diff --git a/hw/arm/aspeed.c b/hw/arm/aspeed.c index a92c2f1c36..283c038814 100644 --- a/hw/arm/aspeed.c +++ b/hw/arm/aspeed.c @@ -113,9 +113,19 @@ static void write_boot_rom(DriveInfo *dinfo, hwaddr addr, size_t rom_size, { BlockBackend *blk = blk_by_legacy_dinfo(dinfo); uint8_t *storage; + int64_t size; - if (rom_size > blk_getlength(blk)) { - rom_size = blk_getlength(blk); + /* The block backend size should have already been 'validated' by + * the creation of the m25p80 object. + */ + size = blk_getlength(blk); + if (size <= 0) { + error_setg(errp, "failed to get flash size"); + return; + } + + if (rom_size > size) { + rom_size = size; } storage = g_new0(uint8_t, rom_size); @@ -138,10 +148,6 @@ static void aspeed_board_init_flashes(AspeedSMCState *s, const char *flashtype, DriveInfo *dinfo = drive_get_next(IF_MTD); qemu_irq cs_line; - /* - * FIXME: check that we are not using a flash module exceeding - * the controller segment size - */ fl->flash = ssi_create_slave_no_init(s->spi, flashtype); if (dinfo) { qdev_prop_set_drive(fl->flash, "drive", blk_by_legacy_dinfo(dinfo), @@ -200,7 +206,9 @@ static void aspeed_board_init(MachineState *machine, /* * create a ROM region using the default mapping window size of - * the flash module. + * the flash module. The window size is 64MB for the AST2400 + * SoC and 128MB for the AST2500 SoC, which is twice as big as + * needed by the flash modules of the Aspeed machines. */ memory_region_init_rom(boot_rom, OBJECT(bmc), "aspeed.boot_rom", fl->size, &error_abort); diff --git a/hw/arm/vexpress.c b/hw/arm/vexpress.c index 58760f40ca..e05756846e 100644 --- a/hw/arm/vexpress.c +++ b/hw/arm/vexpress.c @@ -452,6 +452,7 @@ static int add_virtio_mmio_node(void *fdt, uint32_t acells, uint32_t scells, acells, addr, scells, size); qemu_fdt_setprop_cells(fdt, nodename, "interrupt-parent", intc); qemu_fdt_setprop_cells(fdt, nodename, "interrupts", 0, irq, 1); + qemu_fdt_setprop(fdt, nodename, "dma-coherent", NULL, 0); g_free(nodename); if (rc) { return -1; diff --git a/hw/arm/virt-acpi-build.c b/hw/arm/virt-acpi-build.c index 07a10aca40..0835e59bb2 100644 --- a/hw/arm/virt-acpi-build.c +++ b/hw/arm/virt-acpi-build.c @@ -90,6 +90,7 @@ static void acpi_dsdt_add_fw_cfg(Aml *scope, const MemMapEntry *fw_cfg_memmap) aml_append(dev, aml_name_decl("_HID", aml_string("QEMU0002"))); /* device present, functioning, decoding, not shown in UI */ aml_append(dev, aml_name_decl("_STA", aml_int(0xB))); + aml_append(dev, aml_name_decl("_CCA", aml_int(1))); Aml *crs = aml_resource_template(); aml_append(crs, aml_memory32_fixed(fw_cfg_memmap->base, @@ -135,6 +136,7 @@ static void acpi_dsdt_add_virtio(Aml *scope, Aml *dev = aml_device("VR%02u", i); aml_append(dev, aml_name_decl("_HID", aml_string("LNRO0005"))); aml_append(dev, aml_name_decl("_UID", aml_int(i))); + aml_append(dev, aml_name_decl("_CCA", aml_int(1))); Aml *crs = aml_resource_template(); aml_append(crs, aml_memory32_fixed(base, size, AML_READ_WRITE)); diff --git a/hw/arm/virt.c b/hw/arm/virt.c index 1f216cf3b1..f3440f2ccb 100644 --- a/hw/arm/virt.c +++ b/hw/arm/virt.c @@ -471,7 +471,7 @@ static void fdt_add_pmu_nodes(const VirtMachineState *vms) CPU_FOREACH(cpu) { armcpu = ARM_CPU(cpu); if (!arm_feature(&armcpu->env, ARM_FEATURE_PMU) || - !kvm_arm_pmu_create(cpu, PPI(VIRTUAL_PMU_IRQ))) { + (kvm_enabled() && !kvm_arm_pmu_create(cpu, PPI(VIRTUAL_PMU_IRQ)))) { return; } } @@ -797,6 +797,7 @@ static void create_virtio_devices(const VirtMachineState *vms, qemu_irq *pic) qemu_fdt_setprop_cells(vms->fdt, nodename, "interrupts", GIC_FDT_IRQ_TYPE_SPI, irq, GIC_FDT_IRQ_FLAGS_EDGE_LO_HI); + qemu_fdt_setprop(vms->fdt, nodename, "dma-coherent", NULL, 0); g_free(nodename); } } @@ -928,6 +929,7 @@ static FWCfgState *create_fw_cfg(const VirtMachineState *vms, AddressSpace *as) "compatible", "qemu,fw-cfg-mmio"); qemu_fdt_setprop_sized_cells(vms->fdt, nodename, "reg", 2, base, 2, size); + qemu_fdt_setprop(vms->fdt, nodename, "dma-coherent", NULL, 0); g_free(nodename); return fw_cfg; } diff --git a/hw/ssi/aspeed_smc.c b/hw/ssi/aspeed_smc.c index 087b29e8da..cb515730c5 100644 --- a/hw/ssi/aspeed_smc.c +++ b/hw/ssi/aspeed_smc.c @@ -475,15 +475,15 @@ static uint32_t aspeed_smc_check_segment_addr(const AspeedSMCFlash *fl, AspeedSegments seg; aspeed_smc_reg_to_segment(s->regs[R_SEG_ADDR0 + fl->id], &seg); - if ((addr & (seg.size - 1)) != addr) { + if ((addr % seg.size) != addr) { qemu_log_mask(LOG_GUEST_ERROR, "%s: invalid address 0x%08x for CS%d segment : " "[ 0x%"HWADDR_PRIx" - 0x%"HWADDR_PRIx" ]\n", s->ctrl->name, addr, fl->id, seg.addr, seg.addr + seg.size); + addr %= seg.size; } - addr &= seg.size - 1; return addr; } @@ -536,10 +536,13 @@ static uint64_t aspeed_smc_flash_read(void *opaque, hwaddr addr, unsigned size) /* * Use fake transfers to model dummy bytes. The value should * be configured to some non-zero value in fast read mode and - * zero in read mode. + * zero in read mode. But, as the HW allows inconsistent + * settings, let's check for fast read mode. */ - for (i = 0; i < aspeed_smc_flash_dummies(fl); i++) { - ssi_transfer(fl->controller->spi, 0xFF); + if (aspeed_smc_flash_mode(fl) == CTRL_FREADMODE) { + for (i = 0; i < aspeed_smc_flash_dummies(fl); i++) { + ssi_transfer(fl->controller->spi, 0xFF); + } } for (i = 0; i < size; i++) { diff --git a/target/arm/cpu.c b/target/arm/cpu.c index 4ee250cec6..4a069f6985 100644 --- a/target/arm/cpu.c +++ b/target/arm/cpu.c @@ -781,7 +781,7 @@ static void arm_cpu_realizefn(DeviceState *dev, Error **errp) unset_feature(env, ARM_FEATURE_EL2); } - if (!cpu->has_pmu || !kvm_enabled()) { + if (!cpu->has_pmu) { cpu->has_pmu = false; unset_feature(env, ARM_FEATURE_PMU); } diff --git a/target/arm/cpu.h b/target/arm/cpu.h index c0b3832d74..0956a54e89 100644 --- a/target/arm/cpu.h +++ b/target/arm/cpu.h @@ -307,9 +307,9 @@ typedef struct CPUARMState { uint64_t c9_pmcr; /* performance monitor control register */ uint64_t c9_pmcnten; /* perf monitor counter enables */ uint32_t c9_pmovsr; /* perf monitor overflow status */ - uint32_t c9_pmxevtyper; /* perf monitor event type */ uint32_t c9_pmuserenr; /* perf monitor user enable */ - uint32_t c9_pminten; /* perf monitor interrupt enables */ + uint64_t c9_pmselr; /* perf monitor counter selection register */ + uint64_t c9_pminten; /* perf monitor interrupt enables */ union { /* Memory attribute redirection */ struct { #ifdef HOST_WORDS_BIGENDIAN diff --git a/target/arm/helper.c b/target/arm/helper.c index c23df1b133..47250bcf16 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -975,6 +975,17 @@ static uint64_t pmccntr_read(CPUARMState *env, const ARMCPRegInfo *ri) return total_ticks - env->cp15.c15_ccnt; } +static void pmselr_write(CPUARMState *env, const ARMCPRegInfo *ri, + uint64_t value) +{ + /* The value of PMSELR.SEL affects the behavior of PMXEVTYPER and + * PMXEVCNTR. We allow [0..31] to be written to PMSELR here; in the + * meanwhile, we check PMSELR.SEL when PMXEVTYPER and PMXEVCNTR are + * accessed. + */ + env->cp15.c9_pmselr = value & 0x1f; +} + static void pmccntr_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value) { @@ -1043,7 +1054,25 @@ static void pmovsr_write(CPUARMState *env, const ARMCPRegInfo *ri, static void pmxevtyper_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value) { - env->cp15.c9_pmxevtyper = value & 0xff; + /* Attempts to access PMXEVTYPER are CONSTRAINED UNPREDICTABLE when + * PMSELR value is equal to or greater than the number of implemented + * counters, but not equal to 0x1f. We opt to behave as a RAZ/WI. + */ + if (env->cp15.c9_pmselr == 0x1f) { + pmccfiltr_write(env, ri, value); + } +} + +static uint64_t pmxevtyper_read(CPUARMState *env, const ARMCPRegInfo *ri) +{ + /* We opt to behave as a RAZ/WI when attempts to access PMXEVTYPER + * are CONSTRAINED UNPREDICTABLE. See comments in pmxevtyper_write(). + */ + if (env->cp15.c9_pmselr == 0x1f) { + return env->cp15.pmccfiltr_el0; + } else { + return 0; + } } static void pmuserenr_write(CPUARMState *env, const ARMCPRegInfo *ri, @@ -1194,13 +1223,17 @@ static const ARMCPRegInfo v7_cp_reginfo[] = { /* Unimplemented so WI. */ { .name = "PMSWINC", .cp = 15, .crn = 9, .crm = 12, .opc1 = 0, .opc2 = 4, .access = PL0_W, .accessfn = pmreg_access, .type = ARM_CP_NOP }, - /* Since we don't implement any events, writing to PMSELR is UNPREDICTABLE. - * We choose to RAZ/WI. - */ - { .name = "PMSELR", .cp = 15, .crn = 9, .crm = 12, .opc1 = 0, .opc2 = 5, - .access = PL0_RW, .type = ARM_CP_CONST, .resetvalue = 0, - .accessfn = pmreg_access }, #ifndef CONFIG_USER_ONLY + { .name = "PMSELR", .cp = 15, .crn = 9, .crm = 12, .opc1 = 0, .opc2 = 5, + .access = PL0_RW, .type = ARM_CP_ALIAS, + .fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pmselr), + .accessfn = pmreg_access, .writefn = pmselr_write, + .raw_writefn = raw_write}, + { .name = "PMSELR_EL0", .state = ARM_CP_STATE_AA64, + .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 12, .opc2 = 5, + .access = PL0_RW, .accessfn = pmreg_access, + .fieldoffset = offsetof(CPUARMState, cp15.c9_pmselr), + .writefn = pmselr_write, .raw_writefn = raw_write, }, { .name = "PMCCNTR", .cp = 15, .crn = 9, .crm = 13, .opc1 = 0, .opc2 = 0, .access = PL0_RW, .resetvalue = 0, .type = ARM_CP_IO, .readfn = pmccntr_read, .writefn = pmccntr_write32, @@ -1219,10 +1252,12 @@ static const ARMCPRegInfo v7_cp_reginfo[] = { .fieldoffset = offsetof(CPUARMState, cp15.pmccfiltr_el0), .resetvalue = 0, }, { .name = "PMXEVTYPER", .cp = 15, .crn = 9, .crm = 13, .opc1 = 0, .opc2 = 1, - .access = PL0_RW, - .fieldoffset = offsetof(CPUARMState, cp15.c9_pmxevtyper), - .accessfn = pmreg_access, .writefn = pmxevtyper_write, - .raw_writefn = raw_write }, + .access = PL0_RW, .type = ARM_CP_NO_RAW, .accessfn = pmreg_access, + .writefn = pmxevtyper_write, .readfn = pmxevtyper_read }, + { .name = "PMXEVTYPER_EL0", .state = ARM_CP_STATE_AA64, + .opc0 = 3, .opc1 = 3, .crn = 9, .crm = 13, .opc2 = 1, + .access = PL0_RW, .type = ARM_CP_NO_RAW, .accessfn = pmreg_access, + .writefn = pmxevtyper_write, .readfn = pmxevtyper_read }, /* Unimplemented, RAZ/WI. */ { .name = "PMXEVCNTR", .cp = 15, .crn = 9, .crm = 13, .opc1 = 0, .opc2 = 2, .access = PL0_RW, .type = ARM_CP_CONST, .resetvalue = 0, @@ -1240,9 +1275,17 @@ static const ARMCPRegInfo v7_cp_reginfo[] = { .writefn = pmuserenr_write, .raw_writefn = raw_write }, { .name = "PMINTENSET", .cp = 15, .crn = 9, .crm = 14, .opc1 = 0, .opc2 = 1, .access = PL1_RW, .accessfn = access_tpm, - .fieldoffset = offsetof(CPUARMState, cp15.c9_pminten), + .type = ARM_CP_ALIAS, + .fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pminten), .resetvalue = 0, .writefn = pmintenset_write, .raw_writefn = raw_write }, + { .name = "PMINTENSET_EL1", .state = ARM_CP_STATE_AA64, + .opc0 = 3, .opc1 = 0, .crn = 9, .crm = 14, .opc2 = 1, + .access = PL1_RW, .accessfn = access_tpm, + .type = ARM_CP_IO, + .fieldoffset = offsetof(CPUARMState, cp15.c9_pminten), + .writefn = pmintenset_write, .raw_writefn = raw_write, + .resetvalue = 0x0 }, { .name = "PMINTENCLR", .cp = 15, .crn = 9, .crm = 14, .opc1 = 0, .opc2 = 2, .access = PL1_RW, .accessfn = access_tpm, .type = ARM_CP_ALIAS, .fieldoffset = offsetof(CPUARMState, cp15.c9_pminten), @@ -4590,12 +4633,7 @@ void register_cp_regs_for_features(ARMCPU *cpu) { .name = "ID_AA64DFR0_EL1", .state = ARM_CP_STATE_AA64, .opc0 = 3, .opc1 = 0, .crn = 0, .crm = 5, .opc2 = 0, .access = PL1_R, .type = ARM_CP_CONST, - /* We mask out the PMUVer field, because we don't currently - * implement the PMU. Not advertising it prevents the guest - * from trying to use it and getting UNDEFs on registers we - * don't implement. - */ - .resetvalue = cpu->id_aa64dfr0 & ~0xf00 }, + .resetvalue = cpu->id_aa64dfr0 }, { .name = "ID_AA64DFR1_EL1", .state = ARM_CP_STATE_AA64, .opc0 = 3, .opc1 = 0, .crn = 0, .crm = 5, .opc2 = 1, .access = PL1_R, .type = ARM_CP_CONST,