_v7m_mmu_idx_for_secstate_and_priv(CPUARMState *env,
120
static void gt_recalc_timer(ARMCPU *cpu, int timeridx)
70
+ bool secstate, bool priv)
121
{
71
+{
122
ARMGenericTimer *gt = &cpu->env.cp15.c14_timer[timeridx];
72
+ bool negpri = armv7m_nvic_neg_prio_requested(env->nvic, secstate);
123
@@ -XXX,XX +XXX,XX @@ static void gt_timer_reset(CPUARMState *env, const ARMCPRegInfo *ri,
73
+
124
74
+ return arm_v7m_mmu_idx_all(env, secstate, priv, negpri);
125
static uint64_t gt_cnt_read(CPUARMState *env, const ARMCPRegInfo *ri)
75
+}
126
{
76
+
127
- return gt_get_countervalue(env) - gt_phys_cnt_offset(env);
77
+/* Return the MMU index for a v7M CPU in the specified security state */
128
-}
78
+ARMMMUIdx arm_v7m_mmu_idx_for_secstate(CPUARMState *env, bool secstate)
129
-
79
+{
130
-uint64_t gt_virt_cnt_offset(CPUARMState *env)
80
+ bool priv = arm_v7m_is_handler_mode(env) ||
81
+ !(env->v7m.control[secstate] & 1);
82
+
83
+ return arm_v7m_mmu_idx_for_secstate_and_priv(env, secstate, priv);
84
+}
85
+
86
/*
87
* What kind of stack write are we doing? This affects how exceptions
88
* generated during the stacking are treated.
89
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(v7m_tt)(CPUARMState *env, uint32_t addr, uint32_t op)
90
return tt_resp;
91
}
92
93
-ARMMMUIdx arm_v7m_mmu_idx_all(CPUARMState *env,
94
- bool secstate, bool priv, bool negpri)
95
-{
131
-{
96
- ARMMMUIdx mmu_idx = ARM_MMU_IDX_M;
132
- uint64_t hcr;
97
-
133
-
98
- if (priv) {
134
- switch (arm_current_el(env)) {
99
- mmu_idx |= ARM_MMU_IDX_M_PRIV;
135
- case 2:
100
- }
136
- hcr = arm_hcr_el2_eff(env);
101
-
137
- if (hcr & HCR_E2H) {
102
- if (negpri) {
138
- return 0;
103
- mmu_idx |= ARM_MMU_IDX_M_NEGPRI;
139
- }
104
- }
140
- break;
105
-
141
- case 0:
106
- if (secstate) {
142
- hcr = arm_hcr_el2_eff(env);
107
- mmu_idx |= ARM_MMU_IDX_M_S;
143
- if ((hcr & (HCR_E2H | HCR_TGE)) == (HCR_E2H | HCR_TGE)) {
108
- }
144
- return 0;
109
-
145
- }
110
- return mmu_idx;
146
- break;
111
-}
147
- }
112
-
148
-
113
-ARMMMUIdx arm_v7m_mmu_idx_for_secstate_and_priv(CPUARMState *env,
149
- return env->cp15.cntvoff_el2;
114
- bool secstate, bool priv)
150
+ uint64_t offset = gt_direct_access_timer_offset(env, GTIMER_PHYS);
115
-{
151
+ return gt_get_countervalue(env) - offset;
116
- bool negpri = armv7m_nvic_neg_prio_requested(env->nvic, secstate);
152
}
117
-
153
118
- return arm_v7m_mmu_idx_all(env, secstate, priv, negpri);
154
static uint64_t gt_virt_cnt_read(CPUARMState *env, const ARMCPRegInfo *ri)
119
-}
155
{
120
-
156
- return gt_get_countervalue(env) - gt_virt_cnt_offset(env);
121
-/* Return the MMU index for a v7M CPU in the specified security state */
157
+ uint64_t offset = gt_direct_access_timer_offset(env, GTIMER_VIRT);
122
-ARMMMUIdx arm_v7m_mmu_idx_for_secstate(CPUARMState *env, bool secstate)
158
+ return gt_get_countervalue(env) - offset;
123
-{
159
}
124
- bool priv = arm_v7m_is_handler_mode(env) ||
160
125
- !(env->v7m.control[secstate] & 1);
161
static void gt_cval_write(CPUARMState *env, const ARMCPRegInfo *ri,
126
-
162
@@ -XXX,XX +XXX,XX @@ static uint64_t do_tval_read(CPUARMState *env, int timeridx, uint64_t offset)
127
- return arm_v7m_mmu_idx_for_secstate_and_priv(env, secstate, priv);
163
static uint64_t gt_tval_read(CPUARMState *env, const ARMCPRegInfo *ri,
128
-}
164
int timeridx)
129
-
165
{
130
#endif /* !CONFIG_USER_ONLY */
166
- uint64_t offset = 0;
167
-
168
- switch (timeridx) {
169
- case GTIMER_VIRT:
170
- offset = gt_virt_cnt_offset(env);
171
- break;
172
- case GTIMER_PHYS:
173
- offset = gt_phys_cnt_offset(env);
174
- break;
175
- }
176
+ uint64_t offset = gt_direct_access_timer_offset(env, timeridx);
177
178
return do_tval_read(env, timeridx, offset);
179
}
180
@@ -XXX,XX +XXX,XX @@ static void gt_tval_write(CPUARMState *env, const ARMCPRegInfo *ri,
181
int timeridx,
182
uint64_t value)
183
{
184
- uint64_t offset = 0;
185
+ uint64_t offset = gt_direct_access_timer_offset(env, timeridx);
186
187
- switch (timeridx) {
188
- case GTIMER_VIRT:
189
- offset = gt_virt_cnt_offset(env);
190
- break;
191
- case GTIMER_PHYS:
192
- offset = gt_phys_cnt_offset(env);
193
- break;
194
- }
195
do_tval_write(env, timeridx, value, offset);
196
}
197
198
diff --git a/target/arm/tcg/op_helper.c b/target/arm/tcg/op_helper.c
199
index XXXXXXX..XXXXXXX 100644
200
--- a/target/arm/tcg/op_helper.c
201
+++ b/target/arm/tcg/op_helper.c
202
@@ -XXX,XX +XXX,XX @@ void HELPER(wfit)(CPUARMState *env, uint64_t timeout)
203
int target_el = check_wfx_trap(env, false, &excp);
204
/* The WFIT should time out when CNTVCT_EL0 >= the specified value. */
205
uint64_t cntval = gt_get_countervalue(env);
206
- uint64_t offset = gt_virt_cnt_offset(env);
207
+ /*
208
+ * We want the value that we would get if we read CNTVCT_EL0 from
209
+ * the current exception level, so the direct_access offset, not
210
+ * the indirect_access one. Compare the pseudocode LocalTimeoutEvent(),
211
+ * which calls VirtualCounterTimer().
212
+ */
213
+ uint64_t offset = gt_direct_access_timer_offset(env, GTIMER_VIRT);
214
uint64_t cntvct = cntval - offset;
215
uint64_t nexttick;
216
131
--
217
--
132
2.34.1
218
2.43.0
133
219
134
220
diff view generated by jsdifflib
1
From: Philippe Mathieu-Daudé <philmd@linaro.org>
1
From: Alex Bennée <alex.bennee@linaro.org>
2
2
3
While dozens of files include "cpu.h", only 3 files require
3
When FEAT_SEL2 was implemented the SEL2 timers were missed. This
4
these NVIC helper declarations.
4
shows up when building the latest Hafnium with SPMC_AT_EL=2. The
5
5
actual implementation utilises the same logic as the rest of the
6
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
6
timers so all we need to do is:
7
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
7
8
Message-id: 20230206223502.25122-12-philmd@linaro.org
8
- define the timers and their access functions
9
- conditionally add the correct system registers
10
- create a new accessfn as the rules are subtly different to the
11
existing secure timer
12
13
Fixes: e9152ee91c (target/arm: add ARMv8.4-SEL2 system registers)
14
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
15
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
16
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
17
Message-id: 20250204125009.2281315-7-peter.maydell@linaro.org
18
Cc: qemu-stable@nongnu.org
19
Cc: Andrei Homescu <ahomescu@google.com>
20
Cc: Arve Hjønnevåg <arve@google.com>
21
Cc: Rémi Denis-Courmont <remi.denis.courmont@huawei.com>
22
[PMM: CP_ACCESS_TRAP_UNCATEGORIZED -> CP_ACCESS_UNDEFINED;
23
offset logic now in gt_{indirect,direct}_access_timer_offset() ]
24
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
25
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
26
---
11
include/hw/intc/armv7m_nvic.h | 123 ++++++++++++++++++++++++++++++++++
27
include/hw/arm/bsa.h | 2 +
12
target/arm/cpu.h | 123 ----------------------------------
28
target/arm/cpu.h | 2 +
13
target/arm/cpu.c | 4 +-
29
target/arm/gtimer.h | 4 +-
14
target/arm/cpu_tcg.c | 3 +
30
target/arm/cpu.c | 4 ++
15
target/arm/m_helper.c | 3 +
31
target/arm/helper.c | 163 +++++++++++++++++++++++++++++++++++++++++++
16
5 files changed, 132 insertions(+), 124 deletions(-)
32
5 files changed, 174 insertions(+), 1 deletion(-)
17
33
18
diff --git a/include/hw/intc/armv7m_nvic.h b/include/hw/intc/armv7m_nvic.h
34
diff --git a/include/hw/arm/bsa.h b/include/hw/arm/bsa.h
19
index XXXXXXX..XXXXXXX 100644
35
index XXXXXXX..XXXXXXX 100644
20
--- a/include/hw/intc/armv7m_nvic.h
36
--- a/include/hw/arm/bsa.h
21
+++ b/include/hw/intc/armv7m_nvic.h
37
+++ b/include/hw/arm/bsa.h
22
@@ -XXX,XX +XXX,XX @@ struct NVICState {
38
@@ -XXX,XX +XXX,XX @@
23
qemu_irq sysresetreq;
39
#define QEMU_ARM_BSA_H
24
};
40
25
41
/* These are architectural INTID values */
26
+/* Interface between CPU and Interrupt controller. */
42
+#define ARCH_TIMER_S_EL2_VIRT_IRQ 19
27
+/**
43
+#define ARCH_TIMER_S_EL2_IRQ 20
28
+ * armv7m_nvic_set_pending: mark the specified exception as pending
44
#define VIRTUAL_PMU_IRQ 23
29
+ * @s: the NVIC
45
#define ARCH_GIC_MAINT_IRQ 25
30
+ * @irq: the exception number to mark pending
46
#define ARCH_TIMER_NS_EL2_IRQ 26
31
+ * @secure: false for non-banked exceptions or for the nonsecure
32
+ * version of a banked exception, true for the secure version of a banked
33
+ * exception.
34
+ *
35
+ * Marks the specified exception as pending. Note that we will assert()
36
+ * if @secure is true and @irq does not specify one of the fixed set
37
+ * of architecturally banked exceptions.
38
+ */
39
+void armv7m_nvic_set_pending(NVICState *s, int irq, bool secure);
40
+/**
41
+ * armv7m_nvic_set_pending_derived: mark this derived exception as pending
42
+ * @s: the NVIC
43
+ * @irq: the exception number to mark pending
44
+ * @secure: false for non-banked exceptions or for the nonsecure
45
+ * version of a banked exception, true for the secure version of a banked
46
+ * exception.
47
+ *
48
+ * Similar to armv7m_nvic_set_pending(), but specifically for derived
49
+ * exceptions (exceptions generated in the course of trying to take
50
+ * a different exception).
51
+ */
52
+void armv7m_nvic_set_pending_derived(NVICState *s, int irq, bool secure);
53
+/**
54
+ * armv7m_nvic_set_pending_lazyfp: mark this lazy FP exception as pending
55
+ * @s: the NVIC
56
+ * @irq: the exception number to mark pending
57
+ * @secure: false for non-banked exceptions or for the nonsecure
58
+ * version of a banked exception, true for the secure version of a banked
59
+ * exception.
60
+ *
61
+ * Similar to armv7m_nvic_set_pending(), but specifically for exceptions
62
+ * generated in the course of lazy stacking of FP registers.
63
+ */
64
+void armv7m_nvic_set_pending_lazyfp(NVICState *s, int irq, bool secure);
65
+/**
66
+ * armv7m_nvic_get_pending_irq_info: return highest priority pending
67
+ * exception, and whether it targets Secure state
68
+ * @s: the NVIC
69
+ * @pirq: set to pending exception number
70
+ * @ptargets_secure: set to whether pending exception targets Secure
71
+ *
72
+ * This function writes the number of the highest priority pending
73
+ * exception (the one which would be made active by
74
+ * armv7m_nvic_acknowledge_irq()) to @pirq, and sets @ptargets_secure
75
+ * to true if the current highest priority pending exception should
76
+ * be taken to Secure state, false for NS.
77
+ */
78
+void armv7m_nvic_get_pending_irq_info(NVICState *s, int *pirq,
79
+ bool *ptargets_secure);
80
+/**
81
+ * armv7m_nvic_acknowledge_irq: make highest priority pending exception active
82
+ * @s: the NVIC
83
+ *
84
+ * Move the current highest priority pending exception from the pending
85
+ * state to the active state, and update v7m.exception to indicate that
86
+ * it is the exception currently being handled.
87
+ */
88
+void armv7m_nvic_acknowledge_irq(NVICState *s);
89
+/**
90
+ * armv7m_nvic_complete_irq: complete specified interrupt or exception
91
+ * @s: the NVIC
92
+ * @irq: the exception number to complete
93
+ * @secure: true if this exception was secure
94
+ *
95
+ * Returns: -1 if the irq was not active
96
+ * 1 if completing this irq brought us back to base (no active irqs)
97
+ * 0 if there is still an irq active after this one was completed
98
+ * (Ignoring -1, this is the same as the RETTOBASE value before completion.)
99
+ */
100
+int armv7m_nvic_complete_irq(NVICState *s, int irq, bool secure);
101
+/**
102
+ * armv7m_nvic_get_ready_status(void *opaque, int irq, bool secure)
103
+ * @s: the NVIC
104
+ * @irq: the exception number to mark pending
105
+ * @secure: false for non-banked exceptions or for the nonsecure
106
+ * version of a banked exception, true for the secure version of a banked
107
+ * exception.
108
+ *
109
+ * Return whether an exception is "ready", i.e. whether the exception is
110
+ * enabled and is configured at a priority which would allow it to
111
+ * interrupt the current execution priority. This controls whether the
112
+ * RDY bit for it in the FPCCR is set.
113
+ */
114
+bool armv7m_nvic_get_ready_status(NVICState *s, int irq, bool secure);
115
+/**
116
+ * armv7m_nvic_raw_execution_priority: return the raw execution priority
117
+ * @s: the NVIC
118
+ *
119
+ * Returns: the raw execution priority as defined by the v8M architecture.
120
+ * This is the execution priority minus the effects of AIRCR.PRIS,
121
+ * and minus any PRIMASK/FAULTMASK/BASEPRI priority boosting.
122
+ * (v8M ARM ARM I_PKLD.)
123
+ */
124
+int armv7m_nvic_raw_execution_priority(NVICState *s);
125
+/**
126
+ * armv7m_nvic_neg_prio_requested: return true if the requested execution
127
+ * priority is negative for the specified security state.
128
+ * @s: the NVIC
129
+ * @secure: the security state to test
130
+ * This corresponds to the pseudocode IsReqExecPriNeg().
131
+ */
132
+#ifndef CONFIG_USER_ONLY
133
+bool armv7m_nvic_neg_prio_requested(NVICState *s, bool secure);
134
+#else
135
+static inline bool armv7m_nvic_neg_prio_requested(NVICState *s, bool secure)
136
+{
137
+ return false;
138
+}
139
+#endif
140
+#ifndef CONFIG_USER_ONLY
141
+bool armv7m_nvic_can_take_pending_exception(NVICState *s);
142
+#else
143
+static inline bool armv7m_nvic_can_take_pending_exception(NVICState *s)
144
+{
145
+ return true;
146
+}
147
+#endif
148
+
149
#endif
150
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
47
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
151
index XXXXXXX..XXXXXXX 100644
48
index XXXXXXX..XXXXXXX 100644
152
--- a/target/arm/cpu.h
49
--- a/target/arm/cpu.h
153
+++ b/target/arm/cpu.h
50
+++ b/target/arm/cpu.h
154
@@ -XXX,XX +XXX,XX @@ void arm_cpu_list(void);
51
@@ -XXX,XX +XXX,XX @@ void arm_gt_vtimer_cb(void *opaque);
155
uint32_t arm_phys_excp_target_el(CPUState *cs, uint32_t excp_idx,
52
void arm_gt_htimer_cb(void *opaque);
156
uint32_t cur_el, bool secure);
53
void arm_gt_stimer_cb(void *opaque);
157
54
void arm_gt_hvtimer_cb(void *opaque);
158
-/* Interface between CPU and Interrupt controller. */
55
+void arm_gt_sel2timer_cb(void *opaque);
159
-#ifndef CONFIG_USER_ONLY
56
+void arm_gt_sel2vtimer_cb(void *opaque);
160
-bool armv7m_nvic_can_take_pending_exception(NVICState *s);
57
161
-#else
58
unsigned int gt_cntfrq_period_ns(ARMCPU *cpu);
162
-static inline bool armv7m_nvic_can_take_pending_exception(NVICState *s)
59
void gt_rme_post_el_change(ARMCPU *cpu, void *opaque);
163
-{
60
diff --git a/target/arm/gtimer.h b/target/arm/gtimer.h
164
- return true;
61
index XXXXXXX..XXXXXXX 100644
165
-}
62
--- a/target/arm/gtimer.h
166
-#endif
63
+++ b/target/arm/gtimer.h
167
-/**
64
@@ -XXX,XX +XXX,XX @@ enum {
168
- * armv7m_nvic_set_pending: mark the specified exception as pending
65
GTIMER_HYP = 2,
169
- * @s: the NVIC
66
GTIMER_SEC = 3,
170
- * @irq: the exception number to mark pending
67
GTIMER_HYPVIRT = 4,
171
- * @secure: false for non-banked exceptions or for the nonsecure
68
-#define NUM_GTIMERS 5
172
- * version of a banked exception, true for the secure version of a banked
69
+ GTIMER_S_EL2_PHYS = 5, /* CNTHPS_* ; only if FEAT_SEL2 */
173
- * exception.
70
+ GTIMER_S_EL2_VIRT = 6, /* CNTHVS_* ; only if FEAT_SEL2 */
174
- *
71
+#define NUM_GTIMERS 7
175
- * Marks the specified exception as pending. Note that we will assert()
72
};
176
- * if @secure is true and @irq does not specify one of the fixed set
73
177
- * of architecturally banked exceptions.
74
#endif
178
- */
179
-void armv7m_nvic_set_pending(NVICState *s, int irq, bool secure);
180
-/**
181
- * armv7m_nvic_set_pending_derived: mark this derived exception as pending
182
- * @s: the NVIC
183
- * @irq: the exception number to mark pending
184
- * @secure: false for non-banked exceptions or for the nonsecure
185
- * version of a banked exception, true for the secure version of a banked
186
- * exception.
187
- *
188
- * Similar to armv7m_nvic_set_pending(), but specifically for derived
189
- * exceptions (exceptions generated in the course of trying to take
190
- * a different exception).
191
- */
192
-void armv7m_nvic_set_pending_derived(NVICState *s, int irq, bool secure);
193
-/**
194
- * armv7m_nvic_set_pending_lazyfp: mark this lazy FP exception as pending
195
- * @s: the NVIC
196
- * @irq: the exception number to mark pending
197
- * @secure: false for non-banked exceptions or for the nonsecure
198
- * version of a banked exception, true for the secure version of a banked
199
- * exception.
200
- *
201
- * Similar to armv7m_nvic_set_pending(), but specifically for exceptions
202
- * generated in the course of lazy stacking of FP registers.
203
- */
204
-void armv7m_nvic_set_pending_lazyfp(NVICState *s, int irq, bool secure);
205
-/**
206
- * armv7m_nvic_get_pending_irq_info: return highest priority pending
207
- * exception, and whether it targets Secure state
208
- * @s: the NVIC
209
- * @pirq: set to pending exception number
210
- * @ptargets_secure: set to whether pending exception targets Secure
211
- *
212
- * This function writes the number of the highest priority pending
213
- * exception (the one which would be made active by
214
- * armv7m_nvic_acknowledge_irq()) to @pirq, and sets @ptargets_secure
215
- * to true if the current highest priority pending exception should
216
- * be taken to Secure state, false for NS.
217
- */
218
-void armv7m_nvic_get_pending_irq_info(NVICState *s, int *pirq,
219
- bool *ptargets_secure);
220
-/**
221
- * armv7m_nvic_acknowledge_irq: make highest priority pending exception active
222
- * @s: the NVIC
223
- *
224
- * Move the current highest priority pending exception from the pending
225
- * state to the active state, and update v7m.exception to indicate that
226
- * it is the exception currently being handled.
227
- */
228
-void armv7m_nvic_acknowledge_irq(NVICState *s);
229
-/**
230
- * armv7m_nvic_complete_irq: complete specified interrupt or exception
231
- * @s: the NVIC
232
- * @irq: the exception number to complete
233
- * @secure: true if this exception was secure
234
- *
235
- * Returns: -1 if the irq was not active
236
- * 1 if completing this irq brought us back to base (no active irqs)
237
- * 0 if there is still an irq active after this one was completed
238
- * (Ignoring -1, this is the same as the RETTOBASE value before completion.)
239
- */
240
-int armv7m_nvic_complete_irq(NVICState *s, int irq, bool secure);
241
-/**
242
- * armv7m_nvic_get_ready_status(void *opaque, int irq, bool secure)
243
- * @s: the NVIC
244
- * @irq: the exception number to mark pending
245
- * @secure: false for non-banked exceptions or for the nonsecure
246
- * version of a banked exception, true for the secure version of a banked
247
- * exception.
248
- *
249
- * Return whether an exception is "ready", i.e. whether the exception is
250
- * enabled and is configured at a priority which would allow it to
251
- * interrupt the current execution priority. This controls whether the
252
- * RDY bit for it in the FPCCR is set.
253
- */
254
-bool armv7m_nvic_get_ready_status(NVICState *s, int irq, bool secure);
255
-/**
256
- * armv7m_nvic_raw_execution_priority: return the raw execution priority
257
- * @s: the NVIC
258
- *
259
- * Returns: the raw execution priority as defined by the v8M architecture.
260
- * This is the execution priority minus the effects of AIRCR.PRIS,
261
- * and minus any PRIMASK/FAULTMASK/BASEPRI priority boosting.
262
- * (v8M ARM ARM I_PKLD.)
263
- */
264
-int armv7m_nvic_raw_execution_priority(NVICState *s);
265
-/**
266
- * armv7m_nvic_neg_prio_requested: return true if the requested execution
267
- * priority is negative for the specified security state.
268
- * @s: the NVIC
269
- * @secure: the security state to test
270
- * This corresponds to the pseudocode IsReqExecPriNeg().
271
- */
272
-#ifndef CONFIG_USER_ONLY
273
-bool armv7m_nvic_neg_prio_requested(NVICState *s, bool secure);
274
-#else
275
-static inline bool armv7m_nvic_neg_prio_requested(NVICState *s, bool secure)
276
-{
277
- return false;
278
-}
279
-#endif
280
-
281
/* Interface for defining coprocessor registers.
282
* Registers are defined in tables of arm_cp_reginfo structs
283
* which are passed to define_arm_cp_regs().
284
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
75
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
285
index XXXXXXX..XXXXXXX 100644
76
index XXXXXXX..XXXXXXX 100644
286
--- a/target/arm/cpu.c
77
--- a/target/arm/cpu.c
287
+++ b/target/arm/cpu.c
78
+++ b/target/arm/cpu.c
288
@@ -XXX,XX +XXX,XX @@
79
@@ -XXX,XX +XXX,XX @@ static void arm_cpu_realizefn(DeviceState *dev, Error **errp)
289
#if !defined(CONFIG_USER_ONLY)
80
arm_gt_stimer_cb, cpu);
290
#include "hw/loader.h"
81
cpu->gt_timer[GTIMER_HYPVIRT] = timer_new(QEMU_CLOCK_VIRTUAL, scale,
291
#include "hw/boards.h"
82
arm_gt_hvtimer_cb, cpu);
292
+#ifdef CONFIG_TCG
83
+ cpu->gt_timer[GTIMER_S_EL2_PHYS] = timer_new(QEMU_CLOCK_VIRTUAL, scale,
293
#include "hw/intc/armv7m_nvic.h"
84
+ arm_gt_sel2timer_cb, cpu);
294
-#endif
85
+ cpu->gt_timer[GTIMER_S_EL2_VIRT] = timer_new(QEMU_CLOCK_VIRTUAL, scale,
295
+#endif /* CONFIG_TCG */
86
+ arm_gt_sel2vtimer_cb, cpu);
296
+#endif /* !CONFIG_USER_ONLY */
87
}
297
#include "sysemu/tcg.h"
298
#include "sysemu/qtest.h"
299
#include "sysemu/hw_accel.h"
300
diff --git a/target/arm/cpu_tcg.c b/target/arm/cpu_tcg.c
301
index XXXXXXX..XXXXXXX 100644
302
--- a/target/arm/cpu_tcg.c
303
+++ b/target/arm/cpu_tcg.c
304
@@ -XXX,XX +XXX,XX @@
305
#include "hw/boards.h"
306
#endif
88
#endif
307
#include "cpregs.h"
89
308
+#if !defined(CONFIG_USER_ONLY) && defined(CONFIG_TCG)
90
diff --git a/target/arm/helper.c b/target/arm/helper.c
309
+#include "hw/intc/armv7m_nvic.h"
91
index XXXXXXX..XXXXXXX 100644
92
--- a/target/arm/helper.c
93
+++ b/target/arm/helper.c
94
@@ -XXX,XX +XXX,XX @@ static CPAccessResult gt_stimer_access(CPUARMState *env,
95
}
96
}
97
98
+static CPAccessResult gt_sel2timer_access(CPUARMState *env,
99
+ const ARMCPRegInfo *ri,
100
+ bool isread)
101
+{
102
+ /*
103
+ * The AArch64 register view of the secure EL2 timers are mostly
104
+ * accessible from EL3 and EL2 although can also be trapped to EL2
105
+ * from EL1 depending on nested virt config.
106
+ */
107
+ switch (arm_current_el(env)) {
108
+ case 0: /* UNDEFINED */
109
+ return CP_ACCESS_UNDEFINED;
110
+ case 1:
111
+ if (!arm_is_secure(env)) {
112
+ /* UNDEFINED */
113
+ return CP_ACCESS_UNDEFINED;
114
+ } else if (arm_hcr_el2_eff(env) & HCR_NV) {
115
+ /* Aarch64.SystemAccessTrap(EL2, 0x18) */
116
+ return CP_ACCESS_TRAP_EL2;
117
+ }
118
+ /* UNDEFINED */
119
+ return CP_ACCESS_UNDEFINED;
120
+ case 2:
121
+ if (!arm_is_secure(env)) {
122
+ /* UNDEFINED */
123
+ return CP_ACCESS_UNDEFINED;
124
+ }
125
+ return CP_ACCESS_OK;
126
+ case 3:
127
+ if (env->cp15.scr_el3 & SCR_EEL2) {
128
+ return CP_ACCESS_OK;
129
+ } else {
130
+ return CP_ACCESS_UNDEFINED;
131
+ }
132
+ default:
133
+ g_assert_not_reached();
134
+ }
135
+}
136
+
137
uint64_t gt_get_countervalue(CPUARMState *env)
138
{
139
ARMCPU *cpu = env_archcpu(env);
140
@@ -XXX,XX +XXX,XX @@ static uint64_t gt_indirect_access_timer_offset(CPUARMState *env, int timeridx)
141
case GTIMER_HYP:
142
case GTIMER_SEC:
143
case GTIMER_HYPVIRT:
144
+ case GTIMER_S_EL2_PHYS:
145
+ case GTIMER_S_EL2_VIRT:
146
return 0;
147
default:
148
g_assert_not_reached();
149
@@ -XXX,XX +XXX,XX @@ uint64_t gt_direct_access_timer_offset(CPUARMState *env, int timeridx)
150
case GTIMER_HYP:
151
case GTIMER_SEC:
152
case GTIMER_HYPVIRT:
153
+ case GTIMER_S_EL2_PHYS:
154
+ case GTIMER_S_EL2_VIRT:
155
return 0;
156
default:
157
g_assert_not_reached();
158
@@ -XXX,XX +XXX,XX @@ static void gt_sec_ctl_write(CPUARMState *env, const ARMCPRegInfo *ri,
159
gt_ctl_write(env, ri, GTIMER_SEC, value);
160
}
161
162
+static void gt_sec_pel2_timer_reset(CPUARMState *env, const ARMCPRegInfo *ri)
163
+{
164
+ gt_timer_reset(env, ri, GTIMER_S_EL2_PHYS);
165
+}
166
+
167
+static void gt_sec_pel2_cval_write(CPUARMState *env, const ARMCPRegInfo *ri,
168
+ uint64_t value)
169
+{
170
+ gt_cval_write(env, ri, GTIMER_S_EL2_PHYS, value);
171
+}
172
+
173
+static uint64_t gt_sec_pel2_tval_read(CPUARMState *env, const ARMCPRegInfo *ri)
174
+{
175
+ return gt_tval_read(env, ri, GTIMER_S_EL2_PHYS);
176
+}
177
+
178
+static void gt_sec_pel2_tval_write(CPUARMState *env, const ARMCPRegInfo *ri,
179
+ uint64_t value)
180
+{
181
+ gt_tval_write(env, ri, GTIMER_S_EL2_PHYS, value);
182
+}
183
+
184
+static void gt_sec_pel2_ctl_write(CPUARMState *env, const ARMCPRegInfo *ri,
185
+ uint64_t value)
186
+{
187
+ gt_ctl_write(env, ri, GTIMER_S_EL2_PHYS, value);
188
+}
189
+
190
+static void gt_sec_vel2_timer_reset(CPUARMState *env, const ARMCPRegInfo *ri)
191
+{
192
+ gt_timer_reset(env, ri, GTIMER_S_EL2_VIRT);
193
+}
194
+
195
+static void gt_sec_vel2_cval_write(CPUARMState *env, const ARMCPRegInfo *ri,
196
+ uint64_t value)
197
+{
198
+ gt_cval_write(env, ri, GTIMER_S_EL2_VIRT, value);
199
+}
200
+
201
+static uint64_t gt_sec_vel2_tval_read(CPUARMState *env, const ARMCPRegInfo *ri)
202
+{
203
+ return gt_tval_read(env, ri, GTIMER_S_EL2_VIRT);
204
+}
205
+
206
+static void gt_sec_vel2_tval_write(CPUARMState *env, const ARMCPRegInfo *ri,
207
+ uint64_t value)
208
+{
209
+ gt_tval_write(env, ri, GTIMER_S_EL2_VIRT, value);
210
+}
211
+
212
+static void gt_sec_vel2_ctl_write(CPUARMState *env, const ARMCPRegInfo *ri,
213
+ uint64_t value)
214
+{
215
+ gt_ctl_write(env, ri, GTIMER_S_EL2_VIRT, value);
216
+}
217
+
218
static void gt_hv_timer_reset(CPUARMState *env, const ARMCPRegInfo *ri)
219
{
220
gt_timer_reset(env, ri, GTIMER_HYPVIRT);
221
@@ -XXX,XX +XXX,XX @@ void arm_gt_stimer_cb(void *opaque)
222
gt_recalc_timer(cpu, GTIMER_SEC);
223
}
224
225
+void arm_gt_sel2timer_cb(void *opaque)
226
+{
227
+ ARMCPU *cpu = opaque;
228
+
229
+ gt_recalc_timer(cpu, GTIMER_S_EL2_PHYS);
230
+}
231
+
232
+void arm_gt_sel2vtimer_cb(void *opaque)
233
+{
234
+ ARMCPU *cpu = opaque;
235
+
236
+ gt_recalc_timer(cpu, GTIMER_S_EL2_VIRT);
237
+}
238
+
239
void arm_gt_hvtimer_cb(void *opaque)
240
{
241
ARMCPU *cpu = opaque;
242
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo el2_sec_cp_reginfo[] = {
243
.access = PL2_RW, .accessfn = sel2_access,
244
.nv2_redirect_offset = 0x48,
245
.fieldoffset = offsetof(CPUARMState, cp15.vstcr_el2) },
246
+#ifndef CONFIG_USER_ONLY
247
+ /* Secure EL2 Physical Timer */
248
+ { .name = "CNTHPS_TVAL_EL2", .state = ARM_CP_STATE_AA64,
249
+ .opc0 = 3, .opc1 = 4, .crn = 14, .crm = 5, .opc2 = 0,
250
+ .type = ARM_CP_NO_RAW | ARM_CP_IO, .access = PL2_RW,
251
+ .accessfn = gt_sel2timer_access,
252
+ .readfn = gt_sec_pel2_tval_read,
253
+ .writefn = gt_sec_pel2_tval_write,
254
+ .resetfn = gt_sec_pel2_timer_reset,
255
+ },
256
+ { .name = "CNTHPS_CTL_EL2", .state = ARM_CP_STATE_AA64,
257
+ .opc0 = 3, .opc1 = 4, .crn = 14, .crm = 5, .opc2 = 1,
258
+ .type = ARM_CP_IO, .access = PL2_RW,
259
+ .accessfn = gt_sel2timer_access,
260
+ .fieldoffset = offsetof(CPUARMState, cp15.c14_timer[GTIMER_S_EL2_PHYS].ctl),
261
+ .resetvalue = 0,
262
+ .writefn = gt_sec_pel2_ctl_write, .raw_writefn = raw_write,
263
+ },
264
+ { .name = "CNTHPS_CVAL_EL2", .state = ARM_CP_STATE_AA64,
265
+ .opc0 = 3, .opc1 = 4, .crn = 14, .crm = 5, .opc2 = 2,
266
+ .type = ARM_CP_IO, .access = PL2_RW,
267
+ .accessfn = gt_sel2timer_access,
268
+ .fieldoffset = offsetof(CPUARMState, cp15.c14_timer[GTIMER_S_EL2_PHYS].cval),
269
+ .writefn = gt_sec_pel2_cval_write, .raw_writefn = raw_write,
270
+ },
271
+ /* Secure EL2 Virtual Timer */
272
+ { .name = "CNTHVS_TVAL_EL2", .state = ARM_CP_STATE_AA64,
273
+ .opc0 = 3, .opc1 = 4, .crn = 14, .crm = 4, .opc2 = 0,
274
+ .type = ARM_CP_NO_RAW | ARM_CP_IO, .access = PL2_RW,
275
+ .accessfn = gt_sel2timer_access,
276
+ .readfn = gt_sec_vel2_tval_read,
277
+ .writefn = gt_sec_vel2_tval_write,
278
+ .resetfn = gt_sec_vel2_timer_reset,
279
+ },
280
+ { .name = "CNTHVS_CTL_EL2", .state = ARM_CP_STATE_AA64,
281
+ .opc0 = 3, .opc1 = 4, .crn = 14, .crm = 4, .opc2 = 1,
282
+ .type = ARM_CP_IO, .access = PL2_RW,
283
+ .accessfn = gt_sel2timer_access,
284
+ .fieldoffset = offsetof(CPUARMState, cp15.c14_timer[GTIMER_S_EL2_VIRT].ctl),
285
+ .resetvalue = 0,
286
+ .writefn = gt_sec_vel2_ctl_write, .raw_writefn = raw_write,
287
+ },
288
+ { .name = "CNTHVS_CVAL_EL2", .state = ARM_CP_STATE_AA64,
289
+ .opc0 = 3, .opc1 = 4, .crn = 14, .crm = 4, .opc2 = 2,
290
+ .type = ARM_CP_IO, .access = PL2_RW,
291
+ .accessfn = gt_sel2timer_access,
292
+ .fieldoffset = offsetof(CPUARMState, cp15.c14_timer[GTIMER_S_EL2_VIRT].cval),
293
+ .writefn = gt_sec_vel2_cval_write, .raw_writefn = raw_write,
294
+ },
310
+#endif
295
+#endif
311
296
};
312
297
313
/* Share AArch32 -cpu max features with AArch64. */
298
static CPAccessResult nsacr_access(CPUARMState *env, const ARMCPRegInfo *ri,
314
diff --git a/target/arm/m_helper.c b/target/arm/m_helper.c
315
index XXXXXXX..XXXXXXX 100644
316
--- a/target/arm/m_helper.c
317
+++ b/target/arm/m_helper.c
318
@@ -XXX,XX +XXX,XX @@
319
#include "exec/cpu_ldst.h"
320
#include "semihosting/common-semi.h"
321
#endif
322
+#if !defined(CONFIG_USER_ONLY)
323
+#include "hw/intc/armv7m_nvic.h"
324
+#endif
325
326
static void v7m_msr_xpsr(CPUARMState *env, uint32_t mask,
327
uint32_t reg, uint32_t val)
328
--
299
--
329
2.34.1
300
2.43.0
330
301
331
302
diff view generated by jsdifflib
1
From: Alex Bennée <alex.bennee@linaro.org>
1
From: Alex Bennée <alex.bennee@linaro.org>
2
2
3
The two TCG tests for GICv2 and GICv3 are very heavy weight distros
3
As we are about to add more physical and virtual timers let's make it
4
that take a long time to boot up, especially for an --enable-debug
4
clear what each timer does.
5
build. The total code coverage they give is:
6
7
Overall coverage rate:
8
lines......: 11.2% (59584 of 530123 lines)
9
functions..: 15.0% (7436 of 49443 functions)
10
branches...: 6.3% (19273 of 303933 branches)
11
12
We already get pretty close to that with the machine_aarch64_virt
13
tests which only does one full boot (~120s vs ~600s) of alpine. We
14
expand the kernel+initrd boot (~8s) to test both GICs and also add an
15
RNG device and a block device to generate a few IRQs and exercise the
16
storage layer. With that we get to a coverage of:
17
18
Overall coverage rate:
19
lines......: 11.0% (58121 of 530123 lines)
20
functions..: 14.9% (7343 of 49443 functions)
21
branches...: 6.0% (18269 of 303933 branches)
22
23
which I feel is close enough given the massive time saving. If we want
24
to target any more sub-systems we can use lighter weight more directed
25
tests.
26
5
27
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
6
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
28
Reviewed-by: Fabiano Rosas <farosas@suse.de>
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
29
Acked-by: Richard Henderson <richard.henderson@linaro.org>
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
30
Message-id: 20230203181632.2919715-1-alex.bennee@linaro.org
9
Message-id: 20250204125009.2281315-8-peter.maydell@linaro.org
31
Cc: Peter Maydell <peter.maydell@linaro.org>
10
[PMM: Add timer register name prefix to each comment]
11
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
32
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
33
---
13
---
34
tests/avocado/boot_linux.py | 48 ++++----------------
14
target/arm/gtimer.h | 10 +++++-----
35
tests/avocado/machine_aarch64_virt.py | 63 ++++++++++++++++++++++++---
15
1 file changed, 5 insertions(+), 5 deletions(-)
36
2 files changed, 65 insertions(+), 46 deletions(-)
37
16
38
diff --git a/tests/avocado/boot_linux.py b/tests/avocado/boot_linux.py
17
diff --git a/target/arm/gtimer.h b/target/arm/gtimer.h
39
index XXXXXXX..XXXXXXX 100644
18
index XXXXXXX..XXXXXXX 100644
40
--- a/tests/avocado/boot_linux.py
19
--- a/target/arm/gtimer.h
41
+++ b/tests/avocado/boot_linux.py
20
+++ b/target/arm/gtimer.h
42
@@ -XXX,XX +XXX,XX @@ def test_pc_q35_kvm(self):
43
self.launch_and_wait(set_up_ssh_connection=False)
44
45
46
-# For Aarch64 we only boot KVM tests in CI as the TCG tests are very
47
-# heavyweight. There are lighter weight distros which we use in the
48
-# machine_aarch64_virt.py tests.
49
+# For Aarch64 we only boot KVM tests in CI as booting the current
50
+# Fedora OS in TCG tests is very heavyweight. There are lighter weight
51
+# distros which we use in the machine_aarch64_virt.py tests.
52
class BootLinuxAarch64(LinuxTest):
53
"""
54
:avocado: tags=arch:aarch64
55
:avocado: tags=machine:virt
56
- :avocado: tags=machine:gic-version=2
57
"""
58
timeout = 720
59
60
- def add_common_args(self):
61
- self.vm.add_args('-bios',
62
- os.path.join(BUILD_DIR, 'pc-bios',
63
- 'edk2-aarch64-code.fd'))
64
- self.vm.add_args('-device', 'virtio-rng-pci,rng=rng0')
65
- self.vm.add_args('-object', 'rng-random,id=rng0,filename=/dev/urandom')
66
-
67
- @skipIf(os.getenv('GITLAB_CI'), 'Running on GitLab')
68
- def test_fedora_cloud_tcg_gicv2(self):
69
- """
70
- :avocado: tags=accel:tcg
71
- :avocado: tags=cpu:max
72
- :avocado: tags=device:gicv2
73
- """
74
- self.require_accelerator("tcg")
75
- self.vm.add_args("-accel", "tcg")
76
- self.vm.add_args("-cpu", "max,lpa2=off")
77
- self.vm.add_args("-machine", "virt,gic-version=2")
78
- self.add_common_args()
79
- self.launch_and_wait(set_up_ssh_connection=False)
80
-
81
- @skipIf(os.getenv('GITLAB_CI'), 'Running on GitLab')
82
- def test_fedora_cloud_tcg_gicv3(self):
83
- """
84
- :avocado: tags=accel:tcg
85
- :avocado: tags=cpu:max
86
- :avocado: tags=device:gicv3
87
- """
88
- self.require_accelerator("tcg")
89
- self.vm.add_args("-accel", "tcg")
90
- self.vm.add_args("-cpu", "max,lpa2=off")
91
- self.vm.add_args("-machine", "virt,gic-version=3")
92
- self.add_common_args()
93
- self.launch_and_wait(set_up_ssh_connection=False)
94
-
95
def test_virt_kvm(self):
96
"""
97
:avocado: tags=accel:kvm
98
@@ -XXX,XX +XXX,XX @@ def test_virt_kvm(self):
99
self.require_accelerator("kvm")
100
self.vm.add_args("-accel", "kvm")
101
self.vm.add_args("-machine", "virt,gic-version=host")
102
- self.add_common_args()
103
+ self.vm.add_args('-bios',
104
+ os.path.join(BUILD_DIR, 'pc-bios',
105
+ 'edk2-aarch64-code.fd'))
106
+ self.vm.add_args('-device', 'virtio-rng-pci,rng=rng0')
107
+ self.vm.add_args('-object', 'rng-random,id=rng0,filename=/dev/urandom')
108
self.launch_and_wait(set_up_ssh_connection=False)
109
110
111
diff --git a/tests/avocado/machine_aarch64_virt.py b/tests/avocado/machine_aarch64_virt.py
112
index XXXXXXX..XXXXXXX 100644
113
--- a/tests/avocado/machine_aarch64_virt.py
114
+++ b/tests/avocado/machine_aarch64_virt.py
115
@@ -XXX,XX +XXX,XX @@
21
@@ -XXX,XX +XXX,XX @@
116
22
#define TARGET_ARM_GTIMER_H
117
import time
23
118
import os
24
enum {
119
+import logging
25
- GTIMER_PHYS = 0,
120
26
- GTIMER_VIRT = 1,
121
from avocado_qemu import QemuSystemTest
27
- GTIMER_HYP = 2,
122
from avocado_qemu import wait_for_console_pattern
28
- GTIMER_SEC = 3,
123
from avocado_qemu import exec_command
29
- GTIMER_HYPVIRT = 4,
124
from avocado_qemu import BUILD_DIR
30
+ GTIMER_PHYS = 0, /* CNTP_* ; EL1 physical timer */
125
+from avocado.utils import process
31
+ GTIMER_VIRT = 1, /* CNTV_* ; EL1 virtual timer */
126
+from avocado.utils.path import find_command
32
+ GTIMER_HYP = 2, /* CNTHP_* ; EL2 physical timer */
127
33
+ GTIMER_SEC = 3, /* CNTPS_* ; EL3 physical timer */
128
class Aarch64VirtMachine(QemuSystemTest):
34
+ GTIMER_HYPVIRT = 4, /* CNTHV_* ; EL2 virtual timer ; only if FEAT_VHE */
129
KERNEL_COMMON_COMMAND_LINE = 'printk.time=0 '
35
GTIMER_S_EL2_PHYS = 5, /* CNTHPS_* ; only if FEAT_SEL2 */
130
@@ -XXX,XX +XXX,XX @@ def test_alpine_virt_tcg_gic_max(self):
36
GTIMER_S_EL2_VIRT = 6, /* CNTHVS_* ; only if FEAT_SEL2 */
131
self.wait_for_console_pattern('Welcome to Alpine Linux 3.16')
37
#define NUM_GTIMERS 7
132
133
134
- def test_aarch64_virt(self):
135
+ def common_aarch64_virt(self, machine):
136
"""
137
- :avocado: tags=arch:aarch64
138
- :avocado: tags=machine:virt
139
- :avocado: tags=accel:tcg
140
- :avocado: tags=cpu:max
141
+ Common code to launch basic virt machine with kernel+initrd
142
+ and a scratch disk.
143
"""
144
+ logger = logging.getLogger('aarch64_virt')
145
+
146
kernel_url = ('https://fileserver.linaro.org/s/'
147
'z6B2ARM7DQT3HWN/download')
148
-
149
kernel_hash = 'ed11daab50c151dde0e1e9c9cb8b2d9bd3215347'
150
kernel_path = self.fetch_asset(kernel_url, asset_hash=kernel_hash)
151
152
@@ -XXX,XX +XXX,XX @@ def test_aarch64_virt(self):
153
'console=ttyAMA0')
154
self.require_accelerator("tcg")
155
self.vm.add_args('-cpu', 'max,pauth-impdef=on',
156
+ '-machine', machine,
157
'-accel', 'tcg',
158
'-kernel', kernel_path,
159
'-append', kernel_command_line)
160
+
161
+ # A RNG offers an easy way to generate a few IRQs
162
+ self.vm.add_args('-device', 'virtio-rng-pci,rng=rng0')
163
+ self.vm.add_args('-object',
164
+ 'rng-random,id=rng0,filename=/dev/urandom')
165
+
166
+ # Also add a scratch block device
167
+ logger.info('creating scratch qcow2 image')
168
+ image_path = os.path.join(self.workdir, 'scratch.qcow2')
169
+ qemu_img = os.path.join(BUILD_DIR, 'qemu-img')
170
+ if not os.path.exists(qemu_img):
171
+ qemu_img = find_command('qemu-img', False)
172
+ if qemu_img is False:
173
+ self.cancel('Could not find "qemu-img", which is required to '
174
+ 'create the temporary qcow2 image')
175
+ cmd = '%s create -f qcow2 %s 8M' % (qemu_img, image_path)
176
+ process.run(cmd)
177
+
178
+ # Add the device
179
+ self.vm.add_args('-blockdev',
180
+ f"driver=qcow2,file.driver=file,file.filename={image_path},node-name=scratch")
181
+ self.vm.add_args('-device',
182
+ 'virtio-blk-device,drive=scratch')
183
+
184
self.vm.launch()
185
self.wait_for_console_pattern('Welcome to Buildroot')
186
time.sleep(0.1)
187
exec_command(self, 'root')
188
time.sleep(0.1)
189
+ exec_command(self, 'dd if=/dev/hwrng of=/dev/vda bs=512 count=4')
190
+ time.sleep(0.1)
191
+ exec_command(self, 'md5sum /dev/vda')
192
+ time.sleep(0.1)
193
+ exec_command(self, 'cat /proc/interrupts')
194
+ time.sleep(0.1)
195
exec_command(self, 'cat /proc/self/maps')
196
time.sleep(0.1)
197
+
198
+ def test_aarch64_virt_gicv3(self):
199
+ """
200
+ :avocado: tags=arch:aarch64
201
+ :avocado: tags=machine:virt
202
+ :avocado: tags=accel:tcg
203
+ :avocado: tags=cpu:max
204
+ """
205
+ self.common_aarch64_virt("virt,gic_version=3")
206
+
207
+ def test_aarch64_virt_gicv2(self):
208
+ """
209
+ :avocado: tags=arch:aarch64
210
+ :avocado: tags=machine:virt
211
+ :avocado: tags=accel:tcg
212
+ :avocado: tags=cpu:max
213
+ """
214
+ self.common_aarch64_virt("virt,gic-version=2")
215
--
38
--
216
2.34.1
39
2.43.0
217
40
218
41
diff view generated by jsdifflib
1
From: Fabiano Rosas <farosas@suse.de>
1
From: Alex Bennée <alex.bennee@linaro.org>
2
2
3
Now that the cortex-a15 is under CONFIG_TCG, use as default CPU for a
3
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
4
KVM-only build the 'max' cpu.
4
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5
5
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
6
Note that we cannot use 'host' here because the qtests can run without
6
Message-id: 20250204125009.2281315-9-peter.maydell@linaro.org
7
any other accelerator (than qtest) and 'host' depends on KVM being
7
Cc: qemu-stable@nongnu.org
8
enabled.
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
9
10
Signed-off-by: Fabiano Rosas <farosas@suse.de>
11
Acked-by: Richard Henderson <richard.henderson@linaro.org>
12
Reviewed-by: Thomas Huth <thuth@redhat.com>
13
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
14
---
10
---
15
hw/arm/virt.c | 4 ++++
11
hw/arm/virt.c | 2 ++
16
1 file changed, 4 insertions(+)
12
1 file changed, 2 insertions(+)
17
13
18
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
14
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
19
index XXXXXXX..XXXXXXX 100644
15
index XXXXXXX..XXXXXXX 100644
20
--- a/hw/arm/virt.c
16
--- a/hw/arm/virt.c
21
+++ b/hw/arm/virt.c
17
+++ b/hw/arm/virt.c
22
@@ -XXX,XX +XXX,XX @@ static void virt_machine_class_init(ObjectClass *oc, void *data)
18
@@ -XXX,XX +XXX,XX @@ static void create_gic(VirtMachineState *vms, MemoryRegion *mem)
23
mc->minimum_page_bits = 12;
19
[GTIMER_HYP] = ARCH_TIMER_NS_EL2_IRQ,
24
mc->possible_cpu_arch_ids = virt_possible_cpu_arch_ids;
20
[GTIMER_SEC] = ARCH_TIMER_S_EL1_IRQ,
25
mc->cpu_index_to_instance_props = virt_cpu_index_to_props;
21
[GTIMER_HYPVIRT] = ARCH_TIMER_NS_EL2_VIRT_IRQ,
26
+#ifdef CONFIG_TCG
22
+ [GTIMER_S_EL2_PHYS] = ARCH_TIMER_S_EL2_IRQ,
27
mc->default_cpu_type = ARM_CPU_TYPE_NAME("cortex-a15");
23
+ [GTIMER_S_EL2_VIRT] = ARCH_TIMER_S_EL2_VIRT_IRQ,
28
+#else
24
};
29
+ mc->default_cpu_type = ARM_CPU_TYPE_NAME("max");
25
30
+#endif
26
for (unsigned irq = 0; irq < ARRAY_SIZE(timer_irq); irq++) {
31
mc->get_default_cpu_node_id = virt_get_default_cpu_node_id;
32
mc->kvm_type = virt_kvm_type;
33
assert(!mc->get_hotplug_handler);
34
--
27
--
35
2.34.1
28
2.43.0
29
30
diff view generated by jsdifflib
1
From: Fabiano Rosas <farosas@suse.de>
1
From: Alex Bennée <alex.bennee@linaro.org>
2
2
3
This allows the test to be skipped when TCG is not present in the QEMU
3
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
4
binary.
4
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
5
5
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
6
Signed-off-by: Fabiano Rosas <farosas@suse.de>
6
Message-id: 20250204125009.2281315-10-peter.maydell@linaro.org
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
7
Cc: qemu-stable@nongnu.org
8
Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
9
---
11
tests/avocado/boot_linux_console.py | 1 +
10
hw/arm/sbsa-ref.c | 2 ++
12
tests/avocado/reverse_debugging.py | 8 ++++++++
11
1 file changed, 2 insertions(+)
13
2 files changed, 9 insertions(+)
14
12
15
diff --git a/tests/avocado/boot_linux_console.py b/tests/avocado/boot_linux_console.py
13
diff --git a/hw/arm/sbsa-ref.c b/hw/arm/sbsa-ref.c
16
index XXXXXXX..XXXXXXX 100644
14
index XXXXXXX..XXXXXXX 100644
17
--- a/tests/avocado/boot_linux_console.py
15
--- a/hw/arm/sbsa-ref.c
18
+++ b/tests/avocado/boot_linux_console.py
16
+++ b/hw/arm/sbsa-ref.c
19
@@ -XXX,XX +XXX,XX @@ def test_arm_orangepi_uboot_netbsd9(self):
17
@@ -XXX,XX +XXX,XX @@ static void create_gic(SBSAMachineState *sms, MemoryRegion *mem)
20
18
[GTIMER_HYP] = ARCH_TIMER_NS_EL2_IRQ,
21
def test_aarch64_raspi3_atf(self):
19
[GTIMER_SEC] = ARCH_TIMER_S_EL1_IRQ,
22
"""
20
[GTIMER_HYPVIRT] = ARCH_TIMER_NS_EL2_VIRT_IRQ,
23
+ :avocado: tags=accel:tcg
21
+ [GTIMER_S_EL2_PHYS] = ARCH_TIMER_S_EL2_IRQ,
24
:avocado: tags=arch:aarch64
22
+ [GTIMER_S_EL2_VIRT] = ARCH_TIMER_S_EL2_VIRT_IRQ,
25
:avocado: tags=machine:raspi3b
23
};
26
:avocado: tags=cpu:cortex-a53
24
27
diff --git a/tests/avocado/reverse_debugging.py b/tests/avocado/reverse_debugging.py
25
for (irq = 0; irq < ARRAY_SIZE(timer_irq); irq++) {
28
index XXXXXXX..XXXXXXX 100644
29
--- a/tests/avocado/reverse_debugging.py
30
+++ b/tests/avocado/reverse_debugging.py
31
@@ -XXX,XX +XXX,XX @@ def reverse_debugging(self, shift=7, args=None):
32
vm.shutdown()
33
34
class ReverseDebugging_X86_64(ReverseDebugging):
35
+ """
36
+ :avocado: tags=accel:tcg
37
+ """
38
+
39
REG_PC = 0x10
40
REG_CS = 0x12
41
def get_pc(self, g):
42
@@ -XXX,XX +XXX,XX @@ def test_x86_64_pc(self):
43
self.reverse_debugging()
44
45
class ReverseDebugging_AArch64(ReverseDebugging):
46
+ """
47
+ :avocado: tags=accel:tcg
48
+ """
49
+
50
REG_PC = 32
51
52
# unidentified gitlab timeout problem
53
--
26
--
54
2.34.1
27
2.43.0
55
28
56
29
diff view generated by jsdifflib
1
From: Cornelia Huck <cohuck@redhat.com>
1
Our LDRD implementation is wrong in two respects:
2
2
3
Just use current_accel_name() directly.
3
* if the address is 4-aligned and the load crosses a page boundary
4
and the second load faults and the first load was to the
5
base register (as in cases like "ldrd r2, r3, [r2]", then we
6
must not update the base register before taking the fault
7
* if the address is 8-aligned the access must be a 64-bit
8
single-copy atomic access, not two 32-bit accesses
4
9
5
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
10
Rewrite the handling of the loads in LDRD to use a single
6
Reviewed-by: Eric Auger <eric.auger@redhat.com>
11
tcg_gen_qemu_ld_i64() and split the result into the destination
12
registers. This allows us to get the atomicity requirements
13
right, and also implicitly means that we won't update the
14
base register too early for the page-crossing case.
15
16
Note that because we no longer increment 'addr' by 4 in the course of
17
performing the LDRD we must change the adjustment value we pass to
18
op_addr_ri_post() and op_addr_rr_post(): it no longer needs to
19
subtract 4 to get the correct value to use if doing base register
20
writeback.
21
22
STRD has the same problem with not getting the atomicity right;
23
we will deal with that in the following commit.
24
25
Cc: qemu-stable@nongnu.org
26
Reported-by: Stu Grossman <stu.grossman@gmail.com>
27
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
28
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
29
Message-id: 20250227142746.1698904-2-peter.maydell@linaro.org
9
---
30
---
10
hw/arm/virt.c | 6 +++---
31
target/arm/tcg/translate.c | 70 +++++++++++++++++++++++++-------------
11
1 file changed, 3 insertions(+), 3 deletions(-)
32
1 file changed, 46 insertions(+), 24 deletions(-)
12
33
13
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
34
diff --git a/target/arm/tcg/translate.c b/target/arm/tcg/translate.c
14
index XXXXXXX..XXXXXXX 100644
35
index XXXXXXX..XXXXXXX 100644
15
--- a/hw/arm/virt.c
36
--- a/target/arm/tcg/translate.c
16
+++ b/hw/arm/virt.c
37
+++ b/target/arm/tcg/translate.c
17
@@ -XXX,XX +XXX,XX @@ static void machvirt_init(MachineState *machine)
38
@@ -XXX,XX +XXX,XX @@ static bool op_store_rr(DisasContext *s, arg_ldst_rr *a,
18
if (vms->secure && (kvm_enabled() || hvf_enabled())) {
39
return true;
19
error_report("mach-virt: %s does not support providing "
40
}
20
"Security extensions (TrustZone) to the guest CPU",
41
21
- kvm_enabled() ? "KVM" : "HVF");
42
+static void do_ldrd_load(DisasContext *s, TCGv_i32 addr, int rt, int rt2)
22
+ current_accel_name());
43
+{
23
exit(1);
44
+ /*
45
+ * LDRD is required to be an atomic 64-bit access if the
46
+ * address is 8-aligned, two atomic 32-bit accesses if
47
+ * it's only 4-aligned, and to give an alignment fault
48
+ * if it's not 4-aligned. This is MO_ALIGN_4 | MO_ATOM_SUBALIGN.
49
+ * Rt is always the word from the lower address, and Rt2 the
50
+ * data from the higher address, regardless of endianness.
51
+ * So (like gen_load_exclusive) we avoid gen_aa32_ld_i64()
52
+ * so we don't get its SCTLR_B check, and instead do a 64-bit access
53
+ * using MO_BE if appropriate and then split the two halves.
54
+ *
55
+ * For M-profile, and for A-profile before LPAE, the 64-bit
56
+ * atomicity is not required. We could model that using
57
+ * the looser MO_ATOM_IFALIGN_PAIR, but providing a higher
58
+ * level of atomicity than required is harmless (we would not
59
+ * currently generate better code for IFALIGN_PAIR here).
60
+ *
61
+ * This also gives us the correct behaviour of not updating
62
+ * rt if the load of rt2 faults; this is required for cases
63
+ * like "ldrd r2, r3, [r2]" where rt is also the base register.
64
+ */
65
+ int mem_idx = get_mem_index(s);
66
+ MemOp opc = MO_64 | MO_ALIGN_4 | MO_ATOM_SUBALIGN | s->be_data;
67
+ TCGv taddr = gen_aa32_addr(s, addr, opc);
68
+ TCGv_i64 t64 = tcg_temp_new_i64();
69
+ TCGv_i32 tmp = tcg_temp_new_i32();
70
+ TCGv_i32 tmp2 = tcg_temp_new_i32();
71
+
72
+ tcg_gen_qemu_ld_i64(t64, taddr, mem_idx, opc);
73
+ if (s->be_data == MO_BE) {
74
+ tcg_gen_extr_i64_i32(tmp2, tmp, t64);
75
+ } else {
76
+ tcg_gen_extr_i64_i32(tmp, tmp2, t64);
77
+ }
78
+ store_reg(s, rt, tmp);
79
+ store_reg(s, rt2, tmp2);
80
+}
81
+
82
static bool trans_LDRD_rr(DisasContext *s, arg_ldst_rr *a)
83
{
84
- int mem_idx = get_mem_index(s);
85
- TCGv_i32 addr, tmp;
86
+ TCGv_i32 addr;
87
88
if (!ENABLE_ARCH_5TE) {
89
return false;
90
@@ -XXX,XX +XXX,XX @@ static bool trans_LDRD_rr(DisasContext *s, arg_ldst_rr *a)
24
}
91
}
25
92
addr = op_addr_rr_pre(s, a);
26
if (vms->virt && (kvm_enabled() || hvf_enabled())) {
93
27
error_report("mach-virt: %s does not support providing "
94
- tmp = tcg_temp_new_i32();
28
"Virtualization extensions to the guest CPU",
95
- gen_aa32_ld_i32(s, tmp, addr, mem_idx, MO_UL | MO_ALIGN);
29
- kvm_enabled() ? "KVM" : "HVF");
96
- store_reg(s, a->rt, tmp);
30
+ current_accel_name());
97
-
31
exit(1);
98
- tcg_gen_addi_i32(addr, addr, 4);
32
}
99
-
33
100
- tmp = tcg_temp_new_i32();
34
if (vms->mte && (kvm_enabled() || hvf_enabled())) {
101
- gen_aa32_ld_i32(s, tmp, addr, mem_idx, MO_UL | MO_ALIGN);
35
error_report("mach-virt: %s does not support providing "
102
- store_reg(s, a->rt + 1, tmp);
36
"MTE to the guest CPU",
103
+ do_ldrd_load(s, addr, a->rt, a->rt + 1);
37
- kvm_enabled() ? "KVM" : "HVF");
104
38
+ current_accel_name());
105
/* LDRD w/ base writeback is undefined if the registers overlap. */
39
exit(1);
106
- op_addr_rr_post(s, a, addr, -4);
40
}
107
+ op_addr_rr_post(s, a, addr, 0);
108
return true;
109
}
110
111
@@ -XXX,XX +XXX,XX @@ static bool op_store_ri(DisasContext *s, arg_ldst_ri *a,
112
113
static bool op_ldrd_ri(DisasContext *s, arg_ldst_ri *a, int rt2)
114
{
115
- int mem_idx = get_mem_index(s);
116
- TCGv_i32 addr, tmp;
117
+ TCGv_i32 addr;
118
119
addr = op_addr_ri_pre(s, a);
120
121
- tmp = tcg_temp_new_i32();
122
- gen_aa32_ld_i32(s, tmp, addr, mem_idx, MO_UL | MO_ALIGN);
123
- store_reg(s, a->rt, tmp);
124
-
125
- tcg_gen_addi_i32(addr, addr, 4);
126
-
127
- tmp = tcg_temp_new_i32();
128
- gen_aa32_ld_i32(s, tmp, addr, mem_idx, MO_UL | MO_ALIGN);
129
- store_reg(s, rt2, tmp);
130
+ do_ldrd_load(s, addr, a->rt, rt2);
131
132
/* LDRD w/ base writeback is undefined if the registers overlap. */
133
- op_addr_ri_post(s, a, addr, -4);
134
+ op_addr_ri_post(s, a, addr, 0);
135
return true;
136
}
41
137
42
--
138
--
43
2.34.1
139
2.43.0
diff view generated by jsdifflib
1
From: Philippe Mathieu-Daudé <philmd@linaro.org>
1
Our STRD implementation doesn't correctly implement the requirement:
2
* if the address is 8-aligned the access must be a 64-bit
3
single-copy atomic access, not two 32-bit accesses
2
4
3
Suggested-by: Richard Henderson <richard.henderson@linaro.org>
5
Rewrite the handling of STRD to use a single tcg_gen_qemu_st_i64()
4
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
6
of a value produced by concatenating the two 32 bit source registers.
7
This allows us to get the atomicity right.
8
9
As with the LDRD change, now that we don't update 'addr' in the
10
course of performing the store we need to adjust the offset
11
we pass to op_addr_ri_post() and op_addr_rr_post().
12
13
Cc: qemu-stable@nongnu.org
14
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
15
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
6
Message-id: 20230206223502.25122-3-philmd@linaro.org
16
Message-id: 20250227142746.1698904-3-peter.maydell@linaro.org
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
---
17
---
9
target/arm/m_helper.c | 11 ++++++++---
18
target/arm/tcg/translate.c | 59 +++++++++++++++++++++++++-------------
10
1 file changed, 8 insertions(+), 3 deletions(-)
19
1 file changed, 39 insertions(+), 20 deletions(-)
11
20
12
diff --git a/target/arm/m_helper.c b/target/arm/m_helper.c
21
diff --git a/target/arm/tcg/translate.c b/target/arm/tcg/translate.c
13
index XXXXXXX..XXXXXXX 100644
22
index XXXXXXX..XXXXXXX 100644
14
--- a/target/arm/m_helper.c
23
--- a/target/arm/tcg/translate.c
15
+++ b/target/arm/m_helper.c
24
+++ b/target/arm/tcg/translate.c
16
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(v7m_tt)(CPUARMState *env, uint32_t addr, uint32_t op)
25
@@ -XXX,XX +XXX,XX @@ static bool trans_LDRD_rr(DisasContext *s, arg_ldst_rr *a)
17
return 0;
26
return true;
18
}
27
}
19
28
20
-#else
29
+static void do_strd_store(DisasContext *s, TCGv_i32 addr, int rt, int rt2)
21
+ARMMMUIdx arm_v7m_mmu_idx_for_secstate(CPUARMState *env, bool secstate)
22
+{
30
+{
23
+ return ARMMMUIdx_MUser;
31
+ /*
32
+ * STRD is required to be an atomic 64-bit access if the
33
+ * address is 8-aligned, two atomic 32-bit accesses if
34
+ * it's only 4-aligned, and to give an alignment fault
35
+ * if it's not 4-aligned.
36
+ * Rt is always the word from the lower address, and Rt2 the
37
+ * data from the higher address, regardless of endianness.
38
+ * So (like gen_store_exclusive) we avoid gen_aa32_ld_i64()
39
+ * so we don't get its SCTLR_B check, and instead do a 64-bit access
40
+ * using MO_BE if appropriate, using a value constructed
41
+ * by putting the two halves together in the right order.
42
+ *
43
+ * As with LDRD, the 64-bit atomicity is not required for
44
+ * M-profile, or for A-profile before LPAE, and we provide
45
+ * the higher guarantee always for simplicity.
46
+ */
47
+ int mem_idx = get_mem_index(s);
48
+ MemOp opc = MO_64 | MO_ALIGN_4 | MO_ATOM_SUBALIGN | s->be_data;
49
+ TCGv taddr = gen_aa32_addr(s, addr, opc);
50
+ TCGv_i32 t1 = load_reg(s, rt);
51
+ TCGv_i32 t2 = load_reg(s, rt2);
52
+ TCGv_i64 t64 = tcg_temp_new_i64();
53
+
54
+ if (s->be_data == MO_BE) {
55
+ tcg_gen_concat_i32_i64(t64, t2, t1);
56
+ } else {
57
+ tcg_gen_concat_i32_i64(t64, t1, t2);
58
+ }
59
+ tcg_gen_qemu_st_i64(t64, taddr, mem_idx, opc);
24
+}
60
+}
25
+
61
+
26
+#else /* !CONFIG_USER_ONLY */
62
static bool trans_STRD_rr(DisasContext *s, arg_ldst_rr *a)
27
63
{
28
/*
64
- int mem_idx = get_mem_index(s);
29
* What kind of stack write are we doing? This affects how exceptions
65
- TCGv_i32 addr, tmp;
30
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(v7m_tt)(CPUARMState *env, uint32_t addr, uint32_t op)
66
+ TCGv_i32 addr;
31
return tt_resp;
67
68
if (!ENABLE_ARCH_5TE) {
69
return false;
70
@@ -XXX,XX +XXX,XX @@ static bool trans_STRD_rr(DisasContext *s, arg_ldst_rr *a)
71
}
72
addr = op_addr_rr_pre(s, a);
73
74
- tmp = load_reg(s, a->rt);
75
- gen_aa32_st_i32(s, tmp, addr, mem_idx, MO_UL | MO_ALIGN);
76
+ do_strd_store(s, addr, a->rt, a->rt + 1);
77
78
- tcg_gen_addi_i32(addr, addr, 4);
79
-
80
- tmp = load_reg(s, a->rt + 1);
81
- gen_aa32_st_i32(s, tmp, addr, mem_idx, MO_UL | MO_ALIGN);
82
-
83
- op_addr_rr_post(s, a, addr, -4);
84
+ op_addr_rr_post(s, a, addr, 0);
85
return true;
32
}
86
}
33
87
34
-#endif /* !CONFIG_USER_ONLY */
88
@@ -XXX,XX +XXX,XX @@ static bool trans_LDRD_ri_t32(DisasContext *s, arg_ldst_ri2 *a)
89
90
static bool op_strd_ri(DisasContext *s, arg_ldst_ri *a, int rt2)
91
{
92
- int mem_idx = get_mem_index(s);
93
- TCGv_i32 addr, tmp;
94
+ TCGv_i32 addr;
95
96
addr = op_addr_ri_pre(s, a);
97
98
- tmp = load_reg(s, a->rt);
99
- gen_aa32_st_i32(s, tmp, addr, mem_idx, MO_UL | MO_ALIGN);
100
+ do_strd_store(s, addr, a->rt, rt2);
101
102
- tcg_gen_addi_i32(addr, addr, 4);
35
-
103
-
36
ARMMMUIdx arm_v7m_mmu_idx_all(CPUARMState *env,
104
- tmp = load_reg(s, rt2);
37
bool secstate, bool priv, bool negpri)
105
- gen_aa32_st_i32(s, tmp, addr, mem_idx, MO_UL | MO_ALIGN);
38
{
106
-
39
@@ -XXX,XX +XXX,XX @@ ARMMMUIdx arm_v7m_mmu_idx_for_secstate(CPUARMState *env, bool secstate)
107
- op_addr_ri_post(s, a, addr, -4);
40
108
+ op_addr_ri_post(s, a, addr, 0);
41
return arm_v7m_mmu_idx_for_secstate_and_priv(env, secstate, priv);
109
return true;
42
}
110
}
43
+
111
44
+#endif /* !CONFIG_USER_ONLY */
45
--
112
--
46
2.34.1
113
2.43.0
47
48
diff view generated by jsdifflib
Deleted patch
1
From: Philippe Mathieu-Daudé <philmd@linaro.org>
2
1
3
Suggested-by: Richard Henderson <richard.henderson@linaro.org>
4
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
5
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
6
Message-id: 20230206223502.25122-6-philmd@linaro.org
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
---
9
linux-user/user-internals.h | 2 +-
10
target/arm/cpu.h | 2 +-
11
linux-user/arm/cpu_loop.c | 4 ++--
12
3 files changed, 4 insertions(+), 4 deletions(-)
13
14
diff --git a/linux-user/user-internals.h b/linux-user/user-internals.h
15
index XXXXXXX..XXXXXXX 100644
16
--- a/linux-user/user-internals.h
17
+++ b/linux-user/user-internals.h
18
@@ -XXX,XX +XXX,XX @@ void print_termios(void *arg);
19
#ifdef TARGET_ARM
20
static inline int regpairs_aligned(CPUArchState *cpu_env, int num)
21
{
22
- return cpu_env->eabi == 1;
23
+ return cpu_env->eabi;
24
}
25
#elif defined(TARGET_MIPS) && defined(TARGET_ABI_MIPSO32)
26
static inline int regpairs_aligned(CPUArchState *cpu_env, int num) { return 1; }
27
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
28
index XXXXXXX..XXXXXXX 100644
29
--- a/target/arm/cpu.h
30
+++ b/target/arm/cpu.h
31
@@ -XXX,XX +XXX,XX @@ typedef struct CPUArchState {
32
33
#if defined(CONFIG_USER_ONLY)
34
/* For usermode syscall translation. */
35
- int eabi;
36
+ bool eabi;
37
#endif
38
39
struct CPUBreakpoint *cpu_breakpoint[16];
40
diff --git a/linux-user/arm/cpu_loop.c b/linux-user/arm/cpu_loop.c
41
index XXXXXXX..XXXXXXX 100644
42
--- a/linux-user/arm/cpu_loop.c
43
+++ b/linux-user/arm/cpu_loop.c
44
@@ -XXX,XX +XXX,XX @@ void cpu_loop(CPUARMState *env)
45
break;
46
case EXCP_SWI:
47
{
48
- env->eabi = 1;
49
+ env->eabi = true;
50
/* system call */
51
if (env->thumb) {
52
/* Thumb is always EABI style with syscall number in r7 */
53
@@ -XXX,XX +XXX,XX @@ void cpu_loop(CPUARMState *env)
54
* > 0xfffff and are handled below as out-of-range.
55
*/
56
n ^= ARM_SYSCALL_BASE;
57
- env->eabi = 0;
58
+ env->eabi = false;
59
}
60
}
61
62
--
63
2.34.1
64
65
diff view generated by jsdifflib
Deleted patch
1
From: Philippe Mathieu-Daudé <philmd@linaro.org>
2
1
3
Although the 'eabi' field is only used in user emulation where
4
CPU reset doesn't occur, it doesn't belong to the area to reset.
5
Move it after the 'end_reset_fields' for consistency.
6
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
9
Message-id: 20230206223502.25122-7-philmd@linaro.org
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
12
target/arm/cpu.h | 9 ++++-----
13
1 file changed, 4 insertions(+), 5 deletions(-)
14
15
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
16
index XXXXXXX..XXXXXXX 100644
17
--- a/target/arm/cpu.h
18
+++ b/target/arm/cpu.h
19
@@ -XXX,XX +XXX,XX @@ typedef struct CPUArchState {
20
ARMVectorReg zarray[ARM_MAX_VQ * 16];
21
#endif
22
23
-#if defined(CONFIG_USER_ONLY)
24
- /* For usermode syscall translation. */
25
- bool eabi;
26
-#endif
27
-
28
struct CPUBreakpoint *cpu_breakpoint[16];
29
struct CPUWatchpoint *cpu_watchpoint[16];
30
31
@@ -XXX,XX +XXX,XX @@ typedef struct CPUArchState {
32
const struct arm_boot_info *boot_info;
33
/* Store GICv3CPUState to access from this struct */
34
void *gicv3state;
35
+#if defined(CONFIG_USER_ONLY)
36
+ /* For usermode syscall translation. */
37
+ bool eabi;
38
+#endif /* CONFIG_USER_ONLY */
39
40
#ifdef TARGET_TAGGED_ADDRESSES
41
/* Linux syscall tagged address support */
42
--
43
2.34.1
44
45
diff view generated by jsdifflib
Deleted patch
1
From: Philippe Mathieu-Daudé <philmd@linaro.org>
2
1
3
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
4
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
5
Message-id: 20230206223502.25122-8-philmd@linaro.org
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
---
8
target/arm/cpu.h | 3 ++-
9
1 file changed, 2 insertions(+), 1 deletion(-)
10
11
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
12
index XXXXXXX..XXXXXXX 100644
13
--- a/target/arm/cpu.h
14
+++ b/target/arm/cpu.h
15
@@ -XXX,XX +XXX,XX @@ typedef struct CPUArchState {
16
17
void *nvic;
18
const struct arm_boot_info *boot_info;
19
+#if !defined(CONFIG_USER_ONLY)
20
/* Store GICv3CPUState to access from this struct */
21
void *gicv3state;
22
-#if defined(CONFIG_USER_ONLY)
23
+#else /* CONFIG_USER_ONLY */
24
/* For usermode syscall translation. */
25
bool eabi;
26
#endif /* CONFIG_USER_ONLY */
27
--
28
2.34.1
29
30
diff view generated by jsdifflib
Deleted patch
1
From: Philippe Mathieu-Daudé <philmd@linaro.org>
2
1
3
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
4
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
5
Message-id: 20230206223502.25122-9-philmd@linaro.org
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
---
8
target/arm/cpu.h | 2 +-
9
1 file changed, 1 insertion(+), 1 deletion(-)
10
11
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
12
index XXXXXXX..XXXXXXX 100644
13
--- a/target/arm/cpu.h
14
+++ b/target/arm/cpu.h
15
@@ -XXX,XX +XXX,XX @@ typedef struct CPUArchState {
16
} sau;
17
18
void *nvic;
19
- const struct arm_boot_info *boot_info;
20
#if !defined(CONFIG_USER_ONLY)
21
+ const struct arm_boot_info *boot_info;
22
/* Store GICv3CPUState to access from this struct */
23
void *gicv3state;
24
#else /* CONFIG_USER_ONLY */
25
--
26
2.34.1
27
28
diff view generated by jsdifflib
Deleted patch
1
From: Philippe Mathieu-Daudé <philmd@linaro.org>
2
1
3
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
4
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
5
Message-id: 20230206223502.25122-10-philmd@linaro.org
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
---
8
target/arm/cpu.h | 2 +-
9
1 file changed, 1 insertion(+), 1 deletion(-)
10
11
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
12
index XXXXXXX..XXXXXXX 100644
13
--- a/target/arm/cpu.h
14
+++ b/target/arm/cpu.h
15
@@ -XXX,XX +XXX,XX @@ typedef struct CPUArchState {
16
uint32_t ctrl;
17
} sau;
18
19
- void *nvic;
20
#if !defined(CONFIG_USER_ONLY)
21
+ void *nvic;
22
const struct arm_boot_info *boot_info;
23
/* Store GICv3CPUState to access from this struct */
24
void *gicv3state;
25
--
26
2.34.1
27
28
diff view generated by jsdifflib
1
From: Philippe Mathieu-Daudé <philmd@linaro.org>
1
All the callers of op_addr_rr_post() and op_addr_ri_post() now pass in
2
zero for the address_offset, so we can remove that argument.
2
3
3
There is no point in using a void pointer to access the NVIC.
4
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4
Use the real type to avoid casting it while debugging.
5
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
6
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
7
Message-id: 20250227142746.1698904-4-peter.maydell@linaro.org
8
---
9
target/arm/tcg/translate.c | 26 +++++++++++++-------------
10
1 file changed, 13 insertions(+), 13 deletions(-)
5
11
6
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
12
diff --git a/target/arm/tcg/translate.c b/target/arm/tcg/translate.c
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20230206223502.25122-11-philmd@linaro.org
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
target/arm/cpu.h | 46 ++++++++++++++++++++++---------------------
12
hw/intc/armv7m_nvic.c | 38 ++++++++++++-----------------------
13
target/arm/cpu.c | 1 +
14
target/arm/m_helper.c | 2 +-
15
4 files changed, 39 insertions(+), 48 deletions(-)
16
17
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
18
index XXXXXXX..XXXXXXX 100644
13
index XXXXXXX..XXXXXXX 100644
19
--- a/target/arm/cpu.h
14
--- a/target/arm/tcg/translate.c
20
+++ b/target/arm/cpu.h
15
+++ b/target/arm/tcg/translate.c
21
@@ -XXX,XX +XXX,XX @@ typedef struct CPUARMTBFlags {
16
@@ -XXX,XX +XXX,XX @@ static TCGv_i32 op_addr_rr_pre(DisasContext *s, arg_ldst_rr *a)
22
17
}
23
typedef struct ARMMMUFaultInfo ARMMMUFaultInfo;
18
24
19
static void op_addr_rr_post(DisasContext *s, arg_ldst_rr *a,
25
+typedef struct NVICState NVICState;
20
- TCGv_i32 addr, int address_offset)
26
+
21
+ TCGv_i32 addr)
27
typedef struct CPUArchState {
28
/* Regs for current mode. */
29
uint32_t regs[16];
30
@@ -XXX,XX +XXX,XX @@ typedef struct CPUArchState {
31
} sau;
32
33
#if !defined(CONFIG_USER_ONLY)
34
- void *nvic;
35
+ NVICState *nvic;
36
const struct arm_boot_info *boot_info;
37
/* Store GICv3CPUState to access from this struct */
38
void *gicv3state;
39
@@ -XXX,XX +XXX,XX @@ uint32_t arm_phys_excp_target_el(CPUState *cs, uint32_t excp_idx,
40
41
/* Interface between CPU and Interrupt controller. */
42
#ifndef CONFIG_USER_ONLY
43
-bool armv7m_nvic_can_take_pending_exception(void *opaque);
44
+bool armv7m_nvic_can_take_pending_exception(NVICState *s);
45
#else
46
-static inline bool armv7m_nvic_can_take_pending_exception(void *opaque)
47
+static inline bool armv7m_nvic_can_take_pending_exception(NVICState *s)
48
{
22
{
23
if (!a->p) {
24
TCGv_i32 ofs = load_reg(s, a->rm);
25
@@ -XXX,XX +XXX,XX @@ static void op_addr_rr_post(DisasContext *s, arg_ldst_rr *a,
26
} else if (!a->w) {
27
return;
28
}
29
- tcg_gen_addi_i32(addr, addr, address_offset);
30
store_reg(s, a->rn, addr);
31
}
32
33
@@ -XXX,XX +XXX,XX @@ static bool op_load_rr(DisasContext *s, arg_ldst_rr *a,
34
* Perform base writeback before the loaded value to
35
* ensure correct behavior with overlapping index registers.
36
*/
37
- op_addr_rr_post(s, a, addr, 0);
38
+ op_addr_rr_post(s, a, addr);
39
store_reg_from_load(s, a->rt, tmp);
49
return true;
40
return true;
50
}
41
}
51
#endif
42
@@ -XXX,XX +XXX,XX @@ static bool op_store_rr(DisasContext *s, arg_ldst_rr *a,
52
/**
43
gen_aa32_st_i32(s, tmp, addr, mem_idx, mop);
53
* armv7m_nvic_set_pending: mark the specified exception as pending
44
disas_set_da_iss(s, mop, issinfo);
54
- * @opaque: the NVIC
45
55
+ * @s: the NVIC
46
- op_addr_rr_post(s, a, addr, 0);
56
* @irq: the exception number to mark pending
47
+ op_addr_rr_post(s, a, addr);
57
* @secure: false for non-banked exceptions or for the nonsecure
48
return true;
58
* version of a banked exception, true for the secure version of a banked
49
}
59
@@ -XXX,XX +XXX,XX @@ static inline bool armv7m_nvic_can_take_pending_exception(void *opaque)
50
60
* if @secure is true and @irq does not specify one of the fixed set
51
@@ -XXX,XX +XXX,XX @@ static bool trans_LDRD_rr(DisasContext *s, arg_ldst_rr *a)
61
* of architecturally banked exceptions.
52
do_ldrd_load(s, addr, a->rt, a->rt + 1);
62
*/
53
63
-void armv7m_nvic_set_pending(void *opaque, int irq, bool secure);
54
/* LDRD w/ base writeback is undefined if the registers overlap. */
64
+void armv7m_nvic_set_pending(NVICState *s, int irq, bool secure);
55
- op_addr_rr_post(s, a, addr, 0);
65
/**
56
+ op_addr_rr_post(s, a, addr);
66
* armv7m_nvic_set_pending_derived: mark this derived exception as pending
57
return true;
67
- * @opaque: the NVIC
58
}
68
+ * @s: the NVIC
59
69
* @irq: the exception number to mark pending
60
@@ -XXX,XX +XXX,XX @@ static bool trans_STRD_rr(DisasContext *s, arg_ldst_rr *a)
70
* @secure: false for non-banked exceptions or for the nonsecure
61
71
* version of a banked exception, true for the secure version of a banked
62
do_strd_store(s, addr, a->rt, a->rt + 1);
72
@@ -XXX,XX +XXX,XX @@ void armv7m_nvic_set_pending(void *opaque, int irq, bool secure);
63
73
* exceptions (exceptions generated in the course of trying to take
64
- op_addr_rr_post(s, a, addr, 0);
74
* a different exception).
65
+ op_addr_rr_post(s, a, addr);
75
*/
66
return true;
76
-void armv7m_nvic_set_pending_derived(void *opaque, int irq, bool secure);
67
}
77
+void armv7m_nvic_set_pending_derived(NVICState *s, int irq, bool secure);
68
78
/**
69
@@ -XXX,XX +XXX,XX @@ static TCGv_i32 op_addr_ri_pre(DisasContext *s, arg_ldst_ri *a)
79
* armv7m_nvic_set_pending_lazyfp: mark this lazy FP exception as pending
70
}
80
- * @opaque: the NVIC
71
81
+ * @s: the NVIC
72
static void op_addr_ri_post(DisasContext *s, arg_ldst_ri *a,
82
* @irq: the exception number to mark pending
73
- TCGv_i32 addr, int address_offset)
83
* @secure: false for non-banked exceptions or for the nonsecure
74
+ TCGv_i32 addr)
84
* version of a banked exception, true for the secure version of a banked
85
@@ -XXX,XX +XXX,XX @@ void armv7m_nvic_set_pending_derived(void *opaque, int irq, bool secure);
86
* Similar to armv7m_nvic_set_pending(), but specifically for exceptions
87
* generated in the course of lazy stacking of FP registers.
88
*/
89
-void armv7m_nvic_set_pending_lazyfp(void *opaque, int irq, bool secure);
90
+void armv7m_nvic_set_pending_lazyfp(NVICState *s, int irq, bool secure);
91
/**
92
* armv7m_nvic_get_pending_irq_info: return highest priority pending
93
* exception, and whether it targets Secure state
94
- * @opaque: the NVIC
95
+ * @s: the NVIC
96
* @pirq: set to pending exception number
97
* @ptargets_secure: set to whether pending exception targets Secure
98
*
99
@@ -XXX,XX +XXX,XX @@ void armv7m_nvic_set_pending_lazyfp(void *opaque, int irq, bool secure);
100
* to true if the current highest priority pending exception should
101
* be taken to Secure state, false for NS.
102
*/
103
-void armv7m_nvic_get_pending_irq_info(void *opaque, int *pirq,
104
+void armv7m_nvic_get_pending_irq_info(NVICState *s, int *pirq,
105
bool *ptargets_secure);
106
/**
107
* armv7m_nvic_acknowledge_irq: make highest priority pending exception active
108
- * @opaque: the NVIC
109
+ * @s: the NVIC
110
*
111
* Move the current highest priority pending exception from the pending
112
* state to the active state, and update v7m.exception to indicate that
113
* it is the exception currently being handled.
114
*/
115
-void armv7m_nvic_acknowledge_irq(void *opaque);
116
+void armv7m_nvic_acknowledge_irq(NVICState *s);
117
/**
118
* armv7m_nvic_complete_irq: complete specified interrupt or exception
119
- * @opaque: the NVIC
120
+ * @s: the NVIC
121
* @irq: the exception number to complete
122
* @secure: true if this exception was secure
123
*
124
@@ -XXX,XX +XXX,XX @@ void armv7m_nvic_acknowledge_irq(void *opaque);
125
* 0 if there is still an irq active after this one was completed
126
* (Ignoring -1, this is the same as the RETTOBASE value before completion.)
127
*/
128
-int armv7m_nvic_complete_irq(void *opaque, int irq, bool secure);
129
+int armv7m_nvic_complete_irq(NVICState *s, int irq, bool secure);
130
/**
131
* armv7m_nvic_get_ready_status(void *opaque, int irq, bool secure)
132
- * @opaque: the NVIC
133
+ * @s: the NVIC
134
* @irq: the exception number to mark pending
135
* @secure: false for non-banked exceptions or for the nonsecure
136
* version of a banked exception, true for the secure version of a banked
137
@@ -XXX,XX +XXX,XX @@ int armv7m_nvic_complete_irq(void *opaque, int irq, bool secure);
138
* interrupt the current execution priority. This controls whether the
139
* RDY bit for it in the FPCCR is set.
140
*/
141
-bool armv7m_nvic_get_ready_status(void *opaque, int irq, bool secure);
142
+bool armv7m_nvic_get_ready_status(NVICState *s, int irq, bool secure);
143
/**
144
* armv7m_nvic_raw_execution_priority: return the raw execution priority
145
- * @opaque: the NVIC
146
+ * @s: the NVIC
147
*
148
* Returns: the raw execution priority as defined by the v8M architecture.
149
* This is the execution priority minus the effects of AIRCR.PRIS,
150
* and minus any PRIMASK/FAULTMASK/BASEPRI priority boosting.
151
* (v8M ARM ARM I_PKLD.)
152
*/
153
-int armv7m_nvic_raw_execution_priority(void *opaque);
154
+int armv7m_nvic_raw_execution_priority(NVICState *s);
155
/**
156
* armv7m_nvic_neg_prio_requested: return true if the requested execution
157
* priority is negative for the specified security state.
158
- * @opaque: the NVIC
159
+ * @s: the NVIC
160
* @secure: the security state to test
161
* This corresponds to the pseudocode IsReqExecPriNeg().
162
*/
163
#ifndef CONFIG_USER_ONLY
164
-bool armv7m_nvic_neg_prio_requested(void *opaque, bool secure);
165
+bool armv7m_nvic_neg_prio_requested(NVICState *s, bool secure);
166
#else
167
-static inline bool armv7m_nvic_neg_prio_requested(void *opaque, bool secure)
168
+static inline bool armv7m_nvic_neg_prio_requested(NVICState *s, bool secure)
169
{
75
{
170
return false;
76
+ int address_offset = 0;
77
if (!a->p) {
78
if (a->u) {
79
- address_offset += a->imm;
80
+ address_offset = a->imm;
81
} else {
82
- address_offset -= a->imm;
83
+ address_offset = -a->imm;
84
}
85
} else if (!a->w) {
86
return;
87
@@ -XXX,XX +XXX,XX @@ static bool op_load_ri(DisasContext *s, arg_ldst_ri *a,
88
* Perform base writeback before the loaded value to
89
* ensure correct behavior with overlapping index registers.
90
*/
91
- op_addr_ri_post(s, a, addr, 0);
92
+ op_addr_ri_post(s, a, addr);
93
store_reg_from_load(s, a->rt, tmp);
94
return true;
171
}
95
}
172
diff --git a/hw/intc/armv7m_nvic.c b/hw/intc/armv7m_nvic.c
96
@@ -XXX,XX +XXX,XX @@ static bool op_store_ri(DisasContext *s, arg_ldst_ri *a,
173
index XXXXXXX..XXXXXXX 100644
97
gen_aa32_st_i32(s, tmp, addr, mem_idx, mop);
174
--- a/hw/intc/armv7m_nvic.c
98
disas_set_da_iss(s, mop, issinfo);
175
+++ b/hw/intc/armv7m_nvic.c
99
176
@@ -XXX,XX +XXX,XX @@ static inline int nvic_exec_prio(NVICState *s)
100
- op_addr_ri_post(s, a, addr, 0);
177
return MIN(running, s->exception_prio);
101
+ op_addr_ri_post(s, a, addr);
102
return true;
178
}
103
}
179
104
180
-bool armv7m_nvic_neg_prio_requested(void *opaque, bool secure)
105
@@ -XXX,XX +XXX,XX @@ static bool op_ldrd_ri(DisasContext *s, arg_ldst_ri *a, int rt2)
181
+bool armv7m_nvic_neg_prio_requested(NVICState *s, bool secure)
106
do_ldrd_load(s, addr, a->rt, rt2);
182
{
107
183
/* Return true if the requested execution priority is negative
108
/* LDRD w/ base writeback is undefined if the registers overlap. */
184
* for the specified security state, ie that security state
109
- op_addr_ri_post(s, a, addr, 0);
185
@@ -XXX,XX +XXX,XX @@ bool armv7m_nvic_neg_prio_requested(void *opaque, bool secure)
110
+ op_addr_ri_post(s, a, addr);
186
* mean we don't allow FAULTMASK_NS to actually make the execution
111
return true;
187
* priority negative). Compare pseudocode IsReqExcPriNeg().
188
*/
189
- NVICState *s = opaque;
190
-
191
if (s->cpu->env.v7m.faultmask[secure]) {
192
return true;
193
}
194
@@ -XXX,XX +XXX,XX @@ bool armv7m_nvic_neg_prio_requested(void *opaque, bool secure)
195
return false;
196
}
112
}
197
113
198
-bool armv7m_nvic_can_take_pending_exception(void *opaque)
114
@@ -XXX,XX +XXX,XX @@ static bool op_strd_ri(DisasContext *s, arg_ldst_ri *a, int rt2)
199
+bool armv7m_nvic_can_take_pending_exception(NVICState *s)
115
200
{
116
do_strd_store(s, addr, a->rt, rt2);
201
- NVICState *s = opaque;
117
202
-
118
- op_addr_ri_post(s, a, addr, 0);
203
return nvic_exec_prio(s) > nvic_pending_prio(s);
119
+ op_addr_ri_post(s, a, addr);
120
return true;
204
}
121
}
205
122
206
-int armv7m_nvic_raw_execution_priority(void *opaque)
207
+int armv7m_nvic_raw_execution_priority(NVICState *s)
208
{
209
- NVICState *s = opaque;
210
-
211
return s->exception_prio;
212
}
213
214
@@ -XXX,XX +XXX,XX @@ static void nvic_irq_update(NVICState *s)
215
* if @secure is true and @irq does not specify one of the fixed set
216
* of architecturally banked exceptions.
217
*/
218
-static void armv7m_nvic_clear_pending(void *opaque, int irq, bool secure)
219
+static void armv7m_nvic_clear_pending(NVICState *s, int irq, bool secure)
220
{
221
- NVICState *s = (NVICState *)opaque;
222
VecInfo *vec;
223
224
assert(irq > ARMV7M_EXCP_RESET && irq < s->num_irq);
225
@@ -XXX,XX +XXX,XX @@ static void do_armv7m_nvic_set_pending(void *opaque, int irq, bool secure,
226
}
227
}
228
229
-void armv7m_nvic_set_pending(void *opaque, int irq, bool secure)
230
+void armv7m_nvic_set_pending(NVICState *s, int irq, bool secure)
231
{
232
- do_armv7m_nvic_set_pending(opaque, irq, secure, false);
233
+ do_armv7m_nvic_set_pending(s, irq, secure, false);
234
}
235
236
-void armv7m_nvic_set_pending_derived(void *opaque, int irq, bool secure)
237
+void armv7m_nvic_set_pending_derived(NVICState *s, int irq, bool secure)
238
{
239
- do_armv7m_nvic_set_pending(opaque, irq, secure, true);
240
+ do_armv7m_nvic_set_pending(s, irq, secure, true);
241
}
242
243
-void armv7m_nvic_set_pending_lazyfp(void *opaque, int irq, bool secure)
244
+void armv7m_nvic_set_pending_lazyfp(NVICState *s, int irq, bool secure)
245
{
246
/*
247
* Pend an exception during lazy FP stacking. This differs
248
@@ -XXX,XX +XXX,XX @@ void armv7m_nvic_set_pending_lazyfp(void *opaque, int irq, bool secure)
249
* whether we should escalate depends on the saved context
250
* in the FPCCR register, not on the current state of the CPU/NVIC.
251
*/
252
- NVICState *s = (NVICState *)opaque;
253
bool banked = exc_is_banked(irq);
254
VecInfo *vec;
255
bool targets_secure;
256
@@ -XXX,XX +XXX,XX @@ void armv7m_nvic_set_pending_lazyfp(void *opaque, int irq, bool secure)
257
}
258
259
/* Make pending IRQ active. */
260
-void armv7m_nvic_acknowledge_irq(void *opaque)
261
+void armv7m_nvic_acknowledge_irq(NVICState *s)
262
{
263
- NVICState *s = (NVICState *)opaque;
264
CPUARMState *env = &s->cpu->env;
265
const int pending = s->vectpending;
266
const int running = nvic_exec_prio(s);
267
@@ -XXX,XX +XXX,XX @@ static bool vectpending_targets_secure(NVICState *s)
268
exc_targets_secure(s, s->vectpending);
269
}
270
271
-void armv7m_nvic_get_pending_irq_info(void *opaque,
272
+void armv7m_nvic_get_pending_irq_info(NVICState *s,
273
int *pirq, bool *ptargets_secure)
274
{
275
- NVICState *s = (NVICState *)opaque;
276
const int pending = s->vectpending;
277
bool targets_secure;
278
279
@@ -XXX,XX +XXX,XX @@ void armv7m_nvic_get_pending_irq_info(void *opaque,
280
*pirq = pending;
281
}
282
283
-int armv7m_nvic_complete_irq(void *opaque, int irq, bool secure)
284
+int armv7m_nvic_complete_irq(NVICState *s, int irq, bool secure)
285
{
286
- NVICState *s = (NVICState *)opaque;
287
VecInfo *vec = NULL;
288
int ret = 0;
289
290
@@ -XXX,XX +XXX,XX @@ int armv7m_nvic_complete_irq(void *opaque, int irq, bool secure)
291
return ret;
292
}
293
294
-bool armv7m_nvic_get_ready_status(void *opaque, int irq, bool secure)
295
+bool armv7m_nvic_get_ready_status(NVICState *s, int irq, bool secure)
296
{
297
/*
298
* Return whether an exception is "ready", i.e. it is enabled and is
299
@@ -XXX,XX +XXX,XX @@ bool armv7m_nvic_get_ready_status(void *opaque, int irq, bool secure)
300
* for non-banked exceptions secure is always false; for banked exceptions
301
* it indicates which of the exceptions is required.
302
*/
303
- NVICState *s = (NVICState *)opaque;
304
bool banked = exc_is_banked(irq);
305
VecInfo *vec;
306
int running = nvic_exec_prio(s);
307
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
308
index XXXXXXX..XXXXXXX 100644
309
--- a/target/arm/cpu.c
310
+++ b/target/arm/cpu.c
311
@@ -XXX,XX +XXX,XX @@
312
#if !defined(CONFIG_USER_ONLY)
313
#include "hw/loader.h"
314
#include "hw/boards.h"
315
+#include "hw/intc/armv7m_nvic.h"
316
#endif
317
#include "sysemu/tcg.h"
318
#include "sysemu/qtest.h"
319
diff --git a/target/arm/m_helper.c b/target/arm/m_helper.c
320
index XXXXXXX..XXXXXXX 100644
321
--- a/target/arm/m_helper.c
322
+++ b/target/arm/m_helper.c
323
@@ -XXX,XX +XXX,XX @@ static void v7m_update_fpccr(CPUARMState *env, uint32_t frameptr,
324
* that we will need later in order to do lazy FP reg stacking.
325
*/
326
bool is_secure = env->v7m.secure;
327
- void *nvic = env->nvic;
328
+ NVICState *nvic = env->nvic;
329
/*
330
* Some bits are unbanked and live always in fpccr[M_REG_S]; some bits
331
* are banked and we want to update the bit in the bank for the
332
--
123
--
333
2.34.1
124
2.43.0
334
125
335
126
diff view generated by jsdifflib
1
From: Fabiano Rosas <farosas@suse.de>
1
In debug_helper.c we provide a few dummy versions of
2
debug registers:
3
* DBGVCR (AArch32 only): enable bits for vector-catch
4
debug events
5
* MDCCINT_EL1: interrupt enable bits for the DCC
6
debug communications channel
7
* DBGVCR32_EL2: the AArch64 accessor for the state in
8
DBGVCR
2
9
3
Since commit cf7c6d1004 ("target/arm: Split out cpregs.h") we now have
10
We implemented these only to stop Linux crashing on startup,
4
a cpregs.h header which is more suitable for this code.
11
but we chose to implement them as ARM_CP_NOP. This worked
12
for Linux where it only cares about trying to write to these
13
registers, but is very confusing behaviour for anything that
14
wants to read the registers (perhaps for context state switches),
15
because the destination register will be left with whatever
16
random value it happened to have before the read.
5
17
6
Code moved verbatim.
18
Model these registers instead as RAZ.
7
19
8
Signed-off-by: Fabiano Rosas <farosas@suse.de>
20
Fixes: 5e8b12ffbb8c68 ("target-arm: Implement minimal DBGVCR, OSDLR_EL1, MDCCSR_EL0")
21
Fixes: 5dbdc4342f479d ("target-arm: Implement dummy MDCCINT_EL1")
22
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2708
23
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
24
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
10
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
25
Message-id: 20250228162424.1917269-1-peter.maydell@linaro.org
11
Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
---
26
---
14
target/arm/cpregs.h | 98 +++++++++++++++++++++++++++++++++++++++++++++
27
target/arm/debug_helper.c | 7 ++++---
15
target/arm/cpu.h | 91 -----------------------------------------
28
1 file changed, 4 insertions(+), 3 deletions(-)
16
2 files changed, 98 insertions(+), 91 deletions(-)
17
29
18
diff --git a/target/arm/cpregs.h b/target/arm/cpregs.h
30
diff --git a/target/arm/debug_helper.c b/target/arm/debug_helper.c
19
index XXXXXXX..XXXXXXX 100644
31
index XXXXXXX..XXXXXXX 100644
20
--- a/target/arm/cpregs.h
32
--- a/target/arm/debug_helper.c
21
+++ b/target/arm/cpregs.h
33
+++ b/target/arm/debug_helper.c
22
@@ -XXX,XX +XXX,XX @@ enum {
34
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo debug_cp_reginfo[] = {
23
ARM_CP_SME = 1 << 19,
35
{ .name = "DBGVCR",
36
.cp = 14, .opc1 = 0, .crn = 0, .crm = 7, .opc2 = 0,
37
.access = PL1_RW, .accessfn = access_tda,
38
- .type = ARM_CP_NOP },
39
+ .type = ARM_CP_CONST, .resetvalue = 0 },
40
/*
41
* Dummy MDCCINT_EL1, since we don't implement the Debug Communications
42
* Channel but Linux may try to access this register. The 32-bit
43
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo debug_cp_reginfo[] = {
44
{ .name = "MDCCINT_EL1", .state = ARM_CP_STATE_BOTH,
45
.cp = 14, .opc0 = 2, .opc1 = 0, .crn = 0, .crm = 2, .opc2 = 0,
46
.access = PL1_RW, .accessfn = access_tdcc,
47
- .type = ARM_CP_NOP },
48
+ .type = ARM_CP_CONST, .resetvalue = 0 },
49
/*
50
* Dummy DBGCLAIM registers.
51
* "The architecture does not define any functionality for the CLAIM tag bits.",
52
@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo debug_aa32_el1_reginfo[] = {
53
{ .name = "DBGVCR32_EL2", .state = ARM_CP_STATE_AA64,
54
.opc0 = 2, .opc1 = 4, .crn = 0, .crm = 7, .opc2 = 0,
55
.access = PL2_RW, .accessfn = access_dbgvcr32,
56
- .type = ARM_CP_NOP | ARM_CP_EL3_NO_EL2_KEEP },
57
+ .type = ARM_CP_CONST | ARM_CP_EL3_NO_EL2_KEEP,
58
+ .resetvalue = 0 },
24
};
59
};
25
60
26
+/*
61
static const ARMCPRegInfo debug_lpae_cp_reginfo[] = {
27
+ * Interface for defining coprocessor registers.
28
+ * Registers are defined in tables of arm_cp_reginfo structs
29
+ * which are passed to define_arm_cp_regs().
30
+ */
31
+
32
+/*
33
+ * When looking up a coprocessor register we look for it
34
+ * via an integer which encodes all of:
35
+ * coprocessor number
36
+ * Crn, Crm, opc1, opc2 fields
37
+ * 32 or 64 bit register (ie is it accessed via MRC/MCR
38
+ * or via MRRC/MCRR?)
39
+ * non-secure/secure bank (AArch32 only)
40
+ * We allow 4 bits for opc1 because MRRC/MCRR have a 4 bit field.
41
+ * (In this case crn and opc2 should be zero.)
42
+ * For AArch64, there is no 32/64 bit size distinction;
43
+ * instead all registers have a 2 bit op0, 3 bit op1 and op2,
44
+ * and 4 bit CRn and CRm. The encoding patterns are chosen
45
+ * to be easy to convert to and from the KVM encodings, and also
46
+ * so that the hashtable can contain both AArch32 and AArch64
47
+ * registers (to allow for interprocessing where we might run
48
+ * 32 bit code on a 64 bit core).
49
+ */
50
+/*
51
+ * This bit is private to our hashtable cpreg; in KVM register
52
+ * IDs the AArch64/32 distinction is the KVM_REG_ARM/ARM64
53
+ * in the upper bits of the 64 bit ID.
54
+ */
55
+#define CP_REG_AA64_SHIFT 28
56
+#define CP_REG_AA64_MASK (1 << CP_REG_AA64_SHIFT)
57
+
58
+/*
59
+ * To enable banking of coprocessor registers depending on ns-bit we
60
+ * add a bit to distinguish between secure and non-secure cpregs in the
61
+ * hashtable.
62
+ */
63
+#define CP_REG_NS_SHIFT 29
64
+#define CP_REG_NS_MASK (1 << CP_REG_NS_SHIFT)
65
+
66
+#define ENCODE_CP_REG(cp, is64, ns, crn, crm, opc1, opc2) \
67
+ ((ns) << CP_REG_NS_SHIFT | ((cp) << 16) | ((is64) << 15) | \
68
+ ((crn) << 11) | ((crm) << 7) | ((opc1) << 3) | (opc2))
69
+
70
+#define ENCODE_AA64_CP_REG(cp, crn, crm, op0, op1, op2) \
71
+ (CP_REG_AA64_MASK | \
72
+ ((cp) << CP_REG_ARM_COPROC_SHIFT) | \
73
+ ((op0) << CP_REG_ARM64_SYSREG_OP0_SHIFT) | \
74
+ ((op1) << CP_REG_ARM64_SYSREG_OP1_SHIFT) | \
75
+ ((crn) << CP_REG_ARM64_SYSREG_CRN_SHIFT) | \
76
+ ((crm) << CP_REG_ARM64_SYSREG_CRM_SHIFT) | \
77
+ ((op2) << CP_REG_ARM64_SYSREG_OP2_SHIFT))
78
+
79
+/*
80
+ * Convert a full 64 bit KVM register ID to the truncated 32 bit
81
+ * version used as a key for the coprocessor register hashtable
82
+ */
83
+static inline uint32_t kvm_to_cpreg_id(uint64_t kvmid)
84
+{
85
+ uint32_t cpregid = kvmid;
86
+ if ((kvmid & CP_REG_ARCH_MASK) == CP_REG_ARM64) {
87
+ cpregid |= CP_REG_AA64_MASK;
88
+ } else {
89
+ if ((kvmid & CP_REG_SIZE_MASK) == CP_REG_SIZE_U64) {
90
+ cpregid |= (1 << 15);
91
+ }
92
+
93
+ /*
94
+ * KVM is always non-secure so add the NS flag on AArch32 register
95
+ * entries.
96
+ */
97
+ cpregid |= 1 << CP_REG_NS_SHIFT;
98
+ }
99
+ return cpregid;
100
+}
101
+
102
+/*
103
+ * Convert a truncated 32 bit hashtable key into the full
104
+ * 64 bit KVM register ID.
105
+ */
106
+static inline uint64_t cpreg_to_kvm_id(uint32_t cpregid)
107
+{
108
+ uint64_t kvmid;
109
+
110
+ if (cpregid & CP_REG_AA64_MASK) {
111
+ kvmid = cpregid & ~CP_REG_AA64_MASK;
112
+ kvmid |= CP_REG_SIZE_U64 | CP_REG_ARM64;
113
+ } else {
114
+ kvmid = cpregid & ~(1 << 15);
115
+ if (cpregid & (1 << 15)) {
116
+ kvmid |= CP_REG_SIZE_U64 | CP_REG_ARM;
117
+ } else {
118
+ kvmid |= CP_REG_SIZE_U32 | CP_REG_ARM;
119
+ }
120
+ }
121
+ return kvmid;
122
+}
123
+
124
/*
125
* Valid values for ARMCPRegInfo state field, indicating which of
126
* the AArch32 and AArch64 execution states this register is visible in.
127
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
128
index XXXXXXX..XXXXXXX 100644
129
--- a/target/arm/cpu.h
130
+++ b/target/arm/cpu.h
131
@@ -XXX,XX +XXX,XX @@ void arm_cpu_list(void);
132
uint32_t arm_phys_excp_target_el(CPUState *cs, uint32_t excp_idx,
133
uint32_t cur_el, bool secure);
134
135
-/* Interface for defining coprocessor registers.
136
- * Registers are defined in tables of arm_cp_reginfo structs
137
- * which are passed to define_arm_cp_regs().
138
- */
139
-
140
-/* When looking up a coprocessor register we look for it
141
- * via an integer which encodes all of:
142
- * coprocessor number
143
- * Crn, Crm, opc1, opc2 fields
144
- * 32 or 64 bit register (ie is it accessed via MRC/MCR
145
- * or via MRRC/MCRR?)
146
- * non-secure/secure bank (AArch32 only)
147
- * We allow 4 bits for opc1 because MRRC/MCRR have a 4 bit field.
148
- * (In this case crn and opc2 should be zero.)
149
- * For AArch64, there is no 32/64 bit size distinction;
150
- * instead all registers have a 2 bit op0, 3 bit op1 and op2,
151
- * and 4 bit CRn and CRm. The encoding patterns are chosen
152
- * to be easy to convert to and from the KVM encodings, and also
153
- * so that the hashtable can contain both AArch32 and AArch64
154
- * registers (to allow for interprocessing where we might run
155
- * 32 bit code on a 64 bit core).
156
- */
157
-/* This bit is private to our hashtable cpreg; in KVM register
158
- * IDs the AArch64/32 distinction is the KVM_REG_ARM/ARM64
159
- * in the upper bits of the 64 bit ID.
160
- */
161
-#define CP_REG_AA64_SHIFT 28
162
-#define CP_REG_AA64_MASK (1 << CP_REG_AA64_SHIFT)
163
-
164
-/* To enable banking of coprocessor registers depending on ns-bit we
165
- * add a bit to distinguish between secure and non-secure cpregs in the
166
- * hashtable.
167
- */
168
-#define CP_REG_NS_SHIFT 29
169
-#define CP_REG_NS_MASK (1 << CP_REG_NS_SHIFT)
170
-
171
-#define ENCODE_CP_REG(cp, is64, ns, crn, crm, opc1, opc2) \
172
- ((ns) << CP_REG_NS_SHIFT | ((cp) << 16) | ((is64) << 15) | \
173
- ((crn) << 11) | ((crm) << 7) | ((opc1) << 3) | (opc2))
174
-
175
-#define ENCODE_AA64_CP_REG(cp, crn, crm, op0, op1, op2) \
176
- (CP_REG_AA64_MASK | \
177
- ((cp) << CP_REG_ARM_COPROC_SHIFT) | \
178
- ((op0) << CP_REG_ARM64_SYSREG_OP0_SHIFT) | \
179
- ((op1) << CP_REG_ARM64_SYSREG_OP1_SHIFT) | \
180
- ((crn) << CP_REG_ARM64_SYSREG_CRN_SHIFT) | \
181
- ((crm) << CP_REG_ARM64_SYSREG_CRM_SHIFT) | \
182
- ((op2) << CP_REG_ARM64_SYSREG_OP2_SHIFT))
183
-
184
-/* Convert a full 64 bit KVM register ID to the truncated 32 bit
185
- * version used as a key for the coprocessor register hashtable
186
- */
187
-static inline uint32_t kvm_to_cpreg_id(uint64_t kvmid)
188
-{
189
- uint32_t cpregid = kvmid;
190
- if ((kvmid & CP_REG_ARCH_MASK) == CP_REG_ARM64) {
191
- cpregid |= CP_REG_AA64_MASK;
192
- } else {
193
- if ((kvmid & CP_REG_SIZE_MASK) == CP_REG_SIZE_U64) {
194
- cpregid |= (1 << 15);
195
- }
196
-
197
- /* KVM is always non-secure so add the NS flag on AArch32 register
198
- * entries.
199
- */
200
- cpregid |= 1 << CP_REG_NS_SHIFT;
201
- }
202
- return cpregid;
203
-}
204
-
205
-/* Convert a truncated 32 bit hashtable key into the full
206
- * 64 bit KVM register ID.
207
- */
208
-static inline uint64_t cpreg_to_kvm_id(uint32_t cpregid)
209
-{
210
- uint64_t kvmid;
211
-
212
- if (cpregid & CP_REG_AA64_MASK) {
213
- kvmid = cpregid & ~CP_REG_AA64_MASK;
214
- kvmid |= CP_REG_SIZE_U64 | CP_REG_ARM64;
215
- } else {
216
- kvmid = cpregid & ~(1 << 15);
217
- if (cpregid & (1 << 15)) {
218
- kvmid |= CP_REG_SIZE_U64 | CP_REG_ARM;
219
- } else {
220
- kvmid |= CP_REG_SIZE_U32 | CP_REG_ARM;
221
- }
222
- }
223
- return kvmid;
224
-}
225
-
226
/* Return the highest implemented Exception Level */
227
static inline int arm_highest_el(CPUARMState *env)
228
{
229
--
62
--
230
2.34.1
63
2.43.0
231
232
diff view generated by jsdifflib
1
From: Fabiano Rosas <farosas@suse.de>
1
Currently we call icount_start_warp_timer() from timerlist_rearm().
2
This produces incorrect behaviour, because timerlist_rearm() is
3
called, for instance, when a timer callback modifies its timer. We
4
cannot decide here to warp the timer forwards to the next timer
5
deadline merely because all_cpu_threads_idle() is true, because the
6
timer callback we were called from (or some other callback later in
7
the list of callbacks being invoked) may be about to raise a CPU
8
interrupt and move a CPU from idle to ready.
2
9
3
If a test was tagged with the "accel" tag and the specified
10
The only valid place to choose to warp the timer forward is from the
4
accelerator it not present in the qemu binary, cancel the test.
11
main loop, when we know we have no outstanding IO or timer callbacks
12
that might be about to wake up a CPU.
5
13
6
We can now write tests without explicit calls to require_accelerator,
14
For Arm guests, this bug was mostly latent until the refactoring
7
just the tag is enough.
15
commit f6fc36deef6abc ("target/arm/helper: Implement
16
CNTHCTL_EL2.CNT[VP]MASK"), which exposed it because it refactored a
17
timer callback so that it happened to call timer_mod() first and
18
raise the interrupt second, when it had previously raised the
19
interrupt first and called timer_mod() afterwards.
8
20
9
Signed-off-by: Fabiano Rosas <farosas@suse.de>
21
This call seems to have originally derived from the
22
pre-record-and-replay icount code, which (as of e.g. commit
23
db1a49726c3c in 2010) in this location did a call to
24
qemu_notify_event(), necessary to get the icount code in the vCPU
25
round-robin thread to stop and recalculate the icount deadline when a
26
timer was reprogrammed from the IO thread. In current QEMU,
27
everything is done on the vCPU thread when we are in icount mode, so
28
there's no need to try to notify another thread here.
29
30
I suspect that the other reason why this call was doing icount timer
31
warping is that it pre-dates commit efab87cf79077a from 2015, which
32
added a call to icount_start_warp_timer() to main_loop_wait(). Once
33
the call in timerlist_rearm() has been removed, if the timer
34
callbacks don't cause any CPU to be woken up then we will end up
35
calling icount_start_warp_timer() from main_loop_wait() when the rr
36
main loop code calls rr_wait_io_event().
37
38
Remove the incorrect call from timerlist_rearm().
39
40
Cc: qemu-stable@nongnu.org
41
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2703
42
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
43
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
11
Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
44
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
45
Tested-by: Alex Bennée <alex.bennee@linaro.org>
46
Message-id: 20250210135804.3526943-1-peter.maydell@linaro.org
13
---
47
---
14
tests/avocado/avocado_qemu/__init__.py | 4 ++++
48
util/qemu-timer.c | 4 ----
15
1 file changed, 4 insertions(+)
49
1 file changed, 4 deletions(-)
16
50
17
diff --git a/tests/avocado/avocado_qemu/__init__.py b/tests/avocado/avocado_qemu/__init__.py
51
diff --git a/util/qemu-timer.c b/util/qemu-timer.c
18
index XXXXXXX..XXXXXXX 100644
52
index XXXXXXX..XXXXXXX 100644
19
--- a/tests/avocado/avocado_qemu/__init__.py
53
--- a/util/qemu-timer.c
20
+++ b/tests/avocado/avocado_qemu/__init__.py
54
+++ b/util/qemu-timer.c
21
@@ -XXX,XX +XXX,XX @@ def setUp(self):
55
@@ -XXX,XX +XXX,XX @@ static bool timer_mod_ns_locked(QEMUTimerList *timer_list,
22
56
23
super().setUp('qemu-system-')
57
static void timerlist_rearm(QEMUTimerList *timer_list)
24
58
{
25
+ accel_required = self._get_unique_tag_val('accel')
59
- /* Interrupt execution to force deadline recalculation. */
26
+ if accel_required:
60
- if (icount_enabled() && timer_list->clock->type == QEMU_CLOCK_VIRTUAL) {
27
+ self.require_accelerator(accel_required)
61
- icount_start_warp_timer();
28
+
62
- }
29
self.machine = self.params.get('machine',
63
timerlist_notify(timer_list);
30
default=self._get_unique_tag_val('machine'))
64
}
31
65
32
--
66
--
33
2.34.1
67
2.43.0
34
68
35
69
diff view generated by jsdifflib
1
From: Fabiano Rosas <farosas@suse.de>
1
Expand the example in the comment documenting MO_ATOM_SUBALIGN,
2
to be clearer about the atomicity guarantees it represents.
2
3
3
These tests set -accel tcg, so restrict them to when TCG is present.
4
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
6
Message-id: 20250228103222.1838913-1-peter.maydell@linaro.org
7
---
8
include/exec/memop.h | 8 ++++++--
9
1 file changed, 6 insertions(+), 2 deletions(-)
4
10
5
Signed-off-by: Fabiano Rosas <farosas@suse.de>
11
diff --git a/include/exec/memop.h b/include/exec/memop.h
6
Acked-by: Richard Henderson <richard.henderson@linaro.org>
7
Reviewed-by: Thomas Huth <thuth@redhat.com>
8
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
---
10
tests/qtest/meson.build | 4 ++--
11
1 file changed, 2 insertions(+), 2 deletions(-)
12
13
diff --git a/tests/qtest/meson.build b/tests/qtest/meson.build
14
index XXXXXXX..XXXXXXX 100644
12
index XXXXXXX..XXXXXXX 100644
15
--- a/tests/qtest/meson.build
13
--- a/include/exec/memop.h
16
+++ b/tests/qtest/meson.build
14
+++ b/include/exec/memop.h
17
@@ -XXX,XX +XXX,XX @@ qtests_arm = \
15
@@ -XXX,XX +XXX,XX @@ typedef enum MemOp {
18
# TODO: once aarch64 TCG is fixed on ARM 32 bit host, make bios-tables-test unconditional
16
* Depending on alignment, one or both will be single-copy atomic.
19
qtests_aarch64 = \
17
* This is the atomicity e.g. of Arm FEAT_LSE2 LDP.
20
(cpu != 'arm' and unpack_edk2_blobs ? ['bios-tables-test'] : []) + \
18
* MO_ATOM_SUBALIGN: the operation is single-copy atomic by parts
21
- (config_all_devices.has_key('CONFIG_TPM_TIS_SYSBUS') ? ['tpm-tis-device-test'] : []) + \
19
- * by the alignment. E.g. if the address is 0 mod 4, then each
22
- (config_all_devices.has_key('CONFIG_TPM_TIS_SYSBUS') ? ['tpm-tis-device-swtpm-test'] : []) + \
20
- * 4-byte subobject is single-copy atomic.
23
+ (config_all.has_key('CONFIG_TCG') and config_all_devices.has_key('CONFIG_TPM_TIS_SYSBUS') ? \
21
+ * by the alignment. E.g. if an 8-byte value is accessed at an
24
+ ['tpm-tis-device-test', 'tpm-tis-device-swtpm-test'] : []) + \
22
+ * address which is 0 mod 8, then the whole 8-byte access is
25
(config_all_devices.has_key('CONFIG_XLNX_ZYNQMP_ARM') ? ['xlnx-can-test', 'fuzz-xlnx-dp-test'] : []) + \
23
+ * single-copy atomic; otherwise, if it is accessed at 0 mod 4
26
(config_all_devices.has_key('CONFIG_RASPI') ? ['bcm2835-dma-test'] : []) + \
24
+ * then each 4-byte subobject is single-copy atomic; otherwise
27
['arm-cpu-features',
25
+ * if it is accessed at 0 mod 2 then the four 2-byte subobjects
26
+ * are single-copy atomic.
27
* This is the atomicity e.g. of IBM Power.
28
* MO_ATOM_NONE: the operation has no atomicity requirements.
29
*
28
--
30
--
29
2.34.1
31
2.43.0
diff view generated by jsdifflib
1
From: Mostafa Saleh <smostafa@google.com>
1
From: JianChunfu <jansef.jian@hj-micro.com>
2
2
3
GBPA register can be used to globally abort all
3
Use a similar terminology smmu_hash_remove_by_sid_range() as the one
4
transactions.
4
being used for other hash table matching functions since
5
smmuv3_invalidate_ste() name is not self explanatory, and introduce a
6
helper that invokes the g_hash_table_foreach_remove.
5
7
6
It is described in the SMMU manual in "6.3.14 SMMU_GBPA".
8
No functional change intended.
7
ABORT reset value is IMPLEMENTATION DEFINED, it is chosen to
8
be zero(Do not abort incoming transactions).
9
9
10
Other fields have default values of Use Incoming.
10
Signed-off-by: JianChunfu <jansef.jian@hj-micro.com>
11
12
If UPDATE is not set, the write is ignored. This is the only permitted
13
behavior in SMMUv3.2 and later.(6.3.14.1 Update procedure)
14
15
As this patch adds a new state to the SMMU (GBPA), it is added
16
in a new subsection for forward migration compatibility.
17
GBPA is only migrated if its value is different from the reset value.
18
It does this to be backward migration compatible if SW didn't write
19
the register.
20
21
Signed-off-by: Mostafa Saleh <smostafa@google.com>
22
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
23
Reviewed-by: Eric Auger <eric.auger@redhat.com>
11
Reviewed-by: Eric Auger <eric.auger@redhat.com>
24
Message-id: 20230214094009.2445653-1-smostafa@google.com
12
Message-id: 20250228031438.3916-1-jansef.jian@hj-micro.com
25
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
26
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
27
---
14
---
28
hw/arm/smmuv3-internal.h | 7 +++++++
15
hw/arm/smmu-internal.h | 5 -----
29
include/hw/arm/smmuv3.h | 1 +
16
include/hw/arm/smmu-common.h | 6 ++++++
30
hw/arm/smmuv3.c | 43 +++++++++++++++++++++++++++++++++++++++-
17
hw/arm/smmu-common.c | 21 +++++++++++++++++++++
31
3 files changed, 50 insertions(+), 1 deletion(-)
18
hw/arm/smmuv3.c | 19 ++-----------------
19
hw/arm/trace-events | 3 ++-
20
5 files changed, 31 insertions(+), 23 deletions(-)
32
21
33
diff --git a/hw/arm/smmuv3-internal.h b/hw/arm/smmuv3-internal.h
22
diff --git a/hw/arm/smmu-internal.h b/hw/arm/smmu-internal.h
34
index XXXXXXX..XXXXXXX 100644
23
index XXXXXXX..XXXXXXX 100644
35
--- a/hw/arm/smmuv3-internal.h
24
--- a/hw/arm/smmu-internal.h
36
+++ b/hw/arm/smmuv3-internal.h
25
+++ b/hw/arm/smmu-internal.h
37
@@ -XXX,XX +XXX,XX @@ REG32(CR0ACK, 0x24)
26
@@ -XXX,XX +XXX,XX @@ typedef struct SMMUIOTLBPageInvInfo {
38
REG32(CR1, 0x28)
27
uint64_t mask;
39
REG32(CR2, 0x2c)
28
} SMMUIOTLBPageInvInfo;
40
REG32(STATUSR, 0x40)
29
41
+REG32(GBPA, 0x44)
30
-typedef struct SMMUSIDRange {
42
+ FIELD(GBPA, ABORT, 20, 1)
31
- uint32_t start;
43
+ FIELD(GBPA, UPDATE, 31, 1)
32
- uint32_t end;
33
-} SMMUSIDRange;
34
-
35
#endif
36
diff --git a/include/hw/arm/smmu-common.h b/include/hw/arm/smmu-common.h
37
index XXXXXXX..XXXXXXX 100644
38
--- a/include/hw/arm/smmu-common.h
39
+++ b/include/hw/arm/smmu-common.h
40
@@ -XXX,XX +XXX,XX @@ typedef struct SMMUIOTLBKey {
41
uint8_t level;
42
} SMMUIOTLBKey;
43
44
+typedef struct SMMUSIDRange {
45
+ uint32_t start;
46
+ uint32_t end;
47
+} SMMUSIDRange;
44
+
48
+
45
+/* Use incoming. */
49
struct SMMUState {
46
+#define SMMU_GBPA_RESET_VAL 0x1000
50
/* <private> */
51
SysBusDevice dev;
52
@@ -XXX,XX +XXX,XX @@ void smmu_iotlb_inv_iova(SMMUState *s, int asid, int vmid, dma_addr_t iova,
53
uint8_t tg, uint64_t num_pages, uint8_t ttl);
54
void smmu_iotlb_inv_ipa(SMMUState *s, int vmid, dma_addr_t ipa, uint8_t tg,
55
uint64_t num_pages, uint8_t ttl);
56
+void smmu_configs_inv_sid_range(SMMUState *s, SMMUSIDRange sid_range);
57
/* Unmap the range of all the notifiers registered to any IOMMU mr */
58
void smmu_inv_notifiers_all(SMMUState *s);
59
60
diff --git a/hw/arm/smmu-common.c b/hw/arm/smmu-common.c
61
index XXXXXXX..XXXXXXX 100644
62
--- a/hw/arm/smmu-common.c
63
+++ b/hw/arm/smmu-common.c
64
@@ -XXX,XX +XXX,XX @@ static gboolean smmu_hash_remove_by_vmid_ipa(gpointer key, gpointer value,
65
((entry->iova & ~info->mask) == info->iova);
66
}
67
68
+static gboolean
69
+smmu_hash_remove_by_sid_range(gpointer key, gpointer value, gpointer user_data)
70
+{
71
+ SMMUDevice *sdev = (SMMUDevice *)key;
72
+ uint32_t sid = smmu_get_sid(sdev);
73
+ SMMUSIDRange *sid_range = (SMMUSIDRange *)user_data;
47
+
74
+
48
REG32(IRQ_CTRL, 0x50)
75
+ if (sid < sid_range->start || sid > sid_range->end) {
49
FIELD(IRQ_CTRL, GERROR_IRQEN, 0, 1)
76
+ return false;
50
FIELD(IRQ_CTRL, PRI_IRQEN, 1, 1)
77
+ }
51
diff --git a/include/hw/arm/smmuv3.h b/include/hw/arm/smmuv3.h
78
+ trace_smmu_config_cache_inv(sid);
52
index XXXXXXX..XXXXXXX 100644
79
+ return true;
53
--- a/include/hw/arm/smmuv3.h
80
+}
54
+++ b/include/hw/arm/smmuv3.h
81
+
55
@@ -XXX,XX +XXX,XX @@ struct SMMUv3State {
82
+void smmu_configs_inv_sid_range(SMMUState *s, SMMUSIDRange sid_range)
56
uint32_t cr[3];
83
+{
57
uint32_t cr0ack;
84
+ trace_smmu_configs_inv_sid_range(sid_range.start, sid_range.end);
58
uint32_t statusr;
85
+ g_hash_table_foreach_remove(s->configs, smmu_hash_remove_by_sid_range,
59
+ uint32_t gbpa;
86
+ &sid_range);
60
uint32_t irq_ctrl;
87
+}
61
uint32_t gerror;
88
+
62
uint32_t gerrorn;
89
void smmu_iotlb_inv_iova(SMMUState *s, int asid, int vmid, dma_addr_t iova,
90
uint8_t tg, uint64_t num_pages, uint8_t ttl)
91
{
63
diff --git a/hw/arm/smmuv3.c b/hw/arm/smmuv3.c
92
diff --git a/hw/arm/smmuv3.c b/hw/arm/smmuv3.c
64
index XXXXXXX..XXXXXXX 100644
93
index XXXXXXX..XXXXXXX 100644
65
--- a/hw/arm/smmuv3.c
94
--- a/hw/arm/smmuv3.c
66
+++ b/hw/arm/smmuv3.c
95
+++ b/hw/arm/smmuv3.c
67
@@ -XXX,XX +XXX,XX @@ static void smmuv3_init_regs(SMMUv3State *s)
96
@@ -XXX,XX +XXX,XX @@ static void smmuv3_flush_config(SMMUDevice *sdev)
68
s->gerror = 0;
97
SMMUv3State *s = sdev->smmu;
69
s->gerrorn = 0;
98
SMMUState *bc = &s->smmu_state;
70
s->statusr = 0;
99
71
+ s->gbpa = SMMU_GBPA_RESET_VAL;
100
- trace_smmuv3_config_cache_inv(smmu_get_sid(sdev));
101
+ trace_smmu_config_cache_inv(smmu_get_sid(sdev));
102
g_hash_table_remove(bc->configs, sdev);
72
}
103
}
73
104
74
static int smmu_get_ste(SMMUv3State *s, dma_addr_t addr, STE *buf,
105
@@ -XXX,XX +XXX,XX @@ static void smmuv3_range_inval(SMMUState *s, Cmd *cmd, SMMUStage stage)
75
@@ -XXX,XX +XXX,XX @@ static IOMMUTLBEntry smmuv3_translate(IOMMUMemoryRegion *mr, hwaddr addr,
76
qemu_mutex_lock(&s->mutex);
77
78
if (!smmu_enabled(s)) {
79
- status = SMMU_TRANS_DISABLE;
80
+ if (FIELD_EX32(s->gbpa, GBPA, ABORT)) {
81
+ status = SMMU_TRANS_ABORT;
82
+ } else {
83
+ status = SMMU_TRANS_DISABLE;
84
+ }
85
goto epilogue;
86
}
106
}
87
107
}
88
@@ -XXX,XX +XXX,XX @@ static MemTxResult smmu_writel(SMMUv3State *s, hwaddr offset,
108
89
case A_GERROR_IRQ_CFG2:
109
-static gboolean
90
s->gerror_irq_cfg2 = data;
110
-smmuv3_invalidate_ste(gpointer key, gpointer value, gpointer user_data)
91
return MEMTX_OK;
111
-{
92
+ case A_GBPA:
112
- SMMUDevice *sdev = (SMMUDevice *)key;
93
+ /*
113
- uint32_t sid = smmu_get_sid(sdev);
94
+ * If UPDATE is not set, the write is ignored. This is the only
114
- SMMUSIDRange *sid_range = (SMMUSIDRange *)user_data;
95
+ * permitted behavior in SMMUv3.2 and later.
115
-
96
+ */
116
- if (sid < sid_range->start || sid > sid_range->end) {
97
+ if (data & R_GBPA_UPDATE_MASK) {
117
- return false;
98
+ /* Ignore update bit as write is synchronous. */
118
- }
99
+ s->gbpa = data & ~R_GBPA_UPDATE_MASK;
119
- trace_smmuv3_config_cache_inv(sid);
100
+ }
120
- return true;
101
+ return MEMTX_OK;
121
-}
102
case A_STRTAB_BASE: /* 64b */
122
-
103
s->strtab_base = deposit64(s->strtab_base, 0, 32, data);
123
static int smmuv3_cmdq_consume(SMMUv3State *s)
104
return MEMTX_OK;
124
{
105
@@ -XXX,XX +XXX,XX @@ static MemTxResult smmu_readl(SMMUv3State *s, hwaddr offset,
125
SMMUState *bs = ARM_SMMU(s);
106
case A_STATUSR:
126
@@ -XXX,XX +XXX,XX @@ static int smmuv3_cmdq_consume(SMMUv3State *s)
107
*data = s->statusr;
127
sid_range.end = sid_range.start + mask;
108
return MEMTX_OK;
128
109
+ case A_GBPA:
129
trace_smmuv3_cmdq_cfgi_ste_range(sid_range.start, sid_range.end);
110
+ *data = s->gbpa;
130
- g_hash_table_foreach_remove(bs->configs, smmuv3_invalidate_ste,
111
+ return MEMTX_OK;
131
- &sid_range);
112
case A_IRQ_CTRL:
132
+ smmu_configs_inv_sid_range(bs, sid_range);
113
case A_IRQ_CTRL_ACK:
133
break;
114
*data = s->irq_ctrl;
134
}
115
@@ -XXX,XX +XXX,XX @@ static const VMStateDescription vmstate_smmuv3_queue = {
135
case SMMU_CMD_CFGI_CD:
116
},
136
diff --git a/hw/arm/trace-events b/hw/arm/trace-events
117
};
137
index XXXXXXX..XXXXXXX 100644
118
138
--- a/hw/arm/trace-events
119
+static bool smmuv3_gbpa_needed(void *opaque)
139
+++ b/hw/arm/trace-events
120
+{
140
@@ -XXX,XX +XXX,XX @@ smmu_iotlb_inv_asid_vmid(int asid, int vmid) "IOTLB invalidate asid=%d vmid=%d"
121
+ SMMUv3State *s = opaque;
141
smmu_iotlb_inv_vmid(int vmid) "IOTLB invalidate vmid=%d"
122
+
142
smmu_iotlb_inv_vmid_s1(int vmid) "IOTLB invalidate vmid=%d"
123
+ /* Only migrate GBPA if it has different reset value. */
143
smmu_iotlb_inv_iova(int asid, uint64_t addr) "IOTLB invalidate asid=%d addr=0x%"PRIx64
124
+ return s->gbpa != SMMU_GBPA_RESET_VAL;
144
+smmu_configs_inv_sid_range(uint32_t start, uint32_t end) "Config cache INV SID range from 0x%x to 0x%x"
125
+}
145
+smmu_config_cache_inv(uint32_t sid) "Config cache INV for sid=0x%x"
126
+
146
smmu_inv_notifiers_mr(const char *name) "iommu mr=%s"
127
+static const VMStateDescription vmstate_gbpa = {
147
smmu_iotlb_lookup_hit(int asid, int vmid, uint64_t addr, uint32_t hit, uint32_t miss, uint32_t p) "IOTLB cache HIT asid=%d vmid=%d addr=0x%"PRIx64" hit=%d miss=%d hit rate=%d"
128
+ .name = "smmuv3/gbpa",
148
smmu_iotlb_lookup_miss(int asid, int vmid, uint64_t addr, uint32_t hit, uint32_t miss, uint32_t p) "IOTLB cache MISS asid=%d vmid=%d addr=0x%"PRIx64" hit=%d miss=%d hit rate=%d"
129
+ .version_id = 1,
149
@@ -XXX,XX +XXX,XX @@ smmuv3_cmdq_tlbi_nh(int vmid) "vmid=%d"
130
+ .minimum_version_id = 1,
150
smmuv3_cmdq_tlbi_nsnh(void) ""
131
+ .needed = smmuv3_gbpa_needed,
151
smmuv3_cmdq_tlbi_nh_asid(int asid) "asid=%d"
132
+ .fields = (VMStateField[]) {
152
smmuv3_cmdq_tlbi_s12_vmid(int vmid) "vmid=%d"
133
+ VMSTATE_UINT32(gbpa, SMMUv3State),
153
-smmuv3_config_cache_inv(uint32_t sid) "Config cache INV for sid=0x%x"
134
+ VMSTATE_END_OF_LIST()
154
smmuv3_notify_flag_add(const char *iommu) "ADD SMMUNotifier node for iommu mr=%s"
135
+ }
155
smmuv3_notify_flag_del(const char *iommu) "DEL SMMUNotifier node for iommu mr=%s"
136
+};
156
smmuv3_inv_notifiers_iova(const char *name, int asid, int vmid, uint64_t iova, uint8_t tg, uint64_t num_pages, int stage) "iommu mr=%s asid=%d vmid=%d iova=0x%"PRIx64" tg=%d num_pages=0x%"PRIx64" stage=%d"
137
+
138
static const VMStateDescription vmstate_smmuv3 = {
139
.name = "smmuv3",
140
.version_id = 1,
141
@@ -XXX,XX +XXX,XX @@ static const VMStateDescription vmstate_smmuv3 = {
142
143
VMSTATE_END_OF_LIST(),
144
},
145
+ .subsections = (const VMStateDescription * []) {
146
+ &vmstate_gbpa,
147
+ NULL
148
+ }
149
};
150
151
static void smmuv3_instance_init(Object *obj)
152
--
157
--
153
2.34.1
158
2.43.0
diff view generated by jsdifflib
Deleted patch
1
From: Philippe Mathieu-Daudé <philmd@linaro.org>
2
1
3
Since commit acc0b8b05a when running the ZynqMP ZCU102 board with
4
a QEMU configured using --without-default-devices, we get:
5
6
$ qemu-system-aarch64 -M xlnx-zcu102
7
qemu-system-aarch64: missing object type 'usb_dwc3'
8
Abort trap: 6
9
10
Fix by adding the missing Kconfig dependency.
11
12
Fixes: acc0b8b05a ("hw/arm/xlnx-zynqmp: Connect ZynqMP's USB controllers")
13
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
14
Message-id: 20230216092327.2203-1-philmd@linaro.org
15
Reviewed-by: Francisco Iglesias <francisco.iglesias@amd.com>
16
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
17
---
18
hw/arm/Kconfig | 1 +
19
1 file changed, 1 insertion(+)
20
21
diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
22
index XXXXXXX..XXXXXXX 100644
23
--- a/hw/arm/Kconfig
24
+++ b/hw/arm/Kconfig
25
@@ -XXX,XX +XXX,XX @@ config XLNX_ZYNQMP_ARM
26
select XLNX_CSU_DMA
27
select XLNX_ZYNQMP
28
select XLNX_ZDMA
29
+ select USB_DWC3
30
31
config XLNX_VERSAL
32
bool
33
--
34
2.34.1
35
36
diff view generated by jsdifflib
Deleted patch
1
From: Hao Wu <wuhaotsh@google.com>
2
1
3
Havard is no longer working on the Nuvoton systems for a while
4
and won't be able to do any work on it in the future. So I'll
5
take over maintaining the Nuvoton system from him.
6
7
Signed-off-by: Hao Wu <wuhaotsh@google.com>
8
Acked-by: Havard Skinnemoen <hskinnemoen@google.com>
9
Reviewed-by: Philippe Mathieu-Daude <philmd@linaro.org>
10
Message-id: 20230208235433.3989937-2-wuhaotsh@google.com
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
---
13
MAINTAINERS | 2 +-
14
1 file changed, 1 insertion(+), 1 deletion(-)
15
16
diff --git a/MAINTAINERS b/MAINTAINERS
17
index XXXXXXX..XXXXXXX 100644
18
--- a/MAINTAINERS
19
+++ b/MAINTAINERS
20
@@ -XXX,XX +XXX,XX @@ F: include/hw/net/mv88w8618_eth.h
21
F: docs/system/arm/musicpal.rst
22
23
Nuvoton NPCM7xx
24
-M: Havard Skinnemoen <hskinnemoen@google.com>
25
M: Tyrone Ting <kfting@nuvoton.com>
26
+M: Hao Wu <wuhaotsh@google.com>
27
L: qemu-arm@nongnu.org
28
S: Supported
29
F: hw/*/npcm7xx*
30
--
31
2.34.1
diff view generated by jsdifflib
Deleted patch
1
From: Hao Wu <wuhaotsh@google.com>
2
1
3
Signed-off-by: Hao Wu <wuhaotsh@google.com>
4
Reviewed-by: Titus Rwantare <titusr@google.com>
5
Reviewed-by: Philippe Mathieu-Daude <philmd@linaro.org>
6
Message-id: 20230208235433.3989937-4-wuhaotsh@google.com
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
---
9
docs/system/arm/nuvoton.rst | 2 +-
10
include/hw/arm/npcm7xx.h | 2 ++
11
hw/arm/npcm7xx.c | 25 +++++++++++++++++++++++--
12
3 files changed, 26 insertions(+), 3 deletions(-)
13
14
diff --git a/docs/system/arm/nuvoton.rst b/docs/system/arm/nuvoton.rst
15
index XXXXXXX..XXXXXXX 100644
16
--- a/docs/system/arm/nuvoton.rst
17
+++ b/docs/system/arm/nuvoton.rst
18
@@ -XXX,XX +XXX,XX @@ Supported devices
19
* SMBus controller (SMBF)
20
* Ethernet controller (EMC)
21
* Tachometer
22
+ * Peripheral SPI controller (PSPI)
23
24
Missing devices
25
---------------
26
@@ -XXX,XX +XXX,XX @@ Missing devices
27
28
* Ethernet controller (GMAC)
29
* USB device (USBD)
30
- * Peripheral SPI controller (PSPI)
31
* SD/MMC host
32
* PECI interface
33
* PCI and PCIe root complex and bridges
34
diff --git a/include/hw/arm/npcm7xx.h b/include/hw/arm/npcm7xx.h
35
index XXXXXXX..XXXXXXX 100644
36
--- a/include/hw/arm/npcm7xx.h
37
+++ b/include/hw/arm/npcm7xx.h
38
@@ -XXX,XX +XXX,XX @@
39
#include "hw/nvram/npcm7xx_otp.h"
40
#include "hw/timer/npcm7xx_timer.h"
41
#include "hw/ssi/npcm7xx_fiu.h"
42
+#include "hw/ssi/npcm_pspi.h"
43
#include "hw/usb/hcd-ehci.h"
44
#include "hw/usb/hcd-ohci.h"
45
#include "target/arm/cpu.h"
46
@@ -XXX,XX +XXX,XX @@ struct NPCM7xxState {
47
NPCM7xxFIUState fiu[2];
48
NPCM7xxEMCState emc[2];
49
NPCM7xxSDHCIState mmc;
50
+ NPCMPSPIState pspi[2];
51
};
52
53
#define TYPE_NPCM7XX "npcm7xx"
54
diff --git a/hw/arm/npcm7xx.c b/hw/arm/npcm7xx.c
55
index XXXXXXX..XXXXXXX 100644
56
--- a/hw/arm/npcm7xx.c
57
+++ b/hw/arm/npcm7xx.c
58
@@ -XXX,XX +XXX,XX @@ enum NPCM7xxInterrupt {
59
NPCM7XX_EMC1RX_IRQ = 15,
60
NPCM7XX_EMC1TX_IRQ,
61
NPCM7XX_MMC_IRQ = 26,
62
+ NPCM7XX_PSPI2_IRQ = 28,
63
+ NPCM7XX_PSPI1_IRQ = 31,
64
NPCM7XX_TIMER0_IRQ = 32, /* Timer Module 0 */
65
NPCM7XX_TIMER1_IRQ,
66
NPCM7XX_TIMER2_IRQ,
67
@@ -XXX,XX +XXX,XX @@ static const hwaddr npcm7xx_emc_addr[] = {
68
0xf0826000,
69
};
70
71
+/* Register base address for each PSPI Module */
72
+static const hwaddr npcm7xx_pspi_addr[] = {
73
+ 0xf0200000,
74
+ 0xf0201000,
75
+};
76
+
77
static const struct {
78
hwaddr regs_addr;
79
uint32_t unconnected_pins;
80
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_init(Object *obj)
81
object_initialize_child(obj, "emc[*]", &s->emc[i], TYPE_NPCM7XX_EMC);
82
}
83
84
+ for (i = 0; i < ARRAY_SIZE(s->pspi); i++) {
85
+ object_initialize_child(obj, "pspi[*]", &s->pspi[i], TYPE_NPCM_PSPI);
86
+ }
87
+
88
object_initialize_child(obj, "mmc", &s->mmc, TYPE_NPCM7XX_SDHCI);
89
}
90
91
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_realize(DeviceState *dev, Error **errp)
92
sysbus_connect_irq(SYS_BUS_DEVICE(&s->mmc), 0,
93
npcm7xx_irq(s, NPCM7XX_MMC_IRQ));
94
95
+ /* PSPI */
96
+ QEMU_BUILD_BUG_ON(ARRAY_SIZE(npcm7xx_pspi_addr) != ARRAY_SIZE(s->pspi));
97
+ for (i = 0; i < ARRAY_SIZE(s->pspi); i++) {
98
+ SysBusDevice *sbd = SYS_BUS_DEVICE(&s->pspi[i]);
99
+ int irq = (i == 0) ? NPCM7XX_PSPI1_IRQ : NPCM7XX_PSPI2_IRQ;
100
+
101
+ sysbus_realize(sbd, &error_abort);
102
+ sysbus_mmio_map(sbd, 0, npcm7xx_pspi_addr[i]);
103
+ sysbus_connect_irq(sbd, 0, npcm7xx_irq(s, irq));
104
+ }
105
+
106
create_unimplemented_device("npcm7xx.shm", 0xc0001000, 4 * KiB);
107
create_unimplemented_device("npcm7xx.vdmx", 0xe0800000, 4 * KiB);
108
create_unimplemented_device("npcm7xx.pcierc", 0xe1000000, 64 * KiB);
109
@@ -XXX,XX +XXX,XX @@ static void npcm7xx_realize(DeviceState *dev, Error **errp)
110
create_unimplemented_device("npcm7xx.peci", 0xf0100000, 4 * KiB);
111
create_unimplemented_device("npcm7xx.siox[1]", 0xf0101000, 4 * KiB);
112
create_unimplemented_device("npcm7xx.siox[2]", 0xf0102000, 4 * KiB);
113
- create_unimplemented_device("npcm7xx.pspi1", 0xf0200000, 4 * KiB);
114
- create_unimplemented_device("npcm7xx.pspi2", 0xf0201000, 4 * KiB);
115
create_unimplemented_device("npcm7xx.ahbpci", 0xf0400000, 1 * MiB);
116
create_unimplemented_device("npcm7xx.mcphy", 0xf05f0000, 64 * KiB);
117
create_unimplemented_device("npcm7xx.gmac1", 0xf0802000, 8 * KiB);
118
--
119
2.34.1
diff view generated by jsdifflib
1
From: Jean-Philippe Brucker <jean-philippe@linaro.org>
1
From: Keith Packard <keithp@keithp.com>
2
2
3
Addresses targeting the second translation table (TTB1) in the SMMU have
3
The documentation says the vector is at 0xffffff80, instead of the
4
all upper bits set (except for the top byte when TBI is enabled). Fix
4
previous value of 0xffffffc0. That value must have been a bug because
5
the TTB1 check.
5
the standard vector values (20, 21, 23, 25, 30) were all
6
past the end of the array.
6
7
7
Reported-by: Ola Hugosson <ola.hugosson@arm.com>
8
Signed-off-by: Keith Packard <keithp@keithp.com>
8
Reviewed-by: Eric Auger <eric.auger@redhat.com>
9
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
9
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
10
Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
11
Message-id: 20230214171921.1917916-3-jean-philippe@linaro.org
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
---
11
---
14
hw/arm/smmu-common.c | 2 +-
12
target/rx/helper.c | 2 +-
15
1 file changed, 1 insertion(+), 1 deletion(-)
13
1 file changed, 1 insertion(+), 1 deletion(-)
16
14
17
diff --git a/hw/arm/smmu-common.c b/hw/arm/smmu-common.c
15
diff --git a/target/rx/helper.c b/target/rx/helper.c
18
index XXXXXXX..XXXXXXX 100644
16
index XXXXXXX..XXXXXXX 100644
19
--- a/hw/arm/smmu-common.c
17
--- a/target/rx/helper.c
20
+++ b/hw/arm/smmu-common.c
18
+++ b/target/rx/helper.c
21
@@ -XXX,XX +XXX,XX @@ SMMUTransTableInfo *select_tt(SMMUTransCfg *cfg, dma_addr_t iova)
19
@@ -XXX,XX +XXX,XX @@ void rx_cpu_do_interrupt(CPUState *cs)
22
/* there is a ttbr0 region and we are in it (high bits all zero) */
20
cpu_stl_data(env, env->isp, env->pc);
23
return &cfg->tt[0];
21
24
} else if (cfg->tt[1].tsz &&
22
if (vec < 0x100) {
25
- !extract64(iova, 64 - cfg->tt[1].tsz, cfg->tt[1].tsz - tbi_byte)) {
23
- env->pc = cpu_ldl_data(env, 0xffffffc0 + vec * 4);
26
+ sextract64(iova, 64 - cfg->tt[1].tsz, cfg->tt[1].tsz - tbi_byte) == -1) {
24
+ env->pc = cpu_ldl_data(env, 0xffffff80 + vec * 4);
27
/* there is a ttbr1 region and we are in it (high bits all one) */
25
} else {
28
return &cfg->tt[1];
26
env->pc = cpu_ldl_data(env, env->intb + (vec & 0xff) * 4);
29
} else if (!cfg->tt[0].tsz) {
27
}
30
--
28
--
31
2.34.1
29
2.43.0
diff view generated by jsdifflib
1
From: Fabiano Rosas <farosas@suse.de>
1
From: Keith Packard <keithp@keithp.com>
2
2
3
Signed-off-by: Fabiano Rosas <farosas@suse.de>
3
Functions which modify TCG globals must not be marked TCG_CALL_NO_WG,
4
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
4
as that tells the optimizer that TCG global values already loaded in
5
Acked-by: Thomas Huth <thuth@redhat.com>
5
machine registers are still valid, and so any changes which these
6
helpers make to the CPU state may be ignored.
7
8
The target/rx code chooses to put (among other things) all the PSW
9
bits and also ACC into globals, so the NO_WG flag on various
10
functions that touch the PSW or ACC is incorrect and must be removed.
11
This includes all the floating point helper functions, because
12
update_fpsw() will update PSW Z and S.
13
14
Signed-off-by: Keith Packard <keithp@keithp.com>
15
[PMM: Clarified commit message]
16
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
6
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
17
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
---
18
---
8
tests/qtest/arm-cpu-features.c | 28 ++++++++++++++++++----------
19
target/rx/helper.h | 34 +++++++++++++++++-----------------
9
1 file changed, 18 insertions(+), 10 deletions(-)
20
1 file changed, 17 insertions(+), 17 deletions(-)
10
21
11
diff --git a/tests/qtest/arm-cpu-features.c b/tests/qtest/arm-cpu-features.c
22
diff --git a/target/rx/helper.h b/target/rx/helper.h
12
index XXXXXXX..XXXXXXX 100644
23
index XXXXXXX..XXXXXXX 100644
13
--- a/tests/qtest/arm-cpu-features.c
24
--- a/target/rx/helper.h
14
+++ b/tests/qtest/arm-cpu-features.c
25
+++ b/target/rx/helper.h
15
@@ -XXX,XX +XXX,XX @@
26
@@ -XXX,XX +XXX,XX @@ DEF_HELPER_1(raise_privilege_violation, noreturn, env)
16
#define SVE_MAX_VQ 16
27
DEF_HELPER_1(wait, noreturn, env)
17
28
DEF_HELPER_2(rxint, noreturn, env, i32)
18
#define MACHINE "-machine virt,gic-version=max -accel tcg "
29
DEF_HELPER_1(rxbrk, noreturn, env)
19
-#define MACHINE_KVM "-machine virt,gic-version=max -accel kvm -accel tcg "
30
-DEF_HELPER_FLAGS_3(fadd, TCG_CALL_NO_WG, f32, env, f32, f32)
20
+#define MACHINE_KVM "-machine virt,gic-version=max -accel kvm "
31
-DEF_HELPER_FLAGS_3(fsub, TCG_CALL_NO_WG, f32, env, f32, f32)
21
#define QUERY_HEAD "{ 'execute': 'query-cpu-model-expansion', " \
32
-DEF_HELPER_FLAGS_3(fmul, TCG_CALL_NO_WG, f32, env, f32, f32)
22
" 'arguments': { 'type': 'full', "
33
-DEF_HELPER_FLAGS_3(fdiv, TCG_CALL_NO_WG, f32, env, f32, f32)
23
#define QUERY_TAIL "}}"
34
-DEF_HELPER_FLAGS_3(fcmp, TCG_CALL_NO_WG, void, env, f32, f32)
24
@@ -XXX,XX +XXX,XX @@ int main(int argc, char **argv)
35
-DEF_HELPER_FLAGS_2(ftoi, TCG_CALL_NO_WG, i32, env, f32)
25
{
36
-DEF_HELPER_FLAGS_2(round, TCG_CALL_NO_WG, i32, env, f32)
26
g_test_init(&argc, &argv, NULL);
37
-DEF_HELPER_FLAGS_2(itof, TCG_CALL_NO_WG, f32, env, i32)
27
38
+DEF_HELPER_3(fadd, f32, env, f32, f32)
28
- qtest_add_data_func("/arm/query-cpu-model-expansion",
39
+DEF_HELPER_3(fsub, f32, env, f32, f32)
29
- NULL, test_query_cpu_model_expansion);
40
+DEF_HELPER_3(fmul, f32, env, f32, f32)
30
+ if (qtest_has_accel("tcg")) {
41
+DEF_HELPER_3(fdiv, f32, env, f32, f32)
31
+ qtest_add_data_func("/arm/query-cpu-model-expansion",
42
+DEF_HELPER_3(fcmp, void, env, f32, f32)
32
+ NULL, test_query_cpu_model_expansion);
43
+DEF_HELPER_2(ftoi, i32, env, f32)
33
+ }
44
+DEF_HELPER_2(round, i32, env, f32)
34
+
45
+DEF_HELPER_2(itof, f32, env, i32)
35
+ if (!g_str_equal(qtest_get_arch(), "aarch64")) {
46
DEF_HELPER_2(set_fpsw, void, env, i32)
36
+ goto out;
47
-DEF_HELPER_FLAGS_2(racw, TCG_CALL_NO_WG, void, env, i32)
37
+ }
48
-DEF_HELPER_FLAGS_2(set_psw_rte, TCG_CALL_NO_WG, void, env, i32)
38
49
-DEF_HELPER_FLAGS_2(set_psw, TCG_CALL_NO_WG, void, env, i32)
39
/*
50
+DEF_HELPER_2(racw, void, env, i32)
40
* For now we only run KVM specific tests with AArch64 QEMU in
51
+DEF_HELPER_2(set_psw_rte, void, env, i32)
41
* order avoid attempting to run an AArch32 QEMU with KVM on
52
+DEF_HELPER_2(set_psw, void, env, i32)
42
* AArch64 hosts. That won't work and isn't easy to detect.
53
DEF_HELPER_1(pack_psw, i32, env)
43
*/
54
-DEF_HELPER_FLAGS_3(div, TCG_CALL_NO_WG, i32, env, i32, i32)
44
- if (g_str_equal(qtest_get_arch(), "aarch64") && qtest_has_accel("kvm")) {
55
-DEF_HELPER_FLAGS_3(divu, TCG_CALL_NO_WG, i32, env, i32, i32)
45
+ if (qtest_has_accel("kvm")) {
56
-DEF_HELPER_FLAGS_1(scmpu, TCG_CALL_NO_WG, void, env)
46
/*
57
+DEF_HELPER_3(div, i32, env, i32, i32)
47
* This tests target the 'host' CPU type, so register it only if
58
+DEF_HELPER_3(divu, i32, env, i32, i32)
48
* KVM is available.
59
+DEF_HELPER_1(scmpu, void, env)
49
*/
60
DEF_HELPER_1(smovu, void, env)
50
qtest_add_data_func("/arm/kvm/query-cpu-model-expansion",
61
DEF_HELPER_1(smovf, void, env)
51
NULL, test_query_cpu_model_expansion_kvm);
62
DEF_HELPER_1(smovb, void, env)
52
- }
63
DEF_HELPER_2(sstr, void, env, i32)
53
64
-DEF_HELPER_FLAGS_2(swhile, TCG_CALL_NO_WG, void, env, i32)
54
- if (g_str_equal(qtest_get_arch(), "aarch64")) {
65
-DEF_HELPER_FLAGS_2(suntil, TCG_CALL_NO_WG, void, env, i32)
55
- qtest_add_data_func("/arm/max/query-cpu-model-expansion/sve-max-vq-8",
66
-DEF_HELPER_FLAGS_2(rmpa, TCG_CALL_NO_WG, void, env, i32)
56
- NULL, sve_tests_sve_max_vq_8);
67
+DEF_HELPER_2(swhile, void, env, i32)
57
- qtest_add_data_func("/arm/max/query-cpu-model-expansion/sve-off",
68
+DEF_HELPER_2(suntil, void, env, i32)
58
- NULL, sve_tests_sve_off);
69
+DEF_HELPER_2(rmpa, void, env, i32)
59
qtest_add_data_func("/arm/kvm/query-cpu-model-expansion/sve-off",
70
DEF_HELPER_1(satr, void, env)
60
NULL, sve_tests_sve_off_kvm);
61
}
62
63
+ if (qtest_has_accel("tcg")) {
64
+ qtest_add_data_func("/arm/max/query-cpu-model-expansion/sve-max-vq-8",
65
+ NULL, sve_tests_sve_max_vq_8);
66
+ qtest_add_data_func("/arm/max/query-cpu-model-expansion/sve-off",
67
+ NULL, sve_tests_sve_off);
68
+ }
69
+
70
+out:
71
return g_test_run();
72
}
73
--
71
--
74
2.34.1
72
2.43.0
diff view generated by jsdifflib