From: Peter Maydell <peter.maydell@linaro.org>
To: qemu-arm@nongnu.org, qemu-devel@nongnu.org
Subject: [PATCH 06/23] target/arm: Make HSTR_EL2 traps take priority over UNDEF-at-EL1
Date: Fri, 27 Jan 2023 17:54:50 +0000 [thread overview]
Message-ID: <20230127175507.2895013-7-peter.maydell@linaro.org> (raw)
In-Reply-To: <20230127175507.2895013-1-peter.maydell@linaro.org>
The semantics of HSTR_EL2 require that it traps cpreg accesses
to EL2 for:
* EL1 accesses
* EL0 accesses, if the access is not UNDEFINED when the
trap bit is 0
(You can see this in the I_ZFGJP priority ordering, where HSTR_EL2
traps from EL1 to EL2 are priority 12, UNDEFs are priority 13, and
HSTR_EL2 traps from EL0 are priority 15.)
However, we don't get this right for EL1 accesses which UNDEF because
the register doesn't exist at all or because its ri->access bits
non-configurably forbid the access. At EL1, check for the HSTR_EL2
trap early, before either of these UNDEF reasons.
We have to retain the HSTR_EL2 check in access_check_cp_reg(),
because at EL0 any kind of UNDEF-to-EL1 (including "no such
register", "bad ri->access" and "ri->accessfn returns 'trap to EL1'")
takes precedence over the trap to EL2. But we only need to do that
check for EL0 now.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/helper.h | 1 +
target/arm/op_helper.c | 13 ++++++++++++-
target/arm/translate.c | 37 ++++++++++++++++++++++++++++++++-----
3 files changed, 45 insertions(+), 6 deletions(-)
diff --git a/target/arm/helper.h b/target/arm/helper.h
index 018b00ea75b..17634b3e7b6 100644
--- a/target/arm/helper.h
+++ b/target/arm/helper.h
@@ -81,6 +81,7 @@ DEF_HELPER_FLAGS_2(check_bxj_trap, TCG_CALL_NO_WG, void, env, i32)
DEF_HELPER_4(access_check_cp_reg, cptr, env, i32, i32, i32)
DEF_HELPER_FLAGS_2(lookup_cp_reg, TCG_CALL_NO_RWG_SE, cptr, env, i32)
+DEF_HELPER_3(hstr_trap_check, void, env, i32, i32)
DEF_HELPER_3(set_cp_reg, void, env, cptr, i32)
DEF_HELPER_2(get_cp_reg, i32, env, cptr)
DEF_HELPER_3(set_cp_reg64, void, env, cptr, i64)
diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c
index 660dae696dd..8ac176e0742 100644
--- a/target/arm/op_helper.c
+++ b/target/arm/op_helper.c
@@ -624,6 +624,13 @@ uint32_t HELPER(mrs_banked)(CPUARMState *env, uint32_t tgtmode, uint32_t regno)
}
}
+void HELPER(hstr_trap_check)(CPUARMState *env, uint32_t mask, uint32_t syndrome)
+{
+ if (env->cp15.hstr_el2 & mask) {
+ raise_exception(env, EXCP_UDEF, syndrome, 2);
+ }
+}
+
const void *HELPER(access_check_cp_reg)(CPUARMState *env, uint32_t key,
uint32_t syndrome, uint32_t isread)
{
@@ -658,7 +665,11 @@ const void *HELPER(access_check_cp_reg)(CPUARMState *env, uint32_t key,
goto fail;
}
- if (!is_a64(env) && arm_current_el(env) < 2 && ri->cp == 15 &&
+ /*
+ * HSTR_EL2 traps from EL1 are checked earlier, via hstr_trap_check;
+ * we only need to check here for traps from EL0.
+ */
+ if (!is_a64(env) && arm_current_el(env) == 0 && ri->cp == 15 &&
(arm_hcr_el2_eff(env) & (HCR_E2H | HCR_TGE)) != (HCR_E2H | HCR_TGE)) {
uint32_t mask = 1 << ri->crn;
diff --git a/target/arm/translate.c b/target/arm/translate.c
index 9252a464a12..ec1f2288ff8 100644
--- a/target/arm/translate.c
+++ b/target/arm/translate.c
@@ -4719,6 +4719,7 @@ static void do_coproc_insn(DisasContext *s, int cpnum, int is64,
TCGv_ptr tcg_ri = NULL;
bool need_exit_tb;
uint32_t syndrome;
+ bool emitted_update_pc = false;
/*
* Note that since we are an implementation which takes an
@@ -4760,6 +4761,28 @@ static void do_coproc_insn(DisasContext *s, int cpnum, int is64,
break;
}
+ if (s->hstr_active && cpnum == 15 && s->current_el == 1) {
+ /*
+ * At EL1, check for a HSTR_EL2 trap, which must take precedence
+ * over the UNDEF for "no such register" or the UNDEF for "access
+ * permissions forbid this EL1 access". HSTR_EL2 traps from EL0
+ * only happen if the cpreg doesn't UNDEF at EL0, so we do those in
+ * access_check_cp_reg(), after the checks for whether the access
+ * configurably trapped to EL1.
+ */
+ uint32_t maskbit = is64 ? crm : crn;
+
+ if (maskbit != 4 && maskbit != 14) {
+ /* T4 and T14 are RES0 so never cause traps */
+ gen_set_condexec(s);
+ gen_update_pc(s, 0);
+ emitted_update_pc = true;
+ gen_helper_hstr_trap_check(cpu_env,
+ tcg_constant_i32(1 << maskbit),
+ tcg_constant_i32(syndrome));
+ }
+ }
+
if (!ri) {
/*
* Unknown register; this might be a guest error or a QEMU
@@ -4788,7 +4811,7 @@ static void do_coproc_insn(DisasContext *s, int cpnum, int is64,
return;
}
- if (s->hstr_active || ri->accessfn ||
+ if ((s->hstr_active && s->current_el == 0) || ri->accessfn ||
(arm_dc_feature(s, ARM_FEATURE_XSCALE) && cpnum < 14)) {
/*
* Emit code to perform further access permissions checks at
@@ -4796,8 +4819,10 @@ static void do_coproc_insn(DisasContext *s, int cpnum, int is64,
* Note that on XScale all cp0..c13 registers do an access check
* call in order to handle c15_cpar.
*/
- gen_set_condexec(s);
- gen_update_pc(s, 0);
+ if (!emitted_update_pc) {
+ gen_set_condexec(s);
+ gen_update_pc(s, 0);
+ }
tcg_ri = tcg_temp_new_ptr();
gen_helper_access_check_cp_reg(tcg_ri, cpu_env,
tcg_constant_i32(key),
@@ -4808,8 +4833,10 @@ static void do_coproc_insn(DisasContext *s, int cpnum, int is64,
* The readfn or writefn might raise an exception;
* synchronize the CPU state in case it does.
*/
- gen_set_condexec(s);
- gen_update_pc(s, 0);
+ if (!emitted_update_pc) {
+ gen_set_condexec(s);
+ gen_update_pc(s, 0);
+ }
}
/* Handle special cases first */
--
2.34.1
next prev parent reply other threads:[~2023-01-27 17:58 UTC|newest]
Thread overview: 49+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-27 17:54 [PATCH 00/23] target/arm: Implement FEAT_FGT fine-grained traps Peter Maydell
2023-01-27 17:54 ` [PATCH 01/23] target/arm: Name AT_S1E1RP and AT_S1E1WP cpregs correctly Peter Maydell
2023-01-28 1:01 ` Richard Henderson
2023-01-27 17:54 ` [PATCH 02/23] target/arm: Correct syndrome for ATS12NSO* at Secure EL1 Peter Maydell
2023-01-28 1:04 ` Richard Henderson
2023-01-27 17:54 ` [PATCH 03/23] target/arm: Remove CP_ACCESS_TRAP_UNCATEGORIZED_{EL2, EL3} Peter Maydell
2023-01-28 1:11 ` Richard Henderson
2023-01-27 17:54 ` [PATCH 04/23] target/arm: Move do_coproc_insn() syndrome calculation earlier Peter Maydell
2023-01-28 1:13 ` Richard Henderson
2023-01-27 17:54 ` [PATCH 05/23] target/arm: All UNDEF-at-EL0 traps take priority over HSTR_EL2 traps Peter Maydell
2023-01-28 1:24 ` Richard Henderson
2023-01-27 17:54 ` Peter Maydell [this message]
2023-01-28 1:47 ` [PATCH 06/23] target/arm: Make HSTR_EL2 traps take priority over UNDEF-at-EL1 Richard Henderson
2023-01-28 14:34 ` Peter Maydell
2023-01-27 17:54 ` [PATCH 07/23] target/arm: Disable HSTR_EL2 traps if EL2 is not enabled Peter Maydell
2023-01-28 1:51 ` Richard Henderson
2023-01-27 17:54 ` [PATCH 08/23] target/arm: Define the FEAT_FGT registers Peter Maydell
2023-01-28 2:31 ` Richard Henderson
2023-01-27 17:54 ` [PATCH 09/23] target/arm: Implement FGT trapping infrastructure Peter Maydell
2023-01-28 2:36 ` Richard Henderson
2023-01-27 17:54 ` [PATCH 10/23] target/arm: Mark up sysregs for HFGRTR bits 0..11 Peter Maydell
2023-01-28 2:36 ` Richard Henderson
2023-01-27 17:54 ` [PATCH 11/23] target/arm: Mark up sysregs for HFGRTR bits 12..23 Peter Maydell
2023-01-28 2:41 ` Richard Henderson
2023-01-27 17:54 ` [PATCH 12/23] target/arm: Mark up sysregs for HFGRTR bits 24..35 Peter Maydell
2023-01-28 2:43 ` Richard Henderson
2023-01-27 17:54 ` [PATCH 13/23] target/arm: Mark up sysregs for HFGRTR bits 36..63 Peter Maydell
2023-01-28 2:50 ` Richard Henderson
2023-01-27 17:54 ` [PATCH 14/23] target/arm: Mark up sysregs for HDFGRTR bits 0..11 Peter Maydell
2023-01-28 2:52 ` Richard Henderson
2023-01-27 17:54 ` [PATCH 15/23] target/arm: Mark up sysregs for HDFGRTR bits 12..63 Peter Maydell
2023-01-28 23:44 ` Richard Henderson
2023-01-27 17:55 ` [PATCH 16/23] target/arm: Mark up sysregs for HFGITR bits 0..11 Peter Maydell
2023-01-28 23:47 ` Richard Henderson
2023-01-27 17:55 ` [PATCH 17/23] target/arm: Mark up sysregs for HFGITR bits 12..17 Peter Maydell
2023-01-28 23:47 ` Richard Henderson
2023-01-27 17:55 ` [PATCH 18/23] target/arm: Mark up sysregs for HFGITR bits 18..47 Peter Maydell
2023-01-28 23:49 ` Richard Henderson
2023-01-27 17:55 ` [PATCH 19/23] target/arm: Mark up sysregs for HFGITR bits 48..63 Peter Maydell
2023-01-28 23:50 ` Richard Henderson
2023-01-27 17:55 ` [PATCH 20/23] target/arm: Implement the HFGITR_EL2.ERET trap Peter Maydell
2023-01-28 23:53 ` Richard Henderson
2023-01-27 17:55 ` [PATCH 21/23] target/arm: Implement the HFGITR_EL2.SVC_EL0 and SVC_EL1 traps Peter Maydell
2023-01-28 23:58 ` Richard Henderson
2023-01-27 17:55 ` [PATCH 22/23] target/arm: Implement MDCR_EL2.TDCC and MDCR_EL3.TDCC traps Peter Maydell
2023-01-29 0:06 ` Richard Henderson
2023-01-27 17:55 ` [PATCH 23/23] target/arm: Enable FEAT_FGT on '-cpu max' Peter Maydell
2023-01-29 0:07 ` Richard Henderson
2023-01-27 18:43 ` [PATCH 00/23] target/arm: Implement FEAT_FGT fine-grained traps Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230127175507.2895013-7-peter.maydell@linaro.org \
--to=peter.maydell@linaro.org \
--cc=qemu-arm@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.