| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
The QEMU GDB stub does not expose the ZA storage SME register to GDB
via the remote serial protocol, which can be a useful functionality
to debug SME code. To provide this functionality for AArch64
targets, this patch registers the SME register set with the GDB stub.
To do so, this patch implements the aarch64_gdb_get_sme_reg() and
aarch64_gdb_set_sme_reg() functions to specify how to get and set the
SME registers, and the arm_gen_dynamic_smereg_feature() function to
generate the target description in XML format to indicate the target
architecture supports SME. Finally, this patch includes a
dyn_smereg_feature structure to hold this GDB XML description of the
SME registers for each CPU.
Note that according to the GDB documentation the ZA register is
defined as a vector of bytes; however the target description xml
retrieved when using gdb natively on a host with SME capabilities
represents the ZA register as a vector of vectors of bytes, so this
is a GDB documentation error. We follow GDB's own gdbstub
implementation and represent the ZA register as a vector of vectors
of bytes as is done by GDB here:
https://github.com/bminor/binutils-gdb/blob/5cce2b7006daa7073b98e3d1a3b176199d1381d7/gdb/features/aarch64-sme.c#L50
Signed-off-by: Vacha Bhavsar <vacha.bhavsar@oss.qualcomm.com>
Message-id: 20250909161012.2561593-3-vacha.bhavsar@oss.qualcomm.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
[PMM: fixed minor checkpatch nits]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
If we fail migration because of a mismatch of some registers between
source and destination, the error message is not very informative:
qemu-system-aarch64: error while loading state for instance 0x0 ofdevice 'cpu'
qemu-system-aarch64: Failed to put registers after init: Invalid argument
At least try to give the user a hint which registers had a problem,
even if they cannot really do anything about it right now.
Sample output:
Could not set register op0:3 op1:0 crn:0 crm:0 op2:0 to c00fac31 (is 413fd0c1)
We could be even more helpful once we support writable ID registers,
at which point the user might actually be able to configure something
that is migratable.
Suggested-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Sebastian Ott <sebott@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
Message-id: 20250911154159.158046-1-cohuck@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
We have now removed all the CPU types which had the Intel XScale
extensions indicated via ARM_FEATURE_IWMMXT, so this feature bit
is never set. Remove all the code that can only be reached when
using this flag.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20250828140422.3271703-6-peter.maydell@linaro.org
|
|
We have now removed all the CPU types which had the Intel XScale
extensions indicated via ARM_FEATURE_XSCALE, so this feature bit
is never set. Remove all the code that can only be reached when
using this flag.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20250828140422.3271703-5-peter.maydell@linaro.org
|
|
Remove the iwmmxt helper functions which are no longer called now
that we have removed the associated translate.c handling.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20250828140422.3271703-4-peter.maydell@linaro.org
|
|
Remove all the translator code that is accessible only via
ARM_FEATURE_XSCALE or ARM_FEATURE_IWMMXT. This includes the
xscale-only cp15_cpar TB flags and cpu_{V0,V1,M0} TCG temps.
The no-longer-used helper functions will be removed in a separate
commit.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20250828140422.3271703-3-peter.maydell@linaro.org
|
|
In 10.0 we deprecated the pxa CPU family (pxa250, pxa255, pxa260
pxa261, pxa262, pxa270-a0, pxa270-a1, pxa270, pxa270-b0, pxa270-b1,
pxa270-c0, pxa270-c5). Now we have released 10.1 we can remove them.
This commit removes only the top level CPU definitions and updates
the documentation. Removing the CPUs means that there is now a lot
of dead iwMMXt code, which we will delete in subsequent commits.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20250828140422.3271703-2-peter.maydell@linaro.org
|
|
Implement FEAT_ATS1A and enable for -cpu max.
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20250830054128.448363-13-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
The comment about not being included in the summary table
has been out of date for quite a while.
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20250830054128.448363-12-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20250830054128.448363-11-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Separate protection check from access type, in preparation
for skipping the protection check altogether.
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20250830054128.448363-10-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
We are required to skip DB update for AT instructions, and
we are allowed to skip AF updates. Choose to skip both.
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20250830054128.448363-9-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Rename get_phys_addr_with_space_nogpc for its only
caller, do_ats_write. Drop the MemOp memop argument
as it doesn't make sense in the new context. Replace
the access_type parameter with prot_check.
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20250830054128.448363-8-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Do not require read permission when translating addresses
for debugging purposes.
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20250830054128.448363-7-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Separate the access_type from the protection check.
Save the trouble of modifying all helper functions
by passing the new data in the control structure.
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20250830054128.448363-6-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Separate the access_type from the protection check.
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20250830054128.448363-5-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Currently when CONFIG_POWERNV is not enabled, the build fails, such as
with --without-default-devices:
$ ./configure --without-default-devices
$ make
[281/283] Linking target qemu-system-ppc64
FAILED: qemu-system-ppc64
cc -m64 @qemu-system-ppc64.rsp
/usr/bin/ld: libqemu-ppc64-softmmu.a.p/target_ppc_misc_helper.c.o: in function `helper_load_sprd':
.../target/ppc/misc_helper.c:335:(.text+0xcdc): undefined reference to `pnv_chip_find_core'
/usr/bin/ld: libqemu-ppc64-softmmu.a.p/target_ppc_misc_helper.c.o: in function `helper_store_sprd':
.../target/ppc/misc_helper.c:375:(.text+0xdf4): undefined reference to `pnv_chip_find_core'
collect2: error: ld returned 1 exit status
...
This is since target/ppc/misc_helper.c references PowerNV specific
'pnv_chip_find_core' call.
Split the PowerNV specific SPRD code out of the generic PowerPC code, by
moving the SPRD code to pnv.c
Fixes: 9808ce6d5cb ("target/ppc: Big-core scratch register fix")
Cc: Philippe Mathieu-Daudé <philmd@linaro.org>
Reported-by: Thomas Huth <thuth@redhat.com>
Suggested-by: Cédric Le Goater <clg@redhat.com>
Signed-off-by: Aditya Gupta <adityag@linux.ibm.com>
Acked-by: Cédric Le Goater <clg@redhat.com>
Message-ID: <20250820122516.949766-2-adityag@linux.ibm.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
|
|
Use extract64(entry, psn, 1) instead of (entry & (1 << psn)) to avoid
undefined behavior for shifts by 32–63 and to make bit extraction intent explicit.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Signed-off-by: Denis Rastyogin <gerben@altlinux.org>
Message-ID: <20250814104914.13101-1-gerben@altlinux.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
|
|
kvmppc_load_htab_chunk() is used for migration, thus is not
a hot path. Use the heap instead of the stack, removing the
alloca() call.
Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Manos Pitsidianakis <manos.pitsidianakis@linaro.org>
Reviewed-by: Harsh Prateek Bora <harshpb@linux.ibm.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-Id: <20250901132626.28639-2-philmd@linaro.org>
|
|
Error reporting patches for 2025-09-01
# -----BEGIN PGP SIGNATURE-----
#
# iQJGBAABCAAwFiEENUvIs9frKmtoZ05fOHC0AOuRhlMFAmi1gEcSHGFybWJydUBy
# ZWRoYXQuY29tAAoJEDhwtADrkYZTxR4QAI3618X5dwJgW5aq+QaICs7yaXGiBv1w
# jj3gqIsvSFRALhAfJJRs6dmWX3MN9kFhpkE4xHpzVAkk1T5uwUc+/RH4weOf6BN3
# Thzyq8NkeICD3C7GpReQCuBA2mD3gga4xDwKTu21Gsl3cKW5WPE4MDFP6wdB7ftt
# L65AvLuQzt1aHoq9AArUf9ImbGW9Puu8jLOZUnwPVtTM6VLFZGULEFADuVu0zY5A
# DzIFFo6zBKPC6ikSafsQSlgeX9ioXlqgaoKoeTD53ozB+LsjHDn6PsNJk/byjdpF
# u17Cxr9Xh93LxvNwvDx2Um+X6XLspf5yH6ZQmjsiemVsyaOdPTEvZSqEQWxWNqbh
# hke/gD7DcGt2/d8KTbEJ2rEvefI7kna+qWqpM79iXIhTl7s4qdFiSYYXTjrdMFz2
# n3xFLJ0B/xJ5NmZkMXXGB2uPUA1+uQJ2p/J7qqz2gBoUPwcFHbUQUjUYwidlveAM
# gutVs0zAZKRmM+FPH6oIYHLAwM92u5C9KWtdct+lzb4VcoNzWflqVXQum83JsR5t
# 5CjjxFiUEZ8t9/BVZcL/qnWPAXAL1+eQ6jixdJVUgPcoh4+OX76f76atJRJgAEtY
# fB2MCwXfUzW872BCUIUIyANG3SQuhN37KSq4jNzdHXTmlOQFe44rm7eRijRsNnkt
# GdbfPSJSy13T
# =/S2t
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon 01 Sep 2025 01:15:19 PM CEST
# gpg: using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653
# gpg: issuer "armbru@redhat.com"
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [unknown]
# gpg: aka "Markus Armbruster <armbru@pond.sub.org>" [unknown]
# gpg: WARNING: The key's User ID is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867 4E5F 3870 B400 EB91 8653
* tag 'pull-error-2025-09-01' of https://repo.or.cz/qemu/armbru:
vfio scsi ui: Error-check qio_channel_socket_connect_sync() the same way
i386/kvm/vmsr_energy: Plug memory leak on failure to connect socket
ui/keymaps: Avoid trace crash and improve error messages
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
|
|
vmsr_open_socket() leaks the Error set by
qio_channel_socket_connect_sync(). Plug the leak by not creating the
Error.
Fixes: 0418f90809ae (Add support for RAPL MSRs in KVM/Qemu)
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20250723133257.1497640-2-armbru@redhat.com>
Reviewed-by: Zhao Liu <zhao1.liu@intel.com>
|
|
staging
loongarch queue
# -----BEGIN PGP SIGNATURE-----
#
# iHUEABYKAB0WIQQNhkKjomWfgLCz0aQfewwSUazn0QUCaLEK3AAKCRAfewwSUazn
# 0ZbOAQD5zRl292WYzl6qCWe+MIx+7T3rqiq8E/MkAUPhPSF2gAD8DYCQr1u+7le6
# pwzGx5iHygCzeTjgV4KuciGGqa8y8AA=
# =OX6j
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 29 Aug 2025 12:05:16 PM AEST
# gpg: using EDDSA key 0D8642A3A2659F80B0B3D1A41F7B0C1251ACE7D1
# gpg: Good signature from "bibo mao <maobibo@loongson.cn>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 7044 3A00 19C0 E97A 31C7 13C4 8E86 8FB7 A176 9D4C
# Subkey fingerprint: 0D86 42A3 A265 9F80 B0B3 D1A4 1F7B 0C12 51AC E7D1
* tag 'pull-loongarch-20250829' of https://github.com/bibo-mao/qemu:
target/loongarch: Use correct address when flush tlb
target/loongarch: Use MMUContext in get_physical_address()
target/loongarch: Use MMUContext in loongarch_map_address()
target/loongarch: Use MMUContext in loongarch_get_addr_from_tlb
target/loongarch: Use MMUConext in loongarch_map_tlb_entry()
target/loongarch: Use loongarch_check_pte in loongarch_page_table_walker
target/loongarch: Add common function loongarch_check_pte()
target/loongarch: Use MMUAccessType in loongarch_map_tlb_entry()
target/loongarch: Use vaddr in get_physical_address()
target/loongarch: Add enum type TLBRet definition
target/loongarch: Add header file cpu-mmu.h
target/loongarch: Set page size in TLB entry with STLB
target/loongarch: Define function loongarch_cpu_post_init as static
target/loongarch: Move some function definition to kvm directory
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
|
|
* hw/i386: split isapc from PCI boards
* cpu-exec, accel: remove BQL usage for interrupt_request != 0
* memory, hpet, pmtimer: introduce BQL-free PIO/MMIO
# -----BEGIN PGP SIGNATURE-----
#
# iQFIBAABCgAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmixiO4UHHBib256aW5p
# QHJlZGhhdC5jb20ACgkQv/vSX3jHroMTowf9EmIcSgFXrP8QR/rVQ+Z8+csR4md7
# QDzQwoDHaP9F/J728AoT/nDwwlfiHRbcH8AQbzzMrsmMnqhaWCFWD5snGelzPJAo
# BPaOa4eYvwgssW1apfxGgzae71B3Hbx/sMYHdRcUvBnvS6cKEcOcgK8pANuZGzGQ
# uRquCMvk14WhnQV/NFqr2PmtmxXjdDNefdi1RfpaPDEt4VZsh4B3afU+I+L4LvIQ
# NOPh0PbDk+BLRt2fRPgdwF6KqS5ajPEzKnBlS0uxSXKxpLOLM/2SNDOGDDVUrAwV
# ILrnchZrpxHsHwBCjaBhKZDTTQUcH0HUrZhRJbUPsg5feHRs3KoaFJjmCQ==
# =RMLB
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 29 Aug 2025 09:03:10 PM AEST
# gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg: issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [unknown]
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [unknown]
# gpg: WARNING: The key's User ID is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1
# Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83
* tag 'for-upstream' of https://gitlab.com/bonzini/qemu: (28 commits)
tcg: move interrupt caching and single step masking closer to user
kvm: i386: irqchip: take BQL only if there is an interrupt
hpet: make main counter read lock-less
hpet: move out main counter read into a separate block
hpet: switch to fine-grained device locking
acpi: mark PMTIMER as unlocked
memory: reintroduce BQL-free fine-grained PIO/MMIO
add cpu_test_interrupt()/cpu_set_interrupt() helpers and use them tree wide
user-exec: ensure interrupt_request is not used
hw/i386/isapc.c: replace rom_memory with system_memory
hw/i386/pc_piix.c: replace rom_memory with pci_memory
hw/i386/pc_piix.c: remove unused headers after isapc machine split
hw/i386: move isapc machine to separate isapc.c file
hw/i386/pc_piix.c: assume pcmc->pci_enabled is always true in pc_init1()
hw/i386/pc_piix.c: always initialise ISA IDE drives in pc_init_isa()
hw/i386/pc_piix.c: remove pc_system_flash_cleanup_unused() from pc_init_isa()
hw/i386/pc_piix.c: hardcode hole64_size to 0 in pc_init_isa()
hw/i386/pc_piix.c: simplify RAM size logic in pc_init_isa()
hw/i386/pc_piix.c: remove nvdimm initialisation from pc_init_isa()
hw/i386/pc_piix.c: remove SGX initialisation from pc_init_isa()
...
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
|
|
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20250815122653.701782-8-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
This feature contains the LDCLRP, LDSETP, and SWPP instructions.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20250815122653.701782-7-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
This is FEAT_LSE -- rename the predicate to match.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20250830045006.380393-1-richard.henderson@linaro.org
Message-id: 20250815122653.701782-6-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
The ARMv8.1-Atomics feature (renamed FEAT_LSE in more modern versions
of the Arm ARM) has always ben indicated by ID_AA64ISAR0.ATOMIC being
0b0010 or greater; 0b0001 is a reserved unused value.
We were incorrectly checking for != 0; this had no harmful effects
because all the CPUs set their value for this field to either 0
(for not having the feature) or 2 (if they do have it), but it's
better to match what the architecture specifies here.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20250819145659.2165160-1-peter.maydell@linaro.org
|
|
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20250803014019.416797-7-richard.henderson@linaro.org
[PMM: rebased to handle linux-user elfload.c refactor]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20250803014019.416797-6-richard.henderson@linaro.org
[PMM: fix tcg_rd/tcg_rn mixup]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Wrapper to extract the low 32 bits, perform an operation,
and zero-extend back to 64 bits.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20250803014019.416797-5-richard.henderson@linaro.org
[PMM: fixed wrong output-reg argument in callsites; add comment]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20250803014019.416797-4-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20250803014019.416797-3-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20250803014019.416797-2-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Trap PMCR_EL0 or PMCR accesses to EL2 when MDCR_EL2.TPMCR is set.
Similar to MDCR_EL2.TPM, MDCR_EL2.TPMCR allows trapping EL0 and EL1
accesses to the PMCR register to EL2.
Cc: qemu-stable@nongnu.org
Signed-off-by: Smail AIDER <smail.aider@huawei.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20250811112143.1577055-2-smail.aider@huawei.com
Message-Id: <20250722131925.2119169-1-smail.aider@huawei.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Add FEAT_TCR2, which introduces the TCR2_EL1 and TCR2_EL2 registers.
These registers are extensions of the TCR_ELx registers and provide
top-level control of the EL10 and EL20 translation regimes.
Signed-off-by: Gustavo Romero <gustavo.romero@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20250727074202.83141-5-richard.henderson@linaro.org
Message-ID: <20250711140828.1714666-5-gustavo.romero@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
[rth: Remove FEAT_MEC code; handle SCR and HCRX enable bits.]
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Add FEAT_SCTLR2, which introduces the SCTLR2_EL1, SCTLR2_EL2, and
SCTLR2_EL3 registers. These registers are extensions of the SCTLR_ELx
ones.
Signed-off-by: Gustavo Romero <gustavo.romero@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20250727074202.83141-4-richard.henderson@linaro.org
Message-ID: <20250711140828.1714666-4-gustavo.romero@linaro.org>
[rth: Remove FEAT_MEC code; handle SCR and HCRX enable bits.]
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
Clean up the definitions of NSW and NSA fields in the VTCR register.
These two fields are already defined properly using FIELD() so they are
actually duplications. Also, define the NSW and NSA fields in the
VSTCR register using FIELD() and remove their definitions based on VTCR
fields.
Signed-off-by: Gustavo Romero <gustavo.romero@linaro.org>
Message-id: 20250725014755.2122579-1-gustavo.romero@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
|
|
when kernel-irqchip=split is used, QEMU still hits BQL
contention issue when reading ACPI PM/HPET timers
(despite of timer[s] access being lock-less).
So Windows with more than 255 cpus is still not able to
boot (since it requires iommu -> split irqchip).
Problematic path is in kvm_arch_pre_run() where BQL is taken
unconditionally when split irqchip is in use.
There are a few parts that BQL protects there:
1. interrupt check and injecting
however we do not take BQL when checking for pending
interrupt (even within the same function), so the patch
takes the same approach for cpu->interrupt_request checks
and takes BQL only if there is a job to do.
2. request_interrupt_window access
CPUState::kvm_run::request_interrupt_window doesn't need BQL
as it's accessed by its own vCPU thread.
3. cr8/cpu_get_apic_tpr access
the same (as #2) applies to CPUState::kvm_run::cr8,
and APIC registers are also cached/synced (get/put) within
the vCPU thread it belongs to.
Taking BQL only when is necessary, eleminates BQL bottleneck on
IO/MMIO only exit path, improoving latency by 80% on HPET micro
benchmark.
This lets Windows to boot succesfully (in case hv-time isn't used)
when more than 255 vCPUs are in use.
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
Link: https://lore.kernel.org/r/20250814160600.2327672-8-imammedo@redhat.com
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
|
The helpers form load-acquire/store-release pair and ensure
that appropriate barriers are in place in case checks happen
outside of BQL.
Use them to replace open-coded checkers/setters across the code,
to make sure that barriers are not missed. Helpers also make code a
bit more readable.
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Jason J. Herne <jjherne@linux.ibm.com>
Link: https://lore.kernel.org/r/20250821155603.2422553-1-imammedo@redhat.com
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
|
With tlb_flush_range_by_mmuidx(), the virtual address is 64 bit.
However on LoongArch TLB emulation system, virtual address is
48 bit. It is necessary to signed-extend 48 bit address to 64 bit when
flush tlb, also fix address calculation issue with odd page.
Signed-off-by: Bibo Mao <maobibo@loongson.cn>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
|
|
With function get_physical_address(), parameter MMUContext is added
and remove parameter address, prot and address.
Signed-off-by: Bibo Mao <maobibo@loongson.cn>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
|
|
With function loongarch_map_address(), parameter MMUContext is added
and remove parameter address, prot and address.
Signed-off-by: Bibo Mao <maobibo@loongson.cn>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
|
|
With function loongarch_get_addr_from_tlb(), parameter MMUContext
is added and remove parameter physical, prot and address.
Signed-off-by: Bibo Mao <maobibo@loongson.cn>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
|
|
With function loongarch_map_tlb_entry(), parameter MMUConext is added
and remove parameter physical, prot and address.
Signed-off-by: Bibo Mao <maobibo@loongson.cn>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
|
|
Function loongarch_check_pte() can get physical address and access
priviledge, it works on both TLB entry and pte entry. It can be used
in function loongarch_page_table_walker() also.
Signed-off-by: Bibo Mao <maobibo@loongson.cn>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
|
|
Common function loongarch_check_pte() is to check tlb entry, return
the physical address and access priviledge if found. Also it can be
used with page table entry, which is used in page table walker.
Signed-off-by: Bibo Mao <maobibo@loongson.cn>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
|
|
Enum type MMUAccessType is used in function loongarch_map_tlb_entry()
rather than int type, and keep consistent with its caller function.
Signed-off-by: Bibo Mao <maobibo@loongson.cn>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
|
|
Replace target_ulong type with vaddr in function get_physical_address()
and the same with its calling functions.
Signed-off-by: Bibo Mao <maobibo@loongson.cn>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
|
|
There is mixed usage between enum variable TLBRET_xxx and int type,
here add enum type TLBRet definition and replace int type variable
with enum type TLBRet in some functions.
Signed-off-by: Bibo Mao <maobibo@loongson.cn>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
|
|
New header file cpu-mmu.h is added and move mmu relative function
declaration to this file.
Signed-off-by: Bibo Mao <maobibo@loongson.cn>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
|
