OpenE2K
/
qemu-e2k
13
4
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Activity
qemu-e2k/target-ppc/mmu-hash64.c

586 lines
16 KiB
C
Raw Normal View History

target-ppc: Move SLB handling into a mmu-hash64.c As a first step to disentangling the handling for 64-bit hash MMUs from the rest, we move the code handling the Segment Lookaside Buffer (SLB) (which only exists on 64-bit hash MMUs) into a new mmu-hash64.c file. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:06 +01:00
/*
* PowerPC MMU, TLB, SLB and BAT emulation helpers for QEMU.
*
* Copyright (c) 2003-2007 Jocelyn Mayer
* Copyright (c) 2013 David Gibson, IBM Corporation
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, see <http://www.gnu.org/licenses/>.
*/
#include "cpu.h"
#include "helper.h"
#include "sysemu/kvm.h"
#include "kvm_ppc.h"
#include "mmu-hash64.h"
target-ppc: Disentangle pte_check() Currently support for both 32-bit and 64-bit hash MMUs share an implementation of pte_check. But there are enough differences that this means the shared function has several very ugly conditionals on "is_64b". This patch cleans things up by separating out the 64-bit version (putting it into mmu-hash64.c) and the 32-bit hash version (putting it in mmu-hash32.c). Another copy remains in mmu_helper.c, which is used for the 6xx software loaded TLB paths. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:07 +01:00
//#define DEBUG_MMU
target-ppc: Move SLB handling into a mmu-hash64.c As a first step to disentangling the handling for 64-bit hash MMUs from the rest, we move the code handling the Segment Lookaside Buffer (SLB) (which only exists on 64-bit hash MMUs) into a new mmu-hash64.c file. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:06 +01:00
//#define DEBUG_SLB
target-ppc: Disentangle pte_check() Currently support for both 32-bit and 64-bit hash MMUs share an implementation of pte_check. But there are enough differences that this means the shared function has several very ugly conditionals on "is_64b". This patch cleans things up by separating out the 64-bit version (putting it into mmu-hash64.c) and the 32-bit hash version (putting it in mmu-hash32.c). Another copy remains in mmu_helper.c, which is used for the 6xx software loaded TLB paths. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:07 +01:00
#ifdef DEBUG_MMU
# define LOG_MMU(...) qemu_log(__VA_ARGS__)
# define LOG_MMU_STATE(env) log_cpu_state((env), 0)
#else
# define LOG_MMU(...) do { } while (0)
# define LOG_MMU_STATE(...) do { } while (0)
#endif
target-ppc: Move SLB handling into a mmu-hash64.c As a first step to disentangling the handling for 64-bit hash MMUs from the rest, we move the code handling the Segment Lookaside Buffer (SLB) (which only exists on 64-bit hash MMUs) into a new mmu-hash64.c file. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:06 +01:00
#ifdef DEBUG_SLB
# define LOG_SLB(...) qemu_log(__VA_ARGS__)
#else
# define LOG_SLB(...) do { } while (0)
#endif
target-ppc: mmu_ctx_t should not be a global type mmu_ctx_t is currently defined in cpu.h. However it is used for temporary information relating to mmu translation, and is only used in mmu_helper.c and (now) mmu-hash{32,64}.c. Furthermore it contains information which should be specific to particular MMU types. Therefore, move its definition to mmu_helper.c. mmu-hash{32,64}.c are converted to use new data types private to the relevant MMUs (identical to mmu_ctx_t for now, but that will change in future patches). Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:17 +01:00
struct mmu_ctx_hash64 {
hwaddr raddr; /* Real address */
int prot; /* Protection bits */
hwaddr hash[2]; /* Pagetable hash values */
target_ulong ptem; /* Virtual segment ID | API */
int key; /* Access key */
};
target-ppc: Move SLB handling into a mmu-hash64.c As a first step to disentangling the handling for 64-bit hash MMUs from the rest, we move the code handling the Segment Lookaside Buffer (SLB) (which only exists on 64-bit hash MMUs) into a new mmu-hash64.c file. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:06 +01:00
/*
* SLB handling
*/
target-ppc: Disentangle get_segment() The poorly named get_segment() function handles most of the address translation logic for hash-based MMUs. It has many ugly conditionals on whether the MMU is 32-bit or 64-bit. This patch splits the function into 32 and 64-bit versions, using the switch on mmu_type that's already in the caller (get_physical_address()) to select the right one. Most of the original function remains in mmu_helper.c to support the 6xx software loaded TLB implementations (cleaning those up is a project for another day). Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:09 +01:00
static ppc_slb_t *slb_lookup(CPUPPCState *env, target_ulong eaddr)
target-ppc: Move SLB handling into a mmu-hash64.c As a first step to disentangling the handling for 64-bit hash MMUs from the rest, we move the code handling the Segment Lookaside Buffer (SLB) (which only exists on 64-bit hash MMUs) into a new mmu-hash64.c file. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:06 +01:00
{
uint64_t esid_256M, esid_1T;
int n;
LOG_SLB("%s: eaddr " TARGET_FMT_lx "\n", __func__, eaddr);
esid_256M = (eaddr & SEGMENT_MASK_256M) | SLB_ESID_V;
esid_1T = (eaddr & SEGMENT_MASK_1T) | SLB_ESID_V;
for (n = 0; n < env->slb_nr; n++) {
ppc_slb_t *slb = &env->slb[n];
LOG_SLB("%s: slot %d %016" PRIx64 " %016"
PRIx64 "\n", __func__, n, slb->esid, slb->vsid);
/* We check for 1T matches on all MMUs here - if the MMU
* doesn't have 1T segment support, we will have prevented 1T
* entries from being inserted in the slbmte code. */
if (((slb->esid == esid_256M) &&
((slb->vsid & SLB_VSID_B) == SLB_VSID_B_256M))
|| ((slb->esid == esid_1T) &&
((slb->vsid & SLB_VSID_B) == SLB_VSID_B_1T))) {
return slb;
}
}
return NULL;
}
void dump_slb(FILE *f, fprintf_function cpu_fprintf, CPUPPCState *env)
{
int i;
uint64_t slbe, slbv;
cpu_synchronize_state(env);
cpu_fprintf(f, "SLB\tESID\t\t\tVSID\n");
for (i = 0; i < env->slb_nr; i++) {
slbe = env->slb[i].esid;
slbv = env->slb[i].vsid;
if (slbe == 0 && slbv == 0) {
continue;
}
cpu_fprintf(f, "%d\t0x%016" PRIx64 "\t0x%016" PRIx64 "\n",
i, slbe, slbv);
}
}
void helper_slbia(CPUPPCState *env)
{
int n, do_invalidate;
do_invalidate = 0;
/* XXX: Warning: slbia never invalidates the first segment */
for (n = 1; n < env->slb_nr; n++) {
ppc_slb_t *slb = &env->slb[n];
if (slb->esid & SLB_ESID_V) {
slb->esid &= ~SLB_ESID_V;
/* XXX: given the fact that segment size is 256 MB or 1TB,
* and we still don't have a tlb_flush_mask(env, n, mask)
* in QEMU, we just invalidate all TLBs
*/
do_invalidate = 1;
}
}
if (do_invalidate) {
tlb_flush(env, 1);
}
}
void helper_slbie(CPUPPCState *env, target_ulong addr)
{
ppc_slb_t *slb;
slb = slb_lookup(env, addr);
if (!slb) {
return;
}
if (slb->esid & SLB_ESID_V) {
slb->esid &= ~SLB_ESID_V;
/* XXX: given the fact that segment size is 256 MB or 1TB,
* and we still don't have a tlb_flush_mask(env, n, mask)
* in QEMU, we just invalidate all TLBs
*/
tlb_flush(env, 1);
}
}
int ppc_store_slb(CPUPPCState *env, target_ulong rb, target_ulong rs)
{
int slot = rb & 0xfff;
ppc_slb_t *slb = &env->slb[slot];
if (rb & (0x1000 - env->slb_nr)) {
return -1; /* Reserved bits set or slot too high */
}
if (rs & (SLB_VSID_B & ~SLB_VSID_B_1T)) {
return -1; /* Bad segment size */
}
if ((rs & SLB_VSID_B) && !(env->mmu_model & POWERPC_MMU_1TSEG)) {
return -1; /* 1T segment on MMU that doesn't support it */
}
/* Mask out the slot number as we store the entry */
slb->esid = rb & (SLB_ESID_ESID | SLB_ESID_V);
slb->vsid = rs;
LOG_SLB("%s: %d " TARGET_FMT_lx " - " TARGET_FMT_lx " => %016" PRIx64
" %016" PRIx64 "\n", __func__, slot, rb, rs,
slb->esid, slb->vsid);
return 0;
}
static int ppc_load_slb_esid(CPUPPCState *env, target_ulong rb,
target_ulong *rt)
{
int slot = rb & 0xfff;
ppc_slb_t *slb = &env->slb[slot];
if (slot >= env->slb_nr) {
return -1;
}
*rt = slb->esid;
return 0;
}
static int ppc_load_slb_vsid(CPUPPCState *env, target_ulong rb,
target_ulong *rt)
{
int slot = rb & 0xfff;
ppc_slb_t *slb = &env->slb[slot];
if (slot >= env->slb_nr) {
return -1;
}
*rt = slb->vsid;
return 0;
}
void helper_store_slb(CPUPPCState *env, target_ulong rb, target_ulong rs)
{
if (ppc_store_slb(env, rb, rs) < 0) {
helper_raise_exception_err(env, POWERPC_EXCP_PROGRAM,
POWERPC_EXCP_INVAL);
}
}
target_ulong helper_load_slb_esid(CPUPPCState *env, target_ulong rb)
{
target_ulong rt = 0;
if (ppc_load_slb_esid(env, rb, &rt) < 0) {
helper_raise_exception_err(env, POWERPC_EXCP_PROGRAM,
POWERPC_EXCP_INVAL);
}
return rt;
}
target_ulong helper_load_slb_vsid(CPUPPCState *env, target_ulong rb)
{
target_ulong rt = 0;
if (ppc_load_slb_vsid(env, rb, &rt) < 0) {
helper_raise_exception_err(env, POWERPC_EXCP_PROGRAM,
POWERPC_EXCP_INVAL);
}
return rt;
}
target-ppc: Disentangle pte_check() Currently support for both 32-bit and 64-bit hash MMUs share an implementation of pte_check. But there are enough differences that this means the shared function has several very ugly conditionals on "is_64b". This patch cleans things up by separating out the 64-bit version (putting it into mmu-hash64.c) and the 32-bit hash version (putting it in mmu-hash32.c). Another copy remains in mmu_helper.c, which is used for the 6xx software loaded TLB paths. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:07 +01:00
/*
* 64-bit hash table MMU handling
*/
mmu-hash64: Remove nx from mmu_ctx_hash64 The nx field in mmu_ctx_hash64 is used in two different functions. But its used for slightly different things in each place, and the value is never propagated between them. In other words, it might as well be two local variables. This patch makes it so. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:21 +01:00
static int ppc_hash64_pp_check(int key, int pp, bool nx)
target-ppc: Disentangle hash mmu helper functions The newly separated paths for hash mmus rely on several helper functions which are still shared with 32-bit hash mmus: pp_check(), check_prot() and pte_update_flags(). While these don't have ugly ifdefs on the mmu type, they're not very well thought out, so sharing them impedes cleaning up the hash mmu paths. For now, put near-duplicate versions into mmu-hash64.c and mmu-hash32.c, leaving the old version in mmu_helper.c for 6xx software loaded tlb implementations. The hash 32 and software loaded implementations are simplfied slightly, using the fact that no 32-bit CPUs implement the 3rd page protection bit. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:14 +01:00
{
int access;
/* Compute access rights */
/* When pp is 4, 5 or 7, the result is undefined. Set it to noaccess */
access = 0;
if (key == 0) {
switch (pp) {
case 0x0:
case 0x1:
case 0x2:
access |= PAGE_WRITE;
/* No break here */
case 0x3:
case 0x6:
access |= PAGE_READ;
break;
}
} else {
switch (pp) {
case 0x0:
case 0x6:
access = 0;
break;
case 0x1:
case 0x3:
access = PAGE_READ;
break;
case 0x2:
access = PAGE_READ | PAGE_WRITE;
break;
}
}
mmu-hash64: Remove nx from mmu_ctx_hash64 The nx field in mmu_ctx_hash64 is used in two different functions. But its used for slightly different things in each place, and the value is never propagated between them. In other words, it might as well be two local variables. This patch makes it so. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:21 +01:00
if (!nx) {
target-ppc: Disentangle hash mmu helper functions The newly separated paths for hash mmus rely on several helper functions which are still shared with 32-bit hash mmus: pp_check(), check_prot() and pte_update_flags(). While these don't have ugly ifdefs on the mmu type, they're not very well thought out, so sharing them impedes cleaning up the hash mmu paths. For now, put near-duplicate versions into mmu-hash64.c and mmu-hash32.c, leaving the old version in mmu_helper.c for 6xx software loaded tlb implementations. The hash 32 and software loaded implementations are simplfied slightly, using the fact that no 32-bit CPUs implement the 3rd page protection bit. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:14 +01:00
access |= PAGE_EXEC;
}
return access;
}
mmu-hash*: Reduce use of access_type In ppc env->access_type is updated by e.g. integer load/stores with ACCESS_INT floating point load/stores with ACCESS_FLOAT and so forth. In hash mmu fault paths it can also b set to ACCESS_CODE for instruction fetch accesses. But the only place which uses anything more of the access_type than whether it is instruction fetch or data access is the direct store segment handling. Instruction versus data access can be more simply determined from the rw value passed down from the top. This changes the code to use rw in preference to checking access_type. For the 32-bit case there is a small amount of code (for direct store segments) that still needs the full access type. Instead of passing it all the way down the stack, we retrieve it from the env structure, which is where it came anyway, before this patch. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:20 +01:00
static int ppc_hash64_check_prot(int prot, int rwx)
target-ppc: Disentangle hash mmu helper functions The newly separated paths for hash mmus rely on several helper functions which are still shared with 32-bit hash mmus: pp_check(), check_prot() and pte_update_flags(). While these don't have ugly ifdefs on the mmu type, they're not very well thought out, so sharing them impedes cleaning up the hash mmu paths. For now, put near-duplicate versions into mmu-hash64.c and mmu-hash32.c, leaving the old version in mmu_helper.c for 6xx software loaded tlb implementations. The hash 32 and software loaded implementations are simplfied slightly, using the fact that no 32-bit CPUs implement the 3rd page protection bit. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:14 +01:00
{
int ret;
mmu-hash*: Reduce use of access_type In ppc env->access_type is updated by e.g. integer load/stores with ACCESS_INT floating point load/stores with ACCESS_FLOAT and so forth. In hash mmu fault paths it can also b set to ACCESS_CODE for instruction fetch accesses. But the only place which uses anything more of the access_type than whether it is instruction fetch or data access is the direct store segment handling. Instruction versus data access can be more simply determined from the rw value passed down from the top. This changes the code to use rw in preference to checking access_type. For the 32-bit case there is a small amount of code (for direct store segments) that still needs the full access type. Instead of passing it all the way down the stack, we retrieve it from the env structure, which is where it came anyway, before this patch. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:20 +01:00
if (rwx == 2) {
target-ppc: Disentangle hash mmu helper functions The newly separated paths for hash mmus rely on several helper functions which are still shared with 32-bit hash mmus: pp_check(), check_prot() and pte_update_flags(). While these don't have ugly ifdefs on the mmu type, they're not very well thought out, so sharing them impedes cleaning up the hash mmu paths. For now, put near-duplicate versions into mmu-hash64.c and mmu-hash32.c, leaving the old version in mmu_helper.c for 6xx software loaded tlb implementations. The hash 32 and software loaded implementations are simplfied slightly, using the fact that no 32-bit CPUs implement the 3rd page protection bit. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:14 +01:00
if (prot & PAGE_EXEC) {
ret = 0;
} else {
ret = -2;
}
mmu-hash*: Reduce use of access_type In ppc env->access_type is updated by e.g. integer load/stores with ACCESS_INT floating point load/stores with ACCESS_FLOAT and so forth. In hash mmu fault paths it can also b set to ACCESS_CODE for instruction fetch accesses. But the only place which uses anything more of the access_type than whether it is instruction fetch or data access is the direct store segment handling. Instruction versus data access can be more simply determined from the rw value passed down from the top. This changes the code to use rw in preference to checking access_type. For the 32-bit case there is a small amount of code (for direct store segments) that still needs the full access type. Instead of passing it all the way down the stack, we retrieve it from the env structure, which is where it came anyway, before this patch. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:20 +01:00
} else if (rwx == 1) {
target-ppc: Disentangle hash mmu helper functions The newly separated paths for hash mmus rely on several helper functions which are still shared with 32-bit hash mmus: pp_check(), check_prot() and pte_update_flags(). While these don't have ugly ifdefs on the mmu type, they're not very well thought out, so sharing them impedes cleaning up the hash mmu paths. For now, put near-duplicate versions into mmu-hash64.c and mmu-hash32.c, leaving the old version in mmu_helper.c for 6xx software loaded tlb implementations. The hash 32 and software loaded implementations are simplfied slightly, using the fact that no 32-bit CPUs implement the 3rd page protection bit. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:14 +01:00
if (prot & PAGE_WRITE) {
ret = 0;
} else {
ret = -2;
}
} else {
if (prot & PAGE_READ) {
ret = 0;
} else {
ret = -2;
}
}
return ret;
}
mmu-hash*: Don't keep looking for PTEs after we find a match BEHAVIOUR CHANGE The ppc hash mmu hashes each virtual address to a primary and secondary possible hash bucket (aka PTE group or PTEG) each with 8 PTEs. Then we need a linear search through the PTEs to find the correct one for the virtual address we're translating. It is a programming error for the guest to insert multiple PTEs mapping the same virtual address into a PTEG - in this case the ppc architecture says the MMU can either act as if just one was present, or give a machine check. Currently our code takes the first matching PTE in a PTEG if it finds a successful translation. But if a matching PTE is found, but permission bits don't allow the access, we keep looking through the PTEG, checking that any other matching PTEs contain an identical translation. That behaviour is perhaps not exactly wrong, but it's certainly not useful. This patch changes it to always just find the first matching PTE in a PTEG. In addition, if we get a permissions problem on the primary PTEG, we then search the secondary PTEG. This is incorrect - a permission denying PTE in the primary PTEG should not be overwritten by an access granting PTE in the secondary (although again, it would be a programming error for the guest to set up such a situation anyway). So additionally we update the code to only search the secondary PTEG if no matching PTE is found in the primary at all. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:27 +01:00
static bool pte64_match(target_ulong pte0, target_ulong pte1,
bool secondary, target_ulong ptem)
{
return (pte0 & HPTE64_V_VALID)
&& (secondary == !!(pte0 & HPTE64_V_SECONDARY))
&& HPTE64_V_COMPARE(pte0, ptem);
}
target-ppc: mmu_ctx_t should not be a global type mmu_ctx_t is currently defined in cpu.h. However it is used for temporary information relating to mmu translation, and is only used in mmu_helper.c and (now) mmu-hash{32,64}.c. Furthermore it contains information which should be specific to particular MMU types. Therefore, move its definition to mmu_helper.c. mmu-hash{32,64}.c are converted to use new data types private to the relevant MMUs (identical to mmu_ctx_t for now, but that will change in future patches). Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:17 +01:00
static int pte64_check(struct mmu_ctx_hash64 *ctx, target_ulong pte0,
mmu-hash*: Don't keep looking for PTEs after we find a match BEHAVIOUR CHANGE The ppc hash mmu hashes each virtual address to a primary and secondary possible hash bucket (aka PTE group or PTEG) each with 8 PTEs. Then we need a linear search through the PTEs to find the correct one for the virtual address we're translating. It is a programming error for the guest to insert multiple PTEs mapping the same virtual address into a PTEG - in this case the ppc architecture says the MMU can either act as if just one was present, or give a machine check. Currently our code takes the first matching PTE in a PTEG if it finds a successful translation. But if a matching PTE is found, but permission bits don't allow the access, we keep looking through the PTEG, checking that any other matching PTEs contain an identical translation. That behaviour is perhaps not exactly wrong, but it's certainly not useful. This patch changes it to always just find the first matching PTE in a PTEG. In addition, if we get a permissions problem on the primary PTEG, we then search the secondary PTEG. This is incorrect - a permission denying PTE in the primary PTEG should not be overwritten by an access granting PTE in the secondary (although again, it would be a programming error for the guest to set up such a situation anyway). So additionally we update the code to only search the secondary PTEG if no matching PTE is found in the primary at all. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:27 +01:00
target_ulong pte1, int rwx)
target-ppc: Disentangle pte_check() Currently support for both 32-bit and 64-bit hash MMUs share an implementation of pte_check. But there are enough differences that this means the shared function has several very ugly conditionals on "is_64b". This patch cleans things up by separating out the 64-bit version (putting it into mmu-hash64.c) and the 32-bit hash version (putting it in mmu-hash32.c). Another copy remains in mmu_helper.c, which is used for the 6xx software loaded TLB paths. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:07 +01:00
{
mmu-hash*: Add header file for definitions Currently cpu.h contains a number of definitions relating to the 64-bit hash MMU. Some are used in the MMU emulation code, but some are only used in the spapr MMU management hcall implementations. This patch moves these definitions (except for a few that are needed more widely) into mmu-hash64.h header, shared between the MMU emulation code and the spapr hcall code. The MMU emulation code is also updated to actually use a number of those definitions in place of hard coded constants. Similarly, we add new analogous definitions to mmu-hash32.h and use those in place of many hard-coded constants in mmu-hash32.c Signed-off-by: David Gibson <david@gibson.dropbear.id.au> [agraf: fix 32-bit hosts] Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:18 +01:00
int access, ret, pp;
mmu-hash*: Don't keep looking for PTEs after we find a match BEHAVIOUR CHANGE The ppc hash mmu hashes each virtual address to a primary and secondary possible hash bucket (aka PTE group or PTEG) each with 8 PTEs. Then we need a linear search through the PTEs to find the correct one for the virtual address we're translating. It is a programming error for the guest to insert multiple PTEs mapping the same virtual address into a PTEG - in this case the ppc architecture says the MMU can either act as if just one was present, or give a machine check. Currently our code takes the first matching PTE in a PTEG if it finds a successful translation. But if a matching PTE is found, but permission bits don't allow the access, we keep looking through the PTEG, checking that any other matching PTEs contain an identical translation. That behaviour is perhaps not exactly wrong, but it's certainly not useful. This patch changes it to always just find the first matching PTE in a PTEG. In addition, if we get a permissions problem on the primary PTEG, we then search the secondary PTEG. This is incorrect - a permission denying PTE in the primary PTEG should not be overwritten by an access granting PTE in the secondary (although again, it would be a programming error for the guest to set up such a situation anyway). So additionally we update the code to only search the secondary PTEG if no matching PTE is found in the primary at all. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:27 +01:00
bool nx;
target-ppc: Disentangle pte_check() Currently support for both 32-bit and 64-bit hash MMUs share an implementation of pte_check. But there are enough differences that this means the shared function has several very ugly conditionals on "is_64b". This patch cleans things up by separating out the 64-bit version (putting it into mmu-hash64.c) and the 32-bit hash version (putting it in mmu-hash32.c). Another copy remains in mmu_helper.c, which is used for the 6xx software loaded TLB paths. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:07 +01:00
mmu-hash*: Don't keep looking for PTEs after we find a match BEHAVIOUR CHANGE The ppc hash mmu hashes each virtual address to a primary and secondary possible hash bucket (aka PTE group or PTEG) each with 8 PTEs. Then we need a linear search through the PTEs to find the correct one for the virtual address we're translating. It is a programming error for the guest to insert multiple PTEs mapping the same virtual address into a PTEG - in this case the ppc architecture says the MMU can either act as if just one was present, or give a machine check. Currently our code takes the first matching PTE in a PTEG if it finds a successful translation. But if a matching PTE is found, but permission bits don't allow the access, we keep looking through the PTEG, checking that any other matching PTEs contain an identical translation. That behaviour is perhaps not exactly wrong, but it's certainly not useful. This patch changes it to always just find the first matching PTE in a PTEG. In addition, if we get a permissions problem on the primary PTEG, we then search the secondary PTEG. This is incorrect - a permission denying PTE in the primary PTEG should not be overwritten by an access granting PTE in the secondary (although again, it would be a programming error for the guest to set up such a situation anyway). So additionally we update the code to only search the secondary PTEG if no matching PTE is found in the primary at all. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:27 +01:00
pp = (pte1 & HPTE64_R_PP) | ((pte1 & HPTE64_R_PP0) >> 61);
/* No execute if either noexec or guarded bits set */
nx = (pte1 & HPTE64_R_N) || (pte1 & HPTE64_R_G);
/* Compute access rights */
access = ppc_hash64_pp_check(ctx->key, pp, nx);
/* Keep the matching PTE informations */
ctx->raddr = pte1;
ctx->prot = access;
ret = ppc_hash64_check_prot(ctx->prot, rwx);
if (ret == 0) {
/* Access granted */
LOG_MMU("PTE access granted !\n");
} else {
/* Access right violation */
LOG_MMU("PTE access rejected\n");
target-ppc: Disentangle pte_check() Currently support for both 32-bit and 64-bit hash MMUs share an implementation of pte_check. But there are enough differences that this means the shared function has several very ugly conditionals on "is_64b". This patch cleans things up by separating out the 64-bit version (putting it into mmu-hash64.c) and the 32-bit hash version (putting it in mmu-hash32.c). Another copy remains in mmu_helper.c, which is used for the 6xx software loaded TLB paths. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:07 +01:00
}
return ret;
}
target-ppc: Disentangle find_pte() 32-bit and 64-bit hash MMU implementations currently share a find_pte function. This results in a whole bunch of ugly conditionals in the shared function, and not all that much actually shared code. This patch separates out the 32-bit and 64-bit versions, putting then in mmu-hash64.c and mmu-has32.c, and removes the conditionals from both versions. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:08 +01:00
target-ppc: mmu_ctx_t should not be a global type mmu_ctx_t is currently defined in cpu.h. However it is used for temporary information relating to mmu translation, and is only used in mmu_helper.c and (now) mmu-hash{32,64}.c. Furthermore it contains information which should be specific to particular MMU types. Therefore, move its definition to mmu_helper.c. mmu-hash{32,64}.c are converted to use new data types private to the relevant MMUs (identical to mmu_ctx_t for now, but that will change in future patches). Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:17 +01:00
static int ppc_hash64_pte_update_flags(struct mmu_ctx_hash64 *ctx,
target_ulong *pte1p,
target-ppc: Disentangle hash mmu helper functions The newly separated paths for hash mmus rely on several helper functions which are still shared with 32-bit hash mmus: pp_check(), check_prot() and pte_update_flags(). While these don't have ugly ifdefs on the mmu type, they're not very well thought out, so sharing them impedes cleaning up the hash mmu paths. For now, put near-duplicate versions into mmu-hash64.c and mmu-hash32.c, leaving the old version in mmu_helper.c for 6xx software loaded tlb implementations. The hash 32 and software loaded implementations are simplfied slightly, using the fact that no 32-bit CPUs implement the 3rd page protection bit. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:14 +01:00
int ret, int rw)
{
int store = 0;
/* Update page flags */
mmu-hash*: Add header file for definitions Currently cpu.h contains a number of definitions relating to the 64-bit hash MMU. Some are used in the MMU emulation code, but some are only used in the spapr MMU management hcall implementations. This patch moves these definitions (except for a few that are needed more widely) into mmu-hash64.h header, shared between the MMU emulation code and the spapr hcall code. The MMU emulation code is also updated to actually use a number of those definitions in place of hard coded constants. Similarly, we add new analogous definitions to mmu-hash32.h and use those in place of many hard-coded constants in mmu-hash32.c Signed-off-by: David Gibson <david@gibson.dropbear.id.au> [agraf: fix 32-bit hosts] Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:18 +01:00
if (!(*pte1p & HPTE64_R_R)) {
target-ppc: Disentangle hash mmu helper functions The newly separated paths for hash mmus rely on several helper functions which are still shared with 32-bit hash mmus: pp_check(), check_prot() and pte_update_flags(). While these don't have ugly ifdefs on the mmu type, they're not very well thought out, so sharing them impedes cleaning up the hash mmu paths. For now, put near-duplicate versions into mmu-hash64.c and mmu-hash32.c, leaving the old version in mmu_helper.c for 6xx software loaded tlb implementations. The hash 32 and software loaded implementations are simplfied slightly, using the fact that no 32-bit CPUs implement the 3rd page protection bit. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:14 +01:00
/* Update accessed flag */
mmu-hash*: Add header file for definitions Currently cpu.h contains a number of definitions relating to the 64-bit hash MMU. Some are used in the MMU emulation code, but some are only used in the spapr MMU management hcall implementations. This patch moves these definitions (except for a few that are needed more widely) into mmu-hash64.h header, shared between the MMU emulation code and the spapr hcall code. The MMU emulation code is also updated to actually use a number of those definitions in place of hard coded constants. Similarly, we add new analogous definitions to mmu-hash32.h and use those in place of many hard-coded constants in mmu-hash32.c Signed-off-by: David Gibson <david@gibson.dropbear.id.au> [agraf: fix 32-bit hosts] Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:18 +01:00
*pte1p |= HPTE64_R_R;
target-ppc: Disentangle hash mmu helper functions The newly separated paths for hash mmus rely on several helper functions which are still shared with 32-bit hash mmus: pp_check(), check_prot() and pte_update_flags(). While these don't have ugly ifdefs on the mmu type, they're not very well thought out, so sharing them impedes cleaning up the hash mmu paths. For now, put near-duplicate versions into mmu-hash64.c and mmu-hash32.c, leaving the old version in mmu_helper.c for 6xx software loaded tlb implementations. The hash 32 and software loaded implementations are simplfied slightly, using the fact that no 32-bit CPUs implement the 3rd page protection bit. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:14 +01:00
store = 1;
}
mmu-hash*: Add header file for definitions Currently cpu.h contains a number of definitions relating to the 64-bit hash MMU. Some are used in the MMU emulation code, but some are only used in the spapr MMU management hcall implementations. This patch moves these definitions (except for a few that are needed more widely) into mmu-hash64.h header, shared between the MMU emulation code and the spapr hcall code. The MMU emulation code is also updated to actually use a number of those definitions in place of hard coded constants. Similarly, we add new analogous definitions to mmu-hash32.h and use those in place of many hard-coded constants in mmu-hash32.c Signed-off-by: David Gibson <david@gibson.dropbear.id.au> [agraf: fix 32-bit hosts] Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:18 +01:00
if (!(*pte1p & HPTE64_R_C)) {
target-ppc: Disentangle hash mmu helper functions The newly separated paths for hash mmus rely on several helper functions which are still shared with 32-bit hash mmus: pp_check(), check_prot() and pte_update_flags(). While these don't have ugly ifdefs on the mmu type, they're not very well thought out, so sharing them impedes cleaning up the hash mmu paths. For now, put near-duplicate versions into mmu-hash64.c and mmu-hash32.c, leaving the old version in mmu_helper.c for 6xx software loaded tlb implementations. The hash 32 and software loaded implementations are simplfied slightly, using the fact that no 32-bit CPUs implement the 3rd page protection bit. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:14 +01:00
if (rw == 1 && ret == 0) {
/* Update changed flag */
mmu-hash*: Add header file for definitions Currently cpu.h contains a number of definitions relating to the 64-bit hash MMU. Some are used in the MMU emulation code, but some are only used in the spapr MMU management hcall implementations. This patch moves these definitions (except for a few that are needed more widely) into mmu-hash64.h header, shared between the MMU emulation code and the spapr hcall code. The MMU emulation code is also updated to actually use a number of those definitions in place of hard coded constants. Similarly, we add new analogous definitions to mmu-hash32.h and use those in place of many hard-coded constants in mmu-hash32.c Signed-off-by: David Gibson <david@gibson.dropbear.id.au> [agraf: fix 32-bit hosts] Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:18 +01:00
*pte1p |= HPTE64_R_C;
target-ppc: Disentangle hash mmu helper functions The newly separated paths for hash mmus rely on several helper functions which are still shared with 32-bit hash mmus: pp_check(), check_prot() and pte_update_flags(). While these don't have ugly ifdefs on the mmu type, they're not very well thought out, so sharing them impedes cleaning up the hash mmu paths. For now, put near-duplicate versions into mmu-hash64.c and mmu-hash32.c, leaving the old version in mmu_helper.c for 6xx software loaded tlb implementations. The hash 32 and software loaded implementations are simplfied slightly, using the fact that no 32-bit CPUs implement the 3rd page protection bit. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:14 +01:00
store = 1;
} else {
/* Force page fault for first write access */
ctx->prot &= ~PAGE_WRITE;
}
}
return store;
}
target-ppc: Disentangle find_pte() 32-bit and 64-bit hash MMU implementations currently share a find_pte function. This results in a whole bunch of ugly conditionals in the shared function, and not all that much actually shared code. This patch separates out the 32-bit and 64-bit versions, putting then in mmu-hash64.c and mmu-has32.c, and removes the conditionals from both versions. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:08 +01:00
/* PTE table lookup */
mmu-hash*: Remove eaddr field from mmu_ctx_hash{32, 64} The eaddr field of mmu_ctx_hash{32,64} is effectively just used to pass the effective address from get_segment{32,64}() to find_pte{32,64}(). Just pass it as a normal parameter instead. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:22 +01:00
static int find_pte64(CPUPPCState *env, struct mmu_ctx_hash64 *ctx,
target_ulong eaddr, int h, int rwx, int target_page_bits)
target-ppc: Disentangle find_pte() 32-bit and 64-bit hash MMU implementations currently share a find_pte function. This results in a whole bunch of ugly conditionals in the shared function, and not all that much actually shared code. This patch separates out the 32-bit and 64-bit versions, putting then in mmu-hash64.c and mmu-has32.c, and removes the conditionals from both versions. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:08 +01:00
{
hwaddr pteg_off;
target_ulong pte0, pte1;
int i, good = -1;
mmu-hash*: Don't keep looking for PTEs after we find a match BEHAVIOUR CHANGE The ppc hash mmu hashes each virtual address to a primary and secondary possible hash bucket (aka PTE group or PTEG) each with 8 PTEs. Then we need a linear search through the PTEs to find the correct one for the virtual address we're translating. It is a programming error for the guest to insert multiple PTEs mapping the same virtual address into a PTEG - in this case the ppc architecture says the MMU can either act as if just one was present, or give a machine check. Currently our code takes the first matching PTE in a PTEG if it finds a successful translation. But if a matching PTE is found, but permission bits don't allow the access, we keep looking through the PTEG, checking that any other matching PTEs contain an identical translation. That behaviour is perhaps not exactly wrong, but it's certainly not useful. This patch changes it to always just find the first matching PTE in a PTEG. In addition, if we get a permissions problem on the primary PTEG, we then search the secondary PTEG. This is incorrect - a permission denying PTE in the primary PTEG should not be overwritten by an access granting PTE in the secondary (although again, it would be a programming error for the guest to set up such a situation anyway). So additionally we update the code to only search the secondary PTEG if no matching PTE is found in the primary at all. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:27 +01:00
int ret;
target-ppc: Disentangle find_pte() 32-bit and 64-bit hash MMU implementations currently share a find_pte function. This results in a whole bunch of ugly conditionals in the shared function, and not all that much actually shared code. This patch separates out the 32-bit and 64-bit versions, putting then in mmu-hash64.c and mmu-has32.c, and removes the conditionals from both versions. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:08 +01:00
ret = -1; /* No entry found */
mmu-hash*: Add header file for definitions Currently cpu.h contains a number of definitions relating to the 64-bit hash MMU. Some are used in the MMU emulation code, but some are only used in the spapr MMU management hcall implementations. This patch moves these definitions (except for a few that are needed more widely) into mmu-hash64.h header, shared between the MMU emulation code and the spapr hcall code. The MMU emulation code is also updated to actually use a number of those definitions in place of hard coded constants. Similarly, we add new analogous definitions to mmu-hash32.h and use those in place of many hard-coded constants in mmu-hash32.c Signed-off-by: David Gibson <david@gibson.dropbear.id.au> [agraf: fix 32-bit hosts] Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:18 +01:00
pteg_off = (ctx->hash[h] * HASH_PTEG_SIZE_64) & env->htab_mask;
for (i = 0; i < HPTES_PER_GROUP; i++) {
mmu-hash*: Add hash pte load/store helpers On real hardware the ppc hash page table is stored in memory; accordingly our mmu emulation code can read a hash page table in guest memory. But, when paravirtualized under PAPR, the real hash page table is in host memory, accessible to the guest only via hypercalls. We model this by also allowing the MMU emulation code to access a specially allocated hash page table outside the guest's memory image. At present these two options are implemented with some ugly conditionals at each access point in the mmu emulation code. In the implementation of the PAPR hypercalls, we assume the external hash table. This patch cleans things up by adding helpers to load and store from the hash table for both 32-bit and 64-bit hash mmus. The 64-bit versions handle both the in-guest-memory and outside guest memory cases. The 32-bit versions only handle the in-guest-memory case since no 32-bit systems can have an external hash table at present. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:19 +01:00
pte0 = ppc_hash64_load_hpte0(env, pteg_off + i*HASH_PTE_SIZE_64);
pte1 = ppc_hash64_load_hpte1(env, pteg_off + i*HASH_PTE_SIZE_64);
target-ppc: Disentangle find_pte() 32-bit and 64-bit hash MMU implementations currently share a find_pte function. This results in a whole bunch of ugly conditionals in the shared function, and not all that much actually shared code. This patch separates out the 32-bit and 64-bit versions, putting then in mmu-hash64.c and mmu-has32.c, and removes the conditionals from both versions. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:08 +01:00
LOG_MMU("Load pte from %016" HWADDR_PRIx " => " TARGET_FMT_lx " "
TARGET_FMT_lx " %d %d %d " TARGET_FMT_lx "\n",
mmu-hash*: Don't keep looking for PTEs after we find a match BEHAVIOUR CHANGE The ppc hash mmu hashes each virtual address to a primary and secondary possible hash bucket (aka PTE group or PTEG) each with 8 PTEs. Then we need a linear search through the PTEs to find the correct one for the virtual address we're translating. It is a programming error for the guest to insert multiple PTEs mapping the same virtual address into a PTEG - in this case the ppc architecture says the MMU can either act as if just one was present, or give a machine check. Currently our code takes the first matching PTE in a PTEG if it finds a successful translation. But if a matching PTE is found, but permission bits don't allow the access, we keep looking through the PTEG, checking that any other matching PTEs contain an identical translation. That behaviour is perhaps not exactly wrong, but it's certainly not useful. This patch changes it to always just find the first matching PTE in a PTEG. In addition, if we get a permissions problem on the primary PTEG, we then search the secondary PTEG. This is incorrect - a permission denying PTE in the primary PTEG should not be overwritten by an access granting PTE in the secondary (although again, it would be a programming error for the guest to set up such a situation anyway). So additionally we update the code to only search the secondary PTEG if no matching PTE is found in the primary at all. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:27 +01:00
pteg_off + (i * 16), pte0, pte1, !!(pte0 & HPTE64_V_VALID),
h, !!(pte0 & HPTE64_V_SECONDARY), ctx->ptem);
if (pte64_match(pte0, pte1, h, ctx->ptem)) {
target-ppc: Disentangle find_pte() 32-bit and 64-bit hash MMU implementations currently share a find_pte function. This results in a whole bunch of ugly conditionals in the shared function, and not all that much actually shared code. This patch separates out the 32-bit and 64-bit versions, putting then in mmu-hash64.c and mmu-has32.c, and removes the conditionals from both versions. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:08 +01:00
good = i;
break;
}
}
if (good != -1) {
mmu-hash*: Don't keep looking for PTEs after we find a match BEHAVIOUR CHANGE The ppc hash mmu hashes each virtual address to a primary and secondary possible hash bucket (aka PTE group or PTEG) each with 8 PTEs. Then we need a linear search through the PTEs to find the correct one for the virtual address we're translating. It is a programming error for the guest to insert multiple PTEs mapping the same virtual address into a PTEG - in this case the ppc architecture says the MMU can either act as if just one was present, or give a machine check. Currently our code takes the first matching PTE in a PTEG if it finds a successful translation. But if a matching PTE is found, but permission bits don't allow the access, we keep looking through the PTEG, checking that any other matching PTEs contain an identical translation. That behaviour is perhaps not exactly wrong, but it's certainly not useful. This patch changes it to always just find the first matching PTE in a PTEG. In addition, if we get a permissions problem on the primary PTEG, we then search the secondary PTEG. This is incorrect - a permission denying PTE in the primary PTEG should not be overwritten by an access granting PTE in the secondary (although again, it would be a programming error for the guest to set up such a situation anyway). So additionally we update the code to only search the secondary PTEG if no matching PTE is found in the primary at all. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:27 +01:00
ret = pte64_check(ctx, pte0, pte1, rwx);
target-ppc: Disentangle find_pte() 32-bit and 64-bit hash MMU implementations currently share a find_pte function. This results in a whole bunch of ugly conditionals in the shared function, and not all that much actually shared code. This patch separates out the 32-bit and 64-bit versions, putting then in mmu-hash64.c and mmu-has32.c, and removes the conditionals from both versions. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:08 +01:00
LOG_MMU("found PTE at addr %08" HWADDR_PRIx " prot=%01x ret=%d\n",
ctx->raddr, ctx->prot, ret);
/* Update page flags */
pte1 = ctx->raddr;
mmu-hash*: Reduce use of access_type In ppc env->access_type is updated by e.g. integer load/stores with ACCESS_INT floating point load/stores with ACCESS_FLOAT and so forth. In hash mmu fault paths it can also b set to ACCESS_CODE for instruction fetch accesses. But the only place which uses anything more of the access_type than whether it is instruction fetch or data access is the direct store segment handling. Instruction versus data access can be more simply determined from the rw value passed down from the top. This changes the code to use rw in preference to checking access_type. For the 32-bit case there is a small amount of code (for direct store segments) that still needs the full access type. Instead of passing it all the way down the stack, we retrieve it from the env structure, which is where it came anyway, before this patch. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:20 +01:00
if (ppc_hash64_pte_update_flags(ctx, &pte1, ret, rwx) == 1) {
mmu-hash*: Add hash pte load/store helpers On real hardware the ppc hash page table is stored in memory; accordingly our mmu emulation code can read a hash page table in guest memory. But, when paravirtualized under PAPR, the real hash page table is in host memory, accessible to the guest only via hypercalls. We model this by also allowing the MMU emulation code to access a specially allocated hash page table outside the guest's memory image. At present these two options are implemented with some ugly conditionals at each access point in the mmu emulation code. In the implementation of the PAPR hypercalls, we assume the external hash table. This patch cleans things up by adding helpers to load and store from the hash table for both 32-bit and 64-bit hash mmus. The 64-bit versions handle both the in-guest-memory and outside guest memory cases. The 32-bit versions only handle the in-guest-memory case since no 32-bit systems can have an external hash table at present. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:19 +01:00
ppc_hash64_store_hpte1(env, pteg_off + good * HASH_PTE_SIZE_64, pte1);
target-ppc: Disentangle find_pte() 32-bit and 64-bit hash MMU implementations currently share a find_pte function. This results in a whole bunch of ugly conditionals in the shared function, and not all that much actually shared code. This patch separates out the 32-bit and 64-bit versions, putting then in mmu-hash64.c and mmu-has32.c, and removes the conditionals from both versions. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:08 +01:00
}
}
/* We have a TLB that saves 4K pages, so let's
* split a huge page to 4k chunks */
if (target_page_bits != TARGET_PAGE_BITS) {
mmu-hash*: Remove eaddr field from mmu_ctx_hash{32, 64} The eaddr field of mmu_ctx_hash{32,64} is effectively just used to pass the effective address from get_segment{32,64}() to find_pte{32,64}(). Just pass it as a normal parameter instead. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:22 +01:00
ctx->raddr |= (eaddr & ((1 << target_page_bits) - 1))
target-ppc: Disentangle find_pte() 32-bit and 64-bit hash MMU implementations currently share a find_pte function. This results in a whole bunch of ugly conditionals in the shared function, and not all that much actually shared code. This patch separates out the 32-bit and 64-bit versions, putting then in mmu-hash64.c and mmu-has32.c, and removes the conditionals from both versions. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:08 +01:00
& TARGET_PAGE_MASK;
}
return ret;
}
target-ppc: Disentangle get_segment() The poorly named get_segment() function handles most of the address translation logic for hash-based MMUs. It has many ugly conditionals on whether the MMU is 32-bit or 64-bit. This patch splits the function into 32 and 64-bit versions, using the switch on mmu_type that's already in the caller (get_physical_address()) to select the right one. Most of the original function remains in mmu_helper.c to support the 6xx software loaded TLB implementations (cleaning those up is a project for another day). Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:09 +01:00
mmu-hash*: Combine ppc_hash{32, 64}_get_physical_address and get_segment{32, 64}() After previous work, ppc_hash{32,64}_get_physical_address() are almost trivial wrappers around get_segment{32,64}() which does nearly all the work of translating an address according to the hash mmu model. Therefore combine the two functions into one, under the better name of ppc_hash{32,64}_translate(). Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:23 +01:00
static int ppc_hash64_translate(CPUPPCState *env, struct mmu_ctx_hash64 *ctx,
target_ulong eaddr, int rwx)
target-ppc: Disentangle get_segment() The poorly named get_segment() function handles most of the address translation logic for hash-based MMUs. It has many ugly conditionals on whether the MMU is 32-bit or 64-bit. This patch splits the function into 32 and 64-bit versions, using the switch on mmu_type that's already in the caller (get_physical_address()) to select the right one. Most of the original function remains in mmu_helper.c to support the 6xx software loaded TLB implementations (cleaning those up is a project for another day). Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:09 +01:00
{
hwaddr hash;
target_ulong vsid;
int pr, target_page_bits;
int ret, ret2;
ppc_slb_t *slb;
target_ulong pageaddr;
int segment_bits;
mmu-hash*: Combine ppc_hash{32, 64}_get_physical_address and get_segment{32, 64}() After previous work, ppc_hash{32,64}_get_physical_address() are almost trivial wrappers around get_segment{32,64}() which does nearly all the work of translating an address according to the hash mmu model. Therefore combine the two functions into one, under the better name of ppc_hash{32,64}_translate(). Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:23 +01:00
/* 1. Handle real mode accesses */
if (((rwx == 2) && (msr_ir == 0)) || ((rwx != 2) && (msr_dr == 0))) {
/* Translation is off */
/* In real mode the top 4 effective address bits are ignored */
ctx->raddr = eaddr & 0x0FFFFFFFFFFFFFFFULL;
ctx->prot = PAGE_READ | PAGE_EXEC | PAGE_WRITE;
return 0;
}
mmu-hash*: Cleanup segment-level NX check On the ppc hash mmus, no-execute can be set at the segment level (on more recent 64-bit hash mmus it can also be set at the page level). This patch separates out this check to make it clearer what is going on, and avoiding excessive indentation of the remaining translation code. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:26 +01:00
/* 2. Translation is on, so look up the SLB */
target-ppc: Disentangle get_segment() The poorly named get_segment() function handles most of the address translation logic for hash-based MMUs. It has many ugly conditionals on whether the MMU is 32-bit or 64-bit. This patch splits the function into 32 and 64-bit versions, using the switch on mmu_type that's already in the caller (get_physical_address()) to select the right one. Most of the original function remains in mmu_helper.c to support the 6xx software loaded TLB implementations (cleaning those up is a project for another day). Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:09 +01:00
slb = slb_lookup(env, eaddr);
mmu-hash*: Cleanup segment-level NX check On the ppc hash mmus, no-execute can be set at the segment level (on more recent 64-bit hash mmus it can also be set at the page level). This patch separates out this check to make it clearer what is going on, and avoiding excessive indentation of the remaining translation code. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:26 +01:00
target-ppc: Disentangle get_segment() The poorly named get_segment() function handles most of the address translation logic for hash-based MMUs. It has many ugly conditionals on whether the MMU is 32-bit or 64-bit. This patch splits the function into 32 and 64-bit versions, using the switch on mmu_type that's already in the caller (get_physical_address()) to select the right one. Most of the original function remains in mmu_helper.c to support the 6xx software loaded TLB implementations (cleaning those up is a project for another day). Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:09 +01:00
if (!slb) {
return -5;
}
mmu-hash*: Cleanup segment-level NX check On the ppc hash mmus, no-execute can be set at the segment level (on more recent 64-bit hash mmus it can also be set at the page level). This patch separates out this check to make it clearer what is going on, and avoiding excessive indentation of the remaining translation code. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:26 +01:00
/* 3. Check for segment level no-execute violation */
if ((rwx == 2) && (slb->vsid & SLB_VSID_N)) {
return -3;
}
pr = msr_pr;
target-ppc: Disentangle get_segment() The poorly named get_segment() function handles most of the address translation logic for hash-based MMUs. It has many ugly conditionals on whether the MMU is 32-bit or 64-bit. This patch splits the function into 32 and 64-bit versions, using the switch on mmu_type that's already in the caller (get_physical_address()) to select the right one. Most of the original function remains in mmu_helper.c to support the 6xx software loaded TLB implementations (cleaning those up is a project for another day). Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:09 +01:00
if (slb->vsid & SLB_VSID_B) {
vsid = (slb->vsid & SLB_VSID_VSID) >> SLB_VSID_SHIFT_1T;
segment_bits = 40;
} else {
vsid = (slb->vsid & SLB_VSID_VSID) >> SLB_VSID_SHIFT;
segment_bits = 28;
}
target_page_bits = (slb->vsid & SLB_VSID_L)
? TARGET_PAGE_BITS_16M : TARGET_PAGE_BITS;
ctx->key = !!(pr ? (slb->vsid & SLB_VSID_KP)
: (slb->vsid & SLB_VSID_KS));
pageaddr = eaddr & ((1ULL << segment_bits)
- (1ULL << target_page_bits));
if (slb->vsid & SLB_VSID_B) {
hash = vsid ^ (vsid << 25) ^ (pageaddr >> target_page_bits);
} else {
hash = vsid ^ (pageaddr >> target_page_bits);
}
/* Only 5 bits of the page index are used in the AVPN */
ctx->ptem = (slb->vsid & SLB_VSID_PTEM) |
((pageaddr >> 16) & ((1ULL << segment_bits) - 0x80));
LOG_MMU("pte segment: key=%d nx %d vsid " TARGET_FMT_lx "\n",
mmu-hash64: Remove nx from mmu_ctx_hash64 The nx field in mmu_ctx_hash64 is used in two different functions. But its used for slightly different things in each place, and the value is never propagated between them. In other words, it might as well be two local variables. This patch makes it so. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:21 +01:00
ctx->key, !!(slb->vsid & SLB_VSID_N), vsid);
target-ppc: Disentangle get_segment() The poorly named get_segment() function handles most of the address translation logic for hash-based MMUs. It has many ugly conditionals on whether the MMU is 32-bit or 64-bit. This patch splits the function into 32 and 64-bit versions, using the switch on mmu_type that's already in the caller (get_physical_address()) to select the right one. Most of the original function remains in mmu_helper.c to support the 6xx software loaded TLB implementations (cleaning those up is a project for another day). Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:09 +01:00
ret = -1;
mmu-hash*: Cleanup segment-level NX check On the ppc hash mmus, no-execute can be set at the segment level (on more recent 64-bit hash mmus it can also be set at the page level). This patch separates out this check to make it clearer what is going on, and avoiding excessive indentation of the remaining translation code. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:26 +01:00
/* Page address translation */
LOG_MMU("htab_base " TARGET_FMT_plx " htab_mask " TARGET_FMT_plx
" hash " TARGET_FMT_plx "\n",
env->htab_base, env->htab_mask, hash);
ctx->hash[0] = hash;
ctx->hash[1] = ~hash;
LOG_MMU("0 htab=" TARGET_FMT_plx "/" TARGET_FMT_plx
" vsid=" TARGET_FMT_lx " ptem=" TARGET_FMT_lx
" hash=" TARGET_FMT_plx "\n",
env->htab_base, env->htab_mask, vsid, ctx->ptem,
ctx->hash[0]);
/* Primary table lookup */
ret = find_pte64(env, ctx, eaddr, 0, rwx, target_page_bits);
mmu-hash*: Don't keep looking for PTEs after we find a match BEHAVIOUR CHANGE The ppc hash mmu hashes each virtual address to a primary and secondary possible hash bucket (aka PTE group or PTEG) each with 8 PTEs. Then we need a linear search through the PTEs to find the correct one for the virtual address we're translating. It is a programming error for the guest to insert multiple PTEs mapping the same virtual address into a PTEG - in this case the ppc architecture says the MMU can either act as if just one was present, or give a machine check. Currently our code takes the first matching PTE in a PTEG if it finds a successful translation. But if a matching PTE is found, but permission bits don't allow the access, we keep looking through the PTEG, checking that any other matching PTEs contain an identical translation. That behaviour is perhaps not exactly wrong, but it's certainly not useful. This patch changes it to always just find the first matching PTE in a PTEG. In addition, if we get a permissions problem on the primary PTEG, we then search the secondary PTEG. This is incorrect - a permission denying PTE in the primary PTEG should not be overwritten by an access granting PTE in the secondary (although again, it would be a programming error for the guest to set up such a situation anyway). So additionally we update the code to only search the secondary PTEG if no matching PTE is found in the primary at all. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:27 +01:00
if (ret == -1) {
mmu-hash*: Cleanup segment-level NX check On the ppc hash mmus, no-execute can be set at the segment level (on more recent 64-bit hash mmus it can also be set at the page level). This patch separates out this check to make it clearer what is going on, and avoiding excessive indentation of the remaining translation code. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:26 +01:00
/* Secondary table lookup */
LOG_MMU("1 htab=" TARGET_FMT_plx "/" TARGET_FMT_plx
" vsid=" TARGET_FMT_lx " api=" TARGET_FMT_lx
" hash=" TARGET_FMT_plx "\n", env->htab_base,
env->htab_mask, vsid, ctx->ptem, ctx->hash[1]);
ret2 = find_pte64(env, ctx, eaddr, 1, rwx, target_page_bits);
if (ret2 != -1) {
ret = ret2;
target-ppc: Disentangle get_segment() The poorly named get_segment() function handles most of the address translation logic for hash-based MMUs. It has many ugly conditionals on whether the MMU is 32-bit or 64-bit. This patch splits the function into 32 and 64-bit versions, using the switch on mmu_type that's already in the caller (get_physical_address()) to select the right one. Most of the original function remains in mmu_helper.c to support the 6xx software loaded TLB implementations (cleaning those up is a project for another day). Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:09 +01:00
}
}
return ret;
}
target-ppc: Disentangle get_physical_address() paths Depending on the MSR state, for 64-bit hash MMUs, get_physical_address can either call check_physical (which has further tests for mmu type) or get_segment64. Similarly for 32-bit hash MMUs we can either call check_physucal or get_bat() and get_segment32(). This patch splits off the whole get_physical_addresss() path for hash MMUs into 32-bit and 64-bit versions, handling real mode correctly for such MMUs without going to check_physical and rechecking the mmu type. Correspondingly, the hash MMU specific paths in check_physical() are removed. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:11 +01:00
target-ppc: Disentangle hash mmu versions of cpu_get_phys_page_debug() cpu_get_phys_page_debug() is a trivial wrapper around get_physical_address(). But even the signature of get_physical_address() has some things we'd like to clean up on a per-mmu basis, so this patch moves the test on mmu model out to cpu_get_phys_page_debug(), moving the version for 64-bit hash MMUs out to mmu-hash64.c and the version for 32-bit hash MMUs to mmu-hash32.c Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:13 +01:00
hwaddr ppc_hash64_get_phys_page_debug(CPUPPCState *env, target_ulong addr)
{
target-ppc: mmu_ctx_t should not be a global type mmu_ctx_t is currently defined in cpu.h. However it is used for temporary information relating to mmu translation, and is only used in mmu_helper.c and (now) mmu-hash{32,64}.c. Furthermore it contains information which should be specific to particular MMU types. Therefore, move its definition to mmu_helper.c. mmu-hash{32,64}.c are converted to use new data types private to the relevant MMUs (identical to mmu_ctx_t for now, but that will change in future patches). Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:17 +01:00
struct mmu_ctx_hash64 ctx;
target-ppc: Disentangle hash mmu versions of cpu_get_phys_page_debug() cpu_get_phys_page_debug() is a trivial wrapper around get_physical_address(). But even the signature of get_physical_address() has some things we'd like to clean up on a per-mmu basis, so this patch moves the test on mmu model out to cpu_get_phys_page_debug(), moving the version for 64-bit hash MMUs out to mmu-hash64.c and the version for 32-bit hash MMUs to mmu-hash32.c Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:13 +01:00
mmu-hash*: Combine ppc_hash{32, 64}_get_physical_address and get_segment{32, 64}() After previous work, ppc_hash{32,64}_get_physical_address() are almost trivial wrappers around get_segment{32,64}() which does nearly all the work of translating an address according to the hash mmu model. Therefore combine the two functions into one, under the better name of ppc_hash{32,64}_translate(). Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:23 +01:00
if (unlikely(ppc_hash64_translate(env, &ctx, addr, 0) != 0)) {
target-ppc: Disentangle hash mmu versions of cpu_get_phys_page_debug() cpu_get_phys_page_debug() is a trivial wrapper around get_physical_address(). But even the signature of get_physical_address() has some things we'd like to clean up on a per-mmu basis, so this patch moves the test on mmu model out to cpu_get_phys_page_debug(), moving the version for 64-bit hash MMUs out to mmu-hash64.c and the version for 32-bit hash MMUs to mmu-hash32.c Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:13 +01:00
return -1;
}
return ctx.raddr & TARGET_PAGE_MASK;
}
mmu-hash*: Reduce use of access_type In ppc env->access_type is updated by e.g. integer load/stores with ACCESS_INT floating point load/stores with ACCESS_FLOAT and so forth. In hash mmu fault paths it can also b set to ACCESS_CODE for instruction fetch accesses. But the only place which uses anything more of the access_type than whether it is instruction fetch or data access is the direct store segment handling. Instruction versus data access can be more simply determined from the rw value passed down from the top. This changes the code to use rw in preference to checking access_type. For the 32-bit case there is a small amount of code (for direct store segments) that still needs the full access type. Instead of passing it all the way down the stack, we retrieve it from the env structure, which is where it came anyway, before this patch. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:20 +01:00
int ppc_hash64_handle_mmu_fault(CPUPPCState *env, target_ulong address, int rwx,
target-ppc: Disentangle hash mmu paths for cpu_ppc_handle_mmu_fault cpu_ppc_handle_mmu_fault() calls get_physical_address() (whose behaviour depends on MMU type) then, if that fails, issues an appropriate exception - which again has a number of dependencies on MMU type. This patch starts converting cpu_ppc_handle_mmu_fault() to have a single switch on MMU type, calling MMU specific fault handler functions which deal with both translation and exception delivery appropriately for the MMU type. We convert 32-bit and 64-bit hash MMUs to this new model, but the existing code is left in place for other MMU types for now. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:12 +01:00
int mmu_idx)
{
target-ppc: mmu_ctx_t should not be a global type mmu_ctx_t is currently defined in cpu.h. However it is used for temporary information relating to mmu translation, and is only used in mmu_helper.c and (now) mmu-hash{32,64}.c. Furthermore it contains information which should be specific to particular MMU types. Therefore, move its definition to mmu_helper.c. mmu-hash{32,64}.c are converted to use new data types private to the relevant MMUs (identical to mmu_ctx_t for now, but that will change in future patches). Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:17 +01:00
struct mmu_ctx_hash64 ctx;
target-ppc: Disentangle hash mmu paths for cpu_ppc_handle_mmu_fault cpu_ppc_handle_mmu_fault() calls get_physical_address() (whose behaviour depends on MMU type) then, if that fails, issues an appropriate exception - which again has a number of dependencies on MMU type. This patch starts converting cpu_ppc_handle_mmu_fault() to have a single switch on MMU type, calling MMU specific fault handler functions which deal with both translation and exception delivery appropriately for the MMU type. We convert 32-bit and 64-bit hash MMUs to this new model, but the existing code is left in place for other MMU types for now. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:12 +01:00
int ret = 0;
mmu-hash*: Combine ppc_hash{32, 64}_get_physical_address and get_segment{32, 64}() After previous work, ppc_hash{32,64}_get_physical_address() are almost trivial wrappers around get_segment{32,64}() which does nearly all the work of translating an address according to the hash mmu model. Therefore combine the two functions into one, under the better name of ppc_hash{32,64}_translate(). Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:23 +01:00
ret = ppc_hash64_translate(env, &ctx, address, rwx);
target-ppc: Disentangle hash mmu paths for cpu_ppc_handle_mmu_fault cpu_ppc_handle_mmu_fault() calls get_physical_address() (whose behaviour depends on MMU type) then, if that fails, issues an appropriate exception - which again has a number of dependencies on MMU type. This patch starts converting cpu_ppc_handle_mmu_fault() to have a single switch on MMU type, calling MMU specific fault handler functions which deal with both translation and exception delivery appropriately for the MMU type. We convert 32-bit and 64-bit hash MMUs to this new model, but the existing code is left in place for other MMU types for now. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:12 +01:00
if (ret == 0) {
tlb_set_page(env, address & TARGET_PAGE_MASK,
ctx.raddr & TARGET_PAGE_MASK, ctx.prot,
mmu_idx, TARGET_PAGE_SIZE);
ret = 0;
} else if (ret < 0) {
LOG_MMU_STATE(env);
mmu-hash*: Reduce use of access_type In ppc env->access_type is updated by e.g. integer load/stores with ACCESS_INT floating point load/stores with ACCESS_FLOAT and so forth. In hash mmu fault paths it can also b set to ACCESS_CODE for instruction fetch accesses. But the only place which uses anything more of the access_type than whether it is instruction fetch or data access is the direct store segment handling. Instruction versus data access can be more simply determined from the rw value passed down from the top. This changes the code to use rw in preference to checking access_type. For the 32-bit case there is a small amount of code (for direct store segments) that still needs the full access type. Instead of passing it all the way down the stack, we retrieve it from the env structure, which is where it came anyway, before this patch. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:20 +01:00
if (rwx == 2) {
target-ppc: Disentangle hash mmu paths for cpu_ppc_handle_mmu_fault cpu_ppc_handle_mmu_fault() calls get_physical_address() (whose behaviour depends on MMU type) then, if that fails, issues an appropriate exception - which again has a number of dependencies on MMU type. This patch starts converting cpu_ppc_handle_mmu_fault() to have a single switch on MMU type, calling MMU specific fault handler functions which deal with both translation and exception delivery appropriately for the MMU type. We convert 32-bit and 64-bit hash MMUs to this new model, but the existing code is left in place for other MMU types for now. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:12 +01:00
switch (ret) {
case -1:
env->exception_index = POWERPC_EXCP_ISI;
env->error_code = 0x40000000;
break;
case -2:
/* Access rights violation */
env->exception_index = POWERPC_EXCP_ISI;
env->error_code = 0x08000000;
break;
case -3:
/* No execute protection violation */
env->exception_index = POWERPC_EXCP_ISI;
env->error_code = 0x10000000;
break;
case -5:
/* No match in segment table */
env->exception_index = POWERPC_EXCP_ISEG;
env->error_code = 0;
break;
}
} else {
switch (ret) {
case -1:
/* No matches in page tables or TLB */
env->exception_index = POWERPC_EXCP_DSI;
env->error_code = 0;
env->spr[SPR_DAR] = address;
mmu-hash*: Reduce use of access_type In ppc env->access_type is updated by e.g. integer load/stores with ACCESS_INT floating point load/stores with ACCESS_FLOAT and so forth. In hash mmu fault paths it can also b set to ACCESS_CODE for instruction fetch accesses. But the only place which uses anything more of the access_type than whether it is instruction fetch or data access is the direct store segment handling. Instruction versus data access can be more simply determined from the rw value passed down from the top. This changes the code to use rw in preference to checking access_type. For the 32-bit case there is a small amount of code (for direct store segments) that still needs the full access type. Instead of passing it all the way down the stack, we retrieve it from the env structure, which is where it came anyway, before this patch. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:20 +01:00
if (rwx == 1) {
target-ppc: Disentangle hash mmu paths for cpu_ppc_handle_mmu_fault cpu_ppc_handle_mmu_fault() calls get_physical_address() (whose behaviour depends on MMU type) then, if that fails, issues an appropriate exception - which again has a number of dependencies on MMU type. This patch starts converting cpu_ppc_handle_mmu_fault() to have a single switch on MMU type, calling MMU specific fault handler functions which deal with both translation and exception delivery appropriately for the MMU type. We convert 32-bit and 64-bit hash MMUs to this new model, but the existing code is left in place for other MMU types for now. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:12 +01:00
env->spr[SPR_DSISR] = 0x42000000;
} else {
env->spr[SPR_DSISR] = 0x40000000;
}
break;
case -2:
/* Access rights violation */
env->exception_index = POWERPC_EXCP_DSI;
env->error_code = 0;
env->spr[SPR_DAR] = address;
mmu-hash*: Reduce use of access_type In ppc env->access_type is updated by e.g. integer load/stores with ACCESS_INT floating point load/stores with ACCESS_FLOAT and so forth. In hash mmu fault paths it can also b set to ACCESS_CODE for instruction fetch accesses. But the only place which uses anything more of the access_type than whether it is instruction fetch or data access is the direct store segment handling. Instruction versus data access can be more simply determined from the rw value passed down from the top. This changes the code to use rw in preference to checking access_type. For the 32-bit case there is a small amount of code (for direct store segments) that still needs the full access type. Instead of passing it all the way down the stack, we retrieve it from the env structure, which is where it came anyway, before this patch. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:20 +01:00
if (rwx == 1) {
target-ppc: Disentangle hash mmu paths for cpu_ppc_handle_mmu_fault cpu_ppc_handle_mmu_fault() calls get_physical_address() (whose behaviour depends on MMU type) then, if that fails, issues an appropriate exception - which again has a number of dependencies on MMU type. This patch starts converting cpu_ppc_handle_mmu_fault() to have a single switch on MMU type, calling MMU specific fault handler functions which deal with both translation and exception delivery appropriately for the MMU type. We convert 32-bit and 64-bit hash MMUs to this new model, but the existing code is left in place for other MMU types for now. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2013-03-12 01:31:12 +01:00
env->spr[SPR_DSISR] = 0x0A000000;
} else {
env->spr[SPR_DSISR] = 0x08000000;
}
break;
case -5:
/* No match in segment table */
env->exception_index = POWERPC_EXCP_DSEG;
env->error_code = 0;
env->spr[SPR_DAR] = address;
break;
}
}
#if 0
printf("%s: set exception to %d %02x\n", __func__,
env->exception, env->error_code);
#endif
ret = 1;
}
return ret;
}