aboutsummaryrefslogtreecommitdiff
path: root/target
AgeCommit message (Collapse)Author
2024-07-26ppc: Add a core_index to CPUPPCState for SMT vCPUsNicholas Piggin
The way SMT thread siblings are matched is clunky, using hard-coded logic that checks the PIR SPR. Change that to use a new core_index variable in the CPUPPCState, where all siblings have the same core_index. CPU realize routines have flexibility in setting core/sibling topology. Reviewed-by: Cédric Le Goater <clg@redhat.com> Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
2024-07-26target/ppc: Move SPR indirect registers into PnvCoreNicholas Piggin
SPRC/SPRD were recently added to all BookS CPUs supported, but they are only tested on POWER9 and POWER10, so restrict them to those CPUs. SPR indirect scratch registers presently replicated per-CPU like SMT SPRs, but the PnvCore is a better place for them since they are restricted to P9/P10. Also add SPR indirect read access to core thread state for POWER9 since skiboot accesses that when booting to check for big-core mode. Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
2024-07-26ppc/pnv: Move timebase state into PnvCoreNicholas Piggin
The timebase state machine is per per-core state and can be driven by any thread in the core. It is currently implemented as a hack where the state is in a CPU structure and only thread 0's state is accessed by the chiptod, which limits programming the timebase side of the state machine to thread 0 of a core. Move the state out into PnvCore and share it among all threads. Reviewed-by: Harsh Prateek Bora <harshpb@linux.ibm.com> Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
2024-07-26target/ppc: Fix msgsnd for POWER8Nicholas Piggin
POWER8 (ISA v2.07S) introduced the doorbell facility, the msgsnd instruction behaved mostly like msgsndp, it was addressed by TIR and could only send interrupts between threads on the core. ISA v3.0 changed msgsnd to be addressed by PIR and can interrupt any thread in the system. msgsnd only implements the v3.0 semantics, which can make multi-threaded POWER8 hang when booting Linux (due to IPIs failing). This change adds v2.07 semantics. Reviewed-by: Cédric Le Goater <clg@redhat.com> Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
2024-07-26target/ppc/cpu_init: Synchronize HASHPKEYR with KVM for migrationShivaprasad G Bhat
The patch enables HASHPKEYR migration by hooking with the "KVM one reg" ID KVM_REG_PPC_HASHPKEYR. Signed-off-by: Shivaprasad G Bhat <sbhat@linux.ibm.com> Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
2024-07-26target/ppc/cpu_init: Synchronize HASHKEYR with KVM for migrationShivaprasad G Bhat
The patch enables HASHKEYR migration by hooking with the "KVM one reg" ID KVM_REG_PPC_HASHKEYR. Signed-off-by: Shivaprasad G Bhat <sbhat@linux.ibm.com> Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
2024-07-26target/ppc/cpu_init: Synchronize DEXCR with KVM for migrationShivaprasad G Bhat
The patch enables DEXCR migration by hooking with the "KVM one reg" ID KVM_REG_PPC_DEXCR. Signed-off-by: Shivaprasad G Bhat <sbhat@linux.ibm.com> Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
2024-07-26target/ppc/arch_dump: set prstatus pid to cpuidOmar Sandoval
Every other architecture does this, and debuggers need it to be able to identify which prstatus note corresponds to which CPU. Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Harsh Prateek Bora <harshpb@linux.ibm.com> Signed-off-by: Omar Sandoval <osandov@osandov.com> Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
2024-07-26target/ppc: handle vcpu hotplug failure gracefullyHarsh Prateek Bora
On ppc64, the PowerVM hypervisor runs with limited memory and a VCPU creation during hotplug may fail during kvm_ioctl for KVM_CREATE_VCPU, leading to termination of guest since errp is set to &error_fatal while calling kvm_init_vcpu. This unexpected behaviour can be avoided by pre-creating and parking vcpu on success or return error otherwise. This enables graceful error delivery for any vcpu hotplug failures while the guest can keep running. Also introducing KVM AccelCPUClass to init cpu_target_realize for kvm. Tested OK by repeatedly doing a hotplug/unplug of vcpus as below: #virsh setvcpus hotplug 40 #virsh setvcpus hotplug 70 error: internal error: unable to execute QEMU command 'device_add': kvmppc_cpu_realize: vcpu hotplug failed with -12 Signed-off by: Harsh Prateek Bora <harshpb@linux.ibm.com> Reported-by: Anushree Mathur <anushree.mathur@linux.vnet.ibm.com> Suggested-by: Shivaprasad G Bhat <sbhat@linux.ibm.com> Suggested-by: Vaibhav Jain <vaibhav@linux.ibm.com> Tested-by: Anushree Mathur <anushree.mathur@linux.vnet.ibm.com> Reviewed-by: Nicholas Piggin <npiggin@gmail.com> Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
2024-07-25Merge tag 'bsd-user-for-9.1-pull-request' of gitlab.com:bsdimp/qemu into stagingRichard Henderson
bsd-user: Misc changes for 9.1 (I hope) V2: Add missing bsd-user/aarch64/target.h This patch series includes two main sets of patches. To make it simple to review, I've included the changes from my student which the later changes depend on. I've included a change from Jessica and Doug as well. I've reviewed them, but more eyes never hurt. I've also included a number of 'touch up' patches needed either to get the aarch64 building, or to implmement suggestions from prior review cycles. The main one is what's charitably described as a kludge: force aarch64 to use 4k pages. The qemu-project (and blitz branch) hasn't had the necessary changes to bsd-user needed to support variable page size. Sorry this is so late... Live has conspired to delay me. # -----BEGIN PGP SIGNATURE----- # Comment: GPGTools - https://gpgtools.org # # iQIzBAABCgAdFiEEIDX4lLAKo898zeG3bBzRKH2wEQAFAmahejwACgkQbBzRKH2w # EQCXuQ/+Pj1Izmox/y9X1trn1T8KC7JdMtimdLiGMaS4C6+gcThXJkIB4l9ZStbV # 7rI540mpqVf0KSRLYwc2/ATyhYU7Ffsz02WPn7Xn/NvmmITp4kjw9Z0gd7C7mPVq # fS8DJbTyFQDy5dO8FUKLaTfnlYQe+NCnL421t9wFkIrlEepFygRaBaJN5yWVoC+0 # 1Ob6dG+JEV5BmNguMufvvI3S7nEFEnSBGpNqW3ljrRHAZjdNhv8d9GBYbj1laR1r # HQ6r5+u4ZmKCuUbchS0jxGkug0DjuQC7iq+rQ/7fhLYLChkPZ4P2RxNv8ibzKjEV # wlTy5LaM+WZNzKWdcHfDFMomeSnnUkOOfAMipMney2jedEjTIwCFDnP4zCAuG83V # RbdXWfleP1rDto3AQ765pFneqm3+su2Dh4TKaTSnq6gd1eORJ2IL8dubCfcVwZCy # TofemXPWh0HX3kwlD9IB9rqplQZFL78TkQ47btftxinHCLCQOOHRDPVG0IahQPjo # pgK4yVH7WA7pWV2Xbo4ngG3sX5U1TyBCbfkkAwhq+P3gjnU8zxonx8Tk/qLeEDdH # KEypi/pkGFQKZY0wc/y4XM+XQh6E1l8gMaQ4gJWK1qlyVtUKM1BiNQ2lweohYzC8 # p6WAfBQLPpzY4mDWfJMF6DsgObLwWmYbgKzuOtHgST1D/Ebk3Zo= # =RPuN # -----END PGP SIGNATURE----- # gpg: Signature made Thu 25 Jul 2024 08:03:40 AM AEST # gpg: using RSA key 2035F894B00AA3CF7CCDE1B76C1CD1287DB01100 # gpg: Good signature from "Warner Losh <wlosh@netflix.com>" [unknown] # gpg: aka "Warner Losh <imp@bsdimp.com>" [unknown] # gpg: aka "Warner Losh <imp@freebsd.org>" [unknown] # gpg: aka "Warner Losh <imp@village.org>" [unknown] # gpg: aka "Warner Losh <wlosh@bsdimp.com>" [unknown] # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 2035 F894 B00A A3CF 7CCD E1B7 6C1C D128 7DB0 1100 * tag 'bsd-user-for-9.1-pull-request' of gitlab.com:bsdimp/qemu: bsd-user: Add target.h for aarch64. bsd-user: Add aarch64 build to tree bsd-user: Make compile for non-linux user-mode stuff bsd-user: Define TARGET_SIGSTACK_ALIGN and use it to round stack bsd-user: Sync fork_start/fork_end with linux-user bsd-user: Hard wire aarch64 to be 4k pages only bsd-user: Simplify the implementation of execve bsd-user:Add AArch64 improvements and signal handling functions bsd-user:Add set_mcontext function for ARM AArch64 bsd-user:Add setup_sigframe_arch function for ARM AArch64 bsd-user:Add get_mcontext function for ARM AArch64 bsd-user:Add ARM AArch64 signal handling support bsd-user:Add ARM AArch64 support and capabilities bsd-user:Add AArch64 register handling and related functions bsd-user:Add CPU initialization and management functions Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-07-24target/loongarch: Fix helper_lddir() a CID INTEGER_OVERFLOW issueSong Gao
When the lddir level is 4 and the base is a HugePage, we may try to put value 4 into a field in the TLBENTRY that is only 2 bits wide. Fixes: Coverity CID 1547717 Fixes: 9c70db9a43388 ("target/loongarch: Fix tlb huge page loading issue") Signed-off-by: Song Gao <gaosong@loongson.cn> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20240724015853.1317396-1-gaosong@loongson.cn>
2024-07-24Merge tag 'hw-misc-20240723' of https://github.com/philmd/qemu into stagingRichard Henderson
Misc HW patch queue - Restrict probe_access*() functions to TCG (Phil) - Extract do_invalidate_device_tlb from vtd_process_device_iotlb_desc (Clément) - Fixes in Loongson IPI model (Bibo & Phil) - Make docs/interop/firmware.json compatible with qapi-gen.py script (Thomas) - Correct MPC I2C MMIO region size (Zoltan) - Remove useless cast in Loongson3 Virt machine (Yao) - Various uses of range overlap API (Yao) - Use ERRP_GUARD macro in nubus_virtio_mmio_realize (Zhao) - Use DMA memory API in Goldfish UART model (Phil) - Expose fifo8_pop_buf and introduce fifo8_drop (Phil) - MAINTAINERS updates (Zhao, Phil) # -----BEGIN PGP SIGNATURE----- # # iQIzBAABCAAdFiEE+qvnXhKRciHc/Wuy4+MsLN6twN4FAmagFF8ACgkQ4+MsLN6t # wN5bKg//f5TwUhsy2ff0FJpHheDOj/9Gc2nZ1U/Fp0E5N3sz3A7MGp91wye6Xwi3 # XG34YN9LK1AVzuCdrEEs5Uaxs1ZS1R2mV+fZaGHwYYxPDdnXxGyp/2Q0eyRxzbcN # zxE2hWscYSZbPVEru4HvZJKfp4XnE1cqA78fJKMAdtq0IPq38tmQNRlJ+gWD9dC6 # ZUHXPFf3DnucvVuwqb0JYO/E+uJpcTtgR6pc09Xtv/HFgMiS0vKZ1I/6LChqAUw9 # eLMpD/5V2naemVadJe98/dL7gIUnhB8GTjsb4ioblG59AO/uojutwjBSQvFxBUUw # U5lX9OSn20ouwcGiqimsz+5ziwhCG0R6r1zeQJFqUxrpZSscq7NQp9ygbvirm+wS # edLc8yTPf4MtYOihzPP9jLPcXPZjEV64gSnJISDDFYWANCrysX3suaFEOuVYPl+s # ZgQYRVSSYOYHgNqBSRkPKKVUxskSQiqLY3SfGJG4EA9Ktt5lD1cLCXQxhdsqphFm # Ws3zkrVVL0EKl4v/4MtCgITIIctN1ZJE9u3oPJjASqSvK6EebFqAJkc2SidzKHz0 # F3iYX2AheWNHCQ3HFu023EvFryjlxYk95fs2f6Uj2a9yVbi813qsvd3gcZ8t0kTT # +dmQwpu1MxjzZnA6838R6OCMnC+UpMPqQh3dPkU/5AF2fc3NnN8= # =J/I2 # -----END PGP SIGNATURE----- # gpg: Signature made Wed 24 Jul 2024 06:36:47 AM AEST # gpg: using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE # gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [full] * tag 'hw-misc-20240723' of https://github.com/philmd/qemu: (28 commits) MAINTAINERS: Add myself as a reviewer of machine core MAINTAINERS: Cover guest-agent in QAPI schema util/fifo8: Introduce fifo8_drop() util/fifo8: Expose fifo8_pop_buf() util/fifo8: Rename fifo8_pop_buf() -> fifo8_pop_bufptr() util/fifo8: Rename fifo8_peek_buf() -> fifo8_peek_bufptr() util/fifo8: Use fifo8_reset() in fifo8_create() util/fifo8: Fix style chardev/char-fe: Document returned value on error hw/char/goldfish: Use DMA memory API hw/nubus/virtio-mmio: Fix missing ERRP_GUARD() in realize handler dump: make range overlap check more readable crypto/block-luks: make range overlap check more readable system/memory_mapping: make range overlap check more readable sparc/ldst_helper: make range overlap check more readable cxl/mailbox: make range overlap check more readable util/range: Make ranges_overlap() return bool hw/mips/loongson3_virt: remove useless type cast hw/i2c/mpc_i2c: Fix mmio region size docs/interop/firmware.json: convert "Example" section ... Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-07-24Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into stagingRichard Henderson
* target/i386/kvm: support for reading RAPL MSRs using a helper program * hpet: emulation improvements # -----BEGIN PGP SIGNATURE----- # # iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmaelL4UHHBib256aW5p # QHJlZGhhdC5jb20ACgkQv/vSX3jHroMXoQf+K77lNlHLETSgeeP3dr7yZPOmXjjN # qFY/18jiyLw7MK1rZC09fF+n9SoaTH8JDKupt0z9M1R10HKHLIO04f8zDE+dOxaE # Rou3yKnlTgFPGSoPPFr1n1JJfxtYlLZRoUzaAcHUaa4W7JR/OHJX90n1Rb9MXeDk # jV6P0v1FWtIDdM6ERm9qBGoQdYhj6Ra2T4/NZKJFXwIhKEkxgu4yO7WXv8l0dxQz # jE4fKotqAvrkYW1EsiVZm30lw/19duhvGiYeQXoYhk8KKXXjAbJMblLITSNWsCio # 3l6Uud/lOxekkJDAq5nH3H9hCBm0WwvwL+0vRf3Mkr+/xRGvrhtmUdp8NQ== # =00mB # -----END PGP SIGNATURE----- # gpg: Signature made Tue 23 Jul 2024 03:19:58 AM AEST # gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83 # gpg: issuer "pbonzini@redhat.com" # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full] # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [full] * tag 'for-upstream' of https://gitlab.com/bonzini/qemu: hpet: avoid timer storms on periodic timers hpet: store full 64-bit target value of the counter hpet: accept 64-bit reads and writes hpet: place read-only bits directly in "new_val" hpet: remove unnecessary variable "index" hpet: ignore high bits of comparator in 32-bit mode hpet: fix and cleanup persistence of interrupt status Add support for RAPL MSRs in KVM/Qemu tools: build qemu-vmsr-helper qio: add support for SO_PEERCRED for socket channel target/i386: do not crash if microvm guest uses SGX CPUID leaves Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-07-23sparc/ldst_helper: make range overlap check more readableYao Xingtao
use ranges_overlap() instead of open-coding the overlap check to improve the readability of the code. Signed-off-by: Yao Xingtao <yaoxt.fnst@fujitsu.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Message-ID: <20240722040742.11513-9-yaoxt.fnst@fujitsu.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
2024-07-23bsd-user: Make compile for non-linux user-mode stuffWarner Losh
We include the files that define PR_MTE_TCF_SHIFT only on Linux, but use them unconditionally. Restrict its use to Linux-only. "It's ugly, but it's not actually wrong." Signed-off-by: Warner Losh <imp@bsdimp.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
2024-07-23bsd-user: Hard wire aarch64 to be 4k pages onlyWarner Losh
Only support 4k pages for aarch64 binaries. The variable page size stuff isn't working just yet, so put in this lessor-of-evils kludge until that is complete. Signed-off-by: Warner Losh <imp@bsdimp.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
2024-07-23Merge tag 'pull-tcg-20240723' of https://gitlab.com/rth7680/qemu into stagingRichard Henderson
accel/tcg: Export set/clear_helper_retaddr target/arm: Use set_helper_retaddr for dc_zva, sve and sme target/ppc: Tidy dcbz helpers target/ppc: Use set_helper_retaddr for dcbz target/s390x: Use set_helper_retaddr in mem_helper.c # -----BEGIN PGP SIGNATURE----- # # iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAmafJKIdHHJpY2hhcmQu # aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV+FBAf7Bup+karxeGHZx2rN # cPeF248bcCWTxBWHK7dsYze4KqzsrlNIJlPeOKErU2bbbRDZGhOp1/N95WVz+P8V # 6Ny63WTsAYkaFWKxE6Jf0FWJlGw92btk75pTV2x/TNZixg7jg0vzVaYkk0lTYc5T # m5e4WycYEbzYm0uodxI09i+wFvpd+7WCnl6xWtlJPWZENukvJ36Ss43egFMDtuMk # vTJuBkS9wpwZ9MSi6EY6M+Raieg8bfaotInZeDvE/yRPNi7CwrA7Dgyc1y626uBA # joGkYRLzhRgvT19kB3bvFZi1AXa0Pxr+j0xJqwspP239Gq5qezlS5Bv/DrHdmGHA # jaqSwg== # =XgUE # -----END PGP SIGNATURE----- # gpg: Signature made Tue 23 Jul 2024 01:33:54 PM AEST # gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F # gpg: issuer "richard.henderson@linaro.org" # gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [ultimate] * tag 'pull-tcg-20240723' of https://gitlab.com/rth7680/qemu: target/riscv: Simplify probing in vext_ldff target/s390x: Use set/clear_helper_retaddr in mem_helper.c target/s390x: Use user_or_likely in access_memmove target/s390x: Use user_or_likely in do_access_memset target/ppc: Improve helper_dcbz for user-only target/ppc: Merge helper_{dcbz,dcbzep} target/ppc: Split out helper_dbczl for 970 target/ppc: Hoist dcbz_size out of dcbz_common target/ppc/mem_helper.c: Remove a conditional from dcbz_common() target/arm: Use set/clear_helper_retaddr in SVE and SME helpers target/arm: Use set/clear_helper_retaddr in helper-a64.c accel/tcg: Move {set,clear}_helper_retaddr to cpu_ldst.h Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-07-23Merge tag 'pull-maintainer-9.1-rc0-230724-1' of ↵Richard Henderson
https://gitlab.com/stsquad/qemu into staging Maintainer updates for testing, gdbstub, semihosting, plugins - bump python in *BSD images via libvirt-ci - remove old unused Leon3 Avocado test - re-factor gdb command extension - add stoptrigger plugin to contrib - ensure plugin mem callbacks properly sized - reduce check-tcg noise of inline plugin test - fix register dumping in execlog plugin - restrict semihosting to TCG builds - fix regex in MTE test # -----BEGIN PGP SIGNATURE----- # # iQEzBAABCgAdFiEEZoWumedRZ7yvyN81+9DbCVqeKkQFAmae5OcACgkQ+9DbCVqe # KkR8cgf/eM2Sm7EG7zIQ8SbY53DS07ls6uT7Mfn4374GEmj4Cy1I+WNoLGM5vq1r # qWAC9q2LgJVMQoWJA6Fi3SCKiylBp3/jIdJ7CWN5qj/NmePHSV3EisQXf2qOWWL9 # qOX2hJI7IIYNI2v3IvCzN/fB8F8U60iXERFHRypBH2p6Mz+EGMC3CEhesOEUta6o # 2IMkRW8MoDv9x4B+FnNYav6CfqZjhRenu1CGgVGvWYRds2QDVNB/14kOunmBuwSs # gPb7AhhnpobDYVxMarlJNPMbOdFjtDkYCajCNW7ffLcl+OjhoVR6cJcFpbOMv4kZ # 8Nok8aDjUDWwUbmU0rBynca+1k8OTg== # =TjRc # -----END PGP SIGNATURE----- # gpg: Signature made Tue 23 Jul 2024 09:01:59 AM AEST # gpg: using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44 # gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [full] * tag 'pull-maintainer-9.1-rc0-230724-1' of https://gitlab.com/stsquad/qemu: tests/tcg/aarch64: Fix test-mte.py semihosting: Restrict to TCG target/xtensa: Restrict semihosting to TCG target/riscv: Restrict semihosting to TCG target/mips: Restrict semihosting to TCG target/m68k: Restrict semihosting to TCG target/mips: Add semihosting stub target/m68k: Add semihosting stub semihosting: Include missing 'gdbstub/syscalls.h' header plugins/execlog.c: correct dump of registers values tests/plugins: use qemu_plugin_outs for inline stats plugins: fix mem callback array size plugins/stoptrigger: TCG plugin to stop execution under conditions gdbstub: Re-factor gdb command extensions tests/avocado: Remove non-working sparc leon3 test testing: bump to latest libvirt-ci Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-07-23target/riscv: Simplify probing in vext_ldffRichard Henderson
The current pairing of tlb_vaddr_to_host with extra is either inefficient (user-only, with page_check_range) or incorrect (system, with probe_pages). For proper non-fault behaviour, use probe_access_flags with its nonfault parameter set to true. Reviewed-by: Max Chou <max.chou@sifive.com> Acked-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-07-23target/s390x: Use set/clear_helper_retaddr in mem_helper.cRichard Henderson
Avoid a race condition with munmap in another thread. For access_memset and access_memmove, manage the value within the helper. For uses of access_{get,set}_byte, manage the value across the for loops. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-07-23target/s390x: Use user_or_likely in access_memmoveRichard Henderson
Invert the conditional, indent the block, and use the macro that expands to true for user-only. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-07-23target/s390x: Use user_or_likely in do_access_memsetRichard Henderson
Eliminate the ifdef by using a predicate that is always true with CONFIG_USER_ONLY. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-07-23target/ppc: Improve helper_dcbz for user-onlyRichard Henderson
Mark the reserve_addr check unlikely. Use tlb_vaddr_to_host instead of probe_write, relying on the memset itself to test for page writability. Use set/clear_helper_retaddr so that we can properly unwind on segfault. With this, a trivial loop around guest memset will no longer spend nearly 25% of runtime within page_get_flags. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-07-23target/ppc: Merge helper_{dcbz,dcbzep}Richard Henderson
Merge the two and pass the mmu_idx directly from translation. Swap the argument order in dcbz_common to avoid extra swaps. Reviewed-by: Nicholas Piggin <npiggin@gmail.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-07-23target/ppc: Split out helper_dbczl for 970Richard Henderson
We can determine at translation time whether the insn is or is not dbczl. We must retain a runtime check against the HID5 register, but we can move that to a separate function that never affects other ppc models. Reviewed-by: Nicholas Piggin <npiggin@gmail.com> Reviewed-by: BALATON Zoltan <balaton@eik.bme.hu> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-07-23target/ppc: Hoist dcbz_size out of dcbz_commonRichard Henderson
The 970 logic does not apply to dcbzep, which is an e500 insn. Reviewed-by: Nicholas Piggin <npiggin@gmail.com> Reviewed-by: BALATON Zoltan <balaton@eik.bme.hu> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-07-23target/ppc/mem_helper.c: Remove a conditional from dcbz_common()BALATON Zoltan
Instead of passing a bool and select a value within dcbz_common() let the callers pass in the right value to avoid this conditional statement. On PPC dcbz is often used to zero memory and some code uses it a lot. This change improves the run time of a test case that copies memory with a dcbz call in every iteration from 6.23 to 5.83 seconds. Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu> Message-Id: <20240622204833.5F7C74E6000@zero.eik.bme.hu> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Nicholas Piggin <npiggin@gmail.com>
2024-07-23target/arm: Use set/clear_helper_retaddr in SVE and SME helpersRichard Henderson
Avoid a race condition with munmap in another thread. Use around blocks that exclusively use "host_fn". Keep the blocks as small as possible, but without setting and clearing for every operation on one page. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-07-23target/arm: Use set/clear_helper_retaddr in helper-a64.cRichard Henderson
Use these in helper_dc_dva and the FEAT_MOPS routines to avoid a race condition with munmap in another thread. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-07-22Add support for RAPL MSRs in KVM/QemuAnthony Harivel
Starting with the "Sandy Bridge" generation, Intel CPUs provide a RAPL interface (Running Average Power Limit) for advertising the accumulated energy consumption of various power domains (e.g. CPU packages, DRAM, etc.). The consumption is reported via MSRs (model specific registers) like MSR_PKG_ENERGY_STATUS for the CPU package power domain. These MSRs are 64 bits registers that represent the accumulated energy consumption in micro Joules. They are updated by microcode every ~1ms. For now, KVM always returns 0 when the guest requests the value of these MSRs. Use the KVM MSR filtering mechanism to allow QEMU handle these MSRs dynamically in userspace. To limit the amount of system calls for every MSR call, create a new thread in QEMU that updates the "virtual" MSR values asynchronously. Each vCPU has its own vMSR to reflect the independence of vCPUs. The thread updates the vMSR values with the ratio of energy consumed of the whole physical CPU package the vCPU thread runs on and the thread's utime and stime values. All other non-vCPU threads are also taken into account. Their energy consumption is evenly distributed among all vCPUs threads running on the same physical CPU package. To overcome the problem that reading the RAPL MSR requires priviliged access, a socket communication between QEMU and the qemu-vmsr-helper is mandatory. You can specified the socket path in the parameter. This feature is activated with -accel kvm,rapl=true,path=/path/sock.sock Actual limitation: - Works only on Intel host CPU because AMD CPUs are using different MSR adresses. - Only the Package Power-Plane (MSR_PKG_ENERGY_STATUS) is reported at the moment. Signed-off-by: Anthony Harivel <aharivel@redhat.com> Link: https://lore.kernel.org/r/20240522153453.1230389-4-aharivel@redhat.com Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2024-07-22target/s390x: filter deprecated properties based on model expansion typeCollin Walling
Currently, there is no way to execute the query-cpu-model-expansion command to retrieve a comprehenisve list of deprecated properties, as the result is dependent per-model. To enable this, the expansion output is modified as such: When reporting a "full" CPU model, show the *entire* list of deprecated properties regardless if they are supported on the model. A full expansion outputs all known CPU model properties anyway, so it makes sense to report all deprecated properties here too. This allows management apps to query a single model (e.g. host) to acquire the full list of deprecated properties. Additionally, when reporting a "static" CPU model, the command will only show deprecated properties that are a subset of the model's *enabled* properties. This is more accurate than how the query was handled before, which blindly reported deprecated properties that were never otherwise introduced for certain models. Acked-by: David Hildenbrand <david@redhat.com> Suggested-by: Jiri Denemark <jdenemar@redhat.com> Signed-off-by: Collin Walling <walling@linux.ibm.com> Message-ID: <20240719181741.35146-1-walling@linux.ibm.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
2024-07-22target/xtensa: Restrict semihosting to TCGPhilippe Mathieu-Daudé
The semihosting feature depends on TCG (due to the probe_access API access). Although TCG is the single accelerator currently available for the xtensa target, use the Kconfig "imply" directive which is more correct (if we were to support a different accel). Reported-by: Anton Johansson <anjo@rev.ng> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Message-Id: <20240717105723.58965-8-philmd@linaro.org> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Message-Id: <20240718094523.1198645-15-alex.bennee@linaro.org>
2024-07-22target/riscv: Restrict semihosting to TCGPhilippe Mathieu-Daudé
Semihosting currently uses the TCG probe_access API. To prepare for encoding the TCG dependency in Kconfig, do not enable it unless TCG is available. Suggested-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Anton Johansson <anjo@rev.ng> Message-Id: <20240717105723.58965-7-philmd@linaro.org> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Message-Id: <20240718094523.1198645-14-alex.bennee@linaro.org>
2024-07-22target/mips: Restrict semihosting to TCGPhilippe Mathieu-Daudé
Semihosting currently uses the TCG probe_access API. To prepare for encoding the TCG dependency in Kconfig, do not enable it unless TCG is available. Suggested-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Anton Johansson <anjo@rev.ng> Message-Id: <20240717105723.58965-6-philmd@linaro.org> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Message-Id: <20240718094523.1198645-13-alex.bennee@linaro.org>
2024-07-22target/m68k: Restrict semihosting to TCGPhilippe Mathieu-Daudé
The semihosting feature depends on TCG (due to the probe_access API access). Although TCG is the single accelerator currently available for the m68k target, use the Kconfig "imply" directive which is more correct (if we were to support a different accel). Reported-by: Anton Johansson <anjo@rev.ng> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Message-Id: <20240717105723.58965-5-philmd@linaro.org> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Message-Id: <20240718094523.1198645-12-alex.bennee@linaro.org>
2024-07-22target/mips: Add semihosting stubPhilippe Mathieu-Daudé
Since the SEMIHOSTING feature is optional, we need a stub to link when it is disabled. Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Message-Id: <20240717105723.58965-4-philmd@linaro.org> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Message-Id: <20240718094523.1198645-11-alex.bennee@linaro.org>
2024-07-22target/m68k: Add semihosting stubPhilippe Mathieu-Daudé
Since the SEMIHOSTING feature is optional, we need a stub to link when it is disabled. Suggested-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Message-Id: <20240717105723.58965-3-philmd@linaro.org> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Message-Id: <20240718094523.1198645-10-alex.bennee@linaro.org>
2024-07-22gdbstub: Re-factor gdb command extensionsAlex Bennée
Coverity reported a memory leak (CID 1549757) in this code and its admittedly rather clumsy handling of extending the command table. Instead of handing over a full array of the commands lets use the lighter weight GPtrArray and simply test for the presence of each entry as we go. This avoids complications of transferring ownership of arrays and keeps the final command entries as static entries in the target code. Cc: Akihiko Odaki <akihiko.odaki@daynix.com> Cc: Gustavo Bueno Romero <gustavo.romero@linaro.org> Cc: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Gustavo Romero <gustavo.romero@linaro.org> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Message-Id: <20240718094523.1198645-4-alex.bennee@linaro.org>
2024-07-19target/loongarch/gdbstub: Add vector registers supportSong Gao
GDB already support LoongArch vector extension[1], QEMU gdb adds LoongArch vector registers support, so that users can use 'info all-registers' to get all vector registers values. [1]: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=1e9569f383a3d5a88ee07d0c2401bd95613c222e Signed-off-by: Song Gao <gaosong@loongson.cn> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewd-by: Bibo Mao <maobibo@loongson.cn> Message-Id: <20240711024454.3075183-1-gaosong@loongson.cn>
2024-07-19Merge tag 'pull-target-arm-20240718' of ↵Richard Henderson
https://git.linaro.org/people/pmaydell/qemu-arm into staging target-arm queue: * Fix handling of LDAPR/STLR with negative offset * LDAPR should honour SCTLR_ELx.nAA * Use float_status copy in sme_fmopa_s * hw/display/bcm2835_fb: fix fb_use_offsets condition * hw/arm/smmuv3: Support and advertise nesting * Use FPST_F16 for SME FMOPA (widening) * tests/arm-cpu-features: Do not assume PMU availability * hvf: arm: Do not advance PC when raising an exception # -----BEGIN PGP SIGNATURE----- # # iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmaZFlUZHHBldGVyLm1h # eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3iJuEACtVh1Wp93XMsL3llAZkQlx # DUCnDCvAM2qiiTIMOqPQzeKTIkRV9aFh1YWzOtMFKai6UkBU6p1b4bPqb5SIr99G # Ayps4+WzAHsjTqBGEpIIDWL6GqMwv9azBnRAYNb+Cg9O3SzEnCdGOKCfGYTXXPRz # zQ1NIgqZSUC5jg3XgkU22J3VMsOUWijbzxnGXhOyemSIEhREl+t6Ns3ca3n47/jk # JIw1g6o0mpefPPkaLq6ftVwpn1L63iYQugn4VCrIhtIoOM8vmnShbI9/GwzL4AYk # n28nwPl948Xby13kCYmu6Slt8Rmm7M33pBDJzsVtbaeBSd44XHrov8Y1+e1FhAco # lxrWY/2rG9HiWKGLdAeCKwVxB186DKiTmuK7lcN+eBu3VbOLjDiVE0d1bK4HqGyc # nzA/Aq81Y9p5Z7wzX40sVFlq0j1pQDQWk6GgPfMA4ueHKEEobxC3C+k1q9m02gjQ # qesOFzViiGe0j7JER84qqcatIaTk09xfbXL/uMZx8oP/iKa1pyMUx2blChXOXVTx # oGkO2h3/QCpRIos8d8WM/bso16EkpraInM4748iumSLuxDxTwiIikK/hpsCLDwUN # dLsH/hAMz+yQOFubFoRt4IlsGVnk5asmTDMb4S8RojdF2KzHuzbJMgdEOe62631g # IOAc7Tn3TIm5MpAxXOXgJA== # =/aEm # -----END PGP SIGNATURE----- # gpg: Signature made Thu 18 Jul 2024 11:19:17 PM AEST # gpg: using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE # gpg: issuer "peter.maydell@linaro.org" # gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [full] # gpg: aka "Peter Maydell <pmaydell@gmail.com>" [full] # gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [full] # gpg: aka "Peter Maydell <peter@archaic.org.uk>" [unknown] * tag 'pull-target-arm-20240718' of https://git.linaro.org/people/pmaydell/qemu-arm: (26 commits) hvf: arm: Do not advance PC when raising an exception tests/arm-cpu-features: Do not assume PMU availability tests/tcg/aarch64: Add test cases for SME FMOPA (widening) target/arm: Use FPST_F16 for SME FMOPA (widening) target/arm: Use float_status copy in sme_fmopa_s hw/arm/smmu: Refactor SMMU OAS hw/arm/smmuv3: Support and advertise nesting hw/arm/smmuv3: Handle translation faults according to SMMUPTWEventInfo hw/arm/smmuv3: Support nested SMMUs in smmuv3_notify_iova() hw/arm/smmu: Support nesting in the rest of commands hw/arm/smmu: Introduce smmu_iotlb_inv_asid_vmid hw/arm/smmu: Support nesting in smmuv3_range_inval() hw/arm/smmu-common: Support nested translation hw/arm/smmu-common: Add support for nested TLB hw/arm/smmu-common: Rework TLB lookup for nesting hw/arm/smmuv3: Translate CD and TT using stage-2 table hw/arm/smmu: Introduce CACHED_ENTRY_TO_ADDR hw/arm/smmu: Consolidate ASID and VMID types hw/arm/smmu: Split smmuv3_translate() hw/arm/smmu: Use enum for SMMU stage ... Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-07-18hvf: arm: Do not advance PC when raising an exceptionAkihiko Odaki
hvf did not advance PC when raising an exception for most unhandled system registers, but it mistakenly advanced PC when raising an exception for GICv3 registers. Cc: qemu-stable@nongnu.org Fixes: a2260983c655 ("hvf: arm: Add support for GICv3") Signed-off-by: Akihiko Odaki <akihiko.odaki@daynix.com> Message-id: 20240716-pmu-v3-4-8c7c1858a227@daynix.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2024-07-18target/arm: Use FPST_F16 for SME FMOPA (widening)Richard Henderson
This operation has float16 inputs and thus must use the FZ16 control not the FZ control. Cc: qemu-stable@nongnu.org Fixes: 3916841ac75 ("target/arm: Implement FMOPA, FMOPS (widening)") Reported-by: Daniyal Khan <danikhan632@gmail.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Message-id: 20240717060149.204788-3-richard.henderson@linaro.org Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2374 Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2024-07-18target/arm: Use float_status copy in sme_fmopa_sDaniyal Khan
We made a copy above because the fp exception flags are not propagated back to the FPST register, but then failed to use the copy. Cc: qemu-stable@nongnu.org Fixes: 558e956c719 ("target/arm: Implement FMOPA, FMOPS (non-widening)") Signed-off-by: Daniyal Khan <danikhan632@gmail.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Message-id: 20240717060149.204788-2-richard.henderson@linaro.org [rth: Split from a larger patch] Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2024-07-18target/arm: LDAPR should honour SCTLR_ELx.nAAPeter Maydell
In commit c1a1f80518d360b when we added the FEAT_LSE2 relaxations to the alignment requirements for atomic and ordered loads and stores, we didn't quite get it right for LDAPR/LDAPRH/LDAPRB with no immediate offset. These instructions were handled in the old decoder as part of disas_ldst_atomic(), but unlike all the other insns that function decoded (LDADD, LDCLR, etc) these insns are "ordered", not "atomic", so they should be using check_ordered_align() rather than check_atomic_align(). Commit c1a1f80518d360b used check_atomic_align() regardless for everything in disas_ldst_atomic(). We then carried that incorrect check over in the decodetree conversion, where LDAPR/LDAPRH/LDAPRB are now handled by trans_LDAPR(). The effect is that when FEAT_LSE2 is implemented, these instructions don't honour the SCTLR_ELx.nAA bit and will generate alignment faults when they should not. (The LDAPR insns with an immediate offset were in disas_ldst_ldapr_stlr() and then in trans_LDAPR_i() and trans_STLR_i(), and have always used the correct check_ordered_align().) Use check_ordered_align() in trans_LDAPR(). Cc: qemu-stable@nongnu.org Fixes: c1a1f80518d360b ("target/arm: Relax ordered/atomic alignment checks for LSE2") Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20240709134504.3500007-3-peter.maydell@linaro.org
2024-07-18target/arm: Fix handling of LDAPR/STLR with negative offsetPeter Maydell
When we converted the LDAPR/STLR instructions to decodetree we accidentally introduced a regression where the offset is negative. The 9-bit immediate field is signed, and the old hand decoder correctly used sextract32() to get it out of the insn word, but the ldapr_stlr_i pattern in the decode file used "imm:9" instead of "imm:s9", so it treated the field as unsigned. Fix the pattern to treat the field as a signed immediate. Cc: qemu-stable@nongnu.org Fixes: 2521b6073b7 ("target/arm: Convert LDAPR/STLR (imm) to decodetree") Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2419 Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20240709134504.3500007-2-peter.maydell@linaro.org
2024-07-18Merge tag 'pull-riscv-to-apply-20240718-1' of ↵Richard Henderson
https://github.com/alistair23/qemu into staging RISC-V PR for 9.1 * Support the zimop, zcmop, zama16b and zabha extensions * Validate the mode when setting vstvec CSR * Add decode support for Zawrs extension * Update the KVM regs to Linux 6.10-rc5 * Add smcntrpmf extension support * Raise an exception when CSRRS/CSRRC writes a read-only CSR * Re-insert and deprecate 'riscv,delegate' in virt machine device tree * roms/opensbi: Update to v1.5 # -----BEGIN PGP SIGNATURE----- # # iQIzBAABCAAdFiEEaukCtqfKh31tZZKWr3yVEwxTgBMFAmaYeUcACgkQr3yVEwxT # gBMtdw//U2NbmnmECa0uXuE7fdFul0tUkl2oHb9Cr8g5Se5g/HVFqexAKOFZ8Lcm # DvTl94zJ2dms4RntcmJHwTIusa+oU6qqOekediotjgpeH4BHZNCOHe0E9hIAHn9F # uoJ1P186L7VeVr7OFAAgSCE7F6egCk7iC0h8L8/vuL4xcuyfbZ2r7ybiTl1+45N2 # YBBv5/00wsYnyMeqRYYtyqgX9QR017JRqNSfTJSbKxhQM/L1GA1xxisUvIGeyDqc # Pn8E3dMN6sscR6bPs4RP+SBi0JIlRCgth/jteSUkbYf42osw3/5sl4oK/e6Xiogo # SjELOF7QJNxE8H6EUIScDaCVB5ZhvELZcuOL2NRdUuVDkjhWXM633HwfEcXkZdFK # W/H9wOvNxPAJIOGXOpv10+MLmhdyIOZwE0uk6evHvdcTn3FP9DurdUCc1se0zKOA # Qg/H6usTbLGNQ7KKTNQ6GpQ6u89iE1CIyZqYVvB1YuF5t7vtAmxvNk3SVZ6aq3VL # lPJW2Zd1eO09Q+kRnBVDV7MV4OJrRNsU+ryd91NrSVo9aLADtyiNC28dCSkjU3Gn # 6YQZt65zHuhH5IBB/PGIPo7dLRT8KNWOiYVoy3c6p6DC6oXsKIibh0ue1nrVnnVQ # NRqyxPYaj6P8zzqwTk+iJj36UXZZVtqPIhtRu9MrO6Opl2AbsXI= # =pM6B # -----END PGP SIGNATURE----- # gpg: Signature made Thu 18 Jul 2024 12:09:11 PM AEST # gpg: using RSA key 6AE902B6A7CA877D6D659296AF7C95130C538013 # gpg: Good signature from "Alistair Francis <alistair@alistair23.me>" [unknown] # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 6AE9 02B6 A7CA 877D 6D65 9296 AF7C 9513 0C53 8013 * tag 'pull-riscv-to-apply-20240718-1' of https://github.com/alistair23/qemu: (30 commits) roms/opensbi: Update to v1.5 hw/riscv/virt.c: re-insert and deprecate 'riscv,delegate' target/riscv: raise an exception when CSRRS/CSRRC writes a read-only CSR target/riscv: Expose the Smcntrpmf config target/riscv: Do not setup pmu timer if OF is disabled target/riscv: More accurately model priv mode filtering. target/riscv: Start counters from both mhpmcounter and mcountinhibit target/riscv: Enforce WARL behavior for scounteren/hcounteren target/riscv: Save counter values during countinhibit update target/riscv: Implement privilege mode filtering for cycle/instret target/riscv: Only set INH fields if priv mode is available target/riscv: Add cycle & instret privilege mode filtering support target/riscv: Add cycle & instret privilege mode filtering definitions target/riscv: Add cycle & instret privilege mode filtering properties target/riscv: Fix the predicate functions for mhpmeventhX CSRs target/riscv: Combine set_mode and set_virt functions. target/riscv/kvm: update KVM regs to Linux 6.10-rc5 disas/riscv: Add decode for Zawrs extension target/riscv: Validate the mode in write_vstvec disas/riscv: Support zabha disassemble ... Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2024-07-18target/riscv: raise an exception when CSRRS/CSRRC writes a read-only CSRYu-Ming Chang
Both CSRRS and CSRRC always read the addressed CSR and cause any read side effects regardless of rs1 and rd fields. Note that if rs1 specifies a register holding a zero value other than x0, the instruction will still attempt to write the unmodified value back to the CSR and will cause any attendant side effects. So if CSRRS or CSRRC tries to write a read-only CSR with rs1 which specifies a register holding a zero value, an illegal instruction exception should be raised. Signed-off-by: Yu-Ming Chang <yumin686@andestech.com> Signed-off-by: Alvin Chang <alvinga@andestech.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Message-ID: <172100444279.18077.6893072378718059541-0@git.sr.ht> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2024-07-18target/riscv: Expose the Smcntrpmf configAtish Patra
Create a new config for Smcntrpmf extension so that it can be enabled/ disabled from the qemu commandline. Signed-off-by: Atish Patra <atishp@rivosinc.com> Acked-by: Alistair Francis <alistair.francis@wdc.com> Message-ID: <20240711-smcntrpmf_v7-v8-13-b7c38ae7b263@rivosinc.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2024-07-18target/riscv: Do not setup pmu timer if OF is disabledAtish Patra
The timer is setup function is invoked in both hpmcounter write and mcountinhibit write path. If the OF bit set, the LCOFI interrupt is disabled. There is no benefitting in setting up the qemu timer until LCOFI is cleared to indicate that interrupts can be fired again. Reviewed-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com> Signed-off-by: Atish Patra <atishp@rivosinc.com> Message-ID: <20240711-smcntrpmf_v7-v8-12-b7c38ae7b263@rivosinc.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2024-07-18target/riscv: More accurately model priv mode filtering.Rajnesh Kanwal
In case of programmable counters configured to count inst/cycles we often end-up with counter not incrementing at all from kernel's perspective. For example: - Kernel configures hpm3 to count instructions and sets hpmcounter to -10000 and all modes except U mode are inhibited. - In QEMU we configure a timer to expire after ~10000 instructions. - Problem is, it's often the case that kernel might not even schedule Umode task and we hit the timer callback in QEMU. - In the timer callback we inject the interrupt into kernel, kernel runs the handler and reads hpmcounter3 value. - Given QEMU maintains individual counters to count for each privilege mode, and given umode never ran, the umode counter didn't increment and QEMU returns same value as was programmed by the kernel when starting the counter. - Kernel checks for overflow using previous and current value of the counter and reprograms the counter given there wasn't an overflow as per the counter value. (Which itself is a problem. We have QEMU telling kernel that counter3 overflowed but the counter value returned by QEMU doesn't seem to reflect that.). This change makes sure that timer is reprogrammed from the handler if the counter didn't overflow based on the counter value. Second, this change makes sure that whenever the counter is read, it's value is updated to reflect the latest count. Signed-off-by: Rajnesh Kanwal <rkanwal@rivosinc.com> Reviewed-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com> Message-ID: <20240711-smcntrpmf_v7-v8-11-b7c38ae7b263@rivosinc.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>