| Age | Commit message (Collapse) | Author |
|---|
|
When the 'int N' instruction is executed in protected mode, the
pseudocode in the architecture manual specifies that we need to check:
* vector number within IDT limits
* selected IDT descriptor is a valid type (interrupt, trap or task gate)
* if this was a software interrupt then gate DPL < CPL
The way we had structured the code meant that the privilege check for
software interrupts ended up not in the code path taken for task gate
handling, because all of the task gate handling code was in the 'case 5'
of the switch which was checking "is this descriptor a valid type".
Move the task gate handling code out of that switch (so that it is now
purely doing the "valid type?" check) and below the software interrupt
privilege check.
The effect of this missing check was that in a guest userspace binary
executing 'int 8' would cause a guest kernel panic rather than the
userspace binary being handed a SEGV.
This is essentially the same bug fixed in VirtualBox in 2012:
https://www.halfdog.net/Security/2012/VirtualBoxSoftwareInterrupt0x8GuestCrash/
Note that for QEMU this is not a security issue because it is only
present when using TCG.
Fixes: https://bugs.launchpad.net/qemu/+bug/1813201
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20201121224445.16236-1-peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
|
|
'remotes/ehabkost-gl/tags/machine-next-pull-request' into staging
Machine queue, 2020-12-23
Cleanup:
* qdev code cleanup (Eduardo Habkost)
Bug fix:
* hostmem: Free host_nodes list right after visited (Keqian Zhu)
# gpg: Signature made Wed 23 Dec 2020 21:25:58 GMT
# gpg: using RSA key 5A322FD5ABC4D3DBACCFD1AA2807936F984DC5A6
# gpg: issuer "ehabkost@redhat.com"
# gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>" [full]
# Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6
* remotes/ehabkost-gl/tags/machine-next-pull-request:
bugfix: hostmem: Free host_nodes list right after visited
qdev: Avoid unnecessary DeviceState* variable at set_prop_arraylen()
qdev: Rename qdev_get_prop_ptr() to object_field_prop_ptr()
qdev: Move qdev_prop_tpm declaration to tpm_prop.h
qdev: Make qdev_class_add_property() more flexible
qdev: Make PropertyInfo.create return ObjectProperty*
qdev: Move dev->realized check to qdev_property_set()
qdev: Wrap getters and setters in separate helpers
qdev: Add name argument to PropertyInfo.create method
qdev: Add name parameter to qdev_class_add_property()
qdev: Avoid using prop->name unnecessarily
qdev: Get just property name at error_set_from_qdev_prop_error()
sparc: Use DEFINE_PROP for nwindows property
qdev: Reuse DEFINE_PROP in all DEFINE_PROP_* macros
qdev: Move softmmu properties to qdev-properties-system.h
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
into staging
Further s390x updates:
- enhance the s390 devices acceptance test
- tcg: improve carry computation
- qga: send the ccw address with the fsinfo data
- fixes for protected virtualisation and zpci
# gpg: Signature made Tue 22 Dec 2020 10:37:34 GMT
# gpg: using RSA key C3D0D66DC3624FF6A8C018CEDECF6B93C6F02FAF
# gpg: issuer "cohuck@redhat.com"
# gpg: Good signature from "Cornelia Huck <conny@cornelia-huck.de>" [unknown]
# gpg: aka "Cornelia Huck <huckc@linux.vnet.ibm.com>" [full]
# gpg: aka "Cornelia Huck <cornelia.huck@de.ibm.com>" [full]
# gpg: aka "Cornelia Huck <cohuck@kernel.org>" [unknown]
# gpg: aka "Cornelia Huck <cohuck@redhat.com>" [unknown]
# Primary key fingerprint: C3D0 D66D C362 4FF6 A8C0 18CE DECF 6B93 C6F0 2FAF
* remotes/cohuck-gitlab/tags/s390x-20201222:
tests/acceptance: Add a test with the Fedora 31 kernel and initrd
s390x/pci: Fix memory_region_access_valid call
s390x/pci: fix pcistb length
tests/acceptance: Test the virtio-balloon device on s390x
tests/acceptance: Test virtio-rng on s390 via /dev/hwrng
tests/acceptance: Extract the code to clear dmesg and wait for CRW reports
tests/acceptance: test hot(un)plug of ccw devices
target/s390x: Improve SUB LOGICAL WITH BORROW
target/s390x: Improve cc computation for SUBTRACT LOGICAL
target/s390x: Improve ADD LOGICAL WITH CARRY
target/s390x: Improve cc computation for ADD LOGICAL
qga/commands-posix: Send CCW address on s390x with the fsinfo data
MAINTAINERS: move my git tree to gitlab
s390x: pv: Fence additional unavailable SCLP facilities for PV guests
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
staging
QAPI patches patches for 2020-12-19
# gpg: Signature made Sat 19 Dec 2020 09:40:05 GMT
# gpg: using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653
# gpg: issuer "armbru@redhat.com"
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [full]
# gpg: aka "Markus Armbruster <armbru@pond.sub.org>" [full]
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867 4E5F 3870 B400 EB91 8653
* remotes/armbru/tags/pull-qapi-2020-12-19: (33 commits)
qobject: Make QString immutable
block: Use GString instead of QString to build filenames
keyval: Use GString to accumulate value strings
json: Use GString instead of QString to accumulate strings
migration: Replace migration's JSON writer by the general one
qobject: Factor JSON writer out of qobject_to_json()
qobject: Factor quoted_str() out of to_json()
qobject: Drop qstring_get_try_str()
qobject: Drop qobject_get_try_str()
Revert "qobject: let object_property_get_str() use new API"
block: Avoid qobject_get_try_str()
qmp: Fix tracing of non-string command IDs
qobject: Move internals to qobject-internal.h
hw/rdma: Replace QList by GQueue
Revert "qstring: add qstring_free()"
qobject: Change qobject_to_json()'s value to GString
qobject: Use GString instead of QString to accumulate JSON
qobject: Make qobject_to_json_pretty() take a pretty argument
monitor: Use GString instead of QString for output buffer
hmp: Simplify how qmp_human_monitor_command() gets output
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
'remotes/vivier2/tags/linux-user-for-6.0-pull-request' into staging
Add MIPS Loongson 2F/3A
sparc64 bug fix
Implement copy_file_range
Add most IFTUN ioctls
Fix mremap
# gpg: Signature made Fri 18 Dec 2020 10:23:43 GMT
# gpg: using RSA key CD2F75DDC8E3A4DC2E4F5173F30C38BD3F2FBE3C
# gpg: issuer "laurent@vivier.eu"
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" [full]
# gpg: aka "Laurent Vivier <laurent@vivier.eu>" [full]
# gpg: aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" [full]
# Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F 5173 F30C 38BD 3F2F BE3C
* remotes/vivier2/tags/linux-user-for-6.0-pull-request:
linux-user/sparc: Handle tstate in sparc64_get/set_context()
linux-user/sparc: Don't restore %g7 in sparc64_set_context()
linux-user/sparc: Remove unneeded checks of 'err' from sparc64_get_context()
linux-user/sparc: Correct sparc64_get/set_context() FPU handling
linux-user: Add most IFTUN ioctls
linux-user: Implement copy_file_range
docs/user: Display linux-user binaries nicely
linux-user: Add support for MIPS Loongson 2F/3A
linux-user/elfload: Update HWCAP bits from linux 5.7
linux-user/elfload: Introduce MIPS GET_FEATURE_REG_EQU() macro
linux-user/elfload: Introduce MIPS GET_FEATURE_REG_SET() macro
linux-user/elfload: Rename MIPS GET_FEATURE() as GET_FEATURE_INSN()
linux-user/elfload: Move GET_FEATURE macro out of get_elf_hwcap() body
linux-user/mmap.c: check range of mremap result in target address space
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
'remotes/huth-gitlab/tags/pull-request-2020-12-18' into staging
* Compile QEMU with -Wimplicit-fallthrough=2 to avoid bugs in
switch-case statements
# gpg: Signature made Fri 18 Dec 2020 08:19:04 GMT
# gpg: using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg: issuer "thuth@redhat.com"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full]
# gpg: aka "Thomas Huth <thuth@redhat.com>" [full]
# gpg: aka "Thomas Huth <huth@tuxfamily.org>" [full]
# gpg: aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3 EAB9 2ED9 D774 FE70 2DB5
* remotes/huth-gitlab/tags/pull-request-2020-12-18:
configure: Compile with -Wimplicit-fallthrough=2
hw/rtc/twl92230: Add missing 'break'
bsd-user: Silence warnings about missing fallthrough statement
tests/fp: Do not emit implicit-fallthrough warnings in the softfloat tests
tcg/optimize: Add fallthrough annotations
target/sparc/win_helper: silence the compiler warnings
target/sparc/translate: silence the compiler warnings
accel/tcg/user-exec: silence the compiler warnings
hw/intc/arm_gicv3_kvm: silence the compiler warnings
target/i386: silence the compiler warnings in gen_shiftd_rm_T1
hw/timer/renesas_tmr: silence the compiler warnings
hw/rtc/twl92230: Silence warnings about missing fallthrough statements
target/unicore32/translate: Add missing fallthrough annotations
disas/libvixl: Fix fall-through annotation for GCC >= 7
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Now that SUB LOGICAL outputs borrow, we can use that as input directly.
It also means we can re-use CC_OP_SUBU and produce an output borrow
directly from SUB LOGICAL WITH BORROW.
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201214221356.68039-5-richard.henderson@linaro.org>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
|
|
The resulting cc is only dependent on the result and the carry-out.
Carry-out and borrow-out are inverses, so are trivially converted.
With tcg ops, it is easier to compute borrow-out than carry-out, so
save result and borrow-out rather than the inputs.
Borrow-out for 64-bit inputs is had via tcg_gen_sub2_i64 directly
into cc_src. Borrow-out for 32-bit inputs is had via extraction
from a normal 64-bit sub (with zero-extended inputs).
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201214221356.68039-4-richard.henderson@linaro.org>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
|
|
Now that ADD LOGICAL outputs carry, we can use that as input directly.
It also means we can re-use CC_OP_ADDU and produce an output carry
directly from ADD LOGICAL WITH CARRY.
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201214221356.68039-3-richard.henderson@linaro.org>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
|
|
The resulting cc is only dependent on the result and the
carry-out. So save those things rather than the inputs.
Carry-out for 64-bit inputs is had via tcg_gen_add2_i64 directly
into cc_src. Carry-out for 32-bit inputs is had via extraction
from a normal 64-bit add (with zero-extended inputs).
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201214221356.68039-2-richard.henderson@linaro.org>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
|
|
There's no VSIE support for a protected guest, so let's better not
advertise it and its support facilities.
Fixes: c3347ed0d2ee ("s390x: protvirt: Support unpack facility")
Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Message-Id: <20201211105109.2913-1-frankja@linux.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
|
|
Commit 8118f0950f "migration: Append JSON description of migration
stream" needs a JSON writer. The existing qobject_to_json() wasn't a
good fit, because it requires building a QObject to convert. Instead,
migration got its very own JSON writer, in commit 190c882ce2 "QJSON:
Add JSON writer". It tacitly limits numbers to int64_t, and strings
contents to characters that don't need escaping, unlike
qobject_to_json().
The previous commit factored the JSON writer out of qobject_to_json().
Replace migration's JSON writer by it.
Cc: Juan Quintela <quintela@redhat.com>
Cc: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20201211171152.146877-17-armbru@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
|
|
Anywhere we create a list of just one item or by prepending items
(typically because order doesn't matter), we can use
QAPI_LIST_PREPEND(). But places where we must keep the list in order
by appending remain open-coded until later patches.
Note that as a side effect, this also performs a cleanup of two minor
issues in qga/commands-posix.c: the old code was performing
new = g_malloc0(sizeof(*ret));
which 1) is confusing because you have to verify whether 'new' and
'ret' are variables with the same type, and 2) would conflict with C++
compilation (not an actual problem for this file, but makes
copy-and-paste harder).
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20201113011340.463563-5-eblake@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
[Straightforward conflicts due to commit a8aa94b5f8 "qga: update
schema for guest-get-disks 'dependents' field" and commit a10b453a52
"target/mips: Move mips_cpu_add_definition() from helper.c to cpu.c"
resolved. Commit message tweaked.]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
|
|
Every single qdev property setter function manually checks
dev->realized. We can just check dev->realized inside
qdev_property_set() instead.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Acked-by: Paul Durrant <paul@xen.org>
Message-Id: <20201211220529.2290218-24-ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
|
Use the DEFINE_PROP macro (which will set extra fields in the
struct) instead of initializing a Property struct manually.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Acked-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Message-Id: <20201211220529.2290218-18-ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
|
Correctly implement save/restore of the tstate field in
sparc64_get_context() and sparc64_set_context():
* Don't use the CWP value from the guest in set_context
* Construct and save a tstate value rather than leaving
it as zero in get_context
To do this we factor out the "calculate TSTATE value from CPU state"
code from sparc_cpu_do_interrupt() into its own sparc64_tstate()
function; that in turn requires us to move some of the function
prototypes out from inside a CPU_NO_IO_DEFS ifdef guard.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201106152738.26026-5-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
|
|
The handling of the FPU state in sparc64_get_context() and
sparc64_set_context() is not the same as what the kernel actually
does: we unconditionally read and write the FP registers and the
FSR, GSR and FPRS, but the kernel logic is more complicated:
* in get_context the kernel has code for saving FPU registers,
but it is hidden inside an "if (fenab) condition and the
fenab flag is always set to 0 (inside an "#if 1" which has
been in the kernel for over 15 years). So the effect is that
the FPU state part is always written as zeroes.
* in set_context the kernel looks at the fenab field in the
structure from the guest, and only restores the state if
it is set; it also looks at the structure's FPRS to see
whether either the upper or lower or both halves of the
register file have valid data.
Bring our implementations into line with the kernel:
* in get_context:
- clear the entire target_ucontext at the top of the
function (as the kernel does)
- then don't write the FPU state, so those fields remain zero
- this fixes Coverity issue CID 1432305 by deleting the code
it was complaining about
* in set_context:
- check the fenab and the fpsr to decide which parts of
the FPU data to restore, if any
- instead of setting the FPU registers by doing two
32-bit loads and filling in the .upper and .lower parts
of the CPU_Double union separately, just do a 64-bit
load of the whole register at once. This fixes Coverity
issue CID 1432303 because we now access the dregs[] part
of the mcfpu_fregs union rather than the sregs[] part
(which is not large enough to actually cover the whole of
the data, so we were accessing off the end of sregs[])
We change both functions in a single commit to avoid potentially
breaking bisection.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201106152738.26026-2-peter.maydell@linaro.org>
[lv: fix FPRS_DU loop s/31/32/]
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
|
|
When using -Wimplicit-fallthrough in our CFLAGS, the compiler showed warning:
target/sparc/win_helper.c: In function ‘get_gregset’:
target/sparc/win_helper.c:304:9: warning: this statement may fall through [-Wimplicit-fallthrough=]
304 | trace_win_helper_gregset_error(pstate);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
target/sparc/win_helper.c:306:5: note: here
306 | case 0:
| ^~~~
Add the corresponding "fall through" comment to fix it.
Reported-by: Euler Robot <euler.robot@huawei.com>
Signed-off-by: Chen Qun <kuhn.chenqun@huawei.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Artyom Tarasenko <atar4qemu@gmail.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20201211152426.350966-10-thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
|
|
When using -Wimplicit-fallthrough in our CFLAGS, the compiler showed warning:
target/sparc/translate.c: In function ‘gen_st_asi’:
target/sparc/translate.c:2320:12: warning: this statement may fall through [-Wimplicit-fallthrough=]
2320 | if (!(dc->def->features & CPU_FEATURE_HYPV)) {
| ^
target/sparc/translate.c:2329:5: note: here
2329 | case GET_ASI_DIRECT:
| ^~~~
The "fall through" statement place is not correctly identified by the compiler.
Reported-by: Euler Robot <euler.robot@huawei.com>
Signed-off-by: Chen Qun <kuhn.chenqun@huawei.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Artyom Tarasenko <atar4qemu@gmail.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20201211152426.350966-9-thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
|
|
The current "#ifdef TARGET_X86_64" statement affects
the compiler's determination of fall through.
When using -Wimplicit-fallthrough in our CFLAGS, the compiler showed warning:
target/i386/translate.c: In function ‘gen_shiftd_rm_T1’:
target/i386/translate.c:1773:12: warning: this statement may fall through [-Wimplicit-fallthrough=]
if (is_right) {
^
target/i386/translate.c:1782:5: note: here
case MO_32:
^~~~
Reported-by: Euler Robot <euler.robot@huawei.com>
Signed-off-by: Chen Qun <kuhn.chenqun@huawei.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20201211152426.350966-6-thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
|
|
Looking at the way the code is formatted here (there is an empty line
after break statements, but none where the break is missing), and the
instruction set overview at https://en.wikipedia.org/wiki/Unicore the
fallthrough is very likely intended here. So add a fallthrough comment
to make the it compilable with -Werror=implicit-fallthrough.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201211152426.350966-3-thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
|
|
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Bin Meng <bin.meng@windriver.com>
Tested-by: Bin Meng <bin.meng@windriver.com>
Reviewed-by: Palmer Dabbelt <palmerdabbelt@google.com>
Acked-by: Palmer Dabbelt <palmerdabbelt@google.com>
Message-id: 7eddba45b5d223321c031431849fdd42eceb514b.1608142916.git.alistair.francis@wdc.com
|
|
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Bin Meng <bin.meng@windriver.com>
Reviewed-by: Palmer Dabbelt <palmerdabbelt@google.com>
Acked-by: Palmer Dabbelt <palmerdabbelt@google.com>
Tested-by: Bin Meng <bin.meng@windriver.com>
Message-id: 7371180970b7db310d3a1da21d03d33499c2beb0.1608142916.git.alistair.francis@wdc.com
|
|
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Palmer Dabbelt <palmerdabbelt@google.com>
Acked-by: Palmer Dabbelt <palmerdabbelt@google.com>
Reviewed-by: Bin Meng <bin.meng@windriver.com>
Tested-by: Bin Meng <bin.meng@windriver.com>
Message-id: 872d2dfcd1c7c3914655d677e911b9432eb8f340.1608142916.git.alistair.francis@wdc.com
|
|
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Bin Meng <bin.meng@windriver.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Palmer Dabbelt <palmerdabbelt@google.com>
Acked-by: Palmer Dabbelt <palmerdabbelt@google.com>
Tested-by: Bin Meng <bin.meng@windriver.com>
Message-id: a426ead44db5065a0790066d43e91245683509d7.1608142916.git.alistair.francis@wdc.com
|
|
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Bin Meng <bin.meng@windriver.com>
Tested-by: Bin Meng <bin.meng@windriver.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Palmer Dabbelt <palmerdabbelt@google.com>
Acked-by: Palmer Dabbelt <palmerdabbelt@google.com>
Message-id: c1da66affbb83ec4a2fbeb0194293bd24d65f5dc.1608142916.git.alistair.francis@wdc.com
|
|
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Bin Meng <bin.meng@windriver.com>
Tested-by: Bin Meng <bin.meng@windriver.com>
Reviewed-by: Palmer Dabbelt <palmerdabbelt@google.com>
Acked-by: Palmer Dabbelt <palmerdabbelt@google.com>
Message-id: ebd37b237a8cbe457335b948bd57f487b6b31869.1608142916.git.alistair.francis@wdc.com
|
|
Update the function definitions generated in helper.h to match the
actual function implementations.
Also remove all compile time XLEN checks when building.
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 614c369cb0000d070873a647b8aac7e023cba145.1608142916.git.alistair.francis@wdc.com
|
|
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Bin Meng <bin.meng@windriver.com>
Tested-by: Bin Meng <bin.meng@windriver.com>
Reviewed-by: Palmer Dabbelt <palmerdabbelt@google.com>
Acked-by: Palmer Dabbelt <palmerdabbelt@google.com>
Message-id: 86e5ccd9eae2f5d8c2257679c6ccf6078a5d51af.1608142916.git.alistair.francis@wdc.com
|
|
The TW and TSR fields should be bits 21 and 22 and not 30/29.
This was found while comparing QEMU behaviour against the sail formal
model (https://github.com/rems-project/sail-riscv/).
Signed-off-by: Alex Richardson <Alexander.Richardson@cl.cam.ac.uk>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20201130170117.71281-1-Alexander.Richardson@cl.cam.ac.uk
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
|
|
We found that the hypervisor virtual-machine load and store instructions,
included HLVX/HLV/HSV, couldn't access guest userspace memory.
In the riscv-privileged spec, HLVX/HLV/HSV is defined as follow:
"As usual when V=1, two-stage address translation is applied, and
the HS-level sstatus.SUM is ignored."
But get_physical_address() doesn't ignore sstatus.SUM, when HLVX/HLV/HSV
accesses guest userspace memory. So this patch fixes it.
Signed-off-by: Yifei Jiang <jiangyifei@huawei.com>
Signed-off-by: Yipeng Yin <yinyipeng1@huawei.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20201130012810.899-1-jiangyifei@huawei.com
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
|
|
ISA features are usually denoted in read-only bits from
CPU registers. Add the GET_FEATURE_REG_EQU() macro which
checks if a CPU register has bits set to a specific value.
Use the macro to check the 'Architecture Revision' level
of the Config0 register, which is '2' when the Release 6
ISA is implemented.
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20201214003215.344522-5-f4bug@amsat.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
|
|
make it a regular function.
Suggested-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Claudio Fontana <cfontana@suse.de>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201212155530.23098-9-cfontana@suse.de>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
|
to do this, we need to take code out of cpu.c and helper.c,
and also move some prototypes from cpu.h, for code that is
needed in tcg/xxx_helper.c, and which in turn is part of the
callbacks registered by the class initialization.
Therefore, do some shuffling of the parts of cpu.h that
are only relevant for tcg/, and put them in tcg/helper-tcg.h
For FT0 and similar macros, put them in tcg/fpu-helper.c
since they are used only there.
Signed-off-by: Claudio Fontana <cfontana@suse.de>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201212155530.23098-8-cfontana@suse.de>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
|
AVX512 Half-precision floating point (FP16) has better performance
compared to FP32 if the presicion or magnitude requirements are met.
It's defined as CPUID.(EAX=7,ECX=0):EDX[bit 23].
Refer to
https://software.intel.com/content/www/us/en/develop/download/\
intel-architecture-instruction-set-extensions-programming-reference.html
Signed-off-by: Cathy Zhang <cathy.zhang@intel.com>
Message-Id: <20201216224002.32677-1-cathy.zhang@intel.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
|
As a preparation to expanding Hyper-V CPU features early, move
hyperv_limits initialization to x86_cpu_realizefn().
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Message-Id: <20201119103221.1665171-5-vkuznets@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
|
As a preparation to expanding Hyper-V CPU features early, move
hyperv_version_id initialization to x86_cpu_realizefn().
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Message-Id: <20201119103221.1665171-4-vkuznets@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
|
As a preparation to expanding Hyper-V CPU features early, move
hyperv_interface_id initialization to x86_cpu_realizefn().
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Message-Id: <20201119103221.1665171-3-vkuznets@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
|
As a preparation to expanding Hyper-V CPU features early, move
hyperv_vendor_id initialization to x86_cpu_realizefn(). Introduce
x86_cpu_hyperv_realize() to not not pollute x86_cpu_realizefn()
itself.
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Message-Id: <20201119103221.1665171-2-vkuznets@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
|
Signed-off-by: Claudio Fontana <cfontana@suse.de>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201212155530.23098-7-cfontana@suse.de>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
|
Signed-off-by: Claudio Fontana <cfontana@suse.de>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
[claudio: moved cc_helper_template.h to tcg/ too]
Signed-off-by: Claudio Fontana <cfontana@suse.de>
Message-Id: <20201212155530.23098-6-cfontana@suse.de>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
|
Signed-off-by: Claudio Fontana <cfontana@suse.de>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201212155530.23098-4-cfontana@suse.de>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
|
Signed-off-by: Claudio Fontana <cfontana@suse.de>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201212155530.23098-3-cfontana@suse.de>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
|
Signed-off-by: Claudio Fontana <cfontana@suse.de>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201212155530.23098-2-cfontana@suse.de>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
|
'remotes/pmaydell/tags/pull-target-arm-20201215' into staging
target-arm queue:
* gdbstub: Correct misparsing of vCont C/S requests
* openrisc: Move pic_cpu code into CPU object proper
* nios2: Move IIC code into CPU object proper
* Improve reporting of ROM overlap errors
* xlnx-versal: Add USB support
* hw/misc/zynq_slcr: Avoid #DIV/0! error
* Numonyx: Fix dummy cycles and check for SPI mode on cmds
# gpg: Signature made Tue 15 Dec 2020 13:59:46 GMT
# gpg: using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg: issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [ultimate]
# gpg: aka "Peter Maydell <pmaydell@gmail.com>" [ultimate]
# gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [ultimate]
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83 15CF 3C25 25ED 1436 0CDE
* remotes/pmaydell/tags/pull-target-arm-20201215:
hw/block/m25p80: Fix Numonyx fast read dummy cycle count
hw/block/m25p80: Check SPI mode before running some Numonyx commands
hw/block/m25p80: Fix when VCFG XIP bit is set for Numonyx
hw/block/m25p80: Make Numonyx config field names more accurate
hw/misc/zynq_slcr: Avoid #DIV/0! error
arm: xlnx-versal: Connect usb to virt-versal
usb: xlnx-usb-subsystem: Add xilinx usb subsystem
usb: Add DWC3 model
usb: Add versal-usb2-ctrl-regs module
elf_ops.h: Be more verbose with ROM blob names
elf_ops.h: Don't truncate name of the ROM blobs we create
hw/core/loader.c: Improve reporting of ROM overlap errors
hw/core/loader.c: Track last-seen ROM in rom_check_and_register_reset()
target/nios2: Use deposit32() to update ipending register
target/nios2: Move nios2_check_interrupts() into target/nios2
target/nios2: Move IIC code into CPU object proper
target/openrisc: Move pic_cpu code into CPU object proper
hw/openrisc/openrisc_sim: Abstract out "get IRQ x of CPU y"
hw/openrisc/openrisc_sim: Use IRQ splitter when connecting IRQ to multiple CPUs
gdbstub: Correct misparsing of vCont C/S requests
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
'remotes/ehabkost/tags/machine-next-pull-request' into staging
Machine queue, 2020-12-15
* qdev code cleanup
* Convert some QOM instance properties to class properties
* Update git URLs on MAINTAINERS
# gpg: Signature made Tue 15 Dec 2020 15:18:47 GMT
# gpg: using RSA key 5A322FD5ABC4D3DBACCFD1AA2807936F984DC5A6
# gpg: issuer "ehabkost@redhat.com"
# gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>" [full]
# Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6
* remotes/ehabkost/tags/machine-next-pull-request: (25 commits)
MAINTAINERS: Update my git repository URLs
qdev: Move UUID property to qdev-properties-system.c
qdev: Make qdev_propinfo_get_uint16() static
qdev: Make error_set_from_qdev_prop_error() get Object* argument
qdev: Make check_prop_still_unset() get Object* argument
qdev: Make qdev_find_global_prop() get Object* argument
qdev: Make qdev_get_prop_ptr() get Object* arg
qdev: Make bit_prop_set() get Object* argument
qdev: Make PropertyInfo.print method get Object* argument
qdev: Don't use dev->id on set_size32() error message
sparc: Check dev->realized at sparc_set_nwindows()
qdev: Check dev->realized at set_size()
qdev: Move property code to qdev-properties.[ch]
cpu: Move cpu_common_props to hw/core/cpu.c
cs4231: Get rid of empty property array
netfilter: Use class properties
netfilter: Reorder functions
can_host: Use class properties
arm/cpu64: Register "aarch64" as class property
virt: Register "its" as class property
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
sparc_set_nwindows() is one of the very few property setters that
don't check dev->realized, and there's no reason for it to be
special. Check dev->realized like the other setters.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20201211220529.2290218-6-ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
|
Class properties make QOM introspection simpler and easier, as
they don't require an object to be instantiated.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20201111183823.283752-8-ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
|
Class properties make QOM introspection simpler and easier, as
they don't require an object to be instantiated.
Also, the hundreds of instance properties were having an impact
on QMP commands that create temporary CPU objects. On my
machine, run time of qmp_query_cpu_definitions() changed
from ~200ms to ~16ms after applying this patch.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Message-Id: <20201111183823.283752-5-ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
|
|
In nios2_cpu_set_irq(), use deposit32() rather than raw shift-and-mask
operations to set the appropriate bit in the ipending register.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20201129174022.26530-4-peter.maydell@linaro.org
|
