From 0ae0326b984e77a55c224b7863071bd3d8951231 Mon Sep 17 00:00:00 2001 From: Peter Maydell Date: Thu, 10 Sep 2020 18:38:51 +0100 Subject: [PATCH 01/18] target/arm: Replace ARM_FEATURE_PXN with ID_MMFR0.VMSA check The ARM_FEATURE_PXN bit indicates whether the CPU supports the PXN bit in short-descriptor translation table format descriptors. This is indicated by ID_MMFR0.VMSA being at least 0b0100. Replace the feature bit with an ID register check, in line with our preference for ID register checks over feature bits. Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson Message-id: 20200910173855.4068-2-peter.maydell@linaro.org --- target/arm/cpu.c | 1 - target/arm/cpu.h | 15 ++++++++++++++- target/arm/helper.c | 5 +++-- 3 files changed, 17 insertions(+), 4 deletions(-) diff --git a/target/arm/cpu.c b/target/arm/cpu.c index a7643deab4..d13a7b8717 100644 --- a/target/arm/cpu.c +++ b/target/arm/cpu.c @@ -1588,7 +1588,6 @@ static void arm_cpu_realizefn(DeviceState *dev, Error **errp) } if (arm_feature(env, ARM_FEATURE_LPAE)) { set_feature(env, ARM_FEATURE_V7MP); - set_feature(env, ARM_FEATURE_PXN); } if (arm_feature(env, ARM_FEATURE_CBAR_RO)) { set_feature(env, ARM_FEATURE_CBAR); diff --git a/target/arm/cpu.h b/target/arm/cpu.h index 6036f61d60..14a673d8e9 100644 --- a/target/arm/cpu.h +++ b/target/arm/cpu.h @@ -1772,6 +1772,15 @@ FIELD(ID_ISAR6, FHM, 8, 4) FIELD(ID_ISAR6, SB, 12, 4) FIELD(ID_ISAR6, SPECRES, 16, 4) +FIELD(ID_MMFR0, VMSA, 0, 4) +FIELD(ID_MMFR0, PMSA, 4, 4) +FIELD(ID_MMFR0, OUTERSHR, 8, 4) +FIELD(ID_MMFR0, SHARELVL, 12, 4) +FIELD(ID_MMFR0, TCM, 16, 4) +FIELD(ID_MMFR0, AUXREG, 20, 4) +FIELD(ID_MMFR0, FCSE, 24, 4) +FIELD(ID_MMFR0, INNERSHR, 28, 4) + FIELD(ID_MMFR3, CMAINTVA, 0, 4) FIELD(ID_MMFR3, CMAINTSW, 4, 4) FIELD(ID_MMFR3, BPMAINT, 8, 4) @@ -1949,7 +1958,6 @@ enum arm_features { ARM_FEATURE_CACHE_DIRTY_REG, /* 1136/1176 cache dirty status register */ ARM_FEATURE_CACHE_BLOCK_OPS, /* v6 optional cache block operations */ ARM_FEATURE_MPIDR, /* has cp15 MPIDR */ - ARM_FEATURE_PXN, /* has Privileged Execute Never bit */ ARM_FEATURE_LPAE, /* has Large Physical Address Extension */ ARM_FEATURE_V8, ARM_FEATURE_AARCH64, /* supports 64 bit mode */ @@ -3615,6 +3623,11 @@ static inline bool isar_feature_aa32_vminmaxnm(const ARMISARegisters *id) return FIELD_EX32(id->mvfr2, MVFR2, FPMISC) >= 4; } +static inline bool isar_feature_aa32_pxn(const ARMISARegisters *id) +{ + return FIELD_EX32(id->id_mmfr0, ID_MMFR0, VMSA) >= 4; +} + static inline bool isar_feature_aa32_pan(const ARMISARegisters *id) { return FIELD_EX32(id->id_mmfr3, ID_MMFR3, PAN) != 0; diff --git a/target/arm/helper.c b/target/arm/helper.c index 88bd9dd35d..ab6ca23b64 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -10537,6 +10537,7 @@ static bool get_phys_addr_v6(CPUARMState *env, uint32_t address, target_ulong *page_size, ARMMMUFaultInfo *fi) { CPUState *cs = env_cpu(env); + ARMCPU *cpu = env_archcpu(env); int level = 1; uint32_t table; uint32_t desc; @@ -10563,7 +10564,7 @@ static bool get_phys_addr_v6(CPUARMState *env, uint32_t address, goto do_fault; } type = (desc & 3); - if (type == 0 || (type == 3 && !arm_feature(env, ARM_FEATURE_PXN))) { + if (type == 0 || (type == 3 && !cpu_isar_feature(aa32_pxn, cpu))) { /* Section translation fault, or attempt to use the encoding * which is Reserved on implementations without PXN. */ @@ -10605,7 +10606,7 @@ static bool get_phys_addr_v6(CPUARMState *env, uint32_t address, pxn = desc & 1; ns = extract32(desc, 19, 1); } else { - if (arm_feature(env, ARM_FEATURE_PXN)) { + if (cpu_isar_feature(aa32_pxn, cpu)) { pxn = (desc >> 2) & 1; } ns = extract32(desc, 3, 1); From 8a130a7be6e222965641e1fd9469fd3ee752c7d4 Mon Sep 17 00:00:00 2001 From: Peter Maydell Date: Thu, 10 Sep 2020 18:38:52 +0100 Subject: [PATCH 02/18] target/arm: Move id_pfr0, id_pfr1 into ARMISARegisters Move the id_pfr0 and id_pfr1 fields into the ARMISARegisters sub-struct. We're going to want id_pfr1 for an isar_features check, and moving both at the same time avoids an odd inconsistency. Changes other than the ones to cpu.h and kvm64.c made automatically with: perl -p -i -e 's/cpu->id_pfr/cpu->isar.id_pfr/' target/arm/*.c hw/intc/armv7m_nvic.c Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson Message-id: 20200910173855.4068-3-peter.maydell@linaro.org --- hw/intc/armv7m_nvic.c | 4 ++-- target/arm/cpu.c | 20 ++++++++++---------- target/arm/cpu.h | 4 ++-- target/arm/cpu64.c | 12 ++++++------ target/arm/cpu_tcg.c | 36 ++++++++++++++++++------------------ target/arm/helper.c | 4 ++-- target/arm/kvm64.c | 4 ++++ 7 files changed, 44 insertions(+), 40 deletions(-) diff --git a/hw/intc/armv7m_nvic.c b/hw/intc/armv7m_nvic.c index 7876c1ba07..a28be49c1e 100644 --- a/hw/intc/armv7m_nvic.c +++ b/hw/intc/armv7m_nvic.c @@ -1238,9 +1238,9 @@ static uint32_t nvic_readl(NVICState *s, uint32_t offset, MemTxAttrs attrs) "Aux Fault status registers unimplemented\n"); return 0; case 0xd40: /* PFR0. */ - return cpu->id_pfr0; + return cpu->isar.id_pfr0; case 0xd44: /* PFR1. */ - return cpu->id_pfr1; + return cpu->isar.id_pfr1; case 0xd48: /* DFR0. */ return cpu->isar.id_dfr0; case 0xd4c: /* AFR0. */ diff --git a/target/arm/cpu.c b/target/arm/cpu.c index d13a7b8717..858c5a4bcb 100644 --- a/target/arm/cpu.c +++ b/target/arm/cpu.c @@ -1659,7 +1659,7 @@ static void arm_cpu_realizefn(DeviceState *dev, Error **errp) /* Disable the security extension feature bits in the processor feature * registers as well. These are id_pfr1[7:4] and id_aa64pfr0[15:12]. */ - cpu->id_pfr1 &= ~0xf0; + cpu->isar.id_pfr1 &= ~0xf0; cpu->isar.id_aa64pfr0 &= ~0xf000; } @@ -1696,7 +1696,7 @@ static void arm_cpu_realizefn(DeviceState *dev, Error **errp) * id_aa64pfr0_el1[11:8]. */ cpu->isar.id_aa64pfr0 &= ~0xf00; - cpu->id_pfr1 &= ~0xf000; + cpu->isar.id_pfr1 &= ~0xf000; } #ifndef CONFIG_USER_ONLY @@ -1894,8 +1894,8 @@ static void cortex_a8_initfn(Object *obj) cpu->isar.mvfr1 = 0x00011111; cpu->ctr = 0x82048004; cpu->reset_sctlr = 0x00c50078; - cpu->id_pfr0 = 0x1031; - cpu->id_pfr1 = 0x11; + cpu->isar.id_pfr0 = 0x1031; + cpu->isar.id_pfr1 = 0x11; cpu->isar.id_dfr0 = 0x400; cpu->id_afr0 = 0; cpu->isar.id_mmfr0 = 0x31100003; @@ -1966,8 +1966,8 @@ static void cortex_a9_initfn(Object *obj) cpu->isar.mvfr1 = 0x01111111; cpu->ctr = 0x80038003; cpu->reset_sctlr = 0x00c50078; - cpu->id_pfr0 = 0x1031; - cpu->id_pfr1 = 0x11; + cpu->isar.id_pfr0 = 0x1031; + cpu->isar.id_pfr1 = 0x11; cpu->isar.id_dfr0 = 0x000; cpu->id_afr0 = 0; cpu->isar.id_mmfr0 = 0x00100103; @@ -2030,8 +2030,8 @@ static void cortex_a7_initfn(Object *obj) cpu->isar.mvfr1 = 0x11111111; cpu->ctr = 0x84448003; cpu->reset_sctlr = 0x00c50078; - cpu->id_pfr0 = 0x00001131; - cpu->id_pfr1 = 0x00011011; + cpu->isar.id_pfr0 = 0x00001131; + cpu->isar.id_pfr1 = 0x00011011; cpu->isar.id_dfr0 = 0x02010555; cpu->id_afr0 = 0x00000000; cpu->isar.id_mmfr0 = 0x10101105; @@ -2075,8 +2075,8 @@ static void cortex_a15_initfn(Object *obj) cpu->isar.mvfr1 = 0x11111111; cpu->ctr = 0x8444c004; cpu->reset_sctlr = 0x00c50078; - cpu->id_pfr0 = 0x00001131; - cpu->id_pfr1 = 0x00011011; + cpu->isar.id_pfr0 = 0x00001131; + cpu->isar.id_pfr1 = 0x00011011; cpu->isar.id_dfr0 = 0x02010555; cpu->id_afr0 = 0x00000000; cpu->isar.id_mmfr0 = 0x10201105; diff --git a/target/arm/cpu.h b/target/arm/cpu.h index 14a673d8e9..a36edd2dc3 100644 --- a/target/arm/cpu.h +++ b/target/arm/cpu.h @@ -906,6 +906,8 @@ struct ARMCPU { uint32_t id_mmfr2; uint32_t id_mmfr3; uint32_t id_mmfr4; + uint32_t id_pfr0; + uint32_t id_pfr1; uint32_t mvfr0; uint32_t mvfr1; uint32_t mvfr2; @@ -926,8 +928,6 @@ struct ARMCPU { uint32_t reset_fpsid; uint32_t ctr; uint32_t reset_sctlr; - uint32_t id_pfr0; - uint32_t id_pfr1; uint64_t pmceid0; uint64_t pmceid1; uint32_t id_afr0; diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c index 3c2b3d9599..e00271b932 100644 --- a/target/arm/cpu64.c +++ b/target/arm/cpu64.c @@ -108,8 +108,8 @@ static void aarch64_a57_initfn(Object *obj) cpu->isar.mvfr2 = 0x00000043; cpu->ctr = 0x8444c004; cpu->reset_sctlr = 0x00c50838; - cpu->id_pfr0 = 0x00000131; - cpu->id_pfr1 = 0x00011011; + cpu->isar.id_pfr0 = 0x00000131; + cpu->isar.id_pfr1 = 0x00011011; cpu->isar.id_dfr0 = 0x03010066; cpu->id_afr0 = 0x00000000; cpu->isar.id_mmfr0 = 0x10101105; @@ -161,8 +161,8 @@ static void aarch64_a53_initfn(Object *obj) cpu->isar.mvfr2 = 0x00000043; cpu->ctr = 0x84448004; /* L1Ip = VIPT */ cpu->reset_sctlr = 0x00c50838; - cpu->id_pfr0 = 0x00000131; - cpu->id_pfr1 = 0x00011011; + cpu->isar.id_pfr0 = 0x00000131; + cpu->isar.id_pfr1 = 0x00011011; cpu->isar.id_dfr0 = 0x03010066; cpu->id_afr0 = 0x00000000; cpu->isar.id_mmfr0 = 0x10101105; @@ -213,8 +213,8 @@ static void aarch64_a72_initfn(Object *obj) cpu->isar.mvfr2 = 0x00000043; cpu->ctr = 0x8444c004; cpu->reset_sctlr = 0x00c50838; - cpu->id_pfr0 = 0x00000131; - cpu->id_pfr1 = 0x00011011; + cpu->isar.id_pfr0 = 0x00000131; + cpu->isar.id_pfr1 = 0x00011011; cpu->isar.id_dfr0 = 0x03010066; cpu->id_afr0 = 0x00000000; cpu->isar.id_mmfr0 = 0x10201105; diff --git a/target/arm/cpu_tcg.c b/target/arm/cpu_tcg.c index 00b0e08f33..a9b7cf5255 100644 --- a/target/arm/cpu_tcg.c +++ b/target/arm/cpu_tcg.c @@ -142,8 +142,8 @@ static void arm1136_r2_initfn(Object *obj) cpu->isar.mvfr1 = 0x00000000; cpu->ctr = 0x1dd20d2; cpu->reset_sctlr = 0x00050078; - cpu->id_pfr0 = 0x111; - cpu->id_pfr1 = 0x1; + cpu->isar.id_pfr0 = 0x111; + cpu->isar.id_pfr1 = 0x1; cpu->isar.id_dfr0 = 0x2; cpu->id_afr0 = 0x3; cpu->isar.id_mmfr0 = 0x01130003; @@ -173,8 +173,8 @@ static void arm1136_initfn(Object *obj) cpu->isar.mvfr1 = 0x00000000; cpu->ctr = 0x1dd20d2; cpu->reset_sctlr = 0x00050078; - cpu->id_pfr0 = 0x111; - cpu->id_pfr1 = 0x1; + cpu->isar.id_pfr0 = 0x111; + cpu->isar.id_pfr1 = 0x1; cpu->isar.id_dfr0 = 0x2; cpu->id_afr0 = 0x3; cpu->isar.id_mmfr0 = 0x01130003; @@ -205,8 +205,8 @@ static void arm1176_initfn(Object *obj) cpu->isar.mvfr1 = 0x00000000; cpu->ctr = 0x1dd20d2; cpu->reset_sctlr = 0x00050078; - cpu->id_pfr0 = 0x111; - cpu->id_pfr1 = 0x11; + cpu->isar.id_pfr0 = 0x111; + cpu->isar.id_pfr1 = 0x11; cpu->isar.id_dfr0 = 0x33; cpu->id_afr0 = 0; cpu->isar.id_mmfr0 = 0x01130003; @@ -234,8 +234,8 @@ static void arm11mpcore_initfn(Object *obj) cpu->isar.mvfr0 = 0x11111111; cpu->isar.mvfr1 = 0x00000000; cpu->ctr = 0x1d192992; /* 32K icache 32K dcache */ - cpu->id_pfr0 = 0x111; - cpu->id_pfr1 = 0x1; + cpu->isar.id_pfr0 = 0x111; + cpu->isar.id_pfr1 = 0x1; cpu->isar.id_dfr0 = 0; cpu->id_afr0 = 0x2; cpu->isar.id_mmfr0 = 0x01100103; @@ -266,8 +266,8 @@ static void cortex_m3_initfn(Object *obj) set_feature(&cpu->env, ARM_FEATURE_M_MAIN); cpu->midr = 0x410fc231; cpu->pmsav7_dregion = 8; - cpu->id_pfr0 = 0x00000030; - cpu->id_pfr1 = 0x00000200; + cpu->isar.id_pfr0 = 0x00000030; + cpu->isar.id_pfr1 = 0x00000200; cpu->isar.id_dfr0 = 0x00100000; cpu->id_afr0 = 0x00000000; cpu->isar.id_mmfr0 = 0x00000030; @@ -296,8 +296,8 @@ static void cortex_m4_initfn(Object *obj) cpu->isar.mvfr0 = 0x10110021; cpu->isar.mvfr1 = 0x11000011; cpu->isar.mvfr2 = 0x00000000; - cpu->id_pfr0 = 0x00000030; - cpu->id_pfr1 = 0x00000200; + cpu->isar.id_pfr0 = 0x00000030; + cpu->isar.id_pfr1 = 0x00000200; cpu->isar.id_dfr0 = 0x00100000; cpu->id_afr0 = 0x00000000; cpu->isar.id_mmfr0 = 0x00000030; @@ -326,8 +326,8 @@ static void cortex_m7_initfn(Object *obj) cpu->isar.mvfr0 = 0x10110221; cpu->isar.mvfr1 = 0x12000011; cpu->isar.mvfr2 = 0x00000040; - cpu->id_pfr0 = 0x00000030; - cpu->id_pfr1 = 0x00000200; + cpu->isar.id_pfr0 = 0x00000030; + cpu->isar.id_pfr1 = 0x00000200; cpu->isar.id_dfr0 = 0x00100000; cpu->id_afr0 = 0x00000000; cpu->isar.id_mmfr0 = 0x00100030; @@ -358,8 +358,8 @@ static void cortex_m33_initfn(Object *obj) cpu->isar.mvfr0 = 0x10110021; cpu->isar.mvfr1 = 0x11000011; cpu->isar.mvfr2 = 0x00000040; - cpu->id_pfr0 = 0x00000030; - cpu->id_pfr1 = 0x00000210; + cpu->isar.id_pfr0 = 0x00000030; + cpu->isar.id_pfr1 = 0x00000210; cpu->isar.id_dfr0 = 0x00200000; cpu->id_afr0 = 0x00000000; cpu->isar.id_mmfr0 = 0x00101F40; @@ -397,8 +397,8 @@ static void cortex_r5_initfn(Object *obj) set_feature(&cpu->env, ARM_FEATURE_PMSA); set_feature(&cpu->env, ARM_FEATURE_PMU); cpu->midr = 0x411fc153; /* r1p3 */ - cpu->id_pfr0 = 0x0131; - cpu->id_pfr1 = 0x001; + cpu->isar.id_pfr0 = 0x0131; + cpu->isar.id_pfr1 = 0x001; cpu->isar.id_dfr0 = 0x010400; cpu->id_afr0 = 0x0; cpu->isar.id_mmfr0 = 0x0210030; diff --git a/target/arm/helper.c b/target/arm/helper.c index ab6ca23b64..b394db394a 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -6625,7 +6625,7 @@ static void define_pmu_regs(ARMCPU *cpu) static uint64_t id_pfr1_read(CPUARMState *env, const ARMCPRegInfo *ri) { ARMCPU *cpu = env_archcpu(env); - uint64_t pfr1 = cpu->id_pfr1; + uint64_t pfr1 = cpu->isar.id_pfr1; if (env->gicv3state) { pfr1 |= 1 << 28; @@ -7258,7 +7258,7 @@ void register_cp_regs_for_features(ARMCPU *cpu) .opc0 = 3, .opc1 = 0, .crn = 0, .crm = 1, .opc2 = 0, .access = PL1_R, .type = ARM_CP_CONST, .accessfn = access_aa32_tid3, - .resetvalue = cpu->id_pfr0 }, + .resetvalue = cpu->isar.id_pfr0 }, /* ID_PFR1 is not a plain ARM_CP_CONST because we don't know * the value of the GIC field until after we define these regs. */ diff --git a/target/arm/kvm64.c b/target/arm/kvm64.c index 987b35e33f..fae07c3f04 100644 --- a/target/arm/kvm64.c +++ b/target/arm/kvm64.c @@ -555,6 +555,10 @@ bool kvm_arm_get_host_cpu_features(ARMHostCPUFeatures *ahcf) * than skipping the reads and leaving 0, as we must avoid * considering the values in every case. */ + err |= read_sys_reg32(fdarray[2], &ahcf->isar.id_pfr0, + ARM64_SYS_REG(3, 0, 0, 1, 0)); + err |= read_sys_reg32(fdarray[2], &ahcf->isar.id_pfr1, + ARM64_SYS_REG(3, 0, 0, 1, 1)); err |= read_sys_reg32(fdarray[2], &ahcf->isar.id_dfr0, ARM64_SYS_REG(3, 0, 0, 1, 2)); err |= read_sys_reg32(fdarray[2], &ahcf->isar.id_mmfr0, From d20c3ebda2972255e67c0a07368ac37f37a16c04 Mon Sep 17 00:00:00 2001 From: Peter Maydell Date: Thu, 10 Sep 2020 18:38:53 +0100 Subject: [PATCH 03/18] hw/intc/armv7m_nvic: Only show ID register values for Main Extension CPUs M-profile CPUs only implement the ID registers as guest-visible if the CPU implements the Main Extension (all our current CPUs except the Cortex-M0 do). Currently we handle this by having the Cortex-M0 leave the ID register values in the ARMCPU struct as zero, but this conflicts with our design decision to make QEMU behaviour be keyed off ID register fields wherever possible. Explicitly code the ID registers in the NVIC to return 0 if the Main Extension is not implemented, so we can make the M0 model set the ARMCPU struct fields to obtain the correct behaviour without those values becoming guest-visible. Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson Message-id: 20200910173855.4068-4-peter.maydell@linaro.org --- hw/intc/armv7m_nvic.c | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) diff --git a/hw/intc/armv7m_nvic.c b/hw/intc/armv7m_nvic.c index a28be49c1e..42b1ad59e6 100644 --- a/hw/intc/armv7m_nvic.c +++ b/hw/intc/armv7m_nvic.c @@ -1238,32 +1238,74 @@ static uint32_t nvic_readl(NVICState *s, uint32_t offset, MemTxAttrs attrs) "Aux Fault status registers unimplemented\n"); return 0; case 0xd40: /* PFR0. */ + if (!arm_feature(&cpu->env, ARM_FEATURE_M_MAIN)) { + goto bad_offset; + } return cpu->isar.id_pfr0; case 0xd44: /* PFR1. */ + if (!arm_feature(&cpu->env, ARM_FEATURE_M_MAIN)) { + goto bad_offset; + } return cpu->isar.id_pfr1; case 0xd48: /* DFR0. */ + if (!arm_feature(&cpu->env, ARM_FEATURE_M_MAIN)) { + goto bad_offset; + } return cpu->isar.id_dfr0; case 0xd4c: /* AFR0. */ + if (!arm_feature(&cpu->env, ARM_FEATURE_M_MAIN)) { + goto bad_offset; + } return cpu->id_afr0; case 0xd50: /* MMFR0. */ + if (!arm_feature(&cpu->env, ARM_FEATURE_M_MAIN)) { + goto bad_offset; + } return cpu->isar.id_mmfr0; case 0xd54: /* MMFR1. */ + if (!arm_feature(&cpu->env, ARM_FEATURE_M_MAIN)) { + goto bad_offset; + } return cpu->isar.id_mmfr1; case 0xd58: /* MMFR2. */ + if (!arm_feature(&cpu->env, ARM_FEATURE_M_MAIN)) { + goto bad_offset; + } return cpu->isar.id_mmfr2; case 0xd5c: /* MMFR3. */ + if (!arm_feature(&cpu->env, ARM_FEATURE_M_MAIN)) { + goto bad_offset; + } return cpu->isar.id_mmfr3; case 0xd60: /* ISAR0. */ + if (!arm_feature(&cpu->env, ARM_FEATURE_M_MAIN)) { + goto bad_offset; + } return cpu->isar.id_isar0; case 0xd64: /* ISAR1. */ + if (!arm_feature(&cpu->env, ARM_FEATURE_M_MAIN)) { + goto bad_offset; + } return cpu->isar.id_isar1; case 0xd68: /* ISAR2. */ + if (!arm_feature(&cpu->env, ARM_FEATURE_M_MAIN)) { + goto bad_offset; + } return cpu->isar.id_isar2; case 0xd6c: /* ISAR3. */ + if (!arm_feature(&cpu->env, ARM_FEATURE_M_MAIN)) { + goto bad_offset; + } return cpu->isar.id_isar3; case 0xd70: /* ISAR4. */ + if (!arm_feature(&cpu->env, ARM_FEATURE_M_MAIN)) { + goto bad_offset; + } return cpu->isar.id_isar4; case 0xd74: /* ISAR5. */ + if (!arm_feature(&cpu->env, ARM_FEATURE_M_MAIN)) { + goto bad_offset; + } return cpu->isar.id_isar5; case 0xd78: /* CLIDR */ return cpu->clidr; From 51cb228a1d1c0e325b4e7dea0bfb3140d6d11422 Mon Sep 17 00:00:00 2001 From: Peter Maydell Date: Thu, 10 Sep 2020 18:38:54 +0100 Subject: [PATCH 04/18] target/arm: Add ID register values for Cortex-M0 Give the Cortex-M0 ID register values corresponding to its implemented behaviour. These will not be guest-visible but will be used to govern the behaviour of QEMU's emulation. We use the same values that the Cortex-M3 does. Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson Message-id: 20200910173855.4068-5-peter.maydell@linaro.org --- target/arm/cpu_tcg.c | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/target/arm/cpu_tcg.c b/target/arm/cpu_tcg.c index a9b7cf5255..0013e25412 100644 --- a/target/arm/cpu_tcg.c +++ b/target/arm/cpu_tcg.c @@ -256,6 +256,30 @@ static void cortex_m0_initfn(Object *obj) set_feature(&cpu->env, ARM_FEATURE_M); cpu->midr = 0x410cc200; + + /* + * These ID register values are not guest visible, because + * we do not implement the Main Extension. They must be set + * to values corresponding to the Cortex-M0's implemented + * features, because QEMU generally controls its emulation + * by looking at ID register fields. We use the same values as + * for the M3. + */ + cpu->isar.id_pfr0 = 0x00000030; + cpu->isar.id_pfr1 = 0x00000200; + cpu->isar.id_dfr0 = 0x00100000; + cpu->id_afr0 = 0x00000000; + cpu->isar.id_mmfr0 = 0x00000030; + cpu->isar.id_mmfr1 = 0x00000000; + cpu->isar.id_mmfr2 = 0x00000000; + cpu->isar.id_mmfr3 = 0x00000000; + cpu->isar.id_isar0 = 0x01141110; + cpu->isar.id_isar1 = 0x02111000; + cpu->isar.id_isar2 = 0x21112231; + cpu->isar.id_isar3 = 0x01111110; + cpu->isar.id_isar4 = 0x01310102; + cpu->isar.id_isar5 = 0x00000000; + cpu->isar.id_isar6 = 0x00000000; } static void cortex_m3_initfn(Object *obj) From dfc523a84b06b6a4b583ed4c29d24fd980dd37a0 Mon Sep 17 00:00:00 2001 From: Peter Maydell Date: Thu, 10 Sep 2020 18:38:55 +0100 Subject: [PATCH 05/18] target/arm: Make isar_feature_aa32_fp16_arith() handle M-profile The M-profile definition of the MVFR1 ID register differs slightly from the A-profile one, and in particular the check for "does the CPU support fp16 arithmetic" is not the same. We don't currently implement any M-profile CPUs with fp16 arithmetic, so this is not yet a visible bug, but correcting the logic now disarms this beartrap for when we eventually do. Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson Message-id: 20200910173855.4068-6-peter.maydell@linaro.org --- target/arm/cpu.h | 31 ++++++++++++++++++++++++++----- 1 file changed, 26 insertions(+), 5 deletions(-) diff --git a/target/arm/cpu.h b/target/arm/cpu.h index a36edd2dc3..e4549a8cc0 100644 --- a/target/arm/cpu.h +++ b/target/arm/cpu.h @@ -1799,6 +1799,15 @@ FIELD(ID_MMFR4, LSM, 20, 4) FIELD(ID_MMFR4, CCIDX, 24, 4) FIELD(ID_MMFR4, EVT, 28, 4) +FIELD(ID_PFR1, PROGMOD, 0, 4) +FIELD(ID_PFR1, SECURITY, 4, 4) +FIELD(ID_PFR1, MPROGMOD, 8, 4) +FIELD(ID_PFR1, VIRTUALIZATION, 12, 4) +FIELD(ID_PFR1, GENTIMER, 16, 4) +FIELD(ID_PFR1, SEC_FRAC, 20, 4) +FIELD(ID_PFR1, VIRT_FRAC, 24, 4) +FIELD(ID_PFR1, GIC, 28, 4) + FIELD(ID_AA64ISAR0, AES, 4, 4) FIELD(ID_AA64ISAR0, SHA1, 8, 4) FIELD(ID_AA64ISAR0, SHA2, 12, 4) @@ -1916,10 +1925,12 @@ FIELD(MVFR0, FPROUND, 28, 4) FIELD(MVFR1, FPFTZ, 0, 4) FIELD(MVFR1, FPDNAN, 4, 4) -FIELD(MVFR1, SIMDLS, 8, 4) -FIELD(MVFR1, SIMDINT, 12, 4) -FIELD(MVFR1, SIMDSP, 16, 4) -FIELD(MVFR1, SIMDHP, 20, 4) +FIELD(MVFR1, SIMDLS, 8, 4) /* A-profile only */ +FIELD(MVFR1, SIMDINT, 12, 4) /* A-profile only */ +FIELD(MVFR1, SIMDSP, 16, 4) /* A-profile only */ +FIELD(MVFR1, SIMDHP, 20, 4) /* A-profile only */ +FIELD(MVFR1, MVE, 8, 4) /* M-profile only */ +FIELD(MVFR1, FP16, 20, 4) /* M-profile only */ FIELD(MVFR1, FPHP, 24, 4) FIELD(MVFR1, SIMDFMAC, 28, 4) @@ -3522,9 +3533,19 @@ static inline bool isar_feature_aa32_predinv(const ARMISARegisters *id) return FIELD_EX32(id->id_isar6, ID_ISAR6, SPECRES) != 0; } +static inline bool isar_feature_aa32_mprofile(const ARMISARegisters *id) +{ + return FIELD_EX32(id->id_pfr1, ID_PFR1, MPROGMOD) != 0; +} + static inline bool isar_feature_aa32_fp16_arith(const ARMISARegisters *id) { - return FIELD_EX32(id->mvfr1, MVFR1, FPHP) >= 3; + /* Sadly this is encoded differently for A-profile and M-profile */ + if (isar_feature_aa32_mprofile(id)) { + return FIELD_EX32(id->mvfr1, MVFR1, FP16) > 0; + } else { + return FIELD_EX32(id->mvfr1, MVFR1, FPHP) >= 3; + } } static inline bool isar_feature_aa32_vfp_simd(const ARMISARegisters *id) From d8227b098301935ea8e0e032e7d41e5dc3e97590 Mon Sep 17 00:00:00 2001 From: Richard Henderson Date: Tue, 15 Sep 2020 18:41:02 -0700 Subject: [PATCH 06/18] target/arm: Fix sve ldr/str The mte update missed a bit when producing clean addresses. Fixes: b2aa8879b88 Signed-off-by: Richard Henderson Message-id: 20200916014102.2446323-1-richard.henderson@linaro.org Reviewed-by: Peter Maydell Signed-off-by: Peter Maydell --- target/arm/translate-sve.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/target/arm/translate-sve.c b/target/arm/translate-sve.c index e4cd6b6251..c0d8a5863a 100644 --- a/target/arm/translate-sve.c +++ b/target/arm/translate-sve.c @@ -4290,7 +4290,7 @@ static void do_ldr(DisasContext *s, uint32_t vofs, int len, int rn, int imm) for (i = 0; i < len_align; i += 8) { tcg_gen_qemu_ld_i64(t0, clean_addr, midx, MO_LEQ); tcg_gen_st_i64(t0, cpu_env, vofs + i); - tcg_gen_addi_i64(clean_addr, cpu_reg_sp(s, rn), 8); + tcg_gen_addi_i64(clean_addr, clean_addr, 8); } tcg_temp_free_i64(t0); } else { @@ -4379,7 +4379,7 @@ static void do_str(DisasContext *s, uint32_t vofs, int len, int rn, int imm) for (i = 0; i < len_align; i += 8) { tcg_gen_ld_i64(t0, cpu_env, vofs + i); tcg_gen_qemu_st_i64(t0, clean_addr, midx, MO_LEQ); - tcg_gen_addi_i64(clean_addr, cpu_reg_sp(s, rn), 8); + tcg_gen_addi_i64(clean_addr, clean_addr, 8); } tcg_temp_free_i64(t0); } else { From dd701fafe55a78e655d4823d29226d92250a6b56 Mon Sep 17 00:00:00 2001 From: Richard Henderson Date: Thu, 17 Sep 2020 17:05:00 -0700 Subject: [PATCH 07/18] target/arm: Fix SVE splice While converting to gen_gvec_ool_zzzp, we lost passing a->esz as the data argument to the function. Fixes: 36cbb7a8e71 Cc: qemu-stable@nongnu.org Signed-off-by: Richard Henderson Message-id: 20200918000500.2690937-1-richard.henderson@linaro.org Reviewed-by: Peter Maydell Signed-off-by: Peter Maydell --- target/arm/translate-sve.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/target/arm/translate-sve.c b/target/arm/translate-sve.c index c0d8a5863a..9095586fc9 100644 --- a/target/arm/translate-sve.c +++ b/target/arm/translate-sve.c @@ -2689,7 +2689,7 @@ static bool trans_SPLICE(DisasContext *s, arg_rprr_esz *a) { if (sve_access_check(s)) { gen_gvec_ool_zzzp(s, gen_helper_sve_splice, - a->rd, a->rn, a->rm, a->pg, 0); + a->rd, a->rn, a->rm, a->pg, a->esz); } return true; } From d8e53d7b2d22eb1e8c9fd0a5deb4268a6a8198f4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Mon, 21 Sep 2020 05:47:27 +0200 Subject: [PATCH 08/18] hw/arm/raspi: Define various blocks base addresses MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The Raspberry firmware is closed-source. While running it, it accesses various I/O registers. Logging these accesses as UNIMP (unimplemented) help to understand what the firmware is doing (ideally we want it able to boot a Linux kernel). Document various blocks we might use later. Reviewed-by: Alex Bennée Signed-off-by: Philippe Mathieu-Daudé Reviewed-by: Luc Michel Message-id: 20200921034729.432931-2-f4bug@amsat.org Signed-off-by: Peter Maydell --- include/hw/arm/raspi_platform.h | 51 +++++++++++++++++++++++++++------ 1 file changed, 43 insertions(+), 8 deletions(-) diff --git a/include/hw/arm/raspi_platform.h b/include/hw/arm/raspi_platform.h index 61b04a1bd4..c7f50b260f 100644 --- a/include/hw/arm/raspi_platform.h +++ b/include/hw/arm/raspi_platform.h @@ -20,20 +20,29 @@ * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + * Various undocumented addresses and names come from Herman Hermitage's VC4 + * documentation: + * https://github.com/hermanhermitage/videocoreiv/wiki/MMIO-Register-map */ #ifndef HW_ARM_RASPI_PLATFORM_H #define HW_ARM_RASPI_PLATFORM_H #define MSYNC_OFFSET 0x0000 /* Multicore Sync Block */ -#define IC0_OFFSET 0x2000 +#define CCPT_OFFSET 0x1000 /* Compact Camera Port 2 TX */ +#define INTE_OFFSET 0x2000 /* VC Interrupt controller */ #define ST_OFFSET 0x3000 /* System Timer */ +#define TXP_OFFSET 0x4000 /* Transposer */ +#define JPEG_OFFSET 0x5000 #define MPHI_OFFSET 0x6000 /* Message-based Parallel Host Intf. */ #define DMA_OFFSET 0x7000 /* DMA controller, channels 0-14 */ -#define ARM_OFFSET 0xB000 /* BCM2708 ARM control block */ +#define ARBA_OFFSET 0x9000 +#define BRDG_OFFSET 0xa000 +#define ARM_OFFSET 0xB000 /* ARM control block */ #define ARMCTRL_OFFSET (ARM_OFFSET + 0x000) #define ARMCTRL_IC_OFFSET (ARM_OFFSET + 0x200) /* Interrupt controller */ -#define ARMCTRL_TIMER0_1_OFFSET (ARM_OFFSET + 0x400) /* Timer 0 and 1 */ +#define ARMCTRL_TIMER0_1_OFFSET (ARM_OFFSET + 0x400) /* Timer 0 and 1 (SP804) */ #define ARMCTRL_0_SBM_OFFSET (ARM_OFFSET + 0x800) /* User 0 (ARM) Semaphores * Doorbells & Mailboxes */ #define CPRMAN_OFFSET 0x100000 /* Power Management, Watchdog */ @@ -42,24 +51,50 @@ #define AVS_OFFSET 0x103000 /* Audio Video Standard */ #define RNG_OFFSET 0x104000 #define GPIO_OFFSET 0x200000 -#define UART0_OFFSET 0x201000 -#define MMCI0_OFFSET 0x202000 -#define I2S_OFFSET 0x203000 -#define SPI0_OFFSET 0x204000 +#define UART0_OFFSET 0x201000 /* PL011 */ +#define MMCI0_OFFSET 0x202000 /* Legacy MMC */ +#define I2S_OFFSET 0x203000 /* PCM */ +#define SPI0_OFFSET 0x204000 /* SPI master */ #define BSC0_OFFSET 0x205000 /* BSC0 I2C/TWI */ +#define PIXV0_OFFSET 0x206000 +#define PIXV1_OFFSET 0x207000 +#define DPI_OFFSET 0x208000 +#define DSI0_OFFSET 0x209000 /* Display Serial Interface */ +#define PWM_OFFSET 0x20c000 +#define PERM_OFFSET 0x20d000 +#define TEC_OFFSET 0x20e000 #define OTP_OFFSET 0x20f000 +#define SLIM_OFFSET 0x210000 /* SLIMbus */ +#define CPG_OFFSET 0x211000 #define THERMAL_OFFSET 0x212000 -#define BSC_SL_OFFSET 0x214000 /* SPI slave */ +#define AVSP_OFFSET 0x213000 +#define BSC_SL_OFFSET 0x214000 /* SPI slave (bootrom) */ #define AUX_OFFSET 0x215000 /* AUX: UART1/SPI1/SPI2 */ #define EMMC1_OFFSET 0x300000 +#define EMMC2_OFFSET 0x340000 +#define HVS_OFFSET 0x400000 #define SMI_OFFSET 0x600000 +#define DSI1_OFFSET 0x700000 +#define UCAM_OFFSET 0x800000 +#define CMI_OFFSET 0x802000 #define BSC1_OFFSET 0x804000 /* BSC1 I2C/TWI */ #define BSC2_OFFSET 0x805000 /* BSC2 I2C/TWI */ +#define VECA_OFFSET 0x806000 +#define PIXV2_OFFSET 0x807000 +#define HDMI_OFFSET 0x808000 +#define HDCP_OFFSET 0x809000 +#define ARBR0_OFFSET 0x80a000 #define DBUS_OFFSET 0x900000 #define AVE0_OFFSET 0x910000 #define USB_OTG_OFFSET 0x980000 /* DTC_OTG USB controller */ +#define V3D_OFFSET 0xc00000 #define SDRAMC_OFFSET 0xe00000 +#define L2CC_OFFSET 0xe01000 /* Level 2 Cache controller */ +#define L1CC_OFFSET 0xe02000 /* Level 1 Cache controller */ +#define ARBR1_OFFSET 0xe04000 #define DMA15_OFFSET 0xE05000 /* DMA controller, channel 15 */ +#define DCRC_OFFSET 0xe07000 +#define AXIP_OFFSET 0xe08000 /* GPU interrupts */ #define INTERRUPT_TIMER0 0 From 8c1e9927907fd74497f315a7b99ca3a8e2ff39ff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Mon, 21 Sep 2020 05:47:28 +0200 Subject: [PATCH 09/18] hw/arm/bcm2835: Add more unimplemented peripherals MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The bcm2835-v3d is used since Linux 4.7, see commit 49ac67e0c39c ("ARM: bcm2835: Add VC4 to the device tree"), and the bcm2835-txp since Linux 4.19, see commit b7dd29b401f5 ("ARM: dts: bcm283x: Add Transposer block"). Signed-off-by: Philippe Mathieu-Daudé Reviewed-by: Luc Michel Message-id: 20200921034729.432931-3-f4bug@amsat.org Signed-off-by: Peter Maydell --- hw/arm/bcm2835_peripherals.c | 2 ++ include/hw/arm/bcm2835_peripherals.h | 2 ++ 2 files changed, 4 insertions(+) diff --git a/hw/arm/bcm2835_peripherals.c b/hw/arm/bcm2835_peripherals.c index a9d7f53f6e..15c5c72e46 100644 --- a/hw/arm/bcm2835_peripherals.c +++ b/hw/arm/bcm2835_peripherals.c @@ -343,6 +343,7 @@ static void bcm2835_peripherals_realize(DeviceState *dev, Error **errp) qdev_get_gpio_in_named(DEVICE(&s->ic), BCM2835_IC_GPU_IRQ, INTERRUPT_USB)); + create_unimp(s, &s->txp, "bcm2835-txp", TXP_OFFSET, 0x1000); create_unimp(s, &s->armtmr, "bcm2835-sp804", ARMCTRL_TIMER0_1_OFFSET, 0x40); create_unimp(s, &s->cprman, "bcm2835-cprman", CPRMAN_OFFSET, 0x1000); create_unimp(s, &s->a2w, "bcm2835-a2w", A2W_OFFSET, 0x1000); @@ -356,6 +357,7 @@ static void bcm2835_peripherals_realize(DeviceState *dev, Error **errp) create_unimp(s, &s->otp, "bcm2835-otp", OTP_OFFSET, 0x80); create_unimp(s, &s->dbus, "bcm2835-dbus", DBUS_OFFSET, 0x8000); create_unimp(s, &s->ave0, "bcm2835-ave0", AVE0_OFFSET, 0x8000); + create_unimp(s, &s->v3d, "bcm2835-v3d", V3D_OFFSET, 0x1000); create_unimp(s, &s->sdramc, "bcm2835-sdramc", SDRAMC_OFFSET, 0x100); } diff --git a/include/hw/arm/bcm2835_peripherals.h b/include/hw/arm/bcm2835_peripherals.h index 13d7c4c553..c9ac941a82 100644 --- a/include/hw/arm/bcm2835_peripherals.h +++ b/include/hw/arm/bcm2835_peripherals.h @@ -45,6 +45,7 @@ struct BCM2835PeripheralState { BCM2835SystemTimerState systmr; BCM2835MphiState mphi; + UnimplementedDeviceState txp; UnimplementedDeviceState armtmr; UnimplementedDeviceState cprman; UnimplementedDeviceState a2w; @@ -66,6 +67,7 @@ struct BCM2835PeripheralState { UnimplementedDeviceState otp; UnimplementedDeviceState dbus; UnimplementedDeviceState ave0; + UnimplementedDeviceState v3d; UnimplementedDeviceState bscsl; UnimplementedDeviceState smi; DWC2State dwc2; From e79f01f3ae65aae1baf01486d800f8b04a939d4e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Mon, 21 Sep 2020 05:47:29 +0200 Subject: [PATCH 10/18] hw/arm/raspi: Remove ignore_memory_transaction_failures on the raspi2 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Commit 1c3db49d39 added the raspi3, which uses the same peripherals than the raspi2 (but with different ARM cores). The raspi3 was introduced without the ignore_memory_transaction_failures flag. Almost 2 years later, the machine is usable running U-Boot and Linux. In commit 00cbd5bd74 we mapped a lot of unimplemented devices, commit d442d95f added thermal block and commit 0e5bbd7406 the system timer. As we are happy with the raspi3, let's remove this flag on the raspi2. Reviewed-by: Richard Henderson Reviewed-by: Luc Michel Signed-off-by: Philippe Mathieu-Daudé Message-id: 20200921034729.432931-4-f4bug@amsat.org Signed-off-by: Peter Maydell --- hw/arm/raspi.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/hw/arm/raspi.c b/hw/arm/raspi.c index d2f674587d..811eaf52ff 100644 --- a/hw/arm/raspi.c +++ b/hw/arm/raspi.c @@ -321,9 +321,6 @@ static void raspi_machine_class_init(ObjectClass *oc, void *data) mc->default_cpus = mc->min_cpus = mc->max_cpus = cores_count(board_rev); mc->default_ram_size = board_ram_size(board_rev); mc->default_ram_id = "ram"; - if (board_version(board_rev) == 2) { - mc->ignore_memory_transaction_failures = true; - } }; static const TypeInfo raspi_machine_types[] = { From 62f06f71373f2c3123e9599e59c80fccea24c604 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 24 Sep 2020 13:18:01 +0200 Subject: [PATCH 11/18] hw/arm/raspi: Display the board revision in the machine description MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Display the board revision in the machine description. Before: $ qemu-system-aarch64 -M help | fgrep raspi raspi2 Raspberry Pi 2B raspi3 Raspberry Pi 3B After: raspi2 Raspberry Pi 2B (revision 1.1) raspi3 Raspberry Pi 3B (revision 1.2) Reviewed-by: Luc Michel Signed-off-by: Philippe Mathieu-Daudé Message-id: 20200924111808.77168-2-f4bug@amsat.org Signed-off-by: Peter Maydell --- hw/arm/raspi.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/hw/arm/raspi.c b/hw/arm/raspi.c index 811eaf52ff..46d9ed7f05 100644 --- a/hw/arm/raspi.c +++ b/hw/arm/raspi.c @@ -312,7 +312,9 @@ static void raspi_machine_class_init(ObjectClass *oc, void *data) uint32_t board_rev = (uint32_t)(uintptr_t)data; rmc->board_rev = board_rev; - mc->desc = g_strdup_printf("Raspberry Pi %s", board_type(board_rev)); + mc->desc = g_strdup_printf("Raspberry Pi %s (revision 1.%u)", + board_type(board_rev), + FIELD_EX32(board_rev, REV_CODE, REVISION)); mc->init = raspi_machine_init; mc->block_default_type = IF_SD; mc->no_parallel = 1; From 02058e4b40f4132be3dcfede3e414562ff358146 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 24 Sep 2020 13:18:02 +0200 Subject: [PATCH 12/18] hw/arm/raspi: Load the firmware on the first core MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The 'first_cpu' is more a QEMU accelerator-related concept than a variable the machine requires to use. Since the machine is aware of its CPUs, directly use the first one to load the firmware. Reviewed-by: Luc Michel Signed-off-by: Philippe Mathieu-Daudé Message-id: 20200924111808.77168-3-f4bug@amsat.org Signed-off-by: Peter Maydell --- hw/arm/raspi.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/hw/arm/raspi.c b/hw/arm/raspi.c index 46d9ed7f05..8716a80a75 100644 --- a/hw/arm/raspi.c +++ b/hw/arm/raspi.c @@ -205,6 +205,7 @@ static void reset_secondary(ARMCPU *cpu, const struct arm_boot_info *info) static void setup_boot(MachineState *machine, int version, size_t ram_size) { + RaspiMachineState *s = RASPI_MACHINE(machine); static struct arm_boot_info binfo; int r; @@ -253,7 +254,7 @@ static void setup_boot(MachineState *machine, int version, size_t ram_size) binfo.firmware_loaded = true; } - arm_load_kernel(ARM_CPU(first_cpu), machine, &binfo); + arm_load_kernel(&s->soc.cpu[0].core, machine, &binfo); } static void raspi_machine_init(MachineState *machine) From 0f15c6e338f040ccea698d83aa51074264194ce5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 24 Sep 2020 13:18:03 +0200 Subject: [PATCH 13/18] hw/arm/raspi: Move arm_boot_info structure to RaspiMachineState MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The arm_boot_info structure belong to the machine, move it to RaspiMachineState. Reviewed-by: Luc Michel Signed-off-by: Philippe Mathieu-Daudé Message-id: 20200924111808.77168-4-f4bug@amsat.org Signed-off-by: Peter Maydell --- hw/arm/raspi.c | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/hw/arm/raspi.c b/hw/arm/raspi.c index 8716a80a75..16e6c83c92 100644 --- a/hw/arm/raspi.c +++ b/hw/arm/raspi.c @@ -41,6 +41,7 @@ struct RaspiMachineState { MachineState parent_obj; /*< public >*/ BCM283XState soc; + struct arm_boot_info binfo; }; typedef struct RaspiMachineState RaspiMachineState; @@ -206,12 +207,11 @@ static void reset_secondary(ARMCPU *cpu, const struct arm_boot_info *info) static void setup_boot(MachineState *machine, int version, size_t ram_size) { RaspiMachineState *s = RASPI_MACHINE(machine); - static struct arm_boot_info binfo; int r; - binfo.board_id = MACH_TYPE_BCM2708; - binfo.ram_size = ram_size; - binfo.nb_cpus = machine->smp.cpus; + s->binfo.board_id = MACH_TYPE_BCM2708; + s->binfo.ram_size = ram_size; + s->binfo.nb_cpus = machine->smp.cpus; if (version <= 2) { /* The rpi1 and 2 require some custom setup code to run in Secure @@ -220,21 +220,21 @@ static void setup_boot(MachineState *machine, int version, size_t ram_size) * firmware for some cache maintenance operations. * The rpi3 doesn't need this. */ - binfo.board_setup_addr = BOARDSETUP_ADDR; - binfo.write_board_setup = write_board_setup; - binfo.secure_board_setup = true; - binfo.secure_boot = true; + s->binfo.board_setup_addr = BOARDSETUP_ADDR; + s->binfo.write_board_setup = write_board_setup; + s->binfo.secure_board_setup = true; + s->binfo.secure_boot = true; } /* Pi2 and Pi3 requires SMP setup */ if (version >= 2) { - binfo.smp_loader_start = SMPBOOT_ADDR; + s->binfo.smp_loader_start = SMPBOOT_ADDR; if (version == 2) { - binfo.write_secondary_boot = write_smpboot; + s->binfo.write_secondary_boot = write_smpboot; } else { - binfo.write_secondary_boot = write_smpboot64; + s->binfo.write_secondary_boot = write_smpboot64; } - binfo.secondary_cpu_reset_hook = reset_secondary; + s->binfo.secondary_cpu_reset_hook = reset_secondary; } /* If the user specified a "firmware" image (e.g. UEFI), we bypass @@ -250,11 +250,11 @@ static void setup_boot(MachineState *machine, int version, size_t ram_size) exit(1); } - binfo.entry = firmware_addr; - binfo.firmware_loaded = true; + s->binfo.entry = firmware_addr; + s->binfo.firmware_loaded = true; } - arm_load_kernel(&s->soc.cpu[0].core, machine, &binfo); + arm_load_kernel(&s->soc.cpu[0].core, machine, &s->binfo); } static void raspi_machine_init(MachineState *machine) From f0eeb4b6154a33950e0ea887a2678053234f7a5f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 24 Sep 2020 13:18:04 +0200 Subject: [PATCH 14/18] hw/arm/raspi: Avoid using TypeInfo::class_data pointer MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Using class_data pointer to create a MachineClass is not the recommended way anymore. The correct way is to open-code the MachineClass::fields in the class_init() method. We can not use TYPE_RASPI_MACHINE::class_base_init() because it is called *before* each machine class_init(), therefore the board_rev field is not populated. We have to manually call raspi_machine_class_common_init() for each machine. This partly reverts commit a03bde3674e. Suggested-by: Igor Mammedov Reviewed-by: Richard Henderson Reviewed-by: Igor Mammedov Signed-off-by: Philippe Mathieu-Daudé Message-id: 20200924111808.77168-5-f4bug@amsat.org Signed-off-by: Peter Maydell --- hw/arm/raspi.c | 34 ++++++++++++++++++++++++---------- 1 file changed, 24 insertions(+), 10 deletions(-) diff --git a/hw/arm/raspi.c b/hw/arm/raspi.c index 16e6c83c92..3000e6d57e 100644 --- a/hw/arm/raspi.c +++ b/hw/arm/raspi.c @@ -306,13 +306,9 @@ static void raspi_machine_init(MachineState *machine) setup_boot(machine, version, machine->ram_size - vcram_size); } -static void raspi_machine_class_init(ObjectClass *oc, void *data) +static void raspi_machine_class_common_init(MachineClass *mc, + uint32_t board_rev) { - MachineClass *mc = MACHINE_CLASS(oc); - RaspiMachineClass *rmc = RASPI_MACHINE_CLASS(oc); - uint32_t board_rev = (uint32_t)(uintptr_t)data; - - rmc->board_rev = board_rev; mc->desc = g_strdup_printf("Raspberry Pi %s (revision 1.%u)", board_type(board_rev), FIELD_EX32(board_rev, REV_CODE, REVISION)); @@ -326,18 +322,36 @@ static void raspi_machine_class_init(ObjectClass *oc, void *data) mc->default_ram_id = "ram"; }; +static void raspi2b_machine_class_init(ObjectClass *oc, void *data) +{ + MachineClass *mc = MACHINE_CLASS(oc); + RaspiMachineClass *rmc = RASPI_MACHINE_CLASS(oc); + + rmc->board_rev = 0xa21041; + raspi_machine_class_common_init(mc, rmc->board_rev); +}; + +#ifdef TARGET_AARCH64 +static void raspi3b_machine_class_init(ObjectClass *oc, void *data) +{ + MachineClass *mc = MACHINE_CLASS(oc); + RaspiMachineClass *rmc = RASPI_MACHINE_CLASS(oc); + + rmc->board_rev = 0xa02082; + raspi_machine_class_common_init(mc, rmc->board_rev); +}; +#endif /* TARGET_AARCH64 */ + static const TypeInfo raspi_machine_types[] = { { .name = MACHINE_TYPE_NAME("raspi2"), .parent = TYPE_RASPI_MACHINE, - .class_init = raspi_machine_class_init, - .class_data = (void *)0xa21041, + .class_init = raspi2b_machine_class_init, #ifdef TARGET_AARCH64 }, { .name = MACHINE_TYPE_NAME("raspi3"), .parent = TYPE_RASPI_MACHINE, - .class_init = raspi_machine_class_init, - .class_data = (void *)0xa02082, + .class_init = raspi3b_machine_class_init, #endif }, { .name = TYPE_RASPI_MACHINE, From aa35ec2213b35d7542d17cd65f09f4e827403ce5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 24 Sep 2020 13:18:05 +0200 Subject: [PATCH 15/18] hw/arm/raspi: Use more specific machine names MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Now that we can instantiate different machines based on their board_rev register value, we can have various raspi2 and raspi3. In commit fc78a990ec103 we corrected the machine description. Correct the machine names too. For backward compatibility, add an alias to the previous generic name. Reviewed-by: Luc Michel Signed-off-by: Philippe Mathieu-Daudé Message-id: 20200924111808.77168-6-f4bug@amsat.org Signed-off-by: Peter Maydell --- hw/arm/raspi.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/hw/arm/raspi.c b/hw/arm/raspi.c index 3000e6d57e..3426521379 100644 --- a/hw/arm/raspi.c +++ b/hw/arm/raspi.c @@ -327,6 +327,7 @@ static void raspi2b_machine_class_init(ObjectClass *oc, void *data) MachineClass *mc = MACHINE_CLASS(oc); RaspiMachineClass *rmc = RASPI_MACHINE_CLASS(oc); + mc->alias = "raspi2"; rmc->board_rev = 0xa21041; raspi_machine_class_common_init(mc, rmc->board_rev); }; @@ -337,6 +338,7 @@ static void raspi3b_machine_class_init(ObjectClass *oc, void *data) MachineClass *mc = MACHINE_CLASS(oc); RaspiMachineClass *rmc = RASPI_MACHINE_CLASS(oc); + mc->alias = "raspi3"; rmc->board_rev = 0xa02082; raspi_machine_class_common_init(mc, rmc->board_rev); }; @@ -344,12 +346,12 @@ static void raspi3b_machine_class_init(ObjectClass *oc, void *data) static const TypeInfo raspi_machine_types[] = { { - .name = MACHINE_TYPE_NAME("raspi2"), + .name = MACHINE_TYPE_NAME("raspi2b"), .parent = TYPE_RASPI_MACHINE, .class_init = raspi2b_machine_class_init, #ifdef TARGET_AARCH64 }, { - .name = MACHINE_TYPE_NAME("raspi3"), + .name = MACHINE_TYPE_NAME("raspi3b"), .parent = TYPE_RASPI_MACHINE, .class_init = raspi3b_machine_class_init, #endif From 696788d6a94e9da6acdcf48e5fd5ec190f1f748a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 24 Sep 2020 13:18:06 +0200 Subject: [PATCH 16/18] hw/arm/raspi: Introduce RaspiProcessorId enum MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As we only support a reduced set of the REV_CODE_PROCESSOR id encoded in the board revision, define the PROCESSOR_ID values as an enum. We can simplify the board_soc_type and cores_count methods. Reviewed-by: Luc Michel Signed-off-by: Philippe Mathieu-Daudé Message-id: 20200924111808.77168-7-f4bug@amsat.org Signed-off-by: Peter Maydell --- hw/arm/raspi.c | 45 +++++++++++++++++++++------------------------ 1 file changed, 21 insertions(+), 24 deletions(-) diff --git a/hw/arm/raspi.c b/hw/arm/raspi.c index 3426521379..0d8e5a34c7 100644 --- a/hw/arm/raspi.c +++ b/hw/arm/raspi.c @@ -69,16 +69,33 @@ FIELD(REV_CODE, MANUFACTURER, 16, 4); FIELD(REV_CODE, MEMORY_SIZE, 20, 3); FIELD(REV_CODE, STYLE, 23, 1); +typedef enum RaspiProcessorId { + PROCESSOR_ID_BCM2836 = 1, + PROCESSOR_ID_BCM2837 = 2, +} RaspiProcessorId; + +static const struct { + const char *type; + int cores_count; +} soc_property[] = { + [PROCESSOR_ID_BCM2836] = {TYPE_BCM2836, BCM283X_NCPUS}, + [PROCESSOR_ID_BCM2837] = {TYPE_BCM2837, BCM283X_NCPUS}, +}; + static uint64_t board_ram_size(uint32_t board_rev) { assert(FIELD_EX32(board_rev, REV_CODE, STYLE)); /* Only new style */ return 256 * MiB << FIELD_EX32(board_rev, REV_CODE, MEMORY_SIZE); } -static int board_processor_id(uint32_t board_rev) +static RaspiProcessorId board_processor_id(uint32_t board_rev) { + int proc_id = FIELD_EX32(board_rev, REV_CODE, PROCESSOR); + assert(FIELD_EX32(board_rev, REV_CODE, STYLE)); /* Only new style */ - return FIELD_EX32(board_rev, REV_CODE, PROCESSOR); + assert(proc_id < ARRAY_SIZE(soc_property) && soc_property[proc_id].type); + + return proc_id; } static int board_version(uint32_t board_rev) @@ -88,32 +105,12 @@ static int board_version(uint32_t board_rev) static const char *board_soc_type(uint32_t board_rev) { - static const char *soc_types[] = { - NULL, TYPE_BCM2836, TYPE_BCM2837, - }; - int proc_id = board_processor_id(board_rev); - - if (proc_id >= ARRAY_SIZE(soc_types) || !soc_types[proc_id]) { - error_report("Unsupported processor id '%d' (board revision: 0x%x)", - proc_id, board_rev); - exit(1); - } - return soc_types[proc_id]; + return soc_property[board_processor_id(board_rev)].type; } static int cores_count(uint32_t board_rev) { - static const int soc_cores_count[] = { - 0, BCM283X_NCPUS, BCM283X_NCPUS, - }; - int proc_id = board_processor_id(board_rev); - - if (proc_id >= ARRAY_SIZE(soc_cores_count) || !soc_cores_count[proc_id]) { - error_report("Unsupported processor id '%d' (board revision: 0x%x)", - proc_id, board_rev); - exit(1); - } - return soc_cores_count[proc_id]; + return soc_property[board_processor_id(board_rev)].cores_count; } static const char *board_type(uint32_t board_rev) From 1af702690e07f50d154e40a353f1e43ab2fbcaf1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 24 Sep 2020 13:18:07 +0200 Subject: [PATCH 17/18] hw/arm/raspi: Use RaspiProcessorId to set the firmware load address MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The firmware load address depends on the SoC ("processor id") used, not on the version of the board. Suggested-by: Luc Michel Reviewed-by: Luc Michel Signed-off-by: Philippe Mathieu-Daudé Message-id: 20200924111808.77168-8-f4bug@amsat.org Signed-off-by: Peter Maydell --- hw/arm/raspi.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/hw/arm/raspi.c b/hw/arm/raspi.c index 0d8e5a34c7..ae98a2fbfc 100644 --- a/hw/arm/raspi.c +++ b/hw/arm/raspi.c @@ -238,7 +238,8 @@ static void setup_boot(MachineState *machine, int version, size_t ram_size) * the normal Linux boot process */ if (machine->firmware) { - hwaddr firmware_addr = version == 3 ? FIRMWARE_ADDR_3 : FIRMWARE_ADDR_2; + hwaddr firmware_addr = processor_id <= PROCESSOR_ID_BCM2836 + ? FIRMWARE_ADDR_2 : FIRMWARE_ADDR_3; /* load the firmware image (typically kernel.img) */ r = load_image_targphys(machine->firmware, firmware_addr, ram_size - firmware_addr); From cdfaa57dcb53ba012439765a1462247dfda8595d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Thu, 24 Sep 2020 13:18:08 +0200 Subject: [PATCH 18/18] hw/arm/raspi: Remove use of the 'version' value in the board code MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We expected the 'version' ID to match the board processor ID, but this is not always true (for example boards with revision id 0xa02042/0xa22042 are Raspberry Pi 2 with a BCM2837 SoC). This was not important because we were not modelling them, but since the recent refactor now allow to model these boards, it is safer to check the processor id directly. Remove the version check. Suggested-by: Peter Maydell Reviewed-by: Luc Michel Signed-off-by: Philippe Mathieu-Daudé Message-id: 20200924111808.77168-9-f4bug@amsat.org Signed-off-by: Peter Maydell --- hw/arm/raspi.c | 29 +++++++++++++---------------- 1 file changed, 13 insertions(+), 16 deletions(-) diff --git a/hw/arm/raspi.c b/hw/arm/raspi.c index ae98a2fbfc..b5b30f0f38 100644 --- a/hw/arm/raspi.c +++ b/hw/arm/raspi.c @@ -98,11 +98,6 @@ static RaspiProcessorId board_processor_id(uint32_t board_rev) return proc_id; } -static int board_version(uint32_t board_rev) -{ - return board_processor_id(board_rev) + 1; -} - static const char *board_soc_type(uint32_t board_rev) { return soc_property[board_processor_id(board_rev)].type; @@ -201,7 +196,8 @@ static void reset_secondary(ARMCPU *cpu, const struct arm_boot_info *info) cpu_set_pc(cs, info->smp_loader_start); } -static void setup_boot(MachineState *machine, int version, size_t ram_size) +static void setup_boot(MachineState *machine, RaspiProcessorId processor_id, + size_t ram_size) { RaspiMachineState *s = RASPI_MACHINE(machine); int r; @@ -210,12 +206,13 @@ static void setup_boot(MachineState *machine, int version, size_t ram_size) s->binfo.ram_size = ram_size; s->binfo.nb_cpus = machine->smp.cpus; - if (version <= 2) { - /* The rpi1 and 2 require some custom setup code to run in Secure - * mode before booting a kernel (to set up the SMC vectors so - * that we get a no-op SMC; this is used by Linux to call the + if (processor_id <= PROCESSOR_ID_BCM2836) { + /* + * The BCM2835 and BCM2836 require some custom setup code to run + * in Secure mode before booting a kernel (to set up the SMC vectors + * so that we get a no-op SMC; this is used by Linux to call the * firmware for some cache maintenance operations. - * The rpi3 doesn't need this. + * The BCM2837 doesn't need this. */ s->binfo.board_setup_addr = BOARDSETUP_ADDR; s->binfo.write_board_setup = write_board_setup; @@ -223,10 +220,10 @@ static void setup_boot(MachineState *machine, int version, size_t ram_size) s->binfo.secure_boot = true; } - /* Pi2 and Pi3 requires SMP setup */ - if (version >= 2) { + /* BCM2836 and BCM2837 requires SMP setup */ + if (processor_id >= PROCESSOR_ID_BCM2836) { s->binfo.smp_loader_start = SMPBOOT_ADDR; - if (version == 2) { + if (processor_id == PROCESSOR_ID_BCM2836) { s->binfo.write_secondary_boot = write_smpboot; } else { s->binfo.write_secondary_boot = write_smpboot64; @@ -260,7 +257,6 @@ static void raspi_machine_init(MachineState *machine) RaspiMachineClass *mc = RASPI_MACHINE_GET_CLASS(machine); RaspiMachineState *s = RASPI_MACHINE(machine); uint32_t board_rev = mc->board_rev; - int version = board_version(board_rev); uint64_t ram_size = board_ram_size(board_rev); uint32_t vcram_size; DriveInfo *di; @@ -301,7 +297,8 @@ static void raspi_machine_init(MachineState *machine) vcram_size = object_property_get_uint(OBJECT(&s->soc), "vcram-size", &error_abort); - setup_boot(machine, version, machine->ram_size - vcram_size); + setup_boot(machine, board_processor_id(mc->board_rev), + machine->ram_size - vcram_size); } static void raspi_machine_class_common_init(MachineClass *mc,