[PULL 00/12] target-arm queue
[Qemu-devel] [PULL v2 00/23] target-arm queue
1
Hi; here's a relatively small target-arm queue, pretty much all
1
v2: dropped patches that add the microbit nRF51 non-volatile memories
2
bug fixes. (There are a few non-arm patches that I've thrown in
2
and the test case for them.
3
there too for my convenience :-))
4
3
5
thanks
4
thanks
6
-- PMM
5
-- PMM
7
6
8
The following changes since commit 278238505d28d292927bff7683f39fb4fbca7fd1:
9
7
10
Merge tag 'pull-tcg-20230511-2' of https://gitlab.com/rth7680/qemu into staging (2023-05-11 11:44:23 +0100)
8
The following changes since commit 3a183e330dbd7dbcac3841737ac874979552cca2:
9
10
Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20190128' into staging (2019-01-28 16:26:47 +0000)
11
11
12
are available in the Git repository at:
12
are available in the Git repository at:
13
13
14
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20230512
14
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20190129
15
15
16
for you to fetch changes up to 478dccbb99db0bf8f00537dd0b4d0de88d5cb537:
16
for you to fetch changes up to 46f5abc0a2566ac3dc954eeb62fd625f0eaca120:
17
17
18
target/arm: Correct AArch64.S2MinTxSZ 32-bit EL1 input size check (2023-05-12 16:01:25 +0100)
18
gdbstub: Simplify gdb_get_cpu_pid() to use cpu->cluster_index (2019-01-29 11:46:06 +0000)
19
19
20
----------------------------------------------------------------
20
----------------------------------------------------------------
21
target-arm queue:
21
target-arm queue:
22
* More refactoring of files into tcg/
22
* Fix validation of 32-bit address spaces for aa32 (fixes an assert introduced in ba97be9f4a4)
23
* Don't allow stage 2 page table walks to downgrade to NS
23
* v8m: Ensure IDAU is respected if SAU is disabled
24
* Fix handling of SW and NSW bits for stage 2 walks
24
* gdbstub: fix gdb_get_cpu(s, pid, tid) when pid and/or tid are 0
25
* MAINTAINERS: Update Akihiko Odaki's email address
25
* exec.c: Use correct attrs in cpu_memory_rw_debug()
26
* ui: Fix pixel colour channel order for PNG screenshots
26
* accel/tcg/user-exec: Don't parse aarch64 insns to test for read vs write
27
* docs: Remove unused weirdly-named cross-reference targets
27
* target/arm: Don't clear supported PMU events when initializing PMCEID1
28
* hw/mips/malta: Fix minor dead code issue
28
* memory: add memory_region_flush_rom_device()
29
* Fixes for the "allow CONFIG_TCG=n" changes
29
* microbit: Add stub NRF51 TWI magnetometer/accelerometer detection
30
* tests/qtest: Don't run cdrom boot tests if no accelerator is present
30
* tests/microbit-test: extend testing of microbit devices
31
* target/arm: Correct AArch64.S2MinTxSZ 32-bit EL1 input size check
31
* checkpatch: Don't emit spurious warnings about block comments
32
* aspeed/smc: misc bug fixes
33
* xlnx-zynqmp: Don't create rpu-cluster if there are no RPUs
34
* xlnx-zynqmp: Realize cluster after putting RPUs in it
35
* accel/tcg: Add cluster number to TCG TB hash so differently configured
36
CPUs don't pick up cached TBs for the wrong kind of CPU
32
37
33
----------------------------------------------------------------
38
----------------------------------------------------------------
34
Akihiko Odaki (1):
39
Aaron Lindsay OS (1):
35
MAINTAINERS: Update Akihiko Odaki's email address
40
target/arm: Don't clear supported PMU events when initializing PMCEID1
36
41
37
Fabiano Rosas (3):
42
Cédric Le Goater (4):
38
target/arm: Select SEMIHOSTING when using TCG
43
aspeed/smc: fix default read value
39
target/arm: Select CONFIG_ARM_V7M when TCG is enabled
44
aspeed/smc: define registers for all possible CS
40
tests/qtest: Don't run cdrom boot tests if no accelerator is present
45
aspeed/smc: Add dummy data register
46
aspeed/smc: snoop SPI transfers to fake dummy cycles
41
47
42
Peter Maydell (6):
48
Julia Suvorova (3):
43
target/arm: Don't allow stage 2 page table walks to downgrade to NS
49
tests/libqtest: Introduce qtest_init_with_serial()
44
target/arm: Fix handling of SW and NSW bits for stage 2 walks
50
tests/microbit-test: Make test independent of global_qtest
45
ui: Fix pixel colour channel order for PNG screenshots
51
tests/microbit-test: Check nRF51 UART functionality
46
docs: Remove unused weirdly-named cross-reference targets
47
hw/mips/malta: Fix minor dead code issue
48
target/arm: Correct AArch64.S2MinTxSZ 32-bit EL1 input size check
49
52
50
Richard Henderson (2):
53
Luc Michel (1):
51
target/arm: Move translate-a32.h, arm_ldst.h, sve_ldst_internal.h to tcg/
54
gdbstub: fix gdb_get_cpu(s, pid, tid) when pid and/or tid are 0
52
target/arm: Move helper-{a64,mve,sme,sve}.h to tcg/
53
55
54
MAINTAINERS | 4 +-
56
Peter Maydell (8):
55
docs/system/devices/igb.rst | 2 +-
57
exec.c: Use correct attrs in cpu_memory_rw_debug()
56
docs/system/devices/ivshmem.rst | 2 -
58
accel/tcg/user-exec: Don't parse aarch64 insns to test for read vs write
57
docs/system/devices/net.rst | 2 +-
59
checkpatch: Don't emit spurious warnings about block comments
58
docs/system/devices/usb.rst | 2 -
60
xlnx-zynqmp: Don't create rpu-cluster if there are no RPUs
59
docs/system/keys.rst | 2 +-
61
hw/arm/xlnx-zynqmp: Realize cluster after putting RPUs in it
60
docs/system/linuxboot.rst | 2 +-
62
qom/cpu: Add cluster_index to CPUState
61
docs/system/target-i386.rst | 4 --
63
accel/tcg: Add cluster number to TCG TB hash
62
target/arm/helper.h | 8 +--
64
gdbstub: Simplify gdb_get_cpu_pid() to use cpu->cluster_index
63
target/arm/internals.h | 12 +++-
65
64
target/arm/{ => tcg}/arm_ldst.h | 0
66
Richard Henderson (1):
65
target/arm/{ => tcg}/helper-a64.h | 0
67
target/arm: Fix validation of 32-bit address spaces for aa32
66
target/arm/{ => tcg}/helper-mve.h | 0
68
67
target/arm/{ => tcg}/helper-sme.h | 0
69
Stefan Hajnoczi (3):
68
target/arm/{ => tcg}/helper-sve.h | 0
70
tests/microbit-test: add TWI stub device test
69
target/arm/{ => tcg}/sve_ldst_internal.h | 0
71
MAINTAINERS: update microbit ARM board files
70
target/arm/{ => tcg}/translate-a32.h | 0
72
memory: add memory_region_flush_rom_device()
71
hw/mips/malta.c | 5 +-
73
72
target/arm/gdbstub64.c | 2 +-
74
Steffen Görtz (1):
73
target/arm/helper.c | 15 ++++-
75
arm: Stub out NRF51 TWI magnetometer/accelerometer detection
74
target/arm/ptw.c | 95 +++++++++++++++++++-------------
76
75
target/arm/tcg/pauth_helper.c | 6 +-
77
Thomas Roth (1):
76
tests/qtest/cdrom-test.c | 10 ++++
78
target/arm: v8m: Ensure IDAU is respected if SAU is disabled
77
ui/console.c | 4 +-
79
78
target/arm/Kconfig | 9 +--
80
hw/i2c/Makefile.objs | 1 +
79
25 files changed, 109 insertions(+), 77 deletions(-)
81
include/exec/exec-all.h | 4 +-
80
rename target/arm/{ => tcg}/arm_ldst.h (100%)
82
include/exec/memory.h | 18 +++
81
rename target/arm/{ => tcg}/helper-a64.h (100%)
83
include/hw/arm/nrf51.h | 2 +
82
rename target/arm/{ => tcg}/helper-mve.h (100%)
84
include/hw/arm/nrf51_soc.h | 1 +
83
rename target/arm/{ => tcg}/helper-sme.h (100%)
85
include/hw/cpu/cluster.h | 24 +++
84
rename target/arm/{ => tcg}/helper-sve.h (100%)
86
include/hw/i2c/microbit_i2c.h | 42 +++++
85
rename target/arm/{ => tcg}/sve_ldst_internal.h (100%)
87
include/hw/ssi/aspeed_smc.h | 3 +
86
rename target/arm/{ => tcg}/translate-a32.h (100%)
88
include/qom/cpu.h | 7 +
89
target/arm/cpu.h | 11 +-
90
tests/libqtest.h | 11 ++
91
accel/tcg/cpu-exec.c | 3 +
92
accel/tcg/translate-all.c | 3 +
93
accel/tcg/user-exec.c | 66 ++++++--
94
exec.c | 19 ++-
95
gdbstub.c | 120 ++++++---------
96
hw/arm/microbit.c | 16 ++
97
hw/arm/xlnx-zynqmp.c | 9 +-
98
hw/cpu/cluster.c | 46 ++++++
99
hw/i2c/microbit_i2c.c | 127 +++++++++++++++
100
hw/ssi/aspeed_smc.c | 128 ++++++++++++++-
101
qom/cpu.c | 1 +
102
target/arm/cpu.c | 3 +-
103
target/arm/helper.c | 67 ++++----
104
tests/libqtest.c | 25 +++
105
tests/microbit-test.c | 350 +++++++++++++++++++++++++++++-------------
106
MAINTAINERS | 8 +-
107
scripts/checkpatch.pl | 2 +-
108
28 files changed, 874 insertions(+), 243 deletions(-)
109
create mode 100644 include/hw/i2c/microbit_i2c.h
110
create mode 100644 hw/i2c/microbit_i2c.c
111
diff view generated by jsdifflib
[PULL 01/12] target/arm: Move translate-a32.h, arm_ldst.h, sve_ldst_internal.h to tcg/
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
These files got missed when populating tcg/.
4
Because they are included with "", no change to the users required.
5
6
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
7
Reviewed-by: Fabiano Rosas <farosas@suse.de>
8
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
9
Message-id: 20230504110412.1892411-2-richard.henderson@linaro.org
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
12
target/arm/{ => tcg}/arm_ldst.h | 0
13
target/arm/{ => tcg}/sve_ldst_internal.h | 0
14
target/arm/{ => tcg}/translate-a32.h | 0
15
3 files changed, 0 insertions(+), 0 deletions(-)
16
rename target/arm/{ => tcg}/arm_ldst.h (100%)
17
rename target/arm/{ => tcg}/sve_ldst_internal.h (100%)
18
rename target/arm/{ => tcg}/translate-a32.h (100%)
19
20
diff --git a/target/arm/arm_ldst.h b/target/arm/tcg/arm_ldst.h
21
similarity index 100%
22
rename from target/arm/arm_ldst.h
23
rename to target/arm/tcg/arm_ldst.h
24
diff --git a/target/arm/sve_ldst_internal.h b/target/arm/tcg/sve_ldst_internal.h
25
similarity index 100%
26
rename from target/arm/sve_ldst_internal.h
27
rename to target/arm/tcg/sve_ldst_internal.h
28
diff --git a/target/arm/translate-a32.h b/target/arm/tcg/translate-a32.h
29
similarity index 100%
30
rename from target/arm/translate-a32.h
31
rename to target/arm/tcg/translate-a32.h
32
--
33
2.34.1
34
35
diff view generated by jsdifflib
[PULL 02/12] target/arm: Move helper-{a64,mve,sme,sve}.h to tcg/
Deleted patch
1
From: Richard Henderson <richard.henderson@linaro.org>
2
1
3
While we cannot move the main "helper.h" out of target/arm/,
4
due to usage by generic code, we can move the sub-includes.
5
6
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
7
Reviewed-by: Fabiano Rosas <farosas@suse.de>
8
Message-id: 20230504110412.1892411-3-richard.henderson@linaro.org
9
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
---
12
target/arm/helper.h | 8 ++++----
13
target/arm/{ => tcg}/helper-a64.h | 0
14
target/arm/{ => tcg}/helper-mve.h | 0
15
target/arm/{ => tcg}/helper-sme.h | 0
16
target/arm/{ => tcg}/helper-sve.h | 0
17
5 files changed, 4 insertions(+), 4 deletions(-)
18
rename target/arm/{ => tcg}/helper-a64.h (100%)
19
rename target/arm/{ => tcg}/helper-mve.h (100%)
20
rename target/arm/{ => tcg}/helper-sme.h (100%)
21
rename target/arm/{ => tcg}/helper-sve.h (100%)
22
23
diff --git a/target/arm/helper.h b/target/arm/helper.h
24
index XXXXXXX..XXXXXXX 100644
25
--- a/target/arm/helper.h
26
+++ b/target/arm/helper.h
27
@@ -XXX,XX +XXX,XX @@ DEF_HELPER_FLAGS_5(gvec_uclamp_d, TCG_CALL_NO_RWG,
28
void, ptr, ptr, ptr, ptr, i32)
29
30
#ifdef TARGET_AARCH64
31
-#include "helper-a64.h"
32
-#include "helper-sve.h"
33
-#include "helper-sme.h"
34
+#include "tcg/helper-a64.h"
35
+#include "tcg/helper-sve.h"
36
+#include "tcg/helper-sme.h"
37
#endif
38
39
-#include "helper-mve.h"
40
+#include "tcg/helper-mve.h"
41
diff --git a/target/arm/helper-a64.h b/target/arm/tcg/helper-a64.h
42
similarity index 100%
43
rename from target/arm/helper-a64.h
44
rename to target/arm/tcg/helper-a64.h
45
diff --git a/target/arm/helper-mve.h b/target/arm/tcg/helper-mve.h
46
similarity index 100%
47
rename from target/arm/helper-mve.h
48
rename to target/arm/tcg/helper-mve.h
49
diff --git a/target/arm/helper-sme.h b/target/arm/tcg/helper-sme.h
50
similarity index 100%
51
rename from target/arm/helper-sme.h
52
rename to target/arm/tcg/helper-sme.h
53
diff --git a/target/arm/helper-sve.h b/target/arm/tcg/helper-sve.h
54
similarity index 100%
55
rename from target/arm/helper-sve.h
56
rename to target/arm/tcg/helper-sve.h
57
--
58
2.34.1
59
60
diff view generated by jsdifflib
[PULL 03/12] target/arm: Don't allow stage 2 page table walks to downgrade to NS
Deleted patch
1
Bit 63 in a Table descriptor is only the NSTable bit for stage 1
2
translations; in stage 2 it is RES0. We were incorrectly looking at
3
it all the time.
4
1
5
This causes problems if:
6
* the stage 2 table descriptor was incorrectly setting the RES0 bit
7
* we are doing a stage 2 translation in Secure address space for
8
a NonSecure stage 1 regime -- in this case we would incorrectly
9
do an immediate downgrade to NonSecure
10
11
A bug elsewhere in the code currently prevents us from getting
12
to the second situation, but when we fix that it will be possible.
13
14
Cc: qemu-stable@nongnu.org
15
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
16
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
17
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
18
Message-id: 20230504135425.2748672-2-peter.maydell@linaro.org
19
---
20
target/arm/ptw.c | 5 +++--
21
1 file changed, 3 insertions(+), 2 deletions(-)
22
23
diff --git a/target/arm/ptw.c b/target/arm/ptw.c
24
index XXXXXXX..XXXXXXX 100644
25
--- a/target/arm/ptw.c
26
+++ b/target/arm/ptw.c
27
@@ -XXX,XX +XXX,XX @@ static bool get_phys_addr_lpae(CPUARMState *env, S1Translate *ptw,
28
descaddrmask &= ~indexmask_grainsize;
29
30
/*
31
- * Secure accesses start with the page table in secure memory and
32
+ * Secure stage 1 accesses start with the page table in secure memory and
33
* can be downgraded to non-secure at any step. Non-secure accesses
34
* remain non-secure. We implement this by just ORing in the NSTable/NS
35
* bits at each step.
36
+ * Stage 2 never gets this kind of downgrade.
37
*/
38
tableattrs = is_secure ? 0 : (1 << 4);
39
40
next_level:
41
descaddr |= (address >> (stride * (4 - level))) & indexmask;
42
descaddr &= ~7ULL;
43
- nstable = extract32(tableattrs, 4, 1);
44
+ nstable = !regime_is_stage2(mmu_idx) && extract32(tableattrs, 4, 1);
45
if (nstable) {
46
/*
47
* Stage2_S -> Stage2 or Phys_S -> Phys_NS
48
--
49
2.34.1
50
51
diff view generated by jsdifflib
[PULL 04/12] target/arm: Fix handling of SW and NSW bits for stage 2 walks
Deleted patch
1
We currently don't correctly handle the VSTCR_EL2.SW and VTCR_EL2.NSW
2
configuration bits. These allow configuration of whether the stage 2
3
page table walks for Secure IPA and NonSecure IPA should do their
4
descriptor reads from Secure or NonSecure physical addresses. (This
5
is separate from how the translation table base address and other
6
parameters are set: an NS IPA always uses VTTBR_EL2 and VTCR_EL2
7
for its base address and walk parameters, regardless of the NSW bit,
8
and similarly for Secure.)
9
1
10
Provide a new function ptw_idx_for_stage_2() which returns the
11
MMU index to use for descriptor reads, and use it to set up
12
the .in_ptw_idx wherever we call get_phys_addr_lpae().
13
14
For a stage 2 walk, wherever we call get_phys_addr_lpae():
15
* .in_ptw_idx should be ptw_idx_for_stage_2() of the .in_mmu_idx
16
* .in_secure should be true if .in_mmu_idx is Stage2_S
17
18
This allows us to correct S1_ptw_translate() so that it consistently
19
always sets its (out_secure, out_phys) to the result it gets from the
20
S2 walk (either by calling get_phys_addr_lpae() or by TLB lookup).
21
This makes better conceptual sense because the S2 walk should return
22
us an (address space, address) tuple, not an address that we then
23
randomly assign to S or NS.
24
25
Our previous handling of SW and NSW was broken, so guest code
26
trying to use these bits to put the s2 page tables in the "other"
27
address space wouldn't work correctly.
28
29
Cc: qemu-stable@nongnu.org
30
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1600
31
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
32
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
33
Message-id: 20230504135425.2748672-3-peter.maydell@linaro.org
34
---
35
target/arm/ptw.c | 76 ++++++++++++++++++++++++++++++++----------------
36
1 file changed, 51 insertions(+), 25 deletions(-)
37
38
diff --git a/target/arm/ptw.c b/target/arm/ptw.c
39
index XXXXXXX..XXXXXXX 100644
40
--- a/target/arm/ptw.c
41
+++ b/target/arm/ptw.c
42
@@ -XXX,XX +XXX,XX @@ ARMMMUIdx arm_stage1_mmu_idx(CPUARMState *env)
43
return stage_1_mmu_idx(arm_mmu_idx(env));
44
}
45
46
+/*
47
+ * Return where we should do ptw loads from for a stage 2 walk.
48
+ * This depends on whether the address we are looking up is a
49
+ * Secure IPA or a NonSecure IPA, which we know from whether this is
50
+ * Stage2 or Stage2_S.
51
+ * If this is the Secure EL1&0 regime we need to check the NSW and SW bits.
52
+ */
53
+static ARMMMUIdx ptw_idx_for_stage_2(CPUARMState *env, ARMMMUIdx stage2idx)
54
+{
55
+ bool s2walk_secure;
56
+
57
+ /*
58
+ * We're OK to check the current state of the CPU here because
59
+ * (1) we always invalidate all TLBs when the SCR_EL3.NS bit changes
60
+ * (2) there's no way to do a lookup that cares about Stage 2 for a
61
+ * different security state to the current one for AArch64, and AArch32
62
+ * never has a secure EL2. (AArch32 ATS12NSO[UP][RW] allow EL3 to do
63
+ * an NS stage 1+2 lookup while the NS bit is 0.)
64
+ */
65
+ if (!arm_is_secure_below_el3(env) || !arm_el_is_aa64(env, 3)) {
66
+ return ARMMMUIdx_Phys_NS;
67
+ }
68
+ if (stage2idx == ARMMMUIdx_Stage2_S) {
69
+ s2walk_secure = !(env->cp15.vstcr_el2 & VSTCR_SW);
70
+ } else {
71
+ s2walk_secure = !(env->cp15.vtcr_el2 & VTCR_NSW);
72
+ }
73
+ return s2walk_secure ? ARMMMUIdx_Phys_S : ARMMMUIdx_Phys_NS;
74
+
75
+}
76
+
77
static bool regime_translation_big_endian(CPUARMState *env, ARMMMUIdx mmu_idx)
78
{
79
return (regime_sctlr(env, mmu_idx) & SCTLR_EE) != 0;
80
@@ -XXX,XX +XXX,XX @@ static bool S1_ptw_translate(CPUARMState *env, S1Translate *ptw,
81
ARMMMUIdx mmu_idx = ptw->in_mmu_idx;
82
ARMMMUIdx s2_mmu_idx = ptw->in_ptw_idx;
83
uint8_t pte_attrs;
84
- bool pte_secure;
85
86
ptw->out_virt = addr;
87
88
@@ -XXX,XX +XXX,XX @@ static bool S1_ptw_translate(CPUARMState *env, S1Translate *ptw,
89
if (regime_is_stage2(s2_mmu_idx)) {
90
S1Translate s2ptw = {
91
.in_mmu_idx = s2_mmu_idx,
92
- .in_ptw_idx = is_secure ? ARMMMUIdx_Phys_S : ARMMMUIdx_Phys_NS,
93
- .in_secure = is_secure,
94
+ .in_ptw_idx = ptw_idx_for_stage_2(env, s2_mmu_idx),
95
+ .in_secure = s2_mmu_idx == ARMMMUIdx_Stage2_S,
96
.in_debug = true,
97
};
98
GetPhysAddrResult s2 = { };
99
@@ -XXX,XX +XXX,XX @@ static bool S1_ptw_translate(CPUARMState *env, S1Translate *ptw,
100
}
101
ptw->out_phys = s2.f.phys_addr;
102
pte_attrs = s2.cacheattrs.attrs;
103
- pte_secure = s2.f.attrs.secure;
104
+ ptw->out_secure = s2.f.attrs.secure;
105
} else {
106
/* Regime is physical. */
107
ptw->out_phys = addr;
108
pte_attrs = 0;
109
- pte_secure = is_secure;
110
+ ptw->out_secure = s2_mmu_idx == ARMMMUIdx_Phys_S;
111
}
112
ptw->out_host = NULL;
113
ptw->out_rw = false;
114
@@ -XXX,XX +XXX,XX @@ static bool S1_ptw_translate(CPUARMState *env, S1Translate *ptw,
115
ptw->out_phys = full->phys_addr | (addr & ~TARGET_PAGE_MASK);
116
ptw->out_rw = full->prot & PAGE_WRITE;
117
pte_attrs = full->pte_attrs;
118
- pte_secure = full->attrs.secure;
119
+ ptw->out_secure = full->attrs.secure;
120
#else
121
g_assert_not_reached();
122
#endif
123
@@ -XXX,XX +XXX,XX @@ static bool S1_ptw_translate(CPUARMState *env, S1Translate *ptw,
124
}
125
}
126
127
- /* Check if page table walk is to secure or non-secure PA space. */
128
- ptw->out_secure = (is_secure
129
- && !(pte_secure
130
- ? env->cp15.vstcr_el2 & VSTCR_SW
131
- : env->cp15.vtcr_el2 & VTCR_NSW));
132
ptw->out_be = regime_translation_big_endian(env, mmu_idx);
133
return true;
134
135
@@ -XXX,XX +XXX,XX @@ static bool get_phys_addr_twostage(CPUARMState *env, S1Translate *ptw,
136
hwaddr ipa;
137
int s1_prot, s1_lgpgsz;
138
bool is_secure = ptw->in_secure;
139
- bool ret, ipa_secure, s2walk_secure;
140
+ bool ret, ipa_secure;
141
ARMCacheAttrs cacheattrs1;
142
bool is_el0;
143
uint64_t hcr;
144
@@ -XXX,XX +XXX,XX @@ static bool get_phys_addr_twostage(CPUARMState *env, S1Translate *ptw,
145
146
ipa = result->f.phys_addr;
147
ipa_secure = result->f.attrs.secure;
148
- if (is_secure) {
149
- /* Select TCR based on the NS bit from the S1 walk. */
150
- s2walk_secure = !(ipa_secure
151
- ? env->cp15.vstcr_el2 & VSTCR_SW
152
- : env->cp15.vtcr_el2 & VTCR_NSW);
153
- } else {
154
- assert(!ipa_secure);
155
- s2walk_secure = false;
156
- }
157
158
is_el0 = ptw->in_mmu_idx == ARMMMUIdx_Stage1_E0;
159
- ptw->in_mmu_idx = s2walk_secure ? ARMMMUIdx_Stage2_S : ARMMMUIdx_Stage2;
160
- ptw->in_ptw_idx = s2walk_secure ? ARMMMUIdx_Phys_S : ARMMMUIdx_Phys_NS;
161
- ptw->in_secure = s2walk_secure;
162
+ ptw->in_mmu_idx = ipa_secure ? ARMMMUIdx_Stage2_S : ARMMMUIdx_Stage2;
163
+ ptw->in_secure = ipa_secure;
164
+ ptw->in_ptw_idx = ptw_idx_for_stage_2(env, ptw->in_mmu_idx);
165
166
/*
167
* S1 is done, now do S2 translation.
168
@@ -XXX,XX +XXX,XX @@ static bool get_phys_addr_with_struct(CPUARMState *env, S1Translate *ptw,
169
ptw->in_ptw_idx = is_secure ? ARMMMUIdx_Stage2_S : ARMMMUIdx_Stage2;
170
break;
171
172
+ case ARMMMUIdx_Stage2:
173
+ case ARMMMUIdx_Stage2_S:
174
+ /*
175
+ * Second stage lookup uses physical for ptw; whether this is S or
176
+ * NS may depend on the SW/NSW bits if this is a stage 2 lookup for
177
+ * the Secure EL2&0 regime.
178
+ */
179
+ ptw->in_ptw_idx = ptw_idx_for_stage_2(env, mmu_idx);
180
+ break;
181
+
182
case ARMMMUIdx_E10_0:
183
s1_mmu_idx = ARMMMUIdx_Stage1_E0;
184
goto do_twostage;
185
@@ -XXX,XX +XXX,XX @@ static bool get_phys_addr_with_struct(CPUARMState *env, S1Translate *ptw,
186
/* fall through */
187
188
default:
189
- /* Single stage and second stage uses physical for ptw. */
190
+ /* Single stage uses physical for ptw. */
191
ptw->in_ptw_idx = is_secure ? ARMMMUIdx_Phys_S : ARMMMUIdx_Phys_NS;
192
break;
193
}
194
--
195
2.34.1
diff view generated by jsdifflib
[PULL 05/12] MAINTAINERS: Update Akihiko Odaki's email address
Deleted patch
1
From: Akihiko Odaki <akihiko.odaki@gmail.com>
2
1
3
I am now employed by Daynix. Although my role as a reviewer of
4
macOS-related change is not very relevant to the employment, I decided
5
to use the company email address to avoid confusions from different
6
addresses.
7
8
Signed-off-by: Akihiko Odaki <akihiko.odaki@daynix.com>
9
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
10
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
11
Message-id: 20230506072333.32510-1-akihiko.odaki@daynix.com
12
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
13
---
14
MAINTAINERS | 4 ++--
15
1 file changed, 2 insertions(+), 2 deletions(-)
16
17
diff --git a/MAINTAINERS b/MAINTAINERS
18
index XXXXXXX..XXXXXXX 100644
19
--- a/MAINTAINERS
20
+++ b/MAINTAINERS
21
@@ -XXX,XX +XXX,XX @@ Core Audio framework backend
22
M: Gerd Hoffmann <kraxel@redhat.com>
23
M: Philippe Mathieu-Daudé <philmd@linaro.org>
24
R: Christian Schoenebeck <qemu_oss@crudebyte.com>
25
-R: Akihiko Odaki <akihiko.odaki@gmail.com>
26
+R: Akihiko Odaki <akihiko.odaki@daynix.com>
27
S: Odd Fixes
28
F: audio/coreaudio.c
29
30
@@ -XXX,XX +XXX,XX @@ F: docs/devel/ui.rst
31
Cocoa graphics
32
M: Peter Maydell <peter.maydell@linaro.org>
33
M: Philippe Mathieu-Daudé <philmd@linaro.org>
34
-R: Akihiko Odaki <akihiko.odaki@gmail.com>
35
+R: Akihiko Odaki <akihiko.odaki@daynix.com>
36
S: Odd Fixes
37
F: ui/cocoa.m
38
39
--
40
2.34.1
41
42
diff view generated by jsdifflib
[PULL 06/12] ui: Fix pixel colour channel order for PNG screenshots
Deleted patch
1
When we take a PNG screenshot the ordering of the colour channels in
2
the data is not correct, resulting in the image having weird
3
colouring compared to the actual display. (Specifically, on a
4
little-endian host the blue and red channels are swapped; on
5
big-endian everything is wrong.)
6
1
7
This happens because the pixman idea of the pixel data and the libpng
8
idea differ. PIXMAN_a8r8g8b8 defines that pixels are 32-bit values,
9
with A in bits 24-31, R in bits 16-23, G in bits 8-15 and B in bits
10
0-7. This means that on little-endian systems the bytes in memory
11
are
12
B G R A
13
and on big-endian systems they are
14
A R G B
15
16
libpng, on the other hand, thinks of pixels as being a series of
17
values for each channel, so its format PNG_COLOR_TYPE_RGB_ALPHA
18
always wants bytes in the order
19
R G B A
20
21
This isn't the same as the pixman order for either big or little
22
endian hosts.
23
24
The alpha channel is also unnecessary bulk in the output PNG file,
25
because there is no alpha information in a screenshot.
26
27
To handle the endianness issue, we already define in ui/qemu-pixman.h
28
various PIXMAN_BE_* and PIXMAN_LE_* values that give consistent
29
byte-order pixel channel formats. So we can use PIXMAN_BE_r8g8b8 and
30
PNG_COLOR_TYPE_RGB, which both have an in-memory byte order of
31
R G B
32
and 3 bytes per pixel.
33
34
(PPM format screenshots get this right; they already use the
35
PIXMAN_BE_r8g8b8 format.)
36
37
Cc: qemu-stable@nongnu.org
38
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1622
39
Fixes: 9a0a119a382867 ("Added parameter to take screenshot with screendump as PNG")
40
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
41
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
42
Message-id: 20230502135548.2451309-1-peter.maydell@linaro.org
43
---
44
ui/console.c | 4 ++--
45
1 file changed, 2 insertions(+), 2 deletions(-)
46
47
diff --git a/ui/console.c b/ui/console.c
48
index XXXXXXX..XXXXXXX 100644
49
--- a/ui/console.c
50
+++ b/ui/console.c
51
@@ -XXX,XX +XXX,XX @@ static bool png_save(int fd, pixman_image_t *image, Error **errp)
52
png_struct *png_ptr;
53
png_info *info_ptr;
54
g_autoptr(pixman_image_t) linebuf =
55
- qemu_pixman_linebuf_create(PIXMAN_a8r8g8b8, width);
56
+ qemu_pixman_linebuf_create(PIXMAN_BE_r8g8b8, width);
57
uint8_t *buf = (uint8_t *)pixman_image_get_data(linebuf);
58
FILE *f = fdopen(fd, "wb");
59
int y;
60
@@ -XXX,XX +XXX,XX @@ static bool png_save(int fd, pixman_image_t *image, Error **errp)
61
png_init_io(png_ptr, f);
62
63
png_set_IHDR(png_ptr, info_ptr, width, height, 8,
64
- PNG_COLOR_TYPE_RGB_ALPHA, PNG_INTERLACE_NONE,
65
+ PNG_COLOR_TYPE_RGB, PNG_INTERLACE_NONE,
66
PNG_COMPRESSION_TYPE_BASE, PNG_FILTER_TYPE_BASE);
67
68
png_write_info(png_ptr, info_ptr);
69
--
70
2.34.1
71
72
diff view generated by jsdifflib
[PULL 07/12] docs: Remove unused weirdly-named cross-reference targets
Deleted patch
1
In the doc sources, we have a few cross-reference targets with odd
2
names "pcsys_005fxyz". These are the legacy of the semi-automated
3
conversion of the old info docs to rST (the '005f' is because ASCII
4
0x5f is '_' and the old info link names had underscores in them).
5
1
6
Remove the targets which nothing links to, and rename the two targets
7
which are used to something a bit more descriptive.
8
9
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
10
Message-id: 20230421163642.1151904-1-peter.maydell@linaro.org
11
Reviewed-by: Markus Armbruster <armbru@redhat.com>
12
---
13
docs/system/devices/igb.rst | 2 +-
14
docs/system/devices/ivshmem.rst | 2 --
15
docs/system/devices/net.rst | 2 +-
16
docs/system/devices/usb.rst | 2 --
17
docs/system/keys.rst | 2 +-
18
docs/system/linuxboot.rst | 2 +-
19
docs/system/target-i386.rst | 4 ----
20
7 files changed, 4 insertions(+), 12 deletions(-)
21
22
diff --git a/docs/system/devices/igb.rst b/docs/system/devices/igb.rst
23
index XXXXXXX..XXXXXXX 100644
24
--- a/docs/system/devices/igb.rst
25
+++ b/docs/system/devices/igb.rst
26
@@ -XXX,XX +XXX,XX @@ Using igb
27
=========
28
29
Using igb should be nothing different from using another network device. See
30
-:ref:`pcsys_005fnetwork` in general.
31
+:ref:`Network_emulation` in general.
32
33
However, you may also need to perform additional steps to activate SR-IOV
34
feature on your guest. For Linux, refer to [4]_.
35
diff --git a/docs/system/devices/ivshmem.rst b/docs/system/devices/ivshmem.rst
36
index XXXXXXX..XXXXXXX 100644
37
--- a/docs/system/devices/ivshmem.rst
38
+++ b/docs/system/devices/ivshmem.rst
39
@@ -XXX,XX +XXX,XX @@
40
-.. _pcsys_005fivshmem:
41
-
42
Inter-VM Shared Memory device
43
-----------------------------
44
45
diff --git a/docs/system/devices/net.rst b/docs/system/devices/net.rst
46
index XXXXXXX..XXXXXXX 100644
47
--- a/docs/system/devices/net.rst
48
+++ b/docs/system/devices/net.rst
49
@@ -XXX,XX +XXX,XX @@
50
-.. _pcsys_005fnetwork:
51
+.. _Network_Emulation:
52
53
Network emulation
54
-----------------
55
diff --git a/docs/system/devices/usb.rst b/docs/system/devices/usb.rst
56
index XXXXXXX..XXXXXXX 100644
57
--- a/docs/system/devices/usb.rst
58
+++ b/docs/system/devices/usb.rst
59
@@ -XXX,XX +XXX,XX @@
60
-.. _pcsys_005fusb:
61
-
62
USB emulation
63
-------------
64
65
diff --git a/docs/system/keys.rst b/docs/system/keys.rst
66
index XXXXXXX..XXXXXXX 100644
67
--- a/docs/system/keys.rst
68
+++ b/docs/system/keys.rst
69
@@ -XXX,XX +XXX,XX @@
70
-.. _pcsys_005fkeys:
71
+.. _GUI_keys:
72
73
Keys in the graphical frontends
74
-------------------------------
75
diff --git a/docs/system/linuxboot.rst b/docs/system/linuxboot.rst
76
index XXXXXXX..XXXXXXX 100644
77
--- a/docs/system/linuxboot.rst
78
+++ b/docs/system/linuxboot.rst
79
@@ -XXX,XX +XXX,XX @@ virtual serial port and the QEMU monitor to the console with the
80
-append "root=/dev/hda console=ttyS0" -nographic
81
82
Use Ctrl-a c to switch between the serial console and the monitor (see
83
-:ref:`pcsys_005fkeys`).
84
+:ref:`GUI_keys`).
85
diff --git a/docs/system/target-i386.rst b/docs/system/target-i386.rst
86
index XXXXXXX..XXXXXXX 100644
87
--- a/docs/system/target-i386.rst
88
+++ b/docs/system/target-i386.rst
89
@@ -XXX,XX +XXX,XX @@
90
x86 System emulator
91
-------------------
92
93
-.. _pcsys_005fdevices:
94
-
95
Board-specific documentation
96
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
97
98
@@ -XXX,XX +XXX,XX @@ Architectural features
99
i386/sgx
100
i386/amd-memory-encryption
101
102
-.. _pcsys_005freq:
103
-
104
OS requirements
105
~~~~~~~~~~~~~~~
106
107
--
108
2.34.1
diff view generated by jsdifflib
[PULL 08/12] hw/mips/malta: Fix minor dead code issue
Deleted patch
1
Coverity points out (in CID 1508390) that write_bootloader has
2
some dead code, where we assign to 'p' and then in the following
3
line assign to it again. This happened as a result of the
4
refactoring in commit cd5066f8618b.
5
1
6
Fix the dead code by removing the 'void *v' variable entirely and
7
instead adding a cast when calling bl_setup_gt64120_jump_kernel(), as
8
we do at its other callsite in write_bootloader_nanomips().
9
10
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
11
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
12
---
13
hw/mips/malta.c | 5 +----
14
1 file changed, 1 insertion(+), 4 deletions(-)
15
16
diff --git a/hw/mips/malta.c b/hw/mips/malta.c
17
index XXXXXXX..XXXXXXX 100644
18
--- a/hw/mips/malta.c
19
+++ b/hw/mips/malta.c
20
@@ -XXX,XX +XXX,XX @@ static void write_bootloader(uint8_t *base, uint64_t run_addr,
21
uint64_t kernel_entry)
22
{
23
uint32_t *p;
24
- void *v;
25
26
/* Small bootloader */
27
p = (uint32_t *)base;
28
@@ -XXX,XX +XXX,XX @@ static void write_bootloader(uint8_t *base, uint64_t run_addr,
29
*
30
*/
31
32
- v = p;
33
- bl_setup_gt64120_jump_kernel(&v, run_addr, kernel_entry);
34
- p = v;
35
+ bl_setup_gt64120_jump_kernel((void **)&p, run_addr, kernel_entry);
36
37
/* YAMON subroutines */
38
p = (uint32_t *) (base + 0x800);
39
--
40
2.34.1
41
42
diff view generated by jsdifflib
[PULL 09/12] target/arm: Select SEMIHOSTING when using TCG
Deleted patch
1
From: Fabiano Rosas <farosas@suse.de>
2
1
3
Semihosting has been made a 'default y' entry in Kconfig, which does
4
not work because when building --without-default-devices, the
5
semihosting code would not be available.
6
7
Make semihosting unconditional when TCG is present.
8
9
Fixes: 29d9efca16 ("arm/Kconfig: Do not build TCG-only boards on a KVM-only build")
10
Signed-off-by: Fabiano Rosas <farosas@suse.de>
11
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
12
Message-id: 20230508181611.2621-2-farosas@suse.de
13
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
14
---
15
target/arm/Kconfig | 8 +-------
16
1 file changed, 1 insertion(+), 7 deletions(-)
17
18
diff --git a/target/arm/Kconfig b/target/arm/Kconfig
19
index XXXXXXX..XXXXXXX 100644
20
--- a/target/arm/Kconfig
21
+++ b/target/arm/Kconfig
22
@@ -XXX,XX +XXX,XX @@
23
config ARM
24
bool
25
+ select ARM_COMPATIBLE_SEMIHOSTING if TCG
26
27
config AARCH64
28
bool
29
select ARM
30
-
31
-# This config exists just so we can make SEMIHOSTING default when TCG
32
-# is selected without also changing it for other architectures.
33
-config ARM_SEMIHOSTING
34
- bool
35
- default y if TCG && ARM
36
- select ARM_COMPATIBLE_SEMIHOSTING
37
--
38
2.34.1
diff view generated by jsdifflib
[PULL 10/12] target/arm: Select CONFIG_ARM_V7M when TCG is enabled
Deleted patch
1
From: Fabiano Rosas <farosas@suse.de>
2
1
3
We cannot allow this config to be disabled at the moment as not all of
4
the relevant code is protected by it.
5
6
Commit 29d9efca16 ("arm/Kconfig: Do not build TCG-only boards on a
7
KVM-only build") moved the CONFIGs of several boards to Kconfig, so it
8
is now possible that nothing selects ARM_V7M (e.g. when doing a
9
--without-default-devices build).
10
11
Return the CONFIG_ARM_V7M entry to a state where it is always selected
12
whenever TCG is available.
13
14
Fixes: 29d9efca16 ("arm/Kconfig: Do not build TCG-only boards on a KVM-only build")
15
Signed-off-by: Fabiano Rosas <farosas@suse.de>
16
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
17
Message-id: 20230508181611.2621-3-farosas@suse.de
18
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
19
---
20
target/arm/Kconfig | 1 +
21
1 file changed, 1 insertion(+)
22
23
diff --git a/target/arm/Kconfig b/target/arm/Kconfig
24
index XXXXXXX..XXXXXXX 100644
25
--- a/target/arm/Kconfig
26
+++ b/target/arm/Kconfig
27
@@ -XXX,XX +XXX,XX @@
28
config ARM
29
bool
30
select ARM_COMPATIBLE_SEMIHOSTING if TCG
31
+ select ARM_V7M if TCG
32
33
config AARCH64
34
bool
35
--
36
2.34.1
diff view generated by jsdifflib
[PULL 11/12] tests/qtest: Don't run cdrom boot tests if no accelerator is present
Deleted patch
1
From: Fabiano Rosas <farosas@suse.de>
2
1
3
On a build configured with: --disable-tcg --enable-xen it is possible
4
to produce a QEMU binary with no TCG nor KVM support. Skip the cdrom
5
boot tests if that's the case.
6
7
Fixes: 0c1ae3ff9d ("tests/qtest: Fix tests when no KVM or TCG are present")
8
Signed-off-by: Fabiano Rosas <farosas@suse.de>
9
Reviewed-by: Thomas Huth <thuth@redhat.com>
10
Message-id: 20230508181611.2621-4-farosas@suse.de
11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
12
---
13
tests/qtest/cdrom-test.c | 10 ++++++++++
14
1 file changed, 10 insertions(+)
15
16
diff --git a/tests/qtest/cdrom-test.c b/tests/qtest/cdrom-test.c
17
index XXXXXXX..XXXXXXX 100644
18
--- a/tests/qtest/cdrom-test.c
19
+++ b/tests/qtest/cdrom-test.c
20
@@ -XXX,XX +XXX,XX @@ static void test_cdboot(gconstpointer data)
21
22
static void add_x86_tests(void)
23
{
24
+ if (!qtest_has_accel("tcg") && !qtest_has_accel("kvm")) {
25
+ g_test_skip("No KVM or TCG accelerator available, skipping boot tests");
26
+ return;
27
+ }
28
+
29
qtest_add_data_func("cdrom/boot/default", "-cdrom ", test_cdboot);
30
qtest_add_data_func("cdrom/boot/virtio-scsi",
31
"-device virtio-scsi -device scsi-cd,drive=cdr "
32
@@ -XXX,XX +XXX,XX @@ static void add_x86_tests(void)
33
34
static void add_s390x_tests(void)
35
{
36
+ if (!qtest_has_accel("tcg") && !qtest_has_accel("kvm")) {
37
+ g_test_skip("No KVM or TCG accelerator available, skipping boot tests");
38
+ return;
39
+ }
40
+
41
qtest_add_data_func("cdrom/boot/default", "-cdrom ", test_cdboot);
42
qtest_add_data_func("cdrom/boot/virtio-scsi",
43
"-device virtio-scsi -device scsi-cd,drive=cdr "
44
--
45
2.34.1
diff view generated by jsdifflib
[PULL 12/12] target/arm: Correct AArch64.S2MinTxSZ 32-bit EL1 input size check
Deleted patch
1
In check_s2_mmu_setup() we have a check that is attempting to
2
implement the part of AArch64.S2MinTxSZ that is specific to when EL1
3
is AArch32:
4
1
5
if !s1aarch64 then
6
// EL1 is AArch32
7
min_txsz = Min(min_txsz, 24);
8
9
Unfortunately we got this wrong in two ways:
10
11
(1) The minimum txsz corresponds to a maximum inputsize, but we got
12
the sense of the comparison wrong and were faulting for all
13
inputsizes less than 40 bits
14
15
(2) We try to implement this as an extra check that happens after
16
we've done the same txsz checks we would do for an AArch64 EL1, but
17
in fact the pseudocode is *loosening* the requirements, so that txsz
18
values that would fault for an AArch64 EL1 do not fault for AArch32
19
EL1, because it does Min(old_min, 24), not Max(old_min, 24).
20
21
You can see this also in the text of the Arm ARM in table D8-8, which
22
shows that where the implemented PA size is less than 40 bits an
23
AArch32 EL1 is still OK with a configured stage2 T0SZ for a 40 bit
24
IPA, whereas if EL1 is AArch64 then the T0SZ must be big enough to
25
constrain the IPA to the implemented PA size.
26
27
Because of part (2), we can't do this as a separate check, but
28
have to integrate it into aa64_va_parameters(). Add a new argument
29
to that function to indicate that EL1 is 32-bit. All the existing
30
callsites except the one in get_phys_addr_lpae() can pass 'false',
31
because they are either doing a lookup for a stage 1 regime or
32
else they don't care about the tsz/tsz_oob fields.
33
34
Cc: qemu-stable@nongnu.org
35
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1627
36
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
37
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
38
Message-id: 20230509092059.3176487-1-peter.maydell@linaro.org
39
---
40
target/arm/internals.h | 12 +++++++++++-
41
target/arm/gdbstub64.c | 2 +-
42
target/arm/helper.c | 15 +++++++++++++--
43
target/arm/ptw.c | 14 ++------------
44
target/arm/tcg/pauth_helper.c | 6 +++---
45
5 files changed, 30 insertions(+), 19 deletions(-)
46
47
diff --git a/target/arm/internals.h b/target/arm/internals.h
48
index XXXXXXX..XXXXXXX 100644
49
--- a/target/arm/internals.h
50
+++ b/target/arm/internals.h
51
@@ -XXX,XX +XXX,XX @@ typedef struct ARMVAParameters {
52
ARMGranuleSize gran : 2;
53
} ARMVAParameters;
54
55
+/**
56
+ * aa64_va_parameters: Return parameters for an AArch64 virtual address
57
+ * @env: CPU
58
+ * @va: virtual address to look up
59
+ * @mmu_idx: determines translation regime to use
60
+ * @data: true if this is a data access
61
+ * @el1_is_aa32: true if we are asking about stage 2 when EL1 is AArch32
62
+ * (ignored if @mmu_idx is for a stage 1 regime; only affects tsz/tsz_oob)
63
+ */
64
ARMVAParameters aa64_va_parameters(CPUARMState *env, uint64_t va,
65
- ARMMMUIdx mmu_idx, bool data);
66
+ ARMMMUIdx mmu_idx, bool data,
67
+ bool el1_is_aa32);
68
69
int aa64_va_parameter_tbi(uint64_t tcr, ARMMMUIdx mmu_idx);
70
int aa64_va_parameter_tbid(uint64_t tcr, ARMMMUIdx mmu_idx);
71
diff --git a/target/arm/gdbstub64.c b/target/arm/gdbstub64.c
72
index XXXXXXX..XXXXXXX 100644
73
--- a/target/arm/gdbstub64.c
74
+++ b/target/arm/gdbstub64.c
75
@@ -XXX,XX +XXX,XX @@ int aarch64_gdb_get_pauth_reg(CPUARMState *env, GByteArray *buf, int reg)
76
ARMMMUIdx mmu_idx = arm_stage1_mmu_idx(env);
77
ARMVAParameters param;
78
79
- param = aa64_va_parameters(env, -is_high, mmu_idx, is_data);
80
+ param = aa64_va_parameters(env, -is_high, mmu_idx, is_data, false);
81
return gdb_get_reg64(buf, pauth_ptr_mask(param));
82
}
83
default:
84
diff --git a/target/arm/helper.c b/target/arm/helper.c
85
index XXXXXXX..XXXXXXX 100644
86
--- a/target/arm/helper.c
87
+++ b/target/arm/helper.c
88
@@ -XXX,XX +XXX,XX @@ static TLBIRange tlbi_aa64_get_range(CPUARMState *env, ARMMMUIdx mmuidx,
89
unsigned int page_size_granule, page_shift, num, scale, exponent;
90
/* Extract one bit to represent the va selector in use. */
91
uint64_t select = sextract64(value, 36, 1);
92
- ARMVAParameters param = aa64_va_parameters(env, select, mmuidx, true);
93
+ ARMVAParameters param = aa64_va_parameters(env, select, mmuidx, true, false);
94
TLBIRange ret = { };
95
ARMGranuleSize gran;
96
97
@@ -XXX,XX +XXX,XX @@ static ARMGranuleSize sanitize_gran_size(ARMCPU *cpu, ARMGranuleSize gran,
98
}
99
100
ARMVAParameters aa64_va_parameters(CPUARMState *env, uint64_t va,
101
- ARMMMUIdx mmu_idx, bool data)
102
+ ARMMMUIdx mmu_idx, bool data,
103
+ bool el1_is_aa32)
104
{
105
uint64_t tcr = regime_tcr(env, mmu_idx);
106
bool epd, hpd, tsz_oob, ds, ha, hd;
107
@@ -XXX,XX +XXX,XX @@ ARMVAParameters aa64_va_parameters(CPUARMState *env, uint64_t va,
108
}
109
}
110
111
+ if (stage2 && el1_is_aa32) {
112
+ /*
113
+ * For AArch32 EL1 the min txsz (and thus max IPA size) requirements
114
+ * are loosened: a configured IPA of 40 bits is permitted even if
115
+ * the implemented PA is less than that (and so a 40 bit IPA would
116
+ * fault for an AArch64 EL1). See R_DTLMN.
117
+ */
118
+ min_tsz = MIN(min_tsz, 24);
119
+ }
120
+
121
if (tsz > max_tsz) {
122
tsz = max_tsz;
123
tsz_oob = true;
124
diff --git a/target/arm/ptw.c b/target/arm/ptw.c
125
index XXXXXXX..XXXXXXX 100644
126
--- a/target/arm/ptw.c
127
+++ b/target/arm/ptw.c
128
@@ -XXX,XX +XXX,XX @@ static int check_s2_mmu_setup(ARMCPU *cpu, bool is_aa64, uint64_t tcr,
129
130
sl0 = extract32(tcr, 6, 2);
131
if (is_aa64) {
132
- /*
133
- * AArch64.S2InvalidTxSZ: While we checked tsz_oob near the top of
134
- * get_phys_addr_lpae, that used aa64_va_parameters which apply
135
- * to aarch64. If Stage1 is aarch32, the min_txsz is larger.
136
- * See AArch64.S2MinTxSZ, where min_tsz is 24, translated to
137
- * inputsize is 64 - 24 = 40.
138
- */
139
- if (iasize < 40 && !arm_el_is_aa64(&cpu->env, 1)) {
140
- goto fail;
141
- }
142
-
143
/*
144
* AArch64.S2InvalidSL: Interpretation of SL depends on the page size,
145
* so interleave AArch64.S2StartLevel.
146
@@ -XXX,XX +XXX,XX @@ static bool get_phys_addr_lpae(CPUARMState *env, S1Translate *ptw,
147
int ps;
148
149
param = aa64_va_parameters(env, address, mmu_idx,
150
- access_type != MMU_INST_FETCH);
151
+ access_type != MMU_INST_FETCH,
152
+ !arm_el_is_aa64(env, 1));
153
level = 0;
154
155
/*
156
diff --git a/target/arm/tcg/pauth_helper.c b/target/arm/tcg/pauth_helper.c
157
index XXXXXXX..XXXXXXX 100644
158
--- a/target/arm/tcg/pauth_helper.c
159
+++ b/target/arm/tcg/pauth_helper.c
160
@@ -XXX,XX +XXX,XX @@ static uint64_t pauth_addpac(CPUARMState *env, uint64_t ptr, uint64_t modifier,
161
ARMPACKey *key, bool data)
162
{
163
ARMMMUIdx mmu_idx = arm_stage1_mmu_idx(env);
164
- ARMVAParameters param = aa64_va_parameters(env, ptr, mmu_idx, data);
165
+ ARMVAParameters param = aa64_va_parameters(env, ptr, mmu_idx, data, false);
166
uint64_t pac, ext_ptr, ext, test;
167
int bot_bit, top_bit;
168
169
@@ -XXX,XX +XXX,XX @@ static uint64_t pauth_auth(CPUARMState *env, uint64_t ptr, uint64_t modifier,
170
ARMPACKey *key, bool data, int keynumber)
171
{
172
ARMMMUIdx mmu_idx = arm_stage1_mmu_idx(env);
173
- ARMVAParameters param = aa64_va_parameters(env, ptr, mmu_idx, data);
174
+ ARMVAParameters param = aa64_va_parameters(env, ptr, mmu_idx, data, false);
175
int bot_bit, top_bit;
176
uint64_t pac, orig_ptr, test;
177
178
@@ -XXX,XX +XXX,XX @@ static uint64_t pauth_auth(CPUARMState *env, uint64_t ptr, uint64_t modifier,
179
static uint64_t pauth_strip(CPUARMState *env, uint64_t ptr, bool data)
180
{
181
ARMMMUIdx mmu_idx = arm_stage1_mmu_idx(env);
182
- ARMVAParameters param = aa64_va_parameters(env, ptr, mmu_idx, data);
183
+ ARMVAParameters param = aa64_va_parameters(env, ptr, mmu_idx, data, false);
184
185
return pauth_original_ptr(ptr, param);
186
}
187
--
188
2.34.1
diff view generated by jsdifflib

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.