diff options
26 files changed, 326 insertions, 147 deletions
diff --git a/MAINTAINERS b/MAINTAINERS index e47bf8cf28..68bc160f41 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -158,6 +158,7 @@ F: disas/arm.c F: disas/arm-a64.cc F: disas/libvixl/ F: docs/system/target-arm.rst +F: docs/system/arm/cpu-features.rst ARM SMMU M: Eric Auger <eric.auger@redhat.com> @@ -558,7 +559,7 @@ S: Maintained F: hw/*/allwinner-h3* F: include/hw/*/allwinner-h3* F: hw/arm/orangepi.c -F: docs/system/orangepi.rst +F: docs/system/arm/orangepi.rst ARM PrimeCell and CMSDK devices M: Peter Maydell <peter.maydell@linaro.org> @@ -762,6 +763,7 @@ F: include/hw/*/npcm7xx* F: tests/qtest/npcm7xx* F: pc-bios/npcm7xx_bootrom.bin F: roms/vbootrom +F: docs/system/arm/nuvoton.rst nSeries M: Andrzej Zaborowski <balrogg@gmail.com> @@ -801,6 +803,7 @@ F: hw/arm/raspi_platform.h F: hw/*/bcm283* F: include/hw/arm/raspi* F: include/hw/*/bcm283* +F: docs/system/arm/raspi.rst Real View M: Peter Maydell <peter.maydell@linaro.org> @@ -855,6 +858,7 @@ R: Leif Lindholm <leif@nuviainc.com> L: qemu-arm@nongnu.org S: Maintained F: hw/arm/sbsa-ref.c +F: docs/system/arm/sbsa.rst Sharp SL-5500 (Collie) PDA M: Peter Maydell <peter.maydell@linaro.org> @@ -999,6 +1003,7 @@ F: include/hw/*/*aspeed* F: include/hw/misc/pca9552*.h F: hw/net/ftgmac100.c F: include/hw/net/ftgmac100.h +F: docs/system/arm/aspeed.rst NRF51 M: Joel Stanley <joel@jms.id.au> @@ -1603,6 +1608,7 @@ L: qemu-arm@nongnu.org S: Maintained F: hw/*/omap* F: include/hw/arm/omap.h +F: docs/system/arm/sx1.rst IPack M: Alberto Garcia <berto@igalia.com> diff --git a/docs/meson.build b/docs/meson.build index bf8204a08f..ebd85d59f9 100644 --- a/docs/meson.build +++ b/docs/meson.build @@ -60,6 +60,7 @@ if build_docs 'tools': { 'qemu-img.1': (have_tools ? 'man1' : ''), 'qemu-nbd.8': (have_tools ? 'man8' : ''), + 'qemu-pr-helper.8': (have_tools ? 'man8' : ''), 'qemu-trace-stap.1': (config_host.has_key('CONFIG_TRACE_SYSTEMTAP') ? 'man1' : ''), 'virtfs-proxy-helper.1': (have_virtfs_proxy_helper ? 'man1' : ''), 'virtiofsd.1': (have_virtiofsd ? 'man1' : ''), diff --git a/docs/system/arm/aspeed.rst b/docs/system/arm/aspeed.rst index b7a176659c..690bada784 100644 --- a/docs/system/arm/aspeed.rst +++ b/docs/system/arm/aspeed.rst @@ -47,6 +47,7 @@ Supported devices * GPIO Controller (Master only) * UART * Ethernet controllers + * Front LEDs (PCA9552 on I2C bus) Missing devices diff --git a/docs/system/arm/raspi.rst b/docs/system/arm/raspi.rst new file mode 100644 index 0000000000..922fe375a6 --- /dev/null +++ b/docs/system/arm/raspi.rst @@ -0,0 +1,43 @@ +Raspberry Pi boards (``raspi0``, ``raspi1ap``, ``raspi2b``, ``raspi3ap``, ``raspi3b``) +====================================================================================== + + +QEMU provides models of the following Raspberry Pi boards: + +``raspi0`` and ``raspi1ap`` + ARM1176JZF-S core, 512 MiB of RAM +``raspi2b`` + Cortex-A7 (4 cores), 1 GiB of RAM +``raspi3ap`` + Cortex-A53 (4 cores), 512 MiB of RAM +``raspi3b`` + Cortex-A53 (4 cores), 1 GiB of RAM + + +Implemented devices +------------------- + + * ARM1176JZF-S, Cortex-A7 or Cortex-A53 CPU + * Interrupt controller + * DMA controller + * Clock and reset controller (CPRMAN) + * System Timer + * GPIO controller + * Serial ports (BCM2835 AUX - 16550 based - and PL011) + * Random Number Generator (RNG) + * Frame Buffer + * USB host (USBH) + * GPIO controller + * SD/MMC host controller + * SoC thermal sensor + * USB2 host controller (DWC2 and MPHI) + * MailBox controller (MBOX) + * VideoCore firmware (property) + + +Missing devices +--------------- + + * Peripheral SPI controller (SPI) + * Analog to Digital Converter (ADC) + * Pulse Width Modulation (PWM) diff --git a/docs/system/arm/xscale.rst b/docs/system/arm/xscale.rst index 89ec93e904..d2d5949e10 100644 --- a/docs/system/arm/xscale.rst +++ b/docs/system/arm/xscale.rst @@ -1,16 +1,22 @@ -Sharp XScale-based PDA models (``akita``, ``borzoi``, ``spitz``, ``terrier``) -============================================================================= +Sharp XScale-based PDA models (``akita``, ``borzoi``, ``spitz``, ``terrier``, ``tosa``) +======================================================================================= -The XScale-based clamshell PDA models (\"Spitz\", \"Akita\", \"Borzoi\" -and \"Terrier\") emulation includes the following peripherals: +The Sharp Zaurus are PDAs based on XScale, able to run Linux ('SL series'). -- Intel PXA270 System-on-chip (ARMv5TE core) +The SL-6000 (\"Tosa\"), released in 2005, uses a PXA255 System-on-chip. -- NAND Flash memory +The SL-C3000 (\"Spitz\"), SL-C1000 (\"Akita\"), SL-C3100 (\"Borzoi\") and +SL-C3200 (\"Terrier\") use a PXA270. + +The clamshell PDA models emulation includes the following peripherals: + +- Intel PXA255/PXA270 System-on-chip (ARMv5TE core) + +- NAND Flash memory - not in \"Tosa\" - IBM/Hitachi DSCM microdrive in a PXA PCMCIA slot - not in \"Akita\" -- On-chip OHCI USB controller +- On-chip OHCI USB controller - not in \"Tosa\" - On-chip LCD controller diff --git a/docs/cpu-hotplug.rst b/docs/system/cpu-hotplug.rst index d0b06403f1..d0b06403f1 100644 --- a/docs/cpu-hotplug.rst +++ b/docs/system/cpu-hotplug.rst diff --git a/docs/system/deprecated.rst b/docs/system/deprecated.rst index d98464098f..565389697e 100644 --- a/docs/system/deprecated.rst +++ b/docs/system/deprecated.rst @@ -346,6 +346,13 @@ This machine has been renamed ``fuloong2e``. These machine types are very old and likely can not be used for live migration from old QEMU versions anymore. A newer machine type should be used instead. +Raspberry Pi ``raspi2`` and ``raspi3`` machines (since 5.2) +''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' + +The Raspberry Pi machines come in various models (A, A+, B, B+). To be able +to distinguish which model QEMU is implementing, the ``raspi2`` and ``raspi3`` +machines have been renamed ``raspi2b`` and ``raspi3b``. + Device options -------------- diff --git a/docs/microvm.rst b/docs/system/i386/microvm.rst index fcf41fc1f6..1675e37d3e 100644 --- a/docs/microvm.rst +++ b/docs/system/i386/microvm.rst @@ -1,6 +1,5 @@ -==================== -microvm Machine Type -==================== +'microvm' virtual platform (``microvm``) +======================================== ``microvm`` is a machine type inspired by ``Firecracker`` and constructed after its machine model. diff --git a/docs/system/i386/pc.rst b/docs/system/i386/pc.rst new file mode 100644 index 0000000000..d543c11a5c --- /dev/null +++ b/docs/system/i386/pc.rst @@ -0,0 +1,7 @@ +i440fx PC (``pc-i440fx``, ``pc``) +================================= + +Peripherals +~~~~~~~~~~~ + +.. include:: ../target-i386-desc.rst.inc diff --git a/docs/system/index.rst b/docs/system/index.rst index c0f685b818..e5a35817a2 100644 --- a/docs/system/index.rst +++ b/docs/system/index.rst @@ -21,6 +21,7 @@ Contents: monitor images net + virtio-net-failover usb ivshmem linuxboot @@ -28,6 +29,9 @@ Contents: tls gdb managed-startup + cpu-hotplug + virtio-pmem + pr-manager targets security deprecated diff --git a/docs/pr-manager.rst b/docs/system/pr-manager.rst index 9b1de198b1..b19a0c15e6 100644 --- a/docs/pr-manager.rst +++ b/docs/system/pr-manager.rst @@ -1,8 +1,8 @@ -====================================== +=============================== Persistent reservation managers -====================================== +=============================== -SCSI persistent Reservations allow restricting access to block devices +SCSI persistent reservations allow restricting access to block devices to specific initiators in a shared storage setup. When implementing clustering of virtual machines, it is a common requirement for virtual machines to send persistent reservation SCSI commands. However, @@ -50,39 +50,11 @@ Alternatively, using ``-blockdev``:: -blockdev node-name=hd,driver=raw,file.driver=host_device,file.filename=/dev/sdb,file.pr-manager=helper0 -device scsi-block,drive=hd ----------------------------------- -Invoking :program:`qemu-pr-helper` ----------------------------------- - -QEMU provides an implementation of the persistent reservation helper, -called :program:`qemu-pr-helper`. The helper should be started as a -system service and supports the following option: - --d, --daemon run in the background --q, --quiet decrease verbosity --v, --verbose increase verbosity --f, --pidfile=path PID file when running as a daemon --k, --socket=path path to the socket --T, --trace=trace-opts tracing options - -By default, the socket and PID file are placed in the runtime state -directory, for example :file:`/var/run/qemu-pr-helper.sock` and -:file:`/var/run/qemu-pr-helper.pid`. The PID file is not created -unless :option:`-d` is passed too. - -:program:`qemu-pr-helper` can also use the systemd socket activation -protocol. In this case, the systemd socket unit should specify a -Unix stream socket, like this:: - - [Socket] - ListenStream=/var/run/qemu-pr-helper.sock - -After connecting to the socket, :program:`qemu-pr-helper`` can optionally drop -root privileges, except for those capabilities that are needed for -its operation. To do this, add the following options: - --u, --user=user user to drop privileges to --g, --group=group group to drop privileges to +You will also need to ensure that the helper program +:command:`qemu-pr-helper` is running, and that it has been +set up to use the same socket filename as your QEMU commandline +specifies. See the qemu-pr-helper documentation or manpage for +further details. --------------------------------------------- Multipath devices and persistent reservations diff --git a/docs/system/target-arm.rst b/docs/system/target-arm.rst index a0d5c57799..bde4b8e044 100644 --- a/docs/system/target-arm.rst +++ b/docs/system/target-arm.rst @@ -90,6 +90,7 @@ undocumented; you can get a complete list by running arm/nuvoton arm/orangepi arm/palm + arm/raspi arm/xscale arm/collie arm/sx1 diff --git a/docs/system/target-i386.rst b/docs/system/target-i386.rst index 51be03d881..22ba5ce2c0 100644 --- a/docs/system/target-i386.rst +++ b/docs/system/target-i386.rst @@ -1,14 +1,23 @@ .. _QEMU-PC-System-emulator: -x86 (PC) System emulator ------------------------- +x86 System emulator +------------------- .. _pcsys_005fdevices: -Peripherals -~~~~~~~~~~~ +Board-specific documentation +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -.. include:: target-i386-desc.rst.inc +.. + This table of contents should be kept sorted alphabetically + by the title text of each file, which isn't the same ordering + as an alphabetical sort by filename. + +.. toctree:: + :maxdepth: 1 + + i386/microvm + i386/pc .. include:: cpu-models-x86.rst.inc diff --git a/docs/virtio-net-failover.rst b/docs/system/virtio-net-failover.rst index 6002dc5d96..6002dc5d96 100644 --- a/docs/virtio-net-failover.rst +++ b/docs/system/virtio-net-failover.rst diff --git a/docs/system/virtio-pmem.rst b/docs/system/virtio-pmem.rst new file mode 100644 index 0000000000..c82ac06731 --- /dev/null +++ b/docs/system/virtio-pmem.rst @@ -0,0 +1,76 @@ + +=========== +virtio pmem +=========== + +This document explains the setup and usage of the virtio pmem device. +The virtio pmem device is a paravirtualized persistent memory device +on regular (i.e non-NVDIMM) storage. + +Usecase +------- + +Virtio pmem allows to bypass the guest page cache and directly use +host page cache. This reduces guest memory footprint as the host can +make efficient memory reclaim decisions under memory pressure. + +How does virtio-pmem compare to the nvdimm emulation? +----------------------------------------------------- + +NVDIMM emulation on regular (i.e. non-NVDIMM) host storage does not +persist the guest writes as there are no defined semantics in the device +specification. The virtio pmem device provides guest write persistence +on non-NVDIMM host storage. + +virtio pmem usage +----------------- + +A virtio pmem device backed by a memory-backend-file can be created on +the QEMU command line as in the following example:: + + -object memory-backend-file,id=mem1,share,mem-path=./virtio_pmem.img,size=4G + -device virtio-pmem-pci,memdev=mem1,id=nv1 + +where: + + - "object memory-backend-file,id=mem1,share,mem-path=<image>, size=<image size>" + creates a backend file with the specified size. + + - "device virtio-pmem-pci,id=nvdimm1,memdev=mem1" creates a virtio pmem + pci device whose storage is provided by above memory backend device. + +Multiple virtio pmem devices can be created if multiple pairs of "-object" +and "-device" are provided. + +Hotplug +------- + +Virtio pmem devices can be hotplugged via the QEMU monitor. First, the +memory backing has to be added via 'object_add'; afterwards, the virtio +pmem device can be added via 'device_add'. + +For example, the following commands add another 4GB virtio pmem device to +the guest:: + + (qemu) object_add memory-backend-file,id=mem2,share=on,mem-path=virtio_pmem2.img,size=4G + (qemu) device_add virtio-pmem-pci,id=virtio_pmem2,memdev=mem2 + +Guest Data Persistence +---------------------- + +Guest data persistence on non-NVDIMM requires guest userspace applications +to perform fsync/msync. This is different from a real nvdimm backend where +no additional fsync/msync is required. This is to persist guest writes in +host backing file which otherwise remains in host page cache and there is +risk of losing the data in case of power failure. + +With virtio pmem device, MAP_SYNC mmap flag is not supported. This provides +a hint to application to perform fsync for write persistence. + +Limitations +----------- + +- Real nvdimm device backend is not supported. +- virtio pmem hotunplug is not supported. +- ACPI NVDIMM features like regions/namespaces are not supported. +- ndctl command is not supported. diff --git a/docs/tools/conf.py b/docs/tools/conf.py index 9052d17d6d..4760d36ff2 100644 --- a/docs/tools/conf.py +++ b/docs/tools/conf.py @@ -22,6 +22,8 @@ man_pages = [ ['Fabrice Bellard'], 1), ('qemu-nbd', 'qemu-nbd', u'QEMU Disk Network Block Device Server', ['Anthony Liguori <anthony@codemonkey.ws>'], 8), + ('qemu-pr-helper', 'qemu-pr-helper', 'QEMU persistent reservation helper', + [], 8), ('qemu-trace-stap', 'qemu-trace-stap', u'QEMU SystemTap trace tool', [], 1), ('virtfs-proxy-helper', 'virtfs-proxy-helper', diff --git a/docs/tools/index.rst b/docs/tools/index.rst index 232ce9f3e4..b99f86c7c6 100644 --- a/docs/tools/index.rst +++ b/docs/tools/index.rst @@ -12,6 +12,7 @@ Contents: qemu-img qemu-nbd + qemu-pr-helper qemu-trace-stap virtfs-proxy-helper virtiofsd diff --git a/docs/tools/qemu-pr-helper.rst b/docs/tools/qemu-pr-helper.rst new file mode 100644 index 0000000000..ac036180ac --- /dev/null +++ b/docs/tools/qemu-pr-helper.rst @@ -0,0 +1,90 @@ +QEMU persistent reservation helper +================================== + +Synopsis +-------- + +**qemu-pr-helper** [*OPTION*] + +Description +----------- + +Implements the persistent reservation helper for QEMU. + +SCSI persistent reservations allow restricting access to block devices +to specific initiators in a shared storage setup. When implementing +clustering of virtual machines, it is a common requirement for virtual +machines to send persistent reservation SCSI commands. However, +the operating system restricts sending these commands to unprivileged +programs because incorrect usage can disrupt regular operation of the +storage fabric. QEMU's SCSI passthrough devices ``scsi-block`` +and ``scsi-generic`` support passing guest persistent reservation +requests to a privileged external helper program. :program:`qemu-pr-helper` +is that external helper; it creates a socket which QEMU can +connect to to communicate with it. + +If you want to run VMs in a setup like this, this helper should be +started as a system service, and you should read the QEMU manual +section on "persistent reservation managers" to find out how to +configure QEMU to connect to the socket created by +:program:`qemu-pr-helper`. + +After connecting to the socket, :program:`qemu-pr-helper` can +optionally drop root privileges, except for those capabilities that +are needed for its operation. + +:program:`qemu-pr-helper` can also use the systemd socket activation +protocol. In this case, the systemd socket unit should specify a +Unix stream socket, like this:: + + [Socket] + ListenStream=/var/run/qemu-pr-helper.sock + +Options +------- + +.. program:: qemu-pr-helper + +.. option:: -d, --daemon + + run in the background (and create a PID file) + +.. option:: -q, --quiet + + decrease verbosity + +.. option:: -v, --verbose + + increase verbosity + +.. option:: -f, --pidfile=PATH + + PID file when running as a daemon. By default the PID file + is created in the system runtime state directory, for example + :file:`/var/run/qemu-pr-helper.pid`. + +.. option:: -k, --socket=PATH + + path to the socket. By default the socket is created in + the system runtime state directory, for example + :file:`/var/run/qemu-pr-helper.sock`. + +.. option:: -T, --trace [[enable=]PATTERN][,events=FILE][,file=FILE] + + .. include:: ../qemu-option-trace.rst.inc + +.. option:: -u, --user=USER + + user to drop privileges to + +.. option:: -g, --group=GROUP + + group to drop privileges to + +.. option:: -h, --help + + Display a help message and exit. + +.. option:: -V, --version + + Display version information and exit. diff --git a/docs/virtio-pmem.rst b/docs/virtio-pmem.rst deleted file mode 100644 index 4bf5d00443..0000000000 --- a/docs/virtio-pmem.rst +++ /dev/null @@ -1,76 +0,0 @@ - -======================== -QEMU virtio pmem -======================== - - This document explains the setup and usage of the virtio pmem device - which is available since QEMU v4.1.0. - - The virtio pmem device is a paravirtualized persistent memory device - on regular (i.e non-NVDIMM) storage. - -Usecase --------- - - Virtio pmem allows to bypass the guest page cache and directly use - host page cache. This reduces guest memory footprint as the host can - make efficient memory reclaim decisions under memory pressure. - -o How does virtio-pmem compare to the nvdimm emulation supported by QEMU? - - NVDIMM emulation on regular (i.e. non-NVDIMM) host storage does not - persist the guest writes as there are no defined semantics in the device - specification. The virtio pmem device provides guest write persistence - on non-NVDIMM host storage. - -virtio pmem usage ------------------ - - A virtio pmem device backed by a memory-backend-file can be created on - the QEMU command line as in the following example:: - - -object memory-backend-file,id=mem1,share,mem-path=./virtio_pmem.img,size=4G - -device virtio-pmem-pci,memdev=mem1,id=nv1 - - where: - - - "object memory-backend-file,id=mem1,share,mem-path=<image>, size=<image size>" - creates a backend file with the specified size. - - - "device virtio-pmem-pci,id=nvdimm1,memdev=mem1" creates a virtio pmem - pci device whose storage is provided by above memory backend device. - - Multiple virtio pmem devices can be created if multiple pairs of "-object" - and "-device" are provided. - -Hotplug -------- - -Virtio pmem devices can be hotplugged via the QEMU monitor. First, the -memory backing has to be added via 'object_add'; afterwards, the virtio -pmem device can be added via 'device_add'. - -For example, the following commands add another 4GB virtio pmem device to -the guest:: - - (qemu) object_add memory-backend-file,id=mem2,share=on,mem-path=virtio_pmem2.img,size=4G - (qemu) device_add virtio-pmem-pci,id=virtio_pmem2,memdev=mem2 - -Guest Data Persistence ----------------------- - - Guest data persistence on non-NVDIMM requires guest userspace applications - to perform fsync/msync. This is different from a real nvdimm backend where - no additional fsync/msync is required. This is to persist guest writes in - host backing file which otherwise remains in host page cache and there is - risk of losing the data in case of power failure. - - With virtio pmem device, MAP_SYNC mmap flag is not supported. This provides - a hint to application to perform fsync for write persistence. - -Limitations ------------- -- Real nvdimm device backend is not supported. -- virtio pmem hotunplug is not supported. -- ACPI NVDIMM features like regions/namespaces are not supported. -- ndctl command is not supported. diff --git a/hw/arm/pxa2xx.c b/hw/arm/pxa2xx.c index 591776ba88..1a98f3bd5c 100644 --- a/hw/arm/pxa2xx.c +++ b/hw/arm/pxa2xx.c @@ -675,7 +675,7 @@ static void pxa2xx_ssp_write(void *opaque, hwaddr addr, if (value & SSCR0_MOD) printf("%s: Attempt to use network mode\n", __func__); if (s->enable && SSCR0_DSS(value) < 4) - printf("%s: Wrong data size: %i bits\n", __func__, + printf("%s: Wrong data size: %u bits\n", __func__, SSCR0_DSS(value)); if (!(value & SSCR0_SSE)) { s->sssr = 0; diff --git a/hw/arm/spitz.c b/hw/arm/spitz.c index 32bdeacfd3..772662f149 100644 --- a/hw/arm/spitz.c +++ b/hw/arm/spitz.c @@ -586,7 +586,7 @@ struct SpitzLCDTG { static void spitz_bl_update(SpitzLCDTG *s) { if (s->bl_power && s->bl_intensity) - zaurus_printf("LCD Backlight now at %i/63\n", s->bl_intensity); + zaurus_printf("LCD Backlight now at %u/63\n", s->bl_intensity); else zaurus_printf("LCD Backlight now off\n"); } diff --git a/hw/arm/tosa.c b/hw/arm/tosa.c index fe88ed89fe..66b244aeff 100644 --- a/hw/arm/tosa.c +++ b/hw/arm/tosa.c @@ -150,7 +150,7 @@ static void tosa_gpio_setup(PXA2xxState *cpu, static uint32_t tosa_ssp_tansfer(SSISlave *dev, uint32_t value) { - fprintf(stderr, "TG: %d %02x\n", value >> 5, value & 0x1f); + fprintf(stderr, "TG: %u %02x\n", value >> 5, value & 0x1f); return 0; } diff --git a/hw/intc/rx_icu.c b/hw/intc/rx_icu.c index 94e17a9dea..e5c01807b9 100644 --- a/hw/intc/rx_icu.c +++ b/hw/intc/rx_icu.c @@ -300,22 +300,20 @@ static const MemoryRegionOps icu_ops = { static void rxicu_realize(DeviceState *dev, Error **errp) { RXICUState *icu = RX_ICU(dev); - int i, j; + int i; if (icu->init_sense == NULL) { qemu_log_mask(LOG_GUEST_ERROR, "rx_icu: trigger-level property must be set."); return; } - for (i = j = 0; i < NR_IRQS; i++) { - if (icu->init_sense[j] == i) { - icu->src[i].sense = TRG_LEVEL; - if (j < icu->nr_sense) { - j++; - } - } else { - icu->src[i].sense = TRG_PEDGE; - } + + for (i = 0; i < NR_IRQS; i++) { + icu->src[i].sense = TRG_PEDGE; + } + for (i = 0; i < icu->nr_sense; i++) { + uint8_t irqno = icu->init_sense[i]; + icu->src[irqno].sense = TRG_LEVEL; } icu->req_irq = -1; } diff --git a/linux-user/arm/cpu_loop.c b/linux-user/arm/cpu_loop.c index 13629ee1f6..3d272b56ef 100644 --- a/linux-user/arm/cpu_loop.c +++ b/linux-user/arm/cpu_loop.c @@ -205,6 +205,24 @@ do_kernel_trap(CPUARMState *env) return 0; } +static bool insn_is_linux_bkpt(uint32_t opcode, bool is_thumb) +{ + /* + * Return true if this insn is one of the three magic UDF insns + * which the kernel treats as breakpoint insns. + */ + if (!is_thumb) { + return (opcode & 0x0fffffff) == 0x07f001f0; + } else { + /* + * Note that we get the two halves of the 32-bit T32 insn + * in the opposite order to the value the kernel uses in + * its undef_hook struct. + */ + return ((opcode & 0xffff) == 0xde01) || (opcode == 0xa000f7f0); + } +} + void cpu_loop(CPUARMState *env) { CPUState *cs = env_cpu(env); @@ -234,6 +252,16 @@ void cpu_loop(CPUARMState *env) /* FIXME - what to do if get_user() fails? */ get_user_code_u32(opcode, env->regs[15], env); + /* + * The Linux kernel treats some UDF patterns specially + * to use as breakpoints (instead of the architectural + * bkpt insn). These should trigger a SIGTRAP rather + * than SIGILL. + */ + if (insn_is_linux_bkpt(opcode, env->thumb)) { + goto excp_debug; + } + rc = EmulateAll(opcode, &ts->fpa, env); if (rc == 0) { /* illegal instruction */ info.si_signo = TARGET_SIGILL; diff --git a/target/arm/arm-semi.c b/target/arm/arm-semi.c index c1df664f7e..c892e0e674 100644 --- a/target/arm/arm-semi.c +++ b/target/arm/arm-semi.c @@ -36,6 +36,7 @@ #else #include "exec/gdbstub.h" #include "qemu/cutils.h" +#include "hw/arm/boot.h" #endif #define TARGET_SYS_OPEN 0x01 @@ -1014,6 +1015,9 @@ target_ulong do_arm_semihosting(CPUARMState *env) int i; #ifdef CONFIG_USER_ONLY TaskState *ts = cs->opaque; +#else + const struct arm_boot_info *info = env->boot_info; + target_ulong rambase = info->loader_start; #endif GET_ARG(0); @@ -1046,10 +1050,10 @@ target_ulong do_arm_semihosting(CPUARMState *env) #else limit = ram_size; /* TODO: Make this use the limit of the loaded application. */ - retvals[0] = limit / 2; - retvals[1] = limit; - retvals[2] = limit; /* Stack base */ - retvals[3] = 0; /* Stack limit. */ + retvals[0] = rambase + limit / 2; + retvals[1] = rambase + limit; + retvals[2] = rambase + limit; /* Stack base */ + retvals[3] = rambase; /* Stack limit. */ #endif for (i = 0; i < ARRAY_SIZE(retvals); i++) { diff --git a/target/arm/helper.c b/target/arm/helper.c index 11b0803df7..38cd35c049 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -40,7 +40,7 @@ #ifndef CONFIG_USER_ONLY -static bool get_phys_addr_lpae(CPUARMState *env, target_ulong address, +static bool get_phys_addr_lpae(CPUARMState *env, uint64_t address, MMUAccessType access_type, ARMMMUIdx mmu_idx, bool s1_is_el0, hwaddr *phys_ptr, MemTxAttrs *txattrs, int *prot, @@ -10988,7 +10988,7 @@ static ARMVAParameters aa32_va_parameters(CPUARMState *env, uint32_t va, * @fi: set to fault info if the translation fails * @cacheattrs: (if non-NULL) set to the cacheability/shareability attributes */ -static bool get_phys_addr_lpae(CPUARMState *env, target_ulong address, +static bool get_phys_addr_lpae(CPUARMState *env, uint64_t address, MMUAccessType access_type, ARMMMUIdx mmu_idx, bool s1_is_el0, hwaddr *phys_ptr, MemTxAttrs *txattrs, int *prot, |