Commit Graph

1409 Commits

Author SHA1 Message Date
Edgar E. Iglesias
edac4d8a16 target-arm: Add CNTVOFF_EL2
Adds support for the virtual timer offset controlled by EL2.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1436791864-4582-2-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-08-13 11:26:17 +01:00
Christoffer Dall
4b7a6bf402 target-arm: kvm: Differentiate registers based on write-back levels
Some registers like the CNTVCT register should only be written to the
kernel as part of machine initialization or on vmload operations, but
never during runtime, as this can potentially make time go backwards or
create inconsistent time observations between VCPUs.

Introduce a list of registers that should not be written back at runtime
and check this list on syncing the register state to the KVM state.

Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
Message-id: 1437046488-10773-1-git-send-email-christoffer.dall@linaro.org
[PMM: tweaked a few comments, added the new argument to the stub
 write_list_to_kvmstate() in target-arm/kvm-stub.c]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-07-21 11:18:45 +01:00
Peter Maydell
e46e1a74ef target-arm: Fix broken SCTLR_EL3 reset
The SCTLR_EL3 cpreg definition was implicitly resetting the
register state to 0, which is both wrong and clashes with
the reset done via the SCTLR definition (since sctlr[3]
is unioned with sctlr_s). This went unnoticed until recently,
when an unrelated change (commit a903c449b4) happened to
perturb the order of enumeration through the cpregs hashtable for
reset such that the erroneous reset happened after the correct one
rather than before it. Fix this by marking SCTLR_EL3 as an alias,
so its reset is left up to the AArch32 view.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2015-07-15 17:16:26 +01:00
Peter Crosthwaite
484406200e disas: arm: QOMify target specific disas setup
Move the target_disas() ARM specifics to the QOM disas_set_info hook
and delete the ARM specific code in disas.c.

This has the extra advantage of the more fully featured target_disas()
implementation now applying to monitor_disas().

Currently, target_disas() has multi-endian, thumb and AArch64
support whereas the existing monitor_disas() support only has vanilla
AA32 support.

E.G. Running an AA64 linux kernel the following -d in_asm disas happens
(taget_disas()):

IN:
0x0000000040000000:  580000c0      ldr x0, pc+24 (addr 0x40000018)
0x0000000040000004:  aa1f03e1      mov x1, xzr

However before this patch, disasing the same from the monitor:

(qemu) xp/i 0x40000000
0x0000000040000000:  580000c0      stmdapl  r0, {r6, r7}

After this patch:
(qemu) xp/i 0x40000000
0x0000000040000000:  580000c0      ldr x0, pc+24 (addr 0x40000018)

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-07-09 15:20:41 +02:00
Peter Crosthwaite
ea3e984740 cpu-exec: Purge all uses of ENV_GET_CPU()
Remove un-needed usages of ENV_GET_CPU() by converting the APIs to use
CPUState pointers and retrieving the env_ptr as minimally needed.

Scripted conversion for target-* change:

for I in target-*/cpu.h; do
    sed -i \
    's/\(^int cpu_[^_]*_exec(\)[^ ][^ ]* \*s);$/\1CPUState *cpu);/' \
    $I;
done

Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-07-09 15:20:40 +02:00
Peter Crosthwaite
4bad9e392e cpu: Change cpu_exec_init() arg to cpu, not env
The callers (most of them in target-foo/cpu.c) to this function all
have the cpu pointer handy. Just pass it to avoid an ENV_GET_CPU() from
core code (in exec.c).

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: "Edgar E. Iglesias" <edgar.iglesias@gmail.com>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Cc: Michael Walle <michael@walle.cc>
Cc: Leon Alrae <leon.alrae@imgtec.com>
Cc: Anthony Green <green@moxielogic.com>
Cc: Jia Liu <proljc@gmail.com>
Cc: Alexander Graf <agraf@suse.de>
Cc: Blue Swirl <blauwirbel@gmail.com>
Cc: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Cc: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Cc: Guan Xuetao <gxt@mprc.pku.edu.cn>
Cc: Max Filippov <jcmvbkbc@gmail.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-07-09 15:20:40 +02:00
Bharata B Rao
5a790cc4b9 cpu: Add Error argument to cpu_exec_init()
Add an Error argument to cpu_exec_init() to let users collect the
error. This is in preparation to change the CPU enumeration logic
in cpu_exec_init(). With the new enumeration logic, cpu_exec_init()
can fail if cpu_index values corresponding to max_cpus have already
been handed out.

Since all current callers of cpu_exec_init() are from instance_init,
use error_abort Error argument to abort in case of an error.

Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-07-09 15:20:40 +02:00
Daniel P. Berrange
6f2945cde6 crypto: move built-in AES implementation into crypto/
To prepare for a generic internal cipher API, move the
built-in AES implementation into the crypto/ directory

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Message-Id: <1435770638-25715-3-git-send-email-berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-07-07 12:04:13 +02:00
Peter Maydell
c87e5a61c2 target-arm: Implement YIELD insn to yield in ARM and Thumb translators
Implement the YIELD instruction in the ARM and Thumb translators to
actually yield control back to the top level loop rather than being
a simple no-op. (We already do this for A64.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1435672316-3311-3-git-send-email-peter.maydell@linaro.org
2015-07-06 10:05:44 +01:00
Peter Maydell
049e24a191 target-arm: Split DISAS_YIELD from DISAS_WFE
Currently we use DISAS_WFE for both WFE and YIELD instructions.
This is functionally correct because at the moment both of them
are implemented as "yield this CPU back to the top level loop so
another CPU has a chance to run". However it's rather confusing
that YIELD ends up calling HELPER(wfe), and if we ever want to
implement real behaviour for WFE and SEV it's likely to trip us up.

Split out the yield codepath to use DISAS_YIELD and a new
HELPER(yield) function, and have HELPER(wfe) call HELPER(yield).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1435672316-3311-2-git-send-email-peter.maydell@linaro.org
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
2015-07-06 10:05:44 +01:00
Sergey Fedorov
2a6332d968 target-arm: fix write helper for TLBI ALLE1IS
TLBI ALLE1IS is an operation that does invalidate TLB entries on all PEs
in the same Inner Sharable domain, not just on the current CPU. So we
must use tlbiall_is_write() here.

Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1435676538-31345-1-git-send-email-serge.fdrv@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-07-06 10:05:43 +01:00
Soren Brinkmann
b21ab1fc21 target-arm: A64: Print ELR when taking exceptions
When taking an exception print the content of the exception link
register. This is useful especially for synchronous exceptions because
in that case this registers holds the address of the instruction that
generated the exception.

Signed-off-by: Soren Brinkmann <soren.brinkmann@xilinx.com>
Message-id: 1435036655-16132-1-git-send-email-soren.brinkmann@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-26 14:22:36 +01:00
Liviu Ionescu
f3c2bda216 target-arm: default empty semihosting cmdline
If neither explicit semihosting args nor -kernel are used,
make SYS_GET_CMDLINE return an empty string.

Signed-off-by: Liviu Ionescu <ilg@livius.net>
Message-id: AC7B5AFC-06AE-4FAD-9852-B65708E80E09@livius.net
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-26 14:22:36 +01:00
Markus Armbruster
cc7a8ea740 Include qapi/qmp/qerror.h exactly where needed
In particular, don't include it into headers.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com>
2015-06-22 18:20:41 +02:00
Peter Crosthwaite
d49190c420 disas: Remove uses of CPU env
disas does not need to access the CPU env for any reason. Change the
APIs to accept CPU pointers instead. Small change pattern needs to be
applied to all target translate.c. This brings us closer to making
disas.o a common-obj and less architecture specific in general.

Cc: Richard Henderson <rth@twiddle.net>
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: "Edgar E. Iglesias" <edgar.iglesias@gmail.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Cc: Michael Walle <michael@walle.cc>
Cc: Aurelien Jarno <aurelien@aurel32.net>
Cc: Leon Alrae <leon.alrae@imgtec.com>
Cc: Jia Liu <proljc@gmail.com>
Cc: Alexander Graf <agraf@suse.de>
Cc: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Cc: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Cc: Guan Xuetao <gxt@mprc.pku.edu.cn>
Cc: Max Filippov <jcmvbkbc@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Acked-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
2015-06-22 17:40:01 +02:00
Leon Alrae
a59d31a1eb semihosting: add --semihosting-config arg sub-argument
Add new "arg" sub-argument to the --semihosting-config allowing the user
to pass multiple input arguments separately. It is required for example
by UHI semihosting to construct argc and argv.

Also, update ARM semihosting to support new option (at the moment it is
the only target which cares about arguments).

If the semihosting is enabled and no semihosting args have been specified,
then fall back to -kernel/-append. The -append string is split on whitespace
before initializing semihosting.argv[1..n]; this is different from what
QEMU MIPS machines' pseudo-bootloaders do (i.e. argv[1] contains the whole
-append), but is more intuitive from UHI user's point of view and Linux
kernel just does not care as it concatenates argv[1..n] into single cmdline
string anyway.

Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Message-id: 1434643256-16858-3-git-send-email-leon.alrae@imgtec.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-19 14:17:45 +01:00
Leon Alrae
cfe67cef48 semihosting: create SemihostingConfig structure and semihost.h
Remove semihosting_enabled and semihosting_target and replace them with
SemihostingConfig structure containing equivalent fields. The structure
is defined in vl.c where it is actually set.

Also introduce separate header file include/exec/semihost.h allowing to
access semihosting config related stuff from target specific semihosting
code.

Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1434643256-16858-2-git-send-email-leon.alrae@imgtec.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-19 14:17:45 +01:00
Peter Crosthwaite
d6a6b13ea1 target-arm: Add support for Cortex-R5
Introduce a CPU model for the Cortex R5 processor. ARMv7 with MPU,
and both thumb and ARM div instructions.

Also implement dummy ATCM and BTCM. These CPs are defined for R5 but
don't have a lot of meaning in QEMU yet. Raz them so the guest can
proceed if they are read. The TCM registers will return a size of 0,
indicating no TCM.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: efe213163e6800578494aba864ac30329de4d396.1434501320.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-19 14:17:45 +01:00
Peter Crosthwaite
f6bda88ff8 target-arm: Implement PMSAv7 MPU
Unified MPU only. Uses ARM architecture major revision to switch
between PMSAv5 and v7 when ARM_FEATURE_MPU is set. PMSA v6 remains
unsupported and is asserted against.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: dcb03cda6dd754c5cc6a962fa11f25089811e954.1434501320.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-19 14:17:45 +01:00
Peter Crosthwaite
6cb0b013a1 target-arm: Add registers for PMSAv7
Define the arm CP registers for PMSAv7 and their accessor functions.
RGNR serves as a shared index that indexes into arrays storing the
DRBAR, DRSR and DRACR registers. DRBAR and friends have to be VMSDd
separately from the CP interface using a new PMSA specific VMSD
subsection.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 172cf135fbd8f5cea413c00e71cc1c3cac704744.1434501320.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-19 14:17:44 +01:00
Peter Crosthwaite
3281af8114 target-arm/helper.c: define MPUIR register
Define the MPUIR register for MPU supporting ARMv6 and onwards.
Currently we only support unified MPU.

The size of the unified MPU is defined via the number of "dregions".
So just a single config is added to specify this size. (When split MPU
is implemented we will add an extra iregions config).

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 9f248950b803a08c8b3c978931663182f7e882e7.1434501320.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-19 14:17:44 +01:00
Sergey Fedorov
b061a82b8a target-arm: Do not reset sysregs marked as ALIAS
cp_reg_reset() is called from g_hash_table_foreach() which does not
define a specific ordering of the hash table iteration. Thus doing reset
for registers marked as ALIAS would give an ambiguous result when
resetvalue is different for original and alias registers. Exit
cp_reg_reset() early when passed an alias register. Then clean up alias
register definitions from needless resetvalue and resetfn.

In particular, this fixes a bug in the handling of the PMCR register,
which had different resetvalues for its 32 and 64-bit views.

Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1434554713-10220-1-git-send-email-serge.fdrv@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-19 14:17:44 +01:00
Aurelio C. Remonda
ba890a9b25 target-arm: Add the Cortex-M4 CPU
This patch adds the Cortex-M4 CPU. The M4 is basically the same as
the M3, the main differences being the DSP instructions and an
optional FPU.  Only no-FPU cortex-M4 is implemented here, cortex-M4F
is not because the core target-arm code doesn't support the M-profile
FPU model yet.

Signed-off-by: Aurelio C. Remonda <aurelioremonda@gmail.com>
Message-id: 1434461850-4104-1-git-send-email-aurelioremonda@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-19 14:17:44 +01:00
Peter Maydell
3977ee5d7a target-arm: Correct "preferred return address" for cpreg access exceptions
The architecture defines that when taking an exception trying to
access a coprocessor register, the "preferred return address" for
the exception is the address of the instruction that caused the
exception. Correct an off-by-4 error which meant we were returning
the address after the instruction for traps which happened because
of a failure of a runtime access-check function on an AArch32
register. (Traps caused by translate-time checkable permissions
failures had the correct address, as did traps on AArch64 registers.)

This fixes https://bugs.launchpad.net/qemu/+bug/1463338

Reported-by: Robert Buhren <robert@robertbuhren.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1433861440-30133-1-git-send-email-peter.maydell@linaro.org
2015-06-15 18:06:11 +01:00
Peter Crosthwaite
13689d4364 arm: helper: rename get_phys_addr_mpu
This get_phys_addr is really for pmsav5. Rename it accordingly.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: bf4b019aa87d682a45998105ef8e4d4e97a5e117.1434066412.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-15 18:06:10 +01:00
Peter Crosthwaite
8f325f568f arm: Add has-mpu property
For processors that support MPUs, add a property to de-feature it. This
is similar to the implementation of the EL3 feature.

The processor definition in init sets ARM_FEATURE_MPU if it can support
an MPU. post_init exposes the property, defaulting to true. If cleared
by the instantiator, ARM_FEATURE_MPU is then removed at realize time.

This is to support R profile processors that may or may-not have an MPU
configured.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 632918cc48786e868ea18aa6bd12f70597994cad.1434066412.git.peter.crosthwaite@xilinx.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-15 18:06:10 +01:00
Peter Crosthwaite
a8e81b319d arm: Implement uniprocessor with MP config
Add a boolean for indicating uniprocessors with MP extensions. This
drives the U bit in MPIDR. Prepares support for Cortex-R5.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: a70a80583df265e0174f01fa1fc92b33ea6d1db5.1434066412.git.peter.crosthwaite@xilinx.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-15 18:06:10 +01:00
Peter Crosthwaite
b7cc4e82f0 arm: Refactor get_phys_addr FSR return mechanism
Currently, the return code for get_phys_addr is overloaded for both
success/fail and FSR value return. This doesn't handle the case where
there is an error with a 0 FSR. This case exists in PMSAv7.

So rework get_phys_addr and friends to return a success/failure boolean
return code and populate the FSR via a caller provided uint32_t
pointer.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: a209e3d8ae00cda55260c970891f520210e26bad.1434066412.git.peter.crosthwaite@xilinx.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-15 18:06:10 +01:00
Peter Crosthwaite
8e5d75c950 arm: helper: Factor out CP regs common to [pv]msa
V6+ PMSA and VMSA share some common registers that are currently
in the VMSA definition block. Split them out into a new def that can
be shared to PMSA.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 284db78a43c63c9bfbb60de539672c361bcb6af8.1434066412.git.peter.crosthwaite@xilinx.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-15 18:06:10 +01:00
Peter Crosthwaite
5e5cf9e35f arm: Don't add v7mp registers in MPU systems
These registers are VMSA specific so they should be conditional on
VMSA (i.e. !MPU).

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 7bb8843e45f2635c6b7a583c5bb5da51ed4442a0.1434066412.git.peter.crosthwaite@xilinx.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-15 18:06:10 +01:00
Peter Crosthwaite
8085ce63c5 arm: Do not define TLBTR in PMSA systems
If doing a PMSA (MPU) system do not define the VMSA specific TLBTR CP.
The def is done separately from VMSA registers group as it is affected
by both the OMAP/STRONGARM RW errata and the MIDR backgrounding.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: b03fea3840207edf633f5c9189400c3dd6a28d14.1434066412.git.peter.crosthwaite@xilinx.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-15 18:06:10 +01:00
Aurelio C. Remonda
62b44f059a target-arm: Add the THUMB_DSP feature
Create an ARM_FEATURE_THUMB_DSP controlling the Thumb encodings of
the 85 DSP instructions (these are all Thumb2). This is enabled for
all non-M-profile CPUs with Thumb2 support, as the instructions are
mandatory for R and A profiles. On M profile they are optional and
not present in the Cortex-M3 (though they are in the M4).

The effect of this commit is that we will now treat the DSP
encodings as illegal instructions on M3, when previously we
incorrectly implemented them.

Signed-off-by: Aurelio C. Remonda <aurelioremonda@gmail.com>
Message-id: 1434311355-26554-1-git-send-email-aurelioremonda@gmail.com
[PMM: added clz/crc32/crc32c and default case to the early-decode switch;
 minor format/spacing fixups; reworded commit message a bit]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-15 18:06:09 +01:00
Pavel Fedin
eb5e1d3c85 target-arm: Use the kernel's idea of MPIDR if we're using KVM
When we're using KVM, the kernel's internal idea of the MPIDR
affinity fields must match the values we tell it for the guest
vcpu cluster configuration in the device tree. Since at the moment
the kernel doesn't support letting userspace tell it the correct
affinity fields to use, we must read the kernel's view and
reflect that back in the device tree.

Signed-off-by: Shlomo Pongratz <shlomo.pongratz@huawei.com>
Signed-off-by: Pavel Fedin <p.fedin@samsung.com>
Message-id: 02f601d0a1e6$90c7d630$b2578290$@samsung.com
[PMM: Use a local #define rather than a global variable for
 the TCG ARM_CPUS_PER_CLUSTER setting. Tweak a comment. Update the
 commit message.]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-15 18:06:09 +01:00
Sergey Fedorov
ac00c79ff6 target-arm: add AArch32 MIDR aliases in ARMv8
According to ARMv8 ARM, there are additional aliases to MIDR system register in
AArch32 state. So add them to the list.

Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1433321048-23793-3-git-send-email-serge.fdrv@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-15 18:06:08 +01:00
Sergey Fedorov
13b72b2b9a target-arm: Fix REVIDR reset value
According to ARM Cortex-A53/A57 TRM, REVIDR reset value should be zero. So let
REVIDR reset value be specified by CPU model and correct it for Cortex-A53/A57.

Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1433321048-23793-2-git-send-email-serge.fdrv@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-15 18:06:08 +01:00
Shannon Zhao
7525465e6d target-arm/kvm64: Add cortex-a53 cpu support
Since commit e353102(target-arm: cpu64: Add support for Cortex-A53) has
added Cortex-A53 cpu support for target-arm, this patch just enables it
for kvm-arm.

Here adding XGENE_POTENZA just makes the enum continuous.

Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
Message-id: 1433207452-4512-2-git-send-email-shannon.zhao@linaro.org
[PMM: Don't add the CPU types to cpus_to_try[]; this array only
 lists old CPUs which were supported in pre-PREFERRED_TARGET kernels]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-15 18:06:08 +01:00
Alex Bennée
a79e0218e0 target-arm/cpu.h: remove pending_exception
This isn't used by any of the code. In fact it looks like it was never
used as it came in with ARMv7 support.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 1434020015-8868-1-git-send-email-alex.bennee@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-15 18:06:08 +01:00
Sergey Fedorov
4e42a6ca37 target-arm: use extended address bits from supersection short descriptor
Since ARMv7 with LPAE support, a supersection short translation table
descriptor has had extended base address fields which hold bits 39:32 of
translated address. These fields are IMPDEF in ARMv6 and ARMv7 without
LPAE support.

Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1433235718-30485-1-git-send-email-serge.fdrv@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-15 18:06:07 +01:00
Peter Maydell
fc1891c74a target-arm: Handle "extended small page" descriptors correctly
The old ARMv5-style page table format includes a kind of second level
descriptor named the "extended small page" format, whose primary purpose
is to allow specification of the TEX memory attribute bits on a 4K page.
This exists on ARMv6 and also (as an implementation extension) on XScale
CPUs; it's UNPREDICTABLE on v5.

We were mishandling this in two ways:
 (1) we weren't implementing it for v6 (probably never noticed because
Linux will use the new-style v6 page table format there)
 (2) we were not correctly setting the page_size, which is 4K, not 1K

The latter bug went unnoticed for years because the only thing which
the page_size affects is which TLB entries get flushed when the guest
does a TLB invalidate on an address in the page, and prior to commit
2f0d8631b7 we were doing a full TLB flush very frequently due to Linux's
habit of writing the SCTLR pointlessly a lot.

(We can assume that after commit 2f0d8631b7 the bug went unnoticed
for a year because nobody's actually using the Zaurus/XScale emulation...)

Report the correct page size for these descriptors, and permit them
on ARMv6 CPUs. This fixes a problem where a kernel image for Zaurus
can boot the kernel OK but gets random segfaults when it tries to
run userspace programs.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1432844085-16441-1-git-send-email-peter.maydell@linaro.org
2015-06-15 18:06:07 +01:00
Juan Quintela
5cd8cadae8 migration: Use normal VMStateDescriptions for Subsections
We create optional sections with this patch.  But we already have
optional subsections.  Instead of having two mechanism that do the
same, we can just generalize it.

For subsections we just change:

- Add a needed function to VMStateDescription
- Remove VMStateSubsection (after removal of the needed function
  it is just a VMStateDescription)
- Adjust the whole tree, moving the needed function to the corresponding
  VMStateDescription

Signed-off-by: Juan Quintela <quintela@redhat.com>
2015-06-12 06:53:57 +02:00
Peter Maydell
4771cd01da target-arm: Remove v8_ prefix from names of non-v8-specific cpreg arrays
The ARMCPRegInfo arrays v8_el3_no_el2_cp_reginfo and v8_el2_cp_reginfo
are actually used on non-v8 CPUs as well. Remove the incorrect v8_
prefix from their names.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1433182716-6400-1-git-send-email-peter.maydell@linaro.org
2015-06-02 15:32:43 +01:00
Eric Auger
1850b6b7d0 kvm: introduce kvm_arch_msi_data_to_gsi
On ARM the MSI data corresponds to the shared peripheral interrupt (SPI)
ID. This latter equals to the SPI index + 32. to retrieve the SPI index,
matching the gsi, an architecture specific function is introduced.

Signed-off-by: Eric Auger <eric.auger@linaro.org>
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-02 14:56:25 +01:00
Markus Armbruster
57b6d95eb4 Revert "target-arm: Avoid g_hash_table_get_keys()"
Since we now require GLib 2.22+ (commit f40685c), we don't have to
work around lack of g_hash_table_get_keys() anymore.

This reverts commit 82a3a11897.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-id: 1432749090-4698-1-git-send-email-armbru@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-02 14:56:25 +01:00
Edgar E. Iglesias
8742d49d6f target-arm: Add TLBI_VAE2{IS}
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1432881807-18164-11-git-send-email-edgar.iglesias@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-02 14:56:25 +01:00
Edgar E. Iglesias
51da90140b target-arm: Add TLBI_ALLE2
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1432881807-18164-10-git-send-email-edgar.iglesias@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-02 14:56:25 +01:00
Edgar E. Iglesias
bdb9e2d66a target-arm: Add TLBI_ALLE1{IS}
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1432881807-18164-9-git-send-email-edgar.iglesias@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-02 14:56:25 +01:00
Edgar E. Iglesias
a57633c08f target-arm: Add TTBR0_EL2
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1432881807-18164-8-git-send-email-edgar.iglesias@gmail.com
[PMM: Switch to preferred opc1/crm order for 64-bit AArch32 cpregs;
 drop unneeded use of vmsa_ttbr_writefn]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-02 14:56:25 +01:00
Edgar E. Iglesias
ff05f37bab target-arm: Add TPIDR_EL2
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1432881807-18164-7-git-send-email-edgar.iglesias@gmail.com
[PMM: reordered fields into preferred opc0/opc1/crn/crm/opc2 order]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-02 14:56:25 +01:00
Edgar E. Iglesias
b9cb5323bb target-arm: Add SCTLR_EL2
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1432881807-18164-6-git-send-email-edgar.iglesias@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-02 14:56:25 +01:00
Edgar E. Iglesias
06ec4c8c9f target-arm: Add TCR_EL2
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1432881807-18164-5-git-send-email-edgar.iglesias@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-02 14:56:25 +01:00
Edgar E. Iglesias
95f949ac3d target-arm: Add MAIR_EL2
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1432881807-18164-4-git-send-email-edgar.iglesias@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-02 14:56:25 +01:00
Edgar E. Iglesias
a903c449b4 target-arm: Break down TLB_LOCKDOWN
Break down the overly broad wildcard definition of TLB_LOCKDOWN
down to v7 level.

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1432881807-18164-3-git-send-email-edgar.iglesias@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-02 14:56:25 +01:00
Edgar E. Iglesias
3fc827d591 target-arm: Correct check for non-EL3
This fixes a compile warning from clang 3.5 (the assertion
could never fire).

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1432881807-18164-2-git-send-email-edgar.iglesias@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: John Snow <jsnow@redhat.com>
[PMM: added note in commit message that this is fixing a build warning]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-02 13:22:29 +01:00
Peter Maydell
3960c336ad target-arm: Avoid buffer overrun on UNPREDICTABLE ldrd/strd
A LDRD or STRD where rd is not an even number is UNPREDICTABLE.
We were letting this fall through, which is OK unless rd is 15,
in which case we would attempt to do a load_reg or store_reg
to a nonexistent r16 for the second half of the double-word.
Catch the odd-numbered-rd cases and UNDEF them instead.

To do this we rearrange the structure of the code a little
so we can put the UNDEF catches at the top before we've
allocated TCG temporaries.

Cc: qemu-stable@nongnu.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1431348973-21315-1-git-send-email-peter.maydell@linaro.org
2015-05-29 11:29:00 +01:00
Greg Bellows
b1eced713d target-arm: Add WFx instruction trap support
Add support for trapping WFI and WFE instructions to the proper EL when
SCTLR/SCR/HCR settings apply.

Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
[PMM: removed unnecessary tweaking of syn_wfx() prototype;
 use raise_exception();
 don't trap on WFE (and add comment explaining why not);
 remove unnecessary ARM_FEATURE checks;
 trap to EL3, not EL1, if in S-EL0 and SCTLR check fires]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2015-05-29 11:28:53 +01:00
Peter Maydell
84549b6dcf target-arm: Don't halt on WFI unless we don't have any work
Just NOP the WFI instruction if we have work to do.
This doesn't make much difference currently (though it does avoid
jumping out to the top level loop and immediately restarting),
but the distinction between "halt" and "don't halt" will become
more important when the decision to halt requires us to trap
to a higher exception level instead.

Suggested-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2015-05-29 11:28:53 +01:00
Peter Maydell
647f767ba3 target-arm: Move TB flags down to fill gap
Deleting the now-unused ARM_TBFLAG_CPACR_FPEN left a gap in the
bit usage; move the following ARM_TBFLAG_XSCALE_CPAR and
ARM_TBFLAG_NS_SHIFT down 3 bits to fill the gap.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2015-05-29 11:28:53 +01:00
Greg Bellows
9dbbc748d6 target-arm: Extend FP checks to use an EL
Extend the ARM disassemble context to take a target exception EL instead of a
boolean enable. This change reverses the polarity of the check making a value
of 0 indicate floating point enabled (no exception).

Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
[PMM: Use a common TB flag field for AArch32 and AArch64;
 CPTR_EL2 exists in v7; CPTR_EL2 should trap for EL2 accesses;
 CPTR_EL2 should not trap for secure accesses; CPTR_EL3
 should trap for EL3 accesses; CPACR traps for secure
 accesses should trap to EL3 if EL3 is AArch32]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2015-05-29 11:28:53 +01:00
Peter Maydell
3cf6a0fced target-arm: Make singlestate TB flags common between AArch32/64
Currently we keep the TB flags PSTATE_SS and SS_ACTIVE in different
bit positions for AArch64 and AArch32. Replace these separate
definitions with a single common flag in the upper part of the
flags word.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2015-05-29 11:28:52 +01:00
Greg Bellows
c6f191642a target-arm: Add AArch64 CPTR registers
Adds CPTR_EL2/3 system registers definitions and access function.

Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
[PMM: merge CPTR_EL2 and HCPTR definitions into a single
 def using STATE_BOTH;
 don't use readfn/writefn to implement RAZ/WI registers;
 don't use accessfn for the no-EL2 CPTR_EL2;
 fix cpacr_access logic to catch EL2 accesses to CPACR being
 trapped to EL3;
 use new CP_ACCESS_TRAP_EL[23] rather than setting
 exception.target_el directly]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2015-05-29 11:28:52 +01:00
Peter Maydell
38836a2cd4 target-arm: Allow cp access functions to indicate traps to EL2 or EL3
Some coprocessor access functions will need to indicate that the
instruction should trap to EL2 or EL3 rather than the default
target exception level; add corresponding CPAccessResult enum
entries and handling code.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2015-05-29 11:28:52 +01:00
Greg Bellows
012a906b19 target-arm: Update interrupt handling to use target EL
Updated the interrupt handling to utilize and report through the target EL
exception field.  This includes consolidating and cleaning up code where
needed. Target EL is now calculated once in arm_cpu_exec_interrupt() and
do_interrupt was updated to use the target_el exception field.  The
necessary code from arm_excp_target_el() was merged in where needed and the
function removed.

Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Acked-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1429722561-12651-4-git-send-email-greg.bellows@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-29 11:28:51 +01:00
Peter Maydell
c63285991b target-arm: Make raise_exception() take syndrome and target EL
Rather than making every caller of raise_exception set the
syndrome and target EL by hand, make these arguments to
raise_exception() and have that do the job.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2015-05-29 11:28:51 +01:00
Peter Maydell
863b6589d7 target-arm: Set exception target EL in tlb_fill
Set the exception target EL for MMU faults in tlb_fill.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2015-05-29 11:28:51 +01:00
Peter Maydell
8c6084bf10 target-arm: Move setting of exception info into tlb_fill
Move the code which sets exception information out of
arm_cpu_handle_mmu_fault and into tlb_fill. tlb_fill
is the only caller which wants to raise_exception()
so it makes more sense for it to handle the whole of
the exception setup.

As part of this cleanup, move the user-mode-only
implementation function for the handle_mmu_fault CPU
method into cpu.c so we don't need to make it globally
visible, and rename the softmmu-only utility function
arm_cpu_handle_mmu_fault to arm_tlb_fill so it's clear
that it's not the same thing.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2015-05-29 11:28:51 +01:00
Peter Maydell
f2932df777 target-arm: Set correct syndrome for faults on MSR DAIF*, imm
If the SCTLR.UMA trap bit is set then attempts by EL0 to update
the PSTATE DAIF bits via "MSR DAIFSet, imm" and "MSR DAIFClr, imm"
instructions will raise an exception. We were failing to set
the syndrome information for this exception, which meant that
it would be reported as a repeat of whatever the previous
exception was. Set the correct syndrome information.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2015-05-29 11:28:50 +01:00
Greg Bellows
e3b1d48099 target-arm: Extend helpers to route exceptions
Updated the various helper routines to set the target EL as needed using a
dedicated function.

Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Acked-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1429722561-12651-3-git-send-email-greg.bellows@linaro.org
[PMM: Also set target_el in fault cases in access_check_cp_reg()]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-29 11:28:50 +01:00
Greg Bellows
7371036198 target-arm: Add exception target el infrastructure
Add a CPU state exception target EL field that will be used for communicating
the EL to which an exception should be routed.

Add a disassembly context field for tracking the EL3 architecture needed for
determining the target exception EL.

Add a target EL argument to the generic exception helper for callers to specify
the EL to which the exception should be routed.  Extended the helper to set
the newly added CPU state exception target el.

Added a function for setting the target exception EL and updated calls to helpers
to call it.

Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Acked-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1429722561-12651-2-git-send-email-greg.bellows@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-29 11:28:50 +01:00
Edgar E. Iglesias
18084b2f71 target-arm: Remove unneeded '+'
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 1431499963-1019-4-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-18 20:04:19 +01:00
Edgar E. Iglesias
b65c08ee1a target-arm: Correct accessfn for CNTV_TVAL_EL0
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1431499963-1019-3-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-18 20:04:17 +01:00
Edgar E. Iglesias
12cde08aaf target-arm: Correct accessfn for CNTP_{CT}VAL_EL0
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1431499963-1019-2-git-send-email-edgar.iglesias@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-18 20:04:04 +01:00
Greg Bellows
06fbb2fdf7 target-arm: Add WFx syndrome function
Adds a utility function for creating a WFx exception syndrome

Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1429722561-12651-9-git-send-email-greg.bellows@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-18 20:04:04 +01:00
Greg Bellows
88e8add8b6 target-arm: Add EL3 and EL2 TCR checking
Updated get_phys_addr_lpae to check the appropriate TTBCR/TCR depending on the
current EL. Support includes using the different TCR format as well as checks to
insure TTBR1 is not used when in EL2 or EL3.

Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Acked-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1429722561-12651-8-git-send-email-greg.bellows@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-18 20:04:04 +01:00
Greg Bellows
aef878be4e target-arm: Add TTBR regime function and use
Add a utility function for choosing the correct TTBR system register based on
the specified MMU index. Add use of function on physical address lookup.

Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Acked-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 1429722561-12651-7-git-send-email-greg.bellows@linaro.org
[PMM: fixed regime_ttbr() return type to be uint64_t]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-18 20:04:04 +01:00
Peter Crosthwaite
e35310260e target-arm: cpu64: Add support for Cortex-A53
Add the ARM Cortex-A53 processor definition. Similar to A57, but with
different L1 I cache policy, phys addr size and different cache
geometries. The cache sizes is implementation configurable, but use
these values (from Xilinx Zynq MPSoC) as a default until cache size
configurability is added.

Acked-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: db439ff834cf0431bc192b05272a3b28fe2045d0.1431381507.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-18 16:41:08 +01:00
Peter Crosthwaite
ee804264dd target-arm: cpu64: generalise name of A57 regs
Rename some A57 CP register variables in preparation for support for
Cortex A53. Use "a57_a53" to describe the shareable features. Some of
the CP15 registers (such as ACTLR) are specific to implementation, but
we currently just RAZ them so continue with that as the policy for both
A57 and A53 processors under a shared definition.

Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 5a5f957994677d91435190b3be1cefa6f657e274.1431381507.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-18 16:31:59 +01:00
Richard Henderson
3972ef6f83 tcg: Push merged memop+mmu_idx parameter to softmmu routines
The extra information is not yet used but it is now available.
This requires minor changes through all of the tcg backends.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
2015-05-14 12:15:14 -07:00
Peter Maydell
b951cda21d - build bugfix from Fam and new configure check from Emilio
- two improvements to "info mtere" from Gerd
 - KVM support for memory transaction attributes
 - one more small step towards unlocked MMIO dispatch
 - one piece of the qemu-nbd errno fixes
 - trivial-ish patches from Denis and Thomas
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQEcBAABCAAGBQJVTLBhAAoJEL/70l94x66DkGIH/jlNJBMBGhlH/lwb1LzxtAMX
 OxyDxsiwJpSxsOiZiY3oRz7d6VV6TCrmx5L+1HgG5IzU3WC61Tq6/FK4EXLepZIH
 GSYlLtAALWny+2Uwsyh1Z7MMr5yxyhgeORk/l7O8pncmMeysludbEaJqQg8Aa9A2
 j0B2pv4tvcl/qhuIFXL1YlbYMVXMsZy5W65D8jq+B6qf3q8kUcdKvgvbUMrxAiSH
 JMISo4Z32t9w8SGnhlBa9s4HfN2yOvULRAozzkDBAu4c41cZrw16lvTV8XotamnU
 LrG6eQ+2PFeIrcGhuIu7z5Bi4yiRRiThfRLCAvVApVTQYUf7IwvPNa5K1FrP9YU=
 =Z/UD
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

- build bugfix from Fam and new configure check from Emilio
- two improvements to "info mtere" from Gerd
- KVM support for memory transaction attributes
- one more small step towards unlocked MMIO dispatch
- one piece of the qemu-nbd errno fixes
- trivial-ish patches from Denis and Thomas

# gpg: Signature made Fri May  8 13:47:29 2015 BST using RSA key ID 78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg:                 aka "Paolo Bonzini <pbonzini@redhat.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4  E2F7 7E15 100C CD36 69B1
#      Subkey fingerprint: F133 3857 4B66 2389 866C  7682 BFFB D25F 78C7 AE83

* remotes/bonzini/tags/for-upstream:
  qemu-nbd: only send a limited number of errno codes on the wire
  rules.mak: Force CFLAGS for all objects in DSO
  configure: require __thread support
  exec: move rcu_read_lock/unlock to address_space_translate callers
  kvm: add support for memory transaction attributes
  mtree: also print disabled regions
  mtree: tag & indent a bit better
  apic_common: improve readability of apic_reset_common
  kvm: Silence warning from valgrind

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-11 12:01:09 +01:00
Paolo Bonzini
4c66375252 kvm: add support for memory transaction attributes
Let kvm_arch_post_run convert fields in the kvm_run struct to MemTxAttrs.
These are then passed to address_space_rw.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-04-30 16:55:32 +02:00
Peter Crosthwaite
fee068e4f1 tcg: Delete unused cpu_pc_from_tb()
No code uses the cpu_pc_from_tb() function. Delete from tricore and
arm which each provide an unused implementation. Update the comment
in tcg.h to reflect that this is obsoleted by synchronize_from_tb.

Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-04-30 16:06:18 +03:00
Peter Crosthwaite
ef1d27f4b1 arm: cpu.h: Remove unused typdefs
These CP accessor function prototypes are unused. Remove them.

Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-04-30 16:05:48 +03:00
Greg Bellows
4eb2764083 Allow ARMv8 SCR.SMD updates
Updated scr_write to always allow updates to the SCR.SMD bit on ARMv8
regardless of whether virtualization (EL2) is enabled or not.

Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Message-id: 1429888797-4378-1-git-send-email-greg.bellows@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-04-26 16:49:26 +01:00
Sergey Fedorov
3d5c84ff21 target-arm: Adjust id_aa64pfr0 when has_el3 CPU property disabled
Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1429669112-29835-1-git-send-email-serge.fdrv@gmail.com
Reviewed-by: Greg Bellows <greg.bellows@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-04-26 16:49:26 +01:00
Sergey Fedorov
7ebd5f2e03 target-arm: rename c1_coproc to cpacr_el1
Rename the field holding CPACR_EL1 system register state in AArch64
naming style.

Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com>
[PMM: also fixed a couple of missed occurrences in cpu.c]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-04-26 16:49:25 +01:00
Peter Maydell
ef7bab8d73 target-arm: Check watchpoints against CPU security state
Fix a TODO in bp_wp_matches() now that we have a function for
testing whether the CPU is currently in Secure mode or not.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
2015-04-26 16:49:25 +01:00
Peter Maydell
9e1fc5bdfd target-arm: Use attribute info to handle user-only watchpoints
Now that we have memory access attribute information in the watchpoint
checking code, we can correctly implement handling of watchpoints
which should match only on userspace accesses, where LDRT/STRT/LDT/STT
from EL1 are treated as userspace accesses.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
2015-04-26 16:49:25 +01:00
Peter Maydell
0995bf8cd9 target-arm: Add user-mode transaction attribute
Add a transaction attribute indicating that a memory access is being
done from user-mode (unprivileged). This corresponds to an equivalent
signal in ARM AMBA buses.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
2015-04-26 16:49:25 +01:00
Peter Maydell
ebca90e4c3 target-arm: Use correct memory attributes for page table walks
Factor out the page table walk memory accesses into their own function,
so that we can specify the correct S/NS memory attributes for them.
This will also provide a place to use the correct endianness and
handle the need for a stage-2 translation when virtualization is
supported.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
2015-04-26 16:49:25 +01:00
Peter Maydell
8bf5b6a9c1 target-arm: Honour NS bits in page tables
Honour the NS bit in ARM page tables:
 * when adding entries to the TLB, include the Secure/NonSecure
   transaction attribute
 * set the NS bit in the PAR when doing ATS operations

Note that we don't yet correctly use the NSTable bit to
cause the page table walk itself to use the right attributes.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
2015-04-26 16:49:25 +01:00
Alex Bennée
25b9fb107b target-arm: kvm64 fix save/restore of SPSR regs
The current code was negatively indexing the cpu state array and not
synchronizing banked spsr register state with the current mode's spsr
state, causing occasional failures with migration.

Some munging is done to take care of the aarch64 mapping and also to
ensure the most current value of the spsr is updated to the banked
registers (relevant for KVM<->TCG migration).

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-04-01 17:57:30 +01:00
Alex Bennée
0e4b586932 target-arm: kvm64 sync FP register state
For migration to work we need to sync all of the register state. This is
especially noticeable when GCC starts using FP registers as spill
registers even with integer programs.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-04-01 17:57:30 +01:00
Alex Bennée
1a1753f747 target-arm: kvm: save/restore mp state
This adds the saving and restore of the current Multi-Processing state
of the machine. While the KVM_GET/SET_MP_STATE API exposes a number of
potential states for x86 we only use two for ARM. Either the process is
running or not. We then save this state into the cpu_powered TCG state
to avoid changing the serialisation format.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-04-01 17:57:30 +01:00
Peter Maydell
7847f9ea9f target-arm: Store SPSR_EL1 state in banked_spsr[1] (SPSR_svc)
The AArch64 SPSR_EL1 register is architecturally mandated to
be mapped to the AArch32 SPSR_svc register. This means its
state should live in QEMU's env->banked_spsr[1] field.
Correct the various places in the code that incorrectly
put it in banked_spsr[0].

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-04-01 17:57:29 +01:00
Peter Maydell
fcf83ab103 target-arm: Ignore low bit of PC in M-profile exception return
For the ARM M-profile cores, exception return pops various registers
including the PC from the stack. The architecture defines that if the
lowest bit in the new PC value is set (ie the PC is not halfword
aligned) then behaviour is UNPREDICTABLE. In practice hardware
implementations seem to simply ignore the low bit, and some buggy
RTOSes incorrectly rely on this. QEMU's behaviour was architecturally
permitted, but bringing QEMU into line with the hardware behaviour
allows more guest code to run. We log the situation as a guest error.

This was reported as LP:1428657.

Reported-by: Anders Esbensen <anders@lyes.dk>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-03-16 12:30:47 +00:00
Peter Maydell
da3e53ddcb target-arm: Fix handling of STM (user) with r15 in register list
The A32 encoding of LDM distinguishes LDM (user) from LDM (exception
return) based on whether r15 is in the register list. However for
STM (user) there is no equivalent distinction. We were incorrectly
treating "r15 in list" as indicating exception return for both LDM
and STM, with the result that an STM (user) involving r15 went into
an infinite loop. Fix this; note that the value stored for r15
in this case is the current PC regardless of our current mode.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1426015125-5521-1-git-send-email-peter.maydell@linaro.org
2015-03-16 12:30:47 +00:00
Andrew Jones
d8e052b387 target-arm: get_phys_addr_lpae: more xn control
This patch makes the following changes to the determination of
whether an address is executable, when translating addresses
using LPAE.

1. No longer assumes that PL0 can't execute when it can't read.
   It can in AArch64, a difference from AArch32.
2. Use va_size == 64 to determine we're in AArch64, rather than
   arm_feature(env, ARM_FEATURE_V8), which is insufficient.
3. Add additional XN determinants
   - NS && is_secure && (SCR & SCR_SIF)
   - WXN && (prot & PAGE_WRITE)
   - AArch64: (prot_PL0 & PAGE_WRITE)
   - AArch32: UWXN && (prot_PL0 & PAGE_WRITE)
   - XN determination should also work in secure mode (untested)
   - XN may even work in EL2 (currently impossible to test)
4. Cleans up the bloated PAGE_EXEC condition - by removing it.

The helper get_S1prot is introduced. It may even work in EL2,
when support for that comes, but, as the function name implies,
it only works for stage 1 translations.

Signed-off-by: Andrew Jones <drjones@redhat.com>
Message-id: 1426099139-14463-4-git-send-email-drjones@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-03-16 12:30:46 +00:00
Andrew Jones
d76951b65d target-arm: fix get_phys_addr_v6/SCTLR_AFE access check
Introduce simple_ap_to_rw_prot(), which has the same behavior as
ap_to_rw_prot(), but takes the 2-bit simple AP[2:1] instead of
the 3-bit AP[2:0]. Use this in get_phys_addr_v6 when SCTLR_AFE
is set, as that bit indicates we should be using the simple AP
format.

It's unlikely this path is getting used. I don't see CR_AFE
getting used by Linux, so possibly not. If it had been, then
the check would have been wrong for all but AP[2:1] = 0b11.
Anyway, this should fix it up, in case it ever does get used.

Signed-off-by: Andrew Jones <drjones@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1426099139-14463-3-git-send-email-drjones@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-03-16 12:30:46 +00:00
Andrew Jones
0fbf523820 target-arm: convert check_ap to ap_to_rw_prot
Instead of mixing access permission checking with access permissions
to page protection flags translation, just do the translation, and
leave it to the caller to check the protection flags against the access
type. Also rename to ap_to_rw_prot to better describe the new behavior.

Signed-off-by: Andrew Jones <drjones@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1426099139-14463-2-git-send-email-drjones@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-03-16 12:30:46 +00:00
Richard Henderson
42a268c241 tcg: Change translator-side labels to a pointer
This is improved type checking for the translators -- it's no longer
possible to accidentally swap arguments to the branch functions.

Note that the code generating backends still manipulate labels as int.

With notable exceptions, the scope of the change is just a few lines
for each target, so it's not worth building extra machinery to do this
change in per-target increments.

Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Cc: Michael Walle <michael@walle.cc>
Cc: Leon Alrae <leon.alrae@imgtec.com>
Cc: Anthony Green <green@moxielogic.com>
Cc: Jia Liu <proljc@gmail.com>
Cc: Alexander Graf <agraf@suse.de>
Cc: Aurelien Jarno <aurelien@aurel32.net>
Cc: Blue Swirl <blauwirbel@gmail.com>
Cc: Guan Xuetao <gxt@mprc.pku.edu.cn>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Max Filippov <jcmvbkbc@gmail.com>
Reviewed-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Signed-off-by: Richard Henderson <rth@twiddle.net>
2015-03-13 12:28:18 -07:00
Peter Maydell
a195fdd028 misc fixes and cleanups
A bunch of fixes all over the place, some of the
 bugs fixed are actually regressions.
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJVAH/uAAoJECgfDbjSjVRprq0H/iyqLSHQIv6gNOPYQbLXOCv0
 pkCeLx6kTMO9lSwxZcsZvMsYPeiEL3CHRKJcEjq0+Ap0uen0pa2Yl3WzyJcnBcib
 xwkHk/UftFYAiZAzVtd4moXujvVLYNL1ukvr/wPOdIkTEn8U6K3NaT3pLooc369f
 oTyQhlL3E9HJ5S6X0HXJIFwtsOIhPfS3NCLoDFbFjtb9mIsqTx7N5s2C5hctF+ir
 JtyuwPx5oT73WYxoYmjSP6n/Nf5cuJdqtm6o2KijjhWWYMJ6epYVBo/DD6dIFbmJ
 V/23dxpon+lvhae2c2LAVrkiJ1Boon/eMbJK/mNwpFX7vW35ataLPy6pYpaiEJs=
 =RUld
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

misc fixes and cleanups

A bunch of fixes all over the place, some of the
bugs fixed are actually regressions.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Wed Mar 11 17:48:30 2015 GMT using RSA key ID D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>"
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17  0970 C350 3912 AFBE 8E67
#      Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA  8A0D 281F 0DB8 D28D 5469

* remotes/mst/tags/for_upstream: (25 commits)
  virtio-scsi: remove empty wrapper for cmd
  virtio-scsi: clean out duplicate cdb field
  virtio-scsi: fix cdb/sense size
  uapi/virtio_scsi: allow overriding CDB/SENSE size
  virtio-scsi: drop duplicate CDB/SENSE SIZE
  exec: don't include hw/boards for linux-user
  acpi: specify format for build_append_namestring
  MAINTAINERS: drop aliguori@amazon.com
  tpm: Move memory subregion function into realize function
  virtio-pci: Convert to realize()
  pci: Convert pci_nic_init() to Error to avoid qdev_init()
  machine: query mem-merge machine property
  machine: query dump-guest-core machine property
  hw/boards: make it safe to include for linux-user
  machine: query phandle-start machine property
  machine: query kvm-shadow-mem machine property
  kvm: add machine state to kvm_arch_init
  machine: query kernel-irqchip property
  machine: allowed/required kernel-irqchip support
  machine: replace qemu opts with iommu property
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-03-12 09:13:07 +00:00