Commit Graph

3166 Commits

Author SHA1 Message Date
Remi Denis-Courmont
f6768aa1b4 target/arm: fix AArch64 virtual address space size
Since QEMU does not support the ARMv8.2-LVA, Large Virtual Address,
extension (yet), the VA address space is 48-bits plus a sign bit. User
mode can only handle the positive half of the address space, so that
makes a limit of 48 bits.

(With LVA, it would be 53 and 52 bits respectively.)

The incorrectly large address space conflicts with PAuth instructions,
which use bits 48-54 and 56-63 for the pointer authentication code. This
also conflicts with (as yet unsupported by QEMU) data tagging and with
the ARMv8.5-MTE extension.

Signed-off-by: Remi Denis-Courmont <remi.denis.courmont@huawei.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-02-01 15:23:51 +00:00
Richard Henderson
276c6e8137 target/arm: Always enable pac keys for user-only
Drop the pac properties.  This approach cannot work as written
because the properties are applied before arm_cpu_reset, which
zeros SCTLR_EL1 (amongst everything else).

We can re-introduce the properties if they turn out to be useful.
But since linux 5.0 enables all of the keys, they may not be.

Fixes: 1ae9cfbd47
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-02-01 15:04:05 +00:00
Julia Suvorova
42f6ed9193 arm: Clarify the logic of set_pc()
Until now, the set_pc logic was unclear, which raised questions about
whether it should be used directly, applying a value to PC or adding
additional checks, for example, set the Thumb bit in Arm cpu. Let's set
the set_pc logic for “Configure the PC, as was done in the ELF file”
and implement synchronize_with_tb hook for preserving PC to cpu_tb_exec.

Signed-off-by: Julia Suvorova <jusual@mail.ru>
Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 20190129121817.7109-1-jusual@mail.ru
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-02-01 14:55:46 +00:00
Richard Henderson
ef682cdb4a target/arm: Enable API, APK bits in SCR, HCR
These bits become writable with the ARMv8.3-PAuth extension.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190129143511.12311-1-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-02-01 14:55:46 +00:00
Aaron Lindsay OS
4e7beb0cc0 target/arm: Add a timer to predict PMU counter overflow
Make PMU overflow interrupts more accurate by using a timer to predict
when they will overflow rather than waiting for an event to occur which
allows us to otherwise check them.

Signed-off-by: Aaron Lindsay <aaron@os.amperecomputing.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190124162401.5111-3-aaron@os.amperecomputing.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-02-01 14:55:45 +00:00
Aaron Lindsay OS
f4efb4b2a1 target/arm: Send interrupts on PMU counter overflow
Whenever we notice that a counter overflow has occurred, send an
interrupt. This is made more reliable with the addition of a timer in a
follow-on commit.

Signed-off-by: Aaron Lindsay <aaron@os.amperecomputing.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190124162401.5111-2-aaron@os.amperecomputing.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-02-01 14:55:45 +00:00
Peter Maydell
eaefb97a8b target/arm/translate-a64: Fix mishandling of size in FCMLA decode
In disas_simd_indexed(), for the case of "complex fp", each indexable
element is a complex pair, so the total size is twice that indicated
in the 'size' field in the encoding. We were trying to do this
"double the size" operation with a left shift by 1, but this is
incorrect because the 'size' field is a MO_8/MO_16/MO_32/MO_64
value, and doubling the size should be done by a simple increment.

This meant we were mishandling FCMLA (by element) of values where
the real and imaginary parts are 32-bit floats, and would incorrectly
UNDEF this encoding. (No other insns take this code path, and for
16-bit floats it happens that 1 << 1 and 1 + 1 are both the same).

Reported-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Message-id: 20190129140411.682-3-peter.maydell@linaro.org
2019-02-01 14:55:45 +00:00
Peter Maydell
4dfabb6d56 target/arm/translate-a64: Fix FCMLA decoding error
The FCMLA (by element) instruction exists in the
"vector x indexed element" encoding group, but not in
the "scalar x indexed element" group. Correctly UNDEF
the unallocated encodings.

Reported-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Message-id: 20190129140411.682-2-peter.maydell@linaro.org
2019-02-01 14:55:45 +00:00
Peter Maydell
4977986ca3 target/arm/translate-a64: Don't underdecode SDOT and UDOT
In the AdvSIMD scalar x indexed element and vector x indexed element
encoding group, the SDOT and UDOT instructions are vector only,
and their opcode is unallocated in the scalar group. Correctly
UNDEF this unallocated encoding.

Reported-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Message-id: 20190125182626.9221-8-peter.maydell@linaro.org
2019-02-01 14:55:45 +00:00
Peter Maydell
c1e20801f5 target/arm/translate-a64: Don't underdecode FP insns
In the encoding groups
 * floating-point data-processing (1 source)
 * floating-point data-processing (2 source)
 * floating-point data-processing (3 source)
 * floating-point immediate
 * floating-point compare
 * floating-ponit conditional compare
 * floating-point conditional select

bit 31 is M and bit 29 is S (and bit 30 is 0, already checked at
this point in the decode). None of these groups allocate any
encoding for M=1 or S=1. We checked this in disas_fp_compare(),
disas_fp_ccomp() and disas_fp_csel(), but missed it in disas_fp_1src(),
disas_fp_2src(), disas_fp_3src() and disas_fp_imm().

We also missed that in the fp immediate encoding the imm5 field
must be all zeroes.

Correctly UNDEF the unallocated encodings here.

Reported-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Message-id: 20190125182626.9221-7-peter.maydell@linaro.org
2019-02-01 14:55:45 +00:00
Peter Maydell
4f61106614 target/arm/translate-a64: Don't underdecode add/sub extended register
In the "add/subtract (extended register)" encoding group, the "opt"
field in bits [23:22] must be zero. Correctly UNDEF the unallocated
encodings where this field is not zero.

Reported-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Message-id: 20190125182626.9221-6-peter.maydell@linaro.org
2019-02-01 14:55:44 +00:00
Peter Maydell
9c72b68ad7 target/arm/translate-a64: Don't underdecode SIMD ld/st single
In the AdvSIMD load/store single structure encodings, the
non-post-indexed case should have zeroes in [20:16] (which is the
Rm field for the post-indexed case). Bit 31 must also be zero
(a check we got right in ldst_multiple but not here). Correctly
UNDEF these unallocated encodings.

Reported-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Message-id: 20190125182626.9221-5-peter.maydell@linaro.org
2019-02-01 14:55:44 +00:00
Peter Maydell
e1f220811d target/arm/translate-a64: Don't underdecode SIMD ld/st multiple
In the AdvSIMD load/store multiple structures encodings,
the non-post-indexed case should have zeroes in [20:16]
(which is the Rm field for the post-indexed case).
Correctly UNDEF the currently unallocated encodings which
have non-zeroes in those bits.

Reported-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Message-id: 20190125182626.9221-4-peter.maydell@linaro.org
2019-02-01 14:55:44 +00:00
Peter Maydell
a80c425654 target/arm/translate-a64: Don't underdecode PRFM
The PRFM prefetch insn in the load/store with imm9 encodings
requires idx field 0b00; we were underdecoding this by
only checking !is_unpriv (which is equivalent to idx != 2).
Correctly UNDEF the unallocated encodings where idx == 0b01
and 0b11 as well as 0b10.

Reported-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Message-id: 20190125182626.9221-3-peter.maydell@linaro.org
2019-02-01 14:55:44 +00:00
Peter Maydell
08d5e3bde6 target/arm/translate-a64: Don't underdecode system instructions
The "system instructions" and "system register move" subcategories
of "branches, exception generating and system instructions" for A64
only apply if bits [23:22] are zero; other values are currently
unallocated. Correctly UNDEF these unallocated encodings.

Reported-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Message-id: 20190125182626.9221-2-peter.maydell@linaro.org
2019-02-01 14:55:44 +00:00
Peter Maydell
e8977901b7 - add device category (edu, i8042, sd memory card)
- code clean-up
 - LGPL information clean-up
 - fix typo (acpi)
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJcUaTuAAoJEPMMOL0/L748/ZMP/AwJM0P7AjFSuPxC5ETNK2Nn
 kJSMOMhAYs4oZppwQ25tphHNFd7xEzQd1JBS5aT4svp5qN0kzoUoPY6IpxvfXueW
 aFmXJPgCZvWPvD8xebHYPiH1wr0ITeRKDjZBV+YykCwIOiigg5RraMslon+Djf2f
 WNB7L/abhb4eTf5vNvS7cpCLOSXbslYYtj4Z5WcSARRAFlvBzHczooiYMuovMhtP
 zCOhG7tW9scqoEJyIW2Bxmw4QqHAuOtrDnqN3DHseM1Eh4PoJCNLVf4lTU8qWhF4
 W8IGysjQQot2V2JIkD9XkNcfGlQNniwNj/vYhpKCDLACE65ztZ42DV7j+oe2SDB2
 ljqTc2Vi4pmqEuIGcT3MykBKdsjdLOS3KBP3S6fgMV7/R347xeRf85bGcZQb/AnS
 rsL5MLA4nkd0xdztpuvHcqJdxhk+SbwsY8Zlj4agSELhFuIuEKz4VLd/WrxQvAhp
 yimX2+m7dHvIsHWpRduZ8I5nR2U0O+sxmIhPbaQNCcHTU/JZjtZEKxU0kpCHkBtd
 AdMVXf8NMGe8NecY8n9Y80Veencpq+nCthGtRRJwWOptlXXYdR5aYHaX6IlJaVFV
 jmVZITn1HxddPsVqGW0ZAJip78xVi8eYHiMvQO4+dfECLAH6m7TyLRKh8MyIyCHD
 VJ6roxeKSgosPaw1tzc2
 =1OOM
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/vivier2/tags/trivial-branch-pull-request' into staging

- add device category (edu, i8042, sd memory card)
- code clean-up
- LGPL information clean-up
- fix typo (acpi)

# gpg: Signature made Wed 30 Jan 2019 13:21:50 GMT
# gpg:                using RSA key F30C38BD3F2FBE3C
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" [full]
# gpg:                 aka "Laurent Vivier <laurent@vivier.eu>" [full]
# gpg:                 aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" [full]
# Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F  5173 F30C 38BD 3F2F BE3C

* remotes/vivier2/tags/trivial-branch-pull-request:
  virtio-blk: remove duplicate definition of VirtIOBlock *s pointer
  hw/block: clean up stale xen_disk trace entries
  target/m68k: Fix LGPL information in the file headers
  target/s390x: Fix LGPL version in the file header comments
  tcg: Fix LGPL version number
  target/tricore: Fix LGPL version number
  target/openrisc: Fix LGPL version number
  COPYING.LIB: Synchronize the LGPL 2.1 with the version from gnu.org
  Don't talk about the LGPL if the file is licensed under the GPL
  hw: sd: set category of the sd memory card
  hw: input: set category of the i8042 device
  typo: apci->acpi
  hw: edu: set category of the edu device

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-31 15:40:39 +00:00
Thomas Huth
d749fb85bd target/m68k: Fix LGPL information in the file headers
It's either "GNU *Library* General Public License version 2" or
"GNU Lesser General Public License version *2.1*", but there was
no "version 2.0" of the "Lesser" license. So assume that version
2.1 is meant here.
Also some files mention the GPL instead of the LGPL after declaring
that the files are licensed under the LGPL, so change these spots to
use LGPL, too.

Reviewed-by: Liam Merwick <liam.merwick@oracle.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1548769438-28942-1-git-send-email-thuth@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2019-01-30 14:20:13 +01:00
Thomas Huth
41c6a6dd84 target/s390x: Fix LGPL version in the file header comments
It's either "GNU *Library* General Public License version 2" or
"GNU Lesser General Public License version *2.1*", but there was
no "version 2.0" of the "Lesser" license. So assume that version
2.1 is meant here.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Acked-by: Cornelia Huck <cohuck@redhat.com>
Message-Id: <1548769067-20792-1-git-send-email-thuth@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2019-01-30 11:04:02 +01:00
Thomas Huth
02754acd89 target/tricore: Fix LGPL version number
It's either "GNU *Library* General Public version 2" or "GNU Lesser
General Public version *2.1*", but there was no "version 2.0" of the
"Lesser" library. So assume that version 2.1 is meant here.

Cc: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Acked-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <1548252536-6242-4-git-send-email-thuth@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2019-01-30 11:01:46 +01:00
Thomas Huth
779fc6ada1 target/openrisc: Fix LGPL version number
It's either "GNU *Library* General Public version 2" or "GNU Lesser
General Public version *2.1*", but there was no "version 2.0" of the
"Lesser" library. So assume that version 2.1 is meant here.

Cc: Stafford Horne <shorne@gmail.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Acked-by: Stafford Horne <shorne@gmail.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <1548252536-6242-3-git-send-email-thuth@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2019-01-30 11:01:36 +01:00
Thomas Huth
e361a772ff Don't talk about the LGPL if the file is licensed under the GPL
Some files claim that the code is licensed under the GPL, but then
suddenly suggest that the user should have a look at the LGPL.
That's of course non-sense, replace it with the correct GPL wording
instead.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1548255083-8190-1-git-send-email-thuth@redhat.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2019-01-30 10:51:20 +01:00
Peter Maydell
13c2361b91 x86 queue, 2019-01-28
Two small CPU model updates:
 * Enable NPT and NRIPSAVE on AMD CPUs
 * Update stepping of Cascadelake-Server
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCAAGBQJcT1nUAAoJECgHk2+YTcWmMrIP/37Yh9Q3p6Erbpqee3jPNhyC
 ih42LJ6jO1w34X6PFqtVS9uTWAI1P3LwoXq5bNT4JeMy37QDujph5LWP3+GXXuCa
 cB8AkgaeL5GwQMSBujJEacJiZ69iI3zAQZHKXkailuApCSKOXZf89dW3Ao8S7Qgr
 TVjcnJgECoiaDLD2FMWafmSP4d5YSNRkuGZ5f5NsFV8BztKptnT2DLXIBjuz/oCT
 0+VqV6HEo7s19QFzYV4G59Afwk306iU1INV0NeNz770SbgKc3Oi80GAaYr0V+oLW
 2Lr+dgbYPUw7ZwVhK0md6/h8ZbgRSpHhxke5i8p++AC4NCWC+xTIEgIaH6AT75Rn
 6GcgG/6zWOPqJphHROYR78P38156KkNVQI46chsLm2DwSL8HFk17wyIWCQoEWJyt
 AgiZosWA0/92V95Lzd5zX+Y6v+OBR+aJOEdcDn2ic8WPxkyM5G01SeWLPP4C5Tux
 R6oJ3zozn4OqxIqslihkqzxiJoeap4qgJKLzcq1JR1nlQ+yoBVktqAF5+ogytb2e
 ybnef3fLqf/qHi4JDLJXQdCPjIccrEVIzTs90wEgsQ9hbYtGxoeRUW2f4IemBvU2
 +Jwqs1n6aFo+AlETdrTGEDlnaqphy9FOnwncrgai0eTuoHOQPI9+RuiM5K/BEEuy
 qzMdXK85dZSP+f9IQrqx
 =Nh3Q
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/ehabkost/tags/x86-next-pull-request' into staging

x86 queue, 2019-01-28

Two small CPU model updates:
* Enable NPT and NRIPSAVE on AMD CPUs
* Update stepping of Cascadelake-Server

# gpg: Signature made Mon 28 Jan 2019 19:36:52 GMT
# gpg:                using RSA key 2807936F984DC5A6
# gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>" [full]
# Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF  D1AA 2807 936F 984D C5A6

* remotes/ehabkost/tags/x86-next-pull-request:
  i386: Enable NPT and NRIPSAVE for AMD CPUs
  i386: Update stepping of Cascadelake-Server

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-29 14:10:54 +00:00
Aaron Lindsay OS
bf8d09694c target/arm: Don't clear supported PMU events when initializing PMCEID1
A bug was introduced during a respin of:

	commit 57a4a11b2b
	target/arm: Add array for supported PMU events, generate PMCEID[01]_EL0

This patch introduced two calls to get_pmceid() during CPU
initialization - one each for PMCEID0 and PMCEID1. In addition to
building the register values, get_pmceid() clears an internal array
mapping event numbers to their implementations (supported_event_map)
before rebuilding it. This is an optimization since much of the logic is
shared. However, since it was called twice, the contents of
supported_event_map reflect only the events in PMCEID1 (the second call
to get_pmceid()).

Fix this bug by moving the initialization of PMCEID0 and PMCEID1 back
into a single function call, and name it more appropriately since it is
doing more than simply generating the contents of the PMCEID[01]
registers.

Signed-off-by: Aaron Lindsay <aaron@os.amperecomputing.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190123195814.29253-1-aaron@os.amperecomputing.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-29 11:46:04 +00:00
Thomas Roth
7e3f122367 target/arm: v8m: Ensure IDAU is respected if SAU is disabled
The current behavior of v8m_security_lookup in helper.c only checks whether the
IDAU specifies a higher security if the SAU is enabled. If SAU.ALLNS is set to
1, this will lead to addresses being treated as non-secure, even though the
IDAU indicates that they must be secure.

This patch changes the behavior to also check the IDAU if the SAU is currently
disabled.

(This brings the behaviour here into line with the v8M Arm ARM
SecurityCheck() pseudocode.)

Signed-off-by: Thomas Roth <code@stacksmashing.net>
Message-id: CAGGekkuc+-tvp5RJP7CM+Jy_hJF7eiRHZ96132sb=hPPCappKg@mail.gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
[PMM: added pseudocode ref to the commit message, fixed comment style]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-29 11:46:03 +00:00
Richard Henderson
36d820af0e target/arm: Fix validation of 32-bit address spaces for aa32
When tsz == 0, aarch32 selects the address space via exclusion,
and there are no "top_bits" remaining that require validation.

Fixes: ba97be9f4a
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190125184913.5970-1-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-29 11:46:03 +00:00
Max Filippov
d848ea7767 target/xtensa: add test_mmuhifi_c3 core
test_mmuhifi_c3 is an MMUv2 SMP-capable xtensa core.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-01-28 11:55:20 -08:00
Max Filippov
17a86b0e9f target/xtensa: expose core runstall as an IRQ line
Runstall signal looks very much like a level-triggered IRQ line. Provide
xtensa_get_runstall function that returns runstall IRQ.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-01-28 11:55:20 -08:00
Max Filippov
66f03d7e13 target/xtensa: rearrange access to external interrupts
Replace xtensa_get_extint that returns single external IRQ descriptor
with xtensa_get_extints that returns a vector of all external IRQs.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-01-28 11:54:54 -08:00
Max Filippov
3f75038a33 target/xtensa: drop function xtensa_timer_irq
It's a one-liner used in a single place, move its implementation there
and remove its declaration.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-01-28 11:54:42 -08:00
Vitaly Kuznetsov
9fe8b7be17 i386: Enable NPT and NRIPSAVE for AMD CPUs
Modern AMD CPUs support NPT and NRIPSAVE features and KVM exposes these
when present. NRIPSAVE apeared somewhere in Opteron_G3 lifetime (e.g.
QuadCore AMD Opteron 2378 has is but QuadCore AMD Opteron HE 2344 doesn't),
NPT was introduced a bit earlier.

Add the FEAT_SVM leaf to Opteron_G4/G5 and EPYC/EPYC-IBPB cpu models.

Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Message-Id: <20190121155051.5628-1-vkuznets@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2019-01-28 15:51:54 -02:00
Tao Xu
b0a1980384 i386: Update stepping of Cascadelake-Server
Update the stepping from 5 to 6, in order that
the Cascadelake-Server CPU model can support AVX512VNNI
and MSR based features exposed by ARCH_CAPABILITIES.

Signed-off-by: Tao Xu <tao3.xu@intel.com>
Message-Id: <20181227024304.12182-2-tao3.xu@intel.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2019-01-28 15:51:54 -02:00
Peter Maydell
2dc2f10de3 MIPS queue for January 25, 2019
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJcSw5lAAoJENSXKoln91pl8aEH/2KkK5ojXMBY94wH+sCZ17pM
 gEuysp20pUudeIk7eUk9aCnq7NHXGJ3GElB6baBq9zwC6qMlVC2Fmj4azluZbjra
 ZHKXAeXmibDpRo0UJeovH27+rP8j/NKK+nvZX/+gt0azfC+0SgFwhM6DFFPklJWj
 FXGxe2vOUO8Qjke0GwGfqUcjhXJPYg9DEC8RxvliBANME1o0HwkPaNPWWHdjacm2
 3K5FeR4jbPYIsfLdazH+G1KfYnQc8GgleSYBIeBKSyyy0z0Z9FXUTZGTjXZSgup4
 TqUJbUG0whUtVPzRzd8/DLeWK+2JXfLk35MrwVwv/TDdKuije7Pk7ABrb9B2Lnk=
 =O/OP
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/amarkovic/tags/mips-queue-january-25-2019' into staging

MIPS queue for January 25, 2019

# gpg: Signature made Fri 25 Jan 2019 13:25:57 GMT
# gpg:                using RSA key D4972A8967F75A65
# gpg: Good signature from "Aleksandar Markovic <amarkovic@wavecomp.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 8526 FBF1 5DA3 811F 4A01  DD75 D497 2A89 67F7 5A65

* remotes/amarkovic/tags/mips-queue-january-25-2019:
  docs/qemu-cpu-models: Add MIPS/nanoMIPS QEMU supported CPU models
  qemu-doc: Add nanoMIPS ISA information
  tests: tcg: mips: Remove old directories
  tests: tcg: mips: Add two new Makefiles
  tests: tcg: mips: Move source files to new locations
  MAINTAINERS: Update MIPS sections
  target/mips: Add I6500 core configuration
  target/mips: nanoMIPS: Fix branch handling
  disas: nanoMIPS: Amend DSP instructions related comments
  target/mips: Extend gen_scwp() functionality to support EVA
  target/mips: Correct the second argument type of cpu_supports_isa()
  target/mips: nanoMIPS: Rename macros for extracting 3-bit-coded GPR numbers
  target/mips: nanoMIPS: Remove an unused macro
  target/mips: nanoMIPS: Remove duplicate macro definitions

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-25 16:31:02 +00:00
Max Filippov
fa92bd4af7 target/xtensa: fix access to the INTERRUPT SR
INTERRUPT special register may be changed both by the core (by writing
to INTSET and INTCLEAR registers) and by external events (by triggering
and clearing HW IRQs). In MTTCG this state must be protected from
concurrent access, otherwise interrupts may be lost or spurious
interrupts may be detected.

Use atomic operations to change INTSET SR.
Fix wsr.intset so that it soesn't clear any bits.
Fix wsr.intclear so that it doesn't clear bit that corresponds to NMI.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-01-24 10:44:26 -08:00
Max Filippov
6230dac89b target/xtensa: add qemu_cpu_kick to xtensa_runstall
When xtensa_runstall is called to unstall a core it needs to kick it
after clearing runstall flag, otherwise the core doesn't start
immediately. There's also no point in clearing CPU_INTERRUPT_HALT, drop
it.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-01-24 10:44:25 -08:00
Yongbok Kim
ca1ffd14ed target/mips: Add I6500 core configuration
Add I6500 core configuration. Note that this configuration is
supported only on best-effort basis due to the lack of certain
features in QEMU.

Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2019-01-24 17:48:33 +01:00
Stefan Markovic
697b7b6bc5 target/mips: nanoMIPS: Fix branch handling
Fix nanoMIPS branch handling.

Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Signed-off-by: Stefan Markovic <smarkovic@wavecomp.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2019-01-24 17:48:33 +01:00
Aleksandar Markovic
8d5388c1de target/mips: Extend gen_scwp() functionality to support EVA
Extend gen_scwp() functionality to support EVA by adding an
additional argument, modify internals of the function to handle
new functionality, and accordingly change its invocations.

Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2019-01-24 17:48:33 +01:00
Aleksandar Markovic
5b1e098128 target/mips: Correct the second argument type of cpu_supports_isa()
"insn_flags" bitfield was expanded from 32-bit to 64-bit in commit
f9c9cd63e3. However, this was not reflected on the second argument
of the function cpu_supports_isa(). By chance, this did not create
some wrong behavior, since the left-most halves of all instances of
the second argument are currently all zeros. However, this is still
a bug waiting to happen. Correct this by changing the type of the
second argument to be always 64-bit.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2019-01-24 17:48:33 +01:00
Aleksandar Markovic
99e49abf11 target/mips: nanoMIPS: Rename macros for extracting 3-bit-coded GPR numbers
Rename macros for extracting 3-bit-coded GPR numbers, to achieve
better consistency with the nanoMIPS documentation.

Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2019-01-24 17:48:33 +01:00
Aleksandar Markovic
be3a131a05 target/mips: nanoMIPS: Remove an unused macro
Remove a macro that is never used.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2019-01-24 17:48:33 +01:00
Aleksandar Markovic
362d2e7254 target/mips: nanoMIPS: Remove duplicate macro definitions
Several macros were defined twice, with identical values, so
remove duplicates.

Previously added in 80845edf37.

This reverts commit 6bfa9f4c9c.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2019-01-24 17:48:33 +01:00
Jon Diekema
7a938d53f5 ppc: e6500 registers SPR 604 twice
When using the e6500 CPU, QEMU generates a fatal error after
complaining about registering SPR 604 twice.

Building and testing with commit
9b2e891ec5 shows the issue:

qemu-system-ppc64 --version
QEMU emulator version 3.1.50 (v3.1.0-456-g9b2e891ec5-dirty)
Copyright (c) 2003-2018 Fabrice Bellard and the QEMU Project developers

qemu-system-ppc64 -M none -cpu e6500
Error: Trying to register SPR 604 (25c) twice !

Signed-off-by: Jon Diekema <jon.diekema@ge.com>
Message-Id: <CALvuzg43uSodseEHjNaRcPFBKKPTY2mcppUbYgiLL=QO9RxX_Q@mail.gmail.com>
[removed duplicated mail header in the commit message]
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2019-01-24 13:34:20 +01:00
Peter Maydell
6d809e7da9 target/xtensa: zero overhead loops rework/helpers split
- change xtensa zero overhead loops implementation to avoid invalidation
   of TBs corresponding to previous loop body when a new loop is
   encountered;
 - extract helper function groups from op_helper.c and move them into
   separate source files: exc_helper.c (exception helpers), win_helper.c
   (windowed registers helpers), fpu_helper.c (floating point helpers),
   mmu_helper.c (memory management helpers) and dbg_helper.c (native debug
   helpers).
 -----BEGIN PGP SIGNATURE-----
 
 iQJHBAABCAAxFiEEK2eFS5jlMn3N6xfYUfnMkfg/oEQFAlxHZIETHGpjbXZia2Jj
 QGdtYWlsLmNvbQAKCRBR+cyR+D+gREAmD/0XXCUljktusx5HRcFUOjGmEsYr2q1Y
 FEiS0dSepxnc1LH7gnAgPsMB6CaUi9+Bt08Qh1Cf48vjo0RA/GRU7YEMHANti+xo
 +3DX+fLcAyFZqiVLxUwPT5O2eOIUKvtO4BcPvhYoZc2CR+hZutt65XVF5eQsucoo
 paP/vOvelI5FZexLqrcytgzjPMI8WZWEANwKVb0ZzPetaOAlWunoME7E+XFYmEhA
 XU1MEiI6gJOgCpqInw7d6G/zjo4FTXp7kXlUXj8n1RP07gOQheE0kf6cxDRyPufp
 CRjqJJjT1Li5C+35aEJrYjIAGt0zxvNMz1qB9DycuRSzQnWcS7y1y/XbTyE0RtC7
 zIGQ692c9DyO5vs+tpRBcYUIa898kixXLgC23nxRGB9IP1XkBT33/yqTfPj3LIWq
 KQYocxrNXe+PpDt3So81KA6v6w0xo21bnXgoFYx4Z/vG1r4njWPoNbyPckxbo8Vq
 zd/2gmnbORX7hqrTesggpGK6tfdOqH84QksO+sbdVDgQ+lwAUxYvxeG8+16rBn33
 cENN5yXPymJ7jpAjnciqanWjdZpCmqlFZUtQmt9kre7icydpbfom/B4HyYiGtwHA
 NM5y6F+reFUuggvFYLQfg6yxdSKkHsb0sIKTPxMN06VWDBRANFN32ZIk7oLN6L4g
 r5J0JQDHpBbOLg==
 =oGcZ
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/xtensa/tags/20190122-xtensa' into staging

target/xtensa: zero overhead loops rework/helpers split

- change xtensa zero overhead loops implementation to avoid invalidation
  of TBs corresponding to previous loop body when a new loop is
  encountered;
- extract helper function groups from op_helper.c and move them into
  separate source files: exc_helper.c (exception helpers), win_helper.c
  (windowed registers helpers), fpu_helper.c (floating point helpers),
  mmu_helper.c (memory management helpers) and dbg_helper.c (native debug
  helpers).

# gpg: Signature made Tue 22 Jan 2019 18:44:17 GMT
# gpg:                using RSA key 51F9CC91F83FA044
# gpg: Good signature from "Max Filippov <filippov@cadence.com>"
# gpg:                 aka "Max Filippov <max.filippov@cogentembedded.com>"
# gpg:                 aka "Max Filippov <jcmvbkbc@gmail.com>"
# Primary key fingerprint: 2B67 854B 98E5 327D CDEB  17D8 51F9 CC91 F83F A044

* remotes/xtensa/tags/20190122-xtensa:
  target/xtensa: move non-HELPER functions to helper.c
  target/xtensa: drop dump_state helper
  target/xtensa: extract interrupt and exception helpers
  target/xtensa: extract debug helpers
  target/xtensa: extract MMU helpers
  target/xtensa: extract windowed registers helpers
  target/xtensa: extract FPU helpers
  target/xtensa: rework zero overhead loops implementation

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-23 21:50:49 +00:00
Peter Maydell
fcb700b729 Pullreq 2019-01-22
-----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCgAdFiEErET+3BT38evtv0FRKcWWeA9ryoMFAlxHAbEACgkQKcWWeA9r
 yoOp2gf/XGejQjPdTdaWuDxRcGxkFGQVl0frZZs403ePw8Pm24jroKJjCJhg4Pxg
 GplcqMINDeuoIyBrwiftzaE1N8v2ysSoilV2la2+61MdjN3e7sJ1kwwU4YVzYdNt
 UbzVJ4O0a8WCPOdys6lTP/OwMyy1ELdyVFauxF9LcdJdVjHVmSPWDRRXNGHIMkSR
 jO/luwMAECF91Dus7yWVAZh+dcr4arC66+T9mo0WhtHsYaEnVo664+zalNOfUQoS
 T7G43ssOo8TbzV1MH2fLe20zkdtEi6kXHXTA067yBX/YVOULhi1L/oyV9QY9BXUa
 vHnGVgVQdQA1GkGhqFBSnqPvR1zojw==
 =a8zY
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/edgar/tags/edgar/xilinx-next-2019-01-22.for-upstream' into staging

Pullreq 2019-01-22

# gpg: Signature made Tue 22 Jan 2019 11:42:41 GMT
# gpg:                using RSA key 29C596780F6BCA83
# gpg: Good signature from "Edgar E. Iglesias (Xilinx key) <edgar.iglesias@xilinx.com>"
# gpg:                 aka "Edgar E. Iglesias <edgar.iglesias@gmail.com>"
# Primary key fingerprint: AC44 FEDC 14F7 F1EB EDBF  4151 29C5 9678 0F6B CA83

* remotes/edgar/tags/edgar/xilinx-next-2019-01-22.for-upstream:
  target/microblaze: Add props enabling exceptions on failed bus accesses
  hw/microblaze: s3adsp1800: Create an unimplemented GPIO area
  target/microblaze: Switch to transaction_failed hook

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-23 11:59:42 +00:00
Edgar E. Iglesias
2867a96ffb target/microblaze: Add props enabling exceptions on failed bus accesses
Add MicroBlaze CPU properties to enable exceptions on failed
bus accesses.

Reviewed-by: Luc Michel <luc.michel@greensocs.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2019-01-22 03:17:34 -08:00
Peter Maydell
bdff8123f2 target/microblaze: Switch to transaction_failed hook
Switch the microblaze target from the old unassigned_access hook
to the transaction_failed hook.

The notable difference is that rather than it being called
for all physical memory accesses which fail (including
those made by DMA devices or by the gdbstub), it is only
called for those made by the CPU via its MMU. For
microblaze this makes no difference because none of the
target CPU code needs to make loads or stores by physical
address.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
[EI: Add space in qemu_log()]
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2019-01-22 02:10:12 -08:00
Thomas Huth
0d8d6a24fc ppc: Fix duplicated typedefs to be able to compile with Clang in gnu99 mode
When compiling the ppc code with clang and -std=gnu99, there are a
couple of warnings/errors like this one:

  CC      ppc64-softmmu/hw/intc/xics.o
In file included from hw/intc/xics.c:35:
include/hw/ppc/xics.h:43:25: error: redefinition of typedef 'ICPState' is a C11 feature
      [-Werror,-Wtypedef-redefinition]
typedef struct ICPState ICPState;
                        ^
target/ppc/cpu.h:1181:25: note: previous definition is here
typedef struct ICPState ICPState;
                        ^
Work around the problems by including the proper headers in spapr.h
and by using struct forward declarations in cpu.h.

Reviewed-by: Greg Kurz <groug@kaod.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2019-01-22 05:14:33 +01:00
Peter Maydell
166609e607 MIPS queue for January 17, 2019 - v2
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJcQfb3AAoJENSXKoln91plXOkH/Rb+3IUi3ziXLaIo18fvMYcO
 PY4cT/+3Lv9a8aa3/L1QFEYjI8Mu5s8MCQbQbOckifnusPao4bCHrVzhnwrchelb
 DnkccwJcbyMkPAB2EqsUDNIRLiA6EmaXu4d9ve8HEo4mB3uy/OcOUo6YtotaPuV6
 Z9kAyS1lnXOkrlbWU0ZgmEvvw8Mhs/XED3HOtzPpfrOVKnpObPqdMLPsVLqC761k
 LZ6vbrjo2ELBwp+3WVaXDmLrNLF/qXd3NyFKPQ+EI8q3o7+7OpBptXOkuwT9CvAy
 NzAMBFAIsKo90C1PD5hzlyYeoaEkyGBR0Uquiz+FkxUr9NuKs40qOEEjwd5njPg=
 =q6sK
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/amarkovic/tags/mips-queue-january-17-2019-v2' into staging

MIPS queue for January 17, 2019 - v2

# gpg: Signature made Fri 18 Jan 2019 15:55:35 GMT
# gpg:                using RSA key D4972A8967F75A65
# gpg: Good signature from "Aleksandar Markovic <amarkovic@wavecomp.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 8526 FBF1 5DA3 811F 4A01  DD75 D497 2A89 67F7 5A65

* remotes/amarkovic/tags/mips-queue-january-17-2019-v2:
  target/mips: Introduce 32 R5900 multimedia registers
  target/mips: Rename 'rn' to 'register_name'
  target/mips: Add CP0 register MemoryMapID
  target/mips: Amend preprocessor constants for CP0 registers
  target/mips: Update ITU to handle bus errors
  target/mips: Update ITU to utilize SAARI and SAAR CP0 registers
  target/mips: Add field and R/W access to ITU control register ICR0
  target/mips: Provide R/W access to SAARI and SAAR CP0 registers
  target/mips: Add fields for SAARI and SAAR CP0 registers
  target/mips: Use preprocessor constants for 32 major CP0 registers
  target/mips: Add preprocessor constants for 32 major CP0 registers
  target/mips: Move comment containing summary of CP0 registers

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 17:53:28 +00:00
Aaron Lindsay
0d4bfd7df8 target/arm: Implement PMSWINC
Signed-off-by: Aaron Lindsay <alindsay@codeaurora.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20181211151945.29137-14-aaron@os.amperecomputing.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:56 +00:00
Aaron Lindsay
ac689a2e51 target/arm: PMU: Set PMCR.N to 4
This both advertises that we support four counters and enables them
because the pmu_num_counters() reads this value from PMCR.

Signed-off-by: Aaron Lindsay <alindsay@codeaurora.org>
Signed-off-by: Aaron Lindsay <aaron@os.amperecomputing.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20181211151945.29137-13-aaron@os.amperecomputing.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:56 +00:00
Aaron Lindsay
b2e2372511 target/arm: PMU: Add instruction and cycle events
The instruction event is only enabled when icount is used, cycles are
always supported. Always defining get_cycle_count (but altering its
behavior depending on CONFIG_USER_ONLY) allows us to remove some
CONFIG_USER_ONLY #defines throughout the rest of the code.

Signed-off-by: Aaron Lindsay <alindsay@codeaurora.org>
Signed-off-by: Aaron Lindsay <aaron@os.amperecomputing.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20181211151945.29137-12-aaron@os.amperecomputing.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:56 +00:00
Aaron Lindsay
5ecdd3e47c target/arm: Finish implementation of PM[X]EVCNTR and PM[X]EVTYPER
Add arrays to hold the registers, the definitions themselves, access
functions, and logic to reset counters when PMCR.P is set. Update
filtering code to support counters other than PMCCNTR. Support migration
with raw read/write functions.

Signed-off-by: Aaron Lindsay <alindsay@codeaurora.org>
Signed-off-by: Aaron Lindsay <aaron@os.amperecomputing.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20181211151945.29137-11-aaron@os.amperecomputing.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:56 +00:00
Aaron Lindsay
57a4a11b2b target/arm: Add array for supported PMU events, generate PMCEID[01]_EL0
This commit doesn't add any supported events, but provides the framework
for adding them. We store the pm_event structs in a simple array, and
provide the mapping from the event numbers to array indexes in the
supported_event_map array. Because the value of PMCEID[01] depends upon
which events are supported at runtime, generate it dynamically.

Signed-off-by: Aaron Lindsay <alindsay@codeaurora.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20181211151945.29137-10-aaron@os.amperecomputing.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:56 +00:00
Aaron Lindsay
cad8673744 target/arm: Make PMCEID[01]_EL0 64 bit registers, add PMCEID[23]
Signed-off-by: Aaron Lindsay <aaron@os.amperecomputing.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20181211151945.29137-9-aaron@os.amperecomputing.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:56 +00:00
Aaron Lindsay
beceb99c0c target/arm: Define FIELDs for ID_DFR0
This is immediately necessary for the PMUv3 implementation to check
ID_DFR0.PerfMon to enable/disable specific features, but defines the
full complement of fields for possible future use elsewhere.

Signed-off-by: Aaron Lindsay <aaron@os.amperecomputing.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20181211151945.29137-8-aaron@os.amperecomputing.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:56 +00:00
Aaron Lindsay
327dd5108b target/arm: Implement PMOVSSET
Add an array for PMOVSSET so we only define it for v7ve+ platforms

Signed-off-by: Aaron Lindsay <alindsay@codeaurora.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20181211151945.29137-7-aaron@os.amperecomputing.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:56 +00:00
Aaron Lindsay
4b8afa1f99 target/arm: Allow AArch32 access for PMCCFILTR
Signed-off-by: Aaron Lindsay <alindsay@codeaurora.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20181211151945.29137-6-aaron@os.amperecomputing.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:55 +00:00
Aaron Lindsay
033614c47d target/arm: Filter cycle counter based on PMCCFILTR_EL0
Rename arm_ccnt_enabled to pmu_counter_enabled, and add logic to only
return 'true' if the specified counter is enabled and neither prohibited
or filtered.

Signed-off-by: Aaron Lindsay <alindsay@codeaurora.org>
Signed-off-by: Aaron Lindsay <aclindsa@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20181211151945.29137-5-aaron@os.amperecomputing.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:55 +00:00
Aaron Lindsay
980ebe8705 target/arm: Swap PMU values before/after migrations
Because of the PMU's design, many register accesses have side effects
which are inter-related, meaning that the normal method of saving CP
registers can result in inconsistent state. These side-effects are
largely handled in pmu_op_start/finish functions which can be called
before and after the state is saved/restored. By doing this and adding
raw read/write functions for the affected registers, we avoid
migration-related inconsistencies.

Signed-off-by: Aaron Lindsay <aclindsa@gmail.com>
Signed-off-by: Aaron Lindsay <aaron@os.amperecomputing.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20181211151945.29137-4-aaron@os.amperecomputing.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:55 +00:00
Aaron Lindsay
5d05b9d462 target/arm: Reorganize PMCCNTR accesses
pmccntr_read and pmccntr_write contained duplicate code that was already
being handled by pmccntr_sync. Consolidate the duplicated code into two
functions: pmccntr_op_start and pmccntr_op_finish. Add a companion to
c15_ccnt in CPUARMState so that we can simultaneously save both the
architectural register value and the last underlying cycle count - this
ensures time isn't lost and will also allow us to access the 'old'
architectural register value in order to detect overflows in later
patches.

Signed-off-by: Aaron Lindsay <alindsay@codeaurora.org>
Signed-off-by: Aaron Lindsay <aclindsa@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20181211151945.29137-3-aaron@os.amperecomputing.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:55 +00:00
Richard Henderson
8733d762d5 target/arm: Tidy TBI handling in gen_a64_set_pc
We can perform this with fewer operations.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190108223129.5570-32-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:55 +00:00
Richard Henderson
1ae9cfbd47 target/arm: Enable PAuth for user-only
Add 4 attributes that controls the EL1 enable bits, as we may not
always want to turn on pointer authentication with -cpu max.
However, by default they are enabled.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20190108223129.5570-31-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:55 +00:00
Richard Henderson
1ce32e47db target/arm: Enable PAuth for -cpu max
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190108223129.5570-30-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:55 +00:00
Richard Henderson
967aa94f2b target/arm: Add PAuth system registers
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190108223129.5570-29-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:55 +00:00
Richard Henderson
990870b205 target/arm: Implement pauth_computepac
This is the main crypto routine, an implementation of QARMA.
This matches, as much as possible, ARM pseudocode.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20190108223129.5570-28-richard.henderson@linaro.org
[PMM: fixed minor checkpatch nits]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:55 +00:00
Richard Henderson
63ff0ca94c target/arm: Implement pauth_addpac
This is not really functional yet, because the crypto is not yet
implemented.  This, however follows the AddPAC pseudo function.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190108223129.5570-27-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:55 +00:00
Richard Henderson
a7bfa086c9 target/arm: Implement pauth_auth
This is not really functional yet, because the crypto is not yet
implemented.  This, however follows the Auth pseudo function.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190108223129.5570-26-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:54 +00:00
Richard Henderson
04d13549fa target/arm: Implement pauth_strip
Stripping out the authentication data does not require any crypto,
it merely requires the virtual address parameters.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190108223129.5570-25-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:54 +00:00
Richard Henderson
5d8634f5a3 target/arm: Reuse aa64_va_parameters for setting tbflags
The arm_regime_tbi{0,1} functions are replacable with the new function
by giving the lowest and highest address.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190108223129.5570-24-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:54 +00:00
Richard Henderson
8220af7e4d target/arm: Decode TBID from TCR
Use TBID in aa64_va_parameters depending on the data parameter.
This automatically updates all existing users of the function.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20190108223129.5570-23-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:54 +00:00
Richard Henderson
e737ed2ad8 target/arm: Add aa64_va_parameters_both
We will want to check TBI for I and D simultaneously.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20190108223129.5570-22-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:54 +00:00
Richard Henderson
bf0be43387 target/arm: Export aa64_va_parameters to internals.h
We need to reuse this from helper-a64.c.  Provide a stub
definition for CONFIG_USER_ONLY.  This matches the stub
definitions that we removed for arm_regime_tbi{0,1} before.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190108223129.5570-21-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:54 +00:00
Richard Henderson
476a4692f0 target/arm: Merge TBFLAG_AA_TB{0, 1} to TBII
We will shortly want to talk about TBI as it relates to data.
Passing around a pair of variables is less convenient than a
single variable.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20190108223129.5570-20-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:54 +00:00
Richard Henderson
ba97be9f4a target/arm: Create ARMVAParameters and helpers
Split out functions to extract the virtual address parameters.
Let the functions choose T0 or T1 address space half, if present.
Extract (most of) the control bits that vary between EL or Tx.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20190108223129.5570-19-richard.henderson@linaro.org
[PMM: fixed minor checkpatch comment nits]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:54 +00:00
Richard Henderson
64be86ab1b target/arm: Introduce arm_stage1_mmu_idx
While we could expose stage_1_mmu_idx, the combination is
probably going to be more useful.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190108223129.5570-18-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:54 +00:00
Richard Henderson
50494a279d target/arm: Introduce arm_mmu_idx
The pattern

  ARMMMUIdx mmu_idx = core_to_arm_mmu_idx(env, cpu_mmu_index(env, false));

is computing the full ARMMMUIdx, stripping off the ARM bits,
and then putting them back.

Avoid the extra two steps with the appropriate helper function.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190108223129.5570-17-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:54 +00:00
Richard Henderson
65e4655c60 target/arm: Move cpu_mmu_index out of line
This function is, or will shortly become, too big to inline.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190108223129.5570-16-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:53 +00:00
Richard Henderson
bd889f4810 target/arm: Decode Load/store register (pac)
Not that there are any stores involved, but why argue with ARM's
naming convention.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20190108223129.5570-15-richard.henderson@linaro.org
[fixed trivial comment nit]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:53 +00:00
Richard Henderson
561c0a3308 target/arm: Decode PAuth within disas_uncond_b_reg
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190108223129.5570-14-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:53 +00:00
Richard Henderson
f7cf3bfc1b target/arm: Rearrange decode in disas_uncond_b_reg
This will enable PAuth decode in a subsequent patch.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20190108223129.5570-13-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:53 +00:00
Richard Henderson
d9f482a027 target/arm: Add new_pc argument to helper_exception_return
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190108223129.5570-12-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:53 +00:00
Richard Henderson
ce02fd99e6 target/arm: Move helper_exception_return to helper-a64.c
This function is only used by AArch64.  Code movement only.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190108223129.5570-11-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:53 +00:00
Richard Henderson
b6342a9f92 target/arm: Decode PAuth within disas_data_proc_2src
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190108223129.5570-10-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:53 +00:00
Richard Henderson
95ebd99dcd target/arm: Decode PAuth within disas_data_proc_1src
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190108223129.5570-9-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:53 +00:00
Richard Henderson
18de2813c3 target/arm: Rearrange decode in disas_data_proc_1src
Now properly signals unallocated for REV64 with SF=0.
Allows for the opcode2 field to be decoded shortly.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190108223129.5570-8-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:53 +00:00
Richard Henderson
7c94c8343c target/arm: Decode PAuth within system hint space
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190108223129.5570-7-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:53 +00:00
Richard Henderson
0d43e1a2d2 target/arm: Add PAuth helpers
The cryptographic internals are stubbed out for now,
but the enable and trap bits are checked.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20190108223129.5570-6-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:53 +00:00
Richard Henderson
7469f6c696 target/arm: Introduce raise_exception_ra
This path uses cpu_loop_exit_restore to unwind current processor state.

Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20190108223129.5570-5-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:53 +00:00
Richard Henderson
0816ef1bfc target/arm: Add PAuth active bit to tbflags
There are 5 bits of state that could be added, but to save
space within tbflags, add only a single enable bit.
Helpers will determine the rest of the state at runtime.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190108223129.5570-4-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:53 +00:00
Richard Henderson
b2af69d0b6 target/arm: Add SCTLR bits through ARMv8.5
Post v8.4 bits taken from SysReg_v85_xml-00bet8.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190108223129.5570-3-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:38:52 +00:00
Richard Henderson
991ad91b6a target/arm: Add state for the ARMv8.3-PAuth extension
Add storage space for the 5 encryption keys.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20190108223129.5570-2-richard.henderson@linaro.org
[PMM: use 0xf rather than -1 in FIELD_DP64() expressions to
 avoid clang warnings about implicit truncation from int to
 bitfield changing the value]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:23:11 +00:00
Alexander Graf
2d2a4549cc target/arm: Allow Aarch32 exception return to switch from Mon->Hyp
In U-boot, we switch from S-SVC -> Mon -> Hyp mode when we want to
enter Hyp mode. The change into Hyp mode is done by doing an
exception return from Mon. This doesn't work with current QEMU.

The problem is that in bad_mode_switch() we refuse to allow
the change of mode.

Note that bad_mode_switch() is used to do validation for two situations:

 (1) changes to mode by instructions writing to CPSR.M
     (ie not exception take/return) -- this corresponds to the
     Armv8 Arm ARM pseudocode Arch32.WriteModeByInstr
 (2) changes to mode by exception return

Attempting to enter or leave Hyp mode via case (1) is forbidden in
v8 and UNPREDICTABLE in v7, and QEMU is correct to disallow it
there. However, we're already doing that check at the top of the
bad_mode_switch() function, so if that passes then we should allow
the case (2) exception return mode changes to switch into Hyp mode.

We want to test whether we're trying to return to the nonexistent
"secure Hyp" mode, so we need to look at arm_is_secure_below_el3()
rather than arm_is_secure(), since the latter is always true if
we're in Mon (EL3).

Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20190109152430.32359-1-agraf@suse.de
[PMM: rewrote commit message]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21 10:23:11 +00:00
Fredrik Noring
a168a796e1 target/mips: Introduce 32 R5900 multimedia registers
The 32 R5900 128-bit registers are split into two 64-bit halves:
the lower halves are the GPRs and the upper halves are accessible
by the R5900-specific multimedia instructions.

Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Signed-off-by: Fredrik Noring <noring@nocrew.org>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2019-01-18 16:53:28 +01:00
Aleksandar Markovic
294fc2ea7f target/mips: Rename 'rn' to 'register_name'
Rename 'rn' to 'register_name' in CP0-related handlers.

Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2019-01-18 16:53:28 +01:00
Aleksandar Markovic
3ef521ee9f target/mips: Add CP0 register MemoryMapID
Add CP0 register MemoryMapID. Only data field is added.
The corresponding functionality will be added in future
patches.

Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2019-01-18 16:53:28 +01:00
Aleksandar Markovic
04992c8cd1 target/mips: Amend preprocessor constants for CP0 registers
Correct existing CP0-related preprocessor constants (replace
"CPO" with "CP0" (form letter "O" to digit "0", when needed).
Besides, add preprocessor constants for CP0 subregisters.
The names of the subregisters were chosen to be in sync with
the table of corresponding assembler mnemonics found in the
documentation for I6500 and I6400 (release 1.0).

Reviewed-by: Aleksandar Rikalo <arikalo@wavecomp.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2019-01-18 16:53:28 +01:00
Yongbok Kim
043715d1e0 target/mips: Update ITU to utilize SAARI and SAAR CP0 registers
Update ITU to utilize SAARI and SAAR CP0 registers.

Reviewed-by: Stefan Markovic <smarkovic@wavecomp.com>
Signed-off-by: Yongbok Kim <yongbok.kim@mips.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2019-01-18 16:53:28 +01:00
Yongbok Kim
5fb2dcd179 target/mips: Provide R/W access to SAARI and SAAR CP0 registers
Provide R/W access to SAARI and SAAR CP0 registers.

Reviewed-by: Stefan Markovic <smarkovic@wavecomp.com>
Signed-off-by: Yongbok Kim <yongbok.kim@mips.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2019-01-18 16:53:28 +01:00
Yongbok Kim
167db30e98 target/mips: Add fields for SAARI and SAAR CP0 registers
Add fields for SAARI and SAAR CP0 registers.

Reviewed-by: Stefan Markovic <smarkovic@wavecomp.com>
Signed-off-by: Yongbok Kim <yongbok.kim@mips.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2019-01-18 16:53:28 +01:00
Aleksandar Markovic
46d7642fcc target/mips: Use preprocessor constants for 32 major CP0 registers
Use preprocessor constants for 32 major CP0 registers.

Reviewed-by: Stefan Markovic <smarkovic@wavecomp.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2019-01-18 16:53:28 +01:00
Aleksandar Markovic
efd27d3f08 target/mips: Add preprocessor constants for 32 major CP0 registers
Add preprocessor constants for 32 major CP0 registers.

Reviewed-by: Stefan Markovic <smarkovic@wavecomp.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2019-01-18 16:53:28 +01:00
Aleksandar Markovic
ea9c5e836e target/mips: Move comment containing summary of CP0 registers
Move comment containing summary of CP0 registers. Checkpatch
script reported some tabs in the resutling diff, so convert
these tabs to spaces too.

Reviewed-by: Stefan Markovic <smarkovic@wavecomp.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2019-01-18 16:53:28 +01:00
Janosch Frank
37dbd1f4d4 s390x: Return specification exception for unimplemented diag 308 subcodes
The architecture specifies specification exceptions for all
unavailable subcodes.

The presence of subcodes is indicated by checking some query subcode.
For example 6 will indicate that 3-6 are available. So future systems
might call new subcodes to check for new features. This should not
trigger a hw error, instead we return the architectured specification
exception.

Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
Cc: qemu-stable@nongnu.org
Message-Id: <20190111113657.66195-3-frankja@linux.ibm.com>
Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2019-01-18 11:52:00 +01:00
Vitaly Kuznetsov
abd5fc4c86 i386/kvm: add a comment explaining why .feat_names are commented out for Hyper-V feature bits
Hyper-V .feat_names are, unlike hardware features, commented out and it is
not obvious why we do that. Document the current status quo.

Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Message-Id: <20181221141604.16935-1-vkuznets@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2019-01-14 12:28:44 -02:00
Eduardo Habkost
258fe08bd3 x86: host-phys-bits-limit option
Some downstream distributions of QEMU set host-phys-bits=on by
default.  This worked very well for most use cases, because
phys-bits really didn't have huge consequences. The only
difference was on the CPUID data seen by guests, and on the
handling of reserved bits.

This changed in KVM commit 855feb673640 ("KVM: MMU: Add 5 level
EPT & Shadow page table support").  Now choosing a large
phys-bits value for a VM has bigger impact: it will make KVM use
5-level EPT even when it's not really necessary.  This means
using the host phys-bits value may not be the best choice.

Management software could address this problem by manually
configuring phys-bits depending on the size of the VM and the
amount of MMIO address space required for hotplug.  But this is
not trivial to implement.

However, there's another workaround that would work for most
cases: keep using the host phys-bits value, but only if it's
smaller than 48.  This patch makes this possible by introducing a
new "-cpu" option: "host-phys-bits-limit".  Management software
or users can make sure they will always use 4-level EPT using:
"host-phys-bits=on,host-phys-bits-limit=48".

This behavior is still not enabled by default because QEMU
doesn't enable host-phys-bits=on by default.  But users,
management software, or downstream distributions may choose to
change their defaults using the new option.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <20181211192527.13254-1-ehabkost@redhat.com>
[ehabkost: removed test code while some issues are addressed]
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2019-01-14 12:23:36 -02:00
Paolo Bonzini
ecb85fe48c target/i386: Disable MPX support on named CPU models
MPX support is being phased out by Intel; GCC has dropped it, Linux
is also going to do that.  Even though KVM will have special code
to support MPX after the kernel proper stops enabling it in XCR0,
we probably also want to deprecate that in a few years.  As a start,
do not enable it by default for any named CPU model starting with
the 4.0 machine types; this include Skylake, Icelake and Cascadelake.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20181220121100.21554-1-pbonzini@redhat.com>
Reviewed-by:   Wainer dos Santos Moschetta <wainersm@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2019-01-14 12:23:36 -02:00
Borislav Petkov
483c6ad426 target-i386: Reenable RDTSCP support on Opteron_G[345] CPU models CPU models
The missing functionality was added ~3 years ago with the Linux commit

  46896c73c1a4 ("KVM: svm: add support for RDTSCP")

so reenable RDTSCP support on those CPU models.

Opteron_G2 - being family 15, model 6, doesn't have RDTSCP support
(the real hardware doesn't have it. K8 got RDTSCP support with the NPT
models, i.e., models >= 0x40).

Document the host's minimum required kernel version, while at it.

Signed-off-by: Borislav Petkov <bp@suse.de>
Message-ID: <20181212200803.GG6653@zn.tnic>
[ehabkost: moved compat properties code to pc.c]
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2019-01-14 12:23:36 -02:00
Vitaly Kuznetsov
a2b107dbbd i386/kvm: expose HV_CPUID_ENLIGHTMENT_INFO.EAX and HV_CPUID_NESTED_FEATURES.EAX as feature words
It was found that QMP users of QEMU (e.g. libvirt) may need
HV_CPUID_ENLIGHTMENT_INFO.EAX/HV_CPUID_NESTED_FEATURES.EAX information. In
particular, 'hv_tlbflush' and 'hv_evmcs' enlightenments are only exposed in
HV_CPUID_ENLIGHTMENT_INFO.EAX.

HV_CPUID_NESTED_FEATURES.EAX is exposed for two reasons: convenience
(we don't need to export it from hyperv_handle_properties() and as
future-proof for Enlightened MSR-Bitmap, PV EPT invalidation and
direct virtual flush features.

Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Message-Id: <20181126135958.20956-1-vkuznets@redhat.com>
Reviewed-by: Roman Kagan <rkagan@virtuozzo.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2019-01-14 12:23:36 -02:00
Peter Maydell
7260438b70 RISC-V Updates for 3.2, Part 2
This patch set contains a handful of Michael's CSR-related cleanups,
 which should allow us to proceed with more outstanding bug fixes that
 depend on them.
 
 Additionally, there is a patch that turns on USB.  This works for me
 when the kernel has the appropriate drivers (which will soon be in
 defconfig) and I pass
 
     -device usb-ehci
     -drive id=my_usb_disk,file=usbdisk.img,if=none,format=raw
     -device usb-storage,drive=my_usb_disk
 
 to QEMU.
 -----BEGIN PGP SIGNATURE-----
 
 iQJHBAABCAAxFiEEAM520YNJYN/OiG3470yhUCzLq0EFAlw42s4THHBhbG1lckBk
 YWJiZWx0LmNvbQAKCRDvTKFQLMurQS/2D/sFgvFwdh4UtLlNpaPMMTdfC6rh3TBJ
 jGsTjKSt2PBi6v/5PcVSCYGqxKdNRmZCWO1QOuXBY0mtgs2it7Cy8gTj8587vx30
 MZpwDdQyahUH2ekhUbWhoCcxB/VTaQuSiBn2z0BdYgUuYNDvBCDHVPzEOX4dCsfW
 COKdgqKkGVHWS8jM6TQx18BlmWy7ZyBPYKE4vXLx7rGc06wuV6IHfJjJz9A9mT2D
 C+olQe2xMxOOIKvViODN4q4p8XEcoZ4X8HZHS+XZqPUsdqq6XOj0NbcvzuWLe+r6
 CSvj6wJeT2vndl7IxOc387esDYQT9gcpzHBr689VKZ8wsx8C6yGJbZ1ZdBMBMHzz
 Vin/2wooXAVAEH5HR9vw/VKfcigGPIJ0nq6Ia3BJeYRMmhTvICwgabCJQ2keSYcD
 xdv0OyplH6pZpvfsfDJFL377+qC8Rtr38SvLA4twvwkGwTNMjupombRV83HMC5F1
 z9BkXgiiZiE4VZIWR6fhPDcg1zV4OJyuI3q/aKN8WM9yvOwYD8o7XGNo3M1zejvO
 wTbWTt7xSvzFLUKik2etX6zgBz+myoJ6zpT7VbvjXh8q4pLBWZgAJJH7qkTc0A8k
 L18Mo/wA9OPeVQ6mDxNS8IrJGYr4EehYG3bbtPgLhElO0IyP/z4YqGYBpJ6YRVXe
 4EuQXMIaDcj1/w==
 =JmSx
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/palmer/tags/riscv-for-master-3.2-part2' into staging

RISC-V Updates for 3.2, Part 2

This patch set contains a handful of Michael's CSR-related cleanups,
which should allow us to proceed with more outstanding bug fixes that
depend on them.

Additionally, there is a patch that turns on USB.  This works for me
when the kernel has the appropriate drivers (which will soon be in
defconfig) and I pass

    -device usb-ehci
    -drive id=my_usb_disk,file=usbdisk.img,if=none,format=raw
    -device usb-storage,drive=my_usb_disk

to QEMU.

# gpg: Signature made Fri 11 Jan 2019 18:05:02 GMT
# gpg:                using RSA key EF4CA1502CCBAB41
# gpg: Good signature from "Palmer Dabbelt <palmer@dabbelt.com>"
# gpg:                 aka "Palmer Dabbelt <palmer@sifive.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 00CE 76D1 8349 60DF CE88  6DF8 EF4C A150 2CCB AB41

* remotes/palmer/tags/riscv-for-master-3.2-part2:
  default-configs: Enable USB support for RISC-V machines
  RISC-V: Implement existential predicates for CSRs
  RISC-V: Implement atomic mip/sip CSR updates
  RISC-V: Implement modular CSR helper interface

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-14 11:41:43 +00:00
Max Filippov
9584116f94 target/xtensa: move non-HELPER functions to helper.c
Move remaining non-HELPER functions from op_helper.c to helper.c.
No functional changes.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-01-13 23:36:31 -08:00
Max Filippov
d9908e037e target/xtensa: drop dump_state helper
Drop unused helper dump_state from op_helper.c

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-01-13 23:36:31 -08:00
Max Filippov
8d918d656a target/xtensa: extract interrupt and exception helpers
Move helper functions related to interrupt and exception handling from
op_helper.c and helper.c to exc_helper.c. No functional changes.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-01-13 23:36:29 -08:00
Max Filippov
8803bfea0e target/xtensa: extract debug helpers
Move HELPER functions related to native debugging from op_helper.c to
dbg_helper.c. No functional changes.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-01-13 23:35:34 -08:00
Max Filippov
7e5e5a6302 target/xtensa: extract MMU helpers
Move MMU-related helper functions from op_helper.c and helper.c to
mmu_helper.c. No functional changes.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-01-13 23:34:57 -08:00
Max Filippov
c9ed50e82d target/xtensa: extract windowed registers helpers
Move helper functions related to register windows from op_helper.c to
win_helper.c. No functional changes.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-01-13 23:34:30 -08:00
Max Filippov
9483bf27ee target/xtensa: extract FPU helpers
Move FPU-related HELPER functions from op_helper.c to fpu_helper.c
No functional changes.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2019-01-13 23:33:42 -08:00
Max Filippov
5d630cef4f target/xtensa: rework zero overhead loops implementation
Don't invalidate TB with the end of zero overhead loop when LBEG or LEND
change. Instead encode the distance from the start of the page where the
TB starts to the LEND in the TB cs_base and generate loopback code when
the next PC matches encoded LEND. Distance to a destination within the
same page and up to a maximum instruction length into the next page is
encoded literally, otherwise it's zero. The distance from LEND to LBEG
is also encoded in the cs_base: it's encoded literally when less than
256 or as 0 otherwise. This allows for TB chaining for the loopback
branch at the end of a loop for the most common loop sizes.

With this change the resulting emulation speed is about 10% higher in
softmmu mode on uClibc-ng and LTP tests. Emulation speed in linux
user mode is a few percent lower because there's no direct TB chaining
between different memory pages. Testing with lower limit on direct TB
chaining range shows gradual slowdown to ~15% for the block size of 64
bytes and ~50% for the block size of 32 bytes.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
2019-01-11 20:52:24 -08:00
Paolo Bonzini
7d37435bd5 avoid TABs in files that only contain a few
Most files that have TABs only contain a handful of them.  Change
them to spaces so that we don't confuse people.

disas, standard-headers, linux-headers and libdecnumber are imported
from other projects and probably should be exempted from the check.
Outside those, after this patch the following files still contain both
8-space and TAB sequences at the beginning of the line.  Many of them
have a majority of TABs, or were initially committed with all tabs.

    bsd-user/i386/target_syscall.h
    bsd-user/x86_64/target_syscall.h
    crypto/aes.c
    hw/audio/fmopl.c
    hw/audio/fmopl.h
    hw/block/tc58128.c
    hw/display/cirrus_vga.c
    hw/display/xenfb.c
    hw/dma/etraxfs_dma.c
    hw/intc/sh_intc.c
    hw/misc/mst_fpga.c
    hw/net/pcnet.c
    hw/sh4/sh7750.c
    hw/timer/m48t59.c
    hw/timer/sh_timer.c
    include/crypto/aes.h
    include/disas/bfd.h
    include/hw/sh4/sh.h
    libdecnumber/decNumber.c
    linux-headers/asm-generic/unistd.h
    linux-headers/linux/kvm.h
    linux-user/alpha/target_syscall.h
    linux-user/arm/nwfpe/double_cpdo.c
    linux-user/arm/nwfpe/fpa11_cpdt.c
    linux-user/arm/nwfpe/fpa11_cprt.c
    linux-user/arm/nwfpe/fpa11.h
    linux-user/flat.h
    linux-user/flatload.c
    linux-user/i386/target_syscall.h
    linux-user/ppc/target_syscall.h
    linux-user/sparc/target_syscall.h
    linux-user/syscall.c
    linux-user/syscall_defs.h
    linux-user/x86_64/target_syscall.h
    slirp/cksum.c
    slirp/if.c
    slirp/ip.h
    slirp/ip_icmp.c
    slirp/ip_icmp.h
    slirp/ip_input.c
    slirp/ip_output.c
    slirp/mbuf.c
    slirp/misc.c
    slirp/sbuf.c
    slirp/socket.c
    slirp/socket.h
    slirp/tcp_input.c
    slirp/tcpip.h
    slirp/tcp_output.c
    slirp/tcp_subr.c
    slirp/tcp_timer.c
    slirp/tftp.c
    slirp/udp.c
    slirp/udp.h
    target/cris/cpu.h
    target/cris/mmu.c
    target/cris/op_helper.c
    target/sh4/helper.c
    target/sh4/op_helper.c
    target/sh4/translate.c
    tcg/sparc/tcg-target.inc.c
    tests/tcg/cris/check_addo.c
    tests/tcg/cris/check_moveq.c
    tests/tcg/cris/check_swap.c
    tests/tcg/multiarch/test-mmap.c
    ui/vnc-enc-hextile-template.h
    ui/vnc-enc-zywrle.h
    util/envlist.c
    util/readline.c

The following have only TABs:

    bsd-user/i386/target_signal.h
    bsd-user/sparc64/target_signal.h
    bsd-user/sparc64/target_syscall.h
    bsd-user/sparc/target_signal.h
    bsd-user/sparc/target_syscall.h
    bsd-user/x86_64/target_signal.h
    crypto/desrfb.c
    hw/audio/intel-hda-defs.h
    hw/core/uboot_image.h
    hw/sh4/sh7750_regnames.c
    hw/sh4/sh7750_regs.h
    include/hw/cris/etraxfs_dma.h
    linux-user/alpha/termbits.h
    linux-user/arm/nwfpe/fpopcode.h
    linux-user/arm/nwfpe/fpsr.h
    linux-user/arm/syscall_nr.h
    linux-user/arm/target_signal.h
    linux-user/cris/target_signal.h
    linux-user/i386/target_signal.h
    linux-user/linux_loop.h
    linux-user/m68k/target_signal.h
    linux-user/microblaze/target_signal.h
    linux-user/mips64/target_signal.h
    linux-user/mips/target_signal.h
    linux-user/mips/target_syscall.h
    linux-user/mips/termbits.h
    linux-user/ppc/target_signal.h
    linux-user/sh4/target_signal.h
    linux-user/sh4/termbits.h
    linux-user/sparc64/target_syscall.h
    linux-user/sparc/target_signal.h
    linux-user/x86_64/target_signal.h
    linux-user/x86_64/termbits.h
    pc-bios/optionrom/optionrom.h
    slirp/mbuf.h
    slirp/misc.h
    slirp/sbuf.h
    slirp/tcp.h
    slirp/tcp_timer.h
    slirp/tcp_var.h
    target/i386/svm.h
    target/sparc/asi.h
    target/xtensa/core-dc232b/xtensa-modules.inc.c
    target/xtensa/core-dc233c/xtensa-modules.inc.c
    target/xtensa/core-de212/core-isa.h
    target/xtensa/core-de212/xtensa-modules.inc.c
    target/xtensa/core-fsf/xtensa-modules.inc.c
    target/xtensa/core-sample_controller/core-isa.h
    target/xtensa/core-sample_controller/xtensa-modules.inc.c
    target/xtensa/core-test_kc705_be/core-isa.h
    target/xtensa/core-test_kc705_be/xtensa-modules.inc.c
    tests/tcg/cris/check_abs.c
    tests/tcg/cris/check_addc.c
    tests/tcg/cris/check_addcm.c
    tests/tcg/cris/check_addoq.c
    tests/tcg/cris/check_bound.c
    tests/tcg/cris/check_ftag.c
    tests/tcg/cris/check_int64.c
    tests/tcg/cris/check_lz.c
    tests/tcg/cris/check_openpf5.c
    tests/tcg/cris/check_sigalrm.c
    tests/tcg/cris/crisutils.h
    tests/tcg/cris/sys.c
    tests/tcg/i386/test-i386-ssse3.c
    ui/vgafont.h

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20181213223737.11793-3-pbonzini@redhat.com>
Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
Acked-by: Richard Henderson <richard.henderson@linaro.org>
Acked-by: Eric Blake <eblake@redhat.com>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Stefan Markovic <smarkovic@wavecomp.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-01-11 15:46:56 +01:00
Paolo Bonzini
b58deb344d qemu/queue.h: leave head structs anonymous unless necessary
Most list head structs need not be given a name.  In most cases the
name is given just in case one is going to use QTAILQ_LAST, QTAILQ_PREV
or reverse iteration, but this does not apply to lists of other kinds,
and even for QTAILQ in practice this is only rarely needed.  In addition,
we will soon reimplement those macros completely so that they do not
need a name for the head struct.  So clean up everything, not giving a
name except in the rare case where it is necessary.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-01-11 15:46:55 +01:00
Alexandro Sanchez Bach
b65cc8dec0 hax: Support for Linux hosts
Intel HAXM supports now 32-bit and 64-bit Linux hosts. This patch includes
the corresponding userland changes.

Since the Darwin userland backend is POSIX-compliant, the hax-darwin.{c,h}
files have been renamed to hax-posix.{c,h}. This prefix is consistent with
the naming used in the rest of QEMU.

Signed-off-by: Alexandro Sanchez Bach <asanchez@kryptoslogic.com>
Message-Id: <20181115013331.65820-1-asanchez@kryptoslogic.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-01-11 13:57:24 +01:00
Michael Clark
a88365c199
RISC-V: Implement existential predicates for CSRs
CSR predicate functions are added to the CSR table.
mstatus.FS and counter enable checks are moved
to predicate functions and two new predicates are
added to check misa.S for s* CSRs and a new PMP
CPU feature for pmp* CSRs.

Processors that don't implement S-mode will trap
on access to s* CSRs and processors that don't
implement PMP will trap on accesses to pmp* CSRs.

PMP checks are disabled in riscv_cpu_handle_mmu_fault
when the PMP CPU feature is not present.

Signed-off-by: Michael Clark <mjc@sifive.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Palmer Dabbelt <palmer@sifive.com>
2019-01-09 10:00:56 -08:00
Michael Clark
71877e2969
RISC-V: Implement atomic mip/sip CSR updates
Use the new CSR read/modify/write interface to implement
atomic updates to mip/sip.

Signed-off-by: Michael Clark <mjc@sifive.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Palmer Dabbelt <palmer@sifive.com>
2019-01-09 10:00:52 -08:00
Cédric Le Goater
3ff73aa241 ppc: replace the 'Object *intc' by a 'ICPState *icp' pointer under the CPU
Now that the 'intc' pointer is only used by the XICS interrupt mode,
let's make things clear and use a XICS type and name.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-01-09 09:28:14 +11:00
Cédric Le Goater
129dbe6926 ppc/xive: introduce a XiveTCTX pointer under PowerPCCPU
which will be used by the machine only when the XIVE interrupt mode is
in use.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-01-09 09:28:14 +11:00
Mark Cave-Ayland
2dea57db60 target/ppc: replace AVR* macros with Vsr* macros
Now that the VMX and VSR register sets have been combined, the same macros can
be used to access both AVR and VSR field members.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-01-09 09:28:14 +11:00
Mark Cave-Ayland
ef96e3ae96 target/ppc: move FP and VMX registers into aligned vsr register array
The VSX register array is a block of 64 128-bit registers where the first 32
registers consist of the existing 64-bit FP registers extended to 128-bit
using new VSR registers, and the last 32 registers are the VMX 128-bit
registers as show below:

            64-bit               64-bit
    +--------------------+--------------------+
    |        FP0         |                    |  VSR0
    +--------------------+--------------------+
    |        FP1         |                    |  VSR1
    +--------------------+--------------------+
    |        ...         |        ...         |  ...
    +--------------------+--------------------+
    |        FP30        |                    |  VSR30
    +--------------------+--------------------+
    |        FP31        |                    |  VSR31
    +--------------------+--------------------+
    |                  VMX0                   |  VSR32
    +-----------------------------------------+
    |                  VMX1                   |  VSR33
    +-----------------------------------------+
    |                  ...                    |  ...
    +-----------------------------------------+
    |                  VMX30                  |  VSR62
    +-----------------------------------------+
    |                  VMX31                  |  VSR63
    +-----------------------------------------+

In order to allow for future conversion of VSX instructions to use TCG vector
operations, recreate the same layout using an aligned version of the existing
vsr register array.

Since the old fpr and avr register arrays are removed, the existing callers
must also be updated to use the correct offset in the vsr register array. This
also includes switching the relevant VMState fields over to using subarrays
to make sure that migration is preserved.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-01-09 09:28:14 +11:00
Mark Cave-Ayland
05ee3e8aa0 target/ppc: merge ppc_vsr_t and ppc_avr_t union types
Since the VSX registers are actually a superset of the VMX registers then they
can be represented by the same type. Merge ppc_avr_t into ppc_vsr_t and change
ppc_avr_t to be a simple typedef alias.

Note that due to a difference in the naming of the float32 member between
ppc_avr_t and ppc_vsr_t, references to the ppc_avr_t f member must be replaced
with f32 instead.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-01-09 09:28:14 +11:00
Mark Cave-Ayland
7329fb6240 target/ppc: switch FPR, VMX and VSX helpers to access data directly from cpu_env
Instead of accessing the FPR, VMX and VSX registers through static arrays of
TCGv_i64 globals, remove them and change the helpers to load/store data directly
within cpu_env.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-01-09 09:28:14 +11:00
Mark Cave-Ayland
8b3b2d75c7 target/ppc: introduce get_cpu_vsr{l,h}() and set_cpu_vsr{l,h}() helpers for VSR register access
These helpers allow us to move VSR register values to/from the specified TCGv_i64
argument.

To prevent VSX helpers accessing the cpu_vsr array directly, add extra TCG
temporaries as required.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-01-09 09:28:14 +11:00
Mark Cave-Ayland
c4a18dbf52 target/ppc: introduce get_avr64() and set_avr64() helpers for VMX register access
These helpers allow us to move AVR register values to/from the specified TCGv_i64
argument.

To prevent VMX helpers accessing the cpu_avr{l,h} arrays directly, add extra TCG
temporaries as required.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-01-09 09:28:13 +11:00
Mark Cave-Ayland
1a404c91bd target/ppc: introduce get_fpr() and set_fpr() helpers for FP register access
These helpers allow us to move FP register values to/from the specified TCGv_i64
argument in the VSR helpers to be introduced shortly.

To prevent FP helpers accessing the cpu_fpr array directly, add extra TCG
temporaries as required.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-01-09 09:28:13 +11:00
Mark Cave-Ayland
4c23c2a538 target/ppc: switch EXTRACT_HELPER macros over to use sextract32/extract32
These ensure that we consistently handle signed and unsigned extensions correctly
when decoding immediates from instruction opcodes.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-01-09 09:28:13 +11:00
Mark Cave-Ayland
ffcd21acb4 target/ppc: fix typo in SIMM5 extraction helper
As the macro name suggests, the argument should be signed and not unsigned.

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-01-09 09:28:13 +11:00
Michael Clark
c7b9517188
RISC-V: Implement modular CSR helper interface
Previous CSR code uses csr_read_helper and csr_write_helper
to update CSR registers however this interface prevents
atomic read/modify/write CSR operations; in addition
there is no trap-free method to access to CSRs due
to the monolithic CSR functions call longjmp.

The current iCSR interface is not safe to be called by
target/riscv/gdbstub.c as privilege checks or missing CSRs
may call longjmp to generate exceptions. It needs to
indicate existence so traps can be generated in the
CSR instruction helpers.

This commit moves CSR access from the monolithic switch
statements in target/riscv/op_helper.c into modular
read/write functions in target/riscv/csr.c using a new
function pointer table for dispatch (which can later
be used to allow CPUs to hook up model specific CSRs).

A read/modify/write interface is added to support atomic
CSR operations and a non-trapping interface is added
to allow exception-free access to CSRs by the debugger.

The CSR functions and CSR dispatch table are ordered
to match The RISC-V Instruction Set Manual, Volume II:
Privileged Architecture Version 1.10, 2.2 CSR Listing.

An API is added to allow derived cpu instances to modify
or implement new CSR operations.

Signed-off-by: Michael Clark <mjc@sifive.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Palmer Dabbelt <palmer@sifive.com>
2019-01-08 13:59:09 -08:00
Richard Henderson
29eb528078 target/alpha: Fix user-only initialization of fpcr
When the representation of fpcr was changed, the user-only
initialization was not updated to match.  Oops.

Fixes: f3d3aad4a9
Fixes: https://bugs.launchpad.net/bugs/1701835
Reported-by: Bruno Haible <bruno@clisp.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2019-01-08 09:04:30 +10:00
Peter Maydell
c102d9471f target-arm queue:
* Support u-boot 'noload' images for Arm (as used by NetBSD/evbarm GENERIC kernel)
  * hw/misc/tz-mpc: Fix value of BLK_MAX register
  * target/arm: Emit barriers for A32/T32 load-acquire/store-release insns
  * nRF51 SoC: add timer, GPIO, RNG peripherals
  * hw/arm/allwinner-a10: Add the 'A' SRAM and the SRAM controller
  * cpus.c: Fix race condition in cpu_stop_current()
  * hw/arm: versal: Plug memory leaks
  * Allow M profile boards to run even if -kernel not specified
  * gdbstub: Add multiprocess extension support for use when the
    board has multiple CPUs of different types (like the Xilinx Zynq boards)
  * target/arm: Don't decode S bit in SVE brk[ab] merging insns
  * target/arm: Convert ARM_TBFLAG_* to FIELDs
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCAAGBQJcM36AAAoJEDwlJe0UNgzepuMP/A6umcXRrO+vOZgkW+cvJ8cD
 JkDdb8H/u3S6zqNokABI3Ya/areX1P30sRV7e7mC5IsknVNZe0MqQX6TW5477HMP
 Oz/m1AbyByWMLVILFiWfte5dtRRLfs3axzrmhu6HwJXe0NIUiYQofoJzCZEDMxDn
 71cehgeNkUGA36HViPyqzHZYADFkCX3Tfmh1FEh2jD7taK9GNsff8p6cHTb05W7d
 wWk68PS8VKTb5VrYH6SyiAHW8gBVrrUkYlkPKHzemK5fwlgDOSfxVLthf8mo08SH
 QxEXI430tagdmrGNO/nKOTA2NQwMzvCk/OLf0Qwg9I9F9pYtiOJ7nXXbtqDC8eKy
 DdHsL57W0F7sFkoVt+YNHSeylyLRluDh+D+Q7OHnlvwsEYmecqsWkW/A2CYC0uWs
 8ajxPBNpGG1lIvo63YK5/4kOy0DE/6ISljYOSlYYg3iXeAZPkQZMTlUxoYmJQ+Zr
 h1tLg1N9SuyQK5g5Uuluw2GwgzIv/Bt1LFo7pnvsA2X6PKiv6nno40T8q0Lw6ah4
 lmAUWx0OUilTrvQwterHlr6hfWu2RLiRoxCg06a3C93YlRjsR3vZOBeQ5ByaE+ho
 5ItKn58EerO+UaweVoc6MDhJFPC8b16Eee281BCec8Ks4GR1tIcpP/0z2lUwhBu6
 hoPmkoPtFtu1dKBgF8Ma
 =x1jv
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20190107' into staging

target-arm queue:
 * Support u-boot 'noload' images for Arm (as used by NetBSD/evbarm GENERIC kernel)
 * hw/misc/tz-mpc: Fix value of BLK_MAX register
 * target/arm: Emit barriers for A32/T32 load-acquire/store-release insns
 * nRF51 SoC: add timer, GPIO, RNG peripherals
 * hw/arm/allwinner-a10: Add the 'A' SRAM and the SRAM controller
 * cpus.c: Fix race condition in cpu_stop_current()
 * hw/arm: versal: Plug memory leaks
 * Allow M profile boards to run even if -kernel not specified
 * gdbstub: Add multiprocess extension support for use when the
   board has multiple CPUs of different types (like the Xilinx Zynq boards)
 * target/arm: Don't decode S bit in SVE brk[ab] merging insns
 * target/arm: Convert ARM_TBFLAG_* to FIELDs

# gpg: Signature made Mon 07 Jan 2019 16:29:52 GMT
# gpg:                using RSA key 3C2525ED14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>"
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* remotes/pmaydell/tags/pull-target-arm-20190107: (37 commits)
  Support u-boot noload images for arm as used by, NetBSD/evbarm GENERIC kernel.
  hw/misc/tz-mpc: Fix value of BLK_MAX register
  target/arm: Emit barriers for A32/T32 load-acquire/store-release insns
  arm: Add Clock peripheral stub to NRF51 SOC
  tests/microbit-test: Add Tests for nRF51 Timer
  arm: Instantiate NRF51 Timers
  hw/timer/nrf51_timer: Add nRF51 Timer peripheral
  tests/microbit-test: Add Tests for nRF51 GPIO
  arm: Instantiate NRF51 general purpose I/O
  hw/gpio/nrf51_gpio: Add nRF51 GPIO peripheral
  arm: Instantiate NRF51 random number generator
  hw/misc/nrf51_rng: Add NRF51 random number generator peripheral
  arm: Add header to host common definition for nRF51 SOC peripherals
  qtest: Add set_irq_in command to set IRQ/GPIO level
  hw/arm/allwinner-a10: Add the 'A' SRAM and the SRAM controller
  cpus.c: Fix race condition in cpu_stop_current()
  MAINTAINERS: Add ARM-related files for hw/[misc|input|timer]/
  hw/arm: versal: Plug memory leaks
  Revert "armv7m: Guard against no -kernel argument"
  arm/xlnx-zynqmp: put APUs and RPUs in separate CPU clusters
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-07 16:56:33 +00:00
Peter Maydell
96c552958d target/arm: Emit barriers for A32/T32 load-acquire/store-release insns
Now that MTTCG is here, the comment in the 32-bit Arm decoder that
"Since the emulation does not have barriers, the acquire/release
semantics need no special handling" is no longer true. Emit the
correct barriers for the load-acquire/store-release insns, as
we already do in the A64 decoder.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
2019-01-07 15:23:48 +00:00
Richard Henderson
407e6ce7f1 target/arm: SVE brk[ab] merging does not have s bit
While brk[ab] zeroing has a flags setting option, the merging variant
does not.  Retain the same argument structure, to share expansion but
force the flag zero and do not decode bit 22.

Reported-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20181226215003.31438-1-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-07 15:23:45 +00:00
Richard Henderson
aad821ac4f target/arm: Convert ARM_TBFLAG_* to FIELDs
Use "register" TBFLAG_ANY to indicate shared state between
A32 and A64, and "registers" TBFLAG_A32 & TBFLAG_A64 for
fields that are specific to the given cpu state.

Move ARM_TBFLAG_BE_DATA to shared state, instead of its current
placement within "Bit usage when in AArch32 state".

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20181218164348.7127-1-richard.henderson@linaro.org
[PMM: removed the renaming of BE_DATA flag to BE]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-07 15:23:45 +00:00
Marc-André Lureau
51e5ef459e arm: replace instance_post_init()
Replace arm_cpu_post_init() instance callback by calling it from leaf
classes, to avoid potential ordering issue with other post_init callbacks.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Suggested-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Acked-by: Eduardo Habkost <ehabkost@redhat.com>
2019-01-07 16:18:42 +04:00
Marc-André Lureau
cff8b715c0 qdev-props: remove errp from GlobalProperty
All qdev_prop_register_global() set &error_fatal for errp, except
'-rtc driftfix=slew', which arguably should also use &error_fatal, as
otherwise failing to apply the property would only report a warning.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Acked-by: Eduardo Habkost <ehabkost@redhat.com>
2019-01-07 16:18:42 +04:00
Peter Maydell
8ecede4681 MIPS queue for December 2018 - v3
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJcLj4bAAoJENSXKoln91plJ3MH/RauD4z1smuHP2LBRqtUgFEv
 +pZxNtmHQGcpJ6QexYzldcGR4gPgiBW6AYO3qVFSduwNWO7UjOPBAl/fKvlz5pWL
 BJw9odsrOXjG/6cXcy3QWkYxizC/0/HzPjWa3/sSa3Dkygib9jB80wzR3ZpFreLo
 XQsbcwso4aaoB0X1M4tfHsY6xUcxmzB+V73xFh2ptHrMTGoCZJbo12Np0rdwEa9v
 WMV9wn1ptB3R0QJNxA2X+vbnJsXujG15DZC7Wj1HUmz9LcLG5doTCGXLXOxD0zhy
 6HKB/bVTvbDdDti17JvbmtdVhzgoLMtnQFly0e77px3XRMonQHMpsQGCIvWyd+g=
 =y41H
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/amarkovic/tags/mips-queue-december-2018-v3' into staging

MIPS queue for December 2018 - v3

# gpg: Signature made Thu 03 Jan 2019 16:53:47 GMT
# gpg:                using RSA key D4972A8967F75A65
# gpg: Good signature from "Aleksandar Markovic <amarkovic@wavecomp.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 8526 FBF1 5DA3 811F 4A01  DD75 D497 2A89 67F7 5A65

* remotes/amarkovic/tags/mips-queue-december-2018-v3: (44 commits)
  tests/tcg: mips: Test R5900 three-operand MADDU1
  tests/tcg: mips: Test R5900 three-operand MADDU
  tests/tcg: mips: Test R5900 three-operand MADD1
  tests/tcg: mips: Test R5900 three-operand MADD
  disas: nanoMIPS: Add a note on documentation
  disas: nanoMIPS: Reorder declarations and definitions of gpr decoders
  disas: nanoMIPS: Comment the decoder of 'gpr1' gpr encoding type
  disas: nanoMIPS: Rename the decoder of 'gpr1' gpr encoding type
  disas: nanoMIPS: Comment the decoder of 'gpr2.reg2' gpr encoding type
  disas: nanoMIPS: Rename the decoder of 'gpr2.reg2' gpr encoding type
  disas: nanoMIPS: Comment the decoder of 'gpr2.reg1' gpr encoding type
  disas: nanoMIPS: Rename the decoder of 'gpr2.reg1' gpr encoding type
  disas: nanoMIPS: Comment the decoder of 'gpr4.zero' gpr encoding type
  disas: nanoMIPS: Rename the decoder of 'gpr4.zero' gpr encoding type
  disas: nanoMIPS: Comment the decoder of 'gpr4' gpr encoding type
  disas: nanoMIPS: Rename the decoder of 'gpr4' gpr encoding type
  disas: nanoMIPS: Comment the decoder of 'gpr3.src.store' gpr encoding type
  disas: nanoMIPS: Rename the decoder of 'gpr3.src.store' gpr encoding type
  disas: nanoMIPS: Comment the decoder of 'gpr3' gpr encoding type
  disas: nanoMIPS: Rename the decoder of 'gpr3' gpr encoding type
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-04 10:11:18 +00:00
Fredrik Noring
a95c4c26f1 target/mips: Support R5900 three-operand MADD1 and MADDU1 instructions
The three-operand MADD and MADDU are specific to R5900 cores.

Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Signed-off-by: Fredrik Noring <noring@nocrew.org>
2019-01-03 17:52:52 +01:00
Philippe Mathieu-Daudé
3b948f053f target/mips: Support R5900 three-operand MADD and MADDU instructions
The three-operand MADD and MADDU are specific to Sony R5900 core,
and Toshiba TX19/TX39/TX79 cores as well.

The "32-Bit TX System RISC TX39 Family Architecture manual"
is available at https://wiki.qemu.org/File:DSAE0022432.pdf

Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Signed-off-by: Philippe Mathieu-Daudé<f4bug@amsat.org>
Signed-off-by: Fredrik Noring <noring@nocrew.org>
Tested-by: Fredrik Noring <noring@nocrew.org>
2019-01-03 17:52:52 +01:00
Aleksandar Markovic
79f5fee7a3 target/mips: MXU: Add handler for an align instruction
Add translation handler for S32ALNI MXU instruction.

Reviewed-by: Stefan Markovic <smarkovic@wavecomp.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2019-01-03 17:52:52 +01:00
Aleksandar Markovic
bb84cbf385 target/mips: MXU: Add handlers for max/min instructions
Add translation handlers for six max/min MXU instructions.

Reviewed-by: Stefan Markovic <smarkovic@wavecomp.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2019-01-03 17:52:52 +01:00
Aleksandar Markovic
b621f0187e target/mips: MXU: Add handlers for logic instructions
Add translation handlers for four logic MXU instructions.

It should be noted that there is an error in MXU documentation (dated
June 2017) regarding opcodes for this group of instructions. This was
confirmed by running tests on hardware, and also by looking up other
related public source trees (binutils, Android NDK). In initial MXU
patches to QEMU, opcodes for MXU logic instructions were created to
be in accordance with the MXU documentation, therefore the error from
was propagated. This patch corrects that, changing the involved code.
Besides that, as MXU was designed and implemented only for 32-bit
CPUs, corresponding preprosessor conditions were added around MXU
code, which allows more flexible implementation of MXU handlers.

Reviewed-by: Stefan Markovic <smarkovic@wavecomp.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2019-01-03 17:52:52 +01:00
Aleksandar Markovic
84e2c895b1 target/mips: MXU: Improve the comment containing MXU overview
Improve textual description of MXU extension. These are mostly
comment formatting changes.

Reviewed-by: Stefan Markovic <smarkovic@wavecomp.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2019-01-03 17:52:52 +01:00
Aleksandar Markovic
16fef5b221 target/mips: MXU: Add generic naming for optn2 constants
Add generic naming involving generig suffixes OPTN0, OPTN1, OPTN2,
OPTN3 for four optn2 constants. Existing suffixes WW, LW, HW, XW
are not quite appropriate for some instructions using optn2.

Reviewed-by: Stefan Markovic <smarkovic@wavecomp.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2019-01-03 17:52:52 +01:00
Aleksandar Markovic
c233bf07af target/mips: MXU: Add missing opcodes/decoding for LX* instructions
Add missing opcodes and decoding engine for LXB, LXH, LXW, LXBU,
and LXHU instructions. They were for some reason forgotten in
previous commits. The MXU opcode list and decoding engine should
be now complete.

Reviewed-by: Stefan Markovic <smarkovic@wavecomp.com>
Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2019-01-03 17:52:52 +01:00
Peter Maydell
20d6c7312f RISC-V Changes for 3.2, Part 1
This pull request contains the first set of RISC-V patches I'd like to
 target for the 3.2 development cycle.  It's really just a collection of
 bug fixes with one major new feature: PCIe can now be attached to RISC-V
 guests.
 
 This has passed my usual test of booting the latest Linux RC into a
 Fedora disk image on the virt machine.
 -----BEGIN PGP SIGNATURE-----
 
 iQJHBAABCAAxFiEEAM520YNJYN/OiG3470yhUCzLq0EFAlwdDlkTHHBhbG1lckBk
 YWJiZWx0LmNvbQAKCRDvTKFQLMurQWJgEACdUZuZIYGu1b1QjOLmSzPSVa+EvP5V
 +AAXekfsk3T3dNuVDtQyb2IfcPsI/QZkr6WcO0gWsY4TWPXwm6fMKyvZFBFxq2hM
 RWYtgeHDSSJ1ZY0AGz8Lz//zC76rJfbQDl5TsPQEX0ARCdV8VI0Uh0paaWDRypHz
 5tXruzuHAp0dKk9czyBGC//LrWdNBMGhcti9QxN0ivyvR6FXJndEGvY9UL5WcF8t
 rPbX+r1n/lezaJTdKAybyy5SaEQoyGChhxyESA9MCj1foE3MKd5oXArOGEmU6dwP
 PdJznOn1T/4IozAMHYUpzSIlJ5ssoa/KdZbULE4MIWBmfh0+AeVYDnmrGEffdmWw
 d2MNJrn1yFSEaey+i19DCZIl2+4xbpjzq3GZVDllGGDznXNiG3ORiaiCOATLDubJ
 WYHxLETln/Ix1fBq3u6QbV7GeJ6EIZ+MobNwJEq1kvmyoU3tqrcFBOYMw7usvTda
 TcYDVNbhtWtdv0EhwxFpV+8otamcWfoE7OTl5Msy+9ZpV9JWABssvU/aXu68eNi/
 nHlCggrXUh4i4c+XoPeyckTj4GQ8QpoSt8PNx8SIbz+ElKC5BoChInXo8o1XKjhA
 wYLYyL7XH6NjdQAlerIvWIKA6tWKG8SqL8kvr9P05tZLmzc4UoQ1h5QlXf5BiAKO
 e4qNigdEd+VtYw==
 =BAOm
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/palmer/tags/riscv-for-master-3.2-part1' into staging

RISC-V Changes for 3.2, Part 1

This pull request contains the first set of RISC-V patches I'd like to
target for the 3.2 development cycle.  It's really just a collection of
bug fixes with one major new feature: PCIe can now be attached to RISC-V
guests.

This has passed my usual test of booting the latest Linux RC into a
Fedora disk image on the virt machine.

# gpg: Signature made Fri 21 Dec 2018 16:01:29 GMT
# gpg:                using RSA key EF4CA1502CCBAB41
# gpg: Good signature from "Palmer Dabbelt <palmer@dabbelt.com>"
# gpg:                 aka "Palmer Dabbelt <palmer@sifive.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 00CE 76D1 8349 60DF CE88  6DF8 EF4C A150 2CCB AB41

* remotes/palmer/tags/riscv-for-master-3.2-part1:
  MAINTAINERS: Mark RISC-V as Supported
  riscv/cpu: use device_class_set_parent_realize
  target/riscv/pmp.c: Fix pmp_decode_napot()
  sifive_uart: Implement interrupt pending register
  RISC-V: Enable second UART on sifive_e and sifive_u
  RISC-V: Fix PLIC pending bitfield reads
  RISC-V: Fix CLINT timecmp low 32-bit writes
  RISC-V: Add hartid and \n to interrupt logging
  sifive_u: Set 'clock-frequency' DT property for SiFive UART
  sifive_u: Add clock DT node for GEM ethernet
  riscv: Enable VGA and PCIE_VGA
  hw/riscv/virt: Connect the gpex PCIe
  hw/riscv/virt: Adjust memory layout spacing
  hw/riscv/virt: Increase the number of interrupts

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-03 13:26:30 +00:00
Paul A. Clarke
fcfbc18d00 Changes requirement for "vsubsbs" instruction
Changes requirement for "vsubsbs" instruction, which has been supported
since ISA 2.03. (Please see section 5.9.1.2 of ISA 2.03)

Reported-by: Paul A. Clarke <pc@us.ibm.com>
Signed-off-by: Paul A. Clarke <pc@us.ibm.com>
Signed-off-by: Leonardo Bras <leonardo@linux.vnet.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-12-21 09:29:12 +11:00
Greg Kurz
cc226c068f target/ppc: use g_new(T, n) instead of g_malloc(sizeof(T) * n)
Because it is a recommended coding practice (see HACKING).

Signed-off-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-12-21 09:24:23 +11:00
Suraj Jitindar Singh
4c5920af4e target/ppc: tcg: Implement addex instruction
Implement the addex instruction introduced in ISA V3.00 in qemu tcg.

The add extended using alternate carry bit (addex) instruction performs
the same operation as the add extended (adde) instruction, but using the
overflow (ov) field in the fixed point exception register (xer) as the
carry in and out instead of the carry (ca) field.

The instruction has a Z23-form, not an XO form, as follows:

    ------------------------------------------------------------------
    |   31   |   RT   |   RA   |   RB   |   CY   |     170     |  0  |
    ------------------------------------------------------------------
    0        6        11       16       21       23            31    32

However since the only valid form of the instruction defined so far is
CY = 0, we can treat this like an XO form instruction.

There is no dot form (addex.) of the instruction and the summary overflow
(so) bit in the xer is not modified by this instruction.

For simplicity we reuse the gen_op_arith_add function and add a function
argument to specify where the carry in input should come from and the
carry out output be stored (note must be the same location).

Signed-off-by: Suraj Jitindar Singh <sjitindarsingh@gmail.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-12-21 09:24:23 +11:00
David Gibson
6187ec05ed target/ppc: Remove silly GETFIELD/SETFIELD/MASK_TO_LSH macros
The (only) obvious use for these macros is constructing and parsing guest
visible register fields.  But the way they're constructed, they're only
valid when used on a *host* long, whose size shouldn't be visible to the
guest at all.

They also have no current users, so just get rid of them.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-12-21 09:24:23 +11:00
Cédric Le Goater
a7d4b1bf41 target/ppc: fix the PPC_BIT definitions
Change the PPC_BIT macro to use ULL instead of UL and the PPC_BIT32
and PPC_BIT8 not to use any suffix.

This fixes a compile breakage on windows.

Signed-off-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-12-21 09:24:23 +11:00
Mao Zhongyi
41fbbba775
riscv/cpu: use device_class_set_parent_realize
Signed-off-by: Mao Zhongyi <maozhongyi@cmss.chinamobile.com>
Reviewed-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Palmer Dabbelt <palmer@sifive.com>
2018-12-20 13:15:10 -08:00
Anup Patel
71a150bc91
target/riscv/pmp.c: Fix pmp_decode_napot()
Currently, start and end address of a PMP region are not decoded
correctly by pmp_decode_napot().

Let's say we have a 128KB PMP region with base address as 0x80000000.
Now, the PMPADDRx CSR value for this region will be 0x20003fff.

The current pmp_decode_napot() implementation will decode PMPADDRx
CSR as t1=14, base=0x100000000, and range=0x1ffff whereas it should
have decoded PMPADDRx CSR as t1=14, base=0x80000000, and range=0x1fff.

This patch fixes the base value decoding in pmp_decode_napot() when
PMPADDRx CSR is not -1 (i.e. 0xffffffffffffffff).

Signed-off-by: Anup Patel <anup@brainfault.org>
Signed-off-by: Anup Patel <anup.patel@wdc.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Palmer Dabbelt <palmer@sifive.com>
Signed-off-by: Palmer Dabbelt <palmer@sifive.com>
2018-12-20 12:26:39 -08:00
Michael Clark
9543fdaf22
RISC-V: Add hartid and \n to interrupt logging
Add carriage return that was erroneously removed
when converting to qemu_log. Change hard coded
core number to the actual hartid.

Cc: Sagar Karandikar <sagark@eecs.berkeley.edu>
Cc: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Cc: Palmer Dabbelt <palmer@sifive.com>
Cc: Alistair Francis <Alistair.Francis@wdc.com>
Signed-off-by: Michael Clark <mjc@sifive.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Palmer Dabbelt <palmer@sifive.com>
2018-12-20 12:08:42 -08:00
Markus Armbruster
b7d89466dd Clean up includes
Clean up includes so that osdep.h is included first and headers
which it implies are not included manually.

This commit was created with scripts/clean-includes, with the changes
to the following files manually reverted:

    contrib/libvhost-user/libvhost-user-glib.h
    contrib/libvhost-user/libvhost-user.c
    contrib/libvhost-user/libvhost-user.h
    linux-user/mips64/cpu_loop.c
    linux-user/mips64/signal.c
    linux-user/sparc64/cpu_loop.c
    linux-user/sparc64/signal.c
    linux-user/x86_64/cpu_loop.c
    linux-user/x86_64/signal.c
    target/s390x/gen-features.c
    tests/migration/s390x/a-b-bios.c
    tests/test-rcu-simpleq.c
    tests/test-rcu-tailq.c

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20181204172535.2799-1-armbru@redhat.com>
Acked-by: Eduardo Habkost <ehabkost@redhat.com>
Acked-by: Halil Pasic <pasic@linux.ibm.com>
Acked-by: Yuval Shaia <yuval.shaia@oracle.com>
Acked-by: Viktor Prutyanov <viktor.prutyanov@phystech.edu>
2018-12-20 10:29:08 +01:00
Peter Maydell
b72566a4ff Trivial patches (2018-12-18)
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJcGQQZAAoJEPMMOL0/L7480Q8QAJq1KW6pywJ8vKMDbDaDOgZw
 GwF8iKVtHCPClmDk3W7HHMRr1Ef9rwRrt/mdjzOehBSCep0J2PmPnqul/EXra0ot
 efyq6q20n1epordI3HuOTKqqvBkt7EUg2sqCWnHzT3qFe7FaZLnrJqChsm8B6psU
 IWTlaVNAo50J17TYo88UhIuME5WRZ9mdoiPEZ9pyvFaVrDKCnKZz1QPsqcjEJL1S
 sfLUhGrk8C03ZR7DG4ruULhF+tqYYT+vKTVNkL+1IvWHl3IIVJadC2yxPduH1JT4
 TLPAfRqpw4yjL/E6X3HMrDBeMd2H2bMRgTMapFFegaA9XPrvo5wJJoxix2WZ7Yw3
 efasQtRfZnh69GK2M81//G+61TnO0iDWDJmSjuo9IXrmJ29x2IqmZyqr8DlZ+bPd
 2+qRN4WrSfcTSJMqpMcP4tILAG53XvQ0xY4jJkQQZk4QHxWhlcmIQ+hLw0rE+NQj
 sTBLGvnIZ6nzWC5MVa1cAVXr52hyZhhElEVWEgxJ5vwDop5K3XZnEd0w7DMTEJpr
 lBLpWC0g8zn2xSy47KzrVVV5bJ/khm2M2X9y6XXHg1sft3DwUdgeBVwRGkDxir8P
 92UoIaur+xeYPj4eSvz8Bcx2lLktSOOFgNMsWCnMhxxVCkrCbT0Nt8UEFyn594xL
 gPPcBtYh3ryoGFLk7WRK
 =xjtK
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/vivier2/tags/trivial-patches-pull-request' into staging

Trivial patches (2018-12-18)

# gpg: Signature made Tue 18 Dec 2018 14:28:41 GMT
# gpg:                using RSA key F30C38BD3F2FBE3C
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>"
# gpg:                 aka "Laurent Vivier <laurent@vivier.eu>"
# gpg:                 aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>"
# Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F  5173 F30C 38BD 3F2F BE3C

* remotes/vivier2/tags/trivial-patches-pull-request:
  error: Remove NULL checks on error_propagate() calls
  vl: Use error_fatal to simplify obvious fatal errors (again)
  i386: hvf: drop debug printf in decode_sldtgroup
  docs/devel/build-system: fix 'softmu' typo

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-12-19 15:31:02 +00:00
Roman Bolshakov
bcdc508190 i386: hvf: drop debug printf in decode_sldtgroup
It's going to clutter QEMU logs if 0x0f00 is trapped.

Signed-off-by: Roman Bolshakov <r.bolshakov@yadro.com>
Message-Id: <20181203100415.53027-2-r.bolshakov@yadro.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2018-12-18 14:57:48 +01:00
Emilio G. Cota
b8c547000d target/tricore: use float32_is_denormal
Reviewed-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
2018-12-17 08:25:25 +00:00
Peter Maydell
b019f5e537 miscellaneous patches:
* checkpatch.pl: Enforce multiline comment syntax
  * Rename cpu_physical_memory_write_rom() to address_space_write_rom()
  * disas, monitor, elf_ops: Use address_space_read() to read memory
  * Remove load_image() in favour of load_image_size()
  * Fix some minor memory leaks in arm boards/devices
  * virt: fix broken indentation
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCAAGBQJcE8EQAAoJEDwlJe0UNgze1iAP/3HAQI4Z5A3pX3I2YnVBDrS3
 hOsPXNUNs2asDqoijkq4cxaqhTv1bio7CPLTg8uvkyWiCOS6pbKjtlE+A/VKGjKZ
 7rH9GBNxlH7h/ZIRJTPfX38YiAWI//eIRY4JqUgKpmprE6Y7cGf5/uzmE0OwBwur
 HlKKkox6oH4WEk6rTIqP92xMhJNuTC2j1s7qQ2dCQKZdNAAYh++cHuiR1JtEjeQ8
 O1/O4u6lumnqQMFtqhlt5++QxWvBU5IbdyJblBV+hCQekNSkj5fUIequBsjGrJru
 aZGxO828EEM7dS9/fFnT+YU25/rJ43RSs8aSBLqI/WWRALGQKU88POS5T7zfpzq/
 3qzSPWrOhgMFxl/APrGi13DdXTZ5J9UA0qypL8RiwdWj6WWJOo1OcRqzMGQhv1HS
 Fe22cWDDuXimQhUuyXM/XY234iPxFJkkq89ANHHfeCNFurzNV9WVN1mV2pfqwdX0
 khh3DZyXRDa/UazLY0QyJHStyop76Ox8P8tCAvQbhZWr33Ns+uTr1YBHibimx3iG
 6FOpH0FcpAE9oab9xUIdtMJCtx0YEWQ0ap/xMLlnmS8/bL7PX8HY0SIT2WwAiybg
 ibwen23Aah5LPpvd5BjGi1MAQEQwZvX8Ab7G+h1F4yzSfOchQt3eZN4fhwOkgjQA
 Bbb3bFUkIcXZ8BqabHA8
 =ehNF
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/pmaydell/tags/pull-misc-20181214' into staging

miscellaneous patches:
 * checkpatch.pl: Enforce multiline comment syntax
 * Rename cpu_physical_memory_write_rom() to address_space_write_rom()
 * disas, monitor, elf_ops: Use address_space_read() to read memory
 * Remove load_image() in favour of load_image_size()
 * Fix some minor memory leaks in arm boards/devices
 * virt: fix broken indentation

# gpg: Signature made Fri 14 Dec 2018 14:41:20 GMT
# gpg:                using RSA key 3C2525ED14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>"
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* remotes/pmaydell/tags/pull-misc-20181214: (22 commits)
  virt: Fix broken indentation
  target/arm: Create timers in realize, not init
  tests/test-arm-mptimer: Don't leak string memory
  hw/sd/sdhci: Don't leak memory region in sdhci_sysbus_realize()
  hw/arm/mps2-tz.c: Free mscname string in make_dma()
  target/arm: Free name string in ARMCPRegInfo hashtable entries
  include/hw/loader.h: Document load_image_size()
  hw/core/loader.c: Remove load_image()
  device_tree.c: Don't use load_image()
  hw/block/tc58128.c: Don't use load_image()
  hw/i386/multiboot.c: Don't use load_image()
  hw/i386/pc.c: Don't use load_image()
  hw/pci/pci.c: Don't use load_image()
  hw/smbios/smbios.c: Don't use load_image()
  hw/ppc/ppc405_boards: Don't use load_image()
  hw/ppc/mac_newworld, mac_oldworld: Don't use load_image()
  elf_ops.h: Use address_space_write() to write memory
  monitor: Use address_space_read() to read memory
  disas.c: Use address_space_read() to read memory
  Rename cpu_physical_memory_write_rom() to address_space_write_rom()
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-12-16 16:32:43 +00:00
Peter Maydell
397cd31f01 target/arm: Create timers in realize, not init
The timer_new() function allocates memory; this means that
if we call it in the CPU's init method we would need
to provide an instance_finalize method to free it. Defer
the timer creation to the realize function instead.

This fixes a memory leak spotted by clang LeakSanitizer
when a CPU object is created for introspection.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20181204132952.2601-6-peter.maydell@linaro.org
2018-12-14 13:30:55 +00:00
Peter Maydell
ac87e5072e target/arm: Free name string in ARMCPRegInfo hashtable entries
When we add a new entry to the ARMCPRegInfo hash table in
add_cpreg_to_hashtable(), we allocate memory for tehe
ARMCPRegInfo struct itself, and we also g_strdup() the
name string. So the hashtable's value destructor function
must free the name string as well as the struct.

Spotted by clang's leak sanitizer. The leak here is a
small one-off leak at startup, because we don't support
CPU hotplug, and so the only time when we destroy
hash table entries is for the case where ARM_CP_OVERRIDE
means we register a wildcard entry and then override it later.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-id: 20181204132952.2601-2-peter.maydell@linaro.org
2018-12-14 13:30:53 +00:00
Richard Henderson
2d7137c10f target/arm: Implement the ARMv8.1-LOR extension
Provide a trivial implementation with zero limited ordering regions,
which causes the LDLAR and STLLR instructions to devolve into the
LDAR and STLR instructions from the base ARMv8.0 instruction set.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20181210150501.7990-4-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-12-13 14:41:24 +00:00
Richard Henderson
7c208e0f41 target/arm: Use arm_hcr_el2_eff more places
Since arm_hcr_el2_eff includes a check against
arm_is_secure_below_el3, we can often remove a
nearby check against secure state.

In some cases, sort the call to arm_hcr_el2_eff
to the end of a short-circuit logical sequence.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20181210150501.7990-3-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-12-13 14:41:24 +00:00
Richard Henderson
f777844460 target/arm: Introduce arm_hcr_el2_eff
Replace arm_hcr_el2_{fmo,imo,amo} with a more general routine
that also takes SCR_EL3.NS (aka arm_is_secure_below_el3) into
account, as documented for the plethora of bits in HCR_EL2.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20181210150501.7990-2-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-12-13 14:41:24 +00:00
Richard Henderson
ab638a328f target/arm: Implement the ARMv8.2-AA32HPD extension
The bulk of the work here, beyond base HPD, is defining the
TTBCR2 register.  In addition we must check TTBCR.T2E, which
is not present (RES0) for AArch64.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20181203203839.757-11-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-12-13 14:41:24 +00:00
Richard Henderson
037c13c590 target/arm: Implement the ARMv8.1-HPD extension
Since the TCR_*.HPD bits were RES0 in ARMv8.0, we can simply
interpret the bits as if ARMv8.1-HPD is present without checking.
We will need a slightly different check for hpd for aarch32.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20181203203839.757-10-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-12-13 14:41:24 +00:00
Richard Henderson
ea22747c63 target/arm: Tidy scr_write
Because EL3 has a fixed execution mode, we can properly decide
which of the bits are RES{0,1}.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20181203203839.757-8-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-12-13 14:41:24 +00:00
Richard Henderson
619959c358 target/arm: Fix HCR_EL2.TGE check in arm_phys_excp_target_el
The enable for TGE has already occurred within arm_hcr_el2_amo
and friends.  Moreover, when E2H is also set, the sense is
supposed to be reversed, which has also already occurred within
the helpers.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20181203203839.757-5-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-12-13 14:41:24 +00:00
Richard Henderson
99f8f86d36 target/arm: Add SCR_EL3 bits up to ARMv8.5
Post v8.4 bits taken from SysReg_v85_xml-00bet8.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20181203203839.757-4-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-12-13 14:41:24 +00:00
Richard Henderson
099bf53b7a target/arm: Add HCR_EL2 bits up to ARMv8.5
Post v8.3 bits taken from SysReg_v85_xml-00bet8.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20181203203839.757-3-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-12-13 14:41:24 +00:00
Peter Maydell
3dc91ddbc6 target/arm: Move id_aa64mmfr* to ARMISARegisters
At the same time, define the fields for these registers,
and use those defines in arm_pamax().

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20181203203839.757-2-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
[PMM: fixed up typo (s/achf/ahcf/) belatedly spotted by RTH]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-12-13 14:40:56 +00:00
Peter Maydell
8be76cf17b x86 queue, 2018-12-11
* New CPU features: MOVDIRI, MOVDIR64B (Liu Jingqi);
   STIBP (Eduardo Habkost)
 * Fix clang build warning (Peter Maydell)
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCAAGBQJcECOoAAoJECgHk2+YTcWmVJEP/i84W3cxiB512E04qB7hLFkB
 R+S+oZfwflQRslJjJugwNl69YrrCJc/w+0k+ly2fNyDAv0WqiHnfC0EFhUc/kNLG
 wP5RA7i9Y+ZQDHtSJGF4Wre4wfzb6+2y057DEx9pddnEIpkyTudPsoK81HyTBwfZ
 DIn1QizmjL78+PAe4JY08jz1Rp+fjmvaFrRiIx5RWqZ/ojcSHdUvltjhzx+rleuT
 lx2Ra95ZH5OYHHEMFT55wpjhmm+Q2qa/RnwJyFCuQEpa/23Vy2hEKNNz6mgQpVux
 EzQ8VH8rtqYPwzAwnd9XWUYP/W5OPUrxWmJbGe3MygNIgGv5IUbJC8pkb2v1bRJB
 URZD6hSG2LcTIuZsnKvE1oSBATbkCRrmDhmQXmz4ZzIFh89r8MsJqYkfIzfhEh5L
 DM2I80kNp/vj2/WH5HIeDkJb0DP2YsFA9yyEF82Dqt/0mBYCBx+u3JsljnEhMRi1
 v1ul1a6+qjp+tTsCdI4nJ3dpjO5RDtYZ5d/gD+wEuB0yOSTUqoPbHOP4iXlWyq8Z
 85r7/rtE68Vura7M6gwXjO3/rc/G5Tj0bd74yZsEmoMh9ZaxuIwPAWyo198uamp+
 esl5GqnfUv+UcyuMQup8KGVQGh9MxBfEbigmbpfGvTpAALzWhZ80dS7lPZ6923+u
 DpY1coadtgsIRVHbLSWN
 =24BF
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/ehabkost/tags/x86-next-pull-request' into staging

x86 queue, 2018-12-11

* New CPU features: MOVDIRI, MOVDIR64B (Liu Jingqi);
  STIBP (Eduardo Habkost)
* Fix clang build warning (Peter Maydell)

# gpg: Signature made Tue 11 Dec 2018 20:52:56 GMT
# gpg:                using RSA key 2807936F984DC5A6
# gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>"
# Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF  D1AA 2807 936F 984D C5A6

* remotes/ehabkost/tags/x86-next-pull-request:
  i386: Add "stibp" flag name
  target/i386/kvm.c: Don't mark cpuid_data as QEMU_PACKED
  x86/cpu: Enable MOVDIR64B cpu feature
  x86/cpu: Enable MOVDIRI cpu feature

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-12-12 21:11:49 +00:00
Peter Maydell
4b3aab2042 Trivial patches (2018-12-11)
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJcD/usAAoJEPMMOL0/L748br0P/iLL5RjzHJ+vrBsphRNPZ0eM
 1wvgWJwvo+4JicebsnTWDmElprgetu2+disXyxSJhBOllSb7lwmxKR2OyHlicu5x
 RDSk3CTZZuI/CqN08MlEVZiCuCT1LZuJ8Y0RzXBAsJlT51ZpvwprbXO1oyMjjx2P
 UhXFuYIa8Wk+8+zuFnYI4nKPo3o8ra8OrtI2AdIneQ8zWEMvJCWhHqrZHeyuHOzb
 N5bYEXi3JSIT2qyHyZlFNmXjPCNuMxhrrBc1yjmo6KJgHkVUgvn61hdod4BzvLsd
 DWAfdEamBgP4HuU2fUTVFAYXirK+A4tM+ROblJ/Z/V7RHifoulrdedQzrqdM7FA5
 6f4SUo+SSjqY1CYnS+zXp5USu6/ciaYZv9jE7W0WKjXt5kCsy9rlT0V8Q4RlOQji
 ZoT6LpcVj0qnfdPdYwdWgpqWbr8G5Y3Xm91a+XLSqzj+xfFJQ6h7fCnF1/Ngn0Ep
 o3LOtiJCDSma4maFemV7qhWfuaa20vUwfbRKeOvnTirDUv6oXpsP19kScbH06DeD
 Hs9aFgi7XmFWNypWHeZNqy00UwiZmb2GcpqL/vAVwkqdMTgttfBdh5P4srRwwM2D
 OQROJaHaBya8mzDO7BldapQOGXRHu9UDCP9gkK+BGGu4Edu0U+eRL/08GoFRM1M4
 ra2Dn/AQTIW6lk0N9He0
 =+od8
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/vivier2/tags/trivial-patches-pull-request' into staging

Trivial patches (2018-12-11)

# gpg: Signature made Tue 11 Dec 2018 18:02:20 GMT
# gpg:                using RSA key F30C38BD3F2FBE3C
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>"
# gpg:                 aka "Laurent Vivier <laurent@vivier.eu>"
# gpg:                 aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>"
# Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F  5173 F30C 38BD 3F2F BE3C

* remotes/vivier2/tags/trivial-patches-pull-request: (30 commits)
  Fixes i386 xchgq test
  maint: Grammar fix to mailmap
  MAINTAINERS: Update email address for Fam Zheng
  cutils: Assert in-range base for string-to-integer conversions
  util: vfio-helpers: use ARRAY_SIZE in qemu_vfio_init_pci()
  target: hax: fix errors in comment
  MAINTAINERS: Use my work email to review Build and test automation patches
  MAINTAINERS: Add a missing entry for the NVDIMM device
  MAINTAINERS: Add a missing entry to the QMP section
  MAINTAINERS: Add a missing entry to SPICE
  MAINTAINERS: Add missing entries for the MPS2 machine
  MAINTAINERS: Add missing entries for the Canon DIGIC machine
  MAINTAINERS: Add missing entries to the vhost section
  MAINTAINERS: Add missing entries to the PC Chipset section
  MAINTAINERS: Add a missing entry for the sun4m machines
  MAINTAINERS: Add a missing entry for the Old World machines
  MAINTAINERS: Add a missing entry for the Xilinx S3A-DSP 1800 machine
  MAINTAINERS: Add missing entries for the Jazz machine
  MAINTAINERS: Add missing entries for the Xilinx ZynqMP machine
  MAINTAINERS: Add a missing entry to the SPARC CPU
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-12-11 22:26:44 +00:00
Eduardo Habkost
0e89165829 i386: Add "stibp" flag name
The STIBP flag may be supported by the host KVM module, so QEMU
can allow it to be configured manually, and it can be exposed to
guests when using "-cpu host".

No additional migration code is required because the whole
contents of spec_ctrl is already migrated in the "cpu/spec_ctrl"
section.

Corresponding KVM patch was submitted at:
https://lore.kernel.org/lkml/20181205191956.31480-1-ehabkost@redhat.com/

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <20181210180250.31299-1-ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-12-11 18:50:48 -02:00
Peter Maydell
9115bb1213 target/i386/kvm.c: Don't mark cpuid_data as QEMU_PACKED
clang complains about taking the address of a packed
member of a struct:

target/i386/kvm.c:1245:27: warning: taking address of packed member 'cpuid' of class or structure '' may result in an unaligned pointer value [-Waddress-of-packed-member]
    c = cpuid_find_entry(&cpuid_data.cpuid, 1, 0);
                          ^~~~~~~~~~~~~~~~
target/i386/kvm.c:1297:31: warning: taking address of packed member 'cpuid' of class or structure '' may result in an unaligned pointer value [-Waddress-of-packed-member]
        c = cpuid_find_entry(&cpuid_data.cpuid, kvm_base, 0);
                              ^~~~~~~~~~~~~~~~

The kernel's definitions of struct kvm_cpuid2 and struct
kvm_cpuid_entry2 are carefully set up with padding fields
so that there is no between-struct padding anyway, so
the QEMU_PACKED annotation is unnecessary and might result
in the compiler generating worse code. Drop it, and instead
assert at build time that there is no stray padding.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20181210114654.31433-1-peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-12-11 18:50:48 -02:00
Liu Jingqi
1c65775ffc x86/cpu: Enable MOVDIR64B cpu feature
MOVDIR64B moves 64-bytes as direct-store with 64-bytes write atomicity.
Direct store is implemented by using write combining (WC) for writing
data directly into memory without caching the data.

The bit definition:
CPUID.(EAX=7,ECX=0):ECX[bit 28] MOVDIR64B

The release document ref below link:
https://software.intel.com/sites/default/files/managed/c5/15/\
architecture-instruction-set-extensions-programming-reference.pdf

Cc: Xu Tao <tao3.xu@intel.com>
Signed-off-by: Liu Jingqi <jingqi.liu@intel.com>
Message-Id: <1541488407-17045-3-git-send-email-jingqi.liu@intel.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-12-11 18:50:48 -02:00
Liu Jingqi
24261de491 x86/cpu: Enable MOVDIRI cpu feature
MOVDIRI moves doubleword or quadword from register to memory through
direct store which is implemented by using write combining (WC) for
writing data directly into memory without caching the data.

The bit definition:
CPUID.(EAX=7,ECX=0):ECX[bit 27] MOVDIRI

The release document ref below link:
https://software.intel.com/sites/default/files/managed/c5/15/\
architecture-instruction-set-extensions-programming-reference.pdf

Cc: Xu Tao <tao3.xu@intel.com>
Signed-off-by: Liu Jingqi <jingqi.liu@intel.com>
Message-Id: <1541488407-17045-2-git-send-email-jingqi.liu@intel.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-12-11 18:50:48 -02:00
Marc-André Lureau
aa1b35b975 qom: make interface types abstract
Interfaces don't have instance, let's make the interface type really
abstract to avoid confusion.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <20181204142023.15982-3-marcandre.lureau@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-12-11 15:45:22 -02:00
Li Qiang
1d4f78e93a target: hax: fix errors in comment
Cc: qemu-trivial@nongnu.org

Signed-off-by: Li Qiang <liq3ea@gmail.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <1543312812-2929-1-git-send-email-liq3ea@gmail.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2018-12-11 18:28:47 +01:00
Li Qiang
090627a9d9 target: hax: replace g_malloc with g_new0
And also the g_malloc doesn't need check return value,
remove it.

Cc: qemu-trivial@nongnu.org

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Li Qiang <liq3ea@gmail.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <1543226179-5135-1-git-send-email-liq3ea@gmail.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2018-12-11 18:28:46 +01:00
Marc-André Lureau
df68a7f3c8 misc: fix spelling
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20181105135400.18366-1-marcandre.lureau@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2018-12-11 18:28:46 +01:00
Roman Bolshakov
83ea23cd20 i386: hvf: Fix overrun of _decode_tbl1
Single opcode instructions in ff group were incorrectly processed
because an overrun of _decode_tbl1[0xff] resulted in access of
_decode_tbl2[0x0]. Thus, decode_sldtgroup was called instead of
decode_ffgroup:
  7d71: decode_sldtgroup: 1
  Unimplemented handler (7d71) for 108 (ff 0)

While at it correct maximum length for _decode_tbl2 and _decode_tbl3.

Signed-off-by: Roman Bolshakov <r.bolshakov@yadro.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-12-03 15:09:55 +00:00
Thomas Huth
3f2f3b33db target/arm/sve_helper: Fix compilation with clang 3.4
Clang 3.4 does not know the "flatten" attribute yet. We've already
introduced the QEMU_FLATTEN macro for this in commit 97ff87c0ed,
so use this macro now here, too, to fix this issue.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-id: 1543399094-2260-1-git-send-email-thuth@redhat.com
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-11-28 15:31:15 +00:00
Richard Henderson
e84fcd7f66 target/i386: Generate #UD when applying LOCK to a register destination
Fixes a TCG crash due to attempting the atomic operation without
having set up the address first.  This does not attempt to fix
all of the other missing checks for LOCK.

Fixes: a7cee522f3
Fixes: https://bugs.launchpad.net/qemu/+bug/1803160
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20181113193510.24862-1-richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-11-27 15:35:19 +01:00
Marc-André Lureau
03fee66fde vmstate: constify VMStateField
Because they are supposed to remain const.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20181114132931.22624-1-marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-11-27 15:35:15 +01:00
Paolo Bonzini
5aaac46793 migration: savevm: consult migration blockers
There is really no difference between live migration and savevm, except
that savevm does not require bdrv_invalidate_cache to be implemented
by all disks.  However, it is unlikely that savevm is used with anything
except qcow2 disks, so the penalty is small and worth the improvement
in catching bad usage of savevm.

Only one place was taking care of savevm when adding a migration blocker,
and it can be removed.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-11-27 15:06:14 +01:00
Paolo Bonzini
d98f26073b target/i386: kvm: add VMX migration blocker
Nested VMX does not support live migration yet.  Add a blocker
until that is worked out.

Nested SVM only does not support it, but unfortunately it is
enabled by default for -cpu host so we cannot really disable it.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-11-27 15:06:14 +01:00
Bandan Das
aec5e9c3a9 kvm: Use KVM_GET_MSR_INDEX_LIST for MSR_IA32_ARCH_CAPABILITIES support
When writing to guest's MSR_IA32_ARCH_CAPABILITIES, check whether it's
supported in the guest using the KVM_GET_MSR_INDEX_LIST ioctl.

Fixes: d86f963694
Suggested-by: Eduardo Habkost <ehabkost@redhat.com>
Tested-by: balducci@units.it
Signed-off-by: Bandan Das <bsd@redhat.com>
Message-Id: <jpg4lc4iiav.fsf_-_@linux.bootlegged.copy>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2018-11-26 13:00:38 -02:00
Max Filippov
7da9111e77 target/xtensa: drop num_[core_]regs from dc232b/dc233c configs
Now that xtensa_count_regs does the right thing, remove manual
initialization of these fields from the affected configurations and let
xtensa_finalize_config initialize them. Add XTREG_END to terminate
register lists.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2018-11-20 12:20:41 -08:00
Max Filippov
4614f0f8bd target/xtensa: gdbstub fix register counting
In order to communicate correctly with gdb xtensa gdbstub must provide
expected number of registers in 'g' packet response. xtensa-elf-gdb
expects both nonprivileged and privileged registers. xtensa-linux-gdb
only expects nonprivileged registers. gdb only counts one contiguous
stretch of registers, do the same for the core registers in the
xtensa_count_regs.

With this change qemu-system-xtensa is able to communicate with all
xtensa-elf-gdb versions (versions prior to 8.2 require overlay fixup),
and qemu-xtensa is able to communicate with all xtensa-linux-gdb
versions, except 8.2.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2018-11-20 12:20:41 -08:00
Luc Michel
7760da729a target/arm: fix smc incorrectly trapping to EL3 when secure is off
This commit fixes a case where the CPU would try to go to EL3 when
executing an smc instruction, even though ARM_FEATURE_EL3 is false. This
case is raised when the PSCI conduit is set to smc, but the smc
instruction does not lead to a valid PSCI call.

QEMU crashes with an assertion failure latter on because of incoherent
mmu_idx.

This commit refactors the pre_smc helper by enumerating all the possible
way of handling an scm instruction, and covering the previously missing
case leading to the crash.

The following minimal test would crash before this commit:

.global _start
    .text
_start:
    ldr x0, =0xdeadbeef  ; invalid PSCI call
    smc #0

run with the following command line:

aarch64-linux-gnu-gcc -nostdinc -nostdlib -Wl,-Ttext=40000000 \
                      -o test test.s

qemu-system-aarch64 -M virt,virtualization=on,secure=off \
                    -cpu cortex-a57 -kernel test

Signed-off-by: Luc Michel <luc.michel@greensocs.com>
Message-id: 20181117160213.18995-1-luc.michel@greensocs.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-11-19 15:29:08 +00:00
Richard Henderson
3c3efcf7da target/arm: Fill in ARMISARegisters for kvm32
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20181113180154.17903-5-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-11-19 15:29:08 +00:00
Richard Henderson
b653c55fa7 target/arm: Introduce read_sys_reg32 for kvm32
Assert that the value to be written is the correct size.
No change in functionality here, just mirroring the same
function from kvm64.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20181113180154.17903-4-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-11-19 15:29:07 +00:00
Richard Henderson
9d60dea960 target/arm: Fill in ARMISARegisters for kvm64
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20181113180154.17903-3-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-11-19 15:29:07 +00:00
Richard Henderson
4674097c32 target/arm: Install ARMISARegisters from kvm host
The ID registers are replacing (some of) the feature bits.
We need (some of) these values to determine the set of data
to be handled during migration.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20181113180154.17903-2-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-11-19 15:29:07 +00:00