From c460132251e85eed22f7be4c75f444ce2e246912 Mon Sep 17 00:00:00 2001 From: Richard Henderson Date: Fri, 12 May 2023 15:43:36 +0100 Subject: [PATCH 01/12] target/arm: Move translate-a32.h, arm_ldst.h, sve_ldst_internal.h to tcg/ MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit These files got missed when populating tcg/. Because they are included with "", no change to the users required. Signed-off-by: Richard Henderson Reviewed-by: Fabiano Rosas Reviewed-by: Philippe Mathieu-Daudé Message-id: 20230504110412.1892411-2-richard.henderson@linaro.org Signed-off-by: Peter Maydell --- target/arm/{ => tcg}/arm_ldst.h | 0 target/arm/{ => tcg}/sve_ldst_internal.h | 0 target/arm/{ => tcg}/translate-a32.h | 0 3 files changed, 0 insertions(+), 0 deletions(-) rename target/arm/{ => tcg}/arm_ldst.h (100%) rename target/arm/{ => tcg}/sve_ldst_internal.h (100%) rename target/arm/{ => tcg}/translate-a32.h (100%) diff --git a/target/arm/arm_ldst.h b/target/arm/tcg/arm_ldst.h similarity index 100% rename from target/arm/arm_ldst.h rename to target/arm/tcg/arm_ldst.h diff --git a/target/arm/sve_ldst_internal.h b/target/arm/tcg/sve_ldst_internal.h similarity index 100% rename from target/arm/sve_ldst_internal.h rename to target/arm/tcg/sve_ldst_internal.h diff --git a/target/arm/translate-a32.h b/target/arm/tcg/translate-a32.h similarity index 100% rename from target/arm/translate-a32.h rename to target/arm/tcg/translate-a32.h From 67ce09b5443caf310649b5b003efe5b0d69e81a1 Mon Sep 17 00:00:00 2001 From: Richard Henderson Date: Fri, 12 May 2023 15:43:37 +0100 Subject: [PATCH 02/12] target/arm: Move helper-{a64,mve,sme,sve}.h to tcg/ MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit While we cannot move the main "helper.h" out of target/arm/, due to usage by generic code, we can move the sub-includes. Signed-off-by: Richard Henderson Reviewed-by: Fabiano Rosas Message-id: 20230504110412.1892411-3-richard.henderson@linaro.org Reviewed-by: Philippe Mathieu-Daudé Signed-off-by: Peter Maydell --- target/arm/helper.h | 8 ++++---- target/arm/{ => tcg}/helper-a64.h | 0 target/arm/{ => tcg}/helper-mve.h | 0 target/arm/{ => tcg}/helper-sme.h | 0 target/arm/{ => tcg}/helper-sve.h | 0 5 files changed, 4 insertions(+), 4 deletions(-) rename target/arm/{ => tcg}/helper-a64.h (100%) rename target/arm/{ => tcg}/helper-mve.h (100%) rename target/arm/{ => tcg}/helper-sme.h (100%) rename target/arm/{ => tcg}/helper-sve.h (100%) diff --git a/target/arm/helper.h b/target/arm/helper.h index 018b00ea75..3335c2b10b 100644 --- a/target/arm/helper.h +++ b/target/arm/helper.h @@ -1039,9 +1039,9 @@ DEF_HELPER_FLAGS_5(gvec_uclamp_d, TCG_CALL_NO_RWG, void, ptr, ptr, ptr, ptr, i32) #ifdef TARGET_AARCH64 -#include "helper-a64.h" -#include "helper-sve.h" -#include "helper-sme.h" +#include "tcg/helper-a64.h" +#include "tcg/helper-sve.h" +#include "tcg/helper-sme.h" #endif -#include "helper-mve.h" +#include "tcg/helper-mve.h" diff --git a/target/arm/helper-a64.h b/target/arm/tcg/helper-a64.h similarity index 100% rename from target/arm/helper-a64.h rename to target/arm/tcg/helper-a64.h diff --git a/target/arm/helper-mve.h b/target/arm/tcg/helper-mve.h similarity index 100% rename from target/arm/helper-mve.h rename to target/arm/tcg/helper-mve.h diff --git a/target/arm/helper-sme.h b/target/arm/tcg/helper-sme.h similarity index 100% rename from target/arm/helper-sme.h rename to target/arm/tcg/helper-sme.h diff --git a/target/arm/helper-sve.h b/target/arm/tcg/helper-sve.h similarity index 100% rename from target/arm/helper-sve.h rename to target/arm/tcg/helper-sve.h From 21a4ab8318ba6f049aac244e237cd1557586e216 Mon Sep 17 00:00:00 2001 From: Peter Maydell Date: Fri, 12 May 2023 15:43:37 +0100 Subject: [PATCH 03/12] target/arm: Don't allow stage 2 page table walks to downgrade to NS MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bit 63 in a Table descriptor is only the NSTable bit for stage 1 translations; in stage 2 it is RES0. We were incorrectly looking at it all the time. This causes problems if: * the stage 2 table descriptor was incorrectly setting the RES0 bit * we are doing a stage 2 translation in Secure address space for a NonSecure stage 1 regime -- in this case we would incorrectly do an immediate downgrade to NonSecure A bug elsewhere in the code currently prevents us from getting to the second situation, but when we fix that it will be possible. Cc: qemu-stable@nongnu.org Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson Reviewed-by: Philippe Mathieu-Daudé Message-id: 20230504135425.2748672-2-peter.maydell@linaro.org --- target/arm/ptw.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/target/arm/ptw.c b/target/arm/ptw.c index bd75da8dbc..8ac6d9b1d0 100644 --- a/target/arm/ptw.c +++ b/target/arm/ptw.c @@ -1415,17 +1415,18 @@ static bool get_phys_addr_lpae(CPUARMState *env, S1Translate *ptw, descaddrmask &= ~indexmask_grainsize; /* - * Secure accesses start with the page table in secure memory and + * Secure stage 1 accesses start with the page table in secure memory and * can be downgraded to non-secure at any step. Non-secure accesses * remain non-secure. We implement this by just ORing in the NSTable/NS * bits at each step. + * Stage 2 never gets this kind of downgrade. */ tableattrs = is_secure ? 0 : (1 << 4); next_level: descaddr |= (address >> (stride * (4 - level))) & indexmask; descaddr &= ~7ULL; - nstable = extract32(tableattrs, 4, 1); + nstable = !regime_is_stage2(mmu_idx) && extract32(tableattrs, 4, 1); if (nstable) { /* * Stage2_S -> Stage2 or Phys_S -> Phys_NS From fcc0b0418fff655f20fd0cf86a1bbdc41fd2e7c6 Mon Sep 17 00:00:00 2001 From: Peter Maydell Date: Fri, 12 May 2023 15:43:37 +0100 Subject: [PATCH 04/12] target/arm: Fix handling of SW and NSW bits for stage 2 walks We currently don't correctly handle the VSTCR_EL2.SW and VTCR_EL2.NSW configuration bits. These allow configuration of whether the stage 2 page table walks for Secure IPA and NonSecure IPA should do their descriptor reads from Secure or NonSecure physical addresses. (This is separate from how the translation table base address and other parameters are set: an NS IPA always uses VTTBR_EL2 and VTCR_EL2 for its base address and walk parameters, regardless of the NSW bit, and similarly for Secure.) Provide a new function ptw_idx_for_stage_2() which returns the MMU index to use for descriptor reads, and use it to set up the .in_ptw_idx wherever we call get_phys_addr_lpae(). For a stage 2 walk, wherever we call get_phys_addr_lpae(): * .in_ptw_idx should be ptw_idx_for_stage_2() of the .in_mmu_idx * .in_secure should be true if .in_mmu_idx is Stage2_S This allows us to correct S1_ptw_translate() so that it consistently always sets its (out_secure, out_phys) to the result it gets from the S2 walk (either by calling get_phys_addr_lpae() or by TLB lookup). This makes better conceptual sense because the S2 walk should return us an (address space, address) tuple, not an address that we then randomly assign to S or NS. Our previous handling of SW and NSW was broken, so guest code trying to use these bits to put the s2 page tables in the "other" address space wouldn't work correctly. Cc: qemu-stable@nongnu.org Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1600 Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson Message-id: 20230504135425.2748672-3-peter.maydell@linaro.org --- target/arm/ptw.c | 76 ++++++++++++++++++++++++++++++++---------------- 1 file changed, 51 insertions(+), 25 deletions(-) diff --git a/target/arm/ptw.c b/target/arm/ptw.c index 8ac6d9b1d0..a89aa70b8b 100644 --- a/target/arm/ptw.c +++ b/target/arm/ptw.c @@ -103,6 +103,37 @@ ARMMMUIdx arm_stage1_mmu_idx(CPUARMState *env) return stage_1_mmu_idx(arm_mmu_idx(env)); } +/* + * Return where we should do ptw loads from for a stage 2 walk. + * This depends on whether the address we are looking up is a + * Secure IPA or a NonSecure IPA, which we know from whether this is + * Stage2 or Stage2_S. + * If this is the Secure EL1&0 regime we need to check the NSW and SW bits. + */ +static ARMMMUIdx ptw_idx_for_stage_2(CPUARMState *env, ARMMMUIdx stage2idx) +{ + bool s2walk_secure; + + /* + * We're OK to check the current state of the CPU here because + * (1) we always invalidate all TLBs when the SCR_EL3.NS bit changes + * (2) there's no way to do a lookup that cares about Stage 2 for a + * different security state to the current one for AArch64, and AArch32 + * never has a secure EL2. (AArch32 ATS12NSO[UP][RW] allow EL3 to do + * an NS stage 1+2 lookup while the NS bit is 0.) + */ + if (!arm_is_secure_below_el3(env) || !arm_el_is_aa64(env, 3)) { + return ARMMMUIdx_Phys_NS; + } + if (stage2idx == ARMMMUIdx_Stage2_S) { + s2walk_secure = !(env->cp15.vstcr_el2 & VSTCR_SW); + } else { + s2walk_secure = !(env->cp15.vtcr_el2 & VTCR_NSW); + } + return s2walk_secure ? ARMMMUIdx_Phys_S : ARMMMUIdx_Phys_NS; + +} + static bool regime_translation_big_endian(CPUARMState *env, ARMMMUIdx mmu_idx) { return (regime_sctlr(env, mmu_idx) & SCTLR_EE) != 0; @@ -220,7 +251,6 @@ static bool S1_ptw_translate(CPUARMState *env, S1Translate *ptw, ARMMMUIdx mmu_idx = ptw->in_mmu_idx; ARMMMUIdx s2_mmu_idx = ptw->in_ptw_idx; uint8_t pte_attrs; - bool pte_secure; ptw->out_virt = addr; @@ -232,8 +262,8 @@ static bool S1_ptw_translate(CPUARMState *env, S1Translate *ptw, if (regime_is_stage2(s2_mmu_idx)) { S1Translate s2ptw = { .in_mmu_idx = s2_mmu_idx, - .in_ptw_idx = is_secure ? ARMMMUIdx_Phys_S : ARMMMUIdx_Phys_NS, - .in_secure = is_secure, + .in_ptw_idx = ptw_idx_for_stage_2(env, s2_mmu_idx), + .in_secure = s2_mmu_idx == ARMMMUIdx_Stage2_S, .in_debug = true, }; GetPhysAddrResult s2 = { }; @@ -244,12 +274,12 @@ static bool S1_ptw_translate(CPUARMState *env, S1Translate *ptw, } ptw->out_phys = s2.f.phys_addr; pte_attrs = s2.cacheattrs.attrs; - pte_secure = s2.f.attrs.secure; + ptw->out_secure = s2.f.attrs.secure; } else { /* Regime is physical. */ ptw->out_phys = addr; pte_attrs = 0; - pte_secure = is_secure; + ptw->out_secure = s2_mmu_idx == ARMMMUIdx_Phys_S; } ptw->out_host = NULL; ptw->out_rw = false; @@ -270,7 +300,7 @@ static bool S1_ptw_translate(CPUARMState *env, S1Translate *ptw, ptw->out_phys = full->phys_addr | (addr & ~TARGET_PAGE_MASK); ptw->out_rw = full->prot & PAGE_WRITE; pte_attrs = full->pte_attrs; - pte_secure = full->attrs.secure; + ptw->out_secure = full->attrs.secure; #else g_assert_not_reached(); #endif @@ -293,11 +323,6 @@ static bool S1_ptw_translate(CPUARMState *env, S1Translate *ptw, } } - /* Check if page table walk is to secure or non-secure PA space. */ - ptw->out_secure = (is_secure - && !(pte_secure - ? env->cp15.vstcr_el2 & VSTCR_SW - : env->cp15.vtcr_el2 & VTCR_NSW)); ptw->out_be = regime_translation_big_endian(env, mmu_idx); return true; @@ -2726,7 +2751,7 @@ static bool get_phys_addr_twostage(CPUARMState *env, S1Translate *ptw, hwaddr ipa; int s1_prot, s1_lgpgsz; bool is_secure = ptw->in_secure; - bool ret, ipa_secure, s2walk_secure; + bool ret, ipa_secure; ARMCacheAttrs cacheattrs1; bool is_el0; uint64_t hcr; @@ -2740,20 +2765,11 @@ static bool get_phys_addr_twostage(CPUARMState *env, S1Translate *ptw, ipa = result->f.phys_addr; ipa_secure = result->f.attrs.secure; - if (is_secure) { - /* Select TCR based on the NS bit from the S1 walk. */ - s2walk_secure = !(ipa_secure - ? env->cp15.vstcr_el2 & VSTCR_SW - : env->cp15.vtcr_el2 & VTCR_NSW); - } else { - assert(!ipa_secure); - s2walk_secure = false; - } is_el0 = ptw->in_mmu_idx == ARMMMUIdx_Stage1_E0; - ptw->in_mmu_idx = s2walk_secure ? ARMMMUIdx_Stage2_S : ARMMMUIdx_Stage2; - ptw->in_ptw_idx = s2walk_secure ? ARMMMUIdx_Phys_S : ARMMMUIdx_Phys_NS; - ptw->in_secure = s2walk_secure; + ptw->in_mmu_idx = ipa_secure ? ARMMMUIdx_Stage2_S : ARMMMUIdx_Stage2; + ptw->in_secure = ipa_secure; + ptw->in_ptw_idx = ptw_idx_for_stage_2(env, ptw->in_mmu_idx); /* * S1 is done, now do S2 translation. @@ -2861,6 +2877,16 @@ static bool get_phys_addr_with_struct(CPUARMState *env, S1Translate *ptw, ptw->in_ptw_idx = is_secure ? ARMMMUIdx_Stage2_S : ARMMMUIdx_Stage2; break; + case ARMMMUIdx_Stage2: + case ARMMMUIdx_Stage2_S: + /* + * Second stage lookup uses physical for ptw; whether this is S or + * NS may depend on the SW/NSW bits if this is a stage 2 lookup for + * the Secure EL2&0 regime. + */ + ptw->in_ptw_idx = ptw_idx_for_stage_2(env, mmu_idx); + break; + case ARMMMUIdx_E10_0: s1_mmu_idx = ARMMMUIdx_Stage1_E0; goto do_twostage; @@ -2884,7 +2910,7 @@ static bool get_phys_addr_with_struct(CPUARMState *env, S1Translate *ptw, /* fall through */ default: - /* Single stage and second stage uses physical for ptw. */ + /* Single stage uses physical for ptw. */ ptw->in_ptw_idx = is_secure ? ARMMMUIdx_Phys_S : ARMMMUIdx_Phys_NS; break; } From 4f9786327458c0e50d8e99066d1603ebe0e345c0 Mon Sep 17 00:00:00 2001 From: Akihiko Odaki Date: Fri, 12 May 2023 15:43:37 +0100 Subject: [PATCH 05/12] MAINTAINERS: Update Akihiko Odaki's email address MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit I am now employed by Daynix. Although my role as a reviewer of macOS-related change is not very relevant to the employment, I decided to use the company email address to avoid confusions from different addresses. Signed-off-by: Akihiko Odaki Reviewed-by: Marc-André Lureau Reviewed-by: Philippe Mathieu-Daudé Message-id: 20230506072333.32510-1-akihiko.odaki@daynix.com Signed-off-by: Peter Maydell --- MAINTAINERS | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/MAINTAINERS b/MAINTAINERS index f757369373..ff2aa53bb9 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -2566,7 +2566,7 @@ Core Audio framework backend M: Gerd Hoffmann M: Philippe Mathieu-Daudé R: Christian Schoenebeck -R: Akihiko Odaki +R: Akihiko Odaki S: Odd Fixes F: audio/coreaudio.c @@ -2850,7 +2850,7 @@ F: docs/devel/ui.rst Cocoa graphics M: Peter Maydell M: Philippe Mathieu-Daudé -R: Akihiko Odaki +R: Akihiko Odaki S: Odd Fixes F: ui/cocoa.m From cd22a0f520f471e3bd33bc19cf3b2fa772cdb2a8 Mon Sep 17 00:00:00 2001 From: Peter Maydell Date: Fri, 12 May 2023 15:43:38 +0100 Subject: [PATCH 06/12] ui: Fix pixel colour channel order for PNG screenshots MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When we take a PNG screenshot the ordering of the colour channels in the data is not correct, resulting in the image having weird colouring compared to the actual display. (Specifically, on a little-endian host the blue and red channels are swapped; on big-endian everything is wrong.) This happens because the pixman idea of the pixel data and the libpng idea differ. PIXMAN_a8r8g8b8 defines that pixels are 32-bit values, with A in bits 24-31, R in bits 16-23, G in bits 8-15 and B in bits 0-7. This means that on little-endian systems the bytes in memory are B G R A and on big-endian systems they are A R G B libpng, on the other hand, thinks of pixels as being a series of values for each channel, so its format PNG_COLOR_TYPE_RGB_ALPHA always wants bytes in the order R G B A This isn't the same as the pixman order for either big or little endian hosts. The alpha channel is also unnecessary bulk in the output PNG file, because there is no alpha information in a screenshot. To handle the endianness issue, we already define in ui/qemu-pixman.h various PIXMAN_BE_* and PIXMAN_LE_* values that give consistent byte-order pixel channel formats. So we can use PIXMAN_BE_r8g8b8 and PNG_COLOR_TYPE_RGB, which both have an in-memory byte order of R G B and 3 bytes per pixel. (PPM format screenshots get this right; they already use the PIXMAN_BE_r8g8b8 format.) Cc: qemu-stable@nongnu.org Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1622 Fixes: 9a0a119a382867 ("Added parameter to take screenshot with screendump as PNG") Signed-off-by: Peter Maydell Reviewed-by: Marc-André Lureau Message-id: 20230502135548.2451309-1-peter.maydell@linaro.org --- ui/console.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ui/console.c b/ui/console.c index 6e8a3cdc62..e173731e20 100644 --- a/ui/console.c +++ b/ui/console.c @@ -311,7 +311,7 @@ static bool png_save(int fd, pixman_image_t *image, Error **errp) png_struct *png_ptr; png_info *info_ptr; g_autoptr(pixman_image_t) linebuf = - qemu_pixman_linebuf_create(PIXMAN_a8r8g8b8, width); + qemu_pixman_linebuf_create(PIXMAN_BE_r8g8b8, width); uint8_t *buf = (uint8_t *)pixman_image_get_data(linebuf); FILE *f = fdopen(fd, "wb"); int y; @@ -341,7 +341,7 @@ static bool png_save(int fd, pixman_image_t *image, Error **errp) png_init_io(png_ptr, f); png_set_IHDR(png_ptr, info_ptr, width, height, 8, - PNG_COLOR_TYPE_RGB_ALPHA, PNG_INTERLACE_NONE, + PNG_COLOR_TYPE_RGB, PNG_INTERLACE_NONE, PNG_COMPRESSION_TYPE_BASE, PNG_FILTER_TYPE_BASE); png_write_info(png_ptr, info_ptr); From d6359e150dbdf84f67add786473fd277a9a442bb Mon Sep 17 00:00:00 2001 From: Peter Maydell Date: Fri, 12 May 2023 15:43:38 +0100 Subject: [PATCH 07/12] docs: Remove unused weirdly-named cross-reference targets In the doc sources, we have a few cross-reference targets with odd names "pcsys_005fxyz". These are the legacy of the semi-automated conversion of the old info docs to rST (the '005f' is because ASCII 0x5f is '_' and the old info link names had underscores in them). Remove the targets which nothing links to, and rename the two targets which are used to something a bit more descriptive. Signed-off-by: Peter Maydell Message-id: 20230421163642.1151904-1-peter.maydell@linaro.org Reviewed-by: Markus Armbruster --- docs/system/devices/igb.rst | 2 +- docs/system/devices/ivshmem.rst | 2 -- docs/system/devices/net.rst | 2 +- docs/system/devices/usb.rst | 2 -- docs/system/keys.rst | 2 +- docs/system/linuxboot.rst | 2 +- docs/system/target-i386.rst | 4 ---- 7 files changed, 4 insertions(+), 12 deletions(-) diff --git a/docs/system/devices/igb.rst b/docs/system/devices/igb.rst index 70edadd574..0bcdd85747 100644 --- a/docs/system/devices/igb.rst +++ b/docs/system/devices/igb.rst @@ -29,7 +29,7 @@ Using igb ========= Using igb should be nothing different from using another network device. See -:ref:`pcsys_005fnetwork` in general. +:ref:`Network_emulation` in general. However, you may also need to perform additional steps to activate SR-IOV feature on your guest. For Linux, refer to [4]_. diff --git a/docs/system/devices/ivshmem.rst b/docs/system/devices/ivshmem.rst index b03a48afa3..e7aaf34c20 100644 --- a/docs/system/devices/ivshmem.rst +++ b/docs/system/devices/ivshmem.rst @@ -1,5 +1,3 @@ -.. _pcsys_005fivshmem: - Inter-VM Shared Memory device ----------------------------- diff --git a/docs/system/devices/net.rst b/docs/system/devices/net.rst index 4b2640c448..2ab516d4b0 100644 --- a/docs/system/devices/net.rst +++ b/docs/system/devices/net.rst @@ -1,4 +1,4 @@ -.. _pcsys_005fnetwork: +.. _Network_Emulation: Network emulation ----------------- diff --git a/docs/system/devices/usb.rst b/docs/system/devices/usb.rst index 37cb9b33ae..7416681073 100644 --- a/docs/system/devices/usb.rst +++ b/docs/system/devices/usb.rst @@ -1,5 +1,3 @@ -.. _pcsys_005fusb: - USB emulation ------------- diff --git a/docs/system/keys.rst b/docs/system/keys.rst index e596ae6c4e..0fc17b994d 100644 --- a/docs/system/keys.rst +++ b/docs/system/keys.rst @@ -1,4 +1,4 @@ -.. _pcsys_005fkeys: +.. _GUI_keys: Keys in the graphical frontends ------------------------------- diff --git a/docs/system/linuxboot.rst b/docs/system/linuxboot.rst index 228650abc5..5db2e560dc 100644 --- a/docs/system/linuxboot.rst +++ b/docs/system/linuxboot.rst @@ -27,4 +27,4 @@ virtual serial port and the QEMU monitor to the console with the -append "root=/dev/hda console=ttyS0" -nographic Use Ctrl-a c to switch between the serial console and the monitor (see -:ref:`pcsys_005fkeys`). +:ref:`GUI_keys`). diff --git a/docs/system/target-i386.rst b/docs/system/target-i386.rst index 77c2f3b979..1b8a1f248a 100644 --- a/docs/system/target-i386.rst +++ b/docs/system/target-i386.rst @@ -3,8 +3,6 @@ x86 System emulator ------------------- -.. _pcsys_005fdevices: - Board-specific documentation ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -32,8 +30,6 @@ Architectural features i386/sgx i386/amd-memory-encryption -.. _pcsys_005freq: - OS requirements ~~~~~~~~~~~~~~~ From 9d8299bf93eb7c2ea5fd64716352b9454fa7fe8c Mon Sep 17 00:00:00 2001 From: Peter Maydell Date: Fri, 12 May 2023 15:43:38 +0100 Subject: [PATCH 08/12] hw/mips/malta: Fix minor dead code issue MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Coverity points out (in CID 1508390) that write_bootloader has some dead code, where we assign to 'p' and then in the following line assign to it again. This happened as a result of the refactoring in commit cd5066f8618b. Fix the dead code by removing the 'void *v' variable entirely and instead adding a cast when calling bl_setup_gt64120_jump_kernel(), as we do at its other callsite in write_bootloader_nanomips(). Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daudé --- hw/mips/malta.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/hw/mips/malta.c b/hw/mips/malta.c index af9021316d..e3be2eea56 100644 --- a/hw/mips/malta.c +++ b/hw/mips/malta.c @@ -748,7 +748,6 @@ static void write_bootloader(uint8_t *base, uint64_t run_addr, uint64_t kernel_entry) { uint32_t *p; - void *v; /* Small bootloader */ p = (uint32_t *)base; @@ -785,9 +784,7 @@ static void write_bootloader(uint8_t *base, uint64_t run_addr, * */ - v = p; - bl_setup_gt64120_jump_kernel(&v, run_addr, kernel_entry); - p = v; + bl_setup_gt64120_jump_kernel((void **)&p, run_addr, kernel_entry); /* YAMON subroutines */ p = (uint32_t *) (base + 0x800); From f773a31ece66744705eda794752767df29f8c8d8 Mon Sep 17 00:00:00 2001 From: Fabiano Rosas Date: Mon, 8 May 2023 15:16:09 -0300 Subject: [PATCH 09/12] target/arm: Select SEMIHOSTING when using TCG Semihosting has been made a 'default y' entry in Kconfig, which does not work because when building --without-default-devices, the semihosting code would not be available. Make semihosting unconditional when TCG is present. Fixes: 29d9efca16 ("arm/Kconfig: Do not build TCG-only boards on a KVM-only build") Signed-off-by: Fabiano Rosas Reviewed-by: Richard Henderson Message-id: 20230508181611.2621-2-farosas@suse.de Signed-off-by: Peter Maydell --- target/arm/Kconfig | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/target/arm/Kconfig b/target/arm/Kconfig index 39f05b6420..3fffdcb61b 100644 --- a/target/arm/Kconfig +++ b/target/arm/Kconfig @@ -1,13 +1,7 @@ config ARM bool + select ARM_COMPATIBLE_SEMIHOSTING if TCG config AARCH64 bool select ARM - -# This config exists just so we can make SEMIHOSTING default when TCG -# is selected without also changing it for other architectures. -config ARM_SEMIHOSTING - bool - default y if TCG && ARM - select ARM_COMPATIBLE_SEMIHOSTING From a117e87212ca1da8221e4ccbdeed3bedba5dc8f3 Mon Sep 17 00:00:00 2001 From: Fabiano Rosas Date: Mon, 8 May 2023 15:16:10 -0300 Subject: [PATCH 10/12] target/arm: Select CONFIG_ARM_V7M when TCG is enabled We cannot allow this config to be disabled at the moment as not all of the relevant code is protected by it. Commit 29d9efca16 ("arm/Kconfig: Do not build TCG-only boards on a KVM-only build") moved the CONFIGs of several boards to Kconfig, so it is now possible that nothing selects ARM_V7M (e.g. when doing a --without-default-devices build). Return the CONFIG_ARM_V7M entry to a state where it is always selected whenever TCG is available. Fixes: 29d9efca16 ("arm/Kconfig: Do not build TCG-only boards on a KVM-only build") Signed-off-by: Fabiano Rosas Reviewed-by: Richard Henderson Message-id: 20230508181611.2621-3-farosas@suse.de Signed-off-by: Peter Maydell --- target/arm/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/target/arm/Kconfig b/target/arm/Kconfig index 3fffdcb61b..5947366f6e 100644 --- a/target/arm/Kconfig +++ b/target/arm/Kconfig @@ -1,6 +1,7 @@ config ARM bool select ARM_COMPATIBLE_SEMIHOSTING if TCG + select ARM_V7M if TCG config AARCH64 bool From c726fa701c14f088241e2f3f89b0c25ffabeac3c Mon Sep 17 00:00:00 2001 From: Fabiano Rosas Date: Mon, 8 May 2023 15:16:11 -0300 Subject: [PATCH 11/12] tests/qtest: Don't run cdrom boot tests if no accelerator is present On a build configured with: --disable-tcg --enable-xen it is possible to produce a QEMU binary with no TCG nor KVM support. Skip the cdrom boot tests if that's the case. Fixes: 0c1ae3ff9d ("tests/qtest: Fix tests when no KVM or TCG are present") Signed-off-by: Fabiano Rosas Reviewed-by: Thomas Huth Message-id: 20230508181611.2621-4-farosas@suse.de Signed-off-by: Peter Maydell --- tests/qtest/cdrom-test.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/tests/qtest/cdrom-test.c b/tests/qtest/cdrom-test.c index 26a2400181..31d3bacd8c 100644 --- a/tests/qtest/cdrom-test.c +++ b/tests/qtest/cdrom-test.c @@ -130,6 +130,11 @@ static void test_cdboot(gconstpointer data) static void add_x86_tests(void) { + if (!qtest_has_accel("tcg") && !qtest_has_accel("kvm")) { + g_test_skip("No KVM or TCG accelerator available, skipping boot tests"); + return; + } + qtest_add_data_func("cdrom/boot/default", "-cdrom ", test_cdboot); qtest_add_data_func("cdrom/boot/virtio-scsi", "-device virtio-scsi -device scsi-cd,drive=cdr " @@ -176,6 +181,11 @@ static void add_x86_tests(void) static void add_s390x_tests(void) { + if (!qtest_has_accel("tcg") && !qtest_has_accel("kvm")) { + g_test_skip("No KVM or TCG accelerator available, skipping boot tests"); + return; + } + qtest_add_data_func("cdrom/boot/default", "-cdrom ", test_cdboot); qtest_add_data_func("cdrom/boot/virtio-scsi", "-device virtio-scsi -device scsi-cd,drive=cdr " From 478dccbb99db0bf8f00537dd0b4d0de88d5cb537 Mon Sep 17 00:00:00 2001 From: Peter Maydell Date: Tue, 9 May 2023 10:20:59 +0100 Subject: [PATCH 12/12] target/arm: Correct AArch64.S2MinTxSZ 32-bit EL1 input size check In check_s2_mmu_setup() we have a check that is attempting to implement the part of AArch64.S2MinTxSZ that is specific to when EL1 is AArch32: if !s1aarch64 then // EL1 is AArch32 min_txsz = Min(min_txsz, 24); Unfortunately we got this wrong in two ways: (1) The minimum txsz corresponds to a maximum inputsize, but we got the sense of the comparison wrong and were faulting for all inputsizes less than 40 bits (2) We try to implement this as an extra check that happens after we've done the same txsz checks we would do for an AArch64 EL1, but in fact the pseudocode is *loosening* the requirements, so that txsz values that would fault for an AArch64 EL1 do not fault for AArch32 EL1, because it does Min(old_min, 24), not Max(old_min, 24). You can see this also in the text of the Arm ARM in table D8-8, which shows that where the implemented PA size is less than 40 bits an AArch32 EL1 is still OK with a configured stage2 T0SZ for a 40 bit IPA, whereas if EL1 is AArch64 then the T0SZ must be big enough to constrain the IPA to the implemented PA size. Because of part (2), we can't do this as a separate check, but have to integrate it into aa64_va_parameters(). Add a new argument to that function to indicate that EL1 is 32-bit. All the existing callsites except the one in get_phys_addr_lpae() can pass 'false', because they are either doing a lookup for a stage 1 regime or else they don't care about the tsz/tsz_oob fields. Cc: qemu-stable@nongnu.org Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1627 Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson Message-id: 20230509092059.3176487-1-peter.maydell@linaro.org --- target/arm/gdbstub64.c | 2 +- target/arm/helper.c | 15 +++++++++++++-- target/arm/internals.h | 12 +++++++++++- target/arm/ptw.c | 14 ++------------ target/arm/tcg/pauth_helper.c | 6 +++--- 5 files changed, 30 insertions(+), 19 deletions(-) diff --git a/target/arm/gdbstub64.c b/target/arm/gdbstub64.c index c1f7e8c934..d7b79a6589 100644 --- a/target/arm/gdbstub64.c +++ b/target/arm/gdbstub64.c @@ -233,7 +233,7 @@ int aarch64_gdb_get_pauth_reg(CPUARMState *env, GByteArray *buf, int reg) ARMMMUIdx mmu_idx = arm_stage1_mmu_idx(env); ARMVAParameters param; - param = aa64_va_parameters(env, -is_high, mmu_idx, is_data); + param = aa64_va_parameters(env, -is_high, mmu_idx, is_data, false); return gdb_get_reg64(buf, pauth_ptr_mask(param)); } default: diff --git a/target/arm/helper.c b/target/arm/helper.c index 2297626bfb..0b7fd2e7e6 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -4904,7 +4904,7 @@ static TLBIRange tlbi_aa64_get_range(CPUARMState *env, ARMMMUIdx mmuidx, unsigned int page_size_granule, page_shift, num, scale, exponent; /* Extract one bit to represent the va selector in use. */ uint64_t select = sextract64(value, 36, 1); - ARMVAParameters param = aa64_va_parameters(env, select, mmuidx, true); + ARMVAParameters param = aa64_va_parameters(env, select, mmuidx, true, false); TLBIRange ret = { }; ARMGranuleSize gran; @@ -11193,7 +11193,8 @@ static ARMGranuleSize sanitize_gran_size(ARMCPU *cpu, ARMGranuleSize gran, } ARMVAParameters aa64_va_parameters(CPUARMState *env, uint64_t va, - ARMMMUIdx mmu_idx, bool data) + ARMMMUIdx mmu_idx, bool data, + bool el1_is_aa32) { uint64_t tcr = regime_tcr(env, mmu_idx); bool epd, hpd, tsz_oob, ds, ha, hd; @@ -11289,6 +11290,16 @@ ARMVAParameters aa64_va_parameters(CPUARMState *env, uint64_t va, } } + if (stage2 && el1_is_aa32) { + /* + * For AArch32 EL1 the min txsz (and thus max IPA size) requirements + * are loosened: a configured IPA of 40 bits is permitted even if + * the implemented PA is less than that (and so a 40 bit IPA would + * fault for an AArch64 EL1). See R_DTLMN. + */ + min_tsz = MIN(min_tsz, 24); + } + if (tsz > max_tsz) { tsz = max_tsz; tsz_oob = true; diff --git a/target/arm/internals.h b/target/arm/internals.h index 0df8f3b8bc..c869d18c38 100644 --- a/target/arm/internals.h +++ b/target/arm/internals.h @@ -1091,8 +1091,18 @@ typedef struct ARMVAParameters { ARMGranuleSize gran : 2; } ARMVAParameters; +/** + * aa64_va_parameters: Return parameters for an AArch64 virtual address + * @env: CPU + * @va: virtual address to look up + * @mmu_idx: determines translation regime to use + * @data: true if this is a data access + * @el1_is_aa32: true if we are asking about stage 2 when EL1 is AArch32 + * (ignored if @mmu_idx is for a stage 1 regime; only affects tsz/tsz_oob) + */ ARMVAParameters aa64_va_parameters(CPUARMState *env, uint64_t va, - ARMMMUIdx mmu_idx, bool data); + ARMMMUIdx mmu_idx, bool data, + bool el1_is_aa32); int aa64_va_parameter_tbi(uint64_t tcr, ARMMMUIdx mmu_idx); int aa64_va_parameter_tbid(uint64_t tcr, ARMMMUIdx mmu_idx); diff --git a/target/arm/ptw.c b/target/arm/ptw.c index a89aa70b8b..69c05cd9da 100644 --- a/target/arm/ptw.c +++ b/target/arm/ptw.c @@ -1134,17 +1134,6 @@ static int check_s2_mmu_setup(ARMCPU *cpu, bool is_aa64, uint64_t tcr, sl0 = extract32(tcr, 6, 2); if (is_aa64) { - /* - * AArch64.S2InvalidTxSZ: While we checked tsz_oob near the top of - * get_phys_addr_lpae, that used aa64_va_parameters which apply - * to aarch64. If Stage1 is aarch32, the min_txsz is larger. - * See AArch64.S2MinTxSZ, where min_tsz is 24, translated to - * inputsize is 64 - 24 = 40. - */ - if (iasize < 40 && !arm_el_is_aa64(&cpu->env, 1)) { - goto fail; - } - /* * AArch64.S2InvalidSL: Interpretation of SL depends on the page size, * so interleave AArch64.S2StartLevel. @@ -1284,7 +1273,8 @@ static bool get_phys_addr_lpae(CPUARMState *env, S1Translate *ptw, int ps; param = aa64_va_parameters(env, address, mmu_idx, - access_type != MMU_INST_FETCH); + access_type != MMU_INST_FETCH, + !arm_el_is_aa64(env, 1)); level = 0; /* diff --git a/target/arm/tcg/pauth_helper.c b/target/arm/tcg/pauth_helper.c index de067fa716..62af569341 100644 --- a/target/arm/tcg/pauth_helper.c +++ b/target/arm/tcg/pauth_helper.c @@ -293,7 +293,7 @@ static uint64_t pauth_addpac(CPUARMState *env, uint64_t ptr, uint64_t modifier, ARMPACKey *key, bool data) { ARMMMUIdx mmu_idx = arm_stage1_mmu_idx(env); - ARMVAParameters param = aa64_va_parameters(env, ptr, mmu_idx, data); + ARMVAParameters param = aa64_va_parameters(env, ptr, mmu_idx, data, false); uint64_t pac, ext_ptr, ext, test; int bot_bit, top_bit; @@ -355,7 +355,7 @@ static uint64_t pauth_auth(CPUARMState *env, uint64_t ptr, uint64_t modifier, ARMPACKey *key, bool data, int keynumber) { ARMMMUIdx mmu_idx = arm_stage1_mmu_idx(env); - ARMVAParameters param = aa64_va_parameters(env, ptr, mmu_idx, data); + ARMVAParameters param = aa64_va_parameters(env, ptr, mmu_idx, data, false); int bot_bit, top_bit; uint64_t pac, orig_ptr, test; @@ -379,7 +379,7 @@ static uint64_t pauth_auth(CPUARMState *env, uint64_t ptr, uint64_t modifier, static uint64_t pauth_strip(CPUARMState *env, uint64_t ptr, bool data) { ARMMMUIdx mmu_idx = arm_stage1_mmu_idx(env); - ARMVAParameters param = aa64_va_parameters(env, ptr, mmu_idx, data); + ARMVAParameters param = aa64_va_parameters(env, ptr, mmu_idx, data, false); return pauth_original_ptr(ptr, param); }