From 21d64275adbc5655214659cb454f5476cb3c363b Mon Sep 17 00:00:00 2001 From: Thomas Huth Date: Tue, 16 Jan 2018 13:15:55 +0100 Subject: [PATCH 01/12] default-configs/ppc64-softmmu: Include 32-bit configs instead of copying them qemu-softmmu-ppc64 is supposed to be a superset of qemu-softmmu-ppc. However, instead of simply including the 32-bit config file, we've duplicated all CONFIG_xxx settings there instead. This way, we've missed some CONFIG switches in ppc64-softmmu.mak which were only added to the 32-bit config file (e.g. CONFIG_SUNGEM). Let's fix this problem by including the 32-bit config file into the 64-bit config file instead of duplicating all the CONFIG switches there. Signed-off-by: Thomas Huth Signed-off-by: David Gibson --- default-configs/ppc64-softmmu.mak | 61 ++++--------------------------- 1 file changed, 8 insertions(+), 53 deletions(-) diff --git a/default-configs/ppc64-softmmu.mak b/default-configs/ppc64-softmmu.mak index d1b3a6dd50..b94af6c7c6 100644 --- a/default-configs/ppc64-softmmu.mak +++ b/default-configs/ppc64-softmmu.mak @@ -1,64 +1,19 @@ # Default configuration for ppc64-softmmu -include pci.mak -include sound.mak -include usb.mak -CONFIG_PPC4XX=y -CONFIG_VIRTIO_VGA=y -CONFIG_ESCC=y -CONFIG_M48T59=y +# Include all 32-bit boards +include ppc-softmmu.mak + +# For PowerNV +CONFIG_POWERNV=y CONFIG_IPMI=y CONFIG_IPMI_LOCAL=y CONFIG_IPMI_EXTERN=y CONFIG_ISA_IPMI_BT=y -CONFIG_SERIAL=y -CONFIG_PARALLEL=y -CONFIG_I8254=y -CONFIG_PCKBD=y -CONFIG_FDC=y -CONFIG_I8257=y -CONFIG_I82374=y -CONFIG_OPENPIC=y -CONFIG_PREP_PCI=y -CONFIG_I82378=y -CONFIG_PC87312=y -CONFIG_MACIO=y -CONFIG_PCSPK=y -CONFIG_CUDA=y -CONFIG_ADB=y -CONFIG_MAC_NVRAM=y -CONFIG_MAC_DBDMA=y -CONFIG_HEATHROW_PIC=y -CONFIG_GRACKLE_PCI=y -CONFIG_UNIN_PCI=y -CONFIG_DEC_PCI=y -CONFIG_PPCE500_PCI=y -CONFIG_IDE_ISA=y -CONFIG_IDE_CMD646=y -CONFIG_IDE_MACIO=y -CONFIG_NE2000_ISA=y -CONFIG_PFLASH_CFI01=y -CONFIG_PFLASH_CFI02=y -CONFIG_PTIMER=y -CONFIG_I8259=y -CONFIG_XILINX=y -CONFIG_XILINX_ETHLITE=y -CONFIG_PSERIES=y -CONFIG_POWERNV=y -CONFIG_PREP=y -CONFIG_MAC=y -CONFIG_E500=y -CONFIG_OPENPIC_KVM=$(call land,$(CONFIG_E500),$(CONFIG_KVM)) -CONFIG_PLATFORM_BUS=y -CONFIG_ETSEC=y -CONFIG_SM501=y + # For pSeries +CONFIG_PSERIES=y +CONFIG_VIRTIO_VGA=y CONFIG_XICS=$(CONFIG_PSERIES) CONFIG_XICS_SPAPR=$(CONFIG_PSERIES) CONFIG_XICS_KVM=$(call land,$(CONFIG_PSERIES),$(CONFIG_KVM)) -# For PReP -CONFIG_SERIAL_ISA=y -CONFIG_MC146818RTC=y -CONFIG_ISA_TESTDEV=y CONFIG_MEM_HOTPLUG=y -CONFIG_RS6000_MC=y From 70218555a334c2ec2aedf0ae8dc8a6f83dc82714 Mon Sep 17 00:00:00 2001 From: Thomas Huth Date: Tue, 16 Jan 2018 13:15:56 +0100 Subject: [PATCH 02/12] default-configs/ppc-softmmu: Restructure the switches according to the machines Order the CONFIG switches in ppc-softmmu.mak according to the machine classes where they are used (embedded, Mac or PReP), so that it is easier for the users to disable a set of switches completely if they are not needed. Also add the missing CONFIG_IDE_SII3112 switch to the embedded section which was previously only added to ppcemb-softmmu.mak. And while we're at it, also remove the CONFIG_IDE_CMD646 switch since this controller does not seem to be used by any ppc machine in QEMU. Signed-off-by: Thomas Huth Signed-off-by: David Gibson --- default-configs/ppc-softmmu.mak | 61 ++++++++++++++++++--------------- 1 file changed, 33 insertions(+), 28 deletions(-) diff --git a/default-configs/ppc-softmmu.mak b/default-configs/ppc-softmmu.mak index bb225c6e46..3baed6a8fd 100644 --- a/default-configs/ppc-softmmu.mak +++ b/default-configs/ppc-softmmu.mak @@ -3,24 +3,32 @@ include pci.mak include sound.mak include usb.mak + +# For embedded PPCs: CONFIG_PPC4XX=y -CONFIG_ESCC=y CONFIG_M48T59=y CONFIG_SERIAL=y -CONFIG_PARALLEL=y -CONFIG_I8254=y -CONFIG_PCKBD=y -CONFIG_FDC=y CONFIG_I8257=y -CONFIG_I82374=y CONFIG_OPENPIC=y -CONFIG_PREP_PCI=y -CONFIG_I82378=y -CONFIG_PC87312=y +CONFIG_PPCE500_PCI=y +CONFIG_PFLASH_CFI01=y +CONFIG_PFLASH_CFI02=y +CONFIG_PTIMER=y +CONFIG_I8259=y +CONFIG_XILINX=y +CONFIG_XILINX_ETHLITE=y +CONFIG_E500=y +CONFIG_OPENPIC_KVM=$(call land,$(CONFIG_E500),$(CONFIG_KVM)) +CONFIG_PLATFORM_BUS=y +CONFIG_ETSEC=y +CONFIG_SM501=y +CONFIG_IDE_SII3112=y + +# For Macs +CONFIG_MAC=y +CONFIG_ESCC=y CONFIG_MACIO=y CONFIG_SUNGEM=y -CONFIG_PCSPK=y -CONFIG_CS4231A=y CONFIG_CUDA=y CONFIG_ADB=y CONFIG_MAC_NVRAM=y @@ -29,26 +37,23 @@ CONFIG_HEATHROW_PIC=y CONFIG_GRACKLE_PCI=y CONFIG_UNIN_PCI=y CONFIG_DEC_PCI=y -CONFIG_PPCE500_PCI=y -CONFIG_IDE_ISA=y -CONFIG_IDE_CMD646=y CONFIG_IDE_MACIO=y -CONFIG_NE2000_ISA=y -CONFIG_PFLASH_CFI01=y -CONFIG_PFLASH_CFI02=y -CONFIG_PTIMER=y -CONFIG_I8259=y -CONFIG_XILINX=y -CONFIG_XILINX_ETHLITE=y -CONFIG_PREP=y -CONFIG_MAC=y -CONFIG_E500=y -CONFIG_OPENPIC_KVM=$(call land,$(CONFIG_E500),$(CONFIG_KVM)) -CONFIG_PLATFORM_BUS=y -CONFIG_ETSEC=y -CONFIG_SM501=y + # For PReP +CONFIG_PREP=y +CONFIG_PREP_PCI=y CONFIG_SERIAL_ISA=y CONFIG_MC146818RTC=y CONFIG_ISA_TESTDEV=y CONFIG_RS6000_MC=y +CONFIG_PARALLEL=y +CONFIG_I82374=y +CONFIG_I82378=y +CONFIG_I8254=y +CONFIG_PCKBD=y +CONFIG_FDC=y +CONFIG_NE2000_ISA=y +CONFIG_PC87312=y +CONFIG_PCSPK=y +CONFIG_IDE_ISA=y +CONFIG_CS4231A=y From f8567a11fb63d62644dfdf1e8ca34a5b3235046f Mon Sep 17 00:00:00 2001 From: Thomas Huth Date: Tue, 16 Jan 2018 13:15:57 +0100 Subject: [PATCH 03/12] hw/ppc/Makefile: Add a way to disable the PPC4xx boards We've got the config switch CONFIG_PPC4XX, so we should use it in the Makefile accordingly and only include the PPC4xx boards if this switch has been enabled. (Note: Unfortunately, the files ppc4xx_devs.c and ppc405_uc.c still have to be included in the build anyway to fulfil some complicated linker dependencies ... so these are subject to a more thourough clean-up later) Signed-off-by: Thomas Huth Signed-off-by: David Gibson --- hw/ppc/Makefile.objs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hw/ppc/Makefile.objs b/hw/ppc/Makefile.objs index 1faff853b7..ad1928c5d8 100644 --- a/hw/ppc/Makefile.objs +++ b/hw/ppc/Makefile.objs @@ -12,8 +12,8 @@ obj-y += spapr_pci_vfio.o endif obj-$(CONFIG_PSERIES) += spapr_rtas_ddw.o # PowerPC 4xx boards -obj-y += ppc405_boards.o ppc4xx_devs.o ppc405_uc.o ppc440_bamboo.o -obj-y += ppc4xx_pci.o +obj-y += ppc4xx_devs.o ppc405_uc.o +obj-$(CONFIG_PPC4XX) += ppc4xx_pci.o ppc405_boards.o ppc440_bamboo.o # PReP obj-$(CONFIG_PREP) += prep.o obj-$(CONFIG_PREP) += prep_systemio.o From 1414c75d54e0e8769129beb92bc784338090afda Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9dric=20Le=20Goater?= Date: Tue, 16 Jan 2018 08:41:55 +0100 Subject: [PATCH 04/12] target/ppc: fix doorbell and hypervisor doorbell definitions MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit commit f03a1af581b9 ("ppc: Fix POWER7 and POWER8 exception definitions") introduced definitions for the server doorbell exceptions by reusing the embedded definitions but this adds complexity in the powerpc_excp() routine. Let's introduce specific definitions for the Server doorbells exception. Signed-off-by: Cédric Le Goater Signed-off-by: David Gibson --- target/ppc/cpu.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/target/ppc/cpu.h b/target/ppc/cpu.h index 14aaa87fe8..b8f4dfc108 100644 --- a/target/ppc/cpu.h +++ b/target/ppc/cpu.h @@ -140,9 +140,6 @@ enum { POWERPC_EXCP_HYPPRIV = 41, /* Embedded hypervisor priv instruction */ /* Vectors 42 to 63 are reserved */ /* Exceptions defined in the PowerPC server specification */ - /* Server doorbell variants */ -#define POWERPC_EXCP_SDOOR POWERPC_EXCP_GDOORI -#define POWERPC_EXCP_SDOOR_HV POWERPC_EXCP_DOORI POWERPC_EXCP_RESET = 64, /* System reset exception */ POWERPC_EXCP_DSEG = 65, /* Data segment exception */ POWERPC_EXCP_ISEG = 66, /* Instruction segment exception */ @@ -189,8 +186,11 @@ enum { POWERPC_EXCP_HV_EMU = 96, /* HV emulation assistance */ POWERPC_EXCP_HV_MAINT = 97, /* HMI */ POWERPC_EXCP_HV_FU = 98, /* Hypervisor Facility unavailable */ + /* Server doorbell variants */ + POWERPC_EXCP_SDOOR = 99, + POWERPC_EXCP_SDOOR_HV = 100, /* EOL */ - POWERPC_EXCP_NB = 99, + POWERPC_EXCP_NB = 101, /* QEMU exceptions: used internally during code translation */ POWERPC_EXCP_STOP = 0x200, /* stop translation */ POWERPC_EXCP_BRANCH = 0x201, /* branch instruction */ From ebca5e6d5ec2f1cf6c886a114e161261af28dc0a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9dric=20Le=20Goater?= Date: Tue, 16 Jan 2018 08:41:56 +0100 Subject: [PATCH 05/12] target/ppc: msgsnd and msgclr instructions need hypervisor privilege MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Cédric Le Goater Signed-off-by: David Gibson --- target/ppc/translate.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/target/ppc/translate.c b/target/ppc/translate.c index 0ef21cce33..396f422cf4 100644 --- a/target/ppc/translate.c +++ b/target/ppc/translate.c @@ -6174,7 +6174,7 @@ static void gen_msgclr(DisasContext *ctx) #if defined(CONFIG_USER_ONLY) GEN_PRIV; #else - CHK_SV; + CHK_HV; gen_helper_msgclr(cpu_env, cpu_gpr[rB(ctx->opcode)]); #endif /* defined(CONFIG_USER_ONLY) */ } @@ -6184,7 +6184,7 @@ static void gen_msgsnd(DisasContext *ctx) #if defined(CONFIG_USER_ONLY) GEN_PRIV; #else - CHK_SV; + CHK_HV; gen_helper_msgsnd(cpu_gpr[rB(ctx->opcode)]); #endif /* defined(CONFIG_USER_ONLY) */ } From bc8772835f7ac72b075803e4c0e00e1af87eba77 Mon Sep 17 00:00:00 2001 From: Greg Kurz Date: Wed, 17 Jan 2018 10:20:27 +0100 Subject: [PATCH 06/12] spapr: drop duplicate variable in spapr_core_plug() A variable is already defined at the begining of the function to hold a pointer to the CPU core object: sPAPRCPUCore *core = SPAPR_CPU_CORE(OBJECT(dev)); No need to define it again in the pre-2.10 compatibility code snipplet. Signed-off-by: Greg Kurz Signed-off-by: David Gibson --- hw/ppc/spapr.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c index a781dd22e7..fe38c56ff3 100644 --- a/hw/ppc/spapr.c +++ b/hw/ppc/spapr.c @@ -3357,9 +3357,7 @@ static void spapr_core_plug(HotplugHandler *hotplug_dev, DeviceState *dev, int i; for (i = 0; i < cc->nr_threads; i++) { - sPAPRCPUCore *sc = SPAPR_CPU_CORE(dev); - - cs = CPU(sc->threads[i]); + cs = CPU(core->threads[i]); pre_2_10_vmstate_unregister_dummy_icp(cs->cpu_index); } } From 9012a53f067a78022947e18050b145c34a3dc599 Mon Sep 17 00:00:00 2001 From: Greg Kurz Date: Wed, 17 Jan 2018 10:20:42 +0100 Subject: [PATCH 07/12] spapr: fix device tree properties when using compatibility mode Commit 51f84465dd98 changed the compatility mode setting logic: - machine reset only sets compatibility mode for the boot CPU - compatibility mode is set for other CPUs when they are put online by the guest with the "start-cpu" RTAS call This causes a regression for machines started with max-compat-cpu: the device tree nodes related to secondary CPU cores contain wrong "cpu-version" and "ibm,pa-features" values, as shown below. Guest started on a POWER8 host with: -smp cores=2 -machine pseries,max-cpu-compat=compat7 ibm,pa-features = [18 00 f6 3f c7 c0 80 f0 80 00 00 00 00 00 00 00 00 00 80 00 80 00 80 00 00 00]; cpu-version = <0x4d0200>; ^^^ second CPU core ibm,pa-features = <0x600f63f 0xc70080c0>; cpu-version = <0xf000003>; ^^^ boot CPU core The second core is advertised in raw POWER8 mode. This happens because CAS assumes all CPUs to have the same compatibility mode. Since the boot CPU already has the requested compatibility mode, the CAS code does not set it for the secondary one, and exposes the bogus device tree properties in in the CAS response to the guest. A similar situation is observed when hot-plugging a CPU core. The related device tree properties are generated and exposed to guest with the "ibm,configure-connector" RTAS before "start-cpu" is called. The CPU core is advertised to the guest in raw mode as well. It both cases, it boils down to the fact that "start-cpu" happens too late. This can be fixed globally by propagating the compatibility mode of the boot CPU to the other CPUs during reset. For this to work, the compatibility mode of the boot CPU must be set before the machine code actually resets all CPUs. It is not needed to set the compatibility mode in "start-cpu" anymore, so the code is dropped. Fixes: 51f84465dd98 Signed-off-by: Greg Kurz Signed-off-by: David Gibson --- hw/ppc/spapr.c | 18 +++++++++--------- hw/ppc/spapr_cpu_core.c | 7 +++++++ hw/ppc/spapr_rtas.c | 9 --------- 3 files changed, 16 insertions(+), 18 deletions(-) diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c index fe38c56ff3..88a78d31eb 100644 --- a/hw/ppc/spapr.c +++ b/hw/ppc/spapr.c @@ -1484,6 +1484,15 @@ static void spapr_machine_reset(void) spapr_setup_hpt_and_vrma(spapr); } + /* if this reset wasn't generated by CAS, we should reset our + * negotiated options and start from scratch */ + if (!spapr->cas_reboot) { + spapr_ovec_cleanup(spapr->ov5_cas); + spapr->ov5_cas = spapr_ovec_new(); + + ppc_set_compat(first_ppc_cpu, spapr->max_compat_pvr, &error_fatal); + } + qemu_devices_reset(); /* DRC reset may cause a device to be unplugged. This will cause troubles @@ -1504,15 +1513,6 @@ static void spapr_machine_reset(void) rtas_addr = rtas_limit - RTAS_MAX_SIZE; fdt_addr = rtas_addr - FDT_MAX_SIZE; - /* if this reset wasn't generated by CAS, we should reset our - * negotiated options and start from scratch */ - if (!spapr->cas_reboot) { - spapr_ovec_cleanup(spapr->ov5_cas); - spapr->ov5_cas = spapr_ovec_new(); - - ppc_set_compat(first_ppc_cpu, spapr->max_compat_pvr, &error_fatal); - } - fdt = spapr_build_fdt(spapr, rtas_addr, spapr->rtas_size); spapr_load_rtas(spapr, fdt, rtas_addr); diff --git a/hw/ppc/spapr_cpu_core.c b/hw/ppc/spapr_cpu_core.c index ac19b2e0b7..590d167b04 100644 --- a/hw/ppc/spapr_cpu_core.c +++ b/hw/ppc/spapr_cpu_core.c @@ -44,6 +44,13 @@ static void spapr_cpu_reset(void *opaque) if (cs != first_cpu) { env->spr[SPR_LPCR] &= ~pcc->lpcr_pm; } + + /* Set compatibility mode to match the boot CPU, which was either set + * by the machine reset code or by CAS. This should never fail. + */ + if (cs != first_cpu) { + ppc_set_compat(cpu, POWERPC_CPU(first_cpu)->compat_pvr, &error_abort); + } } static void spapr_cpu_destroy(PowerPCCPU *cpu) diff --git a/hw/ppc/spapr_rtas.c b/hw/ppc/spapr_rtas.c index 2b89e1d448..4bb939d3d1 100644 --- a/hw/ppc/spapr_rtas.c +++ b/hw/ppc/spapr_rtas.c @@ -163,7 +163,6 @@ static void rtas_start_cpu(PowerPCCPU *cpu_, sPAPRMachineState *spapr, CPUState *cs = CPU(cpu); CPUPPCState *env = &cpu->env; PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cpu); - Error *local_err = NULL; if (!cs->halted) { rtas_st(rets, 0, RTAS_OUT_HW_ERROR); @@ -175,14 +174,6 @@ static void rtas_start_cpu(PowerPCCPU *cpu_, sPAPRMachineState *spapr, * new cpu enters */ kvm_cpu_synchronize_state(cs); - /* Set compatibility mode to match existing cpus */ - ppc_set_compat(cpu, POWERPC_CPU(first_cpu)->compat_pvr, &local_err); - if (local_err) { - error_report_err(local_err); - rtas_st(rets, 0, RTAS_OUT_HW_ERROR); - return; - } - env->msr = (1ULL << MSR_SF) | (1ULL << MSR_ME); /* Enable Power-saving mode Exit Cause exceptions for the new CPU */ From b62b368627ea160d2bfd7886aa690047480036a0 Mon Sep 17 00:00:00 2001 From: "pbonzini@redhat.com" Date: Sun, 17 Dec 2017 06:49:53 +0100 Subject: [PATCH 08/12] target-ppc: optimize cmp translation We know that only one bit (in addition to SO) is going to be set in the condition register, so do two movconds instead of three setconds, three shifts and two ORs. For ppc64-linux-user, the code size reduction is around 5% and the performance improvement slightly less than 10%. For softmmu, the improvement is around 5%. Signed-off-by: Paolo Bonzini Signed-off-by: David Gibson --- target/ppc/translate.c | 29 ++++++++++++----------------- 1 file changed, 12 insertions(+), 17 deletions(-) diff --git a/target/ppc/translate.c b/target/ppc/translate.c index 396f422cf4..bcd36d5353 100644 --- a/target/ppc/translate.c +++ b/target/ppc/translate.c @@ -605,27 +605,22 @@ static opc_handler_t invalid_handler = { static inline void gen_op_cmp(TCGv arg0, TCGv arg1, int s, int crf) { TCGv t0 = tcg_temp_new(); - TCGv_i32 t1 = tcg_temp_new_i32(); + TCGv t1 = tcg_temp_new(); + TCGv_i32 t = tcg_temp_new_i32(); + tcg_gen_movi_tl(t0, CRF_EQ); + tcg_gen_movi_tl(t1, CRF_LT); + tcg_gen_movcond_tl((s ? TCG_COND_LT : TCG_COND_LTU), t0, arg0, arg1, t1, t0); + tcg_gen_movi_tl(t1, CRF_GT); + tcg_gen_movcond_tl((s ? TCG_COND_GT : TCG_COND_GTU), t0, arg0, arg1, t1, t0); + + tcg_gen_trunc_tl_i32(t, t0); tcg_gen_trunc_tl_i32(cpu_crf[crf], cpu_so); - - tcg_gen_setcond_tl((s ? TCG_COND_LT: TCG_COND_LTU), t0, arg0, arg1); - tcg_gen_trunc_tl_i32(t1, t0); - tcg_gen_shli_i32(t1, t1, CRF_LT_BIT); - tcg_gen_or_i32(cpu_crf[crf], cpu_crf[crf], t1); - - tcg_gen_setcond_tl((s ? TCG_COND_GT: TCG_COND_GTU), t0, arg0, arg1); - tcg_gen_trunc_tl_i32(t1, t0); - tcg_gen_shli_i32(t1, t1, CRF_GT_BIT); - tcg_gen_or_i32(cpu_crf[crf], cpu_crf[crf], t1); - - tcg_gen_setcond_tl(TCG_COND_EQ, t0, arg0, arg1); - tcg_gen_trunc_tl_i32(t1, t0); - tcg_gen_shli_i32(t1, t1, CRF_EQ_BIT); - tcg_gen_or_i32(cpu_crf[crf], cpu_crf[crf], t1); + tcg_gen_or_i32(cpu_crf[crf], cpu_crf[crf], t); tcg_temp_free(t0); - tcg_temp_free_i32(t1); + tcg_temp_free(t1); + tcg_temp_free_i32(t); } static inline void gen_op_cmpi(TCGv arg0, target_ulong arg1, int s, int crf) From cf4969ec35c3502cfe2ffe5a229504607f4a2589 Mon Sep 17 00:00:00 2001 From: BALATON Zoltan Date: Thu, 18 Jan 2018 19:01:19 +0100 Subject: [PATCH 09/12] sm501: Add missing break to case Noticed by Coverity, forgotten in 5690d9ece Reported-by: Peter Maydell Signed-off-by: BALATON Zoltan Signed-off-by: David Gibson --- hw/display/sm501.c | 1 + 1 file changed, 1 insertion(+) diff --git a/hw/display/sm501.c b/hw/display/sm501.c index 4f7dc59b25..134cbed607 100644 --- a/hw/display/sm501.c +++ b/hw/display/sm501.c @@ -797,6 +797,7 @@ static uint64_t sm501_system_config_read(void *opaque, hwaddr addr, break; case SM501_COMMAND_LIST_STATUS: ret = 0x00180002; /* FIFOs are empty, everything idle */ + break; case SM501_IRQ_MASK: ret = s->irq_mask; break; From 3a14ba466488fc717dccd4429487295d79fe0775 Mon Sep 17 00:00:00 2001 From: BALATON Zoltan Date: Thu, 18 Jan 2018 19:18:59 +0100 Subject: [PATCH 10/12] sii3112: Add explicit type casts to avoid unintended sign extension Noticed by Coverity Reported-by: Peter Maydell Signed-off-by: BALATON Zoltan Signed-off-by: David Gibson --- hw/ide/sii3112.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/hw/ide/sii3112.c b/hw/ide/sii3112.c index e2f5562bb7..17aa930e39 100644 --- a/hw/ide/sii3112.c +++ b/hw/ide/sii3112.c @@ -79,13 +79,13 @@ static uint64_t sii3112_reg_read(void *opaque, hwaddr addr, val |= (d->regs[0].confstat & (1UL << 11) ? (1 << 4) : 0); /*SATAINT0*/ val |= (d->regs[1].confstat & (1UL << 11) ? (1 << 6) : 0); /*SATAINT1*/ val |= (d->i.bmdma[1].status & BM_STATUS_INT ? (1 << 14) : 0); - val |= d->i.bmdma[0].status << 16; - val |= d->i.bmdma[1].status << 24; + val |= (uint32_t)d->i.bmdma[0].status << 16; + val |= (uint32_t)d->i.bmdma[1].status << 24; break; case 0x18: val = d->i.bmdma[1].cmd; val |= (d->regs[1].confstat & (1UL << 11) ? (1 << 4) : 0); - val |= d->i.bmdma[1].status << 16; + val |= (uint32_t)d->i.bmdma[1].status << 16; break; case 0x80 ... 0x87: if (size == 1) { @@ -128,7 +128,7 @@ static uint64_t sii3112_reg_read(void *opaque, hwaddr addr, val = (d->i.bus[0].ifs[0].blk) ? 0x113 : 0; break; case 0x148: - val = d->regs[0].sien << 16; + val = (uint32_t)d->regs[0].sien << 16; break; case 0x180: val = d->regs[1].scontrol; @@ -137,7 +137,7 @@ static uint64_t sii3112_reg_read(void *opaque, hwaddr addr, val = (d->i.bus[1].ifs[0].blk) ? 0x113 : 0; break; case 0x1c8: - val = d->regs[1].sien << 16; + val = (uint32_t)d->regs[1].sien << 16; break; default: val = 0; From 7af1e7b022641e4cc330a75ab50fa64683fe4847 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9dric=20Le=20Goater?= Date: Thu, 18 Jan 2018 15:54:03 +0100 Subject: [PATCH 11/12] target/ppc: add support for hypervisor doorbells on book3s CPUs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The hypervisor doorbells are used by skiboot and Linux on POWER9 processors to wake up secondaries. This adds processor control support to the Server architecture by reusing the Embedded support. They are very similar, only the bits definition of the CPU identifier differ. Still to be done is message broadcast to all threads of the same processor. Signed-off-by: Cédric Le Goater Signed-off-by: David Gibson --- target/ppc/cpu.h | 8 ++++-- target/ppc/excp_helper.c | 52 +++++++++++++++++++++++++++++++++++++ target/ppc/helper.h | 2 ++ target/ppc/translate.c | 25 ++++++++++++++++-- target/ppc/translate_init.c | 2 +- 5 files changed, 84 insertions(+), 5 deletions(-) diff --git a/target/ppc/cpu.h b/target/ppc/cpu.h index b8f4dfc108..603a38cae8 100644 --- a/target/ppc/cpu.h +++ b/target/ppc/cpu.h @@ -930,7 +930,7 @@ enum { #define BOOKE206_MAX_TLBN 4 /*****************************************************************************/ -/* Embedded.Processor Control */ +/* Server and Embedded Processor Control */ #define DBELL_TYPE_SHIFT 27 #define DBELL_TYPE_MASK (0x1f << DBELL_TYPE_SHIFT) @@ -940,11 +940,15 @@ enum { #define DBELL_TYPE_G_DBELL_CRIT (0x03 << DBELL_TYPE_SHIFT) #define DBELL_TYPE_G_DBELL_MC (0x04 << DBELL_TYPE_SHIFT) -#define DBELL_BRDCAST (1 << 26) +#define DBELL_TYPE_DBELL_SERVER (0x05 << DBELL_TYPE_SHIFT) + +#define DBELL_BRDCAST PPC_BIT(37) #define DBELL_LPIDTAG_SHIFT 14 #define DBELL_LPIDTAG_MASK (0xfff << DBELL_LPIDTAG_SHIFT) #define DBELL_PIRTAG_MASK 0x3fff +#define DBELL_PROCIDTAG_MASK PPC_BITMASK(44, 63) + /*****************************************************************************/ /* Segment page size information, used by recent hash MMUs * The format of this structure mirrors kvm_ppc_smmu_info diff --git a/target/ppc/excp_helper.c b/target/ppc/excp_helper.c index 4e548a4487..c092fbead0 100644 --- a/target/ppc/excp_helper.c +++ b/target/ppc/excp_helper.c @@ -417,6 +417,7 @@ static inline void powerpc_excp(PowerPCCPU *cpu, int excp_model, int excp) case POWERPC_EXCP_HISI: /* Hypervisor instruction storage exception */ case POWERPC_EXCP_HDSEG: /* Hypervisor data segment exception */ case POWERPC_EXCP_HISEG: /* Hypervisor instruction segment exception */ + case POWERPC_EXCP_SDOOR_HV: /* Hypervisor Doorbell interrupt */ case POWERPC_EXCP_HV_EMU: srr0 = SPR_HSRR0; srr1 = SPR_HSRR1; @@ -846,6 +847,11 @@ static void ppc_hw_interrupt(CPUPPCState *env) powerpc_excp(cpu, env->excp_model, POWERPC_EXCP_DOORI); return; } + if (env->pending_interrupts & (1 << PPC_INTERRUPT_HDOORBELL)) { + env->pending_interrupts &= ~(1 << PPC_INTERRUPT_HDOORBELL); + powerpc_excp(cpu, env->excp_model, POWERPC_EXCP_SDOOR_HV); + return; + } if (env->pending_interrupts & (1 << PPC_INTERRUPT_PERFM)) { env->pending_interrupts &= ~(1 << PPC_INTERRUPT_PERFM); powerpc_excp(cpu, env->excp_model, POWERPC_EXCP_PERFM); @@ -1145,4 +1151,50 @@ void helper_msgsnd(target_ulong rb) } qemu_mutex_unlock_iothread(); } + +/* Server Processor Control */ +static int book3s_dbell2irq(target_ulong rb) +{ + int msg = rb & DBELL_TYPE_MASK; + + /* A Directed Hypervisor Doorbell message is sent only if the + * message type is 5. All other types are reserved and the + * instruction is a no-op */ + return msg == DBELL_TYPE_DBELL_SERVER ? PPC_INTERRUPT_HDOORBELL : -1; +} + +void helper_book3s_msgclr(CPUPPCState *env, target_ulong rb) +{ + int irq = book3s_dbell2irq(rb); + + if (irq < 0) { + return; + } + + env->pending_interrupts &= ~(1 << irq); +} + +void helper_book3s_msgsnd(target_ulong rb) +{ + int irq = book3s_dbell2irq(rb); + int pir = rb & DBELL_PROCIDTAG_MASK; + CPUState *cs; + + if (irq < 0) { + return; + } + + qemu_mutex_lock_iothread(); + CPU_FOREACH(cs) { + PowerPCCPU *cpu = POWERPC_CPU(cs); + CPUPPCState *cenv = &cpu->env; + + /* TODO: broadcast message to all threads of the same processor */ + if (cenv->spr_cb[SPR_PIR].default_value == pir) { + cenv->pending_interrupts |= 1 << irq; + cpu_interrupt(cs, CPU_INTERRUPT_HARD); + } + } + qemu_mutex_unlock_iothread(); +} #endif diff --git a/target/ppc/helper.h b/target/ppc/helper.h index bb6a94a8b3..5b739179b8 100644 --- a/target/ppc/helper.h +++ b/target/ppc/helper.h @@ -679,6 +679,8 @@ DEF_HELPER_FLAGS_3(store_sr, TCG_CALL_NO_RWG, void, env, tl, tl) DEF_HELPER_FLAGS_1(602_mfrom, TCG_CALL_NO_RWG_SE, tl, tl) DEF_HELPER_1(msgsnd, void, tl) DEF_HELPER_2(msgclr, void, env, tl) +DEF_HELPER_1(book3s_msgsnd, void, tl) +DEF_HELPER_2(book3s_msgclr, void, env, tl) #endif DEF_HELPER_4(dlmzb, tl, env, tl, tl, i32) diff --git a/target/ppc/translate.c b/target/ppc/translate.c index bcd36d5353..4132f67bb1 100644 --- a/target/ppc/translate.c +++ b/target/ppc/translate.c @@ -6170,7 +6170,12 @@ static void gen_msgclr(DisasContext *ctx) GEN_PRIV; #else CHK_HV; - gen_helper_msgclr(cpu_env, cpu_gpr[rB(ctx->opcode)]); + /* 64-bit server processors compliant with arch 2.x */ + if (ctx->insns_flags & PPC_SEGMENT_64B) { + gen_helper_book3s_msgclr(cpu_env, cpu_gpr[rB(ctx->opcode)]); + } else { + gen_helper_msgclr(cpu_env, cpu_gpr[rB(ctx->opcode)]); + } #endif /* defined(CONFIG_USER_ONLY) */ } @@ -6180,10 +6185,24 @@ static void gen_msgsnd(DisasContext *ctx) GEN_PRIV; #else CHK_HV; - gen_helper_msgsnd(cpu_gpr[rB(ctx->opcode)]); + /* 64-bit server processors compliant with arch 2.x */ + if (ctx->insns_flags & PPC_SEGMENT_64B) { + gen_helper_book3s_msgsnd(cpu_gpr[rB(ctx->opcode)]); + } else { + gen_helper_msgsnd(cpu_gpr[rB(ctx->opcode)]); + } #endif /* defined(CONFIG_USER_ONLY) */ } +static void gen_msgsync(DisasContext *ctx) +{ +#if defined(CONFIG_USER_ONLY) + GEN_PRIV; +#else + CHK_HV; +#endif /* defined(CONFIG_USER_ONLY) */ + /* interpreted as no-op */ +} #if defined(TARGET_PPC64) static void gen_maddld(DisasContext *ctx) @@ -6664,6 +6683,8 @@ GEN_HANDLER2_E(msgsnd, "msgsnd", 0x1F, 0x0E, 0x06, 0x03ff0001, PPC_NONE, PPC2_PRCNTL), GEN_HANDLER2_E(msgclr, "msgclr", 0x1F, 0x0E, 0x07, 0x03ff0001, PPC_NONE, PPC2_PRCNTL), +GEN_HANDLER2_E(msgsync, "msgsync", 0x1F, 0x16, 0x1B, 0x00000000, + PPC_NONE, PPC2_PRCNTL), GEN_HANDLER(wrtee, 0x1F, 0x03, 0x04, 0x000FFC01, PPC_WRTEE), GEN_HANDLER(wrteei, 0x1F, 0x03, 0x05, 0x000E7C01, PPC_WRTEE), GEN_HANDLER(dlmzb, 0x1F, 0x0E, 0x02, 0x00000000, PPC_440_SPEC), diff --git a/target/ppc/translate_init.c b/target/ppc/translate_init.c index 70ff15a51a..55c99c97e3 100644 --- a/target/ppc/translate_init.c +++ b/target/ppc/translate_init.c @@ -8866,7 +8866,7 @@ POWERPC_FAMILY(POWER9)(ObjectClass *oc, void *data) PPC2_FP_TST_ISA206 | PPC2_BCTAR_ISA207 | PPC2_LSQ_ISA207 | PPC2_ALTIVEC_207 | PPC2_ISA205 | PPC2_ISA207S | PPC2_FP_CVT_S64 | - PPC2_TM | PPC2_PM_ISA206 | PPC2_ISA300; + PPC2_TM | PPC2_PM_ISA206 | PPC2_ISA300 | PPC2_PRCNTL; pcc->msr_mask = (1ull << MSR_SF) | (1ull << MSR_TM) | (1ull << MSR_VR) | From 1f63ebaa91f73f469c8f107dbd266cabdbea3a40 Mon Sep 17 00:00:00 2001 From: Suraj Jitindar Singh Date: Fri, 19 Jan 2018 16:00:00 +1100 Subject: [PATCH 12/12] target/ppc/spapr_caps: Add macro to generate spapr_caps migration vmstate The vmstate description and the contained needed function for migration of spapr_caps is the same for each cap, with the name of the cap substituted. As such introduce a macro to allow for easier generation of these. Convert the three existing spapr_caps (htm, vsx, and dfp) to use this macro. Signed-off-by: Suraj Jitindar Singh Signed-off-by: David Gibson --- hw/ppc/spapr_caps.c | 78 ++++++++++++++------------------------------- 1 file changed, 24 insertions(+), 54 deletions(-) diff --git a/hw/ppc/spapr_caps.c b/hw/ppc/spapr_caps.c index d5c9ce774a..5d52969bd5 100644 --- a/hw/ppc/spapr_caps.c +++ b/hw/ppc/spapr_caps.c @@ -228,62 +228,32 @@ int spapr_caps_post_migration(sPAPRMachineState *spapr) return ok ? 0 : -EINVAL; } -static bool spapr_cap_htm_needed(void *opaque) -{ - sPAPRMachineState *spapr = opaque; - - return spapr->cmd_line_caps[SPAPR_CAP_HTM] && - (spapr->eff.caps[SPAPR_CAP_HTM] != spapr->def.caps[SPAPR_CAP_HTM]); +/* Used to generate the migration field and needed function for a spapr cap */ +#define SPAPR_CAP_MIG_STATE(cap, ccap) \ +static bool spapr_cap_##cap##_needed(void *opaque) \ +{ \ + sPAPRMachineState *spapr = opaque; \ + \ + return spapr->cmd_line_caps[SPAPR_CAP_##ccap] && \ + (spapr->eff.caps[SPAPR_CAP_##ccap] != \ + spapr->def.caps[SPAPR_CAP_##ccap]); \ +} \ + \ +const VMStateDescription vmstate_spapr_cap_##cap = { \ + .name = "spapr/cap/" #cap, \ + .version_id = 1, \ + .minimum_version_id = 1, \ + .needed = spapr_cap_##cap##_needed, \ + .fields = (VMStateField[]) { \ + VMSTATE_UINT8(mig.caps[SPAPR_CAP_##ccap], \ + sPAPRMachineState), \ + VMSTATE_END_OF_LIST() \ + }, \ } -const VMStateDescription vmstate_spapr_cap_htm = { - .name = "spapr/cap/htm", - .version_id = 1, - .minimum_version_id = 1, - .needed = spapr_cap_htm_needed, - .fields = (VMStateField[]) { - VMSTATE_UINT8(mig.caps[SPAPR_CAP_HTM], sPAPRMachineState), - VMSTATE_END_OF_LIST() - }, -}; - -static bool spapr_cap_vsx_needed(void *opaque) -{ - sPAPRMachineState *spapr = opaque; - - return spapr->cmd_line_caps[SPAPR_CAP_VSX] && - (spapr->eff.caps[SPAPR_CAP_VSX] != spapr->def.caps[SPAPR_CAP_VSX]); -} - -const VMStateDescription vmstate_spapr_cap_vsx = { - .name = "spapr/cap/vsx", - .version_id = 1, - .minimum_version_id = 1, - .needed = spapr_cap_vsx_needed, - .fields = (VMStateField[]) { - VMSTATE_UINT8(mig.caps[SPAPR_CAP_VSX], sPAPRMachineState), - VMSTATE_END_OF_LIST() - }, -}; - -static bool spapr_cap_dfp_needed(void *opaque) -{ - sPAPRMachineState *spapr = opaque; - - return spapr->cmd_line_caps[SPAPR_CAP_DFP] && - (spapr->eff.caps[SPAPR_CAP_DFP] != spapr->def.caps[SPAPR_CAP_DFP]); -} - -const VMStateDescription vmstate_spapr_cap_dfp = { - .name = "spapr/cap/dfp", - .version_id = 1, - .minimum_version_id = 1, - .needed = spapr_cap_dfp_needed, - .fields = (VMStateField[]) { - VMSTATE_UINT8(mig.caps[SPAPR_CAP_DFP], sPAPRMachineState), - VMSTATE_END_OF_LIST() - }, -}; +SPAPR_CAP_MIG_STATE(htm, HTM); +SPAPR_CAP_MIG_STATE(vsx, VSX); +SPAPR_CAP_MIG_STATE(dfp, DFP); void spapr_caps_reset(sPAPRMachineState *spapr) {