* [Qemu-devel] [PULL 00/12] target-arm queue
@ 2014-08-04 13:53 Peter Maydell
2014-08-04 13:53 ` [Qemu-devel] [PULL 01/12] hw/arm/boot: Set PC correctly when loading AArch64 ELF files Peter Maydell
` (12 more replies)
0 siblings, 13 replies; 14+ messages in thread
From: Peter Maydell @ 2014-08-04 13:53 UTC (permalink / raw)
To: qemu-devel
First pullreq for 2.2; not very many patches but I didn't want
to hang onto them any more, especially since there are several
bits of work in-flight that will need to rebase after these.
The following changes since commit 924c09db51b147881d51d8102deb4f285305c1b7:
Merge remote-tracking branch 'remotes/amit-virtio-rng/for-2.2' into staging (2014-08-04 13:07:02 +0100)
are available in the git repository at:
git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20140804
for you to fetch changes up to dbb1fb277ca12acd577403575aa6a2f119ab79ea:
target-arm: A64: fix TLB flush instructions (2014-08-04 14:41:56 +0100)
----------------------------------------------------------------
target-arm queue:
* Set PC correctly when loading AArch64 ELF files
* sdhci: Fix ADMA dma_memory_read access
* some more foundational work for EL2/EL3 support
* fix bugs which reveal themselves if the TARGET_PAGE_SIZE
is not set to 1K
----------------------------------------------------------------
Alex Bennée (2):
target-arm: don't hardcode mask values in arm_cpu_handle_mmu_fault
target-arm: A64: fix TLB flush instructions
Andrew Jones (1):
hw/arm/virt: formatting: memory map
Edgar E. Iglesias (6):
target-arm: A64: Break out aarch64_save/restore_sp
target-arm: A64: Respect SPSEL in ERET SP restore
target-arm: A64: Respect SPSEL when taking exceptions
target-arm: Make far_el1 an array
target-arm: Add ESR_EL2 and 3
target-arm: Add FAR_EL2 and 3
Peter Crosthwaite (1):
sd: sdhci: Fix ADMA dma_memory_read access
Peter Maydell (1):
hw/arm/boot: Set PC correctly when loading AArch64 ELF files
Stefan Weil (1):
target-arm: Fix bit test in sp_el0_access
hw/arm/boot.c | 8 ++++++--
hw/arm/virt.c | 16 ++++++++--------
hw/sd/sdhci.c | 3 ++-
target-arm/cpu.c | 2 +-
target-arm/cpu.h | 4 ++--
target-arm/helper-a64.c | 8 ++++----
target-arm/helper.c | 42 +++++++++++++++++++++++++++++++-----------
target-arm/internals.h | 29 ++++++++++++++++++++---------
target-arm/kvm64.c | 13 +++----------
target-arm/op_helper.c | 8 ++------
10 files changed, 79 insertions(+), 54 deletions(-)
^ permalink raw reply [flat|nested] 14+ messages in thread
* [Qemu-devel] [PULL 01/12] hw/arm/boot: Set PC correctly when loading AArch64 ELF files
2014-08-04 13:53 [Qemu-devel] [PULL 00/12] target-arm queue Peter Maydell
@ 2014-08-04 13:53 ` Peter Maydell
2014-08-04 13:53 ` [Qemu-devel] [PULL 02/12] hw/arm/virt: formatting: memory map Peter Maydell
` (11 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Peter Maydell @ 2014-08-04 13:53 UTC (permalink / raw)
To: qemu-devel
The code in do_cpu_reset() correctly handled AArch64 CPUs
when running Linux kernels, but was missing code in the
branch of the if() that deals with loading ELF files.
Correctly jump to the ELF entry point on reset rather than
leaving the reset PC at zero.
Reported-by: Christopher Covington <cov@codeaurora.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Christopher Covington <cov@codeaurora.org>
Cc: qemu-stable@nongnu.org
---
hw/arm/boot.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/hw/arm/boot.c b/hw/arm/boot.c
index 3d1f4a2..1241761 100644
--- a/hw/arm/boot.c
+++ b/hw/arm/boot.c
@@ -417,8 +417,12 @@ static void do_cpu_reset(void *opaque)
if (info) {
if (!info->is_linux) {
/* Jump to the entry point. */
- env->regs[15] = info->entry & 0xfffffffe;
- env->thumb = info->entry & 1;
+ if (env->aarch64) {
+ env->pc = info->entry;
+ } else {
+ env->regs[15] = info->entry & 0xfffffffe;
+ env->thumb = info->entry & 1;
+ }
} else {
if (CPU(cpu) == first_cpu) {
if (env->aarch64) {
--
1.9.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [Qemu-devel] [PULL 02/12] hw/arm/virt: formatting: memory map
2014-08-04 13:53 [Qemu-devel] [PULL 00/12] target-arm queue Peter Maydell
2014-08-04 13:53 ` [Qemu-devel] [PULL 01/12] hw/arm/boot: Set PC correctly when loading AArch64 ELF files Peter Maydell
@ 2014-08-04 13:53 ` Peter Maydell
2014-08-04 13:53 ` [Qemu-devel] [PULL 03/12] sd: sdhci: Fix ADMA dma_memory_read access Peter Maydell
` (10 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Peter Maydell @ 2014-08-04 13:53 UTC (permalink / raw)
To: qemu-devel
From: Andrew Jones <drjones@redhat.com>
Add some spacing and zeros to make it easier to read and
modify the map. This patch has no functional changes. The
review looks ugly, but it's actually pretty easy to confirm
all the addresses are as they should be - thanks to the new
formatting ;-)
Signed-off-by: Andrew Jones <drjones@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
hw/arm/virt.c | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
index 89532bd..ba94298 100644
--- a/hw/arm/virt.c
+++ b/hw/arm/virt.c
@@ -98,17 +98,17 @@ typedef struct VirtBoardInfo {
*/
static const MemMapEntry a15memmap[] = {
/* Space up to 0x8000000 is reserved for a boot ROM */
- [VIRT_FLASH] = { 0, 0x8000000 },
- [VIRT_CPUPERIPHS] = { 0x8000000, 0x20000 },
+ [VIRT_FLASH] = { 0, 0x08000000 },
+ [VIRT_CPUPERIPHS] = { 0x08000000, 0x00020000 },
/* GIC distributor and CPU interfaces sit inside the CPU peripheral space */
- [VIRT_GIC_DIST] = { 0x8000000, 0x10000 },
- [VIRT_GIC_CPU] = { 0x8010000, 0x10000 },
- [VIRT_UART] = { 0x9000000, 0x1000 },
- [VIRT_RTC] = { 0x9010000, 0x1000 },
- [VIRT_MMIO] = { 0xa000000, 0x200 },
+ [VIRT_GIC_DIST] = { 0x08000000, 0x00010000 },
+ [VIRT_GIC_CPU] = { 0x08010000, 0x00010000 },
+ [VIRT_UART] = { 0x09000000, 0x00001000 },
+ [VIRT_RTC] = { 0x09010000, 0x00001000 },
+ [VIRT_MMIO] = { 0x0a000000, 0x00000200 },
/* ...repeating for a total of NUM_VIRTIO_TRANSPORTS, each of that size */
/* 0x10000000 .. 0x40000000 reserved for PCI */
- [VIRT_MEM] = { 0x40000000, 30ULL * 1024 * 1024 * 1024 },
+ [VIRT_MEM] = { 0x40000000, 30ULL * 1024 * 1024 * 1024 },
};
static const int a15irqmap[] = {
--
1.9.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [Qemu-devel] [PULL 03/12] sd: sdhci: Fix ADMA dma_memory_read access
2014-08-04 13:53 [Qemu-devel] [PULL 00/12] target-arm queue Peter Maydell
2014-08-04 13:53 ` [Qemu-devel] [PULL 01/12] hw/arm/boot: Set PC correctly when loading AArch64 ELF files Peter Maydell
2014-08-04 13:53 ` [Qemu-devel] [PULL 02/12] hw/arm/virt: formatting: memory map Peter Maydell
@ 2014-08-04 13:53 ` Peter Maydell
2014-08-04 13:53 ` [Qemu-devel] [PULL 04/12] target-arm: A64: Break out aarch64_save/restore_sp Peter Maydell
` (9 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Peter Maydell @ 2014-08-04 13:53 UTC (permalink / raw)
To: qemu-devel
From: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
This dma_memory_read was giving too big a size when begin was non-zero.
This could cause segfaults in some circumstances. Fix.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
hw/sd/sdhci.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/hw/sd/sdhci.c b/hw/sd/sdhci.c
index b5a9eee..f9fe700 100644
--- a/hw/sd/sdhci.c
+++ b/hw/sd/sdhci.c
@@ -702,7 +702,8 @@ static void sdhci_do_adma(SDHCIState *s)
length -= block_size - begin;
}
dma_memory_read(&address_space_memory, dscr.addr,
- &s->fifo_buffer[begin], s->data_count);
+ &s->fifo_buffer[begin],
+ s->data_count - begin);
dscr.addr += s->data_count - begin;
if (s->data_count == block_size) {
for (n = 0; n < block_size; n++) {
--
1.9.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [Qemu-devel] [PULL 04/12] target-arm: A64: Break out aarch64_save/restore_sp
2014-08-04 13:53 [Qemu-devel] [PULL 00/12] target-arm queue Peter Maydell
` (2 preceding siblings ...)
2014-08-04 13:53 ` [Qemu-devel] [PULL 03/12] sd: sdhci: Fix ADMA dma_memory_read access Peter Maydell
@ 2014-08-04 13:53 ` Peter Maydell
2014-08-04 13:53 ` [Qemu-devel] [PULL 05/12] target-arm: A64: Respect SPSEL in ERET SP restore Peter Maydell
` (8 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Peter Maydell @ 2014-08-04 13:53 UTC (permalink / raw)
To: qemu-devel
From: "Edgar E. Iglesias" <edgar.iglesias@xilinx.com>
Break out code to save/restore AArch64 SP into functions.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Greg Bellows <greg.bellows@linaro.org>
Message-id: 1402994746-8328-2-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target-arm/internals.h | 29 ++++++++++++++++++++---------
target-arm/kvm64.c | 13 +++----------
target-arm/op_helper.c | 6 +-----
3 files changed, 24 insertions(+), 24 deletions(-)
diff --git a/target-arm/internals.h b/target-arm/internals.h
index 564b5fa..08fa697 100644
--- a/target-arm/internals.h
+++ b/target-arm/internals.h
@@ -105,6 +105,24 @@ enum arm_fprounding {
int arm_rmode_to_sf(int rmode);
+static inline void aarch64_save_sp(CPUARMState *env, int el)
+{
+ if (env->pstate & PSTATE_SP) {
+ env->sp_el[el] = env->xregs[31];
+ } else {
+ env->sp_el[0] = env->xregs[31];
+ }
+}
+
+static inline void aarch64_restore_sp(CPUARMState *env, int el)
+{
+ if (env->pstate & PSTATE_SP) {
+ env->xregs[31] = env->sp_el[el];
+ } else {
+ env->xregs[31] = env->sp_el[0];
+ }
+}
+
static inline void update_spsel(CPUARMState *env, uint32_t imm)
{
unsigned int cur_el = arm_current_pl(env);
@@ -114,21 +132,14 @@ static inline void update_spsel(CPUARMState *env, uint32_t imm)
if (!((imm ^ env->pstate) & PSTATE_SP)) {
return;
}
+ aarch64_save_sp(env, cur_el);
env->pstate = deposit32(env->pstate, 0, 1, imm);
/* We rely on illegal updates to SPsel from EL0 to get trapped
* at translation time.
*/
assert(cur_el >= 1 && cur_el <= 3);
- if (env->pstate & PSTATE_SP) {
- /* Switch from using SP_EL0 to using SP_ELx */
- env->sp_el[0] = env->xregs[31];
- env->xregs[31] = env->sp_el[cur_el];
- } else {
- /* Switch from SP_EL0 to SP_ELx */
- env->sp_el[cur_el] = env->xregs[31];
- env->xregs[31] = env->sp_el[0];
- }
+ aarch64_restore_sp(env, cur_el);
}
/* Valid Syndrome Register EC field values */
diff --git a/target-arm/kvm64.c b/target-arm/kvm64.c
index 5d217ca..c615286 100644
--- a/target-arm/kvm64.c
+++ b/target-arm/kvm64.c
@@ -21,6 +21,7 @@
#include "sysemu/kvm.h"
#include "kvm_arm.h"
#include "cpu.h"
+#include "internals.h"
#include "hw/arm/arm.h"
static inline void set_feature(uint64_t *features, int feature)
@@ -132,11 +133,7 @@ int kvm_arch_put_registers(CPUState *cs, int level)
/* KVM puts SP_EL0 in regs.sp and SP_EL1 in regs.sp_el1. On the
* QEMU side we keep the current SP in xregs[31] as well.
*/
- if (env->pstate & PSTATE_SP) {
- env->sp_el[1] = env->xregs[31];
- } else {
- env->sp_el[0] = env->xregs[31];
- }
+ aarch64_save_sp(env, 1);
reg.id = AARCH64_CORE_REG(regs.sp);
reg.addr = (uintptr_t) &env->sp_el[0];
@@ -235,11 +232,7 @@ int kvm_arch_get_registers(CPUState *cs)
/* KVM puts SP_EL0 in regs.sp and SP_EL1 in regs.sp_el1. On the
* QEMU side we keep the current SP in xregs[31] as well.
*/
- if (env->pstate & PSTATE_SP) {
- env->xregs[31] = env->sp_el[1];
- } else {
- env->xregs[31] = env->sp_el[0];
- }
+ aarch64_restore_sp(env, 1);
reg.id = AARCH64_CORE_REG(regs.pc);
reg.addr = (uintptr_t) &env->pc;
diff --git a/target-arm/op_helper.c b/target-arm/op_helper.c
index 9c1ef52..90a946a 100644
--- a/target-arm/op_helper.c
+++ b/target-arm/op_helper.c
@@ -376,11 +376,7 @@ void HELPER(exception_return)(CPUARMState *env)
uint32_t spsr = env->banked_spsr[spsr_idx];
int new_el, i;
- if (env->pstate & PSTATE_SP) {
- env->sp_el[cur_el] = env->xregs[31];
- } else {
- env->sp_el[0] = env->xregs[31];
- }
+ aarch64_save_sp(env, cur_el);
env->exclusive_addr = -1;
--
1.9.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [Qemu-devel] [PULL 05/12] target-arm: A64: Respect SPSEL in ERET SP restore
2014-08-04 13:53 [Qemu-devel] [PULL 00/12] target-arm queue Peter Maydell
` (3 preceding siblings ...)
2014-08-04 13:53 ` [Qemu-devel] [PULL 04/12] target-arm: A64: Break out aarch64_save/restore_sp Peter Maydell
@ 2014-08-04 13:53 ` Peter Maydell
2014-08-04 13:53 ` [Qemu-devel] [PULL 06/12] target-arm: A64: Respect SPSEL when taking exceptions Peter Maydell
` (7 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Peter Maydell @ 2014-08-04 13:53 UTC (permalink / raw)
To: qemu-devel
From: "Edgar E. Iglesias" <edgar.iglesias@xilinx.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Greg Bellows <greg.bellows@linaro.org>
Message-id: 1402994746-8328-3-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target-arm/op_helper.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target-arm/op_helper.c b/target-arm/op_helper.c
index 90a946a..25ad902 100644
--- a/target-arm/op_helper.c
+++ b/target-arm/op_helper.c
@@ -410,7 +410,7 @@ void HELPER(exception_return)(CPUARMState *env)
}
env->aarch64 = 1;
pstate_write(env, spsr);
- env->xregs[31] = env->sp_el[new_el];
+ aarch64_restore_sp(env, new_el);
env->pc = env->elr_el[cur_el];
}
--
1.9.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [Qemu-devel] [PULL 06/12] target-arm: A64: Respect SPSEL when taking exceptions
2014-08-04 13:53 [Qemu-devel] [PULL 00/12] target-arm queue Peter Maydell
` (4 preceding siblings ...)
2014-08-04 13:53 ` [Qemu-devel] [PULL 05/12] target-arm: A64: Respect SPSEL in ERET SP restore Peter Maydell
@ 2014-08-04 13:53 ` Peter Maydell
2014-08-04 13:53 ` [Qemu-devel] [PULL 07/12] target-arm: Make far_el1 an array Peter Maydell
` (6 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Peter Maydell @ 2014-08-04 13:53 UTC (permalink / raw)
To: qemu-devel
From: "Edgar E. Iglesias" <edgar.iglesias@gmail.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Greg Bellows <greg.bellows@linaro.org>
Message-id: 1402994746-8328-4-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target-arm/helper-a64.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/target-arm/helper-a64.c b/target-arm/helper-a64.c
index 2b4ce6a..027434a 100644
--- a/target-arm/helper-a64.c
+++ b/target-arm/helper-a64.c
@@ -489,8 +489,7 @@ void aarch64_cpu_do_interrupt(CPUState *cs)
if (is_a64(env)) {
env->banked_spsr[aarch64_banked_spsr_index(1)] = pstate_read(env);
- env->sp_el[arm_current_pl(env)] = env->xregs[31];
- env->xregs[31] = env->sp_el[1];
+ aarch64_save_sp(env, arm_current_pl(env));
env->elr_el[1] = env->pc;
} else {
env->banked_spsr[0] = cpsr_read(env);
@@ -508,6 +507,7 @@ void aarch64_cpu_do_interrupt(CPUState *cs)
pstate_write(env, PSTATE_DAIF | PSTATE_MODE_EL1h);
env->aarch64 = 1;
+ aarch64_restore_sp(env, 1);
env->pc = addr;
cs->interrupt_request |= CPU_INTERRUPT_EXITTB;
--
1.9.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [Qemu-devel] [PULL 07/12] target-arm: Make far_el1 an array
2014-08-04 13:53 [Qemu-devel] [PULL 00/12] target-arm queue Peter Maydell
` (5 preceding siblings ...)
2014-08-04 13:53 ` [Qemu-devel] [PULL 06/12] target-arm: A64: Respect SPSEL when taking exceptions Peter Maydell
@ 2014-08-04 13:53 ` Peter Maydell
2014-08-04 13:53 ` [Qemu-devel] [PULL 08/12] target-arm: Add ESR_EL2 and 3 Peter Maydell
` (5 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Peter Maydell @ 2014-08-04 13:53 UTC (permalink / raw)
To: qemu-devel
From: "Edgar E. Iglesias" <edgar.iglesias@xilinx.com>
No functional change.
Prepares for future additions of the EL2 and 3 versions of this reg.
Reviewed-by: Greg Bellows <greg.bellows@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 1402994746-8328-5-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target-arm/cpu.c | 2 +-
target-arm/cpu.h | 2 +-
target-arm/helper-a64.c | 4 ++--
target-arm/helper.c | 12 ++++++------
4 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/target-arm/cpu.c b/target-arm/cpu.c
index 05e52e0..7cebb76 100644
--- a/target-arm/cpu.c
+++ b/target-arm/cpu.c
@@ -447,7 +447,7 @@ static void arm1026_initfn(Object *obj)
ARMCPRegInfo ifar = {
.name = "IFAR", .cp = 15, .crn = 6, .crm = 0, .opc1 = 0, .opc2 = 1,
.access = PL1_RW,
- .fieldoffset = offsetofhigh32(CPUARMState, cp15.far_el1),
+ .fieldoffset = offsetofhigh32(CPUARMState, cp15.far_el[1]),
.resetvalue = 0
};
define_one_arm_cp_reg(cpu, &ifar);
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index 369d472..b755f99 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -187,7 +187,7 @@ typedef struct CPUARMState {
uint32_t ifsr_el2; /* Fault status registers. */
uint64_t esr_el[2];
uint32_t c6_region[8]; /* MPU base/size registers. */
- uint64_t far_el1; /* Fault address registers. */
+ uint64_t far_el[2]; /* Fault address registers. */
uint64_t par_el1; /* Translation result. */
uint32_t c9_insn; /* Cache lockdown registers. */
uint32_t c9_data;
diff --git a/target-arm/helper-a64.c b/target-arm/helper-a64.c
index 027434a..2e9ef64 100644
--- a/target-arm/helper-a64.c
+++ b/target-arm/helper-a64.c
@@ -465,13 +465,13 @@ void aarch64_cpu_do_interrupt(CPUState *cs)
}
env->cp15.esr_el[1] = env->exception.syndrome;
- env->cp15.far_el1 = env->exception.vaddress;
+ env->cp15.far_el[1] = env->exception.vaddress;
switch (cs->exception_index) {
case EXCP_PREFETCH_ABORT:
case EXCP_DATA_ABORT:
qemu_log_mask(CPU_LOG_INT, "...with FAR 0x%" PRIx64 "\n",
- env->cp15.far_el1);
+ env->cp15.far_el[1]);
break;
case EXCP_BKPT:
case EXCP_UDEF:
diff --git a/target-arm/helper.c b/target-arm/helper.c
index d343856..b5f2e57 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -521,7 +521,7 @@ static const ARMCPRegInfo v6_cp_reginfo[] = {
.access = PL0_W, .type = ARM_CP_NOP },
{ .name = "IFAR", .cp = 15, .crn = 6, .crm = 0, .opc1 = 0, .opc2 = 2,
.access = PL1_RW,
- .fieldoffset = offsetofhigh32(CPUARMState, cp15.far_el1),
+ .fieldoffset = offsetofhigh32(CPUARMState, cp15.far_el[1]),
.resetvalue = 0, },
/* Watchpoint Fault Address Register : should actually only be present
* for 1136, 1176, 11MPCore.
@@ -1516,7 +1516,7 @@ static const ARMCPRegInfo vmsa_cp_reginfo[] = {
/* 64-bit FAR; this entry also gives us the AArch32 DFAR */
{ .name = "FAR_EL1", .state = ARM_CP_STATE_BOTH,
.opc0 = 3, .crn = 6, .crm = 0, .opc1 = 0, .opc2 = 0,
- .access = PL1_RW, .fieldoffset = offsetof(CPUARMState, cp15.far_el1),
+ .access = PL1_RW, .fieldoffset = offsetof(CPUARMState, cp15.far_el[1]),
.resetvalue = 0, },
REGINFO_SENTINEL
};
@@ -3425,8 +3425,8 @@ void arm_cpu_do_interrupt(CPUState *cs)
/* Fall through to prefetch abort. */
case EXCP_PREFETCH_ABORT:
env->cp15.ifsr_el2 = env->exception.fsr;
- env->cp15.far_el1 = deposit64(env->cp15.far_el1, 32, 32,
- env->exception.vaddress);
+ env->cp15.far_el[1] = deposit64(env->cp15.far_el[1], 32, 32,
+ env->exception.vaddress);
qemu_log_mask(CPU_LOG_INT, "...with IFSR 0x%x IFAR 0x%x\n",
env->cp15.ifsr_el2, (uint32_t)env->exception.vaddress);
new_mode = ARM_CPU_MODE_ABT;
@@ -3436,8 +3436,8 @@ void arm_cpu_do_interrupt(CPUState *cs)
break;
case EXCP_DATA_ABORT:
env->cp15.esr_el[1] = env->exception.fsr;
- env->cp15.far_el1 = deposit64(env->cp15.far_el1, 0, 32,
- env->exception.vaddress);
+ env->cp15.far_el[1] = deposit64(env->cp15.far_el[1], 0, 32,
+ env->exception.vaddress);
qemu_log_mask(CPU_LOG_INT, "...with DFSR 0x%x DFAR 0x%x\n",
(uint32_t)env->cp15.esr_el[1],
(uint32_t)env->exception.vaddress);
--
1.9.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [Qemu-devel] [PULL 08/12] target-arm: Add ESR_EL2 and 3
2014-08-04 13:53 [Qemu-devel] [PULL 00/12] target-arm queue Peter Maydell
` (6 preceding siblings ...)
2014-08-04 13:53 ` [Qemu-devel] [PULL 07/12] target-arm: Make far_el1 an array Peter Maydell
@ 2014-08-04 13:53 ` Peter Maydell
2014-08-04 13:53 ` [Qemu-devel] [PULL 09/12] target-arm: Add FAR_EL2 " Peter Maydell
` (4 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Peter Maydell @ 2014-08-04 13:53 UTC (permalink / raw)
To: qemu-devel
From: "Edgar E. Iglesias" <edgar.iglesias@xilinx.com>
Reviewed-by: Greg Bellows <greg.bellows@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 1402994746-8328-6-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target-arm/cpu.h | 2 +-
target-arm/helper.c | 8 ++++++++
2 files changed, 9 insertions(+), 1 deletion(-)
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index b755f99..3d9cf57 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -185,7 +185,7 @@ typedef struct CPUARMState {
uint32_t pmsav5_data_ap; /* PMSAv5 MPU data access permissions */
uint32_t pmsav5_insn_ap; /* PMSAv5 MPU insn access permissions */
uint32_t ifsr_el2; /* Fault status registers. */
- uint64_t esr_el[2];
+ uint64_t esr_el[4];
uint32_t c6_region[8]; /* MPU base/size registers. */
uint64_t far_el[2]; /* Fault address registers. */
uint64_t par_el1; /* Translation result. */
diff --git a/target-arm/helper.c b/target-arm/helper.c
index b5f2e57..f4845b0 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -2127,6 +2127,10 @@ static const ARMCPRegInfo v8_el2_cp_reginfo[] = {
.opc0 = 3, .opc1 = 4, .crn = 4, .crm = 0, .opc2 = 1,
.access = PL2_RW,
.fieldoffset = offsetof(CPUARMState, elr_el[2]) },
+ { .name = "ESR_EL2", .state = ARM_CP_STATE_AA64,
+ .type = ARM_CP_NO_MIGRATE,
+ .opc0 = 3, .opc1 = 4, .crn = 5, .crm = 2, .opc2 = 0,
+ .access = PL2_RW, .fieldoffset = offsetof(CPUARMState, cp15.esr_el[2]) },
{ .name = "SPSR_EL2", .state = ARM_CP_STATE_AA64,
.type = ARM_CP_NO_MIGRATE,
.opc0 = 3, .opc1 = 4, .crn = 4, .crm = 0, .opc2 = 0,
@@ -2145,6 +2149,10 @@ static const ARMCPRegInfo v8_el3_cp_reginfo[] = {
.opc0 = 3, .opc1 = 6, .crn = 4, .crm = 0, .opc2 = 1,
.access = PL3_RW,
.fieldoffset = offsetof(CPUARMState, elr_el[3]) },
+ { .name = "ESR_EL3", .state = ARM_CP_STATE_AA64,
+ .type = ARM_CP_NO_MIGRATE,
+ .opc0 = 3, .opc1 = 6, .crn = 5, .crm = 2, .opc2 = 0,
+ .access = PL3_RW, .fieldoffset = offsetof(CPUARMState, cp15.esr_el[3]) },
{ .name = "SPSR_EL3", .state = ARM_CP_STATE_AA64,
.type = ARM_CP_NO_MIGRATE,
.opc0 = 3, .opc1 = 6, .crn = 4, .crm = 0, .opc2 = 0,
--
1.9.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [Qemu-devel] [PULL 09/12] target-arm: Add FAR_EL2 and 3
2014-08-04 13:53 [Qemu-devel] [PULL 00/12] target-arm queue Peter Maydell
` (7 preceding siblings ...)
2014-08-04 13:53 ` [Qemu-devel] [PULL 08/12] target-arm: Add ESR_EL2 and 3 Peter Maydell
@ 2014-08-04 13:53 ` Peter Maydell
2014-08-04 13:53 ` [Qemu-devel] [PULL 10/12] target-arm: Fix bit test in sp_el0_access Peter Maydell
` (3 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Peter Maydell @ 2014-08-04 13:53 UTC (permalink / raw)
To: qemu-devel
From: "Edgar E. Iglesias" <edgar.iglesias@xilinx.com>
Reviewed-by: Greg Bellows <greg.bellows@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 1402994746-8328-7-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target-arm/cpu.h | 2 +-
target-arm/helper.c | 6 ++++++
2 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index 3d9cf57..79205ba 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -187,7 +187,7 @@ typedef struct CPUARMState {
uint32_t ifsr_el2; /* Fault status registers. */
uint64_t esr_el[4];
uint32_t c6_region[8]; /* MPU base/size registers. */
- uint64_t far_el[2]; /* Fault address registers. */
+ uint64_t far_el[4]; /* Fault address registers. */
uint64_t par_el1; /* Translation result. */
uint32_t c9_insn; /* Cache lockdown registers. */
uint32_t c9_data;
diff --git a/target-arm/helper.c b/target-arm/helper.c
index f4845b0..a7f82f3 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -2131,6 +2131,9 @@ static const ARMCPRegInfo v8_el2_cp_reginfo[] = {
.type = ARM_CP_NO_MIGRATE,
.opc0 = 3, .opc1 = 4, .crn = 5, .crm = 2, .opc2 = 0,
.access = PL2_RW, .fieldoffset = offsetof(CPUARMState, cp15.esr_el[2]) },
+ { .name = "FAR_EL2", .state = ARM_CP_STATE_AA64,
+ .opc0 = 3, .opc1 = 4, .crn = 6, .crm = 0, .opc2 = 0,
+ .access = PL2_RW, .fieldoffset = offsetof(CPUARMState, cp15.far_el[2]) },
{ .name = "SPSR_EL2", .state = ARM_CP_STATE_AA64,
.type = ARM_CP_NO_MIGRATE,
.opc0 = 3, .opc1 = 4, .crn = 4, .crm = 0, .opc2 = 0,
@@ -2153,6 +2156,9 @@ static const ARMCPRegInfo v8_el3_cp_reginfo[] = {
.type = ARM_CP_NO_MIGRATE,
.opc0 = 3, .opc1 = 6, .crn = 5, .crm = 2, .opc2 = 0,
.access = PL3_RW, .fieldoffset = offsetof(CPUARMState, cp15.esr_el[3]) },
+ { .name = "FAR_EL3", .state = ARM_CP_STATE_AA64,
+ .opc0 = 3, .opc1 = 6, .crn = 6, .crm = 0, .opc2 = 0,
+ .access = PL3_RW, .fieldoffset = offsetof(CPUARMState, cp15.far_el[3]) },
{ .name = "SPSR_EL3", .state = ARM_CP_STATE_AA64,
.type = ARM_CP_NO_MIGRATE,
.opc0 = 3, .opc1 = 6, .crn = 4, .crm = 0, .opc2 = 0,
--
1.9.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [Qemu-devel] [PULL 10/12] target-arm: Fix bit test in sp_el0_access
2014-08-04 13:53 [Qemu-devel] [PULL 00/12] target-arm queue Peter Maydell
` (8 preceding siblings ...)
2014-08-04 13:53 ` [Qemu-devel] [PULL 09/12] target-arm: Add FAR_EL2 " Peter Maydell
@ 2014-08-04 13:53 ` Peter Maydell
2014-08-04 13:53 ` [Qemu-devel] [PULL 11/12] target-arm: don't hardcode mask values in arm_cpu_handle_mmu_fault Peter Maydell
` (2 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: Peter Maydell @ 2014-08-04 13:53 UTC (permalink / raw)
To: qemu-devel
From: Stefan Weil <sw@weilnetz.de>
Static code analyzers complain about a dubious & operation used for a
boolean value. The code does not test the PSTATE_SP bit as it should.
Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Message-id: 1406359601-25583-1-git-send-email-sw@weilnetz.de
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target-arm/helper.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target-arm/helper.c b/target-arm/helper.c
index a7f82f3..d709285 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -1853,7 +1853,7 @@ static uint64_t aa64_dczid_read(CPUARMState *env, const ARMCPRegInfo *ri)
static CPAccessResult sp_el0_access(CPUARMState *env, const ARMCPRegInfo *ri)
{
- if (!env->pstate & PSTATE_SP) {
+ if (!(env->pstate & PSTATE_SP)) {
/* Access to SP_EL0 is undefined if it's being used as
* the stack pointer.
*/
--
1.9.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [Qemu-devel] [PULL 11/12] target-arm: don't hardcode mask values in arm_cpu_handle_mmu_fault
2014-08-04 13:53 [Qemu-devel] [PULL 00/12] target-arm queue Peter Maydell
` (9 preceding siblings ...)
2014-08-04 13:53 ` [Qemu-devel] [PULL 10/12] target-arm: Fix bit test in sp_el0_access Peter Maydell
@ 2014-08-04 13:53 ` Peter Maydell
2014-08-04 13:53 ` [Qemu-devel] [PULL 12/12] target-arm: A64: fix TLB flush instructions Peter Maydell
2014-08-04 15:05 ` [Qemu-devel] [PULL 00/12] target-arm queue Peter Maydell
12 siblings, 0 replies; 14+ messages in thread
From: Peter Maydell @ 2014-08-04 13:53 UTC (permalink / raw)
To: qemu-devel
From: Alex Bennée <alex.bennee@linaro.org>
Otherwise we break quickly when we change TARGET_PAGE_SIZE.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 1406733627-24255-2-git-send-email-alex.bennee@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target-arm/helper.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/target-arm/helper.c b/target-arm/helper.c
index d709285..35c11e7 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -4156,8 +4156,8 @@ int arm_cpu_handle_mmu_fault(CPUState *cs, vaddr address,
&page_size);
if (ret == 0) {
/* Map a single [sub]page. */
- phys_addr &= ~(hwaddr)0x3ff;
- address &= ~(target_ulong)0x3ff;
+ phys_addr &= TARGET_PAGE_MASK;
+ address &= TARGET_PAGE_MASK;
tlb_set_page(cs, address, phys_addr, prot, mmu_idx, page_size);
return 0;
}
--
1.9.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [Qemu-devel] [PULL 12/12] target-arm: A64: fix TLB flush instructions
2014-08-04 13:53 [Qemu-devel] [PULL 00/12] target-arm queue Peter Maydell
` (10 preceding siblings ...)
2014-08-04 13:53 ` [Qemu-devel] [PULL 11/12] target-arm: don't hardcode mask values in arm_cpu_handle_mmu_fault Peter Maydell
@ 2014-08-04 13:53 ` Peter Maydell
2014-08-04 15:05 ` [Qemu-devel] [PULL 00/12] target-arm queue Peter Maydell
12 siblings, 0 replies; 14+ messages in thread
From: Peter Maydell @ 2014-08-04 13:53 UTC (permalink / raw)
To: qemu-devel
From: Alex Bennée <alex.bennee@linaro.org>
According to the ARM ARM we weren't correctly flushing the TLB entries
where bits 63:56 didn't match bit 55 of the virtual address. This
exposed a problem when we switched QEMU's internal TARGET_PAGE_BITS to
12 for aarch64.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1406733627-24255-3-git-send-email-alex.bennee@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target-arm/helper.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 35c11e7..f630d96 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -1801,12 +1801,17 @@ static CPAccessResult aa64_cacheop_access(CPUARMState *env,
return CP_ACCESS_OK;
}
+/* See: D4.7.2 TLB maintenance requirements and the TLB maintenance instructions
+ * Page D4-1736 (DDI0487A.b)
+ */
+
static void tlbi_aa64_va_write(CPUARMState *env, const ARMCPRegInfo *ri,
uint64_t value)
{
/* Invalidate by VA (AArch64 version) */
ARMCPU *cpu = arm_env_get_cpu(env);
- uint64_t pageaddr = value << 12;
+ uint64_t pageaddr = sextract64(value << 12, 0, 56);
+
tlb_flush_page(CPU(cpu), pageaddr);
}
@@ -1815,7 +1820,8 @@ static void tlbi_aa64_vaa_write(CPUARMState *env, const ARMCPRegInfo *ri,
{
/* Invalidate by VA, all ASIDs (AArch64 version) */
ARMCPU *cpu = arm_env_get_cpu(env);
- uint64_t pageaddr = value << 12;
+ uint64_t pageaddr = sextract64(value << 12, 0, 56);
+
tlb_flush_page(CPU(cpu), pageaddr);
}
--
1.9.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* Re: [Qemu-devel] [PULL 00/12] target-arm queue
2014-08-04 13:53 [Qemu-devel] [PULL 00/12] target-arm queue Peter Maydell
` (11 preceding siblings ...)
2014-08-04 13:53 ` [Qemu-devel] [PULL 12/12] target-arm: A64: fix TLB flush instructions Peter Maydell
@ 2014-08-04 15:05 ` Peter Maydell
12 siblings, 0 replies; 14+ messages in thread
From: Peter Maydell @ 2014-08-04 15:05 UTC (permalink / raw)
To: QEMU Developers
On 4 August 2014 14:53, Peter Maydell <peter.maydell@linaro.org> wrote:
> First pullreq for 2.2; not very many patches but I didn't want
> to hang onto them any more, especially since there are several
> bits of work in-flight that will need to rebase after these.
>
>
> The following changes since commit 924c09db51b147881d51d8102deb4f285305c1b7:
>
> Merge remote-tracking branch 'remotes/amit-virtio-rng/for-2.2' into staging (2014-08-04 13:07:02 +0100)
>
> are available in the git repository at:
>
>
> git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20140804
>
> for you to fetch changes up to dbb1fb277ca12acd577403575aa6a2f119ab79ea:
>
> target-arm: A64: fix TLB flush instructions (2014-08-04 14:41:56 +0100)
>
> ----------------------------------------------------------------
> target-arm queue:
> * Set PC correctly when loading AArch64 ELF files
> * sdhci: Fix ADMA dma_memory_read access
> * some more foundational work for EL2/EL3 support
> * fix bugs which reveal themselves if the TARGET_PAGE_SIZE
> is not set to 1K
Applied, thanks.
-- PMM
^ permalink raw reply [flat|nested] 14+ messages in thread
end of thread, other threads:[~2014-08-04 15:05 UTC | newest]
Thread overview: 14+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-08-04 13:53 [Qemu-devel] [PULL 00/12] target-arm queue Peter Maydell
2014-08-04 13:53 ` [Qemu-devel] [PULL 01/12] hw/arm/boot: Set PC correctly when loading AArch64 ELF files Peter Maydell
2014-08-04 13:53 ` [Qemu-devel] [PULL 02/12] hw/arm/virt: formatting: memory map Peter Maydell
2014-08-04 13:53 ` [Qemu-devel] [PULL 03/12] sd: sdhci: Fix ADMA dma_memory_read access Peter Maydell
2014-08-04 13:53 ` [Qemu-devel] [PULL 04/12] target-arm: A64: Break out aarch64_save/restore_sp Peter Maydell
2014-08-04 13:53 ` [Qemu-devel] [PULL 05/12] target-arm: A64: Respect SPSEL in ERET SP restore Peter Maydell
2014-08-04 13:53 ` [Qemu-devel] [PULL 06/12] target-arm: A64: Respect SPSEL when taking exceptions Peter Maydell
2014-08-04 13:53 ` [Qemu-devel] [PULL 07/12] target-arm: Make far_el1 an array Peter Maydell
2014-08-04 13:53 ` [Qemu-devel] [PULL 08/12] target-arm: Add ESR_EL2 and 3 Peter Maydell
2014-08-04 13:53 ` [Qemu-devel] [PULL 09/12] target-arm: Add FAR_EL2 " Peter Maydell
2014-08-04 13:53 ` [Qemu-devel] [PULL 10/12] target-arm: Fix bit test in sp_el0_access Peter Maydell
2014-08-04 13:53 ` [Qemu-devel] [PULL 11/12] target-arm: don't hardcode mask values in arm_cpu_handle_mmu_fault Peter Maydell
2014-08-04 13:53 ` [Qemu-devel] [PULL 12/12] target-arm: A64: fix TLB flush instructions Peter Maydell
2014-08-04 15:05 ` [Qemu-devel] [PULL 00/12] target-arm queue Peter Maydell
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).