From b28fb27b5edf77f6fd0ac550a156fb20f2218db3 Mon Sep 17 00:00:00 2001 From: Peter Maydell Date: Tue, 16 Dec 2014 16:58:05 +0000 Subject: audio: Don't free hw resources until after hw backend is stopped When stopping an audio voice, call the audio backend's fini method before calling audio_pcm_hw_free_resources_ rather than afterwards. This allows backends which use helper threads (like pulseaudio) to terminate those threads before the conv_buf or mix_buf are freed and avoids race conditions where the helper may access a NULL pointer or freed memory. Cc: qemu-stable@nongnu.org Reviewed-by: Gerd Hoffmann Signed-off-by: Peter Maydell Message-id: 1418406239-9838-1-git-send-email-peter.maydell@linaro.org --- audio/audio_template.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/audio/audio_template.h b/audio/audio_template.h index 817318853c..584e536fac 100644 --- a/audio/audio_template.h +++ b/audio/audio_template.h @@ -191,9 +191,9 @@ static void glue (audio_pcm_hw_gc_, TYPE) (HW **hwp) audio_detach_capture (hw); #endif QLIST_REMOVE (hw, entries); + glue (hw->pcm_ops->fini_, TYPE) (hw); glue (s->nb_hw_voices_, TYPE) += 1; glue (audio_pcm_hw_free_resources_ ,TYPE) (hw); - glue (hw->pcm_ops->fini_, TYPE) (hw); g_free (hw); *hwp = NULL; } -- cgit v1.2.1 From 60fb1a87b47b14e4ea67043aa56f353e77fbd70a Mon Sep 17 00:00:00 2001 From: Greg Bellows Date: Tue, 16 Dec 2014 16:58:05 +0000 Subject: target-arm: Merge EL3 CP15 register lists Merge of the v8_el2_cp_reginfo and el3_cp_reginfo ARMCPRegInfo lists. Previously, some EL3 registers were restricted to the ARMv8 list under the impression that they were not needed on ARMv7. However, this is not the case as the ARMv7/32-bit variants rely on the ARMv8/64-bit variants to handle migration and reset. For this reason they must always exist. Signed-off-by: Greg Bellows Message-id: 1418406450-14961-1-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell --- target-arm/helper.c | 55 +++++++++++++++++++++++------------------------------ 1 file changed, 24 insertions(+), 31 deletions(-) diff --git a/target-arm/helper.c b/target-arm/helper.c index 96abbed935..3ef0f1f38e 100644 --- a/target-arm/helper.c +++ b/target-arm/helper.c @@ -2413,7 +2413,30 @@ static const ARMCPRegInfo v8_el2_cp_reginfo[] = { REGINFO_SENTINEL }; -static const ARMCPRegInfo v8_el3_cp_reginfo[] = { +static const ARMCPRegInfo el3_cp_reginfo[] = { + { .name = "SCR_EL3", .state = ARM_CP_STATE_AA64, + .opc0 = 3, .opc1 = 6, .crn = 1, .crm = 1, .opc2 = 0, + .access = PL3_RW, .fieldoffset = offsetof(CPUARMState, cp15.scr_el3), + .resetvalue = 0, .writefn = scr_write }, + { .name = "SCR", .type = ARM_CP_NO_MIGRATE, + .cp = 15, .opc1 = 0, .crn = 1, .crm = 1, .opc2 = 0, + .access = PL3_RW, .fieldoffset = offsetoflow32(CPUARMState, cp15.scr_el3), + .resetfn = arm_cp_reset_ignore, .writefn = scr_write }, + { .name = "SDER32_EL3", .state = ARM_CP_STATE_AA64, + .opc0 = 3, .opc1 = 6, .crn = 1, .crm = 1, .opc2 = 1, + .access = PL3_RW, .resetvalue = 0, + .fieldoffset = offsetof(CPUARMState, cp15.sder) }, + { .name = "SDER", + .cp = 15, .opc1 = 0, .crn = 1, .crm = 1, .opc2 = 1, + .access = PL3_RW, .resetvalue = 0, + .fieldoffset = offsetoflow32(CPUARMState, cp15.sder) }, + /* TODO: Implement NSACR trapping of secure EL1 accesses to EL3 */ + { .name = "NSACR", .cp = 15, .opc1 = 0, .crn = 1, .crm = 1, .opc2 = 2, + .access = PL3_W | PL1_R, .resetvalue = 0, + .fieldoffset = offsetof(CPUARMState, cp15.nsacr) }, + { .name = "MVBAR", .cp = 15, .opc1 = 0, .crn = 12, .crm = 0, .opc2 = 1, + .access = PL3_RW, .writefn = vbar_write, .resetvalue = 0, + .fieldoffset = offsetof(CPUARMState, cp15.mvbar) }, { .name = "SCTLR_EL3", .state = ARM_CP_STATE_AA64, .opc0 = 3, .opc1 = 6, .crn = 1, .crm = 0, .opc2 = 0, .access = PL3_RW, .raw_writefn = raw_write, .writefn = sctlr_write, @@ -2451,33 +2474,6 @@ static const ARMCPRegInfo v8_el3_cp_reginfo[] = { REGINFO_SENTINEL }; -static const ARMCPRegInfo el3_cp_reginfo[] = { - { .name = "SCR_EL3", .state = ARM_CP_STATE_AA64, - .opc0 = 3, .opc1 = 6, .crn = 1, .crm = 1, .opc2 = 0, - .access = PL3_RW, .fieldoffset = offsetof(CPUARMState, cp15.scr_el3), - .resetvalue = 0, .writefn = scr_write }, - { .name = "SCR", .type = ARM_CP_NO_MIGRATE, - .cp = 15, .opc1 = 0, .crn = 1, .crm = 1, .opc2 = 0, - .access = PL3_RW, .fieldoffset = offsetoflow32(CPUARMState, cp15.scr_el3), - .resetfn = arm_cp_reset_ignore, .writefn = scr_write }, - { .name = "SDER32_EL3", .state = ARM_CP_STATE_AA64, - .opc0 = 3, .opc1 = 6, .crn = 1, .crm = 1, .opc2 = 1, - .access = PL3_RW, .resetvalue = 0, - .fieldoffset = offsetof(CPUARMState, cp15.sder) }, - { .name = "SDER", - .cp = 15, .opc1 = 0, .crn = 1, .crm = 1, .opc2 = 1, - .access = PL3_RW, .resetvalue = 0, - .fieldoffset = offsetoflow32(CPUARMState, cp15.sder) }, - /* TODO: Implement NSACR trapping of secure EL1 accesses to EL3 */ - { .name = "NSACR", .cp = 15, .opc1 = 0, .crn = 1, .crm = 1, .opc2 = 2, - .access = PL3_W | PL1_R, .resetvalue = 0, - .fieldoffset = offsetof(CPUARMState, cp15.nsacr) }, - { .name = "MVBAR", .cp = 15, .opc1 = 0, .crn = 12, .crm = 0, .opc2 = 1, - .access = PL3_RW, .writefn = vbar_write, .resetvalue = 0, - .fieldoffset = offsetof(CPUARMState, cp15.mvbar) }, - REGINFO_SENTINEL -}; - static CPAccessResult ctr_el0_access(CPUARMState *env, const ARMCPRegInfo *ri) { /* Only accessible in EL0 if SCTLR.UCT is set (and only in AArch64, @@ -3077,9 +3073,6 @@ void register_cp_regs_for_features(ARMCPU *cpu) } } if (arm_feature(env, ARM_FEATURE_EL3)) { - if (arm_feature(env, ARM_FEATURE_V8)) { - define_arm_cp_regs(cpu, v8_el3_cp_reginfo); - } define_arm_cp_regs(cpu, el3_cp_reginfo); } if (arm_feature(env, ARM_FEATURE_MPU)) { -- cgit v1.2.1 From 49d2e648e8087d154d8bf8b91f27c8e05e79d5a6 Mon Sep 17 00:00:00 2001 From: Marcel Apfelbaum Date: Tue, 16 Dec 2014 16:58:05 +0000 Subject: machine: remove qemu_machine_opts global list QEMU has support for options per machine, keeping a global list of options is no longer necessary. Signed-off-by: Marcel Apfelbaum Reviewed-by: Alexander Graf Reviewed-by: Greg Bellows Message-id: 1418217570-15517-2-git-send-email-marcel.a@redhat.com Signed-off-by: Peter Maydell --- hw/core/machine.c | 45 +++++++++++++++++++++++++++++ hw/i386/pc.c | 7 +++++ hw/ppc/spapr.c | 3 ++ vl.c | 84 ++++--------------------------------------------------- 4 files changed, 61 insertions(+), 78 deletions(-) diff --git a/hw/core/machine.c b/hw/core/machine.c index 19d3e3a707..a0ae5f94ce 100644 --- a/hw/core/machine.c +++ b/hw/core/machine.c @@ -291,48 +291,93 @@ static void machine_initfn(Object *obj) object_property_add_str(obj, "accel", machine_get_accel, machine_set_accel, NULL); + object_property_set_description(obj, "accel", + "Accelerator list", + NULL); object_property_add_bool(obj, "kernel-irqchip", machine_get_kernel_irqchip, machine_set_kernel_irqchip, NULL); + object_property_set_description(obj, "kernel-irqchip", + "Use KVM in-kernel irqchip", + NULL); object_property_add(obj, "kvm-shadow-mem", "int", machine_get_kvm_shadow_mem, machine_set_kvm_shadow_mem, NULL, NULL, NULL); + object_property_set_description(obj, "kvm-shadow-mem", + "KVM shadow MMU size", + NULL); object_property_add_str(obj, "kernel", machine_get_kernel, machine_set_kernel, NULL); + object_property_set_description(obj, "kernel", + "Linux kernel image file", + NULL); object_property_add_str(obj, "initrd", machine_get_initrd, machine_set_initrd, NULL); + object_property_set_description(obj, "initrd", + "Linux initial ramdisk file", + NULL); object_property_add_str(obj, "append", machine_get_append, machine_set_append, NULL); + object_property_set_description(obj, "append", + "Linux kernel command line", + NULL); object_property_add_str(obj, "dtb", machine_get_dtb, machine_set_dtb, NULL); + object_property_set_description(obj, "dtb", + "Linux kernel device tree file", + NULL); object_property_add_str(obj, "dumpdtb", machine_get_dumpdtb, machine_set_dumpdtb, NULL); + object_property_set_description(obj, "dumpdtb", + "Dump current dtb to a file and quit", + NULL); object_property_add(obj, "phandle-start", "int", machine_get_phandle_start, machine_set_phandle_start, NULL, NULL, NULL); + object_property_set_description(obj, "phandle-start", + "The first phandle ID we may generate dynamically", + NULL); object_property_add_str(obj, "dt-compatible", machine_get_dt_compatible, machine_set_dt_compatible, NULL); + object_property_set_description(obj, "dt-compatible", + "Overrides the \"compatible\" property of the dt root node", + NULL); object_property_add_bool(obj, "dump-guest-core", machine_get_dump_guest_core, machine_set_dump_guest_core, NULL); + object_property_set_description(obj, "dump-guest-core", + "Include guest memory in a core dump", + NULL); object_property_add_bool(obj, "mem-merge", machine_get_mem_merge, machine_set_mem_merge, NULL); + object_property_set_description(obj, "mem-merge", + "Enable/disable memory merge support", + NULL); object_property_add_bool(obj, "usb", machine_get_usb, machine_set_usb, NULL); + object_property_set_description(obj, "usb", + "Set on/off to enable/disable usb", + NULL); object_property_add_str(obj, "firmware", machine_get_firmware, machine_set_firmware, NULL); + object_property_set_description(obj, "firmware", + "Firmware image", + NULL); object_property_add_bool(obj, "iommu", machine_get_iommu, machine_set_iommu, NULL); + object_property_set_description(obj, "iommu", + "Set on/off to enable/disable Intel IOMMU (VT-d)", + NULL); /* Register notifier when init is done for sysbus sanity checks */ ms->sysbus_notifier.notify = machine_init_notify; diff --git a/hw/i386/pc.c b/hw/i386/pc.c index 1ec7290dca..a3ddb5e139 100644 --- a/hw/i386/pc.c +++ b/hw/i386/pc.c @@ -1805,17 +1805,24 @@ static void pc_machine_initfn(Object *obj) object_property_add(obj, PC_MACHINE_MEMHP_REGION_SIZE, "int", pc_machine_get_hotplug_memory_region_size, NULL, NULL, NULL, NULL); + pcms->max_ram_below_4g = 1ULL << 32; /* 4G */ object_property_add(obj, PC_MACHINE_MAX_RAM_BELOW_4G, "size", pc_machine_get_max_ram_below_4g, pc_machine_set_max_ram_below_4g, NULL, NULL, NULL); + object_property_set_description(obj, PC_MACHINE_MAX_RAM_BELOW_4G, + "Maximum ram below the 4G boundary (32bit boundary)", + NULL); pcms->vmport = ON_OFF_AUTO_AUTO; object_property_add(obj, PC_MACHINE_VMPORT, "OnOffAuto", pc_machine_get_vmport, pc_machine_set_vmport, NULL, NULL, NULL); + object_property_set_description(obj, PC_MACHINE_VMPORT, + "Enable vmport (pc & q35)", + NULL); pcms->enforce_aligned_dimm = true; object_property_add_bool(obj, PC_MACHINE_ENFORCE_ALIGNED_DIMM, diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c index 30de25de5c..08401e0fde 100644 --- a/hw/ppc/spapr.c +++ b/hw/ppc/spapr.c @@ -1655,6 +1655,9 @@ static void spapr_machine_initfn(Object *obj) { object_property_add_str(obj, "kvm-type", spapr_get_kvm_type, spapr_set_kvm_type, NULL); + object_property_set_description(obj, "kvm-type", + "Specifies the KVM virtualization mode (HV, PR)", + NULL); } static void ppc_cpu_do_nmi_on_cpu(void *arg) diff --git a/vl.c b/vl.c index a824a7d8b4..7537be43aa 100644 --- a/vl.c +++ b/vl.c @@ -308,84 +308,12 @@ static QemuOptsList qemu_machine_opts = { .merge_lists = true, .head = QTAILQ_HEAD_INITIALIZER(qemu_machine_opts.head), .desc = { - { - .name = "type", - .type = QEMU_OPT_STRING, - .help = "emulated machine" - }, { - .name = "accel", - .type = QEMU_OPT_STRING, - .help = "accelerator list", - }, { - .name = "kernel_irqchip", - .type = QEMU_OPT_BOOL, - .help = "use KVM in-kernel irqchip", - }, { - .name = "kvm_shadow_mem", - .type = QEMU_OPT_SIZE, - .help = "KVM shadow MMU size", - }, { - .name = "kernel", - .type = QEMU_OPT_STRING, - .help = "Linux kernel image file", - }, { - .name = "initrd", - .type = QEMU_OPT_STRING, - .help = "Linux initial ramdisk file", - }, { - .name = "append", - .type = QEMU_OPT_STRING, - .help = "Linux kernel command line", - }, { - .name = "dtb", - .type = QEMU_OPT_STRING, - .help = "Linux kernel device tree file", - }, { - .name = "dumpdtb", - .type = QEMU_OPT_STRING, - .help = "Dump current dtb to a file and quit", - }, { - .name = "phandle_start", - .type = QEMU_OPT_NUMBER, - .help = "The first phandle ID we may generate dynamically", - }, { - .name = "dt_compatible", - .type = QEMU_OPT_STRING, - .help = "Overrides the \"compatible\" property of the dt root node", - }, { - .name = "dump-guest-core", - .type = QEMU_OPT_BOOL, - .help = "Include guest memory in a core dump", - }, { - .name = "mem-merge", - .type = QEMU_OPT_BOOL, - .help = "enable/disable memory merge support", - },{ - .name = "usb", - .type = QEMU_OPT_BOOL, - .help = "Set on/off to enable/disable usb", - },{ - .name = "firmware", - .type = QEMU_OPT_STRING, - .help = "firmware image", - },{ - .name = "kvm-type", - .type = QEMU_OPT_STRING, - .help = "Specifies the KVM virtualization mode (HV, PR)", - },{ - .name = PC_MACHINE_MAX_RAM_BELOW_4G, - .type = QEMU_OPT_SIZE, - .help = "maximum ram below the 4G boundary (32bit boundary)", - }, { - .name = PC_MACHINE_VMPORT, - .type = QEMU_OPT_STRING, - .help = "Enable vmport (pc & q35)", - },{ - .name = "iommu", - .type = QEMU_OPT_BOOL, - .help = "Set on/off to enable/disable Intel IOMMU (VT-d)", - }, - { /* End of list */ } + /* + * no elements => accept any + * sanity checking will happen later + * when setting machine properties + */ + { } }, }; -- cgit v1.2.1 From 2e16898a61a25cb76dd48f6e74f3b7a500d0c91a Mon Sep 17 00:00:00 2001 From: Marcel Apfelbaum Date: Tue, 16 Dec 2014 16:58:05 +0000 Subject: vl.c: simplified machine_set_property Refactored the code to re-use object_property_parse. Signed-off-by: Marcel Apfelbaum Reviewed-by: Alexander Graf Reviewed-by: Greg Bellows Message-id: 1418217570-15517-3-git-send-email-marcel.a@redhat.com Signed-off-by: Peter Maydell --- vl.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/vl.c b/vl.c index 7537be43aa..fa7a02c8ef 100644 --- a/vl.c +++ b/vl.c @@ -2535,7 +2535,6 @@ static int machine_set_property(const char *name, const char *value, void *opaque) { Object *obj = OBJECT(opaque); - StringInputVisitor *siv; Error *local_err = NULL; char *c, *qom_name; @@ -2551,9 +2550,7 @@ static int machine_set_property(const char *name, const char *value, } } - siv = string_input_visitor_new(value); - object_property_set(obj, string_input_get_visitor(siv), qom_name, &local_err); - string_input_visitor_cleanup(siv); + object_property_parse(obj, value, qom_name, &local_err); g_free(qom_name); if (local_err) { -- cgit v1.2.1 From 52eb3dfd7d6585f0049a6d41ddb81ef8d4496146 Mon Sep 17 00:00:00 2001 From: Marcel Apfelbaum Date: Tue, 16 Dec 2014 16:58:06 +0000 Subject: vl.c: add HMP help to machine The help is based on the actual machine properties exposing only the relevant options. Signed-off-by: Marcel Apfelbaum Reviewed-by: Alexander Graf Reviewed-by: Greg Bellows Message-id: 1418217570-15517-4-git-send-email-marcel.a@redhat.com Signed-off-by: Peter Maydell --- vl.c | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/vl.c b/vl.c index fa7a02c8ef..bea9656232 100644 --- a/vl.c +++ b/vl.c @@ -1423,6 +1423,31 @@ MachineInfoList *qmp_query_machines(Error **errp) return mach_list; } +static int machine_help_func(QemuOpts *opts, MachineState *machine) +{ + ObjectProperty *prop; + + if (!qemu_opt_has_help_opt(opts)) { + return 0; + } + + QTAILQ_FOREACH(prop, &OBJECT(machine)->properties, node) { + if (!prop->set) { + continue; + } + + error_printf("%s.%s=%s", MACHINE_GET_CLASS(machine)->name, + prop->name, prop->type); + if (prop->description) { + error_printf(" (%s)\n", prop->description); + } else { + error_printf("\n"); + } + } + + return 1; +} + /***********************************************************/ /* main execution loop */ @@ -3758,6 +3783,9 @@ int main(int argc, char **argv, char **envp) current_machine = MACHINE(object_new(object_class_get_name( OBJECT_CLASS(machine_class)))); + if (machine_help_func(qemu_get_machine_opts(), current_machine)) { + exit(0); + } object_property_add_child(object_get_root(), "machine", OBJECT(current_machine), &error_abort); cpu_exec_init_all(); -- cgit v1.2.1 From 7eb1dc7f0b65a324323541440baf2ea544adcefb Mon Sep 17 00:00:00 2001 From: Greg Bellows Date: Mon, 15 Dec 2014 17:09:38 -0600 Subject: target-arm: Add vexpress class and machine types Adds base Vexpress class and machine objects and infrastructure. This is in preparation for switching to the full QEMU object model. The base vexpress infrastructure is intended to handle common vexpress details. Signed-off-by: Greg Bellows Reviewed-by: Peter Maydell Message-id: 1418684992-8996-2-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell --- hw/arm/vexpress.c | 45 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/hw/arm/vexpress.c b/hw/arm/vexpress.c index 7cbd13f182..01046c271a 100644 --- a/hw/arm/vexpress.c +++ b/hw/arm/vexpress.c @@ -157,6 +157,23 @@ static hwaddr motherboard_aseries_map[] = { typedef struct VEDBoardInfo VEDBoardInfo; +typedef struct { + MachineClass parent; + VEDBoardInfo *daughterboard; +} VexpressMachineClass; + +typedef struct { + MachineState parent; +} VexpressMachineState; + +#define TYPE_VEXPRESS_MACHINE "vexpress" +#define VEXPRESS_MACHINE(obj) \ + OBJECT_CHECK(VexpressMachineState, (obj), TYPE_VEXPRESS_MACHINE) +#define VEXPRESS_MACHINE_GET_CLASS(obj) \ + OBJECT_GET_CLASS(VexpressMachineClass, obj, TYPE_VEXPRESS_MACHINE) +#define VEXPRESS_MACHINE_CLASS(klass) \ + OBJECT_CLASS_CHECK(VexpressMachineClass, klass, TYPE_VEXPRESS_MACHINE) + typedef void DBoardInitFn(const VEDBoardInfo *daughterboard, ram_addr_t ram_size, const char *cpu_model, @@ -681,6 +698,13 @@ static void vexpress_common_init(VEDBoardInfo *daughterboard, arm_load_kernel(ARM_CPU(first_cpu), &daughterboard->bootinfo); } +static void vexpress_init(MachineState *machine) +{ + VexpressMachineClass *vmc = VEXPRESS_MACHINE_GET_CLASS(machine); + + vexpress_common_init(vmc->daughterboard, machine); +} + static void vexpress_a9_init(MachineState *machine) { vexpress_common_init(&a9_daughterboard, machine); @@ -691,6 +715,26 @@ static void vexpress_a15_init(MachineState *machine) vexpress_common_init(&a15_daughterboard, machine); } +static void vexpress_class_init(ObjectClass *oc, void *data) +{ + MachineClass *mc = MACHINE_CLASS(oc); + + mc->name = TYPE_VEXPRESS_MACHINE; + mc->desc = "ARM Versatile Express"; + mc->init = vexpress_init; + mc->block_default_type = IF_SCSI; + mc->max_cpus = 4; +} + +static const TypeInfo vexpress_info = { + .name = TYPE_VEXPRESS_MACHINE, + .parent = TYPE_MACHINE, + .abstract = true, + .instance_size = sizeof(VexpressMachineState), + .class_size = sizeof(VexpressMachineClass), + .class_init = vexpress_class_init, +}; + static QEMUMachine vexpress_a9_machine = { .name = "vexpress-a9", .desc = "ARM Versatile Express for Cortex-A9", @@ -709,6 +753,7 @@ static QEMUMachine vexpress_a15_machine = { static void vexpress_machine_init(void) { + type_register_static(&vexpress_info); qemu_register_machine(&vexpress_a9_machine); qemu_register_machine(&vexpress_a15_machine); } -- cgit v1.2.1 From 9ee00ba8311a9cc59f8d1034c98b6f9f3694495b Mon Sep 17 00:00:00 2001 From: Greg Bellows Date: Mon, 15 Dec 2014 17:09:39 -0600 Subject: target-arm: Add vexpress a9 & a15 machine objects Add Vexpress machine objects for the the Cortex A9 & A15 variants. The older style QEMUMachine types were replaced with dedicated TypeInfo objects. The new objects include dedicated class init functions that currently ustilze dedicated machine init methods. The previous qemu_register_machine calls were replaced with the newer type_register_status calls. Signed-off-by: Greg Bellows Reviewed-by: Peter Maydell Message-id: 1418684992-8996-3-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell --- hw/arm/vexpress.c | 50 ++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 36 insertions(+), 14 deletions(-) diff --git a/hw/arm/vexpress.c b/hw/arm/vexpress.c index 01046c271a..8f22696b4e 100644 --- a/hw/arm/vexpress.c +++ b/hw/arm/vexpress.c @@ -167,6 +167,8 @@ typedef struct { } VexpressMachineState; #define TYPE_VEXPRESS_MACHINE "vexpress" +#define TYPE_VEXPRESS_A9_MACHINE "vexpress-a9" +#define TYPE_VEXPRESS_A15_MACHINE "vexpress-a15" #define VEXPRESS_MACHINE(obj) \ OBJECT_CHECK(VexpressMachineState, (obj), TYPE_VEXPRESS_MACHINE) #define VEXPRESS_MACHINE_GET_CLASS(obj) \ @@ -726,6 +728,30 @@ static void vexpress_class_init(ObjectClass *oc, void *data) mc->max_cpus = 4; } +static void vexpress_a9_class_init(ObjectClass *oc, void *data) +{ + MachineClass *mc = MACHINE_CLASS(oc); + VexpressMachineClass *vmc = VEXPRESS_MACHINE_CLASS(oc); + + mc->name = TYPE_VEXPRESS_A9_MACHINE; + mc->desc = "ARM Versatile Express for Cortex-A9"; + mc->init = vexpress_a9_init; + + vmc->daughterboard = &a9_daughterboard;; +} + +static void vexpress_a15_class_init(ObjectClass *oc, void *data) +{ + MachineClass *mc = MACHINE_CLASS(oc); + VexpressMachineClass *vmc = VEXPRESS_MACHINE_CLASS(oc); + + mc->name = TYPE_VEXPRESS_A15_MACHINE; + mc->desc = "ARM Versatile Express for Cortex-A15"; + mc->init = vexpress_a15_init; + + vmc->daughterboard = &a15_daughterboard; +} + static const TypeInfo vexpress_info = { .name = TYPE_VEXPRESS_MACHINE, .parent = TYPE_MACHINE, @@ -735,27 +761,23 @@ static const TypeInfo vexpress_info = { .class_init = vexpress_class_init, }; -static QEMUMachine vexpress_a9_machine = { - .name = "vexpress-a9", - .desc = "ARM Versatile Express for Cortex-A9", - .init = vexpress_a9_init, - .block_default_type = IF_SCSI, - .max_cpus = 4, +static const TypeInfo vexpress_a9_info = { + .name = TYPE_VEXPRESS_A9_MACHINE, + .parent = TYPE_VEXPRESS_MACHINE, + .class_init = vexpress_a9_class_init, }; -static QEMUMachine vexpress_a15_machine = { - .name = "vexpress-a15", - .desc = "ARM Versatile Express for Cortex-A15", - .init = vexpress_a15_init, - .block_default_type = IF_SCSI, - .max_cpus = 4, +static const TypeInfo vexpress_a15_info = { + .name = TYPE_VEXPRESS_A15_MACHINE, + .parent = TYPE_VEXPRESS_MACHINE, + .class_init = vexpress_a15_class_init, }; static void vexpress_machine_init(void) { type_register_static(&vexpress_info); - qemu_register_machine(&vexpress_a9_machine); - qemu_register_machine(&vexpress_a15_machine); + type_register_static(&vexpress_a9_info); + type_register_static(&vexpress_a15_info); } machine_init(vexpress_machine_init); -- cgit v1.2.1 From af7c9f34b1bacd329a479e79bd608580d0511596 Mon Sep 17 00:00:00 2001 From: Greg Bellows Date: Mon, 15 Dec 2014 17:09:40 -0600 Subject: target-arm: Switch to common vexpress machine init Switched the Vexpress machine initialization to use the common function with the machine pointer to board info. Signed-off-by: Greg Bellows Reviewed-by: Peter Maydell Message-id: 1418684992-8996-4-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell --- hw/arm/vexpress.c | 26 ++++---------------------- 1 file changed, 4 insertions(+), 22 deletions(-) diff --git a/hw/arm/vexpress.c b/hw/arm/vexpress.c index 8f22696b4e..a03cb52fac 100644 --- a/hw/arm/vexpress.c +++ b/hw/arm/vexpress.c @@ -532,9 +532,10 @@ static pflash_t *ve_pflash_cfi01_register(hwaddr base, const char *name, return OBJECT_CHECK(pflash_t, (dev), "cfi.pflash01"); } -static void vexpress_common_init(VEDBoardInfo *daughterboard, - MachineState *machine) +static void vexpress_common_init(MachineState *machine) { + VexpressMachineClass *vmc = VEXPRESS_MACHINE_GET_CLASS(machine); + VEDBoardInfo *daughterboard = vmc->daughterboard;; DeviceState *dev, *sysctl, *pl041; qemu_irq pic[64]; uint32_t sys_id; @@ -700,30 +701,13 @@ static void vexpress_common_init(VEDBoardInfo *daughterboard, arm_load_kernel(ARM_CPU(first_cpu), &daughterboard->bootinfo); } -static void vexpress_init(MachineState *machine) -{ - VexpressMachineClass *vmc = VEXPRESS_MACHINE_GET_CLASS(machine); - - vexpress_common_init(vmc->daughterboard, machine); -} - -static void vexpress_a9_init(MachineState *machine) -{ - vexpress_common_init(&a9_daughterboard, machine); -} - -static void vexpress_a15_init(MachineState *machine) -{ - vexpress_common_init(&a15_daughterboard, machine); -} - static void vexpress_class_init(ObjectClass *oc, void *data) { MachineClass *mc = MACHINE_CLASS(oc); mc->name = TYPE_VEXPRESS_MACHINE; mc->desc = "ARM Versatile Express"; - mc->init = vexpress_init; + mc->init = vexpress_common_init; mc->block_default_type = IF_SCSI; mc->max_cpus = 4; } @@ -735,7 +719,6 @@ static void vexpress_a9_class_init(ObjectClass *oc, void *data) mc->name = TYPE_VEXPRESS_A9_MACHINE; mc->desc = "ARM Versatile Express for Cortex-A9"; - mc->init = vexpress_a9_init; vmc->daughterboard = &a9_daughterboard;; } @@ -747,7 +730,6 @@ static void vexpress_a15_class_init(ObjectClass *oc, void *data) mc->name = TYPE_VEXPRESS_A15_MACHINE; mc->desc = "ARM Versatile Express for Cortex-A15"; - mc->init = vexpress_a15_init; vmc->daughterboard = &a15_daughterboard; } -- cgit v1.2.1 From 490219243208a0fa8abb2290509f31654c888954 Mon Sep 17 00:00:00 2001 From: Greg Bellows Date: Mon, 15 Dec 2014 17:09:41 -0600 Subject: target-arm: Add vexpress machine secure property Add "secure" Vexpress machine specific property to allow override of the default secure state configuration. By default, when using the QEMU -kernel command line argument, Vexpress machines boot into NS/SVC. When using the QEMU -bios command line argument, Vexpress machines boot into S/SVC. The secure state can be changed from the default specifying the secure state as a machine property. For example, the below command line would disable security extensions on a -kernel Linux boot: aarch64-softmmu/qemu-system-aarch64 -machine type=vexpress-a15,secure=off -kernel ... Signed-off-by: Greg Bellows Reviewed-by: Peter Maydell Message-id: 1418684992-8996-5-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell --- hw/arm/vexpress.c | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/hw/arm/vexpress.c b/hw/arm/vexpress.c index a03cb52fac..8b05d4768d 100644 --- a/hw/arm/vexpress.c +++ b/hw/arm/vexpress.c @@ -164,6 +164,7 @@ typedef struct { typedef struct { MachineState parent; + bool secure; } VexpressMachineState; #define TYPE_VEXPRESS_MACHINE "vexpress" @@ -701,6 +702,34 @@ static void vexpress_common_init(MachineState *machine) arm_load_kernel(ARM_CPU(first_cpu), &daughterboard->bootinfo); } +static bool vexpress_get_secure(Object *obj, Error **errp) +{ + VexpressMachineState *vms = VEXPRESS_MACHINE(obj); + + return vms->secure; +} + +static void vexpress_set_secure(Object *obj, bool value, Error **errp) +{ + VexpressMachineState *vms = VEXPRESS_MACHINE(obj); + + vms->secure = value; +} + +static void vexpress_instance_init(Object *obj) +{ + VexpressMachineState *vms = VEXPRESS_MACHINE(obj); + + /* EL3 is enabled by default on vexpress */ + vms->secure = true; + object_property_add_bool(obj, "secure", vexpress_get_secure, + vexpress_set_secure, NULL); + object_property_set_description(obj, "secure", + "Set on/off to enable/disable the ARM " + "Security Extensions (TrustZone)", + NULL); +} + static void vexpress_class_init(ObjectClass *oc, void *data) { MachineClass *mc = MACHINE_CLASS(oc); @@ -739,6 +768,7 @@ static const TypeInfo vexpress_info = { .parent = TYPE_MACHINE, .abstract = true, .instance_size = sizeof(VexpressMachineState), + .instance_init = vexpress_instance_init, .class_size = sizeof(VexpressMachineClass), .class_init = vexpress_class_init, }; -- cgit v1.2.1 From e364bab69bd70825e7583e0bbc812fb67b63b366 Mon Sep 17 00:00:00 2001 From: Greg Bellows Date: Mon, 15 Dec 2014 17:09:42 -0600 Subject: target-arm: Change vexpress daughterboard init arg Change the Vexpress daughterboard initialization method to take a vexpress machine state pointer instead of the daughterboard struct pointer. The machine state now contains the daughterboard pointer. Signed-off-by: Greg Bellows Reviewed-by: Peter Maydell Message-id: 1418684992-8996-6-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell --- hw/arm/vexpress.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/hw/arm/vexpress.c b/hw/arm/vexpress.c index 8b05d4768d..c63c422ddc 100644 --- a/hw/arm/vexpress.c +++ b/hw/arm/vexpress.c @@ -177,7 +177,7 @@ typedef struct { #define VEXPRESS_MACHINE_CLASS(klass) \ OBJECT_CLASS_CHECK(VexpressMachineClass, klass, TYPE_VEXPRESS_MACHINE) -typedef void DBoardInitFn(const VEDBoardInfo *daughterboard, +typedef void DBoardInitFn(const VexpressMachineState *machine, ram_addr_t ram_size, const char *cpu_model, qemu_irq *pic); @@ -252,7 +252,7 @@ static void init_cpus(const char *cpu_model, const char *privdev, } } -static void a9_daughterboard_init(const VEDBoardInfo *daughterboard, +static void a9_daughterboard_init(const VexpressMachineState *vms, ram_addr_t ram_size, const char *cpu_model, qemu_irq *pic) @@ -342,7 +342,7 @@ static VEDBoardInfo a9_daughterboard = { .init = a9_daughterboard_init, }; -static void a15_daughterboard_init(const VEDBoardInfo *daughterboard, +static void a15_daughterboard_init(const VexpressMachineState *vms, ram_addr_t ram_size, const char *cpu_model, qemu_irq *pic) @@ -535,6 +535,7 @@ static pflash_t *ve_pflash_cfi01_register(hwaddr base, const char *name, static void vexpress_common_init(MachineState *machine) { + VexpressMachineState *vms = VEXPRESS_MACHINE(machine); VexpressMachineClass *vmc = VEXPRESS_MACHINE_GET_CLASS(machine); VEDBoardInfo *daughterboard = vmc->daughterboard;; DeviceState *dev, *sysctl, *pl041; @@ -551,8 +552,7 @@ static void vexpress_common_init(MachineState *machine) const hwaddr *map = daughterboard->motherboard_map; int i; - daughterboard->init(daughterboard, machine->ram_size, machine->cpu_model, - pic); + daughterboard->init(vms, machine->ram_size, machine->cpu_model, pic); /* * If a bios file was provided, attempt to map it into memory -- cgit v1.2.1 From c29196904b2bad015edc553a5693c5c9e6f8177a Mon Sep 17 00:00:00 2001 From: Greg Bellows Date: Mon, 15 Dec 2014 17:09:43 -0600 Subject: target-arm: Add virt class and machine types Switch virt qemu machine support to use the newer object type, class, and instance model. Added virt TypeInfo with static registration along with virt specific class and machine structs. Also added virt class initialization method. Signed-off-by: Greg Bellows Reviewed-by: Peter Maydell Message-id: 1418684992-8996-7-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell --- hw/arm/virt.c | 40 ++++++++++++++++++++++++++++++++++------ 1 file changed, 34 insertions(+), 6 deletions(-) diff --git a/hw/arm/virt.c b/hw/arm/virt.c index 314e55b563..b6bb914541 100644 --- a/hw/arm/virt.c +++ b/hw/arm/virt.c @@ -86,6 +86,23 @@ typedef struct VirtBoardInfo { uint32_t clock_phandle; } VirtBoardInfo; +typedef struct { + MachineClass parent; + VirtBoardInfo *daughterboard; +} VirtMachineClass; + +typedef struct { + MachineState parent; +} VirtMachineState; + +#define TYPE_VIRT_MACHINE "virt" +#define VIRT_MACHINE(obj) \ + OBJECT_CHECK(VirtMachineState, (obj), TYPE_VIRT_MACHINE) +#define VIRT_MACHINE_GET_CLASS(obj) \ + OBJECT_GET_CLASS(VirtMachineClass, obj, TYPE_VIRT_MACHINE) +#define VIRT_MACHINE_CLASS(klass) \ + OBJECT_CLASS_CHECK(VirtMachineClass, klass, TYPE_VIRT_MACHINE) + /* Addresses and sizes of our components. * 0..128MB is space for a flash device so we can run bootrom code such as UEFI. * 128MB..256MB is used for miscellaneous device I/O. @@ -615,16 +632,27 @@ static void machvirt_init(MachineState *machine) arm_load_kernel(ARM_CPU(first_cpu), &vbi->bootinfo); } -static QEMUMachine machvirt_a15_machine = { - .name = "virt", - .desc = "ARM Virtual Machine", - .init = machvirt_init, - .max_cpus = 8, +static void virt_class_init(ObjectClass *oc, void *data) +{ + MachineClass *mc = MACHINE_CLASS(oc); + + mc->name = TYPE_VIRT_MACHINE; + mc->desc = "ARM Virtual Machine", + mc->init = machvirt_init; + mc->max_cpus = 8; +} + +static const TypeInfo machvirt_info = { + .name = TYPE_VIRT_MACHINE, + .parent = TYPE_MACHINE, + .instance_size = sizeof(VirtMachineState), + .class_size = sizeof(VirtMachineClass), + .class_init = virt_class_init, }; static void machvirt_machine_init(void) { - qemu_register_machine(&machvirt_a15_machine); + type_register_static(&machvirt_info); } machine_init(machvirt_machine_init); -- cgit v1.2.1 From 083a58906cb32731dd98a93fcf451ec7718c0924 Mon Sep 17 00:00:00 2001 From: Greg Bellows Date: Mon, 15 Dec 2014 17:09:44 -0600 Subject: target-arm: Add virt machine secure property Add "secure" virt machine specific property to allow override of the default secure state configuration. By default, when using the QEMU -kernel command line argument, virt machines boot into NS/SVC. When using the QEMU -bios command line argument, virt machines boot into S/SVC. The secure state can be changed from the default specifying the secure state as a machine property. For example, the below command line would disable security extensions on a -kernel Linux boot: aarch64-softmmu/qemu-system-aarch64 -machine type=virt,secure=off -kernel ... Signed-off-by: Greg Bellows Reviewed-by: Peter Maydell Message-id: 1418684992-8996-8-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell --- hw/arm/virt.c | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/hw/arm/virt.c b/hw/arm/virt.c index b6bb914541..73c68c79f8 100644 --- a/hw/arm/virt.c +++ b/hw/arm/virt.c @@ -93,6 +93,7 @@ typedef struct { typedef struct { MachineState parent; + bool secure; } VirtMachineState; #define TYPE_VIRT_MACHINE "virt" @@ -632,6 +633,34 @@ static void machvirt_init(MachineState *machine) arm_load_kernel(ARM_CPU(first_cpu), &vbi->bootinfo); } +static bool virt_get_secure(Object *obj, Error **errp) +{ + VirtMachineState *vms = VIRT_MACHINE(obj); + + return vms->secure; +} + +static void virt_set_secure(Object *obj, bool value, Error **errp) +{ + VirtMachineState *vms = VIRT_MACHINE(obj); + + vms->secure = value; +} + +static void virt_instance_init(Object *obj) +{ + VirtMachineState *vms = VIRT_MACHINE(obj); + + /* EL3 is enabled by default on virt */ + vms->secure = true; + object_property_add_bool(obj, "secure", virt_get_secure, + virt_set_secure, NULL); + object_property_set_description(obj, "secure", + "Set on/off to enable/disable the ARM " + "Security Extensions (TrustZone)", + NULL); +} + static void virt_class_init(ObjectClass *oc, void *data) { MachineClass *mc = MACHINE_CLASS(oc); @@ -646,6 +675,7 @@ static const TypeInfo machvirt_info = { .name = TYPE_VIRT_MACHINE, .parent = TYPE_MACHINE, .instance_size = sizeof(VirtMachineState), + .instance_init = virt_instance_init, .class_size = sizeof(VirtMachineClass), .class_init = virt_class_init, }; -- cgit v1.2.1 From 08828484a5c1ec55a6cbb4b4d377bfcf41199b5c Mon Sep 17 00:00:00 2001 From: Greg Bellows Date: Mon, 15 Dec 2014 17:09:45 -0600 Subject: target-arm: Add feature unset function Add an unset_feature() function to compliment the set_feature() function. This will be used to disable functions after they have been enabled during initialization. Signed-off-by: Greg Bellows Reviewed-by: Peter Maydell Message-id: 1418684992-8996-9-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell --- target-arm/cpu.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/target-arm/cpu.c b/target-arm/cpu.c index d3db279e1b..01afed2037 100644 --- a/target-arm/cpu.c +++ b/target-arm/cpu.c @@ -327,6 +327,11 @@ static inline void set_feature(CPUARMState *env, int feature) env->features |= 1ULL << feature; } +static inline void unset_feature(CPUARMState *env, int feature) +{ + env->features &= ~(1ULL << feature); +} + static void arm_cpu_initfn(Object *obj) { CPUState *cs = CPU(obj); -- cgit v1.2.1 From 51942aee3c51ca23b0dd78f95534a57e8dc1e582 Mon Sep 17 00:00:00 2001 From: Greg Bellows Date: Mon, 15 Dec 2014 17:09:46 -0600 Subject: target-arm: Add ARMCPU secure property Added a "has_el3" state property to the ARMCPU descriptor. This property indicates whether the ARMCPU has security extensions enabled (EL3) or not. By default it is disabled at this time. Signed-off-by: Greg Bellows Reviewed-by: Peter Maydell Message-id: 1418684992-8996-10-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell --- target-arm/cpu-qom.h | 2 ++ target-arm/cpu.c | 23 +++++++++++++++++++++++ 2 files changed, 25 insertions(+) diff --git a/target-arm/cpu-qom.h b/target-arm/cpu-qom.h index dcfda7dfcf..ed5a6441bb 100644 --- a/target-arm/cpu-qom.h +++ b/target-arm/cpu-qom.h @@ -100,6 +100,8 @@ typedef struct ARMCPU { bool start_powered_off; /* CPU currently in PSCI powered-off state */ bool powered_off; + /* CPU has security extension */ + bool has_el3; /* PSCI conduit used to invoke PSCI methods * 0 - disabled, 1 - smc, 2 - hvc diff --git a/target-arm/cpu.c b/target-arm/cpu.c index 01afed2037..069e090001 100644 --- a/target-arm/cpu.c +++ b/target-arm/cpu.c @@ -388,6 +388,9 @@ static Property arm_cpu_reset_hivecs_property = static Property arm_cpu_rvbar_property = DEFINE_PROP_UINT64("rvbar", ARMCPU, rvbar, 0); +static Property arm_cpu_has_el3_property = + DEFINE_PROP_BOOL("has_el3", ARMCPU, has_el3, true); + static void arm_cpu_post_init(Object *obj) { ARMCPU *cpu = ARM_CPU(obj); @@ -407,6 +410,14 @@ static void arm_cpu_post_init(Object *obj) qdev_property_add_static(DEVICE(obj), &arm_cpu_rvbar_property, &error_abort); } + + if (arm_feature(&cpu->env, ARM_FEATURE_EL3)) { + /* Add the has_el3 state CPU property only if EL3 is allowed. This will + * prevent "has_el3" from existing on CPUs which cannot support EL3. + */ + qdev_property_add_static(DEVICE(obj), &arm_cpu_has_el3_property, + &error_abort); + } } static void arm_cpu_finalizefn(Object *obj) @@ -476,6 +487,18 @@ static void arm_cpu_realizefn(DeviceState *dev, Error **errp) cpu->reset_sctlr |= (1 << 13); } + if (!cpu->has_el3) { + /* If the has_el3 CPU property is disabled then we need to disable the + * feature. + */ + unset_feature(env, ARM_FEATURE_EL3); + + /* Disable the security extension feature bits in the processor feature + * register as well. This is id_pfr1[7:4]. + */ + cpu->id_pfr1 &= ~0xf0; + } + register_cp_regs_for_features(cpu); arm_cpu_register_gdb_regs_for_features(cpu); -- cgit v1.2.1 From c8e829b7bf6e1c84af8b4b13ee7fce2959c63e0e Mon Sep 17 00:00:00 2001 From: Greg Bellows Date: Mon, 15 Dec 2014 17:09:47 -0600 Subject: target-arm: Add arm_boot_info secure_boot control Adds the secure_boot boolean field to the arm_boot_info descriptor. This fields is used to indicate whether Linux should boot into secure or non-secure state if the ARM EL3 feature is enabled. The default is to leave the CPU in an unaltered reset state. On EL3 enabled systems, the reset state is secure and can be overridden by setting the added field to false. Signed-off-by: Greg Bellows Reviewed-by: Peter Maydell Message-id: 1418684992-8996-11-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell --- hw/arm/boot.c | 10 ++++++++++ include/hw/arm/arm.h | 4 ++++ 2 files changed, 14 insertions(+) diff --git a/hw/arm/boot.c b/hw/arm/boot.c index e6a3c5bcfb..c8d1d4e147 100644 --- a/hw/arm/boot.c +++ b/hw/arm/boot.c @@ -457,6 +457,16 @@ static void do_cpu_reset(void *opaque) env->thumb = info->entry & 1; } } else { + /* If we are booting Linux then we need to check whether we are + * booting into secure or non-secure state and adjust the state + * accordingly. Out of reset, ARM is defined to be in secure state + * (SCR.NS = 0), we change that here if non-secure boot has been + * requested. + */ + if (arm_feature(env, ARM_FEATURE_EL3) && !info->secure_boot) { + env->cp15.scr_el3 |= SCR_NS; + } + if (CPU(cpu) == first_cpu) { if (env->aarch64) { env->pc = info->loader_start; diff --git a/include/hw/arm/arm.h b/include/hw/arm/arm.h index cefc9e6988..e5a5d8c328 100644 --- a/include/hw/arm/arm.h +++ b/include/hw/arm/arm.h @@ -37,6 +37,10 @@ struct arm_boot_info { hwaddr gic_cpu_if_addr; int nb_cpus; int board_id; + /* ARM machines that support the ARM Security Extensions use this field to + * control whether Linux is booted as secure(true) or non-secure(false). + */ + bool secure_boot; int (*atag_board)(const struct arm_boot_info *info, void *p); /* multicore boards that use the default secondary core boot functions * can ignore these two function calls. If the default functions won't -- cgit v1.2.1 From 12d027f132246826c4358f3734d738a3385bf75f Mon Sep 17 00:00:00 2001 From: Greg Bellows Date: Mon, 15 Dec 2014 17:09:48 -0600 Subject: target-arm: Enable CPU has_el3 prop during VE init Adds setting of the CPU has_el3 property based on the vexpress machine secure state property during initialization. This enables/disables EL3 state during start-up. Changes include adding an additional secure state boolean during vexpress CPU initialization. Also enables the ARM secure boot by default. Signed-off-by: Greg Bellows Message-id: 1418684992-8996-12-git-send-email-greg.bellows@linaro.org Reviewed-by: Peter Maydell Signed-off-by: Peter Maydell --- hw/arm/vexpress.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/hw/arm/vexpress.c b/hw/arm/vexpress.c index c63c422ddc..84415c8b0a 100644 --- a/hw/arm/vexpress.c +++ b/hw/arm/vexpress.c @@ -196,7 +196,7 @@ struct VEDBoardInfo { }; static void init_cpus(const char *cpu_model, const char *privdev, - hwaddr periphbase, qemu_irq *pic) + hwaddr periphbase, qemu_irq *pic, bool secure) { ObjectClass *cpu_oc = cpu_class_by_name(TYPE_ARM_CPU, cpu_model); DeviceState *dev; @@ -213,6 +213,10 @@ static void init_cpus(const char *cpu_model, const char *privdev, Object *cpuobj = object_new(object_class_get_name(cpu_oc)); Error *err = NULL; + if (!secure) { + object_property_set_bool(cpuobj, false, "has_el3", NULL); + } + if (object_property_find(cpuobj, "reset-cbar", NULL)) { object_property_set_int(cpuobj, periphbase, "reset-cbar", &error_abort); @@ -288,7 +292,7 @@ static void a9_daughterboard_init(const VexpressMachineState *vms, memory_region_add_subregion(sysmem, 0x60000000, ram); /* 0x1e000000 A9MPCore (SCU) private memory region */ - init_cpus(cpu_model, "a9mpcore_priv", 0x1e000000, pic); + init_cpus(cpu_model, "a9mpcore_priv", 0x1e000000, pic, vms->secure); /* Daughterboard peripherals : 0x10020000 .. 0x20000000 */ @@ -374,7 +378,7 @@ static void a15_daughterboard_init(const VexpressMachineState *vms, memory_region_add_subregion(sysmem, 0x80000000, ram); /* 0x2c000000 A15MPCore private memory region (GIC) */ - init_cpus(cpu_model, "a15mpcore_priv", 0x2c000000, pic); + init_cpus(cpu_model, "a15mpcore_priv", 0x2c000000, pic, vms->secure); /* A15 daughterboard peripherals: */ @@ -699,6 +703,8 @@ static void vexpress_common_init(MachineState *machine) daughterboard->bootinfo.smp_bootreg_addr = map[VE_SYSREGS] + 0x30; daughterboard->bootinfo.gic_cpu_if_addr = daughterboard->gic_cpu_if_addr; daughterboard->bootinfo.modify_dtb = vexpress_modify_dtb; + /* Indicate that when booting Linux we should be in secure state */ + daughterboard->bootinfo.secure_boot = true; arm_load_kernel(ARM_CPU(first_cpu), &daughterboard->bootinfo); } -- cgit v1.2.1 From e5a5604f8fdabfc788fbf75354b7f92eb349dcff Mon Sep 17 00:00:00 2001 From: Greg Bellows Date: Mon, 15 Dec 2014 17:09:49 -0600 Subject: target-arm: Set CPU has_el3 prop during virt init Adds setting of the CPU has_el3 property based on the virt machine secure state property during initialization. This enables/disables EL3 state during start-up. Changes include adding an additional secure state boolean during virt CPU initialization. Also disables the ARM secure boot by default. Signed-off-by: Greg Bellows Message-id: 1418684992-8996-13-git-send-email-greg.bellows@linaro.org Reviewed-by: Peter Maydell Signed-off-by: Peter Maydell --- hw/arm/virt.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/hw/arm/virt.c b/hw/arm/virt.c index 73c68c79f8..a9e13cae9e 100644 --- a/hw/arm/virt.c +++ b/hw/arm/virt.c @@ -547,6 +547,7 @@ static void *machvirt_dtb(const struct arm_boot_info *binfo, int *fdt_size) static void machvirt_init(MachineState *machine) { + VirtMachineState *vms = VIRT_MACHINE(machine); qemu_irq pic[NUM_IRQS]; MemoryRegion *sysmem = get_system_memory(); int n; @@ -584,6 +585,10 @@ static void machvirt_init(MachineState *machine) } cpuobj = object_new(object_class_get_name(oc)); + if (!vms->secure) { + object_property_set_bool(cpuobj, false, "has_el3", NULL); + } + object_property_set_int(cpuobj, QEMU_PSCI_CONDUIT_HVC, "psci-conduit", NULL); -- cgit v1.2.1 From 223a72f1179dc0b56bae3b01bc3e3208ef100fcc Mon Sep 17 00:00:00 2001 From: Greg Bellows Date: Mon, 15 Dec 2014 17:09:50 -0600 Subject: target-arm: Breakout integratorcp and versatilepb cpu init This commit changes the integratorcp and versatilepb CPU initialization from using the generic ARM cpu_arm_init function to doing it inline. This is necessary in order to allow CPU configuration changes to occur between CPU instance initialization and realization. Specifically, this change is in preparation for disabling CPU EL3 support. Signed-off-by: Greg Bellows Reviewed-by: Peter Maydell Message-id: 1418684992-8996-14-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell --- hw/arm/integratorcp.c | 19 +++++++++++++++++-- hw/arm/versatilepb.c | 20 ++++++++++++++++++-- 2 files changed, 35 insertions(+), 4 deletions(-) diff --git a/hw/arm/integratorcp.c b/hw/arm/integratorcp.c index 266ec18fb3..f196189967 100644 --- a/hw/arm/integratorcp.c +++ b/hw/arm/integratorcp.c @@ -15,6 +15,7 @@ #include "net/net.h" #include "exec/address-spaces.h" #include "sysemu/sysemu.h" +#include "qemu/error-report.h" #define TYPE_INTEGRATOR_CM "integrator_core" #define INTEGRATOR_CM(obj) \ @@ -469,6 +470,8 @@ static void integratorcp_init(MachineState *machine) const char *kernel_filename = machine->kernel_filename; const char *kernel_cmdline = machine->kernel_cmdline; const char *initrd_filename = machine->initrd_filename; + ObjectClass *cpu_oc; + Object *cpuobj; ARMCPU *cpu; MemoryRegion *address_space_mem = get_system_memory(); MemoryRegion *ram = g_new(MemoryRegion, 1); @@ -476,16 +479,28 @@ static void integratorcp_init(MachineState *machine) qemu_irq pic[32]; DeviceState *dev; int i; + Error *err = NULL; if (!cpu_model) { cpu_model = "arm926"; } - cpu = cpu_arm_init(cpu_model); - if (!cpu) { + + cpu_oc = cpu_class_by_name(TYPE_ARM_CPU, cpu_model); + if (!cpu_oc) { fprintf(stderr, "Unable to find CPU definition\n"); exit(1); } + cpuobj = object_new(object_class_get_name(cpu_oc)); + + object_property_set_bool(cpuobj, true, "realized", &err); + if (err) { + error_report("%s", error_get_pretty(err)); + exit(1); + } + + cpu = ARM_CPU(cpuobj); + memory_region_init_ram(ram, NULL, "integrator.ram", ram_size, &error_abort); vmstate_register_ram_global(ram); /* ??? On a real system the first 1Mb is mapped as SSRAM or boot flash. */ diff --git a/hw/arm/versatilepb.c b/hw/arm/versatilepb.c index e6ef0a2e7e..b74dc15b8e 100644 --- a/hw/arm/versatilepb.c +++ b/hw/arm/versatilepb.c @@ -18,6 +18,7 @@ #include "sysemu/block-backend.h" #include "exec/address-spaces.h" #include "hw/block/flash.h" +#include "qemu/error-report.h" #define VERSATILE_FLASH_ADDR 0x34000000 #define VERSATILE_FLASH_SIZE (64 * 1024 * 1024) @@ -175,6 +176,8 @@ static struct arm_boot_info versatile_binfo; static void versatile_init(MachineState *machine, int board_id) { + ObjectClass *cpu_oc; + Object *cpuobj; ARMCPU *cpu; MemoryRegion *sysmem = get_system_memory(); MemoryRegion *ram = g_new(MemoryRegion, 1); @@ -189,15 +192,28 @@ static void versatile_init(MachineState *machine, int board_id) int n; int done_smc = 0; DriveInfo *dinfo; + Error *err = NULL; if (!machine->cpu_model) { machine->cpu_model = "arm926"; } - cpu = cpu_arm_init(machine->cpu_model); - if (!cpu) { + + cpu_oc = cpu_class_by_name(TYPE_ARM_CPU, machine->cpu_model); + if (!cpu_oc) { fprintf(stderr, "Unable to find CPU definition\n"); exit(1); } + + cpuobj = object_new(object_class_get_name(cpu_oc)); + + object_property_set_bool(cpuobj, true, "realized", &err); + if (err) { + error_report("%s", error_get_pretty(err)); + exit(1); + } + + cpu = ARM_CPU(cpuobj); + memory_region_init_ram(ram, NULL, "versatile.ram", machine->ram_size, &error_abort); vmstate_register_ram_global(ram); -- cgit v1.2.1 From 61e2f3521c9ee2dc3ebab2e84329d5ebd10d8518 Mon Sep 17 00:00:00 2001 From: Greg Bellows Date: Mon, 15 Dec 2014 17:09:51 -0600 Subject: target-arm: Disable EL3 on unsupported machines Disables the CPU ARM_FEATURE_EL3 featuere on machine models that can be configured to use Cortex-A9, Cortex-A15, and ARM1176 but don't officially support EL3. This preserves backwards compatibility. Signed-off-by: Greg Bellows Reviewed-by: Peter Maydell Message-id: 1418684992-8996-15-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell --- hw/arm/exynos4210.c | 11 +++++++++++ hw/arm/highbank.c | 12 ++++++++++++ hw/arm/integratorcp.c | 12 ++++++++++++ hw/arm/realview.c | 12 ++++++++++++ hw/arm/versatilepb.c | 12 ++++++++++++ hw/arm/xilinx_zynq.c | 12 ++++++++++++ 6 files changed, 71 insertions(+) diff --git a/hw/arm/exynos4210.c b/hw/arm/exynos4210.c index 582794c19f..97dafca49a 100644 --- a/hw/arm/exynos4210.c +++ b/hw/arm/exynos4210.c @@ -152,6 +152,17 @@ Exynos4210State *exynos4210_init(MemoryRegion *system_mem, Object *cpuobj = object_new(object_class_get_name(cpu_oc)); Error *err = NULL; + /* By default A9 CPUs have EL3 enabled. This board does not currently + * support EL3 so the CPU EL3 property is disabled before realization. + */ + if (object_property_find(cpuobj, "has_el3", NULL)) { + object_property_set_bool(cpuobj, false, "has_el3", &err); + if (err) { + error_report("%s", error_get_pretty(err)); + exit(1); + } + } + s->cpu[n] = ARM_CPU(cpuobj); object_property_set_int(cpuobj, EXYNOS4210_SMP_PRIVATE_BASE_ADDR, "reset-cbar", &error_abort); diff --git a/hw/arm/highbank.c b/hw/arm/highbank.c index 30f744a1bd..f67570a7ee 100644 --- a/hw/arm/highbank.c +++ b/hw/arm/highbank.c @@ -241,6 +241,18 @@ static void calxeda_init(MachineState *machine, enum cxmachines machine_id) cpuobj = object_new(object_class_get_name(oc)); cpu = ARM_CPU(cpuobj); + /* By default A9 and A15 CPUs have EL3 enabled. This board does not + * currently support EL3 so the CPU EL3 property is disabled before + * realization. + */ + if (object_property_find(cpuobj, "has_el3", NULL)) { + object_property_set_bool(cpuobj, false, "has_el3", &err); + if (err) { + error_report("%s", error_get_pretty(err)); + exit(1); + } + } + if (object_property_find(cpuobj, "reset-cbar", NULL)) { object_property_set_int(cpuobj, MPCORE_PERIPHBASE, "reset-cbar", &error_abort); diff --git a/hw/arm/integratorcp.c b/hw/arm/integratorcp.c index f196189967..8c48b68a34 100644 --- a/hw/arm/integratorcp.c +++ b/hw/arm/integratorcp.c @@ -493,6 +493,18 @@ static void integratorcp_init(MachineState *machine) cpuobj = object_new(object_class_get_name(cpu_oc)); + /* By default ARM1176 CPUs have EL3 enabled. This board does not + * currently support EL3 so the CPU EL3 property is disabled before + * realization. + */ + if (object_property_find(cpuobj, "has_el3", NULL)) { + object_property_set_bool(cpuobj, false, "has_el3", &err); + if (err) { + error_report("%s", error_get_pretty(err)); + exit(1); + } + } + object_property_set_bool(cpuobj, true, "realized", &err); if (err) { error_report("%s", error_get_pretty(err)); diff --git a/hw/arm/realview.c b/hw/arm/realview.c index d41ec97a23..66e51ef1ad 100644 --- a/hw/arm/realview.c +++ b/hw/arm/realview.c @@ -101,6 +101,18 @@ static void realview_init(MachineState *machine, Object *cpuobj = object_new(object_class_get_name(cpu_oc)); Error *err = NULL; + /* By default A9,A15 and ARM1176 CPUs have EL3 enabled. This board + * does not currently support EL3 so the CPU EL3 property is disabled + * before realization. + */ + if (object_property_find(cpuobj, "has_el3", NULL)) { + object_property_set_bool(cpuobj, false, "has_el3", &err); + if (err) { + error_report("%s", error_get_pretty(err)); + exit(1); + } + } + if (is_pb && is_mpcore) { object_property_set_int(cpuobj, periphbase, "reset-cbar", &err); if (err) { diff --git a/hw/arm/versatilepb.c b/hw/arm/versatilepb.c index b74dc15b8e..6c4c2e780e 100644 --- a/hw/arm/versatilepb.c +++ b/hw/arm/versatilepb.c @@ -206,6 +206,18 @@ static void versatile_init(MachineState *machine, int board_id) cpuobj = object_new(object_class_get_name(cpu_oc)); + /* By default ARM1176 CPUs have EL3 enabled. This board does not + * currently support EL3 so the CPU EL3 property is disabled before + * realization. + */ + if (object_property_find(cpuobj, "has_el3", NULL)) { + object_property_set_bool(cpuobj, false, "has_el3", &err); + if (err) { + error_report("%s", error_get_pretty(err)); + exit(1); + } + } + object_property_set_bool(cpuobj, true, "realized", &err); if (err) { error_report("%s", error_get_pretty(err)); diff --git a/hw/arm/xilinx_zynq.c b/hw/arm/xilinx_zynq.c index b59039297a..06e6e24da1 100644 --- a/hw/arm/xilinx_zynq.c +++ b/hw/arm/xilinx_zynq.c @@ -126,6 +126,18 @@ static void zynq_init(MachineState *machine) cpu = ARM_CPU(object_new(object_class_get_name(cpu_oc))); + /* By default A9 CPUs have EL3 enabled. This board does not + * currently support EL3 so the CPU EL3 property is disabled before + * realization. + */ + if (object_property_find(OBJECT(cpu), "has_el3", NULL)) { + object_property_set_bool(OBJECT(cpu), false, "has_el3", &err); + if (err) { + error_report("%s", error_get_pretty(err)); + exit(1); + } + } + object_property_set_int(OBJECT(cpu), ZYNQ_BOARD_MIDR, "midr", &err); if (err) { error_report("%s", error_get_pretty(err)); -- cgit v1.2.1 From c0ccb02db46c72b4b0fa8a475a6890c1e28064f0 Mon Sep 17 00:00:00 2001 From: Fabian Aggeler Date: Mon, 15 Dec 2014 17:09:52 -0600 Subject: target-arm: add cpu feature EL3 to CPUs with Security Extensions Set ARM_FEATURE_EL3 feature for CPUs that implement Security Extensions. Signed-off-by: Fabian Aggeler Signed-off-by: Greg Bellows Reviewed-by: Peter Maydell Message-id: 1418684992-8996-16-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell --- target-arm/cpu.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/target-arm/cpu.c b/target-arm/cpu.c index 069e090001..285947f911 100644 --- a/target-arm/cpu.c +++ b/target-arm/cpu.c @@ -668,6 +668,7 @@ static void arm1176_initfn(Object *obj) set_feature(&cpu->env, ARM_FEATURE_DUMMY_C15_REGS); set_feature(&cpu->env, ARM_FEATURE_CACHE_DIRTY_REG); set_feature(&cpu->env, ARM_FEATURE_CACHE_BLOCK_OPS); + set_feature(&cpu->env, ARM_FEATURE_EL3); cpu->midr = 0x410fb767; cpu->reset_fpsid = 0x410120b5; cpu->mvfr0 = 0x11111111; @@ -756,6 +757,7 @@ static void cortex_a8_initfn(Object *obj) set_feature(&cpu->env, ARM_FEATURE_NEON); set_feature(&cpu->env, ARM_FEATURE_THUMB2EE); set_feature(&cpu->env, ARM_FEATURE_DUMMY_C15_REGS); + set_feature(&cpu->env, ARM_FEATURE_EL3); cpu->midr = 0x410fc080; cpu->reset_fpsid = 0x410330c0; cpu->mvfr0 = 0x11110222; @@ -823,6 +825,7 @@ static void cortex_a9_initfn(Object *obj) set_feature(&cpu->env, ARM_FEATURE_VFP_FP16); set_feature(&cpu->env, ARM_FEATURE_NEON); set_feature(&cpu->env, ARM_FEATURE_THUMB2EE); + set_feature(&cpu->env, ARM_FEATURE_EL3); /* Note that A9 supports the MP extensions even for * A9UP and single-core A9MP (which are both different * and valid configurations; we don't model A9UP). @@ -890,6 +893,7 @@ static void cortex_a15_initfn(Object *obj) set_feature(&cpu->env, ARM_FEATURE_DUMMY_C15_REGS); set_feature(&cpu->env, ARM_FEATURE_CBAR_RO); set_feature(&cpu->env, ARM_FEATURE_LPAE); + set_feature(&cpu->env, ARM_FEATURE_EL3); cpu->kvm_target = QEMU_KVM_ARM_TARGET_CORTEX_A15; cpu->midr = 0x412fc0f1; cpu->reset_fpsid = 0x410430f0; -- cgit v1.2.1 From 5712db6ae5101db645f71edc393368cd59bfd314 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Mon, 22 Dec 2014 13:11:35 +0100 Subject: fw_cfg: hard separation between the MMIO and I/O port mappings We are going to introduce a wide data register for fw_cfg, but only for the MMIO mapped device. The wide data register will also require the tightening of endiannesses. However we don't want to touch the I/O port mapped fw_cfg device at all. Currently QEMU provides a single fw_cfg device type that can handle both I/O port and MMIO mapping. This flexibility is not actually exploited by any board in the tree, but it renders restricting the above changes to MMIO very hard. Therefore, let's derive two classes from TYPE_FW_CFG: TYPE_FW_CFG_IO and TYPE_FW_CFG_MEM. TYPE_FW_CFG_IO incorporates the base I/O port and the related combined MemoryRegion. (NB: all boards in the tree that use the I/O port mapped flavor opt for the combined mapping; that is, when the data port overlays the high address byte of the selector port. Therefore we can drop the capability to map those I/O ports separately.) TYPE_FW_CFG_MEM incorporates the base addresses for the MMIO selector and data registers, and their respective MemoryRegions. The "realize" and "props" class members are specific to each new derived class, and become unused for the base class. The base class retains the "reset" member and the "vmsd" member, because the reset functionality and the set of migrated data are not specific to the mapping. The new functions fw_cfg_init_io() and fw_cfg_init_mem() expose the possible mappings in separation. For now fw_cfg_init() is retained as a compatibility shim that enforces the above assumptions. Signed-off-by: Laszlo Ersek Signed-off-by: Paolo Bonzini Message-id: 1419250305-31062-2-git-send-email-pbonzini@redhat.com Signed-off-by: Peter Maydell --- hw/nvram/fw_cfg.c | 177 ++++++++++++++++++++++++++++++++-------------- include/hw/nvram/fw_cfg.h | 2 + include/qemu/typedefs.h | 2 + 3 files changed, 126 insertions(+), 55 deletions(-) diff --git a/hw/nvram/fw_cfg.c b/hw/nvram/fw_cfg.c index c4b78ed36c..ab7bfffae2 100644 --- a/hw/nvram/fw_cfg.c +++ b/hw/nvram/fw_cfg.c @@ -32,10 +32,16 @@ #define FW_CFG_SIZE 2 #define FW_CFG_DATA_SIZE 1 -#define TYPE_FW_CFG "fw_cfg" #define FW_CFG_NAME "fw_cfg" #define FW_CFG_PATH "/machine/" FW_CFG_NAME -#define FW_CFG(obj) OBJECT_CHECK(FWCfgState, (obj), TYPE_FW_CFG) + +#define TYPE_FW_CFG "fw_cfg" +#define TYPE_FW_CFG_IO "fw_cfg_io" +#define TYPE_FW_CFG_MEM "fw_cfg_mem" + +#define FW_CFG(obj) OBJECT_CHECK(FWCfgState, (obj), TYPE_FW_CFG) +#define FW_CFG_IO(obj) OBJECT_CHECK(FWCfgIoState, (obj), TYPE_FW_CFG_IO) +#define FW_CFG_MEM(obj) OBJECT_CHECK(FWCfgMemState, (obj), TYPE_FW_CFG_MEM) typedef struct FWCfgEntry { uint32_t len; @@ -50,8 +56,6 @@ struct FWCfgState { SysBusDevice parent_obj; /*< public >*/ - MemoryRegion ctl_iomem, data_iomem, comb_iomem; - uint32_t ctl_iobase, data_iobase; FWCfgEntry entries[2][FW_CFG_MAX_ENTRY]; FWCfgFiles *files; uint16_t cur_entry; @@ -59,6 +63,23 @@ struct FWCfgState { Notifier machine_ready; }; +struct FWCfgIoState { + /*< private >*/ + FWCfgState parent_obj; + /*< public >*/ + + MemoryRegion comb_iomem; + uint32_t iobase; +}; + +struct FWCfgMemState { + /*< private >*/ + FWCfgState parent_obj; + /*< public >*/ + + MemoryRegion ctl_iomem, data_iomem; +}; + #define JPG_FILE 0 #define BMP_FILE 1 @@ -560,19 +581,11 @@ static void fw_cfg_machine_ready(struct Notifier *n, void *data) qemu_register_reset(fw_cfg_machine_reset, s); } -FWCfgState *fw_cfg_init(uint32_t ctl_port, uint32_t data_port, - hwaddr ctl_addr, hwaddr data_addr) -{ - DeviceState *dev; - SysBusDevice *d; - FWCfgState *s; - dev = qdev_create(NULL, TYPE_FW_CFG); - qdev_prop_set_uint32(dev, "ctl_iobase", ctl_port); - qdev_prop_set_uint32(dev, "data_iobase", data_port); - d = SYS_BUS_DEVICE(dev); - s = FW_CFG(dev); +static void fw_cfg_init1(DeviceState *dev) +{ + FWCfgState *s = FW_CFG(dev); assert(!object_resolve_path(FW_CFG_PATH, NULL)); @@ -580,12 +593,6 @@ FWCfgState *fw_cfg_init(uint32_t ctl_port, uint32_t data_port, qdev_init_nofail(dev); - if (ctl_addr) { - sysbus_mmio_map(d, 0, ctl_addr); - } - if (data_addr) { - sysbus_mmio_map(d, 1, data_addr); - } fw_cfg_add_bytes(s, FW_CFG_SIGNATURE, (char *)"QEMU", 4); fw_cfg_add_bytes(s, FW_CFG_UUID, qemu_uuid, 16); fw_cfg_add_i16(s, FW_CFG_NOGRAPHIC, (uint16_t)(display_type == DT_NOGRAPHIC)); @@ -596,48 +603,48 @@ FWCfgState *fw_cfg_init(uint32_t ctl_port, uint32_t data_port, s->machine_ready.notify = fw_cfg_machine_ready; qemu_add_machine_init_done_notifier(&s->machine_ready); - - return s; } -static void fw_cfg_initfn(Object *obj) +FWCfgState *fw_cfg_init_io(uint32_t iobase) { - SysBusDevice *sbd = SYS_BUS_DEVICE(obj); - FWCfgState *s = FW_CFG(obj); + DeviceState *dev; - memory_region_init_io(&s->ctl_iomem, OBJECT(s), &fw_cfg_ctl_mem_ops, s, - "fwcfg.ctl", FW_CFG_SIZE); - sysbus_init_mmio(sbd, &s->ctl_iomem); - memory_region_init_io(&s->data_iomem, OBJECT(s), &fw_cfg_data_mem_ops, s, - "fwcfg.data", FW_CFG_DATA_SIZE); - sysbus_init_mmio(sbd, &s->data_iomem); - /* In case ctl and data overlap: */ - memory_region_init_io(&s->comb_iomem, OBJECT(s), &fw_cfg_comb_mem_ops, s, - "fwcfg", FW_CFG_SIZE); + dev = qdev_create(NULL, TYPE_FW_CFG_IO); + qdev_prop_set_uint32(dev, "iobase", iobase); + fw_cfg_init1(dev); + + return FW_CFG(dev); } -static void fw_cfg_realize(DeviceState *dev, Error **errp) +FWCfgState *fw_cfg_init_mem(hwaddr ctl_addr, hwaddr data_addr) { - FWCfgState *s = FW_CFG(dev); - SysBusDevice *sbd = SYS_BUS_DEVICE(dev); + DeviceState *dev; + SysBusDevice *sbd; - if (s->ctl_iobase + 1 == s->data_iobase) { - sysbus_add_io(sbd, s->ctl_iobase, &s->comb_iomem); - } else { - if (s->ctl_iobase) { - sysbus_add_io(sbd, s->ctl_iobase, &s->ctl_iomem); - } - if (s->data_iobase) { - sysbus_add_io(sbd, s->data_iobase, &s->data_iomem); - } + dev = qdev_create(NULL, TYPE_FW_CFG_MEM); + fw_cfg_init1(dev); + + sbd = SYS_BUS_DEVICE(dev); + sysbus_mmio_map(sbd, 0, ctl_addr); + sysbus_mmio_map(sbd, 1, data_addr); + + return FW_CFG(dev); +} + + +FWCfgState *fw_cfg_init(uint32_t ctl_port, uint32_t data_port, + hwaddr crl_addr, hwaddr data_addr) +{ + if (ctl_port + 1 == data_port && crl_addr == 0 && data_addr == 0) { + return fw_cfg_init_io(ctl_port); } + if (ctl_port == 0 && data_port == 0 && crl_addr != 0 && data_addr != 0) { + return fw_cfg_init_mem(crl_addr, data_addr); + } + assert(false); + return NULL; } -static Property fw_cfg_properties[] = { - DEFINE_PROP_UINT32("ctl_iobase", FWCfgState, ctl_iobase, -1), - DEFINE_PROP_UINT32("data_iobase", FWCfgState, data_iobase, -1), - DEFINE_PROP_END_OF_LIST(), -}; FWCfgState *fw_cfg_find(void) { @@ -648,23 +655,83 @@ static void fw_cfg_class_init(ObjectClass *klass, void *data) { DeviceClass *dc = DEVICE_CLASS(klass); - dc->realize = fw_cfg_realize; dc->reset = fw_cfg_reset; dc->vmsd = &vmstate_fw_cfg; - dc->props = fw_cfg_properties; } static const TypeInfo fw_cfg_info = { .name = TYPE_FW_CFG, .parent = TYPE_SYS_BUS_DEVICE, .instance_size = sizeof(FWCfgState), - .instance_init = fw_cfg_initfn, .class_init = fw_cfg_class_init, }; + +static Property fw_cfg_io_properties[] = { + DEFINE_PROP_UINT32("iobase", FWCfgIoState, iobase, -1), + DEFINE_PROP_END_OF_LIST(), +}; + +static void fw_cfg_io_realize(DeviceState *dev, Error **errp) +{ + FWCfgIoState *s = FW_CFG_IO(dev); + SysBusDevice *sbd = SYS_BUS_DEVICE(dev); + + memory_region_init_io(&s->comb_iomem, OBJECT(s), &fw_cfg_comb_mem_ops, + FW_CFG(s), "fwcfg", FW_CFG_SIZE); + sysbus_add_io(sbd, s->iobase, &s->comb_iomem); +} + +static void fw_cfg_io_class_init(ObjectClass *klass, void *data) +{ + DeviceClass *dc = DEVICE_CLASS(klass); + + dc->realize = fw_cfg_io_realize; + dc->props = fw_cfg_io_properties; +} + +static const TypeInfo fw_cfg_io_info = { + .name = TYPE_FW_CFG_IO, + .parent = TYPE_FW_CFG, + .instance_size = sizeof(FWCfgIoState), + .class_init = fw_cfg_io_class_init, +}; + + +static void fw_cfg_mem_realize(DeviceState *dev, Error **errp) +{ + FWCfgMemState *s = FW_CFG_MEM(dev); + SysBusDevice *sbd = SYS_BUS_DEVICE(dev); + + memory_region_init_io(&s->ctl_iomem, OBJECT(s), &fw_cfg_ctl_mem_ops, + FW_CFG(s), "fwcfg.ctl", FW_CFG_SIZE); + sysbus_init_mmio(sbd, &s->ctl_iomem); + + memory_region_init_io(&s->data_iomem, OBJECT(s), &fw_cfg_data_mem_ops, + FW_CFG(s), "fwcfg.data", FW_CFG_DATA_SIZE); + sysbus_init_mmio(sbd, &s->data_iomem); +} + +static void fw_cfg_mem_class_init(ObjectClass *klass, void *data) +{ + DeviceClass *dc = DEVICE_CLASS(klass); + + dc->realize = fw_cfg_mem_realize; +} + +static const TypeInfo fw_cfg_mem_info = { + .name = TYPE_FW_CFG_MEM, + .parent = TYPE_FW_CFG, + .instance_size = sizeof(FWCfgMemState), + .class_init = fw_cfg_mem_class_init, +}; + + static void fw_cfg_register_types(void) { type_register_static(&fw_cfg_info); + type_register_static(&fw_cfg_io_info); + type_register_static(&fw_cfg_mem_info); } type_init(fw_cfg_register_types) diff --git a/include/hw/nvram/fw_cfg.h b/include/hw/nvram/fw_cfg.h index 56e1ed7122..fcc88ea59b 100644 --- a/include/hw/nvram/fw_cfg.h +++ b/include/hw/nvram/fw_cfg.h @@ -80,6 +80,8 @@ void *fw_cfg_modify_file(FWCfgState *s, const char *filename, void *data, size_t len); FWCfgState *fw_cfg_init(uint32_t ctl_port, uint32_t data_port, hwaddr crl_addr, hwaddr data_addr); +FWCfgState *fw_cfg_init_io(uint32_t iobase); +FWCfgState *fw_cfg_init_mem(hwaddr ctl_addr, hwaddr data_addr); FWCfgState *fw_cfg_find(void); diff --git a/include/qemu/typedefs.h b/include/qemu/typedefs.h index 57ff47f284..f2bbaaf86a 100644 --- a/include/qemu/typedefs.h +++ b/include/qemu/typedefs.h @@ -22,6 +22,8 @@ typedef struct DisplayState DisplayState; typedef struct DisplaySurface DisplaySurface; typedef struct DriveInfo DriveInfo; typedef struct EventNotifier EventNotifier; +typedef struct FWCfgIoState FWCfgIoState; +typedef struct FWCfgMemState FWCfgMemState; typedef struct FWCfgState FWCfgState; typedef struct HCIInfo HCIInfo; typedef struct I2CBus I2CBus; -- cgit v1.2.1 From 66708822cd3007ae1ec5104d274a861148725e7a Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Mon, 22 Dec 2014 13:11:36 +0100 Subject: fw_cfg: move boards to fw_cfg_init_io() / fw_cfg_init_mem() This allows us to drop the fw_cfg_init() shim and to enforce the possible mappings at compile time. Signed-off-by: Laszlo Ersek Signed-off-by: Paolo Bonzini Message-id: 1419250305-31062-3-git-send-email-pbonzini@redhat.com Signed-off-by: Peter Maydell --- hw/i386/pc.c | 4 ++-- hw/nvram/fw_cfg.c | 14 -------------- hw/ppc/mac_newworld.c | 2 +- hw/ppc/mac_oldworld.c | 2 +- hw/sparc/sun4m.c | 2 +- hw/sparc64/sun4u.c | 2 +- include/hw/nvram/fw_cfg.h | 2 -- 7 files changed, 6 insertions(+), 22 deletions(-) diff --git a/hw/i386/pc.c b/hw/i386/pc.c index a3ddb5e139..e07f1fac56 100644 --- a/hw/i386/pc.c +++ b/hw/i386/pc.c @@ -649,7 +649,7 @@ static FWCfgState *bochs_bios_init(void) int i, j; unsigned int apic_id_limit = pc_apic_id_limit(max_cpus); - fw_cfg = fw_cfg_init(BIOS_CFG_IOPORT, BIOS_CFG_IOPORT + 1, 0, 0); + fw_cfg = fw_cfg_init_io(BIOS_CFG_IOPORT); /* FW_CFG_MAX_CPUS is a bit confusing/problematic on x86: * * SeaBIOS needs FW_CFG_MAX_CPUS for CPU hotplug, but the CPU hotplug @@ -1170,7 +1170,7 @@ FWCfgState *xen_load_linux(const char *kernel_filename, assert(kernel_filename != NULL); - fw_cfg = fw_cfg_init(BIOS_CFG_IOPORT, BIOS_CFG_IOPORT + 1, 0, 0); + fw_cfg = fw_cfg_init_io(BIOS_CFG_IOPORT); rom_set_fw(fw_cfg); load_linux(fw_cfg, kernel_filename, initrd_filename, diff --git a/hw/nvram/fw_cfg.c b/hw/nvram/fw_cfg.c index ab7bfffae2..c48bc6e650 100644 --- a/hw/nvram/fw_cfg.c +++ b/hw/nvram/fw_cfg.c @@ -632,20 +632,6 @@ FWCfgState *fw_cfg_init_mem(hwaddr ctl_addr, hwaddr data_addr) } -FWCfgState *fw_cfg_init(uint32_t ctl_port, uint32_t data_port, - hwaddr crl_addr, hwaddr data_addr) -{ - if (ctl_port + 1 == data_port && crl_addr == 0 && data_addr == 0) { - return fw_cfg_init_io(ctl_port); - } - if (ctl_port == 0 && data_port == 0 && crl_addr != 0 && data_addr != 0) { - return fw_cfg_init_mem(crl_addr, data_addr); - } - assert(false); - return NULL; -} - - FWCfgState *fw_cfg_find(void) { return FW_CFG(object_resolve_path(FW_CFG_PATH, NULL)); diff --git a/hw/ppc/mac_newworld.c b/hw/ppc/mac_newworld.c index ee1ed8a344..b60a832c0a 100644 --- a/hw/ppc/mac_newworld.c +++ b/hw/ppc/mac_newworld.c @@ -454,7 +454,7 @@ static void ppc_core99_init(MachineState *machine) pmac_format_nvram_partition(nvr, 0x2000); /* No PCI init: the BIOS will do it */ - fw_cfg = fw_cfg_init(0, 0, CFG_ADDR, CFG_ADDR + 2); + fw_cfg = fw_cfg_init_mem(CFG_ADDR, CFG_ADDR + 2); fw_cfg_add_i16(fw_cfg, FW_CFG_MAX_CPUS, (uint16_t)max_cpus); fw_cfg_add_i32(fw_cfg, FW_CFG_ID, 1); fw_cfg_add_i64(fw_cfg, FW_CFG_RAM_SIZE, (uint64_t)ram_size); diff --git a/hw/ppc/mac_oldworld.c b/hw/ppc/mac_oldworld.c index 15109c294a..c7224d70b5 100644 --- a/hw/ppc/mac_oldworld.c +++ b/hw/ppc/mac_oldworld.c @@ -313,7 +313,7 @@ static void ppc_heathrow_init(MachineState *machine) /* No PCI init: the BIOS will do it */ - fw_cfg = fw_cfg_init(0, 0, CFG_ADDR, CFG_ADDR + 2); + fw_cfg = fw_cfg_init_mem(CFG_ADDR, CFG_ADDR + 2); fw_cfg_add_i16(fw_cfg, FW_CFG_MAX_CPUS, (uint16_t)max_cpus); fw_cfg_add_i32(fw_cfg, FW_CFG_ID, 1); fw_cfg_add_i64(fw_cfg, FW_CFG_RAM_SIZE, (uint64_t)ram_size); diff --git a/hw/sparc/sun4m.c b/hw/sparc/sun4m.c index df259ad605..ecd9dc1414 100644 --- a/hw/sparc/sun4m.c +++ b/hw/sparc/sun4m.c @@ -1084,7 +1084,7 @@ static void sun4m_hw_init(const struct sun4m_hwdef *hwdef, ecc_init(hwdef->ecc_base, slavio_irq[28], hwdef->ecc_version); - fw_cfg = fw_cfg_init(0, 0, CFG_ADDR, CFG_ADDR + 2); + fw_cfg = fw_cfg_init_mem(CFG_ADDR, CFG_ADDR + 2); fw_cfg_add_i16(fw_cfg, FW_CFG_MAX_CPUS, (uint16_t)max_cpus); fw_cfg_add_i32(fw_cfg, FW_CFG_ID, 1); fw_cfg_add_i64(fw_cfg, FW_CFG_RAM_SIZE, (uint64_t)ram_size); diff --git a/hw/sparc64/sun4u.c b/hw/sparc64/sun4u.c index acac8f9ed0..3ff5bd8871 100644 --- a/hw/sparc64/sun4u.c +++ b/hw/sparc64/sun4u.c @@ -892,7 +892,7 @@ static void sun4uv_init(MemoryRegion *address_space_mem, graphic_width, graphic_height, graphic_depth, (uint8_t *)&nd_table[0].macaddr); - fw_cfg = fw_cfg_init(BIOS_CFG_IOPORT, BIOS_CFG_IOPORT + 1, 0, 0); + fw_cfg = fw_cfg_init_io(BIOS_CFG_IOPORT); fw_cfg_add_i16(fw_cfg, FW_CFG_MAX_CPUS, (uint16_t)max_cpus); fw_cfg_add_i32(fw_cfg, FW_CFG_ID, 1); fw_cfg_add_i64(fw_cfg, FW_CFG_RAM_SIZE, (uint64_t)ram_size); diff --git a/include/hw/nvram/fw_cfg.h b/include/hw/nvram/fw_cfg.h index fcc88ea59b..a99586edd6 100644 --- a/include/hw/nvram/fw_cfg.h +++ b/include/hw/nvram/fw_cfg.h @@ -78,8 +78,6 @@ void fw_cfg_add_file_callback(FWCfgState *s, const char *filename, void *data, size_t len); void *fw_cfg_modify_file(FWCfgState *s, const char *filename, void *data, size_t len); -FWCfgState *fw_cfg_init(uint32_t ctl_port, uint32_t data_port, - hwaddr crl_addr, hwaddr data_addr); FWCfgState *fw_cfg_init_io(uint32_t iobase); FWCfgState *fw_cfg_init_mem(hwaddr ctl_addr, hwaddr data_addr); -- cgit v1.2.1 From 86099db3823fec1800225f89544014a98b227ed9 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Mon, 22 Dec 2014 13:11:37 +0100 Subject: fw_cfg_mem: max access size and region size are the same for data register Make it clear that the maximum access size to the MMIO data register determines the full size of the memory region. Currently the max access size is 1. This patch doesn't change behavior. Signed-off-by: Laszlo Ersek Signed-off-by: Paolo Bonzini Message-id: 1419250305-31062-4-git-send-email-pbonzini@redhat.com Signed-off-by: Peter Maydell --- hw/nvram/fw_cfg.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hw/nvram/fw_cfg.c b/hw/nvram/fw_cfg.c index c48bc6e650..8deb860fad 100644 --- a/hw/nvram/fw_cfg.c +++ b/hw/nvram/fw_cfg.c @@ -31,7 +31,6 @@ #include "qemu/config-file.h" #define FW_CFG_SIZE 2 -#define FW_CFG_DATA_SIZE 1 #define FW_CFG_NAME "fw_cfg" #define FW_CFG_PATH "/machine/" FW_CFG_NAME @@ -694,7 +693,8 @@ static void fw_cfg_mem_realize(DeviceState *dev, Error **errp) sysbus_init_mmio(sbd, &s->ctl_iomem); memory_region_init_io(&s->data_iomem, OBJECT(s), &fw_cfg_data_mem_ops, - FW_CFG(s), "fwcfg.data", FW_CFG_DATA_SIZE); + FW_CFG(s), "fwcfg.data", + fw_cfg_data_mem_ops.valid.max_access_size); sysbus_init_mmio(sbd, &s->data_iomem); } -- cgit v1.2.1 From d789c84547abaaf82828b20998aee618b9327261 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Mon, 22 Dec 2014 13:11:38 +0100 Subject: fw_cfg_mem: flip ctl_mem_ops and data_mem_ops to DEVICE_BIG_ENDIAN The standalone selector port (fw_cfg_ctl_mem_ops) is only used by big endian guests to date (*), hence this change doesn't regress them. Paolo and Alex have suggested / requested an explicit DEVICE_BIG_ENDIAN setting here, for clarity. (*) git grep -l fw_cfg_init_mem hw/nvram/fw_cfg.c hw/ppc/mac_newworld.c hw/ppc/mac_oldworld.c hw/sparc/sun4m.c include/hw/nvram/fw_cfg.h The standalone data port (fw_cfg_data_mem_ops) has max_access_size 1 (for now), hence changing its endianness doesn't change behavior for existing guest code. Signed-off-by: Laszlo Ersek Signed-off-by: Paolo Bonzini Message-id: 1419250305-31062-5-git-send-email-pbonzini@redhat.com Signed-off-by: Peter Maydell --- hw/nvram/fw_cfg.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hw/nvram/fw_cfg.c b/hw/nvram/fw_cfg.c index 8deb860fad..910ae143b3 100644 --- a/hw/nvram/fw_cfg.c +++ b/hw/nvram/fw_cfg.c @@ -332,14 +332,14 @@ static bool fw_cfg_comb_valid(void *opaque, hwaddr addr, static const MemoryRegionOps fw_cfg_ctl_mem_ops = { .write = fw_cfg_ctl_mem_write, - .endianness = DEVICE_NATIVE_ENDIAN, + .endianness = DEVICE_BIG_ENDIAN, .valid.accepts = fw_cfg_ctl_mem_valid, }; static const MemoryRegionOps fw_cfg_data_mem_ops = { .read = fw_cfg_data_mem_read, .write = fw_cfg_data_mem_write, - .endianness = DEVICE_NATIVE_ENDIAN, + .endianness = DEVICE_BIG_ENDIAN, .valid = { .min_access_size = 1, .max_access_size = 1, -- cgit v1.2.1 From ff6cff7554be06e95f8d712f66cd16bd6681c746 Mon Sep 17 00:00:00 2001 From: Paolo Bonzini Date: Mon, 22 Dec 2014 13:11:39 +0100 Subject: exec: allows 8-byte accesses in subpage_ops Otherwise fw_cfg accesses are split into 4-byte ones before they reach the fw_cfg ops / handlers. Signed-off-by: Paolo Bonzini Signed-off-by: Laszlo Ersek Signed-off-by: Paolo Bonzini Message-id: 1419250305-31062-6-git-send-email-pbonzini@redhat.com Signed-off-by: Peter Maydell --- exec.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/exec.c b/exec.c index c2ed10a2d6..9c3f3047d3 100644 --- a/exec.c +++ b/exec.c @@ -1768,7 +1768,7 @@ static uint64_t subpage_read(void *opaque, hwaddr addr, unsigned len) { subpage_t *subpage = opaque; - uint8_t buf[4]; + uint8_t buf[8]; #if defined(DEBUG_SUBPAGE) printf("%s: subpage %p len %u addr " TARGET_FMT_plx "\n", __func__, @@ -1782,6 +1782,8 @@ static uint64_t subpage_read(void *opaque, hwaddr addr, return lduw_p(buf); case 4: return ldl_p(buf); + case 8: + return ldq_p(buf); default: abort(); } @@ -1791,7 +1793,7 @@ static void subpage_write(void *opaque, hwaddr addr, uint64_t value, unsigned len) { subpage_t *subpage = opaque; - uint8_t buf[4]; + uint8_t buf[8]; #if defined(DEBUG_SUBPAGE) printf("%s: subpage %p len %u addr " TARGET_FMT_plx @@ -1808,6 +1810,9 @@ static void subpage_write(void *opaque, hwaddr addr, case 4: stl_p(buf, value); break; + case 8: + stq_p(buf, value); + break; default: abort(); } @@ -1830,6 +1835,10 @@ static bool subpage_accepts(void *opaque, hwaddr addr, static const MemoryRegionOps subpage_ops = { .read = subpage_read, .write = subpage_write, + .impl.min_access_size = 1, + .impl.max_access_size = 8, + .valid.min_access_size = 1, + .valid.max_access_size = 8, .valid.accepts = subpage_accepts, .endianness = DEVICE_NATIVE_ENDIAN, }; -- cgit v1.2.1 From cfaadf0e89e7c2a47462d5f96390c9a9b4de037c Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Mon, 22 Dec 2014 13:11:40 +0100 Subject: fw_cfg_mem: introduce the "data_width" property The "data_width" property is capable of changing the maximum valid access size to the MMIO data register, and resizes the memory region similarly, at device realization time. The default value of "data_memwidth" is set so that we don't yet diverge from "fw_cfg_data_mem_ops". Most of the fw_cfg_mem users will stick with the default, and for them we should continue using the statically allocated "fw_cfg_data_mem_ops". This is beneficial for debugging because gdb can resolve pointers referencing static objects to the names of those objects. Signed-off-by: Laszlo Ersek Signed-off-by: Paolo Bonzini Message-id: 1419250305-31062-7-git-send-email-pbonzini@redhat.com Signed-off-by: Peter Maydell --- hw/nvram/fw_cfg.c | 79 +++++++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 74 insertions(+), 5 deletions(-) diff --git a/hw/nvram/fw_cfg.c b/hw/nvram/fw_cfg.c index 910ae143b3..2950d6874b 100644 --- a/hw/nvram/fw_cfg.c +++ b/hw/nvram/fw_cfg.c @@ -77,6 +77,8 @@ struct FWCfgMemState { /*< public >*/ MemoryRegion ctl_iomem, data_iomem; + uint32_t data_width; + MemoryRegionOps wide_data_ops; }; #define JPG_FILE 0 @@ -284,13 +286,58 @@ static uint8_t fw_cfg_read(FWCfgState *s) static uint64_t fw_cfg_data_mem_read(void *opaque, hwaddr addr, unsigned size) { - return fw_cfg_read(opaque); + FWCfgState *s = opaque; + uint8_t buf[8]; + unsigned i; + + for (i = 0; i < size; ++i) { + buf[i] = fw_cfg_read(s); + } + switch (size) { + case 1: + return buf[0]; + case 2: + return lduw_he_p(buf); + case 4: + return (uint32_t)ldl_he_p(buf); + case 8: + return ldq_he_p(buf); + } + abort(); } static void fw_cfg_data_mem_write(void *opaque, hwaddr addr, uint64_t value, unsigned size) { - fw_cfg_write(opaque, (uint8_t)value); + FWCfgState *s = opaque; + uint8_t buf[8]; + unsigned i; + + switch (size) { + case 1: + buf[0] = value; + break; + case 2: + stw_he_p(buf, value); + break; + case 4: + stl_he_p(buf, value); + break; + case 8: + stq_he_p(buf, value); + break; + default: + abort(); + } + for (i = 0; i < size; ++i) { + fw_cfg_write(s, buf[i]); + } +} + +static bool fw_cfg_data_mem_valid(void *opaque, hwaddr addr, + unsigned size, bool is_write) +{ + return addr == 0; } static void fw_cfg_ctl_mem_write(void *opaque, hwaddr addr, @@ -343,6 +390,7 @@ static const MemoryRegionOps fw_cfg_data_mem_ops = { .valid = { .min_access_size = 1, .max_access_size = 1, + .accepts = fw_cfg_data_mem_valid, }, }; @@ -621,6 +669,9 @@ FWCfgState *fw_cfg_init_mem(hwaddr ctl_addr, hwaddr data_addr) SysBusDevice *sbd; dev = qdev_create(NULL, TYPE_FW_CFG_MEM); + qdev_prop_set_uint32(dev, "data_width", + fw_cfg_data_mem_ops.valid.max_access_size); + fw_cfg_init1(dev); sbd = SYS_BUS_DEVICE(dev); @@ -683,18 +734,35 @@ static const TypeInfo fw_cfg_io_info = { }; +static Property fw_cfg_mem_properties[] = { + DEFINE_PROP_UINT32("data_width", FWCfgMemState, data_width, -1), + DEFINE_PROP_END_OF_LIST(), +}; + static void fw_cfg_mem_realize(DeviceState *dev, Error **errp) { FWCfgMemState *s = FW_CFG_MEM(dev); SysBusDevice *sbd = SYS_BUS_DEVICE(dev); + const MemoryRegionOps *data_ops = &fw_cfg_data_mem_ops; memory_region_init_io(&s->ctl_iomem, OBJECT(s), &fw_cfg_ctl_mem_ops, FW_CFG(s), "fwcfg.ctl", FW_CFG_SIZE); sysbus_init_mmio(sbd, &s->ctl_iomem); - memory_region_init_io(&s->data_iomem, OBJECT(s), &fw_cfg_data_mem_ops, - FW_CFG(s), "fwcfg.data", - fw_cfg_data_mem_ops.valid.max_access_size); + if (s->data_width > data_ops->valid.max_access_size) { + /* memberwise copy because the "old_mmio" member is const */ + s->wide_data_ops.read = data_ops->read; + s->wide_data_ops.write = data_ops->write; + s->wide_data_ops.endianness = data_ops->endianness; + s->wide_data_ops.valid = data_ops->valid; + s->wide_data_ops.impl = data_ops->impl; + + s->wide_data_ops.valid.max_access_size = s->data_width; + s->wide_data_ops.impl.max_access_size = s->data_width; + data_ops = &s->wide_data_ops; + } + memory_region_init_io(&s->data_iomem, OBJECT(s), data_ops, FW_CFG(s), + "fwcfg.data", data_ops->valid.max_access_size); sysbus_init_mmio(sbd, &s->data_iomem); } @@ -703,6 +771,7 @@ static void fw_cfg_mem_class_init(ObjectClass *klass, void *data) DeviceClass *dc = DEVICE_CLASS(klass); dc->realize = fw_cfg_mem_realize; + dc->props = fw_cfg_mem_properties; } static const TypeInfo fw_cfg_mem_info = { -- cgit v1.2.1 From 6c87e3d5967a1d731b5f591a8f0ee6c319c14ca8 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Mon, 22 Dec 2014 13:11:41 +0100 Subject: fw_cfg_mem: expose the "data_width" property with fw_cfg_init_mem_wide() We rebase fw_cfg_init_mem() to the new function for compatibility with current callers. The behavior of the (big endian) multi-byte data reads is best shown with a qtest session. Here, we are reading the first six bytes of the UUID $ arm-softmmu/qemu-system-arm -M virt -machine accel=qtest \ -qtest stdio -uuid 4600cb32-38ec-4b2f-8acb-81c6ea54f2d8 >>> writew 0x9020008 0x0200 <<< OK >>> readl 0x9020000 <<< OK 0x000000004600cb32 Remember this is big endian. On big endian machines, it is stored directly as 0x46 0x00 0xcb 0x32. On a little endian machine, we have to first swap it, so that it becomes 0x32cb0046. When written to memory, it becomes 0x46 0x00 0xcb 0x32 again. Reading byte-by-byte works too, of course: >>> readb 0x9020000 <<< OK 0x0000000000000038 >>> readb 0x9020000 <<< OK 0x00000000000000ec Here only a single byte is read at a time, so they are read in order similar to the 1-byte data port that is already in PPC and SPARC machines. Signed-off-by: Laszlo Ersek Signed-off-by: Paolo Bonzini Message-id: 1419250305-31062-8-git-send-email-pbonzini@redhat.com Signed-off-by: Peter Maydell --- hw/nvram/fw_cfg.c | 12 +++++++++--- include/hw/nvram/fw_cfg.h | 2 ++ 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/hw/nvram/fw_cfg.c b/hw/nvram/fw_cfg.c index 2950d6874b..fcdf821c31 100644 --- a/hw/nvram/fw_cfg.c +++ b/hw/nvram/fw_cfg.c @@ -663,14 +663,14 @@ FWCfgState *fw_cfg_init_io(uint32_t iobase) return FW_CFG(dev); } -FWCfgState *fw_cfg_init_mem(hwaddr ctl_addr, hwaddr data_addr) +FWCfgState *fw_cfg_init_mem_wide(hwaddr ctl_addr, hwaddr data_addr, + uint32_t data_width) { DeviceState *dev; SysBusDevice *sbd; dev = qdev_create(NULL, TYPE_FW_CFG_MEM); - qdev_prop_set_uint32(dev, "data_width", - fw_cfg_data_mem_ops.valid.max_access_size); + qdev_prop_set_uint32(dev, "data_width", data_width); fw_cfg_init1(dev); @@ -681,6 +681,12 @@ FWCfgState *fw_cfg_init_mem(hwaddr ctl_addr, hwaddr data_addr) return FW_CFG(dev); } +FWCfgState *fw_cfg_init_mem(hwaddr ctl_addr, hwaddr data_addr) +{ + return fw_cfg_init_mem_wide(ctl_addr, data_addr, + fw_cfg_data_mem_ops.valid.max_access_size); +} + FWCfgState *fw_cfg_find(void) { diff --git a/include/hw/nvram/fw_cfg.h b/include/hw/nvram/fw_cfg.h index a99586edd6..6d8a8ac564 100644 --- a/include/hw/nvram/fw_cfg.h +++ b/include/hw/nvram/fw_cfg.h @@ -80,6 +80,8 @@ void *fw_cfg_modify_file(FWCfgState *s, const char *filename, void *data, size_t len); FWCfgState *fw_cfg_init_io(uint32_t iobase); FWCfgState *fw_cfg_init_mem(hwaddr ctl_addr, hwaddr data_addr); +FWCfgState *fw_cfg_init_mem_wide(hwaddr ctl_addr, hwaddr data_addr, + uint32_t data_width); FWCfgState *fw_cfg_find(void); -- cgit v1.2.1 From 578f3c7b083514b4fec0bf8fa0617934cdbdf826 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Mon, 22 Dec 2014 13:11:42 +0100 Subject: arm: add fw_cfg to "virt" board fw_cfg already supports exposure over MMIO (used in ppc/mac_newworld.c, ppc/mac_oldworld.c, sparc/sun4m.c); we can easily add it to the "virt" board. Because MMIO access is slow on ARM KVM, we enable the guest, with fw_cfg_init_mem_wide(), to transfer up to 8 bytes with a single access. This has been measured to speed up transfers up to 7.5-fold, relative to single byte data access, on both ARM KVM and x86_64 TCG. The MMIO register block of fw_cfg is advertized in the device tree. As base address we pick 0x09020000, which conforms to the comment preceding "a15memmap": it falls in the miscellaneous device I/O range 128MB..256MB, and it is aligned at 64KB. The DTB properties follow the documentation in the Linux source file "Documentation/devicetree/bindings/arm/fw-cfg.txt". fw_cfg automatically exports a number of files to the guest; for example, "bootorder" (see fw_cfg_machine_reset()). Signed-off-by: Laszlo Ersek Reviewed-by: Peter Maydell Signed-off-by: Paolo Bonzini Message-id: 1419250305-31062-9-git-send-email-pbonzini@redhat.com Signed-off-by: Peter Maydell --- hw/arm/virt.c | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/hw/arm/virt.c b/hw/arm/virt.c index a9e13cae9e..183bf2023d 100644 --- a/hw/arm/virt.c +++ b/hw/arm/virt.c @@ -68,6 +68,7 @@ enum { VIRT_UART, VIRT_MMIO, VIRT_RTC, + VIRT_FW_CFG, }; typedef struct MemMapEntry { @@ -125,6 +126,7 @@ static const MemMapEntry a15memmap[] = { [VIRT_GIC_CPU] = { 0x08010000, 0x00010000 }, [VIRT_UART] = { 0x09000000, 0x00001000 }, [VIRT_RTC] = { 0x09010000, 0x00001000 }, + [VIRT_FW_CFG] = { 0x09020000, 0x0000000a }, [VIRT_MMIO] = { 0x0a000000, 0x00000200 }, /* ...repeating for a total of NUM_VIRTIO_TRANSPORTS, each of that size */ /* 0x10000000 .. 0x40000000 reserved for PCI */ @@ -537,6 +539,23 @@ static void create_flash(const VirtBoardInfo *vbi) g_free(nodename); } +static void create_fw_cfg(const VirtBoardInfo *vbi) +{ + hwaddr base = vbi->memmap[VIRT_FW_CFG].base; + hwaddr size = vbi->memmap[VIRT_FW_CFG].size; + char *nodename; + + fw_cfg_init_mem_wide(base + 8, base, 8); + + nodename = g_strdup_printf("/fw-cfg@%" PRIx64, base); + qemu_fdt_add_subnode(vbi->fdt, nodename); + qemu_fdt_setprop_string(vbi->fdt, nodename, + "compatible", "qemu,fw-cfg-mmio"); + qemu_fdt_setprop_sized_cells(vbi->fdt, nodename, "reg", + 2, base, 2, size); + g_free(nodename); +} + static void *machvirt_dtb(const struct arm_boot_info *binfo, int *fdt_size) { const VirtBoardInfo *board = (const VirtBoardInfo *)binfo; @@ -627,6 +646,8 @@ static void machvirt_init(MachineState *machine) */ create_virtio_devices(vbi, pic); + create_fw_cfg(vbi); + vbi->bootinfo.ram_size = machine->ram_size; vbi->bootinfo.kernel_filename = machine->kernel_filename; vbi->bootinfo.kernel_cmdline = machine->kernel_cmdline; -- cgit v1.2.1 From 7d48a0f7217474899c5f5920b21f4cfdf4efa8d1 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Mon, 22 Dec 2014 13:11:43 +0100 Subject: hw/loader: split out load_image_gzipped_buffer() In the next patch we'd like to reuse the image decompression facility without installing the output as a ROM at a specific guest-phys address. In addition, expose LOAD_IMAGE_MAX_GUNZIP_BYTES, because that's a straightforward "max_sz" argument for the new load_image_gzipped_buffer(). Signed-off-by: Laszlo Ersek Reviewed-by: Peter Maydell Signed-off-by: Paolo Bonzini Message-id: 1419250305-31062-10-git-send-email-pbonzini@redhat.com Signed-off-by: Peter Maydell --- hw/core/loader.c | 30 +++++++++++++++++++++--------- include/hw/loader.h | 9 +++++++++ 2 files changed, 30 insertions(+), 9 deletions(-) diff --git a/hw/core/loader.c b/hw/core/loader.c index 7527fd3036..f2b34da240 100644 --- a/hw/core/loader.c +++ b/hw/core/loader.c @@ -614,14 +614,9 @@ int load_ramdisk(const char *filename, hwaddr addr, uint64_t max_sz) NULL, NULL); } -/* This simply prevents g_malloc in the function below from allocating - * a huge amount of memory, by placing a limit on the maximum - * uncompressed image size that load_image_gzipped will read. - */ -#define LOAD_IMAGE_MAX_GUNZIP_BYTES (256 << 20) - -/* Load a gzip-compressed kernel. */ -int load_image_gzipped(const char *filename, hwaddr addr, uint64_t max_sz) +/* Load a gzip-compressed kernel to a dynamically allocated buffer. */ +int load_image_gzipped_buffer(const char *filename, uint64_t max_sz, + uint8_t **buffer) { uint8_t *compressed_data = NULL; uint8_t *data = NULL; @@ -653,8 +648,11 @@ int load_image_gzipped(const char *filename, hwaddr addr, uint64_t max_sz) goto out; } - rom_add_blob_fixed(filename, data, bytes, addr); + /* trim to actual size and return to caller */ + *buffer = g_realloc(data, bytes); ret = bytes; + /* ownership has been transferred to caller */ + data = NULL; out: g_free(compressed_data); @@ -662,6 +660,20 @@ int load_image_gzipped(const char *filename, hwaddr addr, uint64_t max_sz) return ret; } +/* Load a gzip-compressed kernel. */ +int load_image_gzipped(const char *filename, hwaddr addr, uint64_t max_sz) +{ + int bytes; + uint8_t *data; + + bytes = load_image_gzipped_buffer(filename, max_sz, &data); + if (bytes != -1) { + rom_add_blob_fixed(filename, data, bytes, addr); + g_free(data); + } + return bytes; +} + /* * Functions for reboot-persistent memory regions. * - used for vga bios and option roms. diff --git a/include/hw/loader.h b/include/hw/loader.h index 64816395dc..899762019f 100644 --- a/include/hw/loader.h +++ b/include/hw/loader.h @@ -16,6 +16,15 @@ int load_image(const char *filename, uint8_t *addr); /* deprecated */ ssize_t load_image_size(const char *filename, void *addr, size_t size); int load_image_targphys(const char *filename, hwaddr, uint64_t max_sz); + +/* This is the limit on the maximum uncompressed image size that + * load_image_gzipped_buffer() and load_image_gzipped() will read. It prevents + * g_malloc() in those functions from allocating a huge amount of memory. + */ +#define LOAD_IMAGE_MAX_GUNZIP_BYTES (256 << 20) + +int load_image_gzipped_buffer(const char *filename, uint64_t max_sz, + uint8_t **buffer); int load_image_gzipped(const char *filename, hwaddr addr, uint64_t max_sz); #define ELF_LOAD_FAILED -1 -- cgit v1.2.1 From 07abe45c4814d42f3aca879d7932c5bc90d98bdf Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Mon, 22 Dec 2014 13:11:44 +0100 Subject: hw/arm: pass pristine kernel image to guest firmware over fw_cfg Introduce the new boolean field "arm_boot_info.firmware_loaded". When this field is set, it means that the portion of guest DRAM that the VCPU normally starts to execute, or the pflash chip that the VCPU normally starts to execute, has been populated by board-specific code with full-fledged guest firmware code, before the board calls arm_load_kernel(). Simultaneously, "arm_boot_info.firmware_loaded" guarantees that the board code has set up the global firmware config instance, for arm_load_kernel() to find with fw_cfg_find(). Guest kernel (-kernel) and guest firmware (-bios, -pflash) has always been possible to specify independently on the command line. The following cases should be considered: nr -bios -pflash -kernel description unit#0 -- ------- ------- ------- ------------------------------------------- 1 present present absent Board code rejects this case, -bios and present present present -pflash unit#0 are exclusive. Left intact by this patch. 2 absent absent present Traditional kernel loading, with qemu's minimal board firmware. Left intact by this patch. 3 absent present absent Preexistent case for booting guest firmware present absent absent loaded with -bios or -pflash. Left intact by this patch. 4 absent absent absent Preexistent case for not loading any firmware or kernel up-front. Left intact by this patch. 5 present absent present New case introduced by this patch: kernel absent present present image is passed to externally loaded firmware in unmodified form, using fw_cfg. An easy way to see that this patch doesn't interfere with existing cases is to realize that "info->firmware_loaded" is constant zero at this point. Which makes the "outer" condition unchanged, and the "inner" condition (with the fw_cfg-related code) dead. Signed-off-by: Laszlo Ersek Signed-off-by: Paolo Bonzini Message-id: 1419250305-31062-11-git-send-email-pbonzini@redhat.com Signed-off-by: Peter Maydell --- hw/arm/boot.c | 88 +++++++++++++++++++++++++++++++++++++++++++++++++--- include/hw/arm/arm.h | 5 +++ 2 files changed, 88 insertions(+), 5 deletions(-) diff --git a/hw/arm/boot.c b/hw/arm/boot.c index c8d1d4e147..52ebd8be9b 100644 --- a/hw/arm/boot.c +++ b/hw/arm/boot.c @@ -488,6 +488,55 @@ static void do_cpu_reset(void *opaque) } } +/** + * load_image_to_fw_cfg() - Load an image file into an fw_cfg entry identified + * by key. + * @fw_cfg: The firmware config instance to store the data in. + * @size_key: The firmware config key to store the size of the loaded + * data under, with fw_cfg_add_i32(). + * @data_key: The firmware config key to store the loaded data under, + * with fw_cfg_add_bytes(). + * @image_name: The name of the image file to load. If it is NULL, the + * function returns without doing anything. + * @try_decompress: Whether the image should be decompressed (gunzipped) before + * adding it to fw_cfg. If decompression fails, the image is + * loaded as-is. + * + * In case of failure, the function prints an error message to stderr and the + * process exits with status 1. + */ +static void load_image_to_fw_cfg(FWCfgState *fw_cfg, uint16_t size_key, + uint16_t data_key, const char *image_name, + bool try_decompress) +{ + size_t size = -1; + uint8_t *data; + + if (image_name == NULL) { + return; + } + + if (try_decompress) { + size = load_image_gzipped_buffer(image_name, + LOAD_IMAGE_MAX_GUNZIP_BYTES, &data); + } + + if (size == (size_t)-1) { + gchar *contents; + gsize length; + + if (!g_file_get_contents(image_name, &contents, &length, NULL)) { + fprintf(stderr, "failed to load \"%s\"\n", image_name); + exit(1); + } + size = length; + data = (uint8_t *)contents; + } + + fw_cfg_add_i32(fw_cfg, size_key, size); + fw_cfg_add_bytes(fw_cfg, data_key, data, size); +} + void arm_load_kernel(ARMCPU *cpu, struct arm_boot_info *info) { CPUState *cs; @@ -510,19 +559,48 @@ void arm_load_kernel(ARMCPU *cpu, struct arm_boot_info *info) } /* Load the kernel. */ - if (!info->kernel_filename) { + if (!info->kernel_filename || info->firmware_loaded) { if (have_dtb(info)) { - /* If we have a device tree blob, but no kernel to supply it to, - * copy it to the base of RAM for a bootloader to pick up. + /* If we have a device tree blob, but no kernel to supply it to (or + * the kernel is supposed to be loaded by the bootloader), copy the + * DTB to the base of RAM for the bootloader to pick up. */ if (load_dtb(info->loader_start, info, 0) < 0) { exit(1); } } - /* If no kernel specified, do nothing; we will start from address 0 - * (typically a boot ROM image) in the same way as hardware. + if (info->kernel_filename) { + FWCfgState *fw_cfg; + bool try_decompressing_kernel; + + fw_cfg = fw_cfg_find(); + try_decompressing_kernel = arm_feature(&cpu->env, + ARM_FEATURE_AARCH64); + + /* Expose the kernel, the command line, and the initrd in fw_cfg. + * We don't process them here at all, it's all left to the + * firmware. + */ + load_image_to_fw_cfg(fw_cfg, + FW_CFG_KERNEL_SIZE, FW_CFG_KERNEL_DATA, + info->kernel_filename, + try_decompressing_kernel); + load_image_to_fw_cfg(fw_cfg, + FW_CFG_INITRD_SIZE, FW_CFG_INITRD_DATA, + info->initrd_filename, false); + + if (info->kernel_cmdline) { + fw_cfg_add_i32(fw_cfg, FW_CFG_CMDLINE_SIZE, + strlen(info->kernel_cmdline) + 1); + fw_cfg_add_string(fw_cfg, FW_CFG_CMDLINE_DATA, + info->kernel_cmdline); + } + } + + /* We will start from address 0 (typically a boot ROM image) in the + * same way as hardware. */ return; } diff --git a/include/hw/arm/arm.h b/include/hw/arm/arm.h index e5a5d8c328..c4bf56d44f 100644 --- a/include/hw/arm/arm.h +++ b/include/hw/arm/arm.h @@ -70,6 +70,11 @@ struct arm_boot_info { hwaddr initrd_start; hwaddr initrd_size; hwaddr entry; + + /* Boot firmware has been loaded, typically at address 0, with -bios or + * -pflash. It also implies that fw_cfg_find() will succeed. + */ + bool firmware_loaded; }; void arm_load_kernel(ARMCPU *cpu, struct arm_boot_info *info); -- cgit v1.2.1 From aa351061dbb0e3054db11c00a69395785c4186c8 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Mon, 22 Dec 2014 13:11:45 +0100 Subject: hw/arm/virt: enable passing of EFI-stubbed kernel to guest UEFI firmware The virt board already ensures mutual exclusion between -bios and -pflash unit#0; we only need to set "bootinfo.firmware_loaded", introduced in the previous patch, if either of those options was used to load the guest firmware. Signed-off-by: Laszlo Ersek Reviewed-by: Peter Maydell Signed-off-by: Paolo Bonzini Message-id: 1419250305-31062-12-git-send-email-pbonzini@redhat.com Signed-off-by: Peter Maydell --- hw/arm/virt.c | 1 + 1 file changed, 1 insertion(+) diff --git a/hw/arm/virt.c b/hw/arm/virt.c index 183bf2023d..235344034d 100644 --- a/hw/arm/virt.c +++ b/hw/arm/virt.c @@ -656,6 +656,7 @@ static void machvirt_init(MachineState *machine) vbi->bootinfo.board_id = -1; vbi->bootinfo.loader_start = vbi->memmap[VIRT_MEM].base; vbi->bootinfo.get_dtb = machvirt_dtb; + vbi->bootinfo.firmware_loaded = bios_name || drive_get(IF_PFLASH, 0, 0); arm_load_kernel(ARM_CPU(first_cpu), &vbi->bootinfo); } -- cgit v1.2.1