Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20251008215613.300150-49-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20251008215613.300150-41-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20251008215613.300150-40-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Implement the pseudocode function EffectiveHCR_EL2_NVx.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20251008215613.300150-39-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The ARM now defines 36 bits in SPSR_ELx in aarch64 mode, so
it's time to bite the bullet and extend PSTATE to match.
Most changes are straightforward, adjusting printf formats,
changing local variable types. More complex is migration,
where to maintain backward compatibility a new pstate64
record is introduced, and only when one of the extensions
that sets bits 32-35 are active.
The fate of gdbstub is left undecided for the moment.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20251008215613.300150-37-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Move cpsr_write_from_spsr_elx from tcg/helper-a64.c to
helper.c, so that it's present with --disable-tcg.
Declare both in internals.h.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20251008215613.300150-36-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
target/arm: Make helper_exception_return system-only
Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20251008215613.300150-35-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Add isar_feature_aa64_gcs.
Enable SCR_GCSEN in scr_write.
Enable HCRX_GCSEN in hcrx_write.
Default HCRX_GCSEN on if EL2 disabled.
Add the GCSCR* and GCSPR* registers.
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20251008215613.300150-32-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
target/arm: Convert arm_mmu_idx_to_el from switch to table
In an effort to keep all ARMMMUIdx data in one place, begin construction
of an info table describing all of the properties of the mmu_idx. Begin
with the access EL.
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20251008215613.300150-18-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Move the stage2 permissions for normal accesses to
GetPhysAddrResult.s2prot. Put the stage2 permissions
for page table walking in CPUTLBEntryFull.prot.
This allows the permission checks in S1_ptw_translate
and arm_casq_ptw to see the right permission.
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20251008215613.300150-10-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
# -----BEGIN PGP SIGNATURE-----
#
# iLMEAAEIAB0WIQTKRzxE1qCcGJoZP81FK5aFKyaCFgUCaOeiawAKCRBFK5aFKyaC
# FlFZA/4uTme7RNIpDkcTW37ZieeRkFJXxO6EDvy/684EXUBMcJmhslXxb2vbtDUZ
# Mi2SCt4iB3oewYdDDe9glCGhRSNpARCMQp0rLivOBGWAguEld+M0sZ/Aqpk6Ovub
# zSHZKODKAADNt1lgzQ9iJx3uUBeUMdFKagIOrURPeCItLpoaKA==
# =OnvQ
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 09 Oct 2025 04:54:19 AM PDT
# gpg: using RSA key CA473C44D6A09C189A193FCD452B96852B268216
# gpg: Good signature from "Song Gao <gaosong@loongson.cn>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: CA47 3C44 D6A0 9C18 9A19 3FCD 452B 9685 2B26 8216
* tag 'pull-loongarch-20251009' of https://github.com/gaosong715/qemu:
target/loongarch: Define loongarch_exception_name() as static
target/loongarch: Move function do_raise_exception() to tcg_cpu.c
target/loongarch: Move TCG specified functions to tcg_cpu.c
tests/data/acpi/loongarch64: Update expected DSDT.*
hw/loongarch/virt: Align VIRT_GED_CPUHP_ADDR to 4 bytes
bios-tables-test-allowed-diff.h: Allow LoongArch DSDT.*
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging
* i386: fix migration issues in 10.1
* target/i386/mshv: new accelerator
* rust: use glib-sys-rs
* rust: fixes for docker tests
# -----BEGIN PGP SIGNATURE-----
#
# iQFIBAABCgAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmjnaOwUHHBib256aW5p
# QHJlZGhhdC5jb20ACgkQv/vSX3jHroNsFQf/WXKxZLLnItHwDz3UdwjzewPWpz5N
# fpS0E4C03J8pACDgyfl7PQl47P7NlJ08Ig2Lc5l3Z9KiAKgh0orR7Cqd0BY5f9lo
# uk4FgXfXpQyApywAlctadrTfcH8sRv2tMaP6EJ9coLtJtHW9RUGFPaZeMsqrjpAl
# TpwAXPYNDDvvy1ih1LPh5DzOPDXE4pin2tDa94gJei56gY95auK4zppoNYLdB3kR
# GOyR4QK43/yhuxPHOmQCZOE3HK2XrKgMZHWIjAovjZjZFiJs49FaHBOpRfFpsUlG
# PB3UbIMtu69VY20LqbbyInPnyATRQzqIGnDGTErP6lfCGTKTy2ulQYWvHA==
# =KM5O
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 09 Oct 2025 12:49:00 AM PDT
# gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg: issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [unknown]
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [unknown]
# gpg: WARNING: The key's User ID is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1
# Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83
* tag 'for-upstream' of https://gitlab.com/bonzini/qemu: (35 commits)
rust: fix path to rust_root_crate.sh
tests/docker: make --enable-rust overridable with EXTRA_CONFIGURE_OPTS
MAINTAINERS: Add maintainers for mshv accelerator
docs: Add mshv to documentation
target/i386/mshv: Use preallocated page for hvcall
qapi/accel: Allow to query mshv capabilities
accel/mshv: Handle overlapping mem mappings
target/i386/mshv: Implement mshv_vcpu_run()
target/i386/mshv: Write MSRs to the hypervisor
target/i386/mshv: Integrate x86 instruction decoder/emulator
target/i386/mshv: Register MSRs with MSHV
target/i386/mshv: Register CPUID entries with MSHV
target/i386/mshv: Set local interrupt controller state
target/i386/mshv: Implement mshv_arch_put_registers()
target/i386/mshv: Implement mshv_get_special_regs()
target/i386/mshv: Implement mshv_get_standard_regs()
target/i386/mshv: Implement mshv_store_regs()
target/i386/mshv: Add CPU create and remove logic
accel/mshv: Add vCPU signal handling
accel/mshv: Add vCPU creation and execution loop
...
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Bibo Mao [Mon, 29 Sep 2025 03:53:38 +0000 (11:53 +0800)]
target/loongarch: Define loongarch_exception_name() as static
Function loongarch_exception_name() is only called in defined file
target/loongarch/tcg/tcg_cpu.c, set this function as static.
Signed-off-by: Bibo Mao <maobibo@loongson.cn> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20250929035338.2320419-4-maobibo@loongson.cn> Signed-off-by: Song Gao <gaosong@loongson.cn>
Bibo Mao [Mon, 29 Sep 2025 03:53:37 +0000 (11:53 +0800)]
target/loongarch: Move function do_raise_exception() to tcg_cpu.c
Function do_raise_exception() is specified with TCG mode, so move
it to file target/loongarch/tcg/tcg_cpu.c
It is only code movement and there is no any function change.
Signed-off-by: Bibo Mao <maobibo@loongson.cn> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20250929035338.2320419-3-maobibo@loongson.cn> Signed-off-by: Song Gao <gaosong@loongson.cn>
Bibo Mao [Mon, 29 Sep 2025 03:53:36 +0000 (11:53 +0800)]
target/loongarch: Move TCG specified functions to tcg_cpu.c
New file target/loongarch/tcg/tcg_cpu.c is created, and move TCG
specified functions to here from file target/loongarch/cpu.c
It is only code movement and there is no any function change.
Signed-off-by: Bibo Mao <maobibo@loongson.cn> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20250929035338.2320419-2-maobibo@loongson.cn> Signed-off-by: Song Gao <gaosong@loongson.cn>
@@ -11,7 +11,7 @@
* Signature "DSDT"
* Length 0x000011FB (4603)
* Revision 0x01 **** 32-bit table (V1), no 64-bit math support
- * Checksum 0x5D
+ * Checksum 0x5B
* OEM ID "BOCHS "
* OEM Table ID "BXPC "
* OEM Revision 0x00000001 (1)
@@ -1426,11 +1426,11 @@
Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
Memory32Fixed (ReadWrite,
- 0x100E001F, // Address Base
+ 0x100E0020, // Address Base
0x0000000C, // Address Length
)
})
- OperationRegion (PRST, SystemMemory, 0x100E001F, 0x0C)
+ OperationRegion (PRST, SystemMemory, 0x100E0020, 0x0C)
Field (PRST, ByteAcc, NoLock, WriteAsZeros)
{
Offset (0x04),
Signed-off-by: Huacai Chen <chenhuacai@kernel.org> Acked-by: Michael S. Tsirkin <mst@redhat.com>
Message-ID: <20250923143542.2391576-4-chenhuacai@kernel.org> Signed-off-by: Song Gao <gaosong@loongson.cn>
hw/loongarch/virt: Align VIRT_GED_CPUHP_ADDR to 4 bytes
Now VIRT_GED_CPUHP_ADDR is not aligned to 4 bytes, but if Linux kernel
is built with ACPI_MISALIGNMENT_NOT_SUPPORTED, it assumes the alignment,
otherwise we get ACPI errors at boot phase:
ACPI Error: AE_AML_ALIGNMENT, Returned by Handler for [SystemMemory] (20250404/evregion-301)
ACPI Error: Aborting method \_SB.CPUS.CSTA due to previous error (AE_AML_ALIGNMENT) (20250404/psparse-529)
ACPI Error: Aborting method \_SB.CPUS.C000._STA due to previous error (AE_AML_ALIGNMENT) (20250404/psparse-529)
ACPI Error: Method execution failed \_SB.CPUS.C000._STA due to previous error (AE_AML_ALIGNMENT) (20250404/uteval-68)
VIRT_GED_MEM_ADDR and VIRT_GED_REG_ADDR are already aligned now, but use
QEMU_ALIGN_UP() to explicitly align them can make code more robust.
Reported-by: Nathan Chancellor <nathan@kernel.org> Suggested-by: WANG Rui <wangrui@loongson.cn> Signed-off-by: Huacai Chen <chenhuacai@loongson.cn> Reviewed-by: Bibo Mao <maobibo@loongson.cn>
Message-ID: <20250923143542.2391576-3-chenhuacai@kernel.org> Signed-off-by: Song Gao <gaosong@loongson.cn>
Magnus Kulke [Thu, 2 Oct 2025 07:50:12 +0000 (09:50 +0200)]
target/i386/mshv: Use preallocated page for hvcall
There are hvcalls that are invoked during MMIO exits, the payload is of
dynamic size. To avoid heap allocations we can use preallocated pages as
in/out buffer for those calls. A page is reserved per vCPU and used for
set/get register hv calls.
Magnus Kulke [Tue, 16 Sep 2025 16:48:43 +0000 (18:48 +0200)]
accel/mshv: Handle overlapping mem mappings
QEMU maps certain regions into the guest multiple times, as seen in the
trace below. Currently the MSHV kernel driver will reject those
mappings. To workaround this, a record is kept (a static global list of
"slots", inspired by what the HVF accelerator has implemented). An
overlapping region is not registered at the hypervisor, and marked as
mapped=false. If there is an UNMAPPED_GPA exit, we can look for a slot
that is unmapped and would cover the GPA. In this case we map out the
conflicting slot and map in the requested region.
The mapping table is guarded by a mutex for concurrent modification and
RCU mechanisms for concurrent reads. Writes occur rarely, but we'll have
to verify whether an unmapped region exist for each UNMAPPED_GPA exit,
which happens frequently.
Magnus Kulke [Tue, 16 Sep 2025 16:48:40 +0000 (18:48 +0200)]
target/i386/mshv: Integrate x86 instruction decoder/emulator
Connect the x86 instruction decoder and emulator to the MSHV backend
to handle intercepted instructions. This enables software emulation
of MMIO operations in MSHV guests. MSHV has a translate_gva hypercall
that is used to accessing the physical guest memory.
A guest might read from unmapped memory regions (e.g. OVMF will probe
0xfed40000 for a vTPM). In those cases 0xFF bytes is returned instead of
aborting the execution.
Magnus Kulke [Tue, 16 Sep 2025 16:48:38 +0000 (18:48 +0200)]
target/i386/mshv: Register CPUID entries with MSHV
Convert the guest CPU's CPUID model into MSHV's format and register it
with the hypervisor. This ensures that the guest observes the correct
CPU feature set during CPUID instructions.
Fetch standard register state from MSHV vCPUs to support debugging,
migration, and other introspection features in QEMU.
Fetch standard register state from a MHSV vCPU's. A generic get_regs()
function and a mapper to map the different register representations are
introduced.
Magnus Kulke [Thu, 2 Oct 2025 16:13:31 +0000 (18:13 +0200)]
target/i386/mshv: Implement mshv_store_regs()
Add support for writing general-purpose registers to MSHV vCPUs
during initialization or migration using the MSHV register interface. A
generic set_register call is introduced to abstract the HV call over
the various register types.
Magnus Kulke [Tue, 16 Sep 2025 16:48:30 +0000 (18:48 +0200)]
accel/mshv: Add vCPU creation and execution loop
Create MSHV vCPUs using MSHV_CREATE_VP and initialize their state.
Register the MSHV CPU execution loop loop with the QEMU accelerator
framework to enable guest code execution.
The target/i386 functionality is still mostly stubbed out and will be
populated in a later commit in this series.
Magnus Kulke [Thu, 2 Oct 2025 16:28:16 +0000 (18:28 +0200)]
accel/mshv: Initialize VM partition
Create the MSHV virtual machine by opening a partition and issuing
the necessary ioctl to initialize it. This sets up the basic VM
structure and initial configuration used by MSHV to manage guest state.
Signed-off-by: Magnus Kulke <magnuskulke@linux.microsoft.com> Link: https://lore.kernel.org/r/20250916164847.77883-10-magnuskulke@linux.microsoft.com
[Add stubs; fix format strings for trace-events; make mshv_hvcall
available only in per-target files; mshv.h/mshv_int.h split. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
projects / thirdparty / qemu.git / log
