target/arm: Convert to CPUClass::tlb_fill

Backports commit 7350d553b5066abdc662045d7db5cdb73d0f9d53 from qemu

qemu/aarch64.h

@@ -187,7 +187,6 @@
 #define arm_s1_regime_using_lpae_format arm_s1_regime_using_lpae_format_aarch64
 #define arm_singlestep_active arm_singlestep_active_aarch64
 #define arm_test_cc arm_test_cc_aarch64
-#define arm_tlb_fill arm_tlb_fill_aarch64
 #define arm_translate_init arm_translate_init_aarch64
 #define arm_v7m_class_init arm_v7m_class_init_aarch64
 #define arm_v7m_cpu_do_interrupt arm_v7m_cpu_do_interrupt_aarch64
@@ -3389,6 +3388,8 @@
 #define arm64_reg_reset arm64_reg_reset_aarch64
 #define arm64_reg_write arm64_reg_write_aarch64
 #define arm64_release arm64_release_aarch64
+#define arm_cpu_tlb_fill arm_cpu_tlb_fill_aarch64
+#define arm_deliver_fault arm_deliver_fault_aarch64
 #define arm_v7m_mmu_idx_all arm_v7m_mmu_idx_all_aarch64
 #define arm_v7m_mmu_idx_for_secstate arm_v7m_mmu_idx_for_secstate_aarch64
 #define arm_v7m_mmu_idx_for_secstate_and_priv arm_v7m_mmu_idx_for_secstate_and_priv_aarch64

qemu/aarch64eb.h

@@ -187,7 +187,6 @@
 #define arm_s1_regime_using_lpae_format arm_s1_regime_using_lpae_format_aarch64eb
 #define arm_singlestep_active arm_singlestep_active_aarch64eb
 #define arm_test_cc arm_test_cc_aarch64eb
-#define arm_tlb_fill arm_tlb_fill_aarch64eb
 #define arm_translate_init arm_translate_init_aarch64eb
 #define arm_v7m_class_init arm_v7m_class_init_aarch64eb
 #define arm_v7m_cpu_do_interrupt arm_v7m_cpu_do_interrupt_aarch64eb
@@ -3389,6 +3388,8 @@
 #define arm64_reg_reset arm64_reg_reset_aarch64eb
 #define arm64_reg_write arm64_reg_write_aarch64eb
 #define arm64_release arm64_release_aarch64eb
+#define arm_cpu_tlb_fill arm_cpu_tlb_fill_aarch64eb
+#define arm_deliver_fault arm_deliver_fault_aarch64eb
 #define arm_v7m_mmu_idx_all arm_v7m_mmu_idx_all_aarch64eb
 #define arm_v7m_mmu_idx_for_secstate arm_v7m_mmu_idx_for_secstate_aarch64eb
 #define arm_v7m_mmu_idx_for_secstate_and_priv arm_v7m_mmu_idx_for_secstate_and_priv_aarch64eb

qemu/arm.h

@@ -187,7 +187,6 @@
 #define arm_s1_regime_using_lpae_format arm_s1_regime_using_lpae_format_arm
 #define arm_singlestep_active arm_singlestep_active_arm
 #define arm_test_cc arm_test_cc_arm
-#define arm_tlb_fill arm_tlb_fill_arm
 #define arm_translate_init arm_translate_init_arm
 #define arm_v7m_class_init arm_v7m_class_init_arm
 #define arm_v7m_cpu_do_interrupt arm_v7m_cpu_do_interrupt_arm
@@ -3380,6 +3379,8 @@
 #define aa64_va_parameters aa64_va_parameters_arm
 #define aa64_va_parameters_both aa64_va_parameters_both_arm
 #define aarch64_translator_ops aarch64_translator_ops_arm
+#define arm_cpu_tlb_fill arm_cpu_tlb_fill_arm
+#define arm_deliver_fault arm_deliver_fault_arm
 #define arm_v7m_mmu_idx_all arm_v7m_mmu_idx_all_arm
 #define arm_v7m_mmu_idx_for_secstate arm_v7m_mmu_idx_for_secstate_arm
 #define arm_v7m_mmu_idx_for_secstate_and_priv arm_v7m_mmu_idx_for_secstate_and_priv_arm

qemu/armeb.h

@@ -187,7 +187,6 @@
 #define arm_s1_regime_using_lpae_format arm_s1_regime_using_lpae_format_armeb
 #define arm_singlestep_active arm_singlestep_active_armeb
 #define arm_test_cc arm_test_cc_armeb
-#define arm_tlb_fill arm_tlb_fill_armeb
 #define arm_translate_init arm_translate_init_armeb
 #define arm_v7m_class_init arm_v7m_class_init_armeb
 #define arm_v7m_cpu_do_interrupt arm_v7m_cpu_do_interrupt_armeb
@@ -3380,6 +3379,8 @@
 #define aa64_va_parameters aa64_va_parameters_armeb
 #define aa64_va_parameters_both aa64_va_parameters_both_armeb
 #define aarch64_translator_ops aarch64_translator_ops_armeb
+#define arm_cpu_tlb_fill arm_cpu_tlb_fill_armeb
+#define arm_deliver_fault arm_deliver_fault_armeb
 #define arm_v7m_mmu_idx_all arm_v7m_mmu_idx_all_armeb
 #define arm_v7m_mmu_idx_for_secstate arm_v7m_mmu_idx_for_secstate_armeb
 #define arm_v7m_mmu_idx_for_secstate_and_priv arm_v7m_mmu_idx_for_secstate_and_priv_armeb

qemu/header_gen.py

@@ -193,7 +193,6 @@ symbols = (
     'arm_s1_regime_using_lpae_format',
     'arm_singlestep_active',
     'arm_test_cc',
-    'arm_tlb_fill',
     'arm_translate_init',
     'arm_v7m_class_init',
     'arm_v7m_cpu_do_interrupt',
@@ -3389,6 +3388,8 @@ arm_symbols = (
     'aa64_va_parameters',
     'aa64_va_parameters_both',
     'aarch64_translator_ops',
+    'arm_cpu_tlb_fill',
+    'arm_deliver_fault',
     'arm_v7m_mmu_idx_all',
     'arm_v7m_mmu_idx_for_secstate',
     'arm_v7m_mmu_idx_for_secstate_and_priv',
@@ -3444,6 +3445,8 @@ aarch64_symbols = (
     'arm64_reg_reset',
     'arm64_reg_write',
     'arm64_release',
+    'arm_cpu_tlb_fill',
+    'arm_deliver_fault',
     'arm_v7m_mmu_idx_all',
     'arm_v7m_mmu_idx_for_secstate',
     'arm_v7m_mmu_idx_for_secstate_and_priv',

qemu/m68k.h

@@ -187,7 +187,6 @@
 #define arm_s1_regime_using_lpae_format arm_s1_regime_using_lpae_format_m68k
 #define arm_singlestep_active arm_singlestep_active_m68k
 #define arm_test_cc arm_test_cc_m68k
-#define arm_tlb_fill arm_tlb_fill_m68k
 #define arm_translate_init arm_translate_init_m68k
 #define arm_v7m_class_init arm_v7m_class_init_m68k
 #define arm_v7m_cpu_do_interrupt arm_v7m_cpu_do_interrupt_m68k

qemu/mips.h

@@ -187,7 +187,6 @@
 #define arm_s1_regime_using_lpae_format arm_s1_regime_using_lpae_format_mips
 #define arm_singlestep_active arm_singlestep_active_mips
 #define arm_test_cc arm_test_cc_mips
-#define arm_tlb_fill arm_tlb_fill_mips
 #define arm_translate_init arm_translate_init_mips
 #define arm_v7m_class_init arm_v7m_class_init_mips
 #define arm_v7m_cpu_do_interrupt arm_v7m_cpu_do_interrupt_mips

qemu/mips64.h

@@ -187,7 +187,6 @@
 #define arm_s1_regime_using_lpae_format arm_s1_regime_using_lpae_format_mips64
 #define arm_singlestep_active arm_singlestep_active_mips64
 #define arm_test_cc arm_test_cc_mips64
-#define arm_tlb_fill arm_tlb_fill_mips64
 #define arm_translate_init arm_translate_init_mips64
 #define arm_v7m_class_init arm_v7m_class_init_mips64
 #define arm_v7m_cpu_do_interrupt arm_v7m_cpu_do_interrupt_mips64

qemu/mips64el.h

@@ -187,7 +187,6 @@
 #define arm_s1_regime_using_lpae_format arm_s1_regime_using_lpae_format_mips64el
 #define arm_singlestep_active arm_singlestep_active_mips64el
 #define arm_test_cc arm_test_cc_mips64el
-#define arm_tlb_fill arm_tlb_fill_mips64el
 #define arm_translate_init arm_translate_init_mips64el
 #define arm_v7m_class_init arm_v7m_class_init_mips64el
 #define arm_v7m_cpu_do_interrupt arm_v7m_cpu_do_interrupt_mips64el

qemu/mipsel.h

@@ -187,7 +187,6 @@
 #define arm_s1_regime_using_lpae_format arm_s1_regime_using_lpae_format_mipsel
 #define arm_singlestep_active arm_singlestep_active_mipsel
 #define arm_test_cc arm_test_cc_mipsel
-#define arm_tlb_fill arm_tlb_fill_mipsel
 #define arm_translate_init arm_translate_init_mipsel
 #define arm_v7m_class_init arm_v7m_class_init_mipsel
 #define arm_v7m_cpu_do_interrupt arm_v7m_cpu_do_interrupt_mipsel

qemu/powerpc.h

@@ -187,7 +187,6 @@
 #define arm_s1_regime_using_lpae_format arm_s1_regime_using_lpae_format_powerpc
 #define arm_singlestep_active arm_singlestep_active_powerpc
 #define arm_test_cc arm_test_cc_powerpc
-#define arm_tlb_fill arm_tlb_fill_powerpc
 #define arm_translate_init arm_translate_init_powerpc
 #define arm_v7m_class_init arm_v7m_class_init_powerpc
 #define arm_v7m_cpu_do_interrupt arm_v7m_cpu_do_interrupt_powerpc

qemu/riscv32.h

@@ -187,7 +187,6 @@
 #define arm_s1_regime_using_lpae_format arm_s1_regime_using_lpae_format_riscv32
 #define arm_singlestep_active arm_singlestep_active_riscv32
 #define arm_test_cc arm_test_cc_riscv32
-#define arm_tlb_fill arm_tlb_fill_riscv32
 #define arm_translate_init arm_translate_init_riscv32
 #define arm_v7m_class_init arm_v7m_class_init_riscv32
 #define arm_v7m_cpu_do_interrupt arm_v7m_cpu_do_interrupt_riscv32

qemu/riscv64.h

@@ -187,7 +187,6 @@
 #define arm_s1_regime_using_lpae_format arm_s1_regime_using_lpae_format_riscv64
 #define arm_singlestep_active arm_singlestep_active_riscv64
 #define arm_test_cc arm_test_cc_riscv64
-#define arm_tlb_fill arm_tlb_fill_riscv64
 #define arm_translate_init arm_translate_init_riscv64
 #define arm_v7m_class_init arm_v7m_class_init_riscv64
 #define arm_v7m_cpu_do_interrupt arm_v7m_cpu_do_interrupt_riscv64

qemu/sparc.h

@@ -187,7 +187,6 @@
 #define arm_s1_regime_using_lpae_format arm_s1_regime_using_lpae_format_sparc
 #define arm_singlestep_active arm_singlestep_active_sparc
 #define arm_test_cc arm_test_cc_sparc
-#define arm_tlb_fill arm_tlb_fill_sparc
 #define arm_translate_init arm_translate_init_sparc
 #define arm_v7m_class_init arm_v7m_class_init_sparc
 #define arm_v7m_cpu_do_interrupt arm_v7m_cpu_do_interrupt_sparc

qemu/sparc64.h

@@ -187,7 +187,6 @@
 #define arm_s1_regime_using_lpae_format arm_s1_regime_using_lpae_format_sparc64
 #define arm_singlestep_active arm_singlestep_active_sparc64
 #define arm_test_cc arm_test_cc_sparc64
-#define arm_tlb_fill arm_tlb_fill_sparc64
 #define arm_translate_init arm_translate_init_sparc64
 #define arm_v7m_class_init arm_v7m_class_init_sparc64
 #define arm_v7m_cpu_do_interrupt arm_v7m_cpu_do_interrupt_sparc64

qemu/target/arm/cpu.c

@@ -1816,23 +1816,6 @@ static const ARMCPUInfo arm_cpus[] = {
     { .name = NULL }
 };
 
-#ifdef CONFIG_USER_ONLY
-static int arm_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size,
-                                    int rw, int mmu_idx)
-{
-    ARMCPU *cpu = ARM_CPU(NULL, cs);
-    CPUARMState *env = &cpu->env;
-
-    env->exception.vaddress = address;
-    if (rw == 2) {
-        cs->exception_index = EXCP_PREFETCH_ABORT;
-    } else {
-        cs->exception_index = EXCP_DATA_ABORT;
-    }
-    return 1;
-}
-#endif
-
 static void arm_cpu_class_init(struct uc_struct *uc, ObjectClass *oc, void *data)
 {
     ARMCPUClass *acc = ARM_CPU_CLASS(uc, oc);
@@ -1852,9 +1835,7 @@ static void arm_cpu_class_init(struct uc_struct *uc, ObjectClass *oc, void *data
     //cc->dump_state = arm_cpu_dump_state;
     cc->set_pc = arm_cpu_set_pc;
     cc->synchronize_from_tb = arm_cpu_synchronize_from_tb;
-#ifdef CONFIG_USER_ONLY
-    cc->handle_mmu_fault = arm_cpu_handle_mmu_fault;
-#else
+#ifndef CONFIG_USER_ONLY
     cc->do_interrupt = arm_cpu_do_interrupt;
     cc->do_unaligned_access = arm_cpu_do_unaligned_access;
     cc->do_transaction_failed = arm_cpu_do_transaction_failed;
@@ -1869,7 +1850,10 @@ static void arm_cpu_class_init(struct uc_struct *uc, ObjectClass *oc, void *data
 #if !defined(CONFIG_USER_ONLY)
     cc->adjust_watchpoint_address = arm_adjust_watchpoint_address;
 #endif
+#ifdef CONFIG_TCG
     cc->tcg_initialize = arm_translate_init;
+    cc->tlb_fill = arm_cpu_tlb_fill;
+#endif
 }
 
 static void cpu_register(struct uc_struct *uc, const ARMCPUInfo *info)

qemu/target/arm/helper.c

@@ -12382,42 +12382,6 @@ static bool get_phys_addr(CPUARMState *env, target_ulong address,
     }
 }
 
-/* Walk the page table and (if the mapping exists) add the page
- * to the TLB. Return false on success, or true on failure. Populate
- * fsr with ARM DFSR/IFSR fault register format value on failure.
- */
-bool arm_tlb_fill(CPUState *cs, vaddr address,
-                  MMUAccessType access_type, int mmu_idx,
-                  ARMMMUFaultInfo *fi)
-{
-    CPUARMState *env = cs->env_ptr;
-    hwaddr phys_addr;
-    target_ulong page_size;
-    int prot;
-    int ret;
-    MemTxAttrs attrs = {0};
-
-    ret = get_phys_addr(env, address, access_type,
-                        core_to_arm_mmu_idx(env, mmu_idx), &phys_addr,
-                        &attrs, &prot, &page_size, fi, NULL);
-    if (!ret) {
-        /*
-         * Map a single [sub]page. Regions smaller than our declared
-         * target page size are handled specially, so for those we
-         * pass in the exact addresses.
-         */
-        if (page_size >= TARGET_PAGE_SIZE) {
-            phys_addr &= TARGET_PAGE_MASK;
-            address &= TARGET_PAGE_MASK;
-        }
-        tlb_set_page_with_attrs(cs, address, phys_addr, attrs,
-                                prot, mmu_idx, page_size);
-        return 0;
-    }
-
-    return ret;
-}
-
 hwaddr arm_cpu_get_phys_page_attrs_debug(CPUState *cs, vaddr addr,
                                          MemTxAttrs *attrs)
 {
@@ -12874,6 +12838,67 @@ uint32_t HELPER(v7m_tt)(CPUARMState *env, uint32_t addr, uint32_t op)
 
 #endif
 
+bool arm_cpu_tlb_fill(CPUState *cs, vaddr address, int size,
+                      MMUAccessType access_type, int mmu_idx,
+                      bool probe, uintptr_t retaddr)
+{
+    ARMCPU *cpu = ARM_CPU(cs->uc, cs);
+
+#ifdef CONFIG_USER_ONLY
+    cpu->env.exception.vaddress = address;
+    if (access_type == MMU_INST_FETCH) {
+        cs->exception_index = EXCP_PREFETCH_ABORT;
+    } else {
+        cs->exception_index = EXCP_DATA_ABORT;
+    }
+    cpu_loop_exit_restore(cs, retaddr);
+#else
+    hwaddr phys_addr;
+    target_ulong page_size;
+    int prot, ret;
+    MemTxAttrs attrs = {};
+    ARMMMUFaultInfo fi = {};
+
+    /*
+     * Walk the page table and (if the mapping exists) add the page
+     * to the TLB.  On success, return true.  Otherwise, if probing,
+     * return false.  Otherwise populate fsr with ARM DFSR/IFSR fault
+     * register format, and signal the fault.
+     */
+    ret = get_phys_addr(&cpu->env, address, access_type,
+                        core_to_arm_mmu_idx(&cpu->env, mmu_idx),
+                        &phys_addr, &attrs, &prot, &page_size, &fi, NULL);
+    if (likely(!ret)) {
+        /*
+         * Map a single [sub]page. Regions smaller than our declared
+         * target page size are handled specially, so for those we
+         * pass in the exact addresses.
+         */
+        if (page_size >= TARGET_PAGE_SIZE) {
+            phys_addr &= TARGET_PAGE_MASK;
+            address &= TARGET_PAGE_MASK;
+        }
+        tlb_set_page_with_attrs(cs, address, phys_addr, attrs,
+                                prot, mmu_idx, page_size);
+        return true;
+    } else if (probe) {
+        return false;
+    } else {
+        /* now we have a real cpu fault */
+        cpu_restore_state(cs, retaddr, true);
+        arm_deliver_fault(cpu, address, access_type, mmu_idx, &fi);
+    }
+#endif
+}
+
+#ifndef CONFIG_USER_ONLY
+void tlb_fill(CPUState *cs, target_ulong addr, int size,
+              MMUAccessType access_type, int mmu_idx, uintptr_t retaddr)
+{
+    arm_cpu_tlb_fill(cs, addr, size, access_type, mmu_idx, false, retaddr);
+}
+#endif
+
 void HELPER(dc_zva)(CPUARMState *env, uint64_t vaddr_in)
 {
     /* Implement DC ZVA, which zeroes a fixed-length block of memory.

qemu/target/arm/internals.h

@@ -763,10 +763,12 @@ static inline bool arm_extabort_type(MemTxResult result)
     return result != MEMTX_DECODE_ERROR;
 }
 
-/* Do a page table walk and add page to TLB if possible */
-bool arm_tlb_fill(CPUState *cpu, vaddr address,
-                  MMUAccessType access_type, int mmu_idx,
-                  ARMMMUFaultInfo *fi);
+bool arm_cpu_tlb_fill(CPUState *cs, vaddr address, int size,
+                      MMUAccessType access_type, int mmu_idx,
+                      bool probe, uintptr_t retaddr);
+
+void arm_deliver_fault(ARMCPU *cpu, vaddr addr, MMUAccessType access_type,
+                       int mmu_idx, ARMMMUFaultInfo *fi) QEMU_NORETURN;
 
 /* Return true if the stage 1 translation regime is using LPAE format page
  * tables */

qemu/target/arm/op_helper.c

@@ -125,8 +125,8 @@ static inline uint32_t merge_syn_data_abort(uint32_t template_syn,
     return syn;
 }
 
-static void deliver_fault(ARMCPU *cpu, vaddr addr, MMUAccessType access_type,
-                          int mmu_idx, ARMMMUFaultInfo *fi)
+void arm_deliver_fault(ARMCPU *cpu, vaddr addr, MMUAccessType access_type,
+                       int mmu_idx, ARMMMUFaultInfo *fi)
 {
     CPUARMState *env = &cpu->env;
     int target_el;
@@ -178,27 +178,6 @@ static void deliver_fault(ARMCPU *cpu, vaddr addr, MMUAccessType access_type,
     raise_exception(env, exc, syn, target_el);
 }
 
-/* try to fill the TLB and return an exception if error. If retaddr is
- * NULL, it means that the function was called in C code (i.e. not
- * from generated code or from helper.c)
- */
-void tlb_fill(CPUState *cs, target_ulong addr, int size,
-              MMUAccessType access_type, int mmu_idx, uintptr_t retaddr)
-{
-    bool ret;
-    ARMMMUFaultInfo fi = {0};
-
-    ret = arm_tlb_fill(cs, addr, access_type, mmu_idx, &fi);
-    if (unlikely(ret)) {
-        ARMCPU *cpu = ARM_CPU(cs->uc, cs);
-
-        /* now we have a real cpu fault */
-        cpu_restore_state(cs, retaddr, true);
-
-        deliver_fault(cpu, addr, access_type, mmu_idx, &fi);
-    }
-}
-
 /* Raise a data fault alignment exception for the specified virtual address */
 void arm_cpu_do_unaligned_access(CPUState *cs, vaddr vaddr,
                                  MMUAccessType access_type,
@@ -211,7 +190,7 @@ void arm_cpu_do_unaligned_access(CPUState *cs, vaddr vaddr,
     cpu_restore_state(cs, retaddr, true);
 
     fi.type = ARMFault_Alignment;
-    deliver_fault(cpu, vaddr, access_type, mmu_idx, &fi);
+    arm_deliver_fault(cpu, vaddr, access_type, mmu_idx, &fi);
 }
 
 /* arm_cpu_do_transaction_failed: handle a memory system error response
@@ -232,7 +211,7 @@ void arm_cpu_do_transaction_failed(CPUState *cs, hwaddr physaddr,
 
     fi.ea = arm_extabort_type(response);
     fi.type = ARMFault_SyncExternal;
-    deliver_fault(cpu, addr, access_type, mmu_idx, &fi);
+    arm_deliver_fault(cpu, addr, access_type, mmu_idx, &fi);
 }
 
 #endif /* !defined(CONFIG_USER_ONLY) */

qemu/x86_64.h

@@ -187,7 +187,6 @@
 #define arm_s1_regime_using_lpae_format arm_s1_regime_using_lpae_format_x86_64
 #define arm_singlestep_active arm_singlestep_active_x86_64
 #define arm_test_cc arm_test_cc_x86_64
-#define arm_tlb_fill arm_tlb_fill_x86_64
 #define arm_translate_init arm_translate_init_x86_64
 #define arm_v7m_class_init arm_v7m_class_init_x86_64
 #define arm_v7m_cpu_do_interrupt arm_v7m_cpu_do_interrupt_x86_64