Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20251008215613.300150-41-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20251008215613.300150-40-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Implement the pseudocode function EffectiveHCR_EL2_NVx.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20251008215613.300150-39-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The ARM now defines 36 bits in SPSR_ELx in aarch64 mode, so
it's time to bite the bullet and extend PSTATE to match.
Most changes are straightforward, adjusting printf formats,
changing local variable types. More complex is migration,
where to maintain backward compatibility a new pstate64
record is introduced, and only when one of the extensions
that sets bits 32-35 are active.
The fate of gdbstub is left undecided for the moment.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20251008215613.300150-37-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Move cpsr_write_from_spsr_elx from tcg/helper-a64.c to
helper.c, so that it's present with --disable-tcg.
Declare both in internals.h.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20251008215613.300150-36-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
target/arm: Make helper_exception_return system-only
Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20251008215613.300150-35-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Add isar_feature_aa64_gcs.
Enable SCR_GCSEN in scr_write.
Enable HCRX_GCSEN in hcrx_write.
Default HCRX_GCSEN on if EL2 disabled.
Add the GCSCR* and GCSPR* registers.
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20251008215613.300150-32-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
target/arm: Convert arm_mmu_idx_to_el from switch to table
In an effort to keep all ARMMMUIdx data in one place, begin construction
of an info table describing all of the properties of the mmu_idx. Begin
with the access EL.
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20251008215613.300150-18-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Move the stage2 permissions for normal accesses to
GetPhysAddrResult.s2prot. Put the stage2 permissions
for page table walking in CPUTLBEntryFull.prot.
This allows the permission checks in S1_ptw_translate
and arm_casq_ptw to see the right permission.
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20251008215613.300150-10-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
# -----BEGIN PGP SIGNATURE-----
#
# iLMEAAEIAB0WIQTKRzxE1qCcGJoZP81FK5aFKyaCFgUCaOeiawAKCRBFK5aFKyaC
# FlFZA/4uTme7RNIpDkcTW37ZieeRkFJXxO6EDvy/684EXUBMcJmhslXxb2vbtDUZ
# Mi2SCt4iB3oewYdDDe9glCGhRSNpARCMQp0rLivOBGWAguEld+M0sZ/Aqpk6Ovub
# zSHZKODKAADNt1lgzQ9iJx3uUBeUMdFKagIOrURPeCItLpoaKA==
# =OnvQ
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 09 Oct 2025 04:54:19 AM PDT
# gpg: using RSA key CA473C44D6A09C189A193FCD452B96852B268216
# gpg: Good signature from "Song Gao <gaosong@loongson.cn>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: CA47 3C44 D6A0 9C18 9A19 3FCD 452B 9685 2B26 8216
* tag 'pull-loongarch-20251009' of https://github.com/gaosong715/qemu:
target/loongarch: Define loongarch_exception_name() as static
target/loongarch: Move function do_raise_exception() to tcg_cpu.c
target/loongarch: Move TCG specified functions to tcg_cpu.c
tests/data/acpi/loongarch64: Update expected DSDT.*
hw/loongarch/virt: Align VIRT_GED_CPUHP_ADDR to 4 bytes
bios-tables-test-allowed-diff.h: Allow LoongArch DSDT.*
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging
* i386: fix migration issues in 10.1
* target/i386/mshv: new accelerator
* rust: use glib-sys-rs
* rust: fixes for docker tests
# -----BEGIN PGP SIGNATURE-----
#
# iQFIBAABCgAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmjnaOwUHHBib256aW5p
# QHJlZGhhdC5jb20ACgkQv/vSX3jHroNsFQf/WXKxZLLnItHwDz3UdwjzewPWpz5N
# fpS0E4C03J8pACDgyfl7PQl47P7NlJ08Ig2Lc5l3Z9KiAKgh0orR7Cqd0BY5f9lo
# uk4FgXfXpQyApywAlctadrTfcH8sRv2tMaP6EJ9coLtJtHW9RUGFPaZeMsqrjpAl
# TpwAXPYNDDvvy1ih1LPh5DzOPDXE4pin2tDa94gJei56gY95auK4zppoNYLdB3kR
# GOyR4QK43/yhuxPHOmQCZOE3HK2XrKgMZHWIjAovjZjZFiJs49FaHBOpRfFpsUlG
# PB3UbIMtu69VY20LqbbyInPnyATRQzqIGnDGTErP6lfCGTKTy2ulQYWvHA==
# =KM5O
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 09 Oct 2025 12:49:00 AM PDT
# gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg: issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [unknown]
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [unknown]
# gpg: WARNING: The key's User ID is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1
# Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83
* tag 'for-upstream' of https://gitlab.com/bonzini/qemu: (35 commits)
rust: fix path to rust_root_crate.sh
tests/docker: make --enable-rust overridable with EXTRA_CONFIGURE_OPTS
MAINTAINERS: Add maintainers for mshv accelerator
docs: Add mshv to documentation
target/i386/mshv: Use preallocated page for hvcall
qapi/accel: Allow to query mshv capabilities
accel/mshv: Handle overlapping mem mappings
target/i386/mshv: Implement mshv_vcpu_run()
target/i386/mshv: Write MSRs to the hypervisor
target/i386/mshv: Integrate x86 instruction decoder/emulator
target/i386/mshv: Register MSRs with MSHV
target/i386/mshv: Register CPUID entries with MSHV
target/i386/mshv: Set local interrupt controller state
target/i386/mshv: Implement mshv_arch_put_registers()
target/i386/mshv: Implement mshv_get_special_regs()
target/i386/mshv: Implement mshv_get_standard_regs()
target/i386/mshv: Implement mshv_store_regs()
target/i386/mshv: Add CPU create and remove logic
accel/mshv: Add vCPU signal handling
accel/mshv: Add vCPU creation and execution loop
...
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Bibo Mao [Mon, 29 Sep 2025 03:53:38 +0000 (11:53 +0800)]
target/loongarch: Define loongarch_exception_name() as static
Function loongarch_exception_name() is only called in defined file
target/loongarch/tcg/tcg_cpu.c, set this function as static.
Signed-off-by: Bibo Mao <maobibo@loongson.cn> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20250929035338.2320419-4-maobibo@loongson.cn> Signed-off-by: Song Gao <gaosong@loongson.cn>
Bibo Mao [Mon, 29 Sep 2025 03:53:37 +0000 (11:53 +0800)]
target/loongarch: Move function do_raise_exception() to tcg_cpu.c
Function do_raise_exception() is specified with TCG mode, so move
it to file target/loongarch/tcg/tcg_cpu.c
It is only code movement and there is no any function change.
Signed-off-by: Bibo Mao <maobibo@loongson.cn> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20250929035338.2320419-3-maobibo@loongson.cn> Signed-off-by: Song Gao <gaosong@loongson.cn>
Bibo Mao [Mon, 29 Sep 2025 03:53:36 +0000 (11:53 +0800)]
target/loongarch: Move TCG specified functions to tcg_cpu.c
New file target/loongarch/tcg/tcg_cpu.c is created, and move TCG
specified functions to here from file target/loongarch/cpu.c
It is only code movement and there is no any function change.
Signed-off-by: Bibo Mao <maobibo@loongson.cn> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20250929035338.2320419-2-maobibo@loongson.cn> Signed-off-by: Song Gao <gaosong@loongson.cn>
@@ -11,7 +11,7 @@
* Signature "DSDT"
* Length 0x000011FB (4603)
* Revision 0x01 **** 32-bit table (V1), no 64-bit math support
- * Checksum 0x5D
+ * Checksum 0x5B
* OEM ID "BOCHS "
* OEM Table ID "BXPC "
* OEM Revision 0x00000001 (1)
@@ -1426,11 +1426,11 @@
Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
Memory32Fixed (ReadWrite,
- 0x100E001F, // Address Base
+ 0x100E0020, // Address Base
0x0000000C, // Address Length
)
})
- OperationRegion (PRST, SystemMemory, 0x100E001F, 0x0C)
+ OperationRegion (PRST, SystemMemory, 0x100E0020, 0x0C)
Field (PRST, ByteAcc, NoLock, WriteAsZeros)
{
Offset (0x04),
Signed-off-by: Huacai Chen <chenhuacai@kernel.org> Acked-by: Michael S. Tsirkin <mst@redhat.com>
Message-ID: <20250923143542.2391576-4-chenhuacai@kernel.org> Signed-off-by: Song Gao <gaosong@loongson.cn>
hw/loongarch/virt: Align VIRT_GED_CPUHP_ADDR to 4 bytes
Now VIRT_GED_CPUHP_ADDR is not aligned to 4 bytes, but if Linux kernel
is built with ACPI_MISALIGNMENT_NOT_SUPPORTED, it assumes the alignment,
otherwise we get ACPI errors at boot phase:
ACPI Error: AE_AML_ALIGNMENT, Returned by Handler for [SystemMemory] (20250404/evregion-301)
ACPI Error: Aborting method \_SB.CPUS.CSTA due to previous error (AE_AML_ALIGNMENT) (20250404/psparse-529)
ACPI Error: Aborting method \_SB.CPUS.C000._STA due to previous error (AE_AML_ALIGNMENT) (20250404/psparse-529)
ACPI Error: Method execution failed \_SB.CPUS.C000._STA due to previous error (AE_AML_ALIGNMENT) (20250404/uteval-68)
VIRT_GED_MEM_ADDR and VIRT_GED_REG_ADDR are already aligned now, but use
QEMU_ALIGN_UP() to explicitly align them can make code more robust.
Reported-by: Nathan Chancellor <nathan@kernel.org> Suggested-by: WANG Rui <wangrui@loongson.cn> Signed-off-by: Huacai Chen <chenhuacai@loongson.cn> Reviewed-by: Bibo Mao <maobibo@loongson.cn>
Message-ID: <20250923143542.2391576-3-chenhuacai@kernel.org> Signed-off-by: Song Gao <gaosong@loongson.cn>
Magnus Kulke [Thu, 2 Oct 2025 07:50:12 +0000 (09:50 +0200)]
target/i386/mshv: Use preallocated page for hvcall
There are hvcalls that are invoked during MMIO exits, the payload is of
dynamic size. To avoid heap allocations we can use preallocated pages as
in/out buffer for those calls. A page is reserved per vCPU and used for
set/get register hv calls.
Magnus Kulke [Tue, 16 Sep 2025 16:48:43 +0000 (18:48 +0200)]
accel/mshv: Handle overlapping mem mappings
QEMU maps certain regions into the guest multiple times, as seen in the
trace below. Currently the MSHV kernel driver will reject those
mappings. To workaround this, a record is kept (a static global list of
"slots", inspired by what the HVF accelerator has implemented). An
overlapping region is not registered at the hypervisor, and marked as
mapped=false. If there is an UNMAPPED_GPA exit, we can look for a slot
that is unmapped and would cover the GPA. In this case we map out the
conflicting slot and map in the requested region.
The mapping table is guarded by a mutex for concurrent modification and
RCU mechanisms for concurrent reads. Writes occur rarely, but we'll have
to verify whether an unmapped region exist for each UNMAPPED_GPA exit,
which happens frequently.
Magnus Kulke [Tue, 16 Sep 2025 16:48:40 +0000 (18:48 +0200)]
target/i386/mshv: Integrate x86 instruction decoder/emulator
Connect the x86 instruction decoder and emulator to the MSHV backend
to handle intercepted instructions. This enables software emulation
of MMIO operations in MSHV guests. MSHV has a translate_gva hypercall
that is used to accessing the physical guest memory.
A guest might read from unmapped memory regions (e.g. OVMF will probe
0xfed40000 for a vTPM). In those cases 0xFF bytes is returned instead of
aborting the execution.
Magnus Kulke [Tue, 16 Sep 2025 16:48:38 +0000 (18:48 +0200)]
target/i386/mshv: Register CPUID entries with MSHV
Convert the guest CPU's CPUID model into MSHV's format and register it
with the hypervisor. This ensures that the guest observes the correct
CPU feature set during CPUID instructions.
Fetch standard register state from MSHV vCPUs to support debugging,
migration, and other introspection features in QEMU.
Fetch standard register state from a MHSV vCPU's. A generic get_regs()
function and a mapper to map the different register representations are
introduced.
Magnus Kulke [Thu, 2 Oct 2025 16:13:31 +0000 (18:13 +0200)]
target/i386/mshv: Implement mshv_store_regs()
Add support for writing general-purpose registers to MSHV vCPUs
during initialization or migration using the MSHV register interface. A
generic set_register call is introduced to abstract the HV call over
the various register types.
Magnus Kulke [Tue, 16 Sep 2025 16:48:30 +0000 (18:48 +0200)]
accel/mshv: Add vCPU creation and execution loop
Create MSHV vCPUs using MSHV_CREATE_VP and initialize their state.
Register the MSHV CPU execution loop loop with the QEMU accelerator
framework to enable guest code execution.
The target/i386 functionality is still mostly stubbed out and will be
populated in a later commit in this series.
Magnus Kulke [Thu, 2 Oct 2025 16:28:16 +0000 (18:28 +0200)]
accel/mshv: Initialize VM partition
Create the MSHV virtual machine by opening a partition and issuing
the necessary ioctl to initialize it. This sets up the basic VM
structure and initial configuration used by MSHV to manage guest state.
Signed-off-by: Magnus Kulke <magnuskulke@linux.microsoft.com> Link: https://lore.kernel.org/r/20250916164847.77883-10-magnuskulke@linux.microsoft.com
[Add stubs; fix format strings for trace-events; make mshv_hvcall
available only in per-target files; mshv.h/mshv_int.h split. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Magnus Kulke [Tue, 16 Sep 2025 16:48:28 +0000 (18:48 +0200)]
accel/mshv: Register memory region listeners
Add memory listener hooks for the MSHV accelerator to track guest
memory regions. This enables the backend to respond to region
additions, removals and will be used to manage guest memory mappings
inside the hypervisor.
Actually registering physical memory in the hypervisor is still stubbed
out.
Magnus Kulke [Thu, 2 Oct 2025 16:25:02 +0000 (18:25 +0200)]
accel/mshv: Add accelerator skeleton
Introduce the initial scaffold for the MSHV (Microsoft Hypervisor)
accelerator backend. This includes the basic directory structure and
stub implementations needed to integrate with QEMU's accelerator
framework.
Magnus Kulke [Tue, 16 Sep 2025 16:48:24 +0000 (18:48 +0200)]
hw/intc: Generalize APIC helper names from kvm_* to accel_*
Rename APIC helper functions to use an accel_* prefix instead of kvm_*
to support use by accelerators other than KVM. This is a preparatory
step for integrating MSHV support with common APIC logic.
Magnus Kulke [Tue, 16 Sep 2025 16:48:23 +0000 (18:48 +0200)]
target/i386/mshv: Add x86 decoder/emu implementation
The MSHV accelerator requires a x86 decoder/emulator in userland to
emulate MMIO instructions. This change contains the implementations for
the generalized i386 instruction decoder/emulator.
Magnus Kulke [Tue, 16 Sep 2025 16:48:22 +0000 (18:48 +0200)]
target/i386/emulate: Allow instruction decoding from stream
Introduce a new helper function to decode x86 instructions from a
raw instruction byte stream. MSHV delivers an instruction stream in a
buffer of the vm_exit message. It can be used to speed up MMIO
emulation, since instructions do not have to be fetched and translated.
Added "fetch_instruction()" op to x86_emul_ops() to improve
traceability.
Merge tag 'pull-10.2-maintainer-071025-1' of https://gitlab.com/stsquad/qemu into staging
testing updates
- tweak .gitpublish base to origin/master
- restore .gitmodules to qemu-project hosts
- drop 64 bits guests from i686
- update aarch64/s390x custom runners to 24.04
- tweak gitlab-runner registration method
- make check-venv dependency for functional tests
- replace avocado's gdb support with pygdbmi
- remove avocado dependencies from reverse_debug tests
- ensure replay.bin doesn't loose events after SHUTDOWN_HOST_QMP
# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCgAdFiEEZoWumedRZ7yvyN81+9DbCVqeKkQFAmjk1K8ACgkQ+9DbCVqe
# KkSMAQf/X/vltf2njNMiBtlEh3H5j7RHFYs83V+UYa1m2DRSrx9B8dBDwTv+kqeh
# KRSnHMufdVuqKhaPAavvI4v4E1kqjjTy1U4YjjMA7zKPrTafJHGhI6QGiQ3i7vhA
# 3/XTiqYhTJZfVFGDWlTkE8GbmTsT+mQVwt2BCoKjazibGVNWvRwUcWk81cNw/YI5
# e28dRbDCB+K03y+QVhyEOVBm59r0Qft0v3nLMq8+kGxW/Nh0oGKpuagWT2D24Tp0
# bEMlkcMJv20fVV9wd5f8NmAyMucczkt2vuLhghA/wUQveO0jBJwMxoMfgiGtlI1s
# iy1Q1iFx7bMEOeHO2fDQSvAfSXzvSw==
# =m/Gd
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 07 Oct 2025 01:51:59 AM PDT
# gpg: using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 6685 AE99 E751 67BC AFC8 DF35 FBD0 DB09 5A9E 2A44
* tag 'pull-10.2-maintainer-071025-1' of https://gitlab.com/stsquad/qemu:
record/replay: fix race condition on test_aarch64_reverse_debug
tests/functional: Adapt arches to reverse_debugging w/o Avocado
tests/functional: Adapt reverse_debugging to run w/o Avocado
tests/functional: Add decorator to skip test on missing env vars
tests/functional: drop datadrainer class in reverse debugging
tests/functional: replace avocado process with subprocess
tests/functional: Add GDB class
tests/functional: Provide GDB to the functional tests
python: Install pygdbmi in meson's venv
tests/functional: Re-activate the check-venv target
scripts/ci: use recommended registration command
gitlab: move custom runners to Ubuntu 24.04
tests/lcitool: bump custom runner packages to Ubuntu 24.04
tests/lcitool: drop 64 bit guests from i686 cross build
.gitmodules: restore qemu-project mirror of u-boot-sam460ex
.gitmodules: restore qemu-project mirror of u-boot
.gitpublish: use origin/master as default base
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Merge tag 'pull-target-arm-20251007' of https://gitlab.com/pm215/qemu into staging
target-arm queue:
* target/arm: Don't set HCR.RW for AArch32 only CPUs
* new board model: amd-versal2-virt
* xlnx-zynqmp: model the GIC for the Cortex-R5 RPU cluster
* hw/arm: Remove sl_bootparam_write() and 'hw/arm/sharpsl.h' header
* Emulate FEAT_RME_GPC2
# -----BEGIN PGP SIGNATURE-----
#
# iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmjlH0AZHHBldGVyLm1h
# eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3gvaD/92LoDOIPQYCw72nwr/hiC8
# DAJddqKL1VvirtcrTuwytB1+w/tM2FdNx4ADzryHiNEDay2gXl0g4X4Pq6QFwu8B
# u2gxQhZZc1XWJgvX06CDJZPIUoazQgri21359c+9mJrI94igq1Gisj+KJ2gaMJ/J
# hrtsbovKuuKwMyCwCSK0hqvrUFyechfvJ0MzwVXyHn80lvSeYVbHf8ahdM72Lqdt
# PFJuM6hM/bBbclMRrcgRZJ3gi6HGHdKQ+LyYeQkvpHtaO3FWBgyJE7dtzs3mj4c9
# zw7kFJi56/19G6Fx3CESCIjoUQxLPZ1wDljqcQ9+mIwhQ4Dm7cy/D5z018TotIws
# mNLpMyEYiyC6dl1TxaJkha9jB6MB+nlglpbOGyRDYD1xwV8o5lidAahKxtmZUrGp
# sErUqCL5f+e/inwkFLxKrA2Hk1mjFDzf9/aEF/CyA30JYzRrhCfMoffiqtpPpU5D
# +OD1OAnj+W7HSBzO6N2I+4bfsaILw61YvckaBbO9+Br9yx8QseXHwXGh+RgsMhY4
# yJdde//tRusT32SAVoQKCMTJM5Rkrt4wu1D0F4LFL/4rJaqkAhqirNP4v5JEjrlk
# UDNa19E1TfmLbCG0TfQBWd3kwLYizqjTO0006jpTMX+KIu5aInEIHzzVrKEKK4t5
# fCw9fUM8T4fSTV71wJ/28Q==
# =jFB3
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 07 Oct 2025 07:10:08 AM PDT
# gpg: using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg: issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [unknown]
# gpg: aka "Peter Maydell <pmaydell@gmail.com>" [unknown]
# gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [unknown]
# gpg: aka "Peter Maydell <peter@archaic.org.uk>" [unknown]
# gpg: WARNING: The key's User ID is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83 15CF 3C25 25ED 1436 0CDE
* tag 'pull-target-arm-20251007' of https://gitlab.com/pm215/qemu: (62 commits)
target/arm: Enable FEAT_RME_GPC2 for -cpu max with x-rme
target/arm: Implement APPSAA
target/arm: Fix GPT fault type for address outside PPS
target/arm: Implement SPAD, NSPAD, RLPAD
target/arm: Implement GPT_NonSecureOnly
target/arm: GPT_Secure is reserved without FEAT_SEL2
target/arm: Add cur_space to S1Translate
target/arm: Enable FEAT_RME_GPC2 bits in gpccr_write
target/arm: Add GPCCR fields from ARM revision L.b
target/arm: Add isar feature test for FEAT_RME_GPC2
hw/arm: Remove sl_bootparam_write() and 'hw/arm/sharpsl.h' header
hw/arm/xlnx-zynqmp: wire a second GIC for the Cortex-R5
hw/arm/xlnx-zynqmp: introduce helper to compute RPU number
hw/arm/xlnx-zynqmp: move GIC_NUM_SPI_INTR define in header
tests/functional/test_aarch64_xlnx_versal: test the versal2 machine
hw/arm/xlnx-versal-virt: add the xlnx-versal2-virt machine
docs/system/arm/xlnx-versal-virt: add a note about dumpdtb
docs/system/arm/xlnx-versal-virt: update supported devices
hw/arm/xlnx-versal-virt: tidy up
hw/arm/xlnx-versal-virt: split into base/concrete classes
...
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Hector Cao [Tue, 23 Sep 2025 10:16:41 +0000 (12:16 +0200)]
target/i386: add compatibility property for pdcm feature
The pdcm feature is supposed to be disabled when PMU is not
available. Up until v10.1, pdcm feature is enabled even when PMU
is off. This behavior has been fixed but this change breaks the
migration of VMs that are run with QEMU < 10.0 and expect the pdcm
feature to be enabled on the destination host.
This commit restores the legacy behavior for machines with version
prior to 10.1 to allow the migration from older QEMU to QEMU 10.1.
Signed-off-by: Hector Cao <hector.cao@canonical.com> Link: https://lore.kernel.org/r/20250910115733.21149-3-hector.cao@canonical.com Fixes: e68ec298090 ("i386/cpu: Move adjustment of CPUID_EXT_PDCM before feature_dependencies[] check", 2025-06-20)
[Move property from migration object to CPU. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Paolo Bonzini [Tue, 23 Sep 2025 10:22:54 +0000 (12:22 +0200)]
target/i386: add compatibility property for arch_capabilities
Prior to v10.1, if requested by user, arch-capabilities is always on
despite the fact that CPUID advertises it to be off/unvailable.
This causes a migration issue for VMs that are run on a machine
without arch-capabilities and expect this feature to be present
on the destination host with QEMU 10.1.
Add a compatibility property to restore the legacy behavior for all
machines with version prior to 10.1.
To preserve the functionality (added by 10.1) of turning off
ARCH_CAPABILITIES where Windows does not like it, use directly
the guest CPU vendor: x86_cpu_get_supported_feature_word is not
KVM-specific and therefore should not necessarily use the host
CPUID.
Co-authored-by: Hector Cao <hector.cao@canonical.com> Signed-off-by: Hector Cao <hector.cao@canonical.com> Fixes: d3a24134e37 ("target/i386: do not expose ARCH_CAPABILITIES on AMD CPU", 2025-07-17) Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
hw/arm: Remove sl_bootparam_write() and 'hw/arm/sharpsl.h' header
When removing the spitz and tosa board, commit b62151489ae
("hw/arm: Remove deprecated akita, borzoi spitz, terrier,
tosa boards") removed the last calls to sl_bootparam_write().
Remove it, along with the "hw/arm/sharpsl.h" header.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20251001084047.67423-1-philmd@linaro.org Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Frederic Konrad [Tue, 30 Sep 2025 11:57:18 +0000 (13:57 +0200)]
hw/arm/xlnx-zynqmp: wire a second GIC for the Cortex-R5
This wires a second GIC for the Cortex-R5, all the IRQs are split when there
is an RPU instanciated.
Signed-off-by: Clément Chigot <chigot@adacore.com> Acked-by: Edgar E. Iglesias <edgar.iglesias@amd.com>
Message-id: 20250930115718.437100-4-chigot@adacore.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
hw/arm/xlnx-zynqmp: introduce helper to compute RPU number
This helper will avoid repeating the MIN/MAX formula everytime the
number of RPUs available is requested.
Signed-off-by: Clément Chigot <chigot@adacore.com> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@amd.com>
Message-id: 20250930115718.437100-3-chigot@adacore.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
projects / thirdparty / qemu.git / log
