2 * Copyright (c) 2011, Max Filippov, Open Source and Linux Lab.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are met:
7 * * Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * * Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * * Neither the name of the Open Source and Linux Lab nor the
13 * names of its contributors may be used to endorse or promote products
14 * derived from this software without specific prior written permission.
16 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
17 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
20 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 #include "qemu-common.h"
32 #include "host-utils.h"
33 #if !defined(CONFIG_USER_ONLY)
34 #include "hw/loader.h"
37 #define XTREG(idx, ofs, bi, sz, al, no, flags, cp, typ, grp, name, \
38 a1, a2, a3, a4, a5, a6) \
39 { .targno = (no), .type = (typ), .group = (grp) },
41 static void reset_mmu(CPUState
*env
);
43 void cpu_reset(CPUXtensaState
*env
)
45 env
->exception_taken
= 0;
46 env
->pc
= env
->config
->exception_vector
[EXC_RESET
];
47 env
->sregs
[LITBASE
] &= ~1;
48 env
->sregs
[PS
] = xtensa_option_enabled(env
->config
,
49 XTENSA_OPTION_INTERRUPT
) ? 0x1f : 0x10;
50 env
->sregs
[VECBASE
] = env
->config
->vecbase
;
52 env
->pending_irq_level
= 0;
56 static const XtensaConfig core_config
[] = {
58 .name
= "sample-xtensa-core",
60 (XTENSA_OPTION_BIT(XTENSA_OPTION_HW_ALIGNMENT
) |
61 XTENSA_OPTION_BIT(XTENSA_OPTION_MMU
)),
66 #include "gdb-config-sample-xtensa-core.c"
72 .vecbase
= 0x5fff8400,
74 [EXC_RESET
] = 0x5fff8000,
75 [EXC_WINDOW_OVERFLOW4
] = 0x5fff8400,
76 [EXC_WINDOW_UNDERFLOW4
] = 0x5fff8440,
77 [EXC_WINDOW_OVERFLOW8
] = 0x5fff8480,
78 [EXC_WINDOW_UNDERFLOW8
] = 0x5fff84c0,
79 [EXC_WINDOW_OVERFLOW12
] = 0x5fff8500,
80 [EXC_WINDOW_UNDERFLOW12
] = 0x5fff8540,
81 [EXC_KERNEL
] = 0x5fff861c,
82 [EXC_USER
] = 0x5fff863c,
83 [EXC_DOUBLE
] = 0x5fff865c,
102 .inttype
= INTTYPE_TIMER
,
109 .clock_freq_khz
= 912000,
113 (XTENSA_OPTION_BIT(XTENSA_OPTION_HW_ALIGNMENT
) |
114 XTENSA_OPTION_BIT(XTENSA_OPTION_REGION_PROTECTION
) |
115 XTENSA_OPTION_BIT(XTENSA_OPTION_REGION_TRANSLATION
)),
120 #include "gdb-config-dc232b.c"
126 .vecbase
= 0xd0000000,
127 .exception_vector
= {
128 [EXC_RESET
] = 0xfe000000,
129 [EXC_WINDOW_OVERFLOW4
] = 0xd0000000,
130 [EXC_WINDOW_UNDERFLOW4
] = 0xd0000040,
131 [EXC_WINDOW_OVERFLOW8
] = 0xd0000080,
132 [EXC_WINDOW_UNDERFLOW8
] = 0xd00000c0,
133 [EXC_WINDOW_OVERFLOW12
] = 0xd0000100,
134 [EXC_WINDOW_UNDERFLOW12
] = 0xd0000140,
135 [EXC_KERNEL
] = 0xd0000300,
136 [EXC_USER
] = 0xd0000340,
137 [EXC_DOUBLE
] = 0xd00003c0,
141 .interrupt_vector
= {
161 [INTTYPE_EDGE
] = 0x3f8000,
162 [INTTYPE_NMI
] = 0x4000,
163 [INTTYPE_SOFTWARE
] = 0x880,
168 .inttype
= INTTYPE_LEVEL
,
172 .inttype
= INTTYPE_LEVEL
,
176 .inttype
= INTTYPE_LEVEL
,
180 .inttype
= INTTYPE_LEVEL
,
184 .inttype
= INTTYPE_LEVEL
,
188 .inttype
= INTTYPE_LEVEL
,
192 .inttype
= INTTYPE_TIMER
,
196 .inttype
= INTTYPE_SOFTWARE
,
200 .inttype
= INTTYPE_LEVEL
,
204 .inttype
= INTTYPE_LEVEL
,
208 .inttype
= INTTYPE_TIMER
,
212 .inttype
= INTTYPE_SOFTWARE
,
216 .inttype
= INTTYPE_LEVEL
,
220 .inttype
= INTTYPE_TIMER
,
224 .inttype
= INTTYPE_NMI
,
228 .inttype
= INTTYPE_EDGE
,
232 .inttype
= INTTYPE_EDGE
,
236 .inttype
= INTTYPE_EDGE
,
240 .inttype
= INTTYPE_EDGE
,
244 .inttype
= INTTYPE_EDGE
,
248 .inttype
= INTTYPE_EDGE
,
252 .inttype
= INTTYPE_EDGE
,
261 .clock_freq_khz
= 912000,
268 .nrefillentries
= 16,
273 4, 4, 4, 4, 4, 2, 2, 1, 1, 1,
276 .nrefillentries
= 16,
281 CPUXtensaState
*cpu_xtensa_init(const char *cpu_model
)
283 static int tcg_inited
;
285 const XtensaConfig
*config
= NULL
;
288 for (i
= 0; i
< ARRAY_SIZE(core_config
); ++i
)
289 if (strcmp(core_config
[i
].name
, cpu_model
) == 0) {
290 config
= core_config
+ i
;
294 if (config
== NULL
) {
298 env
= g_malloc0(sizeof(*env
));
299 env
->config
= config
;
304 xtensa_translate_init();
307 xtensa_irq_init(env
);
313 void xtensa_cpu_list(FILE *f
, fprintf_function cpu_fprintf
)
316 cpu_fprintf(f
, "Available CPUs:\n");
317 for (i
= 0; i
< ARRAY_SIZE(core_config
); ++i
) {
318 cpu_fprintf(f
, " %s\n", core_config
[i
].name
);
322 target_phys_addr_t
cpu_get_phys_page_debug(CPUState
*env
, target_ulong addr
)
328 if (xtensa_get_physical_addr(env
, addr
, 0, 0,
329 &paddr
, &page_size
, &access
) == 0) {
332 if (xtensa_get_physical_addr(env
, addr
, 2, 0,
333 &paddr
, &page_size
, &access
) == 0) {
339 static uint32_t relocated_vector(CPUState
*env
, uint32_t vector
)
341 if (xtensa_option_enabled(env
->config
,
342 XTENSA_OPTION_RELOCATABLE_VECTOR
)) {
343 return vector
- env
->config
->vecbase
+ env
->sregs
[VECBASE
];
350 * Handle penging IRQ.
351 * For the high priority interrupt jump to the corresponding interrupt vector.
352 * For the level-1 interrupt convert it to either user, kernel or double
353 * exception with the 'level-1 interrupt' exception cause.
355 static void handle_interrupt(CPUState
*env
)
357 int level
= env
->pending_irq_level
;
359 if (level
> xtensa_get_cintlevel(env
) &&
360 level
<= env
->config
->nlevel
&&
361 (env
->config
->level_mask
[level
] &
363 env
->sregs
[INTENABLE
])) {
365 env
->sregs
[EPC1
+ level
- 1] = env
->pc
;
366 env
->sregs
[EPS2
+ level
- 2] = env
->sregs
[PS
];
368 (env
->sregs
[PS
] & ~PS_INTLEVEL
) | level
| PS_EXCM
;
369 env
->pc
= relocated_vector(env
,
370 env
->config
->interrupt_vector
[level
]);
372 env
->sregs
[EXCCAUSE
] = LEVEL1_INTERRUPT_CAUSE
;
374 if (env
->sregs
[PS
] & PS_EXCM
) {
375 if (env
->config
->ndepc
) {
376 env
->sregs
[DEPC
] = env
->pc
;
378 env
->sregs
[EPC1
] = env
->pc
;
380 env
->exception_index
= EXC_DOUBLE
;
382 env
->sregs
[EPC1
] = env
->pc
;
383 env
->exception_index
=
384 (env
->sregs
[PS
] & PS_UM
) ? EXC_USER
: EXC_KERNEL
;
386 env
->sregs
[PS
] |= PS_EXCM
;
388 env
->exception_taken
= 1;
392 void do_interrupt(CPUState
*env
)
394 if (env
->exception_index
== EXC_IRQ
) {
395 qemu_log_mask(CPU_LOG_INT
,
396 "%s(EXC_IRQ) level = %d, cintlevel = %d, "
397 "pc = %08x, a0 = %08x, ps = %08x, "
398 "intset = %08x, intenable = %08x, "
400 __func__
, env
->pending_irq_level
, xtensa_get_cintlevel(env
),
401 env
->pc
, env
->regs
[0], env
->sregs
[PS
],
402 env
->sregs
[INTSET
], env
->sregs
[INTENABLE
],
404 handle_interrupt(env
);
407 switch (env
->exception_index
) {
408 case EXC_WINDOW_OVERFLOW4
:
409 case EXC_WINDOW_UNDERFLOW4
:
410 case EXC_WINDOW_OVERFLOW8
:
411 case EXC_WINDOW_UNDERFLOW8
:
412 case EXC_WINDOW_OVERFLOW12
:
413 case EXC_WINDOW_UNDERFLOW12
:
417 qemu_log_mask(CPU_LOG_INT
, "%s(%d) "
418 "pc = %08x, a0 = %08x, ps = %08x, ccount = %08x\n",
419 __func__
, env
->exception_index
,
420 env
->pc
, env
->regs
[0], env
->sregs
[PS
], env
->sregs
[CCOUNT
]);
421 if (env
->config
->exception_vector
[env
->exception_index
]) {
422 env
->pc
= relocated_vector(env
,
423 env
->config
->exception_vector
[env
->exception_index
]);
424 env
->exception_taken
= 1;
426 qemu_log("%s(pc = %08x) bad exception_index: %d\n",
427 __func__
, env
->pc
, env
->exception_index
);
435 qemu_log("%s(pc = %08x) unknown exception_index: %d\n",
436 __func__
, env
->pc
, env
->exception_index
);
439 check_interrupts(env
);
442 static void reset_tlb_mmu_all_ways(CPUState
*env
,
443 const xtensa_tlb
*tlb
, xtensa_tlb_entry entry
[][MAX_TLB_WAY_SIZE
])
447 for (wi
= 0; wi
< tlb
->nways
; ++wi
) {
448 for (ei
= 0; ei
< tlb
->way_size
[wi
]; ++ei
) {
449 entry
[wi
][ei
].asid
= 0;
450 entry
[wi
][ei
].variable
= true;
455 static void reset_tlb_mmu_ways56(CPUState
*env
,
456 const xtensa_tlb
*tlb
, xtensa_tlb_entry entry
[][MAX_TLB_WAY_SIZE
])
458 if (!tlb
->varway56
) {
459 static const xtensa_tlb_entry way5
[] = {
474 static const xtensa_tlb_entry way6
[] = {
489 memcpy(entry
[5], way5
, sizeof(way5
));
490 memcpy(entry
[6], way6
, sizeof(way6
));
493 for (ei
= 0; ei
< 8; ++ei
) {
494 entry
[6][ei
].vaddr
= ei
<< 29;
495 entry
[6][ei
].paddr
= ei
<< 29;
496 entry
[6][ei
].asid
= 1;
497 entry
[6][ei
].attr
= 2;
502 static void reset_tlb_region_way0(CPUState
*env
,
503 xtensa_tlb_entry entry
[][MAX_TLB_WAY_SIZE
])
507 for (ei
= 0; ei
< 8; ++ei
) {
508 entry
[0][ei
].vaddr
= ei
<< 29;
509 entry
[0][ei
].paddr
= ei
<< 29;
510 entry
[0][ei
].asid
= 1;
511 entry
[0][ei
].attr
= 2;
512 entry
[0][ei
].variable
= true;
516 static void reset_mmu(CPUState
*env
)
518 if (xtensa_option_enabled(env
->config
, XTENSA_OPTION_MMU
)) {
519 env
->sregs
[RASID
] = 0x04030201;
520 env
->sregs
[ITLBCFG
] = 0;
521 env
->sregs
[DTLBCFG
] = 0;
522 env
->autorefill_idx
= 0;
523 reset_tlb_mmu_all_ways(env
, &env
->config
->itlb
, env
->itlb
);
524 reset_tlb_mmu_all_ways(env
, &env
->config
->dtlb
, env
->dtlb
);
525 reset_tlb_mmu_ways56(env
, &env
->config
->itlb
, env
->itlb
);
526 reset_tlb_mmu_ways56(env
, &env
->config
->dtlb
, env
->dtlb
);
528 reset_tlb_region_way0(env
, env
->itlb
);
529 reset_tlb_region_way0(env
, env
->dtlb
);
533 static unsigned get_ring(const CPUState
*env
, uint8_t asid
)
536 for (i
= 0; i
< 4; ++i
) {
537 if (((env
->sregs
[RASID
] >> i
* 8) & 0xff) == asid
) {
545 * Lookup xtensa TLB for the given virtual address.
548 * \param pwi: [out] way index
549 * \param pei: [out] entry index
550 * \param pring: [out] access ring
551 * \return 0 if ok, exception cause code otherwise
553 int xtensa_tlb_lookup(const CPUState
*env
, uint32_t addr
, bool dtlb
,
554 uint32_t *pwi
, uint32_t *pei
, uint8_t *pring
)
556 const xtensa_tlb
*tlb
= dtlb
?
557 &env
->config
->dtlb
: &env
->config
->itlb
;
558 const xtensa_tlb_entry (*entry
)[MAX_TLB_WAY_SIZE
] = dtlb
?
559 env
->dtlb
: env
->itlb
;
564 for (wi
= 0; wi
< tlb
->nways
; ++wi
) {
567 split_tlb_entry_spec_way(env
, addr
, dtlb
, &vpn
, wi
, &ei
);
568 if (entry
[wi
][ei
].vaddr
== vpn
&& entry
[wi
][ei
].asid
) {
569 unsigned ring
= get_ring(env
, entry
[wi
][ei
].asid
);
573 LOAD_STORE_TLB_MULTI_HIT_CAUSE
:
574 INST_TLB_MULTI_HIT_CAUSE
;
583 (dtlb
? LOAD_STORE_TLB_MISS_CAUSE
: INST_TLB_MISS_CAUSE
);
587 * Convert MMU ATTR to PAGE_{READ,WRITE,EXEC} mask.
590 static unsigned mmu_attr_to_access(uint32_t attr
)
599 access
|= PAGE_WRITE
;
601 } else if (attr
== 13) {
602 access
|= PAGE_READ
| PAGE_WRITE
;
608 * Convert region protection ATTR to PAGE_{READ,WRITE,EXEC} mask.
611 static unsigned region_attr_to_access(uint32_t attr
)
614 if ((attr
< 6 && attr
!= 3) || attr
== 14) {
615 access
|= PAGE_READ
| PAGE_WRITE
;
617 if (attr
> 0 && attr
< 6) {
623 static bool is_access_granted(unsigned access
, int is_write
)
627 return access
& PAGE_READ
;
630 return access
& PAGE_WRITE
;
633 return access
& PAGE_EXEC
;
640 static int autorefill_mmu(CPUState
*env
, uint32_t vaddr
, bool dtlb
,
641 uint32_t *wi
, uint32_t *ei
, uint8_t *ring
);
643 static int get_physical_addr_mmu(CPUState
*env
,
644 uint32_t vaddr
, int is_write
, int mmu_idx
,
645 uint32_t *paddr
, uint32_t *page_size
, unsigned *access
)
647 bool dtlb
= is_write
!= 2;
651 int ret
= xtensa_tlb_lookup(env
, vaddr
, dtlb
, &wi
, &ei
, &ring
);
653 if ((ret
== INST_TLB_MISS_CAUSE
|| ret
== LOAD_STORE_TLB_MISS_CAUSE
) &&
654 (mmu_idx
!= 0 || ((vaddr
^ env
->sregs
[PTEVADDR
]) & 0xffc00000)) &&
655 autorefill_mmu(env
, vaddr
, dtlb
, &wi
, &ei
, &ring
) == 0) {
662 const xtensa_tlb_entry
*entry
=
663 xtensa_tlb_get_entry(env
, dtlb
, wi
, ei
);
665 if (ring
< mmu_idx
) {
667 LOAD_STORE_PRIVILEGE_CAUSE
:
668 INST_FETCH_PRIVILEGE_CAUSE
;
671 *access
= mmu_attr_to_access(entry
->attr
);
672 if (!is_access_granted(*access
, is_write
)) {
675 STORE_PROHIBITED_CAUSE
:
676 LOAD_PROHIBITED_CAUSE
) :
677 INST_FETCH_PROHIBITED_CAUSE
;
680 *paddr
= entry
->paddr
| (vaddr
& ~xtensa_tlb_get_addr_mask(env
, dtlb
, wi
));
681 *page_size
= ~xtensa_tlb_get_addr_mask(env
, dtlb
, wi
) + 1;
686 static int autorefill_mmu(CPUState
*env
, uint32_t vaddr
, bool dtlb
,
687 uint32_t *wi
, uint32_t *ei
, uint8_t *ring
)
693 (env
->sregs
[PTEVADDR
] | (vaddr
>> 10)) & 0xfffffffc;
694 int ret
= get_physical_addr_mmu(env
, pt_vaddr
, 0, 0,
695 &paddr
, &page_size
, &access
);
697 qemu_log("%s: trying autorefill(%08x) -> %08x\n", __func__
,
698 vaddr
, ret
? ~0 : paddr
);
702 uint32_t pte
= ldl_phys(paddr
);
704 *ring
= (pte
>> 4) & 0x3;
705 *wi
= (++env
->autorefill_idx
) & 0x3;
706 split_tlb_entry_spec_way(env
, vaddr
, dtlb
, &vpn
, *wi
, ei
);
707 xtensa_tlb_set_entry(env
, dtlb
, *wi
, *ei
, vpn
, pte
);
708 qemu_log("%s: autorefill(%08x): %08x -> %08x\n",
709 __func__
, vaddr
, vpn
, pte
);
714 static int get_physical_addr_region(CPUState
*env
,
715 uint32_t vaddr
, int is_write
, int mmu_idx
,
716 uint32_t *paddr
, uint32_t *page_size
, unsigned *access
)
718 bool dtlb
= is_write
!= 2;
720 uint32_t ei
= (vaddr
>> 29) & 0x7;
721 const xtensa_tlb_entry
*entry
=
722 xtensa_tlb_get_entry(env
, dtlb
, wi
, ei
);
724 *access
= region_attr_to_access(entry
->attr
);
725 if (!is_access_granted(*access
, is_write
)) {
728 STORE_PROHIBITED_CAUSE
:
729 LOAD_PROHIBITED_CAUSE
) :
730 INST_FETCH_PROHIBITED_CAUSE
;
733 *paddr
= entry
->paddr
| (vaddr
& ~REGION_PAGE_MASK
);
734 *page_size
= ~REGION_PAGE_MASK
+ 1;
740 * Convert virtual address to physical addr.
741 * MMU may issue pagewalk and change xtensa autorefill TLB way entry.
743 * \return 0 if ok, exception cause code otherwise
745 int xtensa_get_physical_addr(CPUState
*env
,
746 uint32_t vaddr
, int is_write
, int mmu_idx
,
747 uint32_t *paddr
, uint32_t *page_size
, unsigned *access
)
749 if (xtensa_option_enabled(env
->config
, XTENSA_OPTION_MMU
)) {
750 return get_physical_addr_mmu(env
, vaddr
, is_write
, mmu_idx
,
751 paddr
, page_size
, access
);
752 } else if (xtensa_option_bits_enabled(env
->config
,
753 XTENSA_OPTION_BIT(XTENSA_OPTION_REGION_PROTECTION
) |
754 XTENSA_OPTION_BIT(XTENSA_OPTION_REGION_TRANSLATION
))) {
755 return get_physical_addr_region(env
, vaddr
, is_write
, mmu_idx
,
756 paddr
, page_size
, access
);
759 *page_size
= TARGET_PAGE_SIZE
;
760 *access
= PAGE_READ
| PAGE_WRITE
| PAGE_EXEC
;