OvmfPkg/QemuVideoDxe: add feature PCD to remap framebuffer W/C
Some platforms (such as SBSA-QEMU on recent builds of the emulator) only
tolerate misaligned accesses to normal memory, and raise alignment
faults on such accesses to device memory, which is the default for PCIe
MMIO BARs.
When emulating a PCIe graphics controller, the framebuffer is typically
exposed via a MMIO BAR, while the disposition of the region is closer to
memory (no side effects on reads or writes, except for the changing
picture on the screen; direct random access to any pixel in the image).
In order to permit the use of such controllers on platforms that only
tolerate these types of accesses for normal memory, it is necessary to
remap the memory. Use the DXE services to set the desired capabilities
and attributes.
Hide this behavior under a feature PCD so only platforms that really
need it can enable it. (OVMF on x86 has no need for this)
With this fix enabled we can boot sbsa-ref with more than one cpu core.
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20240620-b4-new-firmware-v3-1-29a3a2f1be1e@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Rayhan Faizel [Sun, 19 May 2024 09:41:06 +0000 (15:11 +0530)]
hw/misc: Implement mailbox properties for customer OTP and device specific private keys
Four mailbox properties are implemented as follows:
1. Customer OTP: GET_CUSTOMER_OTP and SET_CUSTOMER_OTP
2. Device-specific private key: GET_PRIVATE_KEY and
SET_PRIVATE_KEY.
The customer OTP is located in the rows 36-43. The device-specific private key
is located in the rows 56-63.
The customer OTP can be locked with the magic numbers 0xffffffff 0xaffe0000
when running the SET_CUSTOMER_OTP mailbox command. Bit 6 of row 32 indicates
this lock, which is undocumented. The lock also applies to the device-specific
private key.
Signed-off-by: Rayhan Faizel <rayhan.faizel@gmail.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Vladimir Sementsov-Ogievskiy [Thu, 27 Jun 2024 16:25:07 +0000 (19:25 +0300)]
hw/core/loader: gunzip(): fix memory leak on error path
We should call inflateEnd() like on success path to cleanup state in s
variable.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Vladimir Sementsov-Ogievskiy [Wed, 26 Jun 2024 13:43:05 +0000 (16:43 +0300)]
vl.c: select_machine(): add selected machine type to error message
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Vladimir Sementsov-Ogievskiy [Wed, 26 Jun 2024 13:43:04 +0000 (16:43 +0300)]
vl.c: select_machine(): use g_autoptr
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Vladimir Sementsov-Ogievskiy [Wed, 26 Jun 2024 13:43:03 +0000 (16:43 +0300)]
vl.c: select_machine(): use ERRP_GUARD instead of error propagation
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Thomas Huth [Wed, 26 Jun 2024 09:44:06 +0000 (11:44 +0200)]
docs/system/devices/usb: Replace the non-existing "qemu" binary
We don't ship a binary that is simply called "qemu", so we should
avoid this in the documentation. Use the configurable binary name
via "|qemu_system|" instead.
Signed-off-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Hyeongtak Ji [Wed, 26 Jun 2024 04:34:58 +0000 (13:34 +0900)]
docs/cxl: fix some typos
This patch corrects minor typographical errors to ensure the ASCII art
aligns with the explanations provided. Specifically, it fixes an
incorrect root port reference and removes redundant words.
Signed-off-by: Hyeongtak Ji <hyeongtak.ji@gmail.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Darwin uses a subtly different version of the setrlimit() syscall as
described in the COMPATIBILITY section of the macOS man page. The value
of the rlim_cur member has been adjusted accordingly for Darwin-based
systems.
Signed-off-by: Trent Huber <trentmhuber@gmail.com> Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Dr. David Alan Gilbert [Sun, 5 May 2024 17:14:44 +0000 (18:14 +0100)]
net/can: Remove unused struct 'CanBusState'
As far as I can tell this struct has never been used in this
file (it is used in can_core.c).
Signed-off-by: Dr. David Alan Gilbert <dave@treblig.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
This struct has been unused since
Commit f932093ae165 ("hw/arm/bcm2836: Split out common part of BCM283X
classes")
Signed-off-by: Dr. David Alan Gilbert <dave@treblig.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Since 'setup_rt_frame' has never been implemented, this struct
is unused.
Signed-off-by: Dr. David Alan Gilbert <dave@treblig.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Philippe Mathieu-Daudé [Mon, 10 Jun 2024 06:39:24 +0000 (08:39 +0200)]
monitor: Remove obsolete stubs
hmp_info_roms() was removed in commit dd98234c05 ("qapi:
introduce x-query-roms QMP command"),
hmp_info_numa() in commit 1b8ae799d8 ("qapi: introduce
x-query-numa QMP command"),
hmp_info_ramblock() in commit ca411b7c8a ("qapi: introduce
x-query-ramblock QMP command")
and hmp_info_irq() in commit 91f2fa7045 ("qapi: introduce
x-query-irq QMP command").
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Dr. David Alan Gilbert <dave@treblig.org> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Zide Chen [Tue, 4 Jun 2024 00:02:22 +0000 (17:02 -0700)]
target/i386: Advertise MWAIT iff host supports
host_cpu_realizefn() sets CPUID_EXT_MONITOR without consulting host/KVM
capabilities. This may cause problems:
- If MWAIT/MONITOR is not available on the host, advertising this
feature to the guest and executing MWAIT/MONITOR from the guest
triggers #UD and the guest doesn't boot. This is because typically
#UD takes priority over VM-Exit interception checks and KVM doesn't
emulate MONITOR/MWAIT on #UD.
- If KVM doesn't support KVM_X86_DISABLE_EXITS_MWAIT, MWAIT/MONITOR
from the guest are intercepted by KVM, which is not what cpu-pm=on
intends to do.
In these cases, MWAIT/MONITOR should not be exposed to the guest.
The logic in kvm_arch_get_supported_cpuid() to handle CPUID_EXT_MONITOR
is correct and sufficient, and we can't set CPUID_EXT_MONITOR after
x86_cpu_filter_features().
This was not an issue before commit 662175b91ff ("i386: reorder call to
cpu_exec_realizefn") because the feature added in the accel-specific
realizefn could be checked against host availability and filtered out.
Additionally, it seems not a good idea to handle guest CPUID leaves in
host_cpu_realizefn(), and this patch merges host_cpu_enable_cpu_pm()
into kvm_cpu_realizefn().
Fixes: f5cc5a5c1686 ("i386: split cpu accelerators from cpu.c, using AccelCPUClass") Fixes: 662175b91ff2 ("i386: reorder call to cpu_exec_realizefn") Signed-off-by: Zide Chen <zide.chen@intel.com> Reviewed-by: Zhao Liu <zhao1.liu@intel.com> Reviewed-by: Xiaoyao Li <xiaoyao.li@intel.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Zide Chen [Tue, 4 Jun 2024 00:02:21 +0000 (17:02 -0700)]
vl: Allow multiple -overcommit commands
Both cpu-pm and mem-lock are related to system resource overcommit, but
they are separate from each other, in terms of how they are realized,
and of course, they are applied to different system resources.
It's tempting to use separate command lines to specify their behavior.
e.g., in the following example, the cpu-pm command is quietly
overwritten, and it's not easy to notice it without careful inspection.
--overcommit mem-lock=on
--overcommit cpu-pm=on
Fixes: c8c9dc42b7ca ("Remove the deprecated -realtime option") Suggested-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Zide Chen <zide.chen@intel.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Zhao Liu <zhao1.liu@intel.com> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Since a4c2735f35 (cpu: move Qemu[Thread|Cond] setup into common code,
2024-05-30) these fields are now allocated at cpu_common_initfn(). So
let's make sure we also free them at cpu_common_finalize().
Furthermore, the code also frees these on round robin, but we missed
'halt_cond'.
Signed-off-by: Matheus Tavares Bernardino <quic_mathbern@quicinc.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Martin Joerg [Sat, 15 Jun 2024 11:43:23 +0000 (13:43 +0200)]
hmp-commands-info.hx: Add missing info command for stats subcommand
Signed-off-by: Martin Joerg <martin.joerg@gmail.com> Reviewed-by: Dr. David Alan Gilbert <dave@treblig.org> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Minwoo Im [Sun, 23 Jun 2024 02:45:55 +0000 (11:45 +0900)]
hw/ufs: Fix potential bugs in MMIO read|write
This patch fixes two points reported in coverity scan report [1]. Check
the MMIO access address with (addr + size), not just with the start offset
addr to make sure that the requested memory access not to exceed the
actual register region. We also updated (uint8_t *) to (uint32_t *) to
represent we are accessing the MMIO registers by dword-sized only.
Cc: Jeuk Kim <jeuk20.kim@gmail.com> Reported-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Minwoo Im <minwoo.im.dev@gmail.com> Reviewed-by: Jeuk Kim <jeuk20.kim@samsung.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20240623024555.78697-1-minwoo.im.dev@gmail.com> Signed-off-by: Jeuk Kim <jeuk20.kim@samsung.com>
Richard Henderson [Fri, 28 Jun 2024 23:09:38 +0000 (16:09 -0700)]
Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging
* configure: detect --cpu=mipsisa64r6
* target/i386: decode address before going back to translate.c
* meson: allow configuring the x86-64 baseline
* meson: remove dead optimization option
* exec: small changes to allow compilation with C++ in Android emulator
* fix SEV compilation on 32-bit systems
* tag 'for-upstream' of https://gitlab.com/bonzini/qemu: (23 commits)
target/i386/sev: Fix printf formats
target/i386/sev: Use size_t for object sizes
target/i386: SEV: store pointer to decoded id_auth in SevSnpGuest
target/i386: SEV: rename sev_snp_guest->id_auth
target/i386: SEV: store pointer to decoded id_block in SevSnpGuest
target/i386: SEV: rename sev_snp_guest->id_block
target/i386: remove unused enum
target/i386: give CC_OP_POPCNT low bits corresponding to MO_TL
target/i386: use cpu_cc_dst for CC_OP_POPCNT
target/i386: fix CC_OP dump
include: move typeof_strip_qual to compiler.h, use it in QAPI_LIST_LENGTH()
exec: don't use void* in pointer arithmetic in headers
exec: avoid using C++ keywords in function parameters
block: rename former bdrv_file_open callbacks
block: remove separate bdrv_file_open callback
block: do not check bdrv_file_open
block: make assertion more generic
meson: remove dead optimization option
meson: allow configuring the x86-64 baseline
Revert "host/i386: assume presence of SSE2"
...
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Paolo Bonzini [Thu, 20 Jun 2024 09:07:39 +0000 (11:07 +0200)]
target/i386: use cpu_cc_dst for CC_OP_POPCNT
It is the only CCOp, among those that compute ZF from one of the cc_op_*
registers, that uses cpu_cc_src. Do not make it the odd one off,
instead use cpu_cc_dst like the others.
Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Tue, 25 Jun 2024 11:12:20 +0000 (13:12 +0200)]
include: move typeof_strip_qual to compiler.h, use it in QAPI_LIST_LENGTH()
The typeof_strip_qual() is most useful for the atomic fetch-and-modify
operations in atomic.h, but it can be used elsewhere as well. For example,
QAPI_LIST_LENGTH() assumes that the argument is not const, which is not a
requirement.
Move the macro to compiler.h and, while at it, move it under #ifndef
__cplusplus to emphasize that it uses C-only constructs. A C++ version
of typeof_strip_qual() using type traits is possible[1], but beyond the
scope of this patch because the little C++ code that is in QEMU does not
use QAPI.
The patch was tested by changing the declaration of strv_from_str_list()
in qapi/qapi-type-helpers.c to:
Paolo Bonzini [Mon, 4 Sep 2023 10:07:19 +0000 (12:07 +0200)]
block: rename former bdrv_file_open callbacks
Since there is no bdrv_file_open callback anymore, rename the implementations
so that they end with "_open" instead of "_file_open". NFS is the exception
because all the functions are named nfs_file_*.
Suggested-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Thu, 24 Nov 2022 15:21:18 +0000 (16:21 +0100)]
block: do not check bdrv_file_open
The set of BlockDrivers that have .bdrv_file_open coincides with those
that have .protocol_name and guess what---checking drv->bdrv_file_open
is done to see if the driver is a protocol. So check drv->protocol_name
instead.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Tue, 18 Jun 2024 15:32:52 +0000 (17:32 +0200)]
meson: allow configuring the x86-64 baseline
Add a Meson option to configure which x86-64 instruction
set to use. QEMU will now default to x86-64-v1 + cmpxchg16b for
64-bit builds (that corresponds to a Pentium 4 for 32-bit builds).
The baseline can be tuned down to Pentium Pro for 32-bit builds (with
-Dx86_version=0), or up as desired.
Acked-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Richard Henderson [Thu, 27 Jun 2024 14:36:16 +0000 (07:36 -0700)]
Merge tag 'pull-riscv-to-apply-20240627-1' of https://github.com/alistair23/qemu into staging
RISC-V PR for 9.1
* Extend virtual irq csrs masks to be 64 bit wide
* Move Guest irqs out of the core local irqs range
* zvbb implies zvkb
* virt: add address-cells in create_fdt_one_aplic()
* virt: add aplic nodename helper
* virt: rename aplic nodename to 'interrupt-controller'
* virt: aplic DT: add 'qemu, aplic' to 'compatible'
* virt: aplic DT: rename prop to 'riscv, delegation'
* virt: change imsic nodename to 'interrupt-controller'
* virt: imsics DT: add 'qemu, imsics' to 'compatible'
* virt: imsics DT: add '#msi-cells'
* QEMU support for KVM Guest Debug on RISC-V
* Support RISC-V privilege 1.13 spec
* Add support for RISC-V ACPI tests
* Modularize common match conditions for trigger
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEEaukCtqfKh31tZZKWr3yVEwxTgBMFAmZ9OCEACgkQr3yVEwxT
# gBM6aRAApE7Cjo6U1MrcXywh897DnMV9TT9a0jWxhw659eOSk8Uo8mXNNmGSudcl
# +//jIQr/JB5YVDcnFAGWFDaMMev2hkbXG68IaLsfqA32CWZzrOgFpFP+sgicDKmP
# A+P/z0CL332hDRxlhglbIYukCN1bEjWbUDgZaXPVc7ieMM0mwDyFZt7jH65dNmNg
# HpmVcUSooUx8weHOKp0vCKCBcQ6neahjvweTYszsWjXgu51+VrpoSAAds98HHY9H
# vilbTGtJzGEmnfTCmm1GmRn5/g5iQzDKDge+Kg+OzINEfoOBByJerK27sGNRkzxt
# ZNUd0RM2q1wkfZ3XfLU3qEnxHson8SQp2+VYTqnEv3TdR0AjrnsxL7IUuFm+iTv4
# wG3IqBwt+efdAzc9k+K2smCyp3036HNrJHQSyhtxu+yU36K+jBKVq++pRzgOFTvl
# 87VvNI/dYL4hSJ4yS00ti2axl6GNEAEePHwQ0fRXvEdSGc4vOw3ayDqyqF0Gcy9+
# MJq+nV7BX9pEyTRZEKqTi2nB7xh3kq0e+mev2ByQlracBqHIayXC3DsDvPcUbiwJ
# 8bzX28kl5C28vYUVJjzYQgZy2XXGbbsnv3ifah4hi2NJESmYHN0uxs9raW9i+lhR
# 2FAm+eO6mxuJTIH/NTou+msxZJw2jTPLkYdG2e5UkTjUN7JKGnk=
# =bag2
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 27 Jun 2024 03:00:01 AM PDT
# gpg: using RSA key 6AE902B6A7CA877D6D659296AF7C95130C538013
# gpg: Good signature from "Alistair Francis <alistair@alistair23.me>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 6AE9 02B6 A7CA 877D 6D65 9296 AF7C 9513 0C53 8013
* tag 'pull-riscv-to-apply-20240627-1' of https://github.com/alistair23/qemu: (32 commits)
target/riscv: Apply modularized matching conditions for icount trigger
target/riscv: Apply modularized matching conditions for watchpoint
target/riscv: Add functions for common matching conditions of trigger
target/riscv: Remove extension auto-update check statements
target/riscv: Add Zc extension implied rule
target/riscv: Add multi extension implied rules
target/riscv: Add MISA extension implied rules
target/riscv: Introduce extension implied rule helpers
target/riscv: Introduce extension implied rules definition
target/riscv: fix instructions count handling in icount mode
target/riscv: Fix froundnx.h nanbox check
hw/riscv/virt.c: Make block devices default to virtio
target/riscv: Support the version for ss1p13
target/riscv: Reserve exception codes for sw-check and hw-err
target/riscv: Add MEDELEGH, HEDELEGH csrs for RV32
target/riscv: Add 'P1P13' bit in SMSTATEEN0
target/riscv: Define macros and variables for ss1p13
target/riscv: Reuse the conversion function of priv_spec
target/riscv/kvm: define TARGET_KVM_HAVE_GUEST_DEBUG
target/riscv/kvm: handle the exit with debug reason
...
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Alvin Chang [Wed, 26 Jun 2024 13:22:47 +0000 (21:22 +0800)]
target/riscv: Apply modularized matching conditions for icount trigger
We have implemented trigger_common_match(), which checks if the enabled
privilege levels of the trigger match CPU's current privilege level. We
can invoke trigger_common_match() to check the privilege levels of the
type 3 triggers.
Signed-off-by: Alvin Chang <alvinga@andestech.com> Acked-by: Alistair Francis <alistair.francis@wdc.com>
Message-ID: <20240626132247.2761286-4-alvinga@andestech.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Alvin Chang [Wed, 26 Jun 2024 13:22:46 +0000 (21:22 +0800)]
target/riscv: Apply modularized matching conditions for watchpoint
We have implemented trigger_common_match(), which checks if the enabled
privilege levels of the trigger match CPU's current privilege level.
Remove the related code in riscv_cpu_debug_check_watchpoint() and invoke
trigger_common_match() to check the privilege levels of the type 2 and
type 6 triggers for the watchpoints.
This commit also changes the behavior of looping the triggers. In
previous implementation, if we have a type 2 trigger and
env->virt_enabled is true, we directly return false to stop the loop.
Now we keep looping all the triggers until we find a matched trigger.
Only load/store bits and loaded/stored address should be further checked
in riscv_cpu_debug_check_watchpoint().
Signed-off-by: Alvin Chang <alvinga@andestech.com> Acked-by: Alistair Francis <alistair.francis@wdc.com>
Message-ID: <20240626132247.2761286-3-alvinga@andestech.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Alvin Chang [Wed, 26 Jun 2024 13:22:45 +0000 (21:22 +0800)]
target/riscv: Add functions for common matching conditions of trigger
According to RISC-V Debug specification version 0.13 [1] (also applied
to version 1.0 [2] but it has not been ratified yet), there are several
common matching conditions before firing a trigger, including the
enabled privilege levels of the trigger.
This commit adds trigger_common_match() to prepare the common matching
conditions for the type 2/3/6 triggers. For now, we just implement
trigger_priv_match() to check if the enabled privilege levels of the
trigger match CPU's current privilege level.
Remove the related code in riscv_cpu_debug_check_breakpoint() and invoke
trigger_common_match() to check the privilege levels of the type 2 and
type 6 triggers for the breakpoints.
This commit also changes the behavior of looping the triggers. In
previous implementation, if we have a type 2 trigger and
env->virt_enabled is true, we directly return false to stop the loop.
Now we keep looping all the triggers until we find a matched trigger.
Only the execution bit and the executed PC should be futher checked in
riscv_cpu_debug_check_breakpoint().
Remove the old-fashioned extension auto-update check statements as
they are replaced by the extension implied rules.
Signed-off-by: Frank Chang <frank.chang@sifive.com> Reviewed-by: Jerry Zhang Jian <jerry.zhangjian@sifive.com> Tested-by: Max Chou <max.chou@sifive.com> Reviewed-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Message-ID: <20240625114629.27793-7-frank.chang@sifive.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Frank Chang [Tue, 25 Jun 2024 11:46:28 +0000 (19:46 +0800)]
target/riscv: Add Zc extension implied rule
Zc extension has special implied rules that need to be handled separately.
Signed-off-by: Frank Chang <frank.chang@sifive.com> Reviewed-by: Jerry Zhang Jian <jerry.zhangjian@sifive.com> Tested-by: Max Chou <max.chou@sifive.com> Reviewed-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Message-ID: <20240625114629.27793-6-frank.chang@sifive.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Frank Chang [Tue, 25 Jun 2024 11:46:27 +0000 (19:46 +0800)]
target/riscv: Add multi extension implied rules
Add multi extension implied rules to enable the implied extensions of
the multi extension recursively.
Signed-off-by: Frank Chang <frank.chang@sifive.com> Reviewed-by: Jerry Zhang Jian <jerry.zhangjian@sifive.com> Tested-by: Max Chou <max.chou@sifive.com> Acked-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Message-ID: <20240625114629.27793-5-frank.chang@sifive.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Frank Chang [Tue, 25 Jun 2024 11:46:26 +0000 (19:46 +0800)]
target/riscv: Add MISA extension implied rules
Add MISA extension implied rules to enable the implied extensions
of MISA recursively.
Signed-off-by: Frank Chang <frank.chang@sifive.com> Reviewed-by: Jerry Zhang Jian <jerry.zhangjian@sifive.com> Tested-by: Max Chou <max.chou@sifive.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Message-ID: <20240625114629.27793-4-frank.chang@sifive.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Introduce helpers to enable the extensions based on the implied rules.
The implied extensions are enabled recursively, so we don't have to
expand all of them manually. This also eliminates the old-fashioned
ordering requirement. For example, Zvksg implies Zvks, Zvks implies
Zvksed, etc., removing the need to check the implied rules of Zvksg
before Zvks.
Signed-off-by: Frank Chang <frank.chang@sifive.com> Reviewed-by: Jerry Zhang Jian <jerry.zhangjian@sifive.com> Tested-by: Max Chou <max.chou@sifive.com> Reviewed-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Message-ID: <20240625114629.27793-3-frank.chang@sifive.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
RISCVCPUImpliedExtsRule is created to store the implied rules.
'is_misa' flag is used to distinguish whether the rule is derived
from the MISA or other extensions.
'ext' stores the MISA bit if 'is_misa' is true. Otherwise, it stores
the offset of the extension defined in RISCVCPUConfig. 'ext' will also
serve as the key of the hash tables to look up the rule in the following
commit.
Signed-off-by: Frank Chang <frank.chang@sifive.com> Reviewed-by: Jerry Zhang Jian <jerry.zhangjian@sifive.com> Tested-by: Max Chou <max.chou@sifive.com> Reviewed-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-ID: <20240625114629.27793-2-frank.chang@sifive.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Clément Léger [Tue, 18 Jun 2024 11:26:45 +0000 (13:26 +0200)]
target/riscv: fix instructions count handling in icount mode
When icount is enabled, rather than returning the virtual CPU time, we
should return the instruction count itself. Add an instructions bool
parameter to get_ticks() to correctly return icount_get_raw() when
icount_enabled() == 1 and instruction count is queried. This will modify
the existing behavior which was returning an instructions count close to
the number of cycles (CPI ~= 1).
Sunil V L [Thu, 20 Jun 2024 06:47:18 +0000 (12:17 +0530)]
hw/riscv/virt.c: Make block devices default to virtio
RISC-V virt is currently missing default type for block devices. Without
this being set, proper backend is not created when option like -cdrom
is used. So, make the virt board's default block device type be
IF_VIRTIO similar to other architectures.
We also need to set no_cdrom to avoid getting a default cdrom device.
Signed-off-by: Sunil V L <sunilvl@ventanamicro.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Message-ID: <20240620064718.275427-1-sunilvl@ventanamicro.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Fea.Wang [Thu, 6 Jun 2024 13:54:52 +0000 (21:54 +0800)]
target/riscv: Add MEDELEGH, HEDELEGH csrs for RV32
Based on privileged spec 1.13, the RV32 needs to implement MEDELEGH
and HEDELEGH for exception codes 32-47 for reserving and exception codes
48-63 for custom use. Add the CSR number though the implementation is
just reading zero and writing ignore. Besides, for accessing HEDELEGH, it
should be controlled by mstateen0 'P1P13' bit.
Signed-off-by: Fea.Wang <fea.wang@sifive.com> Reviewed-by: Frank Chang <frank.chang@sifive.com> Reviewed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-ID: <20240606135454.119186-5-fea.wang@sifive.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Fea.Wang [Thu, 6 Jun 2024 13:54:50 +0000 (21:54 +0800)]
target/riscv: Define macros and variables for ss1p13
Add macros and variables for RISC-V privilege 1.13 support.
Signed-off-by: Fea.Wang <fea.wang@sifive.com> Reviewed-by: Frank Chang <frank.chang@sifive.com> Reviewed-by: Weiwei Li <liwei1518@gmail.com> Reviewed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-ID: <20240606135454.119186-3-fea.wang@sifive.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Jim Shu [Thu, 6 Jun 2024 13:54:49 +0000 (21:54 +0800)]
target/riscv: Reuse the conversion function of priv_spec
Public the conversion function of priv_spec in cpu.h, so that tcg-cpu.c
could also use it.
Signed-off-by: Jim Shu <jim.shu@sifive.com> Signed-off-by: Fea.Wang <fea.wang@sifive.com> Reviewed-by: Frank Chang <frank.chang@sifive.com> Reviewed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-ID: <20240606135454.119186-2-fea.wang@sifive.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
To enable the KVM GUEST DEBUG for RISC-V at QEMU side.
Signed-off-by: Chao Du <duchao@eswincomputing.com> Reviewed-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com> Reviewed-by: Andrew Jones <ajones@ventanamicro.com> Acked-by: Alistair Francis <alistair.francis@wdc.com>
Message-ID: <20240606014501.20763-4-duchao@eswincomputing.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Chao Du [Thu, 6 Jun 2024 01:45:00 +0000 (01:45 +0000)]
target/riscv/kvm: handle the exit with debug reason
If the breakpoint belongs to the userspace then set the ret value.
Signed-off-by: Chao Du <duchao@eswincomputing.com> Reviewed-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com> Reviewed-by: Andrew Jones <ajones@ventanamicro.com> Acked-by: Alistair Francis <alistair.francis@wdc.com>
Message-ID: <20240606014501.20763-3-duchao@eswincomputing.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Chao Du [Thu, 6 Jun 2024 01:44:59 +0000 (01:44 +0000)]
target/riscv/kvm: add software breakpoints support
This patch implements insert/remove software breakpoint process.
For RISC-V, GDB treats single-step similarly to breakpoint: add a
breakpoint at the next step address, then continue. So this also
works for single-step debugging.
Implement kvm_arch_update_guest_debug(): Set the control flag
when there are active breakpoints. This will help KVM to know
the status in the userspace.
Add some stubs which are necessary for building, and will be
implemented later.
Signed-off-by: Chao Du <duchao@eswincomputing.com> Reviewed-by: Andrew Jones <ajones@ventanamicro.com> Acked-by: Alistair Francis <alistair.francis@wdc.com>
Message-ID: <20240606014501.20763-2-duchao@eswincomputing.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Daniel Henrique Barboza [Fri, 31 May 2024 20:27:57 +0000 (17:27 -0300)]
hw/riscv/virt.c: change imsic nodename to 'interrupt-controller'
The Linux DT docs for imsic [1] predicts an 'interrupt-controller@addr'
node, not 'imsic@addr', given this node inherits the
'interrupt-controller' node.
Daniel Henrique Barboza [Fri, 31 May 2024 20:27:53 +0000 (17:27 -0300)]
hw/riscv/virt.c: add aplic nodename helper
We'll change the aplic DT nodename in the next patch and the name is
hardcoded in 2 different functions. Create a helper to change a single
place later.
While we're at it, in create_fdt_socket_aplic(), move 'aplic_name'
inside the conditional to avoid allocating a string that won't be used
when socket == NULL.
Signed-off-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-ID: <20240531202759.911601-3-dbarboza@ventanamicro.com> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Daniel Henrique Barboza [Fri, 31 May 2024 20:27:52 +0000 (17:27 -0300)]
hw/riscv/virt.c: add address-cells in create_fdt_one_aplic()
We need #address-cells properties in all interrupt controllers that are
referred by an interrupt-map [1]. For the RISC-V machine, both PLIC and
APLIC controllers must have this property.
PLIC already sets it in create_fdt_socket_plic(). Set the property for
APLIC in create_fdt_one_aplic().
Signed-off-by: Jerry Zhang Jian <jerry.zhangjian@sifive.com> Reviewed-by: Frank Chang <frank.chang@sifive.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-ID: <20240528130349.20193-1-jerry.zhangjian@sifive.com>
[ Changes by AF:
- Tidy up commit message
- Rebase
] Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
* tag 'sdmmc-20240624' of https://github.com/philmd/qemu:
hw/sd/sdcard: Add comments around registers and commands
hw/sd/sdcard: Inline BLK_READ_BLOCK / BLK_WRITE_BLOCK macros
hw/sd/sdcard: Add sd_invalid_mode_for_cmd to report invalid mode switch
hw/sd/sdcard: Only call sd_req_get_address() where address is used
hw/sd/sdcard: Factor sd_req_get_address() method out
hw/sd/sdcard: Only call sd_req_get_rca() where RCA is used
hw/sd/sdcard: Factor sd_req_get_rca() method out
hw/sd/sdcard: Have cmd_valid_while_locked() return a boolean value
hw/sd/sdcard: Trace update of block count (CMD23)
hw/sd/sdcard: Remove explicit entries for illegal commands
hw/sd/sdcard: Remove ACMD6 handler for SPI mode
hw/sd/sdcard: Use Load/Store API to fill some CID/CSD registers
hw/sd/sdcard: Use registerfield CSR::CURRENT_STATE definition
hw/sd/sdcard: Use HWBLOCK_SHIFT definition instead of magic values
hw/sd/sdcard: Fix typo in SEND_OP_COND command name
hw/sd/sdcard: Rewrite sd_cmd_ALL_SEND_CID using switch case (CMD2)
hw/sd/sdcard: Correct code indentation
hw/sd/sdcard: Avoid OOB in sd_read_byte() during unexpected CMD switch
bswap: Add st24_be_p() to store 24 bits in big-endian order
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Cédric Le Goater [Mon, 17 Jun 2024 06:34:09 +0000 (08:34 +0200)]
vfio/container: Move vfio_container_destroy() to an instance_finalize() handler
vfio_container_destroy() clears the resources allocated
VFIOContainerBase object. Now that VFIOContainerBase is a QOM object,
add an instance_finalize() handler to do the cleanup. It will be
called through object_unref().
Suggested-by: Zhenzhong Duan <zhenzhong.duan@intel.com> Reviewed-by: Zhenzhong Duan <zhenzhong.duan@intel.com> Reviewed-by: Eric Auger <eric.auger@redhat.com> Tested-by: Eric Auger <eric.auger@redhat.com> Signed-off-by: Cédric Le Goater <clg@redhat.com>
Just as we did for the VFIOContainerBase object, introduce an
instance_init() handler for the legacy VFIOContainer object and do the
specific initialization there.
Reviewed-by: Zhenzhong Duan <zhenzhong.duan@intel.com> Reviewed-by: Eric Auger <eric.auger@redhat.com> Tested-by: Eric Auger <eric.auger@redhat.com> Signed-off-by: Cédric Le Goater <clg@redhat.com>
Cédric Le Goater [Mon, 17 Jun 2024 06:34:03 +0000 (08:34 +0200)]
vfio/container: Change VFIOContainerBase to use QOM
VFIOContainerBase was made a QOM interface because we believed that a
QOM object would expose all the IOMMU backends to the QEMU machine and
human interface. This only applies to user creatable devices or objects.
Change the VFIOContainerBase nature from interface to object and make
the necessary adjustments in the VFIO_IOMMU hierarchy.
Reviewed-by: Zhenzhong Duan <zhenzhong.duan@intel.com> Reviewed-by: Eric Auger <eric.auger@redhat.com> Tested-by: Eric Auger <eric.auger@redhat.com> Signed-off-by: Cédric Le Goater <clg@redhat.com>
Cédric Le Goater [Mon, 17 Jun 2024 06:34:02 +0000 (08:34 +0200)]
vfio/container: Discover IOMMU type before creating the container
Since the QEMU struct type representing the VFIO container is deduced
from the IOMMU type exposed by the host, this type should be well
defined *before* creating the container struct. This will be necessary
to instantiate a QOM object of the correct type in future changes.
Rework vfio_set_iommu() to extract the part doing the container
initialization and move it under vfio_create_container().
Reviewed-by: Zhenzhong Duan <zhenzhong.duan@intel.com> Reviewed-by: Eric Auger <eric.auger@redhat.com> Tested-by: Eric Auger <eric.auger@redhat.com> Signed-off-by: Cédric Le Goater <clg@redhat.com>
Rework vfio_get_iommu_class() to return a literal class name instead
of a class object. We will need this name to instantiate the object
later on. Since the default case asserts, remove the error report as
QEMU will simply abort before.
Reviewed-by: Zhenzhong Duan <zhenzhong.duan@intel.com> Reviewed-by: Eric Auger <eric.auger@redhat.com> Tested-by: Eric Auger <eric.auger@redhat.com> Signed-off-by: Cédric Le Goater <clg@redhat.com>
Cédric Le Goater [Mon, 17 Jun 2024 06:33:58 +0000 (08:33 +0200)]
vfio/container: Simplify vfio_container_init()
Assign the base container VFIOAddressSpace 'space' pointer in
vfio_address_space_insert(). The ultimate goal is to remove
vfio_container_init() and instead rely on an .instance_init() handler
to perfom the initialization of VFIOContainerBase.
To be noted that vfio_connect_container() will assign the 'space'
pointer later in the execution flow. This should not have any
consequence.
Reviewed-by: Zhenzhong Duan <zhenzhong.duan@intel.com> Tested-by: Eric Auger <eric.auger@redhat.com> Signed-off-by: Cédric Le Goater <clg@redhat.com>
It prepares ground for a future change initializing the 'space' pointer
of VFIOContainerBase. The goal is to replace vfio_container_init() by
an .instance_init() handler when VFIOContainerBase is QOMified.
Reviewed-by: Zhenzhong Duan <zhenzhong.duan@intel.com> Reviewed-by: Eric Auger <eric.auger@redhat.com> Tested-by: Eric Auger <eric.auger@redhat.com> Signed-off-by: Cédric Le Goater <clg@redhat.com>
Cédric Le Goater [Mon, 17 Jun 2024 06:33:53 +0000 (08:33 +0200)]
vfio: Make vfio_devices_dma_logging_start() return bool
Since vfio_devices_dma_logging_start() takes an 'Error **' argument,
best practices suggest to return a bool. See the api/error.h Rules
section. It will simplify potential changes coming after.
vfio_container_set_dirty_page_tracking() could be modified in the same
way but the errno value can be saved in the migration stream when
called from vfio_listener_log_global_stop().
Reviewed-by: Zhenzhong Duan <zhenzhong.duan@intel.com> Reviewed-by: Eric Auger <eric.auger@redhat.com> Tested-by: Eric Auger <eric.auger@redhat.com> Signed-off-by: Cédric Le Goater <clg@redhat.com>
Eric Auger [Fri, 14 Jun 2024 09:52:58 +0000 (11:52 +0200)]
memory: Remove IOMMU MR iommu_set_iova_range API
Since the host IOVA ranges are now passed through the
PCIIOMMUOps set_host_resv_regions and we have removed
the only implementation of iommu_set_iova_range() in
the virtio-iommu and the only call site in vfio/common,
let's retire the IOMMU MR API and its memory wrapper.
Signed-off-by: Eric Auger <eric.auger@redhat.com> Reviewed-by: Zhenzhong Duan <zhenzhong.duan@intel.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
projects / users / dwmw2 / qemu.git / log