The exception-return magic values get some new bits in v8M, which
makes some bit definitions for them worthwhile.
We don't use the bit definitions for the switch on the low bits
which checks the return type for v7M, because this is defined
in the v7M ARM ARM as a set of valid values rather than via
per-bit checks.
Backports commit 4d1e7a4745c050f7ccac49a1c01437526b5130b5 from qemu
In do_v7m_exception_exit(), there's no need to force the high 4
bits of 'type' to 1 when calling v7m_exception_taken(), because
we know that they're always 1 or we could not have got to this
"handle return to magic exception return address" code. Remove
the unnecessary ORs.
Backports commit 7115cdf5782922611bcc44c89eec5990db7f6466 from qemu
For a bus fault, the M profile BFSR bit PRECISERR means a bus
fault on a data access, and IBUSERR means a bus fault on an
instruction access. We had these the wrong way around; fix this.
Backports commit c6158878650c01b2c753b2ea7d0967c8fe5ca59e from qemu
For M profile we must clear the exclusive monitor on reset, exception
entry and exception exit. We weren't doing any of these things; fix
this bug.
Backports commit dc3c4c14f0f12854dbd967be3486f4db4e66d25b from qemu
For M profile we must clear the exclusive monitor on reset, exception
entry and exception exit. We weren't doing any of these things; fix
this bug.
Backports commit dc3c4c14f0f12854dbd967be3486f4db4e66d25b from qemu
Use a symbolic constant M_REG_NUM_BANKS for the array size for
registers which are banked by M profile security state, rather
than hardcoding lots of 2s.
Backports commit 4a16724f06ead684a5962477a557c26c677c2729 from qemu
Older compilers (rhel6) don't like redefinition of typedefs
Fixes: 12a6c15ef31c98ecefa63e91ac36955383038384
Backports commit 9d81b2d2000f41be55a0624a26873f993fb6e928 from qemu
GCC 4.7.2 on SunOS reports that the values assigned to array members are not
real constants:
target/m68k/fpu_helper.c:32:5: error: initializer element is not constant
target/m68k/fpu_helper.c:32:5: error: (near initialization for 'fpu_rom[0]')
rules.mak:66: recipe for target 'target/m68k/fpu_helper.o' failed
Convert the array to make_floatx80_init() to fix it.
Replace floatx80_pi-like constants with make_floatx80_init() as they are
defined as make_floatx80().
This fixes build on SmartOS (Joyent).
Backports commit 6fa9ba09dbf4eb8b52bcb47d6820957f1b77ee0b from qemu
Implement the new do_transaction_failed hook for ARM, which should
cause the CPU to take a prefetch abort or data abort.
Backports commit c79c0a314c43b78f6326d5f137bdbafdbf8e9766 from qemu
Define a new MachineClass field ignore_memory_transaction_failures.
If this is flag is true then the CPU will ignore memory transaction
failures which should cause the CPU to take an exception due to an
access to an unassigned physical address; the transaction will
instead return zero (for a read) or be ignored (for a write). This
should be set only by legacy board models which rely on the old
RAZ/WI behaviour for handling devices that QEMU does not yet model.
New board models should instead use "unimplemented-device" for all
memory ranges where the guest will attempt to probe for a device that
QEMU doesn't implement and a stub device is required.
We need this for ARM boards, where we're about to implement support for
generating external aborts on memory transaction failures. Too many
of our legacy board models rely on the RAZ/WI behaviour and we
would break currently working guests when their "probe for device"
code provoked an external abort rather than a RAZ.
Backports commit ed860129acd3fcd0b1e47884e810212aaca4d21b from qemu
Implement the BXNS v8M instruction, which is like BX but will do a
jump-and-switch-to-NonSecure if the branch target address has bit 0
clear.
This is the first piece of code which implements "switch to the
other security state", so the commit also includes the code to
switch the stack pointers around, which is the only complicated
part of switching security state.
BLXNS is more complicated than just "BXNS but set the link register",
so we leave it for a separate commit.
Backports commit fb602cb726b3ebdd01ef3b1732d74baf9fee7ec9 from qemu
Move the regime_is_secure() utility function to internals.h;
we are going to want to call it from translate.c.
Backports commit 61fcd69b0db268e7612b07fadc436b93def91768 from qemu
Make the CFSR register banked if v8M security extensions are enabled.
Not all the bits in this register are banked: the BFSR
bits [15:8] are shared between S and NS, and we store them
in the NS copy of the register.
Backports commit 334e8dad7a109d15cb20b090131374ae98682a50 from qemu
Make the CCR register banked if v8M security extensions are enabled.
This is slightly more complicated than the other "add banking"
patches because there is one bit in the register which is not
banked. We keep the live data in the NS copy of the register,
and adjust it on register reads and writes. (Since we don't
currently implement the behaviour that the bit controls, there
is nowhere else that needs to care.)
This patch includes the enforcement of the bits which are newly
RES1 in ARMv8M.
Backports commit 9d40cd8a68cfc7606f4548cc9e812bab15c6dc28 from qemu
Make the MPU registers MPU_MAIR0 and MPU_MAIR1 banked if v8M security
extensions are enabled.
We can freely add more items to vmstate_m_security without
breaking migration compatibility, because no CPU currently
has the ARM_FEATURE_M_SECURITY bit enabled and so this
subsection is not yet used by anything.
Backports commit 62c58ee0b24eafb44c06402fe059fbd7972eb409 from qemu
Make the MPU registers MPU_MAIR0 and MPU_MAIR1 banked if v8M security
extensions are enabled.
Backports commit 4125e6feb71c810ca38f0d8e66e748b472a9cc54 from qemu
Make the FAULTMASK register banked if v8M security extensions are enabled.
Note that we do not yet implement the functionality of the new
AIRCR.PRIS bit (which allows the effect of the NS copy of FAULTMASK to
be restricted).
This patch includes the code to determine for v8M which copy
of FAULTMASK should be updated on exception exit; further
changes will be required to the exception exit code in general
to support v8M, so this is just a small piece of that.
The v8M ARM ARM introduces a notation where individual paragraphs
are labelled with R (for rule) or I (for information) followed
by a random group of subscript letters. In comments where we want
to refer to a particular part of the manual we use this convention,
which should be more stable across document revisions than using
section or page numbers.
Backports commit 42a6686b2f6199d086a58edd7731faeb2dbe7c14 from qemu
Make the PRIMASK register banked if v8M security extensions are enabled.
Note that we do not yet implement the functionality of the new
AIRCR.PRIS bit (which allows the effect of the NS copy of PRIMASK to
be restricted).
Backports commit 6d8048341995b31a77dc2e0dcaaf4e3df0e3121a from qemu
Make the BASEPRI register banked if v8M security extensions are enabled.
Note that we do not yet implement the functionality of the new
AIRCR.PRIS bit (which allows the effect of the NS copy of BASEPRI to
be restricted).
Backports commit acf949411ffb675edbfb707e235800b02e6a36f8 from qemu
Now that MPU lookups can return different results for v8M
when the CPU is in secure vs non-secure state, we need to
have separate MMU indexes; add the secure counterparts
to the existing three M profile MMU indexes.
Backports commit 66787c7868d05d29974e09201611b718c976f955 from qemu
If a v8M CPU supports the security extension then we need to
give it two AddressSpaces, the same way we do already for
an A profile core with EL3.
Backports commit 1d2091bc75ab7f9e2c43082f361a528a63c79527 from qemu
As the first step in implementing ARM v8M's security extension:
* add a new feature bit ARM_FEATURE_M_SECURITY
* add the CPU state field that indicates whether the CPU is
currently in the secure state
* add a migration subsection for this new state
(we will add the Secure copies of banked register state
to this subsection in later patches)
* add a #define for the one new-in-v8M exception type
* make the CPU debug log print S/NS status
Backports commit 1e577cc7cffd3de14dbd321de5c3ef191c6ab07f from qemu
As part of ARMv8M, we need to add support for the PMSAv8 MPU
architecture.
PMSAv8 differs from PMSAv7 both in register/data layout (for instance
using base and limit registers rather than base and size) and also in
behaviour (for example it does not have subregions); rather than
trying to wedge it into the existing PMSAv7 code and data structures,
we define separate ones.
This commit adds the data structures which hold the state for a
PMSAv8 MPU and the register interface to it. The implementation of
the MPU behaviour will be added in a subsequent commit.
Backports commit 0e1a46bbd2d6c39614b87f4e88ea305acce8a35f from qemu
ARM is a fixed-length ISA and we can compute the page crossing
condition exactly once during init_disas_context.
Backports commit d0264d86b026e9d948de577b05ff86d708658576 from qemu
We need not check for ARM vs Thumb state in order to dispatch
disassembly of every instruction.
Backports commit 722ef0a562a8cd810297b00516e36380e2f33353 from qemu
Since AArch64 uses a fixed-width ISA, we can pre-compute the number of
insns remaining on the page. Also, we can check for single-step once.
Backports commit dcc3a21209a8eeae0fe43966012f8e08d3566f98 from qemu
Incrementally paves the way towards using the generic instruction translation
loop.
Backports commit 58350fa4b2852fede96cfebad0b26bf79bca419c from qemu
Incrementally paves the way towards using the generic instruction translation
loop.
Backports commit 4013f7fc811e90b89da3a516dc71b01ca0e7e54e from qemu
Incrementally paves the way towards using the generic instruction translation
loop.
Backports commit be4079641f1bc755fc5d3ff194cf505c506227d8 from qemu
Incrementally paves the way towards using the generic instruction translation
loop.
Backports commit 70d3c035ae36a2c5c0f991ba958526127c92bb67 from qemu
Incrementally paves the way towards using the generic instruction translation
loop.
Backports commit 24299c892cbfe29120f051b6b7d0bcf3e0cc8e85 from qemu
Incrementally paves the way towards using the generic instruction translation
loop.
Backports commit 13189a9080b35b13af23f2be4806fa0cdbb31af3 from qemu
Incrementally paves the way towards using the generic instruction translation
loop.
Backports commit 0cb56b373da70047979b61b042f59aaff4012e1b from qemu
Incrementally paves the way towards using the generic instruction translation
loop.
Backports commit a68956ad7f8510bdc0b54793c65c62c6a94570a4 from qemu
Incrementally paves the way towards using the generic instruction translation
loop.
Backports commit f62bd897e64c6fb1f93e8795e835980516fe53b5 from qemu
Incrementally paves the way towards using the generic instruction translation
loop.
Backports commit b14768544fd715a3f1742c10fc36ae81c703cbc1 from qemu
Incrementally paves the way towards using the generic instruction translation
loop.
Backports commit 5c03990665aa9095e4d2734c8ca0f936a8e8f000 from qemu
Incrementally paves the way towards using the generic instruction translation
loop.
Backports commit 1d8a5535238fc5976e0542a413f4ad88f5d4b233 from qemu
Incrementally paves the way towards using the generic
instruction translation loop.
Backports commit dcba3a8d443842f7a30a2c52d50a6b50b6982b35 from qemu
Incrementally paves the way towards using the generic instruction translation
loop.
Backports commit e0d110d943891b719de7ca075fc17fa8ea5749b8 from qemu