aboutsummaryrefslogtreecommitdiff
path: root/target
AgeCommit message (Collapse)Author
2019-01-21target/arm: Add PAuth helpersRichard Henderson
The cryptographic internals are stubbed out for now, but the enable and trap bits are checked. Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 20190108223129.5570-6-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21target/arm: Introduce raise_exception_raRichard Henderson
This path uses cpu_loop_exit_restore to unwind current processor state. Suggested-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 20190108223129.5570-5-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21target/arm: Add PAuth active bit to tbflagsRichard Henderson
There are 5 bits of state that could be added, but to save space within tbflags, add only a single enable bit. Helpers will determine the rest of the state at runtime. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20190108223129.5570-4-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21target/arm: Add SCTLR bits through ARMv8.5Richard Henderson
Post v8.4 bits taken from SysReg_v85_xml-00bet8. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20190108223129.5570-3-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21target/arm: Add state for the ARMv8.3-PAuth extensionRichard Henderson
Add storage space for the 5 encryption keys. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20190108223129.5570-2-richard.henderson@linaro.org [PMM: use 0xf rather than -1 in FIELD_DP64() expressions to avoid clang warnings about implicit truncation from int to bitfield changing the value] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-21target/arm: Allow Aarch32 exception return to switch from Mon->HypAlexander Graf
In U-boot, we switch from S-SVC -> Mon -> Hyp mode when we want to enter Hyp mode. The change into Hyp mode is done by doing an exception return from Mon. This doesn't work with current QEMU. The problem is that in bad_mode_switch() we refuse to allow the change of mode. Note that bad_mode_switch() is used to do validation for two situations: (1) changes to mode by instructions writing to CPSR.M (ie not exception take/return) -- this corresponds to the Armv8 Arm ARM pseudocode Arch32.WriteModeByInstr (2) changes to mode by exception return Attempting to enter or leave Hyp mode via case (1) is forbidden in v8 and UNPREDICTABLE in v7, and QEMU is correct to disallow it there. However, we're already doing that check at the top of the bad_mode_switch() function, so if that passes then we should allow the case (2) exception return mode changes to switch into Hyp mode. We want to test whether we're trying to return to the nonexistent "secure Hyp" mode, so we need to look at arm_is_secure_below_el3() rather than arm_is_secure(), since the latter is always true if we're in Mon (EL3). Signed-off-by: Alexander Graf <agraf@suse.de> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 20190109152430.32359-1-agraf@suse.de [PMM: rewrote commit message] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-18s390x: Return specification exception for unimplemented diag 308 subcodesJanosch Frank
The architecture specifies specification exceptions for all unavailable subcodes. The presence of subcodes is indicated by checking some query subcode. For example 6 will indicate that 3-6 are available. So future systems might call new subcodes to check for new features. This should not trigger a hw error, instead we return the architectured specification exception. Signed-off-by: Janosch Frank <frankja@linux.ibm.com> Cc: qemu-stable@nongnu.org Message-Id: <20190111113657.66195-3-frankja@linux.ibm.com> Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com> Reviewed-by: David Hildenbrand <david@redhat.com> Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2019-01-14i386/kvm: add a comment explaining why .feat_names are commented out for ↵Vitaly Kuznetsov
Hyper-V feature bits Hyper-V .feat_names are, unlike hardware features, commented out and it is not obvious why we do that. Document the current status quo. Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com> Message-Id: <20181221141604.16935-1-vkuznets@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2019-01-14x86: host-phys-bits-limit optionEduardo Habkost
Some downstream distributions of QEMU set host-phys-bits=on by default. This worked very well for most use cases, because phys-bits really didn't have huge consequences. The only difference was on the CPUID data seen by guests, and on the handling of reserved bits. This changed in KVM commit 855feb673640 ("KVM: MMU: Add 5 level EPT & Shadow page table support"). Now choosing a large phys-bits value for a VM has bigger impact: it will make KVM use 5-level EPT even when it's not really necessary. This means using the host phys-bits value may not be the best choice. Management software could address this problem by manually configuring phys-bits depending on the size of the VM and the amount of MMIO address space required for hotplug. But this is not trivial to implement. However, there's another workaround that would work for most cases: keep using the host phys-bits value, but only if it's smaller than 48. This patch makes this possible by introducing a new "-cpu" option: "host-phys-bits-limit". Management software or users can make sure they will always use 4-level EPT using: "host-phys-bits=on,host-phys-bits-limit=48". This behavior is still not enabled by default because QEMU doesn't enable host-phys-bits=on by default. But users, management software, or downstream distributions may choose to change their defaults using the new option. Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Message-Id: <20181211192527.13254-1-ehabkost@redhat.com> [ehabkost: removed test code while some issues are addressed] Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2019-01-14target/i386: Disable MPX support on named CPU modelsPaolo Bonzini
MPX support is being phased out by Intel; GCC has dropped it, Linux is also going to do that. Even though KVM will have special code to support MPX after the kernel proper stops enabling it in XCR0, we probably also want to deprecate that in a few years. As a start, do not enable it by default for any named CPU model starting with the 4.0 machine types; this include Skylake, Icelake and Cascadelake. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-Id: <20181220121100.21554-1-pbonzini@redhat.com> Reviewed-by:   Wainer dos Santos Moschetta <wainersm@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2019-01-14target-i386: Reenable RDTSCP support on Opteron_G[345] CPU models CPU modelsBorislav Petkov
The missing functionality was added ~3 years ago with the Linux commit 46896c73c1a4 ("KVM: svm: add support for RDTSCP") so reenable RDTSCP support on those CPU models. Opteron_G2 - being family 15, model 6, doesn't have RDTSCP support (the real hardware doesn't have it. K8 got RDTSCP support with the NPT models, i.e., models >= 0x40). Document the host's minimum required kernel version, while at it. Signed-off-by: Borislav Petkov <bp@suse.de> Message-ID: <20181212200803.GG6653@zn.tnic> [ehabkost: moved compat properties code to pc.c] Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2019-01-14i386/kvm: expose HV_CPUID_ENLIGHTMENT_INFO.EAX and ↵Vitaly Kuznetsov
HV_CPUID_NESTED_FEATURES.EAX as feature words It was found that QMP users of QEMU (e.g. libvirt) may need HV_CPUID_ENLIGHTMENT_INFO.EAX/HV_CPUID_NESTED_FEATURES.EAX information. In particular, 'hv_tlbflush' and 'hv_evmcs' enlightenments are only exposed in HV_CPUID_ENLIGHTMENT_INFO.EAX. HV_CPUID_NESTED_FEATURES.EAX is exposed for two reasons: convenience (we don't need to export it from hyperv_handle_properties() and as future-proof for Enlightened MSR-Bitmap, PV EPT invalidation and direct virtual flush features. Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com> Message-Id: <20181126135958.20956-1-vkuznets@redhat.com> Reviewed-by: Roman Kagan <rkagan@virtuozzo.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2019-01-14Merge remote-tracking branch ↵Peter Maydell
'remotes/palmer/tags/riscv-for-master-3.2-part2' into staging RISC-V Updates for 3.2, Part 2 This patch set contains a handful of Michael's CSR-related cleanups, which should allow us to proceed with more outstanding bug fixes that depend on them. Additionally, there is a patch that turns on USB. This works for me when the kernel has the appropriate drivers (which will soon be in defconfig) and I pass -device usb-ehci -drive id=my_usb_disk,file=usbdisk.img,if=none,format=raw -device usb-storage,drive=my_usb_disk to QEMU. # gpg: Signature made Fri 11 Jan 2019 18:05:02 GMT # gpg: using RSA key EF4CA1502CCBAB41 # gpg: Good signature from "Palmer Dabbelt <palmer@dabbelt.com>" # gpg: aka "Palmer Dabbelt <palmer@sifive.com>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 00CE 76D1 8349 60DF CE88 6DF8 EF4C A150 2CCB AB41 * remotes/palmer/tags/riscv-for-master-3.2-part2: default-configs: Enable USB support for RISC-V machines RISC-V: Implement existential predicates for CSRs RISC-V: Implement atomic mip/sip CSR updates RISC-V: Implement modular CSR helper interface Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-11avoid TABs in files that only contain a fewPaolo Bonzini
Most files that have TABs only contain a handful of them. Change them to spaces so that we don't confuse people. disas, standard-headers, linux-headers and libdecnumber are imported from other projects and probably should be exempted from the check. Outside those, after this patch the following files still contain both 8-space and TAB sequences at the beginning of the line. Many of them have a majority of TABs, or were initially committed with all tabs. bsd-user/i386/target_syscall.h bsd-user/x86_64/target_syscall.h crypto/aes.c hw/audio/fmopl.c hw/audio/fmopl.h hw/block/tc58128.c hw/display/cirrus_vga.c hw/display/xenfb.c hw/dma/etraxfs_dma.c hw/intc/sh_intc.c hw/misc/mst_fpga.c hw/net/pcnet.c hw/sh4/sh7750.c hw/timer/m48t59.c hw/timer/sh_timer.c include/crypto/aes.h include/disas/bfd.h include/hw/sh4/sh.h libdecnumber/decNumber.c linux-headers/asm-generic/unistd.h linux-headers/linux/kvm.h linux-user/alpha/target_syscall.h linux-user/arm/nwfpe/double_cpdo.c linux-user/arm/nwfpe/fpa11_cpdt.c linux-user/arm/nwfpe/fpa11_cprt.c linux-user/arm/nwfpe/fpa11.h linux-user/flat.h linux-user/flatload.c linux-user/i386/target_syscall.h linux-user/ppc/target_syscall.h linux-user/sparc/target_syscall.h linux-user/syscall.c linux-user/syscall_defs.h linux-user/x86_64/target_syscall.h slirp/cksum.c slirp/if.c slirp/ip.h slirp/ip_icmp.c slirp/ip_icmp.h slirp/ip_input.c slirp/ip_output.c slirp/mbuf.c slirp/misc.c slirp/sbuf.c slirp/socket.c slirp/socket.h slirp/tcp_input.c slirp/tcpip.h slirp/tcp_output.c slirp/tcp_subr.c slirp/tcp_timer.c slirp/tftp.c slirp/udp.c slirp/udp.h target/cris/cpu.h target/cris/mmu.c target/cris/op_helper.c target/sh4/helper.c target/sh4/op_helper.c target/sh4/translate.c tcg/sparc/tcg-target.inc.c tests/tcg/cris/check_addo.c tests/tcg/cris/check_moveq.c tests/tcg/cris/check_swap.c tests/tcg/multiarch/test-mmap.c ui/vnc-enc-hextile-template.h ui/vnc-enc-zywrle.h util/envlist.c util/readline.c The following have only TABs: bsd-user/i386/target_signal.h bsd-user/sparc64/target_signal.h bsd-user/sparc64/target_syscall.h bsd-user/sparc/target_signal.h bsd-user/sparc/target_syscall.h bsd-user/x86_64/target_signal.h crypto/desrfb.c hw/audio/intel-hda-defs.h hw/core/uboot_image.h hw/sh4/sh7750_regnames.c hw/sh4/sh7750_regs.h include/hw/cris/etraxfs_dma.h linux-user/alpha/termbits.h linux-user/arm/nwfpe/fpopcode.h linux-user/arm/nwfpe/fpsr.h linux-user/arm/syscall_nr.h linux-user/arm/target_signal.h linux-user/cris/target_signal.h linux-user/i386/target_signal.h linux-user/linux_loop.h linux-user/m68k/target_signal.h linux-user/microblaze/target_signal.h linux-user/mips64/target_signal.h linux-user/mips/target_signal.h linux-user/mips/target_syscall.h linux-user/mips/termbits.h linux-user/ppc/target_signal.h linux-user/sh4/target_signal.h linux-user/sh4/termbits.h linux-user/sparc64/target_syscall.h linux-user/sparc/target_signal.h linux-user/x86_64/target_signal.h linux-user/x86_64/termbits.h pc-bios/optionrom/optionrom.h slirp/mbuf.h slirp/misc.h slirp/sbuf.h slirp/tcp.h slirp/tcp_timer.h slirp/tcp_var.h target/i386/svm.h target/sparc/asi.h target/xtensa/core-dc232b/xtensa-modules.inc.c target/xtensa/core-dc233c/xtensa-modules.inc.c target/xtensa/core-de212/core-isa.h target/xtensa/core-de212/xtensa-modules.inc.c target/xtensa/core-fsf/xtensa-modules.inc.c target/xtensa/core-sample_controller/core-isa.h target/xtensa/core-sample_controller/xtensa-modules.inc.c target/xtensa/core-test_kc705_be/core-isa.h target/xtensa/core-test_kc705_be/xtensa-modules.inc.c tests/tcg/cris/check_abs.c tests/tcg/cris/check_addc.c tests/tcg/cris/check_addcm.c tests/tcg/cris/check_addoq.c tests/tcg/cris/check_bound.c tests/tcg/cris/check_ftag.c tests/tcg/cris/check_int64.c tests/tcg/cris/check_lz.c tests/tcg/cris/check_openpf5.c tests/tcg/cris/check_sigalrm.c tests/tcg/cris/crisutils.h tests/tcg/cris/sys.c tests/tcg/i386/test-i386-ssse3.c ui/vgafont.h Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-Id: <20181213223737.11793-3-pbonzini@redhat.com> Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Wainer dos Santos Moschetta <wainersm@redhat.com> Acked-by: Richard Henderson <richard.henderson@linaro.org> Acked-by: Eric Blake <eblake@redhat.com> Acked-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Stefan Markovic <smarkovic@wavecomp.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-01-11qemu/queue.h: leave head structs anonymous unless necessaryPaolo Bonzini
Most list head structs need not be given a name. In most cases the name is given just in case one is going to use QTAILQ_LAST, QTAILQ_PREV or reverse iteration, but this does not apply to lists of other kinds, and even for QTAILQ in practice this is only rarely needed. In addition, we will soon reimplement those macros completely so that they do not need a name for the head struct. So clean up everything, not giving a name except in the rare case where it is necessary. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-01-11hax: Support for Linux hostsAlexandro Sanchez Bach
Intel HAXM supports now 32-bit and 64-bit Linux hosts. This patch includes the corresponding userland changes. Since the Darwin userland backend is POSIX-compliant, the hax-darwin.{c,h} files have been renamed to hax-posix.{c,h}. This prefix is consistent with the naming used in the rest of QEMU. Signed-off-by: Alexandro Sanchez Bach <asanchez@kryptoslogic.com> Message-Id: <20181115013331.65820-1-asanchez@kryptoslogic.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-01-09RISC-V: Implement existential predicates for CSRsMichael Clark
CSR predicate functions are added to the CSR table. mstatus.FS and counter enable checks are moved to predicate functions and two new predicates are added to check misa.S for s* CSRs and a new PMP CPU feature for pmp* CSRs. Processors that don't implement S-mode will trap on access to s* CSRs and processors that don't implement PMP will trap on accesses to pmp* CSRs. PMP checks are disabled in riscv_cpu_handle_mmu_fault when the PMP CPU feature is not present. Signed-off-by: Michael Clark <mjc@sifive.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Palmer Dabbelt <palmer@sifive.com>
2019-01-09RISC-V: Implement atomic mip/sip CSR updatesMichael Clark
Use the new CSR read/modify/write interface to implement atomic updates to mip/sip. Signed-off-by: Michael Clark <mjc@sifive.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Palmer Dabbelt <palmer@sifive.com>
2019-01-09ppc: replace the 'Object *intc' by a 'ICPState *icp' pointer under the CPUCédric Le Goater
Now that the 'intc' pointer is only used by the XICS interrupt mode, let's make things clear and use a XICS type and name. Signed-off-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-01-09ppc/xive: introduce a XiveTCTX pointer under PowerPCCPUCédric Le Goater
which will be used by the machine only when the XIVE interrupt mode is in use. Signed-off-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-01-09target/ppc: replace AVR* macros with Vsr* macrosMark Cave-Ayland
Now that the VMX and VSR register sets have been combined, the same macros can be used to access both AVR and VSR field members. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-01-09target/ppc: move FP and VMX registers into aligned vsr register arrayMark Cave-Ayland
The VSX register array is a block of 64 128-bit registers where the first 32 registers consist of the existing 64-bit FP registers extended to 128-bit using new VSR registers, and the last 32 registers are the VMX 128-bit registers as show below: 64-bit 64-bit +--------------------+--------------------+ | FP0 | | VSR0 +--------------------+--------------------+ | FP1 | | VSR1 +--------------------+--------------------+ | ... | ... | ... +--------------------+--------------------+ | FP30 | | VSR30 +--------------------+--------------------+ | FP31 | | VSR31 +--------------------+--------------------+ | VMX0 | VSR32 +-----------------------------------------+ | VMX1 | VSR33 +-----------------------------------------+ | ... | ... +-----------------------------------------+ | VMX30 | VSR62 +-----------------------------------------+ | VMX31 | VSR63 +-----------------------------------------+ In order to allow for future conversion of VSX instructions to use TCG vector operations, recreate the same layout using an aligned version of the existing vsr register array. Since the old fpr and avr register arrays are removed, the existing callers must also be updated to use the correct offset in the vsr register array. This also includes switching the relevant VMState fields over to using subarrays to make sure that migration is preserved. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Acked-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-01-09target/ppc: merge ppc_vsr_t and ppc_avr_t union typesMark Cave-Ayland
Since the VSX registers are actually a superset of the VMX registers then they can be represented by the same type. Merge ppc_avr_t into ppc_vsr_t and change ppc_avr_t to be a simple typedef alias. Note that due to a difference in the naming of the float32 member between ppc_avr_t and ppc_vsr_t, references to the ppc_avr_t f member must be replaced with f32 instead. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Acked-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-01-09target/ppc: switch FPR, VMX and VSX helpers to access data directly from cpu_envMark Cave-Ayland
Instead of accessing the FPR, VMX and VSX registers through static arrays of TCGv_i64 globals, remove them and change the helpers to load/store data directly within cpu_env. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Acked-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-01-09target/ppc: introduce get_cpu_vsr{l,h}() and set_cpu_vsr{l,h}() helpers for ↵Mark Cave-Ayland
VSR register access These helpers allow us to move VSR register values to/from the specified TCGv_i64 argument. To prevent VSX helpers accessing the cpu_vsr array directly, add extra TCG temporaries as required. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Acked-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-01-09target/ppc: introduce get_avr64() and set_avr64() helpers for VMX register ↵Mark Cave-Ayland
access These helpers allow us to move AVR register values to/from the specified TCGv_i64 argument. To prevent VMX helpers accessing the cpu_avr{l,h} arrays directly, add extra TCG temporaries as required. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Acked-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-01-09target/ppc: introduce get_fpr() and set_fpr() helpers for FP register accessMark Cave-Ayland
These helpers allow us to move FP register values to/from the specified TCGv_i64 argument in the VSR helpers to be introduced shortly. To prevent FP helpers accessing the cpu_fpr array directly, add extra TCG temporaries as required. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Acked-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-01-09target/ppc: switch EXTRACT_HELPER macros over to use sextract32/extract32Mark Cave-Ayland
These ensure that we consistently handle signed and unsigned extensions correctly when decoding immediates from instruction opcodes. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-01-09target/ppc: fix typo in SIMM5 extraction helperMark Cave-Ayland
As the macro name suggests, the argument should be signed and not unsigned. Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-01-08RISC-V: Implement modular CSR helper interfaceMichael Clark
Previous CSR code uses csr_read_helper and csr_write_helper to update CSR registers however this interface prevents atomic read/modify/write CSR operations; in addition there is no trap-free method to access to CSRs due to the monolithic CSR functions call longjmp. The current iCSR interface is not safe to be called by target/riscv/gdbstub.c as privilege checks or missing CSRs may call longjmp to generate exceptions. It needs to indicate existence so traps can be generated in the CSR instruction helpers. This commit moves CSR access from the monolithic switch statements in target/riscv/op_helper.c into modular read/write functions in target/riscv/csr.c using a new function pointer table for dispatch (which can later be used to allow CPUs to hook up model specific CSRs). A read/modify/write interface is added to support atomic CSR operations and a non-trapping interface is added to allow exception-free access to CSRs by the debugger. The CSR functions and CSR dispatch table are ordered to match The RISC-V Instruction Set Manual, Volume II: Privileged Architecture Version 1.10, 2.2 CSR Listing. An API is added to allow derived cpu instances to modify or implement new CSR operations. Signed-off-by: Michael Clark <mjc@sifive.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Palmer Dabbelt <palmer@sifive.com>
2019-01-08target/alpha: Fix user-only initialization of fpcrRichard Henderson
When the representation of fpcr was changed, the user-only initialization was not updated to match. Oops. Fixes: f3d3aad4a92 Fixes: https://bugs.launchpad.net/bugs/1701835 Reported-by: Bruno Haible <bruno@clisp.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2019-01-07Merge remote-tracking branch ↵Peter Maydell
'remotes/pmaydell/tags/pull-target-arm-20190107' into staging target-arm queue: * Support u-boot 'noload' images for Arm (as used by NetBSD/evbarm GENERIC kernel) * hw/misc/tz-mpc: Fix value of BLK_MAX register * target/arm: Emit barriers for A32/T32 load-acquire/store-release insns * nRF51 SoC: add timer, GPIO, RNG peripherals * hw/arm/allwinner-a10: Add the 'A' SRAM and the SRAM controller * cpus.c: Fix race condition in cpu_stop_current() * hw/arm: versal: Plug memory leaks * Allow M profile boards to run even if -kernel not specified * gdbstub: Add multiprocess extension support for use when the board has multiple CPUs of different types (like the Xilinx Zynq boards) * target/arm: Don't decode S bit in SVE brk[ab] merging insns * target/arm: Convert ARM_TBFLAG_* to FIELDs # gpg: Signature made Mon 07 Jan 2019 16:29:52 GMT # gpg: using RSA key 3C2525ED14360CDE # gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" # gpg: aka "Peter Maydell <pmaydell@gmail.com>" # gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" # Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83 15CF 3C25 25ED 1436 0CDE * remotes/pmaydell/tags/pull-target-arm-20190107: (37 commits) Support u-boot noload images for arm as used by, NetBSD/evbarm GENERIC kernel. hw/misc/tz-mpc: Fix value of BLK_MAX register target/arm: Emit barriers for A32/T32 load-acquire/store-release insns arm: Add Clock peripheral stub to NRF51 SOC tests/microbit-test: Add Tests for nRF51 Timer arm: Instantiate NRF51 Timers hw/timer/nrf51_timer: Add nRF51 Timer peripheral tests/microbit-test: Add Tests for nRF51 GPIO arm: Instantiate NRF51 general purpose I/O hw/gpio/nrf51_gpio: Add nRF51 GPIO peripheral arm: Instantiate NRF51 random number generator hw/misc/nrf51_rng: Add NRF51 random number generator peripheral arm: Add header to host common definition for nRF51 SOC peripherals qtest: Add set_irq_in command to set IRQ/GPIO level hw/arm/allwinner-a10: Add the 'A' SRAM and the SRAM controller cpus.c: Fix race condition in cpu_stop_current() MAINTAINERS: Add ARM-related files for hw/[misc|input|timer]/ hw/arm: versal: Plug memory leaks Revert "armv7m: Guard against no -kernel argument" arm/xlnx-zynqmp: put APUs and RPUs in separate CPU clusters ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-07target/arm: Emit barriers for A32/T32 load-acquire/store-release insnsPeter Maydell
Now that MTTCG is here, the comment in the 32-bit Arm decoder that "Since the emulation does not have barriers, the acquire/release semantics need no special handling" is no longer true. Emit the correct barriers for the load-acquire/store-release insns, as we already do in the A64 decoder. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Tested-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
2019-01-07target/arm: SVE brk[ab] merging does not have s bitRichard Henderson
While brk[ab] zeroing has a flags setting option, the merging variant does not. Retain the same argument structure, to share expansion but force the flag zero and do not decode bit 22. Reported-by: Laurent Desnogues <laurent.desnogues@gmail.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20181226215003.31438-1-richard.henderson@linaro.org Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-07target/arm: Convert ARM_TBFLAG_* to FIELDsRichard Henderson
Use "register" TBFLAG_ANY to indicate shared state between A32 and A64, and "registers" TBFLAG_A32 & TBFLAG_A64 for fields that are specific to the given cpu state. Move ARM_TBFLAG_BE_DATA to shared state, instead of its current placement within "Bit usage when in AArch32 state". Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-id: 20181218164348.7127-1-richard.henderson@linaro.org [PMM: removed the renaming of BE_DATA flag to BE] Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-07arm: replace instance_post_init()Marc-André Lureau
Replace arm_cpu_post_init() instance callback by calling it from leaf classes, to avoid potential ordering issue with other post_init callbacks. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Suggested-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Acked-by: Eduardo Habkost <ehabkost@redhat.com>
2019-01-07qdev-props: remove errp from GlobalPropertyMarc-André Lureau
All qdev_prop_register_global() set &error_fatal for errp, except '-rtc driftfix=slew', which arguably should also use &error_fatal, as otherwise failing to apply the property would only report a warning. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Cornelia Huck <cohuck@redhat.com> Acked-by: Eduardo Habkost <ehabkost@redhat.com>
2019-01-04Merge remote-tracking branch ↵Peter Maydell
'remotes/amarkovic/tags/mips-queue-december-2018-v3' into staging MIPS queue for December 2018 - v3 # gpg: Signature made Thu 03 Jan 2019 16:53:47 GMT # gpg: using RSA key D4972A8967F75A65 # gpg: Good signature from "Aleksandar Markovic <amarkovic@wavecomp.com>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 8526 FBF1 5DA3 811F 4A01 DD75 D497 2A89 67F7 5A65 * remotes/amarkovic/tags/mips-queue-december-2018-v3: (44 commits) tests/tcg: mips: Test R5900 three-operand MADDU1 tests/tcg: mips: Test R5900 three-operand MADDU tests/tcg: mips: Test R5900 three-operand MADD1 tests/tcg: mips: Test R5900 three-operand MADD disas: nanoMIPS: Add a note on documentation disas: nanoMIPS: Reorder declarations and definitions of gpr decoders disas: nanoMIPS: Comment the decoder of 'gpr1' gpr encoding type disas: nanoMIPS: Rename the decoder of 'gpr1' gpr encoding type disas: nanoMIPS: Comment the decoder of 'gpr2.reg2' gpr encoding type disas: nanoMIPS: Rename the decoder of 'gpr2.reg2' gpr encoding type disas: nanoMIPS: Comment the decoder of 'gpr2.reg1' gpr encoding type disas: nanoMIPS: Rename the decoder of 'gpr2.reg1' gpr encoding type disas: nanoMIPS: Comment the decoder of 'gpr4.zero' gpr encoding type disas: nanoMIPS: Rename the decoder of 'gpr4.zero' gpr encoding type disas: nanoMIPS: Comment the decoder of 'gpr4' gpr encoding type disas: nanoMIPS: Rename the decoder of 'gpr4' gpr encoding type disas: nanoMIPS: Comment the decoder of 'gpr3.src.store' gpr encoding type disas: nanoMIPS: Rename the decoder of 'gpr3.src.store' gpr encoding type disas: nanoMIPS: Comment the decoder of 'gpr3' gpr encoding type disas: nanoMIPS: Rename the decoder of 'gpr3' gpr encoding type ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-01-03target/mips: Support R5900 three-operand MADD1 and MADDU1 instructionsFredrik Noring
The three-operand MADD and MADDU are specific to R5900 cores. Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com> Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com> Signed-off-by: Fredrik Noring <noring@nocrew.org>
2019-01-03target/mips: Support R5900 three-operand MADD and MADDU instructionsPhilippe Mathieu-Daudé
The three-operand MADD and MADDU are specific to Sony R5900 core, and Toshiba TX19/TX39/TX79 cores as well. The "32-Bit TX System RISC TX39 Family Architecture manual" is available at https://wiki.qemu.org/File:DSAE0022432.pdf Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com> Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com> Signed-off-by: Philippe Mathieu-Daudé<f4bug@amsat.org> Signed-off-by: Fredrik Noring <noring@nocrew.org> Tested-by: Fredrik Noring <noring@nocrew.org>
2019-01-03target/mips: MXU: Add handler for an align instructionAleksandar Markovic
Add translation handler for S32ALNI MXU instruction. Reviewed-by: Stefan Markovic <smarkovic@wavecomp.com> Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2019-01-03target/mips: MXU: Add handlers for max/min instructionsAleksandar Markovic
Add translation handlers for six max/min MXU instructions. Reviewed-by: Stefan Markovic <smarkovic@wavecomp.com> Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2019-01-03target/mips: MXU: Add handlers for logic instructionsAleksandar Markovic
Add translation handlers for four logic MXU instructions. It should be noted that there is an error in MXU documentation (dated June 2017) regarding opcodes for this group of instructions. This was confirmed by running tests on hardware, and also by looking up other related public source trees (binutils, Android NDK). In initial MXU patches to QEMU, opcodes for MXU logic instructions were created to be in accordance with the MXU documentation, therefore the error from was propagated. This patch corrects that, changing the involved code. Besides that, as MXU was designed and implemented only for 32-bit CPUs, corresponding preprosessor conditions were added around MXU code, which allows more flexible implementation of MXU handlers. Reviewed-by: Stefan Markovic <smarkovic@wavecomp.com> Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2019-01-03target/mips: MXU: Improve the comment containing MXU overviewAleksandar Markovic
Improve textual description of MXU extension. These are mostly comment formatting changes. Reviewed-by: Stefan Markovic <smarkovic@wavecomp.com> Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2019-01-03target/mips: MXU: Add generic naming for optn2 constantsAleksandar Markovic
Add generic naming involving generig suffixes OPTN0, OPTN1, OPTN2, OPTN3 for four optn2 constants. Existing suffixes WW, LW, HW, XW are not quite appropriate for some instructions using optn2. Reviewed-by: Stefan Markovic <smarkovic@wavecomp.com> Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2019-01-03target/mips: MXU: Add missing opcodes/decoding for LX* instructionsAleksandar Markovic
Add missing opcodes and decoding engine for LXB, LXH, LXW, LXBU, and LXHU instructions. They were for some reason forgotten in previous commits. The MXU opcode list and decoding engine should be now complete. Reviewed-by: Stefan Markovic <smarkovic@wavecomp.com> Signed-off-by: Aleksandar Markovic <amarkovic@wavecomp.com>
2019-01-03Merge remote-tracking branch ↵Peter Maydell
'remotes/palmer/tags/riscv-for-master-3.2-part1' into staging RISC-V Changes for 3.2, Part 1 This pull request contains the first set of RISC-V patches I'd like to target for the 3.2 development cycle. It's really just a collection of bug fixes with one major new feature: PCIe can now be attached to RISC-V guests. This has passed my usual test of booting the latest Linux RC into a Fedora disk image on the virt machine. # gpg: Signature made Fri 21 Dec 2018 16:01:29 GMT # gpg: using RSA key EF4CA1502CCBAB41 # gpg: Good signature from "Palmer Dabbelt <palmer@dabbelt.com>" # gpg: aka "Palmer Dabbelt <palmer@sifive.com>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 00CE 76D1 8349 60DF CE88 6DF8 EF4C A150 2CCB AB41 * remotes/palmer/tags/riscv-for-master-3.2-part1: MAINTAINERS: Mark RISC-V as Supported riscv/cpu: use device_class_set_parent_realize target/riscv/pmp.c: Fix pmp_decode_napot() sifive_uart: Implement interrupt pending register RISC-V: Enable second UART on sifive_e and sifive_u RISC-V: Fix PLIC pending bitfield reads RISC-V: Fix CLINT timecmp low 32-bit writes RISC-V: Add hartid and \n to interrupt logging sifive_u: Set 'clock-frequency' DT property for SiFive UART sifive_u: Add clock DT node for GEM ethernet riscv: Enable VGA and PCIE_VGA hw/riscv/virt: Connect the gpex PCIe hw/riscv/virt: Adjust memory layout spacing hw/riscv/virt: Increase the number of interrupts Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-12-21Changes requirement for "vsubsbs" instructionPaul A. Clarke
Changes requirement for "vsubsbs" instruction, which has been supported since ISA 2.03. (Please see section 5.9.1.2 of ISA 2.03) Reported-by: Paul A. Clarke <pc@us.ibm.com> Signed-off-by: Paul A. Clarke <pc@us.ibm.com> Signed-off-by: Leonardo Bras <leonardo@linux.vnet.ibm.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-12-21target/ppc: use g_new(T, n) instead of g_malloc(sizeof(T) * n)Greg Kurz
Because it is a recommended coding practice (see HACKING). Signed-off-by: Greg Kurz <groug@kaod.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-12-21target/ppc: tcg: Implement addex instructionSuraj Jitindar Singh
Implement the addex instruction introduced in ISA V3.00 in qemu tcg. The add extended using alternate carry bit (addex) instruction performs the same operation as the add extended (adde) instruction, but using the overflow (ov) field in the fixed point exception register (xer) as the carry in and out instead of the carry (ca) field. The instruction has a Z23-form, not an XO form, as follows: ------------------------------------------------------------------ | 31 | RT | RA | RB | CY | 170 | 0 | ------------------------------------------------------------------ 0 6 11 16 21 23 31 32 However since the only valid form of the instruction defined so far is CY = 0, we can treat this like an XO form instruction. There is no dot form (addex.) of the instruction and the summary overflow (so) bit in the xer is not modified by this instruction. For simplicity we reuse the gen_op_arith_add function and add a function argument to specify where the carry in input should come from and the carry out output be stored (note must be the same location). Signed-off-by: Suraj Jitindar Singh <sjitindarsingh@gmail.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>