[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] 119df5: hw/misc/aspeed_i3c.c: Introduce a dum
|
From: |
Peter Maydell |
|
Subject: |
[Qemu-commits] [qemu/qemu] 119df5: hw/misc/aspeed_i3c.c: Introduce a dummy AST2600 I3... |
|
Date: |
Thu, 20 Jan 2022 08:13:44 -0800 |
Branch: refs/heads/staging
Home: https://github.com/qemu/qemu
Commit: 119df56bf059431190ed5509f6e3e459d7892723
https://github.com/qemu/qemu/commit/119df56bf059431190ed5509f6e3e459d7892723
Author: Troy Lee <troy_lee@aspeedtech.com>
Date: 2022-01-20 (Thu, 20 Jan 2022)
Changed paths:
A hw/misc/aspeed_i3c.c
M hw/misc/meson.build
M hw/misc/trace-events
A include/hw/misc/aspeed_i3c.h
Log Message:
-----------
hw/misc/aspeed_i3c.c: Introduce a dummy AST2600 I3C model.
Aspeed 2600 SDK enables I3C support by default. The I3C driver will try
to reset the device controller and set it up through device address table
register. This dummy model responds to these registers with default values
as listed in the ast2600v10 datasheet chapter 54.2.
This avoids a guest machine kernel panic due to referencing an
invalid kernel address if the device address table register isn't
set correctly.
Signed-off-by: Troy Lee <troy_lee@aspeedtech.com>
Reviewed-by: Graeme Gregory <quic_ggregory@quicinc.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Tested-by: Graeme Gregory <quic_ggregory@quicinc.com>
Message-id: 20220111084546.4145785-2-troy_lee@aspeedtech.com
[PMM: tidied commit message; fixed format strings]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: 3222165dcb7ec2d390e400d5c886d67b582f37d7
https://github.com/qemu/qemu/commit/3222165dcb7ec2d390e400d5c886d67b582f37d7
Author: Troy Lee <troy_lee@aspeedtech.com>
Date: 2022-01-20 (Thu, 20 Jan 2022)
Changed paths:
M hw/arm/aspeed_ast2600.c
M include/hw/arm/aspeed_soc.h
Log Message:
-----------
hw/arm/aspeed: Add the i3c device to the AST2600 SoC
Add the new i3c device to the AST2600 SoC.
Signed-off-by: Troy Lee <troy_lee@aspeedtech.com>
Reviewed-by: Graeme Gregory <quic_ggregory@quicinc.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Tested-by: Graeme Gregory <quic_ggregory@quicinc.com>
Message-id: 20220111084546.4145785-3-troy_lee@aspeedtech.com
[PMM: tidied commit message]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: 8f809f699251dcf28811b9693a196ff02367d7d6
https://github.com/qemu/qemu/commit/8f809f699251dcf28811b9693a196ff02367d7d6
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2022-01-20 (Thu, 20 Jan 2022)
Changed paths:
M hw/intc/arm_gicv3_its.c
Log Message:
-----------
hw/intc/arm_gicv3_its: Fix event ID bounds checks
In process_its_cmd() and process_mapti() we must check the
event ID against a limit defined by the size field in the DTE,
which specifies the number of ID bits minus one. Convert
this code to our num_foo convention:
* change the variable names
* use uint64_t and 1ULL when calculating the number
of valid event IDs, because DTE.SIZE is 5 bits and
so num_eventids may be up to 2^32
* fix the off-by-one error in the comparison
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20220111171048.3545974-2-peter.maydell@linaro.org
Commit: 905720f18d77e9ca8737d3ff047cad9079cbde6d
https://github.com/qemu/qemu/commit/905720f18d77e9ca8737d3ff047cad9079cbde6d
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2022-01-20 (Thu, 20 Jan 2022)
Changed paths:
M hw/intc/arm_gicv3_its.c
Log Message:
-----------
hw/intc/arm_gicv3_its: Convert int ID check to num_intids convention
The bounds check on the number of interrupt IDs is correct, but
doesn't match our convention; change the variable name, initialize it
to the 2^n value rather than (2^n)-1, and use >= instead of > in the
comparison.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20220111171048.3545974-3-peter.maydell@linaro.org
Commit: 7d62b2dcdb04fa625abb6600dbffd4464c3e4a85
https://github.com/qemu/qemu/commit/7d62b2dcdb04fa625abb6600dbffd4464c3e4a85
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2022-01-20 (Thu, 20 Jan 2022)
Changed paths:
M hw/intc/arm_gicv3_its.c
Log Message:
-----------
hw/intc/arm_gicv3_its: Fix handling of process_its_cmd() return value
process_its_cmd() returns a bool, like all the other process_ functions.
However we were putting its return value into 'res', not 'result',
which meant we would ignore it when deciding whether to continue
or stall the command queue. Fix the typo.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20220111171048.3545974-4-peter.maydell@linaro.org
Commit: f0b4b2a28c4ab26505f13f07da07190387f848a4
https://github.com/qemu/qemu/commit/f0b4b2a28c4ab26505f13f07da07190387f848a4
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2022-01-20 (Thu, 20 Jan 2022)
Changed paths:
M hw/intc/arm_gicv3_its.c
Log Message:
-----------
hw/intc/arm_gicv3_its: Don't use data if reading command failed
In process_cmdq(), we read 64 bits of the command packet, which
contain the command identifier, which we then switch() on to dispatch
to an appropriate sub-function. However, if address_space_ldq_le()
reports a memory transaction failure, we still read the command
identifier out of the data and switch() on it. Restructure the code
so that we stop immediately (stalling the command queue) in this
case.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20220111171048.3545974-5-peter.maydell@linaro.org
Commit: ef011555da8bcabd74ebd79f6a4e1c2ec763efd0
https://github.com/qemu/qemu/commit/ef011555da8bcabd74ebd79f6a4e1c2ec763efd0
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2022-01-20 (Thu, 20 Jan 2022)
Changed paths:
M hw/intc/arm_gicv3_its.c
Log Message:
-----------
hw/intc/arm_gicv3_its: Use enum for return value of process_* functions
When an ITS detects an error in a command, it has an
implementation-defined (CONSTRAINED UNPREDICTABLE) choice of whether
to ignore the command, proceeding to the next one in the queue, or to
stall the ITS command queue, processing nothing further. The
behaviour required when the read of the command packet from memory
fails is less clearly documented, but the same set of choices as for
command errors seem reasonable.
The intention of the QEMU implementation, as documented in the
comments, is that if we encounter a memory error reading the command
packet or one of the various data tables then we should stall, but
for command parameter errors we should ignore the queue and continue.
However, we don't actually do this. To get the desired behaviour,
the various process_* functions need to return true to cause
process_cmdq() to advance to the next command and keep processing,
and false to stall command processing. What they mostly do is return
false for any kind of error.
To make the code clearer, replace the 'bool' return from the process_
functions with an enum which may be either CMD_STALL or CMD_CONTINUE.
In this commit no behaviour changes; in subsequent commits we will
adjust the error-return paths for the process_ functions one by one.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20220111171048.3545974-6-peter.maydell@linaro.org
Commit: 593a7cc2d38544040ed79c28b3b027420ec84c40
https://github.com/qemu/qemu/commit/593a7cc2d38544040ed79c28b3b027420ec84c40
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2022-01-20 (Thu, 20 Jan 2022)
Changed paths:
M hw/intc/arm_gicv3_its.c
Log Message:
-----------
hw/intc/arm_gicv3_its: Fix return codes in process_its_cmd()
Fix process_its_cmd() to consistently return CMD_STALL for
memory errors and CMD_CONTINUE for parameter errors, as
we claim in the comments that we do.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20220111171048.3545974-7-peter.maydell@linaro.org
Commit: be0ed8fb7fd4df3f6e09bb33c619e62a80410380
https://github.com/qemu/qemu/commit/be0ed8fb7fd4df3f6e09bb33c619e62a80410380
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2022-01-20 (Thu, 20 Jan 2022)
Changed paths:
M hw/intc/arm_gicv3_its.c
Log Message:
-----------
hw/intc/arm_gicv3_its: Refactor process_its_cmd() to reduce nesting
Refactor process_its_cmd() so that it consistently uses
the structure
do thing;
if (error condition) {
return early;
}
do next thing;
rather than doing some of the work nested inside if (not error)
code blocks.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20220111171048.3545974-8-peter.maydell@linaro.org
Commit: 0241f7316073f5e66b560195c36e719e369947d0
https://github.com/qemu/qemu/commit/0241f7316073f5e66b560195c36e719e369947d0
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2022-01-20 (Thu, 20 Jan 2022)
Changed paths:
M hw/intc/arm_gicv3_its.c
Log Message:
-----------
hw/intc/arm_gicv3_its: Fix return codes in process_mapti()
Fix process_mapti() to consistently return CMD_STALL for memory
errors and CMD_CONTINUE for parameter errors, as we claim in the
comments that we do.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20220111171048.3545974-9-peter.maydell@linaro.org
Commit: f66751961468813ba6a13de1510c448769b6979a
https://github.com/qemu/qemu/commit/f66751961468813ba6a13de1510c448769b6979a
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2022-01-20 (Thu, 20 Jan 2022)
Changed paths:
M hw/intc/arm_gicv3_its.c
Log Message:
-----------
hw/intc/arm_gicv3_its: Fix return codes in process_mapc()
Fix process_mapc() to consistently return CMD_STALL for memory
errors and CMD_CONTINUE for parameter errors, as we claim in the
comments that we do.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20220111171048.3545974-10-peter.maydell@linaro.org
Commit: 00d46e72e97ddb5651f62b6eead658a431c58bc6
https://github.com/qemu/qemu/commit/00d46e72e97ddb5651f62b6eead658a431c58bc6
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2022-01-20 (Thu, 20 Jan 2022)
Changed paths:
M hw/intc/arm_gicv3_its.c
Log Message:
-----------
hw/intc/arm_gicv3_its: Fix return codes in process_mapd()
Fix process_mapd() to consistently return CMD_STALL for memory
errors and CMD_CONTINUE for parameter errors, as we claim in the
comments that we do.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20220111171048.3545974-11-peter.maydell@linaro.org
Commit: d050f80f8c9b4e535bf2f20d5a400c231e7a5838
https://github.com/qemu/qemu/commit/d050f80f8c9b4e535bf2f20d5a400c231e7a5838
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2022-01-20 (Thu, 20 Jan 2022)
Changed paths:
M hw/intc/arm_gicv3_its.c
Log Message:
-----------
hw/intc/arm_gicv3_its: Factor out "find address of table entry" code
The ITS has several tables which all share a similar format,
described by the TableDesc struct: the guest may configure them
to be a single-level table or a two-level table. Currently we
open-code the process of finding the table entry in all the
functions which read or write the device table or the collection
table. Factor out the "get the address of the table entry"
logic into a new function, so that the code which needs to
read or write a table entry only needs to call table_entry_addr()
and then perform a suitable load or store to that address.
Note that the error handling is slightly complicated because
we want to handle two cases differently:
* failure to read the L1 table entry should end up causing
a command stall, like other kinds of DMA error
* an L1 table entry that says there is no L2 table for this
index (ie whose valid bit is 0) must result in us treating
the table entry as not-valid on read, and discarding
writes (this is mandated by the spec)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20220111171048.3545974-12-peter.maydell@linaro.org
Commit: b13148d91805143aba3e0b4441e760b9bea03b8c
https://github.com/qemu/qemu/commit/b13148d91805143aba3e0b4441e760b9bea03b8c
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2022-01-20 (Thu, 20 Jan 2022)
Changed paths:
M hw/intc/arm_gicv3_its.c
Log Message:
-----------
hw/intc/arm_gicv3_its: Check indexes before use, not after
In a few places in the ITS command handling functions, we were
doing the range-check of an event ID or device ID only after using
it as a table index; move the checks to before the uses.
This misordering wouldn't have very bad effects because the
tables are in guest memory anyway.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20220111171048.3545974-13-peter.maydell@linaro.org
Commit: 58b88779f00707b6231d827637b5a3d498f9fe28
https://github.com/qemu/qemu/commit/58b88779f00707b6231d827637b5a3d498f9fe28
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2022-01-20 (Thu, 20 Jan 2022)
Changed paths:
M hw/intc/arm_gicv3_its.c
Log Message:
-----------
hw/intc/arm_gicv3_its: Range-check ICID before indexing into collection table
In process_its_cmd(), we read an ICID out of the interrupt table
entry, and then use it as an index into the collection table. Add a
check that it is within range for the collection table first.
This check is not strictly necessary, because:
* we range check the ICID from the guest before writing it into
the interrupt table entry, so the the only way to get an
out of range ICID in process_its_cmd() is if a badly-behaved
guest is writing directly to the interrupt table memory
* the collection table is in guest memory, so QEMU won't fall
over if we read off the end of it
However, it seems clearer to include the check.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20220111171048.3545974-14-peter.maydell@linaro.org
Commit: b9d383ab797f54ae5fa8746117770709921dc529
https://github.com/qemu/qemu/commit/b9d383ab797f54ae5fa8746117770709921dc529
Author: Philippe Mathieu-Daudé <philmd@redhat.com>
Date: 2022-01-20 (Thu, 20 Jan 2022)
Changed paths:
M hw/intc/arm_gicv3_redist.c
Log Message:
-----------
hw/intc/arm_gicv3: Check for !MEMTX_OK instead of MEMTX_ERROR
Quoting Peter Maydell:
"These MEMTX_* aren't from the memory transaction
API functions; they're just being used by gicd_readl() and
friends as a way to indicate a success/failure so that the
actual MemoryRegionOps read/write fns like gicv3_dist_read()
can log a guest error."
We are going to introduce more MemTxResult bits, so it is
safer to check for !MEMTX_OK rather than MEMTX_ERROR.
Reviewed-by: Peter Xu <peterx@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: 2c89b5af5e72ab8c9d544c6e30399528b2238827
https://github.com/qemu/qemu/commit/2c89b5af5e72ab8c9d544c6e30399528b2238827
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2022-01-20 (Thu, 20 Jan 2022)
Changed paths:
M MAINTAINERS
R docs/can.txt
M docs/system/arm/cpu-features.rst
M docs/system/device-emulation.rst
A docs/system/devices/can.rst
M hw/acpi/aml-build.c
M hw/arm/Kconfig
M hw/arm/aspeed_ast2600.c
M hw/arm/musicpal.c
M hw/arm/npcm7xx_boards.c
M hw/arm/virt-acpi-build.c
M hw/arm/virt.c
M hw/audio/Kconfig
M hw/intc/arm_gic.c
M hw/intc/arm_gicv3_its.c
M hw/intc/arm_gicv3_redist.c
A hw/misc/aspeed_i3c.c
M hw/misc/meson.build
M hw/misc/trace-events
M hw/net/meson.build
A hw/net/mv88w8618_eth.c
M hw/virtio/virtio-mem.c
M include/hw/arm/aspeed_soc.h
M include/hw/arm/virt.h
A include/hw/misc/aspeed_i3c.h
A include/hw/net/mv88w8618_eth.h
M qemu-options.hx
M target/arm/cpu.c
M target/arm/cpu.h
M target/arm/cpu64.c
M target/arm/kvm64.c
M tests/data/acpi/virt/PPTT
Log Message:
-----------
Merge remote-tracking branch
'remotes/pmaydell/tags/pull-target-arm-20220120-1' into staging
target-arm:
* hw/intc/arm_gicv3_its: Fix various minor bugs
* hw/arm/aspeed: Add the i3c device to the AST2600 SoC
* hw/arm: kudo: add lm75s behind bus 1 switch at 75
* hw/arm/virt: Fix support for running guests on hosts
with restricted IPA ranges
* hw/intc/arm_gic: Allow reset of the running priority
* hw/intc/arm_gic: Implement read of GICC_IIDR
* hw/arm/virt: Support for virtio-mem-pci
* hw/arm/virt: Support CPU cluster on ARM virt machine
* docs/can: convert to restructuredText
* hw/net: Move MV88W8618 network device out of hw/arm/ directory
* hw/arm/virt: KVM: Enable PAuth when supported by the host
# gpg: Signature made Thu 20 Jan 2022 16:12:12 GMT
# gpg: using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg: issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [ultimate]
# gpg: aka "Peter Maydell <pmaydell@gmail.com>" [ultimate]
# gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"
[ultimate]
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83 15CF 3C25 25ED 1436 0CDE
* remotes/pmaydell/tags/pull-target-arm-20220120-1: (38 commits)
hw/intc/arm_gicv3: Check for !MEMTX_OK instead of MEMTX_ERROR
hw/intc/arm_gicv3_its: Range-check ICID before indexing into collection table
hw/intc/arm_gicv3_its: Check indexes before use, not after
hw/intc/arm_gicv3_its: Factor out "find address of table entry" code
hw/intc/arm_gicv3_its: Fix return codes in process_mapd()
hw/intc/arm_gicv3_its: Fix return codes in process_mapc()
hw/intc/arm_gicv3_its: Fix return codes in process_mapti()
hw/intc/arm_gicv3_its: Refactor process_its_cmd() to reduce nesting
hw/intc/arm_gicv3_its: Fix return codes in process_its_cmd()
hw/intc/arm_gicv3_its: Use enum for return value of process_* functions
hw/intc/arm_gicv3_its: Don't use data if reading command failed
hw/intc/arm_gicv3_its: Fix handling of process_its_cmd() return value
hw/intc/arm_gicv3_its: Convert int ID check to num_intids convention
hw/intc/arm_gicv3_its: Fix event ID bounds checks
hw/arm/aspeed: Add the i3c device to the AST2600 SoC
hw/misc/aspeed_i3c.c: Introduce a dummy AST2600 I3C model.
hw/arm: kudo add lm75s behind bus 1 switch at 75
hw/arm/virt: Drop superfluous checks against highmem
hw/arm/virt: Disable highmem devices that don't fit in the PA range
hw/arm/virt: Use the PA range to compute the memory map
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Compare: https://github.com/qemu/qemu/compare/c9ded2643e6f...2c89b5af5e72
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-commits] [qemu/qemu] 119df5: hw/misc/aspeed_i3c.c: Introduce a dummy AST2600 I3...,
Peter Maydell <=