From nobody Fri Apr 4 06:41:25 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1742020182034295.8165612693066; Fri, 14 Mar 2025 23:29:42 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1ttKvA-0003eu-Kg; Sat, 15 Mar 2025 02:22:57 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1ttKu0-0000Zj-Va; Sat, 15 Mar 2025 02:21:45 -0400 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1ttKty-0003jw-CQ; Sat, 15 Mar 2025 02:21:44 -0400 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id F3E3FFF9F0; Sat, 15 Mar 2025 09:17:07 +0300 (MSK) Received: from gandalf.tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with ESMTP id CB0591CAC59; Sat, 15 Mar 2025 09:18:01 +0300 (MSK) Received: by gandalf.tls.msk.ru (Postfix, from userid 1000) id 81845558F7; Sat, 15 Mar 2025 09:18:01 +0300 (MSK) From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, =?UTF-8?q?Alex=20Benn=C3=A9e?= , Peter Maydell , Andrei Homescu , =?UTF-8?q?Arve=20Hj=C3=B8nnev=C3=A5g?= , =?UTF-8?q?R=C3=A9mi=20Denis-Courmont?= , Michael Tokarev Subject: [Stable-9.2.3 36/51] target/arm: Implement SEL2 physical and virtual timers Date: Sat, 15 Mar 2025 09:17:42 +0300 Message-Id: <20250315061801.622606-36-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.5 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZM-MESSAGEID: 1742020184019019000 From: Alex Benn=C3=A9e When FEAT_SEL2 was implemented the SEL2 timers were missed. This shows up when building the latest Hafnium with SPMC_AT_EL=3D2. The actual implementation utilises the same logic as the rest of the timers so all we need to do is: - define the timers and their access functions - conditionally add the correct system registers - create a new accessfn as the rules are subtly different to the existing secure timer Fixes: e9152ee91c (target/arm: add ARMv8.4-SEL2 system registers) Signed-off-by: Alex Benn=C3=A9e Signed-off-by: Peter Maydell Reviewed-by: Peter Maydell Message-id: 20250204125009.2281315-7-peter.maydell@linaro.org Cc: qemu-stable@nongnu.org Cc: Andrei Homescu Cc: Arve Hj=C3=B8nnev=C3=A5g Cc: R=C3=A9mi Denis-Courmont [PMM: CP_ACCESS_TRAP_UNCATEGORIZED -> CP_ACCESS_UNDEFINED; offset logic now in gt_{indirect,direct}_access_timer_offset() ] Reviewed-by: Peter Maydell Signed-off-by: Peter Maydell (cherry picked from commit f9f99d7ca522339c1de2292f132bb8ddc3471c39) (Mjt: CP_ACCESS_UNDEFINED -> CP_ACCESS_TRAP_UNCATEGORIZED) Signed-off-by: Michael Tokarev diff --git a/include/hw/arm/bsa.h b/include/hw/arm/bsa.h index 8eaab603c0..13ed2d2ac1 100644 --- a/include/hw/arm/bsa.h +++ b/include/hw/arm/bsa.h @@ -22,6 +22,8 @@ #define QEMU_ARM_BSA_H =20 /* These are architectural INTID values */ +#define ARCH_TIMER_S_EL2_VIRT_IRQ 19 +#define ARCH_TIMER_S_EL2_IRQ 20 #define VIRTUAL_PMU_IRQ 23 #define ARCH_GIC_MAINT_IRQ 25 #define ARCH_TIMER_NS_EL2_IRQ 26 diff --git a/target/arm/cpu.c b/target/arm/cpu.c index 6938161b95..da1c46e158 100644 --- a/target/arm/cpu.c +++ b/target/arm/cpu.c @@ -2078,6 +2078,10 @@ static void arm_cpu_realizefn(DeviceState *dev, Erro= r **errp) arm_gt_stimer_cb, cpu); cpu->gt_timer[GTIMER_HYPVIRT] =3D timer_new(QEMU_CLOCK_VIRTUAL, sc= ale, arm_gt_hvtimer_cb, cpu); + cpu->gt_timer[GTIMER_S_EL2_PHYS] =3D timer_new(QEMU_CLOCK_VIRTUAL,= scale, + arm_gt_sel2timer_cb, = cpu); + cpu->gt_timer[GTIMER_S_EL2_VIRT] =3D timer_new(QEMU_CLOCK_VIRTUAL,= scale, + arm_gt_sel2vtimer_cb,= cpu); } #endif =20 diff --git a/target/arm/cpu.h b/target/arm/cpu.h index b005f93735..39ce5ae629 100644 --- a/target/arm/cpu.h +++ b/target/arm/cpu.h @@ -1140,6 +1140,8 @@ void arm_gt_vtimer_cb(void *opaque); void arm_gt_htimer_cb(void *opaque); void arm_gt_stimer_cb(void *opaque); void arm_gt_hvtimer_cb(void *opaque); +void arm_gt_sel2timer_cb(void *opaque); +void arm_gt_sel2vtimer_cb(void *opaque); =20 unsigned int gt_cntfrq_period_ns(ARMCPU *cpu); void gt_rme_post_el_change(ARMCPU *cpu, void *opaque); diff --git a/target/arm/gtimer.h b/target/arm/gtimer.h index b992941bef..0e89b8e58d 100644 --- a/target/arm/gtimer.h +++ b/target/arm/gtimer.h @@ -15,7 +15,9 @@ enum { GTIMER_HYP =3D 2, GTIMER_SEC =3D 3, GTIMER_HYPVIRT =3D 4, -#define NUM_GTIMERS 5 + GTIMER_S_EL2_PHYS =3D 5, /* CNTHPS_* ; only if FEAT_SEL2 */ + GTIMER_S_EL2_VIRT =3D 6, /* CNTHVS_* ; only if FEAT_SEL2 */ +#define NUM_GTIMERS 7 }; =20 #endif diff --git a/target/arm/helper.c b/target/arm/helper.c index 2dbd308ed2..67870182de 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -2655,7 +2655,7 @@ static CPAccessResult gt_stimer_access(CPUARMState *e= nv, return CP_ACCESS_TRAP_UNCATEGORIZED; } if (arm_is_el2_enabled(env)) { - return CP_ACCESS_UNDEFINED; + return CP_ACCESS_TRAP_UNCATEGORIZED; } if (!(env->cp15.scr_el3 & SCR_ST)) { return CP_ACCESS_TRAP_EL3; @@ -2671,6 +2671,45 @@ static CPAccessResult gt_stimer_access(CPUARMState *= env, } } =20 +static CPAccessResult gt_sel2timer_access(CPUARMState *env, + const ARMCPRegInfo *ri, + bool isread) +{ + /* + * The AArch64 register view of the secure EL2 timers are mostly + * accessible from EL3 and EL2 although can also be trapped to EL2 + * from EL1 depending on nested virt config. + */ + switch (arm_current_el(env)) { + case 0: /* UNDEFINED */ + return CP_ACCESS_TRAP_UNCATEGORIZED; + case 1: + if (!arm_is_secure(env)) { + /* UNDEFINED */ + return CP_ACCESS_TRAP_UNCATEGORIZED; + } else if (arm_hcr_el2_eff(env) & HCR_NV) { + /* Aarch64.SystemAccessTrap(EL2, 0x18) */ + return CP_ACCESS_TRAP_EL2; + } + /* UNDEFINED */ + return CP_ACCESS_TRAP_UNCATEGORIZED; + case 2: + if (!arm_is_secure(env)) { + /* UNDEFINED */ + return CP_ACCESS_TRAP_UNCATEGORIZED; + } + return CP_ACCESS_OK; + case 3: + if (env->cp15.scr_el3 & SCR_EEL2) { + return CP_ACCESS_OK; + } else { + return CP_ACCESS_TRAP_UNCATEGORIZED; + } + default: + g_assert_not_reached(); + } +} + uint64_t gt_get_countervalue(CPUARMState *env) { ARMCPU *cpu =3D env_archcpu(env); @@ -2742,6 +2781,8 @@ static uint64_t gt_indirect_access_timer_offset(CPUAR= MState *env, int timeridx) case GTIMER_HYP: case GTIMER_SEC: case GTIMER_HYPVIRT: + case GTIMER_S_EL2_PHYS: + case GTIMER_S_EL2_VIRT: return 0; default: g_assert_not_reached(); @@ -2788,6 +2829,8 @@ uint64_t gt_direct_access_timer_offset(CPUARMState *e= nv, int timeridx) case GTIMER_HYP: case GTIMER_SEC: case GTIMER_HYPVIRT: + case GTIMER_S_EL2_PHYS: + case GTIMER_S_EL2_VIRT: return 0; default: g_assert_not_reached(); @@ -3220,6 +3263,62 @@ static void gt_sec_ctl_write(CPUARMState *env, const= ARMCPRegInfo *ri, gt_ctl_write(env, ri, GTIMER_SEC, value); } =20 +static void gt_sec_pel2_timer_reset(CPUARMState *env, const ARMCPRegInfo *= ri) +{ + gt_timer_reset(env, ri, GTIMER_S_EL2_PHYS); +} + +static void gt_sec_pel2_cval_write(CPUARMState *env, const ARMCPRegInfo *r= i, + uint64_t value) +{ + gt_cval_write(env, ri, GTIMER_S_EL2_PHYS, value); +} + +static uint64_t gt_sec_pel2_tval_read(CPUARMState *env, const ARMCPRegInfo= *ri) +{ + return gt_tval_read(env, ri, GTIMER_S_EL2_PHYS); +} + +static void gt_sec_pel2_tval_write(CPUARMState *env, const ARMCPRegInfo *r= i, + uint64_t value) +{ + gt_tval_write(env, ri, GTIMER_S_EL2_PHYS, value); +} + +static void gt_sec_pel2_ctl_write(CPUARMState *env, const ARMCPRegInfo *ri, + uint64_t value) +{ + gt_ctl_write(env, ri, GTIMER_S_EL2_PHYS, value); +} + +static void gt_sec_vel2_timer_reset(CPUARMState *env, const ARMCPRegInfo *= ri) +{ + gt_timer_reset(env, ri, GTIMER_S_EL2_VIRT); +} + +static void gt_sec_vel2_cval_write(CPUARMState *env, const ARMCPRegInfo *r= i, + uint64_t value) +{ + gt_cval_write(env, ri, GTIMER_S_EL2_VIRT, value); +} + +static uint64_t gt_sec_vel2_tval_read(CPUARMState *env, const ARMCPRegInfo= *ri) +{ + return gt_tval_read(env, ri, GTIMER_S_EL2_VIRT); +} + +static void gt_sec_vel2_tval_write(CPUARMState *env, const ARMCPRegInfo *r= i, + uint64_t value) +{ + gt_tval_write(env, ri, GTIMER_S_EL2_VIRT, value); +} + +static void gt_sec_vel2_ctl_write(CPUARMState *env, const ARMCPRegInfo *ri, + uint64_t value) +{ + gt_ctl_write(env, ri, GTIMER_S_EL2_VIRT, value); +} + static void gt_hv_timer_reset(CPUARMState *env, const ARMCPRegInfo *ri) { gt_timer_reset(env, ri, GTIMER_HYPVIRT); @@ -3276,6 +3375,20 @@ void arm_gt_stimer_cb(void *opaque) gt_recalc_timer(cpu, GTIMER_SEC); } =20 +void arm_gt_sel2timer_cb(void *opaque) +{ + ARMCPU *cpu =3D opaque; + + gt_recalc_timer(cpu, GTIMER_S_EL2_PHYS); +} + +void arm_gt_sel2vtimer_cb(void *opaque) +{ + ARMCPU *cpu =3D opaque; + + gt_recalc_timer(cpu, GTIMER_S_EL2_VIRT); +} + void arm_gt_hvtimer_cb(void *opaque) { ARMCPU *cpu =3D opaque; @@ -6658,6 +6771,56 @@ static const ARMCPRegInfo el2_sec_cp_reginfo[] =3D { .access =3D PL2_RW, .accessfn =3D sel2_access, .nv2_redirect_offset =3D 0x48, .fieldoffset =3D offsetof(CPUARMState, cp15.vstcr_el2) }, +#ifndef CONFIG_USER_ONLY + /* Secure EL2 Physical Timer */ + { .name =3D "CNTHPS_TVAL_EL2", .state =3D ARM_CP_STATE_AA64, + .opc0 =3D 3, .opc1 =3D 4, .crn =3D 14, .crm =3D 5, .opc2 =3D 0, + .type =3D ARM_CP_NO_RAW | ARM_CP_IO, .access =3D PL2_RW, + .accessfn =3D gt_sel2timer_access, + .readfn =3D gt_sec_pel2_tval_read, + .writefn =3D gt_sec_pel2_tval_write, + .resetfn =3D gt_sec_pel2_timer_reset, + }, + { .name =3D "CNTHPS_CTL_EL2", .state =3D ARM_CP_STATE_AA64, + .opc0 =3D 3, .opc1 =3D 4, .crn =3D 14, .crm =3D 5, .opc2 =3D 1, + .type =3D ARM_CP_IO, .access =3D PL2_RW, + .accessfn =3D gt_sel2timer_access, + .fieldoffset =3D offsetof(CPUARMState, cp15.c14_timer[GTIMER_S_EL2_P= HYS].ctl), + .resetvalue =3D 0, + .writefn =3D gt_sec_pel2_ctl_write, .raw_writefn =3D raw_write, + }, + { .name =3D "CNTHPS_CVAL_EL2", .state =3D ARM_CP_STATE_AA64, + .opc0 =3D 3, .opc1 =3D 4, .crn =3D 14, .crm =3D 5, .opc2 =3D 2, + .type =3D ARM_CP_IO, .access =3D PL2_RW, + .accessfn =3D gt_sel2timer_access, + .fieldoffset =3D offsetof(CPUARMState, cp15.c14_timer[GTIMER_S_EL2_P= HYS].cval), + .writefn =3D gt_sec_pel2_cval_write, .raw_writefn =3D raw_write, + }, + /* Secure EL2 Virtual Timer */ + { .name =3D "CNTHVS_TVAL_EL2", .state =3D ARM_CP_STATE_AA64, + .opc0 =3D 3, .opc1 =3D 4, .crn =3D 14, .crm =3D 4, .opc2 =3D 0, + .type =3D ARM_CP_NO_RAW | ARM_CP_IO, .access =3D PL2_RW, + .accessfn =3D gt_sel2timer_access, + .readfn =3D gt_sec_vel2_tval_read, + .writefn =3D gt_sec_vel2_tval_write, + .resetfn =3D gt_sec_vel2_timer_reset, + }, + { .name =3D "CNTHVS_CTL_EL2", .state =3D ARM_CP_STATE_AA64, + .opc0 =3D 3, .opc1 =3D 4, .crn =3D 14, .crm =3D 4, .opc2 =3D 1, + .type =3D ARM_CP_IO, .access =3D PL2_RW, + .accessfn =3D gt_sel2timer_access, + .fieldoffset =3D offsetof(CPUARMState, cp15.c14_timer[GTIMER_S_EL2_V= IRT].ctl), + .resetvalue =3D 0, + .writefn =3D gt_sec_vel2_ctl_write, .raw_writefn =3D raw_write, + }, + { .name =3D "CNTHVS_CVAL_EL2", .state =3D ARM_CP_STATE_AA64, + .opc0 =3D 3, .opc1 =3D 4, .crn =3D 14, .crm =3D 4, .opc2 =3D 2, + .type =3D ARM_CP_IO, .access =3D PL2_RW, + .accessfn =3D gt_sel2timer_access, + .fieldoffset =3D offsetof(CPUARMState, cp15.c14_timer[GTIMER_S_EL2_V= IRT].cval), + .writefn =3D gt_sec_vel2_cval_write, .raw_writefn =3D raw_write, + }, +#endif }; =20 static CPAccessResult nsacr_access(CPUARMState *env, const ARMCPRegInfo *r= i, --=20 2.39.5