add smmu500 to xlnx-versal-virt machine #13
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This change copies the SMMU 500 device source from
the Xilinx QEMU fork, unmodified. It does not build
with our QEMU, due to lacking fdt_generic_util, among
other things.
Xilinx QEMU commit SHA where arm-smmu.c was pulled:
f28512b37a28350a6d9f8e7f0b3a21cf8fd22399
Signed-off-by: Nelson Ho <[email protected]>
Move the SMMU 500 device source from hw/misc/arm-smmu.c to a more appropriate location at hw/arm/smmu500.c Signed-off-by: Nelson Ho <[email protected]>
The upstream does not have the arm_generic_fdt machine and supporting bits. Remove the parse_reg code that exists as part of the fdt-generic-util infrastructure that makes possible the use of this device with the -hw-dtb option on Xilinx fork. Initialize the iommu memory region in SMMU.tbu during smmu_init. This was originally done as part of smmu_parse_reg, but since this is no longer invoked as part of fdt_init_qdev, we must do it elsewhere. Also, remove the MemoryRegion member of TBU struct (TBU.mr), since this appears to be redundant next to the iommu memory region located at TBU.iommu. Rather than use TBU.mr as the memory region root for TBU.as address space, use TBU.iommu as the memory region. I admit I do not fully understand how TBU.mr was initialized in the arm-generic-fdt machine, so it is possible removal of TBU.mr was done in error. Signed-off-by: Nelson Ho <[email protected]>
We borrowed the mmu500 source from the Xilinx fork of QEMU which is based off an older release of QEMU. The mmu-500 module compiles on upstream 9.1 after removal of fdt_generic_util bits and adding this required header include. Signed-off-by: Nelson Ho <[email protected]>
The xilinx implementation of smmu500 was intended to be used with the fdt-driven generic arm machine. As such, the mmu-500 device model was not realized as a static member of any specific machine implementation. Rather, it was created as an instance of FDTGenericMMapClass and initialized through the parse_reg recursion terminating at sysbus_parse_reg and dynamically attached to the target machine in fdt_init_qdev. This change creates a new header file for the mmu-500 containing the SMMU state structure as well as the simple qom object type structure. Signed-off-by: Nelson Ho <[email protected]>
Since these constants are now declared in a header file instead of the smmu500.c file, rename them to be smmu specific to avoid conflicts in the namespace. Signed-off-by: Nelson Ho <[email protected]>
Change includes meson and kconfig build config changes to build smmu500 device. Signed-off-by: Nelson Ho <[email protected]>
The IRQ mapping of some of the shared peripheral interrupts in the Versal SoC implementation conflict with the IRQ mappings found in the Versal SoC Technical Reference Manual AM011 version 1.6, in table "System Interrupts Table". This change aligns the IRQ mapping of all devices to the mapping found in the reference manual. This is done in preparation to add the mmu-500 SMMU, whose IRQ mapping conflicts with the current EFUSE_IRQ mapping. Signed-off-by: Nelson Ho <[email protected]>
Integrate the MMU-500 SMMU device into the xlnx-versal-virt machine. Signed-off-by: Nelson Ho <[email protected]>
kay-ge
approved these changes
Nov 15, 2024
ho28
pushed a commit
to ho28/wr-qemu
that referenced
this pull request
Nov 15, 2024
Allow overlapping request by removing the assert that made it
impossible. There are only two callers:
1. block_copy_task_create()
It already asserts the very same condition before calling
reqlist_init_req().
2. cbw_snapshot_read_lock()
There is no need to have read requests be non-overlapping in
copy-before-write when used for snapshot-access. In fact, there was no
protection against two callers of cbw_snapshot_read_lock() calling
reqlist_init_req() with overlapping ranges and this could lead to an
assertion failure [1].
In particular, with the reproducer script below [0], two
cbw_co_snapshot_block_status() callers could race, with the second
calling reqlist_init_req() before the first one finishes and removes
its conflicting request.
[0]:
> #!/bin/bash -e
> dd if=/dev/urandom of=/tmp/disk.raw bs=1M count=1024
> ./qemu-img create /tmp/fleecing.raw -f raw 1G
> (
> ./qemu-system-x86_64 --qmp stdio \
> --blockdev raw,node-name=node0,file.driver=file,file.filename=/tmp/disk.raw \
> --blockdev raw,node-name=node1,file.driver=file,file.filename=/tmp/fleecing.raw \
> <<EOF
> {"execute": "qmp_capabilities"}
> {"execute": "blockdev-add", "arguments": { "driver": "copy-before-write", "file": "node0", "target": "node1", "node-name": "node3" } }
> {"execute": "blockdev-add", "arguments": { "driver": "snapshot-access", "file": "node3", "node-name": "snap0" } }
> {"execute": "nbd-server-start", "arguments": {"addr": { "type": "unix", "data": { "path": "/tmp/nbd.socket" } } } }
> {"execute": "block-export-add", "arguments": {"id": "exp0", "node-name": "snap0", "type": "nbd", "name": "exp0"}}
> EOF
> ) &
> sleep 5
> while true; do
> ./qemu-nbd -d /dev/nbd0
> ./qemu-nbd -c /dev/nbd0 nbd:unix:/tmp/nbd.socket:exportname=exp0 -f raw -r
> nbdinfo --map 'nbd+unix:///exp0?socket=/tmp/nbd.socket'
> done
[1]:
> Wind-River#5 0x000071e5f0088eb2 in __GI___assert_fail (...) at ./assert/assert.c:101
> Wind-River#6 0x0000615285438017 in reqlist_init_req (...) at ../block/reqlist.c:23
> Wind-River#7 0x00006152853e2d98 in cbw_snapshot_read_lock (...) at ../block/copy-before-write.c:237
> Wind-River#8 0x00006152853e3068 in cbw_co_snapshot_block_status (...) at ../block/copy-before-write.c:304
> Wind-River#9 0x00006152853f4d22 in bdrv_co_snapshot_block_status (...) at ../block/io.c:3726
> Wind-River#10 0x000061528543a63e in snapshot_access_co_block_status (...) at ../block/snapshot-access.c:48
> Wind-River#11 0x00006152853f1a0a in bdrv_co_do_block_status (...) at ../block/io.c:2474
> Wind-River#12 0x00006152853f2016 in bdrv_co_common_block_status_above (...) at ../block/io.c:2652
> Wind-River#13 0x00006152853f22cf in bdrv_co_block_status_above (...) at ../block/io.c:2732
> Wind-River#14 0x00006152853d9a86 in blk_co_block_status_above (...) at ../block/block-backend.c:1473
> Wind-River#15 0x000061528538da6c in blockstatus_to_extents (...) at ../nbd/server.c:2374
> Wind-River#16 0x000061528538deb1 in nbd_co_send_block_status (...) at ../nbd/server.c:2481
> Wind-River#17 0x000061528538f424 in nbd_handle_request (...) at ../nbd/server.c:2978
> Wind-River#18 0x000061528538f906 in nbd_trip (...) at ../nbd/server.c:3121
> Wind-River#19 0x00006152855a7caf in coroutine_trampoline (...) at ../util/coroutine-ucontext.c:175
Cc: [email protected]
Suggested-by: Vladimir Sementsov-Ogievskiy <[email protected]>
Signed-off-by: Fiona Ebner <[email protected]>
Message-Id: <[email protected]>
Reviewed-by: Vladimir Sementsov-Ogievskiy <[email protected]>
Signed-off-by: Vladimir Sementsov-Ogievskiy <[email protected]>
(cherry picked from commit 6475155d519209c80fdda53e05130365aa769838)
Signed-off-by: Michael Tokarev <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This changeset borrows the mmu-500 smmu device implementation from the xilinx qemu fork with some modifications, and integrates it into the xlnx-versal-virt machine.