* [PULL 00/36] target-arm queue
@ 2020-03-12 16:44 Peter Maydell
2020-03-12 20:32 ` Peter Maydell
0 siblings, 1 reply; 49+ messages in thread
From: Peter Maydell @ 2020-03-12 16:44 UTC (permalink / raw)
To: qemu-devel
arm queue; dunno if this will be the last before softfreeze
or not, but anyway probably the last large one. New orangepi-pc
board model is the big item here.
thanks
-- PMM
The following changes since commit 67d9ef7d541c3d21a25796c51c26da096a433565:
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-docs-20200312' into staging (2020-03-12 15:20:52 +0000)
are available in the Git repository at:
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20200312
for you to fetch changes up to aca53be34ac3e7cac5f39396a51a338860a5a837:
target/arm: kvm: Inject events at the last stage of sync (2020-03-12 16:31:10 +0000)
----------------------------------------------------------------
target-arm queue:
* Fix various bugs that might result in an assert() due to
incorrect hflags for M-profile CPUs
* Fix Aspeed SMC Controller user-mode select handling
* Report correct (with-tag) address in fault address register
when TBI is enabled
* cubieboard: make sure SOC object isn't leaked
* fsl-imx25: Wire up eSDHC controllers
* fsl-imx25: Wire up USB controllers
* New board model: orangepi-pc (OrangePi PC)
* ARM/KVM: if user doesn't select GIC version and the
host kernel can only provide GICv3, use that, rather
than defaulting to "fail because GICv2 isn't possible"
* kvm: Only do KVM_SET_VCPU_EVENTS at the last stage of sync
----------------------------------------------------------------
Beata Michalska (1):
target/arm: kvm: Inject events at the last stage of sync
Cédric Le Goater (2):
aspeed/smc: Add some tracing
aspeed/smc: Fix User mode select/unselect scheme
Eric Auger (6):
hw/arm/virt: Document 'max' value in gic-version property description
hw/arm/virt: Introduce VirtGICType enum type
hw/arm/virt: Introduce finalize_gic_version()
target/arm/kvm: Let kvm_arm_vgic_probe() return a bitmap
hw/arm/virt: kvm: Restructure finalize_gic_version()
hw/arm/virt: kvm: allow gicv3 by default if v2 cannot work
Guenter Roeck (2):
hw/arm/fsl-imx25: Wire up eSDHC controllers
hw/arm/fsl-imx25: Wire up USB controllers
Igor Mammedov (1):
hw/arm/cubieboard: make sure SOC object isn't leaked
Niek Linnenbank (13):
hw/arm: add Allwinner H3 System-on-Chip
hw/arm: add Xunlong Orange Pi PC machine
hw/arm/allwinner-h3: add Clock Control Unit
hw/arm/allwinner-h3: add USB host controller
hw/arm/allwinner-h3: add System Control module
hw/arm/allwinner: add CPU Configuration module
hw/arm/allwinner: add Security Identifier device
hw/arm/allwinner: add SD/MMC host controller
hw/arm/allwinner-h3: add EMAC ethernet device
hw/arm/allwinner-h3: add Boot ROM support
hw/arm/allwinner-h3: add SDRAM controller device
hw/arm/allwinner: add RTC device support
docs: add Orange Pi PC document
Peter Maydell (4):
hw/intc/armv7m_nvic: Rebuild hflags on reset
target/arm: Update hflags in trans_CPS_v7m()
target/arm: Recalculate hflags correctly after writes to CONTROL
target/arm: Fix some comment typos
Philippe Mathieu-Daudé (5):
tests/boot_linux_console: Add a quick test for the OrangePi PC board
tests/boot_linux_console: Add initrd test for the Orange Pi PC board
tests/boot_linux_console: Add a SD card test for the OrangePi PC board
tests/boot_linux_console: Add a SLOW test booting Ubuntu on OrangePi PC
tests/boot_linux_console: Test booting NetBSD via U-Boot on OrangePi PC
Richard Henderson (2):
target/arm: Check addresses for disabled regimes
target/arm: Disable clean_data_tbi for system mode
Makefile.objs | 1 +
hw/arm/Makefile.objs | 1 +
hw/misc/Makefile.objs | 5 +
hw/net/Makefile.objs | 1 +
hw/rtc/Makefile.objs | 1 +
hw/sd/Makefile.objs | 1 +
hw/usb/hcd-ehci.h | 1 +
include/hw/arm/allwinner-a10.h | 4 +
include/hw/arm/allwinner-h3.h | 161 ++++++
include/hw/arm/fsl-imx25.h | 18 +
include/hw/arm/virt.h | 12 +-
include/hw/misc/allwinner-cpucfg.h | 52 ++
include/hw/misc/allwinner-h3-ccu.h | 66 +++
include/hw/misc/allwinner-h3-dramc.h | 106 ++++
include/hw/misc/allwinner-h3-sysctrl.h | 67 +++
include/hw/misc/allwinner-sid.h | 60 +++
include/hw/net/allwinner-sun8i-emac.h | 99 ++++
include/hw/rtc/allwinner-rtc.h | 134 +++++
include/hw/sd/allwinner-sdhost.h | 135 +++++
target/arm/helper.h | 1 +
target/arm/kvm_arm.h | 3 +
hw/arm/allwinner-a10.c | 19 +
hw/arm/allwinner-h3.c | 465 ++++++++++++++++++
hw/arm/cubieboard.c | 18 +
hw/arm/fsl-imx25.c | 56 +++
hw/arm/imx25_pdk.c | 16 +
hw/arm/orangepi.c | 130 +++++
hw/arm/virt.c | 145 ++++--
hw/intc/armv7m_nvic.c | 6 +
hw/misc/allwinner-cpucfg.c | 282 +++++++++++
hw/misc/allwinner-h3-ccu.c | 242 +++++++++
hw/misc/allwinner-h3-dramc.c | 358 ++++++++++++++
hw/misc/allwinner-h3-sysctrl.c | 140 ++++++
hw/misc/allwinner-sid.c | 168 +++++++
hw/net/allwinner-sun8i-emac.c | 871 +++++++++++++++++++++++++++++++++
hw/rtc/allwinner-rtc.c | 411 ++++++++++++++++
hw/sd/allwinner-sdhost.c | 854 ++++++++++++++++++++++++++++++++
hw/ssi/aspeed_smc.c | 56 ++-
hw/usb/hcd-ehci-sysbus.c | 17 +
target/arm/helper.c | 49 +-
target/arm/kvm.c | 14 +-
target/arm/kvm32.c | 15 +-
target/arm/kvm64.c | 15 +-
target/arm/translate-a64.c | 11 +
target/arm/translate.c | 14 +-
MAINTAINERS | 9 +
default-configs/arm-softmmu.mak | 1 +
docs/system/arm/orangepi.rst | 253 ++++++++++
docs/system/target-arm.rst | 2 +
hw/arm/Kconfig | 12 +
hw/misc/trace-events | 19 +
hw/net/Kconfig | 3 +
hw/net/trace-events | 10 +
hw/rtc/trace-events | 4 +
hw/sd/trace-events | 7 +
hw/ssi/trace-events | 10 +
tests/acceptance/boot_linux_console.py | 230 +++++++++
57 files changed, 5787 insertions(+), 74 deletions(-)
create mode 100644 include/hw/arm/allwinner-h3.h
create mode 100644 include/hw/misc/allwinner-cpucfg.h
create mode 100644 include/hw/misc/allwinner-h3-ccu.h
create mode 100644 include/hw/misc/allwinner-h3-dramc.h
create mode 100644 include/hw/misc/allwinner-h3-sysctrl.h
create mode 100644 include/hw/misc/allwinner-sid.h
create mode 100644 include/hw/net/allwinner-sun8i-emac.h
create mode 100644 include/hw/rtc/allwinner-rtc.h
create mode 100644 include/hw/sd/allwinner-sdhost.h
create mode 100644 hw/arm/allwinner-h3.c
create mode 100644 hw/arm/orangepi.c
create mode 100644 hw/misc/allwinner-cpucfg.c
create mode 100644 hw/misc/allwinner-h3-ccu.c
create mode 100644 hw/misc/allwinner-h3-dramc.c
create mode 100644 hw/misc/allwinner-h3-sysctrl.c
create mode 100644 hw/misc/allwinner-sid.c
create mode 100644 hw/net/allwinner-sun8i-emac.c
create mode 100644 hw/rtc/allwinner-rtc.c
create mode 100644 hw/sd/allwinner-sdhost.c
create mode 100644 docs/system/arm/orangepi.rst
create mode 100644 hw/ssi/trace-events
^ permalink raw reply [flat|nested] 49+ messages in thread
* Re: [PULL 00/36] target-arm queue
2020-03-12 16:44 Peter Maydell
@ 2020-03-12 20:32 ` Peter Maydell
0 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2020-03-12 20:32 UTC (permalink / raw)
To: QEMU Developers
On Thu, 12 Mar 2020 at 16:45, Peter Maydell <peter.maydell@linaro.org> wrote:
>
> arm queue; dunno if this will be the last before softfreeze
> or not, but anyway probably the last large one. New orangepi-pc
> board model is the big item here.
>
> thanks
> -- PMM
>
> The following changes since commit 67d9ef7d541c3d21a25796c51c26da096a433565:
>
> Merge remote-tracking branch 'remotes/pmaydell/tags/pull-docs-20200312' into staging (2020-03-12 15:20:52 +0000)
>
> are available in the Git repository at:
>
> https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20200312
>
> for you to fetch changes up to aca53be34ac3e7cac5f39396a51a338860a5a837:
>
> target/arm: kvm: Inject events at the last stage of sync (2020-03-12 16:31:10 +0000)
>
> ----------------------------------------------------------------
> target-arm queue:
> * Fix various bugs that might result in an assert() due to
> incorrect hflags for M-profile CPUs
> * Fix Aspeed SMC Controller user-mode select handling
> * Report correct (with-tag) address in fault address register
> when TBI is enabled
> * cubieboard: make sure SOC object isn't leaked
> * fsl-imx25: Wire up eSDHC controllers
> * fsl-imx25: Wire up USB controllers
> * New board model: orangepi-pc (OrangePi PC)
> * ARM/KVM: if user doesn't select GIC version and the
> host kernel can only provide GICv3, use that, rather
> than defaulting to "fail because GICv2 isn't possible"
> * kvm: Only do KVM_SET_VCPU_EVENTS at the last stage of sync
Applied, thanks.
Please update the changelog at https://wiki.qemu.org/ChangeLog/5.0
for any user-visible changes.
-- PMM
^ permalink raw reply [flat|nested] 49+ messages in thread
* [PULL 00/36] target-arm queue
@ 2020-09-14 14:06 Peter Maydell
0 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2020-09-14 14:06 UTC (permalink / raw)
To: qemu-devel
Nuvoton new board models, and some more minor stuff. I also put
in the deprecation patches for unicore32 and lm32.
thanks
-- PMM
The following changes since commit a68694cd1f3e5448cca814ff39b871f9ebd71ed5:
Merge remote-tracking branch 'remotes/philmd-gitlab/tags/edk2-next-20200914' into staging (2020-09-14 12:18:58 +0100)
are available in the Git repository at:
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20200914
for you to fetch changes up to dd44ae00fc5342ed99acb68ec3508f76a71d523a:
MAINTAINERS: Add maintainer entry for Xilinx ZynqMP CAN controller (2020-09-14 14:27:08 +0100)
----------------------------------------------------------------
target-arm queue:
* hw/misc/a9scu: Do not allow invalid CPU count
* hw/misc/a9scu: Minor cleanups
* hw/timer/armv7m_systick: assert that board code set system_clock_scale
* decodetree: Improve identifier matching
* target/arm: Clean up neon fp insn size field decode
* target/arm: Remove KVM support for 32-bit Arm hosts
* hw/arm/mps2: New board models mps2-an386, mps2-an500
* Deprecate Unicore32 port
* Deprecate lm32 port
* target/arm: Count PMU events when MDCR.SPME is set
* hw/arm: versal-virt: Correct the tx/rx GEM clocks
* New Nuvoton iBMC board models npcm750-evb, quanta-gsj
* xlnx-zynqmp: implement ZynqMP CAN controllers
----------------------------------------------------------------
Aaron Lindsay (1):
target/arm: Count PMU events when MDCR.SPME is set
Edgar E. Iglesias (1):
hw/arm: versal-virt: Correct the tx/rx GEM clocks
Havard Skinnemoen (14):
hw/misc: Add NPCM7xx System Global Control Registers device model
hw/misc: Add NPCM7xx Clock Controller device model
hw/timer: Add NPCM7xx Timer device model
hw/arm: Add NPCM730 and NPCM750 SoC models
hw/arm: Add two NPCM7xx-based machines
roms: Add virtual Boot ROM for NPCM7xx SoCs
hw/arm: Load -bios image as a boot ROM for npcm7xx
hw/nvram: NPCM7xx OTP device model
hw/mem: Stubbed out NPCM7xx Memory Controller model
hw/ssi: NPCM7xx Flash Interface Unit device model
hw/arm: Wire up BMC boot flash for npcm750-evb and quanta-gsj
hw/arm/npcm7xx: add board setup stub for CPU and UART clocks
docs/system: Add Nuvoton machine documentation
tests/acceptance: console boot tests for quanta-gsj
Peter Maydell (11):
hw/timer/armv7m_systick: assert that board code set system_clock_scale
target/arm: Convert Neon 3-same-fp size field to MO_* in decode
target/arm: Convert Neon VCVT fp size field to MO_* in decode
target/arm: Convert VCMLA, VCADD size field to MO_* in decode
target/arm: Remove KVM support for 32-bit Arm hosts
target/arm: Remove no-longer-reachable 32-bit KVM code
hw/arm/mps2: New board model mps2-an386
hw/arm/mps2: New board model mps2-an500
docs/system/arm/mps2.rst: Make board list consistent
Deprecate Unicore32 port
Deprecate lm32 port
Philippe Mathieu-Daudé (4):
hw/misc/a9scu: Do not allow invalid CPU count
hw/misc/a9scu: Simplify setting MemoryRegionOps::valid fields
hw/misc/a9scu: Simplify setting MemoryRegionOps::impl fields
hw/misc/a9scu: Report unimplemented accesses with qemu_log_mask(UNIMP)
Richard Henderson (1):
decodetree: Improve identifier matching
Vikram Garhwal (4):
hw/net/can: Introduce Xilinx ZynqMP CAN controller
xlnx-zynqmp: Connect Xilinx ZynqMP CAN controllers
tests/qtest: Introduce tests for Xilinx ZynqMP CAN controller
MAINTAINERS: Add maintainer entry for Xilinx ZynqMP CAN controller
docs/system/arm/mps2.rst | 20 +-
docs/system/arm/nuvoton.rst | 92 +++
docs/system/deprecated.rst | 32 +-
docs/system/target-arm.rst | 1 +
configure | 2 +-
default-configs/arm-softmmu.mak | 1 +
include/hw/arm/npcm7xx.h | 112 +++
include/hw/arm/xlnx-zynqmp.h | 8 +
include/hw/mem/npcm7xx_mc.h | 36 +
include/hw/misc/npcm7xx_clk.h | 48 ++
include/hw/misc/npcm7xx_gcr.h | 43 ++
include/hw/net/xlnx-zynqmp-can.h | 78 +++
include/hw/nvram/npcm7xx_otp.h | 79 +++
include/hw/ssi/npcm7xx_fiu.h | 73 ++
include/hw/timer/npcm7xx_timer.h | 78 +++
target/arm/kvm-consts.h | 7 -
target/arm/kvm_arm.h | 6 -
target/arm/neon-dp.decode | 18 +-
target/arm/neon-shared.decode | 18 +-
tests/decode/succ_ident1.decode | 7 +
hw/arm/mps2.c | 97 ++-
hw/arm/npcm7xx.c | 532 +++++++++++++++
hw/arm/npcm7xx_boards.c | 197 ++++++
hw/arm/xlnx-versal-virt.c | 2 +-
hw/arm/xlnx-zcu102.c | 20 +
hw/arm/xlnx-zynqmp.c | 34 +
hw/mem/npcm7xx_mc.c | 84 +++
hw/misc/a9scu.c | 59 +-
hw/misc/npcm7xx_clk.c | 266 ++++++++
hw/misc/npcm7xx_gcr.c | 269 ++++++++
hw/net/can/xlnx-zynqmp-can.c | 1165 ++++++++++++++++++++++++++++++++
hw/nvram/npcm7xx_otp.c | 440 ++++++++++++
hw/ssi/npcm7xx_fiu.c | 572 ++++++++++++++++
hw/timer/armv7m_systick.c | 8 +
hw/timer/npcm7xx_timer.c | 543 +++++++++++++++
target/arm/cpu.c | 101 ++-
target/arm/helper.c | 2 +-
target/arm/kvm.c | 7 -
target/arm/kvm32.c | 595 ----------------
tests/qtest/xlnx-can-test.c | 359 ++++++++++
.gitmodules | 3 +
MAINTAINERS | 18 +
hw/arm/Kconfig | 9 +
hw/arm/meson.build | 1 +
hw/mem/meson.build | 1 +
hw/misc/meson.build | 4 +
hw/misc/trace-events | 8 +
hw/net/can/meson.build | 1 +
hw/nvram/meson.build | 1 +
hw/ssi/meson.build | 1 +
hw/ssi/trace-events | 11 +
hw/timer/meson.build | 1 +
hw/timer/trace-events | 5 +
pc-bios/README | 6 +
pc-bios/meson.build | 1 +
pc-bios/npcm7xx_bootrom.bin | Bin 0 -> 768 bytes
roms/Makefile | 7 +
roms/vbootrom | 1 +
scripts/decodetree.py | 46 +-
target/arm/meson.build | 5 +-
target/arm/translate-neon.c.inc | 42 +-
tests/acceptance/boot_linux_console.py | 83 +++
tests/qtest/meson.build | 1 +
63 files changed, 5584 insertions(+), 783 deletions(-)
create mode 100644 docs/system/arm/nuvoton.rst
create mode 100644 include/hw/arm/npcm7xx.h
create mode 100644 include/hw/mem/npcm7xx_mc.h
create mode 100644 include/hw/misc/npcm7xx_clk.h
create mode 100644 include/hw/misc/npcm7xx_gcr.h
create mode 100644 include/hw/net/xlnx-zynqmp-can.h
create mode 100644 include/hw/nvram/npcm7xx_otp.h
create mode 100644 include/hw/ssi/npcm7xx_fiu.h
create mode 100644 include/hw/timer/npcm7xx_timer.h
create mode 100644 tests/decode/succ_ident1.decode
create mode 100644 hw/arm/npcm7xx.c
create mode 100644 hw/arm/npcm7xx_boards.c
create mode 100644 hw/mem/npcm7xx_mc.c
create mode 100644 hw/misc/npcm7xx_clk.c
create mode 100644 hw/misc/npcm7xx_gcr.c
create mode 100644 hw/net/can/xlnx-zynqmp-can.c
create mode 100644 hw/nvram/npcm7xx_otp.c
create mode 100644 hw/ssi/npcm7xx_fiu.c
create mode 100644 hw/timer/npcm7xx_timer.c
delete mode 100644 target/arm/kvm32.c
create mode 100644 tests/qtest/xlnx-can-test.c
create mode 100644 pc-bios/npcm7xx_bootrom.bin
create mode 160000 roms/vbootrom
^ permalink raw reply [flat|nested] 49+ messages in thread
* [PULL 00/36] target-arm queue
@ 2020-12-10 11:47 Peter Maydell
2020-12-10 12:51 ` Peter Maydell
0 siblings, 1 reply; 49+ messages in thread
From: Peter Maydell @ 2020-12-10 11:47 UTC (permalink / raw)
To: qemu-devel
First pullreq for 6.0: mostly my v8.1M work, plus some other
bits and pieces. (I still have a lot of stuff in my to-review
folder, which I may or may not get to before the Christmas break...)
thanks
-- PMM
The following changes since commit 5e7b204dbfae9a562fc73684986f936b97f63877:
Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging (2020-12-09 20:08:54 +0000)
are available in the Git repository at:
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20201210
for you to fetch changes up to 71f916be1c7e9ede0e37d9cabc781b5a9e8638ff:
hw/arm/armv7m: Correct typo in QOM object name (2020-12-10 11:44:56 +0000)
----------------------------------------------------------------
target-arm queue:
* hw/arm/smmuv3: Fix up L1STD_SPAN decoding
* xlnx-zynqmp: Support Xilinx ZynqMP CAN controllers
* sbsa-ref: allow to use Cortex-A53/57/72 cpus
* Various minor code cleanups
* hw/intc/armv7m_nvic: Make all of system PPB range be RAZWI/BusFault
* Implement more pieces of ARMv8.1M support
----------------------------------------------------------------
Alex Chen (4):
i.MX25: Fix bad printf format specifiers
i.MX31: Fix bad printf format specifiers
i.MX6: Fix bad printf format specifiers
i.MX6ul: Fix bad printf format specifiers
Havard Skinnemoen (1):
tests/qtest/npcm7xx_rng-test: dump random data on failure
Kunkun Jiang (1):
hw/arm/smmuv3: Fix up L1STD_SPAN decoding
Marcin Juszkiewicz (1):
sbsa-ref: allow to use Cortex-A53/57/72 cpus
Peter Maydell (25):
hw/intc/armv7m_nvic: Make all of system PPB range be RAZWI/BusFault
target/arm: Implement v8.1M PXN extension
target/arm: Don't clobber ID_PFR1.Security on M-profile cores
target/arm: Implement VSCCLRM insn
target/arm: Implement CLRM instruction
target/arm: Enforce M-profile VMRS/VMSR register restrictions
target/arm: Refactor M-profile VMSR/VMRS handling
target/arm: Move general-use constant expanders up in translate.c
target/arm: Implement VLDR/VSTR system register
target/arm: Implement M-profile FPSCR_nzcvqc
target/arm: Use new FPCR_NZCV_MASK constant
target/arm: Factor out preserve-fp-state from full_vfp_access_check()
target/arm: Implement FPCXT_S fp system register
hw/intc/armv7m_nvic: Update FPDSCR masking for v8.1M
target/arm: For v8.1M, always clear R0-R3, R12, APSR, EPSR on exception entry
target/arm: In v8.1M, don't set HFSR.FORCED on vector table fetch failures
target/arm: Implement v8.1M REVIDR register
target/arm: Implement new v8.1M NOCP check for exception return
target/arm: Implement new v8.1M VLLDM and VLSTM encodings
hw/intc/armv7m_nvic: Support v8.1M CCR.TRD bit
target/arm: Implement CCR_S.TRD behaviour for SG insns
hw/intc/armv7m_nvic: Fix "return from inactive handler" check
target/arm: Implement M-profile "minimal RAS implementation"
hw/intc/armv7m_nvic: Implement read/write for RAS register block
hw/arm/armv7m: Correct typo in QOM object name
Vikram Garhwal (4):
hw/net/can: Introduce Xilinx ZynqMP CAN controller
xlnx-zynqmp: Connect Xilinx ZynqMP CAN controllers
tests/qtest: Introduce tests for Xilinx ZynqMP CAN controller
MAINTAINERS: Add maintainer entry for Xilinx ZynqMP CAN controller
meson.build | 1 +
hw/arm/smmuv3-internal.h | 2 +-
hw/net/can/trace.h | 1 +
include/hw/arm/xlnx-zynqmp.h | 8 +
include/hw/intc/armv7m_nvic.h | 2 +
include/hw/net/xlnx-zynqmp-can.h | 78 +++
target/arm/cpu.h | 46 ++
target/arm/m-nocp.decode | 10 +-
target/arm/t32.decode | 10 +-
target/arm/vfp.decode | 14 +
hw/arm/armv7m.c | 4 +-
hw/arm/sbsa-ref.c | 23 +-
hw/arm/xlnx-zcu102.c | 20 +
hw/arm/xlnx-zynqmp.c | 34 ++
hw/intc/armv7m_nvic.c | 246 ++++++--
hw/misc/imx25_ccm.c | 12 +-
hw/misc/imx31_ccm.c | 14 +-
hw/misc/imx6_ccm.c | 20 +-
hw/misc/imx6_src.c | 2 +-
hw/misc/imx6ul_ccm.c | 4 +-
hw/misc/imx_ccm.c | 4 +-
hw/net/can/xlnx-zynqmp-can.c | 1161 ++++++++++++++++++++++++++++++++++++++
target/arm/cpu.c | 5 +-
target/arm/helper.c | 7 +-
target/arm/m_helper.c | 130 ++++-
target/arm/translate.c | 105 +++-
tests/qtest/npcm7xx_rng-test.c | 12 +
tests/qtest/xlnx-can-test.c | 360 ++++++++++++
MAINTAINERS | 8 +
hw/Kconfig | 1 +
hw/net/can/meson.build | 1 +
hw/net/can/trace-events | 9 +
target/arm/translate-vfp.c.inc | 511 ++++++++++++++++-
tests/qtest/meson.build | 1 +
34 files changed, 2713 insertions(+), 153 deletions(-)
create mode 100644 hw/net/can/trace.h
create mode 100644 include/hw/net/xlnx-zynqmp-can.h
create mode 100644 hw/net/can/xlnx-zynqmp-can.c
create mode 100644 tests/qtest/xlnx-can-test.c
create mode 100644 hw/net/can/trace-events
^ permalink raw reply [flat|nested] 49+ messages in thread
* Re: [PULL 00/36] target-arm queue
2020-12-10 11:47 Peter Maydell
@ 2020-12-10 12:51 ` Peter Maydell
0 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2020-12-10 12:51 UTC (permalink / raw)
To: QEMU Developers
On Thu, 10 Dec 2020 at 11:47, Peter Maydell <peter.maydell@linaro.org> wrote:
>
> First pullreq for 6.0: mostly my v8.1M work, plus some other
> bits and pieces. (I still have a lot of stuff in my to-review
> folder, which I may or may not get to before the Christmas break...)
>
> thanks
> -- PMM
>
> The following changes since commit 5e7b204dbfae9a562fc73684986f936b97f63877:
>
> Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging (2020-12-09 20:08:54 +0000)
>
> are available in the Git repository at:
>
> https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20201210
>
> for you to fetch changes up to 71f916be1c7e9ede0e37d9cabc781b5a9e8638ff:
>
> hw/arm/armv7m: Correct typo in QOM object name (2020-12-10 11:44:56 +0000)
>
> ----------------------------------------------------------------
> target-arm queue:
> * hw/arm/smmuv3: Fix up L1STD_SPAN decoding
> * xlnx-zynqmp: Support Xilinx ZynqMP CAN controllers
> * sbsa-ref: allow to use Cortex-A53/57/72 cpus
> * Various minor code cleanups
> * hw/intc/armv7m_nvic: Make all of system PPB range be RAZWI/BusFault
> * Implement more pieces of ARMv8.1M support
Applied, thanks.
Please update the changelog at https://wiki.qemu.org/ChangeLog/6.0
for any user-visible changes.
-- PMM
^ permalink raw reply [flat|nested] 49+ messages in thread
* [PULL 00/36] target-arm queue
@ 2024-01-26 14:33 Peter Maydell
2024-01-27 13:00 ` Peter Maydell
0 siblings, 1 reply; 49+ messages in thread
From: Peter Maydell @ 2024-01-26 14:33 UTC (permalink / raw)
To: qemu-devel
The following changes since commit 5bab95dc74d43bbb28c6a96d24c810a664432057:
Merge tag 'pull-request-2024-01-24' of https://gitlab.com/thuth/qemu into staging (2024-01-25 12:33:42 +0000)
are available in the Git repository at:
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20240126
for you to fetch changes up to 5e6be95ed1578c7cfac2082b39384d99fd912508:
hw/arm: add PCIe to Freescale i.MX6 (2024-01-26 12:23:04 +0000)
----------------------------------------------------------------
target-arm queue:
* Fix VNCR fault detection logic
* Fix A64 scalar SQSHRN and SQRSHRN
* Fix incorrect aa64_tidcp1 feature check
* hw/arm/virt.c: Remove newline from error_report() string
* hw/arm/musicpal: Convert to qemu_add_kbd_event_handler()
* hw/arm/allwinner-a10: Unconditionally map the USB Host controllers
* hw/arm/nseries: Unconditionally map the TUSB6010 USB Host controller
* hw/arm: Add EHCI/OHCI controllers to Allwinner R40 and Bananapi board
* hw/arm: Add AHCI/SATA controller to Allwinner R40 and Bananapi board
* hw/arm: Add watchdog timer to Allwinner H40 and Bananapi board
* arm: various include header cleanups
* cleanups to allow some files to be built only once
* fsl-imx6ul: Add various missing unimplemented devices
* docs/system/arm/virt.rst: Add note on CPU features off by default
* hw/char/imx_serial: Implement receive FIFO and ageing timer
* target/xtensa: fix OOB TLB entry access
* bswap.h: Fix const_le64() macro
* hw/arm: add PCIe to Freescale i.MX6
----------------------------------------------------------------
Guenter Roeck (4):
hw/arm: Add EHCI/OHCI controllers to Allwinner R40 and Bananapi board
hw/arm: Add AHCI/SATA controller to Allwinner R40 and Bananapi board
hw/arm: Add watchdog timer to Allwinner H40 and Bananapi board
fsl-imx6ul: Add various missing unimplemented devices
Gustavo Romero (1):
docs/system/arm/virt.rst: Add note on CPU features off by default
Max Filippov (1):
target/xtensa: fix OOB TLB entry access
Nikita Ostrenkov (1):
hw/arm: add PCIe to Freescale i.MX6
Peter Maydell (6):
target/arm: Fix VNCR fault detection logic
hw/arm/virt.c: Remove newline from error_report() string
hw/arm/musicpal: Convert to qemu_add_kbd_event_handler()
target/arm: Fix A64 scalar SQSHRN and SQRSHRN
bswap.h: Fix const_le64() macro
target/arm: Fix incorrect aa64_tidcp1 feature check
Philippe Mathieu-Daudé (20):
hw/arm/allwinner-a10: Unconditionally map the USB Host controllers
hw/arm/nseries: Unconditionally map the TUSB6010 USB Host controller
hw/arm/exynos4210: Include missing 'exec/tswap.h' header
hw/arm/xilinx_zynq: Include missing 'exec/tswap.h' header
hw/arm/smmuv3: Include missing 'hw/registerfields.h' header
hw/arm/xlnx-versal: Include missing 'cpu.h' header
target/arm/cpu-features: Include missing 'hw/registerfields.h' header
target/arm/cpregs: Include missing 'hw/registerfields.h' header
target/arm/cpregs: Include missing 'kvm-consts.h' header
target/arm: Expose arm_cpu_mp_affinity() in 'multiprocessing.h' header
target/arm: Declare ARM_CPU_TYPE_NAME/SUFFIX in 'cpu-qom.h'
hw/cpu/a9mpcore: Build it only once
hw/misc/xlnx-versal-crl: Include generic 'cpu-qom.h' instead of 'cpu.h'
hw/misc/xlnx-versal-crl: Build it only once
target/arm: Expose M-profile register bank index definitions
hw/arm/armv7m: Make 'hw/intc/armv7m_nvic.h' a target agnostic header
target/arm: Move ARM_CPU_IRQ/FIQ definitions to 'cpu-qom.h' header
target/arm: Move e2h_access() helper around
target/arm: Move GTimer definitions to new 'gtimer.h' header
hw/arm: Build various units only once
Rayhan Faizel (1):
hw/char/imx_serial: Implement receive FIFO and ageing timer
Richard Henderson (2):
target/arm: Rename arm_cpu_mp_affinity
target/arm: Create arm_cpu_mp_affinity
docs/system/arm/bananapi_m2u.rst | 5 +-
docs/system/arm/virt.rst | 13 ++++
hw/arm/smmuv3-internal.h | 1 +
include/hw/arm/allwinner-r40.h | 15 +++++
include/hw/arm/fsl-imx6.h | 44 +++++++------
include/hw/arm/fsl-imx6ul.h | 2 +
include/hw/arm/xlnx-versal.h | 1 +
include/hw/char/imx_serial.h | 20 +++++-
include/hw/intc/armv7m_nvic.h | 2 +-
include/hw/misc/xlnx-versal-crl.h | 2 +-
include/qemu/bswap.h | 16 ++---
target/arm/cpregs.h | 3 +
target/arm/cpu-features.h | 4 +-
target/arm/cpu-qom.h | 24 +++++++
target/arm/cpu.h | 34 +---------
target/arm/gtimer.h | 21 ++++++
target/arm/multiprocessing.h | 16 +++++
hw/arm/allwinner-a10.c | 50 ++++++--------
hw/arm/allwinner-h3.c | 2 +
hw/arm/allwinner-r40.c | 69 +++++++++++++++++++-
hw/arm/armv7m.c | 2 +
hw/arm/aspeed_ast2400.c | 1 +
hw/arm/aspeed_ast2600.c | 1 +
hw/arm/bcm2836.c | 2 +
hw/arm/collie.c | 1 -
hw/arm/exynos4210.c | 2 +
hw/arm/fsl-imx25.c | 1 +
hw/arm/fsl-imx31.c | 1 +
hw/arm/fsl-imx6.c | 26 ++++++++
hw/arm/fsl-imx6ul.c | 31 +++++++++
hw/arm/fsl-imx7.c | 1 +
hw/arm/gumstix.c | 1 -
hw/arm/highbank.c | 1 +
hw/arm/integratorcp.c | 2 +-
hw/arm/mainstone.c | 1 -
hw/arm/musicpal.c | 133 ++++++++++++++++++--------------------
hw/arm/npcm7xx.c | 3 +-
hw/arm/nseries.c | 4 +-
hw/arm/omap1.c | 1 +
hw/arm/omap2.c | 2 +-
hw/arm/omap_sx1.c | 1 -
hw/arm/palm.c | 1 -
hw/arm/realview.c | 1 +
hw/arm/sbsa-ref.c | 4 +-
hw/arm/spitz.c | 1 -
hw/arm/strongarm.c | 2 +-
hw/arm/versatilepb.c | 2 +-
hw/arm/vexpress.c | 2 +-
hw/arm/virt-acpi-build.c | 4 +-
hw/arm/virt.c | 15 +++--
hw/arm/xilinx_zynq.c | 3 +-
hw/arm/xlnx-versal-virt.c | 5 +-
hw/arm/xlnx-versal.c | 2 +
hw/arm/xlnx-zynqmp.c | 2 +
hw/arm/z2.c | 1 -
hw/char/imx_serial.c | 102 +++++++++++++++++++++++++----
hw/cpu/a15mpcore.c | 1 +
hw/cpu/a9mpcore.c | 2 +-
hw/misc/xlnx-versal-crl.c | 5 +-
target/arm/arm-powerctl.c | 3 +-
target/arm/cpu.c | 13 +++-
target/arm/helper.c | 30 +++++----
target/arm/hvf/hvf.c | 6 +-
target/arm/kvm.c | 1 +
target/arm/machine.c | 1 +
target/arm/tcg/psci.c | 3 +-
target/arm/tcg/tlb_helper.c | 2 +-
target/arm/tcg/translate-a64.c | 2 +-
target/xtensa/mmu_helper.c | 47 ++++++++++----
hw/arm/Kconfig | 6 ++
hw/arm/meson.build | 23 +++----
hw/cpu/meson.build | 2 +-
hw/misc/meson.build | 2 +-
73 files changed, 597 insertions(+), 261 deletions(-)
create mode 100644 target/arm/gtimer.h
create mode 100644 target/arm/multiprocessing.h
^ permalink raw reply [flat|nested] 49+ messages in thread
* Re: [PULL 00/36] target-arm queue
2024-01-26 14:33 Peter Maydell
@ 2024-01-27 13:00 ` Peter Maydell
0 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2024-01-27 13:00 UTC (permalink / raw)
To: qemu-devel
On Fri, 26 Jan 2024 at 14:33, Peter Maydell <peter.maydell@linaro.org> wrote:
>
> The following changes since commit 5bab95dc74d43bbb28c6a96d24c810a664432057:
>
> Merge tag 'pull-request-2024-01-24' of https://gitlab.com/thuth/qemu into staging (2024-01-25 12:33:42 +0000)
>
> are available in the Git repository at:
>
> https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20240126
>
> for you to fetch changes up to 5e6be95ed1578c7cfac2082b39384d99fd912508:
>
> hw/arm: add PCIe to Freescale i.MX6 (2024-01-26 12:23:04 +0000)
>
> ----------------------------------------------------------------
> target-arm queue:
> * Fix VNCR fault detection logic
> * Fix A64 scalar SQSHRN and SQRSHRN
> * Fix incorrect aa64_tidcp1 feature check
> * hw/arm/virt.c: Remove newline from error_report() string
> * hw/arm/musicpal: Convert to qemu_add_kbd_event_handler()
> * hw/arm/allwinner-a10: Unconditionally map the USB Host controllers
> * hw/arm/nseries: Unconditionally map the TUSB6010 USB Host controller
> * hw/arm: Add EHCI/OHCI controllers to Allwinner R40 and Bananapi board
> * hw/arm: Add AHCI/SATA controller to Allwinner R40 and Bananapi board
> * hw/arm: Add watchdog timer to Allwinner H40 and Bananapi board
> * arm: various include header cleanups
> * cleanups to allow some files to be built only once
> * fsl-imx6ul: Add various missing unimplemented devices
> * docs/system/arm/virt.rst: Add note on CPU features off by default
> * hw/char/imx_serial: Implement receive FIFO and ageing timer
> * target/xtensa: fix OOB TLB entry access
> * bswap.h: Fix const_le64() macro
> * hw/arm: add PCIe to Freescale i.MX6
Applied, thanks.
Please update the changelog at https://wiki.qemu.org/ChangeLog/9.0
for any user-visible changes.
-- PMM
^ permalink raw reply [flat|nested] 49+ messages in thread
* [PULL 00/36] target-arm queue
@ 2024-02-02 15:36 Peter Maydell
2024-02-03 13:27 ` Peter Maydell
0 siblings, 1 reply; 49+ messages in thread
From: Peter Maydell @ 2024-02-02 15:36 UTC (permalink / raw)
To: qemu-devel
The following changes since commit c3709fde5955d13f6d4f86ab46ef3cc2288ca65e:
Merge tag 'pull-aspeed-20240201' of https://github.com/legoater/qemu into staging (2024-02-01 14:42:11 +0000)
are available in the Git repository at:
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20240202
for you to fetch changes up to f09c2b7ba9908714a3e2f1decd989462536cf731:
hw/arm: Connect SPI Controller to BCM2835 (2024-02-02 13:51:59 +0000)
----------------------------------------------------------------
target/arm: fix exception syndrome for AArch32 bkpt insn
pci, vmbus, adb, s390x/css-bridge: Switch buses to 3-phase reset
system/vl.c: Fix handling of '-serial none -serial something'
target/arm: Add ID_AA64ZFR0_EL1.B16B16 to the exposed-to-userspace set
tests/qtest/xlnx-versal-trng-test.c: Drop use of variable length array
target/arm: Reinstate "vfp" property on AArch32 CPUs
doc/sphinx/hxtool.py: add optional label argument to SRST directive
hw/arm: Check for CPU types in machine_run_board_init() for various boards
pci-host: designware: Limit value range of iATU viewport register
hw/arm: Convert some DPRINTF macros to trace events and guest errors
hw/arm: NPCM7XX SoC: Add GMAC ethernet controller devices
hw/arm: Implement BCM2835 SPI Controller
----------------------------------------------------------------
David Woodhouse (1):
doc/sphinx/hxtool.py: add optional label argument to SRST directive
Guenter Roeck (1):
pci-host: designware: Limit value range of iATU viewport register
Hao Wu (2):
hw/net: Add NPCMXXX GMAC device
hw/arm: Add GMAC devices to NPCM7XX SoC
Jan Klötzke (1):
target/arm: fix exception syndrome for AArch32 bkpt insn
Manos Pitsidianakis (6):
hw/arm/strongarm.c: convert DPRINTF to trace events and guest errors
hw/arm/z2: convert DPRINTF to trace events and guest errors
hw/arm/xen_arm.c: convert DPRINTF to trace events and error/warn reports
hw/xen/xen-mapcache.c: convert DPRINTF to tracepoints
hw/xen/xen-hvm-common.c: convert DPRINTF to tracepoints
hw/xen: convert stderr prints to error/warn reports
Nabih Estefan Diaz (4):
tests/qtest: Creating qtest for GMAC Module
hw/net: GMAC Rx Implementation
hw/net: GMAC Tx Implementation
tests/qtest: Adding PCS Module test to GMAC Qtest
Peter Maydell (10):
pci: Switch bus reset to 3-phase-reset
vmbus: Switch bus reset to 3-phase-reset
adb: Switch bus reset to 3-phase-reset
hw/s390x/css-bridge: switch virtual-css bus to 3-phase-reset
hw/core: Remove transitional infrastructure from BusClass
system/vl.c: Fix handling of '-serial none -serial something'
qemu-options.hx: Improve -serial option documentation
target/arm: Add ID_AA64ZFR0_EL1.B16B16 to the exposed-to-userspace set
tests/qtest/xlnx-versal-trng-test.c: Drop use of variable length array
target/arm: Reinstate "vfp" property on AArch32 CPUs
Philippe Mathieu-Daudé (9):
hw/arm/exynos: Add missing QOM parent for CPU cores
hw/arm/exynos: Check for CPU types in machine_run_board_init()
hw/arm/highbank: Add missing QOM parent for CPU cores
hw/arm/highbank: Check for CPU types in machine_run_board_init()
hw/arm/msf2: Simplify setting MachineClass::valid_cpu_types[]
hw/arm/musca: Simplify setting MachineClass::valid_cpu_types[]
hw/arm/npcm7xx_boards: Simplify setting MachineClass::valid_cpu_types[]
hw/arm/vexpress: Check for CPU types in machine_run_board_init()
hw/arm/zynq: Check for CPU types in machine_run_board_init()
Rayhan Faizel (2):
hw/ssi: Implement BCM2835 SPI Controller
hw/arm: Connect SPI Controller to BCM2835
docs/devel/docs.rst | 12 +-
docs/sphinx/hxtool.py | 16 +
docs/system/arm/raspi.rst | 2 +-
docs/system/i386/xen.rst | 3 +-
include/hw/arm/bcm2835_peripherals.h | 3 +-
include/hw/arm/msf2-soc.h | 3 -
include/hw/arm/npcm7xx.h | 2 +
include/hw/net/npcm_gmac.h | 343 +++++++++++++
include/hw/qdev-core.h | 2 -
include/hw/ssi/bcm2835_spi.h | 81 +++
target/arm/syndrome.h | 8 +
hw/arm/bcm2835_peripherals.c | 17 +-
hw/arm/exynos4210.c | 1 +
hw/arm/exynos4_boards.c | 8 +
hw/arm/highbank.c | 11 +
hw/arm/msf2-soc.c | 3 +-
hw/arm/msf2-som.c | 4 -
hw/arm/musca.c | 1 -
hw/arm/npcm7xx.c | 37 +-
hw/arm/npcm7xx_boards.c | 1 -
hw/arm/strongarm.c | 82 +--
hw/arm/vexpress.c | 12 +-
hw/arm/xen_arm.c | 23 +-
hw/arm/xilinx_zynq.c | 6 +-
hw/arm/z2.c | 27 +-
hw/core/bus.c | 67 ---
hw/hyperv/vmbus.c | 7 +-
hw/input/adb.c | 7 +-
hw/net/npcm_gmac.c | 942 +++++++++++++++++++++++++++++++++++
hw/pci-host/designware.c | 2 +
hw/pci/pci.c | 10 +-
hw/s390x/css-bridge.c | 5 +-
hw/ssi/bcm2835_spi.c | 288 +++++++++++
hw/xen/xen-hvm-common.c | 47 +-
hw/xen/xen-mapcache.c | 59 +--
system/vl.c | 22 +-
target/arm/cpu.c | 4 +
target/arm/helper.c | 19 +
tests/qtest/npcm_gmac-test.c | 344 +++++++++++++
tests/qtest/xlnx-versal-trng-test.c | 19 +-
tests/tcg/aarch64/sysregs.c | 2 +-
hw/arm/Kconfig | 1 +
hw/arm/trace-events | 15 +
hw/net/meson.build | 2 +-
hw/net/trace-events | 19 +
hw/ssi/Kconfig | 4 +
hw/ssi/meson.build | 1 +
hw/xen/trace-events | 21 +-
qemu-options.hx | 16 +-
tests/qtest/meson.build | 1 +
50 files changed, 2388 insertions(+), 244 deletions(-)
create mode 100644 include/hw/net/npcm_gmac.h
create mode 100644 include/hw/ssi/bcm2835_spi.h
create mode 100644 hw/net/npcm_gmac.c
create mode 100644 hw/ssi/bcm2835_spi.c
create mode 100644 tests/qtest/npcm_gmac-test.c
^ permalink raw reply [flat|nested] 49+ messages in thread
* Re: [PULL 00/36] target-arm queue
2024-02-02 15:36 Peter Maydell
@ 2024-02-03 13:27 ` Peter Maydell
0 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2024-02-03 13:27 UTC (permalink / raw)
To: qemu-devel
On Fri, 2 Feb 2024 at 15:36, Peter Maydell <peter.maydell@linaro.org> wrote:
>
> The following changes since commit c3709fde5955d13f6d4f86ab46ef3cc2288ca65e:
>
> Merge tag 'pull-aspeed-20240201' of https://github.com/legoater/qemu into staging (2024-02-01 14:42:11 +0000)
>
> are available in the Git repository at:
>
> https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20240202
>
> for you to fetch changes up to f09c2b7ba9908714a3e2f1decd989462536cf731:
>
> hw/arm: Connect SPI Controller to BCM2835 (2024-02-02 13:51:59 +0000)
>
> ----------------------------------------------------------------
> target/arm: fix exception syndrome for AArch32 bkpt insn
> pci, vmbus, adb, s390x/css-bridge: Switch buses to 3-phase reset
> system/vl.c: Fix handling of '-serial none -serial something'
> target/arm: Add ID_AA64ZFR0_EL1.B16B16 to the exposed-to-userspace set
> tests/qtest/xlnx-versal-trng-test.c: Drop use of variable length array
> target/arm: Reinstate "vfp" property on AArch32 CPUs
> doc/sphinx/hxtool.py: add optional label argument to SRST directive
> hw/arm: Check for CPU types in machine_run_board_init() for various boards
> pci-host: designware: Limit value range of iATU viewport register
> hw/arm: Convert some DPRINTF macros to trace events and guest errors
> hw/arm: NPCM7XX SoC: Add GMAC ethernet controller devices
> hw/arm: Implement BCM2835 SPI Controller
>
Applied, thanks.
Please update the changelog at https://wiki.qemu.org/ChangeLog/9.0
for any user-visible changes.
-- PMM
^ permalink raw reply [flat|nested] 49+ messages in thread
* [PULL 00/36] target-arm queue
@ 2025-01-28 20:12 Peter Maydell
2025-01-29 19:17 ` Stefan Hajnoczi
0 siblings, 1 reply; 49+ messages in thread
From: Peter Maydell @ 2025-01-28 20:12 UTC (permalink / raw)
To: qemu-devel
Hi; here's another arm pullreq; by volume most of this is
refactoring from me, but there are also some bugfixes and
other bits and pieces here.
thanks
-- PMM
The following changes since commit ed734377ab3f3f3cc15d7aa301a87ab6370f2eed:
Merge tag 'linux-user-fix-gupnp-pull-request' of https://github.com/hdeller/qemu-hppa into staging (2025-01-24 14:43:07 -0500)
are available in the Git repository at:
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20250128-1
for you to fetch changes up to 664280abddcb3cacc9c6204706bb739fcc1316f7:
hw/usb/canokey: Fix buffer overflow for OUT packet (2025-01-28 18:40:19 +0000)
----------------------------------------------------------------
target-arm queue:
* hw/arm: Remove various uses of first_cpu global
* hw/char/imx_serial: Fix reset value of UFCR register
* hw/char/imx_serial: Update all state before restarting ageing timer
* hw/pci-host/designware: Expose MSI IRQ
* hw/arm/stellaris: refactoring, cleanup
* hw/arm/stellaris: map both I2C controllers
* tests/functional: Add a test for the arm microbit machine
* target/arm: arm_reset_sve_state() should set FPSR, not FPCR
* target/arm: refactorings preparatory to FEAT_AFP implementation
* fpu: Rename float_flag_input_denormal to float_flag_input_denormal_flushed
* fpu: Rename float_flag_output_denormal to float_flag_output_denormal_flushed
* hw/usb/canokey: Fix buffer overflow for OUT packet
----------------------------------------------------------------
Bernhard Beschow (3):
hw/char/imx_serial: Fix reset value of UFCR register
hw/char/imx_serial: Update all state before restarting ageing timer
hw/pci-host/designware: Expose MSI IRQ
Hongren Zheng (1):
hw/usb/canokey: Fix buffer overflow for OUT packet
Peter Maydell (22):
target/arm: arm_reset_sve_state() should set FPSR, not FPCR
target/arm: Use FPSR_ constants in vfp_exceptbits_from_host()
target/arm: Use uint32_t in vfp_exceptbits_from_host()
target/arm: Define new fp_status_a32 and fp_status_a64
target/arm: Use vfp.fp_status_a64 in A64-only helper functions
target/arm: Use fp_status_a64 or fp_status_a32 in is_ebf()
target/arm: Use fp_status_a32 in vjvct helper
target/arm: Use fp_status_a32 in vfp_cmp helpers
target/arm: Use FPST_A32 in A32 decoder
target/arm: Use FPST_A64 in A64 decoder
target/arm: Remove now-unused vfp.fp_status and FPST_FPCR
target/arm: Define new fp_status_f16_a32 and fp_status_f16_a64
target/arm: Use fp_status_f16_a32 in AArch32-only helpers
target/arm: Use fp_status_f16_a64 in AArch64-only helpers
target/arm: Use FPST_A32_F16 in A32 decoder
target/arm: Use FPST_A64_F16 in A64 decoder
target/arm: Remove now-unused vfp.fp_status_f16 and FPST_FPCR_F16
fpu: Rename float_flag_input_denormal to float_flag_input_denormal_flushed
fpu: Rename float_flag_output_denormal to float_flag_output_denormal_flushed
fpu: Fix a comment in softfloat-types.h
target/arm: Remove redundant advsimd float16 helpers
target/arm: Use FPST_A64_F16 for halfprec-to-other conversions
Philippe Mathieu-Daudé (9):
hw/arm/nrf51: Rename ARMv7MState 'cpu' -> 'armv7m'
hw/arm/stellaris: Add 'armv7m' local variable
hw/arm/v7m: Remove use of &first_cpu in machine_init()
hw/arm/stellaris: Link each board schematic
hw/arm/stellaris: Constify read-only arrays
hw/arm/stellaris: Remove incorrect unimplemented i2c-0 at 0x40002000
hw/arm/stellaris: Replace magic numbers by definitions
hw/arm/stellaris: Use DEVCAP macro to access DeviceCapability registers
hw/arm/stellaris: Map both I2C controllers
Thomas Huth (1):
tests/functional: Add a test for the arm microbit machine
MAINTAINERS | 1 +
hw/usb/canokey.h | 4 --
include/fpu/softfloat-types.h | 10 +--
include/hw/arm/fsl-imx6.h | 4 +-
include/hw/arm/fsl-imx7.h | 4 +-
include/hw/arm/nrf51_soc.h | 2 +-
include/hw/char/imx_serial.h | 2 +-
include/hw/pci-host/designware.h | 1 +
target/arm/cpu.h | 12 ++--
target/arm/tcg/helper-a64.h | 8 ---
target/arm/tcg/translate.h | 32 ++++++---
fpu/softfloat.c | 6 +-
hw/arm/b-l475e-iot01a.c | 2 +-
hw/arm/fsl-imx6.c | 13 +++-
hw/arm/fsl-imx7.c | 13 +++-
hw/arm/microbit.c | 2 +-
hw/arm/mps2-tz.c | 2 +-
hw/arm/mps2.c | 2 +-
hw/arm/msf2-som.c | 2 +-
hw/arm/musca.c | 2 +-
hw/arm/netduino2.c | 2 +-
hw/arm/netduinoplus2.c | 2 +-
hw/arm/nrf51_soc.c | 18 ++---
hw/arm/olimex-stm32-h405.c | 2 +-
hw/arm/stellaris.c | 118 +++++++++++++++++++-----------
hw/arm/stm32vldiscovery.c | 2 +-
hw/char/imx_serial.c | 7 +-
hw/pci-host/designware.c | 7 +-
hw/usb/canokey.c | 6 +-
target/arm/cpu.c | 6 +-
target/arm/helper.c | 2 +-
target/arm/tcg/helper-a64.c | 9 ---
target/arm/tcg/sme_helper.c | 6 +-
target/arm/tcg/sve_helper.c | 6 +-
target/arm/tcg/translate-a64.c | 103 ++++++++++++++-------------
target/arm/tcg/translate-sme.c | 4 +-
target/arm/tcg/translate-sve.c | 130 +++++++++++++++++-----------------
target/arm/tcg/translate-vfp.c | 78 ++++++++++----------
target/arm/tcg/vec_helper.c | 22 +++---
target/arm/vfp_helper.c | 73 +++++++++++--------
target/i386/tcg/fpu_helper.c | 8 +--
target/m68k/fpu_helper.c | 2 +-
target/mips/tcg/msa_helper.c | 4 +-
target/rx/op_helper.c | 4 +-
target/tricore/fpu_helper.c | 6 +-
fpu/softfloat-parts.c.inc | 4 +-
hw/arm/Kconfig | 2 +
tests/functional/meson.build | 1 +
tests/functional/test_arm_microbit.py | 31 ++++++++
49 files changed, 452 insertions(+), 337 deletions(-)
create mode 100755 tests/functional/test_arm_microbit.py
^ permalink raw reply [flat|nested] 49+ messages in thread
* Re: [PULL 00/36] target-arm queue
2025-01-28 20:12 Peter Maydell
@ 2025-01-29 19:17 ` Stefan Hajnoczi
0 siblings, 0 replies; 49+ messages in thread
From: Stefan Hajnoczi @ 2025-01-29 19:17 UTC (permalink / raw)
To: Peter Maydell; +Cc: qemu-devel
[-- Attachment #1: Type: text/plain, Size: 116 bytes --]
Applied, thanks.
Please update the changelog at https://wiki.qemu.org/ChangeLog/10.0 for any user-visible changes.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
^ permalink raw reply [flat|nested] 49+ messages in thread
* [PULL 00/36] target-arm queue
@ 2025-07-11 13:33 Peter Maydell
2025-07-11 13:33 ` [PULL 01/36] MAX78000: Add MAX78000FTHR Machine Peter Maydell
` (36 more replies)
0 siblings, 37 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:33 UTC (permalink / raw)
To: qemu-devel
Hi; this should be my last major pullreq before softfreeze: it has
the nested-virt support, a new Cortex-M4 based board model, and
the CXL-on-arm patchset.
thanks
-- PMM
The following changes since commit df6fe2abf2e990f767ce755d426bc439c7bba336:
Merge tag 'pull-target-arm-20250704' of https://gitlab.com/pm215/qemu into staging (2025-07-07 09:22:41 -0400)
are available in the Git repository at:
https://gitlab.com/pm215/qemu.git tags/pull-target-arm-20250711
for you to fetch changes up to 3a323a813fd42fc7c37ef09bc7a714d8e31691ce:
tests/functional: Add a test for the MAX78000 arm machine (2025-07-11 13:30:32 +0100)
----------------------------------------------------------------
target-arm queue:
* New board type max78000fthr
* Enable use of CXL on Arm 'virt' board
* Some more tidyup of ID register handling
* Refactor AT insns and PMU regs into separate source files
* Don't enforce NSE,NS check for EL3->EL3 returns
* hw/arm/fsl-imx8mp: Wire VIRQ and VFIQ
* Allow nested-virtualization with KVM on the 'virt' board
* system/qdev: Remove pointless NULL check in qdev_device_add_from_qdict
* hw/arm/virt-acpi-build: Don't create ITS id mappings by default
* target/arm: Remove unused helper_sme2_luti4_4b
----------------------------------------------------------------
Bernhard Beschow (1):
hw/arm/fsl-imx8mp: Wire VIRQ and VFIQ
Cornelia Huck (5):
arm/cpu: store id_afr0 into the idregs array
arm/cpu: store id_aa64afr{0,1} into the idregs array
arm/cpu: fix trailing ',' for SET_IDREG
arm/cpu: store clidr into the idregs array
arm/kvm: shorten one overly long line
Eric Auger (1):
hw/arm/arm_gicv3_kvm: Add a migration blocker with kvm nested virt
Haibo Xu (3):
hw/arm: Allow setting KVM vGIC maintenance IRQ
target/arm/kvm: Add helper to detect EL2 when using KVM
target/arm: Enable feature ARM_FEATURE_EL2 if EL2 is supported
Jackson Donaldson (13):
MAX78000: Add MAX78000FTHR Machine
MAX78000: ICC Implementation
MAX78000: Add ICC to SOC
MAX78000: UART Implementation
MAX78000: Add UART to SOC
MAX78000: GCR Implementation
MAX78000: Add GCR to SOC
MAX78000: TRNG Implementation
MAX78000: Add TRNG to SOC
MAX78000: AES implementation
MAX78000: Add AES to SOC
docs/system: arm: Add max78000 board description
tests/functional: Add a test for the MAX78000 arm machine
Jonathan Cameron (5):
hw/cxl-host: Add an index field to CXLFixedMemoryWindow
hw/cxl: Make the CXL fixed memory windows devices.
hw/arm/virt: Basic CXL enablement on pci_expander_bridge instances pxb-cxl
docs/cxl: Add an arm/virt example.
qtest/cxl: Add aarch64 virt test for CXL
Peter Maydell (2):
target/arm: Don't enforce NSE,NS check for EL3->EL3 returns
hw/arm/virt: Allow virt extensions with KVM
Philippe Mathieu-Daudé (1):
system/qdev: Remove pointless NULL check in qdev_device_add_from_qdict
Richard Henderson (4):
target/arm: Drop stub for define_tlb_insn_regs
target/arm: Split out AT insns to tcg/cpregs-at.c
target/arm: Split out performance monitor regs to cpregs-pmu.c
target/arm: Remove helper_sme2_luti4_4b
Shameer Kolothum (1):
hw/arm/virt-acpi-build: Don't create ITS id mappings by default
docs/system/arm/max78000.rst | 37 +
docs/system/arm/virt.rst | 9 +
docs/system/devices/cxl.rst | 11 +
docs/system/target-arm.rst | 1 +
include/hw/arm/max78000_soc.h | 50 +
include/hw/arm/virt.h | 4 +
include/hw/char/max78000_uart.h | 78 ++
include/hw/cxl/cxl.h | 5 +-
include/hw/cxl/cxl_host.h | 5 +-
include/hw/intc/arm_gicv3_common.h | 1 +
include/hw/misc/max78000_aes.h | 68 ++
include/hw/misc/max78000_gcr.h | 131 +++
include/hw/misc/max78000_icc.h | 33 +
include/hw/misc/max78000_trng.h | 35 +
target/arm/cpregs.h | 3 +
target/arm/cpu.h | 6 +-
target/arm/internals.h | 5 +
target/arm/kvm_arm.h | 7 +
target/arm/tcg/helper.h | 1 -
target/arm/cpu-sysregs.h.inc | 4 +
hw/acpi/cxl.c | 76 +-
hw/arm/fsl-imx8mp.c | 4 +
hw/arm/max78000_soc.c | 232 ++++
hw/arm/max78000fthr.c | 50 +
hw/arm/virt-acpi-build.c | 40 +-
hw/arm/virt.c | 52 +-
hw/char/max78000_uart.c | 285 +++++
hw/cxl/cxl-host-stubs.c | 7 +-
hw/cxl/cxl-host.c | 174 ++-
hw/i386/pc.c | 50 +-
hw/intc/arm_gicv3_common.c | 1 +
hw/intc/arm_gicv3_kvm.c | 29 +
hw/intc/armv7m_nvic.c | 4 +-
hw/misc/max78000_aes.c | 223 ++++
hw/misc/max78000_gcr.c | 351 ++++++
hw/misc/max78000_icc.c | 120 ++
hw/misc/max78000_trng.c | 139 +++
system/qdev-monitor.c | 9 +-
target/arm/cpregs-pmu.c | 1309 +++++++++++++++++++++
target/arm/cpu64.c | 8 +-
target/arm/helper.c | 1813 +----------------------------
target/arm/kvm-stub.c | 5 +
target/arm/kvm.c | 24 +-
target/arm/tcg-stubs.c | 5 -
target/arm/tcg/cpregs-at.c | 519 +++++++++
target/arm/tcg/cpu-v7m.c | 16 +-
target/arm/tcg/cpu32.c | 34 +-
target/arm/tcg/cpu64.c | 68 +-
target/arm/tcg/helper-a64.c | 20 +-
target/arm/tcg/vec_helper.c | 1 -
tests/qtest/cxl-test.c | 58 +-
hw/arm/Kconfig | 15 +
hw/arm/meson.build | 2 +
hw/char/Kconfig | 3 +
hw/char/meson.build | 1 +
hw/misc/Kconfig | 12 +
hw/misc/meson.build | 4 +
target/arm/meson.build | 2 +
target/arm/tcg/meson.build | 1 +
tests/functional/meson.build | 1 +
tests/functional/test_arm_max78000fthr.py | 48 +
tests/qtest/meson.build | 1 +
62 files changed, 4300 insertions(+), 2010 deletions(-)
create mode 100644 docs/system/arm/max78000.rst
create mode 100644 include/hw/arm/max78000_soc.h
create mode 100644 include/hw/char/max78000_uart.h
create mode 100644 include/hw/misc/max78000_aes.h
create mode 100644 include/hw/misc/max78000_gcr.h
create mode 100644 include/hw/misc/max78000_icc.h
create mode 100644 include/hw/misc/max78000_trng.h
create mode 100644 hw/arm/max78000_soc.c
create mode 100644 hw/arm/max78000fthr.c
create mode 100644 hw/char/max78000_uart.c
create mode 100644 hw/misc/max78000_aes.c
create mode 100644 hw/misc/max78000_gcr.c
create mode 100644 hw/misc/max78000_icc.c
create mode 100644 hw/misc/max78000_trng.c
create mode 100644 target/arm/cpregs-pmu.c
create mode 100644 target/arm/tcg/cpregs-at.c
create mode 100755 tests/functional/test_arm_max78000fthr.py
^ permalink raw reply [flat|nested] 49+ messages in thread
* [PULL 01/36] MAX78000: Add MAX78000FTHR Machine
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
@ 2025-07-11 13:33 ` Peter Maydell
2025-07-11 13:33 ` [PULL 02/36] MAX78000: ICC Implementation Peter Maydell
` (35 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:33 UTC (permalink / raw)
To: qemu-devel
From: Jackson Donaldson <jackson88044@gmail.com>
This patch adds support for the MAX78000FTHR machine.
The MAX78000FTHR contains a MAX78000 and a RISC-V core. This patch
implements only the MAX78000, which is Cortex-M4 based.
Details can be found at:
https://www.analog.com/media/en/technical-documentation/user-guides/max78000-user-guide.pdf
Signed-off-by: Jackson Donaldson <jcksn@duck.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20250704223239.248781-2-jcksn@duck.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
include/hw/arm/max78000_soc.h | 35 +++++++
hw/arm/max78000_soc.c | 172 ++++++++++++++++++++++++++++++++++
hw/arm/max78000fthr.c | 50 ++++++++++
hw/arm/Kconfig | 10 ++
hw/arm/meson.build | 2 +
5 files changed, 269 insertions(+)
create mode 100644 include/hw/arm/max78000_soc.h
create mode 100644 hw/arm/max78000_soc.c
create mode 100644 hw/arm/max78000fthr.c
diff --git a/include/hw/arm/max78000_soc.h b/include/hw/arm/max78000_soc.h
new file mode 100644
index 00000000000..97bf4099c99
--- /dev/null
+++ b/include/hw/arm/max78000_soc.h
@@ -0,0 +1,35 @@
+/*
+ * MAX78000 SOC
+ *
+ * Copyright (c) 2025 Jackson Donaldson <jcksn@duck.com>
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#ifndef HW_ARM_MAX78000_SOC_H
+#define HW_ARM_MAX78000_SOC_H
+
+#include "hw/or-irq.h"
+#include "hw/arm/armv7m.h"
+#include "qom/object.h"
+
+#define TYPE_MAX78000_SOC "max78000-soc"
+OBJECT_DECLARE_SIMPLE_TYPE(MAX78000State, MAX78000_SOC)
+
+#define FLASH_BASE_ADDRESS 0x10000000
+#define FLASH_SIZE (512 * 1024)
+#define SRAM_BASE_ADDRESS 0x20000000
+#define SRAM_SIZE (128 * 1024)
+
+struct MAX78000State {
+ SysBusDevice parent_obj;
+
+ ARMv7MState armv7m;
+
+ MemoryRegion sram;
+ MemoryRegion flash;
+
+ Clock *sysclk;
+};
+
+#endif
diff --git a/hw/arm/max78000_soc.c b/hw/arm/max78000_soc.c
new file mode 100644
index 00000000000..9676ada6a27
--- /dev/null
+++ b/hw/arm/max78000_soc.c
@@ -0,0 +1,172 @@
+/*
+ * MAX78000 SOC
+ *
+ * Copyright (c) 2025 Jackson Donaldson <jcksn@duck.com>
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ *
+ * Implementation based on stm32f205 and Max78000 user guide at
+ * https://www.analog.com/media/en/technical-documentation/user-guides/max78000-user-guide.pdf
+ */
+
+#include "qemu/osdep.h"
+#include "qapi/error.h"
+#include "system/address-spaces.h"
+#include "system/system.h"
+#include "hw/arm/max78000_soc.h"
+#include "hw/qdev-clock.h"
+#include "hw/misc/unimp.h"
+
+static void max78000_soc_initfn(Object *obj)
+{
+ MAX78000State *s = MAX78000_SOC(obj);
+
+ object_initialize_child(obj, "armv7m", &s->armv7m, TYPE_ARMV7M);
+
+ s->sysclk = qdev_init_clock_in(DEVICE(s), "sysclk", NULL, NULL, 0);
+}
+
+static void max78000_soc_realize(DeviceState *dev_soc, Error **errp)
+{
+ MAX78000State *s = MAX78000_SOC(dev_soc);
+ MemoryRegion *system_memory = get_system_memory();
+ DeviceState *armv7m;
+ Error *err = NULL;
+
+ if (!clock_has_source(s->sysclk)) {
+ error_setg(errp, "sysclk clock must be wired up by the board code");
+ return;
+ }
+
+ memory_region_init_rom(&s->flash, OBJECT(dev_soc), "MAX78000.flash",
+ FLASH_SIZE, &err);
+ if (err != NULL) {
+ error_propagate(errp, err);
+ return;
+ }
+
+ memory_region_add_subregion(system_memory, FLASH_BASE_ADDRESS, &s->flash);
+
+ memory_region_init_ram(&s->sram, NULL, "MAX78000.sram", SRAM_SIZE,
+ &err);
+ if (err != NULL) {
+ error_propagate(errp, err);
+ return;
+ }
+ memory_region_add_subregion(system_memory, SRAM_BASE_ADDRESS, &s->sram);
+
+ armv7m = DEVICE(&s->armv7m);
+
+ /*
+ * The MAX78000 user guide's Interrupt Vector Table section
+ * suggests that there are 120 IRQs in the text, while only listing
+ * 104 in table 5-1. Implement the more generous of the two.
+ * This has not been tested in hardware.
+ */
+ qdev_prop_set_uint32(armv7m, "num-irq", 120);
+ qdev_prop_set_uint8(armv7m, "num-prio-bits", 3);
+ qdev_prop_set_string(armv7m, "cpu-type", ARM_CPU_TYPE_NAME("cortex-m4"));
+ qdev_prop_set_bit(armv7m, "enable-bitband", true);
+ qdev_connect_clock_in(armv7m, "cpuclk", s->sysclk);
+ object_property_set_link(OBJECT(&s->armv7m), "memory",
+ OBJECT(system_memory), &error_abort);
+ if (!sysbus_realize(SYS_BUS_DEVICE(&s->armv7m), errp)) {
+ return;
+ }
+
+ create_unimplemented_device("globalControl", 0x40000000, 0x400);
+ create_unimplemented_device("systemInterface", 0x40000400, 0x400);
+ create_unimplemented_device("functionControl", 0x40000800, 0x400);
+ create_unimplemented_device("watchdogTimer0", 0x40003000, 0x400);
+ create_unimplemented_device("dynamicVoltScale", 0x40003c00, 0x40);
+ create_unimplemented_device("SIMO", 0x40004400, 0x400);
+ create_unimplemented_device("trimSystemInit", 0x40005400, 0x400);
+ create_unimplemented_device("generalCtrlFunc", 0x40005800, 0x400);
+ create_unimplemented_device("wakeupTimer", 0x40006400, 0x400);
+ create_unimplemented_device("powerSequencer", 0x40006800, 0x400);
+ create_unimplemented_device("miscControl", 0x40006c00, 0x400);
+
+ create_unimplemented_device("aes", 0x40007400, 0x400);
+ create_unimplemented_device("aesKey", 0x40007800, 0x400);
+
+ create_unimplemented_device("gpio0", 0x40008000, 0x1000);
+ create_unimplemented_device("gpio1", 0x40009000, 0x1000);
+
+ create_unimplemented_device("parallelCamInterface", 0x4000e000, 0x1000);
+ create_unimplemented_device("CRC", 0x4000f000, 0x1000);
+
+ create_unimplemented_device("timer0", 0x40010000, 0x1000);
+ create_unimplemented_device("timer1", 0x40011000, 0x1000);
+ create_unimplemented_device("timer2", 0x40012000, 0x1000);
+ create_unimplemented_device("timer3", 0x40013000, 0x1000);
+
+ create_unimplemented_device("i2c0", 0x4001d000, 0x1000);
+ create_unimplemented_device("i2c1", 0x4001e000, 0x1000);
+ create_unimplemented_device("i2c2", 0x4001f000, 0x1000);
+
+ create_unimplemented_device("standardDMA", 0x40028000, 0x1000);
+ create_unimplemented_device("flashController0", 0x40029000, 0x400);
+
+ create_unimplemented_device("icc0", 0x4002a000, 0x800);
+ create_unimplemented_device("icc1", 0x4002a800, 0x800);
+
+ create_unimplemented_device("adc", 0x40034000, 0x1000);
+ create_unimplemented_device("pulseTrainEngine", 0x4003c000, 0xa0);
+ create_unimplemented_device("oneWireMaster", 0x4003d000, 0x1000);
+ create_unimplemented_device("semaphore", 0x4003e000, 0x1000);
+
+ create_unimplemented_device("uart0", 0x40042000, 0x1000);
+ create_unimplemented_device("uart1", 0x40043000, 0x1000);
+ create_unimplemented_device("uart2", 0x40044000, 0x1000);
+
+ create_unimplemented_device("spi1", 0x40046000, 0x2000);
+ create_unimplemented_device("trng", 0x4004d000, 0x1000);
+ create_unimplemented_device("i2s", 0x40060000, 0x1000);
+ create_unimplemented_device("lowPowerControl", 0x40080000, 0x400);
+ create_unimplemented_device("gpio2", 0x40080400, 0x200);
+ create_unimplemented_device("lowPowerWatchdogTimer", 0x40080800, 0x400);
+ create_unimplemented_device("lowPowerTimer4", 0x40080c00, 0x400);
+
+ create_unimplemented_device("lowPowerTimer5", 0x40081000, 0x400);
+ create_unimplemented_device("lowPowerUART0", 0x40081400, 0x400);
+ create_unimplemented_device("lowPowerComparator", 0x40088000, 0x400);
+
+ create_unimplemented_device("spi0", 0x400be000, 0x400);
+
+ /*
+ * The MAX78000 user guide's base address map lists the CNN TX FIFO as
+ * beginning at 0x400c0400 and ending at 0x400c0400. Given that CNN_FIFO
+ * is listed as having data accessible up to offset 0x1000, the user
+ * guide is likely incorrect.
+ */
+ create_unimplemented_device("cnnTxFIFO", 0x400c0400, 0x2000);
+
+ create_unimplemented_device("cnnGlobalControl", 0x50000000, 0x10000);
+ create_unimplemented_device("cnnx16quad0", 0x50100000, 0x40000);
+ create_unimplemented_device("cnnx16quad1", 0x50500000, 0x40000);
+ create_unimplemented_device("cnnx16quad2", 0x50900000, 0x40000);
+ create_unimplemented_device("cnnx16quad3", 0x50d00000, 0x40000);
+
+}
+
+static void max78000_soc_class_init(ObjectClass *klass, const void *data)
+{
+ DeviceClass *dc = DEVICE_CLASS(klass);
+
+ dc->realize = max78000_soc_realize;
+}
+
+static const TypeInfo max78000_soc_info = {
+ .name = TYPE_MAX78000_SOC,
+ .parent = TYPE_SYS_BUS_DEVICE,
+ .instance_size = sizeof(MAX78000State),
+ .instance_init = max78000_soc_initfn,
+ .class_init = max78000_soc_class_init,
+};
+
+static void max78000_soc_types(void)
+{
+ type_register_static(&max78000_soc_info);
+}
+
+type_init(max78000_soc_types)
diff --git a/hw/arm/max78000fthr.c b/hw/arm/max78000fthr.c
new file mode 100644
index 00000000000..c4f6b5b1b04
--- /dev/null
+++ b/hw/arm/max78000fthr.c
@@ -0,0 +1,50 @@
+/*
+ * MAX78000FTHR Evaluation Board
+ *
+ * Copyright (c) 2025 Jackson Donaldson <jcksn@duck.com>
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#include "qemu/osdep.h"
+#include "qapi/error.h"
+#include "hw/boards.h"
+#include "hw/qdev-properties.h"
+#include "hw/qdev-clock.h"
+#include "qemu/error-report.h"
+#include "hw/arm/max78000_soc.h"
+#include "hw/arm/boot.h"
+
+/* 60MHz is the default, but other clocks can be selected. */
+#define SYSCLK_FRQ 60000000ULL
+static void max78000_init(MachineState *machine)
+{
+ DeviceState *dev;
+ Clock *sysclk;
+
+ sysclk = clock_new(OBJECT(machine), "SYSCLK");
+ clock_set_hz(sysclk, SYSCLK_FRQ);
+
+ dev = qdev_new(TYPE_MAX78000_SOC);
+ object_property_add_child(OBJECT(machine), "soc", OBJECT(dev));
+ qdev_connect_clock_in(dev, "sysclk", sysclk);
+ sysbus_realize_and_unref(SYS_BUS_DEVICE(dev), &error_fatal);
+
+ armv7m_load_kernel(ARM_CPU(first_cpu),
+ machine->kernel_filename,
+ 0x00000000, FLASH_SIZE);
+}
+
+static void max78000_machine_init(MachineClass *mc)
+{
+ static const char * const valid_cpu_types[] = {
+ ARM_CPU_TYPE_NAME("cortex-m4"),
+ NULL
+ };
+
+ mc->desc = "MAX78000FTHR Board (Cortex-M4 / (Unimplemented) RISC-V)";
+ mc->init = max78000_init;
+ mc->valid_cpu_types = valid_cpu_types;
+}
+
+DEFINE_MACHINE("max78000fthr", max78000_machine_init)
diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
index 6ea86534d52..44815af41f5 100644
--- a/hw/arm/Kconfig
+++ b/hw/arm/Kconfig
@@ -95,6 +95,12 @@ config INTEGRATOR
select PL181 # display
select SMC91C111
+config MAX78000FTHR
+ bool
+ default y
+ depends on TCG && ARM
+ select MAX78000_SOC
+
config MPS3R
bool
default y
@@ -357,6 +363,10 @@ config ALLWINNER_R40
select USB_EHCI_SYSBUS
select SD
+config MAX78000_SOC
+ bool
+ select ARM_V7M
+
config RASPI
bool
default y
diff --git a/hw/arm/meson.build b/hw/arm/meson.build
index d90be8f4c94..dc68391305f 100644
--- a/hw/arm/meson.build
+++ b/hw/arm/meson.build
@@ -27,6 +27,7 @@ arm_common_ss.add(when: 'CONFIG_OMAP', if_true: files('omap1.c'))
arm_common_ss.add(when: 'CONFIG_ALLWINNER_A10', if_true: files('allwinner-a10.c', 'cubieboard.c'))
arm_common_ss.add(when: 'CONFIG_ALLWINNER_H3', if_true: files('allwinner-h3.c', 'orangepi.c'))
arm_common_ss.add(when: 'CONFIG_ALLWINNER_R40', if_true: files('allwinner-r40.c', 'bananapi_m2u.c'))
+arm_common_ss.add(when: 'CONFIG_MAX78000_SOC', if_true: files('max78000_soc.c'))
arm_ss.add(when: 'CONFIG_RASPI', if_true: files('bcm2836.c', 'raspi.c'))
arm_common_ss.add(when: ['CONFIG_RASPI', 'TARGET_AARCH64'], if_true: files('bcm2838.c', 'raspi4b.c'))
arm_common_ss.add(when: 'CONFIG_STM32F100_SOC', if_true: files('stm32f100_soc.c'))
@@ -71,6 +72,7 @@ arm_ss.add(when: 'CONFIG_XEN', if_true: files(
arm_common_ss.add(when: 'CONFIG_ARM_SMMUV3', if_true: files('smmu-common.c'))
arm_common_ss.add(when: 'CONFIG_COLLIE', if_true: files('collie.c'))
arm_common_ss.add(when: 'CONFIG_EXYNOS4', if_true: files('exynos4_boards.c'))
+arm_common_ss.add(when: 'CONFIG_MAX78000FTHR', if_true: files('max78000fthr.c'))
arm_common_ss.add(when: 'CONFIG_NETDUINO2', if_true: files('netduino2.c'))
arm_common_ss.add(when: 'CONFIG_RASPI', if_true: files('bcm2835_peripherals.c'))
arm_common_ss.add(when: 'CONFIG_RASPI', if_true: files('bcm2838_peripherals.c'))
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 02/36] MAX78000: ICC Implementation
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
2025-07-11 13:33 ` [PULL 01/36] MAX78000: Add MAX78000FTHR Machine Peter Maydell
@ 2025-07-11 13:33 ` Peter Maydell
2025-07-11 13:33 ` [PULL 03/36] MAX78000: Add ICC to SOC Peter Maydell
` (34 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:33 UTC (permalink / raw)
To: qemu-devel
From: Jackson Donaldson <jackson88044@gmail.com>
This commit implements the Instruction Cache Controller
for the MAX78000
Signed-off-by: Jackson Donaldson <jcksn@duck.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20250704223239.248781-3-jcksn@duck.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
include/hw/misc/max78000_icc.h | 33 +++++++++
hw/misc/max78000_icc.c | 120 +++++++++++++++++++++++++++++++++
hw/arm/Kconfig | 1 +
hw/misc/Kconfig | 3 +
hw/misc/meson.build | 1 +
5 files changed, 158 insertions(+)
create mode 100644 include/hw/misc/max78000_icc.h
create mode 100644 hw/misc/max78000_icc.c
diff --git a/include/hw/misc/max78000_icc.h b/include/hw/misc/max78000_icc.h
new file mode 100644
index 00000000000..6fe2bb7a156
--- /dev/null
+++ b/include/hw/misc/max78000_icc.h
@@ -0,0 +1,33 @@
+/*
+ * MAX78000 Instruction Cache
+ *
+ * Copyright (c) 2025 Jackson Donaldson <jcksn@duck.com>
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#ifndef HW_MAX78000_ICC_H
+#define HW_MAX78000_ICC_H
+
+#include "hw/sysbus.h"
+#include "qom/object.h"
+
+#define TYPE_MAX78000_ICC "max78000-icc"
+OBJECT_DECLARE_SIMPLE_TYPE(Max78000IccState, MAX78000_ICC)
+
+#define ICC_INFO 0x0
+#define ICC_SZ 0x4
+#define ICC_CTRL 0x100
+#define ICC_INVALIDATE 0x700
+
+struct Max78000IccState {
+ SysBusDevice parent_obj;
+
+ MemoryRegion mmio;
+
+ uint32_t info;
+ uint32_t sz;
+ uint32_t ctrl;
+};
+
+#endif
diff --git a/hw/misc/max78000_icc.c b/hw/misc/max78000_icc.c
new file mode 100644
index 00000000000..6f7d2b20bf5
--- /dev/null
+++ b/hw/misc/max78000_icc.c
@@ -0,0 +1,120 @@
+/*
+ * MAX78000 Instruction Cache
+ *
+ * Copyright (c) 2025 Jackson Donaldson <jcksn@duck.com>
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/log.h"
+#include "trace.h"
+#include "hw/irq.h"
+#include "migration/vmstate.h"
+#include "hw/misc/max78000_icc.h"
+
+
+static uint64_t max78000_icc_read(void *opaque, hwaddr addr,
+ unsigned int size)
+{
+ Max78000IccState *s = opaque;
+ switch (addr) {
+ case ICC_INFO:
+ return s->info;
+
+ case ICC_SZ:
+ return s->sz;
+
+ case ICC_CTRL:
+ return s->ctrl;
+
+ default:
+ qemu_log_mask(LOG_GUEST_ERROR,
+ "%s: Bad offset 0x%" HWADDR_PRIx "\n",
+ __func__, addr);
+ return 0;
+
+ }
+}
+
+static void max78000_icc_write(void *opaque, hwaddr addr,
+ uint64_t val64, unsigned int size)
+{
+ Max78000IccState *s = opaque;
+
+ switch (addr) {
+ case ICC_CTRL:
+ s->ctrl = 0x10000 | (val64 & 1);
+ break;
+
+ case ICC_INVALIDATE:
+ break;
+
+ default:
+ qemu_log_mask(LOG_GUEST_ERROR,
+ "%s: Bad offset 0x%" HWADDR_PRIx "\n",
+ __func__, addr);
+ break;
+ }
+}
+
+static const MemoryRegionOps max78000_icc_ops = {
+ .read = max78000_icc_read,
+ .write = max78000_icc_write,
+ .endianness = DEVICE_LITTLE_ENDIAN,
+ .valid.min_access_size = 4,
+ .valid.max_access_size = 4,
+};
+
+static const VMStateDescription max78000_icc_vmstate = {
+ .name = TYPE_MAX78000_ICC,
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .fields = (const VMStateField[]) {
+ VMSTATE_UINT32(info, Max78000IccState),
+ VMSTATE_UINT32(sz, Max78000IccState),
+ VMSTATE_UINT32(ctrl, Max78000IccState),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+static void max78000_icc_reset_hold(Object *obj, ResetType type)
+{
+ Max78000IccState *s = MAX78000_ICC(obj);
+ s->info = 0;
+ s->sz = 0x10000010;
+ s->ctrl = 0x10000;
+}
+
+static void max78000_icc_init(Object *obj)
+{
+ Max78000IccState *s = MAX78000_ICC(obj);
+
+ memory_region_init_io(&s->mmio, obj, &max78000_icc_ops, s,
+ TYPE_MAX78000_ICC, 0x800);
+ sysbus_init_mmio(SYS_BUS_DEVICE(obj), &s->mmio);
+}
+
+static void max78000_icc_class_init(ObjectClass *klass, const void *data)
+{
+ DeviceClass *dc = DEVICE_CLASS(klass);
+ ResettableClass *rc = RESETTABLE_CLASS(klass);
+
+ rc->phases.hold = max78000_icc_reset_hold;
+ dc->vmsd = &max78000_icc_vmstate;
+}
+
+static const TypeInfo max78000_icc_info = {
+ .name = TYPE_MAX78000_ICC,
+ .parent = TYPE_SYS_BUS_DEVICE,
+ .instance_size = sizeof(Max78000IccState),
+ .instance_init = max78000_icc_init,
+ .class_init = max78000_icc_class_init,
+};
+
+static void max78000_icc_register_types(void)
+{
+ type_register_static(&max78000_icc_info);
+}
+
+type_init(max78000_icc_register_types)
diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
index 44815af41f5..035568a085e 100644
--- a/hw/arm/Kconfig
+++ b/hw/arm/Kconfig
@@ -366,6 +366,7 @@ config ALLWINNER_R40
config MAX78000_SOC
bool
select ARM_V7M
+ select MAX78000_ICC
config RASPI
bool
diff --git a/hw/misc/Kconfig b/hw/misc/Kconfig
index ec0fa5aa9f8..781bcf74ccc 100644
--- a/hw/misc/Kconfig
+++ b/hw/misc/Kconfig
@@ -47,6 +47,9 @@ config A9SCU
config ARM11SCU
bool
+config MAX78000_ICC
+ bool
+
config MOS6522
bool
diff --git a/hw/misc/meson.build b/hw/misc/meson.build
index 6d47de482c5..a21a994ff83 100644
--- a/hw/misc/meson.build
+++ b/hw/misc/meson.build
@@ -70,6 +70,7 @@ system_ss.add(when: 'CONFIG_IMX', if_true: files(
'imx_ccm.c',
'imx_rngc.c',
))
+system_ss.add(when: 'CONFIG_MAX78000_ICC', if_true: files('max78000_icc.c'))
system_ss.add(when: 'CONFIG_NPCM7XX', if_true: files(
'npcm_clk.c',
'npcm_gcr.c',
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 03/36] MAX78000: Add ICC to SOC
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
2025-07-11 13:33 ` [PULL 01/36] MAX78000: Add MAX78000FTHR Machine Peter Maydell
2025-07-11 13:33 ` [PULL 02/36] MAX78000: ICC Implementation Peter Maydell
@ 2025-07-11 13:33 ` Peter Maydell
2025-07-11 13:33 ` [PULL 04/36] MAX78000: UART Implementation Peter Maydell
` (33 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:33 UTC (permalink / raw)
To: qemu-devel
From: Jackson Donaldson <jackson88044@gmail.com>
This commit adds the instruction cache controller
to max78000_soc
Signed-off-by: Jackson Donaldson <jcksn@duck.com>
Reviewed-by: Peter Maydell <petermaydell@linaro.org>
Message-id: 20250704223239.248781-4-jcksn@duck.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
include/hw/arm/max78000_soc.h | 6 ++++++
hw/arm/max78000_soc.c | 20 ++++++++++++++++----
2 files changed, 22 insertions(+), 4 deletions(-)
diff --git a/include/hw/arm/max78000_soc.h b/include/hw/arm/max78000_soc.h
index 97bf4099c99..27b506d6eeb 100644
--- a/include/hw/arm/max78000_soc.h
+++ b/include/hw/arm/max78000_soc.h
@@ -11,6 +11,7 @@
#include "hw/or-irq.h"
#include "hw/arm/armv7m.h"
+#include "hw/misc/max78000_icc.h"
#include "qom/object.h"
#define TYPE_MAX78000_SOC "max78000-soc"
@@ -21,6 +22,9 @@ OBJECT_DECLARE_SIMPLE_TYPE(MAX78000State, MAX78000_SOC)
#define SRAM_BASE_ADDRESS 0x20000000
#define SRAM_SIZE (128 * 1024)
+/* The MAX78k has 2 instruction caches; only icc0 matters, icc1 is for RISC */
+#define MAX78000_NUM_ICC 2
+
struct MAX78000State {
SysBusDevice parent_obj;
@@ -29,6 +33,8 @@ struct MAX78000State {
MemoryRegion sram;
MemoryRegion flash;
+ Max78000IccState icc[MAX78000_NUM_ICC];
+
Clock *sysclk;
};
diff --git a/hw/arm/max78000_soc.c b/hw/arm/max78000_soc.c
index 9676ada6a27..0c83b08eca0 100644
--- a/hw/arm/max78000_soc.c
+++ b/hw/arm/max78000_soc.c
@@ -17,12 +17,20 @@
#include "hw/qdev-clock.h"
#include "hw/misc/unimp.h"
+static const uint32_t max78000_icc_addr[] = {0x4002a000, 0x4002a800};
+
static void max78000_soc_initfn(Object *obj)
{
MAX78000State *s = MAX78000_SOC(obj);
+ int i;
object_initialize_child(obj, "armv7m", &s->armv7m, TYPE_ARMV7M);
+ for (i = 0; i < MAX78000_NUM_ICC; i++) {
+ g_autofree char *name = g_strdup_printf("icc%d", i);
+ object_initialize_child(obj, name, &s->icc[i], TYPE_MAX78000_ICC);
+ }
+
s->sysclk = qdev_init_clock_in(DEVICE(s), "sysclk", NULL, NULL, 0);
}
@@ -30,8 +38,9 @@ static void max78000_soc_realize(DeviceState *dev_soc, Error **errp)
{
MAX78000State *s = MAX78000_SOC(dev_soc);
MemoryRegion *system_memory = get_system_memory();
- DeviceState *armv7m;
+ DeviceState *dev, *armv7m;
Error *err = NULL;
+ int i;
if (!clock_has_source(s->sysclk)) {
error_setg(errp, "sysclk clock must be wired up by the board code");
@@ -74,6 +83,12 @@ static void max78000_soc_realize(DeviceState *dev_soc, Error **errp)
return;
}
+ for (i = 0; i < MAX78000_NUM_ICC; i++) {
+ dev = DEVICE(&(s->icc[i]));
+ sysbus_realize(SYS_BUS_DEVICE(dev), errp);
+ sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, max78000_icc_addr[i]);
+ }
+
create_unimplemented_device("globalControl", 0x40000000, 0x400);
create_unimplemented_device("systemInterface", 0x40000400, 0x400);
create_unimplemented_device("functionControl", 0x40000800, 0x400);
@@ -107,9 +122,6 @@ static void max78000_soc_realize(DeviceState *dev_soc, Error **errp)
create_unimplemented_device("standardDMA", 0x40028000, 0x1000);
create_unimplemented_device("flashController0", 0x40029000, 0x400);
- create_unimplemented_device("icc0", 0x4002a000, 0x800);
- create_unimplemented_device("icc1", 0x4002a800, 0x800);
-
create_unimplemented_device("adc", 0x40034000, 0x1000);
create_unimplemented_device("pulseTrainEngine", 0x4003c000, 0xa0);
create_unimplemented_device("oneWireMaster", 0x4003d000, 0x1000);
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 04/36] MAX78000: UART Implementation
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (2 preceding siblings ...)
2025-07-11 13:33 ` [PULL 03/36] MAX78000: Add ICC to SOC Peter Maydell
@ 2025-07-11 13:33 ` Peter Maydell
2025-07-11 13:33 ` [PULL 05/36] MAX78000: Add UART to SOC Peter Maydell
` (32 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:33 UTC (permalink / raw)
To: qemu-devel
From: Jackson Donaldson <jackson88044@gmail.com>
This commit implements UART support for the MAX78000
Signed-off-by: Jackson Donaldson <jcksn@duck.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20250704223239.248781-5-jcksn@duck.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
include/hw/char/max78000_uart.h | 78 +++++++++
hw/char/max78000_uart.c | 285 ++++++++++++++++++++++++++++++++
hw/arm/Kconfig | 1 +
hw/char/Kconfig | 3 +
hw/char/meson.build | 1 +
5 files changed, 368 insertions(+)
create mode 100644 include/hw/char/max78000_uart.h
create mode 100644 hw/char/max78000_uart.c
diff --git a/include/hw/char/max78000_uart.h b/include/hw/char/max78000_uart.h
new file mode 100644
index 00000000000..cf90d51dbfa
--- /dev/null
+++ b/include/hw/char/max78000_uart.h
@@ -0,0 +1,78 @@
+/*
+ * MAX78000 UART
+ *
+ * Copyright (c) 2025 Jackson Donaldson <jcksn@duck.com>
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#ifndef HW_MAX78000_UART_H
+#define HW_MAX78000_UART_H
+
+#include "hw/sysbus.h"
+#include "chardev/char-fe.h"
+#include "qemu/fifo8.h"
+#include "qom/object.h"
+
+#define UART_CTRL 0x0
+#define UART_STATUS 0x4
+#define UART_INT_EN 0x8
+#define UART_INT_FL 0xc
+#define UART_CLKDIV 0x10
+#define UART_OSR 0x14
+#define UART_TXPEEK 0x18
+#define UART_PNR 0x1c
+#define UART_FIFO 0x20
+#define UART_DMA 0x30
+#define UART_WKEN 0x34
+#define UART_WKFL 0x38
+
+/* CTRL */
+#define UART_CTF_DIS (1 << 7)
+#define UART_FLUSH_TX (1 << 8)
+#define UART_FLUSH_RX (1 << 9)
+#define UART_BCLKEN (1 << 15)
+#define UART_BCLKRDY (1 << 19)
+
+/* STATUS */
+#define UART_RX_LVL 8
+#define UART_TX_EM (1 << 6)
+#define UART_RX_FULL (1 << 5)
+#define UART_RX_EM (1 << 4)
+
+/* PNR (Pin Control Register) */
+#define UART_CTS 1
+#define UART_RTS (1 << 1)
+
+/* INT_EN / INT_FL */
+#define UART_RX_THD (1 << 4)
+#define UART_TX_HE (1 << 6)
+
+#define UART_RXBUFLEN 0x100
+#define TYPE_MAX78000_UART "max78000-uart"
+OBJECT_DECLARE_SIMPLE_TYPE(Max78000UartState, MAX78000_UART)
+
+struct Max78000UartState {
+ SysBusDevice parent_obj;
+
+ MemoryRegion mmio;
+
+ uint32_t ctrl;
+ uint32_t status;
+ uint32_t int_en;
+ uint32_t int_fl;
+ uint32_t clkdiv;
+ uint32_t osr;
+ uint32_t txpeek;
+ uint32_t pnr;
+ uint32_t fifo;
+ uint32_t dma;
+ uint32_t wken;
+ uint32_t wkfl;
+
+ Fifo8 rx_fifo;
+
+ CharBackend chr;
+ qemu_irq irq;
+};
+#endif /* HW_STM32F2XX_USART_H */
diff --git a/hw/char/max78000_uart.c b/hw/char/max78000_uart.c
new file mode 100644
index 00000000000..19506d52ef9
--- /dev/null
+++ b/hw/char/max78000_uart.c
@@ -0,0 +1,285 @@
+/*
+ * MAX78000 UART
+ *
+ * Copyright (c) 2025 Jackson Donaldson <jcksn@duck.com>
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#include "qemu/osdep.h"
+#include "hw/char/max78000_uart.h"
+#include "hw/irq.h"
+#include "hw/qdev-properties.h"
+#include "hw/qdev-properties-system.h"
+#include "qemu/log.h"
+#include "qemu/module.h"
+#include "migration/vmstate.h"
+#include "trace.h"
+
+
+static int max78000_uart_can_receive(void *opaque)
+{
+ Max78000UartState *s = opaque;
+ if (!(s->ctrl & UART_BCLKEN)) {
+ return 0;
+ }
+ return fifo8_num_free(&s->rx_fifo);
+}
+
+static void max78000_update_irq(Max78000UartState *s)
+{
+ int interrupt_level;
+
+ interrupt_level = s->int_fl & s->int_en;
+ qemu_set_irq(s->irq, interrupt_level);
+}
+
+static void max78000_uart_receive(void *opaque, const uint8_t *buf, int size)
+{
+ Max78000UartState *s = opaque;
+
+ assert(size <= fifo8_num_free(&s->rx_fifo));
+
+ fifo8_push_all(&s->rx_fifo, buf, size);
+
+ uint32_t rx_threshold = s->ctrl & 0xf;
+
+ if (fifo8_num_used(&s->rx_fifo) >= rx_threshold) {
+ s->int_fl |= UART_RX_THD;
+ }
+
+ max78000_update_irq(s);
+}
+
+static void max78000_uart_reset_hold(Object *obj, ResetType type)
+{
+ Max78000UartState *s = MAX78000_UART(obj);
+
+ s->ctrl = 0;
+ s->status = UART_TX_EM | UART_RX_EM;
+ s->int_en = 0;
+ s->int_fl = 0;
+ s->osr = 0;
+ s->txpeek = 0;
+ s->pnr = UART_RTS;
+ s->fifo = 0;
+ s->dma = 0;
+ s->wken = 0;
+ s->wkfl = 0;
+ fifo8_reset(&s->rx_fifo);
+}
+
+static uint64_t max78000_uart_read(void *opaque, hwaddr addr,
+ unsigned int size)
+{
+ Max78000UartState *s = opaque;
+ uint64_t retvalue = 0;
+ switch (addr) {
+ case UART_CTRL:
+ retvalue = s->ctrl;
+ break;
+ case UART_STATUS:
+ retvalue = (fifo8_num_used(&s->rx_fifo) << UART_RX_LVL) |
+ UART_TX_EM |
+ (fifo8_is_empty(&s->rx_fifo) ? UART_RX_EM : 0);
+ break;
+ case UART_INT_EN:
+ retvalue = s->int_en;
+ break;
+ case UART_INT_FL:
+ retvalue = s->int_fl;
+ break;
+ case UART_CLKDIV:
+ retvalue = s->clkdiv;
+ break;
+ case UART_OSR:
+ retvalue = s->osr;
+ break;
+ case UART_TXPEEK:
+ if (!fifo8_is_empty(&s->rx_fifo)) {
+ retvalue = fifo8_peek(&s->rx_fifo);
+ }
+ break;
+ case UART_PNR:
+ retvalue = s->pnr;
+ break;
+ case UART_FIFO:
+ if (!fifo8_is_empty(&s->rx_fifo)) {
+ retvalue = fifo8_pop(&s->rx_fifo);
+ max78000_update_irq(s);
+ }
+ break;
+ case UART_DMA:
+ /* DMA not implemented */
+ retvalue = s->dma;
+ break;
+ case UART_WKEN:
+ retvalue = s->wken;
+ break;
+ case UART_WKFL:
+ retvalue = s->wkfl;
+ break;
+ default:
+ qemu_log_mask(LOG_GUEST_ERROR,
+ "%s: Bad offset 0x%"HWADDR_PRIx"\n", __func__, addr);
+ break;
+ }
+
+ return retvalue;
+}
+
+static void max78000_uart_write(void *opaque, hwaddr addr,
+ uint64_t val64, unsigned int size)
+{
+ Max78000UartState *s = opaque;
+
+ uint32_t value = val64;
+ uint8_t data;
+
+ switch (addr) {
+ case UART_CTRL:
+ if (value & UART_FLUSH_RX) {
+ fifo8_reset(&s->rx_fifo);
+ }
+ if (value & UART_BCLKEN) {
+ value = value | UART_BCLKRDY;
+ }
+ s->ctrl = value & ~(UART_FLUSH_RX | UART_FLUSH_TX);
+
+ /*
+ * Software can manage UART flow control manually by setting hfc_en
+ * in UART_CTRL. This would require emulating uart at a lower level,
+ * and is currently unimplemented.
+ */
+
+ return;
+ case UART_STATUS:
+ /* UART_STATUS is read only */
+ return;
+ case UART_INT_EN:
+ s->int_en = value;
+ return;
+ case UART_INT_FL:
+ s->int_fl = s->int_fl & ~(value);
+ max78000_update_irq(s);
+ return;
+ case UART_CLKDIV:
+ s->clkdiv = value;
+ return;
+ case UART_OSR:
+ s->osr = value;
+ return;
+ case UART_PNR:
+ s->pnr = value;
+ return;
+ case UART_FIFO:
+ data = value & 0xff;
+ /*
+ * XXX this blocks entire thread. Rewrite to use
+ * qemu_chr_fe_write and background I/O callbacks
+ */
+ qemu_chr_fe_write_all(&s->chr, &data, 1);
+
+ /* TX is always empty */
+ s->int_fl |= UART_TX_HE;
+ max78000_update_irq(s);
+
+ return;
+ case UART_DMA:
+ /* DMA not implemented */
+ s->dma = value;
+ return;
+ case UART_WKEN:
+ s->wken = value;
+ return;
+ case UART_WKFL:
+ s->wkfl = value;
+ return;
+ default:
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%"
+ HWADDR_PRIx "\n", __func__, addr);
+ }
+}
+
+static const MemoryRegionOps max78000_uart_ops = {
+ .read = max78000_uart_read,
+ .write = max78000_uart_write,
+ .endianness = DEVICE_LITTLE_ENDIAN,
+ .valid.min_access_size = 4,
+ .valid.max_access_size = 4,
+};
+
+static const Property max78000_uart_properties[] = {
+ DEFINE_PROP_CHR("chardev", Max78000UartState, chr),
+};
+
+static const VMStateDescription max78000_uart_vmstate = {
+ .name = TYPE_MAX78000_UART,
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .fields = (VMStateField[]) {
+ VMSTATE_UINT32(ctrl, Max78000UartState),
+ VMSTATE_UINT32(status, Max78000UartState),
+ VMSTATE_UINT32(int_en, Max78000UartState),
+ VMSTATE_UINT32(int_fl, Max78000UartState),
+ VMSTATE_UINT32(clkdiv, Max78000UartState),
+ VMSTATE_UINT32(osr, Max78000UartState),
+ VMSTATE_UINT32(txpeek, Max78000UartState),
+ VMSTATE_UINT32(pnr, Max78000UartState),
+ VMSTATE_UINT32(fifo, Max78000UartState),
+ VMSTATE_UINT32(dma, Max78000UartState),
+ VMSTATE_UINT32(wken, Max78000UartState),
+ VMSTATE_UINT32(wkfl, Max78000UartState),
+ VMSTATE_FIFO8(rx_fifo, Max78000UartState),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+static void max78000_uart_init(Object *obj)
+{
+ Max78000UartState *s = MAX78000_UART(obj);
+ fifo8_create(&s->rx_fifo, 8);
+
+ sysbus_init_irq(SYS_BUS_DEVICE(obj), &s->irq);
+
+ memory_region_init_io(&s->mmio, obj, &max78000_uart_ops, s,
+ TYPE_MAX78000_UART, 0x400);
+ sysbus_init_mmio(SYS_BUS_DEVICE(obj), &s->mmio);
+}
+
+static void max78000_uart_realize(DeviceState *dev, Error **errp)
+{
+ Max78000UartState *s = MAX78000_UART(dev);
+
+ qemu_chr_fe_set_handlers(&s->chr, max78000_uart_can_receive,
+ max78000_uart_receive, NULL, NULL,
+ s, NULL, true);
+}
+
+static void max78000_uart_class_init(ObjectClass *klass, const void *data)
+{
+ DeviceClass *dc = DEVICE_CLASS(klass);
+ ResettableClass *rc = RESETTABLE_CLASS(klass);
+
+ rc->phases.hold = max78000_uart_reset_hold;
+
+ device_class_set_props(dc, max78000_uart_properties);
+ dc->realize = max78000_uart_realize;
+
+ dc->vmsd = &max78000_uart_vmstate;
+}
+
+static const TypeInfo max78000_uart_info = {
+ .name = TYPE_MAX78000_UART,
+ .parent = TYPE_SYS_BUS_DEVICE,
+ .instance_size = sizeof(Max78000UartState),
+ .instance_init = max78000_uart_init,
+ .class_init = max78000_uart_class_init,
+};
+
+static void max78000_uart_register_types(void)
+{
+ type_register_static(&max78000_uart_info);
+}
+
+type_init(max78000_uart_register_types)
diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
index 035568a085e..7e3610dca8f 100644
--- a/hw/arm/Kconfig
+++ b/hw/arm/Kconfig
@@ -367,6 +367,7 @@ config MAX78000_SOC
bool
select ARM_V7M
select MAX78000_ICC
+ select MAX78000_UART
config RASPI
bool
diff --git a/hw/char/Kconfig b/hw/char/Kconfig
index 9d517f3e287..020c0a84bb6 100644
--- a/hw/char/Kconfig
+++ b/hw/char/Kconfig
@@ -48,6 +48,9 @@ config VIRTIO_SERIAL
default y
depends on VIRTIO
+config MAX78000_UART
+ bool
+
config STM32F2XX_USART
bool
diff --git a/hw/char/meson.build b/hw/char/meson.build
index 4e439da8b9e..a9e1dc26c0f 100644
--- a/hw/char/meson.build
+++ b/hw/char/meson.build
@@ -26,6 +26,7 @@ system_ss.add(when: 'CONFIG_AVR_USART', if_true: files('avr_usart.c'))
system_ss.add(when: 'CONFIG_COLDFIRE', if_true: files('mcf_uart.c'))
system_ss.add(when: 'CONFIG_DIGIC', if_true: files('digic-uart.c'))
system_ss.add(when: 'CONFIG_EXYNOS4', if_true: files('exynos4210_uart.c'))
+system_ss.add(when: 'CONFIG_MAX78000_UART', if_true: files('max78000_uart.c'))
system_ss.add(when: 'CONFIG_OMAP', if_true: files('omap_uart.c'))
system_ss.add(when: 'CONFIG_RASPI', if_true: files('bcm2835_aux.c'))
system_ss.add(when: 'CONFIG_RENESAS_SCI', if_true: files('renesas_sci.c'))
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 05/36] MAX78000: Add UART to SOC
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (3 preceding siblings ...)
2025-07-11 13:33 ` [PULL 04/36] MAX78000: UART Implementation Peter Maydell
@ 2025-07-11 13:33 ` Peter Maydell
2025-07-11 13:33 ` [PULL 06/36] MAX78000: GCR Implementation Peter Maydell
` (31 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:33 UTC (permalink / raw)
To: qemu-devel
From: Jackson Donaldson <jackson88044@gmail.com>
This commit adds UART to max78000_soc
Signed-off-by: Jackson Donaldson <jcksn@duck.com>
Reviewed-by: Peter Maydell <petermaydell@linaro.org>
Message-id: 20250704223239.248781-6-jcksn@duck.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
include/hw/arm/max78000_soc.h | 3 +++
hw/arm/max78000_soc.c | 28 ++++++++++++++++++++++++----
2 files changed, 27 insertions(+), 4 deletions(-)
diff --git a/include/hw/arm/max78000_soc.h b/include/hw/arm/max78000_soc.h
index 27b506d6eeb..57894f00359 100644
--- a/include/hw/arm/max78000_soc.h
+++ b/include/hw/arm/max78000_soc.h
@@ -12,6 +12,7 @@
#include "hw/or-irq.h"
#include "hw/arm/armv7m.h"
#include "hw/misc/max78000_icc.h"
+#include "hw/char/max78000_uart.h"
#include "qom/object.h"
#define TYPE_MAX78000_SOC "max78000-soc"
@@ -24,6 +25,7 @@ OBJECT_DECLARE_SIMPLE_TYPE(MAX78000State, MAX78000_SOC)
/* The MAX78k has 2 instruction caches; only icc0 matters, icc1 is for RISC */
#define MAX78000_NUM_ICC 2
+#define MAX78000_NUM_UART 3
struct MAX78000State {
SysBusDevice parent_obj;
@@ -34,6 +36,7 @@ struct MAX78000State {
MemoryRegion flash;
Max78000IccState icc[MAX78000_NUM_ICC];
+ Max78000UartState uart[MAX78000_NUM_UART];
Clock *sysclk;
};
diff --git a/hw/arm/max78000_soc.c b/hw/arm/max78000_soc.c
index 0c83b08eca0..2f93ab882d4 100644
--- a/hw/arm/max78000_soc.c
+++ b/hw/arm/max78000_soc.c
@@ -18,6 +18,10 @@
#include "hw/misc/unimp.h"
static const uint32_t max78000_icc_addr[] = {0x4002a000, 0x4002a800};
+static const uint32_t max78000_uart_addr[] = {0x40042000, 0x40043000,
+ 0x40044000};
+
+static const int max78000_uart_irq[] = {14, 15, 34};
static void max78000_soc_initfn(Object *obj)
{
@@ -31,6 +35,12 @@ static void max78000_soc_initfn(Object *obj)
object_initialize_child(obj, name, &s->icc[i], TYPE_MAX78000_ICC);
}
+ for (i = 0; i < MAX78000_NUM_UART; i++) {
+ g_autofree char *name = g_strdup_printf("uart%d", i);
+ object_initialize_child(obj, name, &s->uart[i],
+ TYPE_MAX78000_UART);
+ }
+
s->sysclk = qdev_init_clock_in(DEVICE(s), "sysclk", NULL, NULL, 0);
}
@@ -39,6 +49,7 @@ static void max78000_soc_realize(DeviceState *dev_soc, Error **errp)
MAX78000State *s = MAX78000_SOC(dev_soc);
MemoryRegion *system_memory = get_system_memory();
DeviceState *dev, *armv7m;
+ SysBusDevice *busdev;
Error *err = NULL;
int i;
@@ -89,6 +100,19 @@ static void max78000_soc_realize(DeviceState *dev_soc, Error **errp)
sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, max78000_icc_addr[i]);
}
+ for (i = 0; i < MAX78000_NUM_UART; i++) {
+ dev = DEVICE(&(s->uart[i]));
+ qdev_prop_set_chr(dev, "chardev", serial_hd(i));
+ if (!sysbus_realize(SYS_BUS_DEVICE(&s->uart[i]), errp)) {
+ return;
+ }
+
+ busdev = SYS_BUS_DEVICE(dev);
+ sysbus_mmio_map(busdev, 0, max78000_uart_addr[i]);
+ sysbus_connect_irq(busdev, 0, qdev_get_gpio_in(armv7m,
+ max78000_uart_irq[i]));
+ }
+
create_unimplemented_device("globalControl", 0x40000000, 0x400);
create_unimplemented_device("systemInterface", 0x40000400, 0x400);
create_unimplemented_device("functionControl", 0x40000800, 0x400);
@@ -127,10 +151,6 @@ static void max78000_soc_realize(DeviceState *dev_soc, Error **errp)
create_unimplemented_device("oneWireMaster", 0x4003d000, 0x1000);
create_unimplemented_device("semaphore", 0x4003e000, 0x1000);
- create_unimplemented_device("uart0", 0x40042000, 0x1000);
- create_unimplemented_device("uart1", 0x40043000, 0x1000);
- create_unimplemented_device("uart2", 0x40044000, 0x1000);
-
create_unimplemented_device("spi1", 0x40046000, 0x2000);
create_unimplemented_device("trng", 0x4004d000, 0x1000);
create_unimplemented_device("i2s", 0x40060000, 0x1000);
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 06/36] MAX78000: GCR Implementation
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (4 preceding siblings ...)
2025-07-11 13:33 ` [PULL 05/36] MAX78000: Add UART to SOC Peter Maydell
@ 2025-07-11 13:33 ` Peter Maydell
2025-07-11 13:34 ` [PULL 07/36] MAX78000: Add GCR to SOC Peter Maydell
` (30 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:33 UTC (permalink / raw)
To: qemu-devel
From: Jackson Donaldson <jackson88044@gmail.com>
This commit implements the Global Control Register
for the MAX78000
Signed-off-by: Jackson Donaldson <jcksn@duck.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20250704223239.248781-7-jcksn@duck.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
include/hw/misc/max78000_gcr.h | 129 +++++++++++++
hw/misc/max78000_gcr.c | 339 +++++++++++++++++++++++++++++++++
hw/arm/Kconfig | 1 +
hw/misc/Kconfig | 3 +
hw/misc/meson.build | 1 +
5 files changed, 473 insertions(+)
create mode 100644 include/hw/misc/max78000_gcr.h
create mode 100644 hw/misc/max78000_gcr.c
diff --git a/include/hw/misc/max78000_gcr.h b/include/hw/misc/max78000_gcr.h
new file mode 100644
index 00000000000..f04c8a3ee7b
--- /dev/null
+++ b/include/hw/misc/max78000_gcr.h
@@ -0,0 +1,129 @@
+/*
+ * MAX78000 Global Control Register
+ *
+ * Copyright (c) 2025 Jackson Donaldson <jcksn@duck.com>
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+#ifndef HW_MAX78000_GCR_H
+#define HW_MAX78000_GCR_H
+
+#include "hw/sysbus.h"
+#include "qom/object.h"
+
+#define TYPE_MAX78000_GCR "max78000-gcr"
+OBJECT_DECLARE_SIMPLE_TYPE(Max78000GcrState, MAX78000_GCR)
+
+#define SYSCTRL 0x0
+#define RST0 0x4
+#define CLKCTRL 0x8
+#define PM 0xc
+#define PCLKDIV 0x18
+#define PCLKDIS0 0x24
+#define MEMCTRL 0x28
+#define MEMZ 0x2c
+#define SYSST 0x40
+#define RST1 0x44
+#define PCKDIS1 0x48
+#define EVENTEN 0x4c
+#define REVISION 0x50
+#define SYSIE 0x54
+#define ECCERR 0x64
+#define ECCED 0x68
+#define ECCIE 0x6c
+#define ECCADDR 0x70
+
+/* RST0 */
+#define SYSTEM_RESET (1 << 31)
+#define PERIPHERAL_RESET (1 << 30)
+#define SOFT_RESET (1 << 29)
+#define UART2_RESET (1 << 28)
+
+#define ADC_RESET (1 << 26)
+#define CNN_RESET (1 << 25)
+#define TRNG_RESET (1 << 24)
+
+#define RTC_RESET (1 << 17)
+#define I2C0_RESET (1 << 16)
+
+#define SPI1_RESET (1 << 13)
+#define UART1_RESET (1 << 12)
+#define UART0_RESET (1 << 11)
+
+#define TMR3_RESET (1 << 8)
+#define TMR2_RESET (1 << 7)
+#define TMR1_RESET (1 << 6)
+#define TMR0_RESET (1 << 5)
+
+#define GPIO1_RESET (1 << 3)
+#define GPIO0_RESET (1 << 2)
+#define WDT0_RESET (1 << 1)
+#define DMA_RESET (1 << 0)
+
+/* CLKCTRL */
+#define SYSCLK_RDY (1 << 13)
+
+/* MEMZ */
+#define ram0 (1 << 0)
+#define ram1 (1 << 1)
+#define ram2 (1 << 2)
+#define ram3 (1 << 3)
+
+/* RST1 */
+#define CPU1_RESET (1 << 31)
+
+#define SIMO_RESET (1 << 25)
+#define DVS_RESET (1 << 24)
+
+#define I2C2_RESET (1 << 20)
+#define I2S_RESET (1 << 19)
+
+#define SMPHR_RESET (1 << 16)
+
+#define SPI0_RESET (1 << 11)
+#define AES_RESET (1 << 10)
+#define CRC_RESET (1 << 9)
+
+#define PT_RESET (1 << 1)
+#define I2C1_RESET (1 << 0)
+
+
+#define SYSRAM0_START 0x20000000
+#define SYSRAM1_START 0x20008000
+#define SYSRAM2_START 0x20010000
+#define SYSRAM3_START 0x2001C000
+
+struct Max78000GcrState {
+ SysBusDevice parent_obj;
+
+ MemoryRegion mmio;
+
+ uint32_t sysctrl;
+ uint32_t rst0;
+ uint32_t clkctrl;
+ uint32_t pm;
+ uint32_t pclkdiv;
+ uint32_t pclkdis0;
+ uint32_t memctrl;
+ uint32_t memz;
+ uint32_t sysst;
+ uint32_t rst1;
+ uint32_t pckdis1;
+ uint32_t eventen;
+ uint32_t revision;
+ uint32_t sysie;
+ uint32_t eccerr;
+ uint32_t ecced;
+ uint32_t eccie;
+ uint32_t eccaddr;
+
+ MemoryRegion *sram;
+ AddressSpace sram_as;
+
+ DeviceState *uart0;
+ DeviceState *uart1;
+ DeviceState *uart2;
+
+};
+
+#endif
diff --git a/hw/misc/max78000_gcr.c b/hw/misc/max78000_gcr.c
new file mode 100644
index 00000000000..8c282f3916f
--- /dev/null
+++ b/hw/misc/max78000_gcr.c
@@ -0,0 +1,339 @@
+/*
+ * MAX78000 Global Control Registers
+ *
+ * Copyright (c) 2025 Jackson Donaldson <jcksn@duck.com>
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/log.h"
+#include "trace.h"
+#include "hw/irq.h"
+#include "system/runstate.h"
+#include "migration/vmstate.h"
+#include "hw/qdev-properties.h"
+#include "hw/char/max78000_uart.h"
+#include "hw/misc/max78000_gcr.h"
+
+
+static void max78000_gcr_reset_hold(Object *obj, ResetType type)
+{
+ DeviceState *dev = DEVICE(obj);
+ Max78000GcrState *s = MAX78000_GCR(dev);
+ s->sysctrl = 0x21002;
+ s->rst0 = 0;
+ /* All clocks are always ready */
+ s->clkctrl = 0x3e140008;
+ s->pm = 0x3f000;
+ s->pclkdiv = 0;
+ s->pclkdis0 = 0xffffffff;
+ s->memctrl = 0x5;
+ s->memz = 0;
+ s->sysst = 0;
+ s->rst1 = 0;
+ s->pckdis1 = 0xffffffff;
+ s->eventen = 0;
+ s->revision = 0xa1;
+ s->sysie = 0;
+ s->eccerr = 0;
+ s->ecced = 0;
+ s->eccie = 0;
+ s->eccaddr = 0;
+}
+
+static uint64_t max78000_gcr_read(void *opaque, hwaddr addr,
+ unsigned int size)
+{
+ Max78000GcrState *s = opaque;
+
+ switch (addr) {
+ case SYSCTRL:
+ return s->sysctrl;
+
+ case RST0:
+ return s->rst0;
+
+ case CLKCTRL:
+ return s->clkctrl;
+
+ case PM:
+ return s->pm;
+
+ case PCLKDIV:
+ return s->pclkdiv;
+
+ case PCLKDIS0:
+ return s->pclkdis0;
+
+ case MEMCTRL:
+ return s->memctrl;
+
+ case MEMZ:
+ return s->memz;
+
+ case SYSST:
+ return s->sysst;
+
+ case RST1:
+ return s->rst1;
+
+ case PCKDIS1:
+ return s->pckdis1;
+
+ case EVENTEN:
+ return s->eventen;
+
+ case REVISION:
+ return s->revision;
+
+ case SYSIE:
+ return s->sysie;
+
+ case ECCERR:
+ return s->eccerr;
+
+ case ECCED:
+ return s->ecced;
+
+ case ECCIE:
+ return s->eccie;
+
+ case ECCADDR:
+ return s->eccaddr;
+
+ default:
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%"
+ HWADDR_PRIx "\n", __func__, addr);
+ return 0;
+
+ }
+}
+
+static void max78000_gcr_write(void *opaque, hwaddr addr,
+ uint64_t val64, unsigned int size)
+{
+ Max78000GcrState *s = opaque;
+ uint32_t val = val64;
+ uint8_t zero[0xc000] = {0};
+ switch (addr) {
+ case SYSCTRL:
+ /* Checksum calculations always pass immediately */
+ s->sysctrl = (val & 0x30000) | 0x1002;
+ break;
+
+ case RST0:
+ if (val & SYSTEM_RESET) {
+ qemu_system_reset_request(SHUTDOWN_CAUSE_GUEST_RESET);
+ }
+ if (val & PERIPHERAL_RESET) {
+ /*
+ * Peripheral reset resets all peripherals. The CPU
+ * retains its state. The GPIO, watchdog timers, AoD,
+ * RAM retention, and general control registers (GCR),
+ * including the clock configuration, are unaffected.
+ */
+ val = UART2_RESET | UART1_RESET | UART0_RESET |
+ ADC_RESET | CNN_RESET | TRNG_RESET |
+ RTC_RESET | I2C0_RESET | SPI1_RESET |
+ TMR3_RESET | TMR2_RESET | TMR1_RESET |
+ TMR0_RESET | WDT0_RESET | DMA_RESET;
+ }
+ if (val & SOFT_RESET) {
+ /* Soft reset also resets GPIO */
+ val = UART2_RESET | UART1_RESET | UART0_RESET |
+ ADC_RESET | CNN_RESET | TRNG_RESET |
+ RTC_RESET | I2C0_RESET | SPI1_RESET |
+ TMR3_RESET | TMR2_RESET | TMR1_RESET |
+ TMR0_RESET | GPIO1_RESET | GPIO0_RESET |
+ DMA_RESET;
+ }
+ if (val & UART2_RESET) {
+ device_cold_reset(s->uart2);
+ }
+ if (val & UART1_RESET) {
+ device_cold_reset(s->uart1);
+ }
+ if (val & UART0_RESET) {
+ device_cold_reset(s->uart0);
+ }
+ /* TODO: As other devices are implemented, add them here */
+ break;
+
+ case CLKCTRL:
+ s->clkctrl = val | SYSCLK_RDY;
+ break;
+
+ case PM:
+ s->pm = val;
+ break;
+
+ case PCLKDIV:
+ s->pclkdiv = val;
+ break;
+
+ case PCLKDIS0:
+ s->pclkdis0 = val;
+ break;
+
+ case MEMCTRL:
+ s->memctrl = val;
+ break;
+
+ case MEMZ:
+ if (val & ram0) {
+ address_space_write(&s->sram_as, SYSRAM0_START,
+ MEMTXATTRS_UNSPECIFIED, zero, 0x8000);
+ }
+ if (val & ram1) {
+ address_space_write(&s->sram_as, SYSRAM1_START,
+ MEMTXATTRS_UNSPECIFIED, zero, 0x8000);
+ }
+ if (val & ram2) {
+ address_space_write(&s->sram_as, SYSRAM2_START,
+ MEMTXATTRS_UNSPECIFIED, zero, 0xC000);
+ }
+ if (val & ram3) {
+ address_space_write(&s->sram_as, SYSRAM3_START,
+ MEMTXATTRS_UNSPECIFIED, zero, 0x4000);
+ }
+ break;
+
+ case SYSST:
+ s->sysst = val;
+ break;
+
+ case RST1:
+ /* TODO: As other devices are implemented, add them here */
+ s->rst1 = val;
+ break;
+
+ case PCKDIS1:
+ s->pckdis1 = val;
+ break;
+
+ case EVENTEN:
+ s->eventen = val;
+ break;
+
+ case REVISION:
+ s->revision = val;
+ break;
+
+ case SYSIE:
+ s->sysie = val;
+ break;
+
+ case ECCERR:
+ s->eccerr = val;
+ break;
+
+ case ECCED:
+ s->ecced = val;
+ break;
+
+ case ECCIE:
+ s->eccie = val;
+ break;
+
+ case ECCADDR:
+ s->eccaddr = val;
+ break;
+
+ default:
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%" HWADDR_PRIx "\n",
+ __func__, addr);
+ break;
+
+ }
+}
+
+static const Property max78000_gcr_properties[] = {
+ DEFINE_PROP_LINK("sram", Max78000GcrState, sram,
+ TYPE_MEMORY_REGION, MemoryRegion*),
+ DEFINE_PROP_LINK("uart0", Max78000GcrState, uart0,
+ TYPE_MAX78000_UART, DeviceState*),
+ DEFINE_PROP_LINK("uart1", Max78000GcrState, uart1,
+ TYPE_MAX78000_UART, DeviceState*),
+ DEFINE_PROP_LINK("uart2", Max78000GcrState, uart2,
+ TYPE_MAX78000_UART, DeviceState*),
+};
+
+static const MemoryRegionOps max78000_gcr_ops = {
+ .read = max78000_gcr_read,
+ .write = max78000_gcr_write,
+ .endianness = DEVICE_LITTLE_ENDIAN,
+ .valid.min_access_size = 4,
+ .valid.max_access_size = 4,
+};
+
+static const VMStateDescription vmstate_max78000_gcr = {
+ .name = TYPE_MAX78000_GCR,
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .fields = (const VMStateField[]) {
+ VMSTATE_UINT32(sysctrl, Max78000GcrState),
+ VMSTATE_UINT32(rst0, Max78000GcrState),
+ VMSTATE_UINT32(clkctrl, Max78000GcrState),
+ VMSTATE_UINT32(pm, Max78000GcrState),
+ VMSTATE_UINT32(pclkdiv, Max78000GcrState),
+ VMSTATE_UINT32(pclkdis0, Max78000GcrState),
+ VMSTATE_UINT32(memctrl, Max78000GcrState),
+ VMSTATE_UINT32(memz, Max78000GcrState),
+ VMSTATE_UINT32(sysst, Max78000GcrState),
+ VMSTATE_UINT32(rst1, Max78000GcrState),
+ VMSTATE_UINT32(pckdis1, Max78000GcrState),
+ VMSTATE_UINT32(eventen, Max78000GcrState),
+ VMSTATE_UINT32(revision, Max78000GcrState),
+ VMSTATE_UINT32(sysie, Max78000GcrState),
+ VMSTATE_UINT32(eccerr, Max78000GcrState),
+ VMSTATE_UINT32(ecced, Max78000GcrState),
+ VMSTATE_UINT32(eccie, Max78000GcrState),
+ VMSTATE_UINT32(eccaddr, Max78000GcrState),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+static void max78000_gcr_init(Object *obj)
+{
+ Max78000GcrState *s = MAX78000_GCR(obj);
+
+ memory_region_init_io(&s->mmio, obj, &max78000_gcr_ops, s,
+ TYPE_MAX78000_GCR, 0x400);
+ sysbus_init_mmio(SYS_BUS_DEVICE(obj), &s->mmio);
+
+}
+
+static void max78000_gcr_realize(DeviceState *dev, Error **errp)
+{
+ Max78000GcrState *s = MAX78000_GCR(dev);
+
+ address_space_init(&s->sram_as, s->sram, "sram");
+}
+
+static void max78000_gcr_class_init(ObjectClass *klass, const void *data)
+{
+ DeviceClass *dc = DEVICE_CLASS(klass);
+ ResettableClass *rc = RESETTABLE_CLASS(klass);
+
+ device_class_set_props(dc, max78000_gcr_properties);
+
+ dc->realize = max78000_gcr_realize;
+ dc->vmsd = &vmstate_max78000_gcr;
+ rc->phases.hold = max78000_gcr_reset_hold;
+}
+
+static const TypeInfo max78000_gcr_info = {
+ .name = TYPE_MAX78000_GCR,
+ .parent = TYPE_SYS_BUS_DEVICE,
+ .instance_size = sizeof(Max78000GcrState),
+ .instance_init = max78000_gcr_init,
+ .class_init = max78000_gcr_class_init,
+};
+
+static void max78000_gcr_register_types(void)
+{
+ type_register_static(&max78000_gcr_info);
+}
+
+type_init(max78000_gcr_register_types)
diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
index 7e3610dca8f..a96349ee118 100644
--- a/hw/arm/Kconfig
+++ b/hw/arm/Kconfig
@@ -368,6 +368,7 @@ config MAX78000_SOC
select ARM_V7M
select MAX78000_ICC
select MAX78000_UART
+ select MAX78000_GCR
config RASPI
bool
diff --git a/hw/misc/Kconfig b/hw/misc/Kconfig
index 781bcf74ccc..fde2266b8fc 100644
--- a/hw/misc/Kconfig
+++ b/hw/misc/Kconfig
@@ -47,6 +47,9 @@ config A9SCU
config ARM11SCU
bool
+config MAX78000_GCR
+ bool
+
config MAX78000_ICC
bool
diff --git a/hw/misc/meson.build b/hw/misc/meson.build
index a21a994ff83..283d06dad4d 100644
--- a/hw/misc/meson.build
+++ b/hw/misc/meson.build
@@ -70,6 +70,7 @@ system_ss.add(when: 'CONFIG_IMX', if_true: files(
'imx_ccm.c',
'imx_rngc.c',
))
+system_ss.add(when: 'CONFIG_MAX78000_GCR', if_true: files('max78000_gcr.c'))
system_ss.add(when: 'CONFIG_MAX78000_ICC', if_true: files('max78000_icc.c'))
system_ss.add(when: 'CONFIG_NPCM7XX', if_true: files(
'npcm_clk.c',
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 07/36] MAX78000: Add GCR to SOC
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (5 preceding siblings ...)
2025-07-11 13:33 ` [PULL 06/36] MAX78000: GCR Implementation Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-11 13:34 ` [PULL 08/36] MAX78000: TRNG Implementation Peter Maydell
` (29 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
From: Jackson Donaldson <jackson88044@gmail.com>
This commit adds the Global Control Register to
max78000_soc
Signed-off-by: Jackson Donaldson <jcksn@duck.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20250704223239.248781-8-jcksn@duck.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
include/hw/arm/max78000_soc.h | 2 ++
hw/arm/max78000_soc.c | 18 ++++++++++++++++--
2 files changed, 18 insertions(+), 2 deletions(-)
diff --git a/include/hw/arm/max78000_soc.h b/include/hw/arm/max78000_soc.h
index 57894f00359..919aca0855f 100644
--- a/include/hw/arm/max78000_soc.h
+++ b/include/hw/arm/max78000_soc.h
@@ -11,6 +11,7 @@
#include "hw/or-irq.h"
#include "hw/arm/armv7m.h"
+#include "hw/misc/max78000_gcr.h"
#include "hw/misc/max78000_icc.h"
#include "hw/char/max78000_uart.h"
#include "qom/object.h"
@@ -35,6 +36,7 @@ struct MAX78000State {
MemoryRegion sram;
MemoryRegion flash;
+ Max78000GcrState gcr;
Max78000IccState icc[MAX78000_NUM_ICC];
Max78000UartState uart[MAX78000_NUM_UART];
diff --git a/hw/arm/max78000_soc.c b/hw/arm/max78000_soc.c
index 2f93ab882d4..45c60883121 100644
--- a/hw/arm/max78000_soc.c
+++ b/hw/arm/max78000_soc.c
@@ -30,6 +30,8 @@ static void max78000_soc_initfn(Object *obj)
object_initialize_child(obj, "armv7m", &s->armv7m, TYPE_ARMV7M);
+ object_initialize_child(obj, "gcr", &s->gcr, TYPE_MAX78000_GCR);
+
for (i = 0; i < MAX78000_NUM_ICC; i++) {
g_autofree char *name = g_strdup_printf("icc%d", i);
object_initialize_child(obj, name, &s->icc[i], TYPE_MAX78000_ICC);
@@ -48,7 +50,7 @@ static void max78000_soc_realize(DeviceState *dev_soc, Error **errp)
{
MAX78000State *s = MAX78000_SOC(dev_soc);
MemoryRegion *system_memory = get_system_memory();
- DeviceState *dev, *armv7m;
+ DeviceState *dev, *gcrdev, *armv7m;
SysBusDevice *busdev;
Error *err = NULL;
int i;
@@ -69,6 +71,11 @@ static void max78000_soc_realize(DeviceState *dev_soc, Error **errp)
memory_region_init_ram(&s->sram, NULL, "MAX78000.sram", SRAM_SIZE,
&err);
+
+ gcrdev = DEVICE(&s->gcr);
+ object_property_set_link(OBJECT(gcrdev), "sram", OBJECT(&s->sram),
+ &err);
+
if (err != NULL) {
error_propagate(errp, err);
return;
@@ -101,19 +108,26 @@ static void max78000_soc_realize(DeviceState *dev_soc, Error **errp)
}
for (i = 0; i < MAX78000_NUM_UART; i++) {
+ g_autofree char *link = g_strdup_printf("uart%d", i);
dev = DEVICE(&(s->uart[i]));
qdev_prop_set_chr(dev, "chardev", serial_hd(i));
if (!sysbus_realize(SYS_BUS_DEVICE(&s->uart[i]), errp)) {
return;
}
+ object_property_set_link(OBJECT(gcrdev), link, OBJECT(dev),
+ &err);
+
busdev = SYS_BUS_DEVICE(dev);
sysbus_mmio_map(busdev, 0, max78000_uart_addr[i]);
sysbus_connect_irq(busdev, 0, qdev_get_gpio_in(armv7m,
max78000_uart_irq[i]));
}
- create_unimplemented_device("globalControl", 0x40000000, 0x400);
+ dev = DEVICE(&s->gcr);
+ sysbus_realize(SYS_BUS_DEVICE(dev), errp);
+ sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, 0x40000000);
+
create_unimplemented_device("systemInterface", 0x40000400, 0x400);
create_unimplemented_device("functionControl", 0x40000800, 0x400);
create_unimplemented_device("watchdogTimer0", 0x40003000, 0x400);
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 08/36] MAX78000: TRNG Implementation
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (6 preceding siblings ...)
2025-07-11 13:34 ` [PULL 07/36] MAX78000: Add GCR to SOC Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-11 13:34 ` [PULL 09/36] MAX78000: Add TRNG to SOC Peter Maydell
` (28 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
From: Jackson Donaldson <jackson88044@gmail.com>
This commit implements the True Random Number
Generator for the MAX78000
Signed-off-by: Jackson Donaldson <jcksn@duck.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20250704223239.248781-9-jcksn@duck.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
include/hw/misc/max78000_gcr.h | 1 +
include/hw/misc/max78000_trng.h | 35 ++++++++
hw/misc/max78000_gcr.c | 6 ++
hw/misc/max78000_trng.c | 139 ++++++++++++++++++++++++++++++++
hw/arm/Kconfig | 1 +
hw/misc/Kconfig | 3 +
hw/misc/meson.build | 1 +
7 files changed, 186 insertions(+)
create mode 100644 include/hw/misc/max78000_trng.h
create mode 100644 hw/misc/max78000_trng.c
diff --git a/include/hw/misc/max78000_gcr.h b/include/hw/misc/max78000_gcr.h
index f04c8a3ee7b..23ddf0885b9 100644
--- a/include/hw/misc/max78000_gcr.h
+++ b/include/hw/misc/max78000_gcr.h
@@ -123,6 +123,7 @@ struct Max78000GcrState {
DeviceState *uart0;
DeviceState *uart1;
DeviceState *uart2;
+ DeviceState *trng;
};
diff --git a/include/hw/misc/max78000_trng.h b/include/hw/misc/max78000_trng.h
new file mode 100644
index 00000000000..c5a8129b6a0
--- /dev/null
+++ b/include/hw/misc/max78000_trng.h
@@ -0,0 +1,35 @@
+/*
+ * MAX78000 True Random Number Generator
+ *
+ * Copyright (c) 2025 Jackson Donaldson <jcksn@duck.com>
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+#ifndef HW_MAX78000_TRNG_H
+#define HW_MAX78000_TRNG_H
+
+#include "hw/sysbus.h"
+#include "qom/object.h"
+
+#define TYPE_MAX78000_TRNG "max78000-trng"
+OBJECT_DECLARE_SIMPLE_TYPE(Max78000TrngState, MAX78000_TRNG)
+
+#define CTRL 0
+#define STATUS 4
+#define DATA 8
+
+#define RND_IE (1 << 1)
+
+struct Max78000TrngState {
+ SysBusDevice parent_obj;
+
+ MemoryRegion mmio;
+
+ uint32_t ctrl;
+ uint32_t status;
+ uint32_t data;
+
+ qemu_irq irq;
+};
+
+#endif
diff --git a/hw/misc/max78000_gcr.c b/hw/misc/max78000_gcr.c
index 8c282f3916f..5916ee615a9 100644
--- a/hw/misc/max78000_gcr.c
+++ b/hw/misc/max78000_gcr.c
@@ -14,6 +14,7 @@
#include "migration/vmstate.h"
#include "hw/qdev-properties.h"
#include "hw/char/max78000_uart.h"
+#include "hw/misc/max78000_trng.h"
#include "hw/misc/max78000_gcr.h"
@@ -157,6 +158,9 @@ static void max78000_gcr_write(void *opaque, hwaddr addr,
if (val & UART0_RESET) {
device_cold_reset(s->uart0);
}
+ if (val & TRNG_RESET) {
+ device_cold_reset(s->trng);
+ }
/* TODO: As other devices are implemented, add them here */
break;
@@ -257,6 +261,8 @@ static const Property max78000_gcr_properties[] = {
TYPE_MAX78000_UART, DeviceState*),
DEFINE_PROP_LINK("uart2", Max78000GcrState, uart2,
TYPE_MAX78000_UART, DeviceState*),
+ DEFINE_PROP_LINK("trng", Max78000GcrState, trng,
+ TYPE_MAX78000_TRNG, DeviceState*),
};
static const MemoryRegionOps max78000_gcr_ops = {
diff --git a/hw/misc/max78000_trng.c b/hw/misc/max78000_trng.c
new file mode 100644
index 00000000000..ecdaef53b6c
--- /dev/null
+++ b/hw/misc/max78000_trng.c
@@ -0,0 +1,139 @@
+/*
+ * MAX78000 True Random Number Generator
+ *
+ * Copyright (c) 2025 Jackson Donaldson <jcksn@duck.com>
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/log.h"
+#include "trace.h"
+#include "hw/irq.h"
+#include "migration/vmstate.h"
+#include "hw/misc/max78000_trng.h"
+#include "qemu/guest-random.h"
+
+static uint64_t max78000_trng_read(void *opaque, hwaddr addr,
+ unsigned int size)
+{
+ uint32_t data;
+
+ Max78000TrngState *s = opaque;
+ switch (addr) {
+ case CTRL:
+ return s->ctrl;
+
+ case STATUS:
+ return 1;
+
+ case DATA:
+ /*
+ * When interrupts are enabled, reading random data should cause a
+ * new interrupt to be generated; since there's always a random number
+ * available, we could qemu_set_irq(s->irq, s->ctrl & RND_IE). Because
+ * of how trng_write is set up, this is always a noop, so don't
+ */
+ qemu_guest_getrandom_nofail(&data, sizeof(data));
+ return data;
+
+ default:
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%"
+ HWADDR_PRIx "\n", __func__, addr);
+ break;
+ }
+ return 0;
+}
+
+static void max78000_trng_write(void *opaque, hwaddr addr,
+ uint64_t val64, unsigned int size)
+{
+ Max78000TrngState *s = opaque;
+ uint32_t val = val64;
+ switch (addr) {
+ case CTRL:
+ /* TODO: implement AES keygen */
+ s->ctrl = val;
+
+ /*
+ * This device models random number generation as taking 0 time.
+ * A new random number is always available, so the condition for the
+ * RND interrupt is always fulfilled; we can just set irq to 1.
+ */
+ if (val & RND_IE) {
+ qemu_set_irq(s->irq, 1);
+ } else{
+ qemu_set_irq(s->irq, 0);
+ }
+ break;
+
+ default:
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%"
+ HWADDR_PRIx "\n", __func__, addr);
+ break;
+ }
+}
+
+static void max78000_trng_reset_hold(Object *obj, ResetType type)
+{
+ Max78000TrngState *s = MAX78000_TRNG(obj);
+ s->ctrl = 0;
+ s->status = 0;
+ s->data = 0;
+}
+
+static const MemoryRegionOps max78000_trng_ops = {
+ .read = max78000_trng_read,
+ .write = max78000_trng_write,
+ .endianness = DEVICE_LITTLE_ENDIAN,
+ .valid.min_access_size = 4,
+ .valid.max_access_size = 4,
+};
+
+static const VMStateDescription max78000_trng_vmstate = {
+ .name = TYPE_MAX78000_TRNG,
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .fields = (const VMStateField[]) {
+ VMSTATE_UINT32(ctrl, Max78000TrngState),
+ VMSTATE_UINT32(status, Max78000TrngState),
+ VMSTATE_UINT32(data, Max78000TrngState),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+static void max78000_trng_init(Object *obj)
+{
+ Max78000TrngState *s = MAX78000_TRNG(obj);
+ sysbus_init_irq(SYS_BUS_DEVICE(obj), &s->irq);
+
+ memory_region_init_io(&s->mmio, obj, &max78000_trng_ops, s,
+ TYPE_MAX78000_TRNG, 0x1000);
+ sysbus_init_mmio(SYS_BUS_DEVICE(obj), &s->mmio);
+
+}
+
+static void max78000_trng_class_init(ObjectClass *klass, const void *data)
+{
+ ResettableClass *rc = RESETTABLE_CLASS(klass);
+ DeviceClass *dc = DEVICE_CLASS(klass);
+
+ rc->phases.hold = max78000_trng_reset_hold;
+ dc->vmsd = &max78000_trng_vmstate;
+
+}
+
+static const TypeInfo max78000_trng_info = {
+ .name = TYPE_MAX78000_TRNG,
+ .parent = TYPE_SYS_BUS_DEVICE,
+ .instance_size = sizeof(Max78000TrngState),
+ .instance_init = max78000_trng_init,
+ .class_init = max78000_trng_class_init,
+};
+
+static void max78000_trng_register_types(void)
+{
+ type_register_static(&max78000_trng_info);
+}
+
+type_init(max78000_trng_register_types)
diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
index a96349ee118..c7aae4c9e76 100644
--- a/hw/arm/Kconfig
+++ b/hw/arm/Kconfig
@@ -369,6 +369,7 @@ config MAX78000_SOC
select MAX78000_ICC
select MAX78000_UART
select MAX78000_GCR
+ select MAX78000_TRNG
config RASPI
bool
diff --git a/hw/misc/Kconfig b/hw/misc/Kconfig
index fde2266b8fc..dd6a6e54dad 100644
--- a/hw/misc/Kconfig
+++ b/hw/misc/Kconfig
@@ -53,6 +53,9 @@ config MAX78000_GCR
config MAX78000_ICC
bool
+config MAX78000_TRNG
+ bool
+
config MOS6522
bool
diff --git a/hw/misc/meson.build b/hw/misc/meson.build
index 283d06dad4d..c7c57d924bf 100644
--- a/hw/misc/meson.build
+++ b/hw/misc/meson.build
@@ -72,6 +72,7 @@ system_ss.add(when: 'CONFIG_IMX', if_true: files(
))
system_ss.add(when: 'CONFIG_MAX78000_GCR', if_true: files('max78000_gcr.c'))
system_ss.add(when: 'CONFIG_MAX78000_ICC', if_true: files('max78000_icc.c'))
+system_ss.add(when: 'CONFIG_MAX78000_TRNG', if_true: files('max78000_trng.c'))
system_ss.add(when: 'CONFIG_NPCM7XX', if_true: files(
'npcm_clk.c',
'npcm_gcr.c',
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 09/36] MAX78000: Add TRNG to SOC
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (7 preceding siblings ...)
2025-07-11 13:34 ` [PULL 08/36] MAX78000: TRNG Implementation Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-11 13:34 ` [PULL 10/36] MAX78000: AES implementation Peter Maydell
` (27 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
From: Jackson Donaldson <jackson88044@gmail.com>
This commit adds TRNG to max78000_soc
Signed-off-by: Jackson Donaldson
Message-id: 20250704223239.248781-10-jcksn@duck.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
include/hw/arm/max78000_soc.h | 2 ++
hw/arm/max78000_soc.c | 10 +++++++++-
2 files changed, 11 insertions(+), 1 deletion(-)
diff --git a/include/hw/arm/max78000_soc.h b/include/hw/arm/max78000_soc.h
index 919aca0855f..528598cfcbe 100644
--- a/include/hw/arm/max78000_soc.h
+++ b/include/hw/arm/max78000_soc.h
@@ -14,6 +14,7 @@
#include "hw/misc/max78000_gcr.h"
#include "hw/misc/max78000_icc.h"
#include "hw/char/max78000_uart.h"
+#include "hw/misc/max78000_trng.h"
#include "qom/object.h"
#define TYPE_MAX78000_SOC "max78000-soc"
@@ -39,6 +40,7 @@ struct MAX78000State {
Max78000GcrState gcr;
Max78000IccState icc[MAX78000_NUM_ICC];
Max78000UartState uart[MAX78000_NUM_UART];
+ Max78000TrngState trng;
Clock *sysclk;
};
diff --git a/hw/arm/max78000_soc.c b/hw/arm/max78000_soc.c
index 45c60883121..3f2069fb039 100644
--- a/hw/arm/max78000_soc.c
+++ b/hw/arm/max78000_soc.c
@@ -43,6 +43,8 @@ static void max78000_soc_initfn(Object *obj)
TYPE_MAX78000_UART);
}
+ object_initialize_child(obj, "trng", &s->trng, TYPE_MAX78000_TRNG);
+
s->sysclk = qdev_init_clock_in(DEVICE(s), "sysclk", NULL, NULL, 0);
}
@@ -124,6 +126,13 @@ static void max78000_soc_realize(DeviceState *dev_soc, Error **errp)
max78000_uart_irq[i]));
}
+ dev = DEVICE(&s->trng);
+ sysbus_realize(SYS_BUS_DEVICE(dev), errp);
+ sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, 0x4004d000);
+ sysbus_connect_irq(SYS_BUS_DEVICE(dev), 0, qdev_get_gpio_in(armv7m, 4));
+
+ object_property_set_link(OBJECT(gcrdev), "trng", OBJECT(dev), &err);
+
dev = DEVICE(&s->gcr);
sysbus_realize(SYS_BUS_DEVICE(dev), errp);
sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, 0x40000000);
@@ -166,7 +175,6 @@ static void max78000_soc_realize(DeviceState *dev_soc, Error **errp)
create_unimplemented_device("semaphore", 0x4003e000, 0x1000);
create_unimplemented_device("spi1", 0x40046000, 0x2000);
- create_unimplemented_device("trng", 0x4004d000, 0x1000);
create_unimplemented_device("i2s", 0x40060000, 0x1000);
create_unimplemented_device("lowPowerControl", 0x40080000, 0x400);
create_unimplemented_device("gpio2", 0x40080400, 0x200);
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 10/36] MAX78000: AES implementation
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (8 preceding siblings ...)
2025-07-11 13:34 ` [PULL 09/36] MAX78000: Add TRNG to SOC Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-11 13:34 ` [PULL 11/36] MAX78000: Add AES to SOC Peter Maydell
` (26 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
From: Jackson Donaldson <jackson88044@gmail.com>
This commit implements AES for the MAX78000
Signed-off-by: Jackson Donaldson <jcksn@duck.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20250704223239.248781-11-jcksn@duck.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
include/hw/misc/max78000_aes.h | 68 ++++++++++
include/hw/misc/max78000_gcr.h | 1 +
hw/misc/max78000_aes.c | 223 +++++++++++++++++++++++++++++++++
hw/misc/max78000_gcr.c | 6 +
hw/arm/Kconfig | 1 +
hw/misc/Kconfig | 3 +
hw/misc/meson.build | 1 +
7 files changed, 303 insertions(+)
create mode 100644 include/hw/misc/max78000_aes.h
create mode 100644 hw/misc/max78000_aes.c
diff --git a/include/hw/misc/max78000_aes.h b/include/hw/misc/max78000_aes.h
new file mode 100644
index 00000000000..407c45ef61e
--- /dev/null
+++ b/include/hw/misc/max78000_aes.h
@@ -0,0 +1,68 @@
+/*
+ * MAX78000 AES
+ *
+ * Copyright (c) 2025 Jackson Donaldson <jcksn@duck.com>
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+#ifndef HW_MAX78000_AES_H
+#define HW_MAX78000_AES_H
+
+#include "hw/sysbus.h"
+#include "crypto/aes.h"
+#include "qom/object.h"
+
+#define TYPE_MAX78000_AES "max78000-aes"
+OBJECT_DECLARE_SIMPLE_TYPE(Max78000AesState, MAX78000_AES)
+
+#define CTRL 0
+#define STATUS 4
+#define INTFL 8
+#define INTEN 0xc
+#define FIFO 0x10
+
+#define KEY_BASE 0x400
+#define KEY_END 0x420
+
+/* CTRL */
+#define TYPE (1 << 9 | 1 << 8)
+#define KEY_SIZE (1 << 7 | 1 << 6)
+#define OUTPUT_FLUSH (1 << 5)
+#define INPUT_FLUSH (1 << 4)
+#define START (1 << 3)
+
+#define AES_EN (1 << 0)
+
+/* STATUS */
+#define OUTPUT_FULL (1 << 4)
+#define OUTPUT_EMPTY (1 << 3)
+#define INPUT_FULL (1 << 2)
+#define INPUT_EMPTY (1 << 1)
+#define BUSY (1 << 0)
+
+/* INTFL*/
+#define DONE (1 << 0)
+
+struct Max78000AesState {
+ SysBusDevice parent_obj;
+
+ MemoryRegion mmio;
+
+ uint32_t ctrl;
+ uint32_t status;
+ uint32_t intfl;
+ uint32_t inten;
+ uint32_t data_index;
+ uint8_t data[16];
+
+ uint8_t key[32];
+ AES_KEY internal_key;
+
+ uint32_t result_index;
+ uint8_t result[16];
+
+
+ qemu_irq irq;
+};
+
+#endif
diff --git a/include/hw/misc/max78000_gcr.h b/include/hw/misc/max78000_gcr.h
index 23ddf0885b9..d5858a40f3b 100644
--- a/include/hw/misc/max78000_gcr.h
+++ b/include/hw/misc/max78000_gcr.h
@@ -124,6 +124,7 @@ struct Max78000GcrState {
DeviceState *uart1;
DeviceState *uart2;
DeviceState *trng;
+ DeviceState *aes;
};
diff --git a/hw/misc/max78000_aes.c b/hw/misc/max78000_aes.c
new file mode 100644
index 00000000000..0bfb2f02b5b
--- /dev/null
+++ b/hw/misc/max78000_aes.c
@@ -0,0 +1,223 @@
+/*
+ * MAX78000 AES
+ *
+ * Copyright (c) 2025 Jackson Donaldson <jcksn@duck.com>
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/log.h"
+#include "trace.h"
+#include "hw/irq.h"
+#include "migration/vmstate.h"
+#include "hw/misc/max78000_aes.h"
+#include "crypto/aes.h"
+
+static void max78000_aes_set_status(Max78000AesState *s)
+{
+ s->status = 0;
+ if (s->result_index >= 16) {
+ s->status |= OUTPUT_FULL;
+ }
+ if (s->result_index == 0) {
+ s->status |= OUTPUT_EMPTY;
+ }
+ if (s->data_index >= 16) {
+ s->status |= INPUT_FULL;
+ }
+ if (s->data_index == 0) {
+ s->status |= INPUT_EMPTY;
+ }
+}
+
+static uint64_t max78000_aes_read(void *opaque, hwaddr addr,
+ unsigned int size)
+{
+ Max78000AesState *s = opaque;
+ switch (addr) {
+ case CTRL:
+ return s->ctrl;
+
+ case STATUS:
+ return s->status;
+
+ case INTFL:
+ return s->intfl;
+
+ case INTEN:
+ return s->inten;
+
+ case FIFO:
+ if (s->result_index >= 4) {
+ s->intfl &= ~DONE;
+ s->result_index -= 4;
+ max78000_aes_set_status(s);
+ return ldl_be_p(&s->result[s->result_index]);
+ } else{
+ return 0;
+ }
+
+ default:
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%"
+ HWADDR_PRIx "\n", __func__, addr);
+ break;
+
+ }
+ return 0;
+}
+
+static void max78000_aes_do_crypto(Max78000AesState *s)
+{
+ int keylen = 256;
+ uint8_t *keydata = s->key;
+ if ((s->ctrl & KEY_SIZE) == 0) {
+ keylen = 128;
+ keydata += 16;
+ } else if ((s->ctrl & KEY_SIZE) == 1 << 6) {
+ keylen = 192;
+ keydata += 8;
+ }
+
+ AES_KEY key;
+ if ((s->ctrl & TYPE) == 0) {
+ AES_set_encrypt_key(keydata, keylen, &key);
+ AES_set_decrypt_key(keydata, keylen, &s->internal_key);
+ AES_encrypt(s->data, s->result, &key);
+ s->result_index = 16;
+ } else if ((s->ctrl & TYPE) == 1 << 8) {
+ AES_set_decrypt_key(keydata, keylen, &key);
+ AES_set_decrypt_key(keydata, keylen, &s->internal_key);
+ AES_decrypt(s->data, s->result, &key);
+ s->result_index = 16;
+ } else{
+ AES_decrypt(s->data, s->result, &s->internal_key);
+ s->result_index = 16;
+ }
+ s->intfl |= DONE;
+}
+
+static void max78000_aes_write(void *opaque, hwaddr addr,
+ uint64_t val64, unsigned int size)
+{
+ Max78000AesState *s = opaque;
+ uint32_t val = val64;
+ switch (addr) {
+ case CTRL:
+ if (val & OUTPUT_FLUSH) {
+ s->result_index = 0;
+ val &= ~OUTPUT_FLUSH;
+ }
+ if (val & INPUT_FLUSH) {
+ s->data_index = 0;
+ val &= ~INPUT_FLUSH;
+ }
+ if (val & START) {
+ max78000_aes_do_crypto(s);
+ }
+
+ /* Hardware appears to stay enabled even if 0 written */
+ s->ctrl = val | (s->ctrl & AES_EN);
+ break;
+
+ case FIFO:
+ assert(s->data_index <= 12);
+ stl_be_p(&s->data[12 - s->data_index], val);
+ s->data_index += 4;
+ if (s->data_index >= 16) {
+ s->data_index = 0;
+ max78000_aes_do_crypto(s);
+ }
+ break;
+
+ case KEY_BASE ... KEY_END - 4:
+ stl_be_p(&s->key[(KEY_END - KEY_BASE - 4) - (addr - KEY_BASE)], val);
+ break;
+
+ default:
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%"
+ HWADDR_PRIx "\n", __func__, addr);
+ break;
+
+ }
+ max78000_aes_set_status(s);
+}
+
+static void max78000_aes_reset_hold(Object *obj, ResetType type)
+{
+ Max78000AesState *s = MAX78000_AES(obj);
+ s->ctrl = 0;
+ s->status = 0;
+ s->intfl = 0;
+ s->inten = 0;
+
+ s->data_index = 0;
+ s->result_index = 0;
+
+ memset(s->data, 0, sizeof(s->data));
+ memset(s->key, 0, sizeof(s->key));
+ memset(s->result, 0, sizeof(s->result));
+ memset(&s->internal_key, 0, sizeof(s->internal_key));
+}
+
+static const MemoryRegionOps max78000_aes_ops = {
+ .read = max78000_aes_read,
+ .write = max78000_aes_write,
+ .endianness = DEVICE_LITTLE_ENDIAN,
+ .valid.min_access_size = 4,
+ .valid.max_access_size = 4,
+};
+
+static const VMStateDescription vmstate_max78000_aes = {
+ .name = TYPE_MAX78000_AES,
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .fields = (const VMStateField[]) {
+ VMSTATE_UINT32(ctrl, Max78000AesState),
+ VMSTATE_UINT32(status, Max78000AesState),
+ VMSTATE_UINT32(intfl, Max78000AesState),
+ VMSTATE_UINT32(inten, Max78000AesState),
+ VMSTATE_UINT8_ARRAY(data, Max78000AesState, 16),
+ VMSTATE_UINT8_ARRAY(key, Max78000AesState, 32),
+ VMSTATE_UINT8_ARRAY(result, Max78000AesState, 16),
+ VMSTATE_UINT32_ARRAY(internal_key.rd_key, Max78000AesState, 60),
+ VMSTATE_INT32(internal_key.rounds, Max78000AesState),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+static void max78000_aes_init(Object *obj)
+{
+ Max78000AesState *s = MAX78000_AES(obj);
+ sysbus_init_irq(SYS_BUS_DEVICE(obj), &s->irq);
+
+ memory_region_init_io(&s->mmio, obj, &max78000_aes_ops, s,
+ TYPE_MAX78000_AES, 0xc00);
+ sysbus_init_mmio(SYS_BUS_DEVICE(obj), &s->mmio);
+
+}
+
+static void max78000_aes_class_init(ObjectClass *klass, const void *data)
+{
+ ResettableClass *rc = RESETTABLE_CLASS(klass);
+ DeviceClass *dc = DEVICE_CLASS(klass);
+
+ rc->phases.hold = max78000_aes_reset_hold;
+ dc->vmsd = &vmstate_max78000_aes;
+
+}
+
+static const TypeInfo max78000_aes_info = {
+ .name = TYPE_MAX78000_AES,
+ .parent = TYPE_SYS_BUS_DEVICE,
+ .instance_size = sizeof(Max78000AesState),
+ .instance_init = max78000_aes_init,
+ .class_init = max78000_aes_class_init,
+};
+
+static void max78000_aes_register_types(void)
+{
+ type_register_static(&max78000_aes_info);
+}
+
+type_init(max78000_aes_register_types)
diff --git a/hw/misc/max78000_gcr.c b/hw/misc/max78000_gcr.c
index 5916ee615a9..fbbc92cca32 100644
--- a/hw/misc/max78000_gcr.c
+++ b/hw/misc/max78000_gcr.c
@@ -15,6 +15,7 @@
#include "hw/qdev-properties.h"
#include "hw/char/max78000_uart.h"
#include "hw/misc/max78000_trng.h"
+#include "hw/misc/max78000_aes.h"
#include "hw/misc/max78000_gcr.h"
@@ -161,6 +162,9 @@ static void max78000_gcr_write(void *opaque, hwaddr addr,
if (val & TRNG_RESET) {
device_cold_reset(s->trng);
}
+ if (val & AES_RESET) {
+ device_cold_reset(s->aes);
+ }
/* TODO: As other devices are implemented, add them here */
break;
@@ -263,6 +267,8 @@ static const Property max78000_gcr_properties[] = {
TYPE_MAX78000_UART, DeviceState*),
DEFINE_PROP_LINK("trng", Max78000GcrState, trng,
TYPE_MAX78000_TRNG, DeviceState*),
+ DEFINE_PROP_LINK("aes", Max78000GcrState, aes,
+ TYPE_MAX78000_AES, DeviceState*),
};
static const MemoryRegionOps max78000_gcr_ops = {
diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
index c7aae4c9e76..1634e26fcc9 100644
--- a/hw/arm/Kconfig
+++ b/hw/arm/Kconfig
@@ -370,6 +370,7 @@ config MAX78000_SOC
select MAX78000_UART
select MAX78000_GCR
select MAX78000_TRNG
+ select MAX78000_AES
config RASPI
bool
diff --git a/hw/misc/Kconfig b/hw/misc/Kconfig
index dd6a6e54dad..c27285b47ab 100644
--- a/hw/misc/Kconfig
+++ b/hw/misc/Kconfig
@@ -47,6 +47,9 @@ config A9SCU
config ARM11SCU
bool
+config MAX78000_AES
+ bool
+
config MAX78000_GCR
bool
diff --git a/hw/misc/meson.build b/hw/misc/meson.build
index c7c57d924bf..b1d8d8e5d2a 100644
--- a/hw/misc/meson.build
+++ b/hw/misc/meson.build
@@ -70,6 +70,7 @@ system_ss.add(when: 'CONFIG_IMX', if_true: files(
'imx_ccm.c',
'imx_rngc.c',
))
+system_ss.add(when: 'CONFIG_MAX78000_AES', if_true: files('max78000_aes.c'))
system_ss.add(when: 'CONFIG_MAX78000_GCR', if_true: files('max78000_gcr.c'))
system_ss.add(when: 'CONFIG_MAX78000_ICC', if_true: files('max78000_icc.c'))
system_ss.add(when: 'CONFIG_MAX78000_TRNG', if_true: files('max78000_trng.c'))
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 11/36] MAX78000: Add AES to SOC
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (9 preceding siblings ...)
2025-07-11 13:34 ` [PULL 10/36] MAX78000: AES implementation Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-11 13:34 ` [PULL 12/36] hw/cxl-host: Add an index field to CXLFixedMemoryWindow Peter Maydell
` (25 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
From: Jackson Donaldson <jackson88044@gmail.com>
This commit adds AES to max78000_soc
Signed-off-by: Jackson Donaldson <jcksn@duck.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20250704223239.248781-12-jcksn@duck.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
include/hw/arm/max78000_soc.h | 2 ++
hw/arm/max78000_soc.c | 12 +++++++++---
2 files changed, 11 insertions(+), 3 deletions(-)
diff --git a/include/hw/arm/max78000_soc.h b/include/hw/arm/max78000_soc.h
index 528598cfcbe..a203079ee9a 100644
--- a/include/hw/arm/max78000_soc.h
+++ b/include/hw/arm/max78000_soc.h
@@ -11,6 +11,7 @@
#include "hw/or-irq.h"
#include "hw/arm/armv7m.h"
+#include "hw/misc/max78000_aes.h"
#include "hw/misc/max78000_gcr.h"
#include "hw/misc/max78000_icc.h"
#include "hw/char/max78000_uart.h"
@@ -41,6 +42,7 @@ struct MAX78000State {
Max78000IccState icc[MAX78000_NUM_ICC];
Max78000UartState uart[MAX78000_NUM_UART];
Max78000TrngState trng;
+ Max78000AesState aes;
Clock *sysclk;
};
diff --git a/hw/arm/max78000_soc.c b/hw/arm/max78000_soc.c
index 3f2069fb039..7f1856f5ba1 100644
--- a/hw/arm/max78000_soc.c
+++ b/hw/arm/max78000_soc.c
@@ -45,6 +45,8 @@ static void max78000_soc_initfn(Object *obj)
object_initialize_child(obj, "trng", &s->trng, TYPE_MAX78000_TRNG);
+ object_initialize_child(obj, "aes", &s->aes, TYPE_MAX78000_AES);
+
s->sysclk = qdev_init_clock_in(DEVICE(s), "sysclk", NULL, NULL, 0);
}
@@ -133,6 +135,13 @@ static void max78000_soc_realize(DeviceState *dev_soc, Error **errp)
object_property_set_link(OBJECT(gcrdev), "trng", OBJECT(dev), &err);
+ dev = DEVICE(&s->aes);
+ sysbus_realize(SYS_BUS_DEVICE(dev), errp);
+ sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, 0x40007400);
+ sysbus_connect_irq(SYS_BUS_DEVICE(dev), 0, qdev_get_gpio_in(armv7m, 5));
+
+ object_property_set_link(OBJECT(gcrdev), "aes", OBJECT(dev), &err);
+
dev = DEVICE(&s->gcr);
sysbus_realize(SYS_BUS_DEVICE(dev), errp);
sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, 0x40000000);
@@ -148,9 +157,6 @@ static void max78000_soc_realize(DeviceState *dev_soc, Error **errp)
create_unimplemented_device("powerSequencer", 0x40006800, 0x400);
create_unimplemented_device("miscControl", 0x40006c00, 0x400);
- create_unimplemented_device("aes", 0x40007400, 0x400);
- create_unimplemented_device("aesKey", 0x40007800, 0x400);
-
create_unimplemented_device("gpio0", 0x40008000, 0x1000);
create_unimplemented_device("gpio1", 0x40009000, 0x1000);
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 12/36] hw/cxl-host: Add an index field to CXLFixedMemoryWindow
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (10 preceding siblings ...)
2025-07-11 13:34 ` [PULL 11/36] MAX78000: Add AES to SOC Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-11 13:34 ` [PULL 13/36] hw/cxl: Make the CXL fixed memory windows devices Peter Maydell
` (24 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
From: Jonathan Cameron <Jonathan.Cameron@huawei.com>
To enable these to be found in a fixed order, that order needs to be known.
This will later be used to sort a list of these structures so that address
map and ACPI table entries are predictable.
Tested-by: Li Zhijian <lizhijian@fujitsu.com>
Reviewed-by: Li Zhijian <lizhijian@fujitsu.com>
Reviewed-by: Fan Ni <fan.ni@samsung.com>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Tested-by: Itaru Kitayama <itaru.kitayama@fujitsu.com>
Message-id: 20250703104110.992379-2-Jonathan.Cameron@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
include/hw/cxl/cxl.h | 1 +
hw/cxl/cxl-host.c | 9 ++++++---
2 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/include/hw/cxl/cxl.h b/include/hw/cxl/cxl.h
index 75e47b68644..b2bcce7ed60 100644
--- a/include/hw/cxl/cxl.h
+++ b/include/hw/cxl/cxl.h
@@ -27,6 +27,7 @@
typedef struct PXBCXLDev PXBCXLDev;
typedef struct CXLFixedWindow {
+ int index;
uint64_t size;
char **targets;
PXBCXLDev *target_hbs[16];
diff --git a/hw/cxl/cxl-host.c b/hw/cxl/cxl-host.c
index e0101631744..b7aa429ddf4 100644
--- a/hw/cxl/cxl-host.c
+++ b/hw/cxl/cxl-host.c
@@ -24,13 +24,15 @@
static void cxl_fixed_memory_window_config(CXLState *cxl_state,
CXLFixedMemoryWindowOptions *object,
- Error **errp)
+ int index, Error **errp)
{
ERRP_GUARD();
g_autofree CXLFixedWindow *fw = g_malloc0(sizeof(*fw));
strList *target;
int i;
+ fw->index = index;
+
for (target = object->targets; target; target = target->next) {
fw->num_targets++;
}
@@ -325,14 +327,15 @@ static void machine_set_cfmw(Object *obj, Visitor *v, const char *name,
CXLState *state = opaque;
CXLFixedMemoryWindowOptionsList *cfmw_list = NULL;
CXLFixedMemoryWindowOptionsList *it;
+ int index;
visit_type_CXLFixedMemoryWindowOptionsList(v, name, &cfmw_list, errp);
if (!cfmw_list) {
return;
}
- for (it = cfmw_list; it; it = it->next) {
- cxl_fixed_memory_window_config(state, it->value, errp);
+ for (it = cfmw_list, index = 0; it; it = it->next, index++) {
+ cxl_fixed_memory_window_config(state, it->value, index, errp);
}
state->cfmw_list = cfmw_list;
}
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 13/36] hw/cxl: Make the CXL fixed memory windows devices.
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (11 preceding siblings ...)
2025-07-11 13:34 ` [PULL 12/36] hw/cxl-host: Add an index field to CXLFixedMemoryWindow Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-11 13:34 ` [PULL 14/36] hw/arm/virt: Basic CXL enablement on pci_expander_bridge instances pxb-cxl Peter Maydell
` (23 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
From: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Previously these somewhat device like structures were tracked using a list
in the CXLState in each machine. This is proving restrictive in a few
cases where we need to iterate through these without being aware of the
machine type. Just make them sysbus devices.
Restrict them to not user created as they need to be visible to early
stages of machine init given effects on the memory map.
This change both simplifies state tracking and enables features needed
for performance optimization and hotness tracking by making it possible
to retrieve the fixed memory window on actions elsewhere in the topology.
In some cases the ordering of the Fixed Memory Windows matters.
For those utility functions provide a GSList sorted by the window index.
This ensures that we get consistency across:
- ordering in the command line
- ordering of the host PA ranges
- ordering of ACPI CEDT structures describing the CFMWS.
Other aspects don't have this constraint. For those direct iteration
of the underlying hash structures is fine.
In the setup path for the memory map in pc_memory_init() split the
operations into two calls. The first, cxl_fmws_set_mmemap(), loops over
fixed memory windows in order and assigns their addresses. The second,
cxl_fmws_update_mmio() actually sets up the mmio for each window.
This is obviously less efficient than a single loop but this split design
is needed to put the logic in two different places in the arm64 support
and it is not a hot enough path to justify an x86 only implementation.
Reviewed-by: Li Zhijian <lizhijian@fujitsu.com>
Tested-by: Li Zhijian <lizhijian@fujitsu.com>
Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Tested-by: Itaru Kitayama <itaru.kitayama@fujitsu.com>
Message-id: 20250703104110.992379-3-Jonathan.Cameron@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
include/hw/cxl/cxl.h | 4 +-
include/hw/cxl/cxl_host.h | 5 +-
hw/acpi/cxl.c | 76 +++++++++--------
hw/cxl/cxl-host-stubs.c | 7 +-
hw/cxl/cxl-host.c | 167 +++++++++++++++++++++++++++++++-------
hw/i386/pc.c | 50 +++++-------
6 files changed, 214 insertions(+), 95 deletions(-)
diff --git a/include/hw/cxl/cxl.h b/include/hw/cxl/cxl.h
index b2bcce7ed60..de66ab8c354 100644
--- a/include/hw/cxl/cxl.h
+++ b/include/hw/cxl/cxl.h
@@ -27,6 +27,7 @@
typedef struct PXBCXLDev PXBCXLDev;
typedef struct CXLFixedWindow {
+ SysBusDevice parent_obj;
int index;
uint64_t size;
char **targets;
@@ -38,12 +39,13 @@ typedef struct CXLFixedWindow {
MemoryRegion mr;
hwaddr base;
} CXLFixedWindow;
+#define TYPE_CXL_FMW "cxl-fmw"
+OBJECT_DECLARE_SIMPLE_TYPE(CXLFixedWindow, CXL_FMW)
typedef struct CXLState {
bool is_enabled;
MemoryRegion host_mr;
unsigned int next_mr_idx;
- GList *fixed_windows;
CXLFixedMemoryWindowOptionsList *cfmw_list;
} CXLState;
diff --git a/include/hw/cxl/cxl_host.h b/include/hw/cxl/cxl_host.h
index c9bc9c7c500..cd3c368c86a 100644
--- a/include/hw/cxl/cxl_host.h
+++ b/include/hw/cxl/cxl_host.h
@@ -14,8 +14,11 @@
#define CXL_HOST_H
void cxl_machine_init(Object *obj, CXLState *state);
-void cxl_fmws_link_targets(CXLState *stat, Error **errp);
+void cxl_fmws_link_targets(Error **errp);
void cxl_hook_up_pxb_registers(PCIBus *bus, CXLState *state, Error **errp);
+hwaddr cxl_fmws_set_memmap(hwaddr base, hwaddr max_addr);
+void cxl_fmws_update_mmio(void);
+GSList *cxl_fmws_get_all_sorted(void);
extern const MemoryRegionOps cfmws_ops;
diff --git a/hw/acpi/cxl.c b/hw/acpi/cxl.c
index 9cd7905ea25..75d5b30bb8b 100644
--- a/hw/acpi/cxl.c
+++ b/hw/acpi/cxl.c
@@ -22,6 +22,7 @@
#include "hw/pci/pci_bridge.h"
#include "hw/pci/pci_host.h"
#include "hw/cxl/cxl.h"
+#include "hw/cxl/cxl_host.h"
#include "hw/mem/memory-device.h"
#include "hw/acpi/acpi.h"
#include "hw/acpi/aml-build.h"
@@ -135,55 +136,52 @@ static void cedt_build_chbs(GArray *table_data, PXBCXLDev *cxl)
* Interleave ways encoding in CXL 2.0 ECN: 3, 6, 12 and 16-way memory
* interleaving.
*/
-static void cedt_build_cfmws(GArray *table_data, CXLState *cxls)
+static void cedt_build_cfmws(CXLFixedWindow *fw, Aml *cedt)
{
- GList *it;
+ GArray *table_data = cedt->buf;
+ int i;
- for (it = cxls->fixed_windows; it; it = it->next) {
- CXLFixedWindow *fw = it->data;
- int i;
+ /* Type */
+ build_append_int_noprefix(table_data, 1, 1);
- /* Type */
- build_append_int_noprefix(table_data, 1, 1);
+ /* Reserved */
+ build_append_int_noprefix(table_data, 0, 1);
- /* Reserved */
- build_append_int_noprefix(table_data, 0, 1);
+ /* Record Length */
+ build_append_int_noprefix(table_data, 36 + 4 * fw->num_targets, 2);
- /* Record Length */
- build_append_int_noprefix(table_data, 36 + 4 * fw->num_targets, 2);
+ /* Reserved */
+ build_append_int_noprefix(table_data, 0, 4);
- /* Reserved */
- build_append_int_noprefix(table_data, 0, 4);
+ /* Base HPA */
+ build_append_int_noprefix(table_data, fw->mr.addr, 8);
- /* Base HPA */
- build_append_int_noprefix(table_data, fw->mr.addr, 8);
+ /* Window Size */
+ build_append_int_noprefix(table_data, fw->size, 8);
- /* Window Size */
- build_append_int_noprefix(table_data, fw->size, 8);
+ /* Host Bridge Interleave Ways */
+ build_append_int_noprefix(table_data, fw->enc_int_ways, 1);
- /* Host Bridge Interleave Ways */
- build_append_int_noprefix(table_data, fw->enc_int_ways, 1);
+ /* Host Bridge Interleave Arithmetic */
+ build_append_int_noprefix(table_data, 0, 1);
- /* Host Bridge Interleave Arithmetic */
- build_append_int_noprefix(table_data, 0, 1);
+ /* Reserved */
+ build_append_int_noprefix(table_data, 0, 2);
- /* Reserved */
- build_append_int_noprefix(table_data, 0, 2);
+ /* Host Bridge Interleave Granularity */
+ build_append_int_noprefix(table_data, fw->enc_int_gran, 4);
- /* Host Bridge Interleave Granularity */
- build_append_int_noprefix(table_data, fw->enc_int_gran, 4);
+ /* Window Restrictions */
+ build_append_int_noprefix(table_data, 0x0f, 2);
- /* Window Restrictions */
- build_append_int_noprefix(table_data, 0x0f, 2); /* No restrictions */
+ /* QTG ID */
+ build_append_int_noprefix(table_data, 0, 2);
- /* QTG ID */
- build_append_int_noprefix(table_data, 0, 2);
-
- /* Host Bridge List (list of UIDs - currently bus_nr) */
- for (i = 0; i < fw->num_targets; i++) {
- g_assert(fw->target_hbs[i]);
- build_append_int_noprefix(table_data, PXB_DEV(fw->target_hbs[i])->bus_nr, 4);
- }
+ /* Host Bridge List (list of UIDs - currently bus_nr) */
+ for (i = 0; i < fw->num_targets; i++) {
+ g_assert(fw->target_hbs[i]);
+ build_append_int_noprefix(table_data,
+ PXB_DEV(fw->target_hbs[i])->bus_nr, 4);
}
}
@@ -202,6 +200,7 @@ void cxl_build_cedt(GArray *table_offsets, GArray *table_data,
BIOSLinker *linker, const char *oem_id,
const char *oem_table_id, CXLState *cxl_state)
{
+ GSList *cfmws_list, *iter;
Aml *cedt;
AcpiTable table = { .sig = "CEDT", .rev = 1, .oem_id = oem_id,
.oem_table_id = oem_table_id };
@@ -213,7 +212,12 @@ void cxl_build_cedt(GArray *table_offsets, GArray *table_data,
/* reserve space for CEDT header */
object_child_foreach_recursive(object_get_root(), cxl_foreach_pxb_hb, cedt);
- cedt_build_cfmws(cedt->buf, cxl_state);
+
+ cfmws_list = cxl_fmws_get_all_sorted();
+ for (iter = cfmws_list; iter; iter = iter->next) {
+ cedt_build_cfmws(CXL_FMW(iter->data), cedt);
+ }
+ g_slist_free(cfmws_list);
/* copy AML table into ACPI tables blob and patch header there */
g_array_append_vals(table_data, cedt->buf->data, cedt->buf->len);
diff --git a/hw/cxl/cxl-host-stubs.c b/hw/cxl/cxl-host-stubs.c
index cae4afcdde2..c015baac813 100644
--- a/hw/cxl/cxl-host-stubs.c
+++ b/hw/cxl/cxl-host-stubs.c
@@ -8,8 +8,13 @@
#include "hw/cxl/cxl.h"
#include "hw/cxl/cxl_host.h"
-void cxl_fmws_link_targets(CXLState *stat, Error **errp) {};
+void cxl_fmws_link_targets(Error **errp) {};
void cxl_machine_init(Object *obj, CXLState *state) {};
void cxl_hook_up_pxb_registers(PCIBus *bus, CXLState *state, Error **errp) {};
+hwaddr cxl_fmws_set_memmap(hwaddr base, hwaddr max_addr)
+{
+ return base;
+};
+void cxl_fmws_update_mmio(void) {};
const MemoryRegionOps cfmws_ops;
diff --git a/hw/cxl/cxl-host.c b/hw/cxl/cxl-host.c
index b7aa429ddf4..5c2ce25a19c 100644
--- a/hw/cxl/cxl-host.c
+++ b/hw/cxl/cxl-host.c
@@ -22,12 +22,12 @@
#include "hw/pci/pcie_port.h"
#include "hw/pci-bridge/pci_expander_bridge.h"
-static void cxl_fixed_memory_window_config(CXLState *cxl_state,
- CXLFixedMemoryWindowOptions *object,
+static void cxl_fixed_memory_window_config(CXLFixedMemoryWindowOptions *object,
int index, Error **errp)
{
ERRP_GUARD();
- g_autofree CXLFixedWindow *fw = g_malloc0(sizeof(*fw));
+ DeviceState *dev = qdev_new(TYPE_CXL_FMW);
+ CXLFixedWindow *fw = CXL_FMW(dev);
strList *target;
int i;
@@ -67,35 +67,39 @@ static void cxl_fixed_memory_window_config(CXLState *cxl_state,
fw->targets[i] = g_strdup(target->value);
}
- cxl_state->fixed_windows = g_list_append(cxl_state->fixed_windows,
- g_steal_pointer(&fw));
+ sysbus_realize_and_unref(SYS_BUS_DEVICE(dev), errp);
}
-void cxl_fmws_link_targets(CXLState *cxl_state, Error **errp)
+static int cxl_fmws_link(Object *obj, void *opaque)
{
- if (cxl_state && cxl_state->fixed_windows) {
- GList *it;
+ struct CXLFixedWindow *fw;
+ int i;
- for (it = cxl_state->fixed_windows; it; it = it->next) {
- CXLFixedWindow *fw = it->data;
- int i;
-
- for (i = 0; i < fw->num_targets; i++) {
- Object *o;
- bool ambig;
-
- o = object_resolve_path_type(fw->targets[i],
- TYPE_PXB_CXL_DEV,
- &ambig);
- if (!o) {
- error_setg(errp, "Could not resolve CXLFM target %s",
- fw->targets[i]);
- return;
- }
- fw->target_hbs[i] = PXB_CXL_DEV(o);
- }
- }
+ if (!object_dynamic_cast(obj, TYPE_CXL_FMW)) {
+ return 0;
}
+ fw = CXL_FMW(obj);
+
+ for (i = 0; i < fw->num_targets; i++) {
+ Object *o;
+ bool ambig;
+
+ o = object_resolve_path_type(fw->targets[i], TYPE_PXB_CXL_DEV,
+ &ambig);
+ if (!o) {
+ error_setg(&error_fatal, "Could not resolve CXLFM target %s",
+ fw->targets[i]);
+ return 1;
+ }
+ fw->target_hbs[i] = PXB_CXL_DEV(o);
+ }
+ return 0;
+}
+
+void cxl_fmws_link_targets(Error **errp)
+{
+ /* Order doesn't matter for this, so no need to build list */
+ object_child_foreach_recursive(object_get_root(), cxl_fmws_link, NULL);
}
static bool cxl_hdm_find_target(uint32_t *cache_mem, hwaddr addr,
@@ -335,7 +339,7 @@ static void machine_set_cfmw(Object *obj, Visitor *v, const char *name,
}
for (it = cfmw_list, index = 0; it; it = it->next, index++) {
- cxl_fixed_memory_window_config(state, it->value, index, errp);
+ cxl_fixed_memory_window_config(it->value, index, errp);
}
state->cfmw_list = cfmw_list;
}
@@ -373,3 +377,110 @@ void cxl_hook_up_pxb_registers(PCIBus *bus, CXLState *state, Error **errp)
}
}
}
+
+static int cxl_fmws_find(Object *obj, void *opaque)
+{
+ GSList **list = opaque;
+
+ if (!object_dynamic_cast(obj, TYPE_CXL_FMW)) {
+ return 0;
+ }
+ *list = g_slist_prepend(*list, obj);
+
+ return 0;
+}
+
+static GSList *cxl_fmws_get_all(void)
+{
+ GSList *list = NULL;
+
+ object_child_foreach_recursive(object_get_root(), cxl_fmws_find, &list);
+
+ return list;
+}
+
+static gint cfmws_cmp(gconstpointer a, gconstpointer b, gpointer d)
+{
+ const struct CXLFixedWindow *ap = a;
+ const struct CXLFixedWindow *bp = b;
+
+ return ap->index > bp->index;
+}
+
+GSList *cxl_fmws_get_all_sorted(void)
+{
+ return g_slist_sort_with_data(cxl_fmws_get_all(), cfmws_cmp, NULL);
+}
+
+static int cxl_fmws_mmio_map(Object *obj, void *opaque)
+{
+ struct CXLFixedWindow *fw;
+
+ if (!object_dynamic_cast(obj, TYPE_CXL_FMW)) {
+ return 0;
+ }
+ fw = CXL_FMW(obj);
+ sysbus_mmio_map(SYS_BUS_DEVICE(fw), 0, fw->base);
+
+ return 0;
+}
+
+void cxl_fmws_update_mmio(void)
+{
+ /* Ordering is not required for this */
+ object_child_foreach_recursive(object_get_root(), cxl_fmws_mmio_map, NULL);
+}
+
+hwaddr cxl_fmws_set_memmap(hwaddr base, hwaddr max_addr)
+{
+ GSList *cfmws_list, *iter;
+ CXLFixedWindow *fw;
+
+ cfmws_list = cxl_fmws_get_all_sorted();
+ for (iter = cfmws_list; iter; iter = iter->next) {
+ fw = CXL_FMW(iter->data);
+ if (base + fw->size <= max_addr) {
+ fw->base = base;
+ base += fw->size;
+ }
+ }
+ g_slist_free(cfmws_list);
+
+ return base;
+}
+
+static void cxl_fmw_realize(DeviceState *dev, Error **errp)
+{
+ CXLFixedWindow *fw = CXL_FMW(dev);
+
+ memory_region_init_io(&fw->mr, OBJECT(dev), &cfmws_ops, fw,
+ "cxl-fixed-memory-region", fw->size);
+ sysbus_init_mmio(SYS_BUS_DEVICE(dev), &fw->mr);
+}
+
+/*
+ * Note: Fixed memory windows represent fixed address decoders on the host and
+ * as such have no dynamic state to reset or migrate
+ */
+static void cxl_fmw_class_init(ObjectClass *klass, const void *data)
+{
+ DeviceClass *dc = DEVICE_CLASS(klass);
+
+ dc->desc = "CXL Fixed Memory Window";
+ dc->realize = cxl_fmw_realize;
+ /* Reason - created by machines as tightly coupled to machine memory map */
+ dc->user_creatable = false;
+}
+
+static const TypeInfo cxl_fmw_info = {
+ .name = TYPE_CXL_FMW,
+ .parent = TYPE_SYS_BUS_DEVICE,
+ .instance_size = sizeof(CXLFixedWindow),
+ .class_init = cxl_fmw_class_init,
+};
+
+static void cxl_host_register_types(void)
+{
+ type_register_static(&cxl_fmw_info);
+}
+type_init(cxl_host_register_types)
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index b2116335752..860346d6b7f 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -609,7 +609,7 @@ void pc_machine_done(Notifier *notifier, void *data)
&error_fatal);
if (pcms->cxl_devices_state.is_enabled) {
- cxl_fmws_link_targets(&pcms->cxl_devices_state, &error_fatal);
+ cxl_fmws_link_targets(&error_fatal);
}
/* set the number of CPUs */
@@ -718,20 +718,28 @@ static uint64_t pc_get_cxl_range_start(PCMachineState *pcms)
return cxl_base;
}
+static int cxl_get_fmw_end(Object *obj, void *opaque)
+{
+ struct CXLFixedWindow *fw;
+ uint64_t *start = opaque;
+
+ if (!object_dynamic_cast(obj, TYPE_CXL_FMW)) {
+ return 0;
+ }
+ fw = CXL_FMW(obj);
+
+ *start += fw->size;
+
+ return 0;
+}
+
static uint64_t pc_get_cxl_range_end(PCMachineState *pcms)
{
uint64_t start = pc_get_cxl_range_start(pcms) + MiB;
- if (pcms->cxl_devices_state.fixed_windows) {
- GList *it;
-
- start = ROUND_UP(start, 256 * MiB);
- for (it = pcms->cxl_devices_state.fixed_windows; it; it = it->next) {
- CXLFixedWindow *fw = it->data;
- start += fw->size;
- }
- }
-
+ /* Ordering doesn't matter so no need to build a sorted list */
+ object_child_foreach_recursive(object_get_root(), cxl_get_fmw_end,
+ &start);
return start;
}
@@ -933,23 +941,9 @@ void pc_memory_init(PCMachineState *pcms,
cxl_base = pc_get_cxl_range_start(pcms);
memory_region_init(mr, OBJECT(machine), "cxl_host_reg", cxl_size);
memory_region_add_subregion(system_memory, cxl_base, mr);
- cxl_resv_end = cxl_base + cxl_size;
- if (pcms->cxl_devices_state.fixed_windows) {
- hwaddr cxl_fmw_base;
- GList *it;
-
- cxl_fmw_base = ROUND_UP(cxl_base + cxl_size, 256 * MiB);
- for (it = pcms->cxl_devices_state.fixed_windows; it; it = it->next) {
- CXLFixedWindow *fw = it->data;
-
- fw->base = cxl_fmw_base;
- memory_region_init_io(&fw->mr, OBJECT(machine), &cfmws_ops, fw,
- "cxl-fixed-memory-region", fw->size);
- memory_region_add_subregion(system_memory, fw->base, &fw->mr);
- cxl_fmw_base += fw->size;
- cxl_resv_end = cxl_fmw_base;
- }
- }
+ cxl_base = ROUND_UP(cxl_base + cxl_size, 256 * MiB);
+ cxl_resv_end = cxl_fmws_set_memmap(cxl_base, maxphysaddr);
+ cxl_fmws_update_mmio();
}
/* Initialize PC system firmware */
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 14/36] hw/arm/virt: Basic CXL enablement on pci_expander_bridge instances pxb-cxl
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (12 preceding siblings ...)
2025-07-11 13:34 ` [PULL 13/36] hw/cxl: Make the CXL fixed memory windows devices Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-11 13:34 ` [PULL 15/36] docs/cxl: Add an arm/virt example Peter Maydell
` (22 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
From: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Code based on i386/pc enablement.
The memory layout places space for 16 host bridge register regions after
the GIC_REDIST2 in the extended memmap. This is a hole in the current
map so adding them here has no impact on placement of other memory regions
(tested with enough CPUs for GIC_REDIST2 to be in use.)
The high memory map is GiB aligned so the hole is there whatever the
size of memory or device_memory below this point.
The CFMWs are placed above the extended memmap. Note the existing
variable highest_gpa is the highest GPA that has been allocated at
a particular point in setting up the memory map. Whilst this caused
some confusion in review there are existing comments explaining this
so nothing is added.
The cxl_devices_state.host_mr provides a small space in which to place
the individual host bridge register regions for whatever host bridges are
allocated via -device pxb-cxl on the command line. The existing dynamic
sysbus infrastructure is not reused because pxb-cxl is a PCI device not
a sysbus one but these registers are directly in the main memory map,
not the PCI address space.
Only create the CEDT table if cxl=on set for the machine. Default to off.
Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Tested-by: Itaru Kitayama <itaru.kitayama@fujitsu.com>
Tested-by: Li Zhijian <lizhijian@fujitsu.com>
Message-id: 20250703104110.992379-4-Jonathan.Cameron@huawei.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
docs/system/arm/virt.rst | 9 +++++++++
include/hw/arm/virt.h | 4 ++++
hw/arm/virt-acpi-build.c | 34 ++++++++++++++++++++++++++++++++++
hw/arm/virt.c | 30 ++++++++++++++++++++++++++++++
4 files changed, 77 insertions(+)
diff --git a/docs/system/arm/virt.rst b/docs/system/arm/virt.rst
index 6a719b95863..10cbffc8a70 100644
--- a/docs/system/arm/virt.rst
+++ b/docs/system/arm/virt.rst
@@ -31,6 +31,7 @@ Supported devices
The virt board supports:
- PCI/PCIe devices
+- CXL Fixed memory windows, root bridges and devices.
- Flash memory
- Either one or two PL011 UARTs for the NonSecure World
- An RTC
@@ -189,6 +190,14 @@ ras
acpi
Set ``on``/``off``/``auto`` to enable/disable ACPI.
+cxl
+ Set ``on``/``off`` to enable/disable CXL. More details in
+ :doc:`../devices/cxl`. The default is off.
+
+cxl-fmw
+ Array of CXL fixed memory windows describing fixed address routing to
+ target CXL host bridges. See :doc:`../devices/cxl`.
+
dtb-randomness
Set ``on``/``off`` to pass random seeds via the guest DTB
rng-seed and kaslr-seed nodes (in both "/chosen" and
diff --git a/include/hw/arm/virt.h b/include/hw/arm/virt.h
index 9a1b0f53d21..4375819ea06 100644
--- a/include/hw/arm/virt.h
+++ b/include/hw/arm/virt.h
@@ -36,6 +36,7 @@
#include "hw/arm/boot.h"
#include "hw/arm/bsa.h"
#include "hw/block/flash.h"
+#include "hw/cxl/cxl.h"
#include "system/kvm.h"
#include "hw/intc/arm_gicv3_common.h"
#include "qom/object.h"
@@ -85,6 +86,7 @@ enum {
/* indices of IO regions located after the RAM */
enum {
VIRT_HIGH_GIC_REDIST2 = VIRT_LOWMEMMAP_LAST,
+ VIRT_CXL_HOST,
VIRT_HIGH_PCIE_ECAM,
VIRT_HIGH_PCIE_MMIO,
};
@@ -140,6 +142,7 @@ struct VirtMachineState {
bool secure;
bool highmem;
bool highmem_compact;
+ bool highmem_cxl;
bool highmem_ecam;
bool highmem_mmio;
bool highmem_redists;
@@ -174,6 +177,7 @@ struct VirtMachineState {
char *oem_id;
char *oem_table_id;
bool ns_el2_virt_timer_irq;
+ CXLState cxl_devices_state;
};
#define VIRT_ECAM_ID(high) (high ? VIRT_HIGH_PCIE_ECAM : VIRT_PCIE_ECAM)
diff --git a/hw/arm/virt-acpi-build.c b/hw/arm/virt-acpi-build.c
index cd90c47976c..c3b9b3f6ea4 100644
--- a/hw/arm/virt-acpi-build.c
+++ b/hw/arm/virt-acpi-build.c
@@ -39,10 +39,12 @@
#include "hw/acpi/aml-build.h"
#include "hw/acpi/utils.h"
#include "hw/acpi/pci.h"
+#include "hw/acpi/cxl.h"
#include "hw/acpi/memory_hotplug.h"
#include "hw/acpi/generic_event_device.h"
#include "hw/acpi/tpm.h"
#include "hw/acpi/hmat.h"
+#include "hw/cxl/cxl.h"
#include "hw/pci/pcie_host.h"
#include "hw/pci/pci.h"
#include "hw/pci/pci_bus.h"
@@ -119,10 +121,29 @@ static void acpi_dsdt_add_flash(Aml *scope, const MemMapEntry *flash_memmap)
aml_append(scope, dev);
}
+static void build_acpi0017(Aml *table)
+{
+ Aml *dev, *scope, *method;
+
+ scope = aml_scope("_SB");
+ dev = aml_device("CXLM");
+ aml_append(dev, aml_name_decl("_HID", aml_string("ACPI0017")));
+
+ method = aml_method("_STA", 0, AML_NOTSERIALIZED);
+ aml_append(method, aml_return(aml_int(0x0B)));
+ aml_append(dev, method);
+ build_cxl_dsm_method(dev);
+
+ aml_append(scope, dev);
+ aml_append(table, scope);
+}
+
static void acpi_dsdt_add_pci(Aml *scope, const MemMapEntry *memmap,
uint32_t irq, VirtMachineState *vms)
{
int ecam_id = VIRT_ECAM_ID(vms->highmem_ecam);
+ bool cxl_present = false;
+ PCIBus *bus = vms->bus;
struct GPEXConfig cfg = {
.mmio32 = memmap[VIRT_PCIE_MMIO],
.pio = memmap[VIRT_PCIE_PIO],
@@ -136,6 +157,14 @@ static void acpi_dsdt_add_pci(Aml *scope, const MemMapEntry *memmap,
}
acpi_dsdt_add_gpex(scope, &cfg);
+ QLIST_FOREACH(bus, &vms->bus->child, sibling) {
+ if (pci_bus_is_cxl(bus)) {
+ cxl_present = true;
+ }
+ }
+ if (cxl_present) {
+ build_acpi0017(scope);
+ }
}
static void acpi_dsdt_add_gpio(Aml *scope, const MemMapEntry *gpio_memmap,
@@ -1027,6 +1056,11 @@ void virt_acpi_build(VirtMachineState *vms, AcpiBuildTables *tables)
}
}
+ if (vms->cxl_devices_state.is_enabled) {
+ cxl_build_cedt(table_offsets, tables_blob, tables->linker,
+ vms->oem_id, vms->oem_table_id, &vms->cxl_devices_state);
+ }
+
if (ms->nvdimms_state->is_enabled) {
nvdimm_build_acpi(table_offsets, tables_blob, tables->linker,
ms->nvdimms_state, ms->ram_slots, vms->oem_id,
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
index 3bcdf92e2ff..394e8b53018 100644
--- a/hw/arm/virt.c
+++ b/hw/arm/virt.c
@@ -57,6 +57,7 @@
#include "qemu/error-report.h"
#include "qemu/module.h"
#include "hw/pci-host/gpex.h"
+#include "hw/pci-bridge/pci_expander_bridge.h"
#include "hw/virtio/virtio-pci.h"
#include "hw/core/sysbus-fdt.h"
#include "hw/platform-bus.h"
@@ -86,6 +87,8 @@
#include "hw/virtio/virtio-md-pci.h"
#include "hw/virtio/virtio-iommu.h"
#include "hw/char/pl011.h"
+#include "hw/cxl/cxl.h"
+#include "hw/cxl/cxl_host.h"
#include "qemu/guest-random.h"
static GlobalProperty arm_virt_compat[] = {
@@ -220,9 +223,11 @@ static const MemMapEntry base_memmap[] = {
static MemMapEntry extended_memmap[] = {
/* Additional 64 MB redist region (can contain up to 512 redistributors) */
[VIRT_HIGH_GIC_REDIST2] = { 0x0, 64 * MiB },
+ [VIRT_CXL_HOST] = { 0x0, 64 * KiB * 16 }, /* 16 UID */
[VIRT_HIGH_PCIE_ECAM] = { 0x0, 256 * MiB },
/* Second PCIe window */
[VIRT_HIGH_PCIE_MMIO] = { 0x0, DEFAULT_HIGH_PCIE_MMIO_SIZE },
+ /* Any CXL Fixed memory windows come here */
};
static const int a15irqmap[] = {
@@ -1623,6 +1628,17 @@ static void create_pcie(VirtMachineState *vms)
}
}
+static void create_cxl_host_reg_region(VirtMachineState *vms)
+{
+ MemoryRegion *sysmem = get_system_memory();
+ MemoryRegion *mr = &vms->cxl_devices_state.host_mr;
+
+ memory_region_init(mr, OBJECT(vms), "cxl_host_reg",
+ vms->memmap[VIRT_CXL_HOST].size);
+ memory_region_add_subregion(sysmem, vms->memmap[VIRT_CXL_HOST].base, mr);
+ vms->highmem_cxl = true;
+}
+
static void create_platform_bus(VirtMachineState *vms)
{
DeviceState *dev;
@@ -1739,6 +1755,12 @@ void virt_machine_done(Notifier *notifier, void *data)
struct arm_boot_info *info = &vms->bootinfo;
AddressSpace *as = arm_boot_address_space(cpu, info);
+ cxl_hook_up_pxb_registers(vms->bus, &vms->cxl_devices_state,
+ &error_fatal);
+
+ if (vms->cxl_devices_state.is_enabled) {
+ cxl_fmws_link_targets(&error_fatal);
+ }
/*
* If the user provided a dtb, we assume the dynamic sysbus nodes
* already are integrated there. This corresponds to a use case where
@@ -1785,6 +1807,7 @@ static inline bool *virt_get_high_memmap_enabled(VirtMachineState *vms,
{
bool *enabled_array[] = {
&vms->highmem_redists,
+ &vms->highmem_cxl,
&vms->highmem_ecam,
&vms->highmem_mmio,
};
@@ -1892,6 +1915,9 @@ static void virt_set_memmap(VirtMachineState *vms, int pa_bits)
if (device_memory_size > 0) {
machine_memory_devices_init(ms, device_memory_base, device_memory_size);
}
+ vms->highest_gpa = cxl_fmws_set_memmap(ROUND_UP(vms->highest_gpa + 1,
+ 256 * MiB),
+ BIT_ULL(pa_bits)) - 1;
}
static VirtGICType finalize_gic_version_do(const char *accel_name,
@@ -2343,6 +2369,8 @@ static void machvirt_init(MachineState *machine)
memory_region_add_subregion(sysmem, vms->memmap[VIRT_MEM].base,
machine->ram);
+ cxl_fmws_update_mmio();
+
virt_flash_fdt(vms, sysmem, secure_sysmem ?: sysmem);
create_gic(vms, sysmem);
@@ -2398,6 +2426,7 @@ static void machvirt_init(MachineState *machine)
create_rtc(vms);
create_pcie(vms);
+ create_cxl_host_reg_region(vms);
if (has_ged && aarch64 && firmware_loaded && virt_is_acpi_enabled(vms)) {
vms->acpi_dev = create_acpi_ged(vms);
@@ -3364,6 +3393,7 @@ static void virt_instance_init(Object *obj)
vms->oem_id = g_strndup(ACPI_BUILD_APPNAME6, 6);
vms->oem_table_id = g_strndup(ACPI_BUILD_APPNAME8, 8);
+ cxl_machine_init(obj, &vms->cxl_devices_state);
}
static const TypeInfo virt_machine_info = {
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 15/36] docs/cxl: Add an arm/virt example.
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (13 preceding siblings ...)
2025-07-11 13:34 ` [PULL 14/36] hw/arm/virt: Basic CXL enablement on pci_expander_bridge instances pxb-cxl Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-11 13:34 ` [PULL 16/36] qtest/cxl: Add aarch64 virt test for CXL Peter Maydell
` (21 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
From: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Only add one very simple example as all the i386/pc examples will work
for arm/virt with a change to appropriate executable and appropriate
standard launch line for arm/virt. Note that max cpu is used to
ensure we have plenty of physical address space.
Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Tested-by: Itaru Kitayama <itaru.kitayama@fujitsu.com>
Tested-by: Li Zhijian <lizhijian@fujitsu.com>
Message-id: 20250703104110.992379-5-Jonathan.Cameron@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
docs/system/devices/cxl.rst | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/docs/system/devices/cxl.rst b/docs/system/devices/cxl.rst
index e307caf3f88..ca15a0da1c1 100644
--- a/docs/system/devices/cxl.rst
+++ b/docs/system/devices/cxl.rst
@@ -384,6 +384,17 @@ An example of 4 devices below a switch suitable for 1, 2 or 4 way interleave::
-device cxl-type3,bus=swport3,persistent-memdev=cxl-mem3,lsa=cxl-lsa3,id=cxl-pmem3,sn=0x4 \
-M cxl-fmw.0.targets.0=cxl.1,cxl-fmw.0.size=4G,cxl-fmw.0.interleave-granularity=4k
+A simple arm/virt example featuring a single direct connected CXL Type 3
+Volatile Memory device::
+
+ qemu-system-aarch64 -M virt,gic-version=3,cxl=on -m 4g,maxmem=8g,slots=4 -cpu max -smp 4 \
+ ...
+ -object memory-backend-ram,id=vmem0,share=on,size=256M \
+ -device pxb-cxl,bus_nr=12,bus=pcie.0,id=cxl.1 \
+ -device cxl-rp,port=0,bus=cxl.1,id=root_port13,chassis=0,slot=2 \
+ -device cxl-type3,bus=root_port13,volatile-memdev=vmem0,id=cxl-vmem0 \
+ -M cxl-fmw.0.targets.0=cxl.1,cxl-fmw.0.size=4G
+
Deprecations
------------
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 16/36] qtest/cxl: Add aarch64 virt test for CXL
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (14 preceding siblings ...)
2025-07-11 13:34 ` [PULL 15/36] docs/cxl: Add an arm/virt example Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-11 13:34 ` [PULL 17/36] arm/cpu: store id_afr0 into the idregs array Peter Maydell
` (20 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
From: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Add a single complex case for aarch64 virt machine.
Given existing much more comprehensive tests for x86 cover the common
functionality, a single test should be enough to verify that the aarch64
part continues to work.
Tested-by: Itaru Kitayama <itaru.kitayama@fujitsu.com>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Tested-by: Li Zhijian <lizhijian@fujitsu.com>
Message-id: 20250703104110.992379-6-Jonathan.Cameron@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
tests/qtest/cxl-test.c | 58 ++++++++++++++++++++++++++++++++---------
tests/qtest/meson.build | 1 +
2 files changed, 46 insertions(+), 13 deletions(-)
diff --git a/tests/qtest/cxl-test.c b/tests/qtest/cxl-test.c
index a6003318439..8fb7e58d4f1 100644
--- a/tests/qtest/cxl-test.c
+++ b/tests/qtest/cxl-test.c
@@ -19,6 +19,12 @@
"-device pxb-cxl,id=cxl.1,bus=pcie.0,bus_nr=53 " \
"-M cxl-fmw.0.targets.0=cxl.0,cxl-fmw.0.targets.1=cxl.1,cxl-fmw.0.size=4G "
+#define QEMU_VIRT_2PXB_CMD \
+ "-machine virt,cxl=on -cpu max " \
+ "-device pxb-cxl,id=cxl.0,bus=pcie.0,bus_nr=52 " \
+ "-device pxb-cxl,id=cxl.1,bus=pcie.0,bus_nr=53 " \
+ "-M cxl-fmw.0.targets.0=cxl.0,cxl-fmw.0.targets.1=cxl.1,cxl-fmw.0.size=4G "
+
#define QEMU_RP \
"-device cxl-rp,id=rp0,bus=cxl.0,chassis=0,slot=0 "
@@ -197,25 +203,51 @@ static void cxl_2pxb_4rp_4t3d(void)
qtest_end();
rmdir(tmpfs);
}
+
+static void cxl_virt_2pxb_4rp_4t3d(void)
+{
+ g_autoptr(GString) cmdline = g_string_new(NULL);
+ g_autofree const char *tmpfs = NULL;
+
+ tmpfs = g_dir_make_tmp("cxl-test-XXXXXX", NULL);
+
+ g_string_printf(cmdline, QEMU_VIRT_2PXB_CMD QEMU_4RP QEMU_4T3D,
+ tmpfs, tmpfs, tmpfs, tmpfs, tmpfs, tmpfs,
+ tmpfs, tmpfs);
+
+ qtest_start(cmdline->str);
+ qtest_end();
+ rmdir(tmpfs);
+}
#endif /* CONFIG_POSIX */
int main(int argc, char **argv)
{
- g_test_init(&argc, &argv, NULL);
+ const char *arch = qtest_get_arch();
- qtest_add_func("/pci/cxl/basic_hostbridge", cxl_basic_hb);
- qtest_add_func("/pci/cxl/basic_pxb", cxl_basic_pxb);
- qtest_add_func("/pci/cxl/pxb_with_window", cxl_pxb_with_window);
- qtest_add_func("/pci/cxl/pxb_x2_with_window", cxl_2pxb_with_window);
- qtest_add_func("/pci/cxl/rp", cxl_root_port);
- qtest_add_func("/pci/cxl/rp_x2", cxl_2root_port);
+ g_test_init(&argc, &argv, NULL);
+ if (strcmp(arch, "i386") == 0 || strcmp(arch, "x86_64") == 0) {
+ qtest_add_func("/pci/cxl/basic_hostbridge", cxl_basic_hb);
+ qtest_add_func("/pci/cxl/basic_pxb", cxl_basic_pxb);
+ qtest_add_func("/pci/cxl/pxb_with_window", cxl_pxb_with_window);
+ qtest_add_func("/pci/cxl/pxb_x2_with_window", cxl_2pxb_with_window);
+ qtest_add_func("/pci/cxl/rp", cxl_root_port);
+ qtest_add_func("/pci/cxl/rp_x2", cxl_2root_port);
#ifdef CONFIG_POSIX
- qtest_add_func("/pci/cxl/type3_device", cxl_t3d_deprecated);
- qtest_add_func("/pci/cxl/type3_device_pmem", cxl_t3d_persistent);
- qtest_add_func("/pci/cxl/type3_device_vmem", cxl_t3d_volatile);
- qtest_add_func("/pci/cxl/type3_device_vmem_lsa", cxl_t3d_volatile_lsa);
- qtest_add_func("/pci/cxl/rp_x2_type3_x2", cxl_1pxb_2rp_2t3d);
- qtest_add_func("/pci/cxl/pxb_x2_root_port_x4_type3_x4", cxl_2pxb_4rp_4t3d);
+ qtest_add_func("/pci/cxl/type3_device", cxl_t3d_deprecated);
+ qtest_add_func("/pci/cxl/type3_device_pmem", cxl_t3d_persistent);
+ qtest_add_func("/pci/cxl/type3_device_vmem", cxl_t3d_volatile);
+ qtest_add_func("/pci/cxl/type3_device_vmem_lsa", cxl_t3d_volatile_lsa);
+ qtest_add_func("/pci/cxl/rp_x2_type3_x2", cxl_1pxb_2rp_2t3d);
+ qtest_add_func("/pci/cxl/pxb_x2_root_port_x4_type3_x4",
+ cxl_2pxb_4rp_4t3d);
#endif
+ } else if (strcmp(arch, "aarch64") == 0) {
+#ifdef CONFIG_POSIX
+ qtest_add_func("/pci/cxl/virt/pxb_x2_root_port_x4_type3_x4",
+ cxl_virt_2pxb_4rp_4t3d);
+#endif
+ }
+
return g_test_run();
}
diff --git a/tests/qtest/meson.build b/tests/qtest/meson.build
index 91b4a71a186..5ad969f6165 100644
--- a/tests/qtest/meson.build
+++ b/tests/qtest/meson.build
@@ -262,6 +262,7 @@ qtests_aarch64 = \
config_all_devices.has_key('CONFIG_TPM_TIS_I2C') ? ['tpm-tis-i2c-test'] : []) + \
(config_all_devices.has_key('CONFIG_ASPEED_SOC') ? qtests_aspeed64 : []) + \
(config_all_devices.has_key('CONFIG_NPCM8XX') ? qtests_npcm8xx : []) + \
+ qtests_cxl + \
['arm-cpu-features',
'numa-test',
'boot-serial-test',
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 17/36] arm/cpu: store id_afr0 into the idregs array
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (15 preceding siblings ...)
2025-07-11 13:34 ` [PULL 16/36] qtest/cxl: Add aarch64 virt test for CXL Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-11 13:34 ` [PULL 18/36] arm/cpu: store id_aa64afr{0,1} " Peter Maydell
` (19 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
From: Cornelia Huck <cohuck@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Message-id: 20250704141927.38963-2-cohuck@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/cpu.h | 1 -
target/arm/cpu-sysregs.h.inc | 1 +
hw/intc/armv7m_nvic.c | 2 +-
target/arm/cpu64.c | 4 ++--
target/arm/helper.c | 2 +-
target/arm/tcg/cpu-v7m.c | 12 ++++++------
target/arm/tcg/cpu32.c | 22 +++++++++++-----------
target/arm/tcg/cpu64.c | 16 ++++++++--------
8 files changed, 30 insertions(+), 30 deletions(-)
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
index c8cf0ab417b..835700cfab8 100644
--- a/target/arm/cpu.h
+++ b/target/arm/cpu.h
@@ -1082,7 +1082,6 @@ struct ArchCPU {
uint32_t reset_sctlr;
uint64_t pmceid0;
uint64_t pmceid1;
- uint32_t id_afr0;
uint64_t id_aa64afr0;
uint64_t id_aa64afr1;
uint64_t clidr;
diff --git a/target/arm/cpu-sysregs.h.inc b/target/arm/cpu-sysregs.h.inc
index cb99286f704..b96a3588043 100644
--- a/target/arm/cpu-sysregs.h.inc
+++ b/target/arm/cpu-sysregs.h.inc
@@ -14,6 +14,7 @@ DEF(ID_AA64MMFR3_EL1, 3, 0, 0, 7, 3)
DEF(ID_PFR0_EL1, 3, 0, 0, 1, 0)
DEF(ID_PFR1_EL1, 3, 0, 0, 1, 1)
DEF(ID_DFR0_EL1, 3, 0, 0, 1, 2)
+DEF(ID_AFR0_EL1, 3, 0, 0, 1, 3)
DEF(ID_MMFR0_EL1, 3, 0, 0, 1, 4)
DEF(ID_MMFR1_EL1, 3, 0, 0, 1, 5)
DEF(ID_MMFR2_EL1, 3, 0, 0, 1, 6)
diff --git a/hw/intc/armv7m_nvic.c b/hw/intc/armv7m_nvic.c
index 6d85720f1b4..d93e593fcba 100644
--- a/hw/intc/armv7m_nvic.c
+++ b/hw/intc/armv7m_nvic.c
@@ -1279,7 +1279,7 @@ static uint32_t nvic_readl(NVICState *s, uint32_t offset, MemTxAttrs attrs)
if (!arm_feature(&cpu->env, ARM_FEATURE_M_MAIN)) {
goto bad_offset;
}
- return cpu->id_afr0;
+ return GET_IDREG(isar, ID_AFR0);
case 0xd50: /* MMFR0. */
if (!arm_feature(&cpu->env, ARM_FEATURE_M_MAIN)) {
goto bad_offset;
diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c
index bd33d6cc6ea..d648ea066c6 100644
--- a/target/arm/cpu64.c
+++ b/target/arm/cpu64.c
@@ -663,7 +663,7 @@ static void aarch64_a57_initfn(Object *obj)
SET_IDREG(isar, ID_PFR0, 0x00000131);
SET_IDREG(isar, ID_PFR1, 0x00011011);
SET_IDREG(isar, ID_DFR0, 0x03010066);
- cpu->id_afr0 = 0x00000000;
+ SET_IDREG(isar, ID_AFR0, 0x00000000);
SET_IDREG(isar, ID_MMFR0, 0x10101105);
SET_IDREG(isar, ID_MMFR1, 0x40000000);
SET_IDREG(isar, ID_MMFR2, 0x01260000);
@@ -725,7 +725,7 @@ static void aarch64_a53_initfn(Object *obj)
SET_IDREG(isar, ID_PFR0, 0x00000131);
SET_IDREG(isar, ID_PFR1, 0x00011011);
SET_IDREG(isar, ID_DFR0, 0x03010066);
- cpu->id_afr0 = 0x00000000;
+ SET_IDREG(isar, ID_AFR0, 0x00000000);
SET_IDREG(isar, ID_MMFR0, 0x10101105);
SET_IDREG(isar, ID_MMFR1, 0x40000000);
SET_IDREG(isar, ID_MMFR2, 0x01260000);
diff --git a/target/arm/helper.c b/target/arm/helper.c
index b3f0d6f17a8..ae6231803e1 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -7809,7 +7809,7 @@ void register_cp_regs_for_features(ARMCPU *cpu)
.opc0 = 3, .opc1 = 0, .crn = 0, .crm = 1, .opc2 = 3,
.access = PL1_R, .type = ARM_CP_CONST,
.accessfn = access_aa32_tid3,
- .resetvalue = cpu->id_afr0 },
+ .resetvalue = GET_IDREG(isar, ID_AFR0)},
{ .name = "ID_MMFR0", .state = ARM_CP_STATE_BOTH,
.opc0 = 3, .opc1 = 0, .crn = 0, .crm = 1, .opc2 = 4,
.access = PL1_R, .type = ARM_CP_CONST,
diff --git a/target/arm/tcg/cpu-v7m.c b/target/arm/tcg/cpu-v7m.c
index eddd7117d5b..a65b83fe990 100644
--- a/target/arm/tcg/cpu-v7m.c
+++ b/target/arm/tcg/cpu-v7m.c
@@ -62,7 +62,7 @@ static void cortex_m0_initfn(Object *obj)
SET_IDREG(isar, ID_PFR0, 0x00000030);
SET_IDREG(isar, ID_PFR1, 0x00000200);
SET_IDREG(isar, ID_DFR0, 0x00100000);
- cpu->id_afr0 = 0x00000000;
+ SET_IDREG(isar, ID_AFR0, 0x00000000);
SET_IDREG(isar, ID_MMFR0, 0x00000030);
SET_IDREG(isar, ID_MMFR1, 0x00000000);
SET_IDREG(isar, ID_MMFR2, 0x00000000);
@@ -88,7 +88,7 @@ static void cortex_m3_initfn(Object *obj)
SET_IDREG(isar, ID_PFR0, 0x00000030);
SET_IDREG(isar, ID_PFR1, 0x00000200);
SET_IDREG(isar, ID_DFR0, 0x00100000);
- cpu->id_afr0 = 0x00000000;
+ SET_IDREG(isar, ID_AFR0, 0x00000000);
SET_IDREG(isar, ID_MMFR0, 0x00000030);
SET_IDREG(isar, ID_MMFR1, 0x00000000);
SET_IDREG(isar, ID_MMFR2, 0x00000000);
@@ -119,7 +119,7 @@ static void cortex_m4_initfn(Object *obj)
SET_IDREG(isar, ID_PFR0, 0x00000030);
SET_IDREG(isar, ID_PFR1, 0x00000200);
SET_IDREG(isar, ID_DFR0, 0x00100000);
- cpu->id_afr0 = 0x00000000;
+ SET_IDREG(isar, ID_AFR0, 0x00000000);
SET_IDREG(isar, ID_MMFR0, 0x00000030);
SET_IDREG(isar, ID_MMFR1, 0x00000000);
SET_IDREG(isar, ID_MMFR2, 0x00000000);
@@ -150,7 +150,7 @@ static void cortex_m7_initfn(Object *obj)
SET_IDREG(isar, ID_PFR0, 0x00000030);
SET_IDREG(isar, ID_PFR1, 0x00000200);
SET_IDREG(isar, ID_DFR0, 0x00100000);
- cpu->id_afr0 = 0x00000000;
+ SET_IDREG(isar, ID_AFR0, 0x00000000);
SET_IDREG(isar, ID_MMFR0, 0x00100030);
SET_IDREG(isar, ID_MMFR1, 0x00000000);
SET_IDREG(isar, ID_MMFR2, 0x01000000);
@@ -183,7 +183,7 @@ static void cortex_m33_initfn(Object *obj)
SET_IDREG(isar, ID_PFR0, 0x00000030);
SET_IDREG(isar, ID_PFR1, 0x00000210);
SET_IDREG(isar, ID_DFR0, 0x00200000);
- cpu->id_afr0 = 0x00000000;
+ SET_IDREG(isar, ID_AFR0, 0x00000000);
SET_IDREG(isar, ID_MMFR0, 0x00101F40);
SET_IDREG(isar, ID_MMFR1, 0x00000000);
SET_IDREG(isar, ID_MMFR2, 0x01000000);
@@ -221,7 +221,7 @@ static void cortex_m55_initfn(Object *obj)
SET_IDREG(isar, ID_PFR0, 0x20000030);
SET_IDREG(isar, ID_PFR1, 0x00000230);
SET_IDREG(isar, ID_DFR0, 0x10200000);
- cpu->id_afr0 = 0x00000000;
+ SET_IDREG(isar, ID_AFR0, 0x00000000);
SET_IDREG(isar, ID_MMFR0, 0x00111040);
SET_IDREG(isar, ID_MMFR1, 0x00000000);
SET_IDREG(isar, ID_MMFR2, 0x01000000);
diff --git a/target/arm/tcg/cpu32.c b/target/arm/tcg/cpu32.c
index 942b636aa5b..03cbe42f22f 100644
--- a/target/arm/tcg/cpu32.c
+++ b/target/arm/tcg/cpu32.c
@@ -225,7 +225,7 @@ static void arm1136_r2_initfn(Object *obj)
SET_IDREG(isar, ID_PFR0, 0x111);
SET_IDREG(isar, ID_PFR1, 0x1);
SET_IDREG(isar, ID_DFR0, 0x2);
- cpu->id_afr0 = 0x3;
+ SET_IDREG(isar, ID_AFR0, 0x3);
SET_IDREG(isar, ID_MMFR0, 0x01130003);
SET_IDREG(isar, ID_MMFR1, 0x10030302);
SET_IDREG(isar, ID_MMFR2, 0x01222110);
@@ -257,7 +257,7 @@ static void arm1136_initfn(Object *obj)
SET_IDREG(isar, ID_PFR0, 0x111);
SET_IDREG(isar, ID_PFR1, 0x1);
SET_IDREG(isar, ID_DFR0, 0x2);
- cpu->id_afr0 = 0x3;
+ SET_IDREG(isar, ID_AFR0, 0x3);
SET_IDREG(isar, ID_MMFR0, 0x01130003);
SET_IDREG(isar, ID_MMFR1, 0x10030302);
SET_IDREG(isar, ID_MMFR2, 0x01222110);
@@ -290,7 +290,7 @@ static void arm1176_initfn(Object *obj)
SET_IDREG(isar, ID_PFR0, 0x111);
SET_IDREG(isar, ID_PFR1, 0x11);
SET_IDREG(isar, ID_DFR0, 0x33);
- cpu->id_afr0 = 0;
+ SET_IDREG(isar, ID_AFR0, 0);
SET_IDREG(isar, ID_MMFR0, 0x01130003);
SET_IDREG(isar, ID_MMFR1, 0x10030302);
SET_IDREG(isar, ID_MMFR2, 0x01222100);
@@ -320,7 +320,7 @@ static void arm11mpcore_initfn(Object *obj)
SET_IDREG(isar, ID_PFR0, 0x111);
SET_IDREG(isar, ID_PFR1, 0x1);
SET_IDREG(isar, ID_DFR0, 0);
- cpu->id_afr0 = 0x2;
+ SET_IDREG(isar, ID_AFR0, 0x2);
SET_IDREG(isar, ID_MMFR0, 0x01100103);
SET_IDREG(isar, ID_MMFR1, 0x10020302);
SET_IDREG(isar, ID_MMFR2, 0x01222000);
@@ -360,7 +360,7 @@ static void cortex_a8_initfn(Object *obj)
SET_IDREG(isar, ID_PFR0, 0x1031);
SET_IDREG(isar, ID_PFR1, 0x11);
SET_IDREG(isar, ID_DFR0, 0x400);
- cpu->id_afr0 = 0;
+ SET_IDREG(isar, ID_AFR0, 0);
SET_IDREG(isar, ID_MMFR0, 0x31100003);
SET_IDREG(isar, ID_MMFR1, 0x20000000);
SET_IDREG(isar, ID_MMFR2, 0x01202000);
@@ -436,7 +436,7 @@ static void cortex_a9_initfn(Object *obj)
SET_IDREG(isar, ID_PFR0, 0x1031);
SET_IDREG(isar, ID_PFR1, 0x11);
SET_IDREG(isar, ID_DFR0, 0x000);
- cpu->id_afr0 = 0;
+ SET_IDREG(isar, ID_AFR0, 0);
SET_IDREG(isar, ID_MMFR0, 0x00100103);
SET_IDREG(isar, ID_MMFR1, 0x20000000);
SET_IDREG(isar, ID_MMFR2, 0x01230000);
@@ -502,7 +502,7 @@ static void cortex_a7_initfn(Object *obj)
SET_IDREG(isar, ID_PFR0, 0x00001131);
SET_IDREG(isar, ID_PFR1, 0x00011011);
SET_IDREG(isar, ID_DFR0, 0x02010555);
- cpu->id_afr0 = 0x00000000;
+ SET_IDREG(isar, ID_AFR0, 0x00000000);
SET_IDREG(isar, ID_MMFR0, 0x10101105);
SET_IDREG(isar, ID_MMFR1, 0x40000000);
SET_IDREG(isar, ID_MMFR2, 0x01240000);
@@ -554,7 +554,7 @@ static void cortex_a15_initfn(Object *obj)
SET_IDREG(isar, ID_PFR0, 0x00001131);
SET_IDREG(isar, ID_PFR1, 0x00011011);
SET_IDREG(isar, ID_DFR0, 0x02010555);
- cpu->id_afr0 = 0x00000000;
+ SET_IDREG(isar, ID_AFR0, 0x00000000);
SET_IDREG(isar, ID_MMFR0, 0x10201105);
SET_IDREG(isar, ID_MMFR1, 0x20000000);
SET_IDREG(isar, ID_MMFR2, 0x01240000);
@@ -598,7 +598,7 @@ static void cortex_r5_initfn(Object *obj)
SET_IDREG(isar, ID_PFR0, 0x0131);
SET_IDREG(isar, ID_PFR1, 0x001);
SET_IDREG(isar, ID_DFR0, 0x010400);
- cpu->id_afr0 = 0x0;
+ SET_IDREG(isar, ID_AFR0, 0x0);
SET_IDREG(isar, ID_MMFR0, 0x0210030);
SET_IDREG(isar, ID_MMFR1, 0x00000000);
SET_IDREG(isar, ID_MMFR2, 0x01200000);
@@ -745,7 +745,7 @@ static void cortex_r52_initfn(Object *obj)
SET_IDREG(isar, ID_PFR0, 0x00000131);
SET_IDREG(isar, ID_PFR1, 0x10111001);
SET_IDREG(isar, ID_DFR0, 0x03010006);
- cpu->id_afr0 = 0x00000000;
+ SET_IDREG(isar, ID_AFR0, 0x00000000);
SET_IDREG(isar, ID_MMFR0, 0x00211040);
SET_IDREG(isar, ID_MMFR1, 0x40000000);
SET_IDREG(isar, ID_MMFR2, 0x01200000);
@@ -977,7 +977,7 @@ static void arm_max_initfn(Object *obj)
SET_IDREG(isar, ID_PFR0, 0x00000131);
SET_IDREG(isar, ID_PFR1, 0x00011011);
SET_IDREG(isar, ID_DFR0, 0x03010066);
- cpu->id_afr0 = 0x00000000;
+ SET_IDREG(isar, ID_AFR0, 0x00000000);
SET_IDREG(isar, ID_MMFR0, 0x10101105);
SET_IDREG(isar, ID_MMFR1, 0x40000000);
SET_IDREG(isar, ID_MMFR2, 0x01260000);
diff --git a/target/arm/tcg/cpu64.c b/target/arm/tcg/cpu64.c
index d0df50a2f34..e3183c53bb1 100644
--- a/target/arm/tcg/cpu64.c
+++ b/target/arm/tcg/cpu64.c
@@ -52,7 +52,7 @@ static void aarch64_a35_initfn(Object *obj)
SET_IDREG(isar, ID_PFR0, 0x00000131);
SET_IDREG(isar, ID_PFR1, 0x00011011);
SET_IDREG(isar, ID_DFR0, 0x03010066);
- cpu->id_afr0 = 0;
+ SET_IDREG(isar, ID_AFR0, 0);
SET_IDREG(isar, ID_MMFR0, 0x10201105);
SET_IDREG(isar, ID_MMFR1, 0x40000000);
SET_IDREG(isar, ID_MMFR2, 0x01260000);
@@ -227,7 +227,7 @@ static void aarch64_a55_initfn(Object *obj)
SET_IDREG(isar, ID_AA64MMFR2, 0x0000000000001011ull);
SET_IDREG(isar, ID_AA64PFR0, 0x0000000010112222ull);
SET_IDREG(isar, ID_AA64PFR1, 0x0000000000000010ull);
- cpu->id_afr0 = 0x00000000;
+ SET_IDREG(isar, ID_AFR0, 0x00000000);
SET_IDREG(isar, ID_DFR0, 0x04010088);
SET_IDREG(isar, ID_ISAR0, 0x02101110);
SET_IDREG(isar, ID_ISAR1, 0x13112111);
@@ -298,7 +298,7 @@ static void aarch64_a72_initfn(Object *obj)
SET_IDREG(isar, ID_PFR0, 0x00000131);
SET_IDREG(isar, ID_PFR1, 0x00011011);
SET_IDREG(isar, ID_DFR0, 0x03010066);
- cpu->id_afr0 = 0x00000000;
+ SET_IDREG(isar, ID_AFR0, 0x00000000);
SET_IDREG(isar, ID_MMFR0, 0x10201105);
SET_IDREG(isar, ID_MMFR1, 0x40000000);
SET_IDREG(isar, ID_MMFR2, 0x01260000);
@@ -360,7 +360,7 @@ static void aarch64_a76_initfn(Object *obj)
SET_IDREG(isar, ID_AA64MMFR2, 0x0000000000001011ull);
SET_IDREG(isar, ID_AA64PFR0, 0x1100000010111112ull); /* GIC filled in later */
SET_IDREG(isar, ID_AA64PFR1, 0x0000000000000010ull);
- cpu->id_afr0 = 0x00000000;
+ SET_IDREG(isar, ID_AFR0, 0x00000000);
SET_IDREG(isar, ID_DFR0, 0x04010088);
SET_IDREG(isar, ID_ISAR0, 0x02101110);
SET_IDREG(isar, ID_ISAR1, 0x13112111);
@@ -608,7 +608,7 @@ static void aarch64_neoverse_n1_initfn(Object *obj)
SET_IDREG(isar, ID_AA64MMFR2, 0x0000000000001011ull);
SET_IDREG(isar, ID_AA64PFR0, 0x1100000010111112ull); /* GIC filled in later */
SET_IDREG(isar, ID_AA64PFR1, 0x0000000000000020ull);
- cpu->id_afr0 = 0x00000000;
+ SET_IDREG(isar, ID_AFR0, 0x00000000);
SET_IDREG(isar, ID_DFR0, 0x04010088);
SET_IDREG(isar, ID_ISAR0, 0x02101110);
SET_IDREG(isar, ID_ISAR1, 0x13112111);
@@ -687,7 +687,7 @@ static void aarch64_neoverse_v1_initfn(Object *obj)
SET_IDREG(isar, ID_AA64MMFR2, 0x0220011102101011ull),
SET_IDREG(isar, ID_AA64PFR0, 0x1101110120111112ull); /* GIC filled in later */
SET_IDREG(isar, ID_AA64PFR1, 0x0000000000000020ull);
- cpu->id_afr0 = 0x00000000;
+ SET_IDREG(isar, ID_AFR0, 0x00000000);
SET_IDREG(isar, ID_DFR0, 0x15011099);
SET_IDREG(isar, ID_ISAR0, 0x02101110);
SET_IDREG(isar, ID_ISAR1, 0x13112111);
@@ -905,7 +905,7 @@ static void aarch64_a710_initfn(Object *obj)
SET_IDREG(isar, ID_PFR0, 0x21110131);
SET_IDREG(isar, ID_PFR1, 0x00010000); /* GIC filled in later */
SET_IDREG(isar, ID_DFR0, 0x16011099);
- cpu->id_afr0 = 0;
+ SET_IDREG(isar, ID_AFR0, 0);
SET_IDREG(isar, ID_MMFR0, 0x10201105);
SET_IDREG(isar, ID_MMFR1, 0x40000000);
SET_IDREG(isar, ID_MMFR2, 0x01260000);
@@ -1007,7 +1007,7 @@ static void aarch64_neoverse_n2_initfn(Object *obj)
SET_IDREG(isar, ID_PFR0, 0x21110131);
SET_IDREG(isar, ID_PFR1, 0x00010000); /* GIC filled in later */
SET_IDREG(isar, ID_DFR0, 0x16011099);
- cpu->id_afr0 = 0;
+ SET_IDREG(isar, ID_AFR0, 0);
SET_IDREG(isar, ID_MMFR0, 0x10201105);
SET_IDREG(isar, ID_MMFR1, 0x40000000);
SET_IDREG(isar, ID_MMFR2, 0x01260000);
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 18/36] arm/cpu: store id_aa64afr{0,1} into the idregs array
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (16 preceding siblings ...)
2025-07-11 13:34 ` [PULL 17/36] arm/cpu: store id_afr0 into the idregs array Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-11 13:34 ` [PULL 19/36] arm/cpu: fix trailing ',' for SET_IDREG Peter Maydell
` (18 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
From: Cornelia Huck <cohuck@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Message-id: 20250704141927.38963-3-cohuck@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/cpu.h | 2 --
target/arm/cpu-sysregs.h.inc | 2 ++
target/arm/helper.c | 4 ++--
target/arm/tcg/cpu64.c | 16 ++++++++--------
4 files changed, 12 insertions(+), 12 deletions(-)
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
index 835700cfab8..008e5305782 100644
--- a/target/arm/cpu.h
+++ b/target/arm/cpu.h
@@ -1082,8 +1082,6 @@ struct ArchCPU {
uint32_t reset_sctlr;
uint64_t pmceid0;
uint64_t pmceid1;
- uint64_t id_aa64afr0;
- uint64_t id_aa64afr1;
uint64_t clidr;
uint64_t mp_affinity; /* MP ID without feature bits */
/* The elements of this array are the CCSIDR values for each cache,
diff --git a/target/arm/cpu-sysregs.h.inc b/target/arm/cpu-sysregs.h.inc
index b96a3588043..44c877245ee 100644
--- a/target/arm/cpu-sysregs.h.inc
+++ b/target/arm/cpu-sysregs.h.inc
@@ -4,6 +4,8 @@ DEF(ID_AA64PFR1_EL1, 3, 0, 0, 4, 1)
DEF(ID_AA64SMFR0_EL1, 3, 0, 0, 4, 5)
DEF(ID_AA64DFR0_EL1, 3, 0, 0, 5, 0)
DEF(ID_AA64DFR1_EL1, 3, 0, 0, 5, 1)
+DEF(ID_AA64AFR0_EL1, 3, 0, 0, 5, 4)
+DEF(ID_AA64AFR1_EL1, 3, 0, 0, 5, 5)
DEF(ID_AA64ISAR0_EL1, 3, 0, 0, 6, 0)
DEF(ID_AA64ISAR1_EL1, 3, 0, 0, 6, 1)
DEF(ID_AA64ISAR2_EL1, 3, 0, 0, 6, 2)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index ae6231803e1..93da8f170ea 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -7987,12 +7987,12 @@ void register_cp_regs_for_features(ARMCPU *cpu)
.opc0 = 3, .opc1 = 0, .crn = 0, .crm = 5, .opc2 = 4,
.access = PL1_R, .type = ARM_CP_CONST,
.accessfn = access_aa64_tid3,
- .resetvalue = cpu->id_aa64afr0 },
+ .resetvalue = GET_IDREG(isar, ID_AA64AFR0) },
{ .name = "ID_AA64AFR1_EL1", .state = ARM_CP_STATE_AA64,
.opc0 = 3, .opc1 = 0, .crn = 0, .crm = 5, .opc2 = 5,
.access = PL1_R, .type = ARM_CP_CONST,
.accessfn = access_aa64_tid3,
- .resetvalue = cpu->id_aa64afr1 },
+ .resetvalue = GET_IDREG(isar, ID_AA64AFR1) },
{ .name = "ID_AA64AFR2_EL1_RESERVED", .state = ARM_CP_STATE_AA64,
.opc0 = 3, .opc1 = 0, .crn = 0, .crm = 5, .opc2 = 6,
.access = PL1_R, .type = ARM_CP_CONST,
diff --git a/target/arm/tcg/cpu64.c b/target/arm/tcg/cpu64.c
index e3183c53bb1..3a65d3903bf 100644
--- a/target/arm/tcg/cpu64.c
+++ b/target/arm/tcg/cpu64.c
@@ -428,8 +428,8 @@ static void aarch64_a64fx_initfn(Object *obj)
SET_IDREG(isar, ID_AA64PFR1, 0x0000000000000000);
SET_IDREG(isar, ID_AA64DFR0, 0x0000000010305408),
SET_IDREG(isar, ID_AA64DFR1, 0x0000000000000000),
- cpu->id_aa64afr0 = 0x0000000000000000;
- cpu->id_aa64afr1 = 0x0000000000000000;
+ SET_IDREG(isar, ID_AA64AFR0, 0x0000000000000000);
+ SET_IDREG(isar, ID_AA64AFR1, 0x0000000000000000);
SET_IDREG(isar, ID_AA64MMFR0, 0x0000000000001122);
SET_IDREG(isar, ID_AA64MMFR1, 0x0000000011212100);
SET_IDREG(isar, ID_AA64MMFR2, 0x0000000000001011);
@@ -676,8 +676,8 @@ static void aarch64_neoverse_v1_initfn(Object *obj)
cpu->clidr = 0x82000023;
cpu->ctr = 0xb444c004; /* With DIC and IDC set */
cpu->dcz_blocksize = 4;
- cpu->id_aa64afr0 = 0x00000000;
- cpu->id_aa64afr1 = 0x00000000;
+ SET_IDREG(isar, ID_AA64AFR0, 0x00000000);
+ SET_IDREG(isar, ID_AA64AFR1, 0x00000000);
SET_IDREG(isar, ID_AA64DFR0, 0x000001f210305519ull),
SET_IDREG(isar, ID_AA64DFR1, 0x00000000),
SET_IDREG(isar, ID_AA64ISAR0, 0x1011111110212120ull); /* with FEAT_RNG */
@@ -927,8 +927,8 @@ static void aarch64_a710_initfn(Object *obj)
SET_IDREG(isar, ID_AA64ZFR0, 0x0000110100110021ull); /* with Crypto */
SET_IDREG(isar, ID_AA64DFR0, 0x000011f010305619ull);
SET_IDREG(isar, ID_AA64DFR1, 0);
- cpu->id_aa64afr0 = 0;
- cpu->id_aa64afr1 = 0;
+ SET_IDREG(isar, ID_AA64AFR0, 0);
+ SET_IDREG(isar, ID_AA64AFR1, 0);
SET_IDREG(isar, ID_AA64ISAR0, 0x0221111110212120ull); /* with Crypto */
SET_IDREG(isar, ID_AA64ISAR1, 0x0010111101211052ull);
SET_IDREG(isar, ID_AA64MMFR0, 0x0000022200101122ull);
@@ -1029,8 +1029,8 @@ static void aarch64_neoverse_n2_initfn(Object *obj)
SET_IDREG(isar, ID_AA64ZFR0, 0x0000110100110021ull); /* with Crypto */
SET_IDREG(isar, ID_AA64DFR0, 0x000011f210305619ull);
SET_IDREG(isar, ID_AA64DFR1, 0);
- cpu->id_aa64afr0 = 0;
- cpu->id_aa64afr1 = 0;
+ SET_IDREG(isar, ID_AA64AFR0, 0);
+ SET_IDREG(isar, ID_AA64AFR1, 0);
SET_IDREG(isar, ID_AA64ISAR0, 0x1221111110212120ull); /* with Crypto and FEAT_RNG */
SET_IDREG(isar, ID_AA64ISAR1, 0x0011111101211052ull);
SET_IDREG(isar, ID_AA64MMFR0, 0x0000022200101125ull);
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 19/36] arm/cpu: fix trailing ',' for SET_IDREG
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (17 preceding siblings ...)
2025-07-11 13:34 ` [PULL 18/36] arm/cpu: store id_aa64afr{0,1} " Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-11 13:34 ` [PULL 20/36] arm/cpu: store clidr into the idregs array Peter Maydell
` (17 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
From: Cornelia Huck <cohuck@redhat.com>
While a trailing comma is not broken for SET_IDREG invocations, it
does look odd; use a semicolon instead.
Fixes: f1fd81291c91 ("arm/cpu: Store aa64mmfr0-3 into the idregs array")
Fixes: def3f1c1026a ("arm/cpu: Store aa64dfr0/1 into the idregs array")
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Message-id: 20250704141927.38963-4-cohuck@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/tcg/cpu64.c | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/target/arm/tcg/cpu64.c b/target/arm/tcg/cpu64.c
index 3a65d3903bf..bcc8e2dfafa 100644
--- a/target/arm/tcg/cpu64.c
+++ b/target/arm/tcg/cpu64.c
@@ -352,7 +352,7 @@ static void aarch64_a76_initfn(Object *obj)
cpu->clidr = 0x82000023;
cpu->ctr = 0x8444C004;
cpu->dcz_blocksize = 4;
- SET_IDREG(isar, ID_AA64DFR0, 0x0000000010305408ull),
+ SET_IDREG(isar, ID_AA64DFR0, 0x0000000010305408ull);
SET_IDREG(isar, ID_AA64ISAR0, 0x0000100010211120ull);
SET_IDREG(isar, ID_AA64ISAR1, 0x0000000000100001ull);
SET_IDREG(isar, ID_AA64MMFR0, 0x0000000000101122ull);
@@ -426,8 +426,8 @@ static void aarch64_a64fx_initfn(Object *obj)
cpu->reset_sctlr = 0x30000180;
SET_IDREG(isar, ID_AA64PFR0, 0x0000000101111111); /* No RAS Extensions */
SET_IDREG(isar, ID_AA64PFR1, 0x0000000000000000);
- SET_IDREG(isar, ID_AA64DFR0, 0x0000000010305408),
- SET_IDREG(isar, ID_AA64DFR1, 0x0000000000000000),
+ SET_IDREG(isar, ID_AA64DFR0, 0x0000000010305408);
+ SET_IDREG(isar, ID_AA64DFR1, 0x0000000000000000);
SET_IDREG(isar, ID_AA64AFR0, 0x0000000000000000);
SET_IDREG(isar, ID_AA64AFR1, 0x0000000000000000);
SET_IDREG(isar, ID_AA64MMFR0, 0x0000000000001122);
@@ -678,13 +678,13 @@ static void aarch64_neoverse_v1_initfn(Object *obj)
cpu->dcz_blocksize = 4;
SET_IDREG(isar, ID_AA64AFR0, 0x00000000);
SET_IDREG(isar, ID_AA64AFR1, 0x00000000);
- SET_IDREG(isar, ID_AA64DFR0, 0x000001f210305519ull),
- SET_IDREG(isar, ID_AA64DFR1, 0x00000000),
+ SET_IDREG(isar, ID_AA64DFR0, 0x000001f210305519ull);
+ SET_IDREG(isar, ID_AA64DFR1, 0x00000000);
SET_IDREG(isar, ID_AA64ISAR0, 0x1011111110212120ull); /* with FEAT_RNG */
SET_IDREG(isar, ID_AA64ISAR1, 0x0011000001211032ull);
SET_IDREG(isar, ID_AA64MMFR0, 0x0000000000101125ull);
- SET_IDREG(isar, ID_AA64MMFR1, 0x0000000010212122ull),
- SET_IDREG(isar, ID_AA64MMFR2, 0x0220011102101011ull),
+ SET_IDREG(isar, ID_AA64MMFR1, 0x0000000010212122ull);
+ SET_IDREG(isar, ID_AA64MMFR2, 0x0220011102101011ull);
SET_IDREG(isar, ID_AA64PFR0, 0x1101110120111112ull); /* GIC filled in later */
SET_IDREG(isar, ID_AA64PFR1, 0x0000000000000020ull);
SET_IDREG(isar, ID_AFR0, 0x00000000);
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 20/36] arm/cpu: store clidr into the idregs array
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (18 preceding siblings ...)
2025-07-11 13:34 ` [PULL 19/36] arm/cpu: fix trailing ',' for SET_IDREG Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-11 13:34 ` [PULL 21/36] arm/kvm: shorten one overly long line Peter Maydell
` (16 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
From: Cornelia Huck <cohuck@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Message-id: 20250704141927.38963-5-cohuck@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/cpu.h | 3 +--
target/arm/cpu-sysregs.h.inc | 1 +
hw/intc/armv7m_nvic.c | 2 +-
target/arm/cpu64.c | 4 ++--
target/arm/helper.c | 2 +-
target/arm/tcg/cpu-v7m.c | 4 ++--
target/arm/tcg/cpu32.c | 12 ++++++------
target/arm/tcg/cpu64.c | 22 +++++++++++-----------
8 files changed, 25 insertions(+), 25 deletions(-)
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
index 008e5305782..dc9b6dce4c9 100644
--- a/target/arm/cpu.h
+++ b/target/arm/cpu.h
@@ -1082,7 +1082,6 @@ struct ArchCPU {
uint32_t reset_sctlr;
uint64_t pmceid0;
uint64_t pmceid1;
- uint64_t clidr;
uint64_t mp_affinity; /* MP ID without feature bits */
/* The elements of this array are the CCSIDR values for each cache,
* in the order L1DCache, L1ICache, L2DCache, L2ICache, etc.
@@ -2945,7 +2944,7 @@ static inline bool arm_v7m_csselr_razwi(ARMCPU *cpu)
/* If all the CLIDR.Ctypem bits are 0 there are no caches, and
* CSSELR is RAZ/WI.
*/
- return (cpu->clidr & R_V7M_CLIDR_CTYPE_ALL_MASK) != 0;
+ return (GET_IDREG(&cpu->isar, CLIDR) & R_V7M_CLIDR_CTYPE_ALL_MASK) != 0;
}
static inline bool arm_sctlr_b(CPUARMState *env)
diff --git a/target/arm/cpu-sysregs.h.inc b/target/arm/cpu-sysregs.h.inc
index 44c877245ee..f48a9daa7c1 100644
--- a/target/arm/cpu-sysregs.h.inc
+++ b/target/arm/cpu-sysregs.h.inc
@@ -35,5 +35,6 @@ DEF(MVFR2_EL1, 3, 0, 0, 3, 2)
DEF(ID_PFR2_EL1, 3, 0, 0, 3, 4)
DEF(ID_DFR1_EL1, 3, 0, 0, 3, 5)
DEF(ID_MMFR5_EL1, 3, 0, 0, 3, 6)
+DEF(CLIDR_EL1, 3, 1, 0, 0, 1)
DEF(ID_AA64ZFR0_EL1, 3, 0, 0, 4, 4)
DEF(CTR_EL0, 3, 3, 0, 0, 1)
diff --git a/hw/intc/armv7m_nvic.c b/hw/intc/armv7m_nvic.c
index d93e593fcba..7c78961040e 100644
--- a/hw/intc/armv7m_nvic.c
+++ b/hw/intc/armv7m_nvic.c
@@ -1331,7 +1331,7 @@ static uint32_t nvic_readl(NVICState *s, uint32_t offset, MemTxAttrs attrs)
}
return GET_IDREG(&cpu->isar, ID_ISAR5);
case 0xd78: /* CLIDR */
- return cpu->clidr;
+ return GET_IDREG(&cpu->isar, CLIDR);
case 0xd7c: /* CTR */
return cpu->ctr;
case 0xd80: /* CSSIDR */
diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c
index d648ea066c6..26cf7e6dfa2 100644
--- a/target/arm/cpu64.c
+++ b/target/arm/cpu64.c
@@ -683,7 +683,7 @@ static void aarch64_a57_initfn(Object *obj)
cpu->isar.dbgdevid = 0x01110f13;
cpu->isar.dbgdevid1 = 0x2;
cpu->isar.reset_pmcr_el0 = 0x41013000;
- cpu->clidr = 0x0a200023;
+ SET_IDREG(isar, CLIDR, 0x0a200023);
/* 32KB L1 dcache */
cpu->ccsidr[0] = make_ccsidr(CCSIDR_FORMAT_LEGACY, 4, 64, 32 * KiB, 7);
/* 48KB L1 icache */
@@ -745,7 +745,7 @@ static void aarch64_a53_initfn(Object *obj)
cpu->isar.dbgdevid = 0x00110f13;
cpu->isar.dbgdevid1 = 0x1;
cpu->isar.reset_pmcr_el0 = 0x41033000;
- cpu->clidr = 0x0a200023;
+ SET_IDREG(isar, CLIDR, 0x0a200023);
/* 32KB L1 dcache */
cpu->ccsidr[0] = make_ccsidr(CCSIDR_FORMAT_LEGACY, 4, 64, 32 * KiB, 7);
/* 32KB L1 icache */
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 93da8f170ea..3ea9958ea7a 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -7889,7 +7889,7 @@ void register_cp_regs_for_features(ARMCPU *cpu)
.access = PL1_R, .type = ARM_CP_CONST,
.accessfn = access_tid4,
.fgt = FGT_CLIDR_EL1,
- .resetvalue = cpu->clidr
+ .resetvalue = GET_IDREG(isar, CLIDR)
};
define_one_arm_cp_reg(cpu, &clidr);
define_arm_cp_regs(cpu, v7_cp_reginfo);
diff --git a/target/arm/tcg/cpu-v7m.c b/target/arm/tcg/cpu-v7m.c
index a65b83fe990..dc249ce1f14 100644
--- a/target/arm/tcg/cpu-v7m.c
+++ b/target/arm/tcg/cpu-v7m.c
@@ -195,7 +195,7 @@ static void cortex_m33_initfn(Object *obj)
SET_IDREG(isar, ID_ISAR4, 0x01310132);
SET_IDREG(isar, ID_ISAR5, 0x00000000);
SET_IDREG(isar, ID_ISAR6, 0x00000000);
- cpu->clidr = 0x00000000;
+ SET_IDREG(isar, CLIDR, 0x00000000);
cpu->ctr = 0x8000c000;
}
@@ -233,7 +233,7 @@ static void cortex_m55_initfn(Object *obj)
SET_IDREG(isar, ID_ISAR4, 0x01310132);
SET_IDREG(isar, ID_ISAR5, 0x00000000);
SET_IDREG(isar, ID_ISAR6, 0x00000000);
- cpu->clidr = 0x00000000; /* caches not implemented */
+ SET_IDREG(isar, CLIDR, 0x00000000); /* caches not implemented */
cpu->ctr = 0x8303c003;
}
diff --git a/target/arm/tcg/cpu32.c b/target/arm/tcg/cpu32.c
index 03cbe42f22f..a2a23eae0d7 100644
--- a/target/arm/tcg/cpu32.c
+++ b/target/arm/tcg/cpu32.c
@@ -371,7 +371,7 @@ static void cortex_a8_initfn(Object *obj)
SET_IDREG(isar, ID_ISAR3, 0x11112131);
SET_IDREG(isar, ID_ISAR4, 0x00111142);
cpu->isar.dbgdidr = 0x15141000;
- cpu->clidr = (1 << 27) | (2 << 24) | 3;
+ SET_IDREG(isar, CLIDR, (1 << 27) | (2 << 24) | 3);
cpu->ccsidr[0] = 0xe007e01a; /* 16k L1 dcache. */
cpu->ccsidr[1] = 0x2007e01a; /* 16k L1 icache. */
cpu->ccsidr[2] = 0xf0000000; /* No L2 icache. */
@@ -447,7 +447,7 @@ static void cortex_a9_initfn(Object *obj)
SET_IDREG(isar, ID_ISAR3, 0x11112131);
SET_IDREG(isar, ID_ISAR4, 0x00111142);
cpu->isar.dbgdidr = 0x35141000;
- cpu->clidr = (1 << 27) | (1 << 24) | 3;
+ SET_IDREG(isar, CLIDR, (1 << 27) | (1 << 24) | 3);
cpu->ccsidr[0] = 0xe00fe019; /* 16k L1 dcache. */
cpu->ccsidr[1] = 0x200fe019; /* 16k L1 icache. */
cpu->isar.reset_pmcr_el0 = 0x41093000;
@@ -519,7 +519,7 @@ static void cortex_a7_initfn(Object *obj)
cpu->isar.dbgdidr = 0x3515f005;
cpu->isar.dbgdevid = 0x01110f13;
cpu->isar.dbgdevid1 = 0x1;
- cpu->clidr = 0x0a200023;
+ SET_IDREG(isar, CLIDR, 0x0a200023);
cpu->ccsidr[0] = 0x701fe00a; /* 32K L1 dcache */
cpu->ccsidr[1] = 0x201fe00a; /* 32K L1 icache */
cpu->ccsidr[2] = 0x711fe07a; /* 4096K L2 unified cache */
@@ -567,7 +567,7 @@ static void cortex_a15_initfn(Object *obj)
cpu->isar.dbgdidr = 0x3515f021;
cpu->isar.dbgdevid = 0x01110f13;
cpu->isar.dbgdevid1 = 0x0;
- cpu->clidr = 0x0a200023;
+ SET_IDREG(isar, CLIDR, 0x0a200023);
cpu->ccsidr[0] = 0x701fe00a; /* 32K L1 dcache */
cpu->ccsidr[1] = 0x201fe00a; /* 32K L1 icache */
cpu->ccsidr[2] = 0x711fe07a; /* 4096K L2 unified cache */
@@ -758,7 +758,7 @@ static void cortex_r52_initfn(Object *obj)
SET_IDREG(isar, ID_ISAR4, 0x00010142);
SET_IDREG(isar, ID_ISAR5, 0x00010001);
cpu->isar.dbgdidr = 0x77168000;
- cpu->clidr = (1 << 27) | (1 << 24) | 0x3;
+ SET_IDREG(isar, CLIDR, (1 << 27) | (1 << 24) | 0x3);
cpu->ccsidr[0] = 0x700fe01a; /* 32KB L1 dcache */
cpu->ccsidr[1] = 0x201fe00a; /* 32KB L1 icache */
@@ -990,7 +990,7 @@ static void arm_max_initfn(Object *obj)
SET_IDREG(isar, ID_ISAR5, 0x00011121);
SET_IDREG(isar, ID_ISAR6, 0);
cpu->isar.reset_pmcr_el0 = 0x41013000;
- cpu->clidr = 0x0a200023;
+ SET_IDREG(isar, CLIDR, 0x0a200023);
cpu->ccsidr[0] = 0x701fe00a; /* 32KB L1 dcache */
cpu->ccsidr[1] = 0x201fe012; /* 48KB L1 icache */
cpu->ccsidr[2] = 0x70ffe07a; /* 2048KB L2 cache */
diff --git a/target/arm/tcg/cpu64.c b/target/arm/tcg/cpu64.c
index bcc8e2dfafa..35cddbafa4c 100644
--- a/target/arm/tcg/cpu64.c
+++ b/target/arm/tcg/cpu64.c
@@ -71,7 +71,7 @@ static void aarch64_a35_initfn(Object *obj)
SET_IDREG(isar, ID_AA64ISAR1, 0);
SET_IDREG(isar, ID_AA64MMFR0, 0x00101122);
SET_IDREG(isar, ID_AA64MMFR1, 0);
- cpu->clidr = 0x0a200023;
+ SET_IDREG(isar, CLIDR, 0x0a200023);
cpu->dcz_blocksize = 4;
/* From B2.4 AArch64 Virtual Memory control registers */
@@ -216,7 +216,7 @@ static void aarch64_a55_initfn(Object *obj)
set_feature(&cpu->env, ARM_FEATURE_PMU);
/* Ordered by B2.4 AArch64 registers by functional group */
- cpu->clidr = 0x82000023;
+ SET_IDREG(isar, CLIDR, 0x82000023);
cpu->ctr = 0x84448004; /* L1Ip = VIPT */
cpu->dcz_blocksize = 4; /* 64 bytes */
SET_IDREG(isar, ID_AA64DFR0, 0x0000000010305408ull);
@@ -317,7 +317,7 @@ static void aarch64_a72_initfn(Object *obj)
cpu->isar.dbgdevid = 0x01110f13;
cpu->isar.dbgdevid1 = 0x2;
cpu->isar.reset_pmcr_el0 = 0x41023000;
- cpu->clidr = 0x0a200023;
+ SET_IDREG(isar, CLIDR, 0x0a200023);
/* 32KB L1 dcache */
cpu->ccsidr[0] = make_ccsidr(CCSIDR_FORMAT_LEGACY, 4, 64, 32 * KiB, 7);
/* 48KB L1 dcache */
@@ -349,7 +349,7 @@ static void aarch64_a76_initfn(Object *obj)
set_feature(&cpu->env, ARM_FEATURE_PMU);
/* Ordered by B2.4 AArch64 registers by functional group */
- cpu->clidr = 0x82000023;
+ SET_IDREG(isar, CLIDR, 0x82000023);
cpu->ctr = 0x8444C004;
cpu->dcz_blocksize = 4;
SET_IDREG(isar, ID_AA64DFR0, 0x0000000010305408ull);
@@ -436,7 +436,7 @@ static void aarch64_a64fx_initfn(Object *obj)
SET_IDREG(isar, ID_AA64ISAR0, 0x0000000010211120);
SET_IDREG(isar, ID_AA64ISAR1, 0x0000000000010001);
SET_IDREG(isar, ID_AA64ZFR0, 0x0000000000000000);
- cpu->clidr = 0x0000000080000023;
+ SET_IDREG(isar, CLIDR, 0x0000000080000023);
/* 64KB L1 dcache */
cpu->ccsidr[0] = make_ccsidr(CCSIDR_FORMAT_LEGACY, 4, 256, 64 * KiB, 7);
/* 64KB L1 icache */
@@ -597,7 +597,7 @@ static void aarch64_neoverse_n1_initfn(Object *obj)
set_feature(&cpu->env, ARM_FEATURE_PMU);
/* Ordered by B2.4 AArch64 registers by functional group */
- cpu->clidr = 0x82000023;
+ SET_IDREG(isar, CLIDR, 0x82000023);
cpu->ctr = 0x8444c004;
cpu->dcz_blocksize = 4;
SET_IDREG(isar, ID_AA64DFR0, 0x0000000110305408ull);
@@ -673,7 +673,7 @@ static void aarch64_neoverse_v1_initfn(Object *obj)
set_feature(&cpu->env, ARM_FEATURE_PMU);
/* Ordered by 3.2.4 AArch64 registers by functional group */
- cpu->clidr = 0x82000023;
+ SET_IDREG(isar, CLIDR, 0x82000023);
cpu->ctr = 0xb444c004; /* With DIC and IDC set */
cpu->dcz_blocksize = 4;
SET_IDREG(isar, ID_AA64AFR0, 0x00000000);
@@ -934,7 +934,7 @@ static void aarch64_a710_initfn(Object *obj)
SET_IDREG(isar, ID_AA64MMFR0, 0x0000022200101122ull);
SET_IDREG(isar, ID_AA64MMFR1, 0x0000000010212122ull);
SET_IDREG(isar, ID_AA64MMFR2, 0x1221011110101011ull);
- cpu->clidr = 0x0000001482000023ull;
+ SET_IDREG(isar, CLIDR, 0x0000001482000023ull);
cpu->gm_blocksize = 4;
cpu->ctr = 0x000000049444c004ull;
cpu->dcz_blocksize = 4;
@@ -1036,7 +1036,7 @@ static void aarch64_neoverse_n2_initfn(Object *obj)
SET_IDREG(isar, ID_AA64MMFR0, 0x0000022200101125ull);
SET_IDREG(isar, ID_AA64MMFR1, 0x0000000010212122ull);
SET_IDREG(isar, ID_AA64MMFR2, 0x1221011112101011ull);
- cpu->clidr = 0x0000001482000023ull;
+ SET_IDREG(isar, CLIDR, 0x0000001482000023ull);
cpu->gm_blocksize = 4;
cpu->ctr = 0x00000004b444c004ull;
cpu->dcz_blocksize = 4;
@@ -1125,10 +1125,10 @@ void aarch64_max_tcg_initfn(Object *obj)
* We're going to set FEAT_S2FWB, which mandates that CLIDR_EL1.{LoUU,LoUIS}
* are zero.
*/
- u = cpu->clidr;
+ u = GET_IDREG(isar, CLIDR);
u = FIELD_DP32(u, CLIDR_EL1, LOUIS, 0);
u = FIELD_DP32(u, CLIDR_EL1, LOUU, 0);
- cpu->clidr = u;
+ SET_IDREG(isar, CLIDR, u);
/*
* Set CTR_EL0.DIC and IDC to tell the guest it doesnt' need to
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 21/36] arm/kvm: shorten one overly long line
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (19 preceding siblings ...)
2025-07-11 13:34 ` [PULL 20/36] arm/cpu: store clidr into the idregs array Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-11 13:34 ` [PULL 22/36] target/arm: Drop stub for define_tlb_insn_regs Peter Maydell
` (15 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
From: Cornelia Huck <cohuck@redhat.com>
Fixes: 804cfc7eedb7 ("arm/cpu: Store aa64isar0/aa64zfr0 into the idregs arrays")
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20250704141927.38963-6-cohuck@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/kvm.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/target/arm/kvm.c b/target/arm/kvm.c
index 426f8b159e8..8ab0d692d36 100644
--- a/target/arm/kvm.c
+++ b/target/arm/kvm.c
@@ -230,7 +230,8 @@ static uint64_t idregs_sysreg_to_kvm_reg(ARMSysRegs sysreg)
}
/* read a sysreg value and store it in the idregs */
-static int get_host_cpu_reg(int fd, ARMHostCPUFeatures *ahcf, ARMIDRegisterIdx index)
+static int get_host_cpu_reg(int fd, ARMHostCPUFeatures *ahcf,
+ ARMIDRegisterIdx index)
{
uint64_t *reg;
int ret;
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 22/36] target/arm: Drop stub for define_tlb_insn_regs
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (20 preceding siblings ...)
2025-07-11 13:34 ` [PULL 21/36] arm/kvm: shorten one overly long line Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-11 13:34 ` [PULL 23/36] target/arm: Split out AT insns to tcg/cpregs-at.c Peter Maydell
` (14 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
From: Richard Henderson <richard.henderson@linaro.org>
Allow the call to be compiled out by protecting it
with tcg_enabled.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20250707151547.196393-2-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/helper.c | 4 +++-
target/arm/tcg-stubs.c | 5 -----
2 files changed, 3 insertions(+), 6 deletions(-)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 3ea9958ea7a..c1b684e3d1c 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -7771,7 +7771,9 @@ void register_cp_regs_for_features(ARMCPU *cpu)
}
#ifndef CONFIG_USER_ONLY
- define_tlb_insn_regs(cpu);
+ if (tcg_enabled()) {
+ define_tlb_insn_regs(cpu);
+ }
#endif
if (arm_feature(env, ARM_FEATURE_V6)) {
diff --git a/target/arm/tcg-stubs.c b/target/arm/tcg-stubs.c
index 5e5166c0490..aac99b2672a 100644
--- a/target/arm/tcg-stubs.c
+++ b/target/arm/tcg-stubs.c
@@ -22,11 +22,6 @@ void raise_exception_ra(CPUARMState *env, uint32_t excp, uint32_t syndrome,
g_assert_not_reached();
}
-/* TLBI insns are only used by TCG, so we don't need to do anything for KVM */
-void define_tlb_insn_regs(ARMCPU *cpu)
-{
-}
-
/* With KVM, we never use float_status, so these can be no-ops */
void arm_set_default_fp_behaviours(float_status *s)
{
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 23/36] target/arm: Split out AT insns to tcg/cpregs-at.c
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (21 preceding siblings ...)
2025-07-11 13:34 ` [PULL 22/36] target/arm: Drop stub for define_tlb_insn_regs Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-11 13:34 ` [PULL 24/36] target/arm: Split out performance monitor regs to cpregs-pmu.c Peter Maydell
` (13 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
From: Richard Henderson <richard.henderson@linaro.org>
Split out all "system instructions for address translation".
While mapped into "cpregs", these are instructions, and thus
are handled in hardware by virtualization. They are all
priviledged, and thus not reachable for user-only.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20250707151547.196393-3-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/internals.h | 3 +
target/arm/helper.c | 514 +-----------------------------------
target/arm/tcg/cpregs-at.c | 519 +++++++++++++++++++++++++++++++++++++
target/arm/tcg/meson.build | 1 +
4 files changed, 525 insertions(+), 512 deletions(-)
create mode 100644 target/arm/tcg/cpregs-at.c
diff --git a/target/arm/internals.h b/target/arm/internals.h
index 21a8d67eddf..bcaf8965fc6 100644
--- a/target/arm/internals.h
+++ b/target/arm/internals.h
@@ -1871,6 +1871,8 @@ void define_debug_regs(ARMCPU *cpu);
/* Add the cpreg definitions for TLBI instructions */
void define_tlb_insn_regs(ARMCPU *cpu);
+/* Add the cpreg definitions for AT instructions */
+void define_at_insn_regs(ARMCPU *cpu);
/* Effective value of MDCR_EL2 */
static inline uint64_t arm_mdcr_el2_eff(CPUARMState *env)
@@ -1981,5 +1983,6 @@ void vfp_clear_float_status_exc_flags(CPUARMState *env);
* specified by mask changing to the values in val.
*/
void vfp_set_fpcr_to_host(CPUARMState *env, uint32_t val, uint32_t mask);
+bool arm_pan_enabled(CPUARMState *env);
#endif
diff --git a/target/arm/helper.c b/target/arm/helper.c
index c1b684e3d1c..0883246905f 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -270,7 +270,7 @@ void init_cpreg_list(ARMCPU *cpu)
g_list_free(keys);
}
-static bool arm_pan_enabled(CPUARMState *env)
+bool arm_pan_enabled(CPUARMState *env)
{
if (is_a64(env)) {
if ((arm_hcr_el2_eff(env) & (HCR_NV | HCR_NV1)) == (HCR_NV | HCR_NV1)) {
@@ -3448,402 +3448,6 @@ static void par_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value)
}
}
-#ifndef CONFIG_USER_ONLY
-/* get_phys_addr() isn't present for user-mode-only targets */
-
-static CPAccessResult ats_access(CPUARMState *env, const ARMCPRegInfo *ri,
- bool isread)
-{
- if (ri->opc2 & 4) {
- /*
- * The ATS12NSO* operations must trap to EL3 or EL2 if executed in
- * Secure EL1 (which can only happen if EL3 is AArch64).
- * They are simply UNDEF if executed from NS EL1.
- * They function normally from EL2 or EL3.
- */
- if (arm_current_el(env) == 1) {
- if (arm_is_secure_below_el3(env)) {
- if (env->cp15.scr_el3 & SCR_EEL2) {
- return CP_ACCESS_TRAP_EL2;
- }
- return CP_ACCESS_TRAP_EL3;
- }
- return CP_ACCESS_UNDEFINED;
- }
- }
- return CP_ACCESS_OK;
-}
-
-#ifdef CONFIG_TCG
-static int par_el1_shareability(GetPhysAddrResult *res)
-{
- /*
- * The PAR_EL1.SH field must be 0b10 for Device or Normal-NC
- * memory -- see pseudocode PAREncodeShareability().
- */
- if (((res->cacheattrs.attrs & 0xf0) == 0) ||
- res->cacheattrs.attrs == 0x44 || res->cacheattrs.attrs == 0x40) {
- return 2;
- }
- return res->cacheattrs.shareability;
-}
-
-static uint64_t do_ats_write(CPUARMState *env, uint64_t value,
- MMUAccessType access_type, ARMMMUIdx mmu_idx,
- ARMSecuritySpace ss)
-{
- bool ret;
- uint64_t par64;
- bool format64 = false;
- ARMMMUFaultInfo fi = {};
- GetPhysAddrResult res = {};
-
- /*
- * I_MXTJT: Granule protection checks are not performed on the final
- * address of a successful translation. This is a translation not a
- * memory reference, so "memop = none = 0".
- */
- ret = get_phys_addr_with_space_nogpc(env, value, access_type, 0,
- mmu_idx, ss, &res, &fi);
-
- /*
- * ATS operations only do S1 or S1+S2 translations, so we never
- * have to deal with the ARMCacheAttrs format for S2 only.
- */
- assert(!res.cacheattrs.is_s2_format);
-
- if (ret) {
- /*
- * Some kinds of translation fault must cause exceptions rather
- * than being reported in the PAR.
- */
- int current_el = arm_current_el(env);
- int target_el;
- uint32_t syn, fsr, fsc;
- bool take_exc = false;
-
- if (fi.s1ptw && current_el == 1
- && arm_mmu_idx_is_stage1_of_2(mmu_idx)) {
- /*
- * Synchronous stage 2 fault on an access made as part of the
- * translation table walk for AT S1E0* or AT S1E1* insn
- * executed from NS EL1. If this is a synchronous external abort
- * and SCR_EL3.EA == 1, then we take a synchronous external abort
- * to EL3. Otherwise the fault is taken as an exception to EL2,
- * and HPFAR_EL2 holds the faulting IPA.
- */
- if (fi.type == ARMFault_SyncExternalOnWalk &&
- (env->cp15.scr_el3 & SCR_EA)) {
- target_el = 3;
- } else {
- env->cp15.hpfar_el2 = extract64(fi.s2addr, 12, 47) << 4;
- if (arm_is_secure_below_el3(env) && fi.s1ns) {
- env->cp15.hpfar_el2 |= HPFAR_NS;
- }
- target_el = 2;
- }
- take_exc = true;
- } else if (fi.type == ARMFault_SyncExternalOnWalk) {
- /*
- * Synchronous external aborts during a translation table walk
- * are taken as Data Abort exceptions.
- */
- if (fi.stage2) {
- if (current_el == 3) {
- target_el = 3;
- } else {
- target_el = 2;
- }
- } else {
- target_el = exception_target_el(env);
- }
- take_exc = true;
- }
-
- if (take_exc) {
- /* Construct FSR and FSC using same logic as arm_deliver_fault() */
- if (target_el == 2 || arm_el_is_aa64(env, target_el) ||
- arm_s1_regime_using_lpae_format(env, mmu_idx)) {
- fsr = arm_fi_to_lfsc(&fi);
- fsc = extract32(fsr, 0, 6);
- } else {
- fsr = arm_fi_to_sfsc(&fi);
- fsc = 0x3f;
- }
- /*
- * Report exception with ESR indicating a fault due to a
- * translation table walk for a cache maintenance instruction.
- */
- syn = syn_data_abort_no_iss(current_el == target_el, 0,
- fi.ea, 1, fi.s1ptw, 1, fsc);
- env->exception.vaddress = value;
- env->exception.fsr = fsr;
- raise_exception(env, EXCP_DATA_ABORT, syn, target_el);
- }
- }
-
- if (is_a64(env)) {
- format64 = true;
- } else if (arm_feature(env, ARM_FEATURE_LPAE)) {
- /*
- * ATS1Cxx:
- * * TTBCR.EAE determines whether the result is returned using the
- * 32-bit or the 64-bit PAR format
- * * Instructions executed in Hyp mode always use the 64bit format
- *
- * ATS1S2NSOxx uses the 64bit format if any of the following is true:
- * * The Non-secure TTBCR.EAE bit is set to 1
- * * The implementation includes EL2, and the value of HCR.VM is 1
- *
- * (Note that HCR.DC makes HCR.VM behave as if it is 1.)
- *
- * ATS1Hx always uses the 64bit format.
- */
- format64 = arm_s1_regime_using_lpae_format(env, mmu_idx);
-
- if (arm_feature(env, ARM_FEATURE_EL2)) {
- if (mmu_idx == ARMMMUIdx_E10_0 ||
- mmu_idx == ARMMMUIdx_E10_1 ||
- mmu_idx == ARMMMUIdx_E10_1_PAN) {
- format64 |= env->cp15.hcr_el2 & (HCR_VM | HCR_DC);
- } else {
- format64 |= arm_current_el(env) == 2;
- }
- }
- }
-
- if (format64) {
- /* Create a 64-bit PAR */
- par64 = (1 << 11); /* LPAE bit always set */
- if (!ret) {
- par64 |= res.f.phys_addr & ~0xfffULL;
- if (!res.f.attrs.secure) {
- par64 |= (1 << 9); /* NS */
- }
- par64 |= (uint64_t)res.cacheattrs.attrs << 56; /* ATTR */
- par64 |= par_el1_shareability(&res) << 7; /* SH */
- } else {
- uint32_t fsr = arm_fi_to_lfsc(&fi);
-
- par64 |= 1; /* F */
- par64 |= (fsr & 0x3f) << 1; /* FS */
- if (fi.stage2) {
- par64 |= (1 << 9); /* S */
- }
- if (fi.s1ptw) {
- par64 |= (1 << 8); /* PTW */
- }
- }
- } else {
- /*
- * fsr is a DFSR/IFSR value for the short descriptor
- * translation table format (with WnR always clear).
- * Convert it to a 32-bit PAR.
- */
- if (!ret) {
- /* We do not set any attribute bits in the PAR */
- if (res.f.lg_page_size == 24
- && arm_feature(env, ARM_FEATURE_V7)) {
- par64 = (res.f.phys_addr & 0xff000000) | (1 << 1);
- } else {
- par64 = res.f.phys_addr & 0xfffff000;
- }
- if (!res.f.attrs.secure) {
- par64 |= (1 << 9); /* NS */
- }
- } else {
- uint32_t fsr = arm_fi_to_sfsc(&fi);
-
- par64 = ((fsr & (1 << 10)) >> 5) | ((fsr & (1 << 12)) >> 6) |
- ((fsr & 0xf) << 1) | 1;
- }
- }
- return par64;
-}
-#endif /* CONFIG_TCG */
-
-static void ats_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value)
-{
-#ifdef CONFIG_TCG
- MMUAccessType access_type = ri->opc2 & 1 ? MMU_DATA_STORE : MMU_DATA_LOAD;
- uint64_t par64;
- ARMMMUIdx mmu_idx;
- int el = arm_current_el(env);
- ARMSecuritySpace ss = arm_security_space(env);
-
- switch (ri->opc2 & 6) {
- case 0:
- /* stage 1 current state PL1: ATS1CPR, ATS1CPW, ATS1CPRP, ATS1CPWP */
- switch (el) {
- case 3:
- if (ri->crm == 9 && arm_pan_enabled(env)) {
- mmu_idx = ARMMMUIdx_E30_3_PAN;
- } else {
- mmu_idx = ARMMMUIdx_E3;
- }
- break;
- case 2:
- g_assert(ss != ARMSS_Secure); /* ARMv8.4-SecEL2 is 64-bit only */
- /* fall through */
- case 1:
- if (ri->crm == 9 && arm_pan_enabled(env)) {
- mmu_idx = ARMMMUIdx_Stage1_E1_PAN;
- } else {
- mmu_idx = ARMMMUIdx_Stage1_E1;
- }
- break;
- default:
- g_assert_not_reached();
- }
- break;
- case 2:
- /* stage 1 current state PL0: ATS1CUR, ATS1CUW */
- switch (el) {
- case 3:
- mmu_idx = ARMMMUIdx_E30_0;
- break;
- case 2:
- g_assert(ss != ARMSS_Secure); /* ARMv8.4-SecEL2 is 64-bit only */
- mmu_idx = ARMMMUIdx_Stage1_E0;
- break;
- case 1:
- mmu_idx = ARMMMUIdx_Stage1_E0;
- break;
- default:
- g_assert_not_reached();
- }
- break;
- case 4:
- /* stage 1+2 NonSecure PL1: ATS12NSOPR, ATS12NSOPW */
- mmu_idx = ARMMMUIdx_E10_1;
- ss = ARMSS_NonSecure;
- break;
- case 6:
- /* stage 1+2 NonSecure PL0: ATS12NSOUR, ATS12NSOUW */
- mmu_idx = ARMMMUIdx_E10_0;
- ss = ARMSS_NonSecure;
- break;
- default:
- g_assert_not_reached();
- }
-
- par64 = do_ats_write(env, value, access_type, mmu_idx, ss);
-
- A32_BANKED_CURRENT_REG_SET(env, par, par64);
-#else
- /* Handled by hardware accelerator. */
- g_assert_not_reached();
-#endif /* CONFIG_TCG */
-}
-
-static void ats1h_write(CPUARMState *env, const ARMCPRegInfo *ri,
- uint64_t value)
-{
-#ifdef CONFIG_TCG
- MMUAccessType access_type = ri->opc2 & 1 ? MMU_DATA_STORE : MMU_DATA_LOAD;
- uint64_t par64;
-
- /* There is no SecureEL2 for AArch32. */
- par64 = do_ats_write(env, value, access_type, ARMMMUIdx_E2,
- ARMSS_NonSecure);
-
- A32_BANKED_CURRENT_REG_SET(env, par, par64);
-#else
- /* Handled by hardware accelerator. */
- g_assert_not_reached();
-#endif /* CONFIG_TCG */
-}
-
-static CPAccessResult at_e012_access(CPUARMState *env, const ARMCPRegInfo *ri,
- bool isread)
-{
- /*
- * R_NYXTL: instruction is UNDEFINED if it applies to an Exception level
- * lower than EL3 and the combination SCR_EL3.{NSE,NS} is reserved. This can
- * only happen when executing at EL3 because that combination also causes an
- * illegal exception return. We don't need to check FEAT_RME either, because
- * scr_write() ensures that the NSE bit is not set otherwise.
- */
- if ((env->cp15.scr_el3 & (SCR_NSE | SCR_NS)) == SCR_NSE) {
- return CP_ACCESS_UNDEFINED;
- }
- return CP_ACCESS_OK;
-}
-
-static CPAccessResult at_s1e2_access(CPUARMState *env, const ARMCPRegInfo *ri,
- bool isread)
-{
- if (arm_current_el(env) == 3 &&
- !(env->cp15.scr_el3 & (SCR_NS | SCR_EEL2))) {
- return CP_ACCESS_UNDEFINED;
- }
- return at_e012_access(env, ri, isread);
-}
-
-static CPAccessResult at_s1e01_access(CPUARMState *env, const ARMCPRegInfo *ri,
- bool isread)
-{
- if (arm_current_el(env) == 1 && (arm_hcr_el2_eff(env) & HCR_AT)) {
- return CP_ACCESS_TRAP_EL2;
- }
- return at_e012_access(env, ri, isread);
-}
-
-static void ats_write64(CPUARMState *env, const ARMCPRegInfo *ri,
- uint64_t value)
-{
-#ifdef CONFIG_TCG
- MMUAccessType access_type = ri->opc2 & 1 ? MMU_DATA_STORE : MMU_DATA_LOAD;
- ARMMMUIdx mmu_idx;
- uint64_t hcr_el2 = arm_hcr_el2_eff(env);
- bool regime_e20 = (hcr_el2 & (HCR_E2H | HCR_TGE)) == (HCR_E2H | HCR_TGE);
- bool for_el3 = false;
- ARMSecuritySpace ss;
-
- switch (ri->opc2 & 6) {
- case 0:
- switch (ri->opc1) {
- case 0: /* AT S1E1R, AT S1E1W, AT S1E1RP, AT S1E1WP */
- if (ri->crm == 9 && arm_pan_enabled(env)) {
- mmu_idx = regime_e20 ?
- ARMMMUIdx_E20_2_PAN : ARMMMUIdx_Stage1_E1_PAN;
- } else {
- mmu_idx = regime_e20 ? ARMMMUIdx_E20_2 : ARMMMUIdx_Stage1_E1;
- }
- break;
- case 4: /* AT S1E2R, AT S1E2W */
- mmu_idx = hcr_el2 & HCR_E2H ? ARMMMUIdx_E20_2 : ARMMMUIdx_E2;
- break;
- case 6: /* AT S1E3R, AT S1E3W */
- mmu_idx = ARMMMUIdx_E3;
- for_el3 = true;
- break;
- default:
- g_assert_not_reached();
- }
- break;
- case 2: /* AT S1E0R, AT S1E0W */
- mmu_idx = regime_e20 ? ARMMMUIdx_E20_0 : ARMMMUIdx_Stage1_E0;
- break;
- case 4: /* AT S12E1R, AT S12E1W */
- mmu_idx = regime_e20 ? ARMMMUIdx_E20_2 : ARMMMUIdx_E10_1;
- break;
- case 6: /* AT S12E0R, AT S12E0W */
- mmu_idx = regime_e20 ? ARMMMUIdx_E20_0 : ARMMMUIdx_E10_0;
- break;
- default:
- g_assert_not_reached();
- }
-
- ss = for_el3 ? arm_security_space(env) : arm_security_space_below_el3(env);
- env->cp15.par_el[1] = do_ats_write(env, value, access_type, mmu_idx, ss);
-#else
- /* Handled by hardware accelerator. */
- g_assert_not_reached();
-#endif /* CONFIG_TCG */
-}
-#endif
-
/* Return basic MPU access permission bits. */
static uint32_t simple_mpu_ap_bits(uint32_t val)
{
@@ -5094,53 +4698,6 @@ static const ARMCPRegInfo v8_cp_reginfo[] = {
.opc0 = 1, .opc1 = 0, .crn = 7, .crm = 14, .opc2 = 2,
.fgt = FGT_DCCISW,
.access = PL1_W, .accessfn = access_tsw, .type = ARM_CP_NOP },
-#ifndef CONFIG_USER_ONLY
- /* 64 bit address translation operations */
- { .name = "AT_S1E1R", .state = ARM_CP_STATE_AA64,
- .opc0 = 1, .opc1 = 0, .crn = 7, .crm = 8, .opc2 = 0,
- .access = PL1_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
- .fgt = FGT_ATS1E1R,
- .accessfn = at_s1e01_access, .writefn = ats_write64 },
- { .name = "AT_S1E1W", .state = ARM_CP_STATE_AA64,
- .opc0 = 1, .opc1 = 0, .crn = 7, .crm = 8, .opc2 = 1,
- .access = PL1_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
- .fgt = FGT_ATS1E1W,
- .accessfn = at_s1e01_access, .writefn = ats_write64 },
- { .name = "AT_S1E0R", .state = ARM_CP_STATE_AA64,
- .opc0 = 1, .opc1 = 0, .crn = 7, .crm = 8, .opc2 = 2,
- .access = PL1_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
- .fgt = FGT_ATS1E0R,
- .accessfn = at_s1e01_access, .writefn = ats_write64 },
- { .name = "AT_S1E0W", .state = ARM_CP_STATE_AA64,
- .opc0 = 1, .opc1 = 0, .crn = 7, .crm = 8, .opc2 = 3,
- .access = PL1_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
- .fgt = FGT_ATS1E0W,
- .accessfn = at_s1e01_access, .writefn = ats_write64 },
- { .name = "AT_S12E1R", .state = ARM_CP_STATE_AA64,
- .opc0 = 1, .opc1 = 4, .crn = 7, .crm = 8, .opc2 = 4,
- .access = PL2_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
- .accessfn = at_e012_access, .writefn = ats_write64 },
- { .name = "AT_S12E1W", .state = ARM_CP_STATE_AA64,
- .opc0 = 1, .opc1 = 4, .crn = 7, .crm = 8, .opc2 = 5,
- .access = PL2_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
- .accessfn = at_e012_access, .writefn = ats_write64 },
- { .name = "AT_S12E0R", .state = ARM_CP_STATE_AA64,
- .opc0 = 1, .opc1 = 4, .crn = 7, .crm = 8, .opc2 = 6,
- .access = PL2_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
- .accessfn = at_e012_access, .writefn = ats_write64 },
- { .name = "AT_S12E0W", .state = ARM_CP_STATE_AA64,
- .opc0 = 1, .opc1 = 4, .crn = 7, .crm = 8, .opc2 = 7,
- .access = PL2_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
- .accessfn = at_e012_access, .writefn = ats_write64 },
- /* AT S1E2* are elsewhere as they UNDEF from EL3 if EL2 is not present */
- { .name = "AT_S1E3R", .state = ARM_CP_STATE_AA64,
- .opc0 = 1, .opc1 = 6, .crn = 7, .crm = 8, .opc2 = 0,
- .access = PL3_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
- .writefn = ats_write64 },
- { .name = "AT_S1E3W", .state = ARM_CP_STATE_AA64,
- .opc0 = 1, .opc1 = 6, .crn = 7, .crm = 8, .opc2 = 1,
- .access = PL3_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
- .writefn = ats_write64 },
{ .name = "PAR_EL1", .state = ARM_CP_STATE_AA64,
.type = ARM_CP_ALIAS,
.opc0 = 3, .opc1 = 0, .crn = 7, .crm = 4, .opc2 = 0,
@@ -5148,7 +4705,6 @@ static const ARMCPRegInfo v8_cp_reginfo[] = {
.fgt = FGT_PAR_EL1,
.fieldoffset = offsetof(CPUARMState, cp15.par_el[1]),
.writefn = par_write },
-#endif
/* 32 bit cache operations */
{ .name = "ICIALLUIS", .cp = 15, .opc1 = 0, .crn = 7, .crm = 1, .opc2 = 0,
.type = ARM_CP_NOP, .access = PL1_W, .accessfn = access_ticab },
@@ -5751,33 +5307,6 @@ static const ARMCPRegInfo el2_cp_reginfo[] = {
.access = PL2_RW, .type = ARM_CP_64BIT | ARM_CP_ALIAS,
.fieldoffset = offsetof(CPUARMState, cp15.ttbr0_el[2]) },
#ifndef CONFIG_USER_ONLY
- /*
- * Unlike the other EL2-related AT operations, these must
- * UNDEF from EL3 if EL2 is not implemented, which is why we
- * define them here rather than with the rest of the AT ops.
- */
- { .name = "AT_S1E2R", .state = ARM_CP_STATE_AA64,
- .opc0 = 1, .opc1 = 4, .crn = 7, .crm = 8, .opc2 = 0,
- .access = PL2_W, .accessfn = at_s1e2_access,
- .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC | ARM_CP_EL3_NO_EL2_UNDEF,
- .writefn = ats_write64 },
- { .name = "AT_S1E2W", .state = ARM_CP_STATE_AA64,
- .opc0 = 1, .opc1 = 4, .crn = 7, .crm = 8, .opc2 = 1,
- .access = PL2_W, .accessfn = at_s1e2_access,
- .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC | ARM_CP_EL3_NO_EL2_UNDEF,
- .writefn = ats_write64 },
- /*
- * The AArch32 ATS1H* operations are CONSTRAINED UNPREDICTABLE
- * if EL2 is not implemented; we choose to UNDEF. Behaviour at EL3
- * with SCR.NS == 0 outside Monitor mode is UNPREDICTABLE; we choose
- * to behave as if SCR.NS was 1.
- */
- { .name = "ATS1HR", .cp = 15, .opc1 = 4, .crn = 7, .crm = 8, .opc2 = 0,
- .access = PL2_W,
- .writefn = ats1h_write, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC },
- { .name = "ATS1HW", .cp = 15, .opc1 = 4, .crn = 7, .crm = 8, .opc2 = 1,
- .access = PL2_W,
- .writefn = ats1h_write, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC },
{ .name = "CNTHCTL_EL2", .state = ARM_CP_STATE_BOTH,
.opc0 = 3, .opc1 = 4, .crn = 14, .crm = 1, .opc2 = 0,
/*
@@ -7704,32 +7233,6 @@ static const ARMCPRegInfo vhe_reginfo[] = {
#endif
};
-#ifndef CONFIG_USER_ONLY
-static const ARMCPRegInfo ats1e1_reginfo[] = {
- { .name = "AT_S1E1RP", .state = ARM_CP_STATE_AA64,
- .opc0 = 1, .opc1 = 0, .crn = 7, .crm = 9, .opc2 = 0,
- .access = PL1_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
- .fgt = FGT_ATS1E1RP,
- .accessfn = at_s1e01_access, .writefn = ats_write64 },
- { .name = "AT_S1E1WP", .state = ARM_CP_STATE_AA64,
- .opc0 = 1, .opc1 = 0, .crn = 7, .crm = 9, .opc2 = 1,
- .access = PL1_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
- .fgt = FGT_ATS1E1WP,
- .accessfn = at_s1e01_access, .writefn = ats_write64 },
-};
-
-static const ARMCPRegInfo ats1cp_reginfo[] = {
- { .name = "ATS1CPRP",
- .cp = 15, .opc1 = 0, .crn = 7, .crm = 9, .opc2 = 0,
- .access = PL1_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
- .writefn = ats_write },
- { .name = "ATS1CPWP",
- .cp = 15, .opc1 = 0, .crn = 7, .crm = 9, .opc2 = 1,
- .access = PL1_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
- .writefn = ats_write },
-};
-#endif
-
/*
* ACTLR2 and HACTLR2 map to ACTLR_EL1[63:32] and
* ACTLR_EL2[63:32]. They exist only if the ID_MMFR4.AC2 field
@@ -7773,6 +7276,7 @@ void register_cp_regs_for_features(ARMCPU *cpu)
#ifndef CONFIG_USER_ONLY
if (tcg_enabled()) {
define_tlb_insn_regs(cpu);
+ define_at_insn_regs(cpu);
}
#endif
@@ -8506,12 +8010,6 @@ void register_cp_regs_for_features(ARMCPU *cpu)
.bank_fieldoffsets = { offsetoflow32(CPUARMState, cp15.par_s),
offsetoflow32(CPUARMState, cp15.par_ns) },
.writefn = par_write},
-#ifndef CONFIG_USER_ONLY
- /* This underdecoding is safe because the reginfo is NO_RAW. */
- { .name = "ATS", .cp = 15, .crn = 7, .crm = 8, .opc1 = 0, .opc2 = CP_ANY,
- .access = PL1_W, .accessfn = ats_access,
- .writefn = ats_write, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC },
-#endif
};
/*
@@ -8917,14 +8415,6 @@ void register_cp_regs_for_features(ARMCPU *cpu)
if (cpu_isar_feature(aa64_pan, cpu)) {
define_one_arm_cp_reg(cpu, &pan_reginfo);
}
-#ifndef CONFIG_USER_ONLY
- if (cpu_isar_feature(aa64_ats1e1, cpu)) {
- define_arm_cp_regs(cpu, ats1e1_reginfo);
- }
- if (cpu_isar_feature(aa32_ats1e1, cpu)) {
- define_arm_cp_regs(cpu, ats1cp_reginfo);
- }
-#endif
if (cpu_isar_feature(aa64_uao, cpu)) {
define_one_arm_cp_reg(cpu, &uao_reginfo);
}
diff --git a/target/arm/tcg/cpregs-at.c b/target/arm/tcg/cpregs-at.c
new file mode 100644
index 00000000000..398a61d3989
--- /dev/null
+++ b/target/arm/tcg/cpregs-at.c
@@ -0,0 +1,519 @@
+/*
+ * System instructions for address translation
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#include "qemu/osdep.h"
+#include "cpu.h"
+#include "cpu-features.h"
+#include "internals.h"
+#include "cpregs.h"
+
+
+static int par_el1_shareability(GetPhysAddrResult *res)
+{
+ /*
+ * The PAR_EL1.SH field must be 0b10 for Device or Normal-NC
+ * memory -- see pseudocode PAREncodeShareability().
+ */
+ if (((res->cacheattrs.attrs & 0xf0) == 0) ||
+ res->cacheattrs.attrs == 0x44 || res->cacheattrs.attrs == 0x40) {
+ return 2;
+ }
+ return res->cacheattrs.shareability;
+}
+
+static uint64_t do_ats_write(CPUARMState *env, uint64_t value,
+ MMUAccessType access_type, ARMMMUIdx mmu_idx,
+ ARMSecuritySpace ss)
+{
+ bool ret;
+ uint64_t par64;
+ bool format64 = false;
+ ARMMMUFaultInfo fi = {};
+ GetPhysAddrResult res = {};
+
+ /*
+ * I_MXTJT: Granule protection checks are not performed on the final
+ * address of a successful translation. This is a translation not a
+ * memory reference, so "memop = none = 0".
+ */
+ ret = get_phys_addr_with_space_nogpc(env, value, access_type, 0,
+ mmu_idx, ss, &res, &fi);
+
+ /*
+ * ATS operations only do S1 or S1+S2 translations, so we never
+ * have to deal with the ARMCacheAttrs format for S2 only.
+ */
+ assert(!res.cacheattrs.is_s2_format);
+
+ if (ret) {
+ /*
+ * Some kinds of translation fault must cause exceptions rather
+ * than being reported in the PAR.
+ */
+ int current_el = arm_current_el(env);
+ int target_el;
+ uint32_t syn, fsr, fsc;
+ bool take_exc = false;
+
+ if (fi.s1ptw && current_el == 1
+ && arm_mmu_idx_is_stage1_of_2(mmu_idx)) {
+ /*
+ * Synchronous stage 2 fault on an access made as part of the
+ * translation table walk for AT S1E0* or AT S1E1* insn
+ * executed from NS EL1. If this is a synchronous external abort
+ * and SCR_EL3.EA == 1, then we take a synchronous external abort
+ * to EL3. Otherwise the fault is taken as an exception to EL2,
+ * and HPFAR_EL2 holds the faulting IPA.
+ */
+ if (fi.type == ARMFault_SyncExternalOnWalk &&
+ (env->cp15.scr_el3 & SCR_EA)) {
+ target_el = 3;
+ } else {
+ env->cp15.hpfar_el2 = extract64(fi.s2addr, 12, 47) << 4;
+ if (arm_is_secure_below_el3(env) && fi.s1ns) {
+ env->cp15.hpfar_el2 |= HPFAR_NS;
+ }
+ target_el = 2;
+ }
+ take_exc = true;
+ } else if (fi.type == ARMFault_SyncExternalOnWalk) {
+ /*
+ * Synchronous external aborts during a translation table walk
+ * are taken as Data Abort exceptions.
+ */
+ if (fi.stage2) {
+ if (current_el == 3) {
+ target_el = 3;
+ } else {
+ target_el = 2;
+ }
+ } else {
+ target_el = exception_target_el(env);
+ }
+ take_exc = true;
+ }
+
+ if (take_exc) {
+ /* Construct FSR and FSC using same logic as arm_deliver_fault() */
+ if (target_el == 2 || arm_el_is_aa64(env, target_el) ||
+ arm_s1_regime_using_lpae_format(env, mmu_idx)) {
+ fsr = arm_fi_to_lfsc(&fi);
+ fsc = extract32(fsr, 0, 6);
+ } else {
+ fsr = arm_fi_to_sfsc(&fi);
+ fsc = 0x3f;
+ }
+ /*
+ * Report exception with ESR indicating a fault due to a
+ * translation table walk for a cache maintenance instruction.
+ */
+ syn = syn_data_abort_no_iss(current_el == target_el, 0,
+ fi.ea, 1, fi.s1ptw, 1, fsc);
+ env->exception.vaddress = value;
+ env->exception.fsr = fsr;
+ raise_exception(env, EXCP_DATA_ABORT, syn, target_el);
+ }
+ }
+
+ if (is_a64(env)) {
+ format64 = true;
+ } else if (arm_feature(env, ARM_FEATURE_LPAE)) {
+ /*
+ * ATS1Cxx:
+ * * TTBCR.EAE determines whether the result is returned using the
+ * 32-bit or the 64-bit PAR format
+ * * Instructions executed in Hyp mode always use the 64bit format
+ *
+ * ATS1S2NSOxx uses the 64bit format if any of the following is true:
+ * * The Non-secure TTBCR.EAE bit is set to 1
+ * * The implementation includes EL2, and the value of HCR.VM is 1
+ *
+ * (Note that HCR.DC makes HCR.VM behave as if it is 1.)
+ *
+ * ATS1Hx always uses the 64bit format.
+ */
+ format64 = arm_s1_regime_using_lpae_format(env, mmu_idx);
+
+ if (arm_feature(env, ARM_FEATURE_EL2)) {
+ if (mmu_idx == ARMMMUIdx_E10_0 ||
+ mmu_idx == ARMMMUIdx_E10_1 ||
+ mmu_idx == ARMMMUIdx_E10_1_PAN) {
+ format64 |= env->cp15.hcr_el2 & (HCR_VM | HCR_DC);
+ } else {
+ format64 |= arm_current_el(env) == 2;
+ }
+ }
+ }
+
+ if (format64) {
+ /* Create a 64-bit PAR */
+ par64 = (1 << 11); /* LPAE bit always set */
+ if (!ret) {
+ par64 |= res.f.phys_addr & ~0xfffULL;
+ if (!res.f.attrs.secure) {
+ par64 |= (1 << 9); /* NS */
+ }
+ par64 |= (uint64_t)res.cacheattrs.attrs << 56; /* ATTR */
+ par64 |= par_el1_shareability(&res) << 7; /* SH */
+ } else {
+ uint32_t fsr = arm_fi_to_lfsc(&fi);
+
+ par64 |= 1; /* F */
+ par64 |= (fsr & 0x3f) << 1; /* FS */
+ if (fi.stage2) {
+ par64 |= (1 << 9); /* S */
+ }
+ if (fi.s1ptw) {
+ par64 |= (1 << 8); /* PTW */
+ }
+ }
+ } else {
+ /*
+ * fsr is a DFSR/IFSR value for the short descriptor
+ * translation table format (with WnR always clear).
+ * Convert it to a 32-bit PAR.
+ */
+ if (!ret) {
+ /* We do not set any attribute bits in the PAR */
+ if (res.f.lg_page_size == 24
+ && arm_feature(env, ARM_FEATURE_V7)) {
+ par64 = (res.f.phys_addr & 0xff000000) | (1 << 1);
+ } else {
+ par64 = res.f.phys_addr & 0xfffff000;
+ }
+ if (!res.f.attrs.secure) {
+ par64 |= (1 << 9); /* NS */
+ }
+ } else {
+ uint32_t fsr = arm_fi_to_sfsc(&fi);
+
+ par64 = ((fsr & (1 << 10)) >> 5) | ((fsr & (1 << 12)) >> 6) |
+ ((fsr & 0xf) << 1) | 1;
+ }
+ }
+ return par64;
+}
+
+static void ats_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value)
+{
+ MMUAccessType access_type = ri->opc2 & 1 ? MMU_DATA_STORE : MMU_DATA_LOAD;
+ uint64_t par64;
+ ARMMMUIdx mmu_idx;
+ int el = arm_current_el(env);
+ ARMSecuritySpace ss = arm_security_space(env);
+
+ switch (ri->opc2 & 6) {
+ case 0:
+ /* stage 1 current state PL1: ATS1CPR, ATS1CPW, ATS1CPRP, ATS1CPWP */
+ switch (el) {
+ case 3:
+ if (ri->crm == 9 && arm_pan_enabled(env)) {
+ mmu_idx = ARMMMUIdx_E30_3_PAN;
+ } else {
+ mmu_idx = ARMMMUIdx_E3;
+ }
+ break;
+ case 2:
+ g_assert(ss != ARMSS_Secure); /* ARMv8.4-SecEL2 is 64-bit only */
+ /* fall through */
+ case 1:
+ if (ri->crm == 9 && arm_pan_enabled(env)) {
+ mmu_idx = ARMMMUIdx_Stage1_E1_PAN;
+ } else {
+ mmu_idx = ARMMMUIdx_Stage1_E1;
+ }
+ break;
+ default:
+ g_assert_not_reached();
+ }
+ break;
+ case 2:
+ /* stage 1 current state PL0: ATS1CUR, ATS1CUW */
+ switch (el) {
+ case 3:
+ mmu_idx = ARMMMUIdx_E30_0;
+ break;
+ case 2:
+ g_assert(ss != ARMSS_Secure); /* ARMv8.4-SecEL2 is 64-bit only */
+ mmu_idx = ARMMMUIdx_Stage1_E0;
+ break;
+ case 1:
+ mmu_idx = ARMMMUIdx_Stage1_E0;
+ break;
+ default:
+ g_assert_not_reached();
+ }
+ break;
+ case 4:
+ /* stage 1+2 NonSecure PL1: ATS12NSOPR, ATS12NSOPW */
+ mmu_idx = ARMMMUIdx_E10_1;
+ ss = ARMSS_NonSecure;
+ break;
+ case 6:
+ /* stage 1+2 NonSecure PL0: ATS12NSOUR, ATS12NSOUW */
+ mmu_idx = ARMMMUIdx_E10_0;
+ ss = ARMSS_NonSecure;
+ break;
+ default:
+ g_assert_not_reached();
+ }
+
+ par64 = do_ats_write(env, value, access_type, mmu_idx, ss);
+
+ A32_BANKED_CURRENT_REG_SET(env, par, par64);
+}
+
+static void ats1h_write(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value)
+{
+ MMUAccessType access_type = ri->opc2 & 1 ? MMU_DATA_STORE : MMU_DATA_LOAD;
+ uint64_t par64;
+
+ /* There is no SecureEL2 for AArch32. */
+ par64 = do_ats_write(env, value, access_type, ARMMMUIdx_E2,
+ ARMSS_NonSecure);
+
+ A32_BANKED_CURRENT_REG_SET(env, par, par64);
+}
+
+static CPAccessResult at_e012_access(CPUARMState *env, const ARMCPRegInfo *ri,
+ bool isread)
+{
+ /*
+ * R_NYXTL: instruction is UNDEFINED if it applies to an Exception level
+ * lower than EL3 and the combination SCR_EL3.{NSE,NS} is reserved. This can
+ * only happen when executing at EL3 because that combination also causes an
+ * illegal exception return. We don't need to check FEAT_RME either, because
+ * scr_write() ensures that the NSE bit is not set otherwise.
+ */
+ if ((env->cp15.scr_el3 & (SCR_NSE | SCR_NS)) == SCR_NSE) {
+ return CP_ACCESS_UNDEFINED;
+ }
+ return CP_ACCESS_OK;
+}
+
+static CPAccessResult at_s1e2_access(CPUARMState *env, const ARMCPRegInfo *ri,
+ bool isread)
+{
+ if (arm_current_el(env) == 3 &&
+ !(env->cp15.scr_el3 & (SCR_NS | SCR_EEL2))) {
+ return CP_ACCESS_UNDEFINED;
+ }
+ return at_e012_access(env, ri, isread);
+}
+
+static CPAccessResult at_s1e01_access(CPUARMState *env, const ARMCPRegInfo *ri,
+ bool isread)
+{
+ if (arm_current_el(env) == 1 && (arm_hcr_el2_eff(env) & HCR_AT)) {
+ return CP_ACCESS_TRAP_EL2;
+ }
+ return at_e012_access(env, ri, isread);
+}
+
+static void ats_write64(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value)
+{
+ MMUAccessType access_type = ri->opc2 & 1 ? MMU_DATA_STORE : MMU_DATA_LOAD;
+ ARMMMUIdx mmu_idx;
+ uint64_t hcr_el2 = arm_hcr_el2_eff(env);
+ bool regime_e20 = (hcr_el2 & (HCR_E2H | HCR_TGE)) == (HCR_E2H | HCR_TGE);
+ bool for_el3 = false;
+ ARMSecuritySpace ss;
+
+ switch (ri->opc2 & 6) {
+ case 0:
+ switch (ri->opc1) {
+ case 0: /* AT S1E1R, AT S1E1W, AT S1E1RP, AT S1E1WP */
+ if (ri->crm == 9 && arm_pan_enabled(env)) {
+ mmu_idx = regime_e20 ?
+ ARMMMUIdx_E20_2_PAN : ARMMMUIdx_Stage1_E1_PAN;
+ } else {
+ mmu_idx = regime_e20 ? ARMMMUIdx_E20_2 : ARMMMUIdx_Stage1_E1;
+ }
+ break;
+ case 4: /* AT S1E2R, AT S1E2W */
+ mmu_idx = hcr_el2 & HCR_E2H ? ARMMMUIdx_E20_2 : ARMMMUIdx_E2;
+ break;
+ case 6: /* AT S1E3R, AT S1E3W */
+ mmu_idx = ARMMMUIdx_E3;
+ for_el3 = true;
+ break;
+ default:
+ g_assert_not_reached();
+ }
+ break;
+ case 2: /* AT S1E0R, AT S1E0W */
+ mmu_idx = regime_e20 ? ARMMMUIdx_E20_0 : ARMMMUIdx_Stage1_E0;
+ break;
+ case 4: /* AT S12E1R, AT S12E1W */
+ mmu_idx = regime_e20 ? ARMMMUIdx_E20_2 : ARMMMUIdx_E10_1;
+ break;
+ case 6: /* AT S12E0R, AT S12E0W */
+ mmu_idx = regime_e20 ? ARMMMUIdx_E20_0 : ARMMMUIdx_E10_0;
+ break;
+ default:
+ g_assert_not_reached();
+ }
+
+ ss = for_el3 ? arm_security_space(env) : arm_security_space_below_el3(env);
+ env->cp15.par_el[1] = do_ats_write(env, value, access_type, mmu_idx, ss);
+}
+
+static CPAccessResult ats_access(CPUARMState *env, const ARMCPRegInfo *ri,
+ bool isread)
+{
+ if (ri->opc2 & 4) {
+ /*
+ * The ATS12NSO* operations must trap to EL3 or EL2 if executed in
+ * Secure EL1 (which can only happen if EL3 is AArch64).
+ * They are simply UNDEF if executed from NS EL1.
+ * They function normally from EL2 or EL3.
+ */
+ if (arm_current_el(env) == 1) {
+ if (arm_is_secure_below_el3(env)) {
+ if (env->cp15.scr_el3 & SCR_EEL2) {
+ return CP_ACCESS_TRAP_EL2;
+ }
+ return CP_ACCESS_TRAP_EL3;
+ }
+ return CP_ACCESS_UNDEFINED;
+ }
+ }
+ return CP_ACCESS_OK;
+}
+
+static const ARMCPRegInfo vapa_ats_reginfo[] = {
+ /* This underdecoding is safe because the reginfo is NO_RAW. */
+ { .name = "ATS", .cp = 15, .crn = 7, .crm = 8, .opc1 = 0, .opc2 = CP_ANY,
+ .access = PL1_W, .accessfn = ats_access,
+ .writefn = ats_write, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC },
+};
+
+static const ARMCPRegInfo v8_ats_reginfo[] = {
+ /* 64 bit address translation operations */
+ { .name = "AT_S1E1R", .state = ARM_CP_STATE_AA64,
+ .opc0 = 1, .opc1 = 0, .crn = 7, .crm = 8, .opc2 = 0,
+ .access = PL1_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
+ .fgt = FGT_ATS1E1R,
+ .accessfn = at_s1e01_access, .writefn = ats_write64 },
+ { .name = "AT_S1E1W", .state = ARM_CP_STATE_AA64,
+ .opc0 = 1, .opc1 = 0, .crn = 7, .crm = 8, .opc2 = 1,
+ .access = PL1_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
+ .fgt = FGT_ATS1E1W,
+ .accessfn = at_s1e01_access, .writefn = ats_write64 },
+ { .name = "AT_S1E0R", .state = ARM_CP_STATE_AA64,
+ .opc0 = 1, .opc1 = 0, .crn = 7, .crm = 8, .opc2 = 2,
+ .access = PL1_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
+ .fgt = FGT_ATS1E0R,
+ .accessfn = at_s1e01_access, .writefn = ats_write64 },
+ { .name = "AT_S1E0W", .state = ARM_CP_STATE_AA64,
+ .opc0 = 1, .opc1 = 0, .crn = 7, .crm = 8, .opc2 = 3,
+ .access = PL1_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
+ .fgt = FGT_ATS1E0W,
+ .accessfn = at_s1e01_access, .writefn = ats_write64 },
+ { .name = "AT_S12E1R", .state = ARM_CP_STATE_AA64,
+ .opc0 = 1, .opc1 = 4, .crn = 7, .crm = 8, .opc2 = 4,
+ .access = PL2_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
+ .accessfn = at_e012_access, .writefn = ats_write64 },
+ { .name = "AT_S12E1W", .state = ARM_CP_STATE_AA64,
+ .opc0 = 1, .opc1 = 4, .crn = 7, .crm = 8, .opc2 = 5,
+ .access = PL2_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
+ .accessfn = at_e012_access, .writefn = ats_write64 },
+ { .name = "AT_S12E0R", .state = ARM_CP_STATE_AA64,
+ .opc0 = 1, .opc1 = 4, .crn = 7, .crm = 8, .opc2 = 6,
+ .access = PL2_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
+ .accessfn = at_e012_access, .writefn = ats_write64 },
+ { .name = "AT_S12E0W", .state = ARM_CP_STATE_AA64,
+ .opc0 = 1, .opc1 = 4, .crn = 7, .crm = 8, .opc2 = 7,
+ .access = PL2_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
+ .accessfn = at_e012_access, .writefn = ats_write64 },
+ /* AT S1E2* are elsewhere as they UNDEF from EL3 if EL2 is not present */
+ { .name = "AT_S1E3R", .state = ARM_CP_STATE_AA64,
+ .opc0 = 1, .opc1 = 6, .crn = 7, .crm = 8, .opc2 = 0,
+ .access = PL3_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
+ .writefn = ats_write64 },
+ { .name = "AT_S1E3W", .state = ARM_CP_STATE_AA64,
+ .opc0 = 1, .opc1 = 6, .crn = 7, .crm = 8, .opc2 = 1,
+ .access = PL3_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
+ .writefn = ats_write64 },
+};
+
+static const ARMCPRegInfo el2_ats_reginfo[] = {
+ /*
+ * Unlike the other EL2-related AT operations, these must
+ * UNDEF from EL3 if EL2 is not implemented, which is why we
+ * define them here rather than with the rest of the AT ops.
+ */
+ { .name = "AT_S1E2R", .state = ARM_CP_STATE_AA64,
+ .opc0 = 1, .opc1 = 4, .crn = 7, .crm = 8, .opc2 = 0,
+ .access = PL2_W, .accessfn = at_s1e2_access,
+ .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC | ARM_CP_EL3_NO_EL2_UNDEF,
+ .writefn = ats_write64 },
+ { .name = "AT_S1E2W", .state = ARM_CP_STATE_AA64,
+ .opc0 = 1, .opc1 = 4, .crn = 7, .crm = 8, .opc2 = 1,
+ .access = PL2_W, .accessfn = at_s1e2_access,
+ .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC | ARM_CP_EL3_NO_EL2_UNDEF,
+ .writefn = ats_write64 },
+ /*
+ * The AArch32 ATS1H* operations are CONSTRAINED UNPREDICTABLE
+ * if EL2 is not implemented; we choose to UNDEF. Behaviour at EL3
+ * with SCR.NS == 0 outside Monitor mode is UNPREDICTABLE; we choose
+ * to behave as if SCR.NS was 1.
+ */
+ { .name = "ATS1HR", .cp = 15, .opc1 = 4, .crn = 7, .crm = 8, .opc2 = 0,
+ .access = PL2_W,
+ .writefn = ats1h_write, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC },
+ { .name = "ATS1HW", .cp = 15, .opc1 = 4, .crn = 7, .crm = 8, .opc2 = 1,
+ .access = PL2_W,
+ .writefn = ats1h_write, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC },
+};
+
+static const ARMCPRegInfo ats1e1_reginfo[] = {
+ { .name = "AT_S1E1RP", .state = ARM_CP_STATE_AA64,
+ .opc0 = 1, .opc1 = 0, .crn = 7, .crm = 9, .opc2 = 0,
+ .access = PL1_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
+ .fgt = FGT_ATS1E1RP,
+ .accessfn = at_s1e01_access, .writefn = ats_write64 },
+ { .name = "AT_S1E1WP", .state = ARM_CP_STATE_AA64,
+ .opc0 = 1, .opc1 = 0, .crn = 7, .crm = 9, .opc2 = 1,
+ .access = PL1_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
+ .fgt = FGT_ATS1E1WP,
+ .accessfn = at_s1e01_access, .writefn = ats_write64 },
+};
+
+static const ARMCPRegInfo ats1cp_reginfo[] = {
+ { .name = "ATS1CPRP",
+ .cp = 15, .opc1 = 0, .crn = 7, .crm = 9, .opc2 = 0,
+ .access = PL1_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
+ .writefn = ats_write },
+ { .name = "ATS1CPWP",
+ .cp = 15, .opc1 = 0, .crn = 7, .crm = 9, .opc2 = 1,
+ .access = PL1_W, .type = ARM_CP_NO_RAW | ARM_CP_RAISES_EXC,
+ .writefn = ats_write },
+};
+
+void define_at_insn_regs(ARMCPU *cpu)
+{
+ CPUARMState *env = &cpu->env;
+
+ if (arm_feature(env, ARM_FEATURE_VAPA)) {
+ define_arm_cp_regs(cpu, vapa_ats_reginfo);
+ }
+ if (arm_feature(env, ARM_FEATURE_V8)) {
+ define_arm_cp_regs(cpu, v8_ats_reginfo);
+ }
+ if (arm_feature(env, ARM_FEATURE_EL2)
+ || (arm_feature(env, ARM_FEATURE_EL3)
+ && arm_feature(env, ARM_FEATURE_V8))) {
+ define_arm_cp_regs(cpu, el2_ats_reginfo);
+ }
+ if (cpu_isar_feature(aa64_ats1e1, cpu)) {
+ define_arm_cp_regs(cpu, ats1e1_reginfo);
+ }
+ if (cpu_isar_feature(aa32_ats1e1, cpu)) {
+ define_arm_cp_regs(cpu, ats1cp_reginfo);
+ }
+}
diff --git a/target/arm/tcg/meson.build b/target/arm/tcg/meson.build
index c59f0f03a1b..895facdc30b 100644
--- a/target/arm/tcg/meson.build
+++ b/target/arm/tcg/meson.build
@@ -64,6 +64,7 @@ arm_common_ss.add(files(
))
arm_common_system_ss.add(files(
+ 'cpregs-at.c',
'hflags.c',
'iwmmxt_helper.c',
'neon_helper.c',
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 24/36] target/arm: Split out performance monitor regs to cpregs-pmu.c
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (22 preceding siblings ...)
2025-07-11 13:34 ` [PULL 23/36] target/arm: Split out AT insns to tcg/cpregs-at.c Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-11 13:34 ` [PULL 25/36] target/arm: Don't enforce NSE, NS check for EL3->EL3 returns Peter Maydell
` (12 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
From: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20250707151547.196393-4-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/cpregs.h | 3 +
target/arm/internals.h | 2 +
target/arm/cpregs-pmu.c | 1309 +++++++++++++++++++++++++++++++++++++++
target/arm/helper.c | 1287 +-------------------------------------
target/arm/meson.build | 2 +
5 files changed, 1319 insertions(+), 1284 deletions(-)
create mode 100644 target/arm/cpregs-pmu.c
diff --git a/target/arm/cpregs.h b/target/arm/cpregs.h
index c1a7ae37356..c9506aa6d57 100644
--- a/target/arm/cpregs.h
+++ b/target/arm/cpregs.h
@@ -1065,6 +1065,9 @@ void arm_cp_write_ignore(CPUARMState *env, const ARMCPRegInfo *ri,
/* CPReadFn that can be used for read-as-zero behaviour */
uint64_t arm_cp_read_zero(CPUARMState *env, const ARMCPRegInfo *ri);
+/* CPReadFn that just reads the value from ri->fieldoffset */
+uint64_t raw_read(CPUARMState *env, const ARMCPRegInfo *ri);
+
/* CPWriteFn that just writes the value to ri->fieldoffset */
void raw_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value);
diff --git a/target/arm/internals.h b/target/arm/internals.h
index bcaf8965fc6..c4765e44893 100644
--- a/target/arm/internals.h
+++ b/target/arm/internals.h
@@ -1873,6 +1873,8 @@ void define_debug_regs(ARMCPU *cpu);
void define_tlb_insn_regs(ARMCPU *cpu);
/* Add the cpreg definitions for AT instructions */
void define_at_insn_regs(ARMCPU *cpu);
+/* Add the cpreg definitions for PM cpregs */
+void define_pm_cpregs(ARMCPU *cpu);
/* Effective value of MDCR_EL2 */
static inline uint64_t arm_mdcr_el2_eff(CPUARMState *env)
diff --git a/target/arm/cpregs-pmu.c b/target/arm/cpregs-pmu.c
new file mode 100644
index 00000000000..0f295b1376c
--- /dev/null
+++ b/target/arm/cpregs-pmu.c
@@ -0,0 +1,1309 @@
+/*
+ * QEMU ARM CP Register PMU insns
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/timer.h"
+#include "exec/icount.h"
+#include "hw/irq.h"
+#include "cpu.h"
+#include "cpu-features.h"
+#include "cpregs.h"
+#include "internals.h"
+
+
+#define ARM_CPU_FREQ 1000000000 /* FIXME: 1 GHz, should be configurable */
+
+/*
+ * Check for traps to performance monitor registers, which are controlled
+ * by MDCR_EL2.TPM for EL2 and MDCR_EL3.TPM for EL3.
+ */
+static CPAccessResult access_tpm(CPUARMState *env, const ARMCPRegInfo *ri,
+ bool isread)
+{
+ int el = arm_current_el(env);
+ uint64_t mdcr_el2 = arm_mdcr_el2_eff(env);
+
+ if (el < 2 && (mdcr_el2 & MDCR_TPM)) {
+ return CP_ACCESS_TRAP_EL2;
+ }
+ if (el < 3 && (env->cp15.mdcr_el3 & MDCR_TPM)) {
+ return CP_ACCESS_TRAP_EL3;
+ }
+ return CP_ACCESS_OK;
+}
+
+typedef struct pm_event {
+ uint16_t number; /* PMEVTYPER.evtCount is 16 bits wide */
+ /* If the event is supported on this CPU (used to generate PMCEID[01]) */
+ bool (*supported)(CPUARMState *);
+ /*
+ * Retrieve the current count of the underlying event. The programmed
+ * counters hold a difference from the return value from this function
+ */
+ uint64_t (*get_count)(CPUARMState *);
+ /*
+ * Return how many nanoseconds it will take (at a minimum) for count events
+ * to occur. A negative value indicates the counter will never overflow, or
+ * that the counter has otherwise arranged for the overflow bit to be set
+ * and the PMU interrupt to be raised on overflow.
+ */
+ int64_t (*ns_per_count)(uint64_t);
+} pm_event;
+
+static bool event_always_supported(CPUARMState *env)
+{
+ return true;
+}
+
+static uint64_t swinc_get_count(CPUARMState *env)
+{
+ /*
+ * SW_INCR events are written directly to the pmevcntr's by writes to
+ * PMSWINC, so there is no underlying count maintained by the PMU itself
+ */
+ return 0;
+}
+
+static int64_t swinc_ns_per(uint64_t ignored)
+{
+ return -1;
+}
+
+/*
+ * Return the underlying cycle count for the PMU cycle counters. If we're in
+ * usermode, simply return 0.
+ */
+static uint64_t cycles_get_count(CPUARMState *env)
+{
+#ifndef CONFIG_USER_ONLY
+ return muldiv64(qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL),
+ ARM_CPU_FREQ, NANOSECONDS_PER_SECOND);
+#else
+ return cpu_get_host_ticks();
+#endif
+}
+
+#ifndef CONFIG_USER_ONLY
+static int64_t cycles_ns_per(uint64_t cycles)
+{
+ return (ARM_CPU_FREQ / NANOSECONDS_PER_SECOND) * cycles;
+}
+
+static bool instructions_supported(CPUARMState *env)
+{
+ /* Precise instruction counting */
+ return icount_enabled() == ICOUNT_PRECISE;
+}
+
+static uint64_t instructions_get_count(CPUARMState *env)
+{
+ assert(icount_enabled() == ICOUNT_PRECISE);
+ return (uint64_t)icount_get_raw();
+}
+
+static int64_t instructions_ns_per(uint64_t icount)
+{
+ assert(icount_enabled() == ICOUNT_PRECISE);
+ return icount_to_ns((int64_t)icount);
+}
+#endif
+
+static bool pmuv3p1_events_supported(CPUARMState *env)
+{
+ /* For events which are supported in any v8.1 PMU */
+ return cpu_isar_feature(any_pmuv3p1, env_archcpu(env));
+}
+
+static bool pmuv3p4_events_supported(CPUARMState *env)
+{
+ /* For events which are supported in any v8.1 PMU */
+ return cpu_isar_feature(any_pmuv3p4, env_archcpu(env));
+}
+
+static uint64_t zero_event_get_count(CPUARMState *env)
+{
+ /* For events which on QEMU never fire, so their count is always zero */
+ return 0;
+}
+
+static int64_t zero_event_ns_per(uint64_t cycles)
+{
+ /* An event which never fires can never overflow */
+ return -1;
+}
+
+static const pm_event pm_events[] = {
+ { .number = 0x000, /* SW_INCR */
+ .supported = event_always_supported,
+ .get_count = swinc_get_count,
+ .ns_per_count = swinc_ns_per,
+ },
+#ifndef CONFIG_USER_ONLY
+ { .number = 0x008, /* INST_RETIRED, Instruction architecturally executed */
+ .supported = instructions_supported,
+ .get_count = instructions_get_count,
+ .ns_per_count = instructions_ns_per,
+ },
+ { .number = 0x011, /* CPU_CYCLES, Cycle */
+ .supported = event_always_supported,
+ .get_count = cycles_get_count,
+ .ns_per_count = cycles_ns_per,
+ },
+#endif
+ { .number = 0x023, /* STALL_FRONTEND */
+ .supported = pmuv3p1_events_supported,
+ .get_count = zero_event_get_count,
+ .ns_per_count = zero_event_ns_per,
+ },
+ { .number = 0x024, /* STALL_BACKEND */
+ .supported = pmuv3p1_events_supported,
+ .get_count = zero_event_get_count,
+ .ns_per_count = zero_event_ns_per,
+ },
+ { .number = 0x03c, /* STALL */
+ .supported = pmuv3p4_events_supported,
+ .get_count = zero_event_get_count,
+ .ns_per_count = zero_event_ns_per,
+ },
+};
+
+/*
+ * Note: Before increasing MAX_EVENT_ID beyond 0x3f into the 0x40xx range of
+ * events (i.e. the statistical profiling extension), this implementation
+ * should first be updated to something sparse instead of the current
+ * supported_event_map[] array.
+ */
+#define MAX_EVENT_ID 0x3c
+#define UNSUPPORTED_EVENT UINT16_MAX
+static uint16_t supported_event_map[MAX_EVENT_ID + 1];
+
+/*
+ * Called upon CPU initialization to initialize PMCEID[01]_EL0 and build a map
+ * of ARM event numbers to indices in our pm_events array.
+ *
+ * Note: Events in the 0x40XX range are not currently supported.
+ */
+void pmu_init(ARMCPU *cpu)
+{
+ unsigned int i;
+
+ /*
+ * Empty supported_event_map and cpu->pmceid[01] before adding supported
+ * events to them
+ */
+ for (i = 0; i < ARRAY_SIZE(supported_event_map); i++) {
+ supported_event_map[i] = UNSUPPORTED_EVENT;
+ }
+ cpu->pmceid0 = 0;
+ cpu->pmceid1 = 0;
+
+ for (i = 0; i < ARRAY_SIZE(pm_events); i++) {
+ const pm_event *cnt = &pm_events[i];
+ assert(cnt->number <= MAX_EVENT_ID);
+ /* We do not currently support events in the 0x40xx range */
+ assert(cnt->number <= 0x3f);
+
+ if (cnt->supported(&cpu->env)) {
+ supported_event_map[cnt->number] = i;
+ uint64_t event_mask = 1ULL << (cnt->number & 0x1f);
+ if (cnt->number & 0x20) {
+ cpu->pmceid1 |= event_mask;
+ } else {
+ cpu->pmceid0 |= event_mask;
+ }
+ }
+ }
+}
+
+/*
+ * Check at runtime whether a PMU event is supported for the current machine
+ */
+static bool event_supported(uint16_t number)
+{
+ if (number > MAX_EVENT_ID) {
+ return false;
+ }
+ return supported_event_map[number] != UNSUPPORTED_EVENT;
+}
+
+static CPAccessResult pmreg_access(CPUARMState *env, const ARMCPRegInfo *ri,
+ bool isread)
+{
+ /*
+ * Performance monitor registers user accessibility is controlled
+ * by PMUSERENR. MDCR_EL2.TPM and MDCR_EL3.TPM allow configurable
+ * trapping to EL2 or EL3 for other accesses.
+ */
+ int el = arm_current_el(env);
+ uint64_t mdcr_el2 = arm_mdcr_el2_eff(env);
+
+ if (el == 0 && !(env->cp15.c9_pmuserenr & 1)) {
+ return CP_ACCESS_TRAP_EL1;
+ }
+ if (el < 2 && (mdcr_el2 & MDCR_TPM)) {
+ return CP_ACCESS_TRAP_EL2;
+ }
+ if (el < 3 && (env->cp15.mdcr_el3 & MDCR_TPM)) {
+ return CP_ACCESS_TRAP_EL3;
+ }
+
+ return CP_ACCESS_OK;
+}
+
+static CPAccessResult pmreg_access_xevcntr(CPUARMState *env,
+ const ARMCPRegInfo *ri,
+ bool isread)
+{
+ /* ER: event counter read trap control */
+ if (arm_feature(env, ARM_FEATURE_V8)
+ && arm_current_el(env) == 0
+ && (env->cp15.c9_pmuserenr & (1 << 3)) != 0
+ && isread) {
+ return CP_ACCESS_OK;
+ }
+
+ return pmreg_access(env, ri, isread);
+}
+
+static CPAccessResult pmreg_access_swinc(CPUARMState *env,
+ const ARMCPRegInfo *ri,
+ bool isread)
+{
+ /* SW: software increment write trap control */
+ if (arm_feature(env, ARM_FEATURE_V8)
+ && arm_current_el(env) == 0
+ && (env->cp15.c9_pmuserenr & (1 << 1)) != 0
+ && !isread) {
+ return CP_ACCESS_OK;
+ }
+
+ return pmreg_access(env, ri, isread);
+}
+
+static CPAccessResult pmreg_access_selr(CPUARMState *env,
+ const ARMCPRegInfo *ri,
+ bool isread)
+{
+ /* ER: event counter read trap control */
+ if (arm_feature(env, ARM_FEATURE_V8)
+ && arm_current_el(env) == 0
+ && (env->cp15.c9_pmuserenr & (1 << 3)) != 0) {
+ return CP_ACCESS_OK;
+ }
+
+ return pmreg_access(env, ri, isread);
+}
+
+static CPAccessResult pmreg_access_ccntr(CPUARMState *env,
+ const ARMCPRegInfo *ri,
+ bool isread)
+{
+ /* CR: cycle counter read trap control */
+ if (arm_feature(env, ARM_FEATURE_V8)
+ && arm_current_el(env) == 0
+ && (env->cp15.c9_pmuserenr & (1 << 2)) != 0
+ && isread) {
+ return CP_ACCESS_OK;
+ }
+
+ return pmreg_access(env, ri, isread);
+}
+
+/*
+ * Returns true if the counter (pass 31 for PMCCNTR) should count events using
+ * the current EL, security state, and register configuration.
+ */
+static bool pmu_counter_enabled(CPUARMState *env, uint8_t counter)
+{
+ uint64_t filter;
+ bool e, p, u, nsk, nsu, nsh, m;
+ bool enabled, prohibited = false, filtered;
+ bool secure = arm_is_secure(env);
+ int el = arm_current_el(env);
+ uint64_t mdcr_el2;
+ uint8_t hpmn;
+
+ /*
+ * We might be called for M-profile cores where MDCR_EL2 doesn't
+ * exist and arm_mdcr_el2_eff() will assert, so this early-exit check
+ * must be before we read that value.
+ */
+ if (!arm_feature(env, ARM_FEATURE_PMU)) {
+ return false;
+ }
+
+ mdcr_el2 = arm_mdcr_el2_eff(env);
+ hpmn = mdcr_el2 & MDCR_HPMN;
+
+ if (!arm_feature(env, ARM_FEATURE_EL2) ||
+ (counter < hpmn || counter == 31)) {
+ e = env->cp15.c9_pmcr & PMCRE;
+ } else {
+ e = mdcr_el2 & MDCR_HPME;
+ }
+ enabled = e && (env->cp15.c9_pmcnten & (1 << counter));
+
+ /* Is event counting prohibited? */
+ if (el == 2 && (counter < hpmn || counter == 31)) {
+ prohibited = mdcr_el2 & MDCR_HPMD;
+ }
+ if (secure) {
+ prohibited = prohibited || !(env->cp15.mdcr_el3 & MDCR_SPME);
+ }
+
+ if (counter == 31) {
+ /*
+ * The cycle counter defaults to running. PMCR.DP says "disable
+ * the cycle counter when event counting is prohibited".
+ * Some MDCR bits disable the cycle counter specifically.
+ */
+ prohibited = prohibited && env->cp15.c9_pmcr & PMCRDP;
+ if (cpu_isar_feature(any_pmuv3p5, env_archcpu(env))) {
+ if (secure) {
+ prohibited = prohibited || (env->cp15.mdcr_el3 & MDCR_SCCD);
+ }
+ if (el == 2) {
+ prohibited = prohibited || (mdcr_el2 & MDCR_HCCD);
+ }
+ }
+ }
+
+ if (counter == 31) {
+ filter = env->cp15.pmccfiltr_el0;
+ } else {
+ filter = env->cp15.c14_pmevtyper[counter];
+ }
+
+ p = filter & PMXEVTYPER_P;
+ u = filter & PMXEVTYPER_U;
+ nsk = arm_feature(env, ARM_FEATURE_EL3) && (filter & PMXEVTYPER_NSK);
+ nsu = arm_feature(env, ARM_FEATURE_EL3) && (filter & PMXEVTYPER_NSU);
+ nsh = arm_feature(env, ARM_FEATURE_EL2) && (filter & PMXEVTYPER_NSH);
+ m = arm_el_is_aa64(env, 1) &&
+ arm_feature(env, ARM_FEATURE_EL3) && (filter & PMXEVTYPER_M);
+
+ if (el == 0) {
+ filtered = secure ? u : u != nsu;
+ } else if (el == 1) {
+ filtered = secure ? p : p != nsk;
+ } else if (el == 2) {
+ filtered = !nsh;
+ } else { /* EL3 */
+ filtered = m != p;
+ }
+
+ if (counter != 31) {
+ /*
+ * If not checking PMCCNTR, ensure the counter is setup to an event we
+ * support
+ */
+ uint16_t event = filter & PMXEVTYPER_EVTCOUNT;
+ if (!event_supported(event)) {
+ return false;
+ }
+ }
+
+ return enabled && !prohibited && !filtered;
+}
+
+static void pmu_update_irq(CPUARMState *env)
+{
+ ARMCPU *cpu = env_archcpu(env);
+ qemu_set_irq(cpu->pmu_interrupt, (env->cp15.c9_pmcr & PMCRE) &&
+ (env->cp15.c9_pminten & env->cp15.c9_pmovsr));
+}
+
+static bool pmccntr_clockdiv_enabled(CPUARMState *env)
+{
+ /*
+ * Return true if the clock divider is enabled and the cycle counter
+ * is supposed to tick only once every 64 clock cycles. This is
+ * controlled by PMCR.D, but if PMCR.LC is set to enable the long
+ * (64-bit) cycle counter PMCR.D has no effect.
+ */
+ return (env->cp15.c9_pmcr & (PMCRD | PMCRLC)) == PMCRD;
+}
+
+static bool pmevcntr_is_64_bit(CPUARMState *env, int counter)
+{
+ /* Return true if the specified event counter is configured to be 64 bit */
+
+ /* This isn't intended to be used with the cycle counter */
+ assert(counter < 31);
+
+ if (!cpu_isar_feature(any_pmuv3p5, env_archcpu(env))) {
+ return false;
+ }
+
+ if (arm_feature(env, ARM_FEATURE_EL2)) {
+ /*
+ * MDCR_EL2.HLP still applies even when EL2 is disabled in the
+ * current security state, so we don't use arm_mdcr_el2_eff() here.
+ */
+ bool hlp = env->cp15.mdcr_el2 & MDCR_HLP;
+ int hpmn = env->cp15.mdcr_el2 & MDCR_HPMN;
+
+ if (counter >= hpmn) {
+ return hlp;
+ }
+ }
+ return env->cp15.c9_pmcr & PMCRLP;
+}
+
+/*
+ * Ensure c15_ccnt is the guest-visible count so that operations such as
+ * enabling/disabling the counter or filtering, modifying the count itself,
+ * etc. can be done logically. This is essentially a no-op if the counter is
+ * not enabled at the time of the call.
+ */
+static void pmccntr_op_start(CPUARMState *env)
+{
+ uint64_t cycles = cycles_get_count(env);
+
+ if (pmu_counter_enabled(env, 31)) {
+ uint64_t eff_cycles = cycles;
+ if (pmccntr_clockdiv_enabled(env)) {
+ eff_cycles /= 64;
+ }
+
+ uint64_t new_pmccntr = eff_cycles - env->cp15.c15_ccnt_delta;
+
+ uint64_t overflow_mask = env->cp15.c9_pmcr & PMCRLC ? \
+ 1ull << 63 : 1ull << 31;
+ if (env->cp15.c15_ccnt & ~new_pmccntr & overflow_mask) {
+ env->cp15.c9_pmovsr |= (1ULL << 31);
+ pmu_update_irq(env);
+ }
+
+ env->cp15.c15_ccnt = new_pmccntr;
+ }
+ env->cp15.c15_ccnt_delta = cycles;
+}
+
+/*
+ * If PMCCNTR is enabled, recalculate the delta between the clock and the
+ * guest-visible count. A call to pmccntr_op_finish should follow every call to
+ * pmccntr_op_start.
+ */
+static void pmccntr_op_finish(CPUARMState *env)
+{
+ if (pmu_counter_enabled(env, 31)) {
+#ifndef CONFIG_USER_ONLY
+ /* Calculate when the counter will next overflow */
+ uint64_t remaining_cycles = -env->cp15.c15_ccnt;
+ if (!(env->cp15.c9_pmcr & PMCRLC)) {
+ remaining_cycles = (uint32_t)remaining_cycles;
+ }
+ int64_t overflow_in = cycles_ns_per(remaining_cycles);
+
+ if (overflow_in > 0) {
+ int64_t overflow_at;
+
+ if (!sadd64_overflow(qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL),
+ overflow_in, &overflow_at)) {
+ ARMCPU *cpu = env_archcpu(env);
+ timer_mod_anticipate_ns(cpu->pmu_timer, overflow_at);
+ }
+ }
+#endif
+
+ uint64_t prev_cycles = env->cp15.c15_ccnt_delta;
+ if (pmccntr_clockdiv_enabled(env)) {
+ prev_cycles /= 64;
+ }
+ env->cp15.c15_ccnt_delta = prev_cycles - env->cp15.c15_ccnt;
+ }
+}
+
+static void pmevcntr_op_start(CPUARMState *env, uint8_t counter)
+{
+
+ uint16_t event = env->cp15.c14_pmevtyper[counter] & PMXEVTYPER_EVTCOUNT;
+ uint64_t count = 0;
+ if (event_supported(event)) {
+ uint16_t event_idx = supported_event_map[event];
+ count = pm_events[event_idx].get_count(env);
+ }
+
+ if (pmu_counter_enabled(env, counter)) {
+ uint64_t new_pmevcntr = count - env->cp15.c14_pmevcntr_delta[counter];
+ uint64_t overflow_mask = pmevcntr_is_64_bit(env, counter) ?
+ 1ULL << 63 : 1ULL << 31;
+
+ if (env->cp15.c14_pmevcntr[counter] & ~new_pmevcntr & overflow_mask) {
+ env->cp15.c9_pmovsr |= (1 << counter);
+ pmu_update_irq(env);
+ }
+ env->cp15.c14_pmevcntr[counter] = new_pmevcntr;
+ }
+ env->cp15.c14_pmevcntr_delta[counter] = count;
+}
+
+static void pmevcntr_op_finish(CPUARMState *env, uint8_t counter)
+{
+ if (pmu_counter_enabled(env, counter)) {
+#ifndef CONFIG_USER_ONLY
+ uint16_t event = env->cp15.c14_pmevtyper[counter] & PMXEVTYPER_EVTCOUNT;
+ uint16_t event_idx = supported_event_map[event];
+ uint64_t delta = -(env->cp15.c14_pmevcntr[counter] + 1);
+ int64_t overflow_in;
+
+ if (!pmevcntr_is_64_bit(env, counter)) {
+ delta = (uint32_t)delta;
+ }
+ overflow_in = pm_events[event_idx].ns_per_count(delta);
+
+ if (overflow_in > 0) {
+ int64_t overflow_at;
+
+ if (!sadd64_overflow(qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL),
+ overflow_in, &overflow_at)) {
+ ARMCPU *cpu = env_archcpu(env);
+ timer_mod_anticipate_ns(cpu->pmu_timer, overflow_at);
+ }
+ }
+#endif
+
+ env->cp15.c14_pmevcntr_delta[counter] -=
+ env->cp15.c14_pmevcntr[counter];
+ }
+}
+
+void pmu_op_start(CPUARMState *env)
+{
+ unsigned int i;
+ pmccntr_op_start(env);
+ for (i = 0; i < pmu_num_counters(env); i++) {
+ pmevcntr_op_start(env, i);
+ }
+}
+
+void pmu_op_finish(CPUARMState *env)
+{
+ unsigned int i;
+ pmccntr_op_finish(env);
+ for (i = 0; i < pmu_num_counters(env); i++) {
+ pmevcntr_op_finish(env, i);
+ }
+}
+
+void pmu_pre_el_change(ARMCPU *cpu, void *ignored)
+{
+ pmu_op_start(&cpu->env);
+}
+
+void pmu_post_el_change(ARMCPU *cpu, void *ignored)
+{
+ pmu_op_finish(&cpu->env);
+}
+
+void arm_pmu_timer_cb(void *opaque)
+{
+ ARMCPU *cpu = opaque;
+
+ /*
+ * Update all the counter values based on the current underlying counts,
+ * triggering interrupts to be raised, if necessary. pmu_op_finish() also
+ * has the effect of setting the cpu->pmu_timer to the next earliest time a
+ * counter may expire.
+ */
+ pmu_op_start(&cpu->env);
+ pmu_op_finish(&cpu->env);
+}
+
+static void pmcr_write(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value)
+{
+ pmu_op_start(env);
+
+ if (value & PMCRC) {
+ /* The counter has been reset */
+ env->cp15.c15_ccnt = 0;
+ }
+
+ if (value & PMCRP) {
+ unsigned int i;
+ for (i = 0; i < pmu_num_counters(env); i++) {
+ env->cp15.c14_pmevcntr[i] = 0;
+ }
+ }
+
+ env->cp15.c9_pmcr &= ~PMCR_WRITABLE_MASK;
+ env->cp15.c9_pmcr |= (value & PMCR_WRITABLE_MASK);
+
+ pmu_op_finish(env);
+}
+
+static uint64_t pmcr_read(CPUARMState *env, const ARMCPRegInfo *ri)
+{
+ uint64_t pmcr = env->cp15.c9_pmcr;
+
+ /*
+ * If EL2 is implemented and enabled for the current security state, reads
+ * of PMCR.N from EL1 or EL0 return the value of MDCR_EL2.HPMN or HDCR.HPMN.
+ */
+ if (arm_current_el(env) <= 1 && arm_is_el2_enabled(env)) {
+ pmcr &= ~PMCRN_MASK;
+ pmcr |= (env->cp15.mdcr_el2 & MDCR_HPMN) << PMCRN_SHIFT;
+ }
+
+ return pmcr;
+}
+
+static void pmswinc_write(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value)
+{
+ unsigned int i;
+ uint64_t overflow_mask, new_pmswinc;
+
+ for (i = 0; i < pmu_num_counters(env); i++) {
+ /* Increment a counter's count iff: */
+ if ((value & (1 << i)) && /* counter's bit is set */
+ /* counter is enabled and not filtered */
+ pmu_counter_enabled(env, i) &&
+ /* counter is SW_INCR */
+ (env->cp15.c14_pmevtyper[i] & PMXEVTYPER_EVTCOUNT) == 0x0) {
+ pmevcntr_op_start(env, i);
+
+ /*
+ * Detect if this write causes an overflow since we can't predict
+ * PMSWINC overflows like we can for other events
+ */
+ new_pmswinc = env->cp15.c14_pmevcntr[i] + 1;
+
+ overflow_mask = pmevcntr_is_64_bit(env, i) ?
+ 1ULL << 63 : 1ULL << 31;
+
+ if (env->cp15.c14_pmevcntr[i] & ~new_pmswinc & overflow_mask) {
+ env->cp15.c9_pmovsr |= (1 << i);
+ pmu_update_irq(env);
+ }
+
+ env->cp15.c14_pmevcntr[i] = new_pmswinc;
+
+ pmevcntr_op_finish(env, i);
+ }
+ }
+}
+
+static uint64_t pmccntr_read(CPUARMState *env, const ARMCPRegInfo *ri)
+{
+ uint64_t ret;
+ pmccntr_op_start(env);
+ ret = env->cp15.c15_ccnt;
+ pmccntr_op_finish(env);
+ return ret;
+}
+
+static void pmselr_write(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value)
+{
+ /*
+ * The value of PMSELR.SEL affects the behavior of PMXEVTYPER and
+ * PMXEVCNTR. We allow [0..31] to be written to PMSELR here; in the
+ * meanwhile, we check PMSELR.SEL when PMXEVTYPER and PMXEVCNTR are
+ * accessed.
+ */
+ env->cp15.c9_pmselr = value & 0x1f;
+}
+
+static void pmccntr_write(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value)
+{
+ pmccntr_op_start(env);
+ env->cp15.c15_ccnt = value;
+ pmccntr_op_finish(env);
+}
+
+static void pmccntr_write32(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value)
+{
+ uint64_t cur_val = pmccntr_read(env, NULL);
+
+ pmccntr_write(env, ri, deposit64(cur_val, 0, 32, value));
+}
+
+static void pmccfiltr_write(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value)
+{
+ pmccntr_op_start(env);
+ env->cp15.pmccfiltr_el0 = value & PMCCFILTR_EL0;
+ pmccntr_op_finish(env);
+}
+
+static void pmccfiltr_write_a32(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value)
+{
+ pmccntr_op_start(env);
+ /* M is not accessible from AArch32 */
+ env->cp15.pmccfiltr_el0 = (env->cp15.pmccfiltr_el0 & PMCCFILTR_M) |
+ (value & PMCCFILTR);
+ pmccntr_op_finish(env);
+}
+
+static uint64_t pmccfiltr_read_a32(CPUARMState *env, const ARMCPRegInfo *ri)
+{
+ /* M is not visible in AArch32 */
+ return env->cp15.pmccfiltr_el0 & PMCCFILTR;
+}
+
+static void pmcntenset_write(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value)
+{
+ pmu_op_start(env);
+ value &= pmu_counter_mask(env);
+ env->cp15.c9_pmcnten |= value;
+ pmu_op_finish(env);
+}
+
+static void pmcntenclr_write(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value)
+{
+ pmu_op_start(env);
+ value &= pmu_counter_mask(env);
+ env->cp15.c9_pmcnten &= ~value;
+ pmu_op_finish(env);
+}
+
+static void pmovsr_write(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value)
+{
+ value &= pmu_counter_mask(env);
+ env->cp15.c9_pmovsr &= ~value;
+ pmu_update_irq(env);
+}
+
+static void pmovsset_write(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value)
+{
+ value &= pmu_counter_mask(env);
+ env->cp15.c9_pmovsr |= value;
+ pmu_update_irq(env);
+}
+
+static void pmevtyper_write(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value, const uint8_t counter)
+{
+ if (counter == 31) {
+ pmccfiltr_write(env, ri, value);
+ } else if (counter < pmu_num_counters(env)) {
+ pmevcntr_op_start(env, counter);
+
+ /*
+ * If this counter's event type is changing, store the current
+ * underlying count for the new type in c14_pmevcntr_delta[counter] so
+ * pmevcntr_op_finish has the correct baseline when it converts back to
+ * a delta.
+ */
+ uint16_t old_event = env->cp15.c14_pmevtyper[counter] &
+ PMXEVTYPER_EVTCOUNT;
+ uint16_t new_event = value & PMXEVTYPER_EVTCOUNT;
+ if (old_event != new_event) {
+ uint64_t count = 0;
+ if (event_supported(new_event)) {
+ uint16_t event_idx = supported_event_map[new_event];
+ count = pm_events[event_idx].get_count(env);
+ }
+ env->cp15.c14_pmevcntr_delta[counter] = count;
+ }
+
+ env->cp15.c14_pmevtyper[counter] = value & PMXEVTYPER_MASK;
+ pmevcntr_op_finish(env, counter);
+ }
+ /*
+ * Attempts to access PMXEVTYPER are CONSTRAINED UNPREDICTABLE when
+ * PMSELR value is equal to or greater than the number of implemented
+ * counters, but not equal to 0x1f. We opt to behave as a RAZ/WI.
+ */
+}
+
+static uint64_t pmevtyper_read(CPUARMState *env, const ARMCPRegInfo *ri,
+ const uint8_t counter)
+{
+ if (counter == 31) {
+ return env->cp15.pmccfiltr_el0;
+ } else if (counter < pmu_num_counters(env)) {
+ return env->cp15.c14_pmevtyper[counter];
+ } else {
+ /*
+ * We opt to behave as a RAZ/WI when attempts to access PMXEVTYPER
+ * are CONSTRAINED UNPREDICTABLE. See comments in pmevtyper_write().
+ */
+ return 0;
+ }
+}
+
+static void pmevtyper_writefn(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value)
+{
+ uint8_t counter = ((ri->crm & 3) << 3) | (ri->opc2 & 7);
+ pmevtyper_write(env, ri, value, counter);
+}
+
+static void pmevtyper_rawwrite(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value)
+{
+ uint8_t counter = ((ri->crm & 3) << 3) | (ri->opc2 & 7);
+ env->cp15.c14_pmevtyper[counter] = value;
+
+ /*
+ * pmevtyper_rawwrite is called between a pair of pmu_op_start and
+ * pmu_op_finish calls when loading saved state for a migration. Because
+ * we're potentially updating the type of event here, the value written to
+ * c14_pmevcntr_delta by the preceding pmu_op_start call may be for a
+ * different counter type. Therefore, we need to set this value to the
+ * current count for the counter type we're writing so that pmu_op_finish
+ * has the correct count for its calculation.
+ */
+ uint16_t event = value & PMXEVTYPER_EVTCOUNT;
+ if (event_supported(event)) {
+ uint16_t event_idx = supported_event_map[event];
+ env->cp15.c14_pmevcntr_delta[counter] =
+ pm_events[event_idx].get_count(env);
+ }
+}
+
+static uint64_t pmevtyper_readfn(CPUARMState *env, const ARMCPRegInfo *ri)
+{
+ uint8_t counter = ((ri->crm & 3) << 3) | (ri->opc2 & 7);
+ return pmevtyper_read(env, ri, counter);
+}
+
+static void pmxevtyper_write(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value)
+{
+ pmevtyper_write(env, ri, value, env->cp15.c9_pmselr & 31);
+}
+
+static uint64_t pmxevtyper_read(CPUARMState *env, const ARMCPRegInfo *ri)
+{
+ return pmevtyper_read(env, ri, env->cp15.c9_pmselr & 31);
+}
+
+static void pmevcntr_write(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value, uint8_t counter)
+{
+ if (!cpu_isar_feature(any_pmuv3p5, env_archcpu(env))) {
+ /* Before FEAT_PMUv3p5, top 32 bits of event counters are RES0 */
+ value &= MAKE_64BIT_MASK(0, 32);
+ }
+ if (counter < pmu_num_counters(env)) {
+ pmevcntr_op_start(env, counter);
+ env->cp15.c14_pmevcntr[counter] = value;
+ pmevcntr_op_finish(env, counter);
+ }
+ /*
+ * We opt to behave as a RAZ/WI when attempts to access PM[X]EVCNTR
+ * are CONSTRAINED UNPREDICTABLE.
+ */
+}
+
+static uint64_t pmevcntr_read(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint8_t counter)
+{
+ if (counter < pmu_num_counters(env)) {
+ uint64_t ret;
+ pmevcntr_op_start(env, counter);
+ ret = env->cp15.c14_pmevcntr[counter];
+ pmevcntr_op_finish(env, counter);
+ if (!cpu_isar_feature(any_pmuv3p5, env_archcpu(env))) {
+ /* Before FEAT_PMUv3p5, top 32 bits of event counters are RES0 */
+ ret &= MAKE_64BIT_MASK(0, 32);
+ }
+ return ret;
+ } else {
+ /*
+ * We opt to behave as a RAZ/WI when attempts to access PM[X]EVCNTR
+ * are CONSTRAINED UNPREDICTABLE.
+ */
+ return 0;
+ }
+}
+
+static void pmevcntr_writefn(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value)
+{
+ uint8_t counter = ((ri->crm & 3) << 3) | (ri->opc2 & 7);
+ pmevcntr_write(env, ri, value, counter);
+}
+
+static uint64_t pmevcntr_readfn(CPUARMState *env, const ARMCPRegInfo *ri)
+{
+ uint8_t counter = ((ri->crm & 3) << 3) | (ri->opc2 & 7);
+ return pmevcntr_read(env, ri, counter);
+}
+
+static void pmevcntr_rawwrite(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value)
+{
+ uint8_t counter = ((ri->crm & 3) << 3) | (ri->opc2 & 7);
+ assert(counter < pmu_num_counters(env));
+ env->cp15.c14_pmevcntr[counter] = value;
+ pmevcntr_write(env, ri, value, counter);
+}
+
+static uint64_t pmevcntr_rawread(CPUARMState *env, const ARMCPRegInfo *ri)
+{
+ uint8_t counter = ((ri->crm & 3) << 3) | (ri->opc2 & 7);
+ assert(counter < pmu_num_counters(env));
+ return env->cp15.c14_pmevcntr[counter];
+}
+
+static void pmxevcntr_write(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value)
+{
+ pmevcntr_write(env, ri, value, env->cp15.c9_pmselr & 31);
+}
+
+static uint64_t pmxevcntr_read(CPUARMState *env, const ARMCPRegInfo *ri)
+{
+ return pmevcntr_read(env, ri, env->cp15.c9_pmselr & 31);
+}
+
+static void pmuserenr_write(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value)
+{
+ if (arm_feature(env, ARM_FEATURE_V8)) {
+ env->cp15.c9_pmuserenr = value & 0xf;
+ } else {
+ env->cp15.c9_pmuserenr = value & 1;
+ }
+}
+
+static void pmintenset_write(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value)
+{
+ /* We have no event counters so only the C bit can be changed */
+ value &= pmu_counter_mask(env);
+ env->cp15.c9_pminten |= value;
+ pmu_update_irq(env);
+}
+
+static void pmintenclr_write(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value)
+{
+ value &= pmu_counter_mask(env);
+ env->cp15.c9_pminten &= ~value;
+ pmu_update_irq(env);
+}
+
+static const ARMCPRegInfo v7_pm_reginfo[] = {
+ /*
+ * Performance monitors are implementation defined in v7,
+ * but with an ARM recommended set of registers, which we
+ * follow.
+ *
+ * Performance registers fall into three categories:
+ * (a) always UNDEF in PL0, RW in PL1 (PMINTENSET, PMINTENCLR)
+ * (b) RO in PL0 (ie UNDEF on write), RW in PL1 (PMUSERENR)
+ * (c) UNDEF in PL0 if PMUSERENR.EN==0, otherwise accessible (all others)
+ * For the cases controlled by PMUSERENR we must set .access to PL0_RW
+ * or PL0_RO as appropriate and then check PMUSERENR in the helper fn.
+ */
+ { .name = "PMCNTENSET", .cp = 15, .crn = 9, .crm = 12, .opc1 = 0, .opc2 = 1,
+ .access = PL0_RW, .type = ARM_CP_ALIAS | ARM_CP_IO,
+ .fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pmcnten),
+ .writefn = pmcntenset_write,
+ .accessfn = pmreg_access,
+ .fgt = FGT_PMCNTEN,
+ .raw_writefn = raw_write },
+ { .name = "PMCNTENSET_EL0", .state = ARM_CP_STATE_AA64, .type = ARM_CP_IO,
+ .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 12, .opc2 = 1,
+ .access = PL0_RW, .accessfn = pmreg_access,
+ .fgt = FGT_PMCNTEN,
+ .fieldoffset = offsetof(CPUARMState, cp15.c9_pmcnten), .resetvalue = 0,
+ .writefn = pmcntenset_write, .raw_writefn = raw_write },
+ { .name = "PMCNTENCLR", .cp = 15, .crn = 9, .crm = 12, .opc1 = 0, .opc2 = 2,
+ .access = PL0_RW,
+ .fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pmcnten),
+ .accessfn = pmreg_access,
+ .fgt = FGT_PMCNTEN,
+ .writefn = pmcntenclr_write, .raw_writefn = raw_write,
+ .type = ARM_CP_ALIAS | ARM_CP_IO },
+ { .name = "PMCNTENCLR_EL0", .state = ARM_CP_STATE_AA64,
+ .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 12, .opc2 = 2,
+ .access = PL0_RW, .accessfn = pmreg_access,
+ .fgt = FGT_PMCNTEN,
+ .type = ARM_CP_ALIAS | ARM_CP_IO,
+ .fieldoffset = offsetof(CPUARMState, cp15.c9_pmcnten),
+ .writefn = pmcntenclr_write, .raw_writefn = raw_write },
+ { .name = "PMOVSR", .cp = 15, .crn = 9, .crm = 12, .opc1 = 0, .opc2 = 3,
+ .access = PL0_RW, .type = ARM_CP_IO,
+ .fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pmovsr),
+ .accessfn = pmreg_access,
+ .fgt = FGT_PMOVS,
+ .writefn = pmovsr_write,
+ .raw_writefn = raw_write },
+ { .name = "PMOVSCLR_EL0", .state = ARM_CP_STATE_AA64,
+ .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 12, .opc2 = 3,
+ .access = PL0_RW, .accessfn = pmreg_access,
+ .fgt = FGT_PMOVS,
+ .type = ARM_CP_ALIAS | ARM_CP_IO,
+ .fieldoffset = offsetof(CPUARMState, cp15.c9_pmovsr),
+ .writefn = pmovsr_write,
+ .raw_writefn = raw_write },
+ { .name = "PMSWINC", .cp = 15, .crn = 9, .crm = 12, .opc1 = 0, .opc2 = 4,
+ .access = PL0_W, .accessfn = pmreg_access_swinc,
+ .fgt = FGT_PMSWINC_EL0,
+ .type = ARM_CP_NO_RAW | ARM_CP_IO,
+ .writefn = pmswinc_write },
+ { .name = "PMSWINC_EL0", .state = ARM_CP_STATE_AA64,
+ .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 12, .opc2 = 4,
+ .access = PL0_W, .accessfn = pmreg_access_swinc,
+ .fgt = FGT_PMSWINC_EL0,
+ .type = ARM_CP_NO_RAW | ARM_CP_IO,
+ .writefn = pmswinc_write },
+ { .name = "PMSELR", .cp = 15, .crn = 9, .crm = 12, .opc1 = 0, .opc2 = 5,
+ .access = PL0_RW, .type = ARM_CP_ALIAS,
+ .fgt = FGT_PMSELR_EL0,
+ .fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pmselr),
+ .accessfn = pmreg_access_selr, .writefn = pmselr_write,
+ .raw_writefn = raw_write},
+ { .name = "PMSELR_EL0", .state = ARM_CP_STATE_AA64,
+ .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 12, .opc2 = 5,
+ .access = PL0_RW, .accessfn = pmreg_access_selr,
+ .fgt = FGT_PMSELR_EL0,
+ .fieldoffset = offsetof(CPUARMState, cp15.c9_pmselr),
+ .writefn = pmselr_write, .raw_writefn = raw_write, },
+ { .name = "PMCCNTR", .cp = 15, .crn = 9, .crm = 13, .opc1 = 0, .opc2 = 0,
+ .access = PL0_RW, .resetvalue = 0, .type = ARM_CP_ALIAS | ARM_CP_IO,
+ .fgt = FGT_PMCCNTR_EL0,
+ .readfn = pmccntr_read, .writefn = pmccntr_write32,
+ .accessfn = pmreg_access_ccntr },
+ { .name = "PMCCNTR_EL0", .state = ARM_CP_STATE_AA64,
+ .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 13, .opc2 = 0,
+ .access = PL0_RW, .accessfn = pmreg_access_ccntr,
+ .fgt = FGT_PMCCNTR_EL0,
+ .type = ARM_CP_IO,
+ .fieldoffset = offsetof(CPUARMState, cp15.c15_ccnt),
+ .readfn = pmccntr_read, .writefn = pmccntr_write,
+ .raw_readfn = raw_read, .raw_writefn = raw_write, },
+ { .name = "PMCCFILTR", .cp = 15, .opc1 = 0, .crn = 14, .crm = 15, .opc2 = 7,
+ .writefn = pmccfiltr_write_a32, .readfn = pmccfiltr_read_a32,
+ .access = PL0_RW, .accessfn = pmreg_access,
+ .fgt = FGT_PMCCFILTR_EL0,
+ .type = ARM_CP_ALIAS | ARM_CP_IO,
+ .resetvalue = 0, },
+ { .name = "PMCCFILTR_EL0", .state = ARM_CP_STATE_AA64,
+ .opc0 = 3, .opc1 = 3, .crn = 14, .crm = 15, .opc2 = 7,
+ .writefn = pmccfiltr_write, .raw_writefn = raw_write,
+ .access = PL0_RW, .accessfn = pmreg_access,
+ .fgt = FGT_PMCCFILTR_EL0,
+ .type = ARM_CP_IO,
+ .fieldoffset = offsetof(CPUARMState, cp15.pmccfiltr_el0),
+ .resetvalue = 0, },
+ { .name = "PMXEVTYPER", .cp = 15, .crn = 9, .crm = 13, .opc1 = 0, .opc2 = 1,
+ .access = PL0_RW, .type = ARM_CP_NO_RAW | ARM_CP_IO,
+ .accessfn = pmreg_access,
+ .fgt = FGT_PMEVTYPERN_EL0,
+ .writefn = pmxevtyper_write, .readfn = pmxevtyper_read },
+ { .name = "PMXEVTYPER_EL0", .state = ARM_CP_STATE_AA64,
+ .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 13, .opc2 = 1,
+ .access = PL0_RW, .type = ARM_CP_NO_RAW | ARM_CP_IO,
+ .accessfn = pmreg_access,
+ .fgt = FGT_PMEVTYPERN_EL0,
+ .writefn = pmxevtyper_write, .readfn = pmxevtyper_read },
+ { .name = "PMXEVCNTR", .cp = 15, .crn = 9, .crm = 13, .opc1 = 0, .opc2 = 2,
+ .access = PL0_RW, .type = ARM_CP_NO_RAW | ARM_CP_IO,
+ .accessfn = pmreg_access_xevcntr,
+ .fgt = FGT_PMEVCNTRN_EL0,
+ .writefn = pmxevcntr_write, .readfn = pmxevcntr_read },
+ { .name = "PMXEVCNTR_EL0", .state = ARM_CP_STATE_AA64,
+ .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 13, .opc2 = 2,
+ .access = PL0_RW, .type = ARM_CP_NO_RAW | ARM_CP_IO,
+ .accessfn = pmreg_access_xevcntr,
+ .fgt = FGT_PMEVCNTRN_EL0,
+ .writefn = pmxevcntr_write, .readfn = pmxevcntr_read },
+ { .name = "PMUSERENR", .cp = 15, .crn = 9, .crm = 14, .opc1 = 0, .opc2 = 0,
+ .access = PL0_R | PL1_RW, .accessfn = access_tpm,
+ .fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pmuserenr),
+ .resetvalue = 0,
+ .writefn = pmuserenr_write, .raw_writefn = raw_write },
+ { .name = "PMUSERENR_EL0", .state = ARM_CP_STATE_AA64,
+ .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 14, .opc2 = 0,
+ .access = PL0_R | PL1_RW, .accessfn = access_tpm, .type = ARM_CP_ALIAS,
+ .fieldoffset = offsetof(CPUARMState, cp15.c9_pmuserenr),
+ .resetvalue = 0,
+ .writefn = pmuserenr_write, .raw_writefn = raw_write },
+ { .name = "PMINTENSET", .cp = 15, .crn = 9, .crm = 14, .opc1 = 0, .opc2 = 1,
+ .access = PL1_RW, .accessfn = access_tpm,
+ .fgt = FGT_PMINTEN,
+ .type = ARM_CP_ALIAS | ARM_CP_IO,
+ .fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pminten),
+ .resetvalue = 0,
+ .writefn = pmintenset_write, .raw_writefn = raw_write },
+ { .name = "PMINTENSET_EL1", .state = ARM_CP_STATE_AA64,
+ .opc0 = 3, .opc1 = 0, .crn = 9, .crm = 14, .opc2 = 1,
+ .access = PL1_RW, .accessfn = access_tpm,
+ .fgt = FGT_PMINTEN,
+ .type = ARM_CP_IO,
+ .fieldoffset = offsetof(CPUARMState, cp15.c9_pminten),
+ .writefn = pmintenset_write, .raw_writefn = raw_write,
+ .resetvalue = 0x0 },
+ { .name = "PMINTENCLR", .cp = 15, .crn = 9, .crm = 14, .opc1 = 0, .opc2 = 2,
+ .access = PL1_RW, .accessfn = access_tpm,
+ .fgt = FGT_PMINTEN,
+ .type = ARM_CP_ALIAS | ARM_CP_IO,
+ .fieldoffset = offsetof(CPUARMState, cp15.c9_pminten),
+ .writefn = pmintenclr_write, .raw_writefn = raw_write },
+ { .name = "PMINTENCLR_EL1", .state = ARM_CP_STATE_AA64,
+ .opc0 = 3, .opc1 = 0, .crn = 9, .crm = 14, .opc2 = 2,
+ .access = PL1_RW, .accessfn = access_tpm,
+ .fgt = FGT_PMINTEN,
+ .type = ARM_CP_ALIAS | ARM_CP_IO,
+ .fieldoffset = offsetof(CPUARMState, cp15.c9_pminten),
+ .writefn = pmintenclr_write, .raw_writefn = raw_write },
+};
+
+static const ARMCPRegInfo pmovsset_cp_reginfo[] = {
+ /* PMOVSSET is not implemented in v7 before v7ve */
+ { .name = "PMOVSSET", .cp = 15, .opc1 = 0, .crn = 9, .crm = 14, .opc2 = 3,
+ .access = PL0_RW, .accessfn = pmreg_access,
+ .fgt = FGT_PMOVS,
+ .type = ARM_CP_ALIAS | ARM_CP_IO,
+ .fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pmovsr),
+ .writefn = pmovsset_write,
+ .raw_writefn = raw_write },
+ { .name = "PMOVSSET_EL0", .state = ARM_CP_STATE_AA64,
+ .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 14, .opc2 = 3,
+ .access = PL0_RW, .accessfn = pmreg_access,
+ .fgt = FGT_PMOVS,
+ .type = ARM_CP_ALIAS | ARM_CP_IO,
+ .fieldoffset = offsetof(CPUARMState, cp15.c9_pmovsr),
+ .writefn = pmovsset_write,
+ .raw_writefn = raw_write },
+};
+
+void define_pm_cpregs(ARMCPU *cpu)
+{
+ CPUARMState *env = &cpu->env;
+
+ if (arm_feature(env, ARM_FEATURE_V7)) {
+ /*
+ * v7 performance monitor control register: same implementor
+ * field as main ID register, and we implement four counters in
+ * addition to the cycle count register.
+ */
+ static const ARMCPRegInfo pmcr = {
+ .name = "PMCR", .cp = 15, .crn = 9, .crm = 12, .opc1 = 0, .opc2 = 0,
+ .access = PL0_RW,
+ .fgt = FGT_PMCR_EL0,
+ .type = ARM_CP_IO | ARM_CP_ALIAS,
+ .fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pmcr),
+ .accessfn = pmreg_access,
+ .readfn = pmcr_read, .raw_readfn = raw_read,
+ .writefn = pmcr_write, .raw_writefn = raw_write,
+ };
+ const ARMCPRegInfo pmcr64 = {
+ .name = "PMCR_EL0", .state = ARM_CP_STATE_AA64,
+ .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 12, .opc2 = 0,
+ .access = PL0_RW, .accessfn = pmreg_access,
+ .fgt = FGT_PMCR_EL0,
+ .type = ARM_CP_IO,
+ .fieldoffset = offsetof(CPUARMState, cp15.c9_pmcr),
+ .resetvalue = cpu->isar.reset_pmcr_el0,
+ .readfn = pmcr_read, .raw_readfn = raw_read,
+ .writefn = pmcr_write, .raw_writefn = raw_write,
+ };
+
+ define_one_arm_cp_reg(cpu, &pmcr);
+ define_one_arm_cp_reg(cpu, &pmcr64);
+ define_arm_cp_regs(cpu, v7_pm_reginfo);
+
+ for (unsigned i = 0, pmcrn = pmu_num_counters(env); i < pmcrn; i++) {
+ g_autofree char *pmevcntr_name = g_strdup_printf("PMEVCNTR%d", i);
+ g_autofree char *pmevcntr_el0_name = g_strdup_printf("PMEVCNTR%d_EL0", i);
+ g_autofree char *pmevtyper_name = g_strdup_printf("PMEVTYPER%d", i);
+ g_autofree char *pmevtyper_el0_name = g_strdup_printf("PMEVTYPER%d_EL0", i);
+
+ ARMCPRegInfo pmev_regs[] = {
+ { .name = pmevcntr_name, .cp = 15, .crn = 14,
+ .crm = 8 | (3 & (i >> 3)), .opc1 = 0, .opc2 = i & 7,
+ .access = PL0_RW, .type = ARM_CP_IO | ARM_CP_ALIAS,
+ .fgt = FGT_PMEVCNTRN_EL0,
+ .readfn = pmevcntr_readfn, .writefn = pmevcntr_writefn,
+ .accessfn = pmreg_access_xevcntr },
+ { .name = pmevcntr_el0_name, .state = ARM_CP_STATE_AA64,
+ .opc0 = 3, .opc1 = 3, .crn = 14, .crm = 8 | (3 & (i >> 3)),
+ .opc2 = i & 7, .access = PL0_RW, .accessfn = pmreg_access_xevcntr,
+ .type = ARM_CP_IO,
+ .fgt = FGT_PMEVCNTRN_EL0,
+ .readfn = pmevcntr_readfn, .writefn = pmevcntr_writefn,
+ .raw_readfn = pmevcntr_rawread,
+ .raw_writefn = pmevcntr_rawwrite },
+ { .name = pmevtyper_name, .cp = 15, .crn = 14,
+ .crm = 12 | (3 & (i >> 3)), .opc1 = 0, .opc2 = i & 7,
+ .access = PL0_RW, .type = ARM_CP_IO | ARM_CP_ALIAS,
+ .fgt = FGT_PMEVTYPERN_EL0,
+ .readfn = pmevtyper_readfn, .writefn = pmevtyper_writefn,
+ .accessfn = pmreg_access },
+ { .name = pmevtyper_el0_name, .state = ARM_CP_STATE_AA64,
+ .opc0 = 3, .opc1 = 3, .crn = 14, .crm = 12 | (3 & (i >> 3)),
+ .opc2 = i & 7, .access = PL0_RW, .accessfn = pmreg_access,
+ .fgt = FGT_PMEVTYPERN_EL0,
+ .type = ARM_CP_IO,
+ .readfn = pmevtyper_readfn, .writefn = pmevtyper_writefn,
+ .raw_writefn = pmevtyper_rawwrite },
+ };
+ define_arm_cp_regs(cpu, pmev_regs);
+ }
+ }
+ if (arm_feature(env, ARM_FEATURE_V7VE)) {
+ define_arm_cp_regs(cpu, pmovsset_cp_reginfo);
+ }
+
+ if (arm_feature(env, ARM_FEATURE_V8)) {
+ const ARMCPRegInfo v8_pm_reginfo[] = {
+ { .name = "PMCEID0", .state = ARM_CP_STATE_AA32,
+ .cp = 15, .opc1 = 0, .crn = 9, .crm = 12, .opc2 = 6,
+ .access = PL0_R, .accessfn = pmreg_access, .type = ARM_CP_CONST,
+ .fgt = FGT_PMCEIDN_EL0,
+ .resetvalue = extract64(cpu->pmceid0, 0, 32) },
+ { .name = "PMCEID0_EL0", .state = ARM_CP_STATE_AA64,
+ .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 12, .opc2 = 6,
+ .access = PL0_R, .accessfn = pmreg_access, .type = ARM_CP_CONST,
+ .fgt = FGT_PMCEIDN_EL0,
+ .resetvalue = cpu->pmceid0 },
+ { .name = "PMCEID1", .state = ARM_CP_STATE_AA32,
+ .cp = 15, .opc1 = 0, .crn = 9, .crm = 12, .opc2 = 7,
+ .access = PL0_R, .accessfn = pmreg_access, .type = ARM_CP_CONST,
+ .fgt = FGT_PMCEIDN_EL0,
+ .resetvalue = extract64(cpu->pmceid1, 0, 32) },
+ { .name = "PMCEID1_EL0", .state = ARM_CP_STATE_AA64,
+ .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 12, .opc2 = 7,
+ .access = PL0_R, .accessfn = pmreg_access, .type = ARM_CP_CONST,
+ .fgt = FGT_PMCEIDN_EL0,
+ .resetvalue = cpu->pmceid1 },
+ };
+ define_arm_cp_regs(cpu, v8_pm_reginfo);
+ }
+
+ if (cpu_isar_feature(aa32_pmuv3p1, cpu)) {
+ ARMCPRegInfo v81_pmu_regs[] = {
+ { .name = "PMCEID2", .state = ARM_CP_STATE_AA32,
+ .cp = 15, .opc1 = 0, .crn = 9, .crm = 14, .opc2 = 4,
+ .access = PL0_R, .accessfn = pmreg_access, .type = ARM_CP_CONST,
+ .fgt = FGT_PMCEIDN_EL0,
+ .resetvalue = extract64(cpu->pmceid0, 32, 32) },
+ { .name = "PMCEID3", .state = ARM_CP_STATE_AA32,
+ .cp = 15, .opc1 = 0, .crn = 9, .crm = 14, .opc2 = 5,
+ .access = PL0_R, .accessfn = pmreg_access, .type = ARM_CP_CONST,
+ .fgt = FGT_PMCEIDN_EL0,
+ .resetvalue = extract64(cpu->pmceid1, 32, 32) },
+ };
+ define_arm_cp_regs(cpu, v81_pmu_regs);
+ }
+
+ if (cpu_isar_feature(any_pmuv3p4, cpu)) {
+ static const ARMCPRegInfo v84_pmmir = {
+ .name = "PMMIR_EL1", .state = ARM_CP_STATE_BOTH,
+ .opc0 = 3, .opc1 = 0, .crn = 9, .crm = 14, .opc2 = 6,
+ .access = PL1_R, .accessfn = pmreg_access, .type = ARM_CP_CONST,
+ .fgt = FGT_PMMIR_EL1,
+ .resetvalue = 0
+ };
+ define_one_arm_cp_reg(cpu, &v84_pmmir);
+ }
+}
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 0883246905f..0c1299ff841 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -38,11 +38,9 @@
#define HELPER_H "tcg/helper.h"
#include "exec/helper-proto.h.inc"
-#define ARM_CPU_FREQ 1000000000 /* FIXME: 1 GHz, should be configurable */
-
static void switch_mode(CPUARMState *env, int mode);
-static uint64_t raw_read(CPUARMState *env, const ARMCPRegInfo *ri)
+uint64_t raw_read(CPUARMState *env, const ARMCPRegInfo *ri)
{
assert(ri->fieldoffset);
if (cpreg_field_is_64bit(ri)) {
@@ -319,25 +317,6 @@ static CPAccessResult access_trap_aa32s_el1(CPUARMState *env,
return CP_ACCESS_UNDEFINED;
}
-/*
- * Check for traps to performance monitor registers, which are controlled
- * by MDCR_EL2.TPM for EL2 and MDCR_EL3.TPM for EL3.
- */
-static CPAccessResult access_tpm(CPUARMState *env, const ARMCPRegInfo *ri,
- bool isread)
-{
- int el = arm_current_el(env);
- uint64_t mdcr_el2 = arm_mdcr_el2_eff(env);
-
- if (el < 2 && (mdcr_el2 & MDCR_TPM)) {
- return CP_ACCESS_TRAP_EL2;
- }
- if (el < 3 && (env->cp15.mdcr_el3 & MDCR_TPM)) {
- return CP_ACCESS_TRAP_EL3;
- }
- return CP_ACCESS_OK;
-}
-
/* Check for traps from EL1 due to HCR_EL2.TVM and HCR_EL2.TRVM. */
CPAccessResult access_tvm_trvm(CPUARMState *env, const ARMCPRegInfo *ri,
bool isread)
@@ -681,283 +660,6 @@ static const ARMCPRegInfo v6_cp_reginfo[] = {
.resetfn = cpacr_reset, .writefn = cpacr_write, .readfn = cpacr_read },
};
-typedef struct pm_event {
- uint16_t number; /* PMEVTYPER.evtCount is 16 bits wide */
- /* If the event is supported on this CPU (used to generate PMCEID[01]) */
- bool (*supported)(CPUARMState *);
- /*
- * Retrieve the current count of the underlying event. The programmed
- * counters hold a difference from the return value from this function
- */
- uint64_t (*get_count)(CPUARMState *);
- /*
- * Return how many nanoseconds it will take (at a minimum) for count events
- * to occur. A negative value indicates the counter will never overflow, or
- * that the counter has otherwise arranged for the overflow bit to be set
- * and the PMU interrupt to be raised on overflow.
- */
- int64_t (*ns_per_count)(uint64_t);
-} pm_event;
-
-static bool event_always_supported(CPUARMState *env)
-{
- return true;
-}
-
-static uint64_t swinc_get_count(CPUARMState *env)
-{
- /*
- * SW_INCR events are written directly to the pmevcntr's by writes to
- * PMSWINC, so there is no underlying count maintained by the PMU itself
- */
- return 0;
-}
-
-static int64_t swinc_ns_per(uint64_t ignored)
-{
- return -1;
-}
-
-/*
- * Return the underlying cycle count for the PMU cycle counters. If we're in
- * usermode, simply return 0.
- */
-static uint64_t cycles_get_count(CPUARMState *env)
-{
-#ifndef CONFIG_USER_ONLY
- return muldiv64(qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL),
- ARM_CPU_FREQ, NANOSECONDS_PER_SECOND);
-#else
- return cpu_get_host_ticks();
-#endif
-}
-
-#ifndef CONFIG_USER_ONLY
-static int64_t cycles_ns_per(uint64_t cycles)
-{
- return (ARM_CPU_FREQ / NANOSECONDS_PER_SECOND) * cycles;
-}
-
-static bool instructions_supported(CPUARMState *env)
-{
- /* Precise instruction counting */
- return icount_enabled() == ICOUNT_PRECISE;
-}
-
-static uint64_t instructions_get_count(CPUARMState *env)
-{
- assert(icount_enabled() == ICOUNT_PRECISE);
- return (uint64_t)icount_get_raw();
-}
-
-static int64_t instructions_ns_per(uint64_t icount)
-{
- assert(icount_enabled() == ICOUNT_PRECISE);
- return icount_to_ns((int64_t)icount);
-}
-#endif
-
-static bool pmuv3p1_events_supported(CPUARMState *env)
-{
- /* For events which are supported in any v8.1 PMU */
- return cpu_isar_feature(any_pmuv3p1, env_archcpu(env));
-}
-
-static bool pmuv3p4_events_supported(CPUARMState *env)
-{
- /* For events which are supported in any v8.1 PMU */
- return cpu_isar_feature(any_pmuv3p4, env_archcpu(env));
-}
-
-static uint64_t zero_event_get_count(CPUARMState *env)
-{
- /* For events which on QEMU never fire, so their count is always zero */
- return 0;
-}
-
-static int64_t zero_event_ns_per(uint64_t cycles)
-{
- /* An event which never fires can never overflow */
- return -1;
-}
-
-static const pm_event pm_events[] = {
- { .number = 0x000, /* SW_INCR */
- .supported = event_always_supported,
- .get_count = swinc_get_count,
- .ns_per_count = swinc_ns_per,
- },
-#ifndef CONFIG_USER_ONLY
- { .number = 0x008, /* INST_RETIRED, Instruction architecturally executed */
- .supported = instructions_supported,
- .get_count = instructions_get_count,
- .ns_per_count = instructions_ns_per,
- },
- { .number = 0x011, /* CPU_CYCLES, Cycle */
- .supported = event_always_supported,
- .get_count = cycles_get_count,
- .ns_per_count = cycles_ns_per,
- },
-#endif
- { .number = 0x023, /* STALL_FRONTEND */
- .supported = pmuv3p1_events_supported,
- .get_count = zero_event_get_count,
- .ns_per_count = zero_event_ns_per,
- },
- { .number = 0x024, /* STALL_BACKEND */
- .supported = pmuv3p1_events_supported,
- .get_count = zero_event_get_count,
- .ns_per_count = zero_event_ns_per,
- },
- { .number = 0x03c, /* STALL */
- .supported = pmuv3p4_events_supported,
- .get_count = zero_event_get_count,
- .ns_per_count = zero_event_ns_per,
- },
-};
-
-/*
- * Note: Before increasing MAX_EVENT_ID beyond 0x3f into the 0x40xx range of
- * events (i.e. the statistical profiling extension), this implementation
- * should first be updated to something sparse instead of the current
- * supported_event_map[] array.
- */
-#define MAX_EVENT_ID 0x3c
-#define UNSUPPORTED_EVENT UINT16_MAX
-static uint16_t supported_event_map[MAX_EVENT_ID + 1];
-
-/*
- * Called upon CPU initialization to initialize PMCEID[01]_EL0 and build a map
- * of ARM event numbers to indices in our pm_events array.
- *
- * Note: Events in the 0x40XX range are not currently supported.
- */
-void pmu_init(ARMCPU *cpu)
-{
- unsigned int i;
-
- /*
- * Empty supported_event_map and cpu->pmceid[01] before adding supported
- * events to them
- */
- for (i = 0; i < ARRAY_SIZE(supported_event_map); i++) {
- supported_event_map[i] = UNSUPPORTED_EVENT;
- }
- cpu->pmceid0 = 0;
- cpu->pmceid1 = 0;
-
- for (i = 0; i < ARRAY_SIZE(pm_events); i++) {
- const pm_event *cnt = &pm_events[i];
- assert(cnt->number <= MAX_EVENT_ID);
- /* We do not currently support events in the 0x40xx range */
- assert(cnt->number <= 0x3f);
-
- if (cnt->supported(&cpu->env)) {
- supported_event_map[cnt->number] = i;
- uint64_t event_mask = 1ULL << (cnt->number & 0x1f);
- if (cnt->number & 0x20) {
- cpu->pmceid1 |= event_mask;
- } else {
- cpu->pmceid0 |= event_mask;
- }
- }
- }
-}
-
-/*
- * Check at runtime whether a PMU event is supported for the current machine
- */
-static bool event_supported(uint16_t number)
-{
- if (number > MAX_EVENT_ID) {
- return false;
- }
- return supported_event_map[number] != UNSUPPORTED_EVENT;
-}
-
-static CPAccessResult pmreg_access(CPUARMState *env, const ARMCPRegInfo *ri,
- bool isread)
-{
- /*
- * Performance monitor registers user accessibility is controlled
- * by PMUSERENR. MDCR_EL2.TPM and MDCR_EL3.TPM allow configurable
- * trapping to EL2 or EL3 for other accesses.
- */
- int el = arm_current_el(env);
- uint64_t mdcr_el2 = arm_mdcr_el2_eff(env);
-
- if (el == 0 && !(env->cp15.c9_pmuserenr & 1)) {
- return CP_ACCESS_TRAP_EL1;
- }
- if (el < 2 && (mdcr_el2 & MDCR_TPM)) {
- return CP_ACCESS_TRAP_EL2;
- }
- if (el < 3 && (env->cp15.mdcr_el3 & MDCR_TPM)) {
- return CP_ACCESS_TRAP_EL3;
- }
-
- return CP_ACCESS_OK;
-}
-
-static CPAccessResult pmreg_access_xevcntr(CPUARMState *env,
- const ARMCPRegInfo *ri,
- bool isread)
-{
- /* ER: event counter read trap control */
- if (arm_feature(env, ARM_FEATURE_V8)
- && arm_current_el(env) == 0
- && (env->cp15.c9_pmuserenr & (1 << 3)) != 0
- && isread) {
- return CP_ACCESS_OK;
- }
-
- return pmreg_access(env, ri, isread);
-}
-
-static CPAccessResult pmreg_access_swinc(CPUARMState *env,
- const ARMCPRegInfo *ri,
- bool isread)
-{
- /* SW: software increment write trap control */
- if (arm_feature(env, ARM_FEATURE_V8)
- && arm_current_el(env) == 0
- && (env->cp15.c9_pmuserenr & (1 << 1)) != 0
- && !isread) {
- return CP_ACCESS_OK;
- }
-
- return pmreg_access(env, ri, isread);
-}
-
-static CPAccessResult pmreg_access_selr(CPUARMState *env,
- const ARMCPRegInfo *ri,
- bool isread)
-{
- /* ER: event counter read trap control */
- if (arm_feature(env, ARM_FEATURE_V8)
- && arm_current_el(env) == 0
- && (env->cp15.c9_pmuserenr & (1 << 3)) != 0) {
- return CP_ACCESS_OK;
- }
-
- return pmreg_access(env, ri, isread);
-}
-
-static CPAccessResult pmreg_access_ccntr(CPUARMState *env,
- const ARMCPRegInfo *ri,
- bool isread)
-{
- /* CR: cycle counter read trap control */
- if (arm_feature(env, ARM_FEATURE_V8)
- && arm_current_el(env) == 0
- && (env->cp15.c9_pmuserenr & (1 << 2)) != 0
- && isread) {
- return CP_ACCESS_OK;
- }
-
- return pmreg_access(env, ri, isread);
-}
-
/*
* Bits in MDCR_EL2 and MDCR_EL3 which pmu_counter_enabled() looks at.
* We use these to decide whether we need to wrap a write to MDCR_EL2
@@ -967,684 +669,6 @@ static CPAccessResult pmreg_access_ccntr(CPUARMState *env,
(MDCR_HPME | MDCR_HPMD | MDCR_HPMN | MDCR_HCCD | MDCR_HLP)
#define MDCR_EL3_PMU_ENABLE_BITS (MDCR_SPME | MDCR_SCCD)
-/*
- * Returns true if the counter (pass 31 for PMCCNTR) should count events using
- * the current EL, security state, and register configuration.
- */
-static bool pmu_counter_enabled(CPUARMState *env, uint8_t counter)
-{
- uint64_t filter;
- bool e, p, u, nsk, nsu, nsh, m;
- bool enabled, prohibited = false, filtered;
- bool secure = arm_is_secure(env);
- int el = arm_current_el(env);
- uint64_t mdcr_el2;
- uint8_t hpmn;
-
- /*
- * We might be called for M-profile cores where MDCR_EL2 doesn't
- * exist and arm_mdcr_el2_eff() will assert, so this early-exit check
- * must be before we read that value.
- */
- if (!arm_feature(env, ARM_FEATURE_PMU)) {
- return false;
- }
-
- mdcr_el2 = arm_mdcr_el2_eff(env);
- hpmn = mdcr_el2 & MDCR_HPMN;
-
- if (!arm_feature(env, ARM_FEATURE_EL2) ||
- (counter < hpmn || counter == 31)) {
- e = env->cp15.c9_pmcr & PMCRE;
- } else {
- e = mdcr_el2 & MDCR_HPME;
- }
- enabled = e && (env->cp15.c9_pmcnten & (1 << counter));
-
- /* Is event counting prohibited? */
- if (el == 2 && (counter < hpmn || counter == 31)) {
- prohibited = mdcr_el2 & MDCR_HPMD;
- }
- if (secure) {
- prohibited = prohibited || !(env->cp15.mdcr_el3 & MDCR_SPME);
- }
-
- if (counter == 31) {
- /*
- * The cycle counter defaults to running. PMCR.DP says "disable
- * the cycle counter when event counting is prohibited".
- * Some MDCR bits disable the cycle counter specifically.
- */
- prohibited = prohibited && env->cp15.c9_pmcr & PMCRDP;
- if (cpu_isar_feature(any_pmuv3p5, env_archcpu(env))) {
- if (secure) {
- prohibited = prohibited || (env->cp15.mdcr_el3 & MDCR_SCCD);
- }
- if (el == 2) {
- prohibited = prohibited || (mdcr_el2 & MDCR_HCCD);
- }
- }
- }
-
- if (counter == 31) {
- filter = env->cp15.pmccfiltr_el0;
- } else {
- filter = env->cp15.c14_pmevtyper[counter];
- }
-
- p = filter & PMXEVTYPER_P;
- u = filter & PMXEVTYPER_U;
- nsk = arm_feature(env, ARM_FEATURE_EL3) && (filter & PMXEVTYPER_NSK);
- nsu = arm_feature(env, ARM_FEATURE_EL3) && (filter & PMXEVTYPER_NSU);
- nsh = arm_feature(env, ARM_FEATURE_EL2) && (filter & PMXEVTYPER_NSH);
- m = arm_el_is_aa64(env, 1) &&
- arm_feature(env, ARM_FEATURE_EL3) && (filter & PMXEVTYPER_M);
-
- if (el == 0) {
- filtered = secure ? u : u != nsu;
- } else if (el == 1) {
- filtered = secure ? p : p != nsk;
- } else if (el == 2) {
- filtered = !nsh;
- } else { /* EL3 */
- filtered = m != p;
- }
-
- if (counter != 31) {
- /*
- * If not checking PMCCNTR, ensure the counter is setup to an event we
- * support
- */
- uint16_t event = filter & PMXEVTYPER_EVTCOUNT;
- if (!event_supported(event)) {
- return false;
- }
- }
-
- return enabled && !prohibited && !filtered;
-}
-
-static void pmu_update_irq(CPUARMState *env)
-{
- ARMCPU *cpu = env_archcpu(env);
- qemu_set_irq(cpu->pmu_interrupt, (env->cp15.c9_pmcr & PMCRE) &&
- (env->cp15.c9_pminten & env->cp15.c9_pmovsr));
-}
-
-static bool pmccntr_clockdiv_enabled(CPUARMState *env)
-{
- /*
- * Return true if the clock divider is enabled and the cycle counter
- * is supposed to tick only once every 64 clock cycles. This is
- * controlled by PMCR.D, but if PMCR.LC is set to enable the long
- * (64-bit) cycle counter PMCR.D has no effect.
- */
- return (env->cp15.c9_pmcr & (PMCRD | PMCRLC)) == PMCRD;
-}
-
-static bool pmevcntr_is_64_bit(CPUARMState *env, int counter)
-{
- /* Return true if the specified event counter is configured to be 64 bit */
-
- /* This isn't intended to be used with the cycle counter */
- assert(counter < 31);
-
- if (!cpu_isar_feature(any_pmuv3p5, env_archcpu(env))) {
- return false;
- }
-
- if (arm_feature(env, ARM_FEATURE_EL2)) {
- /*
- * MDCR_EL2.HLP still applies even when EL2 is disabled in the
- * current security state, so we don't use arm_mdcr_el2_eff() here.
- */
- bool hlp = env->cp15.mdcr_el2 & MDCR_HLP;
- int hpmn = env->cp15.mdcr_el2 & MDCR_HPMN;
-
- if (counter >= hpmn) {
- return hlp;
- }
- }
- return env->cp15.c9_pmcr & PMCRLP;
-}
-
-/*
- * Ensure c15_ccnt is the guest-visible count so that operations such as
- * enabling/disabling the counter or filtering, modifying the count itself,
- * etc. can be done logically. This is essentially a no-op if the counter is
- * not enabled at the time of the call.
- */
-static void pmccntr_op_start(CPUARMState *env)
-{
- uint64_t cycles = cycles_get_count(env);
-
- if (pmu_counter_enabled(env, 31)) {
- uint64_t eff_cycles = cycles;
- if (pmccntr_clockdiv_enabled(env)) {
- eff_cycles /= 64;
- }
-
- uint64_t new_pmccntr = eff_cycles - env->cp15.c15_ccnt_delta;
-
- uint64_t overflow_mask = env->cp15.c9_pmcr & PMCRLC ? \
- 1ull << 63 : 1ull << 31;
- if (env->cp15.c15_ccnt & ~new_pmccntr & overflow_mask) {
- env->cp15.c9_pmovsr |= (1ULL << 31);
- pmu_update_irq(env);
- }
-
- env->cp15.c15_ccnt = new_pmccntr;
- }
- env->cp15.c15_ccnt_delta = cycles;
-}
-
-/*
- * If PMCCNTR is enabled, recalculate the delta between the clock and the
- * guest-visible count. A call to pmccntr_op_finish should follow every call to
- * pmccntr_op_start.
- */
-static void pmccntr_op_finish(CPUARMState *env)
-{
- if (pmu_counter_enabled(env, 31)) {
-#ifndef CONFIG_USER_ONLY
- /* Calculate when the counter will next overflow */
- uint64_t remaining_cycles = -env->cp15.c15_ccnt;
- if (!(env->cp15.c9_pmcr & PMCRLC)) {
- remaining_cycles = (uint32_t)remaining_cycles;
- }
- int64_t overflow_in = cycles_ns_per(remaining_cycles);
-
- if (overflow_in > 0) {
- int64_t overflow_at;
-
- if (!sadd64_overflow(qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL),
- overflow_in, &overflow_at)) {
- ARMCPU *cpu = env_archcpu(env);
- timer_mod_anticipate_ns(cpu->pmu_timer, overflow_at);
- }
- }
-#endif
-
- uint64_t prev_cycles = env->cp15.c15_ccnt_delta;
- if (pmccntr_clockdiv_enabled(env)) {
- prev_cycles /= 64;
- }
- env->cp15.c15_ccnt_delta = prev_cycles - env->cp15.c15_ccnt;
- }
-}
-
-static void pmevcntr_op_start(CPUARMState *env, uint8_t counter)
-{
-
- uint16_t event = env->cp15.c14_pmevtyper[counter] & PMXEVTYPER_EVTCOUNT;
- uint64_t count = 0;
- if (event_supported(event)) {
- uint16_t event_idx = supported_event_map[event];
- count = pm_events[event_idx].get_count(env);
- }
-
- if (pmu_counter_enabled(env, counter)) {
- uint64_t new_pmevcntr = count - env->cp15.c14_pmevcntr_delta[counter];
- uint64_t overflow_mask = pmevcntr_is_64_bit(env, counter) ?
- 1ULL << 63 : 1ULL << 31;
-
- if (env->cp15.c14_pmevcntr[counter] & ~new_pmevcntr & overflow_mask) {
- env->cp15.c9_pmovsr |= (1 << counter);
- pmu_update_irq(env);
- }
- env->cp15.c14_pmevcntr[counter] = new_pmevcntr;
- }
- env->cp15.c14_pmevcntr_delta[counter] = count;
-}
-
-static void pmevcntr_op_finish(CPUARMState *env, uint8_t counter)
-{
- if (pmu_counter_enabled(env, counter)) {
-#ifndef CONFIG_USER_ONLY
- uint16_t event = env->cp15.c14_pmevtyper[counter] & PMXEVTYPER_EVTCOUNT;
- uint16_t event_idx = supported_event_map[event];
- uint64_t delta = -(env->cp15.c14_pmevcntr[counter] + 1);
- int64_t overflow_in;
-
- if (!pmevcntr_is_64_bit(env, counter)) {
- delta = (uint32_t)delta;
- }
- overflow_in = pm_events[event_idx].ns_per_count(delta);
-
- if (overflow_in > 0) {
- int64_t overflow_at;
-
- if (!sadd64_overflow(qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL),
- overflow_in, &overflow_at)) {
- ARMCPU *cpu = env_archcpu(env);
- timer_mod_anticipate_ns(cpu->pmu_timer, overflow_at);
- }
- }
-#endif
-
- env->cp15.c14_pmevcntr_delta[counter] -=
- env->cp15.c14_pmevcntr[counter];
- }
-}
-
-void pmu_op_start(CPUARMState *env)
-{
- unsigned int i;
- pmccntr_op_start(env);
- for (i = 0; i < pmu_num_counters(env); i++) {
- pmevcntr_op_start(env, i);
- }
-}
-
-void pmu_op_finish(CPUARMState *env)
-{
- unsigned int i;
- pmccntr_op_finish(env);
- for (i = 0; i < pmu_num_counters(env); i++) {
- pmevcntr_op_finish(env, i);
- }
-}
-
-void pmu_pre_el_change(ARMCPU *cpu, void *ignored)
-{
- pmu_op_start(&cpu->env);
-}
-
-void pmu_post_el_change(ARMCPU *cpu, void *ignored)
-{
- pmu_op_finish(&cpu->env);
-}
-
-void arm_pmu_timer_cb(void *opaque)
-{
- ARMCPU *cpu = opaque;
-
- /*
- * Update all the counter values based on the current underlying counts,
- * triggering interrupts to be raised, if necessary. pmu_op_finish() also
- * has the effect of setting the cpu->pmu_timer to the next earliest time a
- * counter may expire.
- */
- pmu_op_start(&cpu->env);
- pmu_op_finish(&cpu->env);
-}
-
-static void pmcr_write(CPUARMState *env, const ARMCPRegInfo *ri,
- uint64_t value)
-{
- pmu_op_start(env);
-
- if (value & PMCRC) {
- /* The counter has been reset */
- env->cp15.c15_ccnt = 0;
- }
-
- if (value & PMCRP) {
- unsigned int i;
- for (i = 0; i < pmu_num_counters(env); i++) {
- env->cp15.c14_pmevcntr[i] = 0;
- }
- }
-
- env->cp15.c9_pmcr &= ~PMCR_WRITABLE_MASK;
- env->cp15.c9_pmcr |= (value & PMCR_WRITABLE_MASK);
-
- pmu_op_finish(env);
-}
-
-static uint64_t pmcr_read(CPUARMState *env, const ARMCPRegInfo *ri)
-{
- uint64_t pmcr = env->cp15.c9_pmcr;
-
- /*
- * If EL2 is implemented and enabled for the current security state, reads
- * of PMCR.N from EL1 or EL0 return the value of MDCR_EL2.HPMN or HDCR.HPMN.
- */
- if (arm_current_el(env) <= 1 && arm_is_el2_enabled(env)) {
- pmcr &= ~PMCRN_MASK;
- pmcr |= (env->cp15.mdcr_el2 & MDCR_HPMN) << PMCRN_SHIFT;
- }
-
- return pmcr;
-}
-
-static void pmswinc_write(CPUARMState *env, const ARMCPRegInfo *ri,
- uint64_t value)
-{
- unsigned int i;
- uint64_t overflow_mask, new_pmswinc;
-
- for (i = 0; i < pmu_num_counters(env); i++) {
- /* Increment a counter's count iff: */
- if ((value & (1 << i)) && /* counter's bit is set */
- /* counter is enabled and not filtered */
- pmu_counter_enabled(env, i) &&
- /* counter is SW_INCR */
- (env->cp15.c14_pmevtyper[i] & PMXEVTYPER_EVTCOUNT) == 0x0) {
- pmevcntr_op_start(env, i);
-
- /*
- * Detect if this write causes an overflow since we can't predict
- * PMSWINC overflows like we can for other events
- */
- new_pmswinc = env->cp15.c14_pmevcntr[i] + 1;
-
- overflow_mask = pmevcntr_is_64_bit(env, i) ?
- 1ULL << 63 : 1ULL << 31;
-
- if (env->cp15.c14_pmevcntr[i] & ~new_pmswinc & overflow_mask) {
- env->cp15.c9_pmovsr |= (1 << i);
- pmu_update_irq(env);
- }
-
- env->cp15.c14_pmevcntr[i] = new_pmswinc;
-
- pmevcntr_op_finish(env, i);
- }
- }
-}
-
-static uint64_t pmccntr_read(CPUARMState *env, const ARMCPRegInfo *ri)
-{
- uint64_t ret;
- pmccntr_op_start(env);
- ret = env->cp15.c15_ccnt;
- pmccntr_op_finish(env);
- return ret;
-}
-
-static void pmselr_write(CPUARMState *env, const ARMCPRegInfo *ri,
- uint64_t value)
-{
- /*
- * The value of PMSELR.SEL affects the behavior of PMXEVTYPER and
- * PMXEVCNTR. We allow [0..31] to be written to PMSELR here; in the
- * meanwhile, we check PMSELR.SEL when PMXEVTYPER and PMXEVCNTR are
- * accessed.
- */
- env->cp15.c9_pmselr = value & 0x1f;
-}
-
-static void pmccntr_write(CPUARMState *env, const ARMCPRegInfo *ri,
- uint64_t value)
-{
- pmccntr_op_start(env);
- env->cp15.c15_ccnt = value;
- pmccntr_op_finish(env);
-}
-
-static void pmccntr_write32(CPUARMState *env, const ARMCPRegInfo *ri,
- uint64_t value)
-{
- uint64_t cur_val = pmccntr_read(env, NULL);
-
- pmccntr_write(env, ri, deposit64(cur_val, 0, 32, value));
-}
-
-static void pmccfiltr_write(CPUARMState *env, const ARMCPRegInfo *ri,
- uint64_t value)
-{
- pmccntr_op_start(env);
- env->cp15.pmccfiltr_el0 = value & PMCCFILTR_EL0;
- pmccntr_op_finish(env);
-}
-
-static void pmccfiltr_write_a32(CPUARMState *env, const ARMCPRegInfo *ri,
- uint64_t value)
-{
- pmccntr_op_start(env);
- /* M is not accessible from AArch32 */
- env->cp15.pmccfiltr_el0 = (env->cp15.pmccfiltr_el0 & PMCCFILTR_M) |
- (value & PMCCFILTR);
- pmccntr_op_finish(env);
-}
-
-static uint64_t pmccfiltr_read_a32(CPUARMState *env, const ARMCPRegInfo *ri)
-{
- /* M is not visible in AArch32 */
- return env->cp15.pmccfiltr_el0 & PMCCFILTR;
-}
-
-static void pmcntenset_write(CPUARMState *env, const ARMCPRegInfo *ri,
- uint64_t value)
-{
- pmu_op_start(env);
- value &= pmu_counter_mask(env);
- env->cp15.c9_pmcnten |= value;
- pmu_op_finish(env);
-}
-
-static void pmcntenclr_write(CPUARMState *env, const ARMCPRegInfo *ri,
- uint64_t value)
-{
- pmu_op_start(env);
- value &= pmu_counter_mask(env);
- env->cp15.c9_pmcnten &= ~value;
- pmu_op_finish(env);
-}
-
-static void pmovsr_write(CPUARMState *env, const ARMCPRegInfo *ri,
- uint64_t value)
-{
- value &= pmu_counter_mask(env);
- env->cp15.c9_pmovsr &= ~value;
- pmu_update_irq(env);
-}
-
-static void pmovsset_write(CPUARMState *env, const ARMCPRegInfo *ri,
- uint64_t value)
-{
- value &= pmu_counter_mask(env);
- env->cp15.c9_pmovsr |= value;
- pmu_update_irq(env);
-}
-
-static void pmevtyper_write(CPUARMState *env, const ARMCPRegInfo *ri,
- uint64_t value, const uint8_t counter)
-{
- if (counter == 31) {
- pmccfiltr_write(env, ri, value);
- } else if (counter < pmu_num_counters(env)) {
- pmevcntr_op_start(env, counter);
-
- /*
- * If this counter's event type is changing, store the current
- * underlying count for the new type in c14_pmevcntr_delta[counter] so
- * pmevcntr_op_finish has the correct baseline when it converts back to
- * a delta.
- */
- uint16_t old_event = env->cp15.c14_pmevtyper[counter] &
- PMXEVTYPER_EVTCOUNT;
- uint16_t new_event = value & PMXEVTYPER_EVTCOUNT;
- if (old_event != new_event) {
- uint64_t count = 0;
- if (event_supported(new_event)) {
- uint16_t event_idx = supported_event_map[new_event];
- count = pm_events[event_idx].get_count(env);
- }
- env->cp15.c14_pmevcntr_delta[counter] = count;
- }
-
- env->cp15.c14_pmevtyper[counter] = value & PMXEVTYPER_MASK;
- pmevcntr_op_finish(env, counter);
- }
- /*
- * Attempts to access PMXEVTYPER are CONSTRAINED UNPREDICTABLE when
- * PMSELR value is equal to or greater than the number of implemented
- * counters, but not equal to 0x1f. We opt to behave as a RAZ/WI.
- */
-}
-
-static uint64_t pmevtyper_read(CPUARMState *env, const ARMCPRegInfo *ri,
- const uint8_t counter)
-{
- if (counter == 31) {
- return env->cp15.pmccfiltr_el0;
- } else if (counter < pmu_num_counters(env)) {
- return env->cp15.c14_pmevtyper[counter];
- } else {
- /*
- * We opt to behave as a RAZ/WI when attempts to access PMXEVTYPER
- * are CONSTRAINED UNPREDICTABLE. See comments in pmevtyper_write().
- */
- return 0;
- }
-}
-
-static void pmevtyper_writefn(CPUARMState *env, const ARMCPRegInfo *ri,
- uint64_t value)
-{
- uint8_t counter = ((ri->crm & 3) << 3) | (ri->opc2 & 7);
- pmevtyper_write(env, ri, value, counter);
-}
-
-static void pmevtyper_rawwrite(CPUARMState *env, const ARMCPRegInfo *ri,
- uint64_t value)
-{
- uint8_t counter = ((ri->crm & 3) << 3) | (ri->opc2 & 7);
- env->cp15.c14_pmevtyper[counter] = value;
-
- /*
- * pmevtyper_rawwrite is called between a pair of pmu_op_start and
- * pmu_op_finish calls when loading saved state for a migration. Because
- * we're potentially updating the type of event here, the value written to
- * c14_pmevcntr_delta by the preceding pmu_op_start call may be for a
- * different counter type. Therefore, we need to set this value to the
- * current count for the counter type we're writing so that pmu_op_finish
- * has the correct count for its calculation.
- */
- uint16_t event = value & PMXEVTYPER_EVTCOUNT;
- if (event_supported(event)) {
- uint16_t event_idx = supported_event_map[event];
- env->cp15.c14_pmevcntr_delta[counter] =
- pm_events[event_idx].get_count(env);
- }
-}
-
-static uint64_t pmevtyper_readfn(CPUARMState *env, const ARMCPRegInfo *ri)
-{
- uint8_t counter = ((ri->crm & 3) << 3) | (ri->opc2 & 7);
- return pmevtyper_read(env, ri, counter);
-}
-
-static void pmxevtyper_write(CPUARMState *env, const ARMCPRegInfo *ri,
- uint64_t value)
-{
- pmevtyper_write(env, ri, value, env->cp15.c9_pmselr & 31);
-}
-
-static uint64_t pmxevtyper_read(CPUARMState *env, const ARMCPRegInfo *ri)
-{
- return pmevtyper_read(env, ri, env->cp15.c9_pmselr & 31);
-}
-
-static void pmevcntr_write(CPUARMState *env, const ARMCPRegInfo *ri,
- uint64_t value, uint8_t counter)
-{
- if (!cpu_isar_feature(any_pmuv3p5, env_archcpu(env))) {
- /* Before FEAT_PMUv3p5, top 32 bits of event counters are RES0 */
- value &= MAKE_64BIT_MASK(0, 32);
- }
- if (counter < pmu_num_counters(env)) {
- pmevcntr_op_start(env, counter);
- env->cp15.c14_pmevcntr[counter] = value;
- pmevcntr_op_finish(env, counter);
- }
- /*
- * We opt to behave as a RAZ/WI when attempts to access PM[X]EVCNTR
- * are CONSTRAINED UNPREDICTABLE.
- */
-}
-
-static uint64_t pmevcntr_read(CPUARMState *env, const ARMCPRegInfo *ri,
- uint8_t counter)
-{
- if (counter < pmu_num_counters(env)) {
- uint64_t ret;
- pmevcntr_op_start(env, counter);
- ret = env->cp15.c14_pmevcntr[counter];
- pmevcntr_op_finish(env, counter);
- if (!cpu_isar_feature(any_pmuv3p5, env_archcpu(env))) {
- /* Before FEAT_PMUv3p5, top 32 bits of event counters are RES0 */
- ret &= MAKE_64BIT_MASK(0, 32);
- }
- return ret;
- } else {
- /*
- * We opt to behave as a RAZ/WI when attempts to access PM[X]EVCNTR
- * are CONSTRAINED UNPREDICTABLE.
- */
- return 0;
- }
-}
-
-static void pmevcntr_writefn(CPUARMState *env, const ARMCPRegInfo *ri,
- uint64_t value)
-{
- uint8_t counter = ((ri->crm & 3) << 3) | (ri->opc2 & 7);
- pmevcntr_write(env, ri, value, counter);
-}
-
-static uint64_t pmevcntr_readfn(CPUARMState *env, const ARMCPRegInfo *ri)
-{
- uint8_t counter = ((ri->crm & 3) << 3) | (ri->opc2 & 7);
- return pmevcntr_read(env, ri, counter);
-}
-
-static void pmevcntr_rawwrite(CPUARMState *env, const ARMCPRegInfo *ri,
- uint64_t value)
-{
- uint8_t counter = ((ri->crm & 3) << 3) | (ri->opc2 & 7);
- assert(counter < pmu_num_counters(env));
- env->cp15.c14_pmevcntr[counter] = value;
- pmevcntr_write(env, ri, value, counter);
-}
-
-static uint64_t pmevcntr_rawread(CPUARMState *env, const ARMCPRegInfo *ri)
-{
- uint8_t counter = ((ri->crm & 3) << 3) | (ri->opc2 & 7);
- assert(counter < pmu_num_counters(env));
- return env->cp15.c14_pmevcntr[counter];
-}
-
-static void pmxevcntr_write(CPUARMState *env, const ARMCPRegInfo *ri,
- uint64_t value)
-{
- pmevcntr_write(env, ri, value, env->cp15.c9_pmselr & 31);
-}
-
-static uint64_t pmxevcntr_read(CPUARMState *env, const ARMCPRegInfo *ri)
-{
- return pmevcntr_read(env, ri, env->cp15.c9_pmselr & 31);
-}
-
-static void pmuserenr_write(CPUARMState *env, const ARMCPRegInfo *ri,
- uint64_t value)
-{
- if (arm_feature(env, ARM_FEATURE_V8)) {
- env->cp15.c9_pmuserenr = value & 0xf;
- } else {
- env->cp15.c9_pmuserenr = value & 1;
- }
-}
-
-static void pmintenset_write(CPUARMState *env, const ARMCPRegInfo *ri,
- uint64_t value)
-{
- /* We have no event counters so only the C bit can be changed */
- value &= pmu_counter_mask(env);
- env->cp15.c9_pminten |= value;
- pmu_update_irq(env);
-}
-
-static void pmintenclr_write(CPUARMState *env, const ARMCPRegInfo *ri,
- uint64_t value)
-{
- value &= pmu_counter_mask(env);
- env->cp15.c9_pminten &= ~value;
- pmu_update_irq(env);
-}
-
static void vbar_write(CPUARMState *env, const ARMCPRegInfo *ri,
uint64_t value)
{
@@ -1874,171 +898,6 @@ static const ARMCPRegInfo v7_cp_reginfo[] = {
/* the old v6 WFI, UNPREDICTABLE in v7 but we choose to NOP */
{ .name = "NOP", .cp = 15, .crn = 7, .crm = 0, .opc1 = 0, .opc2 = 4,
.access = PL1_W, .type = ARM_CP_NOP },
- /*
- * Performance monitors are implementation defined in v7,
- * but with an ARM recommended set of registers, which we
- * follow.
- *
- * Performance registers fall into three categories:
- * (a) always UNDEF in PL0, RW in PL1 (PMINTENSET, PMINTENCLR)
- * (b) RO in PL0 (ie UNDEF on write), RW in PL1 (PMUSERENR)
- * (c) UNDEF in PL0 if PMUSERENR.EN==0, otherwise accessible (all others)
- * For the cases controlled by PMUSERENR we must set .access to PL0_RW
- * or PL0_RO as appropriate and then check PMUSERENR in the helper fn.
- */
- { .name = "PMCNTENSET", .cp = 15, .crn = 9, .crm = 12, .opc1 = 0, .opc2 = 1,
- .access = PL0_RW, .type = ARM_CP_ALIAS | ARM_CP_IO,
- .fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pmcnten),
- .writefn = pmcntenset_write,
- .accessfn = pmreg_access,
- .fgt = FGT_PMCNTEN,
- .raw_writefn = raw_write },
- { .name = "PMCNTENSET_EL0", .state = ARM_CP_STATE_AA64, .type = ARM_CP_IO,
- .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 12, .opc2 = 1,
- .access = PL0_RW, .accessfn = pmreg_access,
- .fgt = FGT_PMCNTEN,
- .fieldoffset = offsetof(CPUARMState, cp15.c9_pmcnten), .resetvalue = 0,
- .writefn = pmcntenset_write, .raw_writefn = raw_write },
- { .name = "PMCNTENCLR", .cp = 15, .crn = 9, .crm = 12, .opc1 = 0, .opc2 = 2,
- .access = PL0_RW,
- .fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pmcnten),
- .accessfn = pmreg_access,
- .fgt = FGT_PMCNTEN,
- .writefn = pmcntenclr_write, .raw_writefn = raw_write,
- .type = ARM_CP_ALIAS | ARM_CP_IO },
- { .name = "PMCNTENCLR_EL0", .state = ARM_CP_STATE_AA64,
- .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 12, .opc2 = 2,
- .access = PL0_RW, .accessfn = pmreg_access,
- .fgt = FGT_PMCNTEN,
- .type = ARM_CP_ALIAS | ARM_CP_IO,
- .fieldoffset = offsetof(CPUARMState, cp15.c9_pmcnten),
- .writefn = pmcntenclr_write, .raw_writefn = raw_write },
- { .name = "PMOVSR", .cp = 15, .crn = 9, .crm = 12, .opc1 = 0, .opc2 = 3,
- .access = PL0_RW, .type = ARM_CP_IO,
- .fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pmovsr),
- .accessfn = pmreg_access,
- .fgt = FGT_PMOVS,
- .writefn = pmovsr_write,
- .raw_writefn = raw_write },
- { .name = "PMOVSCLR_EL0", .state = ARM_CP_STATE_AA64,
- .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 12, .opc2 = 3,
- .access = PL0_RW, .accessfn = pmreg_access,
- .fgt = FGT_PMOVS,
- .type = ARM_CP_ALIAS | ARM_CP_IO,
- .fieldoffset = offsetof(CPUARMState, cp15.c9_pmovsr),
- .writefn = pmovsr_write,
- .raw_writefn = raw_write },
- { .name = "PMSWINC", .cp = 15, .crn = 9, .crm = 12, .opc1 = 0, .opc2 = 4,
- .access = PL0_W, .accessfn = pmreg_access_swinc,
- .fgt = FGT_PMSWINC_EL0,
- .type = ARM_CP_NO_RAW | ARM_CP_IO,
- .writefn = pmswinc_write },
- { .name = "PMSWINC_EL0", .state = ARM_CP_STATE_AA64,
- .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 12, .opc2 = 4,
- .access = PL0_W, .accessfn = pmreg_access_swinc,
- .fgt = FGT_PMSWINC_EL0,
- .type = ARM_CP_NO_RAW | ARM_CP_IO,
- .writefn = pmswinc_write },
- { .name = "PMSELR", .cp = 15, .crn = 9, .crm = 12, .opc1 = 0, .opc2 = 5,
- .access = PL0_RW, .type = ARM_CP_ALIAS,
- .fgt = FGT_PMSELR_EL0,
- .fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pmselr),
- .accessfn = pmreg_access_selr, .writefn = pmselr_write,
- .raw_writefn = raw_write},
- { .name = "PMSELR_EL0", .state = ARM_CP_STATE_AA64,
- .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 12, .opc2 = 5,
- .access = PL0_RW, .accessfn = pmreg_access_selr,
- .fgt = FGT_PMSELR_EL0,
- .fieldoffset = offsetof(CPUARMState, cp15.c9_pmselr),
- .writefn = pmselr_write, .raw_writefn = raw_write, },
- { .name = "PMCCNTR", .cp = 15, .crn = 9, .crm = 13, .opc1 = 0, .opc2 = 0,
- .access = PL0_RW, .resetvalue = 0, .type = ARM_CP_ALIAS | ARM_CP_IO,
- .fgt = FGT_PMCCNTR_EL0,
- .readfn = pmccntr_read, .writefn = pmccntr_write32,
- .accessfn = pmreg_access_ccntr },
- { .name = "PMCCNTR_EL0", .state = ARM_CP_STATE_AA64,
- .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 13, .opc2 = 0,
- .access = PL0_RW, .accessfn = pmreg_access_ccntr,
- .fgt = FGT_PMCCNTR_EL0,
- .type = ARM_CP_IO,
- .fieldoffset = offsetof(CPUARMState, cp15.c15_ccnt),
- .readfn = pmccntr_read, .writefn = pmccntr_write,
- .raw_readfn = raw_read, .raw_writefn = raw_write, },
- { .name = "PMCCFILTR", .cp = 15, .opc1 = 0, .crn = 14, .crm = 15, .opc2 = 7,
- .writefn = pmccfiltr_write_a32, .readfn = pmccfiltr_read_a32,
- .access = PL0_RW, .accessfn = pmreg_access,
- .fgt = FGT_PMCCFILTR_EL0,
- .type = ARM_CP_ALIAS | ARM_CP_IO,
- .resetvalue = 0, },
- { .name = "PMCCFILTR_EL0", .state = ARM_CP_STATE_AA64,
- .opc0 = 3, .opc1 = 3, .crn = 14, .crm = 15, .opc2 = 7,
- .writefn = pmccfiltr_write, .raw_writefn = raw_write,
- .access = PL0_RW, .accessfn = pmreg_access,
- .fgt = FGT_PMCCFILTR_EL0,
- .type = ARM_CP_IO,
- .fieldoffset = offsetof(CPUARMState, cp15.pmccfiltr_el0),
- .resetvalue = 0, },
- { .name = "PMXEVTYPER", .cp = 15, .crn = 9, .crm = 13, .opc1 = 0, .opc2 = 1,
- .access = PL0_RW, .type = ARM_CP_NO_RAW | ARM_CP_IO,
- .accessfn = pmreg_access,
- .fgt = FGT_PMEVTYPERN_EL0,
- .writefn = pmxevtyper_write, .readfn = pmxevtyper_read },
- { .name = "PMXEVTYPER_EL0", .state = ARM_CP_STATE_AA64,
- .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 13, .opc2 = 1,
- .access = PL0_RW, .type = ARM_CP_NO_RAW | ARM_CP_IO,
- .accessfn = pmreg_access,
- .fgt = FGT_PMEVTYPERN_EL0,
- .writefn = pmxevtyper_write, .readfn = pmxevtyper_read },
- { .name = "PMXEVCNTR", .cp = 15, .crn = 9, .crm = 13, .opc1 = 0, .opc2 = 2,
- .access = PL0_RW, .type = ARM_CP_NO_RAW | ARM_CP_IO,
- .accessfn = pmreg_access_xevcntr,
- .fgt = FGT_PMEVCNTRN_EL0,
- .writefn = pmxevcntr_write, .readfn = pmxevcntr_read },
- { .name = "PMXEVCNTR_EL0", .state = ARM_CP_STATE_AA64,
- .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 13, .opc2 = 2,
- .access = PL0_RW, .type = ARM_CP_NO_RAW | ARM_CP_IO,
- .accessfn = pmreg_access_xevcntr,
- .fgt = FGT_PMEVCNTRN_EL0,
- .writefn = pmxevcntr_write, .readfn = pmxevcntr_read },
- { .name = "PMUSERENR", .cp = 15, .crn = 9, .crm = 14, .opc1 = 0, .opc2 = 0,
- .access = PL0_R | PL1_RW, .accessfn = access_tpm,
- .fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pmuserenr),
- .resetvalue = 0,
- .writefn = pmuserenr_write, .raw_writefn = raw_write },
- { .name = "PMUSERENR_EL0", .state = ARM_CP_STATE_AA64,
- .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 14, .opc2 = 0,
- .access = PL0_R | PL1_RW, .accessfn = access_tpm, .type = ARM_CP_ALIAS,
- .fieldoffset = offsetof(CPUARMState, cp15.c9_pmuserenr),
- .resetvalue = 0,
- .writefn = pmuserenr_write, .raw_writefn = raw_write },
- { .name = "PMINTENSET", .cp = 15, .crn = 9, .crm = 14, .opc1 = 0, .opc2 = 1,
- .access = PL1_RW, .accessfn = access_tpm,
- .fgt = FGT_PMINTEN,
- .type = ARM_CP_ALIAS | ARM_CP_IO,
- .fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pminten),
- .resetvalue = 0,
- .writefn = pmintenset_write, .raw_writefn = raw_write },
- { .name = "PMINTENSET_EL1", .state = ARM_CP_STATE_AA64,
- .opc0 = 3, .opc1 = 0, .crn = 9, .crm = 14, .opc2 = 1,
- .access = PL1_RW, .accessfn = access_tpm,
- .fgt = FGT_PMINTEN,
- .type = ARM_CP_IO,
- .fieldoffset = offsetof(CPUARMState, cp15.c9_pminten),
- .writefn = pmintenset_write, .raw_writefn = raw_write,
- .resetvalue = 0x0 },
- { .name = "PMINTENCLR", .cp = 15, .crn = 9, .crm = 14, .opc1 = 0, .opc2 = 2,
- .access = PL1_RW, .accessfn = access_tpm,
- .fgt = FGT_PMINTEN,
- .type = ARM_CP_ALIAS | ARM_CP_IO,
- .fieldoffset = offsetof(CPUARMState, cp15.c9_pminten),
- .writefn = pmintenclr_write, .raw_writefn = raw_write },
- { .name = "PMINTENCLR_EL1", .state = ARM_CP_STATE_AA64,
- .opc0 = 3, .opc1 = 0, .crn = 9, .crm = 14, .opc2 = 2,
- .access = PL1_RW, .accessfn = access_tpm,
- .fgt = FGT_PMINTEN,
- .type = ARM_CP_ALIAS | ARM_CP_IO,
- .fieldoffset = offsetof(CPUARMState, cp15.c9_pminten),
- .writefn = pmintenclr_write, .raw_writefn = raw_write },
{ .name = "CCSIDR", .state = ARM_CP_STATE_BOTH,
.opc0 = 3, .crn = 0, .crm = 0, .opc1 = 1, .opc2 = 0,
.access = PL1_R,
@@ -2121,25 +980,6 @@ static const ARMCPRegInfo v7_cp_reginfo[] = {
.type = ARM_CP_NO_RAW, .access = PL1_R, .readfn = isr_read },
};
-static const ARMCPRegInfo pmovsset_cp_reginfo[] = {
- /* PMOVSSET is not implemented in v7 before v7ve */
- { .name = "PMOVSSET", .cp = 15, .opc1 = 0, .crn = 9, .crm = 14, .opc2 = 3,
- .access = PL0_RW, .accessfn = pmreg_access,
- .fgt = FGT_PMOVS,
- .type = ARM_CP_ALIAS | ARM_CP_IO,
- .fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pmovsr),
- .writefn = pmovsset_write,
- .raw_writefn = raw_write },
- { .name = "PMOVSSET_EL0", .state = ARM_CP_STATE_AA64,
- .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 14, .opc2 = 3,
- .access = PL0_RW, .accessfn = pmreg_access,
- .fgt = FGT_PMOVS,
- .type = ARM_CP_ALIAS | ARM_CP_IO,
- .fieldoffset = offsetof(CPUARMState, cp15.c9_pmovsr),
- .writefn = pmovsset_write,
- .raw_writefn = raw_write },
-};
-
static void teecr_write(CPUARMState *env, const ARMCPRegInfo *ri,
uint64_t value)
{
@@ -6356,105 +5196,6 @@ static const ARMCPRegInfo nmi_reginfo[] = {
.resetfn = arm_cp_reset_ignore },
};
-static void define_pmu_regs(ARMCPU *cpu)
-{
- /*
- * v7 performance monitor control register: same implementor
- * field as main ID register, and we implement four counters in
- * addition to the cycle count register.
- */
- unsigned int i, pmcrn = pmu_num_counters(&cpu->env);
- ARMCPRegInfo pmcr = {
- .name = "PMCR", .cp = 15, .crn = 9, .crm = 12, .opc1 = 0, .opc2 = 0,
- .access = PL0_RW,
- .fgt = FGT_PMCR_EL0,
- .type = ARM_CP_IO | ARM_CP_ALIAS,
- .fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pmcr),
- .accessfn = pmreg_access,
- .readfn = pmcr_read, .raw_readfn = raw_read,
- .writefn = pmcr_write, .raw_writefn = raw_write,
- };
- ARMCPRegInfo pmcr64 = {
- .name = "PMCR_EL0", .state = ARM_CP_STATE_AA64,
- .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 12, .opc2 = 0,
- .access = PL0_RW, .accessfn = pmreg_access,
- .fgt = FGT_PMCR_EL0,
- .type = ARM_CP_IO,
- .fieldoffset = offsetof(CPUARMState, cp15.c9_pmcr),
- .resetvalue = cpu->isar.reset_pmcr_el0,
- .readfn = pmcr_read, .raw_readfn = raw_read,
- .writefn = pmcr_write, .raw_writefn = raw_write,
- };
-
- define_one_arm_cp_reg(cpu, &pmcr);
- define_one_arm_cp_reg(cpu, &pmcr64);
- for (i = 0; i < pmcrn; i++) {
- char *pmevcntr_name = g_strdup_printf("PMEVCNTR%d", i);
- char *pmevcntr_el0_name = g_strdup_printf("PMEVCNTR%d_EL0", i);
- char *pmevtyper_name = g_strdup_printf("PMEVTYPER%d", i);
- char *pmevtyper_el0_name = g_strdup_printf("PMEVTYPER%d_EL0", i);
- ARMCPRegInfo pmev_regs[] = {
- { .name = pmevcntr_name, .cp = 15, .crn = 14,
- .crm = 8 | (3 & (i >> 3)), .opc1 = 0, .opc2 = i & 7,
- .access = PL0_RW, .type = ARM_CP_IO | ARM_CP_ALIAS,
- .fgt = FGT_PMEVCNTRN_EL0,
- .readfn = pmevcntr_readfn, .writefn = pmevcntr_writefn,
- .accessfn = pmreg_access_xevcntr },
- { .name = pmevcntr_el0_name, .state = ARM_CP_STATE_AA64,
- .opc0 = 3, .opc1 = 3, .crn = 14, .crm = 8 | (3 & (i >> 3)),
- .opc2 = i & 7, .access = PL0_RW, .accessfn = pmreg_access_xevcntr,
- .type = ARM_CP_IO,
- .fgt = FGT_PMEVCNTRN_EL0,
- .readfn = pmevcntr_readfn, .writefn = pmevcntr_writefn,
- .raw_readfn = pmevcntr_rawread,
- .raw_writefn = pmevcntr_rawwrite },
- { .name = pmevtyper_name, .cp = 15, .crn = 14,
- .crm = 12 | (3 & (i >> 3)), .opc1 = 0, .opc2 = i & 7,
- .access = PL0_RW, .type = ARM_CP_IO | ARM_CP_ALIAS,
- .fgt = FGT_PMEVTYPERN_EL0,
- .readfn = pmevtyper_readfn, .writefn = pmevtyper_writefn,
- .accessfn = pmreg_access },
- { .name = pmevtyper_el0_name, .state = ARM_CP_STATE_AA64,
- .opc0 = 3, .opc1 = 3, .crn = 14, .crm = 12 | (3 & (i >> 3)),
- .opc2 = i & 7, .access = PL0_RW, .accessfn = pmreg_access,
- .fgt = FGT_PMEVTYPERN_EL0,
- .type = ARM_CP_IO,
- .readfn = pmevtyper_readfn, .writefn = pmevtyper_writefn,
- .raw_writefn = pmevtyper_rawwrite },
- };
- define_arm_cp_regs(cpu, pmev_regs);
- g_free(pmevcntr_name);
- g_free(pmevcntr_el0_name);
- g_free(pmevtyper_name);
- g_free(pmevtyper_el0_name);
- }
- if (cpu_isar_feature(aa32_pmuv3p1, cpu)) {
- ARMCPRegInfo v81_pmu_regs[] = {
- { .name = "PMCEID2", .state = ARM_CP_STATE_AA32,
- .cp = 15, .opc1 = 0, .crn = 9, .crm = 14, .opc2 = 4,
- .access = PL0_R, .accessfn = pmreg_access, .type = ARM_CP_CONST,
- .fgt = FGT_PMCEIDN_EL0,
- .resetvalue = extract64(cpu->pmceid0, 32, 32) },
- { .name = "PMCEID3", .state = ARM_CP_STATE_AA32,
- .cp = 15, .opc1 = 0, .crn = 9, .crm = 14, .opc2 = 5,
- .access = PL0_R, .accessfn = pmreg_access, .type = ARM_CP_CONST,
- .fgt = FGT_PMCEIDN_EL0,
- .resetvalue = extract64(cpu->pmceid1, 32, 32) },
- };
- define_arm_cp_regs(cpu, v81_pmu_regs);
- }
- if (cpu_isar_feature(any_pmuv3p4, cpu)) {
- static const ARMCPRegInfo v84_pmmir = {
- .name = "PMMIR_EL1", .state = ARM_CP_STATE_BOTH,
- .opc0 = 3, .opc1 = 0, .crn = 9, .crm = 14, .opc2 = 6,
- .access = PL1_R, .accessfn = pmreg_access, .type = ARM_CP_CONST,
- .fgt = FGT_PMMIR_EL1,
- .resetvalue = 0
- };
- define_one_arm_cp_reg(cpu, &v84_pmmir);
- }
-}
-
#ifndef CONFIG_USER_ONLY
/*
* We don't know until after realize whether there's a GICv3
@@ -7385,9 +6126,6 @@ void register_cp_regs_for_features(ARMCPU *cpu)
if (arm_feature(env, ARM_FEATURE_V6K)) {
define_arm_cp_regs(cpu, v6k_cp_reginfo);
}
- if (arm_feature(env, ARM_FEATURE_V7VE)) {
- define_arm_cp_regs(cpu, pmovsset_cp_reginfo);
- }
if (arm_feature(env, ARM_FEATURE_V7)) {
ARMCPRegInfo clidr = {
.name = "CLIDR", .state = ARM_CP_STATE_BOTH,
@@ -7400,7 +6138,6 @@ void register_cp_regs_for_features(ARMCPU *cpu)
define_one_arm_cp_reg(cpu, &clidr);
define_arm_cp_regs(cpu, v7_cp_reginfo);
define_debug_regs(cpu);
- define_pmu_regs(cpu);
} else {
define_arm_cp_regs(cpu, not_v7_cp_reginfo);
}
@@ -7656,26 +6393,6 @@ void register_cp_regs_for_features(ARMCPU *cpu)
.access = PL1_R, .type = ARM_CP_CONST,
.accessfn = access_aa64_tid3,
.resetvalue = 0 },
- { .name = "PMCEID0", .state = ARM_CP_STATE_AA32,
- .cp = 15, .opc1 = 0, .crn = 9, .crm = 12, .opc2 = 6,
- .access = PL0_R, .accessfn = pmreg_access, .type = ARM_CP_CONST,
- .fgt = FGT_PMCEIDN_EL0,
- .resetvalue = extract64(cpu->pmceid0, 0, 32) },
- { .name = "PMCEID0_EL0", .state = ARM_CP_STATE_AA64,
- .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 12, .opc2 = 6,
- .access = PL0_R, .accessfn = pmreg_access, .type = ARM_CP_CONST,
- .fgt = FGT_PMCEIDN_EL0,
- .resetvalue = cpu->pmceid0 },
- { .name = "PMCEID1", .state = ARM_CP_STATE_AA32,
- .cp = 15, .opc1 = 0, .crn = 9, .crm = 12, .opc2 = 7,
- .access = PL0_R, .accessfn = pmreg_access, .type = ARM_CP_CONST,
- .fgt = FGT_PMCEIDN_EL0,
- .resetvalue = extract64(cpu->pmceid1, 0, 32) },
- { .name = "PMCEID1_EL0", .state = ARM_CP_STATE_AA64,
- .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 12, .opc2 = 7,
- .access = PL0_R, .accessfn = pmreg_access, .type = ARM_CP_CONST,
- .fgt = FGT_PMCEIDN_EL0,
- .resetvalue = cpu->pmceid1 },
};
#ifdef CONFIG_USER_ONLY
static const ARMCPRegUserSpaceInfo v8_user_idregs[] = {
@@ -8514,6 +7231,8 @@ void register_cp_regs_for_features(ARMCPU *cpu)
define_arm_cp_regs(cpu, ccsidr2_reginfo);
}
+ define_pm_cpregs(cpu);
+
#ifndef CONFIG_USER_ONLY
/*
* Register redirections and aliases must be done last,
diff --git a/target/arm/meson.build b/target/arm/meson.build
index 7aa81e30aba..07d9271aa4d 100644
--- a/target/arm/meson.build
+++ b/target/arm/meson.build
@@ -22,6 +22,7 @@ arm_user_ss.add(when: 'TARGET_AARCH64', if_false: files(
'cpu32-stubs.c',
))
arm_user_ss.add(files(
+ 'cpregs-pmu.c',
'debug_helper.c',
'helper.c',
'vfp_fpscr.c',
@@ -36,6 +37,7 @@ arm_common_system_ss.add(files(
'arch_dump.c',
'arm-powerctl.c',
'cortex-regs.c',
+ 'cpregs-pmu.c',
'debug_helper.c',
'helper.c',
'machine.c',
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 25/36] target/arm: Don't enforce NSE, NS check for EL3->EL3 returns
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (23 preceding siblings ...)
2025-07-11 13:34 ` [PULL 24/36] target/arm: Split out performance monitor regs to cpregs-pmu.c Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-11 13:34 ` [PULL 26/36] hw/arm/fsl-imx8mp: Wire VIRQ and VFIQ Peter Maydell
` (11 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
In the Arm ARM, rule R_TYTWB that defines illegal exception return cases
includes the case:
If FEAT_RME is implemented, then if SCR_EL3.{NSE, NS} is {1, 0}, an
exception return from EL3 to a lower Exception level
Our implementation of this check fails to check that the
return is to a lower exception level, so it will incorrectly fire on
EL3->EL3 exception returns.
Fix the check condition. This requires us to move it further
down in the function to a point where we know the new_el value.
Fixes: 35aa6715ddcd9 ("target/arm: Catch illegal-exception-return from EL3 with bad NSE/NS")
Cc: qemu-stable@nongnu.org
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/3016
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20250704165636.261888-1-peter.maydell@linaro.org
---
target/arm/tcg/helper-a64.c | 20 +++++++++++---------
1 file changed, 11 insertions(+), 9 deletions(-)
diff --git a/target/arm/tcg/helper-a64.c b/target/arm/tcg/helper-a64.c
index c66d521278c..71c6c44ee8a 100644
--- a/target/arm/tcg/helper-a64.c
+++ b/target/arm/tcg/helper-a64.c
@@ -658,15 +658,6 @@ void HELPER(exception_return)(CPUARMState *env, uint64_t new_pc)
spsr &= ~PSTATE_SS;
}
- /*
- * FEAT_RME forbids return from EL3 with an invalid security state.
- * We don't need an explicit check for FEAT_RME here because we enforce
- * in scr_write() that you can't set the NSE bit without it.
- */
- if (cur_el == 3 && (env->cp15.scr_el3 & (SCR_NS | SCR_NSE)) == SCR_NSE) {
- goto illegal_return;
- }
-
new_el = el_from_spsr(spsr);
if (new_el == -1) {
goto illegal_return;
@@ -678,6 +669,17 @@ void HELPER(exception_return)(CPUARMState *env, uint64_t new_pc)
goto illegal_return;
}
+ /*
+ * FEAT_RME forbids return from EL3 to a lower exception level
+ * with an invalid security state.
+ * We don't need an explicit check for FEAT_RME here because we enforce
+ * in scr_write() that you can't set the NSE bit without it.
+ */
+ if (cur_el == 3 && new_el < 3 &&
+ (env->cp15.scr_el3 & (SCR_NS | SCR_NSE)) == SCR_NSE) {
+ goto illegal_return;
+ }
+
if (new_el != 0 && arm_el_is_aa64(env, new_el) != return_to_aa64) {
/* Return to an EL which is configured for a different register width */
goto illegal_return;
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 26/36] hw/arm/fsl-imx8mp: Wire VIRQ and VFIQ
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (24 preceding siblings ...)
2025-07-11 13:34 ` [PULL 25/36] target/arm: Don't enforce NSE, NS check for EL3->EL3 returns Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-11 13:34 ` [PULL 27/36] hw/arm: Allow setting KVM vGIC maintenance IRQ Peter Maydell
` (10 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
From: Bernhard Beschow <shentey@gmail.com>
Allows to run KVM guests inside the imx8mp-evk machine.
Fixes: a4eefc69b237 ("hw/arm: Add i.MX 8M Plus EVK board")
CC: qemu-stable
Signed-off-by: Bernhard Beschow <shentey@gmail.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
hw/arm/fsl-imx8mp.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/hw/arm/fsl-imx8mp.c b/hw/arm/fsl-imx8mp.c
index 23e662c16ca..866f4d1d740 100644
--- a/hw/arm/fsl-imx8mp.c
+++ b/hw/arm/fsl-imx8mp.c
@@ -356,6 +356,10 @@ static void fsl_imx8mp_realize(DeviceState *dev, Error **errp)
qdev_get_gpio_in(cpudev, ARM_CPU_IRQ));
sysbus_connect_irq(gicsbd, i + ms->smp.cpus,
qdev_get_gpio_in(cpudev, ARM_CPU_FIQ));
+ sysbus_connect_irq(gicsbd, i + 2 * ms->smp.cpus,
+ qdev_get_gpio_in(cpudev, ARM_CPU_VIRQ));
+ sysbus_connect_irq(gicsbd, i + 3 * ms->smp.cpus,
+ qdev_get_gpio_in(cpudev, ARM_CPU_VFIQ));
}
}
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 27/36] hw/arm: Allow setting KVM vGIC maintenance IRQ
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (25 preceding siblings ...)
2025-07-11 13:34 ` [PULL 26/36] hw/arm/fsl-imx8mp: Wire VIRQ and VFIQ Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-11 13:34 ` [PULL 28/36] target/arm/kvm: Add helper to detect EL2 when using KVM Peter Maydell
` (9 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
From: Haibo Xu <haibo.xu@linaro.org>
Allow virt arm machine to set the interrupt ID for the KVM
GIC maintenance interrupt.
This setting must be done before the KVM_DEV_ARM_VGIC_CTRL_INIT
hence the choice to perform the setting in the GICv3 realize
instead of proceeding the same way as kvm_arm_pmu_set_irq().
Signed-off-by: Haibo Xu <haibo.xu@linaro.org>
Signed-off-by: Miguel Luis <miguel.luis@oracle.com>
Signed-off-by: Eric Auger <eric.auger@redhat.com>
Message-id: 20250707164129.1167837-2-eric.auger@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
include/hw/intc/arm_gicv3_common.h | 1 +
hw/arm/virt.c | 3 +++
hw/intc/arm_gicv3_common.c | 1 +
hw/intc/arm_gicv3_kvm.c | 21 +++++++++++++++++++++
4 files changed, 26 insertions(+)
diff --git a/include/hw/intc/arm_gicv3_common.h b/include/hw/intc/arm_gicv3_common.h
index a3d6a0e5077..c18503869f9 100644
--- a/include/hw/intc/arm_gicv3_common.h
+++ b/include/hw/intc/arm_gicv3_common.h
@@ -231,6 +231,7 @@ struct GICv3State {
uint32_t num_cpu;
uint32_t num_irq;
uint32_t revision;
+ uint32_t maint_irq;
bool lpi_enable;
bool nmi_support;
bool security_extn;
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
index 394e8b53018..c9f39919370 100644
--- a/hw/arm/virt.c
+++ b/hw/arm/virt.c
@@ -833,6 +833,9 @@ static void create_gic(VirtMachineState *vms, MemoryRegion *mem)
OBJECT(mem), &error_fatal);
qdev_prop_set_bit(vms->gic, "has-lpi", true);
}
+ } else if (vms->virt) {
+ qdev_prop_set_uint32(vms->gic, "maintenance-interrupt-id",
+ ARCH_GIC_MAINT_IRQ);
}
} else {
if (!kvm_irqchip_in_kernel()) {
diff --git a/hw/intc/arm_gicv3_common.c b/hw/intc/arm_gicv3_common.c
index 1cee68193ca..e438d8c042d 100644
--- a/hw/intc/arm_gicv3_common.c
+++ b/hw/intc/arm_gicv3_common.c
@@ -612,6 +612,7 @@ static const Property arm_gicv3_common_properties[] = {
DEFINE_PROP_BOOL("has-lpi", GICv3State, lpi_enable, 0),
DEFINE_PROP_BOOL("has-nmi", GICv3State, nmi_support, 0),
DEFINE_PROP_BOOL("has-security-extensions", GICv3State, security_extn, 0),
+ DEFINE_PROP_UINT32("maintenance-interrupt-id", GICv3State, maint_irq, 0),
/*
* Compatibility property: force 8 bits of physical priority, even
* if the CPU being emulated should have fewer.
diff --git a/hw/intc/arm_gicv3_kvm.c b/hw/intc/arm_gicv3_kvm.c
index 3be3bf6c28d..b30aac7aee1 100644
--- a/hw/intc/arm_gicv3_kvm.c
+++ b/hw/intc/arm_gicv3_kvm.c
@@ -22,6 +22,7 @@
#include "qemu/osdep.h"
#include "qapi/error.h"
#include "hw/intc/arm_gicv3_common.h"
+#include "hw/arm/virt.h"
#include "qemu/error-report.h"
#include "qemu/module.h"
#include "system/kvm.h"
@@ -825,6 +826,26 @@ static void kvm_arm_gicv3_realize(DeviceState *dev, Error **errp)
return;
}
+ if (s->maint_irq) {
+ int ret;
+
+ ret = kvm_device_check_attr(s->dev_fd,
+ KVM_DEV_ARM_VGIC_GRP_MAINT_IRQ, 0);
+ if (!ret) {
+ error_setg_errno(errp, errno,
+ "VGICv3 setting maintenance IRQ is not "
+ "supported by this host kernel");
+ return;
+ }
+
+ ret = kvm_device_access(s->dev_fd, KVM_DEV_ARM_VGIC_GRP_MAINT_IRQ, 0,
+ &s->maint_irq, true, errp);
+ if (ret) {
+ error_setg_errno(errp, errno, "Failed to set VGIC maintenance IRQ");
+ return;
+ }
+ }
+
multiple_redist_region_allowed =
kvm_device_check_attr(s->dev_fd, KVM_DEV_ARM_VGIC_GRP_ADDR,
KVM_VGIC_V3_ADDR_TYPE_REDIST_REGION);
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 28/36] target/arm/kvm: Add helper to detect EL2 when using KVM
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (26 preceding siblings ...)
2025-07-11 13:34 ` [PULL 27/36] hw/arm: Allow setting KVM vGIC maintenance IRQ Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-11 13:34 ` [PULL 29/36] target/arm: Enable feature ARM_FEATURE_EL2 if EL2 is supported Peter Maydell
` (8 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
From: Haibo Xu <haibo.xu@linaro.org>
Introduce query support for KVM_CAP_ARM_EL2.
Signed-off-by: Haibo Xu <haibo.xu@linaro.org>
Signed-off-by: Miguel Luis <miguel.luis@oracle.com>
Signed-off-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20250707164129.1167837-3-eric.auger@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/kvm_arm.h | 7 +++++++
target/arm/kvm-stub.c | 5 +++++
target/arm/kvm.c | 5 +++++
3 files changed, 17 insertions(+)
diff --git a/target/arm/kvm_arm.h b/target/arm/kvm_arm.h
index 7dc83caed5c..b4cad051551 100644
--- a/target/arm/kvm_arm.h
+++ b/target/arm/kvm_arm.h
@@ -191,6 +191,13 @@ bool kvm_arm_sve_supported(void);
*/
bool kvm_arm_mte_supported(void);
+/**
+ * kvm_arm_el2_supported:
+ *
+ * Returns true if KVM can enable EL2 and false otherwise.
+ */
+bool kvm_arm_el2_supported(void);
+
/**
* kvm_arm_get_max_vm_ipa_size:
* @ms: Machine state handle
diff --git a/target/arm/kvm-stub.c b/target/arm/kvm-stub.c
index 34e57fab011..c93462c5b9b 100644
--- a/target/arm/kvm-stub.c
+++ b/target/arm/kvm-stub.c
@@ -47,6 +47,11 @@ bool kvm_arm_mte_supported(void)
return false;
}
+bool kvm_arm_el2_supported(void)
+{
+ return false;
+}
+
/*
* These functions should never actually be called without KVM support.
*/
diff --git a/target/arm/kvm.c b/target/arm/kvm.c
index 8ab0d692d36..9fdf354f3bc 100644
--- a/target/arm/kvm.c
+++ b/target/arm/kvm.c
@@ -1763,6 +1763,11 @@ bool kvm_arm_aarch32_supported(void)
return kvm_check_extension(kvm_state, KVM_CAP_ARM_EL1_32BIT);
}
+bool kvm_arm_el2_supported(void)
+{
+ return kvm_check_extension(kvm_state, KVM_CAP_ARM_EL2);
+}
+
bool kvm_arm_sve_supported(void)
{
return kvm_check_extension(kvm_state, KVM_CAP_ARM_SVE);
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 29/36] target/arm: Enable feature ARM_FEATURE_EL2 if EL2 is supported
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (27 preceding siblings ...)
2025-07-11 13:34 ` [PULL 28/36] target/arm/kvm: Add helper to detect EL2 when using KVM Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-11 13:34 ` [PULL 30/36] hw/arm/arm_gicv3_kvm: Add a migration blocker with kvm nested virt Peter Maydell
` (7 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
From: Haibo Xu <haibo.xu@linaro.org>
KVM_CAP_ARM_EL2 must be supported by the cpu to enable ARM_FEATURE_EL2.
In case the host does support NV, expose the feature.
Signed-off-by: Haibo Xu <haibo.xu@linaro.org>
Signed-off-by: Miguel Luis <miguel.luis@oracle.com>
Signed-off-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20250707164129.1167837-4-eric.auger@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/kvm.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/target/arm/kvm.c b/target/arm/kvm.c
index 9fdf354f3bc..66723448554 100644
--- a/target/arm/kvm.c
+++ b/target/arm/kvm.c
@@ -251,6 +251,7 @@ static bool kvm_arm_get_host_cpu_features(ARMHostCPUFeatures *ahcf)
*/
int fdarray[3];
bool sve_supported;
+ bool el2_supported;
bool pmu_supported = false;
uint64_t features = 0;
int err;
@@ -270,6 +271,14 @@ static bool kvm_arm_get_host_cpu_features(ARMHostCPUFeatures *ahcf)
init.features[0] |= 1 << KVM_ARM_VCPU_SVE;
}
+ /*
+ * Ask for EL2 if supported.
+ */
+ el2_supported = kvm_arm_el2_supported();
+ if (el2_supported) {
+ init.features[0] |= 1 << KVM_ARM_VCPU_HAS_EL2;
+ }
+
/*
* Ask for Pointer Authentication if supported, so that we get
* the unsanitized field values for AA64ISAR1_EL1.
@@ -423,6 +432,10 @@ static bool kvm_arm_get_host_cpu_features(ARMHostCPUFeatures *ahcf)
features |= 1ULL << ARM_FEATURE_AARCH64;
features |= 1ULL << ARM_FEATURE_GENERIC_TIMER;
+ if (el2_supported) {
+ features |= 1ULL << ARM_FEATURE_EL2;
+ }
+
ahcf->features = features;
return true;
@@ -1888,6 +1901,9 @@ int kvm_arch_init_vcpu(CPUState *cs)
cpu->kvm_init_features[0] |= (1 << KVM_ARM_VCPU_PTRAUTH_ADDRESS |
1 << KVM_ARM_VCPU_PTRAUTH_GENERIC);
}
+ if (cpu->has_el2 && kvm_arm_el2_supported()) {
+ cpu->kvm_init_features[0] |= 1 << KVM_ARM_VCPU_HAS_EL2;
+ }
/* Do KVM_ARM_VCPU_INIT ioctl */
ret = kvm_arm_vcpu_init(cpu);
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 30/36] hw/arm/arm_gicv3_kvm: Add a migration blocker with kvm nested virt
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (28 preceding siblings ...)
2025-07-11 13:34 ` [PULL 29/36] target/arm: Enable feature ARM_FEATURE_EL2 if EL2 is supported Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-11 13:34 ` [PULL 31/36] hw/arm/virt: Allow virt extensions with KVM Peter Maydell
` (6 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
From: Eric Auger <eric.auger@redhat.com>
We may be miss some NV related GIC register save/restore. Until
we complete the study, let's add a migration blocker when the
maintenance IRQ is set.
Signed-off-by: Eric Auger <eric.auger@redhat.com>
Message-id: 20250707164129.1167837-5-eric.auger@redhat.com
Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
hw/intc/arm_gicv3_kvm.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/hw/intc/arm_gicv3_kvm.c b/hw/intc/arm_gicv3_kvm.c
index b30aac7aee1..8ed88e74299 100644
--- a/hw/intc/arm_gicv3_kvm.c
+++ b/hw/intc/arm_gicv3_kvm.c
@@ -827,8 +827,16 @@ static void kvm_arm_gicv3_realize(DeviceState *dev, Error **errp)
}
if (s->maint_irq) {
+ Error *kvm_nv_migration_blocker = NULL;
int ret;
+ error_setg(&kvm_nv_migration_blocker,
+ "Live migration disabled because KVM nested virt is enabled");
+ if (migrate_add_blocker(&kvm_nv_migration_blocker, errp)) {
+ error_free(kvm_nv_migration_blocker);
+ return;
+ }
+
ret = kvm_device_check_attr(s->dev_fd,
KVM_DEV_ARM_VGIC_GRP_MAINT_IRQ, 0);
if (!ret) {
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 31/36] hw/arm/virt: Allow virt extensions with KVM
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (29 preceding siblings ...)
2025-07-11 13:34 ` [PULL 30/36] hw/arm/arm_gicv3_kvm: Add a migration blocker with kvm nested virt Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-11 13:34 ` [PULL 32/36] system/qdev: Remove pointless NULL check in qdev_device_add_from_qdict Peter Maydell
` (5 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
Up to now virt support on guest has been only supported with TCG.
Now it becomes feasible to use it with KVM acceleration.
Check neither in-kernel GICv3 nor aarch64=off is used along with KVM
EL2.
Signed-off-by: Haibo Xu <haibo.xu@linaro.org>
Signed-off-by: Miguel Luis <miguel.luis@oracle.com>
Signed-off-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20250707164129.1167837-6-eric.auger@redhat.com
[PMM: make "kernel doesn't have EL2 support" error message
distinct from the old "QEMU doesn't have KVM EL2 support" one]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
hw/arm/virt.c | 19 ++++++++++++++++++-
1 file changed, 18 insertions(+), 1 deletion(-)
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
index c9f39919370..8070ff7b113 100644
--- a/hw/arm/virt.c
+++ b/hw/arm/virt.c
@@ -797,6 +797,13 @@ static void create_gic(VirtMachineState *vms, MemoryRegion *mem)
default:
g_assert_not_reached();
}
+
+ if (kvm_enabled() && vms->virt &&
+ (revision != 3 || !kvm_irqchip_in_kernel())) {
+ error_report("KVM EL2 is only supported with in-kernel GICv3");
+ exit(1);
+ }
+
vms->gic = qdev_new(gictype);
qdev_prop_set_uint32(vms->gic, "revision", revision);
qdev_prop_set_uint32(vms->gic, "num-cpu", smp_cpus);
@@ -2092,6 +2099,10 @@ static void virt_post_cpus_gic_realized(VirtMachineState *vms,
memory_region_init_ram(pvtime, NULL, "pvtime", pvtime_size, NULL);
memory_region_add_subregion(sysmem, pvtime_reg_base, pvtime);
}
+ if (!aarch64 && vms->virt) {
+ error_report("KVM does not support EL2 on an AArch32 vCPU");
+ exit(1);
+ }
CPU_FOREACH(cpu) {
if (pmu) {
@@ -2237,7 +2248,13 @@ static void machvirt_init(MachineState *machine)
exit(1);
}
- if (vms->virt && !tcg_enabled() && !qtest_enabled()) {
+ if (vms->virt && kvm_enabled() && !kvm_arm_el2_supported()) {
+ error_report("mach-virt: host kernel KVM does not support providing "
+ "Virtualization extensions to the guest CPU");
+ exit(1);
+ }
+
+ if (vms->virt && !kvm_enabled() && !tcg_enabled() && !qtest_enabled()) {
error_report("mach-virt: %s does not support providing "
"Virtualization extensions to the guest CPU",
current_accel_name());
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 32/36] system/qdev: Remove pointless NULL check in qdev_device_add_from_qdict
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (30 preceding siblings ...)
2025-07-11 13:34 ` [PULL 31/36] hw/arm/virt: Allow virt extensions with KVM Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-11 13:34 ` [PULL 33/36] hw/arm/virt-acpi-build: Don't create ITS id mappings by default Peter Maydell
` (4 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
From: Philippe Mathieu-Daudé <philmd@linaro.org>
Coverity reported a unnecessary NULL check:
qemu/system/qdev-monitor.c: 720 in qdev_device_add_from_qdict()
683 /* create device */
684 dev = qdev_new(driver);
...
719 err_del_dev:
>>> CID 1590192: Null pointer dereferences (REVERSE_INULL)
>>> Null-checking "dev" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
720 if (dev) {
721 object_unparent(OBJECT(dev));
722 object_unref(OBJECT(dev));
723 }
724 return NULL;
725 }
Indeed, unlike qdev_try_new() which can return NULL,
qdev_new() always returns a heap pointer (or aborts).
Remove the unnecessary assignment and check.
Fixes: f3a85056569 ("qdev/qbus: add hidden device support")
Resolves: Coverity CID 1590192 (Null pointer dereferences)
Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
system/qdev-monitor.c | 9 ++++-----
1 file changed, 4 insertions(+), 5 deletions(-)
diff --git a/system/qdev-monitor.c b/system/qdev-monitor.c
index 5588ed2047d..2ac92d0a076 100644
--- a/system/qdev-monitor.c
+++ b/system/qdev-monitor.c
@@ -628,7 +628,7 @@ DeviceState *qdev_device_add_from_qdict(const QDict *opts,
DeviceClass *dc;
const char *driver, *path;
char *id;
- DeviceState *dev = NULL;
+ DeviceState *dev;
BusState *bus = NULL;
QDict *properties;
@@ -717,10 +717,9 @@ DeviceState *qdev_device_add_from_qdict(const QDict *opts,
return dev;
err_del_dev:
- if (dev) {
- object_unparent(OBJECT(dev));
- object_unref(OBJECT(dev));
- }
+ object_unparent(OBJECT(dev));
+ object_unref(OBJECT(dev));
+
return NULL;
}
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 33/36] hw/arm/virt-acpi-build: Don't create ITS id mappings by default
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (31 preceding siblings ...)
2025-07-11 13:34 ` [PULL 32/36] system/qdev: Remove pointless NULL check in qdev_device_add_from_qdict Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-11 13:34 ` [PULL 34/36] target/arm: Remove helper_sme2_luti4_4b Peter Maydell
` (3 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
From: Shameer Kolothum <shameerali.kolothum.thodi@huawei.com>
Commit d6afe18b7242 ("hw/arm/virt-acpi-build: Fix ACPI IORT and MADT tables
when its=off") moved ITS group node generation under the its=on condition.
However, it still creates rc_its_idmaps unconditionally, which results in
duplicate ID mappings in the IORT table.
Fixes:d6afe18b7242 ("hw/arm/virt-acpi-build: Fix ACPI IORT and MADT tables when its=off")
Reviewed-by: Jonathan Cameron <jonathan.cameron@huawei.com>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Donald Dutile <ddutile@redhat.com>
Tested-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Shameer Kolothum <shameerali.kolothum.thodi@huawei.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
hw/arm/virt-acpi-build.c | 6 ------
1 file changed, 6 deletions(-)
diff --git a/hw/arm/virt-acpi-build.c b/hw/arm/virt-acpi-build.c
index c3b9b3f6ea4..0dfb8ec2c35 100644
--- a/hw/arm/virt-acpi-build.c
+++ b/hw/arm/virt-acpi-build.c
@@ -358,12 +358,6 @@ build_iort(GArray *table_data, BIOSLinker *linker, VirtMachineState *vms)
/* Sort the smmu idmap by input_base */
g_array_sort(rc_smmu_idmaps, iort_idmap_compare);
- /*
- * Knowing the ID ranges from the RC to the SMMU, it's possible to
- * determine the ID ranges from RC that are directed to the ITS.
- */
- create_rc_its_idmaps(rc_its_idmaps, rc_smmu_idmaps);
-
nb_nodes = 2; /* RC and SMMUv3 */
rc_mapping_count = rc_smmu_idmaps->len;
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 34/36] target/arm: Remove helper_sme2_luti4_4b
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (32 preceding siblings ...)
2025-07-11 13:34 ` [PULL 33/36] hw/arm/virt-acpi-build: Don't create ITS id mappings by default Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-11 13:34 ` [PULL 35/36] docs/system: arm: Add max78000 board description Peter Maydell
` (2 subsequent siblings)
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
From: Richard Henderson <richard.henderson@linaro.org>
This function isn't used.
Resolves: Coverity CID 1612139
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20250710173945.115428-1-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/tcg/helper.h | 1 -
target/arm/tcg/vec_helper.c | 1 -
2 files changed, 2 deletions(-)
diff --git a/target/arm/tcg/helper.h b/target/arm/tcg/helper.h
index d9565c80697..0a006d95142 100644
--- a/target/arm/tcg/helper.h
+++ b/target/arm/tcg/helper.h
@@ -1209,6 +1209,5 @@ DEF_HELPER_FLAGS_4(sme2_luti4_2b, TCG_CALL_NO_RWG, void, ptr, ptr, env, i32)
DEF_HELPER_FLAGS_4(sme2_luti4_2h, TCG_CALL_NO_RWG, void, ptr, ptr, env, i32)
DEF_HELPER_FLAGS_4(sme2_luti4_2s, TCG_CALL_NO_RWG, void, ptr, ptr, env, i32)
-DEF_HELPER_FLAGS_4(sme2_luti4_4b, TCG_CALL_NO_RWG, void, ptr, ptr, env, i32)
DEF_HELPER_FLAGS_4(sme2_luti4_4h, TCG_CALL_NO_RWG, void, ptr, ptr, env, i32)
DEF_HELPER_FLAGS_4(sme2_luti4_4s, TCG_CALL_NO_RWG, void, ptr, ptr, env, i32)
diff --git a/target/arm/tcg/vec_helper.c b/target/arm/tcg/vec_helper.c
index 0603db09093..bae6165b505 100644
--- a/target/arm/tcg/vec_helper.c
+++ b/target/arm/tcg/vec_helper.c
@@ -3526,7 +3526,6 @@ DO_SME2_LUT(4,1,s, 4)
DO_SME2_LUT(4,2,b, 1)
DO_SME2_LUT(4,2,h, 2)
DO_SME2_LUT(4,2,s, 4)
-DO_SME2_LUT(4,4,b, 1)
DO_SME2_LUT(4,4,h, 2)
DO_SME2_LUT(4,4,s, 4)
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 35/36] docs/system: arm: Add max78000 board description
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (33 preceding siblings ...)
2025-07-11 13:34 ` [PULL 34/36] target/arm: Remove helper_sme2_luti4_4b Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-11 13:34 ` [PULL 36/36] tests/functional: Add a test for the MAX78000 arm machine Peter Maydell
2025-07-13 7:06 ` [PULL 00/36] target-arm queue Stefan Hajnoczi
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
From: Jackson Donaldson <jackson88044@gmail.com>
This adds the target guide for the max78000FTHR
Signed-off-by: Jackson Donaldson <jcksn@duck.com>
Message-id: 20250711110626.624534-2-jcksn@duck.com
[PMM: Moved doc to correct place in index; made underlines correct
length; added missing trailing newline; added SPDX]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
docs/system/arm/max78000.rst | 37 ++++++++++++++++++++++++++++++++++++
docs/system/target-arm.rst | 1 +
2 files changed, 38 insertions(+)
create mode 100644 docs/system/arm/max78000.rst
diff --git a/docs/system/arm/max78000.rst b/docs/system/arm/max78000.rst
new file mode 100644
index 00000000000..3d95011fefd
--- /dev/null
+++ b/docs/system/arm/max78000.rst
@@ -0,0 +1,37 @@
+.. SPDX-License-Identifier: GPL-2.0-or-later
+
+Analog Devices max78000 board (``max78000fthr``)
+================================================
+
+The max78000 is a Cortex-M4 based SOC with a RISC-V coprocessor. The RISC-V coprocessor is not supported.
+
+Supported devices
+-----------------
+
+ * Instruction Cache Controller
+ * UART
+ * Global Control Register
+ * True Random Number Generator
+ * AES
+
+Notable unsupported devices
+---------------------------
+
+ * I2C
+ * CNN
+ * CRC
+ * SPI
+
+Boot options
+------------
+
+The max78000 can be started using the ``-kernel`` option to load a
+firmware at address 0 as the ROM. As the ROM normally jumps to software loaded
+from the internal flash at address 0x10000000, loading your program there is
+generally advisable. If you don't have a copy of the ROM, the interrupt
+vector table from user firmware will do.
+Example:
+
+.. code-block:: bash
+
+ $ qemu-system-arm -machine max78000fthr -kernel max78000.bin -device loader,file=max78000.bin,addr=0x10000000
diff --git a/docs/system/target-arm.rst b/docs/system/target-arm.rst
index b96a05a9206..a96d1867df1 100644
--- a/docs/system/target-arm.rst
+++ b/docs/system/target-arm.rst
@@ -71,6 +71,7 @@ Board-specific documentation
.. toctree::
:maxdepth: 1
+ arm/max78000
arm/integratorcp
arm/mps2
arm/musca
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [PULL 36/36] tests/functional: Add a test for the MAX78000 arm machine
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (34 preceding siblings ...)
2025-07-11 13:34 ` [PULL 35/36] docs/system: arm: Add max78000 board description Peter Maydell
@ 2025-07-11 13:34 ` Peter Maydell
2025-07-13 7:06 ` [PULL 00/36] target-arm queue Stefan Hajnoczi
36 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2025-07-11 13:34 UTC (permalink / raw)
To: qemu-devel
From: Jackson Donaldson <jackson88044@gmail.com>
Runs a binary from the max78000test repo used in
developing the qemu implementation of the max78000
to verify that the machine and implemented devices
generally still work.
Signed-off-by: Jackson Donaldson <jcksn@duck.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-id: 20250711110626.624534-3-jcksn@duck.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
tests/functional/meson.build | 1 +
tests/functional/test_arm_max78000fthr.py | 48 +++++++++++++++++++++++
2 files changed, 49 insertions(+)
create mode 100755 tests/functional/test_arm_max78000fthr.py
diff --git a/tests/functional/meson.build b/tests/functional/meson.build
index 050c9000b95..cd67e6d734e 100644
--- a/tests/functional/meson.build
+++ b/tests/functional/meson.build
@@ -138,6 +138,7 @@ tests_arm_system_thorough = [
'arm_cubieboard',
'arm_emcraft_sf2',
'arm_integratorcp',
+ 'arm_max78000fthr',
'arm_microbit',
'arm_orangepi',
'arm_quanta_gsj',
diff --git a/tests/functional/test_arm_max78000fthr.py b/tests/functional/test_arm_max78000fthr.py
new file mode 100755
index 00000000000..a82980b0f7c
--- /dev/null
+++ b/tests/functional/test_arm_max78000fthr.py
@@ -0,0 +1,48 @@
+#!/usr/bin/env python3
+#
+# Functional test that checks the max78000fthr machine.
+# Tests ICC, GCR, TRNG, AES, and UART
+#
+# SPDX-License-Identifier: GPL-2.0-or-later
+
+from qemu_test import QemuSystemTest, Asset, exec_command_and_wait_for_pattern
+from qemu_test import wait_for_console_pattern
+
+
+class Max78000Machine(QemuSystemTest):
+
+ ASSET_FW = Asset(
+ 'https://github.com/JacksonDonaldson/max78000Test/raw/main/build/max78000.bin',
+ '86940b4bf60931bc6a8aa5db4b9f7f3cf8f64dbbd7ac534647980e536cf3adf7')
+
+ def test_fthr(self):
+ self.set_machine('max78000fthr')
+ fw_path = self.ASSET_FW.fetch()
+ self.vm.set_console()
+ self.vm.add_args('-kernel', fw_path)
+ self.vm.add_args('-device', "loader,file=" + fw_path + ",addr=0x10000000")
+ self.vm.launch()
+
+ wait_for_console_pattern(self, 'started')
+
+ # i -> prints instruction cache values
+ exec_command_and_wait_for_pattern(self, 'i', 'CTRL: 00010001')
+
+ # r -> gcr resets the machine
+ exec_command_and_wait_for_pattern(self, 'r', 'started')
+
+ # z -> sets some memory, then has gcr zero it
+ exec_command_and_wait_for_pattern(self, 'z', 'initial value: 12345678')
+ wait_for_console_pattern(self, "after memz: 00000000")
+
+ # t -> runs trng
+ exec_command_and_wait_for_pattern(self, 't', 'random data:')
+
+ # a -> runs aes
+ exec_command_and_wait_for_pattern(self, 'a',
+ 'encrypted to : a47ca9dd e0df4c86 a070af6e 91710dec')
+ wait_for_console_pattern(self,
+ 'encrypted to : cab7a28e bf456751 9049fcea 8960494b')
+
+if __name__ == '__main__':
+ QemuSystemTest.main()
--
2.43.0
^ permalink raw reply related [flat|nested] 49+ messages in thread
* Re: [PULL 00/36] target-arm queue
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
` (35 preceding siblings ...)
2025-07-11 13:34 ` [PULL 36/36] tests/functional: Add a test for the MAX78000 arm machine Peter Maydell
@ 2025-07-13 7:06 ` Stefan Hajnoczi
36 siblings, 0 replies; 49+ messages in thread
From: Stefan Hajnoczi @ 2025-07-13 7:06 UTC (permalink / raw)
To: Peter Maydell; +Cc: qemu-devel
[-- Attachment #1: Type: text/plain, Size: 116 bytes --]
Applied, thanks.
Please update the changelog at https://wiki.qemu.org/ChangeLog/10.1 for any user-visible changes.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
^ permalink raw reply [flat|nested] 49+ messages in thread
end of thread, other threads:[~2025-07-13 7:10 UTC | newest]
Thread overview: 49+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-07-11 13:33 [PULL 00/36] target-arm queue Peter Maydell
2025-07-11 13:33 ` [PULL 01/36] MAX78000: Add MAX78000FTHR Machine Peter Maydell
2025-07-11 13:33 ` [PULL 02/36] MAX78000: ICC Implementation Peter Maydell
2025-07-11 13:33 ` [PULL 03/36] MAX78000: Add ICC to SOC Peter Maydell
2025-07-11 13:33 ` [PULL 04/36] MAX78000: UART Implementation Peter Maydell
2025-07-11 13:33 ` [PULL 05/36] MAX78000: Add UART to SOC Peter Maydell
2025-07-11 13:33 ` [PULL 06/36] MAX78000: GCR Implementation Peter Maydell
2025-07-11 13:34 ` [PULL 07/36] MAX78000: Add GCR to SOC Peter Maydell
2025-07-11 13:34 ` [PULL 08/36] MAX78000: TRNG Implementation Peter Maydell
2025-07-11 13:34 ` [PULL 09/36] MAX78000: Add TRNG to SOC Peter Maydell
2025-07-11 13:34 ` [PULL 10/36] MAX78000: AES implementation Peter Maydell
2025-07-11 13:34 ` [PULL 11/36] MAX78000: Add AES to SOC Peter Maydell
2025-07-11 13:34 ` [PULL 12/36] hw/cxl-host: Add an index field to CXLFixedMemoryWindow Peter Maydell
2025-07-11 13:34 ` [PULL 13/36] hw/cxl: Make the CXL fixed memory windows devices Peter Maydell
2025-07-11 13:34 ` [PULL 14/36] hw/arm/virt: Basic CXL enablement on pci_expander_bridge instances pxb-cxl Peter Maydell
2025-07-11 13:34 ` [PULL 15/36] docs/cxl: Add an arm/virt example Peter Maydell
2025-07-11 13:34 ` [PULL 16/36] qtest/cxl: Add aarch64 virt test for CXL Peter Maydell
2025-07-11 13:34 ` [PULL 17/36] arm/cpu: store id_afr0 into the idregs array Peter Maydell
2025-07-11 13:34 ` [PULL 18/36] arm/cpu: store id_aa64afr{0,1} " Peter Maydell
2025-07-11 13:34 ` [PULL 19/36] arm/cpu: fix trailing ',' for SET_IDREG Peter Maydell
2025-07-11 13:34 ` [PULL 20/36] arm/cpu: store clidr into the idregs array Peter Maydell
2025-07-11 13:34 ` [PULL 21/36] arm/kvm: shorten one overly long line Peter Maydell
2025-07-11 13:34 ` [PULL 22/36] target/arm: Drop stub for define_tlb_insn_regs Peter Maydell
2025-07-11 13:34 ` [PULL 23/36] target/arm: Split out AT insns to tcg/cpregs-at.c Peter Maydell
2025-07-11 13:34 ` [PULL 24/36] target/arm: Split out performance monitor regs to cpregs-pmu.c Peter Maydell
2025-07-11 13:34 ` [PULL 25/36] target/arm: Don't enforce NSE, NS check for EL3->EL3 returns Peter Maydell
2025-07-11 13:34 ` [PULL 26/36] hw/arm/fsl-imx8mp: Wire VIRQ and VFIQ Peter Maydell
2025-07-11 13:34 ` [PULL 27/36] hw/arm: Allow setting KVM vGIC maintenance IRQ Peter Maydell
2025-07-11 13:34 ` [PULL 28/36] target/arm/kvm: Add helper to detect EL2 when using KVM Peter Maydell
2025-07-11 13:34 ` [PULL 29/36] target/arm: Enable feature ARM_FEATURE_EL2 if EL2 is supported Peter Maydell
2025-07-11 13:34 ` [PULL 30/36] hw/arm/arm_gicv3_kvm: Add a migration blocker with kvm nested virt Peter Maydell
2025-07-11 13:34 ` [PULL 31/36] hw/arm/virt: Allow virt extensions with KVM Peter Maydell
2025-07-11 13:34 ` [PULL 32/36] system/qdev: Remove pointless NULL check in qdev_device_add_from_qdict Peter Maydell
2025-07-11 13:34 ` [PULL 33/36] hw/arm/virt-acpi-build: Don't create ITS id mappings by default Peter Maydell
2025-07-11 13:34 ` [PULL 34/36] target/arm: Remove helper_sme2_luti4_4b Peter Maydell
2025-07-11 13:34 ` [PULL 35/36] docs/system: arm: Add max78000 board description Peter Maydell
2025-07-11 13:34 ` [PULL 36/36] tests/functional: Add a test for the MAX78000 arm machine Peter Maydell
2025-07-13 7:06 ` [PULL 00/36] target-arm queue Stefan Hajnoczi
-- strict thread matches above, loose matches on Subject: below --
2025-01-28 20:12 Peter Maydell
2025-01-29 19:17 ` Stefan Hajnoczi
2024-02-02 15:36 Peter Maydell
2024-02-03 13:27 ` Peter Maydell
2024-01-26 14:33 Peter Maydell
2024-01-27 13:00 ` Peter Maydell
2020-12-10 11:47 Peter Maydell
2020-12-10 12:51 ` Peter Maydell
2020-09-14 14:06 Peter Maydell
2020-03-12 16:44 Peter Maydell
2020-03-12 20:32 ` Peter Maydell
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).