target/arm: Move get_phys_addr_pmsav8 to ptw.c
Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20220604040607.269301-9-richard.henderson@linaro.org Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This commit is contained in:
parent
1f2e87e5ab
commit
730d5c31d8
|
@ -11970,81 +11970,6 @@ bool pmsav8_mpu_lookup(CPUARMState *env, uint32_t address,
|
||||||
return !(*prot & (1 << access_type));
|
return !(*prot & (1 << access_type));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
bool get_phys_addr_pmsav8(CPUARMState *env, uint32_t address,
|
|
||||||
MMUAccessType access_type, ARMMMUIdx mmu_idx,
|
|
||||||
hwaddr *phys_ptr, MemTxAttrs *txattrs,
|
|
||||||
int *prot, target_ulong *page_size,
|
|
||||||
ARMMMUFaultInfo *fi)
|
|
||||||
{
|
|
||||||
uint32_t secure = regime_is_secure(env, mmu_idx);
|
|
||||||
V8M_SAttributes sattrs = {};
|
|
||||||
bool ret;
|
|
||||||
bool mpu_is_subpage;
|
|
||||||
|
|
||||||
if (arm_feature(env, ARM_FEATURE_M_SECURITY)) {
|
|
||||||
v8m_security_lookup(env, address, access_type, mmu_idx, &sattrs);
|
|
||||||
if (access_type == MMU_INST_FETCH) {
|
|
||||||
/* Instruction fetches always use the MMU bank and the
|
|
||||||
* transaction attribute determined by the fetch address,
|
|
||||||
* regardless of CPU state. This is painful for QEMU
|
|
||||||
* to handle, because it would mean we need to encode
|
|
||||||
* into the mmu_idx not just the (user, negpri) information
|
|
||||||
* for the current security state but also that for the
|
|
||||||
* other security state, which would balloon the number
|
|
||||||
* of mmu_idx values needed alarmingly.
|
|
||||||
* Fortunately we can avoid this because it's not actually
|
|
||||||
* possible to arbitrarily execute code from memory with
|
|
||||||
* the wrong security attribute: it will always generate
|
|
||||||
* an exception of some kind or another, apart from the
|
|
||||||
* special case of an NS CPU executing an SG instruction
|
|
||||||
* in S&NSC memory. So we always just fail the translation
|
|
||||||
* here and sort things out in the exception handler
|
|
||||||
* (including possibly emulating an SG instruction).
|
|
||||||
*/
|
|
||||||
if (sattrs.ns != !secure) {
|
|
||||||
if (sattrs.nsc) {
|
|
||||||
fi->type = ARMFault_QEMU_NSCExec;
|
|
||||||
} else {
|
|
||||||
fi->type = ARMFault_QEMU_SFault;
|
|
||||||
}
|
|
||||||
*page_size = sattrs.subpage ? 1 : TARGET_PAGE_SIZE;
|
|
||||||
*phys_ptr = address;
|
|
||||||
*prot = 0;
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
/* For data accesses we always use the MMU bank indicated
|
|
||||||
* by the current CPU state, but the security attributes
|
|
||||||
* might downgrade a secure access to nonsecure.
|
|
||||||
*/
|
|
||||||
if (sattrs.ns) {
|
|
||||||
txattrs->secure = false;
|
|
||||||
} else if (!secure) {
|
|
||||||
/* NS access to S memory must fault.
|
|
||||||
* Architecturally we should first check whether the
|
|
||||||
* MPU information for this address indicates that we
|
|
||||||
* are doing an unaligned access to Device memory, which
|
|
||||||
* should generate a UsageFault instead. QEMU does not
|
|
||||||
* currently check for that kind of unaligned access though.
|
|
||||||
* If we added it we would need to do so as a special case
|
|
||||||
* for M_FAKE_FSR_SFAULT in arm_v7m_cpu_do_interrupt().
|
|
||||||
*/
|
|
||||||
fi->type = ARMFault_QEMU_SFault;
|
|
||||||
*page_size = sattrs.subpage ? 1 : TARGET_PAGE_SIZE;
|
|
||||||
*phys_ptr = address;
|
|
||||||
*prot = 0;
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
ret = pmsav8_mpu_lookup(env, address, access_type, mmu_idx, phys_ptr,
|
|
||||||
txattrs, prot, &mpu_is_subpage, fi, NULL);
|
|
||||||
*page_size = sattrs.subpage || mpu_is_subpage ? 1 : TARGET_PAGE_SIZE;
|
|
||||||
return ret;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Combine either inner or outer cacheability attributes for normal
|
/* Combine either inner or outer cacheability attributes for normal
|
||||||
* memory, according to table D4-42 and pseudocode procedure
|
* memory, according to table D4-42 and pseudocode procedure
|
||||||
* CombineS1S2AttrHints() of ARM DDI 0487B.b (the ARMv8 ARM).
|
* CombineS1S2AttrHints() of ARM DDI 0487B.b (the ARMv8 ARM).
|
||||||
|
|
|
@ -605,6 +605,83 @@ static bool get_phys_addr_pmsav7(CPUARMState *env, uint32_t address,
|
||||||
return !(*prot & (1 << access_type));
|
return !(*prot & (1 << access_type));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static bool get_phys_addr_pmsav8(CPUARMState *env, uint32_t address,
|
||||||
|
MMUAccessType access_type, ARMMMUIdx mmu_idx,
|
||||||
|
hwaddr *phys_ptr, MemTxAttrs *txattrs,
|
||||||
|
int *prot, target_ulong *page_size,
|
||||||
|
ARMMMUFaultInfo *fi)
|
||||||
|
{
|
||||||
|
uint32_t secure = regime_is_secure(env, mmu_idx);
|
||||||
|
V8M_SAttributes sattrs = {};
|
||||||
|
bool ret;
|
||||||
|
bool mpu_is_subpage;
|
||||||
|
|
||||||
|
if (arm_feature(env, ARM_FEATURE_M_SECURITY)) {
|
||||||
|
v8m_security_lookup(env, address, access_type, mmu_idx, &sattrs);
|
||||||
|
if (access_type == MMU_INST_FETCH) {
|
||||||
|
/*
|
||||||
|
* Instruction fetches always use the MMU bank and the
|
||||||
|
* transaction attribute determined by the fetch address,
|
||||||
|
* regardless of CPU state. This is painful for QEMU
|
||||||
|
* to handle, because it would mean we need to encode
|
||||||
|
* into the mmu_idx not just the (user, negpri) information
|
||||||
|
* for the current security state but also that for the
|
||||||
|
* other security state, which would balloon the number
|
||||||
|
* of mmu_idx values needed alarmingly.
|
||||||
|
* Fortunately we can avoid this because it's not actually
|
||||||
|
* possible to arbitrarily execute code from memory with
|
||||||
|
* the wrong security attribute: it will always generate
|
||||||
|
* an exception of some kind or another, apart from the
|
||||||
|
* special case of an NS CPU executing an SG instruction
|
||||||
|
* in S&NSC memory. So we always just fail the translation
|
||||||
|
* here and sort things out in the exception handler
|
||||||
|
* (including possibly emulating an SG instruction).
|
||||||
|
*/
|
||||||
|
if (sattrs.ns != !secure) {
|
||||||
|
if (sattrs.nsc) {
|
||||||
|
fi->type = ARMFault_QEMU_NSCExec;
|
||||||
|
} else {
|
||||||
|
fi->type = ARMFault_QEMU_SFault;
|
||||||
|
}
|
||||||
|
*page_size = sattrs.subpage ? 1 : TARGET_PAGE_SIZE;
|
||||||
|
*phys_ptr = address;
|
||||||
|
*prot = 0;
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
/*
|
||||||
|
* For data accesses we always use the MMU bank indicated
|
||||||
|
* by the current CPU state, but the security attributes
|
||||||
|
* might downgrade a secure access to nonsecure.
|
||||||
|
*/
|
||||||
|
if (sattrs.ns) {
|
||||||
|
txattrs->secure = false;
|
||||||
|
} else if (!secure) {
|
||||||
|
/*
|
||||||
|
* NS access to S memory must fault.
|
||||||
|
* Architecturally we should first check whether the
|
||||||
|
* MPU information for this address indicates that we
|
||||||
|
* are doing an unaligned access to Device memory, which
|
||||||
|
* should generate a UsageFault instead. QEMU does not
|
||||||
|
* currently check for that kind of unaligned access though.
|
||||||
|
* If we added it we would need to do so as a special case
|
||||||
|
* for M_FAKE_FSR_SFAULT in arm_v7m_cpu_do_interrupt().
|
||||||
|
*/
|
||||||
|
fi->type = ARMFault_QEMU_SFault;
|
||||||
|
*page_size = sattrs.subpage ? 1 : TARGET_PAGE_SIZE;
|
||||||
|
*phys_ptr = address;
|
||||||
|
*prot = 0;
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
ret = pmsav8_mpu_lookup(env, address, access_type, mmu_idx, phys_ptr,
|
||||||
|
txattrs, prot, &mpu_is_subpage, fi, NULL);
|
||||||
|
*page_size = sattrs.subpage || mpu_is_subpage ? 1 : TARGET_PAGE_SIZE;
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* get_phys_addr - get the physical address for this virtual address
|
* get_phys_addr - get the physical address for this virtual address
|
||||||
*
|
*
|
||||||
|
|
|
@ -41,11 +41,6 @@ void get_phys_addr_pmsav7_default(CPUARMState *env,
|
||||||
int32_t address, int *prot);
|
int32_t address, int *prot);
|
||||||
bool pmsav7_use_background_region(ARMCPU *cpu, ARMMMUIdx mmu_idx, bool is_user);
|
bool pmsav7_use_background_region(ARMCPU *cpu, ARMMMUIdx mmu_idx, bool is_user);
|
||||||
|
|
||||||
bool get_phys_addr_pmsav8(CPUARMState *env, uint32_t address,
|
|
||||||
MMUAccessType access_type, ARMMMUIdx mmu_idx,
|
|
||||||
hwaddr *phys_ptr, MemTxAttrs *txattrs,
|
|
||||||
int *prot, target_ulong *page_size,
|
|
||||||
ARMMMUFaultInfo *fi);
|
|
||||||
bool get_phys_addr_lpae(CPUARMState *env, uint64_t address,
|
bool get_phys_addr_lpae(CPUARMState *env, uint64_t address,
|
||||||
MMUAccessType access_type, ARMMMUIdx mmu_idx,
|
MMUAccessType access_type, ARMMMUIdx mmu_idx,
|
||||||
bool s1_is_el0,
|
bool s1_is_el0,
|
||||||
|
|
Loading…
Reference in New Issue