jcs.org
qemu with hax to log dma reads & writes
jcs.org/2018/11/12/vfio
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20190507' into staging
target-arm queue:
* Stop using variable length array in dc_zva
* Implement M-profile XPSR GE bits
* Don't enable ARMV7M_EXCP_DEBUG from reset
* armv7m_nvic: NS BFAR and BFSR are RAZ/WI if BFHFNMINS == 0
* armv7m_nvic: Check subpriority in nvic_recompute_state_secure()
* fix various minor issues to allow building for Windows-on-ARM64
* aspeed: Set SDRAM size
* Allow system registers for KVM guests to be changed by QEMU code
* raspi: Diagnose requests for too much RAM
* virt: Support firmware configuration with -blockdev
# gpg: Signature made Tue 07 May 2019 12:59:30 BST
# gpg: using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg: issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [ultimate]
# gpg: aka "Peter Maydell <pmaydell@gmail.com>" [ultimate]
# gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [ultimate]
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83 15CF 3C25 25ED 1436 0CDE
* remotes/pmaydell/tags/pull-target-arm-20190507:
target/arm: Stop using variable length array in dc_zva
target/arm: Implement XPSR GE bits
hw/intc/armv7m_nvic: Don't enable ARMV7M_EXCP_DEBUG from reset
hw/intc/armv7m_nvic: NS BFAR and BFSR are RAZ/WI if BFHFNMINS == 0
hw/arm/armv7m_nvic: Check subpriority in nvic_recompute_state_secure()
osdep: Fix mingw compilation regarding stdio formats
util/cacheinfo: Use uint64_t on LLP64 model to satisfy Windows ARM64
qga: Fix mingw compilation warnings on enum conversion
QEMU_PACKED: Remove gcc_struct attribute in Windows non x86 targets
arm: aspeed: Set SDRAM size
arm: Allow system registers for KVM guests to be changed by QEMU code
hw/arm/raspi: Diagnose requests for too much RAM
hw/arm/virt: Support firmware configuration with -blockdev
pflash_cfi01: New pflash_cfi01_legacy_drive()
pc: Rearrange pc_system_firmware_init()'s legacy -drive loop
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
+291
-127
+1
-1
contrib/libvhost-user/libvhost-user.h
+1
-1
contrib/libvhost-user/libvhost-user.h
+8
hw/arm/aspeed.c
+8
hw/arm/aspeed.c
···
25
25
#include "sysemu/block-backend.h"
26
26
#include "hw/loader.h"
27
27
#include "qemu/error-report.h"
28
+
#include "qemu/units.h"
28
29
29
30
static struct arm_boot_info aspeed_board_binfo = {
30
31
.board_id = -1, /* device-tree-only board */
···
331
332
mc->no_floppy = 1;
332
333
mc->no_cdrom = 1;
333
334
mc->no_parallel = 1;
335
+
if (board->ram) {
336
+
mc->default_ram_size = board->ram;
337
+
}
334
338
amc->board = board;
335
339
}
336
340
···
352
356
.spi_model = "mx25l25635e",
353
357
.num_cs = 1,
354
358
.i2c_init = palmetto_bmc_i2c_init,
359
+
.ram = 256 * MiB,
355
360
}, {
356
361
.name = MACHINE_TYPE_NAME("ast2500-evb"),
357
362
.desc = "Aspeed AST2500 EVB (ARM1176)",
···
361
366
.spi_model = "mx25l25635e",
362
367
.num_cs = 1,
363
368
.i2c_init = ast2500_evb_i2c_init,
369
+
.ram = 512 * MiB,
364
370
}, {
365
371
.name = MACHINE_TYPE_NAME("romulus-bmc"),
366
372
.desc = "OpenPOWER Romulus BMC (ARM1176)",
···
370
376
.spi_model = "mx66l1g45g",
371
377
.num_cs = 2,
372
378
.i2c_init = romulus_bmc_i2c_init,
379
+
.ram = 512 * MiB,
373
380
}, {
374
381
.name = MACHINE_TYPE_NAME("witherspoon-bmc"),
375
382
.desc = "OpenPOWER Witherspoon BMC (ARM1176)",
···
379
386
.spi_model = "mx66l1g45g",
380
387
.num_cs = 2,
381
388
.i2c_init = witherspoon_bmc_i2c_init,
389
+
.ram = 512 * MiB,
382
390
},
383
391
};
384
392
+7
hw/arm/raspi.c
+7
hw/arm/raspi.c
···
12
12
*/
13
13
14
14
#include "qemu/osdep.h"
15
+
#include "qemu/units.h"
15
16
#include "qapi/error.h"
16
17
#include "qemu-common.h"
17
18
#include "cpu.h"
···
174
175
BlockBackend *blk;
175
176
BusState *bus;
176
177
DeviceState *carddev;
178
+
179
+
if (machine->ram_size > 1 * GiB) {
180
+
error_report("Requested ram size is too large for this machine: "
181
+
"maximum is 1GB");
182
+
exit(1);
183
+
}
177
184
178
185
object_initialize(&s->soc, sizeof(s->soc),
179
186
version == 3 ? TYPE_BCM2837 : TYPE_BCM2836);
+127
-69
hw/arm/virt.c
+127
-69
hw/arm/virt.c
···
30
30
31
31
#include "qemu/osdep.h"
32
32
#include "qemu/units.h"
33
+
#include "qemu/option.h"
33
34
#include "qapi/error.h"
34
35
#include "hw/sysbus.h"
35
36
#include "hw/arm/arm.h"
···
871
872
}
872
873
}
873
874
874
-
static void create_one_flash(const char *name, hwaddr flashbase,
875
-
hwaddr flashsize, const char *file,
876
-
MemoryRegion *sysmem)
875
+
#define VIRT_FLASH_SECTOR_SIZE (256 * KiB)
876
+
877
+
static PFlashCFI01 *virt_flash_create1(VirtMachineState *vms,
878
+
const char *name,
879
+
const char *alias_prop_name)
877
880
{
878
-
/* Create and map a single flash device. We use the same
879
-
* parameters as the flash devices on the Versatile Express board.
881
+
/*
882
+
* Create a single flash device. We use the same parameters as
883
+
* the flash devices on the Versatile Express board.
880
884
*/
881
-
DriveInfo *dinfo = drive_get_next(IF_PFLASH);
882
885
DeviceState *dev = qdev_create(NULL, TYPE_PFLASH_CFI01);
883
-
SysBusDevice *sbd = SYS_BUS_DEVICE(dev);
884
-
const uint64_t sectorlength = 256 * 1024;
885
886
886
-
if (dinfo) {
887
-
qdev_prop_set_drive(dev, "drive", blk_by_legacy_dinfo(dinfo),
888
-
&error_abort);
889
-
}
890
-
891
-
qdev_prop_set_uint32(dev, "num-blocks", flashsize / sectorlength);
892
-
qdev_prop_set_uint64(dev, "sector-length", sectorlength);
887
+
qdev_prop_set_uint64(dev, "sector-length", VIRT_FLASH_SECTOR_SIZE);
893
888
qdev_prop_set_uint8(dev, "width", 4);
894
889
qdev_prop_set_uint8(dev, "device-width", 2);
895
890
qdev_prop_set_bit(dev, "big-endian", false);
···
898
893
qdev_prop_set_uint16(dev, "id2", 0x00);
899
894
qdev_prop_set_uint16(dev, "id3", 0x00);
900
895
qdev_prop_set_string(dev, "name", name);
901
-
qdev_init_nofail(dev);
896
+
object_property_add_child(OBJECT(vms), name, OBJECT(dev),
897
+
&error_abort);
898
+
object_property_add_alias(OBJECT(vms), alias_prop_name,
899
+
OBJECT(dev), "drive", &error_abort);
900
+
return PFLASH_CFI01(dev);
901
+
}
902
902
903
-
memory_region_add_subregion(sysmem, flashbase,
904
-
sysbus_mmio_get_region(SYS_BUS_DEVICE(dev), 0));
903
+
static void virt_flash_create(VirtMachineState *vms)
904
+
{
905
+
vms->flash[0] = virt_flash_create1(vms, "virt.flash0", "pflash0");
906
+
vms->flash[1] = virt_flash_create1(vms, "virt.flash1", "pflash1");
907
+
}
905
908
906
-
if (file) {
907
-
char *fn;
908
-
int image_size;
909
+
static void virt_flash_map1(PFlashCFI01 *flash,
910
+
hwaddr base, hwaddr size,
911
+
MemoryRegion *sysmem)
912
+
{
913
+
DeviceState *dev = DEVICE(flash);
914
+
915
+
assert(size % VIRT_FLASH_SECTOR_SIZE == 0);
916
+
assert(size / VIRT_FLASH_SECTOR_SIZE <= UINT32_MAX);
917
+
qdev_prop_set_uint32(dev, "num-blocks", size / VIRT_FLASH_SECTOR_SIZE);
918
+
qdev_init_nofail(dev);
909
919
910
-
if (drive_get(IF_PFLASH, 0, 0)) {
911
-
error_report("The contents of the first flash device may be "
912
-
"specified with -bios or with -drive if=pflash... "
913
-
"but you cannot use both options at once");
914
-
exit(1);
915
-
}
916
-
fn = qemu_find_file(QEMU_FILE_TYPE_BIOS, file);
917
-
if (!fn) {
918
-
error_report("Could not find ROM image '%s'", file);
919
-
exit(1);
920
-
}
921
-
image_size = load_image_mr(fn, sysbus_mmio_get_region(sbd, 0));
922
-
g_free(fn);
923
-
if (image_size < 0) {
924
-
error_report("Could not load ROM image '%s'", file);
925
-
exit(1);
926
-
}
927
-
}
920
+
memory_region_add_subregion(sysmem, base,
921
+
sysbus_mmio_get_region(SYS_BUS_DEVICE(dev),
922
+
0));
928
923
}
929
924
930
-
static void create_flash(const VirtMachineState *vms,
931
-
MemoryRegion *sysmem,
932
-
MemoryRegion *secure_sysmem)
925
+
static void virt_flash_map(VirtMachineState *vms,
926
+
MemoryRegion *sysmem,
927
+
MemoryRegion *secure_sysmem)
933
928
{
934
-
/* Create two flash devices to fill the VIRT_FLASH space in the memmap.
935
-
* Any file passed via -bios goes in the first of these.
929
+
/*
930
+
* Map two flash devices to fill the VIRT_FLASH space in the memmap.
936
931
* sysmem is the system memory space. secure_sysmem is the secure view
937
932
* of the system, and the first flash device should be made visible only
938
933
* there. The second flash device is visible to both secure and nonsecure.
···
941
936
*/
942
937
hwaddr flashsize = vms->memmap[VIRT_FLASH].size / 2;
943
938
hwaddr flashbase = vms->memmap[VIRT_FLASH].base;
944
-
char *nodename;
945
939
946
-
create_one_flash("virt.flash0", flashbase, flashsize,
947
-
bios_name, secure_sysmem);
948
-
create_one_flash("virt.flash1", flashbase + flashsize, flashsize,
949
-
NULL, sysmem);
940
+
virt_flash_map1(vms->flash[0], flashbase, flashsize,
941
+
secure_sysmem);
942
+
virt_flash_map1(vms->flash[1], flashbase + flashsize, flashsize,
943
+
sysmem);
944
+
}
945
+
946
+
static void virt_flash_fdt(VirtMachineState *vms,
947
+
MemoryRegion *sysmem,
948
+
MemoryRegion *secure_sysmem)
949
+
{
950
+
hwaddr flashsize = vms->memmap[VIRT_FLASH].size / 2;
951
+
hwaddr flashbase = vms->memmap[VIRT_FLASH].base;
952
+
char *nodename;
950
953
951
954
if (sysmem == secure_sysmem) {
952
955
/* Report both flash devices as a single node in the DT */
···
959
962
qemu_fdt_setprop_cell(vms->fdt, nodename, "bank-width", 4);
960
963
g_free(nodename);
961
964
} else {
962
-
/* Report the devices as separate nodes so we can mark one as
965
+
/*
966
+
* Report the devices as separate nodes so we can mark one as
963
967
* only visible to the secure world.
964
968
*/
965
969
nodename = g_strdup_printf("/secflash@%" PRIx64, flashbase);
···
982
986
}
983
987
}
984
988
989
+
static bool virt_firmware_init(VirtMachineState *vms,
990
+
MemoryRegion *sysmem,
991
+
MemoryRegion *secure_sysmem)
992
+
{
993
+
int i;
994
+
BlockBackend *pflash_blk0;
995
+
996
+
/* Map legacy -drive if=pflash to machine properties */
997
+
for (i = 0; i < ARRAY_SIZE(vms->flash); i++) {
998
+
pflash_cfi01_legacy_drive(vms->flash[i],
999
+
drive_get(IF_PFLASH, 0, i));
1000
+
}
1001
+
1002
+
virt_flash_map(vms, sysmem, secure_sysmem);
1003
+
1004
+
pflash_blk0 = pflash_cfi01_get_blk(vms->flash[0]);
1005
+
1006
+
if (bios_name) {
1007
+
char *fname;
1008
+
MemoryRegion *mr;
1009
+
int image_size;
1010
+
1011
+
if (pflash_blk0) {
1012
+
error_report("The contents of the first flash device may be "
1013
+
"specified with -bios or with -drive if=pflash... "
1014
+
"but you cannot use both options at once");
1015
+
exit(1);
1016
+
}
1017
+
1018
+
/* Fall back to -bios */
1019
+
1020
+
fname = qemu_find_file(QEMU_FILE_TYPE_BIOS, bios_name);
1021
+
if (!fname) {
1022
+
error_report("Could not find ROM image '%s'", bios_name);
1023
+
exit(1);
1024
+
}
1025
+
mr = sysbus_mmio_get_region(SYS_BUS_DEVICE(vms->flash[0]), 0);
1026
+
image_size = load_image_mr(fname, mr);
1027
+
g_free(fname);
1028
+
if (image_size < 0) {
1029
+
error_report("Could not load ROM image '%s'", bios_name);
1030
+
exit(1);
1031
+
}
1032
+
}
1033
+
1034
+
return pflash_blk0 || bios_name;
1035
+
}
1036
+
985
1037
static FWCfgState *create_fw_cfg(const VirtMachineState *vms, AddressSpace *as)
986
1038
{
987
1039
hwaddr base = vms->memmap[VIRT_FW_CFG].base;
···
1421
1473
MemoryRegion *secure_sysmem = NULL;
1422
1474
int n, virt_max_cpus;
1423
1475
MemoryRegion *ram = g_new(MemoryRegion, 1);
1424
-
bool firmware_loaded = bios_name || drive_get(IF_PFLASH, 0, 0);
1476
+
bool firmware_loaded;
1425
1477
bool aarch64 = true;
1426
1478
1427
1479
/*
···
1460
1512
exit(1);
1461
1513
}
1462
1514
1515
+
if (vms->secure) {
1516
+
if (kvm_enabled()) {
1517
+
error_report("mach-virt: KVM does not support Security extensions");
1518
+
exit(1);
1519
+
}
1520
+
1521
+
/*
1522
+
* The Secure view of the world is the same as the NonSecure,
1523
+
* but with a few extra devices. Create it as a container region
1524
+
* containing the system memory at low priority; any secure-only
1525
+
* devices go in at higher priority and take precedence.
1526
+
*/
1527
+
secure_sysmem = g_new(MemoryRegion, 1);
1528
+
memory_region_init(secure_sysmem, OBJECT(machine), "secure-memory",
1529
+
UINT64_MAX);
1530
+
memory_region_add_subregion_overlap(secure_sysmem, 0, sysmem, -1);
1531
+
}
1532
+
1533
+
firmware_loaded = virt_firmware_init(vms, sysmem,
1534
+
secure_sysmem ?: sysmem);
1535
+
1463
1536
/* If we have an EL3 boot ROM then the assumption is that it will
1464
1537
* implement PSCI itself, so disable QEMU's internal implementation
1465
1538
* so it doesn't get in the way. Instead of starting secondary
···
1503
1576
error_report("mach-virt: KVM does not support providing "
1504
1577
"Virtualization extensions to the guest CPU");
1505
1578
exit(1);
1506
-
}
1507
-
1508
-
if (vms->secure) {
1509
-
if (kvm_enabled()) {
1510
-
error_report("mach-virt: KVM does not support Security extensions");
1511
-
exit(1);
1512
-
}
1513
-
1514
-
/* The Secure view of the world is the same as the NonSecure,
1515
-
* but with a few extra devices. Create it as a container region
1516
-
* containing the system memory at low priority; any secure-only
1517
-
* devices go in at higher priority and take precedence.
1518
-
*/
1519
-
secure_sysmem = g_new(MemoryRegion, 1);
1520
-
memory_region_init(secure_sysmem, OBJECT(machine), "secure-memory",
1521
-
UINT64_MAX);
1522
-
memory_region_add_subregion_overlap(secure_sysmem, 0, sysmem, -1);
1523
1579
}
1524
1580
1525
1581
create_fdt(vms);
···
1610
1666
&machine->device_memory->mr);
1611
1667
}
1612
1668
1613
-
create_flash(vms, sysmem, secure_sysmem ? secure_sysmem : sysmem);
1669
+
virt_flash_fdt(vms, sysmem, secure_sysmem);
1614
1670
1615
1671
create_gic(vms, pic);
1616
1672
···
1956
2012
NULL);
1957
2013
1958
2014
vms->irqmap = a15irqmap;
2015
+
2016
+
virt_flash_create(vms);
1959
2017
}
1960
2018
1961
2019
static const TypeInfo virt_machine_info = {
+28
hw/block/pflash_cfi01.c
+28
hw/block/pflash_cfi01.c
···
44
44
#include "qapi/error.h"
45
45
#include "qemu/timer.h"
46
46
#include "qemu/bitops.h"
47
+
#include "qemu/error-report.h"
47
48
#include "qemu/host-utils.h"
48
49
#include "qemu/log.h"
50
+
#include "qemu/option.h"
49
51
#include "hw/sysbus.h"
52
+
#include "sysemu/blockdev.h"
50
53
#include "sysemu/sysemu.h"
51
54
#include "trace.h"
52
55
···
966
969
MemoryRegion *pflash_cfi01_get_memory(PFlashCFI01 *fl)
967
970
{
968
971
return &fl->mem;
972
+
}
973
+
974
+
/*
975
+
* Handle -drive if=pflash for machines that use properties.
976
+
* If @dinfo is null, do nothing.
977
+
* Else if @fl's property "drive" is already set, fatal error.
978
+
* Else set it to the BlockBackend with @dinfo.
979
+
*/
980
+
void pflash_cfi01_legacy_drive(PFlashCFI01 *fl, DriveInfo *dinfo)
981
+
{
982
+
Location loc;
983
+
984
+
if (!dinfo) {
985
+
return;
986
+
}
987
+
988
+
loc_push_none(&loc);
989
+
qemu_opts_loc_restore(dinfo->opts);
990
+
if (fl->blk) {
991
+
error_report("clashes with -machine");
992
+
exit(1);
993
+
}
994
+
qdev_prop_set_drive(DEVICE(fl), "drive",
995
+
blk_by_legacy_dinfo(dinfo), &error_fatal);
996
+
loc_pop(&loc);
969
997
}
970
998
971
999
static void postload_update_cb(void *opaque, int running, RunState state)
+2
-16
hw/i386/pc_sysfw.c
+2
-16
hw/i386/pc_sysfw.c
···
269
269
{
270
270
PCMachineClass *pcmc = PC_MACHINE_GET_CLASS(pcms);
271
271
int i;
272
-
DriveInfo *pflash_drv;
273
272
BlockBackend *pflash_blk[ARRAY_SIZE(pcms->flash)];
274
-
Location loc;
275
273
276
274
if (!pcmc->pci_enabled) {
277
275
old_pc_system_rom_init(rom_memory, true);
···
280
278
281
279
/* Map legacy -drive if=pflash to machine properties */
282
280
for (i = 0; i < ARRAY_SIZE(pcms->flash); i++) {
281
+
pflash_cfi01_legacy_drive(pcms->flash[i],
282
+
drive_get(IF_PFLASH, 0, i));
283
283
pflash_blk[i] = pflash_cfi01_get_blk(pcms->flash[i]);
284
-
pflash_drv = drive_get(IF_PFLASH, 0, i);
285
-
if (!pflash_drv) {
286
-
continue;
287
-
}
288
-
loc_push_none(&loc);
289
-
qemu_opts_loc_restore(pflash_drv->opts);
290
-
if (pflash_blk[i]) {
291
-
error_report("clashes with -machine");
292
-
exit(1);
293
-
}
294
-
pflash_blk[i] = blk_by_legacy_dinfo(pflash_drv);
295
-
qdev_prop_set_drive(DEVICE(pcms->flash[i]),
296
-
"drive", pflash_blk[i], &error_fatal);
297
-
loc_pop(&loc);
298
284
}
299
285
300
286
/* Reject gaps */
+34
-6
hw/intc/armv7m_nvic.c
+34
-6
hw/intc/armv7m_nvic.c
···
213
213
int active_prio = NVIC_NOEXC_PRIO;
214
214
int pend_irq = 0;
215
215
bool pending_is_s_banked = false;
216
+
int pend_subprio = 0;
216
217
217
218
/* R_CQRV: precedence is by:
218
219
* - lowest group priority; if both the same then
···
226
227
for (i = 1; i < s->num_irq; i++) {
227
228
for (bank = M_REG_S; bank >= M_REG_NS; bank--) {
228
229
VecInfo *vec;
229
-
int prio;
230
+
int prio, subprio;
230
231
bool targets_secure;
231
232
232
233
if (bank == M_REG_S) {
···
241
242
}
242
243
243
244
prio = exc_group_prio(s, vec->prio, targets_secure);
244
-
if (vec->enabled && vec->pending && prio < pend_prio) {
245
+
subprio = vec->prio & ~nvic_gprio_mask(s, targets_secure);
246
+
if (vec->enabled && vec->pending &&
247
+
((prio < pend_prio) ||
248
+
(prio == pend_prio && prio >= 0 && subprio < pend_subprio))) {
245
249
pend_prio = prio;
250
+
pend_subprio = subprio;
246
251
pend_irq = i;
247
252
pending_is_s_banked = (bank == M_REG_S);
248
253
}
···
1162
1167
if (!arm_feature(&cpu->env, ARM_FEATURE_M_MAIN)) {
1163
1168
goto bad_offset;
1164
1169
}
1170
+
if (!attrs.secure &&
1171
+
!(s->cpu->env.v7m.aircr & R_V7M_AIRCR_BFHFNMINS_MASK)) {
1172
+
return 0;
1173
+
}
1165
1174
return cpu->env.v7m.bfar;
1166
1175
case 0xd3c: /* Aux Fault Status. */
1167
1176
/* TODO: Implement fault status registers. */
···
1641
1650
if (!arm_feature(&cpu->env, ARM_FEATURE_M_MAIN)) {
1642
1651
goto bad_offset;
1643
1652
}
1653
+
if (!attrs.secure &&
1654
+
!(s->cpu->env.v7m.aircr & R_V7M_AIRCR_BFHFNMINS_MASK)) {
1655
+
return;
1656
+
}
1644
1657
cpu->env.v7m.bfar = value;
1645
1658
return;
1646
1659
case 0xd3c: /* Aux Fault Status. */
···
2125
2138
val = 0;
2126
2139
break;
2127
2140
};
2128
-
/* The BFSR bits [15:8] are shared between security states
2129
-
* and we store them in the NS copy
2141
+
/*
2142
+
* The BFSR bits [15:8] are shared between security states
2143
+
* and we store them in the NS copy. They are RAZ/WI for
2144
+
* NS code if AIRCR.BFHFNMINS is 0.
2130
2145
*/
2131
2146
val = s->cpu->env.v7m.cfsr[attrs.secure];
2132
-
val |= s->cpu->env.v7m.cfsr[M_REG_NS] & R_V7M_CFSR_BFSR_MASK;
2147
+
if (!attrs.secure &&
2148
+
!(s->cpu->env.v7m.aircr & R_V7M_AIRCR_BFHFNMINS_MASK)) {
2149
+
val &= ~R_V7M_CFSR_BFSR_MASK;
2150
+
} else {
2151
+
val |= s->cpu->env.v7m.cfsr[M_REG_NS] & R_V7M_CFSR_BFSR_MASK;
2152
+
}
2133
2153
val = extract32(val, (offset - 0xd28) * 8, size * 8);
2134
2154
break;
2135
2155
case 0xfe0 ... 0xfff: /* ID. */
···
2243
2263
* the parts not written by the access size
2244
2264
*/
2245
2265
value <<= ((offset - 0xd28) * 8);
2266
+
2267
+
if (!attrs.secure &&
2268
+
!(s->cpu->env.v7m.aircr & R_V7M_AIRCR_BFHFNMINS_MASK)) {
2269
+
/* BFSR bits are RAZ/WI for NS if BFHFNMINS is set */
2270
+
value &= ~R_V7M_CFSR_BFSR_MASK;
2271
+
}
2246
2272
2247
2273
s->cpu->env.v7m.cfsr[attrs.secure] &= ~value;
2248
2274
if (attrs.secure) {
···
2465
2491
* the System Handler Control register
2466
2492
*/
2467
2493
s->vectors[ARMV7M_EXCP_SVC].enabled = 1;
2468
-
s->vectors[ARMV7M_EXCP_DEBUG].enabled = 1;
2469
2494
s->vectors[ARMV7M_EXCP_PENDSV].enabled = 1;
2470
2495
s->vectors[ARMV7M_EXCP_SYSTICK].enabled = 1;
2496
+
2497
+
/* DebugMonitor is enabled via DEMCR.MON_EN */
2498
+
s->vectors[ARMV7M_EXCP_DEBUG].enabled = 0;
2471
2499
2472
2500
resetprio = arm_feature(&s->cpu->env, ARM_FEATURE_V8) ? -4 : -3;
2473
2501
s->vectors[ARMV7M_EXCP_RESET].prio = resetprio;
+1
include/hw/arm/aspeed.h
+1
include/hw/arm/aspeed.h
+2
include/hw/arm/virt.h
+2
include/hw/arm/virt.h
···
35
35
#include "qemu/notify.h"
36
36
#include "hw/boards.h"
37
37
#include "hw/arm/arm.h"
38
+
#include "hw/block/flash.h"
38
39
#include "sysemu/kvm.h"
39
40
#include "hw/intc/arm_gicv3_common.h"
40
41
···
113
114
Notifier machine_done;
114
115
DeviceState *platform_bus_dev;
115
116
FWCfgState *fw_cfg;
117
+
PFlashCFI01 *flash[2];
116
118
bool secure;
117
119
bool highmem;
118
120
bool highmem_ecam;
+1
include/hw/block/flash.h
+1
include/hw/block/flash.h
+1
-1
include/qemu/compiler.h
+1
-1
include/qemu/compiler.h
+5
-5
include/qemu/osdep.h
+5
-5
include/qemu/osdep.h
···
85
85
#endif
86
86
#endif
87
87
88
+
/* enable C99/POSIX format strings (needs mingw32-runtime 3.15 or later) */
89
+
#ifdef __MINGW32__
90
+
#define __USE_MINGW_ANSI_STDIO 1
91
+
#endif
92
+
88
93
#include <stdarg.h>
89
94
#include <stddef.h>
90
95
#include <stdbool.h>
91
96
#include <stdint.h>
92
97
#include <sys/types.h>
93
98
#include <stdlib.h>
94
-
95
-
/* enable C99/POSIX format strings (needs mingw32-runtime 3.15 or later) */
96
-
#ifdef __MINGW32__
97
-
#define __USE_MINGW_ANSI_STDIO 1
98
-
#endif
99
99
#include <stdio.h>
100
100
101
101
#include <string.h>
+1
-1
qga/commands-win32.c
+1
-1
qga/commands-win32.c
···
457
457
458
458
#ifdef CONFIG_QGA_NTDDSCSI
459
459
460
-
static STORAGE_BUS_TYPE win2qemu[] = {
460
+
static GuestDiskBusType win2qemu[] = {
461
461
[BusTypeUnknown] = GUEST_DISK_BUS_TYPE_UNKNOWN,
462
462
[BusTypeScsi] = GUEST_DISK_BUS_TYPE_SCSI,
463
463
[BusTypeAtapi] = GUEST_DISK_BUS_TYPE_IDE,
+6
-1
scripts/cocci-macro-file.h
+6
-1
scripts/cocci-macro-file.h
···
23
23
#define QEMU_NORETURN __attribute__ ((__noreturn__))
24
24
#define QEMU_WARN_UNUSED_RESULT __attribute__((warn_unused_result))
25
25
#define QEMU_SENTINEL __attribute__((sentinel))
26
-
#define QEMU_PACKED __attribute__((gcc_struct, packed))
26
+
27
+
#if defined(_WIN32) && (defined(__x86_64__) || defined(__i386__))
28
+
# define QEMU_PACKED __attribute__((gcc_struct, packed))
29
+
#else
30
+
# define QEMU_PACKED __attribute__((packed))
31
+
#endif
27
32
28
33
#define cat(x,y) x ## y
29
34
#define cat2(x,y) cat(x,y)
+12
-1
target/arm/cpu.h
+12
-1
target/arm/cpu.h
···
1285
1285
| (env->CF << 29) | ((env->VF & 0x80000000) >> 3) | (env->QF << 27)
1286
1286
| (env->thumb << 24) | ((env->condexec_bits & 3) << 25)
1287
1287
| ((env->condexec_bits & 0xfc) << 8)
1288
+
| (env->GE << 16)
1288
1289
| env->v7m.exception;
1289
1290
}
1290
1291
···
1299
1300
}
1300
1301
if (mask & XPSR_Q) {
1301
1302
env->QF = ((val & XPSR_Q) != 0);
1303
+
}
1304
+
if (mask & XPSR_GE) {
1305
+
env->GE = (val & XPSR_GE) >> 16;
1302
1306
}
1303
1307
if (mask & XPSR_T) {
1304
1308
env->thumb = ((val & XPSR_T) != 0);
···
2610
2614
/**
2611
2615
* write_cpustate_to_list:
2612
2616
* @cpu: ARMCPU
2617
+
* @kvm_sync: true if this is for syncing back to KVM
2613
2618
*
2614
2619
* For each register listed in the ARMCPU cpreg_indexes list, write
2615
2620
* its value from the ARMCPUState structure into the cpreg_values list.
2616
2621
* This is used to copy info from TCG's working data structures into
2617
2622
* KVM or for outbound migration.
2618
2623
*
2624
+
* @kvm_sync is true if we are doing this in order to sync the
2625
+
* register state back to KVM. In this case we will only update
2626
+
* values in the list if the previous list->cpustate sync actually
2627
+
* successfully wrote the CPU state. Otherwise we will keep the value
2628
+
* that is in the list.
2629
+
*
2619
2630
* Returns: true if all register values were read correctly,
2620
2631
* false if some register was unknown or could not be read.
2621
2632
* Note that we do not stop early on failure -- we will attempt
2622
2633
* reading all registers in the list.
2623
2634
*/
2624
-
bool write_cpustate_to_list(ARMCPU *cpu);
2635
+
bool write_cpustate_to_list(ARMCPU *cpu, bool kvm_sync);
2625
2636
2626
2637
#define ARM_CPUID_TI915T 0x54029152
2627
2638
#define ARM_CPUID_TI925T 0x54029252
+41
-6
target/arm/helper.c
+41
-6
target/arm/helper.c
···
1
1
#include "qemu/osdep.h"
2
+
#include "qemu/units.h"
2
3
#include "target/arm/idau.h"
3
4
#include "trace.h"
4
5
#include "cpu.h"
···
266
267
return true;
267
268
}
268
269
269
-
bool write_cpustate_to_list(ARMCPU *cpu)
270
+
bool write_cpustate_to_list(ARMCPU *cpu, bool kvm_sync)
270
271
{
271
272
/* Write the coprocessor state from cpu->env to the (index,value) list. */
272
273
int i;
···
275
276
for (i = 0; i < cpu->cpreg_array_len; i++) {
276
277
uint32_t regidx = kvm_to_cpreg_id(cpu->cpreg_indexes[i]);
277
278
const ARMCPRegInfo *ri;
279
+
uint64_t newval;
278
280
279
281
ri = get_arm_cp_reginfo(cpu->cp_regs, regidx);
280
282
if (!ri) {
···
284
286
if (ri->type & ARM_CP_NO_RAW) {
285
287
continue;
286
288
}
287
-
cpu->cpreg_values[i] = read_raw_cp_reg(&cpu->env, ri);
289
+
290
+
newval = read_raw_cp_reg(&cpu->env, ri);
291
+
if (kvm_sync) {
292
+
/*
293
+
* Only sync if the previous list->cpustate sync succeeded.
294
+
* Rather than tracking the success/failure state for every
295
+
* item in the list, we just recheck "does the raw write we must
296
+
* have made in write_list_to_cpustate() read back OK" here.
297
+
*/
298
+
uint64_t oldval = cpu->cpreg_values[i];
299
+
300
+
if (oldval == newval) {
301
+
continue;
302
+
}
303
+
304
+
write_raw_cp_reg(&cpu->env, ri, oldval);
305
+
if (read_raw_cp_reg(&cpu->env, ri) != oldval) {
306
+
continue;
307
+
}
308
+
309
+
write_raw_cp_reg(&cpu->env, ri, newval);
310
+
}
311
+
cpu->cpreg_values[i] = newval;
288
312
}
289
313
return ok;
290
314
}
···
8704
8728
{
8705
8729
CPUARMState *env = &cpu->env;
8706
8730
uint32_t excret;
8707
-
uint32_t xpsr;
8731
+
uint32_t xpsr, xpsr_mask;
8708
8732
bool ufault = false;
8709
8733
bool sfault = false;
8710
8734
bool return_to_sp_process;
···
9156
9180
}
9157
9181
*frame_sp_p = frameptr;
9158
9182
}
9183
+
9184
+
xpsr_mask = ~(XPSR_SPREALIGN | XPSR_SFPA);
9185
+
if (!arm_feature(env, ARM_FEATURE_THUMB_DSP)) {
9186
+
xpsr_mask &= ~XPSR_GE;
9187
+
}
9159
9188
/* This xpsr_write() will invalidate frame_sp_p as it may switch stack */
9160
-
xpsr_write(env, xpsr, ~(XPSR_SPREALIGN | XPSR_SFPA));
9189
+
xpsr_write(env, xpsr, xpsr_mask);
9161
9190
9162
9191
if (env->v7m.secure) {
9163
9192
bool sfpa = xpsr & XPSR_SFPA;
···
12642
12671
}
12643
12672
if (!(reg & 4)) {
12644
12673
mask |= XPSR_NZCV | XPSR_Q; /* APSR */
12674
+
if (arm_feature(env, ARM_FEATURE_THUMB_DSP)) {
12675
+
mask |= XPSR_GE;
12676
+
}
12645
12677
}
12646
12678
/* EPSR reads as zero */
12647
12679
return xpsr_read(env) & mask;
···
13099
13131
* We know that in fact for any v8 CPU the page size is at least 4K
13100
13132
* and the block size must be 2K or less, but TARGET_PAGE_SIZE is only
13101
13133
* 1K as an artefact of legacy v5 subpage support being present in the
13102
-
* same QEMU executable.
13134
+
* same QEMU executable. So in practice the hostaddr[] array has
13135
+
* two entries, given the current setting of TARGET_PAGE_BITS_MIN.
13103
13136
*/
13104
13137
int maxidx = DIV_ROUND_UP(blocklen, TARGET_PAGE_SIZE);
13105
-
void *hostaddr[maxidx];
13138
+
void *hostaddr[DIV_ROUND_UP(2 * KiB, 1 << TARGET_PAGE_BITS_MIN)];
13106
13139
int try, i;
13107
13140
unsigned mmu_idx = cpu_mmu_index(env, false);
13108
13141
TCGMemOpIdx oi = make_memop_idx(MO_UB, mmu_idx);
13142
+
13143
+
assert(maxidx <= ARRAY_SIZE(hostaddr));
13109
13144
13110
13145
for (try = 0; try < 2; try++) {
13111
13146
+8
target/arm/kvm.c
+8
target/arm/kvm.c
···
497
497
fprintf(stderr, "write_kvmstate_to_list failed\n");
498
498
abort();
499
499
}
500
+
/*
501
+
* Sync the reset values also into the CPUState. This is necessary
502
+
* because the next thing we do will be a kvm_arch_put_registers()
503
+
* which will update the list values from the CPUState before copying
504
+
* the list values back to KVM. It's OK to ignore failure returns here
505
+
* for the same reason we do so in kvm_arch_get_registers().
506
+
*/
507
+
write_list_to_cpustate(cpu);
500
508
}
501
509
502
510
/*
+2
-18
target/arm/kvm32.c
+2
-18
target/arm/kvm32.c
···
384
384
return ret;
385
385
}
386
386
387
-
/* Note that we do not call write_cpustate_to_list()
388
-
* here, so we are only writing the tuple list back to
389
-
* KVM. This is safe because nothing can change the
390
-
* CPUARMState cp15 fields (in particular gdb accesses cannot)
391
-
* and so there are no changes to sync. In fact syncing would
392
-
* be wrong at this point: for a constant register where TCG and
393
-
* KVM disagree about its value, the preceding write_list_to_cpustate()
394
-
* would not have had any effect on the CPUARMState value (since the
395
-
* register is read-only), and a write_cpustate_to_list() here would
396
-
* then try to write the TCG value back into KVM -- this would either
397
-
* fail or incorrectly change the value the guest sees.
398
-
*
399
-
* If we ever want to allow the user to modify cp15 registers via
400
-
* the gdb stub, we would need to be more clever here (for instance
401
-
* tracking the set of registers kvm_arch_get_registers() successfully
402
-
* managed to update the CPUARMState with, and only allowing those
403
-
* to be written back up into the kernel).
404
-
*/
387
+
write_cpustate_to_list(cpu, true);
388
+
405
389
if (!write_list_to_kvmstate(cpu, level)) {
406
390
return EINVAL;
407
391
}
+2
target/arm/kvm64.c
+2
target/arm/kvm64.c
+1
-1
target/arm/machine.c
+1
-1
target/arm/machine.c
+1
-1
util/cacheinfo.c
+1
-1
util/cacheinfo.c
···
107
107
static void arch_cache_info(int *isize, int *dsize)
108
108
{
109
109
if (*isize == 0 || *dsize == 0) {
110
-
unsigned long ctr;
110
+
uint64_t ctr;
111
111
112
112
/* The real cache geometry is in CCSIDR_EL1/CLIDR_EL1/CSSELR_EL1,
113
113
but (at least under Linux) these are marked protected by the