Merge tag 'pull-target-arm-20231113' of https://git.linaro.org/people/pmaydell/qemu-arm into staging
target-arm queue:
* hw/arm/virt: fix GIC maintenance IRQ registration
* target/arm: HVC at EL3 should go to EL3, not EL2
* target/arm: Correct MTE tag checking for reverse-copy MOPS
* target/arm/tcg: enable PMU feature for Cortex-A8 and A9
# -----BEGIN PGP SIGNATURE-----
#
# iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmVSYL0ZHHBldGVyLm1h
# eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3iLND/99dZKHgNJx1k7aeGX8t4lU
# MTU0AsFndpx/WjWbviyfrO17B0FIi6kwhggDk2cXrXF26eBFcx5ruJ6sw9R1ZvsV
# y6Z1rhjd+skj3PMxGMU/I0XeR3TXJNo2eLAeKyPy4W75+5I0zT4PMEPJ05WylVTs
# RXuAhlyCXX9uTT2ILtGRiThpRrgnzGE3DU2Ry32s0+qjYq5U89J0+0kYPg6VFg29
# Lfj4zCwVu3/xX7Me+b84bTDxlQD4LSGdibscd0aCiMyamzfLl/naoDLvFIia/Q7h
# 4epcw3Bu+3nTicg70i9k6iNP4nDXPO9V2dbopJVd9wcgPBXicyoDrLA8CQdp+04v
# /vHT9+IZ4pFUcUp1+A9s6CcSMDeYOSPrQsd96HwaTtw/RjpxhLKC6EEpswpr5d4q
# SBU5I6lUe47HuwLxPpqucwNk/o4/9PZKBDSI1SUKoLPVyOvSS0sxJlTdQCyHCgmU
# ogjnFnw9J16X/GOWzS3tUD+9GS8s7WqJHyFl0t5ngvvamFTdquPFSFXQfZMTwAU1
# vVSam4oi51ON2sVjkR7Pn7BrTBE1QnsudB8Sc9If/LGhFSuNUKlj13+pWrGMty+n
# q9fFS5MuNlvVehX3mr+i4PA6WWYCZ0wHzTvXtYxKkyu1CZi53r9H1pZPwb6URjUt
# ceyJngaQH5dgtkVgCNSoRQ==
# =4D8I
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon 13 Nov 2023 12:45:33 EST
# gpg: using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg: issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [full]
# gpg: aka "Peter Maydell <pmaydell@gmail.com>" [full]
# gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [full]
# gpg: aka "Peter Maydell <peter@archaic.org.uk>" [unknown]
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83 15CF 3C25 25ED 1436 0CDE
* tag 'pull-target-arm-20231113' of https://git.linaro.org/people/pmaydell/qemu-arm:
target/arm/tcg: enable PMU feature for Cortex-A8 and A9
target/arm: Correct MTE tag checking for reverse-copy MOPS
target/arm: HVC at EL3 should go to EL3, not EL2
hw/arm/virt: fix GIC maintenance IRQ registration
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
index 85e3c5b..be2856c 100644
--- a/hw/arm/virt.c
+++ b/hw/arm/virt.c
@@ -576,7 +576,8 @@
if (vms->virt) {
qemu_fdt_setprop_cells(ms->fdt, nodename, "interrupts",
- GIC_FDT_IRQ_TYPE_PPI, ARCH_GIC_MAINT_IRQ,
+ GIC_FDT_IRQ_TYPE_PPI,
+ INTID_TO_PPI(ARCH_GIC_MAINT_IRQ),
GIC_FDT_IRQ_FLAGS_LEVEL_HI);
}
} else {
@@ -600,7 +601,8 @@
2, vms->memmap[VIRT_GIC_VCPU].base,
2, vms->memmap[VIRT_GIC_VCPU].size);
qemu_fdt_setprop_cells(ms->fdt, nodename, "interrupts",
- GIC_FDT_IRQ_TYPE_PPI, ARCH_GIC_MAINT_IRQ,
+ GIC_FDT_IRQ_TYPE_PPI,
+ INTID_TO_PPI(ARCH_GIC_MAINT_IRQ),
GIC_FDT_IRQ_FLAGS_LEVEL_HI);
}
}
diff --git a/target/arm/tcg/cpu32.c b/target/arm/tcg/cpu32.c
index 0d5d8e3..d9e0e2a 100644
--- a/target/arm/tcg/cpu32.c
+++ b/target/arm/tcg/cpu32.c
@@ -351,6 +351,7 @@
set_feature(&cpu->env, ARM_FEATURE_THUMB2EE);
set_feature(&cpu->env, ARM_FEATURE_DUMMY_C15_REGS);
set_feature(&cpu->env, ARM_FEATURE_EL3);
+ set_feature(&cpu->env, ARM_FEATURE_PMU);
cpu->midr = 0x410fc080;
cpu->reset_fpsid = 0x410330c0;
cpu->isar.mvfr0 = 0x11110222;
@@ -418,6 +419,7 @@
set_feature(&cpu->env, ARM_FEATURE_NEON);
set_feature(&cpu->env, ARM_FEATURE_THUMB2EE);
set_feature(&cpu->env, ARM_FEATURE_EL3);
+ set_feature(&cpu->env, ARM_FEATURE_PMU);
/*
* Note that A9 supports the MP extensions even for
* A9UP and single-core A9MP (which are both different
diff --git a/target/arm/tcg/mte_helper.c b/target/arm/tcg/mte_helper.c
index 70ac876..ffb8ea1 100644
--- a/target/arm/tcg/mte_helper.c
+++ b/target/arm/tcg/mte_helper.c
@@ -1101,10 +1101,18 @@
uint32_t n;
mmu_idx = FIELD_EX32(desc, MTEDESC, MIDX);
- /* True probe; this will never fault */
+ /*
+ * True probe; this will never fault. Note that our caller passes
+ * us a pointer to the end of the region, but allocation_tag_mem_probe()
+ * wants a pointer to the start. Because we know we don't span a page
+ * boundary and that allocation_tag_mem_probe() doesn't otherwise care
+ * about the size, pass in a size of 1 byte. This is simpler than
+ * adjusting the ptr to point to the start of the region and then having
+ * to adjust the returned 'mem' to get the end of the tag memory.
+ */
mem = allocation_tag_mem_probe(env, mmu_idx, ptr,
w ? MMU_DATA_STORE : MMU_DATA_LOAD,
- size, MMU_DATA_LOAD, true, 0);
+ 1, MMU_DATA_LOAD, true, 0);
if (!mem) {
return size;
}
diff --git a/target/arm/tcg/translate-a64.c b/target/arm/tcg/translate-a64.c
index 41484d8..a2e49c3 100644
--- a/target/arm/tcg/translate-a64.c
+++ b/target/arm/tcg/translate-a64.c
@@ -2351,6 +2351,8 @@
static bool trans_HVC(DisasContext *s, arg_i *a)
{
+ int target_el = s->current_el == 3 ? 3 : 2;
+
if (s->current_el == 0) {
unallocated_encoding(s);
return true;
@@ -2363,7 +2365,7 @@
gen_helper_pre_hvc(tcg_env);
/* Architecture requires ss advance before we do the actual work */
gen_ss_advance(s);
- gen_exception_insn_el(s, 4, EXCP_HVC, syn_aa64_hvc(a->imm), 2);
+ gen_exception_insn_el(s, 4, EXCP_HVC, syn_aa64_hvc(a->imm), target_el);
return true;
}
