* [Qemu-devel] [PULL 0/3] target-arm queue
@ 2012-01-05 16:44 Peter Maydell
2012-01-05 16:44 ` [Qemu-devel] [PATCH 1/3] target-arm: Don't use cpu_single_env in bank_number() Peter Maydell
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: Peter Maydell @ 2012-01-05 16:44 UTC (permalink / raw)
To: Andrzej Zaborowski; +Cc: Anthony Liguori, Paul Brook, qemu-devel
Pending target-arm patches; not very many, but seems better to
commit them now, since there might be further trustzone related
patches that would have to sit on top of these. Please pull.
The following changes since commit c47f3223658119219bbe0b8d09da733d1c06e76f:
Merge remote-tracking branch 'pmaydell/arm-devs.for-upstream' into staging (2012-01-04 10:06:25 -0600)
are available in the git repository at:
git://git.linaro.org/people/pmaydell/qemu-arm.git target-arm.for-upstream
Mark Langsdorf (1):
arm: add dummy A9-specific cp15 registers
Peter Maydell (2):
target-arm: Don't use cpu_single_env in bank_number()
target-arm: Ignore attempts to set invalid modes in CPSR
target-arm/cpu.h | 6 +++-
target-arm/helper.c | 90 ++++++++++++++++++++++++++++++++++++++++++++++----
target-arm/machine.c | 6 +++
3 files changed, 94 insertions(+), 8 deletions(-)
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Qemu-devel] [PATCH 1/3] target-arm: Don't use cpu_single_env in bank_number()
2012-01-05 16:44 [Qemu-devel] [PULL 0/3] target-arm queue Peter Maydell
@ 2012-01-05 16:44 ` Peter Maydell
2012-01-05 16:44 ` [Qemu-devel] [PATCH 2/3] target-arm: Ignore attempts to set invalid modes in CPSR Peter Maydell
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: Peter Maydell @ 2012-01-05 16:44 UTC (permalink / raw)
To: Andrzej Zaborowski; +Cc: Anthony Liguori, Paul Brook, qemu-devel
Avoid using cpu_single_env in bank_number() -- if we were
called via the gdb stub reading or writing the CPSR then
it is NULL and we will segfault if we take the cpu_abort().
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target-arm/helper.c | 12 ++++++------
1 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 65f4fbf..5b994d5 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -642,7 +642,7 @@ uint32_t HELPER(get_r13_banked)(CPUState *env, uint32_t mode)
extern int semihosting_enabled;
/* Map CPU modes onto saved register banks. */
-static inline int bank_number (int mode)
+static inline int bank_number(CPUState *env, int mode)
{
switch (mode) {
case ARM_CPU_MODE_USR:
@@ -659,7 +659,7 @@ static inline int bank_number (int mode)
case ARM_CPU_MODE_FIQ:
return 5;
}
- cpu_abort(cpu_single_env, "Bad mode %x\n", mode);
+ cpu_abort(env, "Bad mode %x\n", mode);
return -1;
}
@@ -680,12 +680,12 @@ void switch_mode(CPUState *env, int mode)
memcpy (env->regs + 8, env->fiq_regs, 5 * sizeof(uint32_t));
}
- i = bank_number(old_mode);
+ i = bank_number(env, old_mode);
env->banked_r13[i] = env->regs[13];
env->banked_r14[i] = env->regs[14];
env->banked_spsr[i] = env->spsr;
- i = bank_number(mode);
+ i = bank_number(env, mode);
env->regs[13] = env->banked_r13[i];
env->regs[14] = env->banked_r14[i];
env->spsr = env->banked_spsr[i];
@@ -2125,7 +2125,7 @@ void HELPER(set_r13_banked)(CPUState *env, uint32_t mode, uint32_t val)
if ((env->uncached_cpsr & CPSR_M) == mode) {
env->regs[13] = val;
} else {
- env->banked_r13[bank_number(mode)] = val;
+ env->banked_r13[bank_number(env, mode)] = val;
}
}
@@ -2134,7 +2134,7 @@ uint32_t HELPER(get_r13_banked)(CPUState *env, uint32_t mode)
if ((env->uncached_cpsr & CPSR_M) == mode) {
return env->regs[13];
} else {
- return env->banked_r13[bank_number(mode)];
+ return env->banked_r13[bank_number(env, mode)];
}
}
--
1.7.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [Qemu-devel] [PATCH 2/3] target-arm: Ignore attempts to set invalid modes in CPSR
2012-01-05 16:44 [Qemu-devel] [PULL 0/3] target-arm queue Peter Maydell
2012-01-05 16:44 ` [Qemu-devel] [PATCH 1/3] target-arm: Don't use cpu_single_env in bank_number() Peter Maydell
@ 2012-01-05 16:44 ` Peter Maydell
2012-01-05 16:44 ` [Qemu-devel] [PATCH 3/3] arm: add dummy A9-specific cp15 registers Peter Maydell
2012-01-07 21:24 ` [Qemu-devel] [PULL 0/3] target-arm queue Aurelien Jarno
3 siblings, 0 replies; 5+ messages in thread
From: Peter Maydell @ 2012-01-05 16:44 UTC (permalink / raw)
To: Andrzej Zaborowski; +Cc: Anthony Liguori, Paul Brook, qemu-devel
Ignore attempts to set the CPSR mode field to an invalid value.
This is UNPREDICTABLE, but we should not cpu_abort() for things
a malicious guest (or a confused user on the gdbstub interface)
can provoke.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target-arm/helper.c | 30 +++++++++++++++++++++++++++++-
1 files changed, 29 insertions(+), 1 deletions(-)
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 5b994d5..261d547 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -463,6 +463,26 @@ void cpu_arm_close(CPUARMState *env)
g_free(env);
}
+static int bad_mode_switch(CPUState *env, int mode)
+{
+ /* Return true if it is not valid for us to switch to
+ * this CPU mode (ie all the UNPREDICTABLE cases in
+ * the ARM ARM CPSRWriteByInstr pseudocode).
+ */
+ switch (mode) {
+ case ARM_CPU_MODE_USR:
+ case ARM_CPU_MODE_SYS:
+ case ARM_CPU_MODE_SVC:
+ case ARM_CPU_MODE_ABT:
+ case ARM_CPU_MODE_UND:
+ case ARM_CPU_MODE_IRQ:
+ case ARM_CPU_MODE_FIQ:
+ return 0;
+ default:
+ return 1;
+ }
+}
+
uint32_t cpsr_read(CPUARMState *env)
{
int ZF;
@@ -499,7 +519,15 @@ void cpsr_write(CPUARMState *env, uint32_t val, uint32_t mask)
}
if ((env->uncached_cpsr ^ val) & mask & CPSR_M) {
- switch_mode(env, val & CPSR_M);
+ if (bad_mode_switch(env, val & CPSR_M)) {
+ /* Attempt to switch to an invalid mode: this is UNPREDICTABLE.
+ * We choose to ignore the attempt and leave the CPSR M field
+ * untouched.
+ */
+ mask &= ~CPSR_M;
+ } else {
+ switch_mode(env, val & CPSR_M);
+ }
}
mask &= ~CACHED_CPSR_BITS;
env->uncached_cpsr = (env->uncached_cpsr & ~mask) | (val & mask);
--
1.7.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [Qemu-devel] [PATCH 3/3] arm: add dummy A9-specific cp15 registers
2012-01-05 16:44 [Qemu-devel] [PULL 0/3] target-arm queue Peter Maydell
2012-01-05 16:44 ` [Qemu-devel] [PATCH 1/3] target-arm: Don't use cpu_single_env in bank_number() Peter Maydell
2012-01-05 16:44 ` [Qemu-devel] [PATCH 2/3] target-arm: Ignore attempts to set invalid modes in CPSR Peter Maydell
@ 2012-01-05 16:44 ` Peter Maydell
2012-01-07 21:24 ` [Qemu-devel] [PULL 0/3] target-arm queue Aurelien Jarno
3 siblings, 0 replies; 5+ messages in thread
From: Peter Maydell @ 2012-01-05 16:44 UTC (permalink / raw)
To: Andrzej Zaborowski; +Cc: Anthony Liguori, Paul Brook, qemu-devel
From: Mark Langsdorf <mark.langsdorf@calxeda.com>
Add dummy register support for the cp15, CRn=c15 registers.
config_base_register and power_control_register currently
default to 0, but may have improved support after the QOM
CPU patches are finished.
Signed-off-by: Mark Langsdorf <mark.langsdorf@calxeda.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target-arm/cpu.h | 6 +++++-
target-arm/helper.c | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
target-arm/machine.c | 6 ++++++
3 files changed, 59 insertions(+), 1 deletions(-)
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index c4d742f..26b4981 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -149,6 +149,10 @@ typedef struct CPUARMState {
uint32_t c15_i_max; /* Maximum D-cache dirty line index. */
uint32_t c15_i_min; /* Minimum D-cache dirty line index. */
uint32_t c15_threadid; /* TI debugger thread-ID. */
+ uint32_t c15_config_base_address; /* SCU base address. */
+ uint32_t c15_diagnostic; /* diagnostic register */
+ uint32_t c15_power_diagnostic;
+ uint32_t c15_power_control; /* power control */
} cp15;
struct {
@@ -448,7 +452,7 @@ void cpu_arm_set_cp_io(CPUARMState *env, int cpnum,
#define cpu_signal_handler cpu_arm_signal_handler
#define cpu_list arm_cpu_list
-#define CPU_SAVE_VERSION 4
+#define CPU_SAVE_VERSION 5
/* MMU modes definitions */
#define MMU_MODE0_SUFFIX _kernel
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 261d547..fa42c64 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -1796,6 +1796,20 @@ void HELPER(set_cp15)(CPUState *env, uint32_t insn, uint32_t val)
goto bad_reg;
}
}
+ if (ARM_CPUID(env) == ARM_CPUID_CORTEXA9) {
+ switch (crm) {
+ case 0:
+ if ((op1 == 0) && (op2 == 0)) {
+ env->cp15.c15_power_control = val;
+ } else if ((op1 == 0) && (op2 == 1)) {
+ env->cp15.c15_diagnostic = val;
+ } else if ((op1 == 0) && (op2 == 2)) {
+ env->cp15.c15_power_diagnostic = val;
+ }
+ default:
+ break;
+ }
+ }
break;
}
return;
@@ -2139,6 +2153,40 @@ uint32_t HELPER(get_cp15)(CPUState *env, uint32_t insn)
* 0x200 << ($rn & 0xfff), when MMU is off. */
goto bad_reg;
}
+ if (ARM_CPUID(env) == ARM_CPUID_CORTEXA9) {
+ switch (crm) {
+ case 0:
+ if ((op1 == 4) && (op2 == 0)) {
+ /* The config_base_address should hold the value of
+ * the peripheral base. ARM should get this from a CPU
+ * object property, but that support isn't available in
+ * December 2011. Default to 0 for now and board models
+ * that care can set it by a private hook */
+ return env->cp15.c15_config_base_address;
+ } else if ((op1 == 0) && (op2 == 0)) {
+ /* power_control should be set to maximum latency. Again,
+ default to 0 and set by private hook */
+ return env->cp15.c15_power_control;
+ } else if ((op1 == 0) && (op2 == 1)) {
+ return env->cp15.c15_diagnostic;
+ } else if ((op1 == 0) && (op2 == 2)) {
+ return env->cp15.c15_power_diagnostic;
+ }
+ break;
+ case 1: /* NEON Busy */
+ return 0;
+ case 5: /* tlb lockdown */
+ case 6:
+ case 7:
+ if ((op1 == 5) && (op2 == 2)) {
+ return 0;
+ }
+ break;
+ default:
+ break;
+ }
+ goto bad_reg;
+ }
return 0;
}
bad_reg:
diff --git a/target-arm/machine.c b/target-arm/machine.c
index aaee9b9..8984775 100644
--- a/target-arm/machine.c
+++ b/target-arm/machine.c
@@ -56,6 +56,9 @@ void cpu_save(QEMUFile *f, void *opaque)
qemu_put_be32(f, env->cp15.c13_tls2);
qemu_put_be32(f, env->cp15.c13_tls3);
qemu_put_be32(f, env->cp15.c15_cpar);
+ qemu_put_be32(f, env->cp15.c15_power_control);
+ qemu_put_be32(f, env->cp15.c15_diagnostic);
+ qemu_put_be32(f, env->cp15.c15_power_diagnostic);
qemu_put_be32(f, env->features);
@@ -170,6 +173,9 @@ int cpu_load(QEMUFile *f, void *opaque, int version_id)
env->cp15.c13_tls2 = qemu_get_be32(f);
env->cp15.c13_tls3 = qemu_get_be32(f);
env->cp15.c15_cpar = qemu_get_be32(f);
+ env->cp15.c15_power_control = qemu_get_be32(f);
+ env->cp15.c15_diagnostic = qemu_get_be32(f);
+ env->cp15.c15_power_diagnostic = qemu_get_be32(f);
env->features = qemu_get_be32(f);
--
1.7.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [Qemu-devel] [PULL 0/3] target-arm queue
2012-01-05 16:44 [Qemu-devel] [PULL 0/3] target-arm queue Peter Maydell
` (2 preceding siblings ...)
2012-01-05 16:44 ` [Qemu-devel] [PATCH 3/3] arm: add dummy A9-specific cp15 registers Peter Maydell
@ 2012-01-07 21:24 ` Aurelien Jarno
3 siblings, 0 replies; 5+ messages in thread
From: Aurelien Jarno @ 2012-01-07 21:24 UTC (permalink / raw)
To: Peter Maydell; +Cc: qemu-devel
On Thu, Jan 05, 2012 at 04:44:31PM +0000, Peter Maydell wrote:
> Pending target-arm patches; not very many, but seems better to
> commit them now, since there might be further trustzone related
> patches that would have to sit on top of these. Please pull.
>
> The following changes since commit c47f3223658119219bbe0b8d09da733d1c06e76f:
>
> Merge remote-tracking branch 'pmaydell/arm-devs.for-upstream' into staging (2012-01-04 10:06:25 -0600)
>
> are available in the git repository at:
>
> git://git.linaro.org/people/pmaydell/qemu-arm.git target-arm.for-upstream
>
> Mark Langsdorf (1):
> arm: add dummy A9-specific cp15 registers
>
> Peter Maydell (2):
> target-arm: Don't use cpu_single_env in bank_number()
> target-arm: Ignore attempts to set invalid modes in CPSR
>
> target-arm/cpu.h | 6 +++-
> target-arm/helper.c | 90 ++++++++++++++++++++++++++++++++++++++++++++++----
> target-arm/machine.c | 6 +++
> 3 files changed, 94 insertions(+), 8 deletions(-)
>
>
Thanks, pulled.
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurelien@aurel32.net http://www.aurel32.net
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2012-01-07 21:24 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-01-05 16:44 [Qemu-devel] [PULL 0/3] target-arm queue Peter Maydell
2012-01-05 16:44 ` [Qemu-devel] [PATCH 1/3] target-arm: Don't use cpu_single_env in bank_number() Peter Maydell
2012-01-05 16:44 ` [Qemu-devel] [PATCH 2/3] target-arm: Ignore attempts to set invalid modes in CPSR Peter Maydell
2012-01-05 16:44 ` [Qemu-devel] [PATCH 3/3] arm: add dummy A9-specific cp15 registers Peter Maydell
2012-01-07 21:24 ` [Qemu-devel] [PULL 0/3] target-arm queue Aurelien Jarno
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).