search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
target-xtensa: implement memory protection options
[qemu.git] / target-xtensa / helper.c
blob9e1898430cc152fa180a1e0dd8bff9cb06a6b5fd
1 /*
2 * Copyright (c) 2011, Max Filippov, Open Source and Linux Lab.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are met:
7 * * Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * * Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * * Neither the name of the Open Source and Linux Lab nor the
13 * names of its contributors may be used to endorse or promote products
14 * derived from this software without specific prior written permission.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
17 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
20 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
28 #include "cpu.h"
29 #include "exec-all.h"
30 #include "gdbstub.h"
31 #include "qemu-common.h"
32 #include "host-utils.h"
33 #if !defined(CONFIG_USER_ONLY)
34 #include "hw/loader.h"
35 #endif
36
37 #define XTREG(idx, ofs, bi, sz, al, no, flags, cp, typ, grp, name, \
38 a1, a2, a3, a4, a5, a6) \
39 { .targno = (no), .type = (typ), .group = (grp) },
40
41 static void reset_mmu(CPUState *env);
42
43 void cpu_reset(CPUXtensaState *env)
44 {
45 env->exception_taken = 0;
46 env->pc = env->config->exception_vector[EXC_RESET];
47 env->sregs[LITBASE] &= ~1;
48 env->sregs[PS] = xtensa_option_enabled(env->config,
49 XTENSA_OPTION_INTERRUPT) ? 0x1f : 0x10;
50 env->sregs[VECBASE] = env->config->vecbase;
51
52 env->pending_irq_level = 0;
53 reset_mmu(env);
54 }
55
56 static const XtensaConfig core_config[] = {
57 {
58 .name = "sample-xtensa-core",
59 .options = -1 ^
60 (XTENSA_OPTION_BIT(XTENSA_OPTION_HW_ALIGNMENT) |
61 XTENSA_OPTION_BIT(XTENSA_OPTION_MMU)),
62 .gdb_regmap = {
63 .num_regs = 176,
64 .num_core_regs = 117,
65 .reg = {
66 #include "gdb-config-sample-xtensa-core.c"
67 }
68 },
69 .nareg = 64,
70 .ndepc = 1,
71 .excm_level = 16,
72 .vecbase = 0x5fff8400,
73 .exception_vector = {
74 [EXC_RESET] = 0x5fff8000,
75 [EXC_WINDOW_OVERFLOW4] = 0x5fff8400,
76 [EXC_WINDOW_UNDERFLOW4] = 0x5fff8440,
77 [EXC_WINDOW_OVERFLOW8] = 0x5fff8480,
78 [EXC_WINDOW_UNDERFLOW8] = 0x5fff84c0,
79 [EXC_WINDOW_OVERFLOW12] = 0x5fff8500,
80 [EXC_WINDOW_UNDERFLOW12] = 0x5fff8540,
81 [EXC_KERNEL] = 0x5fff861c,
82 [EXC_USER] = 0x5fff863c,
83 [EXC_DOUBLE] = 0x5fff865c,
84 },
85 .ninterrupt = 13,
86 .nlevel = 6,
87 .interrupt_vector = {
88 0,
89 0,
90 0x5fff857c,
91 0x5fff859c,
92 0x5fff85bc,
93 0x5fff85dc,
94 0x5fff85fc,
95 },
96 .level_mask = {
97 [4] = 1,
98 },
99 .interrupt = {
100 [0] = {
101 .level = 4,
102 .inttype = INTTYPE_TIMER,
103 },
104 },
105 .nccompare = 1,
106 .timerint = {
107 [0] = 0,
108 },
109 .clock_freq_khz = 912000,
110 },
111 };
112
113 CPUXtensaState *cpu_xtensa_init(const char *cpu_model)
114 {
115 static int tcg_inited;
116 CPUXtensaState *env;
117 const XtensaConfig *config = NULL;
118 int i;
119
120 for (i = 0; i < ARRAY_SIZE(core_config); ++i)
121 if (strcmp(core_config[i].name, cpu_model) == 0) {
122 config = core_config + i;
123 break;
124 }
125
126 if (config == NULL) {
127 return NULL;
128 }
129
130 env = g_malloc0(sizeof(*env));
131 env->config = config;
132 cpu_exec_init(env);
133
134 if (!tcg_inited) {
135 tcg_inited = 1;
136 xtensa_translate_init();
137 }
138
139 xtensa_irq_init(env);
140 qemu_init_vcpu(env);
141 return env;
142 }
143
144
145 void xtensa_cpu_list(FILE *f, fprintf_function cpu_fprintf)
146 {
147 int i;
148 cpu_fprintf(f, "Available CPUs:\n");
149 for (i = 0; i < ARRAY_SIZE(core_config); ++i) {
150 cpu_fprintf(f, " %s\n", core_config[i].name);
151 }
152 }
153
154 target_phys_addr_t cpu_get_phys_page_debug(CPUState *env, target_ulong addr)
155 {
156 uint32_t paddr;
157 uint32_t page_size;
158 unsigned access;
159
160 if (xtensa_get_physical_addr(env, addr, 0, 0,
161 &paddr, &page_size, &access) == 0) {
162 return paddr;
163 }
164 if (xtensa_get_physical_addr(env, addr, 2, 0,
165 &paddr, &page_size, &access) == 0) {
166 return paddr;
167 }
168 return ~0;
169 }
170
171 static uint32_t relocated_vector(CPUState *env, uint32_t vector)
172 {
173 if (xtensa_option_enabled(env->config,
174 XTENSA_OPTION_RELOCATABLE_VECTOR)) {
175 return vector - env->config->vecbase + env->sregs[VECBASE];
176 } else {
177 return vector;
178 }
179 }
180
181 /*!
182 * Handle penging IRQ.
183 * For the high priority interrupt jump to the corresponding interrupt vector.
184 * For the level-1 interrupt convert it to either user, kernel or double
185 * exception with the 'level-1 interrupt' exception cause.
186 */
187 static void handle_interrupt(CPUState *env)
188 {
189 int level = env->pending_irq_level;
190
191 if (level > xtensa_get_cintlevel(env) &&
192 level <= env->config->nlevel &&
193 (env->config->level_mask[level] &
194 env->sregs[INTSET] &
195 env->sregs[INTENABLE])) {
196 if (level > 1) {
197 env->sregs[EPC1 + level - 1] = env->pc;
198 env->sregs[EPS2 + level - 2] = env->sregs[PS];
199 env->sregs[PS] =
200 (env->sregs[PS] & ~PS_INTLEVEL) | level | PS_EXCM;
201 env->pc = relocated_vector(env,
202 env->config->interrupt_vector[level]);
203 } else {
204 env->sregs[EXCCAUSE] = LEVEL1_INTERRUPT_CAUSE;
205
206 if (env->sregs[PS] & PS_EXCM) {
207 if (env->config->ndepc) {
208 env->sregs[DEPC] = env->pc;
209 } else {
210 env->sregs[EPC1] = env->pc;
211 }
212 env->exception_index = EXC_DOUBLE;
213 } else {
214 env->sregs[EPC1] = env->pc;
215 env->exception_index =
216 (env->sregs[PS] & PS_UM) ? EXC_USER : EXC_KERNEL;
217 }
218 env->sregs[PS] |= PS_EXCM;
219 }
220 env->exception_taken = 1;
221 }
222 }
223
224 void do_interrupt(CPUState *env)
225 {
226 if (env->exception_index == EXC_IRQ) {
227 qemu_log_mask(CPU_LOG_INT,
228 "%s(EXC_IRQ) level = %d, cintlevel = %d, "
229 "pc = %08x, a0 = %08x, ps = %08x, "
230 "intset = %08x, intenable = %08x, "
231 "ccount = %08x\n",
232 __func__, env->pending_irq_level, xtensa_get_cintlevel(env),
233 env->pc, env->regs[0], env->sregs[PS],
234 env->sregs[INTSET], env->sregs[INTENABLE],
235 env->sregs[CCOUNT]);
236 handle_interrupt(env);
237 }
238
239 switch (env->exception_index) {
240 case EXC_WINDOW_OVERFLOW4:
241 case EXC_WINDOW_UNDERFLOW4:
242 case EXC_WINDOW_OVERFLOW8:
243 case EXC_WINDOW_UNDERFLOW8:
244 case EXC_WINDOW_OVERFLOW12:
245 case EXC_WINDOW_UNDERFLOW12:
246 case EXC_KERNEL:
247 case EXC_USER:
248 case EXC_DOUBLE:
249 qemu_log_mask(CPU_LOG_INT, "%s(%d) "
250 "pc = %08x, a0 = %08x, ps = %08x, ccount = %08x\n",
251 __func__, env->exception_index,
252 env->pc, env->regs[0], env->sregs[PS], env->sregs[CCOUNT]);
253 if (env->config->exception_vector[env->exception_index]) {
254 env->pc = relocated_vector(env,
255 env->config->exception_vector[env->exception_index]);
256 env->exception_taken = 1;
257 } else {
258 qemu_log("%s(pc = %08x) bad exception_index: %d\n",
259 __func__, env->pc, env->exception_index);
260 }
261 break;
262
263 case EXC_IRQ:
264 break;
265
266 default:
267 qemu_log("%s(pc = %08x) unknown exception_index: %d\n",
268 __func__, env->pc, env->exception_index);
269 break;
270 }
271 check_interrupts(env);
272 }
273
274 static void reset_tlb_mmu_all_ways(CPUState *env,
275 const xtensa_tlb *tlb, xtensa_tlb_entry entry[][MAX_TLB_WAY_SIZE])
276 {
277 unsigned wi, ei;
278
279 for (wi = 0; wi < tlb->nways; ++wi) {
280 for (ei = 0; ei < tlb->way_size[wi]; ++ei) {
281 entry[wi][ei].asid = 0;
282 entry[wi][ei].variable = true;
283 }
284 }
285 }
286
287 static void reset_tlb_mmu_ways56(CPUState *env,
288 const xtensa_tlb *tlb, xtensa_tlb_entry entry[][MAX_TLB_WAY_SIZE])
289 {
290 if (!tlb->varway56) {
291 static const xtensa_tlb_entry way5[] = {
292 {
293 .vaddr = 0xd0000000,
294 .paddr = 0,
295 .asid = 1,
296 .attr = 7,
297 .variable = false,
298 }, {
299 .vaddr = 0xd8000000,
300 .paddr = 0,
301 .asid = 1,
302 .attr = 3,
303 .variable = false,
304 }
305 };
306 static const xtensa_tlb_entry way6[] = {
307 {
308 .vaddr = 0xe0000000,
309 .paddr = 0xf0000000,
310 .asid = 1,
311 .attr = 7,
312 .variable = false,
313 }, {
314 .vaddr = 0xf0000000,
315 .paddr = 0xf0000000,
316 .asid = 1,
317 .attr = 3,
318 .variable = false,
319 }
320 };
321 memcpy(entry[5], way5, sizeof(way5));
322 memcpy(entry[6], way6, sizeof(way6));
323 } else {
324 uint32_t ei;
325 for (ei = 0; ei < 8; ++ei) {
326 entry[6][ei].vaddr = ei << 29;
327 entry[6][ei].paddr = ei << 29;
328 entry[6][ei].asid = 1;
329 entry[6][ei].attr = 2;
330 }
331 }
332 }
333
334 static void reset_tlb_region_way0(CPUState *env,
335 xtensa_tlb_entry entry[][MAX_TLB_WAY_SIZE])
336 {
337 unsigned ei;
338
339 for (ei = 0; ei < 8; ++ei) {
340 entry[0][ei].vaddr = ei << 29;
341 entry[0][ei].paddr = ei << 29;
342 entry[0][ei].asid = 1;
343 entry[0][ei].attr = 2;
344 entry[0][ei].variable = true;
345 }
346 }
347
348 static void reset_mmu(CPUState *env)
349 {
350 if (xtensa_option_enabled(env->config, XTENSA_OPTION_MMU)) {
351 env->sregs[RASID] = 0x04030201;
352 env->sregs[ITLBCFG] = 0;
353 env->sregs[DTLBCFG] = 0;
354 env->autorefill_idx = 0;
355 reset_tlb_mmu_all_ways(env, &env->config->itlb, env->itlb);
356 reset_tlb_mmu_all_ways(env, &env->config->dtlb, env->dtlb);
357 reset_tlb_mmu_ways56(env, &env->config->itlb, env->itlb);
358 reset_tlb_mmu_ways56(env, &env->config->dtlb, env->dtlb);
359 } else {
360 reset_tlb_region_way0(env, env->itlb);
361 reset_tlb_region_way0(env, env->dtlb);
362 }
363 }
364
365 static unsigned get_ring(const CPUState *env, uint8_t asid)
366 {
367 unsigned i;
368 for (i = 0; i < 4; ++i) {
369 if (((env->sregs[RASID] >> i * 8) & 0xff) == asid) {
370 return i;
371 }
372 }
373 return 0xff;
374 }
375
376 /*!
377 * Lookup xtensa TLB for the given virtual address.
378 * See ISA, 4.6.2.2
379 *
380 * \param pwi: [out] way index
381 * \param pei: [out] entry index
382 * \param pring: [out] access ring
383 * \return 0 if ok, exception cause code otherwise
384 */
385 int xtensa_tlb_lookup(const CPUState *env, uint32_t addr, bool dtlb,
386 uint32_t *pwi, uint32_t *pei, uint8_t *pring)
387 {
388 const xtensa_tlb *tlb = dtlb ?
389 &env->config->dtlb : &env->config->itlb;
390 const xtensa_tlb_entry (*entry)[MAX_TLB_WAY_SIZE] = dtlb ?
391 env->dtlb : env->itlb;
392
393 int nhits = 0;
394 unsigned wi;
395
396 for (wi = 0; wi < tlb->nways; ++wi) {
397 uint32_t vpn;
398 uint32_t ei;
399 split_tlb_entry_spec_way(env, addr, dtlb, &vpn, wi, &ei);
400 if (entry[wi][ei].vaddr == vpn && entry[wi][ei].asid) {
401 unsigned ring = get_ring(env, entry[wi][ei].asid);
402 if (ring < 4) {
403 if (++nhits > 1) {
404 return dtlb ?
405 LOAD_STORE_TLB_MULTI_HIT_CAUSE :
406 INST_TLB_MULTI_HIT_CAUSE;
407 }
408 *pwi = wi;
409 *pei = ei;
410 *pring = ring;
411 }
412 }
413 }
414 return nhits ? 0 :
415 (dtlb ? LOAD_STORE_TLB_MISS_CAUSE : INST_TLB_MISS_CAUSE);
416 }
417
418 /*!
419 * Convert MMU ATTR to PAGE_{READ,WRITE,EXEC} mask.
420 * See ISA, 4.6.5.10
421 */
422 static unsigned mmu_attr_to_access(uint32_t attr)
423 {
424 unsigned access = 0;
425 if (attr < 12) {
426 access |= PAGE_READ;
427 if (attr & 0x1) {
428 access |= PAGE_EXEC;
429 }
430 if (attr & 0x2) {
431 access |= PAGE_WRITE;
432 }
433 } else if (attr == 13) {
434 access |= PAGE_READ | PAGE_WRITE;
435 }
436 return access;
437 }
438
439 /*!
440 * Convert region protection ATTR to PAGE_{READ,WRITE,EXEC} mask.
441 * See ISA, 4.6.3.3
442 */
443 static unsigned region_attr_to_access(uint32_t attr)
444 {
445 unsigned access = 0;
446 if ((attr < 6 && attr != 3) || attr == 14) {
447 access |= PAGE_READ | PAGE_WRITE;
448 }
449 if (attr > 0 && attr < 6) {
450 access |= PAGE_EXEC;
451 }
452 return access;
453 }
454
455 static bool is_access_granted(unsigned access, int is_write)
456 {
457 switch (is_write) {
458 case 0:
459 return access & PAGE_READ;
460
461 case 1:
462 return access & PAGE_WRITE;
463
464 case 2:
465 return access & PAGE_EXEC;
466
467 default:
468 return 0;
469 }
470 }
471
472 static int autorefill_mmu(CPUState *env, uint32_t vaddr, bool dtlb,
473 uint32_t *wi, uint32_t *ei, uint8_t *ring);
474
475 static int get_physical_addr_mmu(CPUState *env,
476 uint32_t vaddr, int is_write, int mmu_idx,
477 uint32_t *paddr, uint32_t *page_size, unsigned *access)
478 {
479 bool dtlb = is_write != 2;
480 uint32_t wi;
481 uint32_t ei;
482 uint8_t ring;
483 int ret = xtensa_tlb_lookup(env, vaddr, dtlb, &wi, &ei, &ring);
484
485 if ((ret == INST_TLB_MISS_CAUSE || ret == LOAD_STORE_TLB_MISS_CAUSE) &&
486 (mmu_idx != 0 || ((vaddr ^ env->sregs[PTEVADDR]) & 0xffc00000)) &&
487 autorefill_mmu(env, vaddr, dtlb, &wi, &ei, &ring) == 0) {
488 ret = 0;
489 }
490 if (ret != 0) {
491 return ret;
492 }
493
494 const xtensa_tlb_entry *entry =
495 xtensa_tlb_get_entry(env, dtlb, wi, ei);
496
497 if (ring < mmu_idx) {
498 return dtlb ?
499 LOAD_STORE_PRIVILEGE_CAUSE :
500 INST_FETCH_PRIVILEGE_CAUSE;
501 }
502
503 *access = mmu_attr_to_access(entry->attr);
504 if (!is_access_granted(*access, is_write)) {
505 return dtlb ?
506 (is_write ?
507 STORE_PROHIBITED_CAUSE :
508 LOAD_PROHIBITED_CAUSE) :
509 INST_FETCH_PROHIBITED_CAUSE;
510 }
511
512 *paddr = entry->paddr | (vaddr & ~xtensa_tlb_get_addr_mask(env, dtlb, wi));
513 *page_size = ~xtensa_tlb_get_addr_mask(env, dtlb, wi) + 1;
514
515 return 0;
516 }
517
518 static int autorefill_mmu(CPUState *env, uint32_t vaddr, bool dtlb,
519 uint32_t *wi, uint32_t *ei, uint8_t *ring)
520 {
521 uint32_t paddr;
522 uint32_t page_size;
523 unsigned access;
524 uint32_t pt_vaddr =
525 (env->sregs[PTEVADDR] | (vaddr >> 10)) & 0xfffffffc;
526 int ret = get_physical_addr_mmu(env, pt_vaddr, 0, 0,
527 &paddr, &page_size, &access);
528
529 qemu_log("%s: trying autorefill(%08x) -> %08x\n", __func__,
530 vaddr, ret ? ~0 : paddr);
531
532 if (ret == 0) {
533 uint32_t vpn;
534 uint32_t pte = ldl_phys(paddr);
535
536 *ring = (pte >> 4) & 0x3;
537 *wi = (++env->autorefill_idx) & 0x3;
538 split_tlb_entry_spec_way(env, vaddr, dtlb, &vpn, *wi, ei);
539 xtensa_tlb_set_entry(env, dtlb, *wi, *ei, vpn, pte);
540 qemu_log("%s: autorefill(%08x): %08x -> %08x\n",
541 __func__, vaddr, vpn, pte);
542 }
543 return ret;
544 }
545
546 static int get_physical_addr_region(CPUState *env,
547 uint32_t vaddr, int is_write, int mmu_idx,
548 uint32_t *paddr, uint32_t *page_size, unsigned *access)
549 {
550 bool dtlb = is_write != 2;
551 uint32_t wi = 0;
552 uint32_t ei = (vaddr >> 29) & 0x7;
553 const xtensa_tlb_entry *entry =
554 xtensa_tlb_get_entry(env, dtlb, wi, ei);
555
556 *access = region_attr_to_access(entry->attr);
557 if (!is_access_granted(*access, is_write)) {
558 return dtlb ?
559 (is_write ?
560 STORE_PROHIBITED_CAUSE :
561 LOAD_PROHIBITED_CAUSE) :
562 INST_FETCH_PROHIBITED_CAUSE;
563 }
564
565 *paddr = entry->paddr | (vaddr & ~REGION_PAGE_MASK);
566 *page_size = ~REGION_PAGE_MASK + 1;
567
568 return 0;
569 }
570
571 /*!
572 * Convert virtual address to physical addr.
573 * MMU may issue pagewalk and change xtensa autorefill TLB way entry.
574 *
575 * \return 0 if ok, exception cause code otherwise
576 */
577 int xtensa_get_physical_addr(CPUState *env,
578 uint32_t vaddr, int is_write, int mmu_idx,
579 uint32_t *paddr, uint32_t *page_size, unsigned *access)
580 {
581 if (xtensa_option_enabled(env->config, XTENSA_OPTION_MMU)) {
582 return get_physical_addr_mmu(env, vaddr, is_write, mmu_idx,
583 paddr, page_size, access);
584 } else if (xtensa_option_bits_enabled(env->config,
585 XTENSA_OPTION_BIT(XTENSA_OPTION_REGION_PROTECTION) |
586 XTENSA_OPTION_BIT(XTENSA_OPTION_REGION_TRANSLATION))) {
587 return get_physical_addr_region(env, vaddr, is_write, mmu_idx,
588 paddr, page_size, access);
589 } else {
590 *paddr = vaddr;
591 *page_size = TARGET_PAGE_SIZE;
592 *access = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
593 return 0;
594 }
595 }
QEmu