Commit graph

172 commits

Author SHA1 Message Date
Edgar E. Iglesias 3ea1b2a84c
target-arm: Implement the S2 MMU inputsize > pamax check
Implement the inputsize > pamax check for Stage 2 translations.
This is CONSTRAINED UNPREDICTABLE and we choose to fault.

Backports commit 3526423e867765568ad95b8094ae8b4042cac215 from qemu
2018-02-19 01:22:00 -05:00
Edgar E. Iglesias 71f370d549
target-arm: Rename check_s2_startlevel to check_s2_mmu_setup
Rename check_s2_startlevel to check_s2_mmu_setup in preparation
for additional checks.

Backports commit a0e966c93a0968d29ef51447d08a6b7be6f4d757 from qemu
2018-02-19 01:16:11 -05:00
Edgar E. Iglesias bab59f6b18
target-arm: Apply S2 MMU startlevel table size check to AArch64
The S2 starting level table size check applies to both AArch32
and AArch64. Move it to common code.

Backports commit 98d68ec289750139258d9cd9ab3f6d7dd10bb762 from qemu
2018-02-19 01:13:35 -05:00
Peter Maydell d3e5003e53
target-arm: Make various system registers visible to EL3
The AArch64 system registers DACR32_EL2, IFSR32_EL2, SPSR_IRQ,
SPSR_ABT, SPSR_UND and SPSR_FIQ are visible and fully functional from
EL3 even if the CPU has no EL2 (unlike some others which are RES0
from EL3 in that configuration). Move them from el2_cp_reginfo[] to
v8_cp_reginfo[] so they are always present.

Backports commit 6a43e0b6e1f6bcd6b11656967422f4217258200a from qemu
2018-02-19 01:11:40 -05:00
Peter Maydell 22dadac875
target-arm: Implement FPEXC32_EL2 system register
The AArch64 FPEXC32_EL2 system register is visible at EL2 and EL3,
and allows those exception levels to read and write the FPEXC
register for a lower exception level that is using AArch32.

Backports commit 03fbf20f4da58f41998dc10ec7542f65d37ba759 from qemu
2018-02-18 22:52:54 -05:00
Peter Maydell 2ffb545ec3
target-arm: Handle exception return from AArch64 to non-EL0 AArch32
Remove the assumptions that the AArch64 exception return code was
making about a return to AArch32 always being a return to EL0.
This includes pulling out the illegal-SPSR checks so we can apply
them for return to 32 bit as well as return to 64-bit.

Backports commit 3809951bf61605974b91578c582de4da28f8ed07 from qemu
2018-02-18 22:46:50 -05:00
Peter Maydell 134eeeeacc
target-arm: Fix wrong AArch64 entry offset for EL2/EL3 target
The entry offset when taking an exception to AArch64 from a lower
exception level may be 0x400 or 0x600. 0x400 is used if the
implemented exception level immediately lower than the target level
is using AArch64, and 0x600 if it is using AArch32. We were
incorrectly implementing this as checking the exception level
that the exception was taken from. (The two can be different if
for example we take an exception from EL0 to AArch64 EL3; we should
in this case be checking EL2 if EL2 is implemented, and EL1 if
EL2 is not implemented.)

Backports commit 3d6f761713745dfed7d2ccfe98077d213a6a6eba from qemu
2018-02-18 22:43:52 -05:00
Peter Maydell d7c3ba6fa0
target-arm: Pull semihosting handling out to arm_cpu_do_interrupt()
Handling of semihosting calls should depend on the register width
of the calling code, not on that of any higher exception level,
so we need to identify and handle semihosting calls before we
decide whether to deliver the exception as an entry to AArch32
or AArch64. (EXCP_SEMIHOST is also an "internal exception" so
it has no target exception level in the first place.)

This will allow AArch32 EL1 code to use semihosting calls when
running under an AArch64 EL3.

Backports commit 904c04de2e1b425e7bc8c4ce2fae3d652eeed242 from qemu
2018-02-18 22:41:58 -05:00
Peter Maydell 4d0bdc61b6
target-arm: Use a single entry point for AArch64 and AArch32 exceptions
If EL2 or EL3 is present on an AArch64 CPU, then exceptions can be
taken to an exception level which is running AArch32 (if only EL0
and EL1 are present then EL1 must be AArch64 and all exceptions are
taken to AArch64). To support this we need to have a single
implementation of the CPU do_interrupt() method which can handle both
32 and 64 bit exception entry.

Pull the common parts of aarch64_cpu_do_interrupt() and
arm_cpu_do_interrupt() out into a new function which calls
either the AArch32 or AArch64 specific entry code once it has
worked out which one is needed.

We temporarily special-case the handling of EXCP_SEMIHOST to
avoid an assertion in arm_el_is_aa64(); the next patch will
pull all the semihosting handling out to the arm_cpu_do_interrupt()
level (since semihosting semantics depend on the register width
of the calling code, not on that of any higher EL).

Backports commit 966f758c49ff478c4757efa5970ce649161bff92 from qemu
2018-02-18 22:34:31 -05:00
Peter Maydell e1925bb5fb
target-arm: Move aarch64_cpu_do_interrupt() to helper.c
Move the aarch64_cpu_do_interrupt() function to helper.c. We want
to be able to call this from code that isn't AArch64-only, and
the move allows us to avoid awkward #ifdeffery at the callsite.

Backports commit f3a9b6945cbbb23f3a70da14e9ffdf1e60c580a8 from qemu
2018-02-18 22:23:06 -05:00
Lioncash f1f3ff39eb
target-arm: Support multiple address spaces in page table walks
If we have a secure address space, use it in page table walks:
when doing the physical accesses to read descriptors, make them
through the correct address space.

(The descriptor reads are the only direct physical accesses
made in target-arm/ for CPUs which might have TrustZone.)

Backports commit 5ce4ff6502fc6ae01a30c3917996c6c41be1d176 from qemu
2018-02-18 22:18:28 -05:00
Peter Maydell d3eb5fb710
target-arm: Implement cpu_get_phys_page_attrs_debug
Implement cpu_get_phys_page_attrs_debug instead of cpu_get_phys_page_debug.

Backports commit 0faea0c7e6b729c64035b3591b184eeeeef6f1d4 from qemu
2018-02-18 22:15:50 -05:00
Peter Maydell cd5c4037ac
target-arm: Clean up includes
Clean up includes so that osdep.h is included first and headers
which it implies are not included manually.

This commit was created with scripts/clean-includes.

Backports commit 74c21bd07491739c6e56bcb1f962e4df730e77f3 from qemu
2018-02-17 21:09:32 -05:00
Alvise Rigo 1e3e75fa44
target-arm: Use the right MMU index in arm_regime_using_lpae_format
arm_regime_using_lpae_format checks whether the LPAE extension is used
for stage 1 translation regimes. MMU indexes not exclusively of a stage 1
regime won't work with this method.

In case of ARMMMUIdx_S12NSE0 or ARMMMUIdx_S12NSE1, offset these values
by ARMMMUIdx_S1NSE0 to get the right index indicating a stage 1
translation regime.

Rename also the function to arm_s1_regime_using_lpae_format and update
the comments to reflect the change.

Backports commit deb2db996cbb9470b39ae1e383791ef34c4eb3c2 from qemu
2018-02-17 20:56:32 -05:00
Andrew Baumann e1701b069f
target-arm: raise exception on misaligned LDREX operands
Qemu does not generally perform alignment checks. However, the ARM ARM
requires implementation of alignment exceptions for a number of cases
including LDREX, and Windows-on-ARM relies on this.

This change adds plumbing to enable alignment checks on loads using
MO_ALIGN, a do_unaligned_access hook to raise the exception (data
abort), and uses the new aligned loads in LDREX (for all but
single-byte loads).

Backports commit 30901475b91ef1f46304404ab4bfe89097f61b96 from qemu
2018-02-17 19:29:29 -05:00
Peter Maydell 386e398c56
target-arm: Don't mask out bits [47:40] in LPAE descriptors for v8
In an LPAE format descriptor in ARMv8 the address field extends
up to bit 47, not just bit 39. Correct the masking so we don't
give incorrect results if the output address size is greater
than 40 bits, as it can be for AArch64.

(Note that we don't yet support the new-in-v8 Address Size fault which
should be generated if any translation table entry or TTBR contains
an address with non-zero bits above the most significant bit of the
maximum output address size.)

Backports commit 6109769a8b42bd0c3d5b1601c9b35fe7ea6a603e from qemu
2018-02-17 18:55:32 -05:00
Soren Brinkmann 3f4efdd95e
target-arm: Add and use symbolic names for register banks
Add BANK_<cpumode> #defines to index banked registers.

Backports commit 99a99c1fc8e9bfec1656ac5916c53977a93d3581 from qemu
2018-02-17 18:14:14 -05:00
Edgar E. Iglesias 942c18ead7
target-arm: Add support for S1 + S2 MMU translations
Backports commit 9b539263faa5c1b7fce2551092b5c7b6eea92081 from qemu
2018-02-17 15:24:10 -05:00
Edgar E. Iglesias f779375656
target-arm: Add S2 translation to 32bit S1 PTWs
Add support for applying S2 translation to 32bit S1
page-table walks.

Backports commit a614e69854a2e601716ee44dfe15c09b8b88f620 from qemu
2018-02-17 15:24:10 -05:00
Edgar E. Iglesias 085a94faac
target-arm: Add S2 translation to 64bit S1 PTWs
Add support for applying S2 translation to 64bit S1
page-table walks.

Backports commit 37785977627295162bff58b1f8777d94e20f4c5b from qemu
2018-02-17 15:24:09 -05:00
Edgar E. Iglesias 716f1ac28c
target-arm: Add ARMMMUFaultInfo
Introduce ARMMMUFaultInfo to propagate MMU Fault information
across the MMU translation code path. This is in preparation for
adding Stage-2 translation.

No functional changes.

Backports commit e14b5a23d8c83304559f31397f95d22ada60a19a from qemu
2018-02-17 15:24:09 -05:00
Edgar E. Iglesias 9156b8f3ce
target-arm: Avoid inline for get_phys_addr
Avoid inline for get_phys_addr() to prepare for future recursive use.

Backports commit af51f566ec7106d5e834476e78681a7b354f3c7c from qemu
2018-02-17 15:24:09 -05:00
Edgar E. Iglesias 9f5af4cb22
target-arm: Add support for S2 page-table protection bits
Backports commit 6ab1a5ee1c9d328cacf78805439ed4d3d132decd from qemu
2018-02-17 15:24:09 -05:00
Edgar E. Iglesias bf0313353e
target-arm: Add computation of starting level for S2 PTW
The starting level for S2 pagetable walks is computed
differently from the S1 starting level. Implement the S2
variant.

Backports commit 1853d5a9dcac910322c6cc5b2fddec45fd052d25 from qemu
2018-02-17 15:24:09 -05:00
Edgar E. Iglesias f63705e614
target-arm: lpae: Rename granule_sz to stride
Rename granule_sz to stride to better match the reference manuals.

No functional change.

Backports commit 973a5434825c076995218868b5b3047e5de400c6 from qemu
2018-02-17 15:24:08 -05:00
Edgar E. Iglesias 0323d25f86
target-arm: lpae: Replace tsz with computed inputsize
Remove the tsz variable and introduce inputsize.
This simplifies the code a little and makes it easier to
compare with the reference manuals.

No functional change.

Backports commit 4ca6a051758edf625a17dfc4ce4ab72edabac170 from qemu
2018-02-17 15:24:08 -05:00
Edgar E. Iglesias a33fca93b3
target-arm: Add support for AArch32 S2 negative t0sz
Add support for AArch32 S2 negative t0sz. In preparation for
using 40bit IPAs on AArch32.

Backports commit 4ee38098010240e0b390061fdd0151ff62d80279 from qemu
2018-02-17 15:24:08 -05:00
Edgar E. Iglesias 7be3cda1ea
target-arm: lpae: Move declaration of t0sz and t1sz
Move declaration of t0sz and t1sz to the top of the function
avoiding a mix of code and variable declarations.

No functional change.

Backports commit 1f4c8c18a5b6f4fad13e13b7e3828124c6c8f34d from qemu
2018-02-17 15:24:08 -05:00
Edgar E. Iglesias 0c1c636b96
target-arm: lpae: Make t0sz and t1sz signed integers
Make t0sz and t1sz signed integers to match tsz and to make
it easier to implement support for AArch32 negative t0sz.
t1sz is changed for consistensy.

No functional change.

Backports commit 5c31a10d16c595d6a59e3e7fc1808c3b1d03e02f from qemu
2018-02-17 15:24:07 -05:00
Edgar E. Iglesias 7409da7a4e
target-arm: Add HPFAR_EL2
Backports commit 59e055307392fdf99b86c8cbcd33a7e261dcbdb1 from qemu
2018-02-17 15:24:07 -05:00
Soren Brinkmann 9432e3a285
target-arm: Add support for SPSR_(ABT|UND|IRQ|FIQ)
Backports commit b876452507d0b719cff0b478efafb34ac41db683 from qemu
2018-02-17 15:24:07 -05:00
Sergey Fedorov 9b5cd0cec1
target-arm: Add MDCR_EL2
Add the MDCR_EL2 register. We don't implement any of
the debug-related traps this register controls yet, so
currently it simply reads back as written.

Backports commit 14cc7b54372995a6ba72c7719372e4f710fc9b5a from qemu
2018-02-17 15:24:02 -05:00
Davorin Mista cc2e6fc4e4
target-arm: Implement AArch64 OSLAR/OSLSR_EL1 sysregs
Added oslar_write function to OSLAR_EL1 sysreg, using a status variable
in ARMCPUState.cp15 struct (oslsr_el1). This variable is also linked
to the newly added read-only OSLSR_EL1 register.

Linux reads from this register during its suspend/resume procedure.

Backports commit 1424ca8d4320427c3e93722b65e19077969808a2 from qemu
2018-02-17 15:24:01 -05:00
Sergey Sorokin 1152631b4b
target-arm: Avoid calling arm_el_is_aa64() function for unimplemented EL
It is incorrect to call arm_el_is_aa64() function for unimplemented EL.
This patch fixes several attempts to do so.

Backports commit 2cde031f5a34996bab32571a26b1a6bcf3e5b5d9 from qemu
2018-02-17 15:24:01 -05:00
Sergey Sorokin 04992f0fb3
target-arm: Break the TB after ISB to execute self-modified code correctly
If any store instruction writes the code inside the same TB
after this store insn, the execution of the TB must be stopped
to execute new code correctly.
As described in ARMv8 manual D3.4.6 self-modifying code must do an
IC invalidation to be valid, and an ISB after it. So it's enough to end
the TB after ISB instruction on the code translation.
Also this TB break is necessary to take any pending interrupts immediately
after an ISB (as required by ARMv8 ARM D1.14.4).

Backports commit 6df99dec9e81838423d723996e96236693fa31fe from qemu
2018-02-17 15:24:01 -05:00
Stefan Weil d1bba24d86
target-arm: Add missing 'static' attribute
Backports commit 82c39f6a8898b028515eddcdbc4ae50959d0af5d from qemu
2018-02-17 15:24:01 -05:00
Edgar E. Iglesias 03da6ff6db
target-arm: Add VMPIDR_EL2
Backports commit f0d574d63f4603ec431f16ad535a555bf7548b94 from qemu
2018-02-17 15:23:48 -05:00
Edgar E. Iglesias 2b4c03224b
target-arm: Break out mpidr_read_val()
Break out mpidr_read_val() to allow future sharing of the
code that conditionally sets the M and U bits of MPIDR.

No functional changes.

Backports commit 06a7e6477c129ceaa72bd400cf281d44c456be43 from qemu
2018-02-17 15:23:48 -05:00
Edgar E. Iglesias 766dccbad9
target-arm: Add VPIDR_EL2
Backports commit 731de9e60074620aa7d565f01f989adacd493514 from qemu
2018-02-17 15:23:48 -05:00
Edgar E. Iglesias 2dfdb13786
target-arm: Suppress EPD for S2, EL2 and EL3 translations
Stage-2 translations, EL2 and EL3 regimes don't have the
EPD control.

Backports commit 0c5fbf3b4c1e5210354de71a3dc2ebc8c8a01f31 from qemu
2018-02-17 15:23:48 -05:00
Edgar E. Iglesias f5b3b9f6e9
target-arm: Suppress TBI for S2 translations
Stage-2 MMU translations do not have configurable TBI as
the top byte is always 0 (48-bit IPAs).

Backports commit 1edee4708a0e3163cbf20fac325be456abd960bb from qemu
2018-02-17 15:23:48 -05:00
Edgar E. Iglesias 097325acd6
target-arm: Add VTTBR_EL2
Backports commit b698e9cfd282b228b36d426b75facb83e07a1072 from qemu
2018-02-17 15:23:47 -05:00
Edgar E. Iglesias 4bdafaa2f8
target-arm: Add VTCR_EL2
Backports commit 68e9c2fe65bca7fc1bdc2411923333c3e87544a3 from qemu
2018-02-17 15:23:47 -05:00
Benjamin Herrenschmidt 1722be3e73
tlb: Add ifetch argument to cpu_mmu_index()
This is set to true when the index is for an instruction fetch
translation.

The core get_page_addr_code() sets it, as do the SOFTMMU_CODE_ACCESS
acessors.

All targets ignore it for now, and all other callers pass "false".

This will allow targets who wish to split the mmu index between
instruction and data accesses to do so. A subsequent patch will
do just that for PowerPC.

Backports commit 97ed5ccdee95f0b98bedc601ff979e368583472c from qemu
2018-02-17 15:23:37 -05:00
Edgar E. Iglesias 191786d055
target-arm: Add AArch64 access to PAR_EL1
Backports commit c96fc9b52d0a318d8026a0bcaba204d319ad91e0 from qemu
2018-02-17 15:23:36 -05:00
Edgar E. Iglesias de83caf623
target-arm: Correct opc1 for AT_S12Exx
Backports commit 7a379c7e68f1b2286602b0beeeb58dcef7c9e760 from qemu
2018-02-17 15:23:36 -05:00
Sergey Sorokin 5b40cb8562
target-arm: Fix AArch32:AArch64 general-purpose register mapping
There is an error in functions aarch64_sync_32_to_64() and
aarch64_sync_64_to_32() with mapping of registers between AArch32 and
AArch64. This commit fixes the mapping to match the v8 ARM ARM
section D1.20.1 (table D1-77).

Backports commit 3a9148d0bdcee990fbe86759b9b1f5723c1d7fbc from qemu
2018-02-17 15:23:34 -05:00
Peter Crosthwaite 83aa10f77d
arm: Remove hw_error() usages.
All of these hw_errors are fatal and indicate something wrong with
QEMU implementation.

Convert to g_assert_not_reached.

Backports commit 8f6fd322f6e25995629a1a07b56bc5b91fb947ca from qemu
2018-02-17 15:23:34 -05:00
Christopher Covington eabacd7daf
target-arm: Improve semihosting debug prints
Print semihosting debugging information before the
do_arm_semihosting() call so that angel_SWIreason_ReportException,
which causes the function to not return, gets the same debug prints as
other semihosting calls. Also print out the semihosting call number.

Backports commit 205ace55ffff77964e50af08c99639ec47db53f6 from qemu
2018-02-17 15:23:33 -05:00
Peter Maydell 4071f20ce2
target-arm: Implement AArch64 TLBI operations on IPAs
Implement the AArch64 TLBI operations which take an intermediate
physical address and invalidate stage 2 translations.

Backports commit cea66e91212164e02ad1d245c2371f7e8eb59e7f from qemu
2018-02-17 15:23:32 -05:00