aboutsummaryrefslogtreecommitdiff
path: root/target/riscv
AgeCommit message (Collapse)Author
2023-02-07RISC-V: Adding XTheadCondMov ISA extensionChristoph Müllner
This patch adds support for the XTheadCondMov ISA extension. The patch uses the T-Head specific decoder and translation. Co-developed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu> Message-Id: <20230131202013.2541053-7-christoph.muellner@vrull.eu> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-02-07RISC-V: Adding XTheadBs ISA extensionChristoph Müllner
This patch adds support for the XTheadBs ISA extension. The patch uses the T-Head specific decoder and translation. Co-developed-by: Philipp Tomsich <philipp.tomsich@vrull.eu> Co-developed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu> Message-Id: <20230131202013.2541053-6-christoph.muellner@vrull.eu> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-02-07RISC-V: Adding XTheadBb ISA extensionChristoph Müllner
This patch adds support for the XTheadBb ISA extension. The patch uses the T-Head specific decoder and translation. Co-developed-by: Philipp Tomsich <philipp.tomsich@vrull.eu> Co-developed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu> Message-Id: <20230131202013.2541053-5-christoph.muellner@vrull.eu> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-02-07RISC-V: Adding XTheadBa ISA extensionChristoph Müllner
This patch adds support for the XTheadBa ISA extension. The patch uses the T-Head specific decoder and translation. Co-developed-by: Philipp Tomsich <philipp.tomsich@vrull.eu> Co-developed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu> Message-Id: <20230131202013.2541053-4-christoph.muellner@vrull.eu> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-02-07RISC-V: Adding XTheadSync ISA extensionChristoph Müllner
This patch adds support for the XTheadSync ISA extension. The patch uses the T-Head specific decoder and translation. The implementation introduces a helper to execute synchronization tasks: helper_tlb_flush_all() performs a synchronized TLB flush on all CPUs. Co-developed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu> Message-Id: <20230131202013.2541053-3-christoph.muellner@vrull.eu> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-02-07RISC-V: Adding XTheadCmo ISA extensionChristoph Müllner
This patch adds support for the XTheadCmo ISA extension. To avoid interfering with standard extensions, decoder and translation are in its own xthead* specific files. Future patches should be able to easily add additional T-Head extension. The implementation does not have much functionality (besides accepting the instructions and not qualifying them as illegal instructions if the hart executes in the required privilege level for the instruction), as QEMU does not model CPU caches and instructions are documented to not raise any exceptions. Co-developed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20230131202013.2541053-2-christoph.muellner@vrull.eu> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-02-07target/riscv: set tval for triggered watchpointsSergey Matyukevich
According to privileged spec, if [sm]tval is written with a nonzero value when a breakpoint exception occurs, then [sm]tval will contain the faulting virtual address. Set tval to hit address when breakpoint exception is triggered by hardware watchpoint. Signed-off-by: Sergey Matyukevich <sergey.matyukevich@syntacore.com> Reviewed-by: Bin Meng <bmeng@tinylab.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20230131170955.752743-1-geomatsi@gmail.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-02-07target/riscv: Ensure opcode is saved for all relevant instructionsAnup Patel
We should call decode_save_opc() for all relevant instructions which can potentially generate a virtual instruction fault or a guest page fault because generating transformed instruction upon guest page fault expects opcode to be available. Without this, hypervisor will see transformed instruction as zero in htinst CSR for guest MMIO emulation which makes MMIO emulation in hypervisor slow and also breaks nested virtualization. Fixes: a9814e3e08d2 ("target/riscv: Minimize the calls to decode_save_opc") Signed-off-by: Anup Patel <apatel@ventanamicro.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20230120125950.2246378-5-apatel@ventanamicro.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-02-07target/riscv: No need to re-start QEMU timer when timecmp == UINT64_MAXAnup Patel
The time CSR will wrap-around immediately after reaching UINT64_MAX so we don't need to re-start QEMU timer when timecmp == UINT64_MAX in riscv_timer_write_timecmp(). Signed-off-by: Anup Patel <apatel@ventanamicro.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20230120125950.2246378-4-apatel@ventanamicro.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-02-07target/riscv: Don't clear mask in riscv_cpu_update_mip() for VSTIPAnup Patel
Instead of clearing mask in riscv_cpu_update_mip() for VSTIP, we should call riscv_cpu_update_mip() with mask == 0 from timer_helper.c for VSTIP. Fixes: 3ec0fe18a31f ("target/riscv: Add vstimecmp suppor") Signed-off-by: Anup Patel <apatel@ventanamicro.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20230120125950.2246378-3-apatel@ventanamicro.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-02-07target/riscv: Update VS timer whenever htimedelta changesAnup Patel
The htimedelta[h] CSR has impact on the VS timer comparison so we should call riscv_timer_write_timecmp() whenever htimedelta changes. Fixes: 3ec0fe18a31f ("target/riscv: Add vstimecmp suppor") Signed-off-by: Anup Patel <apatel@ventanamicro.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20230120125950.2246378-2-apatel@ventanamicro.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-01-20target/riscv: Remove helper_set_rod_rounding_modeRichard Henderson
The only setting of RISCV_FRM_ROD is from the vector unit, and now handled by helper_set_rounding_mode_chkfrm. This helper is now unused. Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20230115160657.3169274-3-richard.henderson@linaro.org> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-01-20target/riscv: Introduce helper_set_rounding_mode_chkfrmRichard Henderson
The new helper always validates the contents of FRM, even if the new rounding mode is not DYN. This is required by the vector unit. Track whether we've validated FRM separately from whether we've updated fp_status with a given rounding mode, so that we can elide calls correctly. This partially reverts d6c4d3f2a69 which attempted the to do the same thing, but with two calls to gen_set_rm(), which is both inefficient and tickles an assertion in decode_save_opc. Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1441 Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com> Acked-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20230115160657.3169274-2-richard.henderson@linaro.org> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-01-20target/riscv: Trap on writes to stimecmp from VS when hvictl.VTI=1Andrew Bresticker
Per the AIA specification, writes to stimecmp from VS level should trap when hvictl.VTI is set since the write may cause vsip.STIP to become unset. Fixes: 3ec0fe18a31f ("target/riscv: Add vstimecmp support") Signed-off-by: Andrew Bresticker <abrestic@rivosinc.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20221215224541.1423431-2-abrestic@rivosinc.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-01-20target/riscv: Fix up masking of vsip/vsie accessesAndrew Bresticker
The current logic attempts to shift the VS-level bits into their correct position in mip while leaving the remaining bits in-tact. This is both pointless and likely incorrect since one would expect that any new, future VS-level interrupts will get their own position in mip rather than sharing with their (H)S-level equivalent. Fix this, and make the logic more readable, by just making off the VS-level bits and shifting them into position. This also fixes reads of vsip, which would only ever report vsip.VSSIP since the non-writable bits got masked off as well. Fixes: d028ac7512f1 ("arget/riscv: Implement AIA CSRs for 64 local interrupts on RV32") Signed-off-by: Andrew Bresticker <abrestic@rivosinc.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20221215224541.1423431-1-abrestic@rivosinc.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-01-20target/riscv: Use TARGET_FMT_lx for env->mhartidBin Meng
env->mhartid is currently casted to long before printed, which drops the high 32-bit for rv64 on 32-bit host. Use TARGET_FMT_lx instead. Signed-off-by: Bin Meng <bmeng@tinylab.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20230109152655.340114-1-bmeng@tinylab.org> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-01-20target/riscv/cpu.c: do not skip misa logic in riscv_cpu_realize()Daniel Henrique Barboza
All RISCV CPUs are setting cpu->cfg during their cpu_init() functions, meaning that there's no reason to skip all the misa validation and setup if misa_ext was set beforehand - especially since we're setting an updated value in set_misa() in the end. Put this code chunk into a new riscv_cpu_validate_set_extensions() helper and always execute it regardless of what the board set in env->misa_ext. This will put more responsibility in how each board is going to init their attributes and extensions if they're not using the defaults. It'll also allow realize() to do its job looking only at the extensions enabled per se, not corner cases that some CPUs might have, and we won't have to change multiple code paths to fix or change how extensions work. Signed-off-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Bin Meng <bmeng@tinylab.org> Message-Id: <20230113175230.473975-3-dbarboza@ventanamicro.com> [ Changes by AF: - Rebase ] Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-01-20target/riscv/cpu: set cpu->cfg in register_cpu_props()Daniel Henrique Barboza
There is an informal contract between the cpu_init() functions and riscv_cpu_realize(): if cpu->env.misa_ext is zero, assume that the default settings were loaded via register_cpu_props() and do validations to set env.misa_ext. If it's not zero, skip this whole process and assume that the board somehow did everything. At this moment, all SiFive CPUs are setting a non-zero misa_ext during their cpu_init() and skipping a good chunk of riscv_cpu_realize(). This causes problems when the code being skipped in riscv_cpu_realize() contains fixes or assumptions that affects all CPUs, meaning that SiFive CPUs are missing out. To allow this code to not be skipped anymore, all the cpu->cfg.ext_* attributes needs to be set during cpu_init() time. At this moment this is being done in register_cpu_props(). The SiFive boards are setting their own extensions during cpu_init() though, meaning that they don't want all the defaults from register_cpu_props(). Let's move the contract between *_cpu_init() and riscv_cpu_realize() to register_cpu_props(). Inside this function we'll check if cpu->env.misa_ext was set and, if that's the case, set all relevant cpu->cfg.ext_* attributes, and only that. Leave the 'misa_ext' = 0 case as is today, i.e. loading all the defaults from riscv_cpu_extensions[]. register_cpu_props() can then be called by all the cpu_init() functions, including the SiFive ones. This will make all CPUs behave more in line with what riscv_cpu_realize() expects. This will also make the cpu_init() functions even more alike, but at this moment we would need some design changes in how we're initializing extensions/attributes (e.g. some CPUs are setting cfg options after register_cpu_props(), so we can't simply add the function to a common post_init() hook) to make a common cpu_init() code across all CPUs. Signed-off-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20230113175230.473975-2-dbarboza@ventanamicro.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-01-20target/riscv/cpu.c: Fix elen checkDongxue Zhang
The elen check should be cpu->cfg.elen in range [8, 64]. Signed-off-by: Dongxue Zhang <elta.era@gmail.com> Reviewed-by: LIU Zhiwei <zhiwe_liu@linux.alibaba.com> Reviewed-by: Frank Chang <frank.chang@sifive.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <167236721596.15277.2653405273227256289-0@git.sr.ht> [ Changes by AF: - Tidy up commit message ] Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-01-20hw/char: riscv_htif: Move registers from CPUArchState to HTIFStateBin Meng
At present for some unknown reason the HTIF registers (fromhost & tohost) are defined in the RISC-V CPUArchState. It should really be put in the HTIFState struct as it is only meaningful to HTIF. Signed-off-by: Bin Meng <bmeng@tinylab.org> Reviewed-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20221229091828.1945072-6-bmeng@tinylab.org> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-01-18bulk: Rename TARGET_FMT_plx -> HWADDR_FMT_plxPhilippe Mathieu-Daudé
The 'hwaddr' type is defined in "exec/hwaddr.h" as: hwaddr is the type of a physical address (its size can be different from 'target_ulong'). All definitions use the 'HWADDR_' prefix, except TARGET_FMT_plx: $ fgrep define include/exec/hwaddr.h #define HWADDR_H #define HWADDR_BITS 64 #define HWADDR_MAX UINT64_MAX #define TARGET_FMT_plx "%016" PRIx64 ^^^^^^ #define HWADDR_PRId PRId64 #define HWADDR_PRIi PRIi64 #define HWADDR_PRIo PRIo64 #define HWADDR_PRIu PRIu64 #define HWADDR_PRIx PRIx64 #define HWADDR_PRIX PRIX64 Since hwaddr's size can be *different* from target_ulong, it is very confusing to read one of its format using the 'TARGET_FMT_' prefix, normally used for the target_long / target_ulong types: $ fgrep TARGET_FMT_ include/exec/cpu-defs.h #define TARGET_FMT_lx "%08x" #define TARGET_FMT_ld "%d" #define TARGET_FMT_lu "%u" #define TARGET_FMT_lx "%016" PRIx64 #define TARGET_FMT_ld "%" PRId64 #define TARGET_FMT_lu "%" PRIu64 Apparently this format was missed during commit a8170e5e97 ("Rename target_phys_addr_t to hwaddr"), so complete it by doing a bulk-rename with: $ sed -i -e s/TARGET_FMT_plx/HWADDR_FMT_plx/g $(git grep -l TARGET_FMT_plx) Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Message-Id: <20230110212947.34557-1-philmd@linaro.org> [thuth: Fix some warnings from checkpatch.pl along the way] Signed-off-by: Thomas Huth <thuth@redhat.com>
2023-01-06Merge tag 'pull-riscv-to-apply-20230106' of ↵Peter Maydell
https://github.com/alistair23/qemu into staging First RISC-V PR for QEMU 8.0 * Fix PMP propagation for tlb * Collection of bug fixes * Bump the OpenTitan supported version * Add smstateen support * Support native debug icount trigger * Remove the redundant ipi-id property in the virt machine * Support cache-related PMU events in virtual mode * Add some missing PolarFire SoC io regions * Fix mret exception cause when no pmp rule is configured * Fix bug where disabling compressed instructions would crash QEMU * Add Zawrs ISA extension support * A range of code refactoring and cleanups # gpg: Signature made Fri 06 Jan 2023 00:47:23 GMT # gpg: using RSA key F6C4AC46D4934868D3B8CE8F21E10D29DF977054 # gpg: Good signature from "Alistair Francis <alistair@alistair23.me>" [full] # Primary key fingerprint: F6C4 AC46 D493 4868 D3B8 CE8F 21E1 0D29 DF97 7054 * tag 'pull-riscv-to-apply-20230106' of https://github.com/alistair23/qemu: (43 commits) hw/intc: sifive_plic: Fix the pending register range check hw/riscv: opentitan: Drop "hartid-base" and "priority-base" initialization hw/intc: sifive_plic: Change "priority-base" to start from interrupt source 0 hw/riscv: virt: Fix the value of "riscv, ndev" in the dtb hw/riscv: sifive_u: Avoid using magic number for "riscv, ndev" hw/riscv: sifive_e: Fix the number of interrupt sources of PLIC hw/riscv: microchip_pfsoc: Fix the number of interrupt sources of PLIC hw/intc: sifive_plic: Update "num-sources" property default value hw/intc: sifive_plic: Use error_setg() to propagate the error up via errp in sifive_plic_realize() hw/intc: sifive_plic: Improve robustness of the PLIC config parser hw/intc: sifive_plic: Drop PLICMode_H hw/riscv: spike: Remove misleading comments hw/riscv: Sort machines Kconfig options in alphabetical order hw/riscv: Fix opentitan dependency to SIFIVE_PLIC hw/intc: Select MSI_NONBROKEN in RISC-V AIA interrupt controllers hw/riscv: Select MSI_NONBROKEN in SIFIVE_PLIC RISC-V: Add Zawrs ISA extension support target/riscv: Clear mstatus.MPRV when leaving M-mode for priv spec 1.12+ target/riscv: Simplify helper_sret() a little bit target/riscv: Set pc_succ_insn for !rvc illegal insn ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-01-06RISC-V: Add Zawrs ISA extension supportChristoph Muellner
This patch adds support for the Zawrs ISA extension. Given the current (incomplete) implementation of reservation sets there seems to be no way to provide a full emulation of the WRS instruction (wake on reservation set invalidation or timeout or interrupt). Therefore, we just exit the TB and return to the main loop. The specification can be found here: https://github.com/riscv/riscv-zawrs/blob/main/zawrs.adoc Note, that the Zawrs extension is frozen, but not ratified yet. Changes since v3: * Remove "RFC" since the extension is frozen * Rebase on master and fix integration issues * Fix entry ordering in extension list Changes since v2: * Rebase on master and resolve conflicts * Adjustments according to a specification change * Inline REQUIRE_ZAWRS() since it has only one user Changes since v1: * Adding zawrs to the ISA string that is passed to the kernel Signed-off-by: Christoph Müllner <christoph.muellner@vrull.eu> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20221005144948.3421504-1-christoph.muellner@vrull.eu> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-01-06target/riscv: Clear mstatus.MPRV when leaving M-mode for priv spec 1.12+Bin Meng
Since priv spec v1.12, MRET and SRET now clear mstatus.MPRV when leaving M-mode. Signed-off-by: Bin Meng <bmeng@tinylab.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20221207090037.281452-2-bmeng@tinylab.org> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-01-06target/riscv: Simplify helper_sret() a little bitBin Meng
There are 2 paths in helper_sret() and the same mstatus update codes are replicated. Extract the common parts to simplify it a little bit. Signed-off-by: Bin Meng <bmeng@tinylab.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20221207090037.281452-1-bmeng@tinylab.org> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-01-06target/riscv: Set pc_succ_insn for !rvc illegal insnRichard Henderson
Failure to set pc_succ_insn may result in a TB covering zero bytes, which triggers an assert within the code generator. Cc: qemu-stable@nongnu.org Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1224 Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Message-Id: <20221203175744.151365-1-richard.henderson@linaro.org> [ Changes by AF: - Add missing run-plugin-test-noc-% line ] Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-01-06target/riscv: Fix mret exception cause when no pmp rule is configuredBin Meng
The priv spec v1.12 says: If no PMP entry matches an M-mode access, the access succeeds. If no PMP entry matches an S-mode or U-mode access, but at least one PMP entry is implemented, the access fails. Failed accesses generate an instruction, load, or store access-fault exception. At present the exception cause is set to 'illegal instruction' but should have been 'instruction access fault'. Fixes: d102f19a2085 ("target/riscv/pmp: Raise exception if no PMP entry is configured") Signed-off-by: Bin Meng <bmeng@tinylab.org> Reviewed-by: Wilfred Mallawa <wilfred.mallawa@wdc.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20221205065303.204095-1-bmeng@tinylab.org> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-01-06target/riscv: Add some comments for sstatus CSR in riscv_cpu_dump_state()Bin Meng
sstatus register dump is currently missing in riscv_cpu_dump_state(). As sstatus is a copy of mstatus, which is described in the priv spec, it seems redundant to print the same information twice. Add some comments for this to let people know this is intentional. Signed-off-by: Bin Meng <bmeng@tinylab.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20221125050354.3166023-1-bmeng@tinylab.org> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-01-06target/riscv: support cache-related PMU events in virtual modeJim Shu
let tlb_fill() function also increments PMU counter when it is from two-stage translation, so QEMU could also monitor these PMU events when CPU runs in VS/VU mode (like running guest OS). Signed-off-by: Jim Shu <jim.shu@sifive.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20221123090635.6574-1-jim.shu@sifive.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-01-06target/riscv: Typo fix in sstc() predicateAnup Patel
We should use "&&" instead of "&" when checking hcounteren.TM and henvcfg.STCE bits. Fixes: 3ec0fe18a31f ("target/riscv: Add vstimecmp suppor") Signed-off-by: Anup Patel <apatel@ventanamicro.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20221108125703.1463577-2-apatel@ventanamicro.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-01-06target/riscv: Add itrigger_enabled field to CPURISCVStateLIU Zhiwei
Avoid calling riscv_itrigger_enabled() when calculate the tbflags. As the itrigger enable status can only be changed when write tdata1, migration load or itrigger fire, update env->itrigger_enabled at these places. Signed-off-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20221013062946.7530-5-zhiwei_liu@linux.alibaba.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-01-06target/riscv: Enable native debug itriggerLIU Zhiwei
When QEMU is not in icount mode, execute instruction one by one. The tdata1 can be read directly. When QEMU is in icount mode, use a timer to simulate the itrigger. The tdata1 may be not right because of lazy update of count in tdata1. Thus, We should pack the adjusted count into tdata1 before read it back. Signed-off-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20221013062946.7530-4-zhiwei_liu@linux.alibaba.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-01-06target/riscv: Add itrigger support when icount is enabledLIU Zhiwei
The max count in itrigger can be 0x3FFF, which will cause a no trivial translation and execution overload. When icount is enabled, QEMU provides API that can fetch guest instruction number. Thus, we can set an timer for itrigger with the count as deadline. Only when timer expires or priviledge mode changes, do lazy update to count. Signed-off-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20221013062946.7530-3-zhiwei_liu@linux.alibaba.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-01-06target/riscv: Add itrigger support when icount is not enabledLIU Zhiwei
When icount is not enabled, there is no API in QEMU that can get the guest instruction number. Translate the guest code in a way that each TB only has one instruction. After executing the instruction, decrease the count by 1 until it reaches 0 where the itrigger fires. Note that only when priviledge matches the itrigger configuration, the count will decrease. Signed-off-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20221013062946.7530-2-zhiwei_liu@linux.alibaba.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-01-06target/riscv: generate virtual instruction exceptionMayuresh Chitale
This patch adds a mechanism to generate a virtual instruction instruction exception instead of an illegal instruction exception during instruction decode when virt is enabled. Signed-off-by: Mayuresh Chitale <mchitale@ventanamicro.com> Reviewed-by: Weiwei Li <liweiwei@iscas.ac.cn> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20221016124726.102129-4-mchitale@ventanamicro.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-01-06target/riscv: smstateen check for h/s/envcfgMayuresh Chitale
Accesses to henvcfg, henvcfgh and senvcfg are allowed only if the corresponding bit in mstateen0/hstateen0 is enabled. Otherwise an illegal instruction trap is generated. Signed-off-by: Mayuresh Chitale <mchitale@ventanamicro.com> Reviewed-by: Weiwei Li<liweiwei@iscas.ac.cn> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20221016124726.102129-3-mchitale@ventanamicro.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-01-06target/riscv: Add smstateen supportMayuresh Chitale
Smstateen extension specifies a mechanism to close the potential covert channels that could cause security issues. This patch adds the CSRs defined in the specification and the corresponding predicates and read/write functions. Signed-off-by: Mayuresh Chitale <mchitale@ventanamicro.com> Reviewed-by: Weiwei Li <liweiwei@iscas.ac.cn> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20221016124726.102129-2-mchitale@ventanamicro.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-01-06target/riscv: Fix PMP propagation for tlbLIU Zhiwei
Only the pmp index that be checked by pmp_hart_has_privs can be used by pmp_get_tlb_size to avoid an error pmp index. Before modification, we may use an error pmp index. For example, we check address 0x4fc, and the size 0x4 in pmp_hart_has_privs. If there is an pmp rule, valid range is [0x4fc, 0x500), then pmp_hart_has_privs will return true; However, this checked pmp index is discarded as pmp_hart_has_privs return bool value. In pmp_is_range_in_tlb, it will traverse all pmp rules. The tlb_sa will be 0x0, and tlb_ea will be 0xfff. If there is a pmp rule [0x10, 0x14), it will be misused as it is legal in pmp_get_tlb_size. As we have already known the correct pmp index, just remove the remove the pmp_is_range_in_tlb and get tlb size directly from pmp_get_tlb_size. Signed-off-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-Id: <20221012060016.30856-1-zhiwei_liu@linux.alibaba.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2023-01-04target/riscv: Use QEMU_IOTHREAD_LOCK_GUARD in riscv_cpu_update_mipRichard Henderson
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2022-12-16target/riscv: Convert to 3-phase resetPeter Maydell
Convert the riscv CPU class to use 3-phase reset, so it doesn't need to use device_class_set_parent_reset() any more. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: Edgar E. Iglesias <edgar@zeroasic.com> Reviewed-by: Taylor Simpson <tsimpson@quicinc.com> Reviewed-by: Greg Kurz <groug@kaod.org> Message-id: 20221124115023.2437291-15-peter.maydell@linaro.org
2022-12-14cleanup: Tweak and re-run return_directly.cocciMarkus Armbruster
Tweak the semantic patch to drop redundant parenthesis around the return expression. Coccinelle drops a comment in hw/rdma/vmw/pvrdma_cmd.c; restored manually. Coccinelle messes up vmdk_co_create(), not sure why. Change dropped, will be done manually in the next commit. Line breaks in target/avr/cpu.h and hw/rdma/vmw/pvrdma_cmd.c tidied up manually. Whitespace in tools/virtiofsd/fuse_lowlevel.c tidied up manually. checkpatch.pl complains "return of an errno should typically be -ve" two times for hw/9pfs/9p-synth.c. Preexisting, the patch merely makes it visible to checkpatch.pl. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20221122134917.1217307-2-armbru@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2022-10-26Merge tag 'pull-tcg-20221026' of https://gitlab.com/rth7680/qemu into stagingStefan Hajnoczi
Revert incorrect cflags initialization. Add direct jumps for tcg/loongarch64. Speed up breakpoint check. Improve assertions for atomic.h. Move restore_state_to_opc to TCGCPUOps. Cleanups to TranslationBlock maintenance. # -----BEGIN PGP SIGNATURE----- # # iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAmNYlo4dHHJpY2hhcmQu # aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV9y2wf9EKsCA6VtYI2Qtftf # q/ujYFmUf8AKTb9eVcA0XX71CT1dEnFR7GQyT8B8X13x0pSbOX7tbEWHPreegTFV # tESiejvymi6Q9devAB58GVwNoU/zPIQQGhCPxkVUKDmRztJz22MbGUzd7UKPPgU8 # 2nVMkIpLTMBsKeFLxE/D3ZntmdKsgyI/1Dtkl9TxvlDGsCbMjbNcr8lM+TLaG2oX # GZhFyJHKEVy0cobukvhhb/9rU7AWdG/BnFmZM16JxvHV/YCwJBx3Udhcy9xPePUU # yIjkGsUAq4aB6H9RFuTWh7GmaY5u6gMbTTi2J7hDos0mzauYJtpgEB/H42LpycGE # sOhkLQ== # =DUb8 # -----END PGP SIGNATURE----- # gpg: Signature made Tue 25 Oct 2022 22:08:14 EDT # gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F # gpg: issuer "richard.henderson@linaro.org" # gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [full] # Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A 05C0 64DF 38E8 AF7E 215F * tag 'pull-tcg-20221026' of https://gitlab.com/rth7680/qemu: (47 commits) accel/tcg: Remove restore_state_to_opc function target/xtensa: Convert to tcg_ops restore_state_to_opc target/tricore: Convert to tcg_ops restore_state_to_opc target/sparc: Convert to tcg_ops restore_state_to_opc target/sh4: Convert to tcg_ops restore_state_to_opc target/s390x: Convert to tcg_ops restore_state_to_opc target/rx: Convert to tcg_ops restore_state_to_opc target/riscv: Convert to tcg_ops restore_state_to_opc target/ppc: Convert to tcg_ops restore_state_to_opc target/openrisc: Convert to tcg_ops restore_state_to_opc target/nios2: Convert to tcg_ops restore_state_to_opc target/mips: Convert to tcg_ops restore_state_to_opc target/microblaze: Convert to tcg_ops restore_state_to_opc target/m68k: Convert to tcg_ops restore_state_to_opc target/loongarch: Convert to tcg_ops restore_state_to_opc target/i386: Convert to tcg_ops restore_state_to_opc target/hppa: Convert to tcg_ops restore_state_to_opc target/hexagon: Convert to tcg_ops restore_state_to_opc target/cris: Convert to tcg_ops restore_state_to_opc target/avr: Convert to tcg_ops restore_state_to_opc ... Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2022-10-26target/riscv: Convert to tcg_ops restore_state_to_opcRichard Henderson
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2022-10-24treewide: Remove the unnecessary space before semicolonBin Meng
%s/return ;/return; Signed-off-by: Bin Meng <bmeng@tinylab.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Christian Schoenebeck <qemu_oss@crudebyte.com> Message-Id: <20221024072802.457832-1-bmeng@tinylab.org> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2022-10-14target/riscv: pmp: Fixup TLB size calculationAlistair Francis
Since commit 4047368938f6 "accel/tcg: Introduce tlb_set_page_full" we have been seeing this assert ../accel/tcg/cputlb.c:1294: tlb_set_page_with_attrs: Assertion `is_power_of_2(size)' failed. When running Tock on the OpenTitan machine. The issue is that pmp_get_tlb_size() would return a TLB size that wasn't a power of 2. The size was also smaller then TARGET_PAGE_SIZE. This patch ensures that any TLB size less then TARGET_PAGE_SIZE is rounded down to 1 to ensure it's a valid size. Signed-off-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: LIU Zhiwei<zhiwei_liu@linux.alibaba.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20221012011449.506928-1-alistair.francis@opensource.wdc.com Message-Id: <20221012011449.506928-1-alistair.francis@opensource.wdc.com>
2022-10-13Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into stagingStefan Hajnoczi
* scsi-disk: support setting CD-ROM block size via device options * target/i386: Implement MSR_CORE_THREAD_COUNT MSR * target/i386: notify VM exit support * target/i386: PC-relative translation block support * target/i386: support for XSAVE state in signal frames (linux-user) # -----BEGIN PGP SIGNATURE----- # # iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmNFKP4UHHBib256aW5p # QHJlZGhhdC5jb20ACgkQv/vSX3jHroNJnwgAgCcOOxmY4Qem0Gd1L+SJKpEtGMOd # 4LY7443vT36pMpvqFNSfp5GBjDT1MgTD8BIY28miLMq959LT89LyM9g/H7IKOT82 # uyCsW3jW+6F19EZVkNvzTt+3USn/kaHn50zA4Ss9kvdNZr31b2LYqtglVCznfZwH # oI1rDhvsXubq8oWvwkqH7IwduK8mw+EB5Yz7AjYQ6eiYjenTrQBObpwQNbb4rlUf # oRm8dk/YJ2gfI2HQkoznGEbgpngy2tIU1vHNEpIk5NpwXxrulOyui3+sWaG4pH8f # oAOrSDC23M5A6jBJJAzDJ1q6M677U/kwJypyGQ7IyvyhECXE3tR+lHX1eA== # =tqeJ # -----END PGP SIGNATURE----- # gpg: Signature made Tue 11 Oct 2022 04:27:42 EDT # gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83 # gpg: issuer "pbonzini@redhat.com" # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full] # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [full] # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * tag 'for-upstream' of https://gitlab.com/bonzini/qemu: (37 commits) linux-user: i386/signal: support XSAVE/XRSTOR for signal frame fpstate linux-user: i386/signal: support FXSAVE fpstate on 32-bit emulation linux-user: i386/signal: move fpstate at the end of the 32-bit frames KVM: x86: Implement MSR_CORE_THREAD_COUNT MSR i386: kvm: Add support for MSR filtering x86: Implement MSR_CORE_THREAD_COUNT MSR target/i386: Enable TARGET_TB_PCREL target/i386: Inline gen_jmp_im target/i386: Add cpu_eip target/i386: Create eip_cur_tl target/i386: Merge gen_jmp_tb and gen_goto_tb into gen_jmp_rel target/i386: Remove MemOp argument to gen_op_j*_ecx target/i386: Use gen_jmp_rel for DISAS_TOO_MANY target/i386: Use gen_jmp_rel for gen_jcc target/i386: Use gen_jmp_rel for loop, repz, jecxz insns target/i386: Create gen_jmp_rel target/i386: Use DISAS_TOO_MANY to exit after gen_io_start target/i386: Create eip_next_* target/i386: Truncate values for lcall_real to i32 target/i386: Introduce DISAS_JUMP ... Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2022-10-10kvm: allow target-specific accelerator propertiesPaolo Bonzini
Several hypervisor capabilities in KVM are target-specific. When exposed to QEMU users as accelerator properties (i.e. -accel kvm,prop=value), they should not be available for all targets. Add a hook for targets to add their own properties to -accel kvm, for now no such property is defined. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-Id: <20220929072014.20705-3-chenyi.qiang@intel.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-10-06dump: Replace opaque DumpState pointer with a typed oneJanosch Frank
It's always better to convey the type of a pointer if at all possible. So let's add the DumpState typedef to typedefs.h and move the dump note functions from the opaque pointers to DumpState pointers. Signed-off-by: Janosch Frank <frankja@linux.ibm.com> CC: Peter Maydell <peter.maydell@linaro.org> CC: Cédric Le Goater <clg@kaod.org> CC: Daniel Henrique Barboza <danielhb413@gmail.com> CC: David Gibson <david@gibson.dropbear.id.au> CC: Greg Kurz <groug@kaod.org> CC: Palmer Dabbelt <palmer@dabbelt.com> CC: Alistair Francis <alistair.francis@wdc.com> CC: Bin Meng <bin.meng@windriver.com> CC: Cornelia Huck <cohuck@redhat.com> CC: Thomas Huth <thuth@redhat.com> CC: Richard Henderson <richard.henderson@linaro.org> CC: David Hildenbrand <david@redhat.com> Acked-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20220811121111.9878-2-frankja@linux.ibm.com>
2022-10-04accel/tcg: Introduce tb_pc and log_pcRichard Henderson
The availability of tb->pc will shortly be conditional. Introduce accessor functions to minimize ifdefs. Pass around a known pc to places like tcg_gen_code, where the caller must already have the value. Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2022-10-04hw/core: Add CPUClass.get_pcRichard Henderson
Populate this new method for all targets. Always match the result that would be given by cpu_get_tb_cpu_state, as we will want these values to correspond in the logs. Reviewed-by: Taylor Simpson <tsimpson@quicinc.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> (target/sparc) Signed-off-by: Richard Henderson <richard.henderson@linaro.org> --- Cc: Eduardo Habkost <eduardo@habkost.net> (supporter:Machine core) Cc: Marcel Apfelbaum <marcel.apfelbaum@gmail.com> (supporter:Machine core) Cc: "Philippe Mathieu-Daudé" <f4bug@amsat.org> (reviewer:Machine core) Cc: Yanan Wang <wangyanan55@huawei.com> (reviewer:Machine core) Cc: Michael Rolnik <mrolnik@gmail.com> (maintainer:AVR TCG CPUs) Cc: "Edgar E. Iglesias" <edgar.iglesias@gmail.com> (maintainer:CRIS TCG CPUs) Cc: Taylor Simpson <tsimpson@quicinc.com> (supporter:Hexagon TCG CPUs) Cc: Song Gao <gaosong@loongson.cn> (maintainer:LoongArch TCG CPUs) Cc: Xiaojuan Yang <yangxiaojuan@loongson.cn> (maintainer:LoongArch TCG CPUs) Cc: Laurent Vivier <laurent@vivier.eu> (maintainer:M68K TCG CPUs) Cc: Jiaxun Yang <jiaxun.yang@flygoat.com> (reviewer:MIPS TCG CPUs) Cc: Aleksandar Rikalo <aleksandar.rikalo@syrmia.com> (reviewer:MIPS TCG CPUs) Cc: Chris Wulff <crwulff@gmail.com> (maintainer:NiosII TCG CPUs) Cc: Marek Vasut <marex@denx.de> (maintainer:NiosII TCG CPUs) Cc: Stafford Horne <shorne@gmail.com> (odd fixer:OpenRISC TCG CPUs) Cc: Yoshinori Sato <ysato@users.sourceforge.jp> (reviewer:RENESAS RX CPUs) Cc: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> (maintainer:SPARC TCG CPUs) Cc: Bastian Koppelmann <kbastian@mail.uni-paderborn.de> (maintainer:TriCore TCG CPUs) Cc: Max Filippov <jcmvbkbc@gmail.com> (maintainer:Xtensa TCG CPUs) Cc: qemu-arm@nongnu.org (open list:ARM TCG CPUs) Cc: qemu-ppc@nongnu.org (open list:PowerPC TCG CPUs) Cc: qemu-riscv@nongnu.org (open list:RISC-V TCG CPUs) Cc: qemu-s390x@nongnu.org (open list:S390 TCG CPUs)