search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
target/mips: Prefer fast cpu_env() over slower CPU QOM cast macro
[qemu/ar7.git] / target / hppa / mem_helper.c
blob80f51e753f731685297e27264d3aaa6d2df938b3
1 /*
2 * HPPA memory access helper routines
3 *
4 * Copyright (c) 2017 Helge Deller
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include "qemu/osdep.h"
21 #include "qemu/log.h"
22 #include "cpu.h"
23 #include "exec/exec-all.h"
24 #include "exec/helper-proto.h"
25 #include "hw/core/cpu.h"
26 #include "trace.h"
27
28 hwaddr hppa_abs_to_phys_pa2_w1(vaddr addr)
29 {
30 /*
31 * Figure H-8 "62-bit Absolute Accesses when PSW W-bit is 1" describes
32 * an algorithm in which a 62-bit absolute address is transformed to
33 * a 64-bit physical address. This must then be combined with that
34 * pictured in Figure H-11 "Physical Address Space Mapping", in which
35 * the full physical address is truncated to the N-bit physical address
36 * supported by the implementation.
37 *
38 * Since the supported physical address space is below 54 bits, the
39 * H-8 algorithm is moot and all that is left is to truncate.
40 */
41 QEMU_BUILD_BUG_ON(TARGET_PHYS_ADDR_SPACE_BITS > 54);
42 return sextract64(addr, 0, TARGET_PHYS_ADDR_SPACE_BITS);
43 }
44
45 hwaddr hppa_abs_to_phys_pa2_w0(vaddr addr)
46 {
47 /*
48 * See Figure H-10, "Absolute Accesses when PSW W-bit is 0",
49 * combined with Figure H-11, as above.
50 */
51 if (likely(extract32(addr, 28, 4) != 0xf)) {
52 /* Memory address space */
53 addr = (uint32_t)addr;
54 } else if (extract32(addr, 24, 4) != 0) {
55 /* I/O address space */
56 addr = (int32_t)addr;
57 } else {
58 /*
59 * PDC address space:
60 * Figures H-10 and H-11 of the parisc2.0 spec do not specify
61 * where to map into the 64-bit PDC address space.
62 * We map with an offset which equals the 32-bit address, which
63 * is what can be seen on physical machines too.
64 */
65 addr = (uint32_t)addr;
66 addr |= -1ull << (TARGET_PHYS_ADDR_SPACE_BITS - 4);
67 }
68 return addr;
69 }
70
71 static HPPATLBEntry *hppa_find_tlb(CPUHPPAState *env, vaddr addr)
72 {
73 IntervalTreeNode *i = interval_tree_iter_first(&env->tlb_root, addr, addr);
74
75 if (i) {
76 HPPATLBEntry *ent = container_of(i, HPPATLBEntry, itree);
77 trace_hppa_tlb_find_entry(env, ent, ent->entry_valid,
78 ent->itree.start, ent->itree.last, ent->pa);
79 return ent;
80 }
81 trace_hppa_tlb_find_entry_not_found(env, addr);
82 return NULL;
83 }
84
85 static void hppa_flush_tlb_ent(CPUHPPAState *env, HPPATLBEntry *ent,
86 bool force_flush_btlb)
87 {
88 CPUState *cs = env_cpu(env);
89 bool is_btlb;
90
91 if (!ent->entry_valid) {
92 return;
93 }
94
95 trace_hppa_tlb_flush_ent(env, ent, ent->itree.start,
96 ent->itree.last, ent->pa);
97
98 tlb_flush_range_by_mmuidx(cs, ent->itree.start,
99 ent->itree.last - ent->itree.start + 1,
100 HPPA_MMU_FLUSH_MASK, TARGET_LONG_BITS);
101
102 /* Never clear BTLBs, unless forced to do so. */
103 is_btlb = ent < &env->tlb[HPPA_BTLB_ENTRIES(env)];
104 if (is_btlb && !force_flush_btlb) {
105 return;
106 }
107
108 interval_tree_remove(&ent->itree, &env->tlb_root);
109 memset(ent, 0, sizeof(*ent));
110
111 if (!is_btlb) {
112 ent->unused_next = env->tlb_unused;
113 env->tlb_unused = ent;
114 }
115 }
116
117 static void hppa_flush_tlb_range(CPUHPPAState *env, vaddr va_b, vaddr va_e)
118 {
119 IntervalTreeNode *i, *n;
120
121 i = interval_tree_iter_first(&env->tlb_root, va_b, va_e);
122 for (; i ; i = n) {
123 HPPATLBEntry *ent = container_of(i, HPPATLBEntry, itree);
124
125 /*
126 * Find the next entry now: In the normal case the current entry
127 * will be removed, but in the BTLB case it will remain.
128 */
129 n = interval_tree_iter_next(i, va_b, va_e);
130 hppa_flush_tlb_ent(env, ent, false);
131 }
132 }
133
134 static HPPATLBEntry *hppa_alloc_tlb_ent(CPUHPPAState *env)
135 {
136 HPPATLBEntry *ent = env->tlb_unused;
137
138 if (ent == NULL) {
139 uint32_t btlb_entries = HPPA_BTLB_ENTRIES(env);
140 uint32_t i = env->tlb_last;
141
142 if (i < btlb_entries || i >= ARRAY_SIZE(env->tlb)) {
143 i = btlb_entries;
144 }
145 env->tlb_last = i + 1;
146
147 ent = &env->tlb[i];
148 hppa_flush_tlb_ent(env, ent, false);
149 }
150
151 env->tlb_unused = ent->unused_next;
152 return ent;
153 }
154
155 int hppa_get_physical_address(CPUHPPAState *env, vaddr addr, int mmu_idx,
156 int type, hwaddr *pphys, int *pprot,
157 HPPATLBEntry **tlb_entry)
158 {
159 hwaddr phys;
160 int prot, r_prot, w_prot, x_prot, priv;
161 HPPATLBEntry *ent;
162 int ret = -1;
163
164 if (tlb_entry) {
165 *tlb_entry = NULL;
166 }
167
168 /* Virtual translation disabled. Map absolute to physical. */
169 if (MMU_IDX_MMU_DISABLED(mmu_idx)) {
170 switch (mmu_idx) {
171 case MMU_ABS_W_IDX:
172 phys = hppa_abs_to_phys_pa2_w1(addr);
173 break;
174 case MMU_ABS_IDX:
175 if (hppa_is_pa20(env)) {
176 phys = hppa_abs_to_phys_pa2_w0(addr);
177 } else {
178 phys = (uint32_t)addr;
179 }
180 break;
181 default:
182 g_assert_not_reached();
183 }
184 prot = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
185 goto egress;
186 }
187
188 /* Find a valid tlb entry that matches the virtual address. */
189 ent = hppa_find_tlb(env, addr);
190 if (ent == NULL) {
191 phys = 0;
192 prot = 0;
193 ret = (type == PAGE_EXEC) ? EXCP_ITLB_MISS : EXCP_DTLB_MISS;
194 goto egress;
195 }
196
197 if (tlb_entry) {
198 *tlb_entry = ent;
199 }
200
201 /* We now know the physical address. */
202 phys = ent->pa + (addr - ent->itree.start);
203
204 /* Map TLB access_rights field to QEMU protection. */
205 priv = MMU_IDX_TO_PRIV(mmu_idx);
206 r_prot = (priv <= ent->ar_pl1) * PAGE_READ;
207 w_prot = (priv <= ent->ar_pl2) * PAGE_WRITE;
208 x_prot = (ent->ar_pl2 <= priv && priv <= ent->ar_pl1) * PAGE_EXEC;
209 switch (ent->ar_type) {
210 case 0: /* read-only: data page */
211 prot = r_prot;
212 break;
213 case 1: /* read/write: dynamic data page */
214 prot = r_prot | w_prot;
215 break;
216 case 2: /* read/execute: normal code page */
217 prot = r_prot | x_prot;
218 break;
219 case 3: /* read/write/execute: dynamic code page */
220 prot = r_prot | w_prot | x_prot;
221 break;
222 default: /* execute: promote to privilege level type & 3 */
223 prot = x_prot;
224 break;
225 }
226
227 /* access_id == 0 means public page and no check is performed */
228 if (ent->access_id && MMU_IDX_TO_P(mmu_idx)) {
229 /* If bits [31:1] match, and bit 0 is set, suppress write. */
230 int match = ent->access_id * 2 + 1;
231
232 if (match == env->cr[CR_PID1] || match == env->cr[CR_PID2] ||
233 match == env->cr[CR_PID3] || match == env->cr[CR_PID4]) {
234 prot &= PAGE_READ | PAGE_EXEC;
235 if (type == PAGE_WRITE) {
236 ret = EXCP_DMPI;
237 goto egress;
238 }
239 }
240 }
241
242 /* No guest access type indicates a non-architectural access from
243 within QEMU. Bypass checks for access, D, B and T bits. */
244 if (type == 0) {
245 goto egress;
246 }
247
248 if (unlikely(!(prot & type))) {
249 /* The access isn't allowed -- Inst/Data Memory Protection Fault. */
250 ret = (type & PAGE_EXEC) ? EXCP_IMP : EXCP_DMAR;
251 goto egress;
252 }
253
254 /* In reverse priority order, check for conditions which raise faults.
255 As we go, remove PROT bits that cover the condition we want to check.
256 In this way, the resulting PROT will force a re-check of the
257 architectural TLB entry for the next access. */
258 if (unlikely(!ent->d)) {
259 if (type & PAGE_WRITE) {
260 /* The D bit is not set -- TLB Dirty Bit Fault. */
261 ret = EXCP_TLB_DIRTY;
262 }
263 prot &= PAGE_READ | PAGE_EXEC;
264 }
265 if (unlikely(ent->b)) {
266 if (type & PAGE_WRITE) {
267 /* The B bit is set -- Data Memory Break Fault. */
268 ret = EXCP_DMB;
269 }
270 prot &= PAGE_READ | PAGE_EXEC;
271 }
272 if (unlikely(ent->t)) {
273 if (!(type & PAGE_EXEC)) {
274 /* The T bit is set -- Page Reference Fault. */
275 ret = EXCP_PAGE_REF;
276 }
277 prot &= PAGE_EXEC;
278 }
279
280 egress:
281 *pphys = phys;
282 *pprot = prot;
283 trace_hppa_tlb_get_physical_address(env, ret, prot, addr, phys);
284 return ret;
285 }
286
287 hwaddr hppa_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
288 {
289 HPPACPU *cpu = HPPA_CPU(cs);
290 hwaddr phys;
291 int prot, excp, mmu_idx;
292
293 /* If the (data) mmu is disabled, bypass translation. */
294 /* ??? We really ought to know if the code mmu is disabled too,
295 in order to get the correct debugging dumps. */
296 mmu_idx = (cpu->env.psw & PSW_D ? MMU_KERNEL_IDX :
297 cpu->env.psw & PSW_W ? MMU_ABS_W_IDX : MMU_ABS_IDX);
298
299 excp = hppa_get_physical_address(&cpu->env, addr, mmu_idx, 0,
300 &phys, &prot, NULL);
301
302 /* Since we're translating for debugging, the only error that is a
303 hard error is no translation at all. Otherwise, while a real cpu
304 access might not have permission, the debugger does. */
305 return excp == EXCP_DTLB_MISS ? -1 : phys;
306 }
307
308 void hppa_set_ior_and_isr(CPUHPPAState *env, vaddr addr, bool mmu_disabled)
309 {
310 if (env->psw & PSW_Q) {
311 /*
312 * For pa1.x, the offset and space never overlap, and so we
313 * simply extract the high and low part of the virtual address.
314 *
315 * For pa2.0, the formation of these are described in section
316 * "Interruption Parameter Registers", page 2-15.
317 */
318 env->cr[CR_IOR] = (uint32_t)addr;
319 env->cr[CR_ISR] = addr >> 32;
320
321 if (hppa_is_pa20(env)) {
322 if (mmu_disabled) {
323 /*
324 * If data translation was disabled, the ISR contains
325 * the upper portion of the abs address, zero-extended.
326 */
327 env->cr[CR_ISR] &= 0x3fffffff;
328 } else {
329 /*
330 * If data translation was enabled, the upper two bits
331 * of the IOR (the b field) are equal to the two space
332 * bits from the base register used to form the gva.
333 */
334 uint64_t b;
335
336 b = env->unwind_breg ? env->gr[env->unwind_breg] : 0;
337 b >>= (env->psw & PSW_W ? 62 : 30);
338 env->cr[CR_IOR] |= b << 62;
339 }
340 }
341 }
342 }
343
344 G_NORETURN static void
345 raise_exception_with_ior(CPUHPPAState *env, int excp, uintptr_t retaddr,
346 vaddr addr, bool mmu_disabled)
347 {
348 CPUState *cs = env_cpu(env);
349
350 cs->exception_index = excp;
351 cpu_restore_state(cs, retaddr);
352 hppa_set_ior_and_isr(env, addr, mmu_disabled);
353
354 cpu_loop_exit(cs);
355 }
356
357 void hppa_cpu_do_transaction_failed(CPUState *cs, hwaddr physaddr,
358 vaddr addr, unsigned size,
359 MMUAccessType access_type,
360 int mmu_idx, MemTxAttrs attrs,
361 MemTxResult response, uintptr_t retaddr)
362 {
363 CPUHPPAState *env = cpu_env(cs);
364
365 qemu_log_mask(LOG_GUEST_ERROR, "HPMC at " TARGET_FMT_lx ":" TARGET_FMT_lx
366 " while accessing I/O at %#08" HWADDR_PRIx "\n",
367 env->iasq_f, env->iaoq_f, physaddr);
368
369 /* FIXME: Enable HPMC exceptions when firmware has clean device probing */
370 if (0) {
371 raise_exception_with_ior(env, EXCP_HPMC, retaddr, addr,
372 MMU_IDX_MMU_DISABLED(mmu_idx));
373 }
374 }
375
376 bool hppa_cpu_tlb_fill(CPUState *cs, vaddr addr, int size,
377 MMUAccessType type, int mmu_idx,
378 bool probe, uintptr_t retaddr)
379 {
380 HPPACPU *cpu = HPPA_CPU(cs);
381 CPUHPPAState *env = &cpu->env;
382 HPPATLBEntry *ent;
383 int prot, excp, a_prot;
384 hwaddr phys;
385
386 switch (type) {
387 case MMU_INST_FETCH:
388 a_prot = PAGE_EXEC;
389 break;
390 case MMU_DATA_STORE:
391 a_prot = PAGE_WRITE;
392 break;
393 default:
394 a_prot = PAGE_READ;
395 break;
396 }
397
398 excp = hppa_get_physical_address(env, addr, mmu_idx,
399 a_prot, &phys, &prot, &ent);
400 if (unlikely(excp >= 0)) {
401 if (probe) {
402 return false;
403 }
404 trace_hppa_tlb_fill_excp(env, addr, size, type, mmu_idx);
405
406 /* Failure. Raise the indicated exception. */
407 raise_exception_with_ior(env, excp, retaddr, addr,
408 MMU_IDX_MMU_DISABLED(mmu_idx));
409 }
410
411 trace_hppa_tlb_fill_success(env, addr & TARGET_PAGE_MASK,
412 phys & TARGET_PAGE_MASK, size, type, mmu_idx);
413
414 /*
415 * Success! Store the translation into the QEMU TLB.
416 * Note that we always install a single-page entry, because that
417 * is what works best with softmmu -- anything else will trigger
418 * the large page protection mask. We do not require this,
419 * because we record the large page here in the hppa tlb.
420 */
421 tlb_set_page(cs, addr & TARGET_PAGE_MASK, phys & TARGET_PAGE_MASK,
422 prot, mmu_idx, TARGET_PAGE_SIZE);
423 return true;
424 }
425
426 /* Insert (Insn/Data) TLB Address. Note this is PA 1.1 only. */
427 void HELPER(itlba_pa11)(CPUHPPAState *env, target_ulong addr, target_ulong reg)
428 {
429 HPPATLBEntry *ent;
430
431 /* Zap any old entries covering ADDR. */
432 addr &= TARGET_PAGE_MASK;
433 hppa_flush_tlb_range(env, addr, addr + TARGET_PAGE_SIZE - 1);
434
435 ent = env->tlb_partial;
436 if (ent == NULL) {
437 ent = hppa_alloc_tlb_ent(env);
438 env->tlb_partial = ent;
439 }
440
441 /* Note that ent->entry_valid == 0 already. */
442 ent->itree.start = addr;
443 ent->itree.last = addr + TARGET_PAGE_SIZE - 1;
444 ent->pa = extract32(reg, 5, 20) << TARGET_PAGE_BITS;
445 trace_hppa_tlb_itlba(env, ent, ent->itree.start, ent->itree.last, ent->pa);
446 }
447
448 static void set_access_bits_pa11(CPUHPPAState *env, HPPATLBEntry *ent,
449 target_ulong reg)
450 {
451 ent->access_id = extract32(reg, 1, 18);
452 ent->u = extract32(reg, 19, 1);
453 ent->ar_pl2 = extract32(reg, 20, 2);
454 ent->ar_pl1 = extract32(reg, 22, 2);
455 ent->ar_type = extract32(reg, 24, 3);
456 ent->b = extract32(reg, 27, 1);
457 ent->d = extract32(reg, 28, 1);
458 ent->t = extract32(reg, 29, 1);
459 ent->entry_valid = 1;
460
461 interval_tree_insert(&ent->itree, &env->tlb_root);
462 trace_hppa_tlb_itlbp(env, ent, ent->access_id, ent->u, ent->ar_pl2,
463 ent->ar_pl1, ent->ar_type, ent->b, ent->d, ent->t);
464 }
465
466 /* Insert (Insn/Data) TLB Protection. Note this is PA 1.1 only. */
467 void HELPER(itlbp_pa11)(CPUHPPAState *env, target_ulong addr, target_ulong reg)
468 {
469 HPPATLBEntry *ent = env->tlb_partial;
470
471 if (ent) {
472 env->tlb_partial = NULL;
473 if (ent->itree.start <= addr && addr <= ent->itree.last) {
474 set_access_bits_pa11(env, ent, reg);
475 return;
476 }
477 }
478 qemu_log_mask(LOG_GUEST_ERROR, "ITLBP not following ITLBA\n");
479 }
480
481 static void itlbt_pa20(CPUHPPAState *env, target_ulong r1,
482 target_ulong r2, vaddr va_b)
483 {
484 HPPATLBEntry *ent;
485 vaddr va_e;
486 uint64_t va_size;
487 int mask_shift;
488
489 mask_shift = 2 * (r1 & 0xf);
490 va_size = (uint64_t)TARGET_PAGE_SIZE << mask_shift;
491 va_b &= -va_size;
492 va_e = va_b + va_size - 1;
493
494 hppa_flush_tlb_range(env, va_b, va_e);
495 ent = hppa_alloc_tlb_ent(env);
496
497 ent->itree.start = va_b;
498 ent->itree.last = va_e;
499
500 /* Extract all 52 bits present in the page table entry. */
501 ent->pa = r1 << (TARGET_PAGE_BITS - 5);
502 /* Align per the page size. */
503 ent->pa &= TARGET_PAGE_MASK << mask_shift;
504 /* Ignore the bits beyond physical address space. */
505 ent->pa = sextract64(ent->pa, 0, TARGET_PHYS_ADDR_SPACE_BITS);
506
507 ent->t = extract64(r2, 61, 1);
508 ent->d = extract64(r2, 60, 1);
509 ent->b = extract64(r2, 59, 1);
510 ent->ar_type = extract64(r2, 56, 3);
511 ent->ar_pl1 = extract64(r2, 54, 2);
512 ent->ar_pl2 = extract64(r2, 52, 2);
513 ent->u = extract64(r2, 51, 1);
514 /* o = bit 50 */
515 /* p = bit 49 */
516 ent->access_id = extract64(r2, 1, 31);
517 ent->entry_valid = 1;
518
519 interval_tree_insert(&ent->itree, &env->tlb_root);
520 trace_hppa_tlb_itlba(env, ent, ent->itree.start, ent->itree.last, ent->pa);
521 trace_hppa_tlb_itlbp(env, ent, ent->access_id, ent->u,
522 ent->ar_pl2, ent->ar_pl1, ent->ar_type,
523 ent->b, ent->d, ent->t);
524 }
525
526 void HELPER(idtlbt_pa20)(CPUHPPAState *env, target_ulong r1, target_ulong r2)
527 {
528 vaddr va_b = deposit64(env->cr[CR_IOR], 32, 32, env->cr[CR_ISR]);
529 itlbt_pa20(env, r1, r2, va_b);
530 }
531
532 void HELPER(iitlbt_pa20)(CPUHPPAState *env, target_ulong r1, target_ulong r2)
533 {
534 vaddr va_b = deposit64(env->cr[CR_IIAOQ], 32, 32, env->cr[CR_IIASQ]);
535 itlbt_pa20(env, r1, r2, va_b);
536 }
537
538 /* Purge (Insn/Data) TLB. */
539 static void ptlb_work(CPUState *cpu, run_on_cpu_data data)
540 {
541 vaddr start = data.target_ptr;
542 vaddr end;
543
544 /*
545 * PA2.0 allows a range of pages encoded into GR[b], which we have
546 * copied into the bottom bits of the otherwise page-aligned address.
547 * PA1.x will always provide zero here, for a single page flush.
548 */
549 end = start & 0xf;
550 start &= TARGET_PAGE_MASK;
551 end = (vaddr)TARGET_PAGE_SIZE << (2 * end);
552 end = start + end - 1;
553
554 hppa_flush_tlb_range(cpu_env(cpu), start, end);
555 }
556
557 /* This is local to the current cpu. */
558 void HELPER(ptlb_l)(CPUHPPAState *env, target_ulong addr)
559 {
560 trace_hppa_tlb_ptlb_local(env);
561 ptlb_work(env_cpu(env), RUN_ON_CPU_TARGET_PTR(addr));
562 }
563
564 /* This is synchronous across all processors. */
565 void HELPER(ptlb)(CPUHPPAState *env, target_ulong addr)
566 {
567 CPUState *src = env_cpu(env);
568 CPUState *cpu;
569 bool wait = false;
570
571 trace_hppa_tlb_ptlb(env);
572 run_on_cpu_data data = RUN_ON_CPU_TARGET_PTR(addr);
573
574 CPU_FOREACH(cpu) {
575 if (cpu != src) {
576 async_run_on_cpu(cpu, ptlb_work, data);
577 wait = true;
578 }
579 }
580 if (wait) {
581 async_safe_run_on_cpu(src, ptlb_work, data);
582 } else {
583 ptlb_work(src, data);
584 }
585 }
586
587 void hppa_ptlbe(CPUHPPAState *env)
588 {
589 uint32_t btlb_entries = HPPA_BTLB_ENTRIES(env);
590 uint32_t i;
591
592 /* Zap the (non-btlb) tlb entries themselves. */
593 memset(&env->tlb[btlb_entries], 0,
594 sizeof(env->tlb) - btlb_entries * sizeof(env->tlb[0]));
595 env->tlb_last = btlb_entries;
596 env->tlb_partial = NULL;
597
598 /* Put them all onto the unused list. */
599 env->tlb_unused = &env->tlb[btlb_entries];
600 for (i = btlb_entries; i < ARRAY_SIZE(env->tlb) - 1; ++i) {
601 env->tlb[i].unused_next = &env->tlb[i + 1];
602 }
603
604 /* Re-initialize the interval tree with only the btlb entries. */
605 memset(&env->tlb_root, 0, sizeof(env->tlb_root));
606 for (i = 0; i < btlb_entries; ++i) {
607 if (env->tlb[i].entry_valid) {
608 interval_tree_insert(&env->tlb[i].itree, &env->tlb_root);
609 }
610 }
611
612 tlb_flush_by_mmuidx(env_cpu(env), HPPA_MMU_FLUSH_MASK);
613 }
614
615 /* Purge (Insn/Data) TLB entry. This affects an implementation-defined
616 number of pages/entries (we choose all), and is local to the cpu. */
617 void HELPER(ptlbe)(CPUHPPAState *env)
618 {
619 trace_hppa_tlb_ptlbe(env);
620 qemu_log_mask(CPU_LOG_MMU, "FLUSH ALL TLB ENTRIES\n");
621 hppa_ptlbe(env);
622 }
623
624 void cpu_hppa_change_prot_id(CPUHPPAState *env)
625 {
626 tlb_flush_by_mmuidx(env_cpu(env), HPPA_MMU_FLUSH_P_MASK);
627 }
628
629 void HELPER(change_prot_id)(CPUHPPAState *env)
630 {
631 cpu_hppa_change_prot_id(env);
632 }
633
634 target_ulong HELPER(lpa)(CPUHPPAState *env, target_ulong addr)
635 {
636 hwaddr phys;
637 int prot, excp;
638
639 excp = hppa_get_physical_address(env, addr, MMU_KERNEL_IDX, 0,
640 &phys, &prot, NULL);
641 if (excp >= 0) {
642 if (excp == EXCP_DTLB_MISS) {
643 excp = EXCP_NA_DTLB_MISS;
644 }
645 trace_hppa_tlb_lpa_failed(env, addr);
646 raise_exception_with_ior(env, excp, GETPC(), addr, false);
647 }
648 trace_hppa_tlb_lpa_success(env, addr, phys);
649 return phys;
650 }
651
652 /* Return the ar_type of the TLB at VADDR, or -1. */
653 int hppa_artype_for_page(CPUHPPAState *env, target_ulong vaddr)
654 {
655 HPPATLBEntry *ent = hppa_find_tlb(env, vaddr);
656 return ent ? ent->ar_type : -1;
657 }
658
659 /*
660 * diag_btlb() emulates the PDC PDC_BLOCK_TLB firmware call to
661 * allow operating systems to modify the Block TLB (BTLB) entries.
662 * For implementation details see page 1-13 in
663 * https://parisc.wiki.kernel.org/images-parisc/e/ef/Pdc11-v0.96-Ch1-procs.pdf
664 */
665 void HELPER(diag_btlb)(CPUHPPAState *env)
666 {
667 unsigned int phys_page, len, slot;
668 int mmu_idx = cpu_mmu_index(env_cpu(env), 0);
669 uintptr_t ra = GETPC();
670 HPPATLBEntry *btlb;
671 uint64_t virt_page;
672 uint32_t *vaddr;
673 uint32_t btlb_entries = HPPA_BTLB_ENTRIES(env);
674
675 /* BTLBs are not supported on 64-bit CPUs */
676 if (btlb_entries == 0) {
677 env->gr[28] = -1; /* nonexistent procedure */
678 return;
679 }
680
681 env->gr[28] = 0; /* PDC_OK */
682
683 switch (env->gr[25]) {
684 case 0:
685 /* return BTLB parameters */
686 qemu_log_mask(CPU_LOG_MMU, "PDC_BLOCK_TLB: PDC_BTLB_INFO\n");
687 vaddr = probe_access(env, env->gr[24], 4 * sizeof(uint32_t),
688 MMU_DATA_STORE, mmu_idx, ra);
689 if (vaddr == NULL) {
690 env->gr[28] = -10; /* invalid argument */
691 } else {
692 vaddr[0] = cpu_to_be32(1);
693 vaddr[1] = cpu_to_be32(16 * 1024);
694 vaddr[2] = cpu_to_be32(PA10_BTLB_FIXED);
695 vaddr[3] = cpu_to_be32(PA10_BTLB_VARIABLE);
696 }
697 break;
698 case 1:
699 /* insert BTLB entry */
700 virt_page = env->gr[24]; /* upper 32 bits */
701 virt_page <<= 32;
702 virt_page |= env->gr[23]; /* lower 32 bits */
703 phys_page = env->gr[22];
704 len = env->gr[21];
705 slot = env->gr[19];
706 qemu_log_mask(CPU_LOG_MMU, "PDC_BLOCK_TLB: PDC_BTLB_INSERT "
707 "0x%08llx-0x%08llx: vpage 0x%llx for phys page 0x%04x len %d "
708 "into slot %d\n",
709 (long long) virt_page << TARGET_PAGE_BITS,
710 (long long) (virt_page + len) << TARGET_PAGE_BITS,
711 (long long) virt_page, phys_page, len, slot);
712 if (slot < btlb_entries) {
713 btlb = &env->tlb[slot];
714
715 /* Force flush of possibly existing BTLB entry. */
716 hppa_flush_tlb_ent(env, btlb, true);
717
718 /* Create new BTLB entry */
719 btlb->itree.start = virt_page << TARGET_PAGE_BITS;
720 btlb->itree.last = btlb->itree.start + len * TARGET_PAGE_SIZE - 1;
721 btlb->pa = phys_page << TARGET_PAGE_BITS;
722 set_access_bits_pa11(env, btlb, env->gr[20]);
723 btlb->t = 0;
724 btlb->d = 1;
725 } else {
726 env->gr[28] = -10; /* invalid argument */
727 }
728 break;
729 case 2:
730 /* Purge BTLB entry */
731 slot = env->gr[22];
732 qemu_log_mask(CPU_LOG_MMU, "PDC_BLOCK_TLB: PDC_BTLB_PURGE slot %d\n",
733 slot);
734 if (slot < btlb_entries) {
735 btlb = &env->tlb[slot];
736 hppa_flush_tlb_ent(env, btlb, true);
737 } else {
738 env->gr[28] = -10; /* invalid argument */
739 }
740 break;
741 case 3:
742 /* Purge all BTLB entries */
743 qemu_log_mask(CPU_LOG_MMU, "PDC_BLOCK_TLB: PDC_BTLB_PURGE_ALL\n");
744 for (slot = 0; slot < btlb_entries; slot++) {
745 btlb = &env->tlb[slot];
746 hppa_flush_tlb_ent(env, btlb, true);
747 }
748 break;
749 default:
750 env->gr[28] = -2; /* nonexistent option */
751 break;
752 }
753 }
AR7 emulation for QEMU