[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] 5669d2: target/arm: Fix handling of LDAPR/STL
|
From: |
Richard Henderson |
|
Subject: |
[Qemu-commits] [qemu/qemu] 5669d2: target/arm: Fix handling of LDAPR/STLR with negati... |
|
Date: |
Thu, 18 Jul 2024 18:20:41 -0700 |
Branch: refs/heads/master
Home: https://github.com/qemu/qemu
Commit: 5669d26ec614b3f4c56cf1489b9095ed327938b1
https://github.com/qemu/qemu/commit/5669d26ec614b3f4c56cf1489b9095ed327938b1
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2024-07-18 (Thu, 18 Jul 2024)
Changed paths:
M target/arm/tcg/a64.decode
Log Message:
-----------
target/arm: Fix handling of LDAPR/STLR with negative offset
When we converted the LDAPR/STLR instructions to decodetree we
accidentally introduced a regression where the offset is negative.
The 9-bit immediate field is signed, and the old hand decoder
correctly used sextract32() to get it out of the insn word,
but the ldapr_stlr_i pattern in the decode file used "imm:9"
instead of "imm:s9", so it treated the field as unsigned.
Fix the pattern to treat the field as a signed immediate.
Cc: qemu-stable@nongnu.org
Fixes: 2521b6073b7 ("target/arm: Convert LDAPR/STLR (imm) to decodetree")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2419
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20240709134504.3500007-2-peter.maydell@linaro.org
Commit: 25489b521b61b874c4c6583956db0012a3674e3a
https://github.com/qemu/qemu/commit/25489b521b61b874c4c6583956db0012a3674e3a
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2024-07-18 (Thu, 18 Jul 2024)
Changed paths:
M target/arm/tcg/translate-a64.c
Log Message:
-----------
target/arm: LDAPR should honour SCTLR_ELx.nAA
In commit c1a1f80518d360b when we added the FEAT_LSE2 relaxations to
the alignment requirements for atomic and ordered loads and stores,
we didn't quite get it right for LDAPR/LDAPRH/LDAPRB with no
immediate offset. These instructions were handled in the old decoder
as part of disas_ldst_atomic(), but unlike all the other insns that
function decoded (LDADD, LDCLR, etc) these insns are "ordered", not
"atomic", so they should be using check_ordered_align() rather than
check_atomic_align(). Commit c1a1f80518d360b used
check_atomic_align() regardless for everything in
disas_ldst_atomic(). We then carried that incorrect check over in
the decodetree conversion, where LDAPR/LDAPRH/LDAPRB are now handled
by trans_LDAPR().
The effect is that when FEAT_LSE2 is implemented, these instructions
don't honour the SCTLR_ELx.nAA bit and will generate alignment
faults when they should not.
(The LDAPR insns with an immediate offset were in disas_ldst_ldapr_stlr()
and then in trans_LDAPR_i() and trans_STLR_i(), and have always used
the correct check_ordered_align().)
Use check_ordered_align() in trans_LDAPR().
Cc: qemu-stable@nongnu.org
Fixes: c1a1f80518d360b ("target/arm: Relax ordered/atomic alignment checks for
LSE2")
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20240709134504.3500007-3-peter.maydell@linaro.org
Commit: 345acc443905eda8008a1d328dd89b73c4a3f89e
https://github.com/qemu/qemu/commit/345acc443905eda8008a1d328dd89b73c4a3f89e
Author: SamJakob <me@samjakob.com>
Date: 2024-07-18 (Thu, 18 Jul 2024)
Changed paths:
M hw/display/bcm2835_fb.c
Log Message:
-----------
hw/display/bcm2835_fb: fix fb_use_offsets condition
It is common practice when implementing double-buffering on VideoCore
to do so by multiplying the height of the virtual buffer by the
number of virtual screens desired (i.e., two - in the case of
double-bufferring).
At present, this won't work in QEMU because the logic in
fb_use_offsets require that both the virtual width and height exceed
their physical counterparts.
This appears to be unintentional/a typo and indeed the comment
states; "Experimentally, the hardware seems to do this only if the
viewport size is larger than the physical screen". The
viewport/virtual size would be larger than the physical size if
either virtual dimension were larger than their physical counterparts
and not necessarily both.
Signed-off-by: SamJakob <me@samjakob.com>
Message-id: 20240713160353.62410-1-me@samjakob.com
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: bde809f05f66b4be4475ffa9819d82a01686d1c7
https://github.com/qemu/qemu/commit/bde809f05f66b4be4475ffa9819d82a01686d1c7
Author: Mostafa Saleh <smostafa@google.com>
Date: 2024-07-18 (Thu, 18 Jul 2024)
Changed paths:
M hw/arm/smmu-common.c
Log Message:
-----------
hw/arm/smmu-common: Add missing size check for stage-1
According to the SMMU architecture specification (ARM IHI 0070 F.b),
in “3.4 Address sizes”
The address output from the translation causes a stage 1 Address Size
fault if it exceeds the range of the effective IPA size for the given CD.
However, this check was missing.
There is already a similar check for stage-2 against effective PA.
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Mostafa Saleh <smostafa@google.com>
Message-id: 20240715084519.1189624-2-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: 48f9e9eb2914cf1ccd67bf7a011d2706490d81f0
https://github.com/qemu/qemu/commit/48f9e9eb2914cf1ccd67bf7a011d2706490d81f0
Author: Mostafa Saleh <smostafa@google.com>
Date: 2024-07-18 (Thu, 18 Jul 2024)
Changed paths:
M hw/arm/smmu-common.c
M hw/arm/smmuv3.c
Log Message:
-----------
hw/arm/smmu: Fix IPA for stage-2 events
For the following events (ARM IHI 0070 F.b - 7.3 Event records):
- F_TRANSLATION
- F_ACCESS
- F_PERMISSION
- F_ADDR_SIZE
If fault occurs at stage 2, S2 == 1 and:
- If translating an IPA for a transaction (whether by input to
stage 2-only configuration, or after successful stage 1 translation),
CLASS == IN, and IPA is provided.
At the moment only CLASS == IN is used which indicates input
translation.
However, this was not implemented correctly, as for stage 2, the code
only sets the S2 bit but not the IPA.
This field has the same bits as FetchAddr in F_WALK_EABT which is
populated correctly, so we don’t change that.
The setting of this field should be done from the walker as the IPA address
wouldn't be known in case of nesting.
For stage 1, the spec says:
If fault occurs at stage 1, S2 == 0 and:
CLASS == IN, IPA is UNKNOWN.
So, no need to set it to for stage 1, as ptw_info is initialised by zero in
smmuv3_translate().
Fixes: e703f7076a “hw/arm/smmuv3: Add page table walk for stage-2”
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Mostafa Saleh <smostafa@google.com>
Message-id: 20240715084519.1189624-3-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: 2731ea049d13dfed57f4b0b8bf38725321f752f9
https://github.com/qemu/qemu/commit/2731ea049d13dfed57f4b0b8bf38725321f752f9
Author: Mostafa Saleh <smostafa@google.com>
Date: 2024-07-18 (Thu, 18 Jul 2024)
Changed paths:
M hw/arm/smmuv3-internal.h
M hw/arm/smmuv3.c
Log Message:
-----------
hw/arm/smmuv3: Fix encoding of CLASS in events
The SMMUv3 spec (ARM IHI 0070 F.b - 7.3 Event records) defines the
class of events faults as:
CLASS: The class of the operation that caused the fault:
- 0b00: CD, CD fetch.
- 0b01: TTD, Stage 1 translation table fetch.
- 0b10: IN, Input address
However, this value was not set and left as 0 which means CD and not
IN (0b10).
Another problem was that stage-2 class is considered IN not TT for
EABT, according to the spec:
Translation of an IPA after successful stage 1 translation (or,
in stage 2-only configuration, an input IPA)
- S2 == 1 (stage 2), CLASS == IN (Input to stage)
This would change soon when nested translations are supported.
While at it, add an enum for class as it would be used for nesting.
However, at the moment stage-1 and stage-2 use the same class values,
except for EABT.
Fixes: 9bde7f0674 “hw/arm/smmuv3: Implement translate callback”
Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Message-id: 20240715084519.1189624-4-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: f6cc198050faf055b17105fdf4da63cf4d295765
https://github.com/qemu/qemu/commit/f6cc198050faf055b17105fdf4da63cf4d295765
Author: Mostafa Saleh <smostafa@google.com>
Date: 2024-07-18 (Thu, 18 Jul 2024)
Changed paths:
M hw/arm/smmu-common.c
M hw/arm/smmuv3.c
M include/hw/arm/smmu-common.h
Log Message:
-----------
hw/arm/smmu: Use enum for SMMU stage
Currently, translation stage is represented as an int, where 1 is stage-1 and
2 is stage-2, when nested is added, 3 would be confusing to represent nesting,
so we use an enum instead.
While keeping the same values, this is useful for:
- Doing tricks with bit masks, where BIT(0) is stage-1 and BIT(1) is
stage-2 and both is nested.
- Tracing, as stage is printed as int.
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Message-id: 20240715084519.1189624-5-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: a9e3f4c1ebeead57008ebe1c0e9f4e50d5020105
https://github.com/qemu/qemu/commit/a9e3f4c1ebeead57008ebe1c0e9f4e50d5020105
Author: Mostafa Saleh <smostafa@google.com>
Date: 2024-07-18 (Thu, 18 Jul 2024)
Changed paths:
M hw/arm/smmu-common.c
M hw/arm/smmuv3.c
M hw/arm/trace-events
M include/hw/arm/smmu-common.h
Log Message:
-----------
hw/arm/smmu: Split smmuv3_translate()
smmuv3_translate() does everything from STE/CD parsing to TLB lookup
and PTW.
Soon, when nesting is supported, stage-1 data (tt, CD) needs to be
translated using stage-2.
Split smmuv3_translate() to 3 functions:
- smmu_translate(): in smmu-common.c, which does the TLB lookup, PTW,
TLB insertion, all the functions are already there, this just puts
them together.
This also simplifies the code as it consolidates event generation
in case of TLB lookup permission failure or in TT selection.
- smmuv3_do_translate(): in smmuv3.c, Calls smmu_translate() and does
the event population in case of errors.
- smmuv3_translate(), now calls smmuv3_do_translate() for
translation while the rest is the same.
Also, add stage in trace_smmuv3_translate_success()
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240715084519.1189624-6-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: d883822641748e2d3629fdea722192986238d2ff
https://github.com/qemu/qemu/commit/d883822641748e2d3629fdea722192986238d2ff
Author: Mostafa Saleh <smostafa@google.com>
Date: 2024-07-18 (Thu, 18 Jul 2024)
Changed paths:
M hw/arm/smmu-common.c
M hw/arm/smmuv3.c
M hw/arm/trace-events
M include/hw/arm/smmu-common.h
Log Message:
-----------
hw/arm/smmu: Consolidate ASID and VMID types
ASID and VMID used to be uint16_t in the translation config, however,
in other contexts they can be int as -1 in case of TLB invalidation,
to represent all (don’t care).
When stage-2 was added asid was set to -1 in stage-2 and vmid to -1
in stage-1 configs. However, that meant they were set as (65536),
this was not an issue as nesting was not supported and no
commands/lookup uses both.
With nesting, it’s critical to get this right as translation must be
tagged correctly with ASID/VMID, and with ASID=-1 meaning stage-2.
Represent ASID/VMID everywhere as int.
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240715084519.1189624-7-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: ec31ef9115a7511c90fcdc0d89cb1491c2702003
https://github.com/qemu/qemu/commit/ec31ef9115a7511c90fcdc0d89cb1491c2702003
Author: Mostafa Saleh <smostafa@google.com>
Date: 2024-07-18 (Thu, 18 Jul 2024)
Changed paths:
M hw/arm/smmuv3.c
M include/hw/arm/smmu-common.h
Log Message:
-----------
hw/arm/smmu: Introduce CACHED_ENTRY_TO_ADDR
Soon, smmuv3_do_translate() will be used to translate the CD and the
TTBx, instead of re-writting the same logic to convert the returned
cached entry to an address, add a new macro CACHED_ENTRY_TO_ADDR.
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240715084519.1189624-8-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: 9dd6aa9b05d535f6d66e7b07134bddf1689ab23f
https://github.com/qemu/qemu/commit/9dd6aa9b05d535f6d66e7b07134bddf1689ab23f
Author: Mostafa Saleh <smostafa@google.com>
Date: 2024-07-18 (Thu, 18 Jul 2024)
Changed paths:
M hw/arm/smmuv3.c
Log Message:
-----------
hw/arm/smmuv3: Translate CD and TT using stage-2 table
According to ARM SMMU architecture specification (ARM IHI 0070 F.b),
In "5.2 Stream Table Entry":
[51:6] S1ContextPtr
If Config[1] == 1 (stage 2 enabled), this pointer is an IPA translated by
stage 2 and the programmed value must be within the range of the IAS.
In "5.4.1 CD notes":
The translation table walks performed from TTB0 or TTB1 are always performed
in IPA space if stage 2 translations are enabled.
This patch implements translation of the S1 context descriptor pointer and
TTBx base addresses through the S2 stage (IPA -> PA)
smmuv3_do_translate() is updated to have one arg which is translation
class, this is useful to:
- Decide wether a translation is stage-2 only or use the STE config.
- Populate the class in case of faults, WALK_EABT is left unchanged
for stage-1 as it is always IN, while stage-2 would match the
used class (TT, IN, CD), this will change slightly when the ptw
supports nested translation as it can also issue TT event with
class IN.
In case for stage-2 only translation, used in the context of nested
translation, the stage and asid are saved and restored before and
after calling smmu_translate().
Translating CD or TTBx can fail for the following reasons:
1) Large address size: This is described in
(3.4.3 Address sizes of SMMU-originated accesses)
- For CD ptr larger than IAS, for SMMUv3.1, it can trigger either
C_BAD_STE or Translation fault, we implement the latter as it
requires no extra code.
- For TTBx, if larger than the effective stage 1 output address size, it
triggers C_BAD_CD.
2) Faults from PTWs (7.3 Event records)
- F_ADDR_SIZE: large address size after first level causes stage 2 Address
Size fault (Also in 3.4.3 Address sizes of SMMU-originated accesses)
- F_PERMISSION: Same as an address translation. However, when
CLASS == CD, the access is implicitly Data and a read.
- F_ACCESS: Same as an address translation.
- F_TRANSLATION: Same as an address translation.
- F_WALK_EABT: Same as an address translation.
These are already implemented in the PTW logic, so no extra handling
required.
As in CD and TTBx translation context, the iova is not known, setting
the InputAddr was removed from "smmuv3_do_translate" and set after
from "smmuv3_translate" with the new function "smmuv3_fixup_event"
Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240715084519.1189624-9-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: 7eb57be1efb8cdcf613fd8b089295ed5a4f48d7d
https://github.com/qemu/qemu/commit/7eb57be1efb8cdcf613fd8b089295ed5a4f48d7d
Author: Mostafa Saleh <smostafa@google.com>
Date: 2024-07-18 (Thu, 18 Jul 2024)
Changed paths:
M hw/arm/smmu-common.c
Log Message:
-----------
hw/arm/smmu-common: Rework TLB lookup for nesting
In the next patch, combine_tlb() will be added which combines 2 TLB
entries into one for nested translations, which chooses the granule
and level from the smallest entry.
This means that with nested translation, an entry can be cached with
the granule of stage-2 and not stage-1.
However, currently, the lookup for an IOVA is done with input stage
granule, which is stage-1 for nested configuration, which will not
work with the above logic.
This patch reworks lookup in that case, so it falls back to stage-2
granule if no entry is found using stage-1 granule.
Also, drop aligning the iova to avoid over-aligning in case the iova
is cached with a smaller granule, the TLB lookup will align the iova
anyway for each granule and level, and the page table walker doesn't
consider the page offset bits.
Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240715084519.1189624-10-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: d7cdf89c276abeb392cbf9b9d0dde5060a8c778f
https://github.com/qemu/qemu/commit/d7cdf89c276abeb392cbf9b9d0dde5060a8c778f
Author: Mostafa Saleh <smostafa@google.com>
Date: 2024-07-18 (Thu, 18 Jul 2024)
Changed paths:
M hw/arm/smmu-common.c
M include/hw/arm/smmu-common.h
Log Message:
-----------
hw/arm/smmu-common: Add support for nested TLB
This patch adds support for nested (combined) TLB entries.
The main function combine_tlb() is not used here but in the next
patches, but to simplify the patches it is introduced first.
Main changes:
1) New field added in the SMMUTLBEntry struct: parent_perm, for
nested TLB, holds the stage-2 permission, this can be used to know
the origin of a permission fault from a cached entry as caching
the “and” of the permissions loses this information.
SMMUPTWEventInfo is used to hold information about PTW faults so
the event can be populated, the value of stage used to be set
based on the current stage for TLB permission faults, however
with the parent_perm, it is now set based on which perm has
the missing permission
When nesting is not enabled it has the same value as perm which
doesn't change the logic.
2) As combined TLB implementation is used, the combination logic
chooses:
- tg and level from the entry which has the smallest addr_mask.
- Based on that the iova that would be cached is recalculated.
- Translated_addr is chosen from stage-2.
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240715084519.1189624-11-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: f42a0a57c0a22210456e83676f43e88782e43942
https://github.com/qemu/qemu/commit/f42a0a57c0a22210456e83676f43e88782e43942
Author: Mostafa Saleh <smostafa@google.com>
Date: 2024-07-18 (Thu, 18 Jul 2024)
Changed paths:
M hw/arm/smmu-common.c
M hw/arm/smmuv3.c
M include/hw/arm/smmu-common.h
Log Message:
-----------
hw/arm/smmu-common: Support nested translation
When nested translation is requested, do the following:
- Translate stage-1 table address IPA into PA through stage-2.
- Translate stage-1 table walk output (IPA) through stage-2.
- Create a single TLB entry from stage-1 and stage-2 translations
using logic introduced before.
smmu_ptw() has a new argument SMMUState which include the TLB as
stage-1 table address can be cached in there.
Also in smmu_ptw(), a separate path used for nesting to simplify the
code, although some logic can be combined.
With nested translation class of translation fault can be different,
from the class of the translation, as faults from translating stage-1
tables are considered as CLASS_TT and not CLASS_IN, a new member
"is_ipa_descriptor" added to "SMMUPTWEventInfo" to differ faults
from walking stage 1 translation table and faults from translating
an IPA for a transaction.
Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240715084519.1189624-12-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: 1ea8a6f59b8d6dbcc5d0aa59380ae45a18231b88
https://github.com/qemu/qemu/commit/1ea8a6f59b8d6dbcc5d0aa59380ae45a18231b88
Author: Mostafa Saleh <smostafa@google.com>
Date: 2024-07-18 (Thu, 18 Jul 2024)
Changed paths:
M hw/arm/smmu-common.c
M hw/arm/smmuv3.c
M hw/arm/trace-events
M include/hw/arm/smmu-common.h
Log Message:
-----------
hw/arm/smmu: Support nesting in smmuv3_range_inval()
With nesting, we would need to invalidate IPAs without
over-invalidating stage-1 IOVAs. This can be done by
distinguishing IPAs in the TLBs by having ASID=-1.
To achieve that, rework the invalidation for IPAs to have a
separate function, while for IOVA invalidation ASID=-1 means
invalidate for all ASIDs.
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240715084519.1189624-13-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: eb41313c4be1d9b3c8fcd43ee706c10eabd5c188
https://github.com/qemu/qemu/commit/eb41313c4be1d9b3c8fcd43ee706c10eabd5c188
Author: Mostafa Saleh <smostafa@google.com>
Date: 2024-07-18 (Thu, 18 Jul 2024)
Changed paths:
M hw/arm/smmu-common.c
M hw/arm/smmuv3.c
M hw/arm/trace-events
M include/hw/arm/smmu-common.h
Log Message:
-----------
hw/arm/smmu: Introduce smmu_iotlb_inv_asid_vmid
Soon, Instead of doing TLB invalidation by ASID only, VMID will be
also required.
Add smmu_iotlb_inv_asid_vmid() which invalidates by both ASID and VMID.
However, at the moment this function is only used in SMMU_CMD_TLBI_NH_ASID
which is a stage-1 command, so passing VMID = -1 keeps the original
behaviour.
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240715084519.1189624-14-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: b8fa4c233bd4235081080fca919159fd770db53f
https://github.com/qemu/qemu/commit/b8fa4c233bd4235081080fca919159fd770db53f
Author: Mostafa Saleh <smostafa@google.com>
Date: 2024-07-18 (Thu, 18 Jul 2024)
Changed paths:
M hw/arm/smmu-common.c
M hw/arm/smmuv3.c
M hw/arm/trace-events
M include/hw/arm/smmu-common.h
Log Message:
-----------
hw/arm/smmu: Support nesting in the rest of commands
Some commands need rework for nesting, as they used to assume S1
and S2 are mutually exclusive:
- CMD_TLBI_NH_ASID: Consider VMID if stage-2 is supported
- CMD_TLBI_NH_ALL: Consider VMID if stage-2 is supported, otherwise
invalidate everything, this required a new vmid invalidation
function for stage-1 only (ASID >= 0)
Also, rework trace events to reflect the new implementation.
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240715084519.1189624-15-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: 46727727965f0d0769f167e300bf11aca77aadd6
https://github.com/qemu/qemu/commit/46727727965f0d0769f167e300bf11aca77aadd6
Author: Mostafa Saleh <smostafa@google.com>
Date: 2024-07-18 (Thu, 18 Jul 2024)
Changed paths:
M hw/arm/smmuv3.c
M hw/arm/trace-events
Log Message:
-----------
hw/arm/smmuv3: Support nested SMMUs in smmuv3_notify_iova()
IOMMUTLBEvent only understands IOVA, for stage-1 or stage-2
SMMU instances we consider the input address as the IOVA, but when
nesting is used, we can't mix stage-1 and stage-2 addresses, so for
nesting only stage-1 is considered the IOVA and would be notified.
Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240715084519.1189624-16-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: f9131185937c16da9258a565bbfc543e238d323b
https://github.com/qemu/qemu/commit/f9131185937c16da9258a565bbfc543e238d323b
Author: Mostafa Saleh <smostafa@google.com>
Date: 2024-07-18 (Thu, 18 Jul 2024)
Changed paths:
M hw/arm/smmuv3.c
Log Message:
-----------
hw/arm/smmuv3: Handle translation faults according to SMMUPTWEventInfo
Previously, to check if faults are enabled, it was sufficient to check
the current stage of translation and check the corresponding
record_faults flag.
However, with nesting, it is possible for stage-1 (nested) translation
to trigger a stage-2 fault, so we check SMMUPTWEventInfo as it would
have the correct stage set from the page table walk.
Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240715084519.1189624-17-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: 58377c363291d76d0a40be4be34f8bc42785e484
https://github.com/qemu/qemu/commit/58377c363291d76d0a40be4be34f8bc42785e484
Author: Mostafa Saleh <smostafa@google.com>
Date: 2024-07-18 (Thu, 18 Jul 2024)
Changed paths:
M hw/arm/smmuv3.c
Log Message:
-----------
hw/arm/smmuv3: Support and advertise nesting
Everything is in place, consolidate parsing of STE cfg and setting
translation stage.
Advertise nesting if stage requested is "nested".
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240715084519.1189624-18-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: 6783a184bb381350c43b4e35b89cd188b40c7266
https://github.com/qemu/qemu/commit/6783a184bb381350c43b4e35b89cd188b40c7266
Author: Mostafa Saleh <smostafa@google.com>
Date: 2024-07-18 (Thu, 18 Jul 2024)
Changed paths:
M hw/arm/smmu-common.c
M hw/arm/smmuv3-internal.h
M hw/arm/smmuv3.c
Log Message:
-----------
hw/arm/smmu: Refactor SMMU OAS
SMMUv3 OAS is currently hardcoded in the code to 44 bits, for nested
configurations that can be a problem, as stage-2 might be shared with
the CPU which might have different PARANGE, and according to SMMU manual
ARM IHI 0070F.b:
6.3.6 SMMU_IDR5, OAS must match the system physical address size.
This patch doesn't change the SMMU OAS, but refactors the code to
make it easier to do that:
- Rely everywhere on IDR5 for reading OAS instead of using the
SMMU_IDR5_OAS macro, so, it is easier just to change IDR5 and
it propagages correctly.
- Add additional checks when OAS is greater than 48bits.
- Remove unused functions/macros: pa_range/MAX_PA.
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Mostafa Saleh <smostafa@google.com>
Reviewed-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240715084519.1189624-19-smostafa@google.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: 31d93fedf41c24b0badb38cd9317590d1ef74e37
https://github.com/qemu/qemu/commit/31d93fedf41c24b0badb38cd9317590d1ef74e37
Author: Daniyal Khan <danikhan632@gmail.com>
Date: 2024-07-18 (Thu, 18 Jul 2024)
Changed paths:
M target/arm/tcg/sme_helper.c
Log Message:
-----------
target/arm: Use float_status copy in sme_fmopa_s
We made a copy above because the fp exception flags
are not propagated back to the FPST register, but
then failed to use the copy.
Cc: qemu-stable@nongnu.org
Fixes: 558e956c719 ("target/arm: Implement FMOPA, FMOPS (non-widening)")
Signed-off-by: Daniyal Khan <danikhan632@gmail.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240717060149.204788-2-richard.henderson@linaro.org
[rth: Split from a larger patch]
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: 207d30b5fdb5b45a36f26eefcf52fe2c1714dd4f
https://github.com/qemu/qemu/commit/207d30b5fdb5b45a36f26eefcf52fe2c1714dd4f
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2024-07-18 (Thu, 18 Jul 2024)
Changed paths:
M target/arm/tcg/translate-sme.c
Log Message:
-----------
target/arm: Use FPST_F16 for SME FMOPA (widening)
This operation has float16 inputs and thus must use
the FZ16 control not the FZ control.
Cc: qemu-stable@nongnu.org
Fixes: 3916841ac75 ("target/arm: Implement FMOPA, FMOPS (widening)")
Reported-by: Daniyal Khan <danikhan632@gmail.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240717060149.204788-3-richard.henderson@linaro.org
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2374
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: f103ecccb68184b53a9c9bd80536cf2d4080f834
https://github.com/qemu/qemu/commit/f103ecccb68184b53a9c9bd80536cf2d4080f834
Author: Daniyal Khan <danikhan632@gmail.com>
Date: 2024-07-18 (Thu, 18 Jul 2024)
Changed paths:
M tests/tcg/aarch64/Makefile.target
A tests/tcg/aarch64/sme-fmopa-1.c
A tests/tcg/aarch64/sme-fmopa-2.c
A tests/tcg/aarch64/sme-fmopa-3.c
Log Message:
-----------
tests/tcg/aarch64: Add test cases for SME FMOPA (widening)
Signed-off-by: Daniyal Khan <danikhan632@gmail.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20240717060149.204788-4-richard.henderson@linaro.org
Message-Id: 172090222034.13953.16888708708822922098-1@git.sr.ht
[rth: Split test from a larger patch, tidy assembly]
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: 71328d82896642d79d4e538e5a56c5e6762a219a
https://github.com/qemu/qemu/commit/71328d82896642d79d4e538e5a56c5e6762a219a
Author: Akihiko Odaki <akihiko.odaki@daynix.com>
Date: 2024-07-18 (Thu, 18 Jul 2024)
Changed paths:
M tests/qtest/arm-cpu-features.c
Log Message:
-----------
tests/arm-cpu-features: Do not assume PMU availability
Asahi Linux supports KVM but lacks PMU support.
Signed-off-by: Akihiko Odaki <akihiko.odaki@daynix.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20240716-pmu-v3-1-8c7c1858a227@daynix.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: 30a1690f2402e6c1582d5b3ebcf7940bfe2fad4b
https://github.com/qemu/qemu/commit/30a1690f2402e6c1582d5b3ebcf7940bfe2fad4b
Author: Akihiko Odaki <akihiko.odaki@daynix.com>
Date: 2024-07-18 (Thu, 18 Jul 2024)
Changed paths:
M target/arm/hvf/hvf.c
Log Message:
-----------
hvf: arm: Do not advance PC when raising an exception
hvf did not advance PC when raising an exception for most unhandled
system registers, but it mistakenly advanced PC when raising an
exception for GICv3 registers.
Cc: qemu-stable@nongnu.org
Fixes: a2260983c655 ("hvf: arm: Add support for GICv3")
Signed-off-by: Akihiko Odaki <akihiko.odaki@daynix.com>
Message-id: 20240716-pmu-v3-4-8c7c1858a227@daynix.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: 23fa74974d8c96bc95cbecc0d4e2d90f984939f6
https://github.com/qemu/qemu/commit/23fa74974d8c96bc95cbecc0d4e2d90f984939f6
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2024-07-19 (Fri, 19 Jul 2024)
Changed paths:
M hw/arm/smmu-common.c
M hw/arm/smmuv3-internal.h
M hw/arm/smmuv3.c
M hw/arm/trace-events
M hw/display/bcm2835_fb.c
M include/hw/arm/smmu-common.h
M target/arm/hvf/hvf.c
M target/arm/tcg/a64.decode
M target/arm/tcg/sme_helper.c
M target/arm/tcg/translate-a64.c
M target/arm/tcg/translate-sme.c
M tests/qtest/arm-cpu-features.c
M tests/tcg/aarch64/Makefile.target
A tests/tcg/aarch64/sme-fmopa-1.c
A tests/tcg/aarch64/sme-fmopa-2.c
A tests/tcg/aarch64/sme-fmopa-3.c
Log Message:
-----------
Merge tag 'pull-target-arm-20240718' of
https://git.linaro.org/people/pmaydell/qemu-arm into staging
target-arm queue:
* Fix handling of LDAPR/STLR with negative offset
* LDAPR should honour SCTLR_ELx.nAA
* Use float_status copy in sme_fmopa_s
* hw/display/bcm2835_fb: fix fb_use_offsets condition
* hw/arm/smmuv3: Support and advertise nesting
* Use FPST_F16 for SME FMOPA (widening)
* tests/arm-cpu-features: Do not assume PMU availability
* hvf: arm: Do not advance PC when raising an exception
# -----BEGIN PGP SIGNATURE-----
#
# iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmaZFlUZHHBldGVyLm1h
# eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3iJuEACtVh1Wp93XMsL3llAZkQlx
# DUCnDCvAM2qiiTIMOqPQzeKTIkRV9aFh1YWzOtMFKai6UkBU6p1b4bPqb5SIr99G
# Ayps4+WzAHsjTqBGEpIIDWL6GqMwv9azBnRAYNb+Cg9O3SzEnCdGOKCfGYTXXPRz
# zQ1NIgqZSUC5jg3XgkU22J3VMsOUWijbzxnGXhOyemSIEhREl+t6Ns3ca3n47/jk
# JIw1g6o0mpefPPkaLq6ftVwpn1L63iYQugn4VCrIhtIoOM8vmnShbI9/GwzL4AYk
# n28nwPl948Xby13kCYmu6Slt8Rmm7M33pBDJzsVtbaeBSd44XHrov8Y1+e1FhAco
# lxrWY/2rG9HiWKGLdAeCKwVxB186DKiTmuK7lcN+eBu3VbOLjDiVE0d1bK4HqGyc
# nzA/Aq81Y9p5Z7wzX40sVFlq0j1pQDQWk6GgPfMA4ueHKEEobxC3C+k1q9m02gjQ
# qesOFzViiGe0j7JER84qqcatIaTk09xfbXL/uMZx8oP/iKa1pyMUx2blChXOXVTx
# oGkO2h3/QCpRIos8d8WM/bso16EkpraInM4748iumSLuxDxTwiIikK/hpsCLDwUN
# dLsH/hAMz+yQOFubFoRt4IlsGVnk5asmTDMb4S8RojdF2KzHuzbJMgdEOe62631g
# IOAc7Tn3TIm5MpAxXOXgJA==
# =/aEm
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 18 Jul 2024 11:19:17 PM AEST
# gpg: using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg: issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [full]
# gpg: aka "Peter Maydell <pmaydell@gmail.com>" [full]
# gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"
[full]
# gpg: aka "Peter Maydell <peter@archaic.org.uk>" [unknown]
* tag 'pull-target-arm-20240718' of
https://git.linaro.org/people/pmaydell/qemu-arm: (26 commits)
hvf: arm: Do not advance PC when raising an exception
tests/arm-cpu-features: Do not assume PMU availability
tests/tcg/aarch64: Add test cases for SME FMOPA (widening)
target/arm: Use FPST_F16 for SME FMOPA (widening)
target/arm: Use float_status copy in sme_fmopa_s
hw/arm/smmu: Refactor SMMU OAS
hw/arm/smmuv3: Support and advertise nesting
hw/arm/smmuv3: Handle translation faults according to SMMUPTWEventInfo
hw/arm/smmuv3: Support nested SMMUs in smmuv3_notify_iova()
hw/arm/smmu: Support nesting in the rest of commands
hw/arm/smmu: Introduce smmu_iotlb_inv_asid_vmid
hw/arm/smmu: Support nesting in smmuv3_range_inval()
hw/arm/smmu-common: Support nested translation
hw/arm/smmu-common: Add support for nested TLB
hw/arm/smmu-common: Rework TLB lookup for nesting
hw/arm/smmuv3: Translate CD and TT using stage-2 table
hw/arm/smmu: Introduce CACHED_ENTRY_TO_ADDR
hw/arm/smmu: Consolidate ASID and VMID types
hw/arm/smmu: Split smmuv3_translate()
hw/arm/smmu: Use enum for SMMU stage
...
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Compare: https://github.com/qemu/qemu/compare/0d9f1016d433...23fa74974d8c
To unsubscribe from these emails, change your notification settings at
https://github.com/qemu/qemu/settings/notifications