[Qemu-devel] [PULL 0/7] target-arm queue

[Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

ARM queue for 2.10: all M profile bugfixes...

thanks
-- PMM

The following changes since commit 25dd0e77898c3e10796d4cbeb35e8af5ba6ce975:

  Merge remote-tracking branch 'remotes/mjt/tags/trivial-patches-fetch' into staging (2017-07-31 11:27:43 +0100)

are available in the git repository at:

  git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20170731

for you to fetch changes up to 89cbc3778a3d61761e2231e740269218c9a8a41d:

  hw/mps2_scc: fix incorrect properties (2017-07-31 13:11:56 +0100)

----------------------------------------------------------------
target-arm queue:
 * fix broken properties on MPS2 SCC device
 * fix MPU trace handling of write vs exec
 * fix MPU M profile bugs:
   - not handling system space or PPB region correctly
   - not resetting state
   - not migrating MPU_RNR

----------------------------------------------------------------
Peter Maydell (6):
      target/arm: Correct MPU trace handling of write vs execute
      target/arm: Don't do MPU lookups for addresses in M profile PPB region
      target/arm: Don't allow guest to make System space executable for M profile
      target/arm: Rename cp15.c6_rgnr to pmsav7.rnr
      target/arm: Move PMSAv7 reset into arm_cpu_reset() so M profile MPUs get reset
      target/arm: Migrate MPU_RNR register state for M profile cores

Philippe Mathieu-Daudé (1):
      hw/mps2_scc: fix incorrect properties

 target/arm/cpu.h      |  3 +--
 hw/intc/armv7m_nvic.c | 14 +++++-----
 hw/misc/mps2-scc.c    |  4 +--
 target/arm/cpu.c      | 14 ++++++++++
 target/arm/helper.c   | 71 ++++++++++++++++++++++++++++++++++-----------------
 target/arm/machine.c  | 30 +++++++++++++++++++++-
 6 files changed, 101 insertions(+), 35 deletions(-)

[Qemu-devel] [PULL 1/7] target/arm: Correct MPU trace handling of write vs execute

[Peter Maydell]

Correct off-by-one bug in the PSMAv7 MPU tracing where it would print
a write access as "reading", an insn fetch as "writing", and a read
access as "execute".

Since we have an MMUAccessType enum now, we can make the code clearer
in the process by using that rather than the raw 0/1/2 values.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1500906792-18010-1-git-send-email-peter.maydell@linaro.org
---
 target/arm/helper.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/target/arm/helper.c b/target/arm/helper.c
index 4ed32c5..9ed5096 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -8558,8 +8558,8 @@ static bool get_phys_addr(CPUARMState *env, target_ulong address,
                                    phys_ptr, prot, fsr);
         qemu_log_mask(CPU_LOG_MMU, "PMSAv7 MPU lookup for %s at 0x%08" PRIx32
                       " mmu_idx %u -> %s (prot %c%c%c)\n",
-                      access_type == 1 ? "reading" :
-                      (access_type == 2 ? "writing" : "execute"),
+                      access_type == MMU_DATA_LOAD ? "reading" :
+                      (access_type == MMU_DATA_STORE ? "writing" : "execute"),
                       (uint32_t)address, mmu_idx,
                       ret ? "Miss" : "Hit",
                       *prot & PAGE_READ ? 'r' : '-',
-- 
2.7.4

[Qemu-devel] [PULL 2/7] target/arm: Don't do MPU lookups for addresses in M profile PPB region

[Peter Maydell]

The M profile PMSAv7 specification says that if the address being looked
up is in the PPB region (0xe0000000 - 0xe00fffff) then we do not use
the MPU regions but always use the default memory map. Implement this
(we were previously behaving like an R profile PMSAv7, which does not
special case this).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 1501153150-19984-2-git-send-email-peter.maydell@linaro.org
---
 target/arm/helper.c | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/target/arm/helper.c b/target/arm/helper.c
index 9ed5096..3d60575 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -8244,6 +8244,13 @@ static bool pmsav7_use_background_region(ARMCPU *cpu,
     }
 }
 
+static inline bool m_is_ppb_region(CPUARMState *env, uint32_t address)
+{
+    /* True if address is in the M profile PPB region 0xe0000000 - 0xe00fffff */
+    return arm_feature(env, ARM_FEATURE_M) &&
+        extract32(address, 20, 12) == 0xe00;
+}
+
 static bool get_phys_addr_pmsav7(CPUARMState *env, uint32_t address,
                                  int access_type, ARMMMUIdx mmu_idx,
                                  hwaddr *phys_ptr, int *prot, uint32_t *fsr)
@@ -8255,7 +8262,15 @@ static bool get_phys_addr_pmsav7(CPUARMState *env, uint32_t address,
     *phys_ptr = address;
     *prot = 0;
 
-    if (regime_translation_disabled(env, mmu_idx)) { /* MPU disabled */
+    if (regime_translation_disabled(env, mmu_idx) ||
+        m_is_ppb_region(env, address)) {
+        /* MPU disabled or M profile PPB access: use default memory map.
+         * The other case which uses the default memory map in the
+         * v7M ARM ARM pseudocode is exception vector reads from the vector
+         * table. In QEMU those accesses are done in arm_v7m_load_vector(),
+         * which always does a direct read using address_space_ldl(), rather
+         * than going via this function, so we don't need to check that here.
+         */
         get_phys_addr_pmsav7_default(env, mmu_idx, address, prot);
     } else { /* MPU enabled */
         for (n = (int)cpu->pmsav7_dregion - 1; n >= 0; n--) {
-- 
2.7.4

[Qemu-devel] [PULL 3/7] target/arm: Don't allow guest to make System space executable for M profile

[Peter Maydell]

For an M profile v7PMSA, the system space (0xe0000000 - 0xffffffff) can
never be executable, even if the guest tries to set the MPU registers
up that way. Enforce this restriction.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 1501153150-19984-3-git-send-email-peter.maydell@linaro.org
---
 target/arm/helper.c | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/target/arm/helper.c b/target/arm/helper.c
index 3d60575..f0299c5 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -8251,6 +8251,14 @@ static inline bool m_is_ppb_region(CPUARMState *env, uint32_t address)
         extract32(address, 20, 12) == 0xe00;
 }
 
+static inline bool m_is_system_region(CPUARMState *env, uint32_t address)
+{
+    /* True if address is in the M profile system region
+     * 0xe0000000 - 0xffffffff
+     */
+    return arm_feature(env, ARM_FEATURE_M) && extract32(address, 29, 3) == 0x7;
+}
+
 static bool get_phys_addr_pmsav7(CPUARMState *env, uint32_t address,
                                  int access_type, ARMMMUIdx mmu_idx,
                                  hwaddr *phys_ptr, int *prot, uint32_t *fsr)
@@ -8354,6 +8362,12 @@ static bool get_phys_addr_pmsav7(CPUARMState *env, uint32_t address,
             get_phys_addr_pmsav7_default(env, mmu_idx, address, prot);
         } else { /* a MPU hit! */
             uint32_t ap = extract32(env->pmsav7.dracr[n], 8, 3);
+            uint32_t xn = extract32(env->pmsav7.dracr[n], 12, 1);
+
+            if (m_is_system_region(env, address)) {
+                /* System space is always execute never */
+                xn = 1;
+            }
 
             if (is_user) { /* User mode AP bit decoding */
                 switch (ap) {
@@ -8394,7 +8408,7 @@ static bool get_phys_addr_pmsav7(CPUARMState *env, uint32_t address,
             }
 
             /* execute never */
-            if (env->pmsav7.dracr[n] & (1 << 12)) {
+            if (xn) {
                 *prot &= ~PAGE_EXEC;
             }
         }
-- 
2.7.4

[Qemu-devel] [PULL 4/7] target/arm: Rename cp15.c6_rgnr to pmsav7.rnr

[Peter Maydell]

Almost all of the PMSAv7 state is in the pmsav7 substruct of
the ARM CPU state structure. The exception is the region
number register, which is in cp15.c6_rgnr. This exception
is a bit odd for M profile, which otherwise generally does
not store state in the cp15 substruct.

Rename cp15.c6_rgnr to pmsav7.rnr accordingly.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 1501153150-19984-4-git-send-email-peter.maydell@linaro.org
---
 target/arm/cpu.h      |  3 +--
 hw/intc/armv7m_nvic.c | 14 +++++++-------
 target/arm/helper.c   |  6 +++---
 target/arm/machine.c  |  2 +-
 4 files changed, 12 insertions(+), 13 deletions(-)

diff --git a/target/arm/cpu.h b/target/arm/cpu.h
index 102c58a..b39d64a 100644
--- a/target/arm/cpu.h
+++ b/target/arm/cpu.h
@@ -305,8 +305,6 @@ typedef struct CPUARMState {
             uint64_t par_el[4];
         };
 
-        uint32_t c6_rgnr;
-
         uint32_t c9_insn; /* Cache lockdown registers.  */
         uint32_t c9_data;
         uint64_t c9_pmcr; /* performance monitor control register */
@@ -519,6 +517,7 @@ typedef struct CPUARMState {
         uint32_t *drbar;
         uint32_t *drsr;
         uint32_t *dracr;
+        uint32_t rnr;
     } pmsav7;
 
     void *nvic;
diff --git a/hw/intc/armv7m_nvic.c b/hw/intc/armv7m_nvic.c
index 26a4b2d..323e2d4 100644
--- a/hw/intc/armv7m_nvic.c
+++ b/hw/intc/armv7m_nvic.c
@@ -536,13 +536,13 @@ static uint32_t nvic_readl(NVICState *s, uint32_t offset)
     case 0xd94: /* MPU_CTRL */
         return cpu->env.v7m.mpu_ctrl;
     case 0xd98: /* MPU_RNR */
-        return cpu->env.cp15.c6_rgnr;
+        return cpu->env.pmsav7.rnr;
     case 0xd9c: /* MPU_RBAR */
     case 0xda4: /* MPU_RBAR_A1 */
     case 0xdac: /* MPU_RBAR_A2 */
     case 0xdb4: /* MPU_RBAR_A3 */
     {
-        int region = cpu->env.cp15.c6_rgnr;
+        int region = cpu->env.pmsav7.rnr;
 
         if (region >= cpu->pmsav7_dregion) {
             return 0;
@@ -554,7 +554,7 @@ static uint32_t nvic_readl(NVICState *s, uint32_t offset)
     case 0xdb0: /* MPU_RASR_A2 */
     case 0xdb8: /* MPU_RASR_A3 */
     {
-        int region = cpu->env.cp15.c6_rgnr;
+        int region = cpu->env.pmsav7.rnr;
 
         if (region >= cpu->pmsav7_dregion) {
             return 0;
@@ -681,7 +681,7 @@ static void nvic_writel(NVICState *s, uint32_t offset, uint32_t value)
                           PRIu32 "/%" PRIu32 "\n",
                           value, cpu->pmsav7_dregion);
         } else {
-            cpu->env.cp15.c6_rgnr = value;
+            cpu->env.pmsav7.rnr = value;
         }
         break;
     case 0xd9c: /* MPU_RBAR */
@@ -702,9 +702,9 @@ static void nvic_writel(NVICState *s, uint32_t offset, uint32_t value)
                               region, cpu->pmsav7_dregion);
                 return;
             }
-            cpu->env.cp15.c6_rgnr = region;
+            cpu->env.pmsav7.rnr = region;
         } else {
-            region = cpu->env.cp15.c6_rgnr;
+            region = cpu->env.pmsav7.rnr;
         }
 
         if (region >= cpu->pmsav7_dregion) {
@@ -720,7 +720,7 @@ static void nvic_writel(NVICState *s, uint32_t offset, uint32_t value)
     case 0xdb0: /* MPU_RASR_A2 */
     case 0xdb8: /* MPU_RASR_A3 */
     {
-        int region = cpu->env.cp15.c6_rgnr;
+        int region = cpu->env.pmsav7.rnr;
 
         if (region >= cpu->pmsav7_dregion) {
             return;
diff --git a/target/arm/helper.c b/target/arm/helper.c
index f0299c5..0f79b25 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -2385,7 +2385,7 @@ static uint64_t pmsav7_read(CPUARMState *env, const ARMCPRegInfo *ri)
         return 0;
     }
 
-    u32p += env->cp15.c6_rgnr;
+    u32p += env->pmsav7.rnr;
     return *u32p;
 }
 
@@ -2399,7 +2399,7 @@ static void pmsav7_write(CPUARMState *env, const ARMCPRegInfo *ri,
         return;
     }
 
-    u32p += env->cp15.c6_rgnr;
+    u32p += env->pmsav7.rnr;
     tlb_flush(CPU(cpu)); /* Mappings may have changed - purge! */
     *u32p = value;
 }
@@ -2447,7 +2447,7 @@ static const ARMCPRegInfo pmsav7_cp_reginfo[] = {
       .readfn = pmsav7_read, .writefn = pmsav7_write, .resetfn = pmsav7_reset },
     { .name = "RGNR", .cp = 15, .crn = 6, .opc1 = 0, .crm = 2, .opc2 = 0,
       .access = PL1_RW,
-      .fieldoffset = offsetof(CPUARMState, cp15.c6_rgnr),
+      .fieldoffset = offsetof(CPUARMState, pmsav7.rnr),
       .writefn = pmsav7_rgnr_write },
     REGINFO_SENTINEL
 };
diff --git a/target/arm/machine.c b/target/arm/machine.c
index 1a40469..93c1a78 100644
--- a/target/arm/machine.c
+++ b/target/arm/machine.c
@@ -151,7 +151,7 @@ static bool pmsav7_rgnr_vmstate_validate(void *opaque, int version_id)
 {
     ARMCPU *cpu = opaque;
 
-    return cpu->env.cp15.c6_rgnr < cpu->pmsav7_dregion;
+    return cpu->env.pmsav7.rnr < cpu->pmsav7_dregion;
 }
 
 static const VMStateDescription vmstate_pmsav7 = {
-- 
2.7.4

[Qemu-devel] [PULL 5/7] target/arm: Move PMSAv7 reset into arm_cpu_reset() so M profile MPUs get reset

[Peter Maydell]

When the PMSAv7 implementation was originally added it was for R profile
CPUs only, and reset was handled using the cpreg .resetfn hooks.
Unfortunately for M profile cores this doesn't work, because they do
not register any cpregs. Move the reset handling into arm_cpu_reset(),
where it will work for both R profile and M profile cores.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 1501153150-19984-5-git-send-email-peter.maydell@linaro.org
---
 target/arm/cpu.c    | 14 ++++++++++++++
 target/arm/helper.c | 28 ++++++++++++----------------
 2 files changed, 26 insertions(+), 16 deletions(-)

diff --git a/target/arm/cpu.c b/target/arm/cpu.c
index 96d1f84..05c038b 100644
--- a/target/arm/cpu.c
+++ b/target/arm/cpu.c
@@ -232,6 +232,20 @@ static void arm_cpu_reset(CPUState *s)
 
     env->vfp.xregs[ARM_VFP_FPEXC] = 0;
 #endif
+
+    if (arm_feature(env, ARM_FEATURE_PMSA) &&
+        arm_feature(env, ARM_FEATURE_V7)) {
+        if (cpu->pmsav7_dregion > 0) {
+            memset(env->pmsav7.drbar, 0,
+                   sizeof(*env->pmsav7.drbar) * cpu->pmsav7_dregion);
+            memset(env->pmsav7.drsr, 0,
+                   sizeof(*env->pmsav7.drsr) * cpu->pmsav7_dregion);
+            memset(env->pmsav7.dracr, 0,
+                   sizeof(*env->pmsav7.dracr) * cpu->pmsav7_dregion);
+        }
+        env->pmsav7.rnr = 0;
+    }
+
     set_flush_to_zero(1, &env->vfp.standard_fp_status);
     set_flush_inputs_to_zero(1, &env->vfp.standard_fp_status);
     set_default_nan_mode(1, &env->vfp.standard_fp_status);
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 0f79b25..fa60040 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -2404,18 +2404,6 @@ static void pmsav7_write(CPUARMState *env, const ARMCPRegInfo *ri,
     *u32p = value;
 }
 
-static void pmsav7_reset(CPUARMState *env, const ARMCPRegInfo *ri)
-{
-    ARMCPU *cpu = arm_env_get_cpu(env);
-    uint32_t *u32p = *(uint32_t **)raw_ptr(env, ri);
-
-    if (!u32p) {
-        return;
-    }
-
-    memset(u32p, 0, sizeof(*u32p) * cpu->pmsav7_dregion);
-}
-
 static void pmsav7_rgnr_write(CPUARMState *env, const ARMCPRegInfo *ri,
                               uint64_t value)
 {
@@ -2433,22 +2421,30 @@ static void pmsav7_rgnr_write(CPUARMState *env, const ARMCPRegInfo *ri,
 }
 
 static const ARMCPRegInfo pmsav7_cp_reginfo[] = {
+    /* Reset for all these registers is handled in arm_cpu_reset(),
+     * because the PMSAv7 is also used by M-profile CPUs, which do
+     * not register cpregs but still need the state to be reset.
+     */
     { .name = "DRBAR", .cp = 15, .crn = 6, .opc1 = 0, .crm = 1, .opc2 = 0,
       .access = PL1_RW, .type = ARM_CP_NO_RAW,
       .fieldoffset = offsetof(CPUARMState, pmsav7.drbar),
-      .readfn = pmsav7_read, .writefn = pmsav7_write, .resetfn = pmsav7_reset },
+      .readfn = pmsav7_read, .writefn = pmsav7_write,
+      .resetfn = arm_cp_reset_ignore },
     { .name = "DRSR", .cp = 15, .crn = 6, .opc1 = 0, .crm = 1, .opc2 = 2,
       .access = PL1_RW, .type = ARM_CP_NO_RAW,
       .fieldoffset = offsetof(CPUARMState, pmsav7.drsr),
-      .readfn = pmsav7_read, .writefn = pmsav7_write, .resetfn = pmsav7_reset },
+      .readfn = pmsav7_read, .writefn = pmsav7_write,
+      .resetfn = arm_cp_reset_ignore },
     { .name = "DRACR", .cp = 15, .crn = 6, .opc1 = 0, .crm = 1, .opc2 = 4,
       .access = PL1_RW, .type = ARM_CP_NO_RAW,
       .fieldoffset = offsetof(CPUARMState, pmsav7.dracr),
-      .readfn = pmsav7_read, .writefn = pmsav7_write, .resetfn = pmsav7_reset },
+      .readfn = pmsav7_read, .writefn = pmsav7_write,
+      .resetfn = arm_cp_reset_ignore },
     { .name = "RGNR", .cp = 15, .crn = 6, .opc1 = 0, .crm = 2, .opc2 = 0,
       .access = PL1_RW,
       .fieldoffset = offsetof(CPUARMState, pmsav7.rnr),
-      .writefn = pmsav7_rgnr_write },
+      .writefn = pmsav7_rgnr_write,
+      .resetfn = arm_cp_reset_ignore },
     REGINFO_SENTINEL
 };
 
-- 
2.7.4

[Qemu-devel] [PULL 6/7] target/arm: Migrate MPU_RNR register state for M profile cores

[Peter Maydell]

The PMSAv7 region number register is migrated for R profile
cores using the cpreg scheme, but M profile doesn't use
cpregs, and so we weren't migrating the MPU_RNR register state
at all. Fix that by adding a migration subsection for the
M profile case.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 1501153150-19984-6-git-send-email-peter.maydell@linaro.org
---
 target/arm/machine.c | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/target/arm/machine.c b/target/arm/machine.c
index 93c1a78..1f66da4 100644
--- a/target/arm/machine.c
+++ b/target/arm/machine.c
@@ -171,6 +171,29 @@ static const VMStateDescription vmstate_pmsav7 = {
     }
 };
 
+static bool pmsav7_rnr_needed(void *opaque)
+{
+    ARMCPU *cpu = opaque;
+    CPUARMState *env = &cpu->env;
+
+    /* For R profile cores pmsav7.rnr is migrated via the cpreg
+     * "RGNR" definition in helper.h. For M profile we have to
+     * migrate it separately.
+     */
+    return arm_feature(env, ARM_FEATURE_M);
+}
+
+static const VMStateDescription vmstate_pmsav7_rnr = {
+    .name = "cpu/pmsav7-rnr",
+    .version_id = 1,
+    .minimum_version_id = 1,
+    .needed = pmsav7_rnr_needed,
+    .fields = (VMStateField[]) {
+        VMSTATE_UINT32(env.pmsav7.rnr, ARMCPU),
+        VMSTATE_END_OF_LIST()
+    }
+};
+
 static int get_cpsr(QEMUFile *f, void *opaque, size_t size,
                     VMStateField *field)
 {
@@ -377,6 +400,11 @@ const VMStateDescription vmstate_arm_cpu = {
         &vmstate_iwmmxt,
         &vmstate_m,
         &vmstate_thumb2ee,
+        /* pmsav7_rnr must come before pmsav7 so that we have the
+         * region number before we test it in the VMSTATE_VALIDATE
+         * in vmstate_pmsav7.
+         */
+        &vmstate_pmsav7_rnr,
         &vmstate_pmsav7,
         NULL
     }
-- 
2.7.4

[Qemu-devel] [PULL 7/7] hw/mps2_scc: fix incorrect properties

[Peter Maydell]

From: Philippe Mathieu-Daudé <f4bug@amsat.org>

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20170729234930.725-1-f4bug@amsat.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 hw/misc/mps2-scc.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/hw/misc/mps2-scc.c b/hw/misc/mps2-scc.c
index cc58d26..32be2a9 100644
--- a/hw/misc/mps2-scc.c
+++ b/hw/misc/mps2-scc.c
@@ -270,9 +270,9 @@ static Property mps2_scc_properties[] = {
     /* Values for various read-only ID registers (which are specific
      * to the board model or FPGA image)
      */
-    DEFINE_PROP_UINT32("scc-cfg4", MPS2SCC, aid, 0),
+    DEFINE_PROP_UINT32("scc-cfg4", MPS2SCC, cfg4, 0),
     DEFINE_PROP_UINT32("scc-aid", MPS2SCC, aid, 0),
-    DEFINE_PROP_UINT32("scc-id", MPS2SCC, aid, 0),
+    DEFINE_PROP_UINT32("scc-id", MPS2SCC, id, 0),
     /* These are the initial settings for the source clocks on the board.
      * In hardware they can be configured via a config file read by the
      * motherboard configuration controller to suit the FPGA image.
-- 
2.7.4

Re: [Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

On 31 July 2017 at 13:22, Peter Maydell <peter.maydell@linaro.org> wrote:
> ARM queue for 2.10: all M profile bugfixes...
>
> thanks
> -- PMM
>
> The following changes since commit 25dd0e77898c3e10796d4cbeb35e8af5ba6ce975:
>
>   Merge remote-tracking branch 'remotes/mjt/tags/trivial-patches-fetch' into staging (2017-07-31 11:27:43 +0100)
>
> are available in the git repository at:
>
>   git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20170731
>
> for you to fetch changes up to 89cbc3778a3d61761e2231e740269218c9a8a41d:
>
>   hw/mps2_scc: fix incorrect properties (2017-07-31 13:11:56 +0100)
>
> ----------------------------------------------------------------
> target-arm queue:
>  * fix broken properties on MPS2 SCC device
>  * fix MPU trace handling of write vs exec
>  * fix MPU M profile bugs:
>    - not handling system space or PPB region correctly
>    - not resetting state
>    - not migrating MPU_RNR
>
> ----------------------------------------------------------------
> Peter Maydell (6):
>       target/arm: Correct MPU trace handling of write vs execute
>       target/arm: Don't do MPU lookups for addresses in M profile PPB region
>       target/arm: Don't allow guest to make System space executable for M profile
>       target/arm: Rename cp15.c6_rgnr to pmsav7.rnr
>       target/arm: Move PMSAv7 reset into arm_cpu_reset() so M profile MPUs get reset
>       target/arm: Migrate MPU_RNR register state for M profile cores
>
> Philippe Mathieu-Daudé (1):
>       hw/mps2_scc: fix incorrect properties

Applied, thanks.

-- PMM

[Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

A small set of arm bugfixes for rc0.



The following changes since commit 5853e92207193e967abf5e4c25b4a551c7604725:

  Merge remote-tracking branch 'remotes/pmaydell/tags/pull-cocoa-20171107' into staging (2017-11-07 12:19:48 +0000)

are available in the git repository at:

  git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20171107

for you to fetch changes up to 8a7348b5d62d7ea16807e6bea54b448a0184bb0f:

  hw/intc/arm_gicv3_its: Don't abort on table save failure (2017-11-07 13:03:52 +0000)

----------------------------------------------------------------
target-arm queue:
 * arm_gicv3_its: Don't abort on table save failure
 * arm_gicv3_its: Fix the VM termination in vm_change_state_handler()
 * translate.c: Fix usermode big-endian AArch32 LDREXD and STREXD
 * hw/arm: Mark the "fsl,imx31/25/6" devices with user_creatable = false
 * arm: implement cache/shareability attribute bits for PAR registers

----------------------------------------------------------------
Andrew Baumann (1):
      arm: implement cache/shareability attribute bits for PAR registers

Eric Auger (1):
      hw/intc/arm_gicv3_its: Don't abort on table save failure

Peter Maydell (1):
      translate.c: Fix usermode big-endian AArch32 LDREXD and STREXD

Shanker Donthineni (1):
      hw/intc/arm_gicv3_its: Fix the VM termination in vm_change_state_handler()

Thomas Huth (3):
      hw/arm: Mark the "fsl,imx6" device with user_creatable = false
      hw/arm: Mark the "fsl,imx25" device with user_creatable = false
      hw/arm: Mark the "fsl,imx31" device with user_creatable = false

 hw/arm/fsl-imx25.c          |   6 +-
 hw/arm/fsl-imx31.c          |   6 +-
 hw/arm/fsl-imx6.c           |   3 +-
 hw/intc/arm_gicv3_its_kvm.c |  12 +--
 target/arm/helper.c         | 178 ++++++++++++++++++++++++++++++++++++++++----
 target/arm/translate.c      |  39 ++++++++--
 6 files changed, 214 insertions(+), 30 deletions(-)

Re: [Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

On 7 November 2017 at 13:35, Peter Maydell <peter.maydell@linaro.org> wrote:
> A small set of arm bugfixes for rc0.
>
>
>
> The following changes since commit 5853e92207193e967abf5e4c25b4a551c7604725:
>
>   Merge remote-tracking branch 'remotes/pmaydell/tags/pull-cocoa-20171107' into staging (2017-11-07 12:19:48 +0000)
>
> are available in the git repository at:
>
>   git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20171107
>
> for you to fetch changes up to 8a7348b5d62d7ea16807e6bea54b448a0184bb0f:
>
>   hw/intc/arm_gicv3_its: Don't abort on table save failure (2017-11-07 13:03:52 +0000)
>
> ----------------------------------------------------------------
> target-arm queue:
>  * arm_gicv3_its: Don't abort on table save failure
>  * arm_gicv3_its: Fix the VM termination in vm_change_state_handler()
>  * translate.c: Fix usermode big-endian AArch32 LDREXD and STREXD
>  * hw/arm: Mark the "fsl,imx31/25/6" devices with user_creatable = false
>  * arm: implement cache/shareability attribute bits for PAR registers
>
> ----------------------------------------------------------------
> Andrew Baumann (1):
>       arm: implement cache/shareability attribute bits for PAR registers
>
> Eric Auger (1):
>       hw/intc/arm_gicv3_its: Don't abort on table save failure
>
> Peter Maydell (1):
>       translate.c: Fix usermode big-endian AArch32 LDREXD and STREXD
>
> Shanker Donthineni (1):
>       hw/intc/arm_gicv3_its: Fix the VM termination in vm_change_state_handler()
>
> Thomas Huth (3):
>       hw/arm: Mark the "fsl,imx6" device with user_creatable = false
>       hw/arm: Mark the "fsl,imx25" device with user_creatable = false
>       hw/arm: Mark the "fsl,imx31" device with user_creatable = false

Applied, thanks.

-- PMM

[Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

A small set of ARM patches, notably fixing bugs in breakpoint
and singlestep code, and repairing the long-broken highbank model.

The only other ARM thing I have on my radar for 2.5 is the Zynq
ADC controller, which I'll send separately if it makes it before
the freeze deadline.

thanks
-- PMM

The following changes since commit a8b4f9585a0bf5186fca793ce2c5d754cd8ec49a:

  Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-11-10' into staging (2015-11-10 09:39:24 +0000)

are available in the git repository at:


  git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20151110

for you to fetch changes up to 577bf808958d06497928c639efaa473bf8c5e099:

  target-arm: Clean up DISAS_UPDATE usage in AArch32 translation code (2015-11-10 13:37:33 +0000)

----------------------------------------------------------------
target-arm queue:
 * fix bugs in gdb singlestep handling and breakpoints
 * minor code cleanup in arm_gic
 * clean up error messages in hw/arm/virt
 * fix highbank kernel booting by adding a board-setup blob

----------------------------------------------------------------
Andrew Jones (1):
      hw/arm/virt: error_report cleanups

Peter Crosthwaite (3):
      arm: boot: Add secure_board_setup flag
      arm: highbank: Defeature CPU override
      arm: highbank: Implement PSCI and dummy monitor

Sergey Fedorov (2):
      target-arm: Fix gdb singlestep handling in arm_debug_excp_handler()
      target-arm: Clean up DISAS_UPDATE usage in AArch32 translation code

Wei Huang (1):
      hw/intc/arm_gic: Remove the definition of NUM_CPU

 hw/arm/boot.c          | 10 +++++-
 hw/arm/highbank.c      | 91 +++++++++++++++++++++++++++++++++++++-------------
 hw/arm/virt.c          | 10 +++---
 hw/intc/arm_gic.c      |  8 ++---
 include/hw/arm/arm.h   |  6 ++++
 target-arm/op_helper.c |  8 ++++-
 target-arm/translate.c | 25 ++++++++------
 7 files changed, 111 insertions(+), 47 deletions(-)

Re: [Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

On 10 November 2015 at 13:51, Peter Maydell <peter.maydell@linaro.org> wrote:
> A small set of ARM patches, notably fixing bugs in breakpoint
> and singlestep code, and repairing the long-broken highbank model.
>
> The only other ARM thing I have on my radar for 2.5 is the Zynq
> ADC controller, which I'll send separately if it makes it before
> the freeze deadline.
>
> thanks
> -- PMM
>
> The following changes since commit a8b4f9585a0bf5186fca793ce2c5d754cd8ec49a:
>
>   Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-11-10' into staging (2015-11-10 09:39:24 +0000)
>
> are available in the git repository at:
>
>
>   git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20151110
>
> for you to fetch changes up to 577bf808958d06497928c639efaa473bf8c5e099:
>
>   target-arm: Clean up DISAS_UPDATE usage in AArch32 translation code (2015-11-10 13:37:33 +0000)
>
> ----------------------------------------------------------------
> target-arm queue:
>  * fix bugs in gdb singlestep handling and breakpoints
>  * minor code cleanup in arm_gic
>  * clean up error messages in hw/arm/virt
>  * fix highbank kernel booting by adding a board-setup blob
>

Applied, thanks.

-- PMM

Re: [Qemu-devel] [PULL 0/7] target-arm queue

[Peter Crosthwaite]

On Tue, Nov 10, 2015 at 8:38 AM, Peter Maydell <peter.maydell@linaro.org> wrote:
> On 10 November 2015 at 13:51, Peter Maydell <peter.maydell@linaro.org> wrote:
>> A small set of ARM patches, notably fixing bugs in breakpoint
>> and singlestep code, and repairing the long-broken highbank model.
>>
>> The only other ARM thing I have on my radar for 2.5 is the Zynq
>> ADC controller, which I'll send separately if it makes it before
>> the freeze deadline.
>>

It is on list I think. I don't see further review:

[PATCH for-2.5 v4 1/1] hw/misc: Add support for ADC controller in
Xilinx Zynq 7000

Regards,
Peter

>> thanks
>> -- PMM
>>
>> The following changes since commit a8b4f9585a0bf5186fca793ce2c5d754cd8ec49a:
>>
>>   Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-11-10' into staging (2015-11-10 09:39:24 +0000)
>>
>> are available in the git repository at:
>>
>>
>>   git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20151110
>>
>> for you to fetch changes up to 577bf808958d06497928c639efaa473bf8c5e099:
>>
>>   target-arm: Clean up DISAS_UPDATE usage in AArch32 translation code (2015-11-10 13:37:33 +0000)
>>
>> ----------------------------------------------------------------
>> target-arm queue:
>>  * fix bugs in gdb singlestep handling and breakpoints
>>  * minor code cleanup in arm_gic
>>  * clean up error messages in hw/arm/virt
>>  * fix highbank kernel booting by adding a board-setup blob
>>
>
> Applied, thanks.
>
> -- PMM
>

Re: [Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

On 10 November 2015 at 17:12, Peter Crosthwaite
<crosthwaitepeter@gmail.com> wrote:
> On Tue, Nov 10, 2015 at 8:38 AM, Peter Maydell <peter.maydell@linaro.org> wrote:
>> On 10 November 2015 at 13:51, Peter Maydell <peter.maydell@linaro.org> wrote:
>>> A small set of ARM patches, notably fixing bugs in breakpoint
>>> and singlestep code, and repairing the long-broken highbank model.
>>>
>>> The only other ARM thing I have on my radar for 2.5 is the Zynq
>>> ADC controller, which I'll send separately if it makes it before
>>> the freeze deadline.
>>>
>
> It is on list I think. I don't see further review:
>
> [PATCH for-2.5 v4 1/1] hw/misc: Add support for ADC controller in
> Xilinx Zynq 7000

Ah yes, found it -- not sure why my search didn't turn it up earlier.

thanks
-- PMM

[Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

Try number 2 with format string fix...

-- PMM

The following changes since commit fefa4b128de06cec6d513f00ee61e8208aed4a87:

  Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20150923.0' into staging (2015-09-23 21:39:46 +0100)

are available in the git repository at:


  git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20150924

for you to fetch changes up to 85b4d5dae12580ecdd446c0f71afa04a95641c91:

  MAINTAINERS: update Allwinner A10 maintainer (2015-09-24 01:29:37 +0100)

----------------------------------------------------------------
target-arm queue:
 * support VGICv3 in KVM
 * fix bug in ACPI table entries for flash devices in virt board
 * update Allwinner entry in MAINTAINERS

----------------------------------------------------------------
Beniamino Galvani (1):
      MAINTAINERS: update Allwinner A10 maintainer

Pavel Fedin (4):
      intc/gic: Extract some reusable vGIC code
      arm_kvm: Do not assume particular GIC type in kvm_arch_irqchip_create()
      hw/intc: Initial implementation of vGICv3
      hw/arm/virt: Add gic-version option to virt machine

Shannon Zhao (1):
      hw/arm/virt-acpi-build: Fix wrong size of flash in ACPI table

Shlomo Pongratz (1):
      hw/intc: Implement GIC-500 base class

 MAINTAINERS                        |   6 +-
 hw/arm/virt-acpi-build.c           |  56 ++++++++------
 hw/arm/virt.c                      | 124 ++++++++++++++++++++++++------
 hw/intc/Makefile.objs              |   2 +
 hw/intc/arm_gic_kvm.c              |  98 ++++++++----------------
 hw/intc/arm_gicv3_common.c         | 140 ++++++++++++++++++++++++++++++++++
 hw/intc/arm_gicv3_kvm.c            | 149 +++++++++++++++++++++++++++++++++++++
 hw/intc/vgic_common.h              |  35 +++++++++
 include/hw/acpi/acpi-defs.h        |   9 +++
 include/hw/arm/virt-acpi-build.h   |   1 +
 include/hw/arm/virt.h              |   4 +-
 include/hw/intc/arm_gicv3_common.h |  68 +++++++++++++++++
 include/sysemu/kvm.h               |  26 +++++++
 kvm-all.c                          |  34 +++++++++
 target-arm/kvm.c                   |  19 +++--
 target-arm/kvm_arm.h               |  19 +++++
 target-arm/machine.c               |  18 +++++
 17 files changed, 686 insertions(+), 122 deletions(-)
 create mode 100644 hw/intc/arm_gicv3_common.c
 create mode 100644 hw/intc/arm_gicv3_kvm.c
 create mode 100644 hw/intc/vgic_common.h
 create mode 100644 include/hw/intc/arm_gicv3_common.h

Re: [Qemu-devel] [PULL 0/7] target-arm queue

[Pavel Fedin]

 Hello!

 Thank you very much for your support and cooperation. I am back from my vacation and continuing my
work on live migration. Actually i already have working code, but need to settle down kernel API
first.

Kind regards,
Pavel Fedin
Expert Engineer
Samsung Electronics Research center Russia

Re: [Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

On 23 September 2015 at 17:31, Peter Maydell <peter.maydell@linaro.org> wrote:
> Try number 2 with format string fix...
>
> -- PMM
>
> The following changes since commit fefa4b128de06cec6d513f00ee61e8208aed4a87:
>
>   Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20150923.0' into staging (2015-09-23 21:39:46 +0100)
>
> are available in the git repository at:
>
>
>   git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20150924
>
> for you to fetch changes up to 85b4d5dae12580ecdd446c0f71afa04a95641c91:
>
>   MAINTAINERS: update Allwinner A10 maintainer (2015-09-24 01:29:37 +0100)
>
> ----------------------------------------------------------------
> target-arm queue:
>  * support VGICv3 in KVM
>  * fix bug in ACPI table entries for flash devices in virt board
>  * update Allwinner entry in MAINTAINERS
>
> ----------------------------------------------------------------

Applied, thanks.

-- PMM

[Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

A small pullreq, but I don't have anything else pending and I wanted
to get the GICv3 patches in this week.

-- PMM


The following changes since commit 684bb5770ec5d72a66620f64fc5d9672bf8d3509:

  Merge remote-tracking branch 'remotes/dgibson/tags/spapr-next-20150923' into staging (2015-09-23 16:52:54 +0100)

are available in the git repository at:


  git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20150923-1

for you to fetch changes up to 5d23e959fc6c8604d3c19b39b71c5a1effb2c347:

  MAINTAINERS: update Allwinner A10 maintainer (2015-09-23 22:37:40 +0100)

----------------------------------------------------------------
target-arm queue:
 * support VGICv3 in KVM
 * fix bug in ACPI table entries for flash devices in virt board
 * update Allwinner entry in MAINTAINERS

----------------------------------------------------------------
Beniamino Galvani (1):
      MAINTAINERS: update Allwinner A10 maintainer

Pavel Fedin (4):
      intc/gic: Extract some reusable vGIC code
      arm_kvm: Do not assume particular GIC type in kvm_arch_irqchip_create()
      hw/intc: Initial implementation of vGICv3
      hw/arm/virt: Add gic-version option to virt machine

Shannon Zhao (1):
      hw/arm/virt-acpi-build: Fix wrong size of flash in ACPI table

Shlomo Pongratz (1):
      hw/intc: Implement GIC-500 base class

 MAINTAINERS                        |   6 +-
 hw/arm/virt-acpi-build.c           |  56 ++++++++------
 hw/arm/virt.c                      | 124 ++++++++++++++++++++++++------
 hw/intc/Makefile.objs              |   2 +
 hw/intc/arm_gic_kvm.c              |  98 ++++++++----------------
 hw/intc/arm_gicv3_common.c         | 140 ++++++++++++++++++++++++++++++++++
 hw/intc/arm_gicv3_kvm.c            | 149 +++++++++++++++++++++++++++++++++++++
 hw/intc/vgic_common.h              |  35 +++++++++
 include/hw/acpi/acpi-defs.h        |   9 +++
 include/hw/arm/virt-acpi-build.h   |   1 +
 include/hw/arm/virt.h              |   4 +-
 include/hw/intc/arm_gicv3_common.h |  68 +++++++++++++++++
 include/sysemu/kvm.h               |  26 +++++++
 kvm-all.c                          |  34 +++++++++
 target-arm/kvm.c                   |  19 +++--
 target-arm/kvm_arm.h               |  19 +++++
 target-arm/machine.c               |  18 +++++
 17 files changed, 686 insertions(+), 122 deletions(-)
 create mode 100644 hw/intc/arm_gicv3_common.c
 create mode 100644 hw/intc/arm_gicv3_kvm.c
 create mode 100644 hw/intc/vgic_common.h
 create mode 100644 include/hw/intc/arm_gicv3_common.h

Re: [Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

On 23 September 2015 at 14:43, Peter Maydell <peter.maydell@linaro.org> wrote:
> A small pullreq, but I don't have anything else pending and I wanted
> to get the GICv3 patches in this week.
>
> -- PMM
>
>
> The following changes since commit 684bb5770ec5d72a66620f64fc5d9672bf8d3509:
>
>   Merge remote-tracking branch 'remotes/dgibson/tags/spapr-next-20150923' into staging (2015-09-23 16:52:54 +0100)
>
> are available in the git repository at:
>
>
>   git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20150923-1
>
> for you to fetch changes up to 5d23e959fc6c8604d3c19b39b71c5a1effb2c347:
>
>   MAINTAINERS: update Allwinner A10 maintainer (2015-09-23 22:37:40 +0100)
>
> ----------------------------------------------------------------
> target-arm queue:
>  * support VGICv3 in KVM
>  * fix bug in ACPI table entries for flash devices in virt board
>  * update Allwinner entry in MAINTAINERS
>
> ----------------------------------------------------------------

Minor fixup required to get it to compile on 32-bit:

--- a/kvm-all.c
+++ b/kvm-all.c
@@ -2036,7 +2036,7 @@ void kvm_device_access(int fd, int group, uint64_t attr,
                            &kvmattr);
     if (err < 0) {
         error_report("KVM_%s_DEVICE_ATTR failed: %s\n"
-                     "Group %d attr 0x%016zX", write ? "SET" : "GET",
+                     "Group %d attr 0x%016" PRIx64 , write ? "SET" : "GET",
                      strerror(-err), group, attr);
         abort();
     }


-- PMM

[Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

target-arm queue before hardfreeze: these are pretty much all
bugfixes.

-- PMM

The following changes since commit f50a1640fb82708a5d528dee1ace42a224b95b15:

  Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging (2015-07-05 20:35:47 +0100)

are available in the git repository at:


  git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20150706

for you to fetch changes up to 257621a9566054472d1d55a819880d0f9da02bda:

  arm_mptimer: Respect IT bit state (2015-07-06 10:26:35 +0100)

----------------------------------------------------------------
target-arm queue:
 * TLBI ALLEI1IS should operate on all CPUs, not just this one
 * Fix interval interrupt of cadence ttc in decrement mode
 * Implement YIELD insn to yield in ARM and Thumb translators
 * ARM GIC: reset all registers
 * arm_mptimer: fix timer shutdown and mode change
 * arm_mptimer: respect IT bit state

----------------------------------------------------------------
Dmitry Osipenko (2):
      arm_mptimer: Fix timer shutdown and mode change
      arm_mptimer: Respect IT bit state

Johannes Schlatow (1):
      Fix interval interrupt of cadence ttc when timer is in decrement mode

Peter Maydell (3):
      target-arm: Split DISAS_YIELD from DISAS_WFE
      target-arm: Implement YIELD insn to yield in ARM and Thumb translators
      hw/intc/arm_gic_common.c: Reset all registers

Sergey Fedorov (1):
      target-arm: fix write helper for TLBI ALLE1IS

 hw/intc/arm_gic_common.c   | 21 ++++++++++++++++++---
 hw/timer/arm_mptimer.c     | 13 ++++++++++---
 hw/timer/cadence_ttc.c     |  9 ++++-----
 target-arm/helper.c        |  2 +-
 target-arm/helper.h        |  1 +
 target-arm/op_helper.c     | 18 +++++++++++++++---
 target-arm/translate-a64.c |  6 ++++++
 target-arm/translate.c     |  7 +++++++
 target-arm/translate.h     |  1 +
 9 files changed, 63 insertions(+), 15 deletions(-)

Re: [Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

On 6 July 2015 at 10:59, Peter Maydell <peter.maydell@linaro.org> wrote:
> target-arm queue before hardfreeze: these are pretty much all
> bugfixes.
>
> -- PMM
>
> The following changes since commit f50a1640fb82708a5d528dee1ace42a224b95b15:
>
>   Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging (2015-07-05 20:35:47 +0100)
>
> are available in the git repository at:
>
>
>   git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20150706
>
> for you to fetch changes up to 257621a9566054472d1d55a819880d0f9da02bda:
>
>   arm_mptimer: Respect IT bit state (2015-07-06 10:26:35 +0100)
>
> ----------------------------------------------------------------
> target-arm queue:
>  * TLBI ALLEI1IS should operate on all CPUs, not just this one
>  * Fix interval interrupt of cadence ttc in decrement mode
>  * Implement YIELD insn to yield in ARM and Thumb translators
>  * ARM GIC: reset all registers
>  * arm_mptimer: fix timer shutdown and mode change
>  * arm_mptimer: respect IT bit state

Applied, thanks.

-- PMM

[Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

target-arm queue: a few new features, but all minor stuff.

thanks
-- PMM


The following changes since commit ccb0c7e122db72d3a5da798c6414d4912bba828f:

  Merge remote-tracking branch 'remotes/lalrae/tags/mips-20150626' into staging (2015-06-26 11:32:58 +0100)

are available in the git repository at:


  git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20150626

for you to fetch changes up to 4e2c0b2a4ab810c8989e181a010e75aeaa1c55f3:

  hw/arm/virt: Make block devices default to virtio (2015-06-26 14:22:37 +0100)

----------------------------------------------------------------
target-arm queue:
 * Change the virt board's default interface type for block devices to virtio
 * Improve some error messages that will now be triggered by some incorrect
   but previously worked-by-accident command lines
 * Print ELR if we're doing debug logging of AArch64 exception entry
 * Handle the "completely empty semihosting commandline" correctly for
   softmmu (we already did for linux-user)
 * Add GICv2m description to ACPI tables for virt board
 * Fix some incorrect table revision entries in virt board ACPI tables

----------------------------------------------------------------
Liviu Ionescu (1):
      target-arm: default empty semihosting cmdline

Peter Maydell (3):
      qdev-properties-system: Change set_pointer's parse callback to use Error
      qdev-properties-system: Improve error message for drive assignment conflict
      hw/arm/virt: Make block devices default to virtio

Shannon Zhao (2):
      hw/arm/virt-acpi-build: Fix table revision and some comments
      hw/arm/virt-acpi-build: Add GICv2m description in ACPI MADT table

Soren Brinkmann (1):
      target-arm: A64: Print ELR when taking exceptions

 hw/arm/virt-acpi-build.c         | 22 ++++++++++++++++-----
 hw/arm/virt.c                    |  2 ++
 hw/core/qdev-properties-system.c | 42 +++++++++++++++++++++++++++-------------
 include/hw/acpi/acpi-defs.h      | 12 ++++++++++++
 target-arm/arm-semi.c            | 11 +++++++++--
 target-arm/helper-a64.c          |  2 ++
 6 files changed, 71 insertions(+), 20 deletions(-)

Re: [Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

On 26 June 2015 at 14:31, Peter Maydell <peter.maydell@linaro.org> wrote:
> target-arm queue: a few new features, but all minor stuff.
>
> thanks
> -- PMM
>
>
> The following changes since commit ccb0c7e122db72d3a5da798c6414d4912bba828f:
>
>   Merge remote-tracking branch 'remotes/lalrae/tags/mips-20150626' into staging (2015-06-26 11:32:58 +0100)
>
> are available in the git repository at:
>
>
>   git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20150626
>
> for you to fetch changes up to 4e2c0b2a4ab810c8989e181a010e75aeaa1c55f3:
>
>   hw/arm/virt: Make block devices default to virtio (2015-06-26 14:22:37 +0100)
>
> ----------------------------------------------------------------
> target-arm queue:
>  * Change the virt board's default interface type for block devices to virtio
>  * Improve some error messages that will now be triggered by some incorrect
>    but previously worked-by-accident command lines
>  * Print ELR if we're doing debug logging of AArch64 exception entry
>  * Handle the "completely empty semihosting commandline" correctly for
>    softmmu (we already did for linux-user)
>  * Add GICv2m description to ACPI tables for virt board
>  * Fix some incorrect table revision entries in virt board ACPI tables
>
> ----------------------------------------------------------------

Applied, thanks.

-- PMM

[Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

Last batch of bugfixes before hardfreeze...

-- PMM

The following changes since commit f421f05754ac5aabe15f12051390204116408b00:

  Merge remote-tracking branch 'remotes/kraxel/tags/pull-seabios-1.8.1-20150316-1' into staging (2015-03-16 10:58:11 +0000)

are available in the git repository at:


  git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20150316

for you to fetch changes up to b8d43285a4db12156c40ba6fdbd8002c383fcbca:

  linux-user: Access correct register for get/set_tls syscalls on ARM TZ CPUs (2015-03-16 12:30:47 +0000)

----------------------------------------------------------------
target-arm queue:
 * fix handling of execute-never bits in page table walks
 * tell kernel to initialize KVM GIC in realize function
 * fix handling of STM (user) with r15 in register list
 * ignore low bit of PC in M-profile exception return
 * fix linux-user get/set_tls syscalls on CPUs with TZ

----------------------------------------------------------------
Andrew Jones (3):
      target-arm: convert check_ap to ap_to_rw_prot
      target-arm: fix get_phys_addr_v6/SCTLR_AFE access check
      target-arm: get_phys_addr_lpae: more xn control

Eric Auger (1):
      hw/intc/arm_gic: Initialize the vgic in the realize function

Mikhail Ilyin (1):
      linux-user: Access correct register for get/set_tls syscalls on ARM TZ CPUs

Peter Maydell (2):
      target-arm: Fix handling of STM (user) with r15 in register list
      target-arm: Ignore low bit of PC in M-profile exception return

 hw/intc/arm_gic_kvm.c       |   7 ++
 linux-user/arm/target_cpu.h |  15 ++-
 linux-user/main.c           |   2 +-
 target-arm/helper.c         | 222 ++++++++++++++++++++++++++++++++------------
 target-arm/translate.c      |  18 ++--
 5 files changed, 197 insertions(+), 67 deletions(-)

Re: [Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

On 16 March 2015 at 12:40, Peter Maydell <peter.maydell@linaro.org> wrote:
> Last batch of bugfixes before hardfreeze...
>
> -- PMM
>
> The following changes since commit f421f05754ac5aabe15f12051390204116408b00:
>
>   Merge remote-tracking branch 'remotes/kraxel/tags/pull-seabios-1.8.1-20150316-1' into staging (2015-03-16 10:58:11 +0000)
>
> are available in the git repository at:
>
>
>   git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20150316
>
> for you to fetch changes up to b8d43285a4db12156c40ba6fdbd8002c383fcbca:
>
>   linux-user: Access correct register for get/set_tls syscalls on ARM TZ CPUs (2015-03-16 12:30:47 +0000)

Applied, thanks.

-- PMM

[Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

Last handful of patches before hardfreeze; these are just
refactoring/cleanup, but I'd like to get them in to avoid
clashes and merge conflicts with other series like TZ.

thanks
-- PMM

The following changes since commit 949ca9e479c381a63ddb257adca1a6f0c44d898e:

  Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging (2014-11-03 22:51:08 +0000)

are available in the git repository at:


  git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20141104

for you to fetch changes up to 9fae24f55496ea178e9e8e351f82a02f34ddaf4d:

  target-arm: Correct condition for taking VIRQ and VFIQ (2014-11-04 12:05:23 +0000)

----------------------------------------------------------------
target-arm queue:
 * avoid passing CPU env pointer around in A32/T32 decoders
 * split M profile exception masking out from A/R profile

----------------------------------------------------------------
Peter Maydell (7):
      target-arm/translate.c: Use arm_dc_feature() in ENABLE_ARCH_ macros
      target-arm/translate.c: Use arm_dc_feature() rather than arm_feature()
      target-arm/translate.c: Don't use IS_M()
      target-arm/translate.c: Don't pass CPUARMState around in the decoder
      target-arm/translate.c: Don't pass CPUARMState * to disas_arm_insn()
      target-arm: Separate out M profile cpu_exec_interrupt handling
      target-arm: Correct condition for taking VIRQ and VFIQ

 target-arm/cpu.c       |  49 +++++++--
 target-arm/cpu.h       |  20 +---
 target-arm/translate.c | 280 +++++++++++++++++++++++++++----------------------
 3 files changed, 197 insertions(+), 152 deletions(-)

Re: [Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

On 4 November 2014 12:30, Peter Maydell <peter.maydell@linaro.org> wrote:
> Last handful of patches before hardfreeze; these are just
> refactoring/cleanup, but I'd like to get them in to avoid
> clashes and merge conflicts with other series like TZ.
>
> thanks
> -- PMM
>
> The following changes since commit 949ca9e479c381a63ddb257adca1a6f0c44d898e:
>
>   Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging (2014-11-03 22:51:08 +0000)
>
> are available in the git repository at:
>
>
>   git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20141104
>
> for you to fetch changes up to 9fae24f55496ea178e9e8e351f82a02f34ddaf4d:
>
>   target-arm: Correct condition for taking VIRQ and VFIQ (2014-11-04 12:05:23 +0000)
>
> ----------------------------------------------------------------
> target-arm queue:
>  * avoid passing CPU env pointer around in A32/T32 decoders
>  * split M profile exception masking out from A/R profile
>
> ----------------------------------------------------------------

Applied, thanks.

-- PMM

[Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

Hi; these are the pending target-arm patches I'd like to get in for 1.0;
a couple of minor ones plus the A15 insn work. Please pull.

PS: I'm not sure who the best person to cc on target-arm pull requests
is; any suggestions?

thanks
-- PMM

The following changes since commit cfce6d8934243871c4dc6d0c5248b0b27a1b8d80:

  i8259: Move to hw library (2011-10-16 11:11:56 +0000)

are available in the git repository at:
  git://git.linaro.org/people/pmaydell/qemu-arm.git target-arm.for-upstream

Christophe LYON (1):
      rsqrte_f32: No need to copy sign bit.

Dmitry Koshelev (1):
      target-arm/machine.c: Restore VFP registers correctly

Peter Maydell (5):
      target-arm: v6 media multiply space: UNDEF on unassigned encodings
      target-arm: Rename ARM_FEATURE_DIV to _THUMB_DIV
      target-arm: Add ARM UDIV/SDIV support
      softfloat: Implement fused multiply-add
      target-arm: Implement VFPv4 fused multiply-accumulate insns

 fpu/softfloat-specialize.h |  178 ++++++++++++++++++
 fpu/softfloat.c            |  427 ++++++++++++++++++++++++++++++++++++++++++++
 fpu/softfloat.h            |   14 ++
 target-arm/cpu.h           |    4 +-
 target-arm/helper.c        |   24 ++-
 target-arm/helper.h        |    3 +
 target-arm/machine.c       |    2 +-
 target-arm/translate.c     |  118 ++++++++++++-
 8 files changed, 759 insertions(+), 11 deletions(-)