[PULL 00/21] target-arm queue
[PULL 0/7] target-arm queue
1
The following changes since commit f003dd8d81f7d88f4b1f8802309eaa76f6eb223a:
1
A last small test of bug fixes before rc1.
2
2
3
Merge tag 'pull-tcg-20230305' of https://gitlab.com/rth7680/qemu into staging (2023-03-06 10:20:04 +0000)
3
thanks
4
-- PMM
5
6
The following changes since commit ed8ad9728a9c0eec34db9dff61dfa2f1dd625637:
7
8
Merge tag 'pull-tpm-2023-07-14-1' of https://github.com/stefanberger/qemu-tpm into staging (2023-07-15 14:54:04 +0100)
4
9
5
are available in the Git repository at:
10
are available in the Git repository at:
6
11
7
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20230306
12
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20230717
8
13
9
for you to fetch changes up to 2ddc45954f97cd1d7ee5cbca0def05e980d1da9f:
14
for you to fetch changes up to c2c1c4a35c7c2b1a4140b0942b9797c857e476a4:
10
15
11
hw: arm: allwinner-h3: Fix and complete H3 i2c devices (2023-03-06 15:31:24 +0000)
16
hw/nvram: Avoid unnecessary Xilinx eFuse backstore write (2023-07-17 11:05:52 +0100)
12
17
13
----------------------------------------------------------------
18
----------------------------------------------------------------
14
target-arm queue:
19
target-arm queue:
15
* allwinner-h3: Fix I2C controller model for Sun6i SoCs
20
* hw/arm/sbsa-ref: set 'slots' property of xhci
16
* allwinner-h3: Add missing i2c controllers
21
* linux-user: Remove pointless NULL check in clock_adjtime handling
17
* Expose M-profile system registers to gdbstub
22
* ptw: Fix S1_ptw_translate() debug path
18
* Expose pauth information to gdbstub
23
* ptw: Account for FEAT_RME when applying {N}SW, SA bits
19
* Support direct boot for Linux/arm64 EFI zboot images
24
* accel/tcg: Zero-pad PC in TCG CPU exec trace lines
20
* Fix incorrect stage 2 MMU setup validation
25
* hw/nvram: Avoid unnecessary Xilinx eFuse backstore write
21
26
22
----------------------------------------------------------------
27
----------------------------------------------------------------
23
Ard Biesheuvel (1):
28
Peter Maydell (5):
24
hw: arm: Support direct boot for Linux/arm64 EFI zboot images
29
linux-user: Remove pointless NULL check in clock_adjtime handling
30
target/arm/ptw.c: Add comments to S1Translate struct fields
31
target/arm: Fix S1_ptw_translate() debug path
32
target/arm/ptw.c: Account for FEAT_RME when applying {N}SW, SA bits
33
accel/tcg: Zero-pad PC in TCG CPU exec trace lines
25
34
26
David Reiss (2):
35
Tong Ho (1):
27
target/arm: Export arm_v7m_mrs_control
36
hw/nvram: Avoid unnecessary Xilinx eFuse backstore write
28
target/arm: Export arm_v7m_get_sp_ptr
29
37
30
Richard Henderson (16):
38
Yuquan Wang (1):
31
target/arm: Normalize aarch64 gdbstub get/set function names
39
hw/arm/sbsa-ref: set 'slots' property of xhci
32
target/arm: Unexport arm_gen_dynamic_sysreg_xml
33
target/arm: Move arm_gen_dynamic_svereg_xml to gdbstub64.c
34
target/arm: Split out output_vector_union_type
35
target/arm: Simplify register counting in arm_gen_dynamic_svereg_xml
36
target/arm: Hoist pred_width in arm_gen_dynamic_svereg_xml
37
target/arm: Fix svep width in arm_gen_dynamic_svereg_xml
38
target/arm: Add name argument to output_vector_union_type
39
target/arm: Simplify iteration over bit widths
40
target/arm: Create pauth_ptr_mask
41
target/arm: Implement gdbstub pauth extension
42
target/arm: Implement gdbstub m-profile systemreg and secext
43
target/arm: Handle m-profile in arm_is_secure
44
target/arm: Stub arm_hcr_el2_eff for m-profile
45
target/arm: Diagnose incorrect usage of arm_is_secure subroutines
46
target/arm: Rewrite check_s2_mmu_setup
47
40
48
qianfan Zhao (2):
41
accel/tcg/cpu-exec.c | 4 +--
49
hw: allwinner-i2c: Fix TWI_CNTR_INT_FLAG on SUN6i SoCs
42
accel/tcg/translate-all.c | 2 +-
50
hw: arm: allwinner-h3: Fix and complete H3 i2c devices
43
hw/arm/sbsa-ref.c | 1 +
51
44
hw/nvram/xlnx-efuse.c | 11 ++++--
52
configs/targets/aarch64-linux-user.mak | 2 +-
45
linux-user/syscall.c | 12 +++----
53
configs/targets/aarch64-softmmu.mak | 2 +-
46
target/arm/ptw.c | 90 +++++++++++++++++++++++++++++++++++++++++------
54
configs/targets/aarch64_be-linux-user.mak | 2 +-
47
6 files changed, 98 insertions(+), 22 deletions(-)
55
include/hw/arm/allwinner-h3.h | 6 +
56
include/hw/i2c/allwinner-i2c.h | 6 +
57
include/hw/loader.h | 19 ++
58
target/arm/cpu.h | 17 +-
59
target/arm/internals.h | 34 +++-
60
hw/arm/allwinner-h3.c | 29 +++-
61
hw/arm/boot.c | 6 +
62
hw/core/loader.c | 91 ++++++++++
63
hw/i2c/allwinner-i2c.c | 26 ++-
64
target/arm/gdbstub.c | 278 ++++++++++++++++++------------
65
target/arm/gdbstub64.c | 175 ++++++++++++++++++-
66
target/arm/helper.c | 3 +
67
target/arm/ptw.c | 173 +++++++++++--------
68
target/arm/tcg/m_helper.c | 90 +++++-----
69
target/arm/tcg/pauth_helper.c | 26 ++-
70
gdb-xml/aarch64-pauth.xml | 15 ++
71
19 files changed, 742 insertions(+), 258 deletions(-)
72
create mode 100644 gdb-xml/aarch64-pauth.xml
diff view generated by jsdifflib
[PULL 01/21] target/arm: Normalize aarch64 gdbstub get/set function names
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
Make the form of the function names between fp and sve the same:
4
- arm_gdb_*_svereg -> aarch64_gdb_*_sve_reg.
5
- aarch64_fpu_gdb_*_reg -> aarch64_gdb_*_fpu_reg.
6
7
Reviewed-by: Fabiano Rosas <farosas@suse.de>
8
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
9
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
10
Message-id: 20230227213329.793795-2-richard.henderson@linaro.org
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
---
13
target/arm/internals.h | 8 ++++----
14
target/arm/gdbstub.c | 9 +++++----
15
target/arm/gdbstub64.c | 8 ++++----
16
3 files changed, 13 insertions(+), 12 deletions(-)
17
18
diff --git a/target/arm/internals.h b/target/arm/internals.h
19
index XXXXXXX..XXXXXXX 100644
20
--- a/target/arm/internals.h
21
+++ b/target/arm/internals.h
22
@@ -XXX,XX +XXX,XX @@ static inline uint64_t pmu_counter_mask(CPUARMState *env)
23
}
24
25
#ifdef TARGET_AARCH64
26
-int arm_gdb_get_svereg(CPUARMState *env, GByteArray *buf, int reg);
27
-int arm_gdb_set_svereg(CPUARMState *env, uint8_t *buf, int reg);
28
-int aarch64_fpu_gdb_get_reg(CPUARMState *env, GByteArray *buf, int reg);
29
-int aarch64_fpu_gdb_set_reg(CPUARMState *env, uint8_t *buf, int reg);
30
+int aarch64_gdb_get_sve_reg(CPUARMState *env, GByteArray *buf, int reg);
31
+int aarch64_gdb_set_sve_reg(CPUARMState *env, uint8_t *buf, int reg);
32
+int aarch64_gdb_get_fpu_reg(CPUARMState *env, GByteArray *buf, int reg);
33
+int aarch64_gdb_set_fpu_reg(CPUARMState *env, uint8_t *buf, int reg);
34
void arm_cpu_sve_finalize(ARMCPU *cpu, Error **errp);
35
void arm_cpu_sme_finalize(ARMCPU *cpu, Error **errp);
36
void arm_cpu_pauth_finalize(ARMCPU *cpu, Error **errp);
37
diff --git a/target/arm/gdbstub.c b/target/arm/gdbstub.c
38
index XXXXXXX..XXXXXXX 100644
39
--- a/target/arm/gdbstub.c
40
+++ b/target/arm/gdbstub.c
41
@@ -XXX,XX +XXX,XX @@ void arm_cpu_register_gdb_regs_for_features(ARMCPU *cpu)
42
*/
43
#ifdef TARGET_AARCH64
44
if (isar_feature_aa64_sve(&cpu->isar)) {
45
- gdb_register_coprocessor(cs, arm_gdb_get_svereg, arm_gdb_set_svereg,
46
- arm_gen_dynamic_svereg_xml(cs, cs->gdb_num_regs),
47
+ int nreg = arm_gen_dynamic_svereg_xml(cs, cs->gdb_num_regs);
48
+ gdb_register_coprocessor(cs, aarch64_gdb_get_sve_reg,
49
+ aarch64_gdb_set_sve_reg, nreg,
50
"sve-registers.xml", 0);
51
} else {
52
- gdb_register_coprocessor(cs, aarch64_fpu_gdb_get_reg,
53
- aarch64_fpu_gdb_set_reg,
54
+ gdb_register_coprocessor(cs, aarch64_gdb_get_fpu_reg,
55
+ aarch64_gdb_set_fpu_reg,
56
34, "aarch64-fpu.xml", 0);
57
}
58
#endif
59
diff --git a/target/arm/gdbstub64.c b/target/arm/gdbstub64.c
60
index XXXXXXX..XXXXXXX 100644
61
--- a/target/arm/gdbstub64.c
62
+++ b/target/arm/gdbstub64.c
63
@@ -XXX,XX +XXX,XX @@ int aarch64_cpu_gdb_write_register(CPUState *cs, uint8_t *mem_buf, int n)
64
return 0;
65
}
66
67
-int aarch64_fpu_gdb_get_reg(CPUARMState *env, GByteArray *buf, int reg)
68
+int aarch64_gdb_get_fpu_reg(CPUARMState *env, GByteArray *buf, int reg)
69
{
70
switch (reg) {
71
case 0 ... 31:
72
@@ -XXX,XX +XXX,XX @@ int aarch64_fpu_gdb_get_reg(CPUARMState *env, GByteArray *buf, int reg)
73
}
74
}
75
76
-int aarch64_fpu_gdb_set_reg(CPUARMState *env, uint8_t *buf, int reg)
77
+int aarch64_gdb_set_fpu_reg(CPUARMState *env, uint8_t *buf, int reg)
78
{
79
switch (reg) {
80
case 0 ... 31:
81
@@ -XXX,XX +XXX,XX @@ int aarch64_fpu_gdb_set_reg(CPUARMState *env, uint8_t *buf, int reg)
82
}
83
}
84
85
-int arm_gdb_get_svereg(CPUARMState *env, GByteArray *buf, int reg)
86
+int aarch64_gdb_get_sve_reg(CPUARMState *env, GByteArray *buf, int reg)
87
{
88
ARMCPU *cpu = env_archcpu(env);
89
90
@@ -XXX,XX +XXX,XX @@ int arm_gdb_get_svereg(CPUARMState *env, GByteArray *buf, int reg)
91
return 0;
92
}
93
94
-int arm_gdb_set_svereg(CPUARMState *env, uint8_t *buf, int reg)
95
+int aarch64_gdb_set_sve_reg(CPUARMState *env, uint8_t *buf, int reg)
96
{
97
ARMCPU *cpu = env_archcpu(env);
98
99
--
100
2.34.1
101
102
diff view generated by jsdifflib
[PULL 02/21] target/arm: Unexport arm_gen_dynamic_sysreg_xml
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
This function is not used outside gdbstub.c.
4
5
Reviewed-by: Fabiano Rosas <farosas@suse.de>
6
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20230227213329.793795-3-richard.henderson@linaro.org
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
target/arm/cpu.h | 1 -
12
target/arm/gdbstub.c | 2 +-
13
2 files changed, 1 insertion(+), 2 deletions(-)
14
15
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
16
index XXXXXXX..XXXXXXX 100644
17
--- a/target/arm/cpu.h
18
+++ b/target/arm/cpu.h
19
@@ -XXX,XX +XXX,XX @@ int arm_cpu_gdb_write_register(CPUState *cpu, uint8_t *buf, int reg);
20
* Helpers to dynamically generates XML descriptions of the sysregs
21
* and SVE registers. Returns the number of registers in each set.
22
*/
23
-int arm_gen_dynamic_sysreg_xml(CPUState *cpu, int base_reg);
24
int arm_gen_dynamic_svereg_xml(CPUState *cpu, int base_reg);
25
26
/* Returns the dynamically generated XML for the gdb stub.
27
diff --git a/target/arm/gdbstub.c b/target/arm/gdbstub.c
28
index XXXXXXX..XXXXXXX 100644
29
--- a/target/arm/gdbstub.c
30
+++ b/target/arm/gdbstub.c
31
@@ -XXX,XX +XXX,XX @@ static void arm_register_sysreg_for_xml(gpointer key, gpointer value,
32
}
33
}
34
35
-int arm_gen_dynamic_sysreg_xml(CPUState *cs, int base_reg)
36
+static int arm_gen_dynamic_sysreg_xml(CPUState *cs, int base_reg)
37
{
38
ARMCPU *cpu = ARM_CPU(cs);
39
GString *s = g_string_new(NULL);
40
--
41
2.34.1
42
43
diff view generated by jsdifflib
[PULL 03/21] target/arm: Move arm_gen_dynamic_svereg_xml to gdbstub64.c
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
The function is only used for aarch64, so move it to the
4
file that has the other aarch64 gdbstub stuff. Move the
5
declaration to internals.h.
6
7
Reviewed-by: Fabiano Rosas <farosas@suse.de>
8
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
9
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
10
Message-id: 20230227213329.793795-4-richard.henderson@linaro.org
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
---
13
target/arm/cpu.h | 6 ---
14
target/arm/internals.h | 1 +
15
target/arm/gdbstub.c | 120 -----------------------------------------
16
target/arm/gdbstub64.c | 118 ++++++++++++++++++++++++++++++++++++++++
17
4 files changed, 119 insertions(+), 126 deletions(-)
18
19
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
20
index XXXXXXX..XXXXXXX 100644
21
--- a/target/arm/cpu.h
22
+++ b/target/arm/cpu.h
23
@@ -XXX,XX +XXX,XX @@ hwaddr arm_cpu_get_phys_page_attrs_debug(CPUState *cpu, vaddr addr,
24
int arm_cpu_gdb_read_register(CPUState *cpu, GByteArray *buf, int reg);
25
int arm_cpu_gdb_write_register(CPUState *cpu, uint8_t *buf, int reg);
26
27
-/*
28
- * Helpers to dynamically generates XML descriptions of the sysregs
29
- * and SVE registers. Returns the number of registers in each set.
30
- */
31
-int arm_gen_dynamic_svereg_xml(CPUState *cpu, int base_reg);
32
-
33
/* Returns the dynamically generated XML for the gdb stub.
34
* Returns a pointer to the XML contents for the specified XML file or NULL
35
* if the XML name doesn't match the predefined one.
36
diff --git a/target/arm/internals.h b/target/arm/internals.h
37
index XXXXXXX..XXXXXXX 100644
38
--- a/target/arm/internals.h
39
+++ b/target/arm/internals.h
40
@@ -XXX,XX +XXX,XX @@ static inline uint64_t pmu_counter_mask(CPUARMState *env)
41
}
42
43
#ifdef TARGET_AARCH64
44
+int arm_gen_dynamic_svereg_xml(CPUState *cpu, int base_reg);
45
int aarch64_gdb_get_sve_reg(CPUARMState *env, GByteArray *buf, int reg);
46
int aarch64_gdb_set_sve_reg(CPUARMState *env, uint8_t *buf, int reg);
47
int aarch64_gdb_get_fpu_reg(CPUARMState *env, GByteArray *buf, int reg);
48
diff --git a/target/arm/gdbstub.c b/target/arm/gdbstub.c
49
index XXXXXXX..XXXXXXX 100644
50
--- a/target/arm/gdbstub.c
51
+++ b/target/arm/gdbstub.c
52
@@ -XXX,XX +XXX,XX @@ static int arm_gen_dynamic_sysreg_xml(CPUState *cs, int base_reg)
53
return cpu->dyn_sysreg_xml.num;
54
}
55
56
-struct TypeSize {
57
- const char *gdb_type;
58
- int size;
59
- const char sz, suffix;
60
-};
61
-
62
-static const struct TypeSize vec_lanes[] = {
63
- /* quads */
64
- { "uint128", 128, 'q', 'u' },
65
- { "int128", 128, 'q', 's' },
66
- /* 64 bit */
67
- { "ieee_double", 64, 'd', 'f' },
68
- { "uint64", 64, 'd', 'u' },
69
- { "int64", 64, 'd', 's' },
70
- /* 32 bit */
71
- { "ieee_single", 32, 's', 'f' },
72
- { "uint32", 32, 's', 'u' },
73
- { "int32", 32, 's', 's' },
74
- /* 16 bit */
75
- { "ieee_half", 16, 'h', 'f' },
76
- { "uint16", 16, 'h', 'u' },
77
- { "int16", 16, 'h', 's' },
78
- /* bytes */
79
- { "uint8", 8, 'b', 'u' },
80
- { "int8", 8, 'b', 's' },
81
-};
82
-
83
-
84
-int arm_gen_dynamic_svereg_xml(CPUState *cs, int base_reg)
85
-{
86
- ARMCPU *cpu = ARM_CPU(cs);
87
- GString *s = g_string_new(NULL);
88
- DynamicGDBXMLInfo *info = &cpu->dyn_svereg_xml;
89
- g_autoptr(GString) ts = g_string_new("");
90
- int i, j, bits, reg_width = (cpu->sve_max_vq * 128);
91
- info->num = 0;
92
- g_string_printf(s, "<?xml version=\"1.0\"?>");
93
- g_string_append_printf(s, "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">");
94
- g_string_append_printf(s, "<feature name=\"org.gnu.gdb.aarch64.sve\">");
95
-
96
- /* First define types and totals in a whole VL */
97
- for (i = 0; i < ARRAY_SIZE(vec_lanes); i++) {
98
- int count = reg_width / vec_lanes[i].size;
99
- g_string_printf(ts, "svev%c%c", vec_lanes[i].sz, vec_lanes[i].suffix);
100
- g_string_append_printf(s,
101
- "<vector id=\"%s\" type=\"%s\" count=\"%d\"/>",
102
- ts->str, vec_lanes[i].gdb_type, count);
103
- }
104
- /*
105
- * Now define a union for each size group containing unsigned and
106
- * signed and potentially float versions of each size from 128 to
107
- * 8 bits.
108
- */
109
- for (bits = 128, i = 0; bits >= 8; bits /= 2, i++) {
110
- const char suf[] = { 'q', 'd', 's', 'h', 'b' };
111
- g_string_append_printf(s, "<union id=\"svevn%c\">", suf[i]);
112
- for (j = 0; j < ARRAY_SIZE(vec_lanes); j++) {
113
- if (vec_lanes[j].size == bits) {
114
- g_string_append_printf(s, "<field name=\"%c\" type=\"svev%c%c\"/>",
115
- vec_lanes[j].suffix,
116
- vec_lanes[j].sz, vec_lanes[j].suffix);
117
- }
118
- }
119
- g_string_append(s, "</union>");
120
- }
121
- /* And now the final union of unions */
122
- g_string_append(s, "<union id=\"svev\">");
123
- for (bits = 128, i = 0; bits >= 8; bits /= 2, i++) {
124
- const char suf[] = { 'q', 'd', 's', 'h', 'b' };
125
- g_string_append_printf(s, "<field name=\"%c\" type=\"svevn%c\"/>",
126
- suf[i], suf[i]);
127
- }
128
- g_string_append(s, "</union>");
129
-
130
- /* Finally the sve prefix type */
131
- g_string_append_printf(s,
132
- "<vector id=\"svep\" type=\"uint8\" count=\"%d\"/>",
133
- reg_width / 8);
134
-
135
- /* Then define each register in parts for each vq */
136
- for (i = 0; i < 32; i++) {
137
- g_string_append_printf(s,
138
- "<reg name=\"z%d\" bitsize=\"%d\""
139
- " regnum=\"%d\" type=\"svev\"/>",
140
- i, reg_width, base_reg++);
141
- info->num++;
142
- }
143
- /* fpscr & status registers */
144
- g_string_append_printf(s, "<reg name=\"fpsr\" bitsize=\"32\""
145
- " regnum=\"%d\" group=\"float\""
146
- " type=\"int\"/>", base_reg++);
147
- g_string_append_printf(s, "<reg name=\"fpcr\" bitsize=\"32\""
148
- " regnum=\"%d\" group=\"float\""
149
- " type=\"int\"/>", base_reg++);
150
- info->num += 2;
151
-
152
- for (i = 0; i < 16; i++) {
153
- g_string_append_printf(s,
154
- "<reg name=\"p%d\" bitsize=\"%d\""
155
- " regnum=\"%d\" type=\"svep\"/>",
156
- i, cpu->sve_max_vq * 16, base_reg++);
157
- info->num++;
158
- }
159
- g_string_append_printf(s,
160
- "<reg name=\"ffr\" bitsize=\"%d\""
161
- " regnum=\"%d\" group=\"vector\""
162
- " type=\"svep\"/>",
163
- cpu->sve_max_vq * 16, base_reg++);
164
- g_string_append_printf(s,
165
- "<reg name=\"vg\" bitsize=\"64\""
166
- " regnum=\"%d\" type=\"int\"/>",
167
- base_reg++);
168
- info->num += 2;
169
- g_string_append_printf(s, "</feature>");
170
- cpu->dyn_svereg_xml.desc = g_string_free(s, false);
171
-
172
- return cpu->dyn_svereg_xml.num;
173
-}
174
-
175
-
176
const char *arm_gdb_get_dynamic_xml(CPUState *cs, const char *xmlname)
177
{
178
ARMCPU *cpu = ARM_CPU(cs);
179
diff --git a/target/arm/gdbstub64.c b/target/arm/gdbstub64.c
180
index XXXXXXX..XXXXXXX 100644
181
--- a/target/arm/gdbstub64.c
182
+++ b/target/arm/gdbstub64.c
183
@@ -XXX,XX +XXX,XX @@ int aarch64_gdb_set_sve_reg(CPUARMState *env, uint8_t *buf, int reg)
184
185
return 0;
186
}
187
+
188
+struct TypeSize {
189
+ const char *gdb_type;
190
+ short size;
191
+ char sz, suffix;
192
+};
193
+
194
+static const struct TypeSize vec_lanes[] = {
195
+ /* quads */
196
+ { "uint128", 128, 'q', 'u' },
197
+ { "int128", 128, 'q', 's' },
198
+ /* 64 bit */
199
+ { "ieee_double", 64, 'd', 'f' },
200
+ { "uint64", 64, 'd', 'u' },
201
+ { "int64", 64, 'd', 's' },
202
+ /* 32 bit */
203
+ { "ieee_single", 32, 's', 'f' },
204
+ { "uint32", 32, 's', 'u' },
205
+ { "int32", 32, 's', 's' },
206
+ /* 16 bit */
207
+ { "ieee_half", 16, 'h', 'f' },
208
+ { "uint16", 16, 'h', 'u' },
209
+ { "int16", 16, 'h', 's' },
210
+ /* bytes */
211
+ { "uint8", 8, 'b', 'u' },
212
+ { "int8", 8, 'b', 's' },
213
+};
214
+
215
+int arm_gen_dynamic_svereg_xml(CPUState *cs, int base_reg)
216
+{
217
+ ARMCPU *cpu = ARM_CPU(cs);
218
+ GString *s = g_string_new(NULL);
219
+ DynamicGDBXMLInfo *info = &cpu->dyn_svereg_xml;
220
+ g_autoptr(GString) ts = g_string_new("");
221
+ int i, j, bits, reg_width = (cpu->sve_max_vq * 128);
222
+ info->num = 0;
223
+ g_string_printf(s, "<?xml version=\"1.0\"?>");
224
+ g_string_append_printf(s, "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">");
225
+ g_string_append_printf(s, "<feature name=\"org.gnu.gdb.aarch64.sve\">");
226
+
227
+ /* First define types and totals in a whole VL */
228
+ for (i = 0; i < ARRAY_SIZE(vec_lanes); i++) {
229
+ int count = reg_width / vec_lanes[i].size;
230
+ g_string_printf(ts, "svev%c%c", vec_lanes[i].sz, vec_lanes[i].suffix);
231
+ g_string_append_printf(s,
232
+ "<vector id=\"%s\" type=\"%s\" count=\"%d\"/>",
233
+ ts->str, vec_lanes[i].gdb_type, count);
234
+ }
235
+ /*
236
+ * Now define a union for each size group containing unsigned and
237
+ * signed and potentially float versions of each size from 128 to
238
+ * 8 bits.
239
+ */
240
+ for (bits = 128, i = 0; bits >= 8; bits /= 2, i++) {
241
+ const char suf[] = { 'q', 'd', 's', 'h', 'b' };
242
+ g_string_append_printf(s, "<union id=\"svevn%c\">", suf[i]);
243
+ for (j = 0; j < ARRAY_SIZE(vec_lanes); j++) {
244
+ if (vec_lanes[j].size == bits) {
245
+ g_string_append_printf(s, "<field name=\"%c\" type=\"svev%c%c\"/>",
246
+ vec_lanes[j].suffix,
247
+ vec_lanes[j].sz, vec_lanes[j].suffix);
248
+ }
249
+ }
250
+ g_string_append(s, "</union>");
251
+ }
252
+ /* And now the final union of unions */
253
+ g_string_append(s, "<union id=\"svev\">");
254
+ for (bits = 128, i = 0; bits >= 8; bits /= 2, i++) {
255
+ const char suf[] = { 'q', 'd', 's', 'h', 'b' };
256
+ g_string_append_printf(s, "<field name=\"%c\" type=\"svevn%c\"/>",
257
+ suf[i], suf[i]);
258
+ }
259
+ g_string_append(s, "</union>");
260
+
261
+ /* Finally the sve prefix type */
262
+ g_string_append_printf(s,
263
+ "<vector id=\"svep\" type=\"uint8\" count=\"%d\"/>",
264
+ reg_width / 8);
265
+
266
+ /* Then define each register in parts for each vq */
267
+ for (i = 0; i < 32; i++) {
268
+ g_string_append_printf(s,
269
+ "<reg name=\"z%d\" bitsize=\"%d\""
270
+ " regnum=\"%d\" type=\"svev\"/>",
271
+ i, reg_width, base_reg++);
272
+ info->num++;
273
+ }
274
+ /* fpscr & status registers */
275
+ g_string_append_printf(s, "<reg name=\"fpsr\" bitsize=\"32\""
276
+ " regnum=\"%d\" group=\"float\""
277
+ " type=\"int\"/>", base_reg++);
278
+ g_string_append_printf(s, "<reg name=\"fpcr\" bitsize=\"32\""
279
+ " regnum=\"%d\" group=\"float\""
280
+ " type=\"int\"/>", base_reg++);
281
+ info->num += 2;
282
+
283
+ for (i = 0; i < 16; i++) {
284
+ g_string_append_printf(s,
285
+ "<reg name=\"p%d\" bitsize=\"%d\""
286
+ " regnum=\"%d\" type=\"svep\"/>",
287
+ i, cpu->sve_max_vq * 16, base_reg++);
288
+ info->num++;
289
+ }
290
+ g_string_append_printf(s,
291
+ "<reg name=\"ffr\" bitsize=\"%d\""
292
+ " regnum=\"%d\" group=\"vector\""
293
+ " type=\"svep\"/>",
294
+ cpu->sve_max_vq * 16, base_reg++);
295
+ g_string_append_printf(s,
296
+ "<reg name=\"vg\" bitsize=\"64\""
297
+ " regnum=\"%d\" type=\"int\"/>",
298
+ base_reg++);
299
+ info->num += 2;
300
+ g_string_append_printf(s, "</feature>");
301
+ info->desc = g_string_free(s, false);
302
+
303
+ return info->num;
304
+}
305
--
306
2.34.1
307
308
diff view generated by jsdifflib
[PULL 04/21] target/arm: Split out output_vector_union_type
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
Create a subroutine for creating the union of unions
4
of the various type sizes that a vector may contain.
5
6
Reviewed-by: Fabiano Rosas <farosas@suse.de>
7
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
8
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
9
Message-id: 20230227213329.793795-5-richard.henderson@linaro.org
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
12
target/arm/gdbstub64.c | 83 +++++++++++++++++++++++-------------------
13
1 file changed, 45 insertions(+), 38 deletions(-)
14
15
diff --git a/target/arm/gdbstub64.c b/target/arm/gdbstub64.c
16
index XXXXXXX..XXXXXXX 100644
17
--- a/target/arm/gdbstub64.c
18
+++ b/target/arm/gdbstub64.c
19
@@ -XXX,XX +XXX,XX @@ int aarch64_gdb_set_sve_reg(CPUARMState *env, uint8_t *buf, int reg)
20
return 0;
21
}
22
23
-struct TypeSize {
24
- const char *gdb_type;
25
- short size;
26
- char sz, suffix;
27
-};
28
-
29
-static const struct TypeSize vec_lanes[] = {
30
- /* quads */
31
- { "uint128", 128, 'q', 'u' },
32
- { "int128", 128, 'q', 's' },
33
- /* 64 bit */
34
- { "ieee_double", 64, 'd', 'f' },
35
- { "uint64", 64, 'd', 'u' },
36
- { "int64", 64, 'd', 's' },
37
- /* 32 bit */
38
- { "ieee_single", 32, 's', 'f' },
39
- { "uint32", 32, 's', 'u' },
40
- { "int32", 32, 's', 's' },
41
- /* 16 bit */
42
- { "ieee_half", 16, 'h', 'f' },
43
- { "uint16", 16, 'h', 'u' },
44
- { "int16", 16, 'h', 's' },
45
- /* bytes */
46
- { "uint8", 8, 'b', 'u' },
47
- { "int8", 8, 'b', 's' },
48
-};
49
-
50
-int arm_gen_dynamic_svereg_xml(CPUState *cs, int base_reg)
51
+static void output_vector_union_type(GString *s, int reg_width)
52
{
53
- ARMCPU *cpu = ARM_CPU(cs);
54
- GString *s = g_string_new(NULL);
55
- DynamicGDBXMLInfo *info = &cpu->dyn_svereg_xml;
56
+ struct TypeSize {
57
+ const char *gdb_type;
58
+ short size;
59
+ char sz, suffix;
60
+ };
61
+
62
+ static const struct TypeSize vec_lanes[] = {
63
+ /* quads */
64
+ { "uint128", 128, 'q', 'u' },
65
+ { "int128", 128, 'q', 's' },
66
+ /* 64 bit */
67
+ { "ieee_double", 64, 'd', 'f' },
68
+ { "uint64", 64, 'd', 'u' },
69
+ { "int64", 64, 'd', 's' },
70
+ /* 32 bit */
71
+ { "ieee_single", 32, 's', 'f' },
72
+ { "uint32", 32, 's', 'u' },
73
+ { "int32", 32, 's', 's' },
74
+ /* 16 bit */
75
+ { "ieee_half", 16, 'h', 'f' },
76
+ { "uint16", 16, 'h', 'u' },
77
+ { "int16", 16, 'h', 's' },
78
+ /* bytes */
79
+ { "uint8", 8, 'b', 'u' },
80
+ { "int8", 8, 'b', 's' },
81
+ };
82
+
83
+ static const char suf[] = { 'q', 'd', 's', 'h', 'b' };
84
+
85
g_autoptr(GString) ts = g_string_new("");
86
- int i, j, bits, reg_width = (cpu->sve_max_vq * 128);
87
- info->num = 0;
88
- g_string_printf(s, "<?xml version=\"1.0\"?>");
89
- g_string_append_printf(s, "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">");
90
- g_string_append_printf(s, "<feature name=\"org.gnu.gdb.aarch64.sve\">");
91
+ int i, j, bits;
92
93
/* First define types and totals in a whole VL */
94
for (i = 0; i < ARRAY_SIZE(vec_lanes); i++) {
95
@@ -XXX,XX +XXX,XX @@ int arm_gen_dynamic_svereg_xml(CPUState *cs, int base_reg)
96
* 8 bits.
97
*/
98
for (bits = 128, i = 0; bits >= 8; bits /= 2, i++) {
99
- const char suf[] = { 'q', 'd', 's', 'h', 'b' };
100
g_string_append_printf(s, "<union id=\"svevn%c\">", suf[i]);
101
for (j = 0; j < ARRAY_SIZE(vec_lanes); j++) {
102
if (vec_lanes[j].size == bits) {
103
@@ -XXX,XX +XXX,XX @@ int arm_gen_dynamic_svereg_xml(CPUState *cs, int base_reg)
104
/* And now the final union of unions */
105
g_string_append(s, "<union id=\"svev\">");
106
for (bits = 128, i = 0; bits >= 8; bits /= 2, i++) {
107
- const char suf[] = { 'q', 'd', 's', 'h', 'b' };
108
g_string_append_printf(s, "<field name=\"%c\" type=\"svevn%c\"/>",
109
suf[i], suf[i]);
110
}
111
g_string_append(s, "</union>");
112
+}
113
+
114
+int arm_gen_dynamic_svereg_xml(CPUState *cs, int base_reg)
115
+{
116
+ ARMCPU *cpu = ARM_CPU(cs);
117
+ GString *s = g_string_new(NULL);
118
+ DynamicGDBXMLInfo *info = &cpu->dyn_svereg_xml;
119
+ int i, reg_width = (cpu->sve_max_vq * 128);
120
+ info->num = 0;
121
+ g_string_printf(s, "<?xml version=\"1.0\"?>");
122
+ g_string_append_printf(s, "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">");
123
+ g_string_append_printf(s, "<feature name=\"org.gnu.gdb.aarch64.sve\">");
124
+
125
+ output_vector_union_type(s, reg_width);
126
127
/* Finally the sve prefix type */
128
g_string_append_printf(s,
129
--
130
2.34.1
diff view generated by jsdifflib
[PULL 05/21] target/arm: Simplify register counting in arm_gen_dynamic_svereg_xml
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
Rather than increment base_reg and num, compute num from the change
4
to base_reg at the end. Clean up some nearby comments.
5
6
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20230227213329.793795-6-richard.henderson@linaro.org
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
target/arm/gdbstub64.c | 27 ++++++++++++++++-----------
12
1 file changed, 16 insertions(+), 11 deletions(-)
13
14
diff --git a/target/arm/gdbstub64.c b/target/arm/gdbstub64.c
15
index XXXXXXX..XXXXXXX 100644
16
--- a/target/arm/gdbstub64.c
17
+++ b/target/arm/gdbstub64.c
18
@@ -XXX,XX +XXX,XX @@ static void output_vector_union_type(GString *s, int reg_width)
19
g_string_append(s, "</union>");
20
}
21
22
-int arm_gen_dynamic_svereg_xml(CPUState *cs, int base_reg)
23
+int arm_gen_dynamic_svereg_xml(CPUState *cs, int orig_base_reg)
24
{
25
ARMCPU *cpu = ARM_CPU(cs);
26
GString *s = g_string_new(NULL);
27
DynamicGDBXMLInfo *info = &cpu->dyn_svereg_xml;
28
- int i, reg_width = (cpu->sve_max_vq * 128);
29
- info->num = 0;
30
+ int reg_width = cpu->sve_max_vq * 128;
31
+ int base_reg = orig_base_reg;
32
+ int i;
33
+
34
g_string_printf(s, "<?xml version=\"1.0\"?>");
35
g_string_append_printf(s, "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">");
36
g_string_append_printf(s, "<feature name=\"org.gnu.gdb.aarch64.sve\">");
37
38
+ /* Create the vector union type. */
39
output_vector_union_type(s, reg_width);
40
41
- /* Finally the sve prefix type */
42
+ /* Create the predicate vector type. */
43
g_string_append_printf(s,
44
"<vector id=\"svep\" type=\"uint8\" count=\"%d\"/>",
45
reg_width / 8);
46
47
- /* Then define each register in parts for each vq */
48
+ /* Define the vector registers. */
49
for (i = 0; i < 32; i++) {
50
g_string_append_printf(s,
51
"<reg name=\"z%d\" bitsize=\"%d\""
52
" regnum=\"%d\" type=\"svev\"/>",
53
i, reg_width, base_reg++);
54
- info->num++;
55
}
56
+
57
/* fpscr & status registers */
58
g_string_append_printf(s, "<reg name=\"fpsr\" bitsize=\"32\""
59
" regnum=\"%d\" group=\"float\""
60
@@ -XXX,XX +XXX,XX @@ int arm_gen_dynamic_svereg_xml(CPUState *cs, int base_reg)
61
g_string_append_printf(s, "<reg name=\"fpcr\" bitsize=\"32\""
62
" regnum=\"%d\" group=\"float\""
63
" type=\"int\"/>", base_reg++);
64
- info->num += 2;
65
66
+ /* Define the predicate registers. */
67
for (i = 0; i < 16; i++) {
68
g_string_append_printf(s,
69
"<reg name=\"p%d\" bitsize=\"%d\""
70
" regnum=\"%d\" type=\"svep\"/>",
71
i, cpu->sve_max_vq * 16, base_reg++);
72
- info->num++;
73
}
74
g_string_append_printf(s,
75
"<reg name=\"ffr\" bitsize=\"%d\""
76
" regnum=\"%d\" group=\"vector\""
77
" type=\"svep\"/>",
78
cpu->sve_max_vq * 16, base_reg++);
79
+
80
+ /* Define the vector length pseudo-register. */
81
g_string_append_printf(s,
82
"<reg name=\"vg\" bitsize=\"64\""
83
" regnum=\"%d\" type=\"int\"/>",
84
base_reg++);
85
- info->num += 2;
86
- g_string_append_printf(s, "</feature>");
87
- info->desc = g_string_free(s, false);
88
89
+ g_string_append_printf(s, "</feature>");
90
+
91
+ info->desc = g_string_free(s, false);
92
+ info->num = base_reg - orig_base_reg;
93
return info->num;
94
}
95
--
96
2.34.1
97
98
diff view generated by jsdifflib
[PULL 06/21] target/arm: Hoist pred_width in arm_gen_dynamic_svereg_xml
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
Reviewed-by: Fabiano Rosas <farosas@suse.de>
4
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
5
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
6
Message-id: 20230227213329.793795-7-richard.henderson@linaro.org
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
---
9
target/arm/gdbstub64.c | 5 +++--
10
1 file changed, 3 insertions(+), 2 deletions(-)
11
12
diff --git a/target/arm/gdbstub64.c b/target/arm/gdbstub64.c
13
index XXXXXXX..XXXXXXX 100644
14
--- a/target/arm/gdbstub64.c
15
+++ b/target/arm/gdbstub64.c
16
@@ -XXX,XX +XXX,XX @@ int arm_gen_dynamic_svereg_xml(CPUState *cs, int orig_base_reg)
17
GString *s = g_string_new(NULL);
18
DynamicGDBXMLInfo *info = &cpu->dyn_svereg_xml;
19
int reg_width = cpu->sve_max_vq * 128;
20
+ int pred_width = cpu->sve_max_vq * 16;
21
int base_reg = orig_base_reg;
22
int i;
23
24
@@ -XXX,XX +XXX,XX @@ int arm_gen_dynamic_svereg_xml(CPUState *cs, int orig_base_reg)
25
g_string_append_printf(s,
26
"<reg name=\"p%d\" bitsize=\"%d\""
27
" regnum=\"%d\" type=\"svep\"/>",
28
- i, cpu->sve_max_vq * 16, base_reg++);
29
+ i, pred_width, base_reg++);
30
}
31
g_string_append_printf(s,
32
"<reg name=\"ffr\" bitsize=\"%d\""
33
" regnum=\"%d\" group=\"vector\""
34
" type=\"svep\"/>",
35
- cpu->sve_max_vq * 16, base_reg++);
36
+ pred_width, base_reg++);
37
38
/* Define the vector length pseudo-register. */
39
g_string_append_printf(s,
40
--
41
2.34.1
42
43
diff view generated by jsdifflib
[PULL 07/21] target/arm: Fix svep width in arm_gen_dynamic_svereg_xml
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
Define svep based on the size of the predicates,
4
not the primary vector registers.
5
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20230227213329.793795-8-richard.henderson@linaro.org
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
11
target/arm/gdbstub64.c | 2 +-
12
1 file changed, 1 insertion(+), 1 deletion(-)
13
14
diff --git a/target/arm/gdbstub64.c b/target/arm/gdbstub64.c
15
index XXXXXXX..XXXXXXX 100644
16
--- a/target/arm/gdbstub64.c
17
+++ b/target/arm/gdbstub64.c
18
@@ -XXX,XX +XXX,XX @@ int arm_gen_dynamic_svereg_xml(CPUState *cs, int orig_base_reg)
19
/* Create the predicate vector type. */
20
g_string_append_printf(s,
21
"<vector id=\"svep\" type=\"uint8\" count=\"%d\"/>",
22
- reg_width / 8);
23
+ pred_width / 8);
24
25
/* Define the vector registers. */
26
for (i = 0; i < 32; i++) {
27
--
28
2.34.1
diff view generated by jsdifflib
[PULL 21/21] hw: arm: allwinner-h3: Fix and complete H3 i2c devices
[PULL 1/7] hw/arm/sbsa-ref: set 'slots' property of xhci
1
From: qianfan Zhao <qianfanguijin@163.com>
1
From: Yuquan Wang <wangyuquan1236@phytium.com.cn>
2
2
3
Allwinner h3 has 4 twi(i2c) devices named twi0, twi1, twi2 and r_twi.
3
This extends the slots of xhci to 64, since the default xhci_sysbus
4
The registers are compatible with TYPE_AW_I2C_SUN6I, write 1 to clear
4
just supports one slot.
5
control register's INT_FLAG bit.
6
5
7
Signed-off-by: qianfan Zhao <qianfanguijin@163.com>
6
Signed-off-by: Wang Yuquan <wangyuquan1236@phytium.com.cn>
8
Reviewed-by: Strahinja Jankovic <strahinja.p.jankovic@gmail.com>
7
Signed-off-by: Chen Baozi <chenbaozi@phytium.com.cn>
9
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
8
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
9
Reviewed-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
10
Tested-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
11
Message-id: 20230710063750.473510-2-wangyuquan1236@phytium.com.cn
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
13
---
12
include/hw/arm/allwinner-h3.h | 6 ++++++
14
hw/arm/sbsa-ref.c | 1 +
13
hw/arm/allwinner-h3.c | 29 +++++++++++++++++++++++++----
15
1 file changed, 1 insertion(+)
14
2 files changed, 31 insertions(+), 4 deletions(-)
15
16
16
diff --git a/include/hw/arm/allwinner-h3.h b/include/hw/arm/allwinner-h3.h
17
diff --git a/hw/arm/sbsa-ref.c b/hw/arm/sbsa-ref.c
17
index XXXXXXX..XXXXXXX 100644
18
index XXXXXXX..XXXXXXX 100644
18
--- a/include/hw/arm/allwinner-h3.h
19
--- a/hw/arm/sbsa-ref.c
19
+++ b/include/hw/arm/allwinner-h3.h
20
+++ b/hw/arm/sbsa-ref.c
20
@@ -XXX,XX +XXX,XX @@ enum {
21
@@ -XXX,XX +XXX,XX @@ static void create_xhci(const SBSAMachineState *sms)
21
AW_H3_DEV_UART3,
22
hwaddr base = sbsa_ref_memmap[SBSA_XHCI].base;
22
AW_H3_DEV_EMAC,
23
int irq = sbsa_ref_irqmap[SBSA_XHCI];
23
AW_H3_DEV_TWI0,
24
DeviceState *dev = qdev_new(TYPE_XHCI_SYSBUS);
24
+ AW_H3_DEV_TWI1,
25
+ qdev_prop_set_uint32(dev, "slots", XHCI_MAXSLOTS);
25
+ AW_H3_DEV_TWI2,
26
26
AW_H3_DEV_DRAMCOM,
27
sysbus_realize_and_unref(SYS_BUS_DEVICE(dev), &error_fatal);
27
AW_H3_DEV_DRAMCTL,
28
sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, base);
28
AW_H3_DEV_DRAMPHY,
29
@@ -XXX,XX +XXX,XX @@ enum {
30
AW_H3_DEV_GIC_VCPU,
31
AW_H3_DEV_RTC,
32
AW_H3_DEV_CPUCFG,
33
+ AW_H3_DEV_R_TWI,
34
AW_H3_DEV_SDRAM
35
};
36
37
@@ -XXX,XX +XXX,XX @@ struct AwH3State {
38
AwSidState sid;
39
AwSdHostState mmc0;
40
AWI2CState i2c0;
41
+ AWI2CState i2c1;
42
+ AWI2CState i2c2;
43
+ AWI2CState r_twi;
44
AwSun8iEmacState emac;
45
AwRtcState rtc;
46
GICState gic;
47
diff --git a/hw/arm/allwinner-h3.c b/hw/arm/allwinner-h3.c
48
index XXXXXXX..XXXXXXX 100644
49
--- a/hw/arm/allwinner-h3.c
50
+++ b/hw/arm/allwinner-h3.c
51
@@ -XXX,XX +XXX,XX @@ const hwaddr allwinner_h3_memmap[] = {
52
[AW_H3_DEV_UART2] = 0x01c28800,
53
[AW_H3_DEV_UART3] = 0x01c28c00,
54
[AW_H3_DEV_TWI0] = 0x01c2ac00,
55
+ [AW_H3_DEV_TWI1] = 0x01c2b000,
56
+ [AW_H3_DEV_TWI2] = 0x01c2b400,
57
[AW_H3_DEV_EMAC] = 0x01c30000,
58
[AW_H3_DEV_DRAMCOM] = 0x01c62000,
59
[AW_H3_DEV_DRAMCTL] = 0x01c63000,
60
@@ -XXX,XX +XXX,XX @@ const hwaddr allwinner_h3_memmap[] = {
61
[AW_H3_DEV_GIC_VCPU] = 0x01c86000,
62
[AW_H3_DEV_RTC] = 0x01f00000,
63
[AW_H3_DEV_CPUCFG] = 0x01f01c00,
64
+ [AW_H3_DEV_R_TWI] = 0x01f02400,
65
[AW_H3_DEV_SDRAM] = 0x40000000
66
};
67
68
@@ -XXX,XX +XXX,XX @@ struct AwH3Unimplemented {
69
{ "uart1", 0x01c28400, 1 * KiB },
70
{ "uart2", 0x01c28800, 1 * KiB },
71
{ "uart3", 0x01c28c00, 1 * KiB },
72
- { "twi1", 0x01c2b000, 1 * KiB },
73
- { "twi2", 0x01c2b400, 1 * KiB },
74
{ "scr", 0x01c2c400, 1 * KiB },
75
{ "gpu", 0x01c40000, 64 * KiB },
76
{ "hstmr", 0x01c60000, 4 * KiB },
77
@@ -XXX,XX +XXX,XX @@ struct AwH3Unimplemented {
78
{ "r_prcm", 0x01f01400, 1 * KiB },
79
{ "r_twd", 0x01f01800, 1 * KiB },
80
{ "r_cir-rx", 0x01f02000, 1 * KiB },
81
- { "r_twi", 0x01f02400, 1 * KiB },
82
{ "r_uart", 0x01f02800, 1 * KiB },
83
{ "r_pio", 0x01f02c00, 1 * KiB },
84
{ "r_pwm", 0x01f03800, 1 * KiB },
85
@@ -XXX,XX +XXX,XX @@ enum {
86
AW_H3_GIC_SPI_UART2 = 2,
87
AW_H3_GIC_SPI_UART3 = 3,
88
AW_H3_GIC_SPI_TWI0 = 6,
89
+ AW_H3_GIC_SPI_TWI1 = 7,
90
+ AW_H3_GIC_SPI_TWI2 = 8,
91
AW_H3_GIC_SPI_TIMER0 = 18,
92
AW_H3_GIC_SPI_TIMER1 = 19,
93
+ AW_H3_GIC_SPI_R_TWI = 44,
94
AW_H3_GIC_SPI_MMC0 = 60,
95
AW_H3_GIC_SPI_EHCI0 = 72,
96
AW_H3_GIC_SPI_OHCI0 = 73,
97
@@ -XXX,XX +XXX,XX @@ static void allwinner_h3_init(Object *obj)
98
99
object_initialize_child(obj, "rtc", &s->rtc, TYPE_AW_RTC_SUN6I);
100
101
- object_initialize_child(obj, "twi0", &s->i2c0, TYPE_AW_I2C);
102
+ object_initialize_child(obj, "twi0", &s->i2c0, TYPE_AW_I2C_SUN6I);
103
+ object_initialize_child(obj, "twi1", &s->i2c1, TYPE_AW_I2C_SUN6I);
104
+ object_initialize_child(obj, "twi2", &s->i2c2, TYPE_AW_I2C_SUN6I);
105
+ object_initialize_child(obj, "r_twi", &s->r_twi, TYPE_AW_I2C_SUN6I);
106
}
107
108
static void allwinner_h3_realize(DeviceState *dev, Error **errp)
109
@@ -XXX,XX +XXX,XX @@ static void allwinner_h3_realize(DeviceState *dev, Error **errp)
110
sysbus_connect_irq(SYS_BUS_DEVICE(&s->i2c0), 0,
111
qdev_get_gpio_in(DEVICE(&s->gic), AW_H3_GIC_SPI_TWI0));
112
113
+ sysbus_realize(SYS_BUS_DEVICE(&s->i2c1), &error_fatal);
114
+ sysbus_mmio_map(SYS_BUS_DEVICE(&s->i2c1), 0, s->memmap[AW_H3_DEV_TWI1]);
115
+ sysbus_connect_irq(SYS_BUS_DEVICE(&s->i2c1), 0,
116
+ qdev_get_gpio_in(DEVICE(&s->gic), AW_H3_GIC_SPI_TWI1));
117
+
118
+ sysbus_realize(SYS_BUS_DEVICE(&s->i2c2), &error_fatal);
119
+ sysbus_mmio_map(SYS_BUS_DEVICE(&s->i2c2), 0, s->memmap[AW_H3_DEV_TWI2]);
120
+ sysbus_connect_irq(SYS_BUS_DEVICE(&s->i2c2), 0,
121
+ qdev_get_gpio_in(DEVICE(&s->gic), AW_H3_GIC_SPI_TWI2));
122
+
123
+ sysbus_realize(SYS_BUS_DEVICE(&s->r_twi), &error_fatal);
124
+ sysbus_mmio_map(SYS_BUS_DEVICE(&s->r_twi), 0, s->memmap[AW_H3_DEV_R_TWI]);
125
+ sysbus_connect_irq(SYS_BUS_DEVICE(&s->r_twi), 0,
126
+ qdev_get_gpio_in(DEVICE(&s->gic), AW_H3_GIC_SPI_R_TWI));
127
+
128
/* Unimplemented devices */
129
for (i = 0; i < ARRAY_SIZE(unimplemented); i++) {
130
create_unimplemented_device(unimplemented[i].device_name,
131
--
29
--
132
2.34.1
30
2.34.1
diff view generated by jsdifflib
[PULL 08/21] target/arm: Add name argument to output_vector_union_type
[PULL 2/7] linux-user: Remove pointless NULL check in clock_adjtime handling
1
From: Richard Henderson <richard.henderson@linaro.org>
1
In the code for TARGET_NR_clock_adjtime, we set the pointer phtx to
2
the address of the local variable htx. This means it can never be
3
NULL, but later in the code we check it for NULL anyway. Coverity
4
complains about this (CID 1507683) because the NULL check comes after
5
a call to clock_adjtime() that assumes it is non-NULL.
2
6
3
This will make the function usable between SVE and SME.
7
Since phtx is always &htx, and is used only in three places, it's not
8
really necessary. Remove it, bringing the code structure in to line
9
with that for TARGET_NR_clock_adjtime64, which already uses a simple
10
'&htx' when it wants a pointer to 'htx'.
4
11
5
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
6
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
13
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
14
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-id: 20230227213329.793795-9-richard.henderson@linaro.org
15
Message-id: 20230623144410.1837261-1-peter.maydell@linaro.org
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
16
---
11
target/arm/gdbstub64.c | 28 ++++++++++++++--------------
17
linux-user/syscall.c | 12 +++++-------
12
1 file changed, 14 insertions(+), 14 deletions(-)
18
1 file changed, 5 insertions(+), 7 deletions(-)
13
19
14
diff --git a/target/arm/gdbstub64.c b/target/arm/gdbstub64.c
20
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
15
index XXXXXXX..XXXXXXX 100644
21
index XXXXXXX..XXXXXXX 100644
16
--- a/target/arm/gdbstub64.c
22
--- a/linux-user/syscall.c
17
+++ b/target/arm/gdbstub64.c
23
+++ b/linux-user/syscall.c
18
@@ -XXX,XX +XXX,XX @@ int aarch64_gdb_set_sve_reg(CPUARMState *env, uint8_t *buf, int reg)
24
@@ -XXX,XX +XXX,XX @@ static abi_long do_syscall1(CPUArchState *cpu_env, int num, abi_long arg1,
19
return 0;
25
#if defined(TARGET_NR_clock_adjtime) && defined(CONFIG_CLOCK_ADJTIME)
20
}
26
case TARGET_NR_clock_adjtime:
21
27
{
22
-static void output_vector_union_type(GString *s, int reg_width)
28
- struct timex htx, *phtx = &htx;
23
+static void output_vector_union_type(GString *s, int reg_width,
29
+ struct timex htx;
24
+ const char *name)
30
25
{
31
- if (target_to_host_timex(phtx, arg2) != 0) {
26
struct TypeSize {
32
+ if (target_to_host_timex(&htx, arg2) != 0) {
27
const char *gdb_type;
33
return -TARGET_EFAULT;
28
@@ -XXX,XX +XXX,XX @@ static void output_vector_union_type(GString *s, int reg_width)
34
}
29
};
35
- ret = get_errno(clock_adjtime(arg1, phtx));
30
36
- if (!is_error(ret) && phtx) {
31
static const char suf[] = { 'q', 'd', 's', 'h', 'b' };
37
- if (host_to_target_timex(arg2, phtx) != 0) {
32
-
38
- return -TARGET_EFAULT;
33
- g_autoptr(GString) ts = g_string_new("");
39
- }
34
int i, j, bits;
40
+ ret = get_errno(clock_adjtime(arg1, &htx));
35
41
+ if (!is_error(ret) && host_to_target_timex(arg2, &htx)) {
36
/* First define types and totals in a whole VL */
42
+ return -TARGET_EFAULT;
37
for (i = 0; i < ARRAY_SIZE(vec_lanes); i++) {
38
- int count = reg_width / vec_lanes[i].size;
39
- g_string_printf(ts, "svev%c%c", vec_lanes[i].sz, vec_lanes[i].suffix);
40
g_string_append_printf(s,
41
- "<vector id=\"%s\" type=\"%s\" count=\"%d\"/>",
42
- ts->str, vec_lanes[i].gdb_type, count);
43
+ "<vector id=\"%s%c%c\" type=\"%s\" count=\"%d\"/>",
44
+ name, vec_lanes[i].sz, vec_lanes[i].suffix,
45
+ vec_lanes[i].gdb_type, reg_width / vec_lanes[i].size);
46
}
47
+
48
/*
49
* Now define a union for each size group containing unsigned and
50
* signed and potentially float versions of each size from 128 to
51
* 8 bits.
52
*/
53
for (bits = 128, i = 0; bits >= 8; bits /= 2, i++) {
54
- g_string_append_printf(s, "<union id=\"svevn%c\">", suf[i]);
55
+ g_string_append_printf(s, "<union id=\"%sn%c\">", name, suf[i]);
56
for (j = 0; j < ARRAY_SIZE(vec_lanes); j++) {
57
if (vec_lanes[j].size == bits) {
58
- g_string_append_printf(s, "<field name=\"%c\" type=\"svev%c%c\"/>",
59
- vec_lanes[j].suffix,
60
+ g_string_append_printf(s, "<field name=\"%c\" type=\"%s%c%c\"/>",
61
+ vec_lanes[j].suffix, name,
62
vec_lanes[j].sz, vec_lanes[j].suffix);
63
}
43
}
64
}
44
}
65
g_string_append(s, "</union>");
45
return ret;
66
}
67
+
68
/* And now the final union of unions */
69
- g_string_append(s, "<union id=\"svev\">");
70
+ g_string_append_printf(s, "<union id=\"%s\">", name);
71
for (bits = 128, i = 0; bits >= 8; bits /= 2, i++) {
72
- g_string_append_printf(s, "<field name=\"%c\" type=\"svevn%c\"/>",
73
- suf[i], suf[i]);
74
+ g_string_append_printf(s, "<field name=\"%c\" type=\"%sn%c\"/>",
75
+ suf[i], name, suf[i]);
76
}
77
g_string_append(s, "</union>");
78
}
79
@@ -XXX,XX +XXX,XX @@ int arm_gen_dynamic_svereg_xml(CPUState *cs, int orig_base_reg)
80
g_string_append_printf(s, "<feature name=\"org.gnu.gdb.aarch64.sve\">");
81
82
/* Create the vector union type. */
83
- output_vector_union_type(s, reg_width);
84
+ output_vector_union_type(s, reg_width, "svev");
85
86
/* Create the predicate vector type. */
87
g_string_append_printf(s,
88
--
46
--
89
2.34.1
47
2.34.1
90
48
91
49
diff view generated by jsdifflib
[PULL 09/21] target/arm: Simplify iteration over bit widths
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
Order suf[] by the log8 of the width.
4
Use ARRAY_SIZE instead of hard-coding 128.
5
6
This changes the order of the union definitions,
7
but retains the order of the union-of-union members.
8
9
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
10
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
11
Message-id: 20230227213329.793795-10-richard.henderson@linaro.org
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
---
14
target/arm/gdbstub64.c | 10 ++++++----
15
1 file changed, 6 insertions(+), 4 deletions(-)
16
17
diff --git a/target/arm/gdbstub64.c b/target/arm/gdbstub64.c
18
index XXXXXXX..XXXXXXX 100644
19
--- a/target/arm/gdbstub64.c
20
+++ b/target/arm/gdbstub64.c
21
@@ -XXX,XX +XXX,XX @@ static void output_vector_union_type(GString *s, int reg_width,
22
{ "int8", 8, 'b', 's' },
23
};
24
25
- static const char suf[] = { 'q', 'd', 's', 'h', 'b' };
26
- int i, j, bits;
27
+ static const char suf[] = { 'b', 'h', 's', 'd', 'q' };
28
+ int i, j;
29
30
/* First define types and totals in a whole VL */
31
for (i = 0; i < ARRAY_SIZE(vec_lanes); i++) {
32
@@ -XXX,XX +XXX,XX @@ static void output_vector_union_type(GString *s, int reg_width,
33
* signed and potentially float versions of each size from 128 to
34
* 8 bits.
35
*/
36
- for (bits = 128, i = 0; bits >= 8; bits /= 2, i++) {
37
+ for (i = 0; i < ARRAY_SIZE(suf); i++) {
38
+ int bits = 8 << i;
39
+
40
g_string_append_printf(s, "<union id=\"%sn%c\">", name, suf[i]);
41
for (j = 0; j < ARRAY_SIZE(vec_lanes); j++) {
42
if (vec_lanes[j].size == bits) {
43
@@ -XXX,XX +XXX,XX @@ static void output_vector_union_type(GString *s, int reg_width,
44
45
/* And now the final union of unions */
46
g_string_append_printf(s, "<union id=\"%s\">", name);
47
- for (bits = 128, i = 0; bits >= 8; bits /= 2, i++) {
48
+ for (i = ARRAY_SIZE(suf) - 1; i >= 0; i--) {
49
g_string_append_printf(s, "<field name=\"%c\" type=\"%sn%c\"/>",
50
suf[i], name, suf[i]);
51
}
52
--
53
2.34.1
diff view generated by jsdifflib
[PULL 18/21] target/arm: Rewrite check_s2_mmu_setup
[PULL 3/7] target/arm/ptw.c: Add comments to S1Translate struct fields
1
From: Richard Henderson <richard.henderson@linaro.org>
1
Add comments to the in_* fields in the S1Translate struct
2
that explain what they're doing.
2
3
3
Integrate neighboring code from get_phys_addr_lpae which computed
4
starting level, as it is easier to validate when doing both at the
5
same time. Mirror the checks at the start of AArch{64,32}.S2Walk,
6
especially S2InvalidSL and S2InconsistentSL.
7
8
This reverts 49ba115bb74, which was incorrect -- there is nothing
9
in the ARM pseudocode that depends on TxSZ, i.e. outputsize; the
10
pseudocode is consistent in referencing PAMax.
11
12
Fixes: 49ba115bb74 ("target/arm: Pass outputsize down to check_s2_mmu_setup")
13
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
14
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15
Message-id: 20230227225832.816605-5-richard.henderson@linaro.org
16
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
4
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
5
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
6
Message-id: 20230710152130.3928330-2-peter.maydell@linaro.org
17
---
7
---
18
target/arm/ptw.c | 173 ++++++++++++++++++++++++++---------------------
8
target/arm/ptw.c | 40 ++++++++++++++++++++++++++++++++++++++++
19
1 file changed, 97 insertions(+), 76 deletions(-)
9
1 file changed, 40 insertions(+)
20
10
21
diff --git a/target/arm/ptw.c b/target/arm/ptw.c
11
diff --git a/target/arm/ptw.c b/target/arm/ptw.c
22
index XXXXXXX..XXXXXXX 100644
12
index XXXXXXX..XXXXXXX 100644
23
--- a/target/arm/ptw.c
13
--- a/target/arm/ptw.c
24
+++ b/target/arm/ptw.c
14
+++ b/target/arm/ptw.c
25
@@ -XXX,XX +XXX,XX @@ static ARMVAParameters aa32_va_parameters(CPUARMState *env, uint32_t va,
15
@@ -XXX,XX +XXX,XX @@
26
* check_s2_mmu_setup
16
#endif
27
* @cpu: ARMCPU
17
28
* @is_aa64: True if the translation regime is in AArch64 state
18
typedef struct S1Translate {
29
- * @startlevel: Suggested starting level
19
+ /*
30
- * @inputsize: Bitsize of IPAs
20
+ * in_mmu_idx : specifies which TTBR, TCR, etc to use for the walk.
31
+ * @tcr: VTCR_EL2 or VSTCR_EL2
21
+ * Together with in_space, specifies the architectural translation regime.
32
+ * @ds: Effective value of TCR.DS.
22
+ */
33
+ * @iasize: Bitsize of IPAs
23
ARMMMUIdx in_mmu_idx;
34
* @stride: Page-table stride (See the ARM ARM)
24
+ /*
35
*
25
+ * in_ptw_idx: specifies which mmuidx to use for the actual
36
- * Returns true if the suggested S2 translation parameters are OK and
26
+ * page table descriptor load operations. This will be one of the
37
- * false otherwise.
27
+ * ARMMMUIdx_Stage2* or one of the ARMMMUIdx_Phys_* indexes.
38
+ * Decode the starting level of the S2 lookup, returning INT_MIN if
28
+ * If a Secure ptw is "downgraded" to NonSecure by an NSTable bit,
39
+ * the configuration is invalid.
29
+ * this field is updated accordingly.
40
*/
30
+ */
41
-static bool check_s2_mmu_setup(ARMCPU *cpu, bool is_aa64, int level,
31
ARMMMUIdx in_ptw_idx;
42
- int inputsize, int stride, int outputsize)
32
+ /*
43
+static int check_s2_mmu_setup(ARMCPU *cpu, bool is_aa64, uint64_t tcr,
33
+ * in_space: the security space for this walk. This plus
44
+ bool ds, int iasize, int stride)
34
+ * the in_mmu_idx specify the architectural translation regime.
45
{
35
+ * If a Secure ptw is "downgraded" to NonSecure by an NSTable bit,
46
- const int grainsize = stride + 3;
36
+ * this field is updated accordingly.
47
- int startsizecheck;
37
+ *
48
-
38
+ * Note that the security space for the in_ptw_idx may be different
49
- /*
39
+ * from that for the in_mmu_idx. We do not need to explicitly track
50
- * Negative levels are usually not allowed...
40
+ * the in_ptw_idx security space because:
51
- * Except for FEAT_LPA2, 4k page table, 52-bit address space, which
41
+ * - if the in_ptw_idx is an ARMMMUIdx_Phys_* then the mmuidx
52
- * begins with level -1. Note that previous feature tests will have
42
+ * itself specifies the security space
53
- * eliminated this combination if it is not enabled.
43
+ * - if the in_ptw_idx is an ARMMMUIdx_Stage2* then the security
54
- */
44
+ * space used for ptw reads is the same as that of the security
55
- if (level < (inputsize == 52 && stride == 9 ? -1 : 0)) {
45
+ * space of the stage 1 translation for all cases except where
56
- return false;
46
+ * stage 1 is Secure; in that case the only possibilities for
57
- }
47
+ * the ptw read are Secure and NonSecure, and the in_ptw_idx
58
-
48
+ * value being Stage2 vs Stage2_S distinguishes those.
59
- startsizecheck = inputsize - ((3 - level) * stride + grainsize);
49
+ */
60
- if (startsizecheck < 1 || startsizecheck > stride + 4) {
50
ARMSecuritySpace in_space;
61
- return false;
51
+ /*
62
- }
52
+ * in_secure: whether the translation regime is a Secure one.
63
+ int sl0, sl2, startlevel, granulebits, levels;
53
+ * This is always equal to arm_space_is_secure(in_space).
64
+ int s1_min_iasize, s1_max_iasize;
54
+ * If a Secure ptw is "downgraded" to NonSecure by an NSTable bit,
65
55
+ * this field is updated accordingly.
66
+ sl0 = extract32(tcr, 6, 2);
56
+ */
67
if (is_aa64) {
57
bool in_secure;
68
+ /*
58
+ /*
69
+ * AArch64.S2InvalidTxSZ: While we checked tsz_oob near the top of
59
+ * in_debug: is this a QEMU debug access (gdbstub, etc)? Debug
70
+ * get_phys_addr_lpae, that used aa64_va_parameters which apply
60
+ * accesses will not update the guest page table access flags
71
+ * to aarch64. If Stage1 is aarch32, the min_txsz is larger.
61
+ * and will not change the state of the softmmu TLBs.
72
+ * See AArch64.S2MinTxSZ, where min_tsz is 24, translated to
62
+ */
73
+ * inputsize is 64 - 24 = 40.
63
bool in_debug;
74
+ */
64
/*
75
+ if (iasize < 40 && !arm_el_is_aa64(&cpu->env, 1)) {
65
* If this is stage 2 of a stage 1+2 page table walk, then this must
76
+ goto fail;
77
+ }
78
+
79
+ /*
80
+ * AArch64.S2InvalidSL: Interpretation of SL depends on the page size,
81
+ * so interleave AArch64.S2StartLevel.
82
+ */
83
switch (stride) {
84
- case 13: /* 64KB Pages. */
85
- if (level == 0 || (level == 1 && outputsize <= 42)) {
86
- return false;
87
+ case 9: /* 4KB */
88
+ /* SL2 is RES0 unless DS=1 & 4KB granule. */
89
+ sl2 = extract64(tcr, 33, 1);
90
+ if (ds && sl2) {
91
+ if (sl0 != 0) {
92
+ goto fail;
93
+ }
94
+ startlevel = -1;
95
+ } else {
96
+ startlevel = 2 - sl0;
97
+ switch (sl0) {
98
+ case 2:
99
+ if (arm_pamax(cpu) < 44) {
100
+ goto fail;
101
+ }
102
+ break;
103
+ case 3:
104
+ if (!cpu_isar_feature(aa64_st, cpu)) {
105
+ goto fail;
106
+ }
107
+ startlevel = 3;
108
+ break;
109
+ }
110
}
111
break;
112
- case 11: /* 16KB Pages. */
113
- if (level == 0 || (level == 1 && outputsize <= 40)) {
114
- return false;
115
+ case 11: /* 16KB */
116
+ switch (sl0) {
117
+ case 2:
118
+ if (arm_pamax(cpu) < 42) {
119
+ goto fail;
120
+ }
121
+ break;
122
+ case 3:
123
+ if (!ds) {
124
+ goto fail;
125
+ }
126
+ break;
127
}
128
+ startlevel = 3 - sl0;
129
break;
130
- case 9: /* 4KB Pages. */
131
- if (level == 0 && outputsize <= 42) {
132
- return false;
133
+ case 13: /* 64KB */
134
+ switch (sl0) {
135
+ case 2:
136
+ if (arm_pamax(cpu) < 44) {
137
+ goto fail;
138
+ }
139
+ break;
140
+ case 3:
141
+ goto fail;
142
}
143
+ startlevel = 3 - sl0;
144
break;
145
default:
146
g_assert_not_reached();
147
}
148
-
149
- /* Inputsize checks. */
150
- if (inputsize > outputsize &&
151
- (arm_el_is_aa64(&cpu->env, 1) || inputsize > 40)) {
152
- /* This is CONSTRAINED UNPREDICTABLE and we choose to fault. */
153
- return false;
154
- }
155
} else {
156
- /* AArch32 only supports 4KB pages. Assert on that. */
157
+ /*
158
+ * Things are simpler for AArch32 EL2, with only 4k pages.
159
+ * There is no separate S2InvalidSL function, but AArch32.S2Walk
160
+ * begins with walkparms.sl0 in {'1x'}.
161
+ */
162
assert(stride == 9);
163
-
164
- if (level == 0) {
165
- return false;
166
+ if (sl0 >= 2) {
167
+ goto fail;
168
}
169
+ startlevel = 2 - sl0;
170
}
171
- return true;
172
+
173
+ /* AArch{64,32}.S2InconsistentSL are functionally equivalent. */
174
+ levels = 3 - startlevel;
175
+ granulebits = stride + 3;
176
+
177
+ s1_min_iasize = levels * stride + granulebits + 1;
178
+ s1_max_iasize = s1_min_iasize + (stride - 1) + 4;
179
+
180
+ if (iasize >= s1_min_iasize && iasize <= s1_max_iasize) {
181
+ return startlevel;
182
+ }
183
+
184
+ fail:
185
+ return INT_MIN;
186
}
187
188
/**
189
@@ -XXX,XX +XXX,XX @@ static bool get_phys_addr_lpae(CPUARMState *env, S1Translate *ptw,
190
*/
191
level = 4 - (inputsize - 4) / stride;
192
} else {
193
- /*
194
- * For stage 2 translations the starting level is specified by the
195
- * VTCR_EL2.SL0 field (whose interpretation depends on the page size)
196
- */
197
- uint32_t sl0 = extract32(tcr, 6, 2);
198
- uint32_t sl2 = extract64(tcr, 33, 1);
199
- int32_t startlevel;
200
- bool ok;
201
-
202
- /* SL2 is RES0 unless DS=1 & 4kb granule. */
203
- if (param.ds && stride == 9 && sl2) {
204
- if (sl0 != 0) {
205
- level = 0;
206
- goto do_translation_fault;
207
- }
208
- startlevel = -1;
209
- } else if (!aarch64 || stride == 9) {
210
- /* AArch32 or 4KB pages */
211
- startlevel = 2 - sl0;
212
-
213
- if (cpu_isar_feature(aa64_st, cpu)) {
214
- startlevel &= 3;
215
- }
216
- } else {
217
- /* 16KB or 64KB pages */
218
- startlevel = 3 - sl0;
219
- }
220
-
221
- /* Check that the starting level is valid. */
222
- ok = check_s2_mmu_setup(cpu, aarch64, startlevel,
223
- inputsize, stride, outputsize);
224
- if (!ok) {
225
+ int startlevel = check_s2_mmu_setup(cpu, aarch64, tcr, param.ds,
226
+ inputsize, stride);
227
+ if (startlevel == INT_MIN) {
228
+ level = 0;
229
goto do_translation_fault;
230
}
231
level = startlevel;
232
--
66
--
233
2.34.1
67
2.34.1
diff view generated by jsdifflib
[PULL 10/21] target/arm: Create pauth_ptr_mask
[PULL 4/7] target/arm: Fix S1_ptw_translate() debug path
1
From: Richard Henderson <richard.henderson@linaro.org>
1
In commit fe4a5472ccd6 we rearranged the logic in S1_ptw_translate()
2
so that the debug-access "call get_phys_addr_*" codepath is used both
3
when S1 is doing ptw reads from stage 2 and when it is doing ptw
4
reads from physical memory. However, we didn't update the
5
calculation of s2ptw->in_space and s2ptw->in_secure to account for
6
the "ptw reads from physical memory" case. This meant that debug
7
accesses when in Secure state broke.
2
8
3
Keep the logic for pauth within pauth_helper.c, and expose
9
Create a new function S2_security_space() which returns the
4
a helper function for use with the gdbstub pac extension.
10
correct security space to use for the ptw load, and use it to
11
determine the correct .in_secure and .in_space fields for the
12
stage 2 lookup for the ptw load.
5
13
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
14
Reported-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
7
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
Message-id: 20230227213329.793795-11-richard.henderson@linaro.org
16
Tested-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
17
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
18
Message-id: 20230710152130.3928330-3-peter.maydell@linaro.org
19
Fixes: fe4a5472ccd6 ("target/arm: Use get_phys_addr_with_struct in S1_ptw_translate")
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
20
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
---
21
---
11
target/arm/internals.h | 10 ++++++++++
22
target/arm/ptw.c | 37 ++++++++++++++++++++++++++++++++-----
12
target/arm/tcg/pauth_helper.c | 26 ++++++++++++++++++++++----
23
1 file changed, 32 insertions(+), 5 deletions(-)
13
2 files changed, 32 insertions(+), 4 deletions(-)
14
24
15
diff --git a/target/arm/internals.h b/target/arm/internals.h
25
diff --git a/target/arm/ptw.c b/target/arm/ptw.c
16
index XXXXXXX..XXXXXXX 100644
26
index XXXXXXX..XXXXXXX 100644
17
--- a/target/arm/internals.h
27
--- a/target/arm/ptw.c
18
+++ b/target/arm/internals.h
28
+++ b/target/arm/ptw.c
19
@@ -XXX,XX +XXX,XX @@ int exception_target_el(CPUARMState *env);
29
@@ -XXX,XX +XXX,XX @@ static bool S2_attrs_are_device(uint64_t hcr, uint8_t attrs)
20
bool arm_singlestep_active(CPUARMState *env);
30
}
21
bool arm_generate_debug_exceptions(CPUARMState *env);
22
23
+/**
24
+ * pauth_ptr_mask:
25
+ * @env: cpu context
26
+ * @ptr: selects between TTBR0 and TTBR1
27
+ * @data: selects between TBI and TBID
28
+ *
29
+ * Return a mask of the bits of @ptr that contain the authentication code.
30
+ */
31
+uint64_t pauth_ptr_mask(CPUARMState *env, uint64_t ptr, bool data);
32
+
33
/* Add the cpreg definitions for debug related system registers */
34
void define_debug_regs(ARMCPU *cpu);
35
36
diff --git a/target/arm/tcg/pauth_helper.c b/target/arm/tcg/pauth_helper.c
37
index XXXXXXX..XXXXXXX 100644
38
--- a/target/arm/tcg/pauth_helper.c
39
+++ b/target/arm/tcg/pauth_helper.c
40
@@ -XXX,XX +XXX,XX @@ static uint64_t pauth_addpac(CPUARMState *env, uint64_t ptr, uint64_t modifier,
41
return pac | ext | ptr;
42
}
31
}
43
32
44
-static uint64_t pauth_original_ptr(uint64_t ptr, ARMVAParameters param)
33
+static ARMSecuritySpace S2_security_space(ARMSecuritySpace s1_space,
45
+static uint64_t pauth_ptr_mask_internal(ARMVAParameters param)
34
+ ARMMMUIdx s2_mmu_idx)
46
{
47
- /* Note that bit 55 is used whether or not the regime has 2 ranges. */
48
- uint64_t extfield = sextract64(ptr, 55, 1);
49
int bot_pac_bit = 64 - param.tsz;
50
int top_pac_bit = 64 - 8 * param.tbi;
51
52
- return deposit64(ptr, bot_pac_bit, top_pac_bit - bot_pac_bit, extfield);
53
+ return MAKE_64BIT_MASK(bot_pac_bit, top_pac_bit - bot_pac_bit);
54
+}
55
+
56
+static uint64_t pauth_original_ptr(uint64_t ptr, ARMVAParameters param)
57
+{
35
+{
58
+ uint64_t mask = pauth_ptr_mask_internal(param);
36
+ /*
59
+
37
+ * Return the security space to use for stage 2 when doing
60
+ /* Note that bit 55 is used whether or not the regime has 2 ranges. */
38
+ * the S1 page table descriptor load.
61
+ if (extract64(ptr, 55, 1)) {
39
+ */
62
+ return ptr | mask;
40
+ if (regime_is_stage2(s2_mmu_idx)) {
41
+ /*
42
+ * The security space for ptw reads is almost always the same
43
+ * as that of the security space of the stage 1 translation.
44
+ * The only exception is when stage 1 is Secure; in that case
45
+ * the ptw read might be to the Secure or the NonSecure space
46
+ * (but never Realm or Root), and the s2_mmu_idx tells us which.
47
+ * Root translations are always single-stage.
48
+ */
49
+ if (s1_space == ARMSS_Secure) {
50
+ return arm_secure_to_space(s2_mmu_idx == ARMMMUIdx_Stage2_S);
51
+ } else {
52
+ assert(s2_mmu_idx != ARMMMUIdx_Stage2_S);
53
+ assert(s1_space != ARMSS_Root);
54
+ return s1_space;
55
+ }
63
+ } else {
56
+ } else {
64
+ return ptr & ~mask;
57
+ /* ptw loads are from phys: the mmu idx itself says which space */
58
+ return arm_phys_to_space(s2_mmu_idx);
65
+ }
59
+ }
66
+}
60
+}
67
+
61
+
68
+uint64_t pauth_ptr_mask(CPUARMState *env, uint64_t ptr, bool data)
62
/* Translate a S1 pagetable walk through S2 if needed. */
69
+{
63
static bool S1_ptw_translate(CPUARMState *env, S1Translate *ptw,
70
+ ARMMMUIdx mmu_idx = arm_stage1_mmu_idx(env);
64
hwaddr addr, ARMMMUFaultInfo *fi)
71
+ ARMVAParameters param = aa64_va_parameters(env, ptr, mmu_idx, data);
65
{
72
+
66
- ARMSecuritySpace space = ptw->in_space;
73
+ return pauth_ptr_mask_internal(param);
67
bool is_secure = ptw->in_secure;
74
}
68
ARMMMUIdx mmu_idx = ptw->in_mmu_idx;
75
69
ARMMMUIdx s2_mmu_idx = ptw->in_ptw_idx;
76
static uint64_t pauth_auth(CPUARMState *env, uint64_t ptr, uint64_t modifier,
70
@@ -XXX,XX +XXX,XX @@ static bool S1_ptw_translate(CPUARMState *env, S1Translate *ptw,
71
* From gdbstub, do not use softmmu so that we don't modify the
72
* state of the cpu at all, including softmmu tlb contents.
73
*/
74
+ ARMSecuritySpace s2_space = S2_security_space(ptw->in_space, s2_mmu_idx);
75
S1Translate s2ptw = {
76
.in_mmu_idx = s2_mmu_idx,
77
.in_ptw_idx = ptw_idx_for_stage_2(env, s2_mmu_idx),
78
- .in_secure = s2_mmu_idx == ARMMMUIdx_Stage2_S,
79
- .in_space = (s2_mmu_idx == ARMMMUIdx_Stage2_S ? ARMSS_Secure
80
- : space == ARMSS_Realm ? ARMSS_Realm
81
- : ARMSS_NonSecure),
82
+ .in_secure = arm_space_is_secure(s2_space),
83
+ .in_space = s2_space,
84
.in_debug = true,
85
};
86
GetPhysAddrResult s2 = { };
77
--
87
--
78
2.34.1
88
2.34.1
diff view generated by jsdifflib
[PULL 11/21] target/arm: Implement gdbstub pauth extension
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
The extension is primarily defined by the Linux kernel NT_ARM_PAC_MASK
4
ptrace register set.
5
6
The original gdb feature consists of two masks, data and code, which are
7
used to mask out the authentication code within a pointer. Following
8
discussion with Luis Machado, add two more masks in order to support
9
pointers within the high half of the address space (i.e. TTBR1 vs TTBR0).
10
11
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1105
12
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
13
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
14
Message-id: 20230227213329.793795-12-richard.henderson@linaro.org
15
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
16
---
17
configs/targets/aarch64-linux-user.mak | 2 +-
18
configs/targets/aarch64-softmmu.mak | 2 +-
19
configs/targets/aarch64_be-linux-user.mak | 2 +-
20
target/arm/internals.h | 2 ++
21
target/arm/gdbstub.c | 5 ++++
22
target/arm/gdbstub64.c | 34 +++++++++++++++++++++++
23
gdb-xml/aarch64-pauth.xml | 15 ++++++++++
24
7 files changed, 59 insertions(+), 3 deletions(-)
25
create mode 100644 gdb-xml/aarch64-pauth.xml
26
27
diff --git a/configs/targets/aarch64-linux-user.mak b/configs/targets/aarch64-linux-user.mak
28
index XXXXXXX..XXXXXXX 100644
29
--- a/configs/targets/aarch64-linux-user.mak
30
+++ b/configs/targets/aarch64-linux-user.mak
31
@@ -XXX,XX +XXX,XX @@
32
TARGET_ARCH=aarch64
33
TARGET_BASE_ARCH=arm
34
-TARGET_XML_FILES= gdb-xml/aarch64-core.xml gdb-xml/aarch64-fpu.xml
35
+TARGET_XML_FILES= gdb-xml/aarch64-core.xml gdb-xml/aarch64-fpu.xml gdb-xml/aarch64-pauth.xml
36
TARGET_HAS_BFLT=y
37
CONFIG_SEMIHOSTING=y
38
CONFIG_ARM_COMPATIBLE_SEMIHOSTING=y
39
diff --git a/configs/targets/aarch64-softmmu.mak b/configs/targets/aarch64-softmmu.mak
40
index XXXXXXX..XXXXXXX 100644
41
--- a/configs/targets/aarch64-softmmu.mak
42
+++ b/configs/targets/aarch64-softmmu.mak
43
@@ -XXX,XX +XXX,XX @@
44
TARGET_ARCH=aarch64
45
TARGET_BASE_ARCH=arm
46
TARGET_SUPPORTS_MTTCG=y
47
-TARGET_XML_FILES= gdb-xml/aarch64-core.xml gdb-xml/aarch64-fpu.xml gdb-xml/arm-core.xml gdb-xml/arm-vfp.xml gdb-xml/arm-vfp3.xml gdb-xml/arm-vfp-sysregs.xml gdb-xml/arm-neon.xml gdb-xml/arm-m-profile.xml gdb-xml/arm-m-profile-mve.xml
48
+TARGET_XML_FILES= gdb-xml/aarch64-core.xml gdb-xml/aarch64-fpu.xml gdb-xml/arm-core.xml gdb-xml/arm-vfp.xml gdb-xml/arm-vfp3.xml gdb-xml/arm-vfp-sysregs.xml gdb-xml/arm-neon.xml gdb-xml/arm-m-profile.xml gdb-xml/arm-m-profile-mve.xml gdb-xml/aarch64-pauth.xml
49
TARGET_NEED_FDT=y
50
diff --git a/configs/targets/aarch64_be-linux-user.mak b/configs/targets/aarch64_be-linux-user.mak
51
index XXXXXXX..XXXXXXX 100644
52
--- a/configs/targets/aarch64_be-linux-user.mak
53
+++ b/configs/targets/aarch64_be-linux-user.mak
54
@@ -XXX,XX +XXX,XX @@
55
TARGET_ARCH=aarch64
56
TARGET_BASE_ARCH=arm
57
TARGET_BIG_ENDIAN=y
58
-TARGET_XML_FILES= gdb-xml/aarch64-core.xml gdb-xml/aarch64-fpu.xml
59
+TARGET_XML_FILES= gdb-xml/aarch64-core.xml gdb-xml/aarch64-fpu.xml gdb-xml/aarch64-pauth.xml
60
TARGET_HAS_BFLT=y
61
CONFIG_SEMIHOSTING=y
62
CONFIG_ARM_COMPATIBLE_SEMIHOSTING=y
63
diff --git a/target/arm/internals.h b/target/arm/internals.h
64
index XXXXXXX..XXXXXXX 100644
65
--- a/target/arm/internals.h
66
+++ b/target/arm/internals.h
67
@@ -XXX,XX +XXX,XX @@ int aarch64_gdb_get_sve_reg(CPUARMState *env, GByteArray *buf, int reg);
68
int aarch64_gdb_set_sve_reg(CPUARMState *env, uint8_t *buf, int reg);
69
int aarch64_gdb_get_fpu_reg(CPUARMState *env, GByteArray *buf, int reg);
70
int aarch64_gdb_set_fpu_reg(CPUARMState *env, uint8_t *buf, int reg);
71
+int aarch64_gdb_get_pauth_reg(CPUARMState *env, GByteArray *buf, int reg);
72
+int aarch64_gdb_set_pauth_reg(CPUARMState *env, uint8_t *buf, int reg);
73
void arm_cpu_sve_finalize(ARMCPU *cpu, Error **errp);
74
void arm_cpu_sme_finalize(ARMCPU *cpu, Error **errp);
75
void arm_cpu_pauth_finalize(ARMCPU *cpu, Error **errp);
76
diff --git a/target/arm/gdbstub.c b/target/arm/gdbstub.c
77
index XXXXXXX..XXXXXXX 100644
78
--- a/target/arm/gdbstub.c
79
+++ b/target/arm/gdbstub.c
80
@@ -XXX,XX +XXX,XX @@ void arm_cpu_register_gdb_regs_for_features(ARMCPU *cpu)
81
aarch64_gdb_set_fpu_reg,
82
34, "aarch64-fpu.xml", 0);
83
}
84
+ if (isar_feature_aa64_pauth(&cpu->isar)) {
85
+ gdb_register_coprocessor(cs, aarch64_gdb_get_pauth_reg,
86
+ aarch64_gdb_set_pauth_reg,
87
+ 4, "aarch64-pauth.xml", 0);
88
+ }
89
#endif
90
} else {
91
if (arm_feature(env, ARM_FEATURE_NEON)) {
92
diff --git a/target/arm/gdbstub64.c b/target/arm/gdbstub64.c
93
index XXXXXXX..XXXXXXX 100644
94
--- a/target/arm/gdbstub64.c
95
+++ b/target/arm/gdbstub64.c
96
@@ -XXX,XX +XXX,XX @@ int aarch64_gdb_set_sve_reg(CPUARMState *env, uint8_t *buf, int reg)
97
return 0;
98
}
99
100
+int aarch64_gdb_get_pauth_reg(CPUARMState *env, GByteArray *buf, int reg)
101
+{
102
+ switch (reg) {
103
+ case 0: /* pauth_dmask */
104
+ case 1: /* pauth_cmask */
105
+ case 2: /* pauth_dmask_high */
106
+ case 3: /* pauth_cmask_high */
107
+ /*
108
+ * Note that older versions of this feature only contained
109
+ * pauth_{d,c}mask, for use with Linux user processes, and
110
+ * thus exclusively in the low half of the address space.
111
+ *
112
+ * To support system mode, and to debug kernels, two new regs
113
+ * were added to cover the high half of the address space.
114
+ * For the purpose of pauth_ptr_mask, we can use any well-formed
115
+ * address within the address space half -- here, 0 and -1.
116
+ */
117
+ {
118
+ bool is_data = !(reg & 1);
119
+ bool is_high = reg & 2;
120
+ uint64_t mask = pauth_ptr_mask(env, -is_high, is_data);
121
+ return gdb_get_reg64(buf, mask);
122
+ }
123
+ default:
124
+ return 0;
125
+ }
126
+}
127
+
128
+int aarch64_gdb_set_pauth_reg(CPUARMState *env, uint8_t *buf, int reg)
129
+{
130
+ /* All pseudo registers are read-only. */
131
+ return 0;
132
+}
133
+
134
static void output_vector_union_type(GString *s, int reg_width,
135
const char *name)
136
{
137
diff --git a/gdb-xml/aarch64-pauth.xml b/gdb-xml/aarch64-pauth.xml
138
new file mode 100644
139
index XXXXXXX..XXXXXXX
140
--- /dev/null
141
+++ b/gdb-xml/aarch64-pauth.xml
142
@@ -XXX,XX +XXX,XX @@
143
+<?xml version="1.0"?>
144
+<!-- Copyright (C) 2018-2022 Free Software Foundation, Inc.
145
+
146
+ Copying and distribution of this file, with or without modification,
147
+ are permitted in any medium without royalty provided the copyright
148
+ notice and this notice are preserved. -->
149
+
150
+<!DOCTYPE feature SYSTEM "gdb-target.dtd">
151
+<feature name="org.gnu.gdb.aarch64.pauth">
152
+ <reg name="pauth_dmask" bitsize="64"/>
153
+ <reg name="pauth_cmask" bitsize="64"/>
154
+ <reg name="pauth_dmask_high" bitsize="64"/>
155
+ <reg name="pauth_cmask_high" bitsize="64"/>
156
+</feature>
157
+
158
--
159
2.34.1
diff view generated by jsdifflib
[PULL 12/21] target/arm: Export arm_v7m_mrs_control
Deleted patch
1
From: David Reiss <dreiss@meta.com>
2
1
3
Allow the function to be used outside of m_helper.c.
4
Rename with an "arm_" prefix.
5
6
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
7
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
8
Signed-off-by: David Reiss <dreiss@meta.com>
9
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
10
Message-id: 20230227213329.793795-13-richard.henderson@linaro.org
11
[rth: Split out of a larger patch]
12
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
13
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
14
---
15
target/arm/internals.h | 3 +++
16
target/arm/tcg/m_helper.c | 6 +++---
17
2 files changed, 6 insertions(+), 3 deletions(-)
18
19
diff --git a/target/arm/internals.h b/target/arm/internals.h
20
index XXXXXXX..XXXXXXX 100644
21
--- a/target/arm/internals.h
22
+++ b/target/arm/internals.h
23
@@ -XXX,XX +XXX,XX @@ void arm_cpu_pauth_finalize(ARMCPU *cpu, Error **errp);
24
void arm_cpu_lpa2_finalize(ARMCPU *cpu, Error **errp);
25
#endif
26
27
+/* Read the CONTROL register as the MRS instruction would. */
28
+uint32_t arm_v7m_mrs_control(CPUARMState *env, uint32_t secure);
29
+
30
#ifdef CONFIG_USER_ONLY
31
static inline void define_cortex_a72_a57_a53_cp_reginfo(ARMCPU *cpu) { }
32
#else
33
diff --git a/target/arm/tcg/m_helper.c b/target/arm/tcg/m_helper.c
34
index XXXXXXX..XXXXXXX 100644
35
--- a/target/arm/tcg/m_helper.c
36
+++ b/target/arm/tcg/m_helper.c
37
@@ -XXX,XX +XXX,XX @@ static uint32_t v7m_mrs_xpsr(CPUARMState *env, uint32_t reg, unsigned el)
38
return xpsr_read(env) & mask;
39
}
40
41
-static uint32_t v7m_mrs_control(CPUARMState *env, uint32_t secure)
42
+uint32_t arm_v7m_mrs_control(CPUARMState *env, uint32_t secure)
43
{
44
uint32_t value = env->v7m.control[secure];
45
46
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(v7m_mrs)(CPUARMState *env, uint32_t reg)
47
case 0 ... 7: /* xPSR sub-fields */
48
return v7m_mrs_xpsr(env, reg, 0);
49
case 20: /* CONTROL */
50
- return v7m_mrs_control(env, 0);
51
+ return arm_v7m_mrs_control(env, 0);
52
default:
53
/* Unprivileged reads others as zero. */
54
return 0;
55
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(v7m_mrs)(CPUARMState *env, uint32_t reg)
56
case 0 ... 7: /* xPSR sub-fields */
57
return v7m_mrs_xpsr(env, reg, el);
58
case 20: /* CONTROL */
59
- return v7m_mrs_control(env, env->v7m.secure);
60
+ return arm_v7m_mrs_control(env, env->v7m.secure);
61
case 0x94: /* CONTROL_NS */
62
/*
63
* We have to handle this here because unprivileged Secure code
64
--
65
2.34.1
66
67
diff view generated by jsdifflib
[PULL 13/21] target/arm: Export arm_v7m_get_sp_ptr
Deleted patch
1
From: David Reiss <dreiss@meta.com>
2
1
3
Allow the function to be used outside of m_helper.c.
4
Move to be outside of ifndef CONFIG_USER_ONLY block.
5
Rename from get_v7m_sp_ptr.
6
7
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
8
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
9
Signed-off-by: David Reiss <dreiss@meta.com>
10
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
11
Message-id: 20230227213329.793795-14-richard.henderson@linaro.org
12
[rth: Split out of a larger patch]
13
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
14
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15
---
16
target/arm/internals.h | 10 +++++
17
target/arm/tcg/m_helper.c | 84 +++++++++++++++++++--------------------
18
2 files changed, 51 insertions(+), 43 deletions(-)
19
20
diff --git a/target/arm/internals.h b/target/arm/internals.h
21
index XXXXXXX..XXXXXXX 100644
22
--- a/target/arm/internals.h
23
+++ b/target/arm/internals.h
24
@@ -XXX,XX +XXX,XX @@ void arm_cpu_lpa2_finalize(ARMCPU *cpu, Error **errp);
25
/* Read the CONTROL register as the MRS instruction would. */
26
uint32_t arm_v7m_mrs_control(CPUARMState *env, uint32_t secure);
27
28
+/*
29
+ * Return a pointer to the location where we currently store the
30
+ * stack pointer for the requested security state and thread mode.
31
+ * This pointer will become invalid if the CPU state is updated
32
+ * such that the stack pointers are switched around (eg changing
33
+ * the SPSEL control bit).
34
+ */
35
+uint32_t *arm_v7m_get_sp_ptr(CPUARMState *env, bool secure,
36
+ bool threadmode, bool spsel);
37
+
38
#ifdef CONFIG_USER_ONLY
39
static inline void define_cortex_a72_a57_a53_cp_reginfo(ARMCPU *cpu) { }
40
#else
41
diff --git a/target/arm/tcg/m_helper.c b/target/arm/tcg/m_helper.c
42
index XXXXXXX..XXXXXXX 100644
43
--- a/target/arm/tcg/m_helper.c
44
+++ b/target/arm/tcg/m_helper.c
45
@@ -XXX,XX +XXX,XX @@ void HELPER(v7m_blxns)(CPUARMState *env, uint32_t dest)
46
arm_rebuild_hflags(env);
47
}
48
49
-static uint32_t *get_v7m_sp_ptr(CPUARMState *env, bool secure, bool threadmode,
50
- bool spsel)
51
-{
52
- /*
53
- * Return a pointer to the location where we currently store the
54
- * stack pointer for the requested security state and thread mode.
55
- * This pointer will become invalid if the CPU state is updated
56
- * such that the stack pointers are switched around (eg changing
57
- * the SPSEL control bit).
58
- * Compare the v8M ARM ARM pseudocode LookUpSP_with_security_mode().
59
- * Unlike that pseudocode, we require the caller to pass us in the
60
- * SPSEL control bit value; this is because we also use this
61
- * function in handling of pushing of the callee-saves registers
62
- * part of the v8M stack frame (pseudocode PushCalleeStack()),
63
- * and in the tailchain codepath the SPSEL bit comes from the exception
64
- * return magic LR value from the previous exception. The pseudocode
65
- * opencodes the stack-selection in PushCalleeStack(), but we prefer
66
- * to make this utility function generic enough to do the job.
67
- */
68
- bool want_psp = threadmode && spsel;
69
-
70
- if (secure == env->v7m.secure) {
71
- if (want_psp == v7m_using_psp(env)) {
72
- return &env->regs[13];
73
- } else {
74
- return &env->v7m.other_sp;
75
- }
76
- } else {
77
- if (want_psp) {
78
- return &env->v7m.other_ss_psp;
79
- } else {
80
- return &env->v7m.other_ss_msp;
81
- }
82
- }
83
-}
84
-
85
static bool arm_v7m_load_vector(ARMCPU *cpu, int exc, bool targets_secure,
86
uint32_t *pvec)
87
{
88
@@ -XXX,XX +XXX,XX @@ static bool v7m_push_callee_stack(ARMCPU *cpu, uint32_t lr, bool dotailchain,
89
!mode;
90
91
mmu_idx = arm_v7m_mmu_idx_for_secstate_and_priv(env, M_REG_S, priv);
92
- frame_sp_p = get_v7m_sp_ptr(env, M_REG_S, mode,
93
- lr & R_V7M_EXCRET_SPSEL_MASK);
94
+ frame_sp_p = arm_v7m_get_sp_ptr(env, M_REG_S, mode,
95
+ lr & R_V7M_EXCRET_SPSEL_MASK);
96
want_psp = mode && (lr & R_V7M_EXCRET_SPSEL_MASK);
97
if (want_psp) {
98
limit = env->v7m.psplim[M_REG_S];
99
@@ -XXX,XX +XXX,XX @@ static void do_v7m_exception_exit(ARMCPU *cpu)
100
* use 'frame_sp_p' after we do something that makes it invalid.
101
*/
102
bool spsel = env->v7m.control[return_to_secure] & R_V7M_CONTROL_SPSEL_MASK;
103
- uint32_t *frame_sp_p = get_v7m_sp_ptr(env,
104
- return_to_secure,
105
- !return_to_handler,
106
- spsel);
107
+ uint32_t *frame_sp_p = arm_v7m_get_sp_ptr(env, return_to_secure,
108
+ !return_to_handler, spsel);
109
uint32_t frameptr = *frame_sp_p;
110
bool pop_ok = true;
111
ARMMMUIdx mmu_idx;
112
@@ -XXX,XX +XXX,XX @@ static bool do_v7m_function_return(ARMCPU *cpu)
113
threadmode = !arm_v7m_is_handler_mode(env);
114
spsel = env->v7m.control[M_REG_S] & R_V7M_CONTROL_SPSEL_MASK;
115
116
- frame_sp_p = get_v7m_sp_ptr(env, true, threadmode, spsel);
117
+ frame_sp_p = arm_v7m_get_sp_ptr(env, true, threadmode, spsel);
118
frameptr = *frame_sp_p;
119
120
/*
121
@@ -XXX,XX +XXX,XX @@ uint32_t HELPER(v7m_tt)(CPUARMState *env, uint32_t addr, uint32_t op)
122
}
123
124
#endif /* !CONFIG_USER_ONLY */
125
+
126
+uint32_t *arm_v7m_get_sp_ptr(CPUARMState *env, bool secure, bool threadmode,
127
+ bool spsel)
128
+{
129
+ /*
130
+ * Return a pointer to the location where we currently store the
131
+ * stack pointer for the requested security state and thread mode.
132
+ * This pointer will become invalid if the CPU state is updated
133
+ * such that the stack pointers are switched around (eg changing
134
+ * the SPSEL control bit).
135
+ * Compare the v8M ARM ARM pseudocode LookUpSP_with_security_mode().
136
+ * Unlike that pseudocode, we require the caller to pass us in the
137
+ * SPSEL control bit value; this is because we also use this
138
+ * function in handling of pushing of the callee-saves registers
139
+ * part of the v8M stack frame (pseudocode PushCalleeStack()),
140
+ * and in the tailchain codepath the SPSEL bit comes from the exception
141
+ * return magic LR value from the previous exception. The pseudocode
142
+ * opencodes the stack-selection in PushCalleeStack(), but we prefer
143
+ * to make this utility function generic enough to do the job.
144
+ */
145
+ bool want_psp = threadmode && spsel;
146
+
147
+ if (secure == env->v7m.secure) {
148
+ if (want_psp == v7m_using_psp(env)) {
149
+ return &env->regs[13];
150
+ } else {
151
+ return &env->v7m.other_sp;
152
+ }
153
+ } else {
154
+ if (want_psp) {
155
+ return &env->v7m.other_ss_psp;
156
+ } else {
157
+ return &env->v7m.other_ss_msp;
158
+ }
159
+ }
160
+}
161
--
162
2.34.1
163
164
diff view generated by jsdifflib
[PULL 14/21] target/arm: Implement gdbstub m-profile systemreg and secext
[PULL 5/7] target/arm/ptw.c: Account for FEAT_RME when applying {N}SW, SA bits
1
From: Richard Henderson <richard.henderson@linaro.org>
1
In get_phys_addr_twostage() the code that applies the effects of
2
VSTCR.{SA,SW} and VTCR.{NSA,NSW} only updates result->f.attrs.secure.
3
Now we also have f.attrs.space for FEAT_RME, we need to keep the two
4
in sync.
2
5
3
The upstream gdb xml only implements {MSP,PSP}{,_NS,S}, but
6
These bits only have an effect for Secure space translations, not
4
go ahead and implement the other system registers as well.
7
for Root, so use the input in_space field to determine whether to
8
apply them rather than the input is_secure. This doesn't actually
9
make a difference because Root translations are never two-stage,
10
but it's a little clearer.
5
11
6
Since there is significant overlap between the two, implement
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
7
them with common code. The only exception is the systemreg
13
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
view of CONTROL, which merges the banked bits as per MRS.
14
Message-id: 20230710152130.3928330-4-peter.maydell@linaro.org
15
---
16
target/arm/ptw.c | 13 ++++++++-----
17
1 file changed, 8 insertions(+), 5 deletions(-)
9
18
10
Signed-off-by: David Reiss <dreiss@meta.com>
19
diff --git a/target/arm/ptw.c b/target/arm/ptw.c
11
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
12
Message-id: 20230227213329.793795-15-richard.henderson@linaro.org
13
[rth: Substatial rewrite using enumerator and shared code.]
14
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
16
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
17
---
18
target/arm/cpu.h | 2 +
19
target/arm/gdbstub.c | 178 +++++++++++++++++++++++++++++++++++++++++++
20
2 files changed, 180 insertions(+)
21
22
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
23
index XXXXXXX..XXXXXXX 100644
20
index XXXXXXX..XXXXXXX 100644
24
--- a/target/arm/cpu.h
21
--- a/target/arm/ptw.c
25
+++ b/target/arm/cpu.h
22
+++ b/target/arm/ptw.c
26
@@ -XXX,XX +XXX,XX @@ struct ArchCPU {
23
@@ -XXX,XX +XXX,XX @@ static bool get_phys_addr_twostage(CPUARMState *env, S1Translate *ptw,
27
24
hwaddr ipa;
28
DynamicGDBXMLInfo dyn_sysreg_xml;
25
int s1_prot, s1_lgpgsz;
29
DynamicGDBXMLInfo dyn_svereg_xml;
26
bool is_secure = ptw->in_secure;
30
+ DynamicGDBXMLInfo dyn_m_systemreg_xml;
27
+ ARMSecuritySpace in_space = ptw->in_space;
31
+ DynamicGDBXMLInfo dyn_m_secextreg_xml;
28
bool ret, ipa_secure;
32
29
ARMCacheAttrs cacheattrs1;
33
/* Timers used by the generic (architected) timer */
30
ARMSecuritySpace ipa_space;
34
QEMUTimer *gt_timer[NUM_GTIMERS];
31
@@ -XXX,XX +XXX,XX @@ static bool get_phys_addr_twostage(CPUARMState *env, S1Translate *ptw,
35
diff --git a/target/arm/gdbstub.c b/target/arm/gdbstub.c
32
* Check if IPA translates to secure or non-secure PA space.
36
index XXXXXXX..XXXXXXX 100644
33
* Note that VSTCR overrides VTCR and {N}SW overrides {N}SA.
37
--- a/target/arm/gdbstub.c
34
*/
38
+++ b/target/arm/gdbstub.c
35
- result->f.attrs.secure =
39
@@ -XXX,XX +XXX,XX @@ static int arm_gen_dynamic_sysreg_xml(CPUState *cs, int base_reg)
36
- (is_secure
40
return cpu->dyn_sysreg_xml.num;
37
- && !(env->cp15.vstcr_el2 & (VSTCR_SA | VSTCR_SW))
41
}
38
- && (ipa_secure
42
39
- || !(env->cp15.vtcr_el2 & (VTCR_NSA | VTCR_NSW))));
43
+typedef enum {
40
+ if (in_space == ARMSS_Secure) {
44
+ M_SYSREG_MSP,
41
+ result->f.attrs.secure =
45
+ M_SYSREG_PSP,
42
+ !(env->cp15.vstcr_el2 & (VSTCR_SA | VSTCR_SW))
46
+ M_SYSREG_PRIMASK,
43
+ && (ipa_secure
47
+ M_SYSREG_CONTROL,
44
+ || !(env->cp15.vtcr_el2 & (VTCR_NSA | VTCR_NSW)));
48
+ M_SYSREG_BASEPRI,
45
+ result->f.attrs.space = arm_secure_to_space(result->f.attrs.secure);
49
+ M_SYSREG_FAULTMASK,
50
+ M_SYSREG_MSPLIM,
51
+ M_SYSREG_PSPLIM,
52
+} MProfileSysreg;
53
+
54
+static const struct {
55
+ const char *name;
56
+ int feature;
57
+} m_sysreg_def[] = {
58
+ [M_SYSREG_MSP] = { "msp", ARM_FEATURE_M },
59
+ [M_SYSREG_PSP] = { "psp", ARM_FEATURE_M },
60
+ [M_SYSREG_PRIMASK] = { "primask", ARM_FEATURE_M },
61
+ [M_SYSREG_CONTROL] = { "control", ARM_FEATURE_M },
62
+ [M_SYSREG_BASEPRI] = { "basepri", ARM_FEATURE_M_MAIN },
63
+ [M_SYSREG_FAULTMASK] = { "faultmask", ARM_FEATURE_M_MAIN },
64
+ [M_SYSREG_MSPLIM] = { "msplim", ARM_FEATURE_V8 },
65
+ [M_SYSREG_PSPLIM] = { "psplim", ARM_FEATURE_V8 },
66
+};
67
+
68
+static uint32_t *m_sysreg_ptr(CPUARMState *env, MProfileSysreg reg, bool sec)
69
+{
70
+ uint32_t *ptr;
71
+
72
+ switch (reg) {
73
+ case M_SYSREG_MSP:
74
+ ptr = arm_v7m_get_sp_ptr(env, sec, false, true);
75
+ break;
76
+ case M_SYSREG_PSP:
77
+ ptr = arm_v7m_get_sp_ptr(env, sec, true, true);
78
+ break;
79
+ case M_SYSREG_MSPLIM:
80
+ ptr = &env->v7m.msplim[sec];
81
+ break;
82
+ case M_SYSREG_PSPLIM:
83
+ ptr = &env->v7m.psplim[sec];
84
+ break;
85
+ case M_SYSREG_PRIMASK:
86
+ ptr = &env->v7m.primask[sec];
87
+ break;
88
+ case M_SYSREG_BASEPRI:
89
+ ptr = &env->v7m.basepri[sec];
90
+ break;
91
+ case M_SYSREG_FAULTMASK:
92
+ ptr = &env->v7m.faultmask[sec];
93
+ break;
94
+ case M_SYSREG_CONTROL:
95
+ ptr = &env->v7m.control[sec];
96
+ break;
97
+ default:
98
+ return NULL;
99
+ }
46
+ }
100
+ return arm_feature(env, m_sysreg_def[reg].feature) ? ptr : NULL;
47
101
+}
48
return false;
102
+
103
+static int m_sysreg_get(CPUARMState *env, GByteArray *buf,
104
+ MProfileSysreg reg, bool secure)
105
+{
106
+ uint32_t *ptr = m_sysreg_ptr(env, reg, secure);
107
+
108
+ if (ptr == NULL) {
109
+ return 0;
110
+ }
111
+ return gdb_get_reg32(buf, *ptr);
112
+}
113
+
114
+static int arm_gdb_get_m_systemreg(CPUARMState *env, GByteArray *buf, int reg)
115
+{
116
+ /*
117
+ * Here, we emulate MRS instruction, where CONTROL has a mix of
118
+ * banked and non-banked bits.
119
+ */
120
+ if (reg == M_SYSREG_CONTROL) {
121
+ return gdb_get_reg32(buf, arm_v7m_mrs_control(env, env->v7m.secure));
122
+ }
123
+ return m_sysreg_get(env, buf, reg, env->v7m.secure);
124
+}
125
+
126
+static int arm_gdb_set_m_systemreg(CPUARMState *env, uint8_t *buf, int reg)
127
+{
128
+ return 0; /* TODO */
129
+}
130
+
131
+static int arm_gen_dynamic_m_systemreg_xml(CPUState *cs, int orig_base_reg)
132
+{
133
+ ARMCPU *cpu = ARM_CPU(cs);
134
+ CPUARMState *env = &cpu->env;
135
+ GString *s = g_string_new(NULL);
136
+ int base_reg = orig_base_reg;
137
+ int i;
138
+
139
+ g_string_printf(s, "<?xml version=\"1.0\"?>");
140
+ g_string_append_printf(s, "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">");
141
+ g_string_append_printf(s, "<feature name=\"org.gnu.gdb.arm.m-system\">\n");
142
+
143
+ for (i = 0; i < ARRAY_SIZE(m_sysreg_def); i++) {
144
+ if (arm_feature(env, m_sysreg_def[i].feature)) {
145
+ g_string_append_printf(s,
146
+ "<reg name=\"%s\" bitsize=\"32\" regnum=\"%d\"/>\n",
147
+ m_sysreg_def[i].name, base_reg++);
148
+ }
149
+ }
150
+
151
+ g_string_append_printf(s, "</feature>");
152
+ cpu->dyn_m_systemreg_xml.desc = g_string_free(s, false);
153
+ cpu->dyn_m_systemreg_xml.num = base_reg - orig_base_reg;
154
+
155
+ return cpu->dyn_m_systemreg_xml.num;
156
+}
157
+
158
+#ifndef CONFIG_USER_ONLY
159
+/*
160
+ * For user-only, we see the non-secure registers via m_systemreg above.
161
+ * For secext, encode the non-secure view as even and secure view as odd.
162
+ */
163
+static int arm_gdb_get_m_secextreg(CPUARMState *env, GByteArray *buf, int reg)
164
+{
165
+ return m_sysreg_get(env, buf, reg >> 1, reg & 1);
166
+}
167
+
168
+static int arm_gdb_set_m_secextreg(CPUARMState *env, uint8_t *buf, int reg)
169
+{
170
+ return 0; /* TODO */
171
+}
172
+
173
+static int arm_gen_dynamic_m_secextreg_xml(CPUState *cs, int orig_base_reg)
174
+{
175
+ ARMCPU *cpu = ARM_CPU(cs);
176
+ GString *s = g_string_new(NULL);
177
+ int base_reg = orig_base_reg;
178
+ int i;
179
+
180
+ g_string_printf(s, "<?xml version=\"1.0\"?>");
181
+ g_string_append_printf(s, "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">");
182
+ g_string_append_printf(s, "<feature name=\"org.gnu.gdb.arm.secext\">\n");
183
+
184
+ for (i = 0; i < ARRAY_SIZE(m_sysreg_def); i++) {
185
+ g_string_append_printf(s,
186
+ "<reg name=\"%s_ns\" bitsize=\"32\" regnum=\"%d\"/>\n",
187
+ m_sysreg_def[i].name, base_reg++);
188
+ g_string_append_printf(s,
189
+ "<reg name=\"%s_s\" bitsize=\"32\" regnum=\"%d\"/>\n",
190
+ m_sysreg_def[i].name, base_reg++);
191
+ }
192
+
193
+ g_string_append_printf(s, "</feature>");
194
+ cpu->dyn_m_secextreg_xml.desc = g_string_free(s, false);
195
+ cpu->dyn_m_secextreg_xml.num = base_reg - orig_base_reg;
196
+
197
+ return cpu->dyn_m_secextreg_xml.num;
198
+}
199
+#endif
200
+
201
const char *arm_gdb_get_dynamic_xml(CPUState *cs, const char *xmlname)
202
{
203
ARMCPU *cpu = ARM_CPU(cs);
204
@@ -XXX,XX +XXX,XX @@ const char *arm_gdb_get_dynamic_xml(CPUState *cs, const char *xmlname)
205
return cpu->dyn_sysreg_xml.desc;
206
} else if (strcmp(xmlname, "sve-registers.xml") == 0) {
207
return cpu->dyn_svereg_xml.desc;
208
+ } else if (strcmp(xmlname, "arm-m-system.xml") == 0) {
209
+ return cpu->dyn_m_systemreg_xml.desc;
210
+#ifndef CONFIG_USER_ONLY
211
+ } else if (strcmp(xmlname, "arm-m-secext.xml") == 0) {
212
+ return cpu->dyn_m_secextreg_xml.desc;
213
+#endif
214
}
215
return NULL;
216
}
217
@@ -XXX,XX +XXX,XX @@ void arm_cpu_register_gdb_regs_for_features(ARMCPU *cpu)
218
arm_gen_dynamic_sysreg_xml(cs, cs->gdb_num_regs),
219
"system-registers.xml", 0);
220
221
+ if (arm_feature(env, ARM_FEATURE_M)) {
222
+ gdb_register_coprocessor(cs,
223
+ arm_gdb_get_m_systemreg, arm_gdb_set_m_systemreg,
224
+ arm_gen_dynamic_m_systemreg_xml(cs, cs->gdb_num_regs),
225
+ "arm-m-system.xml", 0);
226
+#ifndef CONFIG_USER_ONLY
227
+ if (arm_feature(env, ARM_FEATURE_M_SECURITY)) {
228
+ gdb_register_coprocessor(cs,
229
+ arm_gdb_get_m_secextreg, arm_gdb_set_m_secextreg,
230
+ arm_gen_dynamic_m_secextreg_xml(cs, cs->gdb_num_regs),
231
+ "arm-m-secext.xml", 0);
232
+ }
233
+#endif
234
+ }
235
}
49
}
236
--
50
--
237
2.34.1
51
2.34.1
diff view generated by jsdifflib
[PULL 15/21] target/arm: Handle m-profile in arm_is_secure
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1421
4
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
5
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
6
Message-id: 20230227225832.816605-2-richard.henderson@linaro.org
7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
8
---
9
target/arm/cpu.h | 3 +++
10
1 file changed, 3 insertions(+)
11
12
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
13
index XXXXXXX..XXXXXXX 100644
14
--- a/target/arm/cpu.h
15
+++ b/target/arm/cpu.h
16
@@ -XXX,XX +XXX,XX @@ static inline bool arm_is_el3_or_mon(CPUARMState *env)
17
/* Return true if the processor is in secure state */
18
static inline bool arm_is_secure(CPUARMState *env)
19
{
20
+ if (arm_feature(env, ARM_FEATURE_M)) {
21
+ return env->v7m.secure;
22
+ }
23
if (arm_is_el3_or_mon(env)) {
24
return true;
25
}
26
--
27
2.34.1
diff view generated by jsdifflib
[PULL 16/21] target/arm: Stub arm_hcr_el2_eff for m-profile
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
M-profile doesn't have HCR_EL2. While we could test features
4
before each call, zero is a generally safe return value to
5
disable the code in the caller. This test is required to
6
avoid an assert in arm_is_secure_below_el3.
7
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
9
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
10
Message-id: 20230227225832.816605-3-richard.henderson@linaro.org
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
---
13
target/arm/helper.c | 3 +++
14
1 file changed, 3 insertions(+)
15
16
diff --git a/target/arm/helper.c b/target/arm/helper.c
17
index XXXXXXX..XXXXXXX 100644
18
--- a/target/arm/helper.c
19
+++ b/target/arm/helper.c
20
@@ -XXX,XX +XXX,XX @@ uint64_t arm_hcr_el2_eff_secstate(CPUARMState *env, bool secure)
21
22
uint64_t arm_hcr_el2_eff(CPUARMState *env)
23
{
24
+ if (arm_feature(env, ARM_FEATURE_M)) {
25
+ return 0;
26
+ }
27
return arm_hcr_el2_eff_secstate(env, arm_is_secure_below_el3(env));
28
}
29
30
--
31
2.34.1
diff view generated by jsdifflib
[PULL 17/21] target/arm: Diagnose incorrect usage of arm_is_secure subroutines
[PULL 6/7] accel/tcg: Zero-pad PC in TCG CPU exec trace lines
1
From: Richard Henderson <richard.henderson@linaro.org>
1
In commit f0a08b0913befbd we changed the type of the PC from
2
target_ulong to vaddr. In doing so we inadvertently dropped the
3
zero-padding on the PC in trace lines (the second item inside the []
4
in these lines). They used to look like this on AArch64, for
5
instance:
2
6
3
In several places we use arm_is_secure_below_el3 and
7
Trace 0: 0x7f2260000100 [00000000/0000000040000000/00000061/ff200000]
4
arm_is_el3_or_mon separately from arm_is_secure.
5
These functions make no sense for m-profile, and
6
would indicate prior incorrect feature testing.
7
8
8
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
9
and now they look like this:
10
Trace 0: 0x7f4f50000100 [00000000/40000000/00000061/ff200000]
11
12
and if the PC happens to be somewhere low like 0x5000
13
then the field is shown as /5000/.
14
15
This is because TARGET_FMT_lx is a "%08x" or "%016x" specifier,
16
depending on TARGET_LONG_SIZE, whereas VADDR_PRIx is just PRIx64
17
with no width specifier.
18
19
Restore the zero-padding by adding an 016 width specifier to
20
this tracing and a couple of others that were similarly recently
21
changed to use VADDR_PRIx without a width specifier.
22
23
We can't unfortunately restore the "32-bit guests are padded to
24
8 hex digits and 64-bit guests to 16 hex digits" behaviour so
25
easily.
26
27
Fixes: f0a08b0913befbd ("accel/tcg/cpu-exec.c: Widen pc to vaddr")
28
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
9
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
29
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
10
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
30
Reviewed-by: Anton Johansson <anjo@rev.ng>
11
Message-id: 20230227225832.816605-4-richard.henderson@linaro.org
31
Message-id: 20230711165434.4123674-1-peter.maydell@linaro.org
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
---
32
---
14
target/arm/cpu.h | 5 ++++-
33
accel/tcg/cpu-exec.c | 4 ++--
15
1 file changed, 4 insertions(+), 1 deletion(-)
34
accel/tcg/translate-all.c | 2 +-
35
2 files changed, 3 insertions(+), 3 deletions(-)
16
36
17
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
37
diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c
18
index XXXXXXX..XXXXXXX 100644
38
index XXXXXXX..XXXXXXX 100644
19
--- a/target/arm/cpu.h
39
--- a/accel/tcg/cpu-exec.c
20
+++ b/target/arm/cpu.h
40
+++ b/accel/tcg/cpu-exec.c
21
@@ -XXX,XX +XXX,XX @@ static inline int arm_feature(CPUARMState *env, int feature)
41
@@ -XXX,XX +XXX,XX @@ static void log_cpu_exec(vaddr pc, CPUState *cpu,
22
void arm_cpu_finalize_features(ARMCPU *cpu, Error **errp);
42
if (qemu_log_in_addr_range(pc)) {
23
43
qemu_log_mask(CPU_LOG_EXEC,
24
#if !defined(CONFIG_USER_ONLY)
44
"Trace %d: %p [%08" PRIx64
25
-/* Return true if exception levels below EL3 are in secure state,
45
- "/%" VADDR_PRIx "/%08x/%08x] %s\n",
26
+/*
46
+ "/%016" VADDR_PRIx "/%08x/%08x] %s\n",
27
+ * Return true if exception levels below EL3 are in secure state,
47
cpu->cpu_index, tb->tc.ptr, tb->cs_base, pc,
28
* or would be following an exception return to that level.
48
tb->flags, tb->cflags, lookup_symbol(pc));
29
* Unlike arm_is_secure() (which is always a question about the
49
30
* _current_ state of the CPU) this doesn't care about the current
50
@@ -XXX,XX +XXX,XX @@ cpu_tb_exec(CPUState *cpu, TranslationBlock *itb, int *tb_exit)
31
@@ -XXX,XX +XXX,XX @@ void arm_cpu_finalize_features(ARMCPU *cpu, Error **errp);
51
if (qemu_loglevel_mask(CPU_LOG_EXEC)) {
32
*/
52
vaddr pc = log_pc(cpu, last_tb);
33
static inline bool arm_is_secure_below_el3(CPUARMState *env)
53
if (qemu_log_in_addr_range(pc)) {
34
{
54
- qemu_log("Stopped execution of TB chain before %p [%"
35
+ assert(!arm_feature(env, ARM_FEATURE_M));
55
+ qemu_log("Stopped execution of TB chain before %p [%016"
36
if (arm_feature(env, ARM_FEATURE_EL3)) {
56
VADDR_PRIx "] %s\n",
37
return !(env->cp15.scr_el3 & SCR_NS);
57
last_tb->tc.ptr, pc, lookup_symbol(pc));
38
} else {
58
}
39
@@ -XXX,XX +XXX,XX @@ static inline bool arm_is_secure_below_el3(CPUARMState *env)
59
diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
40
/* Return true if the CPU is AArch64 EL3 or AArch32 Mon */
60
index XXXXXXX..XXXXXXX 100644
41
static inline bool arm_is_el3_or_mon(CPUARMState *env)
61
--- a/accel/tcg/translate-all.c
42
{
62
+++ b/accel/tcg/translate-all.c
43
+ assert(!arm_feature(env, ARM_FEATURE_M));
63
@@ -XXX,XX +XXX,XX @@ void cpu_io_recompile(CPUState *cpu, uintptr_t retaddr)
44
if (arm_feature(env, ARM_FEATURE_EL3)) {
64
if (qemu_loglevel_mask(CPU_LOG_EXEC)) {
45
if (is_a64(env) && extract32(env->pstate, 2, 2) == 3) {
65
vaddr pc = log_pc(cpu, tb);
46
/* CPU currently in AArch64 state and EL3 */
66
if (qemu_log_in_addr_range(pc)) {
67
- qemu_log("cpu_io_recompile: rewound execution of TB to %"
68
+ qemu_log("cpu_io_recompile: rewound execution of TB to %016"
69
VADDR_PRIx "\n", pc);
70
}
71
}
47
--
72
--
48
2.34.1
73
2.34.1
49
74
50
75
diff view generated by jsdifflib
[PULL 19/21] hw: arm: Support direct boot for Linux/arm64 EFI zboot images
[PULL 7/7] hw/nvram: Avoid unnecessary Xilinx eFuse backstore write
1
From: Ard Biesheuvel <ardb@kernel.org>
1
From: Tong Ho <tong.ho@amd.com>
2
2
3
Fedora 39 will ship its arm64 kernels in the new generic EFI zboot
3
Add a check in the bit-set operation to write the backstore
4
format, using gzip compression for the payload.
4
only if the affected bit is 0 before.
5
5
6
For doing EFI boot in QEMU, this is completely transparent, as the
6
With this in place, there will be no need for callers to
7
firmware or bootloader will take care of this. However, for direct
7
do the checking in order to avoid unnecessary writes.
8
kernel boot without firmware, we will lose the ability to boot such
9
distro kernels unless we deal with the new format directly.
10
8
11
EFI zboot images contain metadata in the header regarding the placement
9
Signed-off-by: Tong Ho <tong.ho@amd.com>
12
of the compressed payload inside the image, and the type of compression
10
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
13
used. This means we can wire up the existing gzip support without too
11
Reviewed-by: Francisco Iglesias <frasse.iglesias@gmail.com>
14
much hassle, by parsing the header and grabbing the payload from inside
12
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
15
the loaded zboot image.
16
17
Cc: Peter Maydell <peter.maydell@linaro.org>
18
Cc: Alex Bennée <alex.bennee@linaro.org>
19
Cc: Richard Henderson <richard.henderson@linaro.org>
20
Cc: Philippe Mathieu-Daudé <f4bug@amsat.org>
21
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
22
Message-id: 20230303160109.3626966-1-ardb@kernel.org
23
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
24
[PMM: tweaked comment formatting, fixed checkpatch nits]
25
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
26
---
14
---
27
include/hw/loader.h | 19 ++++++++++
15
hw/nvram/xlnx-efuse.c | 11 +++++++++--
28
hw/arm/boot.c | 6 +++
16
1 file changed, 9 insertions(+), 2 deletions(-)
29
hw/core/loader.c | 91 +++++++++++++++++++++++++++++++++++++++++++++
30
3 files changed, 116 insertions(+)
31
17
32
diff --git a/include/hw/loader.h b/include/hw/loader.h
18
diff --git a/hw/nvram/xlnx-efuse.c b/hw/nvram/xlnx-efuse.c
33
index XXXXXXX..XXXXXXX 100644
19
index XXXXXXX..XXXXXXX 100644
34
--- a/include/hw/loader.h
20
--- a/hw/nvram/xlnx-efuse.c
35
+++ b/include/hw/loader.h
21
+++ b/hw/nvram/xlnx-efuse.c
36
@@ -XXX,XX +XXX,XX @@ ssize_t load_image_gzipped_buffer(const char *filename, uint64_t max_sz,
22
@@ -XXX,XX +XXX,XX @@ static bool efuse_ro_bits_find(XlnxEFuse *s, uint32_t k)
37
uint8_t **buffer);
23
38
ssize_t load_image_gzipped(const char *filename, hwaddr addr, uint64_t max_sz);
24
bool xlnx_efuse_set_bit(XlnxEFuse *s, unsigned int bit)
39
25
{
40
+/**
26
+ uint32_t set, *row;
41
+ * unpack_efi_zboot_image:
42
+ * @buffer: pointer to a variable holding the address of a buffer containing the
43
+ * image
44
+ * @size: pointer to a variable holding the size of the buffer
45
+ *
46
+ * Check whether the buffer contains a EFI zboot image, and if it does, extract
47
+ * the compressed payload and decompress it into a new buffer. If successful,
48
+ * the old buffer is freed, and the *buffer and size variables pointed to by the
49
+ * function arguments are updated to refer to the newly populated buffer.
50
+ *
51
+ * Returns 0 if the image could not be identified as a EFI zboot image.
52
+ * Returns -1 if the buffer contents were identified as a EFI zboot image, but
53
+ * unpacking failed for any reason.
54
+ * Returns the size of the decompressed payload if decompression was performed
55
+ * successfully.
56
+ */
57
+ssize_t unpack_efi_zboot_image(uint8_t **buffer, int *size);
58
+
27
+
59
#define ELF_LOAD_FAILED -1
28
if (efuse_ro_bits_find(s, bit)) {
60
#define ELF_LOAD_NOT_ELF -2
29
g_autofree char *path = object_get_canonical_path(OBJECT(s));
61
#define ELF_LOAD_WRONG_ARCH -3
30
62
diff --git a/hw/arm/boot.c b/hw/arm/boot.c
31
@@ -XXX,XX +XXX,XX @@ bool xlnx_efuse_set_bit(XlnxEFuse *s, unsigned int bit)
63
index XXXXXXX..XXXXXXX 100644
32
return false;
64
--- a/hw/arm/boot.c
65
+++ b/hw/arm/boot.c
66
@@ -XXX,XX +XXX,XX @@ static uint64_t load_aarch64_image(const char *filename, hwaddr mem_base,
67
return -1;
68
}
69
size = len;
70
+
71
+ /* Unpack the image if it is a EFI zboot image */
72
+ if (unpack_efi_zboot_image(&buffer, &size) < 0) {
73
+ g_free(buffer);
74
+ return -1;
75
+ }
76
}
33
}
77
34
78
/* check the arm64 magic header value -- very old kernels may not have it */
35
- s->fuse32[bit / 32] |= 1 << (bit % 32);
79
diff --git a/hw/core/loader.c b/hw/core/loader.c
36
- efuse_bdrv_sync(s, bit);
80
index XXXXXXX..XXXXXXX 100644
37
+ /* Avoid back-end write unless there is a real update */
81
--- a/hw/core/loader.c
38
+ row = &s->fuse32[bit / 32];
82
+++ b/hw/core/loader.c
39
+ set = 1 << (bit % 32);
83
@@ -XXX,XX +XXX,XX @@ ssize_t load_image_gzipped(const char *filename, hwaddr addr, uint64_t max_sz)
40
+ if (!(set & *row)) {
84
return bytes;
41
+ *row |= set;
42
+ efuse_bdrv_sync(s, bit);
43
+ }
44
return true;
85
}
45
}
86
46
87
+/* The PE/COFF MS-DOS stub magic number */
88
+#define EFI_PE_MSDOS_MAGIC "MZ"
89
+
90
+/*
91
+ * The Linux header magic number for a EFI PE/COFF
92
+ * image targetting an unspecified architecture.
93
+ */
94
+#define EFI_PE_LINUX_MAGIC "\xcd\x23\x82\x81"
95
+
96
+/*
97
+ * Bootable Linux kernel images may be packaged as EFI zboot images, which are
98
+ * self-decompressing executables when loaded via EFI. The compressed payload
99
+ * can also be extracted from the image and decompressed by a non-EFI loader.
100
+ *
101
+ * The de facto specification for this format is at the following URL:
102
+ *
103
+ * https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/drivers/firmware/efi/libstub/zboot-header.S
104
+ *
105
+ * This definition is based on Linux upstream commit 29636a5ce87beba.
106
+ */
107
+struct linux_efi_zboot_header {
108
+ uint8_t msdos_magic[2]; /* PE/COFF 'MZ' magic number */
109
+ uint8_t reserved0[2];
110
+ uint8_t zimg[4]; /* "zimg" for Linux EFI zboot images */
111
+ uint32_t payload_offset; /* LE offset to compressed payload */
112
+ uint32_t payload_size; /* LE size of the compressed payload */
113
+ uint8_t reserved1[8];
114
+ char compression_type[32]; /* Compression type, NUL terminated */
115
+ uint8_t linux_magic[4]; /* Linux header magic */
116
+ uint32_t pe_header_offset; /* LE offset to the PE header */
117
+};
118
+
119
+/*
120
+ * Check whether *buffer points to a Linux EFI zboot image in memory.
121
+ *
122
+ * If it does, attempt to decompress it to a new buffer, and free the old one.
123
+ * If any of this fails, return an error to the caller.
124
+ *
125
+ * If the image is not a Linux EFI zboot image, do nothing and return success.
126
+ */
127
+ssize_t unpack_efi_zboot_image(uint8_t **buffer, int *size)
128
+{
129
+ const struct linux_efi_zboot_header *header;
130
+ uint8_t *data = NULL;
131
+ int ploff, plsize;
132
+ ssize_t bytes;
133
+
134
+ /* ignore if this is too small to be a EFI zboot image */
135
+ if (*size < sizeof(*header)) {
136
+ return 0;
137
+ }
138
+
139
+ header = (struct linux_efi_zboot_header *)*buffer;
140
+
141
+ /* ignore if this is not a Linux EFI zboot image */
142
+ if (memcmp(&header->msdos_magic, EFI_PE_MSDOS_MAGIC, 2) != 0 ||
143
+ memcmp(&header->zimg, "zimg", 4) != 0 ||
144
+ memcmp(&header->linux_magic, EFI_PE_LINUX_MAGIC, 4) != 0) {
145
+ return 0;
146
+ }
147
+
148
+ if (strcmp(header->compression_type, "gzip") != 0) {
149
+ fprintf(stderr,
150
+ "unable to handle EFI zboot image with \"%.*s\" compression\n",
151
+ (int)sizeof(header->compression_type) - 1,
152
+ header->compression_type);
153
+ return -1;
154
+ }
155
+
156
+ ploff = ldl_le_p(&header->payload_offset);
157
+ plsize = ldl_le_p(&header->payload_size);
158
+
159
+ if (ploff < 0 || plsize < 0 || ploff + plsize > *size) {
160
+ fprintf(stderr, "unable to handle corrupt EFI zboot image\n");
161
+ return -1;
162
+ }
163
+
164
+ data = g_malloc(LOAD_IMAGE_MAX_GUNZIP_BYTES);
165
+ bytes = gunzip(data, LOAD_IMAGE_MAX_GUNZIP_BYTES, *buffer + ploff, plsize);
166
+ if (bytes < 0) {
167
+ fprintf(stderr, "failed to decompress EFI zboot image\n");
168
+ g_free(data);
169
+ return -1;
170
+ }
171
+
172
+ g_free(*buffer);
173
+ *buffer = g_realloc(data, bytes);
174
+ *size = bytes;
175
+ return bytes;
176
+}
177
+
178
/*
179
* Functions for reboot-persistent memory regions.
180
* - used for vga bios and option roms.
181
--
47
--
182
2.34.1
48
2.34.1
183
49
184
50
diff view generated by jsdifflib
[PULL 20/21] hw: allwinner-i2c: Fix TWI_CNTR_INT_FLAG on SUN6i SoCs
Deleted patch
1
From: qianfan Zhao <qianfanguijin@163.com>
2
1
3
TWI_CNTR_INT_FLAG is W1C(write 1 to clear and write 0 has non-effect)
4
register on SUN6i based SoCs, we should lower interrupt when the guest
5
set this bit.
6
7
The linux kernel will hang in irq handler(mv64xxx_i2c_intr) if no
8
device connected on the i2c bus, next is the trace log:
9
10
allwinner_i2c_write write CNTR(0x0c): 0xc4 A_ACK BUS_EN INT_EN
11
allwinner_i2c_write write CNTR(0x0c): 0xcc A_ACK INT_FLAG BUS_EN INT_EN
12
allwinner_i2c_read read CNTR(0x0c): 0xcc A_ACK INT_FLAG BUS_EN INT_EN
13
allwinner_i2c_read read STAT(0x10): 0x20 STAT_M_ADDR_WR_NACK
14
allwinner_i2c_write write CNTR(0x0c): 0x54 A_ACK M_STP BUS_EN
15
allwinner_i2c_write write CNTR(0x0c): 0x4c A_ACK INT_FLAG BUS_EN
16
allwinner_i2c_read read CNTR(0x0c): 0x4c A_ACK INT_FLAG BUS_EN
17
allwinner_i2c_read read STAT(0x10): 0xf8 STAT_IDLE
18
allwinner_i2c_write write CNTR(0x0c): 0x54 A_ACK M_STP BUS_EN
19
allwinner_i2c_write write CNTR(0x0c): 0x4c A_ACK INT_FLAG BUS_EN
20
allwinner_i2c_read read CNTR(0x0c): 0x4c A_ACK INT_FLAG BUS_EN
21
allwinner_i2c_read read STAT(0x10): 0xf8 STAT_IDLE
22
...
23
24
Fix it.
25
26
Signed-off-by: qianfan Zhao <qianfanguijin@163.com>
27
Reviewed-by: Strahinja Jankovic <strahinja.p.jankovic@gmail.com>
28
Tested-by: Strahinja Jankovic <strahinja.p.jankovic@gmail.com>
29
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
30
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
31
---
32
include/hw/i2c/allwinner-i2c.h | 6 ++++++
33
hw/i2c/allwinner-i2c.c | 26 ++++++++++++++++++++++++--
34
2 files changed, 30 insertions(+), 2 deletions(-)
35
36
diff --git a/include/hw/i2c/allwinner-i2c.h b/include/hw/i2c/allwinner-i2c.h
37
index XXXXXXX..XXXXXXX 100644
38
--- a/include/hw/i2c/allwinner-i2c.h
39
+++ b/include/hw/i2c/allwinner-i2c.h
40
@@ -XXX,XX +XXX,XX @@
41
#include "qom/object.h"
42
43
#define TYPE_AW_I2C "allwinner.i2c"
44
+
45
+/** Allwinner I2C sun6i family and newer (A31, H2+, H3, etc) */
46
+#define TYPE_AW_I2C_SUN6I TYPE_AW_I2C "-sun6i"
47
+
48
OBJECT_DECLARE_SIMPLE_TYPE(AWI2CState, AW_I2C)
49
50
#define AW_I2C_MEM_SIZE 0x24
51
@@ -XXX,XX +XXX,XX @@ struct AWI2CState {
52
uint8_t srst;
53
uint8_t efr;
54
uint8_t lcr;
55
+
56
+ bool irq_clear_inverted;
57
};
58
59
#endif /* ALLWINNER_I2C_H */
60
diff --git a/hw/i2c/allwinner-i2c.c b/hw/i2c/allwinner-i2c.c
61
index XXXXXXX..XXXXXXX 100644
62
--- a/hw/i2c/allwinner-i2c.c
63
+++ b/hw/i2c/allwinner-i2c.c
64
@@ -XXX,XX +XXX,XX @@ static void allwinner_i2c_write(void *opaque, hwaddr offset,
65
s->stat = STAT_FROM_STA(STAT_IDLE);
66
s->cntr &= ~TWI_CNTR_M_STP;
67
}
68
- if ((s->cntr & TWI_CNTR_INT_FLAG) == 0) {
69
- /* Interrupt flag cleared */
70
+
71
+ if (!s->irq_clear_inverted && !(s->cntr & TWI_CNTR_INT_FLAG)) {
72
+ /* Write 0 to clear this flag */
73
+ qemu_irq_lower(s->irq);
74
+ } else if (s->irq_clear_inverted && (s->cntr & TWI_CNTR_INT_FLAG)) {
75
+ /* Write 1 to clear this flag */
76
+ s->cntr &= ~TWI_CNTR_INT_FLAG;
77
qemu_irq_lower(s->irq);
78
}
79
+
80
if ((s->cntr & TWI_CNTR_A_ACK) == 0) {
81
if (STAT_TO_STA(s->stat) == STAT_M_DATA_RX_ACK) {
82
s->stat = STAT_FROM_STA(STAT_M_DATA_RX_NACK);
83
@@ -XXX,XX +XXX,XX @@ static const TypeInfo allwinner_i2c_type_info = {
84
.class_init = allwinner_i2c_class_init,
85
};
86
87
+static void allwinner_i2c_sun6i_init(Object *obj)
88
+{
89
+ AWI2CState *s = AW_I2C(obj);
90
+
91
+ s->irq_clear_inverted = true;
92
+}
93
+
94
+static const TypeInfo allwinner_i2c_sun6i_type_info = {
95
+ .name = TYPE_AW_I2C_SUN6I,
96
+ .parent = TYPE_SYS_BUS_DEVICE,
97
+ .instance_size = sizeof(AWI2CState),
98
+ .instance_init = allwinner_i2c_sun6i_init,
99
+ .class_init = allwinner_i2c_class_init,
100
+};
101
+
102
static void allwinner_i2c_register_types(void)
103
{
104
type_register_static(&allwinner_i2c_type_info);
105
+ type_register_static(&allwinner_i2c_sun6i_type_info);
106
}
107
108
type_init(allwinner_i2c_register_types)
109
--
110
2.34.1
diff view generated by jsdifflib

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.