1. 29 5月, 2015 3 次提交
  2. 19 5月, 2015 6 次提交
  3. 18 5月, 2015 2 次提交
  4. 15 5月, 2015 1 次提交
  5. 30 4月, 2015 3 次提交
  6. 26 4月, 2015 8 次提交
  7. 02 4月, 2015 4 次提交
  8. 16 3月, 2015 5 次提交
    • P
      target-arm: Ignore low bit of PC in M-profile exception return · fcf83ab1
      Peter Maydell 提交于
      For the ARM M-profile cores, exception return pops various registers
      including the PC from the stack. The architecture defines that if the
      lowest bit in the new PC value is set (ie the PC is not halfword
      aligned) then behaviour is UNPREDICTABLE. In practice hardware
      implementations seem to simply ignore the low bit, and some buggy
      RTOSes incorrectly rely on this. QEMU's behaviour was architecturally
      permitted, but bringing QEMU into line with the hardware behaviour
      allows more guest code to run. We log the situation as a guest error.
      
      This was reported as LP:1428657.
      Reported-by: NAnders Esbensen <anders@lyes.dk>
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      fcf83ab1
    • P
      target-arm: Fix handling of STM (user) with r15 in register list · da3e53dd
      Peter Maydell 提交于
      The A32 encoding of LDM distinguishes LDM (user) from LDM (exception
      return) based on whether r15 is in the register list. However for
      STM (user) there is no equivalent distinction. We were incorrectly
      treating "r15 in list" as indicating exception return for both LDM
      and STM, with the result that an STM (user) involving r15 went into
      an infinite loop. Fix this; note that the value stored for r15
      in this case is the current PC regardless of our current mode.
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      Message-id: 1426015125-5521-1-git-send-email-peter.maydell@linaro.org
      da3e53dd
    • A
      target-arm: get_phys_addr_lpae: more xn control · d8e052b3
      Andrew Jones 提交于
      This patch makes the following changes to the determination of
      whether an address is executable, when translating addresses
      using LPAE.
      
      1. No longer assumes that PL0 can't execute when it can't read.
         It can in AArch64, a difference from AArch32.
      2. Use va_size == 64 to determine we're in AArch64, rather than
         arm_feature(env, ARM_FEATURE_V8), which is insufficient.
      3. Add additional XN determinants
         - NS && is_secure && (SCR & SCR_SIF)
         - WXN && (prot & PAGE_WRITE)
         - AArch64: (prot_PL0 & PAGE_WRITE)
         - AArch32: UWXN && (prot_PL0 & PAGE_WRITE)
         - XN determination should also work in secure mode (untested)
         - XN may even work in EL2 (currently impossible to test)
      4. Cleans up the bloated PAGE_EXEC condition - by removing it.
      
      The helper get_S1prot is introduced. It may even work in EL2,
      when support for that comes, but, as the function name implies,
      it only works for stage 1 translations.
      Signed-off-by: NAndrew Jones <drjones@redhat.com>
      Message-id: 1426099139-14463-4-git-send-email-drjones@redhat.com
      Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      d8e052b3
    • A
      target-arm: fix get_phys_addr_v6/SCTLR_AFE access check · d76951b6
      Andrew Jones 提交于
      Introduce simple_ap_to_rw_prot(), which has the same behavior as
      ap_to_rw_prot(), but takes the 2-bit simple AP[2:1] instead of
      the 3-bit AP[2:0]. Use this in get_phys_addr_v6 when SCTLR_AFE
      is set, as that bit indicates we should be using the simple AP
      format.
      
      It's unlikely this path is getting used. I don't see CR_AFE
      getting used by Linux, so possibly not. If it had been, then
      the check would have been wrong for all but AP[2:1] = 0b11.
      Anyway, this should fix it up, in case it ever does get used.
      Signed-off-by: NAndrew Jones <drjones@redhat.com>
      Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
      Message-id: 1426099139-14463-3-git-send-email-drjones@redhat.com
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      d76951b6
    • A
      target-arm: convert check_ap to ap_to_rw_prot · 0fbf5238
      Andrew Jones 提交于
      Instead of mixing access permission checking with access permissions
      to page protection flags translation, just do the translation, and
      leave it to the caller to check the protection flags against the access
      type. Also rename to ap_to_rw_prot to better describe the new behavior.
      Signed-off-by: NAndrew Jones <drjones@redhat.com>
      Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
      Message-id: 1426099139-14463-2-git-send-email-drjones@redhat.com
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      0fbf5238
  9. 14 3月, 2015 1 次提交
    • R
      tcg: Change translator-side labels to a pointer · 42a268c2
      Richard Henderson 提交于
      This is improved type checking for the translators -- it's no longer
      possible to accidentally swap arguments to the branch functions.
      
      Note that the code generating backends still manipulate labels as int.
      
      With notable exceptions, the scope of the change is just a few lines
      for each target, so it's not worth building extra machinery to do this
      change in per-target increments.
      
      Cc: Peter Maydell <peter.maydell@linaro.org>
      Cc: Edgar E. Iglesias <edgar.iglesias@gmail.com>
      Cc: Michael Walle <michael@walle.cc>
      Cc: Leon Alrae <leon.alrae@imgtec.com>
      Cc: Anthony Green <green@moxielogic.com>
      Cc: Jia Liu <proljc@gmail.com>
      Cc: Alexander Graf <agraf@suse.de>
      Cc: Aurelien Jarno <aurelien@aurel32.net>
      Cc: Blue Swirl <blauwirbel@gmail.com>
      Cc: Guan Xuetao <gxt@mprc.pku.edu.cn>
      Cc: Paolo Bonzini <pbonzini@redhat.com>
      Cc: Max Filippov <jcmvbkbc@gmail.com>
      Reviewed-by: NBastian Koppelmann <kbastian@mail.uni-paderborn.de>
      Signed-off-by: NRichard Henderson <rth@twiddle.net>
      42a268c2
  10. 12 3月, 2015 1 次提交
  11. 11 3月, 2015 2 次提交
    • R
      target-arm: Add missing compatible property to A57 · 0458b7b5
      Ryota Ozaki 提交于
      Signed-off-by: NRyota Ozaki <ozaki.ryota@gmail.com>
      Reviewed-by: NAlistair Francis <alistair.francis@xilinx.com>
      Reviewed-by: NPeter Crosthwaite <peter.crosthwaite@xilinx.com>
      Message-id: 1424097799-11002-1-git-send-email-ozaki.ryota@gmail.com
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      0458b7b5
    • E
      cpu: Make cpu_init() return QOM CPUState object · 2994fd96
      Eduardo Habkost 提交于
      Instead of making cpu_init() return CPUArchState, return CPUState.
      
      Changes were made using the Coccinelle semantic patch below.
      
        @@
        typedef CPUState;
        identifier e;
        expression args;
        type CPUArchState;
        @@
        -   e =
        +   cpu =
                cpu_init(args);
        -   if (!e) {
        +   if (!cpu) {
                ...
            }
        -   cpu = ENV_GET_CPU(env);
        +   e = cpu->env_ptr;
      
        @@
        identifier new_env, new_cpu, env, cpu;
        type CPUArchState;
        expression args;
        @@
        -{
        -   CPUState *cpu = ENV_GET_CPU(env);
        -   CPUArchState *new_env = cpu_init(args);
        -   CPUState *new_cpu = ENV_GET_CPU(new_env);
        +{
        +   CPUState *cpu = ENV_GET_CPU(env);
        +   CPUState *new_cpu = cpu_init(args);
        +   CPUArchState *new_env = new_cpu->env_ptr;
            ...
        }
      
        @@
        identifier c, cpu_init_func, cpu_model;
        type StateType, CPUType;
        @@
        -static inline StateType* cpu_init(const char *cpu_model)
        -{
        -   CPUType *c = cpu_init_func(cpu_model);
        (
        -   if (c == NULL) {
        -       return NULL;
        -   }
        -   return &c->env;
        |
        -   if (c) {
        -       return &c->env;
        -   }
        -   return NULL;
        )
        -}
        +#define cpu_init(cpu_model) CPU(cpu_init_func(cpu_model))
      
        @@
        identifier cpu_init_func;
        identifier model;
        @@
        -#define cpu_init(model) (&cpu_init_func(model)->env)
        +#define cpu_init(model) CPU(cpu_init_func(model))
      Signed-off-by: NEduardo Habkost <ehabkost@redhat.com>
      Cc: Blue Swirl <blauwirbel@gmail.com>
      Cc: Guan Xuetao <gxt@mprc.pku.edu.cn>
      Cc: Riku Voipio <riku.voipio@iki.fi>
      Cc: Richard Henderson <rth@twiddle.net>
      Cc: Peter Maydell <peter.maydell@linaro.org>
      Cc: "Edgar E. Iglesias" <edgar.iglesias@gmail.com>
      Cc: Paolo Bonzini <pbonzini@redhat.com>
      Cc: Michael Walle <michael@walle.cc>
      Cc: Aurelien Jarno <aurelien@aurel32.net>
      Cc: Leon Alrae <leon.alrae@imgtec.com>
      Cc: Anthony Green <green@moxielogic.com>
      Cc: Jia Liu <proljc@gmail.com>
      Cc: Alexander Graf <agraf@suse.de>
      Cc: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
      Cc: Max Filippov <jcmvbkbc@gmail.com>
      [AF: Fixed up cpu_copy() manually]
      Signed-off-by: NAndreas Färber <afaerber@suse.de>
      2994fd96
  12. 13 2月, 2015 4 次提交
    • P
      target-arm: A64: Avoid signed shifts in disas_ldst_pair() · c2ebd862
      Peter Maydell 提交于
      Avoid shifting potentially negative signed offset values in
      disas_ldst_pair() by keeping the offset in a uint64_t rather
      than an int64_t.
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      Message-id: 1423233250-15853-5-git-send-email-peter.maydell@linaro.org
      c2ebd862
    • P
      target-arm: A64: Avoid left shifting negative integers in disas_pc_rel_addr · 037e1d00
      Peter Maydell 提交于
      Shifting a negative integer left is undefined behaviour in C.
      Avoid it by assembling and shifting the offset fields as
      unsigned values and then sign extending as the final action.
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      Message-id: 1423233250-15853-4-git-send-email-peter.maydell@linaro.org
      037e1d00
    • P
      target-arm: A64: Fix handling of rotate in logic_imm_decode_wmask · e167adc9
      Peter Maydell 提交于
      The code in logic_imm_decode_wmask attempts to rotate a mask
      value within the bottom 'e' bits of the value with
          mask = (mask >> r) | (mask << (e - r));
      This has two issues:
       * if the element size is 64 then a rotate by zero results
         in a shift left by 64, which is undefined behaviour
       * if the element size is smaller than 64 then this will
         leave junk in the value at bit 'e' and above, which is
         not valid input to bitfield_replicate(). As it happens,
         the bits at bit 'e' to '2e - r' are exactly the ones
         which bitfield_replicate is going to copy in there,
         so this isn't a "wrong code generated" bug, but it's
         confusing and if we ever put an assert in
         bitfield_replicate it would fire on valid guest code.
      
      Fix the former by not doing anything if r is zero, and
      the latter by masking with bitmask64(e).
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      Message-id: 1423233250-15853-3-git-send-email-peter.maydell@linaro.org
      e167adc9
    • P
      target-arm: A64: Fix shifts into sign bit · 1743d55c
      Peter Maydell 提交于
      Fix attempts to shift into the sign bit of an int, which is undefined
      behaviour in C and warned about by the clang sanitizer.
      Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
      Message-id: 1423233250-15853-2-git-send-email-peter.maydell@linaro.org
      1743d55c