aboutsummaryrefslogtreecommitdiff
path: root/target-arm
AgeCommit message (Collapse)Author
2014-12-11target-arm: add secure state bit to CPREG hashPeter Maydell
Added additional NS-bit to CPREG hash encoding. Updated hash lookup locations to specify hash bit currently set to non-secure. Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1416242878-876-7-git-send-email-greg.bellows@linaro.org [PMM: fix uses of ENCODE_CP_REG in kvm32.c to add extra argument] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-11target-arm: add CPREG secure state supportFabian Aggeler
Prepare ARMCPRegInfo to support specifying two fieldoffsets per register definition. This will allow us to keep one register definition for banked registers (different offsets for secure/ non-secure world). Also added secure state tracking field and flags. This allows for identification of the register info secure state. Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch> Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1416242878-876-6-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-11target-arm: add non-secure Translation Block flagSergey Fedorov
This patch is based on idea found in patch at git://github.com/jowinter/qemu-trustzone.git f3d955c6c0ed8c46bc0eb10b634201032a651dd2 by Johannes Winter <johannes.winter@iaik.tugraz.at>. The TBFLAG captures the SCR NS secure state at the time when a TB is created so the correct bank is accessed on system register accesses. Signed-off-by: Sergey Fedorov <s.fedorov@samsung.com> Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch> Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1416242878-876-5-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-11target-arm: add banked register accessorsFabian Aggeler
If EL3 is in AArch32 state certain cp registers are banked (secure and non-secure instance). When reading or writing to coprocessor registers the following macros can be used. - A32_BANKED macros are used for choosing the banked register based on provided input security argument. This macro is used to choose the bank during translation of MRC/MCR instructions that are dependent on something other than the current secure state. - A32_BANKED_CURRENT macros are used for choosing the banked register based on current secure state. This is NOT to be used for choosing the bank used during translation as it breaks monitor mode. If EL3 is operating in AArch64 state coprocessor registers are not banked anymore. The macros use the non-secure instance (_ns) in this case, which is architecturally mapped to the AArch64 EL register. Signed-off-by: Sergey Fedorov <s.fedorov@samsung.com> Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch> Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1416242878-876-4-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-11target-arm: add async excp target_el functionGreg Bellows
Adds a dedicated function and a lookup table for determining the target exception level of IRQ and FIQ exceptions. The lookup table is taken from the ARMv7 and ARMv8 specification exception routing tables. Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1416242878-876-3-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-11target-arm: extend async excp maskingGreg Bellows
This patch extends arm_excp_unmasked() to use lookup tables for determining whether IRQ and FIQ exceptions are masked. The lookup tables are based on the ARMv8 and ARMv7 specification physical interrupt masking tables. If EL3 is using AArch64 IRQ/FIQ masking is ignored in all exception levels other than EL3 if SCR.{FIQ|IRQ} is set to 1 (routed to EL3). Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1416242878-876-2-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-12-11Pass semihosting exit code back to system.Liviu Ionescu
In order to run unit tests under semihosting, it is necessary to pass the application exit code back to the system. ARM defines only the code to be used for non-error application exit (ADP_Stopped_ApplicationExit), all other codes should return non-zero exit codes. This patch checks if the application code passed via TARGET_SYS_EXIT is ADP_Stopped_ApplicationExit, and return 0, otherwise return 1. Signed-off-by: Liviu Ionescu <ilg@livius.net> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-11-17target-arm: handle address translations that start at level 3Peter Maydell
The ARMv8 address translation system defines that a page table walk starts at a level which depends on the translation granule size and the number of bits of virtual address that need to be resolved. Where the translation granule is 64KB and the guest sets the TCR.TxSZ field to between 35 and 39, it's actually possible to start at level 3 (the final level). QEMU's implementation failed to handle this case, and so we would set level to 2 and behave incorrectly (including invoking the C undefined behaviour of shifting left by a negative number). Correct the code that determines the starting level to deal with the start-at-3 case, by replacing the if-else ladder with an expression derived from the ARM ARM pseudocode version. This error was detected by the Coverity scan, which spotted the potential shift by a negative number. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1415890569-7454-1-git-send-email-peter.maydell@linaro.org
2014-11-04target-arm: Correct condition for taking VIRQ and VFIQPeter Maydell
The VIRQ and VFIQ exceptions are (as the comments say) only taken if the CPU is in Non-secure state and the IMO/FMO bits are set to enable virtualized interrupts. Correct the code to actually implement this. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1414684132-23971-3-git-send-email-peter.maydell@linaro.org
2014-11-04target-arm: Separate out M profile cpu_exec_interrupt handlingPeter Maydell
The M profile cpu_exec_interrupt handling is fairly simple but does include an M profile specific oddity (disabling interrupts for certain PC values). A/R profile handling on the other hand is getting rapidly more complicated with the support for EL2 and EL3. Split the M profile code out into its own implementation of cpu_exec_interrupt to keep these two things out of each others' way. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1414684132-23971-2-git-send-email-peter.maydell@linaro.org
2014-11-04target-arm/translate.c: Don't pass CPUARMState * to disas_arm_insn()Peter Maydell
Refactor to avoid passing a CPUARMState * to disas_arm_insn(). To do this we move the "read insn from memory" code to the callsite and pass the insn to the function instead. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Message-id: 1414524244-20316-6-git-send-email-peter.maydell@linaro.org Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
2014-11-04target-arm/translate.c: Don't pass CPUARMState around in the decoderPeter Maydell
Passing the CPUARMState around in the decoder is a recipe for bugs where we accidentally generate code that depends on CPU state which isn't reflected in the TB flags. Stop doing this and instead use DisasContext as a way to pass around those bits of CPU state which are known to be safe to use. This commit simply removes initial "CPUARMState *env" parameters from various function definitions, and removes the initial "env" argument from the places where those functions are called. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Message-id: 1414524244-20316-5-git-send-email-peter.maydell@linaro.org Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
2014-11-04target-arm/translate.c: Don't use IS_M()Peter Maydell
Instead of using IS_M(), use arm_dc_feature(s, ARM_FEATURE_M), so we don't need to pass CPUARMState pointers around the decoder. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Message-id: 1414524244-20316-4-git-send-email-peter.maydell@linaro.org Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
2014-11-04target-arm/translate.c: Use arm_dc_feature() rather than arm_feature()Peter Maydell
Use arm_dc_feature() rather than arm_feature() to avoid using CPUARMState unnecessarily. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Message-id: 1414524244-20316-3-git-send-email-peter.maydell@linaro.org Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
2014-11-04target-arm/translate.c: Use arm_dc_feature() in ENABLE_ARCH_ macrosPeter Maydell
All the places where we use the ENABLE_ARCH_* and ARCH() macros have a DisasContext* s, so switch them over to use arm_dc_feature() rather than arm_feature() so we don't need to pass the CPUARMState* env around too. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Message-id: 1414524244-20316-2-git-send-email-peter.maydell@linaro.org Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
2014-11-02target-arm: A64: remove redundant storeAlex Bennée
There is not much point storing the same value twice in a row. Reported-by: Laurent Desnogues <laurent.desnogues@gmail.com> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-10-24target-arm: A32: Emulate the SMC instructionFabian Aggeler
Implements SMC instruction in AArch32 using the A32 syndrome. When executing SMC instruction from monitor CPU mode SCR.NS bit is reset. Signed-off-by: Sergey Fedorov <s.fedorov@samsung.com> Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch> Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Message-id: 1413910544-20150-7-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-10-24target-arm: make arm_current_el() return EL3Fabian Aggeler
Make arm_current_el() return EL3 for secure PL1 and monitor mode. Increase MMU modes since mmu_index is directly inferred from arm_ current_el(). Change assertion in arm_el_is_aa64() to allow EL3. Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch> Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1413910544-20150-6-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-10-24target-arm: rename arm_current_pl to arm_current_elGreg Bellows
Renamed the arm_current_pl CPU function to more accurately represent that it returns the ARMv8 EL rather than ARMv7 PL. Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1413910544-20150-5-git-send-email-greg.bellows@linaro.org [PMM: fixed a minor merge resolution error in a couple of hunks] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-10-24target-arm: reject switching to monitor modeSergey Fedorov
Reject switching to monitor mode from non-secure state. Signed-off-by: Sergey Fedorov <s.fedorov@samsung.com> Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch> Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1413910544-20150-4-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-10-24target-arm: add arm_is_secure() functionFabian Aggeler
arm_is_secure() function allows to determine CPU security state if the CPU implements Security Extensions/EL3. arm_is_secure_below_el3() returns true if CPU is in secure state below EL3. Signed-off-by: Sergey Fedorov <s.fedorov@samsung.com> Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch> Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1413910544-20150-3-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-10-24target-arm: increase arrays of registers R13 & R14Fabian Aggeler
Increasing banked_r13 and banked_r14 to store LR_mon and SP_mon (bank index 7). Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch> Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1413910544-20150-2-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-10-24target-arm: correctly UNDEF writes to FPINST/FPINST2 from EL0Peter Maydell
The ARM ARM requires that the FPINST and FPINST2 VFP control registers are not accessible to code at EL0. We were already correctly implementing this for reads of these registers; add the missing check for the write code path. Reported-by: Laurent Desnogues <laurent.desnogues@gmail.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com> Message-id: 1412967447-20931-1-git-send-email-peter.maydell@linaro.org
2014-10-24target-arm: Report a valid L1Ip field in CTR_EL0 for CPU type "any"Peter Maydell
For the CPU type "any" (only used with linux-user) we were reporting the L1Ip field as 0b00, which is reserved. Change this field to 0b10 instead, indicating a VIPT icache as the comment describes. Reported-by: Laurent Desnogues <laurent.desnogues@gmail.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com> Message-id: 1412966807-20844-1-git-send-email-peter.maydell@linaro.org
2014-10-24target-arm: Correct sense of the DCZID DZP bitPeter Maydell
The DZP bit in the DCZID system register should be set if the control bits which prohibit use of the DC ZVA instruction have been set (it stands for Data Zero Prohibited). However we had the sense of the test inverted; fix this so that the bit reads correctly. To avoid this regressing the behaviour of the user-mode emulator, we must set the DZE bit in the SCTLR for that config so that userspace continues to see DZP as zero (it was getting the correct result by accident previously). Reported-by: Christopher Covington <cov@codeaurora.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Christopher Covington <cov@codeaurora.org> Message-id: 1412959792-20708-1-git-send-email-peter.maydell@linaro.org
2014-10-24target-arm: add emulation of PSCI calls for system emulationRob Herring
Add support for handling PSCI calls in system emulation. Both version 0.1 and 0.2 of the PSCI spec are supported. Platforms can enable support by setting the "psci-conduit" QOM property on the cpus to SMC or HVC emulation and having a PSCI binding in their dtb. Signed-off-by: Rob Herring <rob.herring@linaro.org> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1412865028-17725-7-git-send-email-peter.maydell@linaro.org [PMM: made system reset/off PSCI functions power down the CPU so we obey the PSCI API requirement never to return from them; rearranged how the code is plumbed into the exception system, so that we split "is this a valid call?" from "do the call"] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-10-24target-arm: Add support for A32 and T32 HVC and SMC insnsPeter Maydell
Add support for HVC and SMC instructions to the A32 and T32 decoder. Using these for real exceptions to EL2 or EL3 is currently not supported (the do_interrupt routine does not handle them) but we require the instruction support to implement PSCI. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1412865028-17725-6-git-send-email-peter.maydell@linaro.org
2014-10-24target-arm: Handle SMC/HVC undef-if-no-ELx in pre_* helpersPeter Maydell
SMC must UNDEF if EL3 is not implemented; similarly HVC UNDEFs if EL2 is not implemented. Move the handling of this from translate-a64.c into the pre_smc and pre_hvc helper functions. This is necessary because use of these instructions for PSCI takes precedence over this UNDEF case, and we can't tell if this is a PSCI call until runtime. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1412865028-17725-5-git-send-email-peter.maydell@linaro.org
2014-10-24target-arm: add missing PSCI constants needed for PSCI emulationArd Biesheuvel
This adds some PSCI function IDs and symbolic return codes that are needed to implement PSCI emulation in TCG mode. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1412865028-17725-4-git-send-email-peter.maydell@linaro.org
2014-10-24target-arm: do not set do_interrupt handlers for ARM and AArch64 user modesRob Herring
User mode emulation should never get interrupts and thus should not use the system emulation exception handler function. Remove the reference, and '#ifndef USER_MODE_ONLY' the function itself as well, so that we can add system mode only functionality to it. Signed-off-by: Rob Herring <rob.herring@linaro.org> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1412865028-17725-3-git-send-email-peter.maydell@linaro.org
2014-10-24target-arm: add powered off cpu stateRob Herring
Add tracking of cpu power state in order to support powering off of cores in system emuluation. The initial state is determined by the start-powered-off QOM property. Signed-off-by: Rob Herring <rob.herring@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1412865028-17725-2-git-send-email-peter.maydell@linaro.org
2014-10-06gdbstub: Allow target CPUs to specify watchpoint STOP_BEFORE_ACCESS flagPeter Maydell
GDB assumes that watchpoint set via the gdbstub remote protocol will behave in the same way as hardware watchpoints for the target. In particular, whether the CPU stops with the PC before or after the insn which triggers the watchpoint is target dependent. Allow guest CPU code to specify which behaviour to use. This fixes a bug where with guest CPUs which stop before the accessing insn GDB would manually step forward over what it thought was the insn and end up one insn further forward than it should be. We set this flag for the CPU architectures which set gdbarch_have_nonsteppable_watchpoint in gdb 7.7: ARM, CRIS, LM32, MIPS and Xtensa. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Tested-by: Max Filippov <jcmvbkbc@gmail.com> Tested-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Tested-by: Michael Walle <michael@walle.cc> (for lm32) Message-id: 1410545057-14014-1-git-send-email-peter.maydell@linaro.org
2014-09-29target-arm: Add support for VIRQ and VFIQEdgar E. Iglesias
This only implements the external delivery method via the GIC. Acked-by: Greg Bellows <greg.bellows@linaro.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1411718914-6608-12-git-send-email-edgar.iglesias@gmail.com [PMM: adjusted following cpu-exec refactoring] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-09-29target-arm: Add IRQ and FIQ routing to EL2 and 3Edgar E. Iglesias
Reviewed-by: Greg Bellows <greg.bellows@linaro.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1411718914-6608-11-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-09-29target-arm: A64: Emulate the SMC insnEdgar E. Iglesias
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1411718914-6608-10-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-09-29target-arm: Add a Hypervisor Trap exception typeEdgar E. Iglesias
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1411718914-6608-9-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-09-29target-arm: A64: Emulate the HVC insnEdgar E. Iglesias
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1411718914-6608-8-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-09-29target-arm: A64: Correct updates to FAR and ESR on exceptionsEdgar E. Iglesias
Not all exception types update both FAR and ESR. Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Greg Bellows <greg.bellows@linaro.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1411718914-6608-7-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-09-29target-arm: Don't take interrupts targeting lower ELsEdgar E. Iglesias
Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Greg Bellows <greg.bellows@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1411718914-6608-6-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-09-29target-arm: Break out exception masking to a separate funcEdgar E. Iglesias
Reviewed-by: Greg Bellows <greg.bellows@linaro.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1411718914-6608-5-git-send-email-edgar.iglesias@gmail.com [PMM: updated to account for recent cpu-exec refactoring] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-09-29target-arm: A64: Refactor aarch64_cpu_do_interruptEdgar E. Iglesias
Introduce new_el and new_mode in preparation for future patches that add support for taking exceptions to and from EL2 and 3. No functional change. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1411718914-6608-4-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-09-29target-arm: Add SCR_EL3Edgar E. Iglesias
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1411718914-6608-3-git-send-email-edgar.iglesias@gmail.com [PMM: apply offsetoflow32() to correct regdef] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-09-29target-arm: Add HCR_EL2Edgar E. Iglesias
Reviewed-by: Greg Bellows <greg.bellows@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1411718914-6608-2-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-09-29target-arm: Don't handle c15_cpar changes via tb_flush()Peter Maydell
At the moment we try to handle c15_cpar with the strategy of: * emit generated code which makes assumptions about its value * when the register value changes call tb_flush() to throw away the now-invalid generated code This works because XScale CPUs are always uniprocessor, but it's confusing because it suggests that the same approach can be taken for other registers. It also means we do a tb_flush() on CPU reset, which makes multithreaded linux-user binaries even more likely to fail than would otherwise be the case. Replace it with a combination of TB flags for the access checks done on cp0/cp1 for the XScale and iwMMXt instructions, plus a runtime check for cp2..cp13 coprocessor accesses. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1411056959-23070-1-git-send-email-peter.maydell@linaro.org
2014-09-29target-arm: Implement handling of breakpoint firingPeter Maydell
Implement handling of breakpoint event firing to correctly inject the debug exception into the guest. Since the breakpoint and watchpoint control register format is very similar we adjust wp_matches() to also handle breakpoints as well rather than using a separate function. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1410523465-13400-3-git-send-email-peter.maydell@linaro.org
2014-09-29target-arm: Implement setting guest breakpointsPeter Maydell
This patch adds support for setting guest breakpoints based on values the guest writes to the DBGBVR and DBGBCR registers. (It doesn't include the code to handle when these breakpoints fire, so has no guest-visible effect.) Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1410523465-13400-2-git-send-email-peter.maydell@linaro.org
2014-09-25target-arm: Use cpu_exec_interrupt qom hookRichard Henderson
Cc: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <rth@twiddle.net> Message-id: 1410626734-3804-15-git-send-email-rth@twiddle.net Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-09-12target-arm: Make *IS TLB maintenance ops affect all CPUsPeter Maydell
The ARM architecture defines that the "IS" variants of TLB maintenance operations must affect all TLBs in the Inner Shareable domain, which for us means all CPUs. We were incorrectly implementing these to only affect the current CPU, which meant that SMP TCG operation was unstable. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1410274883-9578-3-git-send-email-peter.maydell@linaro.org Cc: qemu-stable@nongnu.org
2014-09-12target-arm: Push legacy wildcard TLB ops back into v6Peter Maydell
When we implemented ARMv8 in QEMU we retained our legacy loose wildcarded decoding of the TLB maintenance operations for v7 and earlier CPUs and provided the correct stricter decode for v8. However the loose decode is in fact wrong for v7MP, because it doesn't correctly implement the operations which must apply to every CPU in the Inner Shareable domain. Move the legacy wildcarding from the not_v8 reginfo array into the not_v7 array, and move the strictly decoded operations from the v8 reginfo to v7 or v7mp arrays as appropriate. Cache and TLB lockdown legacy wildcarding remains in the not_v8 array for the moment. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1410274883-9578-2-git-send-email-peter.maydell@linaro.org Cc: qemu-stable@nongnu.org
2014-09-12target-arm: Implement minimal DBGVCR, OSDLR_EL1, MDCCSR_EL0Peter Maydell
Implement debug registers DBGVCR, OSDLR_EL1 and MDCCSR_EL0 (as dummy or limited-functionality). 32 bit Linux kernels will access these at startup so they are required for breakpoints and watchpoints to be supported. Signed-off-by: Peter Maydell <peter.maydell@linaro.org>