From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:48364) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YOB8X-0001G6-Ju for qemu-devel@nongnu.org; Wed, 18 Feb 2015 15:22:27 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1YOB8J-0001pc-Iv for qemu-devel@nongnu.org; Wed, 18 Feb 2015 15:22:21 -0500 Received: from e06smtp10.uk.ibm.com ([195.75.94.106]:46420) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YOB8J-0001pP-7y for qemu-devel@nongnu.org; Wed, 18 Feb 2015 15:22:07 -0500 Received: from /spool/local by e06smtp10.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Wed, 18 Feb 2015 20:22:06 -0000 Received: from b06cxnps4075.portsmouth.uk.ibm.com (d06relay12.portsmouth.uk.ibm.com [9.149.109.197]) by d06dlp03.portsmouth.uk.ibm.com (Postfix) with ESMTP id 5A2B51B0804B for ; Wed, 18 Feb 2015 20:22:17 +0000 (GMT) Received: from d06av06.portsmouth.uk.ibm.com (d06av06.portsmouth.uk.ibm.com [9.149.37.217]) by b06cxnps4075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id t1IKM49I8192410 for ; Wed, 18 Feb 2015 20:22:04 GMT Received: from d06av06.portsmouth.uk.ibm.com (localhost [127.0.0.1]) by d06av06.portsmouth.uk.ibm.com (8.14.4/8.14.4/NCO v10.0 AVout) with ESMTP id t1IFHXGr026819 for ; Wed, 18 Feb 2015 10:17:34 -0500 From: Christian Borntraeger Date: Wed, 18 Feb 2015 21:22:01 +0100 Message-Id: <1424290943-22480-8-git-send-email-borntraeger@de.ibm.com> In-Reply-To: <1424290943-22480-1-git-send-email-borntraeger@de.ibm.com> References: <1424290943-22480-1-git-send-email-borntraeger@de.ibm.com> Subject: [Qemu-devel] [PULL 07/29] s390x/mmu: Fix the handling of the table levels List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Peter Maydell Cc: Thomas Huth , qemu-devel , Alexander Graf , Christian Borntraeger , Jens Freimann , Cornelia Huck , Richard Henderson From: Thomas Huth The current code used a wrong and very confusing way of dealing with the table levels by introducing a "fake level above current". However, the real problem was simply that the checks for the region/segment invalid bit and for the matching region/segment level was done at the wrong spot in the code - it has to be done after the first table entry has been looked up instead (e.g. there is also no "invalid" bit in the ASCE itself and the current "level" has to be the same as the level in the entry that we just looked up). Also the entries for the segment table are quite a bit different compared to the region table entries. So this patch moves the related code into the function mmu_translate_segment() to make it clear at which table level we currently are and to get rid of the ugly switch-statement in the function mmu_translate_region(). Signed-off-by: Thomas Huth Signed-off-by: Jens Freimann Signed-off-by: Christian Borntraeger --- target-s390x/mmu_helper.c | 115 +++++++++++++++++++--------------------------- 1 file changed, 47 insertions(+), 68 deletions(-) diff --git a/target-s390x/mmu_helper.c b/target-s390x/mmu_helper.c index c845cd4..01d819e 100644 --- a/target-s390x/mmu_helper.c +++ b/target-s390x/mmu_helper.c @@ -134,92 +134,76 @@ static int mmu_translate_pte(CPUS390XState *env, target_ulong vaddr, return 0; } -/* Decode EDAT1 segment frame absolute address (1MB page) */ -static int mmu_translate_sfaa(CPUS390XState *env, target_ulong vaddr, - uint64_t asc, uint64_t asce, target_ulong *raddr, - int *flags, int rw) +#define VADDR_PX 0xff000 /* Page index bits */ + +/* Decode segment table entry */ +static int mmu_translate_segment(CPUS390XState *env, target_ulong vaddr, + uint64_t asc, uint64_t st_entry, + target_ulong *raddr, int *flags, int rw) { - if (asce & _SEGMENT_ENTRY_INV) { - DPRINTF("%s: SEG=0x%" PRIx64 " invalid\n", __func__, asce); - trigger_page_fault(env, vaddr, PGM_SEGMENT_TRANS, asc, rw); - return -1; - } + CPUState *cs = CPU(s390_env_get_cpu(env)); + uint64_t origin, offs, pt_entry; - if (asce & _SEGMENT_ENTRY_RO) { + if (st_entry & _SEGMENT_ENTRY_RO) { *flags &= ~PAGE_WRITE; } - *raddr = (asce & 0xfffffffffff00000ULL) | (vaddr & 0xfffff); - - PTE_DPRINTF("%s: SEG=0x%" PRIx64 "\n", __func__, asce); + if ((st_entry & _SEGMENT_ENTRY_FC) && (env->cregs[0] & CR0_EDAT)) { + /* Decode EDAT1 segment frame absolute address (1MB page) */ + *raddr = (st_entry & 0xfffffffffff00000ULL) | (vaddr & 0xfffff); + PTE_DPRINTF("%s: SEG=0x%" PRIx64 "\n", __func__, st_entry); + return 0; + } - return 0; + /* Look up 4KB page entry */ + origin = st_entry & _SEGMENT_ENTRY_ORIGIN; + offs = (vaddr & VADDR_PX) >> 9; + pt_entry = ldq_phys(cs->as, origin + offs); + PTE_DPRINTF("%s: 0x%" PRIx64 " + 0x%" PRIx64 " => 0x%016" PRIx64 "\n", + __func__, origin, offs, pt_entry); + return mmu_translate_pte(env, vaddr, asc, pt_entry, raddr, flags, rw); } -static int mmu_translate_asce(CPUS390XState *env, target_ulong vaddr, - uint64_t asc, uint64_t asce, int level, - target_ulong *raddr, int *flags, int rw) +/* Decode region table entries */ +static int mmu_translate_region(CPUS390XState *env, target_ulong vaddr, + uint64_t asc, uint64_t entry, int level, + target_ulong *raddr, int *flags, int rw) { CPUState *cs = CPU(s390_env_get_cpu(env)); - uint64_t offs = 0; - uint64_t origin; - uint64_t new_asce; + uint64_t origin, offs, new_entry; + + PTE_DPRINTF("%s: 0x%" PRIx64 "\n", __func__, entry); - PTE_DPRINTF("%s: 0x%" PRIx64 "\n", __func__, asce); + origin = entry & _REGION_ENTRY_ORIGIN; + offs = (vaddr >> (17 + 11 * level / 4)) & 0x3ff8; + + new_entry = ldq_phys(cs->as, origin + offs); + PTE_DPRINTF("%s: 0x%" PRIx64 " + 0x%" PRIx64 " => 0x%016" PRIx64 "\n", + __func__, origin, offs, new_entry); - if (((level != _ASCE_TYPE_SEGMENT) && (asce & _REGION_ENTRY_INV)) || - ((level == _ASCE_TYPE_SEGMENT) && (asce & _SEGMENT_ENTRY_INV))) { + if ((new_entry & _REGION_ENTRY_INV) != 0) { /* XXX different regions have different faults */ DPRINTF("%s: invalid region\n", __func__); trigger_page_fault(env, vaddr, PGM_SEGMENT_TRANS, asc, rw); return -1; } - if ((level <= _ASCE_TYPE_MASK) && ((asce & _ASCE_TYPE_MASK) != level)) { + if ((new_entry & _REGION_ENTRY_TYPE_MASK) != level) { trigger_page_fault(env, vaddr, PGM_TRANS_SPEC, asc, rw); return -1; } - origin = asce & _ASCE_ORIGIN; - - switch (level) { - case _ASCE_TYPE_REGION1 + 4: - offs = (vaddr >> 50) & 0x3ff8; - break; - case _ASCE_TYPE_REGION1: - offs = (vaddr >> 39) & 0x3ff8; - break; - case _ASCE_TYPE_REGION2: - offs = (vaddr >> 28) & 0x3ff8; - break; - case _ASCE_TYPE_REGION3: - offs = (vaddr >> 17) & 0x3ff8; - break; - case _ASCE_TYPE_SEGMENT: - offs = (vaddr >> 9) & 0x07f8; - origin = asce & _SEGMENT_ENTRY_ORIGIN; - break; - } - /* XXX region protection flags */ /* *flags &= ~PAGE_WRITE */ - new_asce = ldq_phys(cs->as, origin + offs); - PTE_DPRINTF("%s: 0x%" PRIx64 " + 0x%" PRIx64 " => 0x%016" PRIx64 "\n", - __func__, origin, offs, new_asce); - if (level == _ASCE_TYPE_SEGMENT) { - /* 4KB page */ - return mmu_translate_pte(env, vaddr, asc, new_asce, raddr, flags, rw); - } else if (level - 4 == _ASCE_TYPE_SEGMENT && - (new_asce & _SEGMENT_ENTRY_FC) && (env->cregs[0] & CR0_EDAT)) { - /* 1MB page */ - return mmu_translate_sfaa(env, vaddr, asc, new_asce, raddr, flags, rw); - } else { - /* yet another region */ - return mmu_translate_asce(env, vaddr, asc, new_asce, level - 4, raddr, - flags, rw); + return mmu_translate_segment(env, vaddr, asc, new_entry, raddr, flags, + rw); } + + /* yet another region */ + return mmu_translate_region(env, vaddr, asc, new_entry, level - 4, + raddr, flags, rw); } static int mmu_translate_asc(CPUS390XState *env, target_ulong vaddr, @@ -227,7 +211,7 @@ static int mmu_translate_asc(CPUS390XState *env, target_ulong vaddr, int rw) { uint64_t asce = 0; - int level, new_level; + int level; int r; switch (asc) { @@ -251,7 +235,8 @@ static int mmu_translate_asc(CPUS390XState *env, target_ulong vaddr, return 0; } - switch (asce & _ASCE_TYPE_MASK) { + level = asce & _ASCE_TYPE_MASK; + switch (level) { case _ASCE_TYPE_REGION1: break; case _ASCE_TYPE_REGION2: @@ -280,13 +265,7 @@ static int mmu_translate_asc(CPUS390XState *env, target_ulong vaddr, break; } - /* fake level above current */ - level = asce & _ASCE_TYPE_MASK; - new_level = level + 4; - asce = (asce & ~_ASCE_TYPE_MASK) | (new_level & _ASCE_TYPE_MASK); - - r = mmu_translate_asce(env, vaddr, asc, asce, new_level, raddr, flags, rw); - + r = mmu_translate_region(env, vaddr, asc, asce, level, raddr, flags, rw); if ((rw == 1) && !(*flags & PAGE_WRITE)) { trigger_prot_fault(env, vaddr, asc); return -1; -- 1.9.3