From c445593d30037d0c82241e8ec23eb845bca476e9 Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Tue, 3 Nov 2020 20:43:23 -0800 Subject: [PATCH 1/6] target/riscv: Add a virtualised MMU Mode Add a new MMU mode that includes the current virt mode. Signed-off-by: Alistair Francis Reviewed-by: Richard Henderson Message-id: 4b301bc0ea36da962fc1605371b65019ac3073df.1604464950.git.alistair.francis@wdc.com --- target/riscv/cpu-param.h | 11 ++++++++++- target/riscv/cpu.h | 4 +++- target/riscv/cpu_helper.c | 2 +- 3 files changed, 14 insertions(+), 3 deletions(-) diff --git a/target/riscv/cpu-param.h b/target/riscv/cpu-param.h index 664fc1d371..80eb615f93 100644 --- a/target/riscv/cpu-param.h +++ b/target/riscv/cpu-param.h @@ -18,6 +18,15 @@ # define TARGET_VIRT_ADDR_SPACE_BITS 32 /* sv32 */ #endif #define TARGET_PAGE_BITS 12 /* 4 KiB Pages */ -#define NB_MMU_MODES 4 +/* + * The current MMU Modes are: + * - U mode 0b000 + * - S mode 0b001 + * - M mode 0b011 + * - U mode HLV/HLVX/HSV 0b100 + * - S mode HLV/HLVX/HSV 0b101 + * - M mode HLV/HLVX/HSV 0b111 + */ +#define NB_MMU_MODES 8 #endif diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index 87b68affa8..5d8e54c426 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -363,7 +363,9 @@ void QEMU_NORETURN riscv_raise_exception(CPURISCVState *env, target_ulong riscv_cpu_get_fflags(CPURISCVState *env); void riscv_cpu_set_fflags(CPURISCVState *env, target_ulong); -#define TB_FLAGS_MMU_MASK 3 +#define TB_FLAGS_MMU_MASK 7 +#define TB_FLAGS_PRIV_MMU_MASK 3 +#define TB_FLAGS_PRIV_HYP_ACCESS_MASK (1 << 2) #define TB_FLAGS_MSTATUS_FS MSTATUS_FS typedef CPURISCVState CPUArchState; diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index 3eb3a034db..9dfa7af401 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -323,7 +323,7 @@ static int get_physical_address(CPURISCVState *env, hwaddr *physical, * (riscv_cpu_do_interrupt) is correct */ MemTxResult res; MemTxAttrs attrs = MEMTXATTRS_UNSPECIFIED; - int mode = mmu_idx; + int mode = mmu_idx & TB_FLAGS_PRIV_MMU_MASK; bool use_background = false; /* From 3e5979046f3f5f65828d3950d0c3ec9846d63715 Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Tue, 3 Nov 2020 20:43:26 -0800 Subject: [PATCH 2/6] target/riscv: Set the virtualised MMU mode when doing hyp accesses When performing the hypervisor load/store operations set the MMU mode to indicate that we are virtualised. Signed-off-by: Alistair Francis Reviewed-by: Richard Henderson Message-id: e411c61a1452cad16853f13cac2fb86dc91ebee8.1604464950.git.alistair.francis@wdc.com --- target/riscv/op_helper.c | 30 +++++++++++++++++------------- 1 file changed, 17 insertions(+), 13 deletions(-) diff --git a/target/riscv/op_helper.c b/target/riscv/op_helper.c index e20d56dcb8..548c5851ec 100644 --- a/target/riscv/op_helper.c +++ b/target/riscv/op_helper.c @@ -235,30 +235,31 @@ target_ulong helper_hyp_load(CPURISCVState *env, target_ulong address, (env->priv == PRV_U && !riscv_cpu_virt_enabled(env) && get_field(env->hstatus, HSTATUS_HU))) { target_ulong pte; + int mmu_idx = cpu_mmu_index(env, false) | TB_FLAGS_PRIV_HYP_ACCESS_MASK; riscv_cpu_set_two_stage_lookup(env, true); switch (memop) { case MO_SB: - pte = cpu_ldsb_data_ra(env, address, GETPC()); + pte = cpu_ldsb_mmuidx_ra(env, address, mmu_idx, GETPC()); break; case MO_UB: - pte = cpu_ldub_data_ra(env, address, GETPC()); + pte = cpu_ldub_mmuidx_ra(env, address, mmu_idx, GETPC()); break; case MO_TESW: - pte = cpu_ldsw_data_ra(env, address, GETPC()); + pte = cpu_ldsw_mmuidx_ra(env, address, mmu_idx, GETPC()); break; case MO_TEUW: - pte = cpu_lduw_data_ra(env, address, GETPC()); + pte = cpu_lduw_mmuidx_ra(env, address, mmu_idx, GETPC()); break; case MO_TESL: - pte = cpu_ldl_data_ra(env, address, GETPC()); + pte = cpu_ldl_mmuidx_ra(env, address, mmu_idx, GETPC()); break; case MO_TEUL: - pte = cpu_ldl_data_ra(env, address, GETPC()); + pte = cpu_ldl_mmuidx_ra(env, address, mmu_idx, GETPC()); break; case MO_TEQ: - pte = cpu_ldq_data_ra(env, address, GETPC()); + pte = cpu_ldq_mmuidx_ra(env, address, mmu_idx, GETPC()); break; default: g_assert_not_reached(); @@ -284,23 +285,25 @@ void helper_hyp_store(CPURISCVState *env, target_ulong address, (env->priv == PRV_S && !riscv_cpu_virt_enabled(env)) || (env->priv == PRV_U && !riscv_cpu_virt_enabled(env) && get_field(env->hstatus, HSTATUS_HU))) { + int mmu_idx = cpu_mmu_index(env, false) | TB_FLAGS_PRIV_HYP_ACCESS_MASK; + riscv_cpu_set_two_stage_lookup(env, true); switch (memop) { case MO_SB: case MO_UB: - cpu_stb_data_ra(env, address, val, GETPC()); + cpu_stb_mmuidx_ra(env, address, val, mmu_idx, GETPC()); break; case MO_TESW: case MO_TEUW: - cpu_stw_data_ra(env, address, val, GETPC()); + cpu_stw_mmuidx_ra(env, address, val, mmu_idx, GETPC()); break; case MO_TESL: case MO_TEUL: - cpu_stl_data_ra(env, address, val, GETPC()); + cpu_stl_mmuidx_ra(env, address, val, mmu_idx, GETPC()); break; case MO_TEQ: - cpu_stq_data_ra(env, address, val, GETPC()); + cpu_stq_mmuidx_ra(env, address, val, mmu_idx, GETPC()); break; default: g_assert_not_reached(); @@ -326,15 +329,16 @@ target_ulong helper_hyp_x_load(CPURISCVState *env, target_ulong address, (env->priv == PRV_U && !riscv_cpu_virt_enabled(env) && get_field(env->hstatus, HSTATUS_HU))) { target_ulong pte; + int mmu_idx = cpu_mmu_index(env, false) | TB_FLAGS_PRIV_HYP_ACCESS_MASK; riscv_cpu_set_two_stage_lookup(env, true); switch (memop) { case MO_TEUW: - pte = cpu_lduw_data_ra(env, address, GETPC()); + pte = cpu_lduw_mmuidx_ra(env, address, mmu_idx, GETPC()); break; case MO_TEUL: - pte = cpu_ldl_data_ra(env, address, GETPC()); + pte = cpu_ldl_mmuidx_ra(env, address, mmu_idx, GETPC()); break; default: g_assert_not_reached(); From 1c1c060aa866986ef8b7eb334abbb8c104a46e5c Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Tue, 3 Nov 2020 20:43:29 -0800 Subject: [PATCH 3/6] target/riscv: Remove the HS_TWO_STAGE flag The HS_TWO_STAGE flag is no longer required as the MMU index contains the information if we are performing a two stage access. Signed-off-by: Alistair Francis Reviewed-by: Richard Henderson Message-id: f514b128b1ff0fb41c85f914cee18f905007a922.1604464950.git.alistair.francis@wdc.com --- target/riscv/cpu.h | 3 +- target/riscv/cpu_bits.h | 1 - target/riscv/cpu_helper.c | 60 ++++++++++++++++----------------------- target/riscv/op_helper.c | 12 -------- 4 files changed, 25 insertions(+), 51 deletions(-) diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index 5d8e54c426..0cf48a1521 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -323,8 +323,7 @@ bool riscv_cpu_virt_enabled(CPURISCVState *env); void riscv_cpu_set_virt_enabled(CPURISCVState *env, bool enable); bool riscv_cpu_force_hs_excep_enabled(CPURISCVState *env); void riscv_cpu_set_force_hs_excep(CPURISCVState *env, bool enable); -bool riscv_cpu_two_stage_lookup(CPURISCVState *env); -void riscv_cpu_set_two_stage_lookup(CPURISCVState *env, bool enable); +bool riscv_cpu_two_stage_lookup(int mmu_idx); int riscv_cpu_mmu_index(CPURISCVState *env, bool ifetch); hwaddr riscv_cpu_get_phys_page_debug(CPUState *cpu, vaddr addr); void riscv_cpu_do_unaligned_access(CPUState *cs, vaddr addr, diff --git a/target/riscv/cpu_bits.h b/target/riscv/cpu_bits.h index daedad8691..24b24c69c5 100644 --- a/target/riscv/cpu_bits.h +++ b/target/riscv/cpu_bits.h @@ -469,7 +469,6 @@ * page table fault. */ #define FORCE_HS_EXCEP 2 -#define HS_TWO_STAGE 4 /* RV32 satp CSR field masks */ #define SATP32_MODE 0x80000000 diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index 9dfa7af401..a2787b1d48 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -207,22 +207,9 @@ void riscv_cpu_set_force_hs_excep(CPURISCVState *env, bool enable) env->virt = set_field(env->virt, FORCE_HS_EXCEP, enable); } -bool riscv_cpu_two_stage_lookup(CPURISCVState *env) +bool riscv_cpu_two_stage_lookup(int mmu_idx) { - if (!riscv_has_ext(env, RVH)) { - return false; - } - - return get_field(env->virt, HS_TWO_STAGE); -} - -void riscv_cpu_set_two_stage_lookup(CPURISCVState *env, bool enable) -{ - if (!riscv_has_ext(env, RVH)) { - return; - } - - env->virt = set_field(env->virt, HS_TWO_STAGE, enable); + return mmu_idx & TB_FLAGS_PRIV_HYP_ACCESS_MASK; } int riscv_cpu_claim_interrupts(RISCVCPU *cpu, uint32_t interrupts) @@ -333,7 +320,7 @@ static int get_physical_address(CPURISCVState *env, hwaddr *physical, * was called. Background registers will be used if the guest has * forced a two stage translation to be on (in HS or M mode). */ - if (riscv_cpu_two_stage_lookup(env) && access_type != MMU_INST_FETCH) { + if (!riscv_cpu_virt_enabled(env) && riscv_cpu_two_stage_lookup(mmu_idx)) { use_background = true; } @@ -572,7 +559,7 @@ restart: static void raise_mmu_exception(CPURISCVState *env, target_ulong address, MMUAccessType access_type, bool pmp_violation, - bool first_stage) + bool first_stage, bool two_stage) { CPUState *cs = env_cpu(env); int page_fault_exceptions; @@ -595,8 +582,7 @@ static void raise_mmu_exception(CPURISCVState *env, target_ulong address, } break; case MMU_DATA_LOAD: - if ((riscv_cpu_virt_enabled(env) || riscv_cpu_two_stage_lookup(env)) && - !first_stage) { + if (two_stage && !first_stage) { cs->exception_index = RISCV_EXCP_LOAD_GUEST_ACCESS_FAULT; } else { cs->exception_index = page_fault_exceptions ? @@ -604,8 +590,7 @@ static void raise_mmu_exception(CPURISCVState *env, target_ulong address, } break; case MMU_DATA_STORE: - if ((riscv_cpu_virt_enabled(env) || riscv_cpu_two_stage_lookup(env)) && - !first_stage) { + if (two_stage && !first_stage) { cs->exception_index = RISCV_EXCP_STORE_GUEST_AMO_ACCESS_FAULT; } else { cs->exception_index = page_fault_exceptions ? @@ -696,6 +681,7 @@ bool riscv_cpu_tlb_fill(CPUState *cs, vaddr address, int size, int prot, prot2; bool pmp_violation = false; bool first_stage_error = true; + bool two_stage_lookup = false; int ret = TRANSLATE_FAIL; int mode = mmu_idx; target_ulong tlb_size = 0; @@ -715,11 +701,12 @@ bool riscv_cpu_tlb_fill(CPUState *cs, vaddr address, int size, access_type != MMU_INST_FETCH && get_field(env->mstatus, MSTATUS_MPRV) && get_field(env->mstatus, MSTATUS_MPV)) { - riscv_cpu_set_two_stage_lookup(env, true); + two_stage_lookup = true; } if (riscv_cpu_virt_enabled(env) || - (riscv_cpu_two_stage_lookup(env) && access_type != MMU_INST_FETCH)) { + ((riscv_cpu_two_stage_lookup(mmu_idx) || two_stage_lookup) && + access_type != MMU_INST_FETCH)) { /* Two stage lookup */ ret = get_physical_address(env, &pa, &prot, address, &env->guest_phys_fault_addr, access_type, @@ -782,14 +769,6 @@ bool riscv_cpu_tlb_fill(CPUState *cs, vaddr address, int size, __func__, address, ret, pa, prot); } - /* We did the two stage lookup based on MPRV, unset the lookup */ - if (riscv_has_ext(env, RVH) && env->priv == PRV_M && - access_type != MMU_INST_FETCH && - get_field(env->mstatus, MSTATUS_MPRV) && - get_field(env->mstatus, MSTATUS_MPV)) { - riscv_cpu_set_two_stage_lookup(env, false); - } - if (riscv_feature(env, RISCV_FEATURE_PMP) && (ret == TRANSLATE_SUCCESS) && !pmp_hart_has_privs(env, pa, size, 1 << access_type, mode)) { @@ -811,7 +790,10 @@ bool riscv_cpu_tlb_fill(CPUState *cs, vaddr address, int size, } else if (probe) { return false; } else { - raise_mmu_exception(env, address, access_type, pmp_violation, first_stage_error); + raise_mmu_exception(env, address, access_type, pmp_violation, + first_stage_error, + riscv_cpu_virt_enabled(env) || + riscv_cpu_two_stage_lookup(mmu_idx)); riscv_raise_exception(env, cs->exception_index, retaddr); } @@ -915,9 +897,16 @@ void riscv_cpu_do_interrupt(CPUState *cs) /* handle the trap in S-mode */ if (riscv_has_ext(env, RVH)) { target_ulong hdeleg = async ? env->hideleg : env->hedeleg; + bool two_stage_lookup = false; - if ((riscv_cpu_virt_enabled(env) || - riscv_cpu_two_stage_lookup(env)) && write_tval) { + if (env->priv == PRV_M || + (env->priv == PRV_S && !riscv_cpu_virt_enabled(env)) || + (env->priv == PRV_U && !riscv_cpu_virt_enabled(env) && + get_field(env->hstatus, HSTATUS_HU))) { + two_stage_lookup = true; + } + + if ((riscv_cpu_virt_enabled(env) || two_stage_lookup) && write_tval) { /* * If we are writing a guest virtual address to stval, set * this to 1. If we are trapping to VS we will set this to 0 @@ -955,11 +944,10 @@ void riscv_cpu_do_interrupt(CPUState *cs) riscv_cpu_set_force_hs_excep(env, 0); } else { /* Trap into HS mode */ - if (!riscv_cpu_two_stage_lookup(env)) { + if (!two_stage_lookup) { env->hstatus = set_field(env->hstatus, HSTATUS_SPV, riscv_cpu_virt_enabled(env)); } - riscv_cpu_set_two_stage_lookup(env, false); htval = env->guest_phys_fault_addr; } } diff --git a/target/riscv/op_helper.c b/target/riscv/op_helper.c index 548c5851ec..5759850e69 100644 --- a/target/riscv/op_helper.c +++ b/target/riscv/op_helper.c @@ -237,8 +237,6 @@ target_ulong helper_hyp_load(CPURISCVState *env, target_ulong address, target_ulong pte; int mmu_idx = cpu_mmu_index(env, false) | TB_FLAGS_PRIV_HYP_ACCESS_MASK; - riscv_cpu_set_two_stage_lookup(env, true); - switch (memop) { case MO_SB: pte = cpu_ldsb_mmuidx_ra(env, address, mmu_idx, GETPC()); @@ -265,8 +263,6 @@ target_ulong helper_hyp_load(CPURISCVState *env, target_ulong address, g_assert_not_reached(); } - riscv_cpu_set_two_stage_lookup(env, false); - return pte; } @@ -287,8 +283,6 @@ void helper_hyp_store(CPURISCVState *env, target_ulong address, get_field(env->hstatus, HSTATUS_HU))) { int mmu_idx = cpu_mmu_index(env, false) | TB_FLAGS_PRIV_HYP_ACCESS_MASK; - riscv_cpu_set_two_stage_lookup(env, true); - switch (memop) { case MO_SB: case MO_UB: @@ -309,8 +303,6 @@ void helper_hyp_store(CPURISCVState *env, target_ulong address, g_assert_not_reached(); } - riscv_cpu_set_two_stage_lookup(env, false); - return; } @@ -331,8 +323,6 @@ target_ulong helper_hyp_x_load(CPURISCVState *env, target_ulong address, target_ulong pte; int mmu_idx = cpu_mmu_index(env, false) | TB_FLAGS_PRIV_HYP_ACCESS_MASK; - riscv_cpu_set_two_stage_lookup(env, true); - switch (memop) { case MO_TEUW: pte = cpu_lduw_mmuidx_ra(env, address, mmu_idx, GETPC()); @@ -344,8 +334,6 @@ target_ulong helper_hyp_x_load(CPURISCVState *env, target_ulong address, g_assert_not_reached(); } - riscv_cpu_set_two_stage_lookup(env, false); - return pte; } From 743077b35b1ed88ed243daefafe9403d88a958f6 Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Tue, 3 Nov 2020 20:43:31 -0800 Subject: [PATCH 4/6] target/riscv: Remove the hyp load and store functions Remove the special Virtulisation load and store functions and just use the standard tcg tcg_gen_qemu_ld_tl() and tcg_gen_qemu_st_tl() functions instead. As part of this change we ensure we still run an access check to make sure we can perform the operations. Signed-off-by: Alistair Francis Reviewed-by: Richard Henderson Message-id: 189ac3e53ef2854824d18aad7074c6649f17de2c.1604464950.git.alistair.francis@wdc.com --- target/riscv/cpu.h | 12 +++ target/riscv/helper.h | 2 - target/riscv/insn_trans/trans_rvh.c.inc | 123 +++++++++--------------- target/riscv/op_helper.c | 86 ----------------- target/riscv/translate.c | 2 + 5 files changed, 59 insertions(+), 166 deletions(-) diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index 0cf48a1521..c0a326c843 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -375,6 +375,8 @@ FIELD(TB_FLAGS, VL_EQ_VLMAX, 2, 1) FIELD(TB_FLAGS, LMUL, 3, 2) FIELD(TB_FLAGS, SEW, 5, 3) FIELD(TB_FLAGS, VILL, 8, 1) +/* Is a Hypervisor instruction load/store allowed? */ +FIELD(TB_FLAGS, HLSX, 9, 1) /* * A simplification for VLMAX @@ -421,7 +423,17 @@ static inline void cpu_get_tb_cpu_state(CPURISCVState *env, target_ulong *pc, if (riscv_cpu_fp_enabled(env)) { flags |= env->mstatus & MSTATUS_FS; } + + if (riscv_has_ext(env, RVH)) { + if (env->priv == PRV_M || + (env->priv == PRV_S && !riscv_cpu_virt_enabled(env)) || + (env->priv == PRV_U && !riscv_cpu_virt_enabled(env) && + get_field(env->hstatus, HSTATUS_HU))) { + flags = FIELD_DP32(flags, TB_FLAGS, HLSX, 1); + } + } #endif + *pflags = flags; } diff --git a/target/riscv/helper.h b/target/riscv/helper.h index 4b690147fb..ee35311052 100644 --- a/target/riscv/helper.h +++ b/target/riscv/helper.h @@ -81,8 +81,6 @@ DEF_HELPER_1(tlb_flush, void, env) #ifndef CONFIG_USER_ONLY DEF_HELPER_1(hyp_tlb_flush, void, env) DEF_HELPER_1(hyp_gvma_tlb_flush, void, env) -DEF_HELPER_4(hyp_load, tl, env, tl, tl, tl) -DEF_HELPER_5(hyp_store, void, env, tl, tl, tl, tl) DEF_HELPER_4(hyp_x_load, tl, env, tl, tl, tl) #endif diff --git a/target/riscv/insn_trans/trans_rvh.c.inc b/target/riscv/insn_trans/trans_rvh.c.inc index 881c9ef4d2..cc197e7186 100644 --- a/target/riscv/insn_trans/trans_rvh.c.inc +++ b/target/riscv/insn_trans/trans_rvh.c.inc @@ -16,26 +16,34 @@ * this program. If not, see . */ +#ifndef CONFIG_USER_ONLY +static void check_access(DisasContext *ctx) { + if (!ctx->hlsx) { + if (ctx->virt_enabled) { + generate_exception(ctx, RISCV_EXCP_VIRT_INSTRUCTION_FAULT); + } else { + generate_exception(ctx, RISCV_EXCP_ILLEGAL_INST); + } + } +} +#endif + static bool trans_hlv_b(DisasContext *ctx, arg_hlv_b *a) { REQUIRE_EXT(ctx, RVH); #ifndef CONFIG_USER_ONLY TCGv t0 = tcg_temp_new(); TCGv t1 = tcg_temp_new(); - TCGv mem_idx = tcg_temp_new(); - TCGv memop = tcg_temp_new(); + + check_access(ctx); gen_get_gpr(t0, a->rs1); - tcg_gen_movi_tl(mem_idx, ctx->mem_idx); - tcg_gen_movi_tl(memop, MO_SB); - gen_helper_hyp_load(t1, cpu_env, t0, mem_idx, memop); + tcg_gen_qemu_ld_tl(t1, t0, ctx->mem_idx | TB_FLAGS_PRIV_HYP_ACCESS_MASK, MO_SB); gen_set_gpr(a->rd, t1); tcg_temp_free(t0); tcg_temp_free(t1); - tcg_temp_free(mem_idx); - tcg_temp_free(memop); return true; #else return false; @@ -48,20 +56,16 @@ static bool trans_hlv_h(DisasContext *ctx, arg_hlv_h *a) #ifndef CONFIG_USER_ONLY TCGv t0 = tcg_temp_new(); TCGv t1 = tcg_temp_new(); - TCGv mem_idx = tcg_temp_new(); - TCGv memop = tcg_temp_new(); + + check_access(ctx); gen_get_gpr(t0, a->rs1); - tcg_gen_movi_tl(mem_idx, ctx->mem_idx); - tcg_gen_movi_tl(memop, MO_TESW); - gen_helper_hyp_load(t1, cpu_env, t0, mem_idx, memop); + tcg_gen_qemu_ld_tl(t1, t0, ctx->mem_idx | TB_FLAGS_PRIV_HYP_ACCESS_MASK, MO_TESW); gen_set_gpr(a->rd, t1); tcg_temp_free(t0); tcg_temp_free(t1); - tcg_temp_free(mem_idx); - tcg_temp_free(memop); return true; #else return false; @@ -74,20 +78,16 @@ static bool trans_hlv_w(DisasContext *ctx, arg_hlv_w *a) #ifndef CONFIG_USER_ONLY TCGv t0 = tcg_temp_new(); TCGv t1 = tcg_temp_new(); - TCGv mem_idx = tcg_temp_new(); - TCGv memop = tcg_temp_new(); + + check_access(ctx); gen_get_gpr(t0, a->rs1); - tcg_gen_movi_tl(mem_idx, ctx->mem_idx); - tcg_gen_movi_tl(memop, MO_TESL); - gen_helper_hyp_load(t1, cpu_env, t0, mem_idx, memop); + tcg_gen_qemu_ld_tl(t1, t0, ctx->mem_idx | TB_FLAGS_PRIV_HYP_ACCESS_MASK, MO_TESL); gen_set_gpr(a->rd, t1); tcg_temp_free(t0); tcg_temp_free(t1); - tcg_temp_free(mem_idx); - tcg_temp_free(memop); return true; #else return false; @@ -100,20 +100,16 @@ static bool trans_hlv_bu(DisasContext *ctx, arg_hlv_bu *a) #ifndef CONFIG_USER_ONLY TCGv t0 = tcg_temp_new(); TCGv t1 = tcg_temp_new(); - TCGv mem_idx = tcg_temp_new(); - TCGv memop = tcg_temp_new(); + + check_access(ctx); gen_get_gpr(t0, a->rs1); - tcg_gen_movi_tl(mem_idx, ctx->mem_idx); - tcg_gen_movi_tl(memop, MO_UB); - gen_helper_hyp_load(t1, cpu_env, t0, mem_idx, memop); + tcg_gen_qemu_ld_tl(t1, t0, ctx->mem_idx | TB_FLAGS_PRIV_HYP_ACCESS_MASK, MO_UB); gen_set_gpr(a->rd, t1); tcg_temp_free(t0); tcg_temp_free(t1); - tcg_temp_free(mem_idx); - tcg_temp_free(memop); return true; #else return false; @@ -126,20 +122,15 @@ static bool trans_hlv_hu(DisasContext *ctx, arg_hlv_hu *a) #ifndef CONFIG_USER_ONLY TCGv t0 = tcg_temp_new(); TCGv t1 = tcg_temp_new(); - TCGv mem_idx = tcg_temp_new(); - TCGv memop = tcg_temp_new(); + + check_access(ctx); gen_get_gpr(t0, a->rs1); - tcg_gen_movi_tl(mem_idx, ctx->mem_idx); - tcg_gen_movi_tl(memop, MO_TEUW); - - gen_helper_hyp_load(t1, cpu_env, t0, mem_idx, memop); + tcg_gen_qemu_ld_tl(t1, t0, ctx->mem_idx | TB_FLAGS_PRIV_HYP_ACCESS_MASK, MO_TEUW); gen_set_gpr(a->rd, t1); tcg_temp_free(t0); tcg_temp_free(t1); - tcg_temp_free(mem_idx); - tcg_temp_free(memop); return true; #else return false; @@ -152,20 +143,16 @@ static bool trans_hsv_b(DisasContext *ctx, arg_hsv_b *a) #ifndef CONFIG_USER_ONLY TCGv t0 = tcg_temp_new(); TCGv dat = tcg_temp_new(); - TCGv mem_idx = tcg_temp_new(); - TCGv memop = tcg_temp_new(); + + check_access(ctx); gen_get_gpr(t0, a->rs1); gen_get_gpr(dat, a->rs2); - tcg_gen_movi_tl(mem_idx, ctx->mem_idx); - tcg_gen_movi_tl(memop, MO_SB); - gen_helper_hyp_store(cpu_env, t0, dat, mem_idx, memop); + tcg_gen_qemu_st_tl(dat, t0, ctx->mem_idx | TB_FLAGS_PRIV_HYP_ACCESS_MASK, MO_SB); tcg_temp_free(t0); tcg_temp_free(dat); - tcg_temp_free(mem_idx); - tcg_temp_free(memop); return true; #else return false; @@ -178,20 +165,16 @@ static bool trans_hsv_h(DisasContext *ctx, arg_hsv_h *a) #ifndef CONFIG_USER_ONLY TCGv t0 = tcg_temp_new(); TCGv dat = tcg_temp_new(); - TCGv mem_idx = tcg_temp_new(); - TCGv memop = tcg_temp_new(); + + check_access(ctx); gen_get_gpr(t0, a->rs1); gen_get_gpr(dat, a->rs2); - tcg_gen_movi_tl(mem_idx, ctx->mem_idx); - tcg_gen_movi_tl(memop, MO_TESW); - gen_helper_hyp_store(cpu_env, t0, dat, mem_idx, memop); + tcg_gen_qemu_st_tl(dat, t0, ctx->mem_idx | TB_FLAGS_PRIV_HYP_ACCESS_MASK, MO_TESW); tcg_temp_free(t0); tcg_temp_free(dat); - tcg_temp_free(mem_idx); - tcg_temp_free(memop); return true; #else return false; @@ -204,20 +187,16 @@ static bool trans_hsv_w(DisasContext *ctx, arg_hsv_w *a) #ifndef CONFIG_USER_ONLY TCGv t0 = tcg_temp_new(); TCGv dat = tcg_temp_new(); - TCGv mem_idx = tcg_temp_new(); - TCGv memop = tcg_temp_new(); + + check_access(ctx); gen_get_gpr(t0, a->rs1); gen_get_gpr(dat, a->rs2); - tcg_gen_movi_tl(mem_idx, ctx->mem_idx); - tcg_gen_movi_tl(memop, MO_TESL); - gen_helper_hyp_store(cpu_env, t0, dat, mem_idx, memop); + tcg_gen_qemu_st_tl(dat, t0, ctx->mem_idx | TB_FLAGS_PRIV_HYP_ACCESS_MASK, MO_TESL); tcg_temp_free(t0); tcg_temp_free(dat); - tcg_temp_free(mem_idx); - tcg_temp_free(memop); return true; #else return false; @@ -231,20 +210,16 @@ static bool trans_hlv_wu(DisasContext *ctx, arg_hlv_wu *a) #ifndef CONFIG_USER_ONLY TCGv t0 = tcg_temp_new(); TCGv t1 = tcg_temp_new(); - TCGv mem_idx = tcg_temp_new(); - TCGv memop = tcg_temp_new(); + + check_access(ctx); gen_get_gpr(t0, a->rs1); - tcg_gen_movi_tl(mem_idx, ctx->mem_idx); - tcg_gen_movi_tl(memop, MO_TEUL); - gen_helper_hyp_load(t1, cpu_env, t0, mem_idx, memop); + tcg_gen_qemu_ld_tl(t1, t0, ctx->mem_idx | TB_FLAGS_PRIV_HYP_ACCESS_MASK, MO_TEUL); gen_set_gpr(a->rd, t1); tcg_temp_free(t0); tcg_temp_free(t1); - tcg_temp_free(mem_idx); - tcg_temp_free(memop); return true; #else return false; @@ -257,20 +232,16 @@ static bool trans_hlv_d(DisasContext *ctx, arg_hlv_d *a) #ifndef CONFIG_USER_ONLY TCGv t0 = tcg_temp_new(); TCGv t1 = tcg_temp_new(); - TCGv mem_idx = tcg_temp_new(); - TCGv memop = tcg_temp_new(); + + check_access(ctx); gen_get_gpr(t0, a->rs1); - tcg_gen_movi_tl(mem_idx, ctx->mem_idx); - tcg_gen_movi_tl(memop, MO_TEQ); - gen_helper_hyp_load(t1, cpu_env, t0, mem_idx, memop); + tcg_gen_qemu_ld_tl(t1, t0, ctx->mem_idx | TB_FLAGS_PRIV_HYP_ACCESS_MASK, MO_TEQ); gen_set_gpr(a->rd, t1); tcg_temp_free(t0); tcg_temp_free(t1); - tcg_temp_free(mem_idx); - tcg_temp_free(memop); return true; #else return false; @@ -283,20 +254,16 @@ static bool trans_hsv_d(DisasContext *ctx, arg_hsv_d *a) #ifndef CONFIG_USER_ONLY TCGv t0 = tcg_temp_new(); TCGv dat = tcg_temp_new(); - TCGv mem_idx = tcg_temp_new(); - TCGv memop = tcg_temp_new(); + + check_access(ctx); gen_get_gpr(t0, a->rs1); gen_get_gpr(dat, a->rs2); - tcg_gen_movi_tl(mem_idx, ctx->mem_idx); - tcg_gen_movi_tl(memop, MO_TEQ); - gen_helper_hyp_store(cpu_env, t0, dat, mem_idx, memop); + tcg_gen_qemu_st_tl(dat, t0, ctx->mem_idx | TB_FLAGS_PRIV_HYP_ACCESS_MASK, MO_TEQ); tcg_temp_free(t0); tcg_temp_free(dat); - tcg_temp_free(mem_idx); - tcg_temp_free(memop); return true; #else return false; diff --git a/target/riscv/op_helper.c b/target/riscv/op_helper.c index 5759850e69..980d4f39e1 100644 --- a/target/riscv/op_helper.c +++ b/target/riscv/op_helper.c @@ -227,92 +227,6 @@ void helper_hyp_gvma_tlb_flush(CPURISCVState *env) helper_hyp_tlb_flush(env); } -target_ulong helper_hyp_load(CPURISCVState *env, target_ulong address, - target_ulong attrs, target_ulong memop) -{ - if (env->priv == PRV_M || - (env->priv == PRV_S && !riscv_cpu_virt_enabled(env)) || - (env->priv == PRV_U && !riscv_cpu_virt_enabled(env) && - get_field(env->hstatus, HSTATUS_HU))) { - target_ulong pte; - int mmu_idx = cpu_mmu_index(env, false) | TB_FLAGS_PRIV_HYP_ACCESS_MASK; - - switch (memop) { - case MO_SB: - pte = cpu_ldsb_mmuidx_ra(env, address, mmu_idx, GETPC()); - break; - case MO_UB: - pte = cpu_ldub_mmuidx_ra(env, address, mmu_idx, GETPC()); - break; - case MO_TESW: - pte = cpu_ldsw_mmuidx_ra(env, address, mmu_idx, GETPC()); - break; - case MO_TEUW: - pte = cpu_lduw_mmuidx_ra(env, address, mmu_idx, GETPC()); - break; - case MO_TESL: - pte = cpu_ldl_mmuidx_ra(env, address, mmu_idx, GETPC()); - break; - case MO_TEUL: - pte = cpu_ldl_mmuidx_ra(env, address, mmu_idx, GETPC()); - break; - case MO_TEQ: - pte = cpu_ldq_mmuidx_ra(env, address, mmu_idx, GETPC()); - break; - default: - g_assert_not_reached(); - } - - return pte; - } - - if (riscv_cpu_virt_enabled(env)) { - riscv_raise_exception(env, RISCV_EXCP_VIRT_INSTRUCTION_FAULT, GETPC()); - } else { - riscv_raise_exception(env, RISCV_EXCP_ILLEGAL_INST, GETPC()); - } - return 0; -} - -void helper_hyp_store(CPURISCVState *env, target_ulong address, - target_ulong val, target_ulong attrs, target_ulong memop) -{ - if (env->priv == PRV_M || - (env->priv == PRV_S && !riscv_cpu_virt_enabled(env)) || - (env->priv == PRV_U && !riscv_cpu_virt_enabled(env) && - get_field(env->hstatus, HSTATUS_HU))) { - int mmu_idx = cpu_mmu_index(env, false) | TB_FLAGS_PRIV_HYP_ACCESS_MASK; - - switch (memop) { - case MO_SB: - case MO_UB: - cpu_stb_mmuidx_ra(env, address, val, mmu_idx, GETPC()); - break; - case MO_TESW: - case MO_TEUW: - cpu_stw_mmuidx_ra(env, address, val, mmu_idx, GETPC()); - break; - case MO_TESL: - case MO_TEUL: - cpu_stl_mmuidx_ra(env, address, val, mmu_idx, GETPC()); - break; - case MO_TEQ: - cpu_stq_mmuidx_ra(env, address, val, mmu_idx, GETPC()); - break; - default: - g_assert_not_reached(); - } - - return; - } - - if (riscv_cpu_virt_enabled(env)) { - riscv_raise_exception(env, RISCV_EXCP_VIRT_INSTRUCTION_FAULT, GETPC()); - } else { - riscv_raise_exception(env, RISCV_EXCP_ILLEGAL_INST, GETPC()); - } -} - target_ulong helper_hyp_x_load(CPURISCVState *env, target_ulong address, target_ulong attrs, target_ulong memop) { diff --git a/target/riscv/translate.c b/target/riscv/translate.c index 79dca2291b..554d52a4be 100644 --- a/target/riscv/translate.c +++ b/target/riscv/translate.c @@ -56,6 +56,7 @@ typedef struct DisasContext { to reset this known value. */ int frm; bool ext_ifencei; + bool hlsx; /* vector extension */ bool vill; uint8_t lmul; @@ -807,6 +808,7 @@ static void riscv_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cs) ctx->frm = -1; /* unknown rounding mode */ ctx->ext_ifencei = cpu->cfg.ext_ifencei; ctx->vlen = cpu->cfg.vlen; + ctx->hlsx = FIELD_EX32(tb_flags, TB_FLAGS, HLSX); ctx->vill = FIELD_EX32(tb_flags, TB_FLAGS, VILL); ctx->sew = FIELD_EX32(tb_flags, TB_FLAGS, SEW); ctx->lmul = FIELD_EX32(tb_flags, TB_FLAGS, LMUL); From 7687537ab0c16e0b1e69e7707456573a64b8e13b Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Tue, 3 Nov 2020 20:43:34 -0800 Subject: [PATCH 5/6] target/riscv: Split the Hypervisor execute load helpers Split the hypervisor execute load functions into two seperate functions. This avoids us having to pass the memop to the C helper functions. Signed-off-by: Alistair Francis Reviewed-by: Richard Henderson Message-id: 5b1550f0faa3c435cc77f3c1ae811dea98ab9e36.1604464950.git.alistair.francis@wdc.com --- target/riscv/helper.h | 3 ++- target/riscv/insn_trans/trans_rvh.c.inc | 20 +++++---------- target/riscv/op_helper.c | 34 ++++++------------------- 3 files changed, 16 insertions(+), 41 deletions(-) diff --git a/target/riscv/helper.h b/target/riscv/helper.h index ee35311052..939731c345 100644 --- a/target/riscv/helper.h +++ b/target/riscv/helper.h @@ -81,7 +81,8 @@ DEF_HELPER_1(tlb_flush, void, env) #ifndef CONFIG_USER_ONLY DEF_HELPER_1(hyp_tlb_flush, void, env) DEF_HELPER_1(hyp_gvma_tlb_flush, void, env) -DEF_HELPER_4(hyp_x_load, tl, env, tl, tl, tl) +DEF_HELPER_2(hyp_hlvx_hu, tl, env, tl) +DEF_HELPER_2(hyp_hlvx_wu, tl, env, tl) #endif /* Vector functions */ diff --git a/target/riscv/insn_trans/trans_rvh.c.inc b/target/riscv/insn_trans/trans_rvh.c.inc index cc197e7186..ce7ed5affb 100644 --- a/target/riscv/insn_trans/trans_rvh.c.inc +++ b/target/riscv/insn_trans/trans_rvh.c.inc @@ -277,20 +277,16 @@ static bool trans_hlvx_hu(DisasContext *ctx, arg_hlvx_hu *a) #ifndef CONFIG_USER_ONLY TCGv t0 = tcg_temp_new(); TCGv t1 = tcg_temp_new(); - TCGv mem_idx = tcg_temp_new(); - TCGv memop = tcg_temp_new(); + + check_access(ctx); gen_get_gpr(t0, a->rs1); - tcg_gen_movi_tl(mem_idx, ctx->mem_idx); - tcg_gen_movi_tl(memop, MO_TEUW); - gen_helper_hyp_x_load(t1, cpu_env, t0, mem_idx, memop); + gen_helper_hyp_hlvx_hu(t1, cpu_env, t0); gen_set_gpr(a->rd, t1); tcg_temp_free(t0); tcg_temp_free(t1); - tcg_temp_free(mem_idx); - tcg_temp_free(memop); return true; #else return false; @@ -303,20 +299,16 @@ static bool trans_hlvx_wu(DisasContext *ctx, arg_hlvx_wu *a) #ifndef CONFIG_USER_ONLY TCGv t0 = tcg_temp_new(); TCGv t1 = tcg_temp_new(); - TCGv mem_idx = tcg_temp_new(); - TCGv memop = tcg_temp_new(); + + check_access(ctx); gen_get_gpr(t0, a->rs1); - tcg_gen_movi_tl(mem_idx, ctx->mem_idx); - tcg_gen_movi_tl(memop, MO_TEUL); - gen_helper_hyp_x_load(t1, cpu_env, t0, mem_idx, memop); + gen_helper_hyp_hlvx_wu(t1, cpu_env, t0); gen_set_gpr(a->rd, t1); tcg_temp_free(t0); tcg_temp_free(t1); - tcg_temp_free(mem_idx); - tcg_temp_free(memop); return true; #else return false; diff --git a/target/riscv/op_helper.c b/target/riscv/op_helper.c index 980d4f39e1..d55def76cf 100644 --- a/target/riscv/op_helper.c +++ b/target/riscv/op_helper.c @@ -227,36 +227,18 @@ void helper_hyp_gvma_tlb_flush(CPURISCVState *env) helper_hyp_tlb_flush(env); } -target_ulong helper_hyp_x_load(CPURISCVState *env, target_ulong address, - target_ulong attrs, target_ulong memop) +target_ulong helper_hyp_hlvx_hu(CPURISCVState *env, target_ulong address) { - if (env->priv == PRV_M || - (env->priv == PRV_S && !riscv_cpu_virt_enabled(env)) || - (env->priv == PRV_U && !riscv_cpu_virt_enabled(env) && - get_field(env->hstatus, HSTATUS_HU))) { - target_ulong pte; - int mmu_idx = cpu_mmu_index(env, false) | TB_FLAGS_PRIV_HYP_ACCESS_MASK; + int mmu_idx = cpu_mmu_index(env, true) | TB_FLAGS_PRIV_HYP_ACCESS_MASK; - switch (memop) { - case MO_TEUW: - pte = cpu_lduw_mmuidx_ra(env, address, mmu_idx, GETPC()); - break; - case MO_TEUL: - pte = cpu_ldl_mmuidx_ra(env, address, mmu_idx, GETPC()); - break; - default: - g_assert_not_reached(); - } + return cpu_lduw_mmuidx_ra(env, address, mmu_idx, GETPC()); +} - return pte; - } +target_ulong helper_hyp_hlvx_wu(CPURISCVState *env, target_ulong address) +{ + int mmu_idx = cpu_mmu_index(env, true) | TB_FLAGS_PRIV_HYP_ACCESS_MASK; - if (riscv_cpu_virt_enabled(env)) { - riscv_raise_exception(env, RISCV_EXCP_VIRT_INSTRUCTION_FAULT, GETPC()); - } else { - riscv_raise_exception(env, RISCV_EXCP_ILLEGAL_INST, GETPC()); - } - return 0; + return cpu_ldl_mmuidx_ra(env, address, mmu_idx, GETPC()); } #endif /* !CONFIG_USER_ONLY */ From 96338fefc19a143abdc91f6c44f37683274b08d4 Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Thu, 5 Nov 2020 18:32:19 -0800 Subject: [PATCH 6/6] hw/intc/ibex_plic: Clear the claim register when read MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit After claiming the interrupt by reading the claim register we want to clear the register to make sure the interrupt doesn't appear at the next read. This matches the documentation for the claim register as when an interrupt is claimed by a target the relevant bit of IP is cleared (which we already do): https://docs.opentitan.org/hw/ip/rv_plic/doc/index.html This also matches the current hardware. Signed-off-by: Alistair Francis Reviewed-by: Philippe Mathieu-Daudé Message-id: 68d4575deef2559b7a747f3bda193fcf43af4558.1604629928.git.alistair.francis@wdc.com --- hw/intc/ibex_plic.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/hw/intc/ibex_plic.c b/hw/intc/ibex_plic.c index f49fa67c91..235e6b88ff 100644 --- a/hw/intc/ibex_plic.c +++ b/hw/intc/ibex_plic.c @@ -139,6 +139,9 @@ static uint64_t ibex_plic_read(void *opaque, hwaddr addr, /* Return the current claimed interrupt */ ret = s->claim; + /* Clear the claimed interrupt */ + s->claim = 0x00000000; + /* Update the interrupt status after the claim */ ibex_plic_update(s); }