* [PATCH 00/50] i386 cleanup part 3
@ 2021-02-28 23:22 Richard Henderson
2021-02-28 23:22 ` [PATCH 01/50] target/i386: Split out gen_exception_gpf Richard Henderson
` (50 more replies)
0 siblings, 51 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:22 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
Based-on: 20210226175143.22388-1-cfontana@suse.de
("[PATCH v25 00/20] i386 cleanup PART 2")
This started out to address a fixme in Claudio's patch set, then
wandered a bit, with cleanups and bug fixes in the code that I was
touching. I stopped when I reached my original goal of removing
target/i386/tcg/user/*_stubs.c.
There are a lot of patches, but hopefully they're all small
enough to be obvious.
r~
Richard Henderson (50):
target/i386: Split out gen_exception_gpf
target/i386: Split out check_cpl0
target/i386: Unify code paths for IRET
target/i386: Split out check_vm86_iopl
target/i386: Split out check_iopl
target/i386: Assert PE is set for user-only
target/i386: Assert CPL is 3 for user-only
target/i386: Assert IOPL is 0 for user-only
target/i386: Assert !VM86 for x86_64 user-only
target/i386: Assert CODE32 for x86_64 user-only
target/i386: Assert SS32 for x86_64 user-only
target/i386: Assert CODE64 for x86_64 user-only
target/i386: Assert LMA for x86_64 user-only
target/i386: Assert !ADDSEG for x86_64 user-only
target/i386: Introduce REX_PREFIX
target/i386: Tidy REX_B, REX_X definition
target/i386: Move rex_r into DisasContext
target/i386: Move rex_w into DisasContext
target/i386: Remove DisasContext.f_st as unused
target/i386: Reduce DisasContext.flags to uint32_t
target/i386: Reduce DisasContext.override to int8_t
target/i386: Reduce DisasContext.prefix to uint8_t
target/i386: Reduce DisasContext.vex_[lv] to uint8_t
target/i386: Reduce DisasContext popl_esp_hack and rip_offset to
uint8_t
target/i386: Leave TF in DisasContext.flags
target/i386: Reduce DisasContext jmp_opt, repz_opt to bool
target/i386: Fix the comment for repz_opt
target/i386: Reorder DisasContext members
target/i386: Add stub generator for helper_set_dr
target/i386: Assert !SVME for user-only
target/i386: Assert !GUEST for user-only
target/i386: Implement skinit in translate.c
target/i386: Eliminate SVM helpers for user-only
target/i386: Mark some helpers as noreturn
target/i386: Simplify gen_debug usage
target/i386: Tidy svm_check_intercept from tcg
target/i386: Remove pc_start argument to gen_svm_check_intercept
target/i386: Remove user stub for cpu_vmexit
target/i386: Cleanup read_crN, write_crN, lmsw
target/i386: Pass env to do_pause and do_hlt
target/i386: Move invlpg, hlt, monitor, mwait to sysemu
target/i386: Unify invlpg, invlpga
target/i386: Inline user cpu_svm_check_intercept_param
target/i386: Eliminate user stubs for read/write_crN, rd/wrmsr
target/i386: Exit tb after wrmsr
target/i386: Tidy gen_check_io
target/i386: Pass in port to gen_check_io
target/i386: Create helper_check_io
target/i386: Move helper_check_io to sysemu
target/i386: Remove user-only i/o stubs
target/i386/cpu.h | 8 +
target/i386/helper.h | 43 +-
target/i386/tcg/helper-tcg.h | 5 +-
target/i386/tcg/bpt_helper.c | 2 +-
target/i386/tcg/excp_helper.c | 18 +-
target/i386/tcg/misc_helper.c | 79 +--
target/i386/tcg/seg_helper.c | 43 --
target/i386/tcg/sysemu/misc_helper.c | 52 +-
target/i386/tcg/sysemu/seg_helper.c | 29 +
target/i386/tcg/sysemu/svm_helper.c | 30 +-
target/i386/tcg/translate.c | 891 ++++++++++++++-------------
target/i386/tcg/user/misc_stubs.c | 75 ---
target/i386/tcg/user/svm_stubs.c | 76 ---
target/i386/tcg/user/meson.build | 2 -
14 files changed, 600 insertions(+), 753 deletions(-)
delete mode 100644 target/i386/tcg/user/misc_stubs.c
delete mode 100644 target/i386/tcg/user/svm_stubs.c
--
2.25.1
^ permalink raw reply [flat|nested] 56+ messages in thread
* [PATCH 01/50] target/i386: Split out gen_exception_gpf
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
@ 2021-02-28 23:22 ` Richard Henderson
2021-02-28 23:22 ` [PATCH 02/50] target/i386: Split out check_cpl0 Richard Henderson
` (49 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:22 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 68 ++++++++++++++++++++-----------------
1 file changed, 37 insertions(+), 31 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 6ecbbfa6c1..6af8bd219b 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -1276,6 +1276,12 @@ static void gen_illegal_opcode(DisasContext *s)
gen_exception(s, EXCP06_ILLOP, s->pc_start - s->cs_base);
}
+/* Generate #GP for the current instruction. */
+static void gen_exception_gpf(DisasContext *s)
+{
+ gen_exception(s, EXCP0D_GPF, s->pc_start - s->cs_base);
+}
+
/* if d == OR_TMP0, it means memory operand (address in A0) */
static void gen_op(DisasContext *s1, int op, MemOp ot, int d)
{
@@ -4502,7 +4508,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
s->vex_l = 0;
s->vex_v = 0;
if (sigsetjmp(s->jmpbuf, 0) != 0) {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
return s->pc;
}
@@ -6561,7 +6567,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
set_cc_op(s, CC_OP_EFLAGS);
} else if (s->vm86) {
if (s->iopl != 3) {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
} else {
gen_helper_iret_real(cpu_env, tcg_const_i32(dflag - 1));
set_cc_op(s, CC_OP_EFLAGS);
@@ -6683,7 +6689,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0x9c: /* pushf */
gen_svm_check_intercept(s, pc_start, SVM_EXIT_PUSHF);
if (s->vm86 && s->iopl != 3) {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
} else {
gen_update_cc_op(s);
gen_helper_read_eflags(s->T0, cpu_env);
@@ -6693,7 +6699,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0x9d: /* popf */
gen_svm_check_intercept(s, pc_start, SVM_EXIT_POPF);
if (s->vm86 && s->iopl != 3) {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
} else {
ot = gen_pop_T0(s);
if (s->cpl == 0) {
@@ -7055,7 +7061,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0xcd: /* int N */
val = x86_ldub_code(env, s);
if (s->vm86 && s->iopl != 3) {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
} else {
gen_interrupt(s, val, pc_start - s->cs_base, s->pc - s->cs_base);
}
@@ -7078,13 +7084,13 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
if (s->cpl <= s->iopl) {
gen_helper_cli(cpu_env);
} else {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
}
} else {
if (s->iopl == 3) {
gen_helper_cli(cpu_env);
} else {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
}
}
break;
@@ -7095,7 +7101,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
gen_jmp_im(s, s->pc - s->cs_base);
gen_eob_inhibit_irq(s, true);
} else {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
}
break;
case 0x62: /* bound */
@@ -7188,7 +7194,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0x130: /* wrmsr */
case 0x132: /* rdmsr */
if (s->cpl != 0) {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
} else {
gen_update_cc_op(s);
gen_jmp_im(s, pc_start - s->cs_base);
@@ -7220,7 +7226,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
if (CODE64(s) && env->cpuid_vendor1 != CPUID_VENDOR_INTEL_1)
goto illegal_op;
if (!s->pe) {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
} else {
gen_helper_sysenter(cpu_env);
gen_eob(s);
@@ -7231,7 +7237,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
if (CODE64(s) && env->cpuid_vendor1 != CPUID_VENDOR_INTEL_1)
goto illegal_op;
if (!s->pe) {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
} else {
gen_helper_sysexit(cpu_env, tcg_const_i32(dflag - 1));
gen_eob(s);
@@ -7250,7 +7256,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
case 0x107: /* sysret */
if (!s->pe) {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
} else {
gen_helper_sysret(cpu_env, tcg_const_i32(dflag - 1));
/* condition codes are modified only in long mode */
@@ -7272,7 +7278,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
case 0xf4: /* hlt */
if (s->cpl != 0) {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
} else {
gen_update_cc_op(s);
gen_jmp_im(s, pc_start - s->cs_base);
@@ -7298,7 +7304,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
if (!s->pe || s->vm86)
goto illegal_op;
if (s->cpl != 0) {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
} else {
gen_svm_check_intercept(s, pc_start, SVM_EXIT_LDTR_WRITE);
gen_ldst_modrm(env, s, modrm, MO_16, OR_TMP0, 0);
@@ -7319,7 +7325,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
if (!s->pe || s->vm86)
goto illegal_op;
if (s->cpl != 0) {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
} else {
gen_svm_check_intercept(s, pc_start, SVM_EXIT_TR_WRITE);
gen_ldst_modrm(env, s, modrm, MO_16, OR_TMP0, 0);
@@ -7435,7 +7441,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
goto illegal_op;
}
if (s->cpl != 0) {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
break;
}
tcg_gen_concat_tl_i64(s->tmp1_i64, cpu_regs[R_EAX],
@@ -7452,7 +7458,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
goto illegal_op;
}
if (s->cpl != 0) {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
break;
}
gen_update_cc_op(s);
@@ -7477,7 +7483,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
goto illegal_op;
}
if (s->cpl != 0) {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
break;
}
gen_update_cc_op(s);
@@ -7490,7 +7496,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
goto illegal_op;
}
if (s->cpl != 0) {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
break;
}
gen_update_cc_op(s);
@@ -7505,7 +7511,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
goto illegal_op;
}
if (s->cpl != 0) {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
break;
}
gen_update_cc_op(s);
@@ -7519,7 +7525,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
goto illegal_op;
}
if (s->cpl != 0) {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
break;
}
gen_update_cc_op(s);
@@ -7543,7 +7549,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
goto illegal_op;
}
if (s->cpl != 0) {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
break;
}
gen_update_cc_op(s);
@@ -7553,7 +7559,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
CASE_MODRM_MEM_OP(2): /* lgdt */
if (s->cpl != 0) {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
break;
}
gen_svm_check_intercept(s, pc_start, SVM_EXIT_GDTR_WRITE);
@@ -7570,7 +7576,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
CASE_MODRM_MEM_OP(3): /* lidt */
if (s->cpl != 0) {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
break;
}
gen_svm_check_intercept(s, pc_start, SVM_EXIT_IDTR_WRITE);
@@ -7616,7 +7622,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
CASE_MODRM_OP(6): /* lmsw */
if (s->cpl != 0) {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
break;
}
gen_svm_check_intercept(s, pc_start, SVM_EXIT_WRITE_CR0);
@@ -7628,7 +7634,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
CASE_MODRM_MEM_OP(7): /* invlpg */
if (s->cpl != 0) {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
break;
}
gen_update_cc_op(s);
@@ -7643,7 +7649,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
#ifdef TARGET_X86_64
if (CODE64(s)) {
if (s->cpl != 0) {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
} else {
tcg_gen_mov_tl(s->T0, cpu_seg_base[R_GS]);
tcg_gen_ld_tl(cpu_seg_base[R_GS], cpu_env,
@@ -7679,7 +7685,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0x108: /* invd */
case 0x109: /* wbinvd */
if (s->cpl != 0) {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
} else {
gen_svm_check_intercept(s, pc_start, (b & 2) ? SVM_EXIT_INVD : SVM_EXIT_WBINVD);
/* nothing to do */
@@ -8003,7 +8009,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0x120: /* mov reg, crN */
case 0x122: /* mov crN, reg */
if (s->cpl != 0) {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
} else {
modrm = x86_ldub_code(env, s);
/* Ignore the mod bits (assume (modrm&0xc0)==0xc0).
@@ -8057,7 +8063,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0x121: /* mov reg, drN */
case 0x123: /* mov drN, reg */
if (s->cpl != 0) {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
} else {
#ifndef CONFIG_USER_ONLY
modrm = x86_ldub_code(env, s);
@@ -8093,7 +8099,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
case 0x106: /* clts */
if (s->cpl != 0) {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
+ gen_exception_gpf(s);
} else {
gen_svm_check_intercept(s, pc_start, SVM_EXIT_WRITE_CR0);
gen_helper_clts(cpu_env);
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 02/50] target/i386: Split out check_cpl0
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
2021-02-28 23:22 ` [PATCH 01/50] target/i386: Split out gen_exception_gpf Richard Henderson
@ 2021-02-28 23:22 ` Richard Henderson
2021-02-28 23:22 ` [PATCH 03/50] target/i386: Unify code paths for IRET Richard Henderson
` (48 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:22 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
Split out the check for CPL != 0 and the raising of #GP.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 79 ++++++++++++++-----------------------
1 file changed, 30 insertions(+), 49 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 6af8bd219b..5703b253a1 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -1282,6 +1282,16 @@ static void gen_exception_gpf(DisasContext *s)
gen_exception(s, EXCP0D_GPF, s->pc_start - s->cs_base);
}
+/* Check for cpl == 0; if not, raise #GP and return false. */
+static bool check_cpl0(DisasContext *s)
+{
+ if (s->cpl == 0) {
+ return true;
+ }
+ gen_exception_gpf(s);
+ return false;
+}
+
/* if d == OR_TMP0, it means memory operand (address in A0) */
static void gen_op(DisasContext *s1, int op, MemOp ot, int d)
{
@@ -7193,9 +7203,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
case 0x130: /* wrmsr */
case 0x132: /* rdmsr */
- if (s->cpl != 0) {
- gen_exception_gpf(s);
- } else {
+ if (check_cpl0(s)) {
gen_update_cc_op(s);
gen_jmp_im(s, pc_start - s->cs_base);
if (b & 2) {
@@ -7277,9 +7285,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
gen_helper_cpuid(cpu_env);
break;
case 0xf4: /* hlt */
- if (s->cpl != 0) {
- gen_exception_gpf(s);
- } else {
+ if (check_cpl0(s)) {
gen_update_cc_op(s);
gen_jmp_im(s, pc_start - s->cs_base);
gen_helper_hlt(cpu_env, tcg_const_i32(s->pc - pc_start));
@@ -7303,9 +7309,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 2: /* lldt */
if (!s->pe || s->vm86)
goto illegal_op;
- if (s->cpl != 0) {
- gen_exception_gpf(s);
- } else {
+ if (check_cpl0(s)) {
gen_svm_check_intercept(s, pc_start, SVM_EXIT_LDTR_WRITE);
gen_ldst_modrm(env, s, modrm, MO_16, OR_TMP0, 0);
tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T0);
@@ -7324,9 +7328,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 3: /* ltr */
if (!s->pe || s->vm86)
goto illegal_op;
- if (s->cpl != 0) {
- gen_exception_gpf(s);
- } else {
+ if (check_cpl0(s)) {
gen_svm_check_intercept(s, pc_start, SVM_EXIT_TR_WRITE);
gen_ldst_modrm(env, s, modrm, MO_16, OR_TMP0, 0);
tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T0);
@@ -7440,8 +7442,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
| PREFIX_REPZ | PREFIX_REPNZ))) {
goto illegal_op;
}
- if (s->cpl != 0) {
- gen_exception_gpf(s);
+ if (!check_cpl0(s)) {
break;
}
tcg_gen_concat_tl_i64(s->tmp1_i64, cpu_regs[R_EAX],
@@ -7457,8 +7458,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
if (!(s->flags & HF_SVME_MASK) || !s->pe) {
goto illegal_op;
}
- if (s->cpl != 0) {
- gen_exception_gpf(s);
+ if (!check_cpl0(s)) {
break;
}
gen_update_cc_op(s);
@@ -7482,8 +7482,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
if (!(s->flags & HF_SVME_MASK) || !s->pe) {
goto illegal_op;
}
- if (s->cpl != 0) {
- gen_exception_gpf(s);
+ if (!check_cpl0(s)) {
break;
}
gen_update_cc_op(s);
@@ -7495,8 +7494,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
if (!(s->flags & HF_SVME_MASK) || !s->pe) {
goto illegal_op;
}
- if (s->cpl != 0) {
- gen_exception_gpf(s);
+ if (!check_cpl0(s)) {
break;
}
gen_update_cc_op(s);
@@ -7510,8 +7508,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
|| !s->pe) {
goto illegal_op;
}
- if (s->cpl != 0) {
- gen_exception_gpf(s);
+ if (!check_cpl0(s)) {
break;
}
gen_update_cc_op(s);
@@ -7524,8 +7521,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
if (!(s->flags & HF_SVME_MASK) || !s->pe) {
goto illegal_op;
}
- if (s->cpl != 0) {
- gen_exception_gpf(s);
+ if (!check_cpl0(s)) {
break;
}
gen_update_cc_op(s);
@@ -7548,8 +7544,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
if (!(s->flags & HF_SVME_MASK) || !s->pe) {
goto illegal_op;
}
- if (s->cpl != 0) {
- gen_exception_gpf(s);
+ if (!check_cpl0(s)) {
break;
}
gen_update_cc_op(s);
@@ -7558,8 +7553,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
CASE_MODRM_MEM_OP(2): /* lgdt */
- if (s->cpl != 0) {
- gen_exception_gpf(s);
+ if (!check_cpl0(s)) {
break;
}
gen_svm_check_intercept(s, pc_start, SVM_EXIT_GDTR_WRITE);
@@ -7575,8 +7569,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
CASE_MODRM_MEM_OP(3): /* lidt */
- if (s->cpl != 0) {
- gen_exception_gpf(s);
+ if (!check_cpl0(s)) {
break;
}
gen_svm_check_intercept(s, pc_start, SVM_EXIT_IDTR_WRITE);
@@ -7621,8 +7614,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
gen_helper_wrpkru(cpu_env, s->tmp2_i32, s->tmp1_i64);
break;
CASE_MODRM_OP(6): /* lmsw */
- if (s->cpl != 0) {
- gen_exception_gpf(s);
+ if (!check_cpl0(s)) {
break;
}
gen_svm_check_intercept(s, pc_start, SVM_EXIT_WRITE_CR0);
@@ -7633,8 +7625,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
CASE_MODRM_MEM_OP(7): /* invlpg */
- if (s->cpl != 0) {
- gen_exception_gpf(s);
+ if (!check_cpl0(s)) {
break;
}
gen_update_cc_op(s);
@@ -7648,9 +7639,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0xf8: /* swapgs */
#ifdef TARGET_X86_64
if (CODE64(s)) {
- if (s->cpl != 0) {
- gen_exception_gpf(s);
- } else {
+ if (check_cpl0(s)) {
tcg_gen_mov_tl(s->T0, cpu_seg_base[R_GS]);
tcg_gen_ld_tl(cpu_seg_base[R_GS], cpu_env,
offsetof(CPUX86State, kernelgsbase));
@@ -7684,9 +7673,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0x108: /* invd */
case 0x109: /* wbinvd */
- if (s->cpl != 0) {
- gen_exception_gpf(s);
- } else {
+ if (check_cpl0(s)) {
gen_svm_check_intercept(s, pc_start, (b & 2) ? SVM_EXIT_INVD : SVM_EXIT_WBINVD);
/* nothing to do */
}
@@ -8008,9 +7995,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
case 0x120: /* mov reg, crN */
case 0x122: /* mov crN, reg */
- if (s->cpl != 0) {
- gen_exception_gpf(s);
- } else {
+ if (check_cpl0(s)) {
modrm = x86_ldub_code(env, s);
/* Ignore the mod bits (assume (modrm&0xc0)==0xc0).
* AMD documentation (24594.pdf) and testing of
@@ -8062,9 +8047,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
case 0x121: /* mov reg, drN */
case 0x123: /* mov drN, reg */
- if (s->cpl != 0) {
- gen_exception_gpf(s);
- } else {
+ if (check_cpl0(s)) {
#ifndef CONFIG_USER_ONLY
modrm = x86_ldub_code(env, s);
/* Ignore the mod bits (assume (modrm&0xc0)==0xc0).
@@ -8098,9 +8081,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
}
break;
case 0x106: /* clts */
- if (s->cpl != 0) {
- gen_exception_gpf(s);
- } else {
+ if (check_cpl0(s)) {
gen_svm_check_intercept(s, pc_start, SVM_EXIT_WRITE_CR0);
gen_helper_clts(cpu_env);
/* abort block because static cpu state changed */
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 03/50] target/i386: Unify code paths for IRET
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
2021-02-28 23:22 ` [PATCH 01/50] target/i386: Split out gen_exception_gpf Richard Henderson
2021-02-28 23:22 ` [PATCH 02/50] target/i386: Split out check_cpl0 Richard Henderson
@ 2021-02-28 23:22 ` Richard Henderson
2021-02-28 23:22 ` [PATCH 04/50] target/i386: Split out check_vm86_iopl Richard Henderson
` (47 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:22 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
In vm86 mode, we use the same helper as real-mode, but with
an extra check for IOPL. All non-exceptional paths set EFLAGS.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 16 ++++++----------
1 file changed, 6 insertions(+), 10 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 5703b253a1..59c1212625 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -6571,22 +6571,18 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
goto do_lret;
case 0xcf: /* iret */
gen_svm_check_intercept(s, pc_start, SVM_EXIT_IRET);
- if (!s->pe) {
- /* real mode */
- gen_helper_iret_real(cpu_env, tcg_const_i32(dflag - 1));
- set_cc_op(s, CC_OP_EFLAGS);
- } else if (s->vm86) {
- if (s->iopl != 3) {
+ if (!s->pe || s->vm86) {
+ /* real mode or vm86 mode */
+ if (s->vm86 && s->iopl != 3) {
gen_exception_gpf(s);
- } else {
- gen_helper_iret_real(cpu_env, tcg_const_i32(dflag - 1));
- set_cc_op(s, CC_OP_EFLAGS);
+ break;
}
+ gen_helper_iret_real(cpu_env, tcg_const_i32(dflag - 1));
} else {
gen_helper_iret_protected(cpu_env, tcg_const_i32(dflag - 1),
tcg_const_i32(s->pc - s->cs_base));
- set_cc_op(s, CC_OP_EFLAGS);
}
+ set_cc_op(s, CC_OP_EFLAGS);
gen_eob(s);
break;
case 0xe8: /* call im */
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 04/50] target/i386: Split out check_vm86_iopl
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (2 preceding siblings ...)
2021-02-28 23:22 ` [PATCH 03/50] target/i386: Unify code paths for IRET Richard Henderson
@ 2021-02-28 23:22 ` Richard Henderson
2021-02-28 23:22 ` [PATCH 05/50] target/i386: Split out check_iopl Richard Henderson
` (46 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:22 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 25 ++++++++++++++-----------
1 file changed, 14 insertions(+), 11 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 59c1212625..75ee87fe84 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -1292,6 +1292,16 @@ static bool check_cpl0(DisasContext *s)
return false;
}
+/* If vm86, check for iopl == 3; if not, raise #GP and return false. */
+static bool check_vm86_iopl(DisasContext *s)
+{
+ if (!s->vm86 || s->iopl == 3) {
+ return true;
+ }
+ gen_exception_gpf(s);
+ return false;
+}
+
/* if d == OR_TMP0, it means memory operand (address in A0) */
static void gen_op(DisasContext *s1, int op, MemOp ot, int d)
{
@@ -6573,8 +6583,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
gen_svm_check_intercept(s, pc_start, SVM_EXIT_IRET);
if (!s->pe || s->vm86) {
/* real mode or vm86 mode */
- if (s->vm86 && s->iopl != 3) {
- gen_exception_gpf(s);
+ if (!check_vm86_iopl(s)) {
break;
}
gen_helper_iret_real(cpu_env, tcg_const_i32(dflag - 1));
@@ -6694,9 +6703,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
/* flags */
case 0x9c: /* pushf */
gen_svm_check_intercept(s, pc_start, SVM_EXIT_PUSHF);
- if (s->vm86 && s->iopl != 3) {
- gen_exception_gpf(s);
- } else {
+ if (check_vm86_iopl(s)) {
gen_update_cc_op(s);
gen_helper_read_eflags(s->T0, cpu_env);
gen_push_v(s, s->T0);
@@ -6704,9 +6711,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
case 0x9d: /* popf */
gen_svm_check_intercept(s, pc_start, SVM_EXIT_POPF);
- if (s->vm86 && s->iopl != 3) {
- gen_exception_gpf(s);
- } else {
+ if (check_vm86_iopl(s)) {
ot = gen_pop_T0(s);
if (s->cpl == 0) {
if (dflag != MO_16) {
@@ -7066,9 +7071,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
case 0xcd: /* int N */
val = x86_ldub_code(env, s);
- if (s->vm86 && s->iopl != 3) {
- gen_exception_gpf(s);
- } else {
+ if (check_vm86_iopl(s)) {
gen_interrupt(s, val, pc_start - s->cs_base, s->pc - s->cs_base);
}
break;
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 05/50] target/i386: Split out check_iopl
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (3 preceding siblings ...)
2021-02-28 23:22 ` [PATCH 04/50] target/i386: Split out check_vm86_iopl Richard Henderson
@ 2021-02-28 23:22 ` Richard Henderson
2021-02-28 23:22 ` [PATCH 06/50] target/i386: Assert PE is set for user-only Richard Henderson
` (45 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:22 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 28 +++++++++++++---------------
1 file changed, 13 insertions(+), 15 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 75ee87fe84..176c95c02b 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -1302,6 +1302,16 @@ static bool check_vm86_iopl(DisasContext *s)
return false;
}
+/* Check for iopl allowing access; if not, raise #GP and return false. */
+static bool check_iopl(DisasContext *s)
+{
+ if (s->vm86 ? s->iopl == 3 : s->cpl <= s->iopl) {
+ return true;
+ }
+ gen_exception_gpf(s);
+ return false;
+}
+
/* if d == OR_TMP0, it means memory operand (address in A0) */
static void gen_op(DisasContext *s1, int op, MemOp ot, int d)
{
@@ -7089,28 +7099,16 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
#endif
case 0xfa: /* cli */
- if (!s->vm86) {
- if (s->cpl <= s->iopl) {
- gen_helper_cli(cpu_env);
- } else {
- gen_exception_gpf(s);
- }
- } else {
- if (s->iopl == 3) {
- gen_helper_cli(cpu_env);
- } else {
- gen_exception_gpf(s);
- }
+ if (check_iopl(s)) {
+ gen_helper_cli(cpu_env);
}
break;
case 0xfb: /* sti */
- if (s->vm86 ? s->iopl == 3 : s->cpl <= s->iopl) {
+ if (check_iopl(s)) {
gen_helper_sti(cpu_env);
/* interruptions are enabled only the first insn after sti */
gen_jmp_im(s, s->pc - s->cs_base);
gen_eob_inhibit_irq(s, true);
- } else {
- gen_exception_gpf(s);
}
break;
case 0x62: /* bound */
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 06/50] target/i386: Assert PE is set for user-only
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (4 preceding siblings ...)
2021-02-28 23:22 ` [PATCH 05/50] target/i386: Split out check_iopl Richard Henderson
@ 2021-02-28 23:22 ` Richard Henderson
2021-02-28 23:22 ` [PATCH 07/50] target/i386: Assert CPL is 3 " Richard Henderson
` (44 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:22 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
A user-mode executable is never in real-mode. Since we're adding
an accessor macro, pull the value directly out of flags for sysemu.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 69 +++++++++++++++++++------------------
1 file changed, 36 insertions(+), 33 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 176c95c02b..8477797798 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -94,7 +94,6 @@ typedef struct DisasContext {
target_ulong pc; /* pc = eip + cs_base */
/* current block context */
target_ulong cs_base; /* base of CS segment */
- int pe; /* protected mode */
int code32; /* 32 bit code segment */
#ifdef TARGET_X86_64
int lma; /* long mode active */
@@ -146,6 +145,13 @@ typedef struct DisasContext {
sigjmp_buf jmpbuf;
} DisasContext;
+/* The environment in which user-only runs is constrained. */
+#ifdef CONFIG_USER_ONLY
+#define PE(S) true
+#else
+#define PE(S) (((S)->flags & HF_PE_MASK) != 0)
+#endif
+
static void gen_eob(DisasContext *s);
static void gen_jr(DisasContext *s, TCGv dest);
static void gen_jmp(DisasContext *s, target_ulong eip);
@@ -617,7 +623,7 @@ static void gen_check_io(DisasContext *s, MemOp ot, target_ulong cur_eip,
{
target_ulong next_eip;
- if (s->pe && (s->cpl > s->iopl || s->vm86)) {
+ if (PE(s) && (s->cpl > s->iopl || s->vm86)) {
tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T0);
switch (ot) {
case MO_8:
@@ -2345,7 +2351,7 @@ static inline void gen_op_movl_seg_T0_vm(DisasContext *s, X86Seg seg_reg)
call this function with seg_reg == R_CS */
static void gen_movl_seg_T0(DisasContext *s, X86Seg seg_reg)
{
- if (s->pe && !s->vm86) {
+ if (PE(s) && !s->vm86) {
tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T0);
gen_helper_load_seg(cpu_env, tcg_const_i32(seg_reg), s->tmp2_i32);
/* abort translation because the addseg value may change or
@@ -5105,7 +5111,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
gen_add_A0_im(s, 1 << ot);
gen_op_ld_v(s, MO_16, s->T0, s->A0);
do_lcall:
- if (s->pe && !s->vm86) {
+ if (PE(s) && !s->vm86) {
tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T0);
gen_helper_lcall_protected(cpu_env, s->tmp2_i32, s->T1,
tcg_const_i32(dflag - 1),
@@ -5132,7 +5138,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
gen_add_A0_im(s, 1 << ot);
gen_op_ld_v(s, MO_16, s->T0, s->A0);
do_ljmp:
- if (s->pe && !s->vm86) {
+ if (PE(s) && !s->vm86) {
tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T0);
gen_helper_ljmp_protected(cpu_env, s->tmp2_i32, s->T1,
tcg_const_tl(s->pc - s->cs_base));
@@ -6565,7 +6571,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0xca: /* lret im */
val = x86_ldsw_code(env, s);
do_lret:
- if (s->pe && !s->vm86) {
+ if (PE(s) && !s->vm86) {
gen_update_cc_op(s);
gen_jmp_im(s, pc_start - s->cs_base);
gen_helper_lret_protected(cpu_env, tcg_const_i32(dflag - 1),
@@ -6591,7 +6597,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
goto do_lret;
case 0xcf: /* iret */
gen_svm_check_intercept(s, pc_start, SVM_EXIT_IRET);
- if (!s->pe || s->vm86) {
+ if (!PE(s) || s->vm86) {
/* real mode or vm86 mode */
if (!check_vm86_iopl(s)) {
break;
@@ -7230,7 +7236,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
/* For Intel SYSENTER is valid on 64-bit */
if (CODE64(s) && env->cpuid_vendor1 != CPUID_VENDOR_INTEL_1)
goto illegal_op;
- if (!s->pe) {
+ if (!PE(s)) {
gen_exception_gpf(s);
} else {
gen_helper_sysenter(cpu_env);
@@ -7241,7 +7247,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
/* For Intel SYSEXIT is valid on 64-bit */
if (CODE64(s) && env->cpuid_vendor1 != CPUID_VENDOR_INTEL_1)
goto illegal_op;
- if (!s->pe) {
+ if (!PE(s)) {
gen_exception_gpf(s);
} else {
gen_helper_sysexit(cpu_env, tcg_const_i32(dflag - 1));
@@ -7260,7 +7266,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
gen_eob_worker(s, false, true);
break;
case 0x107: /* sysret */
- if (!s->pe) {
+ if (!PE(s)) {
gen_exception_gpf(s);
} else {
gen_helper_sysret(cpu_env, tcg_const_i32(dflag - 1));
@@ -7295,7 +7301,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
op = (modrm >> 3) & 7;
switch(op) {
case 0: /* sldt */
- if (!s->pe || s->vm86)
+ if (!PE(s) || s->vm86)
goto illegal_op;
gen_svm_check_intercept(s, pc_start, SVM_EXIT_LDTR_READ);
tcg_gen_ld32u_tl(s->T0, cpu_env,
@@ -7304,7 +7310,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 1);
break;
case 2: /* lldt */
- if (!s->pe || s->vm86)
+ if (!PE(s) || s->vm86)
goto illegal_op;
if (check_cpl0(s)) {
gen_svm_check_intercept(s, pc_start, SVM_EXIT_LDTR_WRITE);
@@ -7314,7 +7320,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
}
break;
case 1: /* str */
- if (!s->pe || s->vm86)
+ if (!PE(s) || s->vm86)
goto illegal_op;
gen_svm_check_intercept(s, pc_start, SVM_EXIT_TR_READ);
tcg_gen_ld32u_tl(s->T0, cpu_env,
@@ -7323,7 +7329,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 1);
break;
case 3: /* ltr */
- if (!s->pe || s->vm86)
+ if (!PE(s) || s->vm86)
goto illegal_op;
if (check_cpl0(s)) {
gen_svm_check_intercept(s, pc_start, SVM_EXIT_TR_WRITE);
@@ -7334,7 +7340,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
case 4: /* verr */
case 5: /* verw */
- if (!s->pe || s->vm86)
+ if (!PE(s) || s->vm86)
goto illegal_op;
gen_ldst_modrm(env, s, modrm, MO_16, OR_TMP0, 0);
gen_update_cc_op(s);
@@ -7452,7 +7458,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
case 0xd8: /* VMRUN */
- if (!(s->flags & HF_SVME_MASK) || !s->pe) {
+ if (!(s->flags & HF_SVME_MASK) || !PE(s)) {
goto illegal_op;
}
if (!check_cpl0(s)) {
@@ -7476,7 +7482,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
case 0xda: /* VMLOAD */
- if (!(s->flags & HF_SVME_MASK) || !s->pe) {
+ if (!(s->flags & HF_SVME_MASK) || !PE(s)) {
goto illegal_op;
}
if (!check_cpl0(s)) {
@@ -7488,7 +7494,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
case 0xdb: /* VMSAVE */
- if (!(s->flags & HF_SVME_MASK) || !s->pe) {
+ if (!(s->flags & HF_SVME_MASK) || !PE(s)) {
goto illegal_op;
}
if (!check_cpl0(s)) {
@@ -7502,7 +7508,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0xdc: /* STGI */
if ((!(s->flags & HF_SVME_MASK)
&& !(s->cpuid_ext3_features & CPUID_EXT3_SKINIT))
- || !s->pe) {
+ || !PE(s)) {
goto illegal_op;
}
if (!check_cpl0(s)) {
@@ -7515,7 +7521,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
case 0xdd: /* CLGI */
- if (!(s->flags & HF_SVME_MASK) || !s->pe) {
+ if (!(s->flags & HF_SVME_MASK) || !PE(s)) {
goto illegal_op;
}
if (!check_cpl0(s)) {
@@ -7529,7 +7535,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0xde: /* SKINIT */
if ((!(s->flags & HF_SVME_MASK)
&& !(s->cpuid_ext3_features & CPUID_EXT3_SKINIT))
- || !s->pe) {
+ || !PE(s)) {
goto illegal_op;
}
gen_update_cc_op(s);
@@ -7538,7 +7544,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
case 0xdf: /* INVLPGA */
- if (!(s->flags & HF_SVME_MASK) || !s->pe) {
+ if (!(s->flags & HF_SVME_MASK) || !PE(s)) {
goto illegal_op;
}
if (!check_cpl0(s)) {
@@ -7705,7 +7711,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
TCGLabel *label1;
TCGv t0, t1, t2, a0;
- if (!s->pe || s->vm86)
+ if (!PE(s) || s->vm86)
goto illegal_op;
t0 = tcg_temp_local_new();
t1 = tcg_temp_local_new();
@@ -7753,7 +7759,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
{
TCGLabel *label1;
TCGv t0;
- if (!s->pe || s->vm86)
+ if (!PE(s) || s->vm86)
goto illegal_op;
ot = dflag != MO_16 ? MO_32 : MO_16;
modrm = x86_ldub_code(env, s);
@@ -8455,9 +8461,13 @@ static void i386_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cpu)
DisasContext *dc = container_of(dcbase, DisasContext, base);
CPUX86State *env = cpu->env_ptr;
uint32_t flags = dc->base.tb->flags;
- target_ulong cs_base = dc->base.tb->cs_base;
- dc->pe = (flags >> HF_PE_SHIFT) & 1;
+ dc->cs_base = dc->base.tb->cs_base;
+ dc->flags = flags;
+
+ /* We make some simplifying assumptions; validate they're correct. */
+ g_assert(PE(dc) == ((flags & HF_PE_MASK) != 0));
+
dc->code32 = (flags >> HF_CS32_SHIFT) & 1;
dc->ss32 = (flags >> HF_SS32_SHIFT) & 1;
dc->addseg = (flags >> HF_ADDSEG_SHIFT) & 1;
@@ -8468,7 +8478,6 @@ static void i386_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cpu)
dc->tf = (flags >> TF_SHIFT) & 1;
dc->cc_op = CC_OP_DYNAMIC;
dc->cc_op_dirty = false;
- dc->cs_base = cs_base;
dc->popl_esp_hack = 0;
/* select memory access functions */
dc->mem_index = 0;
@@ -8485,7 +8494,6 @@ static void i386_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cpu)
dc->lma = (flags >> HF_LMA_SHIFT) & 1;
dc->code64 = (flags >> HF_CS64_SHIFT) & 1;
#endif
- dc->flags = flags;
dc->jmp_opt = !(dc->tf || dc->base.singlestep_enabled ||
(flags & HF_INHIBIT_IRQ_MASK));
/* Do not optimize repz jumps at all in icount mode, because
@@ -8499,11 +8507,6 @@ static void i386_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cpu)
additional step for ecx=0 when icount is enabled.
*/
dc->repz_opt = !dc->jmp_opt && !(tb_cflags(dc->base.tb) & CF_USE_ICOUNT);
-#if 0
- /* check addseg logic */
- if (!dc->addseg && (dc->vm86 || !dc->pe || !dc->code32))
- printf("ERROR addseg\n");
-#endif
dc->T0 = tcg_temp_new();
dc->T1 = tcg_temp_new();
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 07/50] target/i386: Assert CPL is 3 for user-only
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (5 preceding siblings ...)
2021-02-28 23:22 ` [PATCH 06/50] target/i386: Assert PE is set for user-only Richard Henderson
@ 2021-02-28 23:22 ` Richard Henderson
2021-02-28 23:22 ` [PATCH 08/50] target/i386: Assert IOPL is 0 " Richard Henderson
` (43 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:22 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
A user-mode executable always runs in ring 3.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 32 +++++++++++++++++++++-----------
1 file changed, 21 insertions(+), 11 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 8477797798..50dc693edc 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -94,6 +94,11 @@ typedef struct DisasContext {
target_ulong pc; /* pc = eip + cs_base */
/* current block context */
target_ulong cs_base; /* base of CS segment */
+
+#ifndef CONFIG_USER_ONLY
+ uint8_t cpl; /* code priv level */
+#endif
+
int code32; /* 32 bit code segment */
#ifdef TARGET_X86_64
int lma; /* long mode active */
@@ -111,7 +116,6 @@ typedef struct DisasContext {
int addseg; /* non zero if either DS/ES/SS have a non zero base */
int f_st; /* currently unused */
int vm86; /* vm86 mode */
- int cpl;
int iopl;
int tf; /* TF cpu flag */
int jmp_opt; /* use direct block chaining for direct jumps */
@@ -148,8 +152,10 @@ typedef struct DisasContext {
/* The environment in which user-only runs is constrained. */
#ifdef CONFIG_USER_ONLY
#define PE(S) true
+#define CPL(S) 3
#else
#define PE(S) (((S)->flags & HF_PE_MASK) != 0)
+#define CPL(S) ((S)->cpl)
#endif
static void gen_eob(DisasContext *s);
@@ -623,7 +629,7 @@ static void gen_check_io(DisasContext *s, MemOp ot, target_ulong cur_eip,
{
target_ulong next_eip;
- if (PE(s) && (s->cpl > s->iopl || s->vm86)) {
+ if (PE(s) && (CPL(s) > s->iopl || s->vm86)) {
tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T0);
switch (ot) {
case MO_8:
@@ -1291,7 +1297,7 @@ static void gen_exception_gpf(DisasContext *s)
/* Check for cpl == 0; if not, raise #GP and return false. */
static bool check_cpl0(DisasContext *s)
{
- if (s->cpl == 0) {
+ if (CPL(s) == 0) {
return true;
}
gen_exception_gpf(s);
@@ -1311,7 +1317,7 @@ static bool check_vm86_iopl(DisasContext *s)
/* Check for iopl allowing access; if not, raise #GP and return false. */
static bool check_iopl(DisasContext *s)
{
- if (s->vm86 ? s->iopl == 3 : s->cpl <= s->iopl) {
+ if (s->vm86 ? s->iopl == 3 : CPL(s) <= s->iopl) {
return true;
}
gen_exception_gpf(s);
@@ -6729,7 +6735,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
gen_svm_check_intercept(s, pc_start, SVM_EXIT_POPF);
if (check_vm86_iopl(s)) {
ot = gen_pop_T0(s);
- if (s->cpl == 0) {
+ if (CPL(s) == 0) {
if (dflag != MO_16) {
gen_helper_write_eflags(cpu_env, s->T0,
tcg_const_i32((TF_MASK | AC_MASK |
@@ -6744,7 +6750,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
& 0xffff));
}
} else {
- if (s->cpl <= s->iopl) {
+ if (CPL(s) <= s->iopl) {
if (dflag != MO_16) {
gen_helper_write_eflags(cpu_env, s->T0,
tcg_const_i32((TF_MASK |
@@ -7374,7 +7380,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
case 0xc8: /* monitor */
- if (!(s->cpuid_ext_features & CPUID_EXT_MONITOR) || s->cpl != 0) {
+ if (!(s->cpuid_ext_features & CPUID_EXT_MONITOR) || CPL(s) != 0) {
goto illegal_op;
}
gen_update_cc_op(s);
@@ -7386,7 +7392,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
case 0xc9: /* mwait */
- if (!(s->cpuid_ext_features & CPUID_EXT_MONITOR) || s->cpl != 0) {
+ if (!(s->cpuid_ext_features & CPUID_EXT_MONITOR) || CPL(s) != 0) {
goto illegal_op;
}
gen_update_cc_op(s);
@@ -7397,7 +7403,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0xca: /* clac */
if (!(s->cpuid_7_0_ebx_features & CPUID_7_0_EBX_SMAP)
- || s->cpl != 0) {
+ || CPL(s) != 0) {
goto illegal_op;
}
gen_helper_clac(cpu_env);
@@ -7407,7 +7413,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0xcb: /* stac */
if (!(s->cpuid_7_0_ebx_features & CPUID_7_0_EBX_SMAP)
- || s->cpl != 0) {
+ || CPL(s) != 0) {
goto illegal_op;
}
gen_helper_stac(cpu_env);
@@ -8461,19 +8467,23 @@ static void i386_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cpu)
DisasContext *dc = container_of(dcbase, DisasContext, base);
CPUX86State *env = cpu->env_ptr;
uint32_t flags = dc->base.tb->flags;
+ int cpl = (flags >> HF_CPL_SHIFT) & 3;
dc->cs_base = dc->base.tb->cs_base;
dc->flags = flags;
+#ifndef CONFIG_USER_ONLY
+ dc->cpl = cpl;
+#endif
/* We make some simplifying assumptions; validate they're correct. */
g_assert(PE(dc) == ((flags & HF_PE_MASK) != 0));
+ g_assert(CPL(dc) == cpl);
dc->code32 = (flags >> HF_CS32_SHIFT) & 1;
dc->ss32 = (flags >> HF_SS32_SHIFT) & 1;
dc->addseg = (flags >> HF_ADDSEG_SHIFT) & 1;
dc->f_st = 0;
dc->vm86 = (flags >> VM_SHIFT) & 1;
- dc->cpl = (flags >> HF_CPL_SHIFT) & 3;
dc->iopl = (flags >> IOPL_SHIFT) & 3;
dc->tf = (flags >> TF_SHIFT) & 1;
dc->cc_op = CC_OP_DYNAMIC;
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 08/50] target/i386: Assert IOPL is 0 for user-only
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (6 preceding siblings ...)
2021-02-28 23:22 ` [PATCH 07/50] target/i386: Assert CPL is 3 " Richard Henderson
@ 2021-02-28 23:22 ` Richard Henderson
2021-02-28 23:22 ` [PATCH 09/50] target/i386: Assert !VM86 for x86_64 user-only Richard Henderson
` (42 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:22 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
On real hardware, the linux kernel has the iopl(2) syscall which
can set IOPL to 3, to allow e.g. the xserver to briefly disable
interrupts while programming the graphics card.
However, QEMU cannot and does not implement this syscall, so the
IOPL is never changed from 0. Which means that all of the checks
vs CPL <= IOPL are false for user-only.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 16 ++++++++++------
1 file changed, 10 insertions(+), 6 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 50dc693edc..5f24615826 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -97,6 +97,7 @@ typedef struct DisasContext {
#ifndef CONFIG_USER_ONLY
uint8_t cpl; /* code priv level */
+ uint8_t iopl; /* i/o priv level */
#endif
int code32; /* 32 bit code segment */
@@ -116,7 +117,6 @@ typedef struct DisasContext {
int addseg; /* non zero if either DS/ES/SS have a non zero base */
int f_st; /* currently unused */
int vm86; /* vm86 mode */
- int iopl;
int tf; /* TF cpu flag */
int jmp_opt; /* use direct block chaining for direct jumps */
int repz_opt; /* optimize jumps within repz instructions */
@@ -153,9 +153,11 @@ typedef struct DisasContext {
#ifdef CONFIG_USER_ONLY
#define PE(S) true
#define CPL(S) 3
+#define IOPL(S) 0
#else
#define PE(S) (((S)->flags & HF_PE_MASK) != 0)
#define CPL(S) ((S)->cpl)
+#define IOPL(S) ((S)->iopl)
#endif
static void gen_eob(DisasContext *s);
@@ -629,7 +631,7 @@ static void gen_check_io(DisasContext *s, MemOp ot, target_ulong cur_eip,
{
target_ulong next_eip;
- if (PE(s) && (CPL(s) > s->iopl || s->vm86)) {
+ if (PE(s) && (CPL(s) > IOPL(s) || s->vm86)) {
tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T0);
switch (ot) {
case MO_8:
@@ -1307,7 +1309,7 @@ static bool check_cpl0(DisasContext *s)
/* If vm86, check for iopl == 3; if not, raise #GP and return false. */
static bool check_vm86_iopl(DisasContext *s)
{
- if (!s->vm86 || s->iopl == 3) {
+ if (!s->vm86 || IOPL(s) == 3) {
return true;
}
gen_exception_gpf(s);
@@ -1317,7 +1319,7 @@ static bool check_vm86_iopl(DisasContext *s)
/* Check for iopl allowing access; if not, raise #GP and return false. */
static bool check_iopl(DisasContext *s)
{
- if (s->vm86 ? s->iopl == 3 : CPL(s) <= s->iopl) {
+ if (s->vm86 ? IOPL(s) == 3 : CPL(s) <= IOPL(s)) {
return true;
}
gen_exception_gpf(s);
@@ -6750,7 +6752,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
& 0xffff));
}
} else {
- if (CPL(s) <= s->iopl) {
+ if (CPL(s) <= IOPL(s)) {
if (dflag != MO_16) {
gen_helper_write_eflags(cpu_env, s->T0,
tcg_const_i32((TF_MASK |
@@ -8468,23 +8470,25 @@ static void i386_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cpu)
CPUX86State *env = cpu->env_ptr;
uint32_t flags = dc->base.tb->flags;
int cpl = (flags >> HF_CPL_SHIFT) & 3;
+ int iopl = (flags >> IOPL_SHIFT) & 3;
dc->cs_base = dc->base.tb->cs_base;
dc->flags = flags;
#ifndef CONFIG_USER_ONLY
dc->cpl = cpl;
+ dc->iopl = iopl;
#endif
/* We make some simplifying assumptions; validate they're correct. */
g_assert(PE(dc) == ((flags & HF_PE_MASK) != 0));
g_assert(CPL(dc) == cpl);
+ g_assert(IOPL(dc) == iopl);
dc->code32 = (flags >> HF_CS32_SHIFT) & 1;
dc->ss32 = (flags >> HF_SS32_SHIFT) & 1;
dc->addseg = (flags >> HF_ADDSEG_SHIFT) & 1;
dc->f_st = 0;
dc->vm86 = (flags >> VM_SHIFT) & 1;
- dc->iopl = (flags >> IOPL_SHIFT) & 3;
dc->tf = (flags >> TF_SHIFT) & 1;
dc->cc_op = CC_OP_DYNAMIC;
dc->cc_op_dirty = false;
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 09/50] target/i386: Assert !VM86 for x86_64 user-only
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (7 preceding siblings ...)
2021-02-28 23:22 ` [PATCH 08/50] target/i386: Assert IOPL is 0 " Richard Henderson
@ 2021-02-28 23:22 ` Richard Henderson
2021-02-28 23:22 ` [PATCH 10/50] target/i386: Assert CODE32 " Richard Henderson
` (41 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:22 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
For i386-linux-user, we can enter vm86 mode via the vm86(2) syscall.
That syscall explicitly returns to 32-bit mode, and the syscall does
not exist for a 64-bit x86_64 executable.
Since we're adding an accessor macro, pull the value directly out of
flags otherwise.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 40 ++++++++++++++++++++-----------------
1 file changed, 22 insertions(+), 18 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 5f24615826..0e4f34f201 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -116,7 +116,6 @@ typedef struct DisasContext {
#endif
int addseg; /* non zero if either DS/ES/SS have a non zero base */
int f_st; /* currently unused */
- int vm86; /* vm86 mode */
int tf; /* TF cpu flag */
int jmp_opt; /* use direct block chaining for direct jumps */
int repz_opt; /* optimize jumps within repz instructions */
@@ -159,6 +158,11 @@ typedef struct DisasContext {
#define CPL(S) ((S)->cpl)
#define IOPL(S) ((S)->iopl)
#endif
+#if defined(CONFIG_USER_ONLY) && defined(TARGET_X86_64)
+#define VM86(S) false
+#else
+#define VM86(S) (((S)->flags & HF_VM_MASK) != 0)
+#endif
static void gen_eob(DisasContext *s);
static void gen_jr(DisasContext *s, TCGv dest);
@@ -631,7 +635,7 @@ static void gen_check_io(DisasContext *s, MemOp ot, target_ulong cur_eip,
{
target_ulong next_eip;
- if (PE(s) && (CPL(s) > IOPL(s) || s->vm86)) {
+ if (PE(s) && (CPL(s) > IOPL(s) || VM86(s))) {
tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T0);
switch (ot) {
case MO_8:
@@ -1309,7 +1313,7 @@ static bool check_cpl0(DisasContext *s)
/* If vm86, check for iopl == 3; if not, raise #GP and return false. */
static bool check_vm86_iopl(DisasContext *s)
{
- if (!s->vm86 || IOPL(s) == 3) {
+ if (!VM86(s) || IOPL(s) == 3) {
return true;
}
gen_exception_gpf(s);
@@ -1319,7 +1323,7 @@ static bool check_vm86_iopl(DisasContext *s)
/* Check for iopl allowing access; if not, raise #GP and return false. */
static bool check_iopl(DisasContext *s)
{
- if (s->vm86 ? IOPL(s) == 3 : CPL(s) <= IOPL(s)) {
+ if (VM86(s) ? IOPL(s) == 3 : CPL(s) <= IOPL(s)) {
return true;
}
gen_exception_gpf(s);
@@ -2359,7 +2363,7 @@ static inline void gen_op_movl_seg_T0_vm(DisasContext *s, X86Seg seg_reg)
call this function with seg_reg == R_CS */
static void gen_movl_seg_T0(DisasContext *s, X86Seg seg_reg)
{
- if (PE(s) && !s->vm86) {
+ if (PE(s) && !VM86(s)) {
tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T0);
gen_helper_load_seg(cpu_env, tcg_const_i32(seg_reg), s->tmp2_i32);
/* abort translation because the addseg value may change or
@@ -4615,7 +4619,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0xc4: /* 3-byte VEX */
/* VEX prefixes cannot be used except in 32-bit mode.
Otherwise the instruction is LES or LDS. */
- if (s->code32 && !s->vm86) {
+ if (s->code32 && !VM86(s)) {
static const int pp_prefix[4] = {
0, PREFIX_DATA, PREFIX_REPZ, PREFIX_REPNZ
};
@@ -5119,7 +5123,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
gen_add_A0_im(s, 1 << ot);
gen_op_ld_v(s, MO_16, s->T0, s->A0);
do_lcall:
- if (PE(s) && !s->vm86) {
+ if (PE(s) && !VM86(s)) {
tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T0);
gen_helper_lcall_protected(cpu_env, s->tmp2_i32, s->T1,
tcg_const_i32(dflag - 1),
@@ -5146,7 +5150,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
gen_add_A0_im(s, 1 << ot);
gen_op_ld_v(s, MO_16, s->T0, s->A0);
do_ljmp:
- if (PE(s) && !s->vm86) {
+ if (PE(s) && !VM86(s)) {
tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T0);
gen_helper_ljmp_protected(cpu_env, s->tmp2_i32, s->T1,
tcg_const_tl(s->pc - s->cs_base));
@@ -6579,7 +6583,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0xca: /* lret im */
val = x86_ldsw_code(env, s);
do_lret:
- if (PE(s) && !s->vm86) {
+ if (PE(s) && !VM86(s)) {
gen_update_cc_op(s);
gen_jmp_im(s, pc_start - s->cs_base);
gen_helper_lret_protected(cpu_env, tcg_const_i32(dflag - 1),
@@ -6605,7 +6609,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
goto do_lret;
case 0xcf: /* iret */
gen_svm_check_intercept(s, pc_start, SVM_EXIT_IRET);
- if (!PE(s) || s->vm86) {
+ if (!PE(s) || VM86(s)) {
/* real mode or vm86 mode */
if (!check_vm86_iopl(s)) {
break;
@@ -7309,7 +7313,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
op = (modrm >> 3) & 7;
switch(op) {
case 0: /* sldt */
- if (!PE(s) || s->vm86)
+ if (!PE(s) || VM86(s))
goto illegal_op;
gen_svm_check_intercept(s, pc_start, SVM_EXIT_LDTR_READ);
tcg_gen_ld32u_tl(s->T0, cpu_env,
@@ -7318,7 +7322,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 1);
break;
case 2: /* lldt */
- if (!PE(s) || s->vm86)
+ if (!PE(s) || VM86(s))
goto illegal_op;
if (check_cpl0(s)) {
gen_svm_check_intercept(s, pc_start, SVM_EXIT_LDTR_WRITE);
@@ -7328,7 +7332,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
}
break;
case 1: /* str */
- if (!PE(s) || s->vm86)
+ if (!PE(s) || VM86(s))
goto illegal_op;
gen_svm_check_intercept(s, pc_start, SVM_EXIT_TR_READ);
tcg_gen_ld32u_tl(s->T0, cpu_env,
@@ -7337,7 +7341,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 1);
break;
case 3: /* ltr */
- if (!PE(s) || s->vm86)
+ if (!PE(s) || VM86(s))
goto illegal_op;
if (check_cpl0(s)) {
gen_svm_check_intercept(s, pc_start, SVM_EXIT_TR_WRITE);
@@ -7348,7 +7352,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
case 4: /* verr */
case 5: /* verw */
- if (!PE(s) || s->vm86)
+ if (!PE(s) || VM86(s))
goto illegal_op;
gen_ldst_modrm(env, s, modrm, MO_16, OR_TMP0, 0);
gen_update_cc_op(s);
@@ -7719,7 +7723,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
TCGLabel *label1;
TCGv t0, t1, t2, a0;
- if (!PE(s) || s->vm86)
+ if (!PE(s) || VM86(s))
goto illegal_op;
t0 = tcg_temp_local_new();
t1 = tcg_temp_local_new();
@@ -7767,7 +7771,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
{
TCGLabel *label1;
TCGv t0;
- if (!PE(s) || s->vm86)
+ if (!PE(s) || VM86(s))
goto illegal_op;
ot = dflag != MO_16 ? MO_32 : MO_16;
modrm = x86_ldub_code(env, s);
@@ -8483,12 +8487,12 @@ static void i386_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cpu)
g_assert(PE(dc) == ((flags & HF_PE_MASK) != 0));
g_assert(CPL(dc) == cpl);
g_assert(IOPL(dc) == iopl);
+ g_assert(VM86(dc) == ((flags & HF_VM_MASK) != 0));
dc->code32 = (flags >> HF_CS32_SHIFT) & 1;
dc->ss32 = (flags >> HF_SS32_SHIFT) & 1;
dc->addseg = (flags >> HF_ADDSEG_SHIFT) & 1;
dc->f_st = 0;
- dc->vm86 = (flags >> VM_SHIFT) & 1;
dc->tf = (flags >> TF_SHIFT) & 1;
dc->cc_op = CC_OP_DYNAMIC;
dc->cc_op_dirty = false;
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 10/50] target/i386: Assert CODE32 for x86_64 user-only
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (8 preceding siblings ...)
2021-02-28 23:22 ` [PATCH 09/50] target/i386: Assert !VM86 for x86_64 user-only Richard Henderson
@ 2021-02-28 23:22 ` Richard Henderson
2021-02-28 23:22 ` [PATCH 11/50] target/i386: Assert SS32 " Richard Henderson
` (40 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:22 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
For user-only, CODE32 == !VM86, because we are never in real-mode.
Since we cannot enter vm86 mode for x86_64 user-only, CODE32 is
always set.
Since we're adding an accessor macro, pull the value directly out
of flags otherwise.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 0e4f34f201..d46ebc1dc2 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -100,7 +100,6 @@ typedef struct DisasContext {
uint8_t iopl; /* i/o priv level */
#endif
- int code32; /* 32 bit code segment */
#ifdef TARGET_X86_64
int lma; /* long mode active */
int code64; /* 64 bit code segment */
@@ -160,8 +159,10 @@ typedef struct DisasContext {
#endif
#if defined(CONFIG_USER_ONLY) && defined(TARGET_X86_64)
#define VM86(S) false
+#define CODE32(S) true
#else
#define VM86(S) (((S)->flags & HF_VM_MASK) != 0)
+#define CODE32(S) (((S)->flags & HF_CS32_MASK) != 0)
#endif
static void gen_eob(DisasContext *s);
@@ -2370,7 +2371,7 @@ static void gen_movl_seg_T0(DisasContext *s, X86Seg seg_reg)
because ss32 may change. For R_SS, translation must always
stop as a special handling must be done to disable hardware
interrupts for the next instruction */
- if (seg_reg == R_SS || (s->code32 && seg_reg < R_FS)) {
+ if (seg_reg == R_SS || (CODE32(s) && seg_reg < R_FS)) {
s->base.is_jmp = DISAS_TOO_MANY;
}
} else {
@@ -4619,7 +4620,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0xc4: /* 3-byte VEX */
/* VEX prefixes cannot be used except in 32-bit mode.
Otherwise the instruction is LES or LDS. */
- if (s->code32 && !VM86(s)) {
+ if (CODE32(s) && !VM86(s)) {
static const int pp_prefix[4] = {
0, PREFIX_DATA, PREFIX_REPZ, PREFIX_REPNZ
};
@@ -4686,13 +4687,13 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
aflag = (prefixes & PREFIX_ADR ? MO_32 : MO_64);
} else {
/* In 16/32-bit mode, 0x66 selects the opposite data size. */
- if (s->code32 ^ ((prefixes & PREFIX_DATA) != 0)) {
+ if (CODE32(s) ^ ((prefixes & PREFIX_DATA) != 0)) {
dflag = MO_32;
} else {
dflag = MO_16;
}
/* In 16/32-bit mode, 0x67 selects the opposite addressing. */
- if (s->code32 ^ ((prefixes & PREFIX_ADR) != 0)) {
+ if (CODE32(s) ^ ((prefixes & PREFIX_ADR) != 0)) {
aflag = MO_32;
} else {
aflag = MO_16;
@@ -8488,8 +8489,8 @@ static void i386_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cpu)
g_assert(CPL(dc) == cpl);
g_assert(IOPL(dc) == iopl);
g_assert(VM86(dc) == ((flags & HF_VM_MASK) != 0));
+ g_assert(CODE32(dc) == ((flags & HF_CS32_MASK) != 0));
- dc->code32 = (flags >> HF_CS32_SHIFT) & 1;
dc->ss32 = (flags >> HF_SS32_SHIFT) & 1;
dc->addseg = (flags >> HF_ADDSEG_SHIFT) & 1;
dc->f_st = 0;
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 11/50] target/i386: Assert SS32 for x86_64 user-only
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (9 preceding siblings ...)
2021-02-28 23:22 ` [PATCH 10/50] target/i386: Assert CODE32 " Richard Henderson
@ 2021-02-28 23:22 ` Richard Henderson
2021-02-28 23:22 ` [PATCH 12/50] target/i386: Assert CODE64 " Richard Henderson
` (39 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:22 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
For user-only, SS32 == !VM86, because we are never in
real-mode. Since we cannot enter vm86 mode for x86_64
user-only, SS32 is always set.
Since we're adding an accessor macro, pull the value
directly out of flags otherwise.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 15 ++++++++-------
1 file changed, 8 insertions(+), 7 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index d46ebc1dc2..ede6e4c5cd 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -107,7 +107,6 @@ typedef struct DisasContext {
#endif
int vex_l; /* vex vector length */
int vex_v; /* vex vvvv register, without 1's complement. */
- int ss32; /* 32 bit stack segment */
CCOp cc_op; /* current CC operation */
bool cc_op_dirty;
#ifdef TARGET_X86_64
@@ -160,9 +159,11 @@ typedef struct DisasContext {
#if defined(CONFIG_USER_ONLY) && defined(TARGET_X86_64)
#define VM86(S) false
#define CODE32(S) true
+#define SS32(S) true
#else
#define VM86(S) (((S)->flags & HF_VM_MASK) != 0)
#define CODE32(S) (((S)->flags & HF_CS32_MASK) != 0)
+#define SS32(S) (((S)->flags & HF_SS32_MASK) != 0)
#endif
static void gen_eob(DisasContext *s);
@@ -352,7 +353,7 @@ static inline MemOp mo_pushpop(DisasContext *s, MemOp ot)
/* Select the size of the stack pointer. */
static inline MemOp mo_stacksize(DisasContext *s)
{
- return CODE64(s) ? MO_64 : s->ss32 ? MO_32 : MO_16;
+ return CODE64(s) ? MO_64 : SS32(s) ? MO_32 : MO_16;
}
/* Select only size 64 else 32. Used for SSE operand sizes. */
@@ -2451,12 +2452,12 @@ static inline void gen_pop_update(DisasContext *s, MemOp ot)
static inline void gen_stack_A0(DisasContext *s)
{
- gen_lea_v_seg(s, s->ss32 ? MO_32 : MO_16, cpu_regs[R_ESP], R_SS, -1);
+ gen_lea_v_seg(s, SS32(s) ? MO_32 : MO_16, cpu_regs[R_ESP], R_SS, -1);
}
static void gen_pusha(DisasContext *s)
{
- MemOp s_ot = s->ss32 ? MO_32 : MO_16;
+ MemOp s_ot = SS32(s) ? MO_32 : MO_16;
MemOp d_ot = s->dflag;
int size = 1 << d_ot;
int i;
@@ -2472,7 +2473,7 @@ static void gen_pusha(DisasContext *s)
static void gen_popa(DisasContext *s)
{
- MemOp s_ot = s->ss32 ? MO_32 : MO_16;
+ MemOp s_ot = SS32(s) ? MO_32 : MO_16;
MemOp d_ot = s->dflag;
int size = 1 << d_ot;
int i;
@@ -2494,7 +2495,7 @@ static void gen_popa(DisasContext *s)
static void gen_enter(DisasContext *s, int esp_addend, int level)
{
MemOp d_ot = mo_pushpop(s, s->dflag);
- MemOp a_ot = CODE64(s) ? MO_64 : s->ss32 ? MO_32 : MO_16;
+ MemOp a_ot = CODE64(s) ? MO_64 : SS32(s) ? MO_32 : MO_16;
int size = 1 << d_ot;
/* Push BP; compute FrameTemp into T1. */
@@ -8490,8 +8491,8 @@ static void i386_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cpu)
g_assert(IOPL(dc) == iopl);
g_assert(VM86(dc) == ((flags & HF_VM_MASK) != 0));
g_assert(CODE32(dc) == ((flags & HF_CS32_MASK) != 0));
+ g_assert(SS32(dc) == ((flags & HF_SS32_MASK) != 0));
- dc->ss32 = (flags >> HF_SS32_SHIFT) & 1;
dc->addseg = (flags >> HF_ADDSEG_SHIFT) & 1;
dc->f_st = 0;
dc->tf = (flags >> TF_SHIFT) & 1;
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 12/50] target/i386: Assert CODE64 for x86_64 user-only
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (10 preceding siblings ...)
2021-02-28 23:22 ` [PATCH 11/50] target/i386: Assert SS32 " Richard Henderson
@ 2021-02-28 23:22 ` Richard Henderson
2021-02-28 23:22 ` [PATCH 13/50] target/i386: Assert LMA " Richard Henderson
` (38 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:22 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
For x86_64 user-only, there is no way to leave 64-bit mode.
Without x86_64, there is no way to enter 64-bit mode. There is
an existing macro to aid with that; simply place it in the right
place in the ifdef chain.
Since we're adding an accessor macro, pull the value directly out
of flags when we're not assuming a constant.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index ede6e4c5cd..e7f4392d55 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -41,11 +41,9 @@
#define PREFIX_VEX 0x20
#ifdef TARGET_X86_64
-#define CODE64(s) ((s)->code64)
#define REX_X(s) ((s)->rex_x)
#define REX_B(s) ((s)->rex_b)
#else
-#define CODE64(s) 0
#define REX_X(s) 0
#define REX_B(s) 0
#endif
@@ -102,7 +100,6 @@ typedef struct DisasContext {
#ifdef TARGET_X86_64
int lma; /* long mode active */
- int code64; /* 64 bit code segment */
int rex_x, rex_b;
#endif
int vex_l; /* vex vector length */
@@ -165,6 +162,13 @@ typedef struct DisasContext {
#define CODE32(S) (((S)->flags & HF_CS32_MASK) != 0)
#define SS32(S) (((S)->flags & HF_SS32_MASK) != 0)
#endif
+#if !defined(TARGET_X86_64)
+#define CODE64(S) false
+#elif defined(CONFIG_USER_ONLY)
+#define CODE64(S) true
+#else
+#define CODE64(S) (((S)->flags & HF_CS64_MASK) != 0)
+#endif
static void gen_eob(DisasContext *s);
static void gen_jr(DisasContext *s, TCGv dest);
@@ -8491,6 +8495,7 @@ static void i386_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cpu)
g_assert(IOPL(dc) == iopl);
g_assert(VM86(dc) == ((flags & HF_VM_MASK) != 0));
g_assert(CODE32(dc) == ((flags & HF_CS32_MASK) != 0));
+ g_assert(CODE64(dc) == ((flags & HF_CS64_MASK) != 0));
g_assert(SS32(dc) == ((flags & HF_SS32_MASK) != 0));
dc->addseg = (flags >> HF_ADDSEG_SHIFT) & 1;
@@ -8512,7 +8517,6 @@ static void i386_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cpu)
dc->cpuid_xsave_features = env->features[FEAT_XSAVE];
#ifdef TARGET_X86_64
dc->lma = (flags >> HF_LMA_SHIFT) & 1;
- dc->code64 = (flags >> HF_CS64_SHIFT) & 1;
#endif
dc->jmp_opt = !(dc->tf || dc->base.singlestep_enabled ||
(flags & HF_INHIBIT_IRQ_MASK));
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 13/50] target/i386: Assert LMA for x86_64 user-only
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (11 preceding siblings ...)
2021-02-28 23:22 ` [PATCH 12/50] target/i386: Assert CODE64 " Richard Henderson
@ 2021-02-28 23:22 ` Richard Henderson
2021-02-28 23:22 ` [PATCH 14/50] target/i386: Assert !ADDSEG " Richard Henderson
` (37 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:22 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
LMA is a pre-requisite for CODE64, so there is no way to disable it
for x86_64-linux-user, and there is no way to enable it for i386.
Since we're adding an accessor macro, pull the value directly out
of flags when we're not assuming a constant.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index e7f4392d55..c8728397d0 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -99,7 +99,6 @@ typedef struct DisasContext {
#endif
#ifdef TARGET_X86_64
- int lma; /* long mode active */
int rex_x, rex_b;
#endif
int vex_l; /* vex vector length */
@@ -164,10 +163,13 @@ typedef struct DisasContext {
#endif
#if !defined(TARGET_X86_64)
#define CODE64(S) false
+#define LMA(S) false
#elif defined(CONFIG_USER_ONLY)
#define CODE64(S) true
+#define LMA(S) true
#else
#define CODE64(S) (((S)->flags & HF_CS64_MASK) != 0)
+#define LMA(S) (((S)->flags & HF_LMA_MASK) != 0)
#endif
static void gen_eob(DisasContext *s);
@@ -7289,7 +7291,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
} else {
gen_helper_sysret(cpu_env, tcg_const_i32(dflag - 1));
/* condition codes are modified only in long mode */
- if (s->lma) {
+ if (LMA(s)) {
set_cc_op(s, CC_OP_EFLAGS);
}
/* TF handling for the sysret insn is different. The TF bit is
@@ -8497,6 +8499,7 @@ static void i386_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cpu)
g_assert(CODE32(dc) == ((flags & HF_CS32_MASK) != 0));
g_assert(CODE64(dc) == ((flags & HF_CS64_MASK) != 0));
g_assert(SS32(dc) == ((flags & HF_SS32_MASK) != 0));
+ g_assert(LMA(dc) == ((flags & HF_LMA_MASK) != 0));
dc->addseg = (flags >> HF_ADDSEG_SHIFT) & 1;
dc->f_st = 0;
@@ -8515,9 +8518,6 @@ static void i386_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cpu)
dc->cpuid_ext3_features = env->features[FEAT_8000_0001_ECX];
dc->cpuid_7_0_ebx_features = env->features[FEAT_7_0_EBX];
dc->cpuid_xsave_features = env->features[FEAT_XSAVE];
-#ifdef TARGET_X86_64
- dc->lma = (flags >> HF_LMA_SHIFT) & 1;
-#endif
dc->jmp_opt = !(dc->tf || dc->base.singlestep_enabled ||
(flags & HF_INHIBIT_IRQ_MASK));
/* Do not optimize repz jumps at all in icount mode, because
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 14/50] target/i386: Assert !ADDSEG for x86_64 user-only
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (12 preceding siblings ...)
2021-02-28 23:22 ` [PATCH 13/50] target/i386: Assert LMA " Richard Henderson
@ 2021-02-28 23:22 ` Richard Henderson
2021-02-28 23:22 ` [PATCH 15/50] target/i386: Introduce REX_PREFIX Richard Henderson
` (36 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:22 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
LMA disables traditional segmentation, exposing a flat address space.
This means that ADDSEG is off.
Since we're adding an accessor macro, pull the value directly out
of flags otherwise.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index c8728397d0..33da97d0a6 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -108,7 +108,6 @@ typedef struct DisasContext {
#ifdef TARGET_X86_64
bool x86_64_hregs;
#endif
- int addseg; /* non zero if either DS/ES/SS have a non zero base */
int f_st; /* currently unused */
int tf; /* TF cpu flag */
int jmp_opt; /* use direct block chaining for direct jumps */
@@ -156,10 +155,12 @@ typedef struct DisasContext {
#define VM86(S) false
#define CODE32(S) true
#define SS32(S) true
+#define ADDSEG(S) false
#else
#define VM86(S) (((S)->flags & HF_VM_MASK) != 0)
#define CODE32(S) (((S)->flags & HF_CS32_MASK) != 0)
#define SS32(S) (((S)->flags & HF_SS32_MASK) != 0)
+#define ADDSEG(S) (((S)->flags & HF_ADDSEG_MASK) != 0)
#endif
#if !defined(TARGET_X86_64)
#define CODE64(S) false
@@ -492,7 +493,7 @@ static void gen_lea_v_seg(DisasContext *s, MemOp aflag, TCGv a0,
#endif
case MO_32:
/* 32 bit address */
- if (ovr_seg < 0 && s->addseg) {
+ if (ovr_seg < 0 && ADDSEG(s)) {
ovr_seg = def_seg;
}
if (ovr_seg < 0) {
@@ -505,7 +506,7 @@ static void gen_lea_v_seg(DisasContext *s, MemOp aflag, TCGv a0,
tcg_gen_ext16u_tl(s->A0, a0);
a0 = s->A0;
if (ovr_seg < 0) {
- if (s->addseg) {
+ if (ADDSEG(s)) {
ovr_seg = def_seg;
} else {
return;
@@ -2429,7 +2430,7 @@ static void gen_push_v(DisasContext *s, TCGv val)
tcg_gen_subi_tl(s->A0, cpu_regs[R_ESP], size);
if (!CODE64(s)) {
- if (s->addseg) {
+ if (ADDSEG(s)) {
new_esp = s->tmp4;
tcg_gen_mov_tl(new_esp, s->A0);
}
@@ -8500,8 +8501,8 @@ static void i386_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cpu)
g_assert(CODE64(dc) == ((flags & HF_CS64_MASK) != 0));
g_assert(SS32(dc) == ((flags & HF_SS32_MASK) != 0));
g_assert(LMA(dc) == ((flags & HF_LMA_MASK) != 0));
+ g_assert(ADDSEG(dc) == ((flags & HF_ADDSEG_MASK) != 0));
- dc->addseg = (flags >> HF_ADDSEG_SHIFT) & 1;
dc->f_st = 0;
dc->tf = (flags >> TF_SHIFT) & 1;
dc->cc_op = CC_OP_DYNAMIC;
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 15/50] target/i386: Introduce REX_PREFIX
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (13 preceding siblings ...)
2021-02-28 23:22 ` [PATCH 14/50] target/i386: Assert !ADDSEG " Richard Henderson
@ 2021-02-28 23:22 ` Richard Henderson
2021-02-28 23:22 ` [PATCH 16/50] target/i386: Tidy REX_B, REX_X definition Richard Henderson
` (35 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:22 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
The existing flag, x86_64_hregs, does not accurately describe
its setting. It is true if and only if a REX prefix has been
seen. Yes, that affects the "h" regs, but that's secondary.
Add PREFIX_REX and include this bit in s->prefix. Add REX_PREFIX
so that the check folds away when x86_64 is compiled out.
Fold away the reg >= 8 check, because bit 3 of the register
number comes from the REX prefix in the first place.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 29 +++++++++++------------------
1 file changed, 11 insertions(+), 18 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 33da97d0a6..31b128d4fe 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -39,6 +39,7 @@
#define PREFIX_DATA 0x08
#define PREFIX_ADR 0x10
#define PREFIX_VEX 0x20
+#define PREFIX_REX 0x40
#ifdef TARGET_X86_64
#define REX_X(s) ((s)->rex_x)
@@ -105,9 +106,6 @@ typedef struct DisasContext {
int vex_v; /* vex vvvv register, without 1's complement. */
CCOp cc_op; /* current CC operation */
bool cc_op_dirty;
-#ifdef TARGET_X86_64
- bool x86_64_hregs;
-#endif
int f_st; /* currently unused */
int tf; /* TF cpu flag */
int jmp_opt; /* use direct block chaining for direct jumps */
@@ -173,6 +171,12 @@ typedef struct DisasContext {
#define LMA(S) (((S)->flags & HF_LMA_MASK) != 0)
#endif
+#ifdef TARGET_X86_64
+#define REX_PREFIX(S) (((S)->prefix & PREFIX_REX) != 0)
+#else
+#define REX_PREFIX(S) false
+#endif
+
static void gen_eob(DisasContext *s);
static void gen_jr(DisasContext *s, TCGv dest);
static void gen_jmp(DisasContext *s, target_ulong eip);
@@ -336,14 +340,10 @@ static void gen_update_cc_op(DisasContext *s)
*/
static inline bool byte_reg_is_xH(DisasContext *s, int reg)
{
- if (reg < 4) {
+ /* Any time the REX prefix is present, byte registers are uniform */
+ if (reg < 4 || REX_PREFIX(s)) {
return false;
}
-#ifdef TARGET_X86_64
- if (reg >= 8 || s->x86_64_hregs) {
- return false;
- }
-#endif
return true;
}
@@ -4559,7 +4559,6 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
#ifdef TARGET_X86_64
s->rex_x = 0;
s->rex_b = 0;
- s->x86_64_hregs = false;
#endif
s->rip_offset = 0; /* for relative ip address */
s->vex_l = 0;
@@ -4614,12 +4613,11 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0x40 ... 0x4f:
if (CODE64(s)) {
/* REX prefix */
+ prefixes |= PREFIX_REX;
rex_w = (b >> 3) & 1;
rex_r = (b & 0x4) << 1;
s->rex_x = (b & 0x2) << 2;
REX_B(s) = (b & 0x1) << 3;
- /* select uniform byte register addressing */
- s->x86_64_hregs = true;
goto next_byte;
}
break;
@@ -4643,14 +4641,9 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
/* 4.1.1-4.1.3: No preceding lock, 66, f2, f3, or rex prefixes. */
if (prefixes & (PREFIX_REPZ | PREFIX_REPNZ
- | PREFIX_LOCK | PREFIX_DATA)) {
+ | PREFIX_LOCK | PREFIX_DATA | PREFIX_REX)) {
goto illegal_op;
}
-#ifdef TARGET_X86_64
- if (s->x86_64_hregs) {
- goto illegal_op;
- }
-#endif
rex_r = (~vex2 >> 4) & 8;
if (b == 0xc5) {
/* 2-byte VEX prefix: RVVVVlpp, implied 0f leading opcode byte */
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 16/50] target/i386: Tidy REX_B, REX_X definition
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (14 preceding siblings ...)
2021-02-28 23:22 ` [PATCH 15/50] target/i386: Introduce REX_PREFIX Richard Henderson
@ 2021-02-28 23:22 ` Richard Henderson
2021-02-28 23:22 ` [PATCH 17/50] target/i386: Move rex_r into DisasContext Richard Henderson
` (34 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:22 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
Change the storage from int to uint8_t since the value is in {0,8}.
For x86_64 add 0 in the macros to (1) promote the type back to int,
and (2) make the macro an rvalue.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 17 +++++++----------
1 file changed, 7 insertions(+), 10 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 31b128d4fe..605b80229a 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -41,14 +41,6 @@
#define PREFIX_VEX 0x20
#define PREFIX_REX 0x40
-#ifdef TARGET_X86_64
-#define REX_X(s) ((s)->rex_x)
-#define REX_B(s) ((s)->rex_b)
-#else
-#define REX_X(s) 0
-#define REX_B(s) 0
-#endif
-
#ifdef TARGET_X86_64
# define ctztl ctz64
# define clztl clz64
@@ -100,7 +92,8 @@ typedef struct DisasContext {
#endif
#ifdef TARGET_X86_64
- int rex_x, rex_b;
+ uint8_t rex_x;
+ uint8_t rex_b;
#endif
int vex_l; /* vex vector length */
int vex_v; /* vex vvvv register, without 1's complement. */
@@ -173,8 +166,12 @@ typedef struct DisasContext {
#ifdef TARGET_X86_64
#define REX_PREFIX(S) (((S)->prefix & PREFIX_REX) != 0)
+#define REX_X(S) ((S)->rex_x + 0)
+#define REX_B(S) ((S)->rex_b + 0)
#else
#define REX_PREFIX(S) false
+#define REX_X(S) 0
+#define REX_B(S) 0
#endif
static void gen_eob(DisasContext *s);
@@ -4617,7 +4614,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
rex_w = (b >> 3) & 1;
rex_r = (b & 0x4) << 1;
s->rex_x = (b & 0x2) << 2;
- REX_B(s) = (b & 0x1) << 3;
+ s->rex_b = (b & 0x1) << 3;
goto next_byte;
}
break;
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 17/50] target/i386: Move rex_r into DisasContext
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (15 preceding siblings ...)
2021-02-28 23:22 ` [PATCH 16/50] target/i386: Tidy REX_B, REX_X definition Richard Henderson
@ 2021-02-28 23:22 ` Richard Henderson
2021-02-28 23:22 ` [PATCH 18/50] target/i386: Move rex_w " Richard Henderson
` (33 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:22 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
Treat this flag exactly like we treat rex_b and rex_x.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 84 ++++++++++++++++++++-----------------
1 file changed, 45 insertions(+), 39 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 605b80229a..aa10d0ba99 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -92,6 +92,7 @@ typedef struct DisasContext {
#endif
#ifdef TARGET_X86_64
+ uint8_t rex_r;
uint8_t rex_x;
uint8_t rex_b;
#endif
@@ -166,10 +167,12 @@ typedef struct DisasContext {
#ifdef TARGET_X86_64
#define REX_PREFIX(S) (((S)->prefix & PREFIX_REX) != 0)
+#define REX_R(S) ((S)->rex_r + 0)
#define REX_X(S) ((S)->rex_x + 0)
#define REX_B(S) ((S)->rex_b + 0)
#else
#define REX_PREFIX(S) false
+#define REX_R(S) 0
#define REX_X(S) 0
#define REX_B(S) 0
#endif
@@ -3094,7 +3097,7 @@ static const struct SSEOpHelper_eppi sse_op_table7[256] = {
};
static void gen_sse(CPUX86State *env, DisasContext *s, int b,
- target_ulong pc_start, int rex_r)
+ target_ulong pc_start)
{
int b1, op1_offset, op2_offset, is_xmm, val;
int modrm, mod, rm, reg;
@@ -3164,8 +3167,9 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
modrm = x86_ldub_code(env, s);
reg = ((modrm >> 3) & 7);
- if (is_xmm)
- reg |= rex_r;
+ if (is_xmm) {
+ reg |= REX_R(s);
+ }
mod = (modrm >> 6) & 3;
if (sse_fn_epp == SSE_SPECIAL) {
b |= (b1 << 8);
@@ -3699,7 +3703,7 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
tcg_gen_ld16u_tl(s->T0, cpu_env,
offsetof(CPUX86State,fpregs[rm].mmx.MMX_W(val)));
}
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
gen_op_mov_reg_v(s, ot, reg, s->T0);
break;
case 0x1d6: /* movq ea, xmm */
@@ -3743,7 +3747,7 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
offsetof(CPUX86State, fpregs[rm].mmx));
gen_helper_pmovmskb_mmx(s->tmp2_i32, cpu_env, s->ptr0);
}
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
tcg_gen_extu_i32_tl(cpu_regs[reg], s->tmp2_i32);
break;
@@ -3755,7 +3759,7 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
}
modrm = x86_ldub_code(env, s);
rm = modrm & 7;
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
mod = (modrm >> 6) & 3;
if (b1 >= 2) {
goto unknown_op;
@@ -3831,7 +3835,7 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
/* Various integer extensions at 0f 38 f[0-f]. */
b = modrm | (b1 << 8);
modrm = x86_ldub_code(env, s);
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
switch (b) {
case 0x3f0: /* crc32 Gd,Eb */
@@ -4185,7 +4189,7 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
b = modrm;
modrm = x86_ldub_code(env, s);
rm = modrm & 7;
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
mod = (modrm >> 6) & 3;
if (b1 >= 2) {
goto unknown_op;
@@ -4205,7 +4209,7 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
rm = (modrm & 7) | REX_B(s);
if (mod != 3)
gen_lea_modrm(env, s, modrm);
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
val = x86_ldub_code(env, s);
switch (b) {
case 0x14: /* pextrb */
@@ -4374,7 +4378,7 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
/* Various integer extensions at 0f 3a f[0-f]. */
b = modrm | (b1 << 8);
modrm = x86_ldub_code(env, s);
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
switch (b) {
case 0x3f0: /* rorx Gy,Ey, Ib */
@@ -4548,12 +4552,13 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
MemOp ot, aflag, dflag;
int modrm, reg, rm, mod, op, opreg, val;
target_ulong next_eip, tval;
- int rex_w, rex_r;
+ int rex_w;
target_ulong pc_start = s->base.pc_next;
s->pc_start = s->pc = pc_start;
s->override = -1;
#ifdef TARGET_X86_64
+ s->rex_r = 0;
s->rex_x = 0;
s->rex_b = 0;
#endif
@@ -4567,7 +4572,6 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
prefixes = 0;
rex_w = -1;
- rex_r = 0;
next_byte:
b = x86_ldub_code(env, s);
@@ -4612,7 +4616,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
/* REX prefix */
prefixes |= PREFIX_REX;
rex_w = (b >> 3) & 1;
- rex_r = (b & 0x4) << 1;
+ s->rex_r = (b & 0x4) << 1;
s->rex_x = (b & 0x2) << 2;
s->rex_b = (b & 0x1) << 3;
goto next_byte;
@@ -4641,7 +4645,9 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
| PREFIX_LOCK | PREFIX_DATA | PREFIX_REX)) {
goto illegal_op;
}
- rex_r = (~vex2 >> 4) & 8;
+#ifdef TARGET_X86_64
+ s->rex_r = (~vex2 >> 4) & 8;
+#endif
if (b == 0xc5) {
/* 2-byte VEX prefix: RVVVVlpp, implied 0f leading opcode byte */
vex3 = vex2;
@@ -4731,7 +4737,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
switch(f) {
case 0: /* OP Ev, Gv */
modrm = x86_ldub_code(env, s);
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
mod = (modrm >> 6) & 3;
rm = (modrm & 7) | REX_B(s);
if (mod != 3) {
@@ -4753,7 +4759,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 1: /* OP Gv, Ev */
modrm = x86_ldub_code(env, s);
mod = (modrm >> 6) & 3;
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
rm = (modrm & 7) | REX_B(s);
if (mod != 3) {
gen_lea_modrm(env, s, modrm);
@@ -5173,7 +5179,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
ot = mo_b_d(b, dflag);
modrm = x86_ldub_code(env, s);
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 0);
gen_op_mov_v_reg(s, ot, s->T1, reg);
@@ -5245,7 +5251,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0x6b:
ot = dflag;
modrm = x86_ldub_code(env, s);
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
if (b == 0x69)
s->rip_offset = insn_const_size(ot);
else if (b == 0x6b)
@@ -5297,7 +5303,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0x1c1: /* xadd Ev, Gv */
ot = mo_b_d(b, dflag);
modrm = x86_ldub_code(env, s);
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
mod = (modrm >> 6) & 3;
gen_op_mov_v_reg(s, ot, s->T0, reg);
if (mod == 3) {
@@ -5329,7 +5335,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
ot = mo_b_d(b, dflag);
modrm = x86_ldub_code(env, s);
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
mod = (modrm >> 6) & 3;
oldv = tcg_temp_new();
newv = tcg_temp_new();
@@ -5551,7 +5557,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0x89: /* mov Gv, Ev */
ot = mo_b_d(b, dflag);
modrm = x86_ldub_code(env, s);
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
/* generate a generic store */
gen_ldst_modrm(env, s, modrm, ot, reg, 1);
@@ -5577,7 +5583,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0x8b: /* mov Ev, Gv */
ot = mo_b_d(b, dflag);
modrm = x86_ldub_code(env, s);
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 0);
gen_op_mov_reg_v(s, ot, reg, s->T0);
@@ -5627,7 +5633,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
s_ot = b & 8 ? MO_SIGN | ot : ot;
modrm = x86_ldub_code(env, s);
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
mod = (modrm >> 6) & 3;
rm = (modrm & 7) | REX_B(s);
@@ -5666,7 +5672,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
mod = (modrm >> 6) & 3;
if (mod == 3)
goto illegal_op;
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
{
AddressParts a = gen_lea_modrm_0(env, s, modrm);
TCGv ea = gen_lea_modrm_1(s, a);
@@ -5748,7 +5754,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0x87: /* xchg Ev, Gv */
ot = mo_b_d(b, dflag);
modrm = x86_ldub_code(env, s);
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
mod = (modrm >> 6) & 3;
if (mod == 3) {
rm = (modrm & 7) | REX_B(s);
@@ -5785,7 +5791,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
do_lxx:
ot = dflag != MO_16 ? MO_32 : MO_16;
modrm = x86_ldub_code(env, s);
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
mod = (modrm >> 6) & 3;
if (mod == 3)
goto illegal_op;
@@ -5868,7 +5874,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
modrm = x86_ldub_code(env, s);
mod = (modrm >> 6) & 3;
rm = (modrm & 7) | REX_B(s);
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
if (mod != 3) {
gen_lea_modrm(env, s, modrm);
opreg = OR_TMP0;
@@ -6722,7 +6728,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
}
ot = dflag;
modrm = x86_ldub_code(env, s);
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
gen_cmovcc1(env, s, ot, b, modrm, reg);
break;
@@ -6868,7 +6874,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
do_btx:
ot = dflag;
modrm = x86_ldub_code(env, s);
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
mod = (modrm >> 6) & 3;
rm = (modrm & 7) | REX_B(s);
gen_op_mov_v_reg(s, MO_32, s->T1, reg);
@@ -6973,7 +6979,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0x1bd: /* bsr / lzcnt */
ot = dflag;
modrm = x86_ldub_code(env, s);
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 0);
gen_extu(ot, s->T0);
@@ -7700,7 +7706,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
d_ot = dflag;
modrm = x86_ldub_code(env, s);
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
mod = (modrm >> 6) & 3;
rm = (modrm & 7) | REX_B(s);
@@ -7774,7 +7780,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
goto illegal_op;
ot = dflag != MO_16 ? MO_32 : MO_16;
modrm = x86_ldub_code(env, s);
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
gen_ldst_modrm(env, s, modrm, MO_16, OR_TMP0, 0);
t0 = tcg_temp_local_new();
gen_update_cc_op(s);
@@ -7815,7 +7821,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
modrm = x86_ldub_code(env, s);
if (s->flags & HF_MPX_EN_MASK) {
mod = (modrm >> 6) & 3;
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
if (prefixes & PREFIX_REPZ) {
/* bndcl */
if (reg >= 4
@@ -7905,7 +7911,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
modrm = x86_ldub_code(env, s);
if (s->flags & HF_MPX_EN_MASK) {
mod = (modrm >> 6) & 3;
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
if (mod != 3 && (prefixes & PREFIX_REPZ)) {
/* bndmk */
if (reg >= 4
@@ -8017,7 +8023,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
* are assumed to be 1's, regardless of actual values.
*/
rm = (modrm & 7) | REX_B(s);
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
if (CODE64(s))
ot = MO_64;
else
@@ -8070,7 +8076,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
* are assumed to be 1's, regardless of actual values.
*/
rm = (modrm & 7) | REX_B(s);
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
if (CODE64(s))
ot = MO_64;
else
@@ -8112,7 +8118,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
mod = (modrm >> 6) & 3;
if (mod == 3)
goto illegal_op;
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
/* generate a generic store */
gen_ldst_modrm(env, s, modrm, ot, reg, 1);
break;
@@ -8344,7 +8350,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
goto illegal_op;
modrm = x86_ldub_code(env, s);
- reg = ((modrm >> 3) & 7) | rex_r;
+ reg = ((modrm >> 3) & 7) | REX_R(s);
if (s->prefix & PREFIX_DATA) {
ot = MO_16;
@@ -8372,7 +8378,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0x1c2:
case 0x1c4 ... 0x1c6:
case 0x1d0 ... 0x1fe:
- gen_sse(env, s, b, pc_start, rex_r);
+ gen_sse(env, s, b, pc_start);
break;
default:
goto unknown_op;
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 18/50] target/i386: Move rex_w into DisasContext
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (16 preceding siblings ...)
2021-02-28 23:22 ` [PATCH 17/50] target/i386: Move rex_r into DisasContext Richard Henderson
@ 2021-02-28 23:22 ` Richard Henderson
2021-02-28 23:22 ` [PATCH 19/50] target/i386: Remove DisasContext.f_st as unused Richard Henderson
` (32 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:22 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
Treat this flag exactly like we treat the other rex bits.
The -1 initialization is unused; the two tests are > 0 and == 1,
so the value can be reduced to a bool.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 16 +++++++++-------
1 file changed, 9 insertions(+), 7 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index aa10d0ba99..deb1e43430 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -95,6 +95,7 @@ typedef struct DisasContext {
uint8_t rex_r;
uint8_t rex_x;
uint8_t rex_b;
+ bool rex_w;
#endif
int vex_l; /* vex vector length */
int vex_v; /* vex vvvv register, without 1's complement. */
@@ -167,11 +168,13 @@ typedef struct DisasContext {
#ifdef TARGET_X86_64
#define REX_PREFIX(S) (((S)->prefix & PREFIX_REX) != 0)
+#define REX_W(S) ((S)->rex_w)
#define REX_R(S) ((S)->rex_r + 0)
#define REX_X(S) ((S)->rex_x + 0)
#define REX_B(S) ((S)->rex_b + 0)
#else
#define REX_PREFIX(S) false
+#define REX_W(S) false
#define REX_R(S) 0
#define REX_X(S) 0
#define REX_B(S) 0
@@ -4552,12 +4555,12 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
MemOp ot, aflag, dflag;
int modrm, reg, rm, mod, op, opreg, val;
target_ulong next_eip, tval;
- int rex_w;
target_ulong pc_start = s->base.pc_next;
s->pc_start = s->pc = pc_start;
s->override = -1;
#ifdef TARGET_X86_64
+ s->rex_w = false;
s->rex_r = 0;
s->rex_x = 0;
s->rex_b = 0;
@@ -4571,7 +4574,6 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
}
prefixes = 0;
- rex_w = -1;
next_byte:
b = x86_ldub_code(env, s);
@@ -4615,7 +4617,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
if (CODE64(s)) {
/* REX prefix */
prefixes |= PREFIX_REX;
- rex_w = (b >> 3) & 1;
+ s->rex_w = (b >> 3) & 1;
s->rex_r = (b & 0x4) << 1;
s->rex_x = (b & 0x2) << 2;
s->rex_b = (b & 0x1) << 3;
@@ -4654,12 +4656,12 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
b = x86_ldub_code(env, s) | 0x100;
} else {
/* 3-byte VEX prefix: RXBmmmmm wVVVVlpp */
+ vex3 = x86_ldub_code(env, s);
#ifdef TARGET_X86_64
s->rex_x = (~vex2 >> 3) & 8;
s->rex_b = (~vex2 >> 2) & 8;
+ s->rex_w = (vex3 >> 7) & 1;
#endif
- vex3 = x86_ldub_code(env, s);
- rex_w = (vex3 >> 7) & 1;
switch (vex2 & 0x1f) {
case 0x01: /* Implied 0f leading opcode bytes. */
b = x86_ldub_code(env, s) | 0x100;
@@ -4686,7 +4688,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
/* In 64-bit mode, the default data size is 32-bit. Select 64-bit
data with rex_w, and 16-bit data with 0x66; rex_w takes precedence
over 0x66 if both are present. */
- dflag = (rex_w > 0 ? MO_64 : prefixes & PREFIX_DATA ? MO_16 : MO_32);
+ dflag = (REX_W(s) ? MO_64 : prefixes & PREFIX_DATA ? MO_16 : MO_32);
/* In 64-bit mode, 0x67 selects 32-bit addressing. */
aflag = (prefixes & PREFIX_ADR ? MO_32 : MO_64);
} else {
@@ -5082,7 +5084,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
/* operand size for jumps is 64 bit */
ot = MO_64;
} else if (op == 3 || op == 5) {
- ot = dflag != MO_16 ? MO_32 + (rex_w == 1) : MO_16;
+ ot = dflag != MO_16 ? MO_32 + REX_W(s) : MO_16;
} else if (op == 6) {
/* default push size is 64 bit */
ot = mo_pushpop(s, dflag);
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 19/50] target/i386: Remove DisasContext.f_st as unused
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (17 preceding siblings ...)
2021-02-28 23:22 ` [PATCH 18/50] target/i386: Move rex_w " Richard Henderson
@ 2021-02-28 23:22 ` Richard Henderson
2021-02-28 23:22 ` [PATCH 20/50] target/i386: Reduce DisasContext.flags to uint32_t Richard Henderson
` (31 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:22 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index deb1e43430..f4af92886f 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -101,7 +101,6 @@ typedef struct DisasContext {
int vex_v; /* vex vvvv register, without 1's complement. */
CCOp cc_op; /* current CC operation */
bool cc_op_dirty;
- int f_st; /* currently unused */
int tf; /* TF cpu flag */
int jmp_opt; /* use direct block chaining for direct jumps */
int repz_opt; /* optimize jumps within repz instructions */
@@ -8501,7 +8500,6 @@ static void i386_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cpu)
g_assert(LMA(dc) == ((flags & HF_LMA_MASK) != 0));
g_assert(ADDSEG(dc) == ((flags & HF_ADDSEG_MASK) != 0));
- dc->f_st = 0;
dc->tf = (flags >> TF_SHIFT) & 1;
dc->cc_op = CC_OP_DYNAMIC;
dc->cc_op_dirty = false;
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 20/50] target/i386: Reduce DisasContext.flags to uint32_t
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (18 preceding siblings ...)
2021-02-28 23:22 ` [PATCH 19/50] target/i386: Remove DisasContext.f_st as unused Richard Henderson
@ 2021-02-28 23:22 ` Richard Henderson
2021-02-28 23:22 ` [PATCH 21/50] target/i386: Reduce DisasContext.override to int8_t Richard Henderson
` (30 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:22 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
The value comes from tb->flags, which is uint32_t.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index f4af92886f..39af69585f 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -105,7 +105,7 @@ typedef struct DisasContext {
int jmp_opt; /* use direct block chaining for direct jumps */
int repz_opt; /* optimize jumps within repz instructions */
int mem_index; /* select memory access functions */
- uint64_t flags; /* all execution flags */
+ uint32_t flags; /* all execution flags */
int popl_esp_hack; /* for correct popl with esp base handling */
int rip_offset; /* only used in x86_64, but left for simplicity */
int cpuid_features;
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 21/50] target/i386: Reduce DisasContext.override to int8_t
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (19 preceding siblings ...)
2021-02-28 23:22 ` [PATCH 20/50] target/i386: Reduce DisasContext.flags to uint32_t Richard Henderson
@ 2021-02-28 23:22 ` Richard Henderson
2021-02-28 23:22 ` [PATCH 22/50] target/i386: Reduce DisasContext.prefix to uint8_t Richard Henderson
` (29 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:22 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
The range of values is -1 (none) to 5 (R_GS).
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 39af69585f..19c2034344 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -77,7 +77,7 @@ typedef struct DisasContext {
DisasContextBase base;
/* current insn context */
- int override; /* -1 if no override */
+ int8_t override; /* -1 if no override, else R_CS, R_DS, etc */
int prefix;
MemOp aflag;
MemOp dflag;
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 22/50] target/i386: Reduce DisasContext.prefix to uint8_t
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (20 preceding siblings ...)
2021-02-28 23:22 ` [PATCH 21/50] target/i386: Reduce DisasContext.override to int8_t Richard Henderson
@ 2021-02-28 23:22 ` Richard Henderson
2021-02-28 23:22 ` [PATCH 23/50] target/i386: Reduce DisasContext.vex_[lv] " Richard Henderson
` (28 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:22 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
The highest bit in this set is 0x40 (PREFIX_REX).
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 19c2034344..79f987b2cf 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -78,7 +78,7 @@ typedef struct DisasContext {
/* current insn context */
int8_t override; /* -1 if no override, else R_CS, R_DS, etc */
- int prefix;
+ uint8_t prefix;
MemOp aflag;
MemOp dflag;
target_ulong pc_start;
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 23/50] target/i386: Reduce DisasContext.vex_[lv] to uint8_t
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (21 preceding siblings ...)
2021-02-28 23:22 ` [PATCH 22/50] target/i386: Reduce DisasContext.prefix to uint8_t Richard Henderson
@ 2021-02-28 23:22 ` Richard Henderson
2021-03-01 7:51 ` Philippe Mathieu-Daudé
2021-02-28 23:22 ` [PATCH 24/50] target/i386: Reduce DisasContext popl_esp_hack and rip_offset " Richard Henderson
` (27 subsequent siblings)
50 siblings, 1 reply; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:22 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
Currently, vex_l is either {0,1}; if in the future we implement
AVX-512, the max value will be 2. In vex_v we store a register
number. This is 0-15 for SSE, and 0-31 for AVX-512.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 79f987b2cf..3b7660a019 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -97,8 +97,8 @@ typedef struct DisasContext {
uint8_t rex_b;
bool rex_w;
#endif
- int vex_l; /* vex vector length */
- int vex_v; /* vex vvvv register, without 1's complement. */
+ uint8_t vex_l; /* vex vector length */
+ uint8_t vex_v; /* vex vvvv register, without 1's complement. */
CCOp cc_op; /* current CC operation */
bool cc_op_dirty;
int tf; /* TF cpu flag */
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 24/50] target/i386: Reduce DisasContext popl_esp_hack and rip_offset to uint8_t
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (22 preceding siblings ...)
2021-02-28 23:22 ` [PATCH 23/50] target/i386: Reduce DisasContext.vex_[lv] " Richard Henderson
@ 2021-02-28 23:22 ` Richard Henderson
2021-02-28 23:22 ` [PATCH 25/50] target/i386: Leave TF in DisasContext.flags Richard Henderson
` (26 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:22 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
Both of these fields store the size of a single memory access,
so the range of values is 0-8.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 3b7660a019..9004f83c52 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -106,8 +106,8 @@ typedef struct DisasContext {
int repz_opt; /* optimize jumps within repz instructions */
int mem_index; /* select memory access functions */
uint32_t flags; /* all execution flags */
- int popl_esp_hack; /* for correct popl with esp base handling */
- int rip_offset; /* only used in x86_64, but left for simplicity */
+ uint8_t popl_esp_hack; /* for correct popl with esp base handling */
+ uint8_t rip_offset; /* only used in x86_64, but left for simplicity */
int cpuid_features;
int cpuid_ext_features;
int cpuid_ext2_features;
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 25/50] target/i386: Leave TF in DisasContext.flags
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (23 preceding siblings ...)
2021-02-28 23:22 ` [PATCH 24/50] target/i386: Reduce DisasContext popl_esp_hack and rip_offset " Richard Henderson
@ 2021-02-28 23:22 ` Richard Henderson
2021-02-28 23:22 ` [PATCH 26/50] target/i386: Reduce DisasContext jmp_opt, repz_opt to bool Richard Henderson
` (25 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:22 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
It's just as easy to clear the flag with AND than assignment.
In two cases the test for the bit can be folded together with
the test for HF_INHIBIT_IRQ_MASK.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 14 ++++++--------
1 file changed, 6 insertions(+), 8 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 9004f83c52..92669bc142 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -101,7 +101,6 @@ typedef struct DisasContext {
uint8_t vex_v; /* vex vvvv register, without 1's complement. */
CCOp cc_op; /* current CC operation */
bool cc_op_dirty;
- int tf; /* TF cpu flag */
int jmp_opt; /* use direct block chaining for direct jumps */
int repz_opt; /* optimize jumps within repz instructions */
int mem_index; /* select memory access functions */
@@ -2656,7 +2655,7 @@ do_gen_eob_worker(DisasContext *s, bool inhibit, bool recheck_tf, bool jr)
} else if (recheck_tf) {
gen_helper_rechecking_single_step(cpu_env);
tcg_gen_exit_tb(NULL, 0);
- } else if (s->tf) {
+ } else if (s->flags & HF_TF_MASK) {
gen_helper_single_step(cpu_env);
} else if (jr) {
tcg_gen_lookup_and_goto_ptr();
@@ -5534,7 +5533,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
if (s->base.is_jmp) {
gen_jmp_im(s, s->pc - s->cs_base);
if (reg == R_SS) {
- s->tf = 0;
+ s->flags &= ~HF_TF_MASK;
gen_eob_inhibit_irq(s, true);
} else {
gen_eob(s);
@@ -5600,7 +5599,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
if (s->base.is_jmp) {
gen_jmp_im(s, s->pc - s->cs_base);
if (reg == R_SS) {
- s->tf = 0;
+ s->flags &= ~HF_TF_MASK;
gen_eob_inhibit_irq(s, true);
} else {
gen_eob(s);
@@ -8500,7 +8499,6 @@ static void i386_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cpu)
g_assert(LMA(dc) == ((flags & HF_LMA_MASK) != 0));
g_assert(ADDSEG(dc) == ((flags & HF_ADDSEG_MASK) != 0));
- dc->tf = (flags >> TF_SHIFT) & 1;
dc->cc_op = CC_OP_DYNAMIC;
dc->cc_op_dirty = false;
dc->popl_esp_hack = 0;
@@ -8515,8 +8513,8 @@ static void i386_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cpu)
dc->cpuid_ext3_features = env->features[FEAT_8000_0001_ECX];
dc->cpuid_7_0_ebx_features = env->features[FEAT_7_0_EBX];
dc->cpuid_xsave_features = env->features[FEAT_XSAVE];
- dc->jmp_opt = !(dc->tf || dc->base.singlestep_enabled ||
- (flags & HF_INHIBIT_IRQ_MASK));
+ dc->jmp_opt = !(dc->base.singlestep_enabled ||
+ (flags & (HF_TF_MASK | HF_INHIBIT_IRQ_MASK)));
/* Do not optimize repz jumps at all in icount mode, because
rep movsS instructions are execured with different paths
in !repz_opt and repz_opt modes. The first one was used
@@ -8591,7 +8589,7 @@ static void i386_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu)
pc_next = disas_insn(dc, cpu);
- if (dc->tf || (dc->base.tb->flags & HF_INHIBIT_IRQ_MASK)) {
+ if (dc->flags & (HF_TF_MASK | HF_INHIBIT_IRQ_MASK)) {
/* if single step mode, we generate only one instruction and
generate an exception */
/* if irq were inhibited with HF_INHIBIT_IRQ_MASK, we clear
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 26/50] target/i386: Reduce DisasContext jmp_opt, repz_opt to bool
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (24 preceding siblings ...)
2021-02-28 23:22 ` [PATCH 25/50] target/i386: Leave TF in DisasContext.flags Richard Henderson
@ 2021-02-28 23:22 ` Richard Henderson
2021-02-28 23:22 ` [PATCH 27/50] target/i386: Fix the comment for repz_opt Richard Henderson
` (24 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:22 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 92669bc142..6877873bee 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -101,8 +101,8 @@ typedef struct DisasContext {
uint8_t vex_v; /* vex vvvv register, without 1's complement. */
CCOp cc_op; /* current CC operation */
bool cc_op_dirty;
- int jmp_opt; /* use direct block chaining for direct jumps */
- int repz_opt; /* optimize jumps within repz instructions */
+ bool jmp_opt; /* use direct block chaining for direct jumps */
+ bool repz_opt; /* optimize jumps within repz instructions */
int mem_index; /* select memory access functions */
uint32_t flags; /* all execution flags */
uint8_t popl_esp_hack; /* for correct popl with esp base handling */
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 27/50] target/i386: Fix the comment for repz_opt
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (25 preceding siblings ...)
2021-02-28 23:22 ` [PATCH 26/50] target/i386: Reduce DisasContext jmp_opt, repz_opt to bool Richard Henderson
@ 2021-02-28 23:22 ` Richard Henderson
2021-02-28 23:22 ` [PATCH 28/50] target/i386: Reorder DisasContext members Richard Henderson
` (23 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:22 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
After fixing a typo in the comment, fixup for CODING_STYLE.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 19 ++++++++++---------
1 file changed, 10 insertions(+), 9 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 6877873bee..36dee5c0c7 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -8515,15 +8515,16 @@ static void i386_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cpu)
dc->cpuid_xsave_features = env->features[FEAT_XSAVE];
dc->jmp_opt = !(dc->base.singlestep_enabled ||
(flags & (HF_TF_MASK | HF_INHIBIT_IRQ_MASK)));
- /* Do not optimize repz jumps at all in icount mode, because
- rep movsS instructions are execured with different paths
- in !repz_opt and repz_opt modes. The first one was used
- always except single step mode. And this setting
- disables jumps optimization and control paths become
- equivalent in run and single step modes.
- Now there will be no jump optimization for repz in
- record/replay modes and there will always be an
- additional step for ecx=0 when icount is enabled.
+ /*
+ * Do not optimize repz jumps at all in icount mode, because
+ * rep movsS instructions are executed with different paths
+ * in !repz_opt and repz_opt modes. The first one was used
+ * always except single step mode. And this setting
+ * disables jumps optimization and control paths become
+ * equivalent in run and single step modes.
+ * Now there will be no jump optimization for repz in
+ * record/replay modes and there will always be an
+ * additional step for ecx=0 when icount is enabled.
*/
dc->repz_opt = !dc->jmp_opt && !(tb_cflags(dc->base.tb) & CF_USE_ICOUNT);
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 28/50] target/i386: Reorder DisasContext members
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (26 preceding siblings ...)
2021-02-28 23:22 ` [PATCH 27/50] target/i386: Fix the comment for repz_opt Richard Henderson
@ 2021-02-28 23:22 ` Richard Henderson
2021-02-28 23:23 ` [PATCH 29/50] target/i386: Add stub generator for helper_set_dr Richard Henderson
` (22 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:22 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
Sort all of the single-byte members to the same area
of the structure, eliminating 8 bytes of padding.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 27 ++++++++++++++-------------
1 file changed, 14 insertions(+), 13 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 36dee5c0c7..f0bc2df98c 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -76,20 +76,24 @@ static TCGv_i64 cpu_bndu[4];
typedef struct DisasContext {
DisasContextBase base;
- /* current insn context */
- int8_t override; /* -1 if no override, else R_CS, R_DS, etc */
- uint8_t prefix;
+ target_ulong pc; /* pc = eip + cs_base */
+ target_ulong pc_start; /* pc at TB entry */
+ target_ulong cs_base; /* base of CS segment */
+
MemOp aflag;
MemOp dflag;
- target_ulong pc_start;
- target_ulong pc; /* pc = eip + cs_base */
- /* current block context */
- target_ulong cs_base; /* base of CS segment */
+
+ int8_t override; /* -1 if no override, else R_CS, R_DS, etc */
+ uint8_t prefix;
#ifndef CONFIG_USER_ONLY
uint8_t cpl; /* code priv level */
uint8_t iopl; /* i/o priv level */
#endif
+ uint8_t vex_l; /* vex vector length */
+ uint8_t vex_v; /* vex vvvv register, without 1's complement. */
+ uint8_t popl_esp_hack; /* for correct popl with esp base handling */
+ uint8_t rip_offset; /* only used in x86_64, but left for simplicity */
#ifdef TARGET_X86_64
uint8_t rex_r;
@@ -97,16 +101,13 @@ typedef struct DisasContext {
uint8_t rex_b;
bool rex_w;
#endif
- uint8_t vex_l; /* vex vector length */
- uint8_t vex_v; /* vex vvvv register, without 1's complement. */
- CCOp cc_op; /* current CC operation */
- bool cc_op_dirty;
bool jmp_opt; /* use direct block chaining for direct jumps */
bool repz_opt; /* optimize jumps within repz instructions */
+ bool cc_op_dirty;
+
+ CCOp cc_op; /* current CC operation */
int mem_index; /* select memory access functions */
uint32_t flags; /* all execution flags */
- uint8_t popl_esp_hack; /* for correct popl with esp base handling */
- uint8_t rip_offset; /* only used in x86_64, but left for simplicity */
int cpuid_features;
int cpuid_ext_features;
int cpuid_ext2_features;
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 29/50] target/i386: Add stub generator for helper_set_dr
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (27 preceding siblings ...)
2021-02-28 23:22 ` [PATCH 28/50] target/i386: Reorder DisasContext members Richard Henderson
@ 2021-02-28 23:23 ` Richard Henderson
2021-02-28 23:23 ` [PATCH 30/50] target/i386: Assert !SVME for user-only Richard Henderson
` (21 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:23 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
This removes an ifdef from the middle of disas_insn,
and ensures that the branch is not reachable.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index f0bc2df98c..42b96a2669 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -179,6 +179,19 @@ typedef struct DisasContext {
#define REX_B(S) 0
#endif
+/*
+ * Many sysemu-only helpers are not reachable for user-only.
+ * Define stub generators here, so that we need not either sprinkle
+ * ifdefs through the translator, nor provide the helper function.
+ */
+#define STUB_HELPER(NAME, ...) \
+ static inline void gen_helper_##NAME(__VA_ARGS__) \
+ { qemu_build_not_reached(); }
+
+#ifdef CONFIG_USER_ONLY
+STUB_HELPER(set_dr, TCGv_env env, TCGv_i32 reg, TCGv val)
+#endif
+
static void gen_eob(DisasContext *s);
static void gen_jr(DisasContext *s, TCGv dest);
static void gen_jmp(DisasContext *s, target_ulong eip);
@@ -8069,7 +8082,6 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0x121: /* mov reg, drN */
case 0x123: /* mov drN, reg */
if (check_cpl0(s)) {
-#ifndef CONFIG_USER_ONLY
modrm = x86_ldub_code(env, s);
/* Ignore the mod bits (assume (modrm&0xc0)==0xc0).
* AMD documentation (24594.pdf) and testing of
@@ -8098,7 +8110,6 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
gen_helper_get_dr(s->T0, cpu_env, s->tmp2_i32);
gen_op_mov_reg_v(s, ot, rm, s->T0);
}
-#endif /* !CONFIG_USER_ONLY */
}
break;
case 0x106: /* clts */
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 30/50] target/i386: Assert !SVME for user-only
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (28 preceding siblings ...)
2021-02-28 23:23 ` [PATCH 29/50] target/i386: Add stub generator for helper_set_dr Richard Henderson
@ 2021-02-28 23:23 ` Richard Henderson
2021-02-28 23:23 ` [PATCH 31/50] target/i386: Assert !GUEST " Richard Henderson
` (20 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:23 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
Most of the VMM instructions are already disabled for
user-only, by being usable only from ring 0.
The spec is intentionally loose for VMMCALL, allowing
the VMM to define syscalls for user-only. However,
linux does not do so; VMMCALL is illegal.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 21 +++++++++++----------
1 file changed, 11 insertions(+), 10 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 42b96a2669..3779da9042 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -138,10 +138,12 @@ typedef struct DisasContext {
#define PE(S) true
#define CPL(S) 3
#define IOPL(S) 0
+#define SVME(S) false
#else
#define PE(S) (((S)->flags & HF_PE_MASK) != 0)
#define CPL(S) ((S)->cpl)
#define IOPL(S) ((S)->iopl)
+#define SVME(S) (((S)->flags & HF_SVME_MASK) != 0)
#endif
#if defined(CONFIG_USER_ONLY) && defined(TARGET_X86_64)
#define VM86(S) false
@@ -7489,7 +7491,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
case 0xd8: /* VMRUN */
- if (!(s->flags & HF_SVME_MASK) || !PE(s)) {
+ if (!SVME(s) || !PE(s)) {
goto illegal_op;
}
if (!check_cpl0(s)) {
@@ -7504,7 +7506,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
case 0xd9: /* VMMCALL */
- if (!(s->flags & HF_SVME_MASK)) {
+ if (!SVME(s)) {
goto illegal_op;
}
gen_update_cc_op(s);
@@ -7513,7 +7515,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
case 0xda: /* VMLOAD */
- if (!(s->flags & HF_SVME_MASK) || !PE(s)) {
+ if (!SVME(s) || !PE(s)) {
goto illegal_op;
}
if (!check_cpl0(s)) {
@@ -7525,7 +7527,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
case 0xdb: /* VMSAVE */
- if (!(s->flags & HF_SVME_MASK) || !PE(s)) {
+ if (!SVME(s) || !PE(s)) {
goto illegal_op;
}
if (!check_cpl0(s)) {
@@ -7537,8 +7539,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
case 0xdc: /* STGI */
- if ((!(s->flags & HF_SVME_MASK)
- && !(s->cpuid_ext3_features & CPUID_EXT3_SKINIT))
+ if ((!SVME(s) && !(s->cpuid_ext3_features & CPUID_EXT3_SKINIT))
|| !PE(s)) {
goto illegal_op;
}
@@ -7552,7 +7553,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
case 0xdd: /* CLGI */
- if (!(s->flags & HF_SVME_MASK) || !PE(s)) {
+ if (!SVME(s) || !PE(s)) {
goto illegal_op;
}
if (!check_cpl0(s)) {
@@ -7564,8 +7565,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
case 0xde: /* SKINIT */
- if ((!(s->flags & HF_SVME_MASK)
- && !(s->cpuid_ext3_features & CPUID_EXT3_SKINIT))
+ if ((!SVME(s) && !(s->cpuid_ext3_features & CPUID_EXT3_SKINIT))
|| !PE(s)) {
goto illegal_op;
}
@@ -7575,7 +7575,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
case 0xdf: /* INVLPGA */
- if (!(s->flags & HF_SVME_MASK) || !PE(s)) {
+ if (!SVME(s) || !PE(s)) {
goto illegal_op;
}
if (!check_cpl0(s)) {
@@ -8510,6 +8510,7 @@ static void i386_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cpu)
g_assert(SS32(dc) == ((flags & HF_SS32_MASK) != 0));
g_assert(LMA(dc) == ((flags & HF_LMA_MASK) != 0));
g_assert(ADDSEG(dc) == ((flags & HF_ADDSEG_MASK) != 0));
+ g_assert(SVME(dc) == ((flags & HF_SVME_MASK) != 0));
dc->cc_op = CC_OP_DYNAMIC;
dc->cc_op_dirty = false;
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 31/50] target/i386: Assert !GUEST for user-only
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (29 preceding siblings ...)
2021-02-28 23:23 ` [PATCH 30/50] target/i386: Assert !SVME for user-only Richard Henderson
@ 2021-02-28 23:23 ` Richard Henderson
2021-02-28 23:23 ` [PATCH 32/50] target/i386: Implement skinit in translate.c Richard Henderson
` (19 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:23 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
For user-only, we do not need to check for VMM intercept.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 3779da9042..cd376a2c07 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -139,11 +139,13 @@ typedef struct DisasContext {
#define CPL(S) 3
#define IOPL(S) 0
#define SVME(S) false
+#define GUEST(S) false
#else
#define PE(S) (((S)->flags & HF_PE_MASK) != 0)
#define CPL(S) ((S)->cpl)
#define IOPL(S) ((S)->iopl)
#define SVME(S) (((S)->flags & HF_SVME_MASK) != 0)
+#define GUEST(S) (((S)->flags & HF_GUEST_MASK) != 0)
#endif
#if defined(CONFIG_USER_ONLY) && defined(TARGET_X86_64)
#define VM86(S) false
@@ -677,7 +679,7 @@ static void gen_check_io(DisasContext *s, MemOp ot, target_ulong cur_eip,
tcg_abort();
}
}
- if(s->flags & HF_GUEST_MASK) {
+ if (GUEST(s)) {
gen_update_cc_op(s);
gen_jmp_im(s, cur_eip);
svm_flags |= (1 << (4 + ot));
@@ -2417,8 +2419,9 @@ gen_svm_check_intercept_param(DisasContext *s, target_ulong pc_start,
uint32_t type, uint64_t param)
{
/* no SVM activated; fast case */
- if (likely(!(s->flags & HF_GUEST_MASK)))
+ if (likely(!GUEST(s))) {
return;
+ }
gen_update_cc_op(s);
gen_jmp_im(s, pc_start - s->cs_base);
gen_helper_svm_check_intercept_param(cpu_env, tcg_const_i32(type),
@@ -8511,6 +8514,7 @@ static void i386_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cpu)
g_assert(LMA(dc) == ((flags & HF_LMA_MASK) != 0));
g_assert(ADDSEG(dc) == ((flags & HF_ADDSEG_MASK) != 0));
g_assert(SVME(dc) == ((flags & HF_SVME_MASK) != 0));
+ g_assert(GUEST(dc) == ((flags & HF_GUEST_MASK) != 0));
dc->cc_op = CC_OP_DYNAMIC;
dc->cc_op_dirty = false;
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 32/50] target/i386: Implement skinit in translate.c
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (30 preceding siblings ...)
2021-02-28 23:23 ` [PATCH 31/50] target/i386: Assert !GUEST " Richard Henderson
@ 2021-02-28 23:23 ` Richard Henderson
2021-02-28 23:23 ` [PATCH 33/50] target/i386: Eliminate SVM helpers for user-only Richard Henderson
` (18 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:23 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
Our sysemu implementation is a stub. We can already intercept
instructions for vmexit, and raising #UD is trivial.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/helper.h | 1 -
target/i386/tcg/sysemu/svm_helper.c | 7 -------
target/i386/tcg/translate.c | 7 +++----
target/i386/tcg/user/svm_stubs.c | 4 ----
4 files changed, 3 insertions(+), 16 deletions(-)
diff --git a/target/i386/helper.h b/target/i386/helper.h
index 095520f81f..7a09efd55b 100644
--- a/target/i386/helper.h
+++ b/target/i386/helper.h
@@ -117,7 +117,6 @@ DEF_HELPER_2(vmload, void, env, int)
DEF_HELPER_2(vmsave, void, env, int)
DEF_HELPER_1(stgi, void, env)
DEF_HELPER_1(clgi, void, env)
-DEF_HELPER_1(skinit, void, env)
DEF_HELPER_2(invlpga, void, env, int)
/* x86 FPU */
diff --git a/target/i386/tcg/sysemu/svm_helper.c b/target/i386/tcg/sysemu/svm_helper.c
index 5b9c6f18be..ca5a781a7e 100644
--- a/target/i386/tcg/sysemu/svm_helper.c
+++ b/target/i386/tcg/sysemu/svm_helper.c
@@ -423,13 +423,6 @@ void helper_clgi(CPUX86State *env)
env->hflags2 &= ~HF2_GIF_MASK;
}
-void helper_skinit(CPUX86State *env)
-{
- cpu_svm_check_intercept_param(env, SVM_EXIT_SKINIT, 0, GETPC());
- /* XXX: not implemented */
- raise_exception(env, EXCP06_ILLOP);
-}
-
void helper_invlpga(CPUX86State *env, int aflag)
{
X86CPU *cpu = env_archcpu(env);
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index cd376a2c07..92e85e1872 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -7572,10 +7572,9 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
|| !PE(s)) {
goto illegal_op;
}
- gen_update_cc_op(s);
- gen_jmp_im(s, pc_start - s->cs_base);
- gen_helper_skinit(cpu_env);
- break;
+ gen_svm_check_intercept(s, pc_start, SVM_EXIT_SKINIT);
+ /* If not intercepted, not implemented -- raise #UD. */
+ goto illegal_op;
case 0xdf: /* INVLPGA */
if (!SVME(s) || !PE(s)) {
diff --git a/target/i386/tcg/user/svm_stubs.c b/target/i386/tcg/user/svm_stubs.c
index 97528b56ad..63b37f0de6 100644
--- a/target/i386/tcg/user/svm_stubs.c
+++ b/target/i386/tcg/user/svm_stubs.c
@@ -46,10 +46,6 @@ void helper_clgi(CPUX86State *env)
{
}
-void helper_skinit(CPUX86State *env)
-{
-}
-
void helper_invlpga(CPUX86State *env, int aflag)
{
}
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 33/50] target/i386: Eliminate SVM helpers for user-only
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (31 preceding siblings ...)
2021-02-28 23:23 ` [PATCH 32/50] target/i386: Implement skinit in translate.c Richard Henderson
@ 2021-02-28 23:23 ` Richard Henderson
2021-02-28 23:23 ` [PATCH 34/50] target/i386: Mark some helpers as noreturn Richard Henderson
` (17 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:23 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
Use STUB_HELPER to ensure that such calls are always eliminated.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/helper.h | 3 +--
target/i386/tcg/translate.c | 9 ++++++++
target/i386/tcg/user/svm_stubs.c | 38 --------------------------------
3 files changed, 10 insertions(+), 40 deletions(-)
diff --git a/target/i386/helper.h b/target/i386/helper.h
index 7a09efd55b..d0f7f07c6c 100644
--- a/target/i386/helper.h
+++ b/target/i386/helper.h
@@ -107,8 +107,6 @@ DEF_HELPER_2(inl, tl, env, i32)
#ifndef CONFIG_USER_ONLY
DEF_HELPER_FLAGS_4(bpt_io, TCG_CALL_NO_WG, void, env, i32, i32, tl)
-#endif /* !CONFIG_USER_ONLY */
-
DEF_HELPER_3(svm_check_intercept_param, void, env, i32, i64)
DEF_HELPER_4(svm_check_io, void, env, i32, i32, i32)
DEF_HELPER_3(vmrun, void, env, int, int)
@@ -118,6 +116,7 @@ DEF_HELPER_2(vmsave, void, env, int)
DEF_HELPER_1(stgi, void, env)
DEF_HELPER_1(clgi, void, env)
DEF_HELPER_2(invlpga, void, env, int)
+#endif /* !CONFIG_USER_ONLY */
/* x86 FPU */
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 92e85e1872..8c77c9cbe6 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -193,7 +193,16 @@ typedef struct DisasContext {
{ qemu_build_not_reached(); }
#ifdef CONFIG_USER_ONLY
+STUB_HELPER(clgi, TCGv_env env)
+STUB_HELPER(invlpga, TCGv_env env, TCGv_i32 aflag)
STUB_HELPER(set_dr, TCGv_env env, TCGv_i32 reg, TCGv val)
+STUB_HELPER(stgi, TCGv_env env)
+STUB_HELPER(svm_check_intercept_param, TCGv_env env, TCGv_i32 t, TCGv_i64 p)
+STUB_HELPER(svm_check_io, TCGv_env env, TCGv_i32 port, TCGv_i32 p, TCGv_i32 a)
+STUB_HELPER(vmload, TCGv_env env, TCGv_i32 aflag)
+STUB_HELPER(vmmcall, TCGv_env env)
+STUB_HELPER(vmrun, TCGv_env env, TCGv_i32 aflag, TCGv_i32 pc_ofs)
+STUB_HELPER(vmsave, TCGv_env env, TCGv_i32 aflag)
#endif
static void gen_eob(DisasContext *s);
diff --git a/target/i386/tcg/user/svm_stubs.c b/target/i386/tcg/user/svm_stubs.c
index 63b37f0de6..48a43bdcea 100644
--- a/target/i386/tcg/user/svm_stubs.c
+++ b/target/i386/tcg/user/svm_stubs.c
@@ -22,51 +22,13 @@
#include "exec/helper-proto.h"
#include "tcg/helper-tcg.h"
-void helper_vmrun(CPUX86State *env, int aflag, int next_eip_addend)
-{
-}
-
-void helper_vmmcall(CPUX86State *env)
-{
-}
-
-void helper_vmload(CPUX86State *env, int aflag)
-{
-}
-
-void helper_vmsave(CPUX86State *env, int aflag)
-{
-}
-
-void helper_stgi(CPUX86State *env)
-{
-}
-
-void helper_clgi(CPUX86State *env)
-{
-}
-
-void helper_invlpga(CPUX86State *env, int aflag)
-{
-}
-
void cpu_vmexit(CPUX86State *nenv, uint32_t exit_code, uint64_t exit_info_1,
uintptr_t retaddr)
{
assert(0);
}
-void helper_svm_check_intercept_param(CPUX86State *env, uint32_t type,
- uint64_t param)
-{
-}
-
void cpu_svm_check_intercept_param(CPUX86State *env, uint32_t type,
uint64_t param, uintptr_t retaddr)
{
}
-
-void helper_svm_check_io(CPUX86State *env, uint32_t port, uint32_t param,
- uint32_t next_eip_addend)
-{
-}
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 34/50] target/i386: Mark some helpers as noreturn
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (32 preceding siblings ...)
2021-02-28 23:23 ` [PATCH 33/50] target/i386: Eliminate SVM helpers for user-only Richard Henderson
@ 2021-02-28 23:23 ` Richard Henderson
2021-02-28 23:23 ` [PATCH 35/50] target/i386: Simplify gen_debug usage Richard Henderson
` (16 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:23 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
Any helper that always raises an exception or interrupt,
or simply exits to the main loop, can be so marked.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/helper.h | 18 +++++++++---------
target/i386/tcg/bpt_helper.c | 2 +-
target/i386/tcg/excp_helper.c | 18 ++++++++++--------
target/i386/tcg/misc_helper.c | 14 +++++++-------
target/i386/tcg/translate.c | 3 ++-
5 files changed, 29 insertions(+), 26 deletions(-)
diff --git a/target/i386/helper.h b/target/i386/helper.h
index d0f7f07c6c..f794d1c7c7 100644
--- a/target/i386/helper.h
+++ b/target/i386/helper.h
@@ -60,14 +60,14 @@ DEF_HELPER_2(sysexit, void, env, int)
DEF_HELPER_2(syscall, void, env, int)
DEF_HELPER_2(sysret, void, env, int)
#endif
-DEF_HELPER_2(hlt, void, env, int)
-DEF_HELPER_2(monitor, void, env, tl)
-DEF_HELPER_2(mwait, void, env, int)
-DEF_HELPER_2(pause, void, env, int)
-DEF_HELPER_1(debug, void, env)
+DEF_HELPER_FLAGS_2(hlt, TCG_CALL_NO_WG, noreturn, env, int)
+DEF_HELPER_FLAGS_2(monitor, TCG_CALL_NO_WG, void, env, tl)
+DEF_HELPER_FLAGS_2(mwait, TCG_CALL_NO_WG, noreturn, env, int)
+DEF_HELPER_FLAGS_2(pause, TCG_CALL_NO_WG, noreturn, env, int)
+DEF_HELPER_FLAGS_1(debug, TCG_CALL_NO_WG, noreturn, env)
DEF_HELPER_1(reset_rf, void, env)
-DEF_HELPER_3(raise_interrupt, void, env, int, int)
-DEF_HELPER_2(raise_exception, void, env, int)
+DEF_HELPER_FLAGS_3(raise_interrupt, TCG_CALL_NO_WG, noreturn, env, int, int)
+DEF_HELPER_FLAGS_2(raise_exception, TCG_CALL_NO_WG, noreturn, env, int)
DEF_HELPER_1(cli, void, env)
DEF_HELPER_1(sti, void, env)
DEF_HELPER_1(clac, void, env)
@@ -86,12 +86,12 @@ DEF_HELPER_2(cmpxchg8b, void, env, tl)
DEF_HELPER_2(cmpxchg16b_unlocked, void, env, tl)
DEF_HELPER_2(cmpxchg16b, void, env, tl)
#endif
-DEF_HELPER_1(single_step, void, env)
+DEF_HELPER_FLAGS_1(single_step, TCG_CALL_NO_WG, noreturn, env)
DEF_HELPER_1(rechecking_single_step, void, env)
DEF_HELPER_1(cpuid, void, env)
DEF_HELPER_1(rdtsc, void, env)
DEF_HELPER_1(rdtscp, void, env)
-DEF_HELPER_1(rdpmc, void, env)
+DEF_HELPER_FLAGS_1(rdpmc, TCG_CALL_NO_WG, noreturn, env)
DEF_HELPER_1(rdmsr, void, env)
DEF_HELPER_1(wrmsr, void, env)
diff --git a/target/i386/tcg/bpt_helper.c b/target/i386/tcg/bpt_helper.c
index fb2a65ac9c..83cd89581e 100644
--- a/target/i386/tcg/bpt_helper.c
+++ b/target/i386/tcg/bpt_helper.c
@@ -22,7 +22,7 @@
#include "exec/helper-proto.h"
#include "helper-tcg.h"
-void helper_single_step(CPUX86State *env)
+void QEMU_NORETURN helper_single_step(CPUX86State *env)
{
#ifndef CONFIG_USER_ONLY
check_hw_breakpoints(env, true);
diff --git a/target/i386/tcg/excp_helper.c b/target/i386/tcg/excp_helper.c
index 0183f3932e..bdae887d0a 100644
--- a/target/i386/tcg/excp_helper.c
+++ b/target/i386/tcg/excp_helper.c
@@ -25,12 +25,13 @@
#include "exec/helper-proto.h"
#include "helper-tcg.h"
-void helper_raise_interrupt(CPUX86State *env, int intno, int next_eip_addend)
+void QEMU_NORETURN helper_raise_interrupt(CPUX86State *env, int intno,
+ int next_eip_addend)
{
raise_interrupt(env, intno, 1, 0, next_eip_addend);
}
-void helper_raise_exception(CPUX86State *env, int exception_index)
+void QEMU_NORETURN helper_raise_exception(CPUX86State *env, int exception_index)
{
raise_exception(env, exception_index);
}
@@ -116,24 +117,25 @@ void QEMU_NORETURN raise_interrupt(CPUX86State *env, int intno, int is_int,
raise_interrupt2(env, intno, is_int, error_code, next_eip_addend, 0);
}
-void raise_exception_err(CPUX86State *env, int exception_index,
- int error_code)
+void QEMU_NORETURN raise_exception_err(CPUX86State *env, int exception_index,
+ int error_code)
{
raise_interrupt2(env, exception_index, 0, error_code, 0, 0);
}
-void raise_exception_err_ra(CPUX86State *env, int exception_index,
- int error_code, uintptr_t retaddr)
+void QEMU_NORETURN raise_exception_err_ra(CPUX86State *env, int exception_index,
+ int error_code, uintptr_t retaddr)
{
raise_interrupt2(env, exception_index, 0, error_code, 0, retaddr);
}
-void raise_exception(CPUX86State *env, int exception_index)
+void QEMU_NORETURN raise_exception(CPUX86State *env, int exception_index)
{
raise_interrupt2(env, exception_index, 0, 0, 0, 0);
}
-void raise_exception_ra(CPUX86State *env, int exception_index, uintptr_t retaddr)
+void QEMU_NORETURN raise_exception_ra(CPUX86State *env, int exception_index,
+ uintptr_t retaddr)
{
raise_interrupt2(env, exception_index, 0, 0, 0, retaddr);
}
diff --git a/target/i386/tcg/misc_helper.c b/target/i386/tcg/misc_helper.c
index 82fb7037ac..1ca9ace3dc 100644
--- a/target/i386/tcg/misc_helper.c
+++ b/target/i386/tcg/misc_helper.c
@@ -96,7 +96,7 @@ void helper_rdtscp(CPUX86State *env)
env->regs[R_ECX] = (uint32_t)(env->tsc_aux);
}
-void helper_rdpmc(CPUX86State *env)
+void QEMU_NORETURN helper_rdpmc(CPUX86State *env)
{
if ((env->cr[4] & CR4_PCE_MASK) && ((env->hflags & HF_CPL_MASK) != 0)) {
raise_exception_ra(env, EXCP0D_GPF, GETPC());
@@ -108,7 +108,7 @@ void helper_rdpmc(CPUX86State *env)
raise_exception_err(env, EXCP06_ILLOP, 0);
}
-static void do_pause(X86CPU *cpu)
+static QEMU_NORETURN void do_pause(X86CPU *cpu)
{
CPUState *cs = CPU(cpu);
@@ -117,7 +117,7 @@ static void do_pause(X86CPU *cpu)
cpu_loop_exit(cs);
}
-static void do_hlt(X86CPU *cpu)
+static QEMU_NORETURN void do_hlt(X86CPU *cpu)
{
CPUState *cs = CPU(cpu);
CPUX86State *env = &cpu->env;
@@ -128,7 +128,7 @@ static void do_hlt(X86CPU *cpu)
cpu_loop_exit(cs);
}
-void helper_hlt(CPUX86State *env, int next_eip_addend)
+void QEMU_NORETURN helper_hlt(CPUX86State *env, int next_eip_addend)
{
X86CPU *cpu = env_archcpu(env);
@@ -147,7 +147,7 @@ void helper_monitor(CPUX86State *env, target_ulong ptr)
cpu_svm_check_intercept_param(env, SVM_EXIT_MONITOR, 0, GETPC());
}
-void helper_mwait(CPUX86State *env, int next_eip_addend)
+void QEMU_NORETURN helper_mwait(CPUX86State *env, int next_eip_addend)
{
CPUState *cs = env_cpu(env);
X86CPU *cpu = env_archcpu(env);
@@ -166,7 +166,7 @@ void helper_mwait(CPUX86State *env, int next_eip_addend)
}
}
-void helper_pause(CPUX86State *env, int next_eip_addend)
+void QEMU_NORETURN helper_pause(CPUX86State *env, int next_eip_addend)
{
X86CPU *cpu = env_archcpu(env);
@@ -176,7 +176,7 @@ void helper_pause(CPUX86State *env, int next_eip_addend)
do_pause(cpu);
}
-void helper_debug(CPUX86State *env)
+void QEMU_NORETURN helper_debug(CPUX86State *env)
{
CPUState *cs = env_cpu(env);
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 8c77c9cbe6..c2bc3c4b22 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -7276,6 +7276,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
gen_update_cc_op(s);
gen_jmp_im(s, pc_start - s->cs_base);
gen_helper_rdpmc(cpu_env);
+ s->base.is_jmp = DISAS_NORETURN;
break;
case 0x134: /* sysenter */
/* For Intel SYSENTER is valid on 64-bit */
@@ -7437,7 +7438,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
gen_update_cc_op(s);
gen_jmp_im(s, pc_start - s->cs_base);
gen_helper_mwait(cpu_env, tcg_const_i32(s->pc - pc_start));
- gen_eob(s);
+ s->base.is_jmp = DISAS_NORETURN;
break;
case 0xca: /* clac */
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 35/50] target/i386: Simplify gen_debug usage
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (33 preceding siblings ...)
2021-02-28 23:23 ` [PATCH 34/50] target/i386: Mark some helpers as noreturn Richard Henderson
@ 2021-02-28 23:23 ` Richard Henderson
2021-02-28 23:23 ` [PATCH 36/50] target/i386: Tidy svm_check_intercept from tcg Richard Henderson
` (15 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:23 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
Both invocations pass the start of the current instruction,
which is available as s->base.pc_next. The function sets
is_jmp, so we can eliminate a second setting.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 9 ++++-----
1 file changed, 4 insertions(+), 5 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index c2bc3c4b22..c135be9063 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -2614,10 +2614,10 @@ static void gen_interrupt(DisasContext *s, int intno,
s->base.is_jmp = DISAS_NORETURN;
}
-static void gen_debug(DisasContext *s, target_ulong cur_eip)
+static void gen_debug(DisasContext *s)
{
gen_update_cc_op(s);
- gen_jmp_im(s, cur_eip);
+ gen_jmp_im(s, s->base.pc_next - s->cs_base);
gen_helper_debug(cpu_env);
s->base.is_jmp = DISAS_NORETURN;
}
@@ -7146,7 +7146,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
#ifdef WANT_ICEBP
case 0xf1: /* icebp (undocumented, exits to external debugger) */
gen_svm_check_intercept(s, pc_start, SVM_EXIT_ICEBP);
- gen_debug(s, pc_start - s->cs_base);
+ gen_debug(s);
break;
#endif
case 0xfa: /* cli */
@@ -8586,8 +8586,7 @@ static bool i386_tr_breakpoint_check(DisasContextBase *dcbase, CPUState *cpu,
/* If RF is set, suppress an internally generated breakpoint. */
int flags = dc->base.tb->flags & HF_RF_MASK ? BP_GDB : BP_ANY;
if (bp->flags & flags) {
- gen_debug(dc, dc->base.pc_next - dc->cs_base);
- dc->base.is_jmp = DISAS_NORETURN;
+ gen_debug(dc);
/* The address covered by the breakpoint must be included in
[tb->pc, tb->pc + tb->size) in order to for it to be
properly cleared -- thus we increment the PC here so that
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 36/50] target/i386: Tidy svm_check_intercept from tcg
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (34 preceding siblings ...)
2021-02-28 23:23 ` [PATCH 35/50] target/i386: Simplify gen_debug usage Richard Henderson
@ 2021-02-28 23:23 ` Richard Henderson
2021-02-28 23:23 ` [PATCH 37/50] target/i386: Remove pc_start argument to gen_svm_check_intercept Richard Henderson
` (14 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:23 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
The param argument to helper_svm_check_intercept_param is always 0;
eliminate it and rename to helper_svm_check_intercept. Fold
gen_sve_check_intercept_param into gen_svm_check_intercept.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/helper.h | 2 +-
target/i386/tcg/sysemu/svm_helper.c | 5 ++---
target/i386/tcg/translate.c | 16 ++++------------
3 files changed, 7 insertions(+), 16 deletions(-)
diff --git a/target/i386/helper.h b/target/i386/helper.h
index f794d1c7c7..86484a4ec4 100644
--- a/target/i386/helper.h
+++ b/target/i386/helper.h
@@ -107,7 +107,7 @@ DEF_HELPER_2(inl, tl, env, i32)
#ifndef CONFIG_USER_ONLY
DEF_HELPER_FLAGS_4(bpt_io, TCG_CALL_NO_WG, void, env, i32, i32, tl)
-DEF_HELPER_3(svm_check_intercept_param, void, env, i32, i64)
+DEF_HELPER_2(svm_check_intercept, void, env, i32)
DEF_HELPER_4(svm_check_io, void, env, i32, i32, i32)
DEF_HELPER_3(vmrun, void, env, int, int)
DEF_HELPER_1(vmmcall, void, env)
diff --git a/target/i386/tcg/sysemu/svm_helper.c b/target/i386/tcg/sysemu/svm_helper.c
index ca5a781a7e..86a0b3c4be 100644
--- a/target/i386/tcg/sysemu/svm_helper.c
+++ b/target/i386/tcg/sysemu/svm_helper.c
@@ -517,10 +517,9 @@ void cpu_svm_check_intercept_param(CPUX86State *env, uint32_t type,
}
}
-void helper_svm_check_intercept_param(CPUX86State *env, uint32_t type,
- uint64_t param)
+void helper_svm_check_intercept(CPUX86State *env, uint32_t type)
{
- cpu_svm_check_intercept_param(env, type, param, GETPC());
+ cpu_svm_check_intercept_param(env, type, 0, GETPC());
}
void helper_svm_check_io(CPUX86State *env, uint32_t port, uint32_t param,
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index c135be9063..cbc0cc3ccc 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -197,7 +197,7 @@ STUB_HELPER(clgi, TCGv_env env)
STUB_HELPER(invlpga, TCGv_env env, TCGv_i32 aflag)
STUB_HELPER(set_dr, TCGv_env env, TCGv_i32 reg, TCGv val)
STUB_HELPER(stgi, TCGv_env env)
-STUB_HELPER(svm_check_intercept_param, TCGv_env env, TCGv_i32 t, TCGv_i64 p)
+STUB_HELPER(svm_check_intercept, TCGv_env env, TCGv_i32 type)
STUB_HELPER(svm_check_io, TCGv_env env, TCGv_i32 port, TCGv_i32 p, TCGv_i32 a)
STUB_HELPER(vmload, TCGv_env env, TCGv_i32 aflag)
STUB_HELPER(vmmcall, TCGv_env env)
@@ -2423,9 +2423,8 @@ static inline int svm_is_rep(int prefixes)
return ((prefixes & (PREFIX_REPZ | PREFIX_REPNZ)) ? 8 : 0);
}
-static inline void
-gen_svm_check_intercept_param(DisasContext *s, target_ulong pc_start,
- uint32_t type, uint64_t param)
+static void gen_svm_check_intercept(DisasContext *s, target_ulong pc_start,
+ uint32_t type)
{
/* no SVM activated; fast case */
if (likely(!GUEST(s))) {
@@ -2433,14 +2432,7 @@ gen_svm_check_intercept_param(DisasContext *s, target_ulong pc_start,
}
gen_update_cc_op(s);
gen_jmp_im(s, pc_start - s->cs_base);
- gen_helper_svm_check_intercept_param(cpu_env, tcg_const_i32(type),
- tcg_const_i64(param));
-}
-
-static inline void
-gen_svm_check_intercept(DisasContext *s, target_ulong pc_start, uint64_t type)
-{
- gen_svm_check_intercept_param(s, pc_start, type, 0);
+ gen_helper_svm_check_intercept(cpu_env, tcg_constant_i32(type));
}
static inline void gen_stack_update(DisasContext *s, int addend)
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 37/50] target/i386: Remove pc_start argument to gen_svm_check_intercept
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (35 preceding siblings ...)
2021-02-28 23:23 ` [PATCH 36/50] target/i386: Tidy svm_check_intercept from tcg Richard Henderson
@ 2021-02-28 23:23 ` Richard Henderson
2021-02-28 23:23 ` [PATCH 38/50] target/i386: Remove user stub for cpu_vmexit Richard Henderson
` (13 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:23 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
When exiting helper_svm_check_intercept via exception, cpu_vmexit
calls cpu_restore_state, which will recover eip and cc_op via unwind.
Therefore we do not need to store eip or cc_op before the call.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 45 +++++++++++++++++--------------------
1 file changed, 21 insertions(+), 24 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index cbc0cc3ccc..33faffe00f 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -2423,15 +2423,12 @@ static inline int svm_is_rep(int prefixes)
return ((prefixes & (PREFIX_REPZ | PREFIX_REPNZ)) ? 8 : 0);
}
-static void gen_svm_check_intercept(DisasContext *s, target_ulong pc_start,
- uint32_t type)
+static void gen_svm_check_intercept(DisasContext *s, uint32_t type)
{
/* no SVM activated; fast case */
if (likely(!GUEST(s))) {
return;
}
- gen_update_cc_op(s);
- gen_jmp_im(s, pc_start - s->cs_base);
gen_helper_svm_check_intercept(cpu_env, tcg_constant_i32(type));
}
@@ -6633,7 +6630,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
val = 0;
goto do_lret;
case 0xcf: /* iret */
- gen_svm_check_intercept(s, pc_start, SVM_EXIT_IRET);
+ gen_svm_check_intercept(s, SVM_EXIT_IRET);
if (!PE(s) || VM86(s)) {
/* real mode or vm86 mode */
if (!check_vm86_iopl(s)) {
@@ -6755,7 +6752,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
/************************/
/* flags */
case 0x9c: /* pushf */
- gen_svm_check_intercept(s, pc_start, SVM_EXIT_PUSHF);
+ gen_svm_check_intercept(s, SVM_EXIT_PUSHF);
if (check_vm86_iopl(s)) {
gen_update_cc_op(s);
gen_helper_read_eflags(s->T0, cpu_env);
@@ -6763,7 +6760,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
}
break;
case 0x9d: /* popf */
- gen_svm_check_intercept(s, pc_start, SVM_EXIT_POPF);
+ gen_svm_check_intercept(s, SVM_EXIT_POPF);
if (check_vm86_iopl(s)) {
ot = gen_pop_T0(s);
if (CPL(s) == 0) {
@@ -7137,7 +7134,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
#ifdef WANT_ICEBP
case 0xf1: /* icebp (undocumented, exits to external debugger) */
- gen_svm_check_intercept(s, pc_start, SVM_EXIT_ICEBP);
+ gen_svm_check_intercept(s, SVM_EXIT_ICEBP);
gen_debug(s);
break;
#endif
@@ -7341,7 +7338,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0: /* sldt */
if (!PE(s) || VM86(s))
goto illegal_op;
- gen_svm_check_intercept(s, pc_start, SVM_EXIT_LDTR_READ);
+ gen_svm_check_intercept(s, SVM_EXIT_LDTR_READ);
tcg_gen_ld32u_tl(s->T0, cpu_env,
offsetof(CPUX86State, ldt.selector));
ot = mod == 3 ? dflag : MO_16;
@@ -7351,7 +7348,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
if (!PE(s) || VM86(s))
goto illegal_op;
if (check_cpl0(s)) {
- gen_svm_check_intercept(s, pc_start, SVM_EXIT_LDTR_WRITE);
+ gen_svm_check_intercept(s, SVM_EXIT_LDTR_WRITE);
gen_ldst_modrm(env, s, modrm, MO_16, OR_TMP0, 0);
tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T0);
gen_helper_lldt(cpu_env, s->tmp2_i32);
@@ -7360,7 +7357,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 1: /* str */
if (!PE(s) || VM86(s))
goto illegal_op;
- gen_svm_check_intercept(s, pc_start, SVM_EXIT_TR_READ);
+ gen_svm_check_intercept(s, SVM_EXIT_TR_READ);
tcg_gen_ld32u_tl(s->T0, cpu_env,
offsetof(CPUX86State, tr.selector));
ot = mod == 3 ? dflag : MO_16;
@@ -7370,7 +7367,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
if (!PE(s) || VM86(s))
goto illegal_op;
if (check_cpl0(s)) {
- gen_svm_check_intercept(s, pc_start, SVM_EXIT_TR_WRITE);
+ gen_svm_check_intercept(s, SVM_EXIT_TR_WRITE);
gen_ldst_modrm(env, s, modrm, MO_16, OR_TMP0, 0);
tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T0);
gen_helper_ltr(cpu_env, s->tmp2_i32);
@@ -7398,7 +7395,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
modrm = x86_ldub_code(env, s);
switch (modrm) {
CASE_MODRM_MEM_OP(0): /* sgdt */
- gen_svm_check_intercept(s, pc_start, SVM_EXIT_GDTR_READ);
+ gen_svm_check_intercept(s, SVM_EXIT_GDTR_READ);
gen_lea_modrm(env, s, modrm);
tcg_gen_ld32u_tl(s->T0,
cpu_env, offsetof(CPUX86State, gdt.limit));
@@ -7454,7 +7451,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
CASE_MODRM_MEM_OP(1): /* sidt */
- gen_svm_check_intercept(s, pc_start, SVM_EXIT_IDTR_READ);
+ gen_svm_check_intercept(s, SVM_EXIT_IDTR_READ);
gen_lea_modrm(env, s, modrm);
tcg_gen_ld32u_tl(s->T0, cpu_env, offsetof(CPUX86State, idt.limit));
gen_op_st_v(s, MO_16, s->T0, s->A0);
@@ -7574,7 +7571,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
|| !PE(s)) {
goto illegal_op;
}
- gen_svm_check_intercept(s, pc_start, SVM_EXIT_SKINIT);
+ gen_svm_check_intercept(s, SVM_EXIT_SKINIT);
/* If not intercepted, not implemented -- raise #UD. */
goto illegal_op;
@@ -7594,7 +7591,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
if (!check_cpl0(s)) {
break;
}
- gen_svm_check_intercept(s, pc_start, SVM_EXIT_GDTR_WRITE);
+ gen_svm_check_intercept(s, SVM_EXIT_GDTR_WRITE);
gen_lea_modrm(env, s, modrm);
gen_op_ld_v(s, MO_16, s->T1, s->A0);
gen_add_A0_im(s, 2);
@@ -7610,7 +7607,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
if (!check_cpl0(s)) {
break;
}
- gen_svm_check_intercept(s, pc_start, SVM_EXIT_IDTR_WRITE);
+ gen_svm_check_intercept(s, SVM_EXIT_IDTR_WRITE);
gen_lea_modrm(env, s, modrm);
gen_op_ld_v(s, MO_16, s->T1, s->A0);
gen_add_A0_im(s, 2);
@@ -7623,7 +7620,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
CASE_MODRM_OP(4): /* smsw */
- gen_svm_check_intercept(s, pc_start, SVM_EXIT_READ_CR0);
+ gen_svm_check_intercept(s, SVM_EXIT_READ_CR0);
tcg_gen_ld_tl(s->T0, cpu_env, offsetof(CPUX86State, cr[0]));
/*
* In 32-bit mode, the higher 16 bits of the destination
@@ -7655,7 +7652,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
if (!check_cpl0(s)) {
break;
}
- gen_svm_check_intercept(s, pc_start, SVM_EXIT_WRITE_CR0);
+ gen_svm_check_intercept(s, SVM_EXIT_WRITE_CR0);
gen_ldst_modrm(env, s, modrm, MO_16, OR_TMP0, 0);
gen_helper_lmsw(cpu_env, s->T0);
gen_jmp_im(s, s->pc - s->cs_base);
@@ -7712,7 +7709,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0x108: /* invd */
case 0x109: /* wbinvd */
if (check_cpl0(s)) {
- gen_svm_check_intercept(s, pc_start, (b & 2) ? SVM_EXIT_INVD : SVM_EXIT_WBINVD);
+ gen_svm_check_intercept(s, (b & 2) ? SVM_EXIT_INVD : SVM_EXIT_WBINVD);
/* nothing to do */
}
break;
@@ -8102,14 +8099,14 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
goto illegal_op;
}
if (b & 2) {
- gen_svm_check_intercept(s, pc_start, SVM_EXIT_WRITE_DR0 + reg);
+ gen_svm_check_intercept(s, SVM_EXIT_WRITE_DR0 + reg);
gen_op_mov_v_reg(s, ot, s->T0, rm);
tcg_gen_movi_i32(s->tmp2_i32, reg);
gen_helper_set_dr(cpu_env, s->tmp2_i32, s->T0);
gen_jmp_im(s, s->pc - s->cs_base);
gen_eob(s);
} else {
- gen_svm_check_intercept(s, pc_start, SVM_EXIT_READ_DR0 + reg);
+ gen_svm_check_intercept(s, SVM_EXIT_READ_DR0 + reg);
tcg_gen_movi_i32(s->tmp2_i32, reg);
gen_helper_get_dr(s->T0, cpu_env, s->tmp2_i32);
gen_op_mov_reg_v(s, ot, rm, s->T0);
@@ -8118,7 +8115,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
break;
case 0x106: /* clts */
if (check_cpl0(s)) {
- gen_svm_check_intercept(s, pc_start, SVM_EXIT_WRITE_CR0);
+ gen_svm_check_intercept(s, SVM_EXIT_WRITE_CR0);
gen_helper_clts(cpu_env);
/* abort block because static cpu state changed */
gen_jmp_im(s, s->pc - s->cs_base);
@@ -8345,7 +8342,7 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
gen_nop_modrm(env, s, modrm);
break;
case 0x1aa: /* rsm */
- gen_svm_check_intercept(s, pc_start, SVM_EXIT_RSM);
+ gen_svm_check_intercept(s, SVM_EXIT_RSM);
if (!(s->flags & HF_SMM_MASK))
goto illegal_op;
#ifdef CONFIG_USER_ONLY
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 38/50] target/i386: Remove user stub for cpu_vmexit
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (36 preceding siblings ...)
2021-02-28 23:23 ` [PATCH 37/50] target/i386: Remove pc_start argument to gen_svm_check_intercept Richard Henderson
@ 2021-02-28 23:23 ` Richard Henderson
2021-02-28 23:23 ` [PATCH 39/50] target/i386: Cleanup read_crN, write_crN, lmsw Richard Henderson
` (12 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:23 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
This function is only called from tcg/sysemu/.
There is no need for a stub in tcg/user/.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/helper-tcg.h | 4 +++-
target/i386/tcg/user/svm_stubs.c | 6 ------
2 files changed, 3 insertions(+), 7 deletions(-)
diff --git a/target/i386/tcg/helper-tcg.h b/target/i386/tcg/helper-tcg.h
index 3d47cb83cd..e848c3b4b9 100644
--- a/target/i386/tcg/helper-tcg.h
+++ b/target/i386/tcg/helper-tcg.h
@@ -81,10 +81,12 @@ extern const uint8_t parity_table[256];
/* misc_helper.c */
void cpu_load_eflags(CPUX86State *env, int eflags, int update_mask);
-/* svm_helper.c */
+/* sysemu/svm_helper.c */
+#ifndef CONFIG_USER_ONLY
void QEMU_NORETURN cpu_vmexit(CPUX86State *nenv, uint32_t exit_code,
uint64_t exit_info_1, uintptr_t retaddr);
void do_vmexit(CPUX86State *env, uint32_t exit_code, uint64_t exit_info_1);
+#endif
/* seg_helper.c */
void do_interrupt_x86_hardirq(CPUX86State *env, int intno, int is_hw);
diff --git a/target/i386/tcg/user/svm_stubs.c b/target/i386/tcg/user/svm_stubs.c
index 48a43bdcea..db818f89a8 100644
--- a/target/i386/tcg/user/svm_stubs.c
+++ b/target/i386/tcg/user/svm_stubs.c
@@ -22,12 +22,6 @@
#include "exec/helper-proto.h"
#include "tcg/helper-tcg.h"
-void cpu_vmexit(CPUX86State *nenv, uint32_t exit_code, uint64_t exit_info_1,
- uintptr_t retaddr)
-{
- assert(0);
-}
-
void cpu_svm_check_intercept_param(CPUX86State *env, uint32_t type,
uint64_t param, uintptr_t retaddr)
{
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 39/50] target/i386: Cleanup read_crN, write_crN, lmsw
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (37 preceding siblings ...)
2021-02-28 23:23 ` [PATCH 38/50] target/i386: Remove user stub for cpu_vmexit Richard Henderson
@ 2021-02-28 23:23 ` Richard Henderson
2021-02-28 23:23 ` [PATCH 40/50] target/i386: Pass env to do_pause and do_hlt Richard Henderson
` (11 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:23 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
Pull the svm intercept check into the translator.
Pull the entire implementation of lmsw into the translator.
Push the check for CR8LEG into the regno validation switch.
Unify the gen_io_start check between read/write.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/helper.h | 5 +-
target/i386/tcg/misc_helper.c | 8 ---
target/i386/tcg/sysemu/misc_helper.c | 2 -
target/i386/tcg/translate.c | 97 +++++++++++++++-------------
4 files changed, 54 insertions(+), 58 deletions(-)
diff --git a/target/i386/helper.h b/target/i386/helper.h
index 86484a4ec4..ebfaca66dd 100644
--- a/target/i386/helper.h
+++ b/target/i386/helper.h
@@ -42,9 +42,8 @@ DEF_HELPER_5(lcall_protected, void, env, int, tl, int, tl)
DEF_HELPER_2(iret_real, void, env, int)
DEF_HELPER_3(iret_protected, void, env, int, int)
DEF_HELPER_3(lret_protected, void, env, int, int)
-DEF_HELPER_2(read_crN, tl, env, int)
-DEF_HELPER_3(write_crN, void, env, int, tl)
-DEF_HELPER_2(lmsw, void, env, tl)
+DEF_HELPER_FLAGS_2(read_crN, TCG_CALL_NO_RWG, tl, env, int)
+DEF_HELPER_FLAGS_3(write_crN, TCG_CALL_NO_RWG, void, env, int, tl)
DEF_HELPER_1(clts, void, env)
#ifndef CONFIG_USER_ONLY
diff --git a/target/i386/tcg/misc_helper.c b/target/i386/tcg/misc_helper.c
index 1ca9ace3dc..b0d3c61f13 100644
--- a/target/i386/tcg/misc_helper.c
+++ b/target/i386/tcg/misc_helper.c
@@ -60,14 +60,6 @@ void helper_cpuid(CPUX86State *env)
env->regs[R_EDX] = edx;
}
-void helper_lmsw(CPUX86State *env, target_ulong t0)
-{
- /* only 4 lower bits of CR0 are modified. PE cannot be set to zero
- if already set to one. */
- t0 = (env->cr[0] & ~0xe) | (t0 & 0xf);
- helper_write_crN(env, 0, t0);
-}
-
void helper_invlpg(CPUX86State *env, target_ulong addr)
{
X86CPU *cpu = env_archcpu(env);
diff --git a/target/i386/tcg/sysemu/misc_helper.c b/target/i386/tcg/sysemu/misc_helper.c
index 6a88840cf2..ebf15e3dde 100644
--- a/target/i386/tcg/sysemu/misc_helper.c
+++ b/target/i386/tcg/sysemu/misc_helper.c
@@ -65,7 +65,6 @@ target_ulong helper_read_crN(CPUX86State *env, int reg)
{
target_ulong val;
- cpu_svm_check_intercept_param(env, SVM_EXIT_READ_CR0 + reg, 0, GETPC());
switch (reg) {
default:
val = env->cr[reg];
@@ -83,7 +82,6 @@ target_ulong helper_read_crN(CPUX86State *env, int reg)
void helper_write_crN(CPUX86State *env, int reg, target_ulong t0)
{
- cpu_svm_check_intercept_param(env, SVM_EXIT_WRITE_CR0 + reg, 0, GETPC());
switch (reg) {
case 0:
cpu_x86_update_cr0(env, t0);
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 33faffe00f..708059ac15 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -7648,13 +7648,22 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
tcg_gen_trunc_tl_i32(s->tmp2_i32, cpu_regs[R_ECX]);
gen_helper_wrpkru(cpu_env, s->tmp2_i32, s->tmp1_i64);
break;
+
CASE_MODRM_OP(6): /* lmsw */
if (!check_cpl0(s)) {
break;
}
gen_svm_check_intercept(s, SVM_EXIT_WRITE_CR0);
gen_ldst_modrm(env, s, modrm, MO_16, OR_TMP0, 0);
- gen_helper_lmsw(cpu_env, s->T0);
+ /*
+ * Only the 4 lower bits of CR0 are modified.
+ * PE cannot be set to zero if already set to one.
+ */
+ tcg_gen_ld_tl(s->T1, cpu_env, offsetof(CPUX86State, cr[0]));
+ tcg_gen_andi_tl(s->T0, s->T0, 0xf);
+ tcg_gen_andi_tl(s->T1, s->T1, ~0xe);
+ tcg_gen_or_tl(s->T0, s->T0, s->T1);
+ gen_helper_write_crN(cpu_env, tcg_constant_i32(0), s->T0);
gen_jmp_im(s, s->pc - s->cs_base);
gen_eob(s);
break;
@@ -8028,58 +8037,56 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
modrm = x86_ldub_code(env, s);
gen_nop_modrm(env, s, modrm);
break;
+
case 0x120: /* mov reg, crN */
case 0x122: /* mov crN, reg */
- if (check_cpl0(s)) {
- modrm = x86_ldub_code(env, s);
- /* Ignore the mod bits (assume (modrm&0xc0)==0xc0).
- * AMD documentation (24594.pdf) and testing of
- * intel 386 and 486 processors all show that the mod bits
- * are assumed to be 1's, regardless of actual values.
- */
- rm = (modrm & 7) | REX_B(s);
- reg = ((modrm >> 3) & 7) | REX_R(s);
- if (CODE64(s))
- ot = MO_64;
- else
- ot = MO_32;
- if ((prefixes & PREFIX_LOCK) && (reg == 0) &&
+ if (!check_cpl0(s)) {
+ break;
+ }
+ modrm = x86_ldub_code(env, s);
+ /*
+ * Ignore the mod bits (assume (modrm&0xc0)==0xc0).
+ * AMD documentation (24594.pdf) and testing of Intel 386 and 486
+ * processors all show that the mod bits are assumed to be 1's,
+ * regardless of actual values.
+ */
+ rm = (modrm & 7) | REX_B(s);
+ reg = ((modrm >> 3) & 7) | REX_R(s);
+ switch (reg) {
+ case 0:
+ if ((prefixes & PREFIX_LOCK) &&
(s->cpuid_ext3_features & CPUID_EXT3_CR8LEG)) {
reg = 8;
}
- switch(reg) {
- case 0:
- case 2:
- case 3:
- case 4:
- case 8:
- gen_update_cc_op(s);
- gen_jmp_im(s, pc_start - s->cs_base);
- if (b & 2) {
- if (tb_cflags(s->base.tb) & CF_USE_ICOUNT) {
- gen_io_start();
- }
- gen_op_mov_v_reg(s, ot, s->T0, rm);
- gen_helper_write_crN(cpu_env, tcg_const_i32(reg),
- s->T0);
- gen_jmp_im(s, s->pc - s->cs_base);
- gen_eob(s);
- } else {
- if (tb_cflags(s->base.tb) & CF_USE_ICOUNT) {
- gen_io_start();
- }
- gen_helper_read_crN(s->T0, cpu_env, tcg_const_i32(reg));
- gen_op_mov_reg_v(s, ot, rm, s->T0);
- if (tb_cflags(s->base.tb) & CF_USE_ICOUNT) {
- gen_jmp(s, s->pc - s->cs_base);
- }
- }
- break;
- default:
- goto unknown_op;
+ break;
+ case 2:
+ case 3:
+ case 4:
+ break;
+ default:
+ goto unknown_op;
+ }
+ ot = (CODE64(s) ? MO_64 : MO_32);
+
+ if (tb_cflags(s->base.tb) & CF_USE_ICOUNT) {
+ gen_io_start();
+ }
+ if (b & 2) {
+ gen_svm_check_intercept(s, SVM_EXIT_WRITE_CR0 + reg);
+ gen_op_mov_v_reg(s, ot, s->T0, rm);
+ gen_helper_write_crN(cpu_env, tcg_constant_i32(reg), s->T0);
+ gen_jmp_im(s, s->pc - s->cs_base);
+ gen_eob(s);
+ } else {
+ gen_svm_check_intercept(s, SVM_EXIT_READ_CR0 + reg);
+ gen_helper_read_crN(s->T0, cpu_env, tcg_constant_i32(reg));
+ gen_op_mov_reg_v(s, ot, rm, s->T0);
+ if (tb_cflags(s->base.tb) & CF_USE_ICOUNT) {
+ gen_jmp(s, s->pc - s->cs_base);
}
}
break;
+
case 0x121: /* mov reg, drN */
case 0x123: /* mov drN, reg */
if (check_cpl0(s)) {
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 40/50] target/i386: Pass env to do_pause and do_hlt
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (38 preceding siblings ...)
2021-02-28 23:23 ` [PATCH 39/50] target/i386: Cleanup read_crN, write_crN, lmsw Richard Henderson
@ 2021-02-28 23:23 ` Richard Henderson
2021-02-28 23:23 ` [PATCH 41/50] target/i386: Move invlpg, hlt, monitor, mwait to sysemu Richard Henderson
` (10 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:23 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
Having the callers upcast to X86CPU is a waste, since we
don't need it. We even have to recover env in do_hlt.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/misc_helper.c | 22 ++++++++--------------
1 file changed, 8 insertions(+), 14 deletions(-)
diff --git a/target/i386/tcg/misc_helper.c b/target/i386/tcg/misc_helper.c
index b0d3c61f13..20bf4771e7 100644
--- a/target/i386/tcg/misc_helper.c
+++ b/target/i386/tcg/misc_helper.c
@@ -100,19 +100,18 @@ void QEMU_NORETURN helper_rdpmc(CPUX86State *env)
raise_exception_err(env, EXCP06_ILLOP, 0);
}
-static QEMU_NORETURN void do_pause(X86CPU *cpu)
+static void QEMU_NORETURN do_pause(CPUX86State *env)
{
- CPUState *cs = CPU(cpu);
+ CPUState *cs = env_cpu(env);
/* Just let another CPU run. */
cs->exception_index = EXCP_INTERRUPT;
cpu_loop_exit(cs);
}
-static QEMU_NORETURN void do_hlt(X86CPU *cpu)
+static void QEMU_NORETURN do_hlt(CPUX86State *env)
{
- CPUState *cs = CPU(cpu);
- CPUX86State *env = &cpu->env;
+ CPUState *cs = env_cpu(env);
env->hflags &= ~HF_INHIBIT_IRQ_MASK; /* needed if sti is just before */
cs->halted = 1;
@@ -122,12 +121,10 @@ static QEMU_NORETURN void do_hlt(X86CPU *cpu)
void QEMU_NORETURN helper_hlt(CPUX86State *env, int next_eip_addend)
{
- X86CPU *cpu = env_archcpu(env);
-
cpu_svm_check_intercept_param(env, SVM_EXIT_HLT, 0, GETPC());
env->eip += next_eip_addend;
- do_hlt(cpu);
+ do_hlt(env);
}
void helper_monitor(CPUX86State *env, target_ulong ptr)
@@ -142,7 +139,6 @@ void helper_monitor(CPUX86State *env, target_ulong ptr)
void QEMU_NORETURN helper_mwait(CPUX86State *env, int next_eip_addend)
{
CPUState *cs = env_cpu(env);
- X86CPU *cpu = env_archcpu(env);
if ((uint32_t)env->regs[R_ECX] != 0) {
raise_exception_ra(env, EXCP0D_GPF, GETPC());
@@ -152,20 +148,18 @@ void QEMU_NORETURN helper_mwait(CPUX86State *env, int next_eip_addend)
/* XXX: not complete but not completely erroneous */
if (cs->cpu_index != 0 || CPU_NEXT(cs) != NULL) {
- do_pause(cpu);
+ do_pause(env);
} else {
- do_hlt(cpu);
+ do_hlt(env);
}
}
void QEMU_NORETURN helper_pause(CPUX86State *env, int next_eip_addend)
{
- X86CPU *cpu = env_archcpu(env);
-
cpu_svm_check_intercept_param(env, SVM_EXIT_PAUSE, 0, GETPC());
env->eip += next_eip_addend;
- do_pause(cpu);
+ do_pause(env);
}
void QEMU_NORETURN helper_debug(CPUX86State *env)
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 41/50] target/i386: Move invlpg, hlt, monitor, mwait to sysemu
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (39 preceding siblings ...)
2021-02-28 23:23 ` [PATCH 40/50] target/i386: Pass env to do_pause and do_hlt Richard Henderson
@ 2021-02-28 23:23 ` Richard Henderson
2021-02-28 23:23 ` [PATCH 42/50] target/i386: Unify invlpg, invlpga Richard Henderson
` (9 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:23 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
These instructions are all privileged.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/helper.h | 8 ++--
target/i386/tcg/helper-tcg.h | 1 +
target/i386/tcg/misc_helper.c | 55 +---------------------------
target/i386/tcg/sysemu/misc_helper.c | 53 +++++++++++++++++++++++++++
target/i386/tcg/translate.c | 4 ++
5 files changed, 63 insertions(+), 58 deletions(-)
diff --git a/target/i386/helper.h b/target/i386/helper.h
index ebfaca66dd..ab72eba52a 100644
--- a/target/i386/helper.h
+++ b/target/i386/helper.h
@@ -51,7 +51,6 @@ DEF_HELPER_FLAGS_3(set_dr, TCG_CALL_NO_WG, void, env, int, tl)
#endif /* !CONFIG_USER_ONLY */
DEF_HELPER_FLAGS_2(get_dr, TCG_CALL_NO_WG, tl, env, int)
-DEF_HELPER_2(invlpg, void, env, tl)
DEF_HELPER_1(sysenter, void, env)
DEF_HELPER_2(sysexit, void, env, int)
@@ -59,9 +58,6 @@ DEF_HELPER_2(sysexit, void, env, int)
DEF_HELPER_2(syscall, void, env, int)
DEF_HELPER_2(sysret, void, env, int)
#endif
-DEF_HELPER_FLAGS_2(hlt, TCG_CALL_NO_WG, noreturn, env, int)
-DEF_HELPER_FLAGS_2(monitor, TCG_CALL_NO_WG, void, env, tl)
-DEF_HELPER_FLAGS_2(mwait, TCG_CALL_NO_WG, noreturn, env, int)
DEF_HELPER_FLAGS_2(pause, TCG_CALL_NO_WG, noreturn, env, int)
DEF_HELPER_FLAGS_1(debug, TCG_CALL_NO_WG, noreturn, env)
DEF_HELPER_1(reset_rf, void, env)
@@ -115,6 +111,10 @@ DEF_HELPER_2(vmsave, void, env, int)
DEF_HELPER_1(stgi, void, env)
DEF_HELPER_1(clgi, void, env)
DEF_HELPER_2(invlpga, void, env, int)
+DEF_HELPER_2(invlpg, void, env, tl)
+DEF_HELPER_FLAGS_2(hlt, TCG_CALL_NO_WG, noreturn, env, int)
+DEF_HELPER_FLAGS_2(monitor, TCG_CALL_NO_WG, void, env, tl)
+DEF_HELPER_FLAGS_2(mwait, TCG_CALL_NO_WG, noreturn, env, int)
#endif /* !CONFIG_USER_ONLY */
/* x86 FPU */
diff --git a/target/i386/tcg/helper-tcg.h b/target/i386/tcg/helper-tcg.h
index e848c3b4b9..cce350aa0b 100644
--- a/target/i386/tcg/helper-tcg.h
+++ b/target/i386/tcg/helper-tcg.h
@@ -80,6 +80,7 @@ extern const uint8_t parity_table[256];
/* misc_helper.c */
void cpu_load_eflags(CPUX86State *env, int eflags, int update_mask);
+void do_pause(CPUX86State *env) QEMU_NORETURN;
/* sysemu/svm_helper.c */
#ifndef CONFIG_USER_ONLY
diff --git a/target/i386/tcg/misc_helper.c b/target/i386/tcg/misc_helper.c
index 20bf4771e7..180bed9021 100644
--- a/target/i386/tcg/misc_helper.c
+++ b/target/i386/tcg/misc_helper.c
@@ -60,14 +60,6 @@ void helper_cpuid(CPUX86State *env)
env->regs[R_EDX] = edx;
}
-void helper_invlpg(CPUX86State *env, target_ulong addr)
-{
- X86CPU *cpu = env_archcpu(env);
-
- cpu_svm_check_intercept_param(env, SVM_EXIT_INVLPG, 0, GETPC());
- tlb_flush_page(CPU(cpu), addr);
-}
-
void helper_rdtsc(CPUX86State *env)
{
uint64_t val;
@@ -100,7 +92,7 @@ void QEMU_NORETURN helper_rdpmc(CPUX86State *env)
raise_exception_err(env, EXCP06_ILLOP, 0);
}
-static void QEMU_NORETURN do_pause(CPUX86State *env)
+void QEMU_NORETURN do_pause(CPUX86State *env)
{
CPUState *cs = env_cpu(env);
@@ -109,51 +101,6 @@ static void QEMU_NORETURN do_pause(CPUX86State *env)
cpu_loop_exit(cs);
}
-static void QEMU_NORETURN do_hlt(CPUX86State *env)
-{
- CPUState *cs = env_cpu(env);
-
- env->hflags &= ~HF_INHIBIT_IRQ_MASK; /* needed if sti is just before */
- cs->halted = 1;
- cs->exception_index = EXCP_HLT;
- cpu_loop_exit(cs);
-}
-
-void QEMU_NORETURN helper_hlt(CPUX86State *env, int next_eip_addend)
-{
- cpu_svm_check_intercept_param(env, SVM_EXIT_HLT, 0, GETPC());
- env->eip += next_eip_addend;
-
- do_hlt(env);
-}
-
-void helper_monitor(CPUX86State *env, target_ulong ptr)
-{
- if ((uint32_t)env->regs[R_ECX] != 0) {
- raise_exception_ra(env, EXCP0D_GPF, GETPC());
- }
- /* XXX: store address? */
- cpu_svm_check_intercept_param(env, SVM_EXIT_MONITOR, 0, GETPC());
-}
-
-void QEMU_NORETURN helper_mwait(CPUX86State *env, int next_eip_addend)
-{
- CPUState *cs = env_cpu(env);
-
- if ((uint32_t)env->regs[R_ECX] != 0) {
- raise_exception_ra(env, EXCP0D_GPF, GETPC());
- }
- cpu_svm_check_intercept_param(env, SVM_EXIT_MWAIT, 0, GETPC());
- env->eip += next_eip_addend;
-
- /* XXX: not complete but not completely erroneous */
- if (cs->cpu_index != 0 || CPU_NEXT(cs) != NULL) {
- do_pause(env);
- } else {
- do_hlt(env);
- }
-}
-
void QEMU_NORETURN helper_pause(CPUX86State *env, int next_eip_addend)
{
cpu_svm_check_intercept_param(env, SVM_EXIT_PAUSE, 0, GETPC());
diff --git a/target/i386/tcg/sysemu/misc_helper.c b/target/i386/tcg/sysemu/misc_helper.c
index ebf15e3dde..1d8b651212 100644
--- a/target/i386/tcg/sysemu/misc_helper.c
+++ b/target/i386/tcg/sysemu/misc_helper.c
@@ -434,3 +434,56 @@ void helper_rdmsr(CPUX86State *env)
env->regs[R_EAX] = (uint32_t)(val);
env->regs[R_EDX] = (uint32_t)(val >> 32);
}
+
+void helper_invlpg(CPUX86State *env, target_ulong addr)
+{
+ X86CPU *cpu = env_archcpu(env);
+
+ cpu_svm_check_intercept_param(env, SVM_EXIT_INVLPG, 0, GETPC());
+ tlb_flush_page(CPU(cpu), addr);
+}
+
+static void QEMU_NORETURN do_hlt(CPUX86State *env)
+{
+ CPUState *cs = env_cpu(env);
+
+ env->hflags &= ~HF_INHIBIT_IRQ_MASK; /* needed if sti is just before */
+ cs->halted = 1;
+ cs->exception_index = EXCP_HLT;
+ cpu_loop_exit(cs);
+}
+
+void QEMU_NORETURN helper_hlt(CPUX86State *env, int next_eip_addend)
+{
+ cpu_svm_check_intercept_param(env, SVM_EXIT_HLT, 0, GETPC());
+ env->eip += next_eip_addend;
+
+ do_hlt(env);
+}
+
+void helper_monitor(CPUX86State *env, target_ulong ptr)
+{
+ if ((uint32_t)env->regs[R_ECX] != 0) {
+ raise_exception_ra(env, EXCP0D_GPF, GETPC());
+ }
+ /* XXX: store address? */
+ cpu_svm_check_intercept_param(env, SVM_EXIT_MONITOR, 0, GETPC());
+}
+
+void QEMU_NORETURN helper_mwait(CPUX86State *env, int next_eip_addend)
+{
+ CPUState *cs = env_cpu(env);
+
+ if ((uint32_t)env->regs[R_ECX] != 0) {
+ raise_exception_ra(env, EXCP0D_GPF, GETPC());
+ }
+ cpu_svm_check_intercept_param(env, SVM_EXIT_MWAIT, 0, GETPC());
+ env->eip += next_eip_addend;
+
+ /* XXX: not complete but not completely erroneous */
+ if (cs->cpu_index != 0 || CPU_NEXT(cs) != NULL) {
+ do_pause(env);
+ } else {
+ do_hlt(env);
+ }
+}
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 708059ac15..aa6a8c4813 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -194,7 +194,11 @@ typedef struct DisasContext {
#ifdef CONFIG_USER_ONLY
STUB_HELPER(clgi, TCGv_env env)
+STUB_HELPER(hlt, TCGv_env env, TCGv_i32 pc_ofs)
STUB_HELPER(invlpga, TCGv_env env, TCGv_i32 aflag)
+STUB_HELPER(invlpg, TCGv_env env, TCGv addr)
+STUB_HELPER(monitor, TCGv_env env, TCGv addr)
+STUB_HELPER(mwait, TCGv_env env, TCGv_i32 pc_ofs)
STUB_HELPER(set_dr, TCGv_env env, TCGv_i32 reg, TCGv val)
STUB_HELPER(stgi, TCGv_env env)
STUB_HELPER(svm_check_intercept, TCGv_env env, TCGv_i32 type)
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 42/50] target/i386: Unify invlpg, invlpga
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (40 preceding siblings ...)
2021-02-28 23:23 ` [PATCH 41/50] target/i386: Move invlpg, hlt, monitor, mwait to sysemu Richard Henderson
@ 2021-02-28 23:23 ` Richard Henderson
2021-02-28 23:23 ` [PATCH 43/50] target/i386: Inline user cpu_svm_check_intercept_param Richard Henderson
` (8 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:23 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
Use a single helper, flush_page, to do the work.
Use gen_svm_check_intercept.
Perform the zero-extension for invlpga inline.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/helper.h | 3 +--
target/i386/tcg/sysemu/misc_helper.c | 7 ++-----
target/i386/tcg/sysemu/svm_helper.c | 18 ------------------
target/i386/tcg/translate.c | 20 ++++++++++++--------
4 files changed, 15 insertions(+), 33 deletions(-)
diff --git a/target/i386/helper.h b/target/i386/helper.h
index ab72eba52a..0264fba335 100644
--- a/target/i386/helper.h
+++ b/target/i386/helper.h
@@ -110,8 +110,7 @@ DEF_HELPER_2(vmload, void, env, int)
DEF_HELPER_2(vmsave, void, env, int)
DEF_HELPER_1(stgi, void, env)
DEF_HELPER_1(clgi, void, env)
-DEF_HELPER_2(invlpga, void, env, int)
-DEF_HELPER_2(invlpg, void, env, tl)
+DEF_HELPER_FLAGS_2(flush_page, TCG_CALL_NO_RWG, void, env, tl)
DEF_HELPER_FLAGS_2(hlt, TCG_CALL_NO_WG, noreturn, env, int)
DEF_HELPER_FLAGS_2(monitor, TCG_CALL_NO_WG, void, env, tl)
DEF_HELPER_FLAGS_2(mwait, TCG_CALL_NO_WG, noreturn, env, int)
diff --git a/target/i386/tcg/sysemu/misc_helper.c b/target/i386/tcg/sysemu/misc_helper.c
index 1d8b651212..b7146092f1 100644
--- a/target/i386/tcg/sysemu/misc_helper.c
+++ b/target/i386/tcg/sysemu/misc_helper.c
@@ -435,12 +435,9 @@ void helper_rdmsr(CPUX86State *env)
env->regs[R_EDX] = (uint32_t)(val >> 32);
}
-void helper_invlpg(CPUX86State *env, target_ulong addr)
+void helper_flush_page(CPUX86State *env, target_ulong addr)
{
- X86CPU *cpu = env_archcpu(env);
-
- cpu_svm_check_intercept_param(env, SVM_EXIT_INVLPG, 0, GETPC());
- tlb_flush_page(CPU(cpu), addr);
+ tlb_flush_page(env_cpu(env), addr);
}
static void QEMU_NORETURN do_hlt(CPUX86State *env)
diff --git a/target/i386/tcg/sysemu/svm_helper.c b/target/i386/tcg/sysemu/svm_helper.c
index 86a0b3c4be..a8a671aa33 100644
--- a/target/i386/tcg/sysemu/svm_helper.c
+++ b/target/i386/tcg/sysemu/svm_helper.c
@@ -423,24 +423,6 @@ void helper_clgi(CPUX86State *env)
env->hflags2 &= ~HF2_GIF_MASK;
}
-void helper_invlpga(CPUX86State *env, int aflag)
-{
- X86CPU *cpu = env_archcpu(env);
- target_ulong addr;
-
- cpu_svm_check_intercept_param(env, SVM_EXIT_INVLPGA, 0, GETPC());
-
- if (aflag == 2) {
- addr = env->regs[R_EAX];
- } else {
- addr = (uint32_t)env->regs[R_EAX];
- }
-
- /* XXX: could use the ASID to see if it is needed to do the
- flush */
- tlb_flush_page(CPU(cpu), addr);
-}
-
void cpu_svm_check_intercept_param(CPUX86State *env, uint32_t type,
uint64_t param, uintptr_t retaddr)
{
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index aa6a8c4813..9d2171aa3a 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -194,9 +194,8 @@ typedef struct DisasContext {
#ifdef CONFIG_USER_ONLY
STUB_HELPER(clgi, TCGv_env env)
+STUB_HELPER(flush_page, TCGv_env env, TCGv addr)
STUB_HELPER(hlt, TCGv_env env, TCGv_i32 pc_ofs)
-STUB_HELPER(invlpga, TCGv_env env, TCGv_i32 aflag)
-STUB_HELPER(invlpg, TCGv_env env, TCGv addr)
STUB_HELPER(monitor, TCGv_env env, TCGv addr)
STUB_HELPER(mwait, TCGv_env env, TCGv_i32 pc_ofs)
STUB_HELPER(set_dr, TCGv_env env, TCGv_i32 reg, TCGv val)
@@ -7586,9 +7585,15 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
if (!check_cpl0(s)) {
break;
}
- gen_update_cc_op(s);
- gen_jmp_im(s, pc_start - s->cs_base);
- gen_helper_invlpga(cpu_env, tcg_const_i32(s->aflag - 1));
+ gen_svm_check_intercept(s, SVM_EXIT_INVLPGA);
+ if (s->aflag == MO_64) {
+ tcg_gen_mov_tl(s->A0, cpu_regs[R_EAX]);
+ } else {
+ tcg_gen_ext32u_tl(s->A0, cpu_regs[R_EAX]);
+ }
+ gen_helper_flush_page(cpu_env, s->A0);
+ gen_jmp_im(s, s->pc - s->cs_base);
+ gen_eob(s);
break;
CASE_MODRM_MEM_OP(2): /* lgdt */
@@ -7676,10 +7681,9 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
if (!check_cpl0(s)) {
break;
}
- gen_update_cc_op(s);
- gen_jmp_im(s, pc_start - s->cs_base);
+ gen_svm_check_intercept(s, SVM_EXIT_INVLPG);
gen_lea_modrm(env, s, modrm);
- gen_helper_invlpg(cpu_env, s->A0);
+ gen_helper_flush_page(cpu_env, s->A0);
gen_jmp_im(s, s->pc - s->cs_base);
gen_eob(s);
break;
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 43/50] target/i386: Inline user cpu_svm_check_intercept_param
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (41 preceding siblings ...)
2021-02-28 23:23 ` [PATCH 42/50] target/i386: Unify invlpg, invlpga Richard Henderson
@ 2021-02-28 23:23 ` Richard Henderson
2021-02-28 23:23 ` [PATCH 44/50] target/i386: Eliminate user stubs for read/write_crN, rd/wrmsr Richard Henderson
` (7 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:23 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
The user-version is a no-op. This lets us completely
remove tcg/user/svm_stubs.c.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/cpu.h | 8 ++++++++
target/i386/tcg/user/svm_stubs.c | 28 ----------------------------
target/i386/tcg/user/meson.build | 1 -
3 files changed, 8 insertions(+), 29 deletions(-)
delete mode 100644 target/i386/tcg/user/svm_stubs.c
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index a1268abe9f..70b26991dd 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -2129,8 +2129,16 @@ static inline void cpu_set_fpuc(CPUX86State *env, uint16_t fpuc)
void helper_lock_init(void);
/* svm_helper.c */
+#ifdef CONFIG_USER_ONLY
+static inline void
+cpu_svm_check_intercept_param(CPUX86State *env1, uint32_t type,
+ uint64_t param, uintptr_t retaddr)
+{ /* no-op */ }
+#else
void cpu_svm_check_intercept_param(CPUX86State *env1, uint32_t type,
uint64_t param, uintptr_t retaddr);
+#endif
+
/* apic.c */
void cpu_report_tpr_access(CPUX86State *env, TPRAccess access);
void apic_handle_tpr_access_report(DeviceState *d, target_ulong ip,
diff --git a/target/i386/tcg/user/svm_stubs.c b/target/i386/tcg/user/svm_stubs.c
deleted file mode 100644
index db818f89a8..0000000000
--- a/target/i386/tcg/user/svm_stubs.c
+++ /dev/null
@@ -1,28 +0,0 @@
-/*
- * x86 SVM helpers (user-mode)
- *
- * Copyright (c) 2003 Fabrice Bellard
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, see <http://www.gnu.org/licenses/>.
- */
-
-#include "qemu/osdep.h"
-#include "cpu.h"
-#include "exec/helper-proto.h"
-#include "tcg/helper-tcg.h"
-
-void cpu_svm_check_intercept_param(CPUX86State *env, uint32_t type,
- uint64_t param, uintptr_t retaddr)
-{
-}
diff --git a/target/i386/tcg/user/meson.build b/target/i386/tcg/user/meson.build
index 345294c096..16a0be1ae6 100644
--- a/target/i386/tcg/user/meson.build
+++ b/target/i386/tcg/user/meson.build
@@ -2,6 +2,5 @@ i386_user_ss.add(when: ['CONFIG_TCG', 'CONFIG_USER_ONLY'], if_true: files(
'excp_helper.c',
'misc_stubs.c',
'fpu_helper.c',
- 'svm_stubs.c',
'seg_helper.c',
))
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 44/50] target/i386: Eliminate user stubs for read/write_crN, rd/wrmsr
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (42 preceding siblings ...)
2021-02-28 23:23 ` [PATCH 43/50] target/i386: Inline user cpu_svm_check_intercept_param Richard Henderson
@ 2021-02-28 23:23 ` Richard Henderson
2021-02-28 23:23 ` [PATCH 45/50] target/i386: Exit tb after wrmsr Richard Henderson
` (6 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:23 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/helper.h | 8 ++++----
target/i386/tcg/translate.c | 4 ++++
target/i386/tcg/user/misc_stubs.c | 20 --------------------
3 files changed, 8 insertions(+), 24 deletions(-)
diff --git a/target/i386/helper.h b/target/i386/helper.h
index 0264fba335..1d85f033df 100644
--- a/target/i386/helper.h
+++ b/target/i386/helper.h
@@ -42,8 +42,6 @@ DEF_HELPER_5(lcall_protected, void, env, int, tl, int, tl)
DEF_HELPER_2(iret_real, void, env, int)
DEF_HELPER_3(iret_protected, void, env, int, int)
DEF_HELPER_3(lret_protected, void, env, int, int)
-DEF_HELPER_FLAGS_2(read_crN, TCG_CALL_NO_RWG, tl, env, int)
-DEF_HELPER_FLAGS_3(write_crN, TCG_CALL_NO_RWG, void, env, int, tl)
DEF_HELPER_1(clts, void, env)
#ifndef CONFIG_USER_ONLY
@@ -87,8 +85,6 @@ DEF_HELPER_1(cpuid, void, env)
DEF_HELPER_1(rdtsc, void, env)
DEF_HELPER_1(rdtscp, void, env)
DEF_HELPER_FLAGS_1(rdpmc, TCG_CALL_NO_WG, noreturn, env)
-DEF_HELPER_1(rdmsr, void, env)
-DEF_HELPER_1(wrmsr, void, env)
DEF_HELPER_2(check_iob, void, env, i32)
DEF_HELPER_2(check_iow, void, env, i32)
@@ -114,6 +110,10 @@ DEF_HELPER_FLAGS_2(flush_page, TCG_CALL_NO_RWG, void, env, tl)
DEF_HELPER_FLAGS_2(hlt, TCG_CALL_NO_WG, noreturn, env, int)
DEF_HELPER_FLAGS_2(monitor, TCG_CALL_NO_WG, void, env, tl)
DEF_HELPER_FLAGS_2(mwait, TCG_CALL_NO_WG, noreturn, env, int)
+DEF_HELPER_1(rdmsr, void, env)
+DEF_HELPER_1(wrmsr, void, env)
+DEF_HELPER_FLAGS_2(read_crN, TCG_CALL_NO_RWG, tl, env, int)
+DEF_HELPER_FLAGS_3(write_crN, TCG_CALL_NO_RWG, void, env, int, tl)
#endif /* !CONFIG_USER_ONLY */
/* x86 FPU */
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 9d2171aa3a..2493d39f0b 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -198,6 +198,8 @@ STUB_HELPER(flush_page, TCGv_env env, TCGv addr)
STUB_HELPER(hlt, TCGv_env env, TCGv_i32 pc_ofs)
STUB_HELPER(monitor, TCGv_env env, TCGv addr)
STUB_HELPER(mwait, TCGv_env env, TCGv_i32 pc_ofs)
+STUB_HELPER(rdmsr, TCGv_env env)
+STUB_HELPER(read_crN, TCGv ret, TCGv_env env, TCGv_i32 reg)
STUB_HELPER(set_dr, TCGv_env env, TCGv_i32 reg, TCGv val)
STUB_HELPER(stgi, TCGv_env env)
STUB_HELPER(svm_check_intercept, TCGv_env env, TCGv_i32 type)
@@ -206,6 +208,8 @@ STUB_HELPER(vmload, TCGv_env env, TCGv_i32 aflag)
STUB_HELPER(vmmcall, TCGv_env env)
STUB_HELPER(vmrun, TCGv_env env, TCGv_i32 aflag, TCGv_i32 pc_ofs)
STUB_HELPER(vmsave, TCGv_env env, TCGv_i32 aflag)
+STUB_HELPER(write_crN, TCGv_env env, TCGv_i32 reg, TCGv val)
+STUB_HELPER(wrmsr, TCGv_env env)
#endif
static void gen_eob(DisasContext *s);
diff --git a/target/i386/tcg/user/misc_stubs.c b/target/i386/tcg/user/misc_stubs.c
index 84df4e65ff..df38b44d6e 100644
--- a/target/i386/tcg/user/misc_stubs.c
+++ b/target/i386/tcg/user/misc_stubs.c
@@ -53,23 +53,3 @@ target_ulong helper_inl(CPUX86State *env, uint32_t port)
g_assert_not_reached();
return 0;
}
-
-target_ulong helper_read_crN(CPUX86State *env, int reg)
-{
- g_assert_not_reached();
-}
-
-void helper_write_crN(CPUX86State *env, int reg, target_ulong t0)
-{
- g_assert_not_reached();
-}
-
-void helper_wrmsr(CPUX86State *env)
-{
- g_assert_not_reached();
-}
-
-void helper_rdmsr(CPUX86State *env)
-{
- g_assert_not_reached();
-}
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 45/50] target/i386: Exit tb after wrmsr
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (43 preceding siblings ...)
2021-02-28 23:23 ` [PATCH 44/50] target/i386: Eliminate user stubs for read/write_crN, rd/wrmsr Richard Henderson
@ 2021-02-28 23:23 ` Richard Henderson
2021-02-28 23:23 ` [PATCH 46/50] target/i386: Tidy gen_check_io Richard Henderson
` (5 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:23 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
At minimum, wrmsr can change efer, which affects HF_LMA.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 2493d39f0b..dc31d8667f 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -7254,6 +7254,8 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
gen_helper_rdmsr(cpu_env);
} else {
gen_helper_wrmsr(cpu_env);
+ gen_jmp_im(s, s->pc - s->cs_base);
+ gen_eob(s);
}
}
break;
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 46/50] target/i386: Tidy gen_check_io
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (44 preceding siblings ...)
2021-02-28 23:23 ` [PATCH 45/50] target/i386: Exit tb after wrmsr Richard Henderson
@ 2021-02-28 23:23 ` Richard Henderson
2021-02-28 23:23 ` [PATCH 47/50] target/i386: Pass in port to gen_check_io Richard Henderson
` (4 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:23 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
Get cur_eip from DisasContext. Do not require the caller
to use svm_is_rep; get prefix from DisasContext. Use the
proper symbolic constants for SVM_IOIO_*.
While we're touching all call sites, return bool in
preparation for gen_check_io raising #GP.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 57 +++++++++++++++++++------------------
1 file changed, 30 insertions(+), 27 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index dc31d8667f..83bcf5cccc 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -674,13 +674,10 @@ static void gen_helper_out_func(MemOp ot, TCGv_i32 v, TCGv_i32 n)
}
}
-static void gen_check_io(DisasContext *s, MemOp ot, target_ulong cur_eip,
- uint32_t svm_flags)
+static bool gen_check_io(DisasContext *s, MemOp ot, uint32_t svm_flags)
{
- target_ulong next_eip;
-
+ tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T0);
if (PE(s) && (CPL(s) > IOPL(s) || VM86(s))) {
- tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T0);
switch (ot) {
case MO_8:
gen_helper_check_iob(cpu_env, s->tmp2_i32);
@@ -696,15 +693,20 @@ static void gen_check_io(DisasContext *s, MemOp ot, target_ulong cur_eip,
}
}
if (GUEST(s)) {
+ target_ulong cur_eip = s->base.pc_next - s->cs_base;
+ target_ulong next_eip = s->pc - s->cs_base;
+
gen_update_cc_op(s);
gen_jmp_im(s, cur_eip);
- svm_flags |= (1 << (4 + ot));
- next_eip = s->pc - s->cs_base;
- tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T0);
+ if (s->prefix & (PREFIX_REPZ | PREFIX_REPNZ)) {
+ svm_flags |= SVM_IOIO_REP_MASK;
+ }
+ svm_flags |= 1 << (SVM_IOIO_SIZE_SHIFT + ot);
gen_helper_svm_check_io(cpu_env, s->tmp2_i32,
- tcg_const_i32(svm_flags),
- tcg_const_i32(next_eip - cur_eip));
+ tcg_constant_i32(svm_flags),
+ tcg_constant_i32(next_eip - cur_eip));
}
+ return true;
}
static inline void gen_movs(DisasContext *s, MemOp ot)
@@ -2425,11 +2427,6 @@ static void gen_movl_seg_T0(DisasContext *s, X86Seg seg_reg)
}
}
-static inline int svm_is_rep(int prefixes)
-{
- return ((prefixes & (PREFIX_REPZ | PREFIX_REPNZ)) ? 8 : 0);
-}
-
static void gen_svm_check_intercept(DisasContext *s, uint32_t type)
{
/* no SVM activated; fast case */
@@ -6477,8 +6474,9 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0x6d:
ot = mo_b_d32(b, dflag);
tcg_gen_ext16u_tl(s->T0, cpu_regs[R_EDX]);
- gen_check_io(s, ot, pc_start - s->cs_base,
- SVM_IOIO_TYPE_MASK | svm_is_rep(prefixes) | 4);
+ if (!gen_check_io(s, ot, SVM_IOIO_TYPE_MASK | SVM_IOIO_STR_MASK)) {
+ break;
+ }
if (tb_cflags(s->base.tb) & CF_USE_ICOUNT) {
gen_io_start();
}
@@ -6496,8 +6494,9 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0x6f:
ot = mo_b_d32(b, dflag);
tcg_gen_ext16u_tl(s->T0, cpu_regs[R_EDX]);
- gen_check_io(s, ot, pc_start - s->cs_base,
- svm_is_rep(prefixes) | 4);
+ if (!gen_check_io(s, ot, SVM_IOIO_STR_MASK)) {
+ break;
+ }
if (tb_cflags(s->base.tb) & CF_USE_ICOUNT) {
gen_io_start();
}
@@ -6520,8 +6519,9 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
ot = mo_b_d32(b, dflag);
val = x86_ldub_code(env, s);
tcg_gen_movi_tl(s->T0, val);
- gen_check_io(s, ot, pc_start - s->cs_base,
- SVM_IOIO_TYPE_MASK | svm_is_rep(prefixes));
+ if (!gen_check_io(s, ot, SVM_IOIO_TYPE_MASK)) {
+ break;
+ }
if (tb_cflags(s->base.tb) & CF_USE_ICOUNT) {
gen_io_start();
}
@@ -6538,8 +6538,9 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
ot = mo_b_d32(b, dflag);
val = x86_ldub_code(env, s);
tcg_gen_movi_tl(s->T0, val);
- gen_check_io(s, ot, pc_start - s->cs_base,
- svm_is_rep(prefixes));
+ if (!gen_check_io(s, ot, 0)) {
+ break;
+ }
gen_op_mov_v_reg(s, ot, s->T1, R_EAX);
if (tb_cflags(s->base.tb) & CF_USE_ICOUNT) {
@@ -6557,8 +6558,9 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0xed:
ot = mo_b_d32(b, dflag);
tcg_gen_ext16u_tl(s->T0, cpu_regs[R_EDX]);
- gen_check_io(s, ot, pc_start - s->cs_base,
- SVM_IOIO_TYPE_MASK | svm_is_rep(prefixes));
+ if (!gen_check_io(s, ot, SVM_IOIO_TYPE_MASK)) {
+ break;
+ }
if (tb_cflags(s->base.tb) & CF_USE_ICOUNT) {
gen_io_start();
}
@@ -6574,8 +6576,9 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0xef:
ot = mo_b_d32(b, dflag);
tcg_gen_ext16u_tl(s->T0, cpu_regs[R_EDX]);
- gen_check_io(s, ot, pc_start - s->cs_base,
- svm_is_rep(prefixes));
+ if (!gen_check_io(s, ot, 0)) {
+ break;
+ }
gen_op_mov_v_reg(s, ot, s->T1, R_EAX);
if (tb_cflags(s->base.tb) & CF_USE_ICOUNT) {
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 47/50] target/i386: Pass in port to gen_check_io
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (45 preceding siblings ...)
2021-02-28 23:23 ` [PATCH 46/50] target/i386: Tidy gen_check_io Richard Henderson
@ 2021-02-28 23:23 ` Richard Henderson
2021-02-28 23:23 ` [PATCH 48/50] target/i386: Create helper_check_io Richard Henderson
` (3 subsequent siblings)
50 siblings, 0 replies; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:23 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
Pass in a pre-truncated TCGv_i32 value. We were doing the
truncation of EDX in multiple places, now only once per insn.
While all callers use s->tmp2_i32, for cleanliness of the
subroutine, use a parameter anyway.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/tcg/translate.c | 55 +++++++++++++++++++------------------
1 file changed, 29 insertions(+), 26 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 83bcf5cccc..0937c136ff 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -674,19 +674,23 @@ static void gen_helper_out_func(MemOp ot, TCGv_i32 v, TCGv_i32 n)
}
}
-static bool gen_check_io(DisasContext *s, MemOp ot, uint32_t svm_flags)
+/*
+ * Validate that access to [port, port + 1<<ot) is allowed.
+ * Raise #GP, or VMM exit if not.
+ */
+static bool gen_check_io(DisasContext *s, MemOp ot, TCGv_i32 port,
+ uint32_t svm_flags)
{
- tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T0);
if (PE(s) && (CPL(s) > IOPL(s) || VM86(s))) {
switch (ot) {
case MO_8:
- gen_helper_check_iob(cpu_env, s->tmp2_i32);
+ gen_helper_check_iob(cpu_env, port);
break;
case MO_16:
- gen_helper_check_iow(cpu_env, s->tmp2_i32);
+ gen_helper_check_iow(cpu_env, port);
break;
case MO_32:
- gen_helper_check_iol(cpu_env, s->tmp2_i32);
+ gen_helper_check_iol(cpu_env, port);
break;
default:
tcg_abort();
@@ -702,7 +706,7 @@ static bool gen_check_io(DisasContext *s, MemOp ot, uint32_t svm_flags)
svm_flags |= SVM_IOIO_REP_MASK;
}
svm_flags |= 1 << (SVM_IOIO_SIZE_SHIFT + ot);
- gen_helper_svm_check_io(cpu_env, s->tmp2_i32,
+ gen_helper_svm_check_io(cpu_env, port,
tcg_constant_i32(svm_flags),
tcg_constant_i32(next_eip - cur_eip));
}
@@ -6473,8 +6477,10 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0x6c: /* insS */
case 0x6d:
ot = mo_b_d32(b, dflag);
- tcg_gen_ext16u_tl(s->T0, cpu_regs[R_EDX]);
- if (!gen_check_io(s, ot, SVM_IOIO_TYPE_MASK | SVM_IOIO_STR_MASK)) {
+ tcg_gen_trunc_tl_i32(s->tmp2_i32, cpu_regs[R_EDX]);
+ tcg_gen_ext16u_i32(s->tmp2_i32, s->tmp2_i32);
+ if (!gen_check_io(s, ot, s->tmp2_i32,
+ SVM_IOIO_TYPE_MASK | SVM_IOIO_STR_MASK)) {
break;
}
if (tb_cflags(s->base.tb) & CF_USE_ICOUNT) {
@@ -6493,8 +6499,9 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0x6e: /* outsS */
case 0x6f:
ot = mo_b_d32(b, dflag);
- tcg_gen_ext16u_tl(s->T0, cpu_regs[R_EDX]);
- if (!gen_check_io(s, ot, SVM_IOIO_STR_MASK)) {
+ tcg_gen_trunc_tl_i32(s->tmp2_i32, cpu_regs[R_EDX]);
+ tcg_gen_ext16u_i32(s->tmp2_i32, s->tmp2_i32);
+ if (!gen_check_io(s, ot, s->tmp2_i32, SVM_IOIO_STR_MASK)) {
break;
}
if (tb_cflags(s->base.tb) & CF_USE_ICOUNT) {
@@ -6518,14 +6525,13 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0xe5:
ot = mo_b_d32(b, dflag);
val = x86_ldub_code(env, s);
- tcg_gen_movi_tl(s->T0, val);
- if (!gen_check_io(s, ot, SVM_IOIO_TYPE_MASK)) {
+ tcg_gen_movi_i32(s->tmp2_i32, val);
+ if (!gen_check_io(s, ot, s->tmp2_i32, SVM_IOIO_TYPE_MASK)) {
break;
}
if (tb_cflags(s->base.tb) & CF_USE_ICOUNT) {
gen_io_start();
}
- tcg_gen_movi_i32(s->tmp2_i32, val);
gen_helper_in_func(ot, s->T1, s->tmp2_i32);
gen_op_mov_reg_v(s, ot, R_EAX, s->T1);
gen_bpt_io(s, s->tmp2_i32, ot);
@@ -6537,16 +6543,14 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0xe7:
ot = mo_b_d32(b, dflag);
val = x86_ldub_code(env, s);
- tcg_gen_movi_tl(s->T0, val);
- if (!gen_check_io(s, ot, 0)) {
+ tcg_gen_movi_i32(s->tmp2_i32, val);
+ if (!gen_check_io(s, ot, s->tmp2_i32, 0)) {
break;
}
- gen_op_mov_v_reg(s, ot, s->T1, R_EAX);
-
if (tb_cflags(s->base.tb) & CF_USE_ICOUNT) {
gen_io_start();
}
- tcg_gen_movi_i32(s->tmp2_i32, val);
+ gen_op_mov_v_reg(s, ot, s->T1, R_EAX);
tcg_gen_trunc_tl_i32(s->tmp3_i32, s->T1);
gen_helper_out_func(ot, s->tmp2_i32, s->tmp3_i32);
gen_bpt_io(s, s->tmp2_i32, ot);
@@ -6557,14 +6561,14 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0xec:
case 0xed:
ot = mo_b_d32(b, dflag);
- tcg_gen_ext16u_tl(s->T0, cpu_regs[R_EDX]);
- if (!gen_check_io(s, ot, SVM_IOIO_TYPE_MASK)) {
+ tcg_gen_trunc_tl_i32(s->tmp2_i32, cpu_regs[R_EDX]);
+ tcg_gen_ext16u_i32(s->tmp2_i32, s->tmp2_i32);
+ if (!gen_check_io(s, ot, s->tmp2_i32, SVM_IOIO_TYPE_MASK)) {
break;
}
if (tb_cflags(s->base.tb) & CF_USE_ICOUNT) {
gen_io_start();
}
- tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T0);
gen_helper_in_func(ot, s->T1, s->tmp2_i32);
gen_op_mov_reg_v(s, ot, R_EAX, s->T1);
gen_bpt_io(s, s->tmp2_i32, ot);
@@ -6575,16 +6579,15 @@ static target_ulong disas_insn(DisasContext *s, CPUState *cpu)
case 0xee:
case 0xef:
ot = mo_b_d32(b, dflag);
- tcg_gen_ext16u_tl(s->T0, cpu_regs[R_EDX]);
- if (!gen_check_io(s, ot, 0)) {
+ tcg_gen_trunc_tl_i32(s->tmp2_i32, cpu_regs[R_EDX]);
+ tcg_gen_ext16u_i32(s->tmp2_i32, s->tmp2_i32);
+ if (!gen_check_io(s, ot, s->tmp2_i32, 0)) {
break;
}
- gen_op_mov_v_reg(s, ot, s->T1, R_EAX);
-
if (tb_cflags(s->base.tb) & CF_USE_ICOUNT) {
gen_io_start();
}
- tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T0);
+ gen_op_mov_v_reg(s, ot, s->T1, R_EAX);
tcg_gen_trunc_tl_i32(s->tmp3_i32, s->T1);
gen_helper_out_func(ot, s->tmp2_i32, s->tmp3_i32);
gen_bpt_io(s, s->tmp2_i32, ot);
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 48/50] target/i386: Create helper_check_io
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (46 preceding siblings ...)
2021-02-28 23:23 ` [PATCH 47/50] target/i386: Pass in port to gen_check_io Richard Henderson
@ 2021-02-28 23:23 ` Richard Henderson
2021-03-01 7:57 ` Philippe Mathieu-Daudé
2021-02-28 23:23 ` [PATCH 49/50] target/i386: Move helper_check_io to sysemu Richard Henderson
` (2 subsequent siblings)
50 siblings, 1 reply; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:23 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
Drop helper_check_io[bwl] and expose their common
subroutine to tcg directly.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/helper.h | 4 +---
target/i386/tcg/seg_helper.c | 21 +++------------------
target/i386/tcg/translate.c | 14 +-------------
3 files changed, 5 insertions(+), 34 deletions(-)
diff --git a/target/i386/helper.h b/target/i386/helper.h
index 1d85f033df..47d0d67699 100644
--- a/target/i386/helper.h
+++ b/target/i386/helper.h
@@ -86,9 +86,7 @@ DEF_HELPER_1(rdtsc, void, env)
DEF_HELPER_1(rdtscp, void, env)
DEF_HELPER_FLAGS_1(rdpmc, TCG_CALL_NO_WG, noreturn, env)
-DEF_HELPER_2(check_iob, void, env, i32)
-DEF_HELPER_2(check_iow, void, env, i32)
-DEF_HELPER_2(check_iol, void, env, i32)
+DEF_HELPER_FLAGS_3(check_io, TCG_CALL_NO_WG, void, env, i32, i32)
DEF_HELPER_3(outb, void, env, i32, i32)
DEF_HELPER_2(inb, tl, env, i32)
DEF_HELPER_3(outw, void, env, i32, i32)
diff --git a/target/i386/tcg/seg_helper.c b/target/i386/tcg/seg_helper.c
index cf3f051524..69d6e8f602 100644
--- a/target/i386/tcg/seg_helper.c
+++ b/target/i386/tcg/seg_helper.c
@@ -2418,10 +2418,10 @@ void helper_verw(CPUX86State *env, target_ulong selector1)
}
/* check if Port I/O is allowed in TSS */
-static inline void check_io(CPUX86State *env, int addr, int size,
- uintptr_t retaddr)
+void helper_check_io(CPUX86State *env, uint32_t addr, uint32_t size)
{
- int io_offset, val, mask;
+ uintptr_t retaddr = GETPC();
+ uint32_t io_offset, val, mask;
/* TSS must be a valid 32 bit one */
if (!(env->tr.flags & DESC_P_MASK) ||
@@ -2444,18 +2444,3 @@ static inline void check_io(CPUX86State *env, int addr, int size,
raise_exception_err_ra(env, EXCP0D_GPF, 0, retaddr);
}
}
-
-void helper_check_iob(CPUX86State *env, uint32_t t0)
-{
- check_io(env, t0, 1, GETPC());
-}
-
-void helper_check_iow(CPUX86State *env, uint32_t t0)
-{
- check_io(env, t0, 2, GETPC());
-}
-
-void helper_check_iol(CPUX86State *env, uint32_t t0)
-{
- check_io(env, t0, 4, GETPC());
-}
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 0937c136ff..d395ae090e 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -682,19 +682,7 @@ static bool gen_check_io(DisasContext *s, MemOp ot, TCGv_i32 port,
uint32_t svm_flags)
{
if (PE(s) && (CPL(s) > IOPL(s) || VM86(s))) {
- switch (ot) {
- case MO_8:
- gen_helper_check_iob(cpu_env, port);
- break;
- case MO_16:
- gen_helper_check_iow(cpu_env, port);
- break;
- case MO_32:
- gen_helper_check_iol(cpu_env, port);
- break;
- default:
- tcg_abort();
- }
+ gen_helper_check_io(cpu_env, port, tcg_constant_i32(1 << ot));
}
if (GUEST(s)) {
target_ulong cur_eip = s->base.pc_next - s->cs_base;
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 49/50] target/i386: Move helper_check_io to sysemu
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (47 preceding siblings ...)
2021-02-28 23:23 ` [PATCH 48/50] target/i386: Create helper_check_io Richard Henderson
@ 2021-02-28 23:23 ` Richard Henderson
2021-03-01 7:55 ` Philippe Mathieu-Daudé
2021-02-28 23:23 ` [PATCH 50/50] target/i386: Remove user-only i/o stubs Richard Henderson
2021-03-01 0:31 ` [PATCH 00/50] i386 cleanup part 3 no-reply
50 siblings, 1 reply; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:23 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
The we never allow i/o from user-only, and the tss check
that helper_check_io does will always fail. Use an ifdef
within gen_check_io and return false, indicating that an
exception is known to be raised.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/helper.h | 2 +-
target/i386/tcg/seg_helper.c | 28 ----------------------------
target/i386/tcg/sysemu/seg_helper.c | 29 +++++++++++++++++++++++++++++
target/i386/tcg/translate.c | 11 +++++++++++
4 files changed, 41 insertions(+), 29 deletions(-)
diff --git a/target/i386/helper.h b/target/i386/helper.h
index 47d0d67699..3fd0253298 100644
--- a/target/i386/helper.h
+++ b/target/i386/helper.h
@@ -86,7 +86,6 @@ DEF_HELPER_1(rdtsc, void, env)
DEF_HELPER_1(rdtscp, void, env)
DEF_HELPER_FLAGS_1(rdpmc, TCG_CALL_NO_WG, noreturn, env)
-DEF_HELPER_FLAGS_3(check_io, TCG_CALL_NO_WG, void, env, i32, i32)
DEF_HELPER_3(outb, void, env, i32, i32)
DEF_HELPER_2(inb, tl, env, i32)
DEF_HELPER_3(outw, void, env, i32, i32)
@@ -95,6 +94,7 @@ DEF_HELPER_3(outl, void, env, i32, i32)
DEF_HELPER_2(inl, tl, env, i32)
#ifndef CONFIG_USER_ONLY
+DEF_HELPER_FLAGS_3(check_io, TCG_CALL_NO_WG, void, env, i32, i32)
DEF_HELPER_FLAGS_4(bpt_io, TCG_CALL_NO_WG, void, env, i32, i32, tl)
DEF_HELPER_2(svm_check_intercept, void, env, i32)
DEF_HELPER_4(svm_check_io, void, env, i32, i32, i32)
diff --git a/target/i386/tcg/seg_helper.c b/target/i386/tcg/seg_helper.c
index 69d6e8f602..2f6cdc8239 100644
--- a/target/i386/tcg/seg_helper.c
+++ b/target/i386/tcg/seg_helper.c
@@ -2416,31 +2416,3 @@ void helper_verw(CPUX86State *env, target_ulong selector1)
}
CC_SRC = eflags | CC_Z;
}
-
-/* check if Port I/O is allowed in TSS */
-void helper_check_io(CPUX86State *env, uint32_t addr, uint32_t size)
-{
- uintptr_t retaddr = GETPC();
- uint32_t io_offset, val, mask;
-
- /* TSS must be a valid 32 bit one */
- if (!(env->tr.flags & DESC_P_MASK) ||
- ((env->tr.flags >> DESC_TYPE_SHIFT) & 0xf) != 9 ||
- env->tr.limit < 103) {
- goto fail;
- }
- io_offset = cpu_lduw_kernel_ra(env, env->tr.base + 0x66, retaddr);
- io_offset += (addr >> 3);
- /* Note: the check needs two bytes */
- if ((io_offset + 1) > env->tr.limit) {
- goto fail;
- }
- val = cpu_lduw_kernel_ra(env, env->tr.base + io_offset, retaddr);
- val >>= (addr & 7);
- mask = (1 << size) - 1;
- /* all bits must be zero to allow the I/O */
- if ((val & mask) != 0) {
- fail:
- raise_exception_err_ra(env, EXCP0D_GPF, 0, retaddr);
- }
-}
diff --git a/target/i386/tcg/sysemu/seg_helper.c b/target/i386/tcg/sysemu/seg_helper.c
index 10076d1341..b2e3ba8195 100644
--- a/target/i386/tcg/sysemu/seg_helper.c
+++ b/target/i386/tcg/sysemu/seg_helper.c
@@ -23,6 +23,7 @@
#include "exec/helper-proto.h"
#include "exec/cpu_ldst.h"
#include "tcg/helper-tcg.h"
+#include "../seg_helper.h"
#ifdef TARGET_X86_64
void helper_syscall(CPUX86State *env, int next_eip_addend)
@@ -123,3 +124,31 @@ void x86_cpu_do_interrupt(CPUState *cs)
env->old_exception = -1;
}
}
+
+/* check if Port I/O is allowed in TSS */
+void helper_check_io(CPUX86State *env, uint32_t addr, uint32_t size)
+{
+ uintptr_t retaddr = GETPC();
+ uint32_t io_offset, val, mask;
+
+ /* TSS must be a valid 32 bit one */
+ if (!(env->tr.flags & DESC_P_MASK) ||
+ ((env->tr.flags >> DESC_TYPE_SHIFT) & 0xf) != 9 ||
+ env->tr.limit < 103) {
+ goto fail;
+ }
+ io_offset = cpu_lduw_kernel_ra(env, env->tr.base + 0x66, retaddr);
+ io_offset += (addr >> 3);
+ /* Note: the check needs two bytes */
+ if ((io_offset + 1) > env->tr.limit) {
+ goto fail;
+ }
+ val = cpu_lduw_kernel_ra(env, env->tr.base + io_offset, retaddr);
+ val >>= (addr & 7);
+ mask = (1 << size) - 1;
+ /* all bits must be zero to allow the I/O */
+ if ((val & mask) != 0) {
+ fail:
+ raise_exception_err_ra(env, EXCP0D_GPF, 0, retaddr);
+ }
+}
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index d395ae090e..2276e75d92 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -193,6 +193,7 @@ typedef struct DisasContext {
{ qemu_build_not_reached(); }
#ifdef CONFIG_USER_ONLY
+STUB_HELPER(check_io, TCGv_env env, TCGv_i32 port, TCGv_i32 size)
STUB_HELPER(clgi, TCGv_env env)
STUB_HELPER(flush_page, TCGv_env env, TCGv addr)
STUB_HELPER(hlt, TCGv_env env, TCGv_i32 pc_ofs)
@@ -217,6 +218,7 @@ static void gen_jr(DisasContext *s, TCGv dest);
static void gen_jmp(DisasContext *s, target_ulong eip);
static void gen_jmp_tb(DisasContext *s, target_ulong eip, int tb_num);
static void gen_op(DisasContext *s1, int op, MemOp ot, int d);
+static void gen_exception_gpf(DisasContext *s);
/* i386 arith/logic operations */
enum {
@@ -681,6 +683,14 @@ static void gen_helper_out_func(MemOp ot, TCGv_i32 v, TCGv_i32 n)
static bool gen_check_io(DisasContext *s, MemOp ot, TCGv_i32 port,
uint32_t svm_flags)
{
+#ifdef CONFIG_USER_ONLY
+ /*
+ * We do not implement the iopriv(2) syscall, so the TSS check
+ * will always fail.
+ */
+ gen_exception_gpf(s);
+ return false;
+#else
if (PE(s) && (CPL(s) > IOPL(s) || VM86(s))) {
gen_helper_check_io(cpu_env, port, tcg_constant_i32(1 << ot));
}
@@ -699,6 +709,7 @@ static bool gen_check_io(DisasContext *s, MemOp ot, TCGv_i32 port,
tcg_constant_i32(next_eip - cur_eip));
}
return true;
+#endif
}
static inline void gen_movs(DisasContext *s, MemOp ot)
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* [PATCH 50/50] target/i386: Remove user-only i/o stubs
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (48 preceding siblings ...)
2021-02-28 23:23 ` [PATCH 49/50] target/i386: Move helper_check_io to sysemu Richard Henderson
@ 2021-02-28 23:23 ` Richard Henderson
2021-03-01 7:54 ` Philippe Mathieu-Daudé
2021-03-01 0:31 ` [PATCH 00/50] i386 cleanup part 3 no-reply
50 siblings, 1 reply; 56+ messages in thread
From: Richard Henderson @ 2021-02-28 23:23 UTC (permalink / raw)
To: qemu-devel; +Cc: cfontana
With the previous patch for check_io, we now have enough for
the compiler to dead-code eliminate all of the i/o helpers.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/i386/helper.h | 3 +-
target/i386/tcg/translate.c | 6 ++++
target/i386/tcg/user/misc_stubs.c | 55 -------------------------------
target/i386/tcg/user/meson.build | 1 -
4 files changed, 7 insertions(+), 58 deletions(-)
delete mode 100644 target/i386/tcg/user/misc_stubs.c
diff --git a/target/i386/helper.h b/target/i386/helper.h
index 3fd0253298..f3d8c3f949 100644
--- a/target/i386/helper.h
+++ b/target/i386/helper.h
@@ -86,14 +86,13 @@ DEF_HELPER_1(rdtsc, void, env)
DEF_HELPER_1(rdtscp, void, env)
DEF_HELPER_FLAGS_1(rdpmc, TCG_CALL_NO_WG, noreturn, env)
+#ifndef CONFIG_USER_ONLY
DEF_HELPER_3(outb, void, env, i32, i32)
DEF_HELPER_2(inb, tl, env, i32)
DEF_HELPER_3(outw, void, env, i32, i32)
DEF_HELPER_2(inw, tl, env, i32)
DEF_HELPER_3(outl, void, env, i32, i32)
DEF_HELPER_2(inl, tl, env, i32)
-
-#ifndef CONFIG_USER_ONLY
DEF_HELPER_FLAGS_3(check_io, TCG_CALL_NO_WG, void, env, i32, i32)
DEF_HELPER_FLAGS_4(bpt_io, TCG_CALL_NO_WG, void, env, i32, i32, tl)
DEF_HELPER_2(svm_check_intercept, void, env, i32)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 2276e75d92..1d08e10f38 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -197,8 +197,14 @@ STUB_HELPER(check_io, TCGv_env env, TCGv_i32 port, TCGv_i32 size)
STUB_HELPER(clgi, TCGv_env env)
STUB_HELPER(flush_page, TCGv_env env, TCGv addr)
STUB_HELPER(hlt, TCGv_env env, TCGv_i32 pc_ofs)
+STUB_HELPER(inb, TCGv ret, TCGv_env env, TCGv_i32 port)
+STUB_HELPER(inw, TCGv ret, TCGv_env env, TCGv_i32 port)
+STUB_HELPER(inl, TCGv ret, TCGv_env env, TCGv_i32 port)
STUB_HELPER(monitor, TCGv_env env, TCGv addr)
STUB_HELPER(mwait, TCGv_env env, TCGv_i32 pc_ofs)
+STUB_HELPER(outb, TCGv_env env, TCGv_i32 port, TCGv_i32 val)
+STUB_HELPER(outw, TCGv_env env, TCGv_i32 port, TCGv_i32 val)
+STUB_HELPER(outl, TCGv_env env, TCGv_i32 port, TCGv_i32 val)
STUB_HELPER(rdmsr, TCGv_env env)
STUB_HELPER(read_crN, TCGv ret, TCGv_env env, TCGv_i32 reg)
STUB_HELPER(set_dr, TCGv_env env, TCGv_i32 reg, TCGv val)
diff --git a/target/i386/tcg/user/misc_stubs.c b/target/i386/tcg/user/misc_stubs.c
deleted file mode 100644
index df38b44d6e..0000000000
--- a/target/i386/tcg/user/misc_stubs.c
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * x86 misc helpers
- *
- * Copyright (c) 2003 Fabrice Bellard
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, see <http://www.gnu.org/licenses/>.
- */
-
-#include "qemu/osdep.h"
-#include "cpu.h"
-#include "exec/helper-proto.h"
-
-void helper_outb(CPUX86State *env, uint32_t port, uint32_t data)
-{
- g_assert_not_reached();
-}
-
-target_ulong helper_inb(CPUX86State *env, uint32_t port)
-{
- g_assert_not_reached();
- return 0;
-}
-
-void helper_outw(CPUX86State *env, uint32_t port, uint32_t data)
-{
- g_assert_not_reached();
-}
-
-target_ulong helper_inw(CPUX86State *env, uint32_t port)
-{
- g_assert_not_reached();
- return 0;
-}
-
-void helper_outl(CPUX86State *env, uint32_t port, uint32_t data)
-{
- g_assert_not_reached();
-}
-
-target_ulong helper_inl(CPUX86State *env, uint32_t port)
-{
- g_assert_not_reached();
- return 0;
-}
diff --git a/target/i386/tcg/user/meson.build b/target/i386/tcg/user/meson.build
index 16a0be1ae6..2b059d0baf 100644
--- a/target/i386/tcg/user/meson.build
+++ b/target/i386/tcg/user/meson.build
@@ -1,6 +1,5 @@
i386_user_ss.add(when: ['CONFIG_TCG', 'CONFIG_USER_ONLY'], if_true: files(
'excp_helper.c',
- 'misc_stubs.c',
'fpu_helper.c',
'seg_helper.c',
))
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread
* Re: [PATCH 00/50] i386 cleanup part 3
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
` (49 preceding siblings ...)
2021-02-28 23:23 ` [PATCH 50/50] target/i386: Remove user-only i/o stubs Richard Henderson
@ 2021-03-01 0:31 ` no-reply
50 siblings, 0 replies; 56+ messages in thread
From: no-reply @ 2021-03-01 0:31 UTC (permalink / raw)
To: richard.henderson; +Cc: qemu-devel, cfontana
Patchew URL: https://patchew.org/QEMU/20210228232321.322053-1-richard.henderson@linaro.org/
Hi,
This series seems to have some coding style problems. See output below for
more information:
Type: series
Message-id: 20210228232321.322053-1-richard.henderson@linaro.org
Subject: [PATCH 00/50] i386 cleanup part 3
=== TEST SCRIPT BEGIN ===
#!/bin/bash
git rev-parse base > /dev/null || exit 0
git config --local diff.renamelimit 0
git config --local diff.renames True
git config --local diff.algorithm histogram
./scripts/checkpatch.pl --mailback base..
=== TEST SCRIPT END ===
Updating 3c8cf5a9c21ff8782164d1def7f44bd888713384
From https://github.com/patchew-project/qemu
* [new tag] patchew/20210228232321.322053-1-richard.henderson@linaro.org -> patchew/20210228232321.322053-1-richard.henderson@linaro.org
Switched to a new branch 'test'
797745d target/i386: Remove user-only i/o stubs
0f9b7df target/i386: Move helper_check_io to sysemu
0e6e2ee target/i386: Create helper_check_io
39f9f44 target/i386: Pass in port to gen_check_io
525360d target/i386: Tidy gen_check_io
b73f019 target/i386: Exit tb after wrmsr
77f4315 target/i386: Eliminate user stubs for read/write_crN, rd/wrmsr
c4f25ef target/i386: Inline user cpu_svm_check_intercept_param
be9d50c target/i386: Unify invlpg, invlpga
f3f94a0 target/i386: Move invlpg, hlt, monitor, mwait to sysemu
7f8853c target/i386: Pass env to do_pause and do_hlt
59992b7 target/i386: Cleanup read_crN, write_crN, lmsw
fbd9bfe target/i386: Remove user stub for cpu_vmexit
cec5742 target/i386: Remove pc_start argument to gen_svm_check_intercept
3e11484 target/i386: Tidy svm_check_intercept from tcg
018250c target/i386: Simplify gen_debug usage
bbe73ae target/i386: Mark some helpers as noreturn
1be7681 target/i386: Eliminate SVM helpers for user-only
37a998e target/i386: Implement skinit in translate.c
da48236 target/i386: Assert !GUEST for user-only
f4e4fe9 target/i386: Assert !SVME for user-only
d1d5637 target/i386: Add stub generator for helper_set_dr
a18d075 target/i386: Reorder DisasContext members
88fdc49 target/i386: Fix the comment for repz_opt
861b00b target/i386: Reduce DisasContext jmp_opt, repz_opt to bool
3783316 target/i386: Leave TF in DisasContext.flags
a6b8724 target/i386: Reduce DisasContext popl_esp_hack and rip_offset to uint8_t
6920aee target/i386: Reduce DisasContext.vex_[lv] to uint8_t
4f6954b target/i386: Reduce DisasContext.prefix to uint8_t
07cc331 target/i386: Reduce DisasContext.override to int8_t
6aba639 target/i386: Reduce DisasContext.flags to uint32_t
d507f0d target/i386: Remove DisasContext.f_st as unused
ac8f26e target/i386: Move rex_w into DisasContext
60f3d0b target/i386: Move rex_r into DisasContext
ca272c1 target/i386: Tidy REX_B, REX_X definition
f573f9b9 target/i386: Introduce REX_PREFIX
3d69364 target/i386: Assert !ADDSEG for x86_64 user-only
b9bc34b target/i386: Assert LMA for x86_64 user-only
543c705 target/i386: Assert CODE64 for x86_64 user-only
e81aa02 target/i386: Assert SS32 for x86_64 user-only
4a3d9a1 target/i386: Assert CODE32 for x86_64 user-only
272ed3d target/i386: Assert !VM86 for x86_64 user-only
3d6b13d target/i386: Assert IOPL is 0 for user-only
d11abdc target/i386: Assert CPL is 3 for user-only
161425f target/i386: Assert PE is set for user-only
1b4f01f target/i386: Split out check_iopl
ab7b71b target/i386: Split out check_vm86_iopl
ffbb88b target/i386: Unify code paths for IRET
245e7e4 target/i386: Split out check_cpl0
41f02f9 target/i386: Split out gen_exception_gpf
=== OUTPUT BEGIN ===
1/50 Checking commit 41f02f906d16 (target/i386: Split out gen_exception_gpf)
2/50 Checking commit 245e7e4367bb (target/i386: Split out check_cpl0)
3/50 Checking commit ffbb88b887c7 (target/i386: Unify code paths for IRET)
4/50 Checking commit ab7b71b2b03e (target/i386: Split out check_vm86_iopl)
5/50 Checking commit 1b4f01f45cb1 (target/i386: Split out check_iopl)
6/50 Checking commit 161425f462f3 (target/i386: Assert PE is set for user-only)
ERROR: braces {} are necessary for all arms of this statement
#129: FILE: target/i386/tcg/translate.c:7304:
+ if (!PE(s) || s->vm86)
[...]
ERROR: braces {} are necessary for all arms of this statement
#147: FILE: target/i386/tcg/translate.c:7323:
+ if (!PE(s) || s->vm86)
[...]
ERROR: braces {} are necessary for all arms of this statement
#165: FILE: target/i386/tcg/translate.c:7343:
+ if (!PE(s) || s->vm86)
[...]
ERROR: braces {} are necessary for all arms of this statement
#237: FILE: target/i386/tcg/translate.c:7714:
+ if (!PE(s) || s->vm86)
[...]
ERROR: braces {} are necessary for all arms of this statement
#246: FILE: target/i386/tcg/translate.c:7762:
+ if (!PE(s) || s->vm86)
[...]
total: 5 errors, 0 warnings, 244 lines checked
Patch 6/50 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
7/50 Checking commit d11abdcfe8e1 (target/i386: Assert CPL is 3 for user-only)
8/50 Checking commit 3d6b13d94823 (target/i386: Assert IOPL is 0 for user-only)
9/50 Checking commit 272ed3de80a0 (target/i386: Assert !VM86 for x86_64 user-only)
ERROR: braces {} are necessary for all arms of this statement
#131: FILE: target/i386/tcg/translate.c:7316:
+ if (!PE(s) || VM86(s))
[...]
ERROR: braces {} are necessary for all arms of this statement
#149: FILE: target/i386/tcg/translate.c:7335:
+ if (!PE(s) || VM86(s))
[...]
ERROR: braces {} are necessary for all arms of this statement
#167: FILE: target/i386/tcg/translate.c:7355:
+ if (!PE(s) || VM86(s))
[...]
ERROR: braces {} are necessary for all arms of this statement
#176: FILE: target/i386/tcg/translate.c:7726:
+ if (!PE(s) || VM86(s))
[...]
ERROR: braces {} are necessary for all arms of this statement
#185: FILE: target/i386/tcg/translate.c:7774:
+ if (!PE(s) || VM86(s))
[...]
total: 5 errors, 0 warnings, 159 lines checked
Patch 9/50 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
10/50 Checking commit 4a3d9a109c2d (target/i386: Assert CODE32 for x86_64 user-only)
11/50 Checking commit e81aa025ffa7 (target/i386: Assert SS32 for x86_64 user-only)
12/50 Checking commit 543c7050215a (target/i386: Assert CODE64 for x86_64 user-only)
13/50 Checking commit b9bc34b98d14 (target/i386: Assert LMA for x86_64 user-only)
14/50 Checking commit 3d693642125c (target/i386: Assert !ADDSEG for x86_64 user-only)
15/50 Checking commit f573f9b9e62a (target/i386: Introduce REX_PREFIX)
16/50 Checking commit ca272c10ffe4 (target/i386: Tidy REX_B, REX_X definition)
17/50 Checking commit 60f3d0b028ca (target/i386: Move rex_r into DisasContext)
18/50 Checking commit ac8f26efd681 (target/i386: Move rex_w into DisasContext)
19/50 Checking commit d507f0d0a53f (target/i386: Remove DisasContext.f_st as unused)
20/50 Checking commit 6aba639bf660 (target/i386: Reduce DisasContext.flags to uint32_t)
21/50 Checking commit 07cc331be79e (target/i386: Reduce DisasContext.override to int8_t)
22/50 Checking commit 4f6954b61c3a (target/i386: Reduce DisasContext.prefix to uint8_t)
23/50 Checking commit 6920aeec5654 (target/i386: Reduce DisasContext.vex_[lv] to uint8_t)
24/50 Checking commit a6b872456c56 (target/i386: Reduce DisasContext popl_esp_hack and rip_offset to uint8_t)
25/50 Checking commit 37833162f266 (target/i386: Leave TF in DisasContext.flags)
26/50 Checking commit 861b00b369bd (target/i386: Reduce DisasContext jmp_opt, repz_opt to bool)
27/50 Checking commit 88fdc4906e85 (target/i386: Fix the comment for repz_opt)
28/50 Checking commit a18d075d4339 (target/i386: Reorder DisasContext members)
29/50 Checking commit d1d5637307d8 (target/i386: Add stub generator for helper_set_dr)
30/50 Checking commit f4e4fe9e64e5 (target/i386: Assert !SVME for user-only)
31/50 Checking commit da4823620a87 (target/i386: Assert !GUEST for user-only)
32/50 Checking commit 37a998ec18e1 (target/i386: Implement skinit in translate.c)
33/50 Checking commit 1be76815936c (target/i386: Eliminate SVM helpers for user-only)
34/50 Checking commit bbe73aee6785 (target/i386: Mark some helpers as noreturn)
35/50 Checking commit 018250c5210f (target/i386: Simplify gen_debug usage)
36/50 Checking commit 3e11484e66dd (target/i386: Tidy svm_check_intercept from tcg)
37/50 Checking commit cec5742f3094 (target/i386: Remove pc_start argument to gen_svm_check_intercept)
WARNING: line over 80 characters
#179: FILE: target/i386/tcg/translate.c:7712:
+ gen_svm_check_intercept(s, (b & 2) ? SVM_EXIT_INVD : SVM_EXIT_WBINVD);
total: 0 errors, 1 warnings, 176 lines checked
Patch 37/50 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
38/50 Checking commit fbd9bfe4dbae (target/i386: Remove user stub for cpu_vmexit)
39/50 Checking commit 59992b722b59 (target/i386: Cleanup read_crN, write_crN, lmsw)
40/50 Checking commit 7f8853cf211e (target/i386: Pass env to do_pause and do_hlt)
41/50 Checking commit f3f94a0e0d42 (target/i386: Move invlpg, hlt, monitor, mwait to sysemu)
42/50 Checking commit be9d50c065c4 (target/i386: Unify invlpg, invlpga)
43/50 Checking commit c4f25ef4748d (target/i386: Inline user cpu_svm_check_intercept_param)
Use of uninitialized value $acpi_testexpected in string eq at ./scripts/checkpatch.pl line 1529.
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#52:
deleted file mode 100644
total: 0 errors, 1 warnings, 22 lines checked
Patch 43/50 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
44/50 Checking commit 77f4315181bf (target/i386: Eliminate user stubs for read/write_crN, rd/wrmsr)
45/50 Checking commit b73f019ebbf1 (target/i386: Exit tb after wrmsr)
46/50 Checking commit 525360d7711f (target/i386: Tidy gen_check_io)
47/50 Checking commit 39f9f445f6c4 (target/i386: Pass in port to gen_check_io)
48/50 Checking commit 0e6e2eee1f5b (target/i386: Create helper_check_io)
49/50 Checking commit 0f9b7dfe694f (target/i386: Move helper_check_io to sysemu)
50/50 Checking commit 797745dca76f (target/i386: Remove user-only i/o stubs)
Use of uninitialized value $acpi_testexpected in string eq at ./scripts/checkpatch.pl line 1529.
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#71:
deleted file mode 100644
total: 0 errors, 1 warnings, 35 lines checked
Patch 50/50 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
=== OUTPUT END ===
Test command exited with code: 1
The full log is available at
http://patchew.org/logs/20210228232321.322053-1-richard.henderson@linaro.org/testing.checkpatch/?type=message.
---
Email generated automatically by Patchew [https://patchew.org/].
Please send your feedback to patchew-devel@redhat.com
^ permalink raw reply [flat|nested] 56+ messages in thread
* Re: [PATCH 23/50] target/i386: Reduce DisasContext.vex_[lv] to uint8_t
2021-02-28 23:22 ` [PATCH 23/50] target/i386: Reduce DisasContext.vex_[lv] " Richard Henderson
@ 2021-03-01 7:51 ` Philippe Mathieu-Daudé
0 siblings, 0 replies; 56+ messages in thread
From: Philippe Mathieu-Daudé @ 2021-03-01 7:51 UTC (permalink / raw)
To: Richard Henderson, qemu-devel; +Cc: cfontana
On 3/1/21 12:22 AM, Richard Henderson wrote:
> Currently, vex_l is either {0,1}; if in the future we implement
> AVX-512, the max value will be 2. In vex_v we store a register
> number. This is 0-15 for SSE, and 0-31 for AVX-512.
>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
> target/i386/tcg/translate.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
^ permalink raw reply [flat|nested] 56+ messages in thread
* Re: [PATCH 50/50] target/i386: Remove user-only i/o stubs
2021-02-28 23:23 ` [PATCH 50/50] target/i386: Remove user-only i/o stubs Richard Henderson
@ 2021-03-01 7:54 ` Philippe Mathieu-Daudé
0 siblings, 0 replies; 56+ messages in thread
From: Philippe Mathieu-Daudé @ 2021-03-01 7:54 UTC (permalink / raw)
To: Richard Henderson, qemu-devel; +Cc: cfontana
On 3/1/21 12:23 AM, Richard Henderson wrote:
> With the previous patch for check_io, we now have enough for
> the compiler to dead-code eliminate all of the i/o helpers.
>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
> target/i386/helper.h | 3 +-
> target/i386/tcg/translate.c | 6 ++++
> target/i386/tcg/user/misc_stubs.c | 55 -------------------------------
> target/i386/tcg/user/meson.build | 1 -
> 4 files changed, 7 insertions(+), 58 deletions(-)
> delete mode 100644 target/i386/tcg/user/misc_stubs.c
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
^ permalink raw reply [flat|nested] 56+ messages in thread
* Re: [PATCH 49/50] target/i386: Move helper_check_io to sysemu
2021-02-28 23:23 ` [PATCH 49/50] target/i386: Move helper_check_io to sysemu Richard Henderson
@ 2021-03-01 7:55 ` Philippe Mathieu-Daudé
0 siblings, 0 replies; 56+ messages in thread
From: Philippe Mathieu-Daudé @ 2021-03-01 7:55 UTC (permalink / raw)
To: Richard Henderson, qemu-devel; +Cc: cfontana
On 3/1/21 12:23 AM, Richard Henderson wrote:
> The we never allow i/o from user-only, and the tss check
> that helper_check_io does will always fail. Use an ifdef
> within gen_check_io and return false, indicating that an
> exception is known to be raised.
>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
> target/i386/helper.h | 2 +-
> target/i386/tcg/seg_helper.c | 28 ----------------------------
> target/i386/tcg/sysemu/seg_helper.c | 29 +++++++++++++++++++++++++++++
> target/i386/tcg/translate.c | 11 +++++++++++
> 4 files changed, 41 insertions(+), 29 deletions(-)
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
^ permalink raw reply [flat|nested] 56+ messages in thread
* Re: [PATCH 48/50] target/i386: Create helper_check_io
2021-02-28 23:23 ` [PATCH 48/50] target/i386: Create helper_check_io Richard Henderson
@ 2021-03-01 7:57 ` Philippe Mathieu-Daudé
0 siblings, 0 replies; 56+ messages in thread
From: Philippe Mathieu-Daudé @ 2021-03-01 7:57 UTC (permalink / raw)
To: Richard Henderson, qemu-devel; +Cc: cfontana
On 3/1/21 12:23 AM, Richard Henderson wrote:
> Drop helper_check_io[bwl] and expose their common
> subroutine to tcg directly.
>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
> target/i386/helper.h | 4 +---
> target/i386/tcg/seg_helper.c | 21 +++------------------
> target/i386/tcg/translate.c | 14 +-------------
> 3 files changed, 5 insertions(+), 34 deletions(-)
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
^ permalink raw reply [flat|nested] 56+ messages in thread
end of thread, other threads:[~2021-03-01 7:58 UTC | newest]
Thread overview: 56+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-02-28 23:22 [PATCH 00/50] i386 cleanup part 3 Richard Henderson
2021-02-28 23:22 ` [PATCH 01/50] target/i386: Split out gen_exception_gpf Richard Henderson
2021-02-28 23:22 ` [PATCH 02/50] target/i386: Split out check_cpl0 Richard Henderson
2021-02-28 23:22 ` [PATCH 03/50] target/i386: Unify code paths for IRET Richard Henderson
2021-02-28 23:22 ` [PATCH 04/50] target/i386: Split out check_vm86_iopl Richard Henderson
2021-02-28 23:22 ` [PATCH 05/50] target/i386: Split out check_iopl Richard Henderson
2021-02-28 23:22 ` [PATCH 06/50] target/i386: Assert PE is set for user-only Richard Henderson
2021-02-28 23:22 ` [PATCH 07/50] target/i386: Assert CPL is 3 " Richard Henderson
2021-02-28 23:22 ` [PATCH 08/50] target/i386: Assert IOPL is 0 " Richard Henderson
2021-02-28 23:22 ` [PATCH 09/50] target/i386: Assert !VM86 for x86_64 user-only Richard Henderson
2021-02-28 23:22 ` [PATCH 10/50] target/i386: Assert CODE32 " Richard Henderson
2021-02-28 23:22 ` [PATCH 11/50] target/i386: Assert SS32 " Richard Henderson
2021-02-28 23:22 ` [PATCH 12/50] target/i386: Assert CODE64 " Richard Henderson
2021-02-28 23:22 ` [PATCH 13/50] target/i386: Assert LMA " Richard Henderson
2021-02-28 23:22 ` [PATCH 14/50] target/i386: Assert !ADDSEG " Richard Henderson
2021-02-28 23:22 ` [PATCH 15/50] target/i386: Introduce REX_PREFIX Richard Henderson
2021-02-28 23:22 ` [PATCH 16/50] target/i386: Tidy REX_B, REX_X definition Richard Henderson
2021-02-28 23:22 ` [PATCH 17/50] target/i386: Move rex_r into DisasContext Richard Henderson
2021-02-28 23:22 ` [PATCH 18/50] target/i386: Move rex_w " Richard Henderson
2021-02-28 23:22 ` [PATCH 19/50] target/i386: Remove DisasContext.f_st as unused Richard Henderson
2021-02-28 23:22 ` [PATCH 20/50] target/i386: Reduce DisasContext.flags to uint32_t Richard Henderson
2021-02-28 23:22 ` [PATCH 21/50] target/i386: Reduce DisasContext.override to int8_t Richard Henderson
2021-02-28 23:22 ` [PATCH 22/50] target/i386: Reduce DisasContext.prefix to uint8_t Richard Henderson
2021-02-28 23:22 ` [PATCH 23/50] target/i386: Reduce DisasContext.vex_[lv] " Richard Henderson
2021-03-01 7:51 ` Philippe Mathieu-Daudé
2021-02-28 23:22 ` [PATCH 24/50] target/i386: Reduce DisasContext popl_esp_hack and rip_offset " Richard Henderson
2021-02-28 23:22 ` [PATCH 25/50] target/i386: Leave TF in DisasContext.flags Richard Henderson
2021-02-28 23:22 ` [PATCH 26/50] target/i386: Reduce DisasContext jmp_opt, repz_opt to bool Richard Henderson
2021-02-28 23:22 ` [PATCH 27/50] target/i386: Fix the comment for repz_opt Richard Henderson
2021-02-28 23:22 ` [PATCH 28/50] target/i386: Reorder DisasContext members Richard Henderson
2021-02-28 23:23 ` [PATCH 29/50] target/i386: Add stub generator for helper_set_dr Richard Henderson
2021-02-28 23:23 ` [PATCH 30/50] target/i386: Assert !SVME for user-only Richard Henderson
2021-02-28 23:23 ` [PATCH 31/50] target/i386: Assert !GUEST " Richard Henderson
2021-02-28 23:23 ` [PATCH 32/50] target/i386: Implement skinit in translate.c Richard Henderson
2021-02-28 23:23 ` [PATCH 33/50] target/i386: Eliminate SVM helpers for user-only Richard Henderson
2021-02-28 23:23 ` [PATCH 34/50] target/i386: Mark some helpers as noreturn Richard Henderson
2021-02-28 23:23 ` [PATCH 35/50] target/i386: Simplify gen_debug usage Richard Henderson
2021-02-28 23:23 ` [PATCH 36/50] target/i386: Tidy svm_check_intercept from tcg Richard Henderson
2021-02-28 23:23 ` [PATCH 37/50] target/i386: Remove pc_start argument to gen_svm_check_intercept Richard Henderson
2021-02-28 23:23 ` [PATCH 38/50] target/i386: Remove user stub for cpu_vmexit Richard Henderson
2021-02-28 23:23 ` [PATCH 39/50] target/i386: Cleanup read_crN, write_crN, lmsw Richard Henderson
2021-02-28 23:23 ` [PATCH 40/50] target/i386: Pass env to do_pause and do_hlt Richard Henderson
2021-02-28 23:23 ` [PATCH 41/50] target/i386: Move invlpg, hlt, monitor, mwait to sysemu Richard Henderson
2021-02-28 23:23 ` [PATCH 42/50] target/i386: Unify invlpg, invlpga Richard Henderson
2021-02-28 23:23 ` [PATCH 43/50] target/i386: Inline user cpu_svm_check_intercept_param Richard Henderson
2021-02-28 23:23 ` [PATCH 44/50] target/i386: Eliminate user stubs for read/write_crN, rd/wrmsr Richard Henderson
2021-02-28 23:23 ` [PATCH 45/50] target/i386: Exit tb after wrmsr Richard Henderson
2021-02-28 23:23 ` [PATCH 46/50] target/i386: Tidy gen_check_io Richard Henderson
2021-02-28 23:23 ` [PATCH 47/50] target/i386: Pass in port to gen_check_io Richard Henderson
2021-02-28 23:23 ` [PATCH 48/50] target/i386: Create helper_check_io Richard Henderson
2021-03-01 7:57 ` Philippe Mathieu-Daudé
2021-02-28 23:23 ` [PATCH 49/50] target/i386: Move helper_check_io to sysemu Richard Henderson
2021-03-01 7:55 ` Philippe Mathieu-Daudé
2021-02-28 23:23 ` [PATCH 50/50] target/i386: Remove user-only i/o stubs Richard Henderson
2021-03-01 7:54 ` Philippe Mathieu-Daudé
2021-03-01 0:31 ` [PATCH 00/50] i386 cleanup part 3 no-reply
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.