* [PULL 00/29] target-arm queue
@ 2020-05-21 19:15 Peter Maydell
2020-05-21 19:15 ` [PULL 01/29] tests/acceptance: Add a test for the canon-a1100 machine Peter Maydell
` (28 more replies)
0 siblings, 29 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:15 UTC (permalink / raw)
To: qemu-devel
target-arm queue: nothing big, just a collection of minor things.
-- PMM
The following changes since commit ae3aa5da96f4ccf0c2a28851449d92db9fcfad71:
Merge remote-tracking branch 'remotes/berrange/tags/socket-next-pull-request' into staging (2020-05-21 16:47:28 +0100)
are available in the Git repository at:
https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20200521
for you to fetch changes up to 17b5df7b65d0192c5d775b5e1581518580774c77:
linux-user/arm/signal.c: Drop TARGET_CONFIG_CPU_32 (2020-05-21 20:00:19 +0100)
----------------------------------------------------------------
target-arm queue:
* tests/acceptance: Add a test for the canon-a1100 machine
* docs/system: Document some of the Arm development boards
* linux-user: make BKPT insn cause SIGTRAP, not be a syscall
* target/arm: Remove unused GEN_NEON_INTEGER_OP macro
* fsl-imx25, fsl-imx31, fsl-imx6, fsl-imx6ul, fsl-imx7: implement watchdog
* hw/arm: Use qemu_log_mask() instead of hw_error() in various places
* ARM: PL061: Introduce N_GPIOS
* target/arm: Improve clear_vec_high() usage
* target/arm: Allow user-mode code to write CPSR.E via MSR
* linux-user/arm: Reset CPSR_E when entering a signal handler
* linux-user/arm/signal.c: Drop TARGET_CONFIG_CPU_32
----------------------------------------------------------------
Amanieu d'Antras (1):
linux-user/arm: Reset CPSR_E when entering a signal handler
Geert Uytterhoeven (1):
ARM: PL061: Introduce N_GPIOS
Guenter Roeck (8):
hw: Move i.MX watchdog driver to hw/watchdog
hw/watchdog: Implement full i.MX watchdog support
hw/arm/fsl-imx25: Wire up watchdog
hw/arm/fsl-imx31: Wire up watchdog
hw/arm/fsl-imx6: Connect watchdog interrupts
hw/arm/fsl-imx6ul: Connect watchdog interrupts
hw/arm/fsl-imx7: Instantiate various unimplemented devices
hw/arm/fsl-imx7: Connect watchdog interrupts
Peter Maydell (12):
docs/system: Add 'Arm' to the Integrator/CP document title
docs/system: Sort Arm board index into alphabetical order
docs/system: Document Arm Versatile Express boards
docs/system: Document the various MPS2 models
docs/system: Document Musca boards
linux-user/arm: BKPT should cause SIGTRAP, not be a syscall
linux-user/arm: Remove bogus SVC 0xf0002 handling
linux-user/arm: Handle invalid arm-specific syscalls correctly
linux-user/arm: Fix identification of syscall numbers
target/arm: Remove unused GEN_NEON_INTEGER_OP macro
target/arm: Allow user-mode code to write CPSR.E via MSR
linux-user/arm/signal.c: Drop TARGET_CONFIG_CPU_32
Philippe Mathieu-Daudé (4):
hw/arm/integratorcp: Replace hw_error() by qemu_log_mask()
hw/arm/pxa2xx: Replace hw_error() by qemu_log_mask()
hw/char/xilinx_uartlite: Replace hw_error() by qemu_log_mask()
hw/timer/exynos4210_mct: Replace hw_error() by qemu_log_mask()
Richard Henderson (2):
target/arm: Use tcg_gen_gvec_mov for clear_vec_high
target/arm: Use clear_vec_high more effectively
Thomas Huth (1):
tests/acceptance: Add a test for the canon-a1100 machine
docs/system/arm/integratorcp.rst | 4 +-
docs/system/arm/mps2.rst | 29 +++
docs/system/arm/musca.rst | 31 +++
docs/system/arm/vexpress.rst | 60 ++++++
docs/system/target-arm.rst | 20 +-
include/hw/arm/fsl-imx25.h | 5 +
include/hw/arm/fsl-imx31.h | 4 +
include/hw/arm/fsl-imx6.h | 2 +-
include/hw/arm/fsl-imx6ul.h | 2 +-
include/hw/arm/fsl-imx7.h | 23 ++-
include/hw/misc/imx2_wdt.h | 33 ----
include/hw/watchdog/wdt_imx2.h | 90 +++++++++
target/arm/cpu.h | 2 +-
hw/arm/fsl-imx25.c | 10 +
hw/arm/fsl-imx31.c | 6 +
hw/arm/fsl-imx6.c | 9 +
hw/arm/fsl-imx6ul.c | 10 +
hw/arm/fsl-imx7.c | 35 ++++
hw/arm/integratorcp.c | 23 ++-
hw/arm/pxa2xx_gpio.c | 7 +-
hw/char/xilinx_uartlite.c | 5 +-
hw/display/pxa2xx_lcd.c | 8 +-
hw/dma/pxa2xx_dma.c | 14 +-
hw/gpio/pl061.c | 12 +-
hw/misc/imx2_wdt.c | 90 ---------
hw/timer/exynos4210_mct.c | 12 +-
hw/watchdog/wdt_imx2.c | 303 +++++++++++++++++++++++++++++
linux-user/arm/cpu_loop.c | 145 ++++++++------
linux-user/arm/signal.c | 15 +-
target/arm/translate-a64.c | 63 +++---
target/arm/translate.c | 23 ---
MAINTAINERS | 6 +
hw/arm/Kconfig | 5 +
hw/misc/Makefile.objs | 1 -
hw/watchdog/Kconfig | 3 +
hw/watchdog/Makefile.objs | 1 +
tests/acceptance/machine_arm_canona1100.py | 35 ++++
37 files changed, 854 insertions(+), 292 deletions(-)
create mode 100644 docs/system/arm/mps2.rst
create mode 100644 docs/system/arm/musca.rst
create mode 100644 docs/system/arm/vexpress.rst
delete mode 100644 include/hw/misc/imx2_wdt.h
create mode 100644 include/hw/watchdog/wdt_imx2.h
delete mode 100644 hw/misc/imx2_wdt.c
create mode 100644 hw/watchdog/wdt_imx2.c
create mode 100644 tests/acceptance/machine_arm_canona1100.py
^ permalink raw reply [flat|nested] 30+ messages in thread
* [PULL 01/29] tests/acceptance: Add a test for the canon-a1100 machine
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
@ 2020-05-21 19:15 ` Peter Maydell
2020-05-21 19:15 ` [PULL 02/29] docs/system: Add 'Arm' to the Integrator/CP document title Peter Maydell
` (27 subsequent siblings)
28 siblings, 0 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:15 UTC (permalink / raw)
To: qemu-devel
From: Thomas Huth <thuth@redhat.com>
The canon-a1100 machine can be used with the Barebox firmware. The
QEMU Advent Calendar 2018 features a pre-compiled image which we
can use for testing.
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
Tested-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20200514190422.23645-1-f4bug@amsat.org
Message-Id: <20200129090420.13954-1-thuth@redhat.com>
[PMD: Rebased MAINTAINERS]
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
MAINTAINERS | 1 +
tests/acceptance/machine_arm_canona1100.py | 35 ++++++++++++++++++++++
2 files changed, 36 insertions(+)
create mode 100644 tests/acceptance/machine_arm_canona1100.py
diff --git a/MAINTAINERS b/MAINTAINERS
index 87a412c229b..1e006c98fab 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -608,6 +608,7 @@ S: Odd Fixes
F: include/hw/arm/digic.h
F: hw/*/digic*
F: include/hw/*/digic*
+F: tests/acceptance/machine_arm_canona1100.py
Goldfish RTC
M: Anup Patel <anup.patel@wdc.com>
diff --git a/tests/acceptance/machine_arm_canona1100.py b/tests/acceptance/machine_arm_canona1100.py
new file mode 100644
index 00000000000..0e5c43dbcf8
--- /dev/null
+++ b/tests/acceptance/machine_arm_canona1100.py
@@ -0,0 +1,35 @@
+# Functional test that boots the canon-a1100 machine with firmware
+#
+# Copyright (c) 2020 Red Hat, Inc.
+#
+# Author:
+# Thomas Huth <thuth@redhat.com>
+#
+# This work is licensed under the terms of the GNU GPL, version 2 or
+# later. See the COPYING file in the top-level directory.
+
+from avocado_qemu import Test
+from avocado_qemu import wait_for_console_pattern
+from avocado.utils import archive
+
+class CanonA1100Machine(Test):
+ """Boots the barebox firmware and checks that the console is operational"""
+
+ timeout = 90
+
+ def test_arm_canona1100(self):
+ """
+ :avocado: tags=arch:arm
+ :avocado: tags=machine:canon-a1100
+ :avocado: tags=device:pflash_cfi02
+ """
+ tar_url = ('https://www.qemu-advent-calendar.org'
+ '/2018/download/day18.tar.xz')
+ tar_hash = '068b5fc4242b29381acee94713509f8a876e9db6'
+ file_path = self.fetch_asset(tar_url, asset_hash=tar_hash)
+ archive.extract(file_path, self.workdir)
+ self.vm.set_console()
+ self.vm.add_args('-bios',
+ self.workdir + '/day18/barebox.canon-a1100.bin')
+ self.vm.launch()
+ wait_for_console_pattern(self, 'running /env/bin/init')
--
2.20.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PULL 02/29] docs/system: Add 'Arm' to the Integrator/CP document title
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
2020-05-21 19:15 ` [PULL 01/29] tests/acceptance: Add a test for the canon-a1100 machine Peter Maydell
@ 2020-05-21 19:15 ` Peter Maydell
2020-05-21 19:15 ` [PULL 03/29] docs/system: Sort Arm board index into alphabetical order Peter Maydell
` (26 subsequent siblings)
28 siblings, 0 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:15 UTC (permalink / raw)
To: qemu-devel
Add 'Arm' to the Integrator/CP document title, for consistency with
the titling of the other documentation of Arm devboard models
(versatile, realview).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20200507151819.28444-2-peter.maydell@linaro.org
---
docs/system/arm/integratorcp.rst | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/docs/system/arm/integratorcp.rst b/docs/system/arm/integratorcp.rst
index e6f050f602b..594438008e4 100644
--- a/docs/system/arm/integratorcp.rst
+++ b/docs/system/arm/integratorcp.rst
@@ -1,5 +1,5 @@
-Integrator/CP (``integratorcp``)
-================================
+Arm Integrator/CP (``integratorcp``)
+====================================
The Arm Integrator/CP board is emulated with the following devices:
--
2.20.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PULL 03/29] docs/system: Sort Arm board index into alphabetical order
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
2020-05-21 19:15 ` [PULL 01/29] tests/acceptance: Add a test for the canon-a1100 machine Peter Maydell
2020-05-21 19:15 ` [PULL 02/29] docs/system: Add 'Arm' to the Integrator/CP document title Peter Maydell
@ 2020-05-21 19:15 ` Peter Maydell
2020-05-21 19:15 ` [PULL 04/29] docs/system: Document Arm Versatile Express boards Peter Maydell
` (25 subsequent siblings)
28 siblings, 0 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:15 UTC (permalink / raw)
To: qemu-devel
Sort the board index into alphabetical order. (Note that we need to
sort alphabetically by the title text of each file, which isn't the
same ordering as sorting by the filename.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20200507151819.28444-3-peter.maydell@linaro.org
---
docs/system/target-arm.rst | 17 +++++++++++------
1 file changed, 11 insertions(+), 6 deletions(-)
diff --git a/docs/system/target-arm.rst b/docs/system/target-arm.rst
index 324e2af1cbc..d459efb3d20 100644
--- a/docs/system/target-arm.rst
+++ b/docs/system/target-arm.rst
@@ -67,19 +67,24 @@ Unfortunately many of the Arm boards QEMU supports are currently
undocumented; you can get a complete list by running
``qemu-system-aarch64 --machine help``.
+..
+ This table of contents should be kept sorted alphabetically
+ by the title text of each file, which isn't the same ordering
+ as an alphabetical sort by filename.
+
.. toctree::
:maxdepth: 1
arm/integratorcp
- arm/versatile
arm/realview
- arm/xscale
- arm/palm
- arm/nseries
- arm/stellaris
+ arm/versatile
arm/musicpal
- arm/sx1
+ arm/nseries
arm/orangepi
+ arm/palm
+ arm/xscale
+ arm/sx1
+ arm/stellaris
Arm CPU features
================
--
2.20.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PULL 04/29] docs/system: Document Arm Versatile Express boards
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
` (2 preceding siblings ...)
2020-05-21 19:15 ` [PULL 03/29] docs/system: Sort Arm board index into alphabetical order Peter Maydell
@ 2020-05-21 19:15 ` Peter Maydell
2020-05-21 19:15 ` [PULL 05/29] docs/system: Document the various MPS2 models Peter Maydell
` (24 subsequent siblings)
28 siblings, 0 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:15 UTC (permalink / raw)
To: qemu-devel
Provide a minimal documentation of the Versatile Express boards
(vexpress-a9, vexpress-a15).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20200507151819.28444-4-peter.maydell@linaro.org
---
docs/system/arm/vexpress.rst | 60 ++++++++++++++++++++++++++++++++++++
docs/system/target-arm.rst | 1 +
MAINTAINERS | 1 +
3 files changed, 62 insertions(+)
create mode 100644 docs/system/arm/vexpress.rst
diff --git a/docs/system/arm/vexpress.rst b/docs/system/arm/vexpress.rst
new file mode 100644
index 00000000000..7f1bcbef078
--- /dev/null
+++ b/docs/system/arm/vexpress.rst
@@ -0,0 +1,60 @@
+Arm Versatile Express boards (``vexpress-a9``, ``vexpress-a15``)
+================================================================
+
+QEMU models two variants of the Arm Versatile Express development
+board family:
+
+- ``vexpress-a9`` models the combination of the Versatile Express
+ motherboard and the CoreTile Express A9x4 daughterboard
+- ``vexpress-a15`` models the combination of the Versatile Express
+ motherboard and the CoreTile Express A15x2 daughterboard
+
+Note that as this hardware does not have PCI, IDE or SCSI,
+the only available storage option is emulated SD card.
+
+Implemented devices:
+
+- PL041 audio
+- PL181 SD controller
+- PL050 keyboard and mouse
+- PL011 UARTs
+- SP804 timers
+- I2C controller
+- PL031 RTC
+- PL111 LCD display controller
+- Flash memory
+- LAN9118 ethernet
+
+Unimplemented devices:
+
+- SP810 system control block
+- PCI-express
+- USB controller (Philips ISP1761)
+- Local DAP ROM
+- CoreSight interfaces
+- PL301 AXI interconnect
+- SCC
+- System counter
+- HDLCD controller (``vexpress-a15``)
+- SP805 watchdog
+- PL341 dynamic memory controller
+- DMA330 DMA controller
+- PL354 static memory controller
+- BP147 TrustZone Protection Controller
+- TrustZone Address Space Controller
+
+Other differences between the hardware and the QEMU model:
+
+- QEMU will default to creating one CPU unless you pass a different
+ ``-smp`` argument
+- QEMU allows the amount of RAM provided to be specified with the
+ ``-m`` argument
+- QEMU defaults to providing a CPU which does not provide either
+ TrustZone or the Virtualization Extensions: if you want these you
+ must enable them with ``-machine secure=on`` and ``-machine
+ virtualization=on``
+- QEMU provides 4 virtio-mmio virtio transports; these start at
+ address ``0x10013000`` for ``vexpress-a9`` and at ``0x1c130000`` for
+ ``vexpress-a15``, and have IRQs from 40 upwards. If a dtb is
+ provided on the command line then QEMU will edit it to include
+ suitable entries describing these transports for the guest.
diff --git a/docs/system/target-arm.rst b/docs/system/target-arm.rst
index d459efb3d20..1c759aa1a08 100644
--- a/docs/system/target-arm.rst
+++ b/docs/system/target-arm.rst
@@ -78,6 +78,7 @@ undocumented; you can get a complete list by running
arm/integratorcp
arm/realview
arm/versatile
+ arm/vexpress
arm/musicpal
arm/nseries
arm/orangepi
diff --git a/MAINTAINERS b/MAINTAINERS
index 1e006c98fab..6a9280c1b03 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -828,6 +828,7 @@ M: Peter Maydell <peter.maydell@linaro.org>
L: qemu-arm@nongnu.org
S: Maintained
F: hw/arm/vexpress.c
+F: docs/system/arm/vexpress.rst
Versatile PB
M: Peter Maydell <peter.maydell@linaro.org>
--
2.20.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PULL 05/29] docs/system: Document the various MPS2 models
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
` (3 preceding siblings ...)
2020-05-21 19:15 ` [PULL 04/29] docs/system: Document Arm Versatile Express boards Peter Maydell
@ 2020-05-21 19:15 ` Peter Maydell
2020-05-21 19:15 ` [PULL 06/29] docs/system: Document Musca boards Peter Maydell
` (23 subsequent siblings)
28 siblings, 0 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:15 UTC (permalink / raw)
To: qemu-devel
Add basic documentation of the MPS2 board models.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20200507151819.28444-5-peter.maydell@linaro.org
---
docs/system/arm/mps2.rst | 29 +++++++++++++++++++++++++++++
docs/system/target-arm.rst | 1 +
MAINTAINERS | 1 +
3 files changed, 31 insertions(+)
create mode 100644 docs/system/arm/mps2.rst
diff --git a/docs/system/arm/mps2.rst b/docs/system/arm/mps2.rst
new file mode 100644
index 00000000000..3a98cb59b0d
--- /dev/null
+++ b/docs/system/arm/mps2.rst
@@ -0,0 +1,29 @@
+Arm MPS2 boards (``mps2-an385``, ``mps2-an505``, ``mps2-an511``, ``mps2-an521``)
+================================================================================
+
+These board models all use Arm M-profile CPUs.
+
+The Arm MPS2 and MPS2+ dev boards are FPGA based (the 2+ has a bigger
+FPGA but is otherwise the same as the 2). Since the CPU itself
+and most of the devices are in the FPGA, the details of the board
+as seen by the guest depend significantly on the FPGA image.
+
+QEMU models the following FPGA images:
+
+``mps2-an385``
+ Cortex-M3 as documented in ARM Application Note AN385
+``mps2-an511``
+ Cortex-M3 'DesignStart' as documented in AN511
+``mps2-an505``
+ Cortex-M33 as documented in ARM Application Note AN505
+``mps2-an521``
+ Dual Cortex-M33 as documented in Application Note AN521
+
+Differences between QEMU and real hardware:
+
+- AN385 remapping of low 16K of memory to either ZBT SSRAM1 or to
+ block RAM is unimplemented (QEMU always maps this to ZBT SSRAM1, as
+ if zbt_boot_ctrl is always zero)
+- QEMU provides a LAN9118 ethernet rather than LAN9220; the only guest
+ visible difference is that the LAN9118 doesn't support checksum
+ offloading
diff --git a/docs/system/target-arm.rst b/docs/system/target-arm.rst
index 1c759aa1a08..f2d9366e9b4 100644
--- a/docs/system/target-arm.rst
+++ b/docs/system/target-arm.rst
@@ -76,6 +76,7 @@ undocumented; you can get a complete list by running
:maxdepth: 1
arm/integratorcp
+ arm/mps2
arm/realview
arm/versatile
arm/vexpress
diff --git a/MAINTAINERS b/MAINTAINERS
index 6a9280c1b03..520a7b74f28 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -701,6 +701,7 @@ F: hw/misc/armsse-cpuid.c
F: include/hw/misc/armsse-cpuid.h
F: hw/misc/armsse-mhu.c
F: include/hw/misc/armsse-mhu.h
+F: docs/system/arm/mps2.rst
Musca
M: Peter Maydell <peter.maydell@linaro.org>
--
2.20.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PULL 06/29] docs/system: Document Musca boards
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
` (4 preceding siblings ...)
2020-05-21 19:15 ` [PULL 05/29] docs/system: Document the various MPS2 models Peter Maydell
@ 2020-05-21 19:15 ` Peter Maydell
2020-05-21 19:15 ` [PULL 07/29] linux-user/arm: BKPT should cause SIGTRAP, not be a syscall Peter Maydell
` (22 subsequent siblings)
28 siblings, 0 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:15 UTC (permalink / raw)
To: qemu-devel
Provide a minimal documentation of the Musca boards.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20200507151819.28444-6-peter.maydell@linaro.org
---
docs/system/arm/musca.rst | 31 +++++++++++++++++++++++++++++++
docs/system/target-arm.rst | 1 +
MAINTAINERS | 1 +
3 files changed, 33 insertions(+)
create mode 100644 docs/system/arm/musca.rst
diff --git a/docs/system/arm/musca.rst b/docs/system/arm/musca.rst
new file mode 100644
index 00000000000..81e3dc92194
--- /dev/null
+++ b/docs/system/arm/musca.rst
@@ -0,0 +1,31 @@
+Arm Musca boards (``musca-a``, ``musca-b1``)
+============================================
+
+The Arm Musca development boards are a reference implementation
+of a system using the SSE-200 Subsystem for Embedded. They are
+dual Cortex-M33 systems.
+
+QEMU provides models of the A and B1 variants of this board.
+
+Unimplemented devices:
+
+- SPI
+- |I2C|
+- |I2S|
+- PWM
+- QSPI
+- Timer
+- SCC
+- GPIO
+- eFlash
+- MHU
+- PVT
+- SDIO
+- CryptoCell
+
+Note that (like the real hardware) the Musca-A machine is
+asymmetric: CPU 0 does not have the FPU or DSP extensions,
+but CPU 1 does. Also like the real hardware, the memory maps
+for the A and B1 variants differ significantly, so guest
+software must be built for the right variant.
+
diff --git a/docs/system/target-arm.rst b/docs/system/target-arm.rst
index f2d9366e9b4..dce384cb0e3 100644
--- a/docs/system/target-arm.rst
+++ b/docs/system/target-arm.rst
@@ -77,6 +77,7 @@ undocumented; you can get a complete list by running
arm/integratorcp
arm/mps2
+ arm/musca
arm/realview
arm/versatile
arm/vexpress
diff --git a/MAINTAINERS b/MAINTAINERS
index 520a7b74f28..023f48d3eaa 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -708,6 +708,7 @@ M: Peter Maydell <peter.maydell@linaro.org>
L: qemu-arm@nongnu.org
S: Maintained
F: hw/arm/musca.c
+F: docs/system/arm/musca.rst
Musicpal
M: Jan Kiszka <jan.kiszka@web.de>
--
2.20.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PULL 07/29] linux-user/arm: BKPT should cause SIGTRAP, not be a syscall
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
` (5 preceding siblings ...)
2020-05-21 19:15 ` [PULL 06/29] docs/system: Document Musca boards Peter Maydell
@ 2020-05-21 19:15 ` Peter Maydell
2020-05-21 19:15 ` [PULL 08/29] linux-user/arm: Remove bogus SVC 0xf0002 handling Peter Maydell
` (21 subsequent siblings)
28 siblings, 0 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:15 UTC (permalink / raw)
To: qemu-devel
In linux-user/arm/cpu-loop.c we incorrectly treat EXCP_BKPT similarly
to EXCP_SWI, which means that if the guest executes a BKPT insn then
QEMU will perform a syscall for it (which syscall depends on what
value happens to be in r7...). The correct behaviour is that the
guest process should take a SIGTRAP.
This code has been like this (more or less) since commit
06c949e62a098f in 2006 which added BKPT in the first place. This is
probably because at the time the same code path was used to handle
both Linux syscalls and semihosting calls, and (on M profile) BKPT
with a suitable magic number is used for semihosting calls. But
these days we've moved handling of semihosting out to an entirely
different codepath, so we can fix this bug by simply removing this
handling of EXCP_BKPT and instead making it deliver a SIGTRAP like
EXCP_DEBUG (as we do already on aarch64).
Reported-by: <omerg681@gmail.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20200420212206.12776-2-peter.maydell@linaro.org
Fixes: https://bugs.launchpad.net/qemu/+bug/1873898
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
linux-user/arm/cpu_loop.c | 30 ++++++++----------------------
1 file changed, 8 insertions(+), 22 deletions(-)
diff --git a/linux-user/arm/cpu_loop.c b/linux-user/arm/cpu_loop.c
index cf618daa1ca..82d0dd3c312 100644
--- a/linux-user/arm/cpu_loop.c
+++ b/linux-user/arm/cpu_loop.c
@@ -295,32 +295,17 @@ void cpu_loop(CPUARMState *env)
}
break;
case EXCP_SWI:
- case EXCP_BKPT:
{
env->eabi = 1;
/* system call */
- if (trapnr == EXCP_BKPT) {
- if (env->thumb) {
- /* FIXME - what to do if get_user() fails? */
- get_user_code_u16(insn, env->regs[15], env);
- n = insn & 0xff;
- env->regs[15] += 2;
- } else {
- /* FIXME - what to do if get_user() fails? */
- get_user_code_u32(insn, env->regs[15], env);
- n = (insn & 0xf) | ((insn >> 4) & 0xff0);
- env->regs[15] += 4;
- }
+ if (env->thumb) {
+ /* FIXME - what to do if get_user() fails? */
+ get_user_code_u16(insn, env->regs[15] - 2, env);
+ n = insn & 0xff;
} else {
- if (env->thumb) {
- /* FIXME - what to do if get_user() fails? */
- get_user_code_u16(insn, env->regs[15] - 2, env);
- n = insn & 0xff;
- } else {
- /* FIXME - what to do if get_user() fails? */
- get_user_code_u32(insn, env->regs[15] - 4, env);
- n = insn & 0xffffff;
- }
+ /* FIXME - what to do if get_user() fails? */
+ get_user_code_u32(insn, env->regs[15] - 4, env);
+ n = insn & 0xffffff;
}
if (n == ARM_NR_cacheflush) {
@@ -396,6 +381,7 @@ void cpu_loop(CPUARMState *env)
}
break;
case EXCP_DEBUG:
+ case EXCP_BKPT:
excp_debug:
info.si_signo = TARGET_SIGTRAP;
info.si_errno = 0;
--
2.20.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PULL 08/29] linux-user/arm: Remove bogus SVC 0xf0002 handling
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
` (6 preceding siblings ...)
2020-05-21 19:15 ` [PULL 07/29] linux-user/arm: BKPT should cause SIGTRAP, not be a syscall Peter Maydell
@ 2020-05-21 19:15 ` Peter Maydell
2020-05-21 19:15 ` [PULL 09/29] linux-user/arm: Handle invalid arm-specific syscalls correctly Peter Maydell
` (20 subsequent siblings)
28 siblings, 0 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:15 UTC (permalink / raw)
To: qemu-devel
We incorrectly treat SVC 0xf0002 as a cacheflush request (which is a
NOP for QEMU). This is the wrong syscall number, because in the
svc-immediate OABI syscall numbers are all offset by the
ARM_SYSCALL_BASE value and so the correct insn is SVC 0x9f0002.
(This is handled further down in the code with the other Arm-specific
syscalls like NR_breakpoint.)
When this code was initially added in commit 6f1f31c069b20611 in
2004, ARM_NR_cacheflush was defined as (ARM_SYSCALL_BASE + 0xf0000 + 2)
so the value in the comparison took account of the extra 0x900000
offset. In commit fbb4a2e371f2fa7 in 2008, the ARM_SYSCALL_BASE
was removed from the definition of ARM_NR_cacheflush and handling
for this group of syscalls was added below the point where we subtract
ARM_SYSCALL_BASE from the SVC immediate value. However that commit
forgot to remove the now-obsolete earlier handling code.
Remove the spurious ARM_NR_cacheflush condition.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 20200420212206.12776-3-peter.maydell@linaro.org
---
linux-user/arm/cpu_loop.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/linux-user/arm/cpu_loop.c b/linux-user/arm/cpu_loop.c
index 82d0dd3c312..025887d6b86 100644
--- a/linux-user/arm/cpu_loop.c
+++ b/linux-user/arm/cpu_loop.c
@@ -308,9 +308,7 @@ void cpu_loop(CPUARMState *env)
n = insn & 0xffffff;
}
- if (n == ARM_NR_cacheflush) {
- /* nop */
- } else if (n == 0 || n >= ARM_SYSCALL_BASE || env->thumb) {
+ if (n == 0 || n >= ARM_SYSCALL_BASE || env->thumb) {
/* linux syscall */
if (env->thumb || n == 0) {
n = env->regs[7];
--
2.20.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PULL 09/29] linux-user/arm: Handle invalid arm-specific syscalls correctly
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
` (7 preceding siblings ...)
2020-05-21 19:15 ` [PULL 08/29] linux-user/arm: Remove bogus SVC 0xf0002 handling Peter Maydell
@ 2020-05-21 19:15 ` Peter Maydell
2020-05-21 19:15 ` [PULL 10/29] linux-user/arm: Fix identification of syscall numbers Peter Maydell
` (19 subsequent siblings)
28 siblings, 0 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:15 UTC (permalink / raw)
To: qemu-devel
The kernel has different handling for syscalls with invalid
numbers that are in the "arm-specific" range 0x9f0000 and up:
* 0x9f0000..0x9f07ff return -ENOSYS if not implemented
* other out of range syscalls cause a SIGILL
(see the kernel's arch/arm/kernel/traps.c:arm_syscall())
Implement this distinction. (Note that our code doesn't look
quite like the kernel's, because we have removed the
0x900000 prefix by this point, whereas the kernel retains
it in arm_syscall().)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20200420212206.12776-4-peter.maydell@linaro.org
---
linux-user/arm/cpu_loop.c | 30 ++++++++++++++++++++++++++----
1 file changed, 26 insertions(+), 4 deletions(-)
diff --git a/linux-user/arm/cpu_loop.c b/linux-user/arm/cpu_loop.c
index 025887d6b86..df8b7b3fa96 100644
--- a/linux-user/arm/cpu_loop.c
+++ b/linux-user/arm/cpu_loop.c
@@ -332,10 +332,32 @@ void cpu_loop(CPUARMState *env)
env->regs[0] = cpu_get_tls(env);
break;
default:
- qemu_log_mask(LOG_UNIMP,
- "qemu: Unsupported ARM syscall: 0x%x\n",
- n);
- env->regs[0] = -TARGET_ENOSYS;
+ if (n < 0xf0800) {
+ /*
+ * Syscalls 0xf0000..0xf07ff (or 0x9f0000..
+ * 0x9f07ff in OABI numbering) are defined
+ * to return -ENOSYS rather than raising
+ * SIGILL. Note that we have already
+ * removed the 0x900000 prefix.
+ */
+ qemu_log_mask(LOG_UNIMP,
+ "qemu: Unsupported ARM syscall: 0x%x\n",
+ n);
+ env->regs[0] = -TARGET_ENOSYS;
+ } else {
+ /* Otherwise SIGILL */
+ info.si_signo = TARGET_SIGILL;
+ info.si_errno = 0;
+ info.si_code = TARGET_ILL_ILLTRP;
+ info._sifields._sigfault._addr = env->regs[15];
+ if (env->thumb) {
+ info._sifields._sigfault._addr -= 2;
+ } else {
+ info._sifields._sigfault._addr -= 4;
+ }
+ queue_signal(env, info.si_signo,
+ QEMU_SI_FAULT, &info);
+ }
break;
}
} else {
--
2.20.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PULL 10/29] linux-user/arm: Fix identification of syscall numbers
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
` (8 preceding siblings ...)
2020-05-21 19:15 ` [PULL 09/29] linux-user/arm: Handle invalid arm-specific syscalls correctly Peter Maydell
@ 2020-05-21 19:15 ` Peter Maydell
2020-05-21 19:15 ` [PULL 11/29] target/arm: Remove unused GEN_NEON_INTEGER_OP macro Peter Maydell
` (18 subsequent siblings)
28 siblings, 0 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:15 UTC (permalink / raw)
To: qemu-devel
Our code to identify syscall numbers has some issues:
* for Thumb mode, we never need the immediate value from the insn,
but we always read it anyway
* bad immediate values in the svc insn should cause a SIGILL, but we
were abort()ing instead (via "goto error")
We can fix both these things by refactoring the code that identifies
the syscall number to more closely follow the kernel COMPAT_OABI code:
* for Thumb it is always r7
* for Arm, if the immediate value is 0, then this is an EABI call
with the syscall number in r7
* otherwise, we XOR the immediate value with 0x900000
(ARM_SYSCALL_BASE for QEMU; __NR_OABI_SYSCALL_BASE in the kernel),
which converts valid syscall immediates into the desired value,
and puts all invalid immediates in the range 0x100000 or above
* then we can just let the existing "value too large, deliver
SIGILL" case handle invalid numbers, and drop the 'goto error'
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Message-id: 20200420212206.12776-5-peter.maydell@linaro.org
---
linux-user/arm/cpu_loop.c | 143 ++++++++++++++++++++------------------
1 file changed, 77 insertions(+), 66 deletions(-)
diff --git a/linux-user/arm/cpu_loop.c b/linux-user/arm/cpu_loop.c
index df8b7b3fa96..13629ee1f6a 100644
--- a/linux-user/arm/cpu_loop.c
+++ b/linux-user/arm/cpu_loop.c
@@ -299,85 +299,96 @@ void cpu_loop(CPUARMState *env)
env->eabi = 1;
/* system call */
if (env->thumb) {
- /* FIXME - what to do if get_user() fails? */
- get_user_code_u16(insn, env->regs[15] - 2, env);
- n = insn & 0xff;
+ /* Thumb is always EABI style with syscall number in r7 */
+ n = env->regs[7];
} else {
+ /*
+ * Equivalent of kernel CONFIG_OABI_COMPAT: read the
+ * Arm SVC insn to extract the immediate, which is the
+ * syscall number in OABI.
+ */
/* FIXME - what to do if get_user() fails? */
get_user_code_u32(insn, env->regs[15] - 4, env);
n = insn & 0xffffff;
- }
-
- if (n == 0 || n >= ARM_SYSCALL_BASE || env->thumb) {
- /* linux syscall */
- if (env->thumb || n == 0) {
+ if (n == 0) {
+ /* zero immediate: EABI, syscall number in r7 */
n = env->regs[7];
} else {
- n -= ARM_SYSCALL_BASE;
+ /*
+ * This XOR matches the kernel code: an immediate
+ * in the valid range (0x900000 .. 0x9fffff) is
+ * converted into the correct EABI-style syscall
+ * number; invalid immediates end up as values
+ * > 0xfffff and are handled below as out-of-range.
+ */
+ n ^= ARM_SYSCALL_BASE;
env->eabi = 0;
}
- if ( n > ARM_NR_BASE) {
- switch (n) {
- case ARM_NR_cacheflush:
- /* nop */
- break;
- case ARM_NR_set_tls:
- cpu_set_tls(env, env->regs[0]);
- env->regs[0] = 0;
- break;
- case ARM_NR_breakpoint:
- env->regs[15] -= env->thumb ? 2 : 4;
- goto excp_debug;
- case ARM_NR_get_tls:
- env->regs[0] = cpu_get_tls(env);
- break;
- default:
- if (n < 0xf0800) {
- /*
- * Syscalls 0xf0000..0xf07ff (or 0x9f0000..
- * 0x9f07ff in OABI numbering) are defined
- * to return -ENOSYS rather than raising
- * SIGILL. Note that we have already
- * removed the 0x900000 prefix.
- */
- qemu_log_mask(LOG_UNIMP,
- "qemu: Unsupported ARM syscall: 0x%x\n",
- n);
- env->regs[0] = -TARGET_ENOSYS;
+ }
+
+ if (n > ARM_NR_BASE) {
+ switch (n) {
+ case ARM_NR_cacheflush:
+ /* nop */
+ break;
+ case ARM_NR_set_tls:
+ cpu_set_tls(env, env->regs[0]);
+ env->regs[0] = 0;
+ break;
+ case ARM_NR_breakpoint:
+ env->regs[15] -= env->thumb ? 2 : 4;
+ goto excp_debug;
+ case ARM_NR_get_tls:
+ env->regs[0] = cpu_get_tls(env);
+ break;
+ default:
+ if (n < 0xf0800) {
+ /*
+ * Syscalls 0xf0000..0xf07ff (or 0x9f0000..
+ * 0x9f07ff in OABI numbering) are defined
+ * to return -ENOSYS rather than raising
+ * SIGILL. Note that we have already
+ * removed the 0x900000 prefix.
+ */
+ qemu_log_mask(LOG_UNIMP,
+ "qemu: Unsupported ARM syscall: 0x%x\n",
+ n);
+ env->regs[0] = -TARGET_ENOSYS;
+ } else {
+ /*
+ * Otherwise SIGILL. This includes any SWI with
+ * immediate not originally 0x9fxxxx, because
+ * of the earlier XOR.
+ */
+ info.si_signo = TARGET_SIGILL;
+ info.si_errno = 0;
+ info.si_code = TARGET_ILL_ILLTRP;
+ info._sifields._sigfault._addr = env->regs[15];
+ if (env->thumb) {
+ info._sifields._sigfault._addr -= 2;
} else {
- /* Otherwise SIGILL */
- info.si_signo = TARGET_SIGILL;
- info.si_errno = 0;
- info.si_code = TARGET_ILL_ILLTRP;
- info._sifields._sigfault._addr = env->regs[15];
- if (env->thumb) {
- info._sifields._sigfault._addr -= 2;
- } else {
- info._sifields._sigfault._addr -= 4;
- }
- queue_signal(env, info.si_signo,
- QEMU_SI_FAULT, &info);
+ info._sifields._sigfault._addr -= 4;
}
- break;
- }
- } else {
- ret = do_syscall(env,
- n,
- env->regs[0],
- env->regs[1],
- env->regs[2],
- env->regs[3],
- env->regs[4],
- env->regs[5],
- 0, 0);
- if (ret == -TARGET_ERESTARTSYS) {
- env->regs[15] -= env->thumb ? 2 : 4;
- } else if (ret != -TARGET_QEMU_ESIGRETURN) {
- env->regs[0] = ret;
+ queue_signal(env, info.si_signo,
+ QEMU_SI_FAULT, &info);
}
+ break;
}
} else {
- goto error;
+ ret = do_syscall(env,
+ n,
+ env->regs[0],
+ env->regs[1],
+ env->regs[2],
+ env->regs[3],
+ env->regs[4],
+ env->regs[5],
+ 0, 0);
+ if (ret == -TARGET_ERESTARTSYS) {
+ env->regs[15] -= env->thumb ? 2 : 4;
+ } else if (ret != -TARGET_QEMU_ESIGRETURN) {
+ env->regs[0] = ret;
+ }
}
}
break;
--
2.20.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PULL 11/29] target/arm: Remove unused GEN_NEON_INTEGER_OP macro
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
` (9 preceding siblings ...)
2020-05-21 19:15 ` [PULL 10/29] linux-user/arm: Fix identification of syscall numbers Peter Maydell
@ 2020-05-21 19:15 ` Peter Maydell
2020-05-21 19:15 ` [PULL 12/29] hw: Move i.MX watchdog driver to hw/watchdog Peter Maydell
` (17 subsequent siblings)
28 siblings, 0 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:15 UTC (permalink / raw)
To: qemu-devel
The GEN_NEON_INTEGER_OP macro is no longer used; remove it.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
---
target/arm/translate.c | 23 -----------------------
1 file changed, 23 deletions(-)
diff --git a/target/arm/translate.c b/target/arm/translate.c
index 4c9bb8b5ac0..c8296116d4b 100644
--- a/target/arm/translate.c
+++ b/target/arm/translate.c
@@ -3034,29 +3034,6 @@ static inline void gen_neon_rsb(int size, TCGv_i32 t0, TCGv_i32 t1)
default: return 1; \
}} while (0)
-#define GEN_NEON_INTEGER_OP(name) do { \
- switch ((size << 1) | u) { \
- case 0: \
- gen_helper_neon_##name##_s8(tmp, tmp, tmp2); \
- break; \
- case 1: \
- gen_helper_neon_##name##_u8(tmp, tmp, tmp2); \
- break; \
- case 2: \
- gen_helper_neon_##name##_s16(tmp, tmp, tmp2); \
- break; \
- case 3: \
- gen_helper_neon_##name##_u16(tmp, tmp, tmp2); \
- break; \
- case 4: \
- gen_helper_neon_##name##_s32(tmp, tmp, tmp2); \
- break; \
- case 5: \
- gen_helper_neon_##name##_u32(tmp, tmp, tmp2); \
- break; \
- default: return 1; \
- }} while (0)
-
static TCGv_i32 neon_load_scratch(int scratch)
{
TCGv_i32 tmp = tcg_temp_new_i32();
--
2.20.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PULL 12/29] hw: Move i.MX watchdog driver to hw/watchdog
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
` (10 preceding siblings ...)
2020-05-21 19:15 ` [PULL 11/29] target/arm: Remove unused GEN_NEON_INTEGER_OP macro Peter Maydell
@ 2020-05-21 19:15 ` Peter Maydell
2020-05-21 19:15 ` [PULL 13/29] hw/watchdog: Implement full i.MX watchdog support Peter Maydell
` (16 subsequent siblings)
28 siblings, 0 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:15 UTC (permalink / raw)
To: qemu-devel
From: Guenter Roeck <linux@roeck-us.net>
In preparation for a full implementation, move i.MX watchdog driver
from hw/misc to hw/watchdog. While at it, add the watchdog files
to MAINTAINERS.
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Message-id: 20200517162135.110364-2-linux@roeck-us.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
include/hw/arm/fsl-imx6.h | 2 +-
include/hw/arm/fsl-imx6ul.h | 2 +-
include/hw/arm/fsl-imx7.h | 2 +-
include/hw/{misc/imx2_wdt.h => watchdog/wdt_imx2.h} | 0
hw/{misc/imx2_wdt.c => watchdog/wdt_imx2.c} | 2 +-
MAINTAINERS | 2 ++
hw/arm/Kconfig | 3 +++
hw/misc/Makefile.objs | 1 -
hw/watchdog/Kconfig | 3 +++
hw/watchdog/Makefile.objs | 1 +
10 files changed, 13 insertions(+), 5 deletions(-)
rename include/hw/{misc/imx2_wdt.h => watchdog/wdt_imx2.h} (100%)
rename hw/{misc/imx2_wdt.c => watchdog/wdt_imx2.c} (98%)
diff --git a/include/hw/arm/fsl-imx6.h b/include/hw/arm/fsl-imx6.h
index 973bcb72f7f..1ebd7513246 100644
--- a/include/hw/arm/fsl-imx6.h
+++ b/include/hw/arm/fsl-imx6.h
@@ -21,7 +21,7 @@
#include "hw/cpu/a9mpcore.h"
#include "hw/misc/imx6_ccm.h"
#include "hw/misc/imx6_src.h"
-#include "hw/misc/imx2_wdt.h"
+#include "hw/watchdog/wdt_imx2.h"
#include "hw/char/imx_serial.h"
#include "hw/timer/imx_gpt.h"
#include "hw/timer/imx_epit.h"
diff --git a/include/hw/arm/fsl-imx6ul.h b/include/hw/arm/fsl-imx6ul.h
index 1a0bab8daaf..37c89cc5f92 100644
--- a/include/hw/arm/fsl-imx6ul.h
+++ b/include/hw/arm/fsl-imx6ul.h
@@ -24,7 +24,7 @@
#include "hw/misc/imx7_snvs.h"
#include "hw/misc/imx7_gpr.h"
#include "hw/intc/imx_gpcv2.h"
-#include "hw/misc/imx2_wdt.h"
+#include "hw/watchdog/wdt_imx2.h"
#include "hw/gpio/imx_gpio.h"
#include "hw/char/imx_serial.h"
#include "hw/timer/imx_gpt.h"
diff --git a/include/hw/arm/fsl-imx7.h b/include/hw/arm/fsl-imx7.h
index 706aef2e7e0..3a0041c4c26 100644
--- a/include/hw/arm/fsl-imx7.h
+++ b/include/hw/arm/fsl-imx7.h
@@ -26,7 +26,7 @@
#include "hw/misc/imx7_snvs.h"
#include "hw/misc/imx7_gpr.h"
#include "hw/misc/imx6_src.h"
-#include "hw/misc/imx2_wdt.h"
+#include "hw/watchdog/wdt_imx2.h"
#include "hw/gpio/imx_gpio.h"
#include "hw/char/imx_serial.h"
#include "hw/timer/imx_gpt.h"
diff --git a/include/hw/misc/imx2_wdt.h b/include/hw/watchdog/wdt_imx2.h
similarity index 100%
rename from include/hw/misc/imx2_wdt.h
rename to include/hw/watchdog/wdt_imx2.h
diff --git a/hw/misc/imx2_wdt.c b/hw/watchdog/wdt_imx2.c
similarity index 98%
rename from hw/misc/imx2_wdt.c
rename to hw/watchdog/wdt_imx2.c
index 2aedfe803a4..ad1ef02e9e7 100644
--- a/hw/misc/imx2_wdt.c
+++ b/hw/watchdog/wdt_imx2.c
@@ -14,7 +14,7 @@
#include "qemu/module.h"
#include "sysemu/watchdog.h"
-#include "hw/misc/imx2_wdt.h"
+#include "hw/watchdog/wdt_imx2.h"
#define IMX2_WDT_WCR_WDA BIT(5) /* -> External Reset WDOG_B */
#define IMX2_WDT_WCR_SRS BIT(4) /* -> Software Reset Signal */
diff --git a/MAINTAINERS b/MAINTAINERS
index 023f48d3eaa..3690f313c3b 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -633,8 +633,10 @@ S: Odd Fixes
F: hw/arm/fsl-imx25.c
F: hw/arm/imx25_pdk.c
F: hw/misc/imx25_ccm.c
+F: hw/watchdog/wdt_imx2.c
F: include/hw/arm/fsl-imx25.h
F: include/hw/misc/imx25_ccm.h
+F: include/hw/watchdog/wdt_imx2.h
i.MX31 (kzm)
M: Peter Chubb <peter.chubb@nicta.com.au>
diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
index 53641725371..3d05dc8538c 100644
--- a/hw/arm/Kconfig
+++ b/hw/arm/Kconfig
@@ -375,6 +375,7 @@ config FSL_IMX6
select IMX_FEC
select IMX_I2C
select IMX_USBPHY
+ select WDT_IMX2
select SDHCI
config ASPEED_SOC
@@ -412,6 +413,7 @@ config FSL_IMX7
select IMX
select IMX_FEC
select IMX_I2C
+ select WDT_IMX2
select PCI_EXPRESS_DESIGNWARE
select SDHCI
select UNIMP
@@ -425,6 +427,7 @@ config FSL_IMX6UL
select IMX
select IMX_FEC
select IMX_I2C
+ select WDT_IMX2
select SDHCI
select UNIMP
diff --git a/hw/misc/Makefile.objs b/hw/misc/Makefile.objs
index 68aae2eabbc..b25181b7113 100644
--- a/hw/misc/Makefile.objs
+++ b/hw/misc/Makefile.objs
@@ -44,7 +44,6 @@ common-obj-$(CONFIG_IMX) += imx6_ccm.o
common-obj-$(CONFIG_IMX) += imx6ul_ccm.o
obj-$(CONFIG_IMX) += imx6_src.o
common-obj-$(CONFIG_IMX) += imx7_ccm.o
-common-obj-$(CONFIG_IMX) += imx2_wdt.o
common-obj-$(CONFIG_IMX) += imx7_snvs.o
common-obj-$(CONFIG_IMX) += imx7_gpr.o
common-obj-$(CONFIG_IMX) += imx_rngc.o
diff --git a/hw/watchdog/Kconfig b/hw/watchdog/Kconfig
index 2118d897c93..293209b291d 100644
--- a/hw/watchdog/Kconfig
+++ b/hw/watchdog/Kconfig
@@ -14,3 +14,6 @@ config WDT_IB700
config WDT_DIAG288
bool
+
+config WDT_IMX2
+ bool
diff --git a/hw/watchdog/Makefile.objs b/hw/watchdog/Makefile.objs
index 3f536d1cad8..631b711d868 100644
--- a/hw/watchdog/Makefile.objs
+++ b/hw/watchdog/Makefile.objs
@@ -4,3 +4,4 @@ common-obj-$(CONFIG_WDT_IB6300ESB) += wdt_i6300esb.o
common-obj-$(CONFIG_WDT_IB700) += wdt_ib700.o
common-obj-$(CONFIG_WDT_DIAG288) += wdt_diag288.o
common-obj-$(CONFIG_ASPEED_SOC) += wdt_aspeed.o
+common-obj-$(CONFIG_WDT_IMX2) += wdt_imx2.o
--
2.20.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PULL 13/29] hw/watchdog: Implement full i.MX watchdog support
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
` (11 preceding siblings ...)
2020-05-21 19:15 ` [PULL 12/29] hw: Move i.MX watchdog driver to hw/watchdog Peter Maydell
@ 2020-05-21 19:15 ` Peter Maydell
2020-05-21 19:15 ` [PULL 14/29] hw/arm/fsl-imx25: Wire up watchdog Peter Maydell
` (15 subsequent siblings)
28 siblings, 0 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:15 UTC (permalink / raw)
To: qemu-devel
From: Guenter Roeck <linux@roeck-us.net>
Implement full support for the watchdog in i.MX systems.
Pretimeout support is optional because the watchdog hardware
on i.MX31 does not support pretimeouts.
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Message-id: 20200517162135.110364-3-linux@roeck-us.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
---
include/hw/watchdog/wdt_imx2.h | 61 ++++++++-
hw/watchdog/wdt_imx2.c | 239 +++++++++++++++++++++++++++++++--
2 files changed, 285 insertions(+), 15 deletions(-)
diff --git a/include/hw/watchdog/wdt_imx2.h b/include/hw/watchdog/wdt_imx2.h
index b91b002528f..f9af6be4b69 100644
--- a/include/hw/watchdog/wdt_imx2.h
+++ b/include/hw/watchdog/wdt_imx2.h
@@ -12,22 +12,79 @@
#ifndef IMX2_WDT_H
#define IMX2_WDT_H
+#include "qemu/bitops.h"
#include "hw/sysbus.h"
+#include "hw/irq.h"
+#include "hw/ptimer.h"
#define TYPE_IMX2_WDT "imx2.wdt"
#define IMX2_WDT(obj) OBJECT_CHECK(IMX2WdtState, (obj), TYPE_IMX2_WDT)
enum IMX2WdtRegisters {
- IMX2_WDT_WCR = 0x0000,
- IMX2_WDT_REG_NUM = 0x0008 / sizeof(uint16_t) + 1,
+ IMX2_WDT_WCR = 0x0000, /* Control Register */
+ IMX2_WDT_WSR = 0x0002, /* Service Register */
+ IMX2_WDT_WRSR = 0x0004, /* Reset Status Register */
+ IMX2_WDT_WICR = 0x0006, /* Interrupt Control Register */
+ IMX2_WDT_WMCR = 0x0008, /* Misc Register */
};
+#define IMX2_WDT_MMIO_SIZE 0x000a
+
+/* Control Register definitions */
+#define IMX2_WDT_WCR_WT (0xFF << 8) /* Watchdog Timeout Field */
+#define IMX2_WDT_WCR_WDW BIT(7) /* WDOG Disable for Wait */
+#define IMX2_WDT_WCR_WDA BIT(5) /* WDOG Assertion */
+#define IMX2_WDT_WCR_SRS BIT(4) /* Software Reset Signal */
+#define IMX2_WDT_WCR_WDT BIT(3) /* WDOG Timeout Assertion */
+#define IMX2_WDT_WCR_WDE BIT(2) /* Watchdog Enable */
+#define IMX2_WDT_WCR_WDBG BIT(1) /* Watchdog Debug Enable */
+#define IMX2_WDT_WCR_WDZST BIT(0) /* Watchdog Timer Suspend */
+
+#define IMX2_WDT_WCR_LOCK_MASK (IMX2_WDT_WCR_WDZST | IMX2_WDT_WCR_WDBG \
+ | IMX2_WDT_WCR_WDW)
+
+/* Service Register definitions */
+#define IMX2_WDT_SEQ1 0x5555 /* service sequence 1 */
+#define IMX2_WDT_SEQ2 0xAAAA /* service sequence 2 */
+
+/* Reset Status Register definitions */
+#define IMX2_WDT_WRSR_TOUT BIT(1) /* Reset due to Timeout */
+#define IMX2_WDT_WRSR_SFTW BIT(0) /* Reset due to software reset */
+
+/* Interrupt Control Register definitions */
+#define IMX2_WDT_WICR_WIE BIT(15) /* Interrupt Enable */
+#define IMX2_WDT_WICR_WTIS BIT(14) /* Interrupt Status */
+#define IMX2_WDT_WICR_WICT 0xff /* Interrupt Timeout */
+#define IMX2_WDT_WICR_WICT_DEF 0x04 /* Default interrupt timeout (2s) */
+
+#define IMX2_WDT_WICR_LOCK_MASK (IMX2_WDT_WICR_WIE | IMX2_WDT_WICR_WICT)
+
+/* Misc Control Register definitions */
+#define IMX2_WDT_WMCR_PDE BIT(0) /* Power-Down Enable */
typedef struct IMX2WdtState {
/* <private> */
SysBusDevice parent_obj;
+ /*< public >*/
MemoryRegion mmio;
+ qemu_irq irq;
+
+ struct ptimer_state *timer;
+ struct ptimer_state *itimer;
+
+ bool pretimeout_support;
+ bool wicr_locked;
+
+ uint16_t wcr;
+ uint16_t wsr;
+ uint16_t wrsr;
+ uint16_t wicr;
+ uint16_t wmcr;
+
+ bool wcr_locked; /* affects WDZST, WDBG, and WDW */
+ bool wcr_wde_locked; /* affects WDE */
+ bool wcr_wdt_locked; /* affects WDT (never cleared) */
} IMX2WdtState;
#endif /* IMX2_WDT_H */
diff --git a/hw/watchdog/wdt_imx2.c b/hw/watchdog/wdt_imx2.c
index ad1ef02e9e7..855b51768a8 100644
--- a/hw/watchdog/wdt_imx2.c
+++ b/hw/watchdog/wdt_imx2.c
@@ -13,24 +13,189 @@
#include "qemu/bitops.h"
#include "qemu/module.h"
#include "sysemu/watchdog.h"
+#include "migration/vmstate.h"
+#include "hw/qdev-properties.h"
#include "hw/watchdog/wdt_imx2.h"
-#define IMX2_WDT_WCR_WDA BIT(5) /* -> External Reset WDOG_B */
-#define IMX2_WDT_WCR_SRS BIT(4) /* -> Software Reset Signal */
-
-static uint64_t imx2_wdt_read(void *opaque, hwaddr addr,
- unsigned int size)
+static void imx2_wdt_interrupt(void *opaque)
{
+ IMX2WdtState *s = IMX2_WDT(opaque);
+
+ s->wicr |= IMX2_WDT_WICR_WTIS;
+ qemu_set_irq(s->irq, 1);
+}
+
+static void imx2_wdt_expired(void *opaque)
+{
+ IMX2WdtState *s = IMX2_WDT(opaque);
+
+ s->wrsr = IMX2_WDT_WRSR_TOUT;
+
+ /* Perform watchdog action if watchdog is enabled */
+ if (s->wcr & IMX2_WDT_WCR_WDE) {
+ s->wrsr = IMX2_WDT_WRSR_TOUT;
+ watchdog_perform_action();
+ }
+}
+
+static void imx2_wdt_reset(DeviceState *dev)
+{
+ IMX2WdtState *s = IMX2_WDT(dev);
+
+ ptimer_transaction_begin(s->timer);
+ ptimer_stop(s->timer);
+ ptimer_transaction_commit(s->timer);
+
+ if (s->pretimeout_support) {
+ ptimer_transaction_begin(s->itimer);
+ ptimer_stop(s->itimer);
+ ptimer_transaction_commit(s->itimer);
+ }
+
+ s->wicr_locked = false;
+ s->wcr_locked = false;
+ s->wcr_wde_locked = false;
+
+ s->wcr = IMX2_WDT_WCR_WDA | IMX2_WDT_WCR_SRS;
+ s->wsr = 0;
+ s->wrsr &= ~(IMX2_WDT_WRSR_TOUT | IMX2_WDT_WRSR_SFTW);
+ s->wicr = IMX2_WDT_WICR_WICT_DEF;
+ s->wmcr = IMX2_WDT_WMCR_PDE;
+}
+
+static uint64_t imx2_wdt_read(void *opaque, hwaddr addr, unsigned int size)
+{
+ IMX2WdtState *s = IMX2_WDT(opaque);
+
+ switch (addr) {
+ case IMX2_WDT_WCR:
+ return s->wcr;
+ case IMX2_WDT_WSR:
+ return s->wsr;
+ case IMX2_WDT_WRSR:
+ return s->wrsr;
+ case IMX2_WDT_WICR:
+ return s->wicr;
+ case IMX2_WDT_WMCR:
+ return s->wmcr;
+ }
return 0;
}
+static void imx_wdt2_update_itimer(IMX2WdtState *s, bool start)
+{
+ bool running = (s->wcr & IMX2_WDT_WCR_WDE) && (s->wcr & IMX2_WDT_WCR_WT);
+ bool enabled = s->wicr & IMX2_WDT_WICR_WIE;
+
+ ptimer_transaction_begin(s->itimer);
+ if (start || !enabled) {
+ ptimer_stop(s->itimer);
+ }
+ if (running && enabled) {
+ int count = ptimer_get_count(s->timer);
+ int pretimeout = s->wicr & IMX2_WDT_WICR_WICT;
+
+ /*
+ * Only (re-)start pretimeout timer if its counter value is larger
+ * than 0. Otherwise it will fire right away and we'll get an
+ * interrupt loop.
+ */
+ if (count > pretimeout) {
+ ptimer_set_count(s->itimer, count - pretimeout);
+ if (start) {
+ ptimer_run(s->itimer, 1);
+ }
+ }
+ }
+ ptimer_transaction_commit(s->itimer);
+}
+
+static void imx_wdt2_update_timer(IMX2WdtState *s, bool start)
+{
+ ptimer_transaction_begin(s->timer);
+ if (start) {
+ ptimer_stop(s->timer);
+ }
+ if ((s->wcr & IMX2_WDT_WCR_WDE) && (s->wcr & IMX2_WDT_WCR_WT)) {
+ int count = (s->wcr & IMX2_WDT_WCR_WT) >> 8;
+
+ /* A value of 0 reflects one period (0.5s). */
+ ptimer_set_count(s->timer, count + 1);
+ if (start) {
+ ptimer_run(s->timer, 1);
+ }
+ }
+ ptimer_transaction_commit(s->timer);
+ if (s->pretimeout_support) {
+ imx_wdt2_update_itimer(s, start);
+ }
+}
+
static void imx2_wdt_write(void *opaque, hwaddr addr,
uint64_t value, unsigned int size)
{
- if (addr == IMX2_WDT_WCR &&
- (~value & (IMX2_WDT_WCR_WDA | IMX2_WDT_WCR_SRS))) {
- watchdog_perform_action();
+ IMX2WdtState *s = IMX2_WDT(opaque);
+
+ switch (addr) {
+ case IMX2_WDT_WCR:
+ if (s->wcr_locked) {
+ value &= ~IMX2_WDT_WCR_LOCK_MASK;
+ value |= (s->wicr & IMX2_WDT_WCR_LOCK_MASK);
+ }
+ s->wcr_locked = true;
+ if (s->wcr_wde_locked) {
+ value &= ~IMX2_WDT_WCR_WDE;
+ value |= (s->wicr & ~IMX2_WDT_WCR_WDE);
+ } else if (value & IMX2_WDT_WCR_WDE) {
+ s->wcr_wde_locked = true;
+ }
+ if (s->wcr_wdt_locked) {
+ value &= ~IMX2_WDT_WCR_WDT;
+ value |= (s->wicr & ~IMX2_WDT_WCR_WDT);
+ } else if (value & IMX2_WDT_WCR_WDT) {
+ s->wcr_wdt_locked = true;
+ }
+
+ s->wcr = value;
+ if (!(value & IMX2_WDT_WCR_SRS)) {
+ s->wrsr = IMX2_WDT_WRSR_SFTW;
+ }
+ if (!(value & (IMX2_WDT_WCR_WDA | IMX2_WDT_WCR_SRS)) ||
+ (!(value & IMX2_WDT_WCR_WT) && (value & IMX2_WDT_WCR_WDE))) {
+ watchdog_perform_action();
+ }
+ s->wcr |= IMX2_WDT_WCR_SRS;
+ imx_wdt2_update_timer(s, true);
+ break;
+ case IMX2_WDT_WSR:
+ if (s->wsr == IMX2_WDT_SEQ1 && value == IMX2_WDT_SEQ2) {
+ imx_wdt2_update_timer(s, false);
+ }
+ s->wsr = value;
+ break;
+ case IMX2_WDT_WRSR:
+ break;
+ case IMX2_WDT_WICR:
+ if (!s->pretimeout_support) {
+ return;
+ }
+ value &= IMX2_WDT_WICR_LOCK_MASK | IMX2_WDT_WICR_WTIS;
+ if (s->wicr_locked) {
+ value &= IMX2_WDT_WICR_WTIS;
+ value |= (s->wicr & IMX2_WDT_WICR_LOCK_MASK);
+ }
+ s->wicr = value | (s->wicr & IMX2_WDT_WICR_WTIS);
+ if (value & IMX2_WDT_WICR_WTIS) {
+ s->wicr &= ~IMX2_WDT_WICR_WTIS;
+ qemu_set_irq(s->irq, 0);
+ }
+ imx_wdt2_update_itimer(s, true);
+ s->wicr_locked = true;
+ break;
+ case IMX2_WDT_WMCR:
+ s->wmcr = value & IMX2_WDT_WMCR_PDE;
+ break;
}
}
@@ -45,28 +210,76 @@ static const MemoryRegionOps imx2_wdt_ops = {
* real device but in practice there is no reason for a guest
* to access this device unaligned.
*/
- .min_access_size = 4,
- .max_access_size = 4,
+ .min_access_size = 2,
+ .max_access_size = 2,
.unaligned = false,
},
};
+static const VMStateDescription vmstate_imx2_wdt = {
+ .name = "imx2.wdt",
+ .fields = (VMStateField[]) {
+ VMSTATE_PTIMER(timer, IMX2WdtState),
+ VMSTATE_PTIMER(itimer, IMX2WdtState),
+ VMSTATE_BOOL(wicr_locked, IMX2WdtState),
+ VMSTATE_BOOL(wcr_locked, IMX2WdtState),
+ VMSTATE_BOOL(wcr_wde_locked, IMX2WdtState),
+ VMSTATE_BOOL(wcr_wdt_locked, IMX2WdtState),
+ VMSTATE_UINT16(wcr, IMX2WdtState),
+ VMSTATE_UINT16(wsr, IMX2WdtState),
+ VMSTATE_UINT16(wrsr, IMX2WdtState),
+ VMSTATE_UINT16(wmcr, IMX2WdtState),
+ VMSTATE_UINT16(wicr, IMX2WdtState),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
static void imx2_wdt_realize(DeviceState *dev, Error **errp)
{
IMX2WdtState *s = IMX2_WDT(dev);
+ SysBusDevice *sbd = SYS_BUS_DEVICE(dev);
memory_region_init_io(&s->mmio, OBJECT(dev),
&imx2_wdt_ops, s,
- TYPE_IMX2_WDT".mmio",
- IMX2_WDT_REG_NUM * sizeof(uint16_t));
- sysbus_init_mmio(SYS_BUS_DEVICE(dev), &s->mmio);
+ TYPE_IMX2_WDT,
+ IMX2_WDT_MMIO_SIZE);
+ sysbus_init_mmio(sbd, &s->mmio);
+ sysbus_init_irq(sbd, &s->irq);
+
+ s->timer = ptimer_init(imx2_wdt_expired, s,
+ PTIMER_POLICY_NO_IMMEDIATE_TRIGGER |
+ PTIMER_POLICY_NO_IMMEDIATE_RELOAD |
+ PTIMER_POLICY_NO_COUNTER_ROUND_DOWN);
+ ptimer_transaction_begin(s->timer);
+ ptimer_set_freq(s->timer, 2);
+ ptimer_set_limit(s->timer, 0xff, 1);
+ ptimer_transaction_commit(s->timer);
+ if (s->pretimeout_support) {
+ s->itimer = ptimer_init(imx2_wdt_interrupt, s,
+ PTIMER_POLICY_NO_IMMEDIATE_TRIGGER |
+ PTIMER_POLICY_NO_IMMEDIATE_RELOAD |
+ PTIMER_POLICY_NO_COUNTER_ROUND_DOWN);
+ ptimer_transaction_begin(s->itimer);
+ ptimer_set_freq(s->itimer, 2);
+ ptimer_set_limit(s->itimer, 0xff, 1);
+ ptimer_transaction_commit(s->itimer);
+ }
}
+static Property imx2_wdt_properties[] = {
+ DEFINE_PROP_BOOL("pretimeout-support", IMX2WdtState, pretimeout_support,
+ false),
+};
+
static void imx2_wdt_class_init(ObjectClass *klass, void *data)
{
DeviceClass *dc = DEVICE_CLASS(klass);
+ device_class_set_props(dc, imx2_wdt_properties);
dc->realize = imx2_wdt_realize;
+ dc->reset = imx2_wdt_reset;
+ dc->vmsd = &vmstate_imx2_wdt;
+ dc->desc = "i.MX watchdog timer";
set_bit(DEVICE_CATEGORY_MISC, dc->categories);
}
--
2.20.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PULL 14/29] hw/arm/fsl-imx25: Wire up watchdog
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
` (12 preceding siblings ...)
2020-05-21 19:15 ` [PULL 13/29] hw/watchdog: Implement full i.MX watchdog support Peter Maydell
@ 2020-05-21 19:15 ` Peter Maydell
2020-05-21 19:15 ` [PULL 15/29] hw/arm/fsl-imx31: " Peter Maydell
` (14 subsequent siblings)
28 siblings, 0 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:15 UTC (permalink / raw)
To: qemu-devel
From: Guenter Roeck <linux@roeck-us.net>
With this commit, the watchdog on imx25-pdk is fully operational,
including pretimeout support.
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Message-id: 20200517162135.110364-4-linux@roeck-us.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
include/hw/arm/fsl-imx25.h | 5 +++++
hw/arm/fsl-imx25.c | 10 ++++++++++
hw/arm/Kconfig | 1 +
3 files changed, 16 insertions(+)
diff --git a/include/hw/arm/fsl-imx25.h b/include/hw/arm/fsl-imx25.h
index 5e196bbf059..9e228daceae 100644
--- a/include/hw/arm/fsl-imx25.h
+++ b/include/hw/arm/fsl-imx25.h
@@ -29,6 +29,7 @@
#include "hw/gpio/imx_gpio.h"
#include "hw/sd/sdhci.h"
#include "hw/usb/chipidea.h"
+#include "hw/watchdog/wdt_imx2.h"
#include "exec/memory.h"
#include "target/arm/cpu.h"
@@ -60,6 +61,7 @@ typedef struct FslIMX25State {
IMXGPIOState gpio[FSL_IMX25_NUM_GPIOS];
SDHCIState esdhc[FSL_IMX25_NUM_ESDHCS];
ChipideaState usb[FSL_IMX25_NUM_USBS];
+ IMX2WdtState wdt;
MemoryRegion rom[2];
MemoryRegion iram;
MemoryRegion iram_alias;
@@ -229,6 +231,8 @@ typedef struct FslIMX25State {
#define FSL_IMX25_GPIO1_SIZE 0x4000
#define FSL_IMX25_GPIO2_ADDR 0x53FD0000
#define FSL_IMX25_GPIO2_SIZE 0x4000
+#define FSL_IMX25_WDT_ADDR 0x53FDC000
+#define FSL_IMX25_WDT_SIZE 0x4000
#define FSL_IMX25_USB1_ADDR 0x53FF4000
#define FSL_IMX25_USB1_SIZE 0x0200
#define FSL_IMX25_USB2_ADDR 0x53FF4400
@@ -268,5 +272,6 @@ typedef struct FslIMX25State {
#define FSL_IMX25_ESDHC2_IRQ 8
#define FSL_IMX25_USB1_IRQ 37
#define FSL_IMX25_USB2_IRQ 35
+#define FSL_IMX25_WDT_IRQ 55
#endif /* FSL_IMX25_H */
diff --git a/hw/arm/fsl-imx25.c b/hw/arm/fsl-imx25.c
index 6f1a82ce3db..cdaa79c26bd 100644
--- a/hw/arm/fsl-imx25.c
+++ b/hw/arm/fsl-imx25.c
@@ -87,6 +87,7 @@ static void fsl_imx25_init(Object *obj)
TYPE_CHIPIDEA);
}
+ sysbus_init_child_obj(obj, "wdt", &s->wdt, sizeof(s->wdt), TYPE_IMX2_WDT);
}
static void fsl_imx25_realize(DeviceState *dev, Error **errp)
@@ -302,6 +303,15 @@ static void fsl_imx25_realize(DeviceState *dev, Error **errp)
usb_table[i].irq));
}
+ /* Watchdog */
+ object_property_set_bool(OBJECT(&s->wdt), true, "pretimeout-support",
+ &error_abort);
+ object_property_set_bool(OBJECT(&s->wdt), true, "realized", &error_abort);
+ sysbus_mmio_map(SYS_BUS_DEVICE(&s->wdt), 0, FSL_IMX25_WDT_ADDR);
+ sysbus_connect_irq(SYS_BUS_DEVICE(&s->wdt), 0,
+ qdev_get_gpio_in(DEVICE(&s->avic),
+ FSL_IMX25_WDT_IRQ));
+
/* initialize 2 x 16 KB ROM */
memory_region_init_rom(&s->rom[0], OBJECT(dev), "imx25.rom0",
FSL_IMX25_ROM0_SIZE, &err);
diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
index 3d05dc8538c..8a5eb140f59 100644
--- a/hw/arm/Kconfig
+++ b/hw/arm/Kconfig
@@ -359,6 +359,7 @@ config FSL_IMX25
select IMX
select IMX_FEC
select IMX_I2C
+ select WDT_IMX2
select DS1338
config FSL_IMX31
--
2.20.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PULL 15/29] hw/arm/fsl-imx31: Wire up watchdog
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
` (13 preceding siblings ...)
2020-05-21 19:15 ` [PULL 14/29] hw/arm/fsl-imx25: Wire up watchdog Peter Maydell
@ 2020-05-21 19:15 ` Peter Maydell
2020-05-21 19:15 ` [PULL 16/29] hw/arm/fsl-imx6: Connect watchdog interrupts Peter Maydell
` (13 subsequent siblings)
28 siblings, 0 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:15 UTC (permalink / raw)
To: qemu-devel
From: Guenter Roeck <linux@roeck-us.net>
With this patch, the watchdog on i.MX31 emulations is fully operational.
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Message-id: 20200517162135.110364-5-linux@roeck-us.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
include/hw/arm/fsl-imx31.h | 4 ++++
hw/arm/fsl-imx31.c | 6 ++++++
hw/arm/Kconfig | 1 +
3 files changed, 11 insertions(+)
diff --git a/include/hw/arm/fsl-imx31.h b/include/hw/arm/fsl-imx31.h
index ac5ca9826a4..dd8561b3098 100644
--- a/include/hw/arm/fsl-imx31.h
+++ b/include/hw/arm/fsl-imx31.h
@@ -25,6 +25,7 @@
#include "hw/timer/imx_epit.h"
#include "hw/i2c/imx_i2c.h"
#include "hw/gpio/imx_gpio.h"
+#include "hw/watchdog/wdt_imx2.h"
#include "exec/memory.h"
#include "target/arm/cpu.h"
@@ -49,6 +50,7 @@ typedef struct FslIMX31State {
IMXEPITState epit[FSL_IMX31_NUM_EPITS];
IMXI2CState i2c[FSL_IMX31_NUM_I2CS];
IMXGPIOState gpio[FSL_IMX31_NUM_GPIOS];
+ IMX2WdtState wdt;
MemoryRegion secure_rom;
MemoryRegion rom;
MemoryRegion iram;
@@ -87,6 +89,8 @@ typedef struct FslIMX31State {
#define FSL_IMX31_GPIO1_SIZE 0x4000
#define FSL_IMX31_GPIO2_ADDR 0x53FD0000
#define FSL_IMX31_GPIO2_SIZE 0x4000
+#define FSL_IMX31_WDT_ADDR 0x53FDC000
+#define FSL_IMX31_WDT_SIZE 0x4000
#define FSL_IMX31_AVIC_ADDR 0x68000000
#define FSL_IMX31_AVIC_SIZE 0x100
#define FSL_IMX31_SDRAM0_ADDR 0x80000000
diff --git a/hw/arm/fsl-imx31.c b/hw/arm/fsl-imx31.c
index 8472d2e9111..1e7959863dd 100644
--- a/hw/arm/fsl-imx31.c
+++ b/hw/arm/fsl-imx31.c
@@ -63,6 +63,8 @@ static void fsl_imx31_init(Object *obj)
sysbus_init_child_obj(obj, "gpio[*]", &s->gpio[i], sizeof(s->gpio[i]),
TYPE_IMX_GPIO);
}
+
+ sysbus_init_child_obj(obj, "wdt", &s->wdt, sizeof(s->wdt), TYPE_IMX2_WDT);
}
static void fsl_imx31_realize(DeviceState *dev, Error **errp)
@@ -205,6 +207,10 @@ static void fsl_imx31_realize(DeviceState *dev, Error **errp)
gpio_table[i].irq));
}
+ /* Watchdog */
+ object_property_set_bool(OBJECT(&s->wdt), true, "realized", &error_abort);
+ sysbus_mmio_map(SYS_BUS_DEVICE(&s->wdt), 0, FSL_IMX31_WDT_ADDR);
+
/* On a real system, the first 16k is a `secure boot rom' */
memory_region_init_rom(&s->secure_rom, OBJECT(dev), "imx31.secure_rom",
FSL_IMX31_SECURE_ROM_SIZE, &err);
diff --git a/hw/arm/Kconfig b/hw/arm/Kconfig
index 8a5eb140f59..9afa6eee799 100644
--- a/hw/arm/Kconfig
+++ b/hw/arm/Kconfig
@@ -367,6 +367,7 @@ config FSL_IMX31
select SERIAL
select IMX
select IMX_I2C
+ select WDT_IMX2
select LAN9118
config FSL_IMX6
--
2.20.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PULL 16/29] hw/arm/fsl-imx6: Connect watchdog interrupts
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
` (14 preceding siblings ...)
2020-05-21 19:15 ` [PULL 15/29] hw/arm/fsl-imx31: " Peter Maydell
@ 2020-05-21 19:15 ` Peter Maydell
2020-05-21 19:15 ` [PULL 17/29] hw/arm/fsl-imx6ul: " Peter Maydell
` (12 subsequent siblings)
28 siblings, 0 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:15 UTC (permalink / raw)
To: qemu-devel
From: Guenter Roeck <linux@roeck-us.net>
With this patch applied, the watchdog in the sabrelite emulation
is fully operational, including pretimeout support.
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Message-id: 20200517162135.110364-6-linux@roeck-us.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
hw/arm/fsl-imx6.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/hw/arm/fsl-imx6.c b/hw/arm/fsl-imx6.c
index 13f1bf23a6c..f58c85aa8ce 100644
--- a/hw/arm/fsl-imx6.c
+++ b/hw/arm/fsl-imx6.c
@@ -433,11 +433,20 @@ static void fsl_imx6_realize(DeviceState *dev, Error **errp)
FSL_IMX6_WDOG1_ADDR,
FSL_IMX6_WDOG2_ADDR,
};
+ static const int FSL_IMX6_WDOGn_IRQ[FSL_IMX6_NUM_WDTS] = {
+ FSL_IMX6_WDOG1_IRQ,
+ FSL_IMX6_WDOG2_IRQ,
+ };
+ object_property_set_bool(OBJECT(&s->wdt[i]), true, "pretimeout-support",
+ &error_abort);
object_property_set_bool(OBJECT(&s->wdt[i]), true, "realized",
&error_abort);
sysbus_mmio_map(SYS_BUS_DEVICE(&s->wdt[i]), 0, FSL_IMX6_WDOGn_ADDR[i]);
+ sysbus_connect_irq(SYS_BUS_DEVICE(&s->wdt[i]), 0,
+ qdev_get_gpio_in(DEVICE(&s->a9mpcore),
+ FSL_IMX6_WDOGn_IRQ[i]));
}
/* ROM memory */
--
2.20.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PULL 17/29] hw/arm/fsl-imx6ul: Connect watchdog interrupts
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
` (15 preceding siblings ...)
2020-05-21 19:15 ` [PULL 16/29] hw/arm/fsl-imx6: Connect watchdog interrupts Peter Maydell
@ 2020-05-21 19:15 ` Peter Maydell
2020-05-21 19:15 ` [PULL 18/29] hw/arm/fsl-imx7: Instantiate various unimplemented devices Peter Maydell
` (11 subsequent siblings)
28 siblings, 0 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:15 UTC (permalink / raw)
To: qemu-devel
From: Guenter Roeck <linux@roeck-us.net>
With this commit, the watchdog on mcimx6ul-evk is fully operational,
including pretimeout support.
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Message-id: 20200517162135.110364-7-linux@roeck-us.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
hw/arm/fsl-imx6ul.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/hw/arm/fsl-imx6ul.c b/hw/arm/fsl-imx6ul.c
index 56dfd7cecc9..3ecb212da6f 100644
--- a/hw/arm/fsl-imx6ul.c
+++ b/hw/arm/fsl-imx6ul.c
@@ -531,12 +531,22 @@ static void fsl_imx6ul_realize(DeviceState *dev, Error **errp)
FSL_IMX6UL_WDOG2_ADDR,
FSL_IMX6UL_WDOG3_ADDR,
};
+ static const int FSL_IMX6UL_WDOGn_IRQ[FSL_IMX6UL_NUM_WDTS] = {
+ FSL_IMX6UL_WDOG1_IRQ,
+ FSL_IMX6UL_WDOG2_IRQ,
+ FSL_IMX6UL_WDOG3_IRQ,
+ };
+ object_property_set_bool(OBJECT(&s->wdt[i]), true, "pretimeout-support",
+ &error_abort);
object_property_set_bool(OBJECT(&s->wdt[i]), true, "realized",
&error_abort);
sysbus_mmio_map(SYS_BUS_DEVICE(&s->wdt[i]), 0,
FSL_IMX6UL_WDOGn_ADDR[i]);
+ sysbus_connect_irq(SYS_BUS_DEVICE(&s->wdt[i]), 0,
+ qdev_get_gpio_in(DEVICE(&s->a7mpcore),
+ FSL_IMX6UL_WDOGn_IRQ[i]));
}
/*
--
2.20.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PULL 18/29] hw/arm/fsl-imx7: Instantiate various unimplemented devices
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
` (16 preceding siblings ...)
2020-05-21 19:15 ` [PULL 17/29] hw/arm/fsl-imx6ul: " Peter Maydell
@ 2020-05-21 19:15 ` Peter Maydell
2020-05-21 19:16 ` [PULL 19/29] hw/arm/fsl-imx7: Connect watchdog interrupts Peter Maydell
` (10 subsequent siblings)
28 siblings, 0 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:15 UTC (permalink / raw)
To: qemu-devel
From: Guenter Roeck <linux@roeck-us.net>
Instantiating PWM, CAN, CAAM, and OCOTP devices is necessary to avoid
crashes when booting mainline Linux.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Message-id: 20200517162135.110364-8-linux@roeck-us.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
include/hw/arm/fsl-imx7.h | 16 ++++++++++++++++
hw/arm/fsl-imx7.c | 24 ++++++++++++++++++++++++
2 files changed, 40 insertions(+)
diff --git a/include/hw/arm/fsl-imx7.h b/include/hw/arm/fsl-imx7.h
index 3a0041c4c26..47826da2b7e 100644
--- a/include/hw/arm/fsl-imx7.h
+++ b/include/hw/arm/fsl-imx7.h
@@ -113,6 +113,9 @@ enum FslIMX7MemoryMap {
FSL_IMX7_IOMUXC_GPR_ADDR = 0x30340000,
FSL_IMX7_IOMUXCn_SIZE = 0x1000,
+ FSL_IMX7_OCOTP_ADDR = 0x30350000,
+ FSL_IMX7_OCOTP_SIZE = 0x10000,
+
FSL_IMX7_ANALOG_ADDR = 0x30360000,
FSL_IMX7_SNVS_ADDR = 0x30370000,
FSL_IMX7_CCM_ADDR = 0x30380000,
@@ -124,11 +127,24 @@ enum FslIMX7MemoryMap {
FSL_IMX7_ADC2_ADDR = 0x30620000,
FSL_IMX7_ADCn_SIZE = 0x1000,
+ FSL_IMX7_PWM1_ADDR = 0x30660000,
+ FSL_IMX7_PWM2_ADDR = 0x30670000,
+ FSL_IMX7_PWM3_ADDR = 0x30680000,
+ FSL_IMX7_PWM4_ADDR = 0x30690000,
+ FSL_IMX7_PWMn_SIZE = 0x10000,
+
FSL_IMX7_PCIE_PHY_ADDR = 0x306D0000,
FSL_IMX7_PCIE_PHY_SIZE = 0x10000,
FSL_IMX7_GPC_ADDR = 0x303A0000,
+ FSL_IMX7_CAAM_ADDR = 0x30900000,
+ FSL_IMX7_CAAM_SIZE = 0x40000,
+
+ FSL_IMX7_CAN1_ADDR = 0x30A00000,
+ FSL_IMX7_CAN2_ADDR = 0x30A10000,
+ FSL_IMX7_CANn_SIZE = 0x10000,
+
FSL_IMX7_I2C1_ADDR = 0x30A20000,
FSL_IMX7_I2C2_ADDR = 0x30A30000,
FSL_IMX7_I2C3_ADDR = 0x30A40000,
diff --git a/hw/arm/fsl-imx7.c b/hw/arm/fsl-imx7.c
index 119b281a500..d6cf7c48ce8 100644
--- a/hw/arm/fsl-imx7.c
+++ b/hw/arm/fsl-imx7.c
@@ -459,6 +459,30 @@ static void fsl_imx7_realize(DeviceState *dev, Error **errp)
*/
create_unimplemented_device("sdma", FSL_IMX7_SDMA_ADDR, FSL_IMX7_SDMA_SIZE);
+ /*
+ * CAAM
+ */
+ create_unimplemented_device("caam", FSL_IMX7_CAAM_ADDR, FSL_IMX7_CAAM_SIZE);
+
+ /*
+ * PWM
+ */
+ create_unimplemented_device("pwm1", FSL_IMX7_PWM1_ADDR, FSL_IMX7_PWMn_SIZE);
+ create_unimplemented_device("pwm2", FSL_IMX7_PWM2_ADDR, FSL_IMX7_PWMn_SIZE);
+ create_unimplemented_device("pwm3", FSL_IMX7_PWM3_ADDR, FSL_IMX7_PWMn_SIZE);
+ create_unimplemented_device("pwm4", FSL_IMX7_PWM4_ADDR, FSL_IMX7_PWMn_SIZE);
+
+ /*
+ * CAN
+ */
+ create_unimplemented_device("can1", FSL_IMX7_CAN1_ADDR, FSL_IMX7_CANn_SIZE);
+ create_unimplemented_device("can2", FSL_IMX7_CAN2_ADDR, FSL_IMX7_CANn_SIZE);
+
+ /*
+ * OCOTP
+ */
+ create_unimplemented_device("ocotp", FSL_IMX7_OCOTP_ADDR,
+ FSL_IMX7_OCOTP_SIZE);
object_property_set_bool(OBJECT(&s->gpr), true, "realized",
&error_abort);
--
2.20.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PULL 19/29] hw/arm/fsl-imx7: Connect watchdog interrupts
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
` (17 preceding siblings ...)
2020-05-21 19:15 ` [PULL 18/29] hw/arm/fsl-imx7: Instantiate various unimplemented devices Peter Maydell
@ 2020-05-21 19:16 ` Peter Maydell
2020-05-21 19:16 ` [PULL 20/29] hw/arm/integratorcp: Replace hw_error() by qemu_log_mask() Peter Maydell
` (9 subsequent siblings)
28 siblings, 0 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:16 UTC (permalink / raw)
To: qemu-devel
From: Guenter Roeck <linux@roeck-us.net>
i.MX7 supports watchdog pretimeout interupts. With this commit,
the watchdog in mcimx7d-sabre is fully operational, including
pretimeout support.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Message-id: 20200517162135.110364-9-linux@roeck-us.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
include/hw/arm/fsl-imx7.h | 5 +++++
hw/arm/fsl-imx7.c | 11 +++++++++++
2 files changed, 16 insertions(+)
diff --git a/include/hw/arm/fsl-imx7.h b/include/hw/arm/fsl-imx7.h
index 47826da2b7e..da977f9ffb4 100644
--- a/include/hw/arm/fsl-imx7.h
+++ b/include/hw/arm/fsl-imx7.h
@@ -228,6 +228,11 @@ enum FslIMX7IRQs {
FSL_IMX7_USB2_IRQ = 42,
FSL_IMX7_USB3_IRQ = 40,
+ FSL_IMX7_WDOG1_IRQ = 78,
+ FSL_IMX7_WDOG2_IRQ = 79,
+ FSL_IMX7_WDOG3_IRQ = 10,
+ FSL_IMX7_WDOG4_IRQ = 109,
+
FSL_IMX7_PCI_INTA_IRQ = 125,
FSL_IMX7_PCI_INTB_IRQ = 124,
FSL_IMX7_PCI_INTC_IRQ = 123,
diff --git a/hw/arm/fsl-imx7.c b/hw/arm/fsl-imx7.c
index d6cf7c48ce8..89c3b64c066 100644
--- a/hw/arm/fsl-imx7.c
+++ b/hw/arm/fsl-imx7.c
@@ -447,11 +447,22 @@ static void fsl_imx7_realize(DeviceState *dev, Error **errp)
FSL_IMX7_WDOG3_ADDR,
FSL_IMX7_WDOG4_ADDR,
};
+ static const int FSL_IMX7_WDOGn_IRQ[FSL_IMX7_NUM_WDTS] = {
+ FSL_IMX7_WDOG1_IRQ,
+ FSL_IMX7_WDOG2_IRQ,
+ FSL_IMX7_WDOG3_IRQ,
+ FSL_IMX7_WDOG4_IRQ,
+ };
+ object_property_set_bool(OBJECT(&s->wdt[i]), true, "pretimeout-support",
+ &error_abort);
object_property_set_bool(OBJECT(&s->wdt[i]), true, "realized",
&error_abort);
sysbus_mmio_map(SYS_BUS_DEVICE(&s->wdt[i]), 0, FSL_IMX7_WDOGn_ADDR[i]);
+ sysbus_connect_irq(SYS_BUS_DEVICE(&s->wdt[i]), 0,
+ qdev_get_gpio_in(DEVICE(&s->a7mpcore),
+ FSL_IMX7_WDOGn_IRQ[i]));
}
/*
--
2.20.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PULL 20/29] hw/arm/integratorcp: Replace hw_error() by qemu_log_mask()
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
` (18 preceding siblings ...)
2020-05-21 19:16 ` [PULL 19/29] hw/arm/fsl-imx7: Connect watchdog interrupts Peter Maydell
@ 2020-05-21 19:16 ` Peter Maydell
2020-05-21 19:16 ` [PULL 21/29] hw/arm/pxa2xx: " Peter Maydell
` (8 subsequent siblings)
28 siblings, 0 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:16 UTC (permalink / raw)
To: qemu-devel
From: Philippe Mathieu-Daudé <f4bug@amsat.org>
hw_error() calls exit(). This a bit overkill when we can log
the accesses as unimplemented or guest error.
When fuzzing the devices, we don't want the whole process to
exit. Replace some hw_error() calls by qemu_log_mask().
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20200518140309.5220-2-f4bug@amsat.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
hw/arm/integratorcp.c | 23 +++++++++++++++--------
1 file changed, 15 insertions(+), 8 deletions(-)
diff --git a/hw/arm/integratorcp.c b/hw/arm/integratorcp.c
index 6d69010d06b..5fb54e5aa75 100644
--- a/hw/arm/integratorcp.c
+++ b/hw/arm/integratorcp.c
@@ -20,6 +20,7 @@
#include "exec/address-spaces.h"
#include "sysemu/runstate.h"
#include "sysemu/sysemu.h"
+#include "qemu/log.h"
#include "qemu/error-report.h"
#include "hw/char/pl011.h"
#include "hw/hw.h"
@@ -144,8 +145,9 @@ static uint64_t integratorcm_read(void *opaque, hwaddr offset,
/* ??? Voltage control unimplemented. */
return 0;
default:
- hw_error("integratorcm_read: Unimplemented offset 0x%x\n",
- (int)offset);
+ qemu_log_mask(LOG_UNIMP,
+ "%s: Unimplemented offset 0x%" HWADDR_PRIX "\n",
+ __func__, offset);
return 0;
}
}
@@ -252,8 +254,9 @@ static void integratorcm_write(void *opaque, hwaddr offset,
/* ??? Voltage control unimplemented. */
break;
default:
- hw_error("integratorcm_write: Unimplemented offset 0x%x\n",
- (int)offset);
+ qemu_log_mask(LOG_UNIMP,
+ "%s: Unimplemented offset 0x%" HWADDR_PRIX "\n",
+ __func__, offset);
break;
}
}
@@ -394,7 +397,8 @@ static uint64_t icp_pic_read(void *opaque, hwaddr offset,
case 5: /* INT_SOFTCLR */
case 11: /* FRQ_ENABLECLR */
default:
- printf ("icp_pic_read: Bad register offset 0x%x\n", (int)offset);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%" HWADDR_PRIX "\n",
+ __func__, offset);
return 0;
}
}
@@ -430,7 +434,8 @@ static void icp_pic_write(void *opaque, hwaddr offset,
case 8: /* FRQ_STATUS */
case 9: /* FRQ_RAWSTAT */
default:
- printf ("icp_pic_write: Bad register offset 0x%x\n", (int)offset);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%" HWADDR_PRIX "\n",
+ __func__, offset);
return;
}
icp_pic_update(s);
@@ -504,7 +509,8 @@ static uint64_t icp_control_read(void *opaque, hwaddr offset,
case 3: /* CP_DECODE */
return 0x11;
default:
- hw_error("icp_control_read: Bad offset %x\n", (int)offset);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%" HWADDR_PRIX "\n",
+ __func__, offset);
return 0;
}
}
@@ -524,7 +530,8 @@ static void icp_control_write(void *opaque, hwaddr offset,
/* Nothing interesting implemented yet. */
break;
default:
- hw_error("icp_control_write: Bad offset %x\n", (int)offset);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%" HWADDR_PRIX "\n",
+ __func__, offset);
}
}
--
2.20.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PULL 21/29] hw/arm/pxa2xx: Replace hw_error() by qemu_log_mask()
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
` (19 preceding siblings ...)
2020-05-21 19:16 ` [PULL 20/29] hw/arm/integratorcp: Replace hw_error() by qemu_log_mask() Peter Maydell
@ 2020-05-21 19:16 ` Peter Maydell
2020-05-21 19:16 ` [PULL 22/29] hw/char/xilinx_uartlite: " Peter Maydell
` (7 subsequent siblings)
28 siblings, 0 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:16 UTC (permalink / raw)
To: qemu-devel
From: Philippe Mathieu-Daudé <f4bug@amsat.org>
hw_error() calls exit(). This a bit overkill when we can log
the accesses as unimplemented or guest error.
When fuzzing the devices, we don't want the whole process to
exit. Replace some hw_error() calls by qemu_log_mask().
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20200518140309.5220-3-f4bug@amsat.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
hw/arm/pxa2xx_gpio.c | 7 ++++---
hw/display/pxa2xx_lcd.c | 8 +++++---
hw/dma/pxa2xx_dma.c | 14 +++++++++-----
3 files changed, 18 insertions(+), 11 deletions(-)
diff --git a/hw/arm/pxa2xx_gpio.c b/hw/arm/pxa2xx_gpio.c
index f8df3cc2279..a01db54a518 100644
--- a/hw/arm/pxa2xx_gpio.c
+++ b/hw/arm/pxa2xx_gpio.c
@@ -9,7 +9,6 @@
#include "qemu/osdep.h"
#include "cpu.h"
-#include "hw/hw.h"
#include "hw/irq.h"
#include "hw/qdev-properties.h"
#include "hw/sysbus.h"
@@ -199,7 +198,8 @@ static uint64_t pxa2xx_gpio_read(void *opaque, hwaddr offset,
return s->status[bank];
default:
- hw_error("%s: Bad offset " REG_FMT "\n", __func__, offset);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%" HWADDR_PRIX "\n",
+ __func__, offset);
}
return 0;
@@ -252,7 +252,8 @@ static void pxa2xx_gpio_write(void *opaque, hwaddr offset,
break;
default:
- hw_error("%s: Bad offset " REG_FMT "\n", __func__, offset);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%" HWADDR_PRIX "\n",
+ __func__, offset);
}
}
diff --git a/hw/display/pxa2xx_lcd.c b/hw/display/pxa2xx_lcd.c
index 464e93161a2..d5f2e82a4ec 100644
--- a/hw/display/pxa2xx_lcd.c
+++ b/hw/display/pxa2xx_lcd.c
@@ -11,7 +11,7 @@
*/
#include "qemu/osdep.h"
-#include "hw/hw.h"
+#include "qemu/log.h"
#include "hw/irq.h"
#include "migration/vmstate.h"
#include "ui/console.h"
@@ -407,7 +407,8 @@ static uint64_t pxa2xx_lcdc_read(void *opaque, hwaddr offset,
default:
fail:
- hw_error("%s: Bad offset " REG_FMT "\n", __func__, offset);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%" HWADDR_PRIX "\n",
+ __func__, offset);
}
return 0;
@@ -562,7 +563,8 @@ static void pxa2xx_lcdc_write(void *opaque, hwaddr offset,
default:
fail:
- hw_error("%s: Bad offset " REG_FMT "\n", __func__, offset);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%" HWADDR_PRIX "\n",
+ __func__, offset);
}
}
diff --git a/hw/dma/pxa2xx_dma.c b/hw/dma/pxa2xx_dma.c
index 88ed4b6ff1f..8a2eeb32bc3 100644
--- a/hw/dma/pxa2xx_dma.c
+++ b/hw/dma/pxa2xx_dma.c
@@ -9,6 +9,7 @@
*/
#include "qemu/osdep.h"
+#include "qemu/log.h"
#include "hw/hw.h"
#include "hw/irq.h"
#include "hw/qdev-properties.h"
@@ -268,7 +269,8 @@ static uint64_t pxa2xx_dma_read(void *opaque, hwaddr offset,
unsigned int channel;
if (size != 4) {
- hw_error("%s: Bad access width\n", __func__);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad access width %u\n",
+ __func__, size);
return 5;
}
@@ -315,8 +317,8 @@ static uint64_t pxa2xx_dma_read(void *opaque, hwaddr offset,
return s->chan[channel].cmd;
}
}
-
- hw_error("%s: Bad offset 0x" TARGET_FMT_plx "\n", __func__, offset);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%" HWADDR_PRIX "\n",
+ __func__, offset);
return 7;
}
@@ -327,7 +329,8 @@ static void pxa2xx_dma_write(void *opaque, hwaddr offset,
unsigned int channel;
if (size != 4) {
- hw_error("%s: Bad access width\n", __func__);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad access width %u\n",
+ __func__, size);
return;
}
@@ -420,7 +423,8 @@ static void pxa2xx_dma_write(void *opaque, hwaddr offset,
break;
}
fail:
- hw_error("%s: Bad offset " TARGET_FMT_plx "\n", __func__, offset);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%" HWADDR_PRIX "\n",
+ __func__, offset);
}
}
--
2.20.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PULL 22/29] hw/char/xilinx_uartlite: Replace hw_error() by qemu_log_mask()
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
` (20 preceding siblings ...)
2020-05-21 19:16 ` [PULL 21/29] hw/arm/pxa2xx: " Peter Maydell
@ 2020-05-21 19:16 ` Peter Maydell
2020-05-21 19:16 ` [PULL 23/29] hw/timer/exynos4210_mct: " Peter Maydell
` (6 subsequent siblings)
28 siblings, 0 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:16 UTC (permalink / raw)
To: qemu-devel
From: Philippe Mathieu-Daudé <f4bug@amsat.org>
hw_error() calls exit(). This a bit overkill when we can log
the accesses as unimplemented or guest error.
When fuzzing the devices, we don't want the whole process to
exit. Replace some hw_error() calls by qemu_log_mask().
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20200518140309.5220-4-f4bug@amsat.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
hw/char/xilinx_uartlite.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/hw/char/xilinx_uartlite.c b/hw/char/xilinx_uartlite.c
index c6512285d73..ae4ccd00c70 100644
--- a/hw/char/xilinx_uartlite.c
+++ b/hw/char/xilinx_uartlite.c
@@ -23,7 +23,7 @@
*/
#include "qemu/osdep.h"
-#include "hw/hw.h"
+#include "qemu/log.h"
#include "hw/irq.h"
#include "hw/qdev-properties.h"
#include "hw/sysbus.h"
@@ -135,7 +135,8 @@ uart_write(void *opaque, hwaddr addr,
switch (addr)
{
case R_STATUS:
- hw_error("write to UART STATUS?\n");
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: write to UART STATUS\n",
+ __func__);
break;
case R_CTRL:
--
2.20.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PULL 23/29] hw/timer/exynos4210_mct: Replace hw_error() by qemu_log_mask()
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
` (21 preceding siblings ...)
2020-05-21 19:16 ` [PULL 22/29] hw/char/xilinx_uartlite: " Peter Maydell
@ 2020-05-21 19:16 ` Peter Maydell
2020-05-21 19:16 ` [PULL 24/29] ARM: PL061: Introduce N_GPIOS Peter Maydell
` (5 subsequent siblings)
28 siblings, 0 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:16 UTC (permalink / raw)
To: qemu-devel
From: Philippe Mathieu-Daudé <f4bug@amsat.org>
hw_error() calls exit(). This a bit overkill when we can log
the accesses as unimplemented or guest error.
When fuzzing the devices, we don't want the whole process to
exit. Replace some hw_error() calls by qemu_log_mask().
Per the datasheet "Exynos 4412 RISC Microprocessor Rev 1.00"
Chapter 25 "Multi Core Timer (MCT)" figure 1 and table 4,
the default value on the APB bus is 0.
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20200518140309.5220-5-f4bug@amsat.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
hw/timer/exynos4210_mct.c | 12 +++++-------
1 file changed, 5 insertions(+), 7 deletions(-)
diff --git a/hw/timer/exynos4210_mct.c b/hw/timer/exynos4210_mct.c
index 570cf7075bc..29a4b10676a 100644
--- a/hw/timer/exynos4210_mct.c
+++ b/hw/timer/exynos4210_mct.c
@@ -54,7 +54,6 @@
#include "qemu/osdep.h"
#include "qemu/log.h"
-#include "hw/hw.h"
#include "hw/sysbus.h"
#include "migration/vmstate.h"
#include "qemu/timer.h"
@@ -62,7 +61,6 @@
#include "hw/ptimer.h"
#include "hw/arm/exynos4210.h"
-#include "hw/hw.h"
#include "hw/irq.h"
//#define DEBUG_MCT
@@ -1062,7 +1060,7 @@ static uint64_t exynos4210_mct_read(void *opaque, hwaddr offset,
int index;
int shift;
uint64_t count;
- uint32_t value;
+ uint32_t value = 0;
int lt_i;
switch (offset) {
@@ -1158,8 +1156,8 @@ static uint64_t exynos4210_mct_read(void *opaque, hwaddr offset,
break;
default:
- hw_error("exynos4210.mct: bad read offset "
- TARGET_FMT_plx "\n", offset);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%" HWADDR_PRIX "\n",
+ __func__, offset);
break;
}
return value;
@@ -1484,8 +1482,8 @@ static void exynos4210_mct_write(void *opaque, hwaddr offset,
break;
default:
- hw_error("exynos4210.mct: bad write offset "
- TARGET_FMT_plx "\n", offset);
+ qemu_log_mask(LOG_GUEST_ERROR, "%s: Bad offset 0x%" HWADDR_PRIX "\n",
+ __func__, offset);
break;
}
}
--
2.20.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PULL 24/29] ARM: PL061: Introduce N_GPIOS
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
` (22 preceding siblings ...)
2020-05-21 19:16 ` [PULL 23/29] hw/timer/exynos4210_mct: " Peter Maydell
@ 2020-05-21 19:16 ` Peter Maydell
2020-05-21 19:16 ` [PULL 25/29] target/arm: Use tcg_gen_gvec_mov for clear_vec_high Peter Maydell
` (4 subsequent siblings)
28 siblings, 0 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:16 UTC (permalink / raw)
To: qemu-devel
From: Geert Uytterhoeven <geert+renesas@glider.be>
Add a definition for the number of GPIO lines controlled by a PL061
instance, and use it instead of the hardcoded magic value 8.
Suggested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20200519085143.1376-1-geert+renesas@glider.be
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
hw/gpio/pl061.c | 12 +++++++-----
1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a/hw/gpio/pl061.c b/hw/gpio/pl061.c
index 2a828260bdb..6d3c36bc16c 100644
--- a/hw/gpio/pl061.c
+++ b/hw/gpio/pl061.c
@@ -36,6 +36,8 @@ static const uint8_t pl061_id_luminary[12] =
#define TYPE_PL061 "pl061"
#define PL061(obj) OBJECT_CHECK(PL061State, (obj), TYPE_PL061)
+#define N_GPIOS 8
+
typedef struct PL061State {
SysBusDevice parent_obj;
@@ -62,7 +64,7 @@ typedef struct PL061State {
uint32_t cr;
uint32_t amsel;
qemu_irq irq;
- qemu_irq out[8];
+ qemu_irq out[N_GPIOS];
const unsigned char *id;
uint32_t rsvd_start; /* reserved area: [rsvd_start, 0xfcc] */
} PL061State;
@@ -112,7 +114,7 @@ static void pl061_update(PL061State *s)
changed = s->old_out_data ^ out;
if (changed) {
s->old_out_data = out;
- for (i = 0; i < 8; i++) {
+ for (i = 0; i < N_GPIOS; i++) {
mask = 1 << i;
if (changed & mask) {
DPRINTF("Set output %d = %d\n", i, (out & mask) != 0);
@@ -125,7 +127,7 @@ static void pl061_update(PL061State *s)
changed = (s->old_in_data ^ s->data) & ~s->dir;
if (changed) {
s->old_in_data = s->data;
- for (i = 0; i < 8; i++) {
+ for (i = 0; i < N_GPIOS; i++) {
mask = 1 << i;
if (changed & mask) {
DPRINTF("Changed input %d = %d\n", i, (s->data & mask) != 0);
@@ -364,8 +366,8 @@ static void pl061_init(Object *obj)
memory_region_init_io(&s->iomem, obj, &pl061_ops, s, "pl061", 0x1000);
sysbus_init_mmio(sbd, &s->iomem);
sysbus_init_irq(sbd, &s->irq);
- qdev_init_gpio_in(dev, pl061_set_irq, 8);
- qdev_init_gpio_out(dev, s->out, 8);
+ qdev_init_gpio_in(dev, pl061_set_irq, N_GPIOS);
+ qdev_init_gpio_out(dev, s->out, N_GPIOS);
}
static void pl061_class_init(ObjectClass *klass, void *data)
--
2.20.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PULL 25/29] target/arm: Use tcg_gen_gvec_mov for clear_vec_high
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
` (23 preceding siblings ...)
2020-05-21 19:16 ` [PULL 24/29] ARM: PL061: Introduce N_GPIOS Peter Maydell
@ 2020-05-21 19:16 ` Peter Maydell
2020-05-21 19:16 ` [PULL 26/29] target/arm: Use clear_vec_high more effectively Peter Maydell
` (3 subsequent siblings)
28 siblings, 0 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:16 UTC (permalink / raw)
To: qemu-devel
From: Richard Henderson <richard.henderson@linaro.org>
The 8-byte store for the end a !is_q operation can be
merged with the other stores. Use a no-op vector move
to trigger the expand_clr portion of tcg_gen_gvec_mov.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20200519212453.28494-2-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/translate-a64.c | 10 ++--------
1 file changed, 2 insertions(+), 8 deletions(-)
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
index 991e451644c..4f6edb28927 100644
--- a/target/arm/translate-a64.c
+++ b/target/arm/translate-a64.c
@@ -496,14 +496,8 @@ static void clear_vec_high(DisasContext *s, bool is_q, int rd)
unsigned ofs = fp_reg_offset(s, rd, MO_64);
unsigned vsz = vec_full_reg_size(s);
- if (!is_q) {
- TCGv_i64 tcg_zero = tcg_const_i64(0);
- tcg_gen_st_i64(tcg_zero, cpu_env, ofs + 8);
- tcg_temp_free_i64(tcg_zero);
- }
- if (vsz > 16) {
- tcg_gen_gvec_dup_imm(MO_64, ofs + 16, vsz - 16, vsz - 16, 0);
- }
+ /* Nop move, with side effect of clearing the tail. */
+ tcg_gen_gvec_mov(MO_64, ofs, ofs, is_q ? 16 : 8, vsz);
}
void write_fp_dreg(DisasContext *s, int reg, TCGv_i64 v)
--
2.20.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PULL 26/29] target/arm: Use clear_vec_high more effectively
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
` (24 preceding siblings ...)
2020-05-21 19:16 ` [PULL 25/29] target/arm: Use tcg_gen_gvec_mov for clear_vec_high Peter Maydell
@ 2020-05-21 19:16 ` Peter Maydell
2020-05-21 19:16 ` [PULL 27/29] target/arm: Allow user-mode code to write CPSR.E via MSR Peter Maydell
` (2 subsequent siblings)
28 siblings, 0 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:16 UTC (permalink / raw)
To: qemu-devel
From: Richard Henderson <richard.henderson@linaro.org>
Do not explicitly store zero to the NEON high part
when we can pass !is_q to clear_vec_high.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20200519212453.28494-3-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/translate-a64.c | 53 +++++++++++++++++++++++---------------
1 file changed, 32 insertions(+), 21 deletions(-)
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
index 4f6edb28927..874f3eb4f97 100644
--- a/target/arm/translate-a64.c
+++ b/target/arm/translate-a64.c
@@ -900,11 +900,10 @@ static void do_fp_ld(DisasContext *s, int destidx, TCGv_i64 tcg_addr, int size)
{
/* This always zero-extends and writes to a full 128 bit wide vector */
TCGv_i64 tmplo = tcg_temp_new_i64();
- TCGv_i64 tmphi;
+ TCGv_i64 tmphi = NULL;
if (size < 4) {
MemOp memop = s->be_data + size;
- tmphi = tcg_const_i64(0);
tcg_gen_qemu_ld_i64(tmplo, tcg_addr, get_mem_index(s), memop);
} else {
bool be = s->be_data == MO_BE;
@@ -922,12 +921,13 @@ static void do_fp_ld(DisasContext *s, int destidx, TCGv_i64 tcg_addr, int size)
}
tcg_gen_st_i64(tmplo, cpu_env, fp_reg_offset(s, destidx, MO_64));
- tcg_gen_st_i64(tmphi, cpu_env, fp_reg_hi_offset(s, destidx));
-
tcg_temp_free_i64(tmplo);
- tcg_temp_free_i64(tmphi);
- clear_vec_high(s, true, destidx);
+ if (tmphi) {
+ tcg_gen_st_i64(tmphi, cpu_env, fp_reg_hi_offset(s, destidx));
+ tcg_temp_free_i64(tmphi);
+ }
+ clear_vec_high(s, tmphi != NULL, destidx);
}
/*
@@ -6934,7 +6934,6 @@ static void disas_simd_ext(DisasContext *s, uint32_t insn)
read_vec_element(s, tcg_resh, rm, 0, MO_64);
do_ext64(s, tcg_resh, tcg_resl, pos);
}
- tcg_gen_movi_i64(tcg_resh, 0);
} else {
TCGv_i64 tcg_hh;
typedef struct {
@@ -6964,9 +6963,11 @@ static void disas_simd_ext(DisasContext *s, uint32_t insn)
write_vec_element(s, tcg_resl, rd, 0, MO_64);
tcg_temp_free_i64(tcg_resl);
- write_vec_element(s, tcg_resh, rd, 1, MO_64);
+ if (is_q) {
+ write_vec_element(s, tcg_resh, rd, 1, MO_64);
+ }
tcg_temp_free_i64(tcg_resh);
- clear_vec_high(s, true, rd);
+ clear_vec_high(s, is_q, rd);
}
/* TBL/TBX
@@ -7003,17 +7004,21 @@ static void disas_simd_tb(DisasContext *s, uint32_t insn)
* the input.
*/
tcg_resl = tcg_temp_new_i64();
- tcg_resh = tcg_temp_new_i64();
+ tcg_resh = NULL;
if (is_tblx) {
read_vec_element(s, tcg_resl, rd, 0, MO_64);
} else {
tcg_gen_movi_i64(tcg_resl, 0);
}
- if (is_tblx && is_q) {
- read_vec_element(s, tcg_resh, rd, 1, MO_64);
- } else {
- tcg_gen_movi_i64(tcg_resh, 0);
+
+ if (is_q) {
+ tcg_resh = tcg_temp_new_i64();
+ if (is_tblx) {
+ read_vec_element(s, tcg_resh, rd, 1, MO_64);
+ } else {
+ tcg_gen_movi_i64(tcg_resh, 0);
+ }
}
tcg_idx = tcg_temp_new_i64();
@@ -7033,9 +7038,12 @@ static void disas_simd_tb(DisasContext *s, uint32_t insn)
write_vec_element(s, tcg_resl, rd, 0, MO_64);
tcg_temp_free_i64(tcg_resl);
- write_vec_element(s, tcg_resh, rd, 1, MO_64);
- tcg_temp_free_i64(tcg_resh);
- clear_vec_high(s, true, rd);
+
+ if (is_q) {
+ write_vec_element(s, tcg_resh, rd, 1, MO_64);
+ tcg_temp_free_i64(tcg_resh);
+ }
+ clear_vec_high(s, is_q, rd);
}
/* ZIP/UZP/TRN
@@ -7072,7 +7080,7 @@ static void disas_simd_zip_trn(DisasContext *s, uint32_t insn)
}
tcg_resl = tcg_const_i64(0);
- tcg_resh = tcg_const_i64(0);
+ tcg_resh = is_q ? tcg_const_i64(0) : NULL;
tcg_res = tcg_temp_new_i64();
for (i = 0; i < elements; i++) {
@@ -7123,9 +7131,12 @@ static void disas_simd_zip_trn(DisasContext *s, uint32_t insn)
write_vec_element(s, tcg_resl, rd, 0, MO_64);
tcg_temp_free_i64(tcg_resl);
- write_vec_element(s, tcg_resh, rd, 1, MO_64);
- tcg_temp_free_i64(tcg_resh);
- clear_vec_high(s, true, rd);
+
+ if (is_q) {
+ write_vec_element(s, tcg_resh, rd, 1, MO_64);
+ tcg_temp_free_i64(tcg_resh);
+ }
+ clear_vec_high(s, is_q, rd);
}
/*
--
2.20.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PULL 27/29] target/arm: Allow user-mode code to write CPSR.E via MSR
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
` (25 preceding siblings ...)
2020-05-21 19:16 ` [PULL 26/29] target/arm: Use clear_vec_high more effectively Peter Maydell
@ 2020-05-21 19:16 ` Peter Maydell
2020-05-21 19:16 ` [PULL 28/29] linux-user/arm: Reset CPSR_E when entering a signal handler Peter Maydell
2020-05-21 19:16 ` [PULL 29/29] linux-user/arm/signal.c: Drop TARGET_CONFIG_CPU_32 Peter Maydell
28 siblings, 0 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:16 UTC (permalink / raw)
To: qemu-devel
Using the MSR instruction to write to CPSR.E is deprecated, but it is
required to work from any mode including unprivileged code. We were
incorrectly forbidding usermode code from writing it because
CPSR_USER did not include the CPSR_E bit.
We use CPSR_USER in only three places:
* as the mask of what to allow userspace MSR to write to CPSR
* when deciding what bits a linux-user signal-return should be
able to write from the sigcontext structure
* in target_user_copy_regs() when we set up the initial
registers for the linux-user process
In the first two cases not being able to update CPSR.E is a bug, and
in the third case it doesn't matter because CPSR.E is always 0 there.
So we can fix both bugs by adding CPSR_E to CPSR_USER.
Because the cpsr_write() in restore_sigcontext() is now changing
a CPSR bit which is cached in hflags, we need to add an
arm_rebuild_hflags() call there; the callsite in
target_user_copy_regs() was already rebuilding hflags for other
reasons.
(The recommended way to change CPSR.E is to use the 'SETEND'
instruction, which we do correctly allow from usermode code.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20200518142801.20503-1-peter.maydell@linaro.org
---
target/arm/cpu.h | 2 +-
linux-user/arm/signal.c | 1 +
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
index 5d995368d4f..677584e5da0 100644
--- a/target/arm/cpu.h
+++ b/target/arm/cpu.h
@@ -1230,7 +1230,7 @@ void pmu_init(ARMCPU *cpu);
#define CACHED_CPSR_BITS (CPSR_T | CPSR_AIF | CPSR_GE | CPSR_IT | CPSR_Q \
| CPSR_NZCV)
/* Bits writable in user mode. */
-#define CPSR_USER (CPSR_NZCV | CPSR_Q | CPSR_GE)
+#define CPSR_USER (CPSR_NZCV | CPSR_Q | CPSR_GE | CPSR_E)
/* Execution state bits. MRS read as zero, MSR writes ignored. */
#define CPSR_EXEC (CPSR_T | CPSR_IT | CPSR_J | CPSR_IL)
diff --git a/linux-user/arm/signal.c b/linux-user/arm/signal.c
index d96fc27ce11..8020c80acb5 100644
--- a/linux-user/arm/signal.c
+++ b/linux-user/arm/signal.c
@@ -546,6 +546,7 @@ restore_sigcontext(CPUARMState *env, struct target_sigcontext *sc)
#ifdef TARGET_CONFIG_CPU_32
__get_user(cpsr, &sc->arm_cpsr);
cpsr_write(env, cpsr, CPSR_USER | CPSR_EXEC, CPSRWriteByInstr);
+ arm_rebuild_hflags(env);
#endif
err |= !valid_user_regs(env);
--
2.20.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PULL 28/29] linux-user/arm: Reset CPSR_E when entering a signal handler
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
` (26 preceding siblings ...)
2020-05-21 19:16 ` [PULL 27/29] target/arm: Allow user-mode code to write CPSR.E via MSR Peter Maydell
@ 2020-05-21 19:16 ` Peter Maydell
2020-05-21 19:16 ` [PULL 29/29] linux-user/arm/signal.c: Drop TARGET_CONFIG_CPU_32 Peter Maydell
28 siblings, 0 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:16 UTC (permalink / raw)
To: qemu-devel
From: Amanieu d'Antras <amanieu@gmail.com>
This fixes signal handlers running with the wrong endianness if the
interrupted code used SETEND to dynamically switch endianness.
Signed-off-by: Amanieu d'Antras <amanieu@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20200511131117.2486486-1-amanieu@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
linux-user/arm/signal.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/linux-user/arm/signal.c b/linux-user/arm/signal.c
index 8020c80acb5..698985a647e 100644
--- a/linux-user/arm/signal.c
+++ b/linux-user/arm/signal.c
@@ -244,6 +244,11 @@ setup_return(CPUARMState *env, struct target_sigaction *ka,
} else {
cpsr &= ~CPSR_T;
}
+ if (env->cp15.sctlr_el[1] & SCTLR_E0E) {
+ cpsr |= CPSR_E;
+ } else {
+ cpsr &= ~CPSR_E;
+ }
if (ka->sa_flags & TARGET_SA_RESTORER) {
if (is_fdpic) {
@@ -287,7 +292,8 @@ setup_return(CPUARMState *env, struct target_sigaction *ka,
env->regs[13] = frame_addr;
env->regs[14] = retcode;
env->regs[15] = handler & (thumb ? ~1 : ~3);
- cpsr_write(env, cpsr, CPSR_IT | CPSR_T, CPSRWriteByInstr);
+ cpsr_write(env, cpsr, CPSR_IT | CPSR_T | CPSR_E, CPSRWriteByInstr);
+ arm_rebuild_hflags(env);
return 0;
}
--
2.20.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PULL 29/29] linux-user/arm/signal.c: Drop TARGET_CONFIG_CPU_32
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
` (27 preceding siblings ...)
2020-05-21 19:16 ` [PULL 28/29] linux-user/arm: Reset CPSR_E when entering a signal handler Peter Maydell
@ 2020-05-21 19:16 ` Peter Maydell
28 siblings, 0 replies; 30+ messages in thread
From: Peter Maydell @ 2020-05-21 19:16 UTC (permalink / raw)
To: qemu-devel
The Arm signal-handling code has some parts ifdeffed with a
TARGET_CONFIG_CPU_32, which is always defined. This is a leftover
from when this code's structure was based on the Linux kernel
signal handling code, where it was intended to support 26-bit
Arm CPUs. The kernel dropped its CONFIG_CPU_32 in kernel commit
4da8b8208eded0ba21e3 in 2009.
QEMU has never had 26-bit CPU support and is unlikely to ever
add it; we certainly aren't going to support 26-bit Linux
binaries via linux-user mode. The ifdef is just unhelpful
noise, so remove it entirely.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20200518143014.20689-1-peter.maydell@linaro.org
---
linux-user/arm/signal.c | 6 ------
1 file changed, 6 deletions(-)
diff --git a/linux-user/arm/signal.c b/linux-user/arm/signal.c
index 698985a647e..f21d1535e4d 100644
--- a/linux-user/arm/signal.c
+++ b/linux-user/arm/signal.c
@@ -126,8 +126,6 @@ struct rt_sigframe_v2
abi_ulong retcode[4];
};
-#define TARGET_CONFIG_CPU_32 1
-
/*
* For ARM syscalls, we encode the syscall number into the instruction.
*/
@@ -187,9 +185,7 @@ setup_sigcontext(struct target_sigcontext *sc, /*struct _fpstate *fpstate,*/
__put_user(env->regs[13], &sc->arm_sp);
__put_user(env->regs[14], &sc->arm_lr);
__put_user(env->regs[15], &sc->arm_pc);
-#ifdef TARGET_CONFIG_CPU_32
__put_user(cpsr_read(env), &sc->arm_cpsr);
-#endif
__put_user(/* current->thread.trap_no */ 0, &sc->trap_no);
__put_user(/* current->thread.error_code */ 0, &sc->error_code);
@@ -549,11 +545,9 @@ restore_sigcontext(CPUARMState *env, struct target_sigcontext *sc)
__get_user(env->regs[13], &sc->arm_sp);
__get_user(env->regs[14], &sc->arm_lr);
__get_user(env->regs[15], &sc->arm_pc);
-#ifdef TARGET_CONFIG_CPU_32
__get_user(cpsr, &sc->arm_cpsr);
cpsr_write(env, cpsr, CPSR_USER | CPSR_EXEC, CPSRWriteByInstr);
arm_rebuild_hflags(env);
-#endif
err |= !valid_user_regs(env);
--
2.20.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
end of thread, other threads:[~2020-05-21 19:33 UTC | newest]
Thread overview: 30+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-05-21 19:15 [PULL 00/29] target-arm queue Peter Maydell
2020-05-21 19:15 ` [PULL 01/29] tests/acceptance: Add a test for the canon-a1100 machine Peter Maydell
2020-05-21 19:15 ` [PULL 02/29] docs/system: Add 'Arm' to the Integrator/CP document title Peter Maydell
2020-05-21 19:15 ` [PULL 03/29] docs/system: Sort Arm board index into alphabetical order Peter Maydell
2020-05-21 19:15 ` [PULL 04/29] docs/system: Document Arm Versatile Express boards Peter Maydell
2020-05-21 19:15 ` [PULL 05/29] docs/system: Document the various MPS2 models Peter Maydell
2020-05-21 19:15 ` [PULL 06/29] docs/system: Document Musca boards Peter Maydell
2020-05-21 19:15 ` [PULL 07/29] linux-user/arm: BKPT should cause SIGTRAP, not be a syscall Peter Maydell
2020-05-21 19:15 ` [PULL 08/29] linux-user/arm: Remove bogus SVC 0xf0002 handling Peter Maydell
2020-05-21 19:15 ` [PULL 09/29] linux-user/arm: Handle invalid arm-specific syscalls correctly Peter Maydell
2020-05-21 19:15 ` [PULL 10/29] linux-user/arm: Fix identification of syscall numbers Peter Maydell
2020-05-21 19:15 ` [PULL 11/29] target/arm: Remove unused GEN_NEON_INTEGER_OP macro Peter Maydell
2020-05-21 19:15 ` [PULL 12/29] hw: Move i.MX watchdog driver to hw/watchdog Peter Maydell
2020-05-21 19:15 ` [PULL 13/29] hw/watchdog: Implement full i.MX watchdog support Peter Maydell
2020-05-21 19:15 ` [PULL 14/29] hw/arm/fsl-imx25: Wire up watchdog Peter Maydell
2020-05-21 19:15 ` [PULL 15/29] hw/arm/fsl-imx31: " Peter Maydell
2020-05-21 19:15 ` [PULL 16/29] hw/arm/fsl-imx6: Connect watchdog interrupts Peter Maydell
2020-05-21 19:15 ` [PULL 17/29] hw/arm/fsl-imx6ul: " Peter Maydell
2020-05-21 19:15 ` [PULL 18/29] hw/arm/fsl-imx7: Instantiate various unimplemented devices Peter Maydell
2020-05-21 19:16 ` [PULL 19/29] hw/arm/fsl-imx7: Connect watchdog interrupts Peter Maydell
2020-05-21 19:16 ` [PULL 20/29] hw/arm/integratorcp: Replace hw_error() by qemu_log_mask() Peter Maydell
2020-05-21 19:16 ` [PULL 21/29] hw/arm/pxa2xx: " Peter Maydell
2020-05-21 19:16 ` [PULL 22/29] hw/char/xilinx_uartlite: " Peter Maydell
2020-05-21 19:16 ` [PULL 23/29] hw/timer/exynos4210_mct: " Peter Maydell
2020-05-21 19:16 ` [PULL 24/29] ARM: PL061: Introduce N_GPIOS Peter Maydell
2020-05-21 19:16 ` [PULL 25/29] target/arm: Use tcg_gen_gvec_mov for clear_vec_high Peter Maydell
2020-05-21 19:16 ` [PULL 26/29] target/arm: Use clear_vec_high more effectively Peter Maydell
2020-05-21 19:16 ` [PULL 27/29] target/arm: Allow user-mode code to write CPSR.E via MSR Peter Maydell
2020-05-21 19:16 ` [PULL 28/29] linux-user/arm: Reset CPSR_E when entering a signal handler Peter Maydell
2020-05-21 19:16 ` [PULL 29/29] linux-user/arm/signal.c: Drop TARGET_CONFIG_CPU_32 Peter Maydell
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).