hw/loader: Restrict PC_ROM_* definitions to hw/i386/pc
The PC_ROM_* definitions are only used by the PC machine,
and are irrelevant to the other architectures / machines.
Reduce their scope by moving them to hw/i386/pc.c.
Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20210921' into staging
Move cpu_signal_handler declaration.
Restrict cpu_handle_halt to sysemu.
Make do_unaligned_access noreturn.
Misc tcg/mips cleanup
Misc tcg/sparc cleanup
Misc tcg/riscv cleanup
# gpg: Signature made Tue 21 Sep 2021 10:47:29 PM EDT
# gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg: issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [ultimate]
* remotes/rth/tags/pull-tcg-20210921:
tcg/riscv: Remove add with zero on user-only memory access
hw/core: Make do_unaligned_access noreturn
tcg/sparc: Introduce tcg_out_mov_delay
tcg/sparc: Drop inline markers
tcg/mips: Drop special alignment for code_gen_buffer
tcg/mips: Unset TCG_TARGET_HAS_direct_jump
tcg/mips: Allow JAL to be out of range in tcg_out_bswap_subr
tcg/mips: Drop inline markers
accel/tcg: Restrict cpu_handle_halt() to sysemu
include/exec: Move cpu_signal_handler declaration
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
* remotes/vivier2/tags/linux-user-for-6.2-pull-request:
linux-user/aarch64: Use force_sig_fault()
linux-user/arm: Use force_sig_fault()
linux-user: Provide new force_sig_fault() function
linux-user: Zero out target_siginfo_t in force_sig()
linux-user/arm: Use force_sig() to deliver fpa11 emulation SIGFPE
linux-user/arm: Set siginfo_t addr field for SIGTRAP signals
linux-user/aarch64: Set siginfo_t addr field for SIGTRAP signals
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Fri, 24 Sep 2021 09:28:13 +0000 (10:28 +0100)]
Merge remote-tracking branch 'remotes/nvme/tags/nvme-next-pull-request' into staging
hw/nvme updates
# gpg: Signature made Fri 24 Sep 2021 07:44:23 BST
# gpg: using RSA key 522833AA75E2DCE6A24766C04DE1AF316D4F0DE9
# gpg: Good signature from "Klaus Jensen <its@irrelevant.dk>" [unknown]
# gpg: aka "Klaus Jensen <k.jensen@samsung.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: DDCA 4D9C 9EF9 31CC 3468 4272 63D5 6FC5 E55D A838
# Subkey fingerprint: 5228 33AA 75E2 DCE6 A247 66C0 4DE1 AF31 6D4F 0DE9
* remotes/nvme/tags/nvme-next-pull-request:
hw/nvme: Return error for fused operations
hw/nvme: fix verification of select field in namespace attachment
hw/nvme: fix validation of ASQ and ACQ
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Currently, FUSED operations are not supported by QEMU. As per the 1.4 SPEC,
controller should abort the command that requested a fused operation with
an INVALID FIELD error code if they are not supported.
Changes from v1:
Added FUSE flag check also to the admin cmd processing as the FUSED
operations are mentioned in the general SQE section in the SPEC.
Signed-off-by: Pankaj Raghav <p.raghav@samsung.com> Reviewed-by: Keith Busch <kbusch@kernel.org> Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Peter Maydell [Fri, 13 Aug 2021 13:18:07 +0000 (14:18 +0100)]
linux-user: Provide new force_sig_fault() function
In many places in the linux-user code we need to queue a signal for
the guest using the QEMU_SI_FAULT si_type. This requires that the
caller sets up and passes us a target_siginfo, including setting the
appropriate part of the _sifields union for the si_type. In a number
of places the code forgets to set the _sifields union field.
Provide a new force_sig_fault() function, which does the same thing
as the Linux kernel function of that name -- it takes the signal
number, the si_code value and the address to use in
_sifields._sigfault, and assembles the target_siginfo itself. This
makes the callsites simpler and means it's harder to forget to pass
in an address value.
We follow force_sig() and the kernel's force_sig_fault() in not
requiring the caller to pass in the CPU pointer but always acting
on the CPU of the current thread.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210813131809.28655-6-peter.maydell@linaro.org> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Peter Maydell [Fri, 13 Aug 2021 13:18:06 +0000 (14:18 +0100)]
linux-user: Zero out target_siginfo_t in force_sig()
The target_siginfo_t we populate in force_sig() will eventually
get copied onto the target's stack. Zero it out so that any extra
padding in the sifields union is consistently zero when the guest
sees it.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210813131809.28655-5-peter.maydell@linaro.org> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Peter Maydell [Fri, 13 Aug 2021 13:18:05 +0000 (14:18 +0100)]
linux-user/arm: Use force_sig() to deliver fpa11 emulation SIGFPE
In the Arm target code, when the fpa11 emulation code tells us we
need to send the guest a SIGFPE, we do this with queue_signal(), but
we are using the wrong si_type, and we aren't setting the _sifields
union members corresponding to either the si_type we are using or the
si_type we should be using.
As the existing comment notes, the kernel code for this calls the old
send_sig() function to deliver the signal. This eventually results
in the kernel's signal handling code fabricating a siginfo_t with a
SI_KERNEL code and a zero pid and uid. For QEMU this means we need
to use QEMU_SI_KILL. We already have a function for that:
force_sig() sets up the whole target_siginfo_t the way we need it.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210813131809.28655-4-peter.maydell@linaro.org> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Peter Maydell [Fri, 13 Aug 2021 13:18:04 +0000 (14:18 +0100)]
linux-user/arm: Set siginfo_t addr field for SIGTRAP signals
When generating a TRAP_BRKPT SIGTRAP, set the siginfo_t addr field
to the PC where the breakpoint/singlestep trap occurred; this is
what the kernel does for this signal for this architecture.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210813131809.28655-3-peter.maydell@linaro.org> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Peter Maydell [Fri, 13 Aug 2021 13:18:03 +0000 (14:18 +0100)]
linux-user/aarch64: Set siginfo_t addr field for SIGTRAP signals
When generating a TRAP_BRKPT SIGTRAP, set the siginfo_t addr field
to the PC where the breakpoint/singlestep trap occurred; this is
what the kernel does for this signal for this architecture.
Fixes: Coverity 1459154 Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210813131809.28655-2-peter.maydell@linaro.org> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
tcg/riscv: Remove add with zero on user-only memory access
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
While we may have had some thought of allowing system-mode
to return from this hook, we have no guests that require this.
Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
tcg/mips: Allow JAL to be out of range in tcg_out_bswap_subr
Weaning off of unique alignment requirements, so allow JAL
to not reach the target. TCG_TMP1 is always available for
use as a scratch because it is clobbered by the subroutine
being called.
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Commit 372579427a5 ("tcg: enable thread-per-vCPU") added the following
comment describing EXCP_HALTED in qemu_tcg_cpu_thread_fn():
case EXCP_HALTED:
/* during start-up the vCPU is reset and the thread is
* kicked several times. If we don't ensure we go back
* to sleep in the halted state we won't cleanly
* start-up when the vCPU is enabled.
*
* cpu->halted should ensure we sleep in wait_io_event
*/
g_assert(cpu->halted);
break;
qemu_wait_io_event() is sysemu-specific, so we can restrict the
cpu_handle_halt() call in cpu_exec() to system emulation.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210912172731.789788-2-f4bug@amsat.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
There is nothing target specific about this. The implementation
is host specific, but the declaration is 100% common.
Reviewed-By: Warner Losh <imp@bsdimp.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Merge remote-tracking branch 'remotes/alistair23/tags/pull-riscv-to-apply-20210921' into staging
Second RISC-V PR for QEMU 6.2
- ePMP CSR address updates
- Convert internal interrupts to use QEMU GPIO lines
- SiFive PWM support
- Support for RISC-V ACLINT
- SiFive PDMA fixes
- Update to u-boot instructions for sifive_u
- mstatus.SD bug fix for hypervisor extensions
- OpenTitan fix for USB dev address
# gpg: Signature made Mon 20 Sep 2021 11:52:26 PM PDT
# gpg: using RSA key F6C4AC46D4934868D3B8CE8F21E10D29DF977054
# gpg: Good signature from "Alistair Francis <alistair@alistair23.me>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: F6C4 AC46 D493 4868 D3B8 CE8F 21E1 0D29 DF97 7054
* remotes/alistair23/tags/pull-riscv-to-apply-20210921: (21 commits)
hw/riscv: opentitan: Correct the USB Dev address
target/riscv: csr: Rename HCOUNTEREN_CY and friends
target/riscv: Backup/restore mstatus.SD bit when virtual register swapped
docs/system/riscv: sifive_u: Update U-Boot instructions
hw/dma: sifive_pdma: don't set Control.error if 0 bytes to transfer
hw/dma: sifive_pdma: allow non-multiple transaction size transactions
hw/dma: sifive_pdma: claim bit must be set before DMA transactions
hw/dma: sifive_pdma: reset Next* registers when Control.claim is set
hw/riscv: virt: Add optional ACLINT support to virt machine
hw/riscv: virt: Re-factor FDT generation
hw/intc: Upgrade the SiFive CLINT implementation to RISC-V ACLINT
hw/intc: Rename sifive_clint sources to riscv_aclint sources
sifive_u: Connect the SiFive PWM device
hw/timer: Add SiFive PWM support
hw/intc: ibex_timer: Convert the timer to use RISC-V CPU GPIO lines
hw/intc: sifive_plic: Convert the PLIC to use RISC-V CPU GPIO lines
hw/intc: ibex_plic: Convert the PLIC to use RISC-V CPU GPIO lines
hw/intc: sifive_clint: Use RISC-V CPU GPIO lines
target/riscv: Expose interrupt pending bits as GPIO lines
target/riscv: Fix satp write
...
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Peter Maydell [Tue, 21 Sep 2021 15:32:19 +0000 (16:32 +0100)]
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20210921' into staging
target-arm queue:
* Optimize codegen for MVE when predication not active
* hvf: Add Apple Silicon support
* hw/intc: Set GIC maintenance interrupt level to only 0 or 1
* Fix mishandling of MVE FPSCR.LTPSIZE reset for usermode emulator
* elf2dmp: Fix coverity nits
Peter Maydell [Mon, 13 Sep 2021 09:54:40 +0000 (10:54 +0100)]
target/arm: Optimize MVE 1op-immediate insns
Optimize the MVE 1op-immediate insns (VORR, VBIC, VMOV) to
use TCG vector ops when possible.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210913095440.13462-13-peter.maydell@linaro.org
Peter Maydell [Mon, 13 Sep 2021 09:54:39 +0000 (10:54 +0100)]
target/arm: Optimize MVE VSLI and VSRI
Optimize the MVE shift-and-insert insns by using TCG
vector ops when possible.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210913095440.13462-12-peter.maydell@linaro.org
Peter Maydell [Mon, 13 Sep 2021 09:54:38 +0000 (10:54 +0100)]
target/arm: Optimize MVE VSHLL and VMOVL
Optimize the MVE VSHLL insns by using TCG vector ops when possible.
This includes the VMOVL insn, which we handle in mve.decode as "VSHLL
with zero shift count".
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210913095440.13462-11-peter.maydell@linaro.org
Peter Maydell [Mon, 13 Sep 2021 09:54:37 +0000 (10:54 +0100)]
target/arm: Optimize MVE VSHL, VSHR immediate forms
Optimize the MVE VSHL and VSHR immediate forms by using TCG vector
ops when possible.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210913095440.13462-10-peter.maydell@linaro.org
Peter Maydell [Mon, 13 Sep 2021 09:54:36 +0000 (10:54 +0100)]
target/arm: Optimize MVE VMVN
Optimize the MVE VMVN insn by using TCG vector ops when possible.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210913095440.13462-9-peter.maydell@linaro.org
Peter Maydell [Mon, 13 Sep 2021 09:54:35 +0000 (10:54 +0100)]
target/arm: Optimize MVE VDUP
Optimize the MVE VDUP insns by using TCG vector ops when possible.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210913095440.13462-8-peter.maydell@linaro.org
Peter Maydell [Mon, 13 Sep 2021 09:54:34 +0000 (10:54 +0100)]
target/arm: Optimize MVE VNEG, VABS
Optimize the MVE VNEG and VABS insns by using TCG
vector ops when possible.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210913095440.13462-7-peter.maydell@linaro.org
Peter Maydell [Mon, 13 Sep 2021 09:54:33 +0000 (10:54 +0100)]
target/arm: Optimize MVE arithmetic ops
Optimize MVE arithmetic ops when we have a TCG
vector operation we can use.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210913095440.13462-6-peter.maydell@linaro.org
Peter Maydell [Mon, 13 Sep 2021 09:54:32 +0000 (10:54 +0100)]
target/arm: Optimize MVE logic ops
When not predicating, implement the MVE bitwise logical insns
directly using TCG vector operations.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210913095440.13462-5-peter.maydell@linaro.org
Peter Maydell [Mon, 13 Sep 2021 09:54:31 +0000 (10:54 +0100)]
target/arm: Add TB flag for "MVE insns not predicated"
Our current codegen for MVE always calls out to helper functions,
because some byte lanes might be predicated. The common case is that
in fact there is no predication active and all lanes should be
updated together, so we can produce better code by detecting that and
using the TCG generic vector infrastructure.
Add a TB flag that is set when we can guarantee that there is no
active MVE predication, and a bool in the DisasContext. Subsequent
patches will use this flag to generate improved code for some
instructions.
In most cases when the predication state changes we simply end the TB
after that instruction. For the code called from vfp_access_check()
that handles lazy state preservation and creating a new FP context,
we can usually avoid having to try to end the TB because luckily the
new value of the flag following the register changes in those
sequences doesn't depend on any runtime decisions. We do have to end
the TB if the guest has enabled lazy FP state preservation but not
automatic state preservation, but this is an odd corner case that is
not going to be common in real-world code.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210913095440.13462-4-peter.maydell@linaro.org
Peter Maydell [Mon, 13 Sep 2021 09:54:30 +0000 (10:54 +0100)]
target/arm: Enforce that FPDSCR.LTPSIZE is 4 on inbound migration
Architecturally, for an M-profile CPU with the LOB feature the
LTPSIZE field in FPDSCR is always constant 4. QEMU's implementation
enforces this everywhere, except that we don't check that it is true
in incoming migration data.
We're going to add come in gen_update_fp_context() which relies on
the "always 4" property. Since this is TCG-only, we don't actually
need to be robust to bogus incoming migration data, and the effect of
it being wrong would be wrong code generation rather than a QEMU
crash; but if it did ever happen somehow it would be very difficult
to track down the cause. Add a check so that we fail the inbound
migration if the FPDSCR.LTPSIZE value is incorrect.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210913095440.13462-3-peter.maydell@linaro.org
Peter Maydell [Mon, 13 Sep 2021 09:54:29 +0000 (10:54 +0100)]
target/arm: Avoid goto_tb if we're trying to exit to the main loop
Currently gen_jmp_tb() assumes that if it is called then the jump it
is handling is the only reason that we might be trying to end the TB,
so it will use goto_tb if it can. This is usually the case: mostly
"we did something that means we must end the TB" happens on a
non-branch instruction. However, there are cases where we decide
early in handling an instruction that we need to end the TB and
return to the main loop, and then the insn is a complex one that
involves gen_jmp_tb(). For instance, for M-profile FP instructions,
in gen_preserve_fp_state() which is called from vfp_access_check() we
want to force an exit to the main loop if lazy state preservation is
active and we are in icount mode.
Make gen_jmp_tb() look at the current value of is_jmp, and only use
goto_tb if the previous is_jmp was DISAS_NEXT or DISAS_TOO_MANY.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210913095440.13462-2-peter.maydell@linaro.org
Alexander Graf [Thu, 16 Sep 2021 15:54:03 +0000 (17:54 +0200)]
hvf: arm: Add rudimentary PMC support
We can expose cycle counters on the PMU easily. To be as compatible as
possible, let's do so, but make sure we don't expose any other architectural
counters that we can not model yet.
This allows OSs to work that require PMU support.
Signed-off-by: Alexander Graf <agraf@csgraf.de> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20210916155404.86958-10-agraf@csgraf.de Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Alexander Graf [Thu, 16 Sep 2021 15:54:02 +0000 (17:54 +0200)]
arm: Add Hypervisor.framework build target
Now that we have all logic in place that we need to handle Hypervisor.framework
on Apple Silicon systems, let's add CONFIG_HVF for aarch64 as well so that we
can build it.
Signed-off-by: Alexander Graf <agraf@csgraf.de> Reviewed-by: Roman Bolshakov <r.bolshakov@yadro.com> Tested-by: Roman Bolshakov <r.bolshakov@yadro.com> (x86 only) Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Sergio Lopez <slp@redhat.com>
Message-id: 20210916155404.86958-9-agraf@csgraf.de Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Alexander Graf [Thu, 16 Sep 2021 15:54:01 +0000 (17:54 +0200)]
hvf: arm: Implement PSCI handling
We need to handle PSCI calls. Most of the TCG code works for us,
but we can simplify it to only handle aa64 mode and we need to
handle SUSPEND differently.
This patch takes the TCG code as template and duplicates it in HVF.
To tell the guest that we support PSCI 0.2 now, update the check in
arm_cpu_initfn() as well.
Signed-off-by: Alexander Graf <agraf@csgraf.de> Reviewed-by: Sergio Lopez <slp@redhat.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20210916155404.86958-8-agraf@csgraf.de Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Mon, 20 Sep 2021 09:21:08 +0000 (10:21 +0100)]
hvf: arm: Implement -cpu host
Now that we have working system register sync, we push more target CPU
properties into the virtual machine. That might be useful in some
situations, but is not the typical case that users want.
So let's add a -cpu host option that allows them to explicitly pass all
CPU capabilities of their host CPU into the guest.
Signed-off-by: Alexander Graf <agraf@csgraf.de> Acked-by: Roman Bolshakov <r.bolshakov@yadro.com> Reviewed-by: Sergio Lopez <slp@redhat.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20210916155404.86958-7-agraf@csgraf.de
[PMM: drop unnecessary #include line from .h file] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Sleep on WFI until the VTIMER is due but allow ourselves to be woken
up on IPI.
In this implementation IPI is blocked on the CPU thread at startup and
pselect() is used to atomically unblock the signal and begin sleeping.
The signal is sent unconditionally so there's no need to worry about
races between actually sleeping and the "we think we're sleeping"
state. It may lead to an extra wakeup but that's better than missing
it entirely.
Signed-off-by: Peter Collingbourne <pcc@google.com> Signed-off-by: Alexander Graf <agraf@csgraf.de> Acked-by: Roman Bolshakov <r.bolshakov@yadro.com> Reviewed-by: Sergio Lopez <slp@redhat.com>
Message-id: 20210916155404.86958-6-agraf@csgraf.de
[agraf: Remove unused 'set' variable, always advance PC on WFX trap,
support vm stop / continue operations and cntv offsets] Signed-off-by: Alexander Graf <agraf@csgraf.de> Acked-by: Roman Bolshakov <r.bolshakov@yadro.com> Reviewed-by: Sergio Lopez <slp@redhat.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Tue, 21 Sep 2021 12:58:09 +0000 (13:58 +0100)]
Merge remote-tracking branch 'remotes/legoater/tags/pull-aspeed-20210920' into staging
Aspeed patches :
* MAC enablement fixes (Guenter)
* Watchdog and pca9552 fixes (Andrew)
* GPIO fixes (Joel)
* AST2600A3 SoC and DPS310 models (Joel)
* New Fuji BMC machine (Peter)
# gpg: Signature made Mon 20 Sep 2021 07:51:23 BST
# gpg: using RSA key A0F66548F04895EBFE6B0B6051A343C7CFFBECA1
# gpg: Good signature from "Cédric Le Goater <clg@kaod.org>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: A0F6 6548 F048 95EB FE6B 0B60 51A3 43C7 CFFB ECA1
* remotes/legoater/tags/pull-aspeed-20210920:
hw/arm/aspeed: Add Fuji machine type
hw/arm/aspeed: Allow machine to set UART default
hw/arm/aspeed: Initialize AST2600 UART clock selection registers
arm/aspeed: Add DPS310 to Witherspoon and Rainier
hw/misc: Add Infineon DPS310 sensor model
aspeed: Emulate the AST2600A3
arm/aspeed: rainier: Add i2c eeproms and muxes
misc/pca9552: Fix LED status register indexing in pca955x_get_led()
hw: aspeed_gpio: Clarify GPIO controller name
hw: aspeed_gpio: Simplify 1.8V defines
watchdog: aspeed: Fix sequential control writes
watchdog: aspeed: Sanitize control register values
hw: arm: aspeed: Enable mac0/1 instead of mac1/2 for g220a
hw: arm: aspeed: Enable eth0 interface for aspeed-ast2600-evb
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Alistair Francis [Thu, 16 Sep 2021 04:37:38 +0000 (14:37 +1000)]
hw/riscv: opentitan: Correct the USB Dev address
Signed-off-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Message-id: d6cb4dfe75a2f536f217d7075b750ece3acb1535.1631767043.git.alistair.francis@wdc.com Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Bin Meng [Wed, 15 Sep 2021 08:46:01 +0000 (16:46 +0800)]
target/riscv: csr: Rename HCOUNTEREN_CY and friends
The macro name HCOUNTEREN_CY suggests it is for CSR HCOUNTEREN, but
in fact it applies to M-mode and S-mode CSR too. Rename these macros
to have the COUNTEREN_ prefix.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20210915084601.24304-1-bmeng.cn@gmail.com Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Frank Chang [Tue, 14 Sep 2021 01:37:15 +0000 (09:37 +0800)]
target/riscv: Backup/restore mstatus.SD bit when virtual register swapped
When virtual registers are swapped, mstatus.SD bit should also be
backed up/restored. Otherwise, mstatus.SD bit will be incorrectly kept
across the world switches.
Signed-off-by: Frank Chang <frank.chang@sifive.com> Reviewed-by: Vincent Chen <vincent.chen@sifive.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20210914013717.881430-1-frank.chang@sifive.com
[ Changes by AF:
- Convert variable to a uint64_t to fix clang error
] Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
In U-Boot v2021.07 release, there were 2 major changes for the
SiFive Unleashed board support:
- Board config name was changed from sifive_fu540_defconfig to
sifive_unleashed_defconfig
- The generic binman tool was used to generate the FIT image
(combination of U-Boot proper, DTB and OpenSBI firmware)
which make the existing U-Boot instructions out of date.
Update the doc with latest instructions.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20210911153431.10362-1-bmeng.cn@gmail.com Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Frank Chang <frank.chang@sifive.com> Tested-by: Max Hsu <max.hsu@sifive.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Tested-by: Bin Meng <bmeng.cn@gmail.com>
Message-id: 20210912130553.179501-5-frank.chang@sifive.com Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Green Wan <green.wan@sifive.com> Reviewed-by: Frank Chang <frank.chang@sifive.com> Tested-by: Max Hsu <max.hsu@sifive.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Tested-by: Bin Meng <bmeng.cn@gmail.com> Signed-off-by: Frank Chang <frank.chang@sifive.com>
Message-id: 20210912130553.179501-4-frank.chang@sifive.com Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Frank Chang [Sun, 12 Sep 2021 13:05:46 +0000 (21:05 +0800)]
hw/dma: sifive_pdma: claim bit must be set before DMA transactions
Real PDMA must have Control.claim bit to be set before
Control.run bit is set to start any DMA transactions.
Otherwise nothing will be transferred.
The following result is PDMA tested in U-Boot on Unmatched board:
=> mw.l 0x3000000 0x0 <= Disclaim channel 0
(Channel 0 is not claimed)
=> mw.l 0x3000004 0x55000000 <= wsize = rsize = 5 (2^5 = 32 bytes)
=> mw.q 0x3000008 0x2 <= NextBytes = 2
=> mw.q 0x3000010 0x84000000 <= NextDestination = 0x84000000
=> mw.q 0x3000018 0x84001000 <= NextSource = 0x84001000
=> mw.l 0x84000000 0x87654321 <= Fill test data to dst
=> mw.l 0x84001000 0x12345678 <= Fill test data to src
=> md.l 0x84000000 1; md.l 0x84001000 1 <= Dump src/dst memory contents 84000000: 87654321 !Ce. 84001000: 12345678 xV4.
=> md.l 0x3000000 8 <= Dump PDMA status 03000000: 00000000550000000000000200000000 .......U........ 03000010: 84000000000000008400100000000000 ................
=> mw.l 0x3000000 0x3 <= Set channel 0 run and claim bits
=> md.l 0x3000000 8 <= Dump PDMA status 03000000: 00000001660000000000000000000000 .......f........ 03000010: 00000000000000000000000000000000 ................
=> md.l 0x84000000 1; md.l 0x84001000 1 <= Dump src/dst memory contents 84000000: 87654321 !Ce. 84001000: 12345678 xV4.
Signed-off-by: Frank Chang <frank.chang@sifive.com> Tested-by: Max Hsu <max.hsu@sifive.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Tested-by: Bin Meng <bmeng.cn@gmail.com>
Message-id: 20210912130553.179501-3-frank.chang@sifive.com Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Frank Chang [Sun, 12 Sep 2021 13:05:45 +0000 (21:05 +0800)]
hw/dma: sifive_pdma: reset Next* registers when Control.claim is set
Setting Control.claim clears all of the chanel's Next registers.
This is effective only when Control.claim is set from 0 to 1.
Signed-off-by: Frank Chang <frank.chang@sifive.com> Tested-by: Max Hsu <max.hsu@sifive.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Tested-by: Bin Meng <bmeng.cn@gmail.com>
Message-id: 20210912130553.179501-2-frank.chang@sifive.com Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Anup Patel [Tue, 31 Aug 2021 11:06:02 +0000 (16:36 +0530)]
hw/riscv: virt: Re-factor FDT generation
We re-factor and break the FDT generation into smaller functions
so that it is easier to modify FDT generation for different
configurations of virt machine.
Signed-off-by: Anup Patel <anup.patel@wdc.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Message-id: 20210831110603.338681-4-anup.patel@wdc.com Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Anup Patel [Tue, 31 Aug 2021 11:06:01 +0000 (16:36 +0530)]
hw/intc: Upgrade the SiFive CLINT implementation to RISC-V ACLINT
The RISC-V ACLINT is more modular and backward compatible with
original SiFive CLINT so instead of duplicating the original
SiFive CLINT implementation we upgrade the current SiFive CLINT
implementation to RISC-V ACLINT implementation.
Signed-off-by: Anup Patel <anup.patel@wdc.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Message-id: 20210831110603.338681-3-anup.patel@wdc.com Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Alistair Francis [Mon, 30 Aug 2021 05:35:15 +0000 (15:35 +1000)]
hw/intc: ibex_timer: Convert the timer to use RISC-V CPU GPIO lines
Instead of using riscv_cpu_update_mip() let's instead use the new RISC-V
CPU GPIO lines to set the timer MIP bits.
Signed-off-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 84d5b1d5783d2e79eee69a2f7ac480cc0c070db3.1630301632.git.alistair.francis@wdc.com
Alistair Francis [Mon, 30 Aug 2021 05:35:02 +0000 (15:35 +1000)]
hw/intc: sifive_plic: Convert the PLIC to use RISC-V CPU GPIO lines
Instead of using riscv_cpu_update_mip() let's instead use the new RISC-V
CPU GPIO lines to set the external MIP bits.
Signed-off-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Tested-by: Bin Meng <bmeng.cn@gmail.com>
Message-id: 0364190bfa935058a845c0fa1ecf650328840ad5.1630301632.git.alistair.francis@wdc.com
Alistair Francis [Mon, 30 Aug 2021 05:34:49 +0000 (15:34 +1000)]
hw/intc: ibex_plic: Convert the PLIC to use RISC-V CPU GPIO lines
Instead of using riscv_cpu_update_mip() let's instead use the new RISC-V
CPU GPIO lines to set the external MIP bits.
Signed-off-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 0a76946981852f5bd15f0c37ab35b253371027a8.1630301632.git.alistair.francis@wdc.com
Alistair Francis [Mon, 30 Aug 2021 05:34:36 +0000 (15:34 +1000)]
hw/intc: sifive_clint: Use RISC-V CPU GPIO lines
Instead of using riscv_cpu_update_mip() let's instead use the new RISC-V
CPU GPIO lines to set the timer and soft MIP bits.
Signed-off-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Tested-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Message-id: 946e1ef5e268b24084c7ddad84c146de62a56736.1630301632.git.alistair.francis@wdc.com
Alistair Francis [Mon, 30 Aug 2021 05:34:20 +0000 (15:34 +1000)]
target/riscv: Expose interrupt pending bits as GPIO lines
Expose the 12 interrupt pending bits in MIP as GPIO lines.
Signed-off-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Tested-by: Bin Meng <bmeng.cn@gmail.com>
Message-id: 069d6162f0bc2f4a4f5a44e73f6442b11c703c53.1630301632.git.alistair.francis@wdc.com
LIU Zhiwei [Wed, 1 Sep 2021 12:45:39 +0000 (20:45 +0800)]
target/riscv: Fix satp write
These variables should be target_ulong. If truncated to int,
the bool conditions they indicate will be wrong.
As satp is very important for Linux, this bug almost fails every boot.
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com> Reviewed-by: Bin Meng <bmeng.cn@gmail.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20210901124539.222868-1-zhiwei_liu@c-sky.com Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Peter Maydell [Mon, 20 Sep 2021 15:17:05 +0000 (16:17 +0100)]
Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging
# gpg: Signature made Fri 17 Sep 2021 09:17:32 BST
# gpg: using RSA key EF04965B398D6211
# gpg: Good signature from "Jason Wang (Jason Wang on RedHat) <jasowang@redhat.com>" [marginal]
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 215D 46F4 8246 689E C77F 3562 EF04 965B 398D 6211
* remotes/jasowang/tags/net-pull-request:
virtio-net: fix use after unmap/free for sg
ebpf: only include in system emulators
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Alexander Graf [Thu, 16 Sep 2021 15:53:57 +0000 (17:53 +0200)]
hvf: Introduce hvf_arch_init() callback
We will need to install a migration helper for the ARM hvf backend.
Let's introduce an arch callback for the overall hvf init chain to
do so.
Signed-off-by: Alexander Graf <agraf@csgraf.de> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20210916155404.86958-4-agraf@csgraf.de Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Alexander Graf [Thu, 16 Sep 2021 15:53:56 +0000 (17:53 +0200)]
hvf: Add execute to dirty log permission bitmap
Hvf's permission bitmap during and after dirty logging does not include
the HV_MEMORY_EXEC permission. At least on Apple Silicon, this leads to
instruction faults once dirty logging was enabled.
Add the bit to make it work properly.
Signed-off-by: Alexander Graf <agraf@csgraf.de> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20210916155404.86958-3-agraf@csgraf.de Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Alexander Graf [Thu, 16 Sep 2021 15:53:55 +0000 (17:53 +0200)]
arm: Move PMC register definitions to internals.h
We will need PMC register definitions in accel specific code later.
Move all constant definitions to common arm headers so we can reuse
them.
Signed-off-by: Alexander Graf <agraf@csgraf.de> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20210916155404.86958-2-agraf@csgraf.de Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
hw/intc: Set GIC maintenance interrupt level to only 0 or 1
During sbsa acs level 3 testing, it is seen that the GIC maintenance
interrupts are not triggered and the related test cases fail. This
is because we were incorrectly passing the value of the MISR register
(from maintenance_interrupt_state()) to qemu_set_irq() as the level
argument, whereas the device on the other end of this irq line
expects a 0/1 value.
Fix the logic to pass a 0/1 level indication, rather than a
0/not-0 value.
Fixes: c5fc89b36c0 ("hw/intc/arm_gicv3: Implement gicv3_cpuif_virt_update()") Signed-off-by: Shashi Mallela <shashi.mallela@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20210915205809.59068-1-shashi.mallela@linaro.org
[PMM: tweaked commit message; collapsed nested if()s into one] Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Peter Maydell [Mon, 20 Sep 2021 08:54:33 +0000 (09:54 +0100)]
target/arm: Consolidate ifdef blocks in reset
Move an ifndef CONFIG_USER_ONLY code block up in arm_cpu_reset() so
it can be merged with another earlier one.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210914120725.24992-4-peter.maydell@linaro.org
Peter Maydell [Mon, 20 Sep 2021 08:54:33 +0000 (09:54 +0100)]
target/arm: Always clear exclusive monitor on reset
There's no particular reason why the exclusive monitor should
be only cleared on reset in system emulation mode. It doesn't
hurt if it isn't cleared in user mode, but we might as well
reduce the amount of code we have that's inside an ifdef.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210914120725.24992-3-peter.maydell@linaro.org
Peter Maydell [Mon, 20 Sep 2021 08:54:33 +0000 (09:54 +0100)]
target/arm: Don't skip M-profile reset entirely in user mode
Currently all of the M-profile specific code in arm_cpu_reset() is
inside a !defined(CONFIG_USER_ONLY) ifdef block. This is
unintentional: it happened because originally the only
M-profile-specific handling was the setup of the initial SP and PC
from the vector table, which is system-emulation only. But then we
added a lot of other M-profile setup to the same "if (ARM_FEATURE_M)"
code block without noticing that it was all inside a not-user-mode
ifdef. This has generally been harmless, but with the addition of
v8.1M low-overhead-loop support we ran into a problem: the reset of
FPSCR.LTPSIZE to 4 was only being done for system emulation mode, so
if a user-mode guest tried to execute the LE instruction it would
incorrectly take a UsageFault.
Adjust the ifdefs so only the really system-emulation specific parts
are covered. Because this means we now run some reset code that sets
up initial values in the FPCCR and similar FPU related registers,
explicitly set up the registers controlling FPU context handling in
user-emulation mode so that the FPU works by design and not by
chance.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/613 Cc: qemu-stable@nongnu.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210914120725.24992-2-peter.maydell@linaro.org
Peter Maydell [Mon, 20 Sep 2021 08:54:32 +0000 (09:54 +0100)]
elf2dmp: Fail cleanly if PDB file specifies zero block_size
Coverity points out that if the PDB file we're trying to read
has a header specifying a block_size of zero then we will
end up trying to divide by zero in pdb_ds_read_file().
Check for this and fail cleanly instead.
Fixes: Coverity CID 1458869 Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Viktor Prutyanov <viktor.prutyanov@phystech.edu> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Viktor Prutyanov <viktor.prutyanov@phystech.edu>
Message-id: 20210910170656.366592-3-philmd@redhat.com
Message-Id: <20210901143910.17112-3-peter.maydell@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
I tested this by building a Fuji image from Facebook's OpenBMC repo,
booting, and ssh'ing from host-to-guest.
Signed-off-by: Peter Delevoryas <pdel@fb.com> Reviewed-by: Joel Stanley <joel@jms.id.au>
[ clg: On 32-bit hosts, lower RAM to 1G because of 2047 MB limit ]
Message-Id: <20210906133124.3674661-1-pdel@fb.com> Signed-off-by: Cédric Le Goater <clg@kaod.org>
The guest OS can read and write to the UART5 registers at 0x1E784000 and
it will receive from stdin and write to stdout. The Aspeed SoC's have a
lot more UART's though (AST2500 has 5, AST2600 has 13) and depending on
the board design, may be using any of them as the serial console. (See
"stdout-path" in a DTS to check which one is chosen).
Most boards, including all of those currently defined in
hw/arm/aspeed.c, just use UART5, but some use UART1. This change adds
some flexibility for different boards without requiring users to change
their command-line invocation of QEMU.
I tested this doesn't break existing code by booting an AST2500 OpenBMC
image and an AST2600 OpenBMC image, each using UART5 as the console.
Then I tested switching the default to UART1 and booting an AST2600
OpenBMC image that uses UART1, and that worked too.
Signed-off-by: Peter Delevoryas <pdel@fb.com> Reviewed-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20210901153615.2746885-2-pdel@fb.com> Signed-off-by: Cédric Le Goater <clg@kaod.org>
UART5 is typically used as the default debug UART on the AST2600, but
UART1 is also designed to be a debug UART. All the AST2600 UART's have
semi-configurable clock rates through registers in the System Control
Unit (SCU), but only UART5 works out of the box with zero-initialized
values. The rest of the UART's expect a few of the registers to be
initialized to non-zero values, or else the clock rate calculation will
yield zero or undefined (due to a divide-by-zero).
For reference, the U-Boot clock rate driver here shows the calculation:
To summarize, UART5 allows selection from 4 rates: 24 MHz, 192 MHz, 24 /
13 MHz, and 192 / 13 MHz. The other UART's allow selecting either the
"low" rate (UARTCLK) or the "high" rate (HUARTCLK). UARTCLK and HUARTCLK
are configurable themselves:
UXCLK and HUXCLK are also configurable, and depend on the APLL and/or
HPLL clock rates, which also derive from complicated calculations. Long
story short, there's lots of multiplication and division from
configurable registers, and most of these registers are zero-initialized
in QEMU, which at best is unexpected and at worst causes this clock rate
driver to hang from divide-by-zero's. This can also be difficult to
diagnose, because it may cause U-Boot to hang before serial console
initialization completes, requiring intervention from gdb.
This change just initializes all of these registers with default values
from the datasheet.
To test this, I used Facebook's AST2600 OpenBMC image for "fuji", with
the following diff applied (because fuji uses UART1 for console output,
not UART5).
/* UART - attach an 8250 to the IO space as our UART5 */
- serial_mm_init(get_system_memory(), sc->memmap[ASPEED_DEV_UART5], 2,
- aspeed_soc_get_irq(s, ASPEED_DEV_UART5),
+ serial_mm_init(get_system_memory(), sc->memmap[ASPEED_DEV_UART1], 2,
+ aspeed_soc_get_irq(s, ASPEED_DEV_UART1),
38400, serial_hd(0), DEVICE_LITTLE_ENDIAN);
/* I2C */
Without these clock rate registers being initialized, U-Boot hangs in
the clock rate driver from a divide-by-zero, because the UART1 clock
rate register reads return zero, and there's no console output. After
initializing them with default values, fuji boots successfully.
Signed-off-by: Peter Delevoryas <pdel@fb.com> Reviewed-by: Joel Stanley <joel@jms.id.au>
[ clg: Removed _PARAM suffix ]
Message-Id: <20210906134023.3711031-2-pdel@fb.com> Signed-off-by: Cédric Le Goater <clg@kaod.org>
Joel Stanley [Mon, 20 Sep 2021 06:50:59 +0000 (08:50 +0200)]
arm/aspeed: Add DPS310 to Witherspoon and Rainier
Witherspoon uses the DPS310 as a temperature sensor. Rainier uses it as
a temperature and humidity sensor.
Signed-off-by: Joel Stanley <joel@jms.id.au> Reviewed-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20210629142336.750058-5-clg@kaod.org> Signed-off-by: Cédric Le Goater <clg@kaod.org>
Joel Stanley [Mon, 20 Sep 2021 06:50:59 +0000 (08:50 +0200)]
hw/misc: Add Infineon DPS310 sensor model
This contains some hardcoded register values that were obtained from the
hardware after reading the temperature.
It does enough to test the Linux kernel driver. The FIFO mode, IRQs and
operation modes other than the default as used by Linux are not modelled.
Signed-off-by: Joel Stanley <joel@jms.id.au>
Message-Id: <20210616073358.750472-2-joel@jms.id.au>
[ clg: - Fixed sequential reading
- Reworked regs_reset_state array
- Moved model under hw/sensor/ ]
Message-Id: <20210629142336.750058-4-clg@kaod.org> Signed-off-by: Cédric Le Goater <clg@kaod.org>
Joel Stanley [Mon, 20 Sep 2021 06:50:59 +0000 (08:50 +0200)]
aspeed: Emulate the AST2600A3
This is the latest revision of the ASPEED 2600 SoC. As there is no
need to model multiple revisions of the same SoC for the moment,
update the SCU AST2600 to model the A3 revision instead of the A1 and
adapt the AST2600 SoC and machines.
Reset values are taken from v8 of the datasheet.
Signed-off-by: Joel Stanley <joel@jms.id.au>
[ clg: - Introduced an Aspeed "ast2600-a3" SoC class
- Commit log update ]
Message-Id: <20210629142336.750058-3-clg@kaod.org> Signed-off-by: Cédric Le Goater <clg@kaod.org>
Joel Stanley [Mon, 20 Sep 2021 06:50:59 +0000 (08:50 +0200)]
arm/aspeed: rainier: Add i2c eeproms and muxes
These are the devices documented by the Rainier device tree. With this
we can see the guest discovering the multiplexers and probing the eeprom
devices:
i2c i2c-2: Added multiplexed i2c bus 16
i2c i2c-2: Added multiplexed i2c bus 17
i2c i2c-2: Added multiplexed i2c bus 18
i2c i2c-2: Added multiplexed i2c bus 19
i2c-mux-gpio i2cmux: 4 port mux on 1e78a180.i2c-bus adapter
at24 20-0050: 8192 byte 24c64 EEPROM, writable, 1 bytes/write
i2c i2c-4: Added multiplexed i2c bus 20
at24 21-0051: 8192 byte 24c64 EEPROM, writable, 1 bytes/write
i2c i2c-4: Added multiplexed i2c bus 21
at24 22-0052: 8192 byte 24c64 EEPROM, writable, 1 bytes/write
Signed-off-by: Joel Stanley <joel@jms.id.au>
[ clg: Introduced aspeed_eeprom_init ]
Message-Id: <20210629142336.750058-2-clg@kaod.org> Signed-off-by: Cédric Le Goater <clg@kaod.org>
Andrew Jeffery [Mon, 20 Sep 2021 06:50:59 +0000 (08:50 +0200)]
misc/pca9552: Fix LED status register indexing in pca955x_get_led()
There was a bit of a thinko in the state calculation where every odd pin
in was reported in e.g. "pwm0" mode rather than "off". This was the
result of an incorrect bit shift for the 2-bit field representing each
LED state.
Fixes: a90d8f84674d ("misc/pca9552: Add qom set and get") Signed-off-by: Andrew Jeffery <andrew@aj.id.au> Reviewed-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20210723043624.348158-1-andrew@aj.id.au> Signed-off-by: Cédric Le Goater <clg@kaod.org>
Joel Stanley [Mon, 20 Sep 2021 06:50:59 +0000 (08:50 +0200)]
hw: aspeed_gpio: Clarify GPIO controller name
There are two GPIO controllers in the ast2600; one is 3.3V and the other
is 1.8V.
Signed-off-by: Joel Stanley <joel@jms.id.au> Reviewed-by: Rashmica Gupta <rashmica.g@gmail.com> Reviewed-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20210713065854.134634-4-joel@jms.id.au> Signed-off-by: Cédric Le Goater <clg@kaod.org>
Joel Stanley [Mon, 20 Sep 2021 06:50:59 +0000 (08:50 +0200)]
hw: aspeed_gpio: Simplify 1.8V defines
There's no need to define the registers relative to the 0x800 offset
where the controller is mapped, as the device is instantiated as it's
own model at the correct memory address.
Simplify the defines and remove the offset to save future confusion.
Signed-off-by: Joel Stanley <joel@jms.id.au> Reviewed-by: Rashmica Gupta <rashmica.g@gmail.com> Reviewed-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20210713065854.134634-3-joel@jms.id.au> Signed-off-by: Cédric Le Goater <clg@kaod.org>
Andrew Jeffery [Mon, 20 Sep 2021 06:50:59 +0000 (08:50 +0200)]
watchdog: aspeed: Fix sequential control writes
The logic in the handling for the control register required toggling the
enable state for writes to stick. Rework the condition chain to allow
sequential writes that do not update the enable state.
Fixes: 854123bf8d4b ("wdt: Add Aspeed watchdog device model") Signed-off-by: Andrew Jeffery <andrew@aj.id.au> Reviewed-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20210709053107.1829304-3-andrew@aj.id.au> Signed-off-by: Cédric Le Goater <clg@kaod.org>
Andrew Jeffery [Mon, 20 Sep 2021 06:50:59 +0000 (08:50 +0200)]
watchdog: aspeed: Sanitize control register values
While some of the critical fields remain the same, there is variation in
the definition of the control register across the SoC generations.
Reserved regions are adjusted, while in other cases the mutability or
behaviour of fields change.
Introduce a callback to sanitize the value on writes to ensure model
behaviour reflects the hardware.
Fixes: 854123bf8d4b ("wdt: Add Aspeed watchdog device model") Signed-off-by: Andrew Jeffery <andrew@aj.id.au> Reviewed-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20210709053107.1829304-2-andrew@aj.id.au> Signed-off-by: Cédric Le Goater <clg@kaod.org>
hw: arm: aspeed: Enable mac0/1 instead of mac1/2 for g220a
According to its dts file in the Linux kernel, we need mac0 and mac1 enabled
instead of mac1 and mac2. Also, g220a is based on aspeed-g5 (ast2500) which
doesn't even have the third interface.
Signed-off-by: Guenter Roeck <linux@roeck-us.net> Reviewed-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20210810035742.550391-1-linux@roeck-us.net> Signed-off-by: Cédric Le Goater <clg@kaod.org>
hw: arm: aspeed: Enable eth0 interface for aspeed-ast2600-evb
Commit 7582591ae7 ("aspeed: Support AST2600A1 silicon revision") switched
the silicon revision for AST2600 to revision A1. On revision A1, the first
Ethernet interface is operational. Enable it.
Signed-off-by: Guenter Roeck <linux@roeck-us.net> Reviewed-by: Joel Stanley <joel@jms.id.au> Reviewed-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20210808200457.889955-1-linux@roeck-us.net> Signed-off-by: Cédric Le Goater <clg@kaod.org>
Peter Maydell [Sun, 19 Sep 2021 17:53:29 +0000 (18:53 +0100)]
Merge remote-tracking branch 'remotes/dgilbert-gitlab/tags/pull-virtiofs-20210916' into staging
virtiofsd pull 2021-08-16
Two minor fixes; one for performance, the other seccomp
on s390x.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
# gpg: Signature made Thu 16 Sep 2021 14:51:38 BST
# gpg: using RSA key 45F5C71B4A0CB7FB977A9FA90516331EBC5BFDE7
# gpg: Good signature from "Dr. David Alan Gilbert (RH2) <dgilbert@redhat.com>" [full]
# Primary key fingerprint: 45F5 C71B 4A0C B7FB 977A 9FA9 0516 331E BC5B FDE7
* remotes/dgilbert-gitlab/tags/pull-virtiofs-20210916:
virtiofsd: Reverse req_list before processing it
tools/virtiofsd: Add fstatfs64 syscall to the seccomp allowlist
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Jason Wang [Thu, 2 Sep 2021 05:44:12 +0000 (13:44 +0800)]
virtio-net: fix use after unmap/free for sg
When mergeable buffer is enabled, we try to set the num_buffers after
the virtqueue elem has been unmapped. This will lead several issues,
E.g a use after free when the descriptor has an address which belongs
to the non direct access region. In this case we use bounce buffer
that is allocated during address_space_map() and freed during
address_space_unmap().
Fixing this by storing the elems temporarily in an array and delay the
unmap after we set the the num_buffers.
This addresses CVE-2021-3748.
Reported-by: Alexander Bulekov <alxndr@bu.edu> Fixes: fbe78f4f55c6 ("virtio-net support") Cc: qemu-stable@nongnu.org Signed-off-by: Jason Wang <jasowang@redhat.com>
Paolo Bonzini [Tue, 7 Sep 2021 10:45:12 +0000 (12:45 +0200)]
ebpf: only include in system emulators
eBPF files are being included in user emulators, which is useless and
also breaks compilation because ebpf/trace-events is only processed
if a system emulator is included in the build.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/566 Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com>
* remotes/vivier2/tags/linux-user-for-6.2-pull-request:
linux-user: Check lock_user result for ip_mreq_source sockopts
linux-user: Drop unneeded includes from qemu.h
linux-user: Don't include gdbstub.h in qemu.h
linux-user: Split linux-user internals out of qemu.h
linux-user: Split safe-syscall macro into its own header
linux-user: Split mmap prototypes into user-mmap.h
linux-user: Split loader-related prototypes into loader.h
linux-user: Split signal-related prototypes into signal-common.h
linux-user: Split strace prototypes into strace.h
linux-user: Fix coding style nits in qemu.h
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
John Snow [Thu, 16 Sep 2021 18:22:47 +0000 (14:22 -0400)]
python: Update for pylint 2.10
A few new annoyances. Of note is the new warning for an unspecified
encoding when opening a text file, which actually does indicate a
potentially real problem; see
https://www.python.org/dev/peps/pep-0597/#motivation
Use LC_CTYPE to determine an encoding to use for interpreting QEMU's
terminal output. Note that Python states: "language code and encoding
may be None if their values cannot be determined" -- use a platform
default as a backup.
Notes: Passing encoding=None will generate a suppressed warning on
Python 3.10+ that 'None' should not be passed as the encoding
argument. This behavior may be deprecated in the future and the default
switched to be a ubiquitous UTF-8. Opting in to the locale default will
be done by passing the encoding 'locale', but that isn't available in
3.6 through 3.9. Presumably this warning will be unsuppressed some time
prior to the actual switch and we can re-investigate these issues at
that time if necessary.
Signed-off-by: John Snow <jsnow@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Reviewed-by: Willian Rampazzo <willianr@redhat.com>
Message-id: 20210916182248.721529-2-jsnow@redhat.com Signed-off-by: John Snow <jsnow@redhat.com>
Peter Maydell [Mon, 9 Aug 2021 15:54:24 +0000 (16:54 +0100)]
linux-user: Check lock_user result for ip_mreq_source sockopts
In do_setsockopt(), the code path for the options which take a struct
ip_mreq_source (IP_BLOCK_SOURCE, IP_UNBLOCK_SOURCE,
IP_ADD_SOURCE_MEMBERSHIP and IP_DROP_SOURCE_MEMBERSHIP) fails to
check the return value from lock_user(). Handle this in the usual
way by returning -TARGET_EFAULT.
(In practice this was probably harmless because we'd pass a NULL
pointer to setsockopt() and the kernel would then return EFAULT.)
projects / mirror_qemu.git / log