[PATCH v3 0/5] Fixes for running U-boot under QEMU/KVM

[PATCH v3 0/5] Fixes for running U-boot under QEMU/KVM

[Ard Biesheuvel]

This series fixes a number of issues that exist in the QEMU/mach-virt
port of u-boot, and that prevent it from executing correctly under
virtualization (as opposed to TCG emulation)

As the Linux EFI subsystem maintainer, I am looking to increase test
coverage for the EFI related changes that are under development for
Linux, and one of the things I plan to do is start using U-boot as
test firmware for boot testing. This can be done under TCG emulation,
but given how loosely TCG implements the architecture, it is better
to test under virtualization as well.

With these changes applied, u-boot can boot Linux in EFI mode under
KVM.

Changes since v2:
- reinstate flash write accessors (patch #5)
- rebase onto 2020.07

Changes since v1:
- fix LPAE memory type for DCACHE_WRITETHROUGH as well, and add some
  comments to clarify what the values are based on (patch #1)
- only override the flash accessors that we need to (patch #5)
- add Heinrich's ack to #2 and #4

Cc: Tom Rini <trini@konsulko.com>
Cc: Andre Przywara <andre.przywara@arm.com>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>

Ard Biesheuvel (5):
  arm: enable allocate-on-read for LPAE's DCACHE_WRITEBACK/_WRITETHROUGH
  arm: qemu: enable LPAE on 32-bit
  arm: qemu: implement enable_caches()
  arm: qemu: disable the EFI workaround for older GRUB
  arm: qemu: override flash accessors to use virtualizable instructions

 arch/arm/include/asm/system.h       | 23 +++++++--
 board/emulation/qemu-arm/qemu-arm.c | 52 ++++++++++++++++++++
 configs/qemu_arm_defconfig          |  2 +
 include/configs/qemu-arm.h          |  1 +
 4 files changed, 74 insertions(+), 4 deletions(-)

-- 
2.27.0

[PATCH v3 1/5] arm: enable allocate-on-read for LPAE's DCACHE_WRITEBACK/_WRITETHROUGH

[Ard Biesheuvel]

The LPAE versions of DCACHE_WRITEBACK and DCACHE_WRITETHROUGH are currently
defined as no-allocate for both reads and writes, which deviates from the
non-LPAE definition, and mostly defeats the purpose of enabling the caches
in the first place.

So align LPAE with !LPAE, and enable allocate-on-read for both. And while
at it, add some clarification about the meaning of the chosen values.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 arch/arm/include/asm/system.h | 23 ++++++++++++++++----
 1 file changed, 19 insertions(+), 4 deletions(-)

diff --git a/arch/arm/include/asm/system.h b/arch/arm/include/asm/system.h
index 7a40b56acdca..3a1501a0623c 100644
--- a/arch/arm/include/asm/system.h
+++ b/arch/arm/include/asm/system.h
@@ -442,10 +442,16 @@ static inline void set_dacr(unsigned int val)
 #define TTBCR_EPD0		(0 << 7)
 
 /*
- * Memory types
+ * VMSAv8-32 Long-descriptor format memory region attributes
+ * (ARM Architecture Reference Manual section G5.7.4 [DDI0487E.a])
+ *
+ * MAIR0[ 7: 0] 0x00 Device-nGnRnE (aka Strongly-Ordered)
+ * MAIR0[15: 8] 0xaa Outer/Inner Write-Through, Read-Allocate No Write-Allocate
+ * MAIR0[23:16] 0xee Outer/Inner Write-Back, Read-Allocate No Write-Allocate
+ * MAIR0[31:24] 0xff Outer/Inner Write-Back, Read-Allocate Write-Allocate
  */
-#define MEMORY_ATTRIBUTES	((0x00 << (0 * 8)) | (0x88 << (1 * 8)) | \
-				 (0xcc << (2 * 8)) | (0xff << (3 * 8)))
+#define MEMORY_ATTRIBUTES	((0x00 << (0 * 8)) | (0xaa << (1 * 8)) | \
+				 (0xee << (2 * 8)) | (0xff << (3 * 8)))
 
 /* options available for data cache on each page */
 enum dcache_option {
@@ -468,7 +474,16 @@ enum dcache_option {
 #define TTB_SECT_B_MASK		(1 << 2)
 #define TTB_SECT			(2 << 0)
 
-/* options available for data cache on each page */
+/*
+ * Short-descriptor format memory region attributes, without TEX remap
+ * (ARM Architecture Reference Manual section G5.7.2 [DDI0487E.a])
+ *
+ * TEX[0] C  B
+ *   0    0  0   Device-nGnRnE (aka Strongly-Ordered)
+ *   0    1  0   Outer/Inner Write-Through, Read-Allocate No Write-Allocate
+ *   0    1  1   Outer/Inner Write-Back, Read-Allocate No Write-Allocate
+ *   1    1  1   Outer/Inner Write-Back, Read-Allocate Write-Allocate
+ */
 enum dcache_option {
 	DCACHE_OFF = TTB_SECT_DOMAIN(0) | TTB_SECT_XN_MASK | TTB_SECT,
 	DCACHE_WRITETHROUGH = DCACHE_OFF | TTB_SECT_C_MASK,
-- 
2.27.0

[PATCH v3 2/5] arm: qemu: enable LPAE on 32-bit

[Ard Biesheuvel]

QEMU's mach-virt machine only supports selecting CPU models that
implement the virtualization extensions, and are therefore guaranteed
to support LPAE as well.

Initially, QEMU would not allow emulating these CPUs running in HYP
mode (or EL2, for AArch64), but today, it also contains a complete
implementation of the virtualization extensions themselves.

This means we could be running U-Boot in HYP mode, in which case the
LPAE long descriptor page table format is the only format that is
supported. If we are not running in HYP mode, we can use either.

So let's enable CONFIG_ARMV7_LPAE for qemu_arm_defconfig so that we
get the best support for running with the MMU and caches enabled at
any privilege level.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Acked-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
---
 configs/qemu_arm_defconfig | 1 +
 1 file changed, 1 insertion(+)

diff --git a/configs/qemu_arm_defconfig b/configs/qemu_arm_defconfig
index a8473988bd76..75bdce7708c7 100644
--- a/configs/qemu_arm_defconfig
+++ b/configs/qemu_arm_defconfig
@@ -1,5 +1,6 @@
 CONFIG_ARM=y
 CONFIG_ARM_SMCCC=y
+CONFIG_ARMV7_LPAE=y
 CONFIG_ARCH_QEMU=y
 CONFIG_ENV_SIZE=0x40000
 CONFIG_ENV_SECT_SIZE=0x40000
-- 
2.27.0

[PATCH v3 3/5] arm: qemu: implement enable_caches()

[Ard Biesheuvel]

Add an override for enable_caches to enable the I and D caches, along
with the cached 1:1 mapping of all of DRAM. This is needed for running
U-Boot under virtualization with QEMU/kvm.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 board/emulation/qemu-arm/qemu-arm.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/board/emulation/qemu-arm/qemu-arm.c b/board/emulation/qemu-arm/qemu-arm.c
index 69e8ef46f1f5..1b0d543b93c1 100644
--- a/board/emulation/qemu-arm/qemu-arm.c
+++ b/board/emulation/qemu-arm/qemu-arm.c
@@ -4,6 +4,7 @@
  */
 
 #include <common.h>
+#include <cpu_func.h>
 #include <dm.h>
 #include <fdtdec.h>
 #include <init.h>
@@ -94,6 +95,12 @@ void *board_fdt_blob_setup(void)
 	return (void *)CONFIG_SYS_SDRAM_BASE;
 }
 
+void enable_caches(void)
+{
+	 icache_enable();
+	 dcache_enable();
+}
+
 #if defined(CONFIG_EFI_RNG_PROTOCOL)
 #include <efi_loader.h>
 #include <efi_rng.h>
-- 
2.27.0

[PATCH v3 4/5] arm: qemu: disable the EFI workaround for older GRUB

[Ard Biesheuvel]

The QEMU/mach-virt targeted port of u-boot currently only runs on
QEMU under TCG emulation, which does not model the caches at all,
and so no users can exist that are relying on the GRUB hack for
EFI boot.

We will shortly enable support for running under KVM, but the GRUB
hack (which disables all caches without doing cache cleaning by VA
during ExitBootServices()) is likely to cause more problems than it
solves, given that KVM hosts require correct maintenance if they
incorporate non-architected system caches.

So let's disable the GRUB hack by default on the QEMU/mach-virt
port.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
---
 configs/qemu_arm_defconfig | 1 +
 1 file changed, 1 insertion(+)

diff --git a/configs/qemu_arm_defconfig b/configs/qemu_arm_defconfig
index 75bdce7708c7..1d2b4437cb07 100644
--- a/configs/qemu_arm_defconfig
+++ b/configs/qemu_arm_defconfig
@@ -47,3 +47,4 @@ CONFIG_USB=y
 CONFIG_DM_USB=y
 CONFIG_USB_EHCI_HCD=y
 CONFIG_USB_EHCI_PCI=y
+# CONFIG_EFI_GRUB_ARM32_WORKAROUND is not set
-- 
2.27.0

[PATCH v3 5/5] arm: qemu: override flash accessors to use virtualizable instructions

[Ard Biesheuvel]

Some instructions in the ARM ISA have multiple output registers, such
as ldrd/ldp (load pair), where two registers are loaded from memory,
but also ldr with indexing, where the memory base register is incremented
as well when the value is loaded to the destination register.

MMIO emulation under KVM is based on using the architecturally defined
syndrome information that is provided when an exception is taken to the
hypervisor. This syndrome information describes whether the instruction
that triggered the exception is a load or a store, what the faulting
address was, and which register was the destination register.

This syndrome information can only describe one destination register, and
when the trapping instruction is one with multiple outputs, KVM throws an
error like

  kvm [615929]: Data abort outside memslots with no valid syndrome info

on the host and kills the QEMU process with the following error:

  U-Boot 2020.07-rc3-00208-g88bd5b179360-dirty (Jun 06 2020 - 11:59:22 +0200)

  DRAM:  1 GiB
  Flash: error: kvm run failed Function not implemented
  R00=00000001 R01=00000040 R02=7ee0ce20 R03=00000000
  R04=7ffd9eec R05=00000004 R06=7ffda3f8 R07=00000055
  R08=7ffd9eec R09=7ef0ded0 R10=7ee0ce20 R11=00000000
  R12=00000004 R13=7ee0cdf8 R14=00000000 R15=7ff72d08
  PSR=200001d3 --C- A svc32
  QEMU: Terminated

This means that, in order to run U-Boot in QEMU under KVM, we need to
avoid such instructions when accessing emulated devices. For the flash
in particular, which is a hybrid between a ROM (backed by a read-only
KVM memslot) when in array mode, and an emulated MMIO device (when in
write mode), we need to take care to only use instructions that KVM can
deal with when they trap.

So override the flash read accessors that are used when running on QEMU
under KVM. Note that the the 64-bit wide read and write accessors have
been omitted: they are never used when running under QEMU given that it
does not emulate CFI flash that supports it.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 board/emulation/qemu-arm/qemu-arm.c | 45 ++++++++++++++++++++
 include/configs/qemu-arm.h          |  1 +
 2 files changed, 46 insertions(+)

diff --git a/board/emulation/qemu-arm/qemu-arm.c b/board/emulation/qemu-arm/qemu-arm.c
index 1b0d543b93c1..f18f2ed7da3a 100644
--- a/board/emulation/qemu-arm/qemu-arm.c
+++ b/board/emulation/qemu-arm/qemu-arm.c
@@ -142,3 +142,48 @@ efi_status_t platform_get_rng_device(struct udevice **dev)
 	return EFI_SUCCESS;
 }
 #endif /* CONFIG_EFI_RNG_PROTOCOL */
+
+#ifdef CONFIG_ARM64
+#define __W	"w"
+#else
+#define __W
+#endif
+
+u8 flash_read8(void *addr)
+{
+	u8 ret;
+
+	asm("ldrb %" __W "0, %1" : "=r"(ret) : "m"(*(u8 *)addr));
+	return ret;
+}
+
+u16 flash_read16(void *addr)
+{
+	u16 ret;
+
+	asm("ldrh %" __W "0, %1" : "=r"(ret) : "m"(*(u16 *)addr));
+	return ret;
+}
+
+u32 flash_read32(void *addr)
+{
+	u32 ret;
+
+	asm("ldr %" __W "0, %1" : "=r"(ret) : "m"(*(u32 *)addr));
+	return ret;
+}
+
+void flash_write8(u8 value, void *addr)
+{
+	asm("strb %" __W "1, %0" : "=m"(*(u8 *)addr) : "r"(value));
+}
+
+void flash_write16(u16 value, void *addr)
+{
+	asm("strh %" __W "1, %0" : "=m"(*(u16 *)addr) : "r"(value));
+}
+
+void flash_write32(u32 value, void *addr)
+{
+	asm("str %" __W "1, %0" : "=m"(*(u32 *)addr) : "r"(value));
+}
diff --git a/include/configs/qemu-arm.h b/include/configs/qemu-arm.h
index 1ef75a87836b..bc8b7c5c1238 100644
--- a/include/configs/qemu-arm.h
+++ b/include/configs/qemu-arm.h
@@ -53,5 +53,6 @@
 #define CONFIG_SYS_MAX_FLASH_BANKS	2
 #endif
 #define CONFIG_SYS_MAX_FLASH_SECT	256 /* Sector: 256K, Bank: 64M */
+#define CONFIG_CFI_FLASH_USE_WEAK_ACCESSORS
 
 #endif /* __CONFIG_H */
-- 
2.27.0

[PATCH v3 3/5] arm: qemu: implement enable_caches()

[Heinrich Schuchardt]

On 07.07.20 12:07, Ard Biesheuvel wrote:
> Add an override for enable_caches to enable the I and D caches, along
> with the cached 1:1 mapping of all of DRAM. This is needed for running
> U-Boot under virtualization with QEMU/kvm.
>
> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>

Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

[PATCH v3 1/5] arm: enable allocate-on-read for LPAE's DCACHE_WRITEBACK/_WRITETHROUGH

[André Przywara]

On 07/07/2020 11:07, Ard Biesheuvel wrote:
> The LPAE versions of DCACHE_WRITEBACK and DCACHE_WRITETHROUGH are currently
> defined as no-allocate for both reads and writes, which deviates from the
> non-LPAE definition, and mostly defeats the purpose of enabling the caches
> in the first place.
> 
> So align LPAE with !LPAE, and enable allocate-on-read for both. And while
> at it, add some clarification about the meaning of the chosen values.

Many thanks for adding those comments!

> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>

Verified the bits against the ARMv7 ARM.

Reviewed-by: Andre Przywara <andre.przywara@arm.com>

Cheers,
Andre.

> ---
>  arch/arm/include/asm/system.h | 23 ++++++++++++++++----
>  1 file changed, 19 insertions(+), 4 deletions(-)
> 
> diff --git a/arch/arm/include/asm/system.h b/arch/arm/include/asm/system.h
> index 7a40b56acdca..3a1501a0623c 100644
> --- a/arch/arm/include/asm/system.h
> +++ b/arch/arm/include/asm/system.h
> @@ -442,10 +442,16 @@ static inline void set_dacr(unsigned int val)
>  #define TTBCR_EPD0		(0 << 7)
>  
>  /*
> - * Memory types
> + * VMSAv8-32 Long-descriptor format memory region attributes
> + * (ARM Architecture Reference Manual section G5.7.4 [DDI0487E.a])
> + *
> + * MAIR0[ 7: 0] 0x00 Device-nGnRnE (aka Strongly-Ordered)
> + * MAIR0[15: 8] 0xaa Outer/Inner Write-Through, Read-Allocate No Write-Allocate
> + * MAIR0[23:16] 0xee Outer/Inner Write-Back, Read-Allocate No Write-Allocate
> + * MAIR0[31:24] 0xff Outer/Inner Write-Back, Read-Allocate Write-Allocate
>   */
> -#define MEMORY_ATTRIBUTES	((0x00 << (0 * 8)) | (0x88 << (1 * 8)) | \
> -				 (0xcc << (2 * 8)) | (0xff << (3 * 8)))
> +#define MEMORY_ATTRIBUTES	((0x00 << (0 * 8)) | (0xaa << (1 * 8)) | \
> +				 (0xee << (2 * 8)) | (0xff << (3 * 8)))
>  
>  /* options available for data cache on each page */
>  enum dcache_option {
> @@ -468,7 +474,16 @@ enum dcache_option {
>  #define TTB_SECT_B_MASK		(1 << 2)
>  #define TTB_SECT			(2 << 0)
>  
> -/* options available for data cache on each page */
> +/*
> + * Short-descriptor format memory region attributes, without TEX remap
> + * (ARM Architecture Reference Manual section G5.7.2 [DDI0487E.a])
> + *
> + * TEX[0] C  B
> + *   0    0  0   Device-nGnRnE (aka Strongly-Ordered)
> + *   0    1  0   Outer/Inner Write-Through, Read-Allocate No Write-Allocate
> + *   0    1  1   Outer/Inner Write-Back, Read-Allocate No Write-Allocate
> + *   1    1  1   Outer/Inner Write-Back, Read-Allocate Write-Allocate
> + */
>  enum dcache_option {
>  	DCACHE_OFF = TTB_SECT_DOMAIN(0) | TTB_SECT_XN_MASK | TTB_SECT,
>  	DCACHE_WRITETHROUGH = DCACHE_OFF | TTB_SECT_C_MASK,
> 

[PATCH v3 3/5] arm: qemu: implement enable_caches()

[André Przywara]

On 07/07/2020 11:07, Ard Biesheuvel wrote:
> Add an override for enable_caches to enable the I and D caches, along
> with the cached 1:1 mapping of all of DRAM. This is needed for running
> U-Boot under virtualization with QEMU/kvm.
> 
> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
> ---
>  board/emulation/qemu-arm/qemu-arm.c | 7 +++++++
>  1 file changed, 7 insertions(+)
> 
> diff --git a/board/emulation/qemu-arm/qemu-arm.c b/board/emulation/qemu-arm/qemu-arm.c
> index 69e8ef46f1f5..1b0d543b93c1 100644
> --- a/board/emulation/qemu-arm/qemu-arm.c
> +++ b/board/emulation/qemu-arm/qemu-arm.c
> @@ -4,6 +4,7 @@
>   */
>  
>  #include <common.h>
> +#include <cpu_func.h>
>  #include <dm.h>
>  #include <fdtdec.h>
>  #include <init.h>
> @@ -94,6 +95,12 @@ void *board_fdt_blob_setup(void)
>  	return (void *)CONFIG_SYS_SDRAM_BASE;
>  }
>  
> +void enable_caches(void)
> +{
> +	 icache_enable();
> +	 dcache_enable();

It looks like there is a stray space after the tab, but regardless:

Reviewed-by: Andre Przywara <andre.przywara@arm.com>

Cheers,
Andre

> +}
> +
>  #if defined(CONFIG_EFI_RNG_PROTOCOL)
>  #include <efi_loader.h>
>  #include <efi_rng.h>
> 

[PATCH v3 5/5] arm: qemu: override flash accessors to use virtualizable instructions

[André Przywara]

On 07/07/2020 11:07, Ard Biesheuvel wrote:
> Some instructions in the ARM ISA have multiple output registers, such
> as ldrd/ldp (load pair), where two registers are loaded from memory,
> but also ldr with indexing, where the memory base register is incremented
> as well when the value is loaded to the destination register.
> 
> MMIO emulation under KVM is based on using the architecturally defined
> syndrome information that is provided when an exception is taken to the
> hypervisor. This syndrome information describes whether the instruction
> that triggered the exception is a load or a store, what the faulting
> address was, and which register was the destination register.
> 
> This syndrome information can only describe one destination register, and
> when the trapping instruction is one with multiple outputs, KVM throws an
> error like
> 
>   kvm [615929]: Data abort outside memslots with no valid syndrome info
> 
> on the host and kills the QEMU process with the following error:
> 
>   U-Boot 2020.07-rc3-00208-g88bd5b179360-dirty (Jun 06 2020 - 11:59:22 +0200)
> 
>   DRAM:  1 GiB
>   Flash: error: kvm run failed Function not implemented
>   R00=00000001 R01=00000040 R02=7ee0ce20 R03=00000000
>   R04=7ffd9eec R05=00000004 R06=7ffda3f8 R07=00000055
>   R08=7ffd9eec R09=7ef0ded0 R10=7ee0ce20 R11=00000000
>   R12=00000004 R13=7ee0cdf8 R14=00000000 R15=7ff72d08
>   PSR=200001d3 --C- A svc32
>   QEMU: Terminated
> 
> This means that, in order to run U-Boot in QEMU under KVM, we need to
> avoid such instructions when accessing emulated devices. For the flash
> in particular, which is a hybrid between a ROM (backed by a read-only
> KVM memslot) when in array mode, and an emulated MMIO device (when in
> write mode), we need to take care to only use instructions that KVM can
> deal with when they trap.
> 
> So override the flash read accessors that are used when running on QEMU
> under KVM. Note that the the 64-bit wide read and write accessors have
> been omitted: they are never used when running under QEMU given that it
> does not emulate CFI flash that supports it.

Yes, that issue causes quite some headaches. In the Linux kernel the
MMIO accessors were deliberately chosen to be the ldr/str instructions
(as in this patch), to avoid this issue in the first place. So MMIO from
a Linux guest always works.
So it only makes sense to follow suit there. On the next occasion we
could actually think about moving the standard accessors over as well,
but for now this is good enough.

> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>

Reviewed-by: Andre Przywara <andre.przywara@arm.com>

Cheers,
Andre

> ---
>  board/emulation/qemu-arm/qemu-arm.c | 45 ++++++++++++++++++++
>  include/configs/qemu-arm.h          |  1 +
>  2 files changed, 46 insertions(+)
> 
> diff --git a/board/emulation/qemu-arm/qemu-arm.c b/board/emulation/qemu-arm/qemu-arm.c
> index 1b0d543b93c1..f18f2ed7da3a 100644
> --- a/board/emulation/qemu-arm/qemu-arm.c
> +++ b/board/emulation/qemu-arm/qemu-arm.c
> @@ -142,3 +142,48 @@ efi_status_t platform_get_rng_device(struct udevice **dev)
>  	return EFI_SUCCESS;
>  }
>  #endif /* CONFIG_EFI_RNG_PROTOCOL */
> +
> +#ifdef CONFIG_ARM64
> +#define __W	"w"
> +#else
> +#define __W
> +#endif
> +
> +u8 flash_read8(void *addr)
> +{
> +	u8 ret;
> +
> +	asm("ldrb %" __W "0, %1" : "=r"(ret) : "m"(*(u8 *)addr));
> +	return ret;
> +}
> +
> +u16 flash_read16(void *addr)
> +{
> +	u16 ret;
> +
> +	asm("ldrh %" __W "0, %1" : "=r"(ret) : "m"(*(u16 *)addr));
> +	return ret;
> +}
> +
> +u32 flash_read32(void *addr)
> +{
> +	u32 ret;
> +
> +	asm("ldr %" __W "0, %1" : "=r"(ret) : "m"(*(u32 *)addr));
> +	return ret;
> +}
> +
> +void flash_write8(u8 value, void *addr)
> +{
> +	asm("strb %" __W "1, %0" : "=m"(*(u8 *)addr) : "r"(value));
> +}
> +
> +void flash_write16(u16 value, void *addr)
> +{
> +	asm("strh %" __W "1, %0" : "=m"(*(u16 *)addr) : "r"(value));
> +}
> +
> +void flash_write32(u32 value, void *addr)
> +{
> +	asm("str %" __W "1, %0" : "=m"(*(u32 *)addr) : "r"(value));
> +}
> diff --git a/include/configs/qemu-arm.h b/include/configs/qemu-arm.h
> index 1ef75a87836b..bc8b7c5c1238 100644
> --- a/include/configs/qemu-arm.h
> +++ b/include/configs/qemu-arm.h
> @@ -53,5 +53,6 @@
>  #define CONFIG_SYS_MAX_FLASH_BANKS	2
>  #endif
>  #define CONFIG_SYS_MAX_FLASH_SECT	256 /* Sector: 256K, Bank: 64M */
> +#define CONFIG_CFI_FLASH_USE_WEAK_ACCESSORS
>  
>  #endif /* __CONFIG_H */
> 

[PATCH v3 1/5] arm: enable allocate-on-read for LPAE's DCACHE_WRITEBACK/_WRITETHROUGH

[Tom Rini]

On Tue, Jul 07, 2020 at 12:07:07PM +0200, Ard Biesheuvel wrote:

> The LPAE versions of DCACHE_WRITEBACK and DCACHE_WRITETHROUGH are currently
> defined as no-allocate for both reads and writes, which deviates from the
> non-LPAE definition, and mostly defeats the purpose of enabling the caches
> in the first place.
> 
> So align LPAE with !LPAE, and enable allocate-on-read for both. And while
> at it, add some clarification about the meaning of the chosen values.
> 
> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
> Reviewed-by: Andre Przywara <andre.przywara@arm.com>

Applied to u-boot/master, thanks!

-- 
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20200729/06429e52/attachment.sig>

[PATCH v3 2/5] arm: qemu: enable LPAE on 32-bit

[Tom Rini]

On Tue, Jul 07, 2020 at 12:07:08PM +0200, Ard Biesheuvel wrote:

> QEMU's mach-virt machine only supports selecting CPU models that
> implement the virtualization extensions, and are therefore guaranteed
> to support LPAE as well.
> 
> Initially, QEMU would not allow emulating these CPUs running in HYP
> mode (or EL2, for AArch64), but today, it also contains a complete
> implementation of the virtualization extensions themselves.
> 
> This means we could be running U-Boot in HYP mode, in which case the
> LPAE long descriptor page table format is the only format that is
> supported. If we are not running in HYP mode, we can use either.
> 
> So let's enable CONFIG_ARMV7_LPAE for qemu_arm_defconfig so that we
> get the best support for running with the MMU and caches enabled at
> any privilege level.
> 
> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
> Acked-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

Applied to u-boot/master, thanks!

-- 
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20200729/9b996501/attachment.sig>

[PATCH v3 3/5] arm: qemu: implement enable_caches()

[Tom Rini]

On Tue, Jul 07, 2020 at 12:07:09PM +0200, Ard Biesheuvel wrote:

> Add an override for enable_caches to enable the I and D caches, along
> with the cached 1:1 mapping of all of DRAM. This is needed for running
> U-Boot under virtualization with QEMU/kvm.
> 
> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
> Reviewed-by: Andre Przywara <andre.przywara@arm.com>

Applied to u-boot/master, thanks!

-- 
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20200729/5045d33c/attachment.sig>

[PATCH v3 4/5] arm: qemu: disable the EFI workaround for older GRUB

[Tom Rini]

On Tue, Jul 07, 2020 at 12:07:10PM +0200, Ard Biesheuvel wrote:

> The QEMU/mach-virt targeted port of u-boot currently only runs on
> QEMU under TCG emulation, which does not model the caches at all,
> and so no users can exist that are relying on the GRUB hack for
> EFI boot.
> 
> We will shortly enable support for running under KVM, but the GRUB
> hack (which disables all caches without doing cache cleaning by VA
> during ExitBootServices()) is likely to cause more problems than it
> solves, given that KVM hosts require correct maintenance if they
> incorporate non-architected system caches.
> 
> So let's disable the GRUB hack by default on the QEMU/mach-virt
> port.
> 
> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

Applied to u-boot/master, thanks!

-- 
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20200729/f0b9ccf4/attachment.sig>

[PATCH v3 5/5] arm: qemu: override flash accessors to use virtualizable instructions

[Tom Rini]

On Tue, Jul 07, 2020 at 12:07:11PM +0200, Ard Biesheuvel wrote:

> Some instructions in the ARM ISA have multiple output registers, such
> as ldrd/ldp (load pair), where two registers are loaded from memory,
> but also ldr with indexing, where the memory base register is incremented
> as well when the value is loaded to the destination register.
> 
> MMIO emulation under KVM is based on using the architecturally defined
> syndrome information that is provided when an exception is taken to the
> hypervisor. This syndrome information describes whether the instruction
> that triggered the exception is a load or a store, what the faulting
> address was, and which register was the destination register.
> 
> This syndrome information can only describe one destination register, and
> when the trapping instruction is one with multiple outputs, KVM throws an
> error like
> 
>   kvm [615929]: Data abort outside memslots with no valid syndrome info
> 
> on the host and kills the QEMU process with the following error:
> 
>   U-Boot 2020.07-rc3-00208-g88bd5b179360-dirty (Jun 06 2020 - 11:59:22 +0200)
> 
>   DRAM:  1 GiB
>   Flash: error: kvm run failed Function not implemented
>   R00=00000001 R01=00000040 R02=7ee0ce20 R03=00000000
>   R04=7ffd9eec R05=00000004 R06=7ffda3f8 R07=00000055
>   R08=7ffd9eec R09=7ef0ded0 R10=7ee0ce20 R11=00000000
>   R12=00000004 R13=7ee0cdf8 R14=00000000 R15=7ff72d08
>   PSR=200001d3 --C- A svc32
>   QEMU: Terminated
> 
> This means that, in order to run U-Boot in QEMU under KVM, we need to
> avoid such instructions when accessing emulated devices. For the flash
> in particular, which is a hybrid between a ROM (backed by a read-only
> KVM memslot) when in array mode, and an emulated MMIO device (when in
> write mode), we need to take care to only use instructions that KVM can
> deal with when they trap.
> 
> So override the flash read accessors that are used when running on QEMU
> under KVM. Note that the the 64-bit wide read and write accessors have
> been omitted: they are never used when running under QEMU given that it
> does not emulate CFI flash that supports it.
> 
> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
> Reviewed-by: Andre Przywara <andre.przywara@arm.com>

Applied to u-boot/master, thanks!

-- 
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20200729/1f52fbdf/attachment.sig>