All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH 00/24] target/ppc: Clean up mmu translation
@ 2021-05-18 20:11 Richard Henderson
  2021-05-18 20:11 ` [PATCH 01/24] target/ppc: Introduce prot_for_access_type Richard Henderson
                   ` (24 more replies)
  0 siblings, 25 replies; 46+ messages in thread
From: Richard Henderson @ 2021-05-18 20:11 UTC (permalink / raw)
  To: qemu-devel; +Cc: bruno.larsen, qemu-ppc, david

This attempts the cleanup I've been talking about with Bruno.

On the way, there's a lot of MMUAccessType cleanup, to get the
code into the form I wanted the interface to share.  There's a
lot more cleanup that could be done, particularly wrt the older
mmu models.


r~


Richard Henderson (24):
  target/ppc: Introduce prot_for_access_type
  target/ppc: Use MMUAccessType in mmu-radix64.c
  target/ppc: Use MMUAccessType in mmu-hash64.c
  target/ppc: Use MMUAccessType in mmu-hash32.c
  target/ppc: Rename access_type to type in mmu_helper.c
  target/ppc: Use MMUAccessType in mmu_helper.c
  target/ppc: Remove type argument from check_prot
  target/ppc: Remove type argument from ppc6xx_tlb_pte_check
  target/ppc: Remove type argument from ppc6xx_tlb_check
  target/ppc: Remove type argument from get_bat_6xx_tlb
  target/ppc: Remove type argument from mmu40x_get_physical_address
  target/ppc: Remove type argument from mmubooke_check_tlb
  target/ppc: Remove type argument from mmubooke_get_physical_address
  target/ppc: Remove type argument from mmubooke206_check_tlb
  target/ppc: Remove type argument for mmubooke206_get_physical_address
  target/ppc: Remove PowerPCCPUClass.handle_mmu_fault
  target/ppc: Use MMUAccessType with *_handle_mmu_fault
  target/ppc: Push real-mode handling into ppc_radix64_xlate
  target/ppc: Use bool success for ppc_radix64_xlate
  target/ppc: Split out ppc_hash64_xlate
  target/ppc: Split out ppc_hash32_xlate
  target/ppc: Split out ppc_jumbo_xlate
  target/ppc: Introduce ppc_xlate
  target/ppc: Restrict ppc_cpu_tlb_fill to TCG

 target/ppc/cpu-qom.h       |   1 -
 target/ppc/internal.h      |  19 ++
 target/ppc/mmu-book3s-v3.h |   5 -
 target/ppc/mmu-hash32.h    |   6 +-
 target/ppc/mmu-hash64.h    |   6 +-
 target/ppc/mmu-radix64.h   |   6 +-
 target/ppc/cpu_init.c      |  45 ----
 target/ppc/mmu-book3s-v3.c |  19 --
 target/ppc/mmu-hash32.c    | 244 ++++++++----------
 target/ppc/mmu-hash64.c    | 187 ++++++--------
 target/ppc/mmu-radix64.c   | 235 +++++++++---------
 target/ppc/mmu_helper.c    | 496 +++++++++++++++++--------------------
 12 files changed, 553 insertions(+), 716 deletions(-)

-- 
2.25.1



^ permalink raw reply	[flat|nested] 46+ messages in thread

* [PATCH 01/24] target/ppc: Introduce prot_for_access_type
  2021-05-18 20:11 [PATCH 00/24] target/ppc: Clean up mmu translation Richard Henderson
@ 2021-05-18 20:11 ` Richard Henderson
  2021-05-18 20:11 ` [PATCH 02/24] target/ppc: Use MMUAccessType in mmu-radix64.c Richard Henderson
                   ` (23 subsequent siblings)
  24 siblings, 0 replies; 46+ messages in thread
From: Richard Henderson @ 2021-05-18 20:11 UTC (permalink / raw)
  To: qemu-devel; +Cc: bruno.larsen, qemu-ppc, david

Use this in the three places we currently have a local array
indexed by rwx (which happens to have the same values).
The types will match up correctly with additional changes.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/ppc/internal.h    | 19 +++++++++++++++++++
 target/ppc/mmu-hash32.c  |  8 +++++---
 target/ppc/mmu-hash64.c  | 10 ++++++----
 target/ppc/mmu-radix64.c |  6 ++++--
 4 files changed, 34 insertions(+), 9 deletions(-)

diff --git a/target/ppc/internal.h b/target/ppc/internal.h
index 184ba6d6b3..2b4b06eb76 100644
--- a/target/ppc/internal.h
+++ b/target/ppc/internal.h
@@ -228,4 +228,23 @@ void destroy_ppc_opcodes(PowerPCCPU *cpu);
 void ppc_gdb_init(CPUState *cs, PowerPCCPUClass *ppc);
 gchar *ppc_gdb_arch_name(CPUState *cs);
 
+/**
+ * prot_for_access_type:
+ * @access_type: Access type
+ *
+ * Return the protection bit required for the given access type.
+ */
+static inline int prot_for_access_type(MMUAccessType access_type)
+{
+    switch (access_type) {
+    case MMU_INST_FETCH:
+        return PAGE_EXEC;
+    case MMU_DATA_LOAD:
+        return PAGE_READ;
+    case MMU_DATA_STORE:
+        return PAGE_WRITE;
+    }
+    g_assert_not_reached();
+}
+
 #endif /* PPC_INTERNAL_H */
diff --git a/target/ppc/mmu-hash32.c b/target/ppc/mmu-hash32.c
index 178cf090b7..233a66658e 100644
--- a/target/ppc/mmu-hash32.c
+++ b/target/ppc/mmu-hash32.c
@@ -24,6 +24,7 @@
 #include "exec/helper-proto.h"
 #include "sysemu/kvm.h"
 #include "kvm_ppc.h"
+#include "internal.h"
 #include "mmu-hash32.h"
 #include "exec/log.h"
 
@@ -421,10 +422,11 @@ int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr, int rwx,
     hwaddr pte_offset;
     ppc_hash_pte32_t pte;
     int prot;
-    const int need_prot[] = {PAGE_READ, PAGE_WRITE, PAGE_EXEC};
+    int need_prot;
     hwaddr raddr;
 
     assert((rwx == 0) || (rwx == 1) || (rwx == 2));
+    need_prot = prot_for_access_type(rwx);
 
     /* 1. Handle real mode accesses */
     if (((rwx == 2) && (msr_ir == 0)) || ((rwx != 2) && (msr_dr == 0))) {
@@ -440,7 +442,7 @@ int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr, int rwx,
     if (env->nb_BATs != 0) {
         raddr = ppc_hash32_bat_lookup(cpu, eaddr, rwx, &prot);
         if (raddr != -1) {
-            if (need_prot[rwx] & ~prot) {
+            if (need_prot & ~prot) {
                 if (rwx == 2) {
                     cs->exception_index = POWERPC_EXCP_ISI;
                     env->error_code = 0x08000000;
@@ -513,7 +515,7 @@ int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr, int rwx,
 
     prot = ppc_hash32_pte_prot(cpu, sr, pte);
 
-    if (need_prot[rwx] & ~prot) {
+    if (need_prot & ~prot) {
         /* Access right violation */
         qemu_log_mask(CPU_LOG_MMU, "PTE access rejected\n");
         if (rwx == 2) {
diff --git a/target/ppc/mmu-hash64.c b/target/ppc/mmu-hash64.c
index c4a4bc7cd2..d5b70ddc9c 100644
--- a/target/ppc/mmu-hash64.c
+++ b/target/ppc/mmu-hash64.c
@@ -29,6 +29,7 @@
 #include "mmu-hash64.h"
 #include "exec/log.h"
 #include "hw/hw.h"
+#include "internal.h"
 #include "mmu-book3s-v3.h"
 #include "helper_regs.h"
 
@@ -876,7 +877,7 @@ int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
     hwaddr ptex;
     ppc_hash_pte64_t pte;
     int exec_prot, pp_prot, amr_prot, prot;
-    const int need_prot[] = {PAGE_READ, PAGE_WRITE, PAGE_EXEC};
+    int need_prot;
     hwaddr raddr;
 
     assert((rwx == 0) || (rwx == 1) || (rwx == 2));
@@ -996,7 +997,8 @@ skip_slb_search:
     amr_prot = ppc_hash64_amr_prot(cpu, pte);
     prot = exec_prot & pp_prot & amr_prot;
 
-    if ((need_prot[rwx] & ~prot) != 0) {
+    need_prot = prot_for_access_type(rwx);
+    if (need_prot & ~prot) {
         /* Access right violation */
         qemu_log_mask(CPU_LOG_MMU, "PTE access rejected\n");
         if (rwx == 2) {
@@ -1012,13 +1014,13 @@ skip_slb_search:
             ppc_hash64_set_isi(cs, srr1);
         } else {
             int dsisr = 0;
-            if (need_prot[rwx] & ~pp_prot) {
+            if (need_prot & ~pp_prot) {
                 dsisr |= DSISR_PROTFAULT;
             }
             if (rwx == 1) {
                 dsisr |= DSISR_ISSTORE;
             }
-            if (need_prot[rwx] & ~amr_prot) {
+            if (need_prot & ~amr_prot) {
                 dsisr |= DSISR_AMR;
             }
             ppc_hash64_set_dsi(cs, eaddr, dsisr);
diff --git a/target/ppc/mmu-radix64.c b/target/ppc/mmu-radix64.c
index 30fcfcf11f..646b9afb7b 100644
--- a/target/ppc/mmu-radix64.c
+++ b/target/ppc/mmu-radix64.c
@@ -25,6 +25,7 @@
 #include "sysemu/kvm.h"
 #include "kvm_ppc.h"
 #include "exec/log.h"
+#include "internal.h"
 #include "mmu-radix64.h"
 #include "mmu-book3s-v3.h"
 
@@ -135,7 +136,7 @@ static bool ppc_radix64_check_prot(PowerPCCPU *cpu, int rwx, uint64_t pte,
                                    bool partition_scoped)
 {
     CPUPPCState *env = &cpu->env;
-    const int need_prot[] = { PAGE_READ, PAGE_WRITE, PAGE_EXEC };
+    int need_prot;
 
     /* Check Page Attributes (pte58:59) */
     if (((pte & R_PTE_ATT) == R_PTE_ATT_NI_IO) && (rwx == 2)) {
@@ -158,7 +159,8 @@ static bool ppc_radix64_check_prot(PowerPCCPU *cpu, int rwx, uint64_t pte,
     }
 
     /* Check if requested access type is allowed */
-    if (need_prot[rwx] & ~(*prot)) { /* Page Protected for that Access */
+    need_prot = prot_for_access_type(rwx);
+    if (need_prot & ~*prot) { /* Page Protected for that Access */
         *fault_cause |= DSISR_PROTFAULT;
         return true;
     }
-- 
2.25.1



^ permalink raw reply	[flat|nested] 46+ messages in thread

* [PATCH 02/24] target/ppc: Use MMUAccessType in mmu-radix64.c
  2021-05-18 20:11 [PATCH 00/24] target/ppc: Clean up mmu translation Richard Henderson
  2021-05-18 20:11 ` [PATCH 01/24] target/ppc: Introduce prot_for_access_type Richard Henderson
@ 2021-05-18 20:11 ` Richard Henderson
  2021-05-18 20:11 ` [PATCH 03/24] target/ppc: Use MMUAccessType in mmu-hash64.c Richard Henderson
                   ` (22 subsequent siblings)
  24 siblings, 0 replies; 46+ messages in thread
From: Richard Henderson @ 2021-05-18 20:11 UTC (permalink / raw)
  To: qemu-devel; +Cc: bruno.larsen, qemu-ppc, david

We must leave the 'int rwx' parameter to ppc_radix64_handle_mmu_fault
for now, but will clean that up later.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/ppc/mmu-radix64.c | 119 ++++++++++++++++++++++++---------------
 1 file changed, 74 insertions(+), 45 deletions(-)

diff --git a/target/ppc/mmu-radix64.c b/target/ppc/mmu-radix64.c
index 646b9afb7b..7972153f23 100644
--- a/target/ppc/mmu-radix64.c
+++ b/target/ppc/mmu-radix64.c
@@ -75,71 +75,94 @@ static bool ppc_radix64_get_fully_qualified_addr(const CPUPPCState *env,
     return true;
 }
 
-static void ppc_radix64_raise_segi(PowerPCCPU *cpu, int rwx, vaddr eaddr)
+static void ppc_radix64_raise_segi(PowerPCCPU *cpu, MMUAccessType access_type,
+                                   vaddr eaddr)
 {
     CPUState *cs = CPU(cpu);
     CPUPPCState *env = &cpu->env;
 
-    if (rwx == 2) { /* Instruction Segment Interrupt */
+    switch (access_type) {
+    case MMU_INST_FETCH:
+        /* Instruction Segment Interrupt */
         cs->exception_index = POWERPC_EXCP_ISEG;
-    } else { /* Data Segment Interrupt */
+        break;
+    case MMU_DATA_STORE:
+    case MMU_DATA_LOAD:
+        /* Data Segment Interrupt */
         cs->exception_index = POWERPC_EXCP_DSEG;
         env->spr[SPR_DAR] = eaddr;
+        break;
+    default:
+        g_assert_not_reached();
     }
     env->error_code = 0;
 }
 
-static void ppc_radix64_raise_si(PowerPCCPU *cpu, int rwx, vaddr eaddr,
-                                uint32_t cause)
+static void ppc_radix64_raise_si(PowerPCCPU *cpu, MMUAccessType access_type,
+                                 vaddr eaddr, uint32_t cause)
 {
     CPUState *cs = CPU(cpu);
     CPUPPCState *env = &cpu->env;
 
-    if (rwx == 2) { /* Instruction Storage Interrupt */
+    switch (access_type) {
+    case MMU_INST_FETCH:
+        /* Instruction Storage Interrupt */
         cs->exception_index = POWERPC_EXCP_ISI;
         env->error_code = cause;
-    } else { /* Data Storage Interrupt */
+        break;
+    case MMU_DATA_STORE:
+        cause |= DSISR_ISSTORE;
+        /* fall through */
+    case MMU_DATA_LOAD:
+        /* Data Storage Interrupt */
         cs->exception_index = POWERPC_EXCP_DSI;
-        if (rwx == 1) { /* Write -> Store */
-            cause |= DSISR_ISSTORE;
-        }
         env->spr[SPR_DSISR] = cause;
         env->spr[SPR_DAR] = eaddr;
         env->error_code = 0;
+        break;
+    default:
+        g_assert_not_reached();
     }
 }
 
-static void ppc_radix64_raise_hsi(PowerPCCPU *cpu, int rwx, vaddr eaddr,
-                                  hwaddr g_raddr, uint32_t cause)
+static void ppc_radix64_raise_hsi(PowerPCCPU *cpu, MMUAccessType access_type,
+                                  vaddr eaddr, hwaddr g_raddr, uint32_t cause)
 {
     CPUState *cs = CPU(cpu);
     CPUPPCState *env = &cpu->env;
 
-    if (rwx == 2) { /* H Instruction Storage Interrupt */
+    switch (access_type) {
+    case MMU_INST_FETCH:
+        /* H Instruction Storage Interrupt */
         cs->exception_index = POWERPC_EXCP_HISI;
         env->spr[SPR_ASDR] = g_raddr;
         env->error_code = cause;
-    } else { /* H Data Storage Interrupt */
+        break;
+    case MMU_DATA_STORE:
+        cause |= DSISR_ISSTORE;
+        /* fall through */
+    case MMU_DATA_LOAD:
+        /* H Data Storage Interrupt */
         cs->exception_index = POWERPC_EXCP_HDSI;
-        if (rwx == 1) { /* Write -> Store */
-            cause |= DSISR_ISSTORE;
-        }
         env->spr[SPR_HDSISR] = cause;
         env->spr[SPR_HDAR] = eaddr;
         env->spr[SPR_ASDR] = g_raddr;
         env->error_code = 0;
+        break;
+    default:
+        g_assert_not_reached();
     }
 }
 
-static bool ppc_radix64_check_prot(PowerPCCPU *cpu, int rwx, uint64_t pte,
-                                   int *fault_cause, int *prot,
+static bool ppc_radix64_check_prot(PowerPCCPU *cpu, MMUAccessType access_type,
+                                   uint64_t pte, int *fault_cause, int *prot,
                                    bool partition_scoped)
 {
     CPUPPCState *env = &cpu->env;
     int need_prot;
 
     /* Check Page Attributes (pte58:59) */
-    if (((pte & R_PTE_ATT) == R_PTE_ATT_NI_IO) && (rwx == 2)) {
+    if ((pte & R_PTE_ATT) == R_PTE_ATT_NI_IO && access_type == MMU_INST_FETCH) {
         /*
          * Radix PTE entries with the non-idempotent I/O attribute are treated
          * as guarded storage
@@ -159,7 +182,7 @@ static bool ppc_radix64_check_prot(PowerPCCPU *cpu, int rwx, uint64_t pte,
     }
 
     /* Check if requested access type is allowed */
-    need_prot = prot_for_access_type(rwx);
+    need_prot = prot_for_access_type(access_type);
     if (need_prot & ~*prot) { /* Page Protected for that Access */
         *fault_cause |= DSISR_PROTFAULT;
         return true;
@@ -168,15 +191,15 @@ static bool ppc_radix64_check_prot(PowerPCCPU *cpu, int rwx, uint64_t pte,
     return false;
 }
 
-static void ppc_radix64_set_rc(PowerPCCPU *cpu, int rwx, uint64_t pte,
-                               hwaddr pte_addr, int *prot)
+static void ppc_radix64_set_rc(PowerPCCPU *cpu, MMUAccessType access_type,
+                               uint64_t pte, hwaddr pte_addr, int *prot)
 {
     CPUState *cs = CPU(cpu);
     uint64_t npte;
 
     npte = pte | R_PTE_R; /* Always set reference bit */
 
-    if (rwx == 1) { /* Store/Write */
+    if (access_type == MMU_DATA_STORE) { /* Store/Write */
         npte |= R_PTE_C; /* Set change bit */
     } else {
         /*
@@ -271,7 +294,8 @@ static bool validate_pate(PowerPCCPU *cpu, uint64_t lpid, ppc_v3_pate_t *pate)
     return true;
 }
 
-static int ppc_radix64_partition_scoped_xlate(PowerPCCPU *cpu, int rwx,
+static int ppc_radix64_partition_scoped_xlate(PowerPCCPU *cpu,
+                                              MMUAccessType access_type,
                                               vaddr eaddr, hwaddr g_raddr,
                                               ppc_v3_pate_t pate,
                                               hwaddr *h_raddr, int *h_prot,
@@ -287,24 +311,25 @@ static int ppc_radix64_partition_scoped_xlate(PowerPCCPU *cpu, int rwx,
     if (ppc_radix64_walk_tree(CPU(cpu)->as, g_raddr, pate.dw0 & PRTBE_R_RPDB,
                               pate.dw0 & PRTBE_R_RPDS, h_raddr, h_page_size,
                               &pte, &fault_cause, &pte_addr) ||
-        ppc_radix64_check_prot(cpu, rwx, pte, &fault_cause, h_prot, true)) {
+        ppc_radix64_check_prot(cpu, access_type, pte, &fault_cause, h_prot, true)) {
         if (pde_addr) { /* address being translated was that of a guest pde */
             fault_cause |= DSISR_PRTABLE_FAULT;
         }
         if (guest_visible) {
-            ppc_radix64_raise_hsi(cpu, rwx, eaddr, g_raddr, fault_cause);
+            ppc_radix64_raise_hsi(cpu, access_type, eaddr, g_raddr, fault_cause);
         }
         return 1;
     }
 
     if (guest_visible) {
-        ppc_radix64_set_rc(cpu, rwx, pte, pte_addr, h_prot);
+        ppc_radix64_set_rc(cpu, access_type, pte, pte_addr, h_prot);
     }
 
     return 0;
 }
 
-static int ppc_radix64_process_scoped_xlate(PowerPCCPU *cpu, int rwx,
+static int ppc_radix64_process_scoped_xlate(PowerPCCPU *cpu,
+                                            MMUAccessType access_type,
                                             vaddr eaddr, uint64_t pid,
                                             ppc_v3_pate_t pate, hwaddr *g_raddr,
                                             int *g_prot, int *g_page_size,
@@ -323,7 +348,7 @@ static int ppc_radix64_process_scoped_xlate(PowerPCCPU *cpu, int rwx,
     if (offset >= size) {
         /* offset exceeds size of the process table */
         if (guest_visible) {
-            ppc_radix64_raise_si(cpu, rwx, eaddr, DSISR_NOPTE);
+            ppc_radix64_raise_si(cpu, access_type, eaddr, DSISR_NOPTE);
         }
         return 1;
     }
@@ -364,7 +389,7 @@ static int ppc_radix64_process_scoped_xlate(PowerPCCPU *cpu, int rwx,
         if (ret) {
             /* No valid PTE */
             if (guest_visible) {
-                ppc_radix64_raise_si(cpu, rwx, eaddr, fault_cause);
+                ppc_radix64_raise_si(cpu, access_type, eaddr, fault_cause);
             }
             return ret;
         }
@@ -393,7 +418,7 @@ static int ppc_radix64_process_scoped_xlate(PowerPCCPU *cpu, int rwx,
             if (ret) {
                 /* No valid pte */
                 if (guest_visible) {
-                    ppc_radix64_raise_si(cpu, rwx, eaddr, fault_cause);
+                    ppc_radix64_raise_si(cpu, access_type, eaddr, fault_cause);
                 }
                 return ret;
             }
@@ -407,16 +432,16 @@ static int ppc_radix64_process_scoped_xlate(PowerPCCPU *cpu, int rwx,
         *g_raddr = (rpn & ~mask) | (eaddr & mask);
     }
 
-    if (ppc_radix64_check_prot(cpu, rwx, pte, &fault_cause, g_prot, false)) {
+    if (ppc_radix64_check_prot(cpu, access_type, pte, &fault_cause, g_prot, false)) {
         /* Access denied due to protection */
         if (guest_visible) {
-            ppc_radix64_raise_si(cpu, rwx, eaddr, fault_cause);
+            ppc_radix64_raise_si(cpu, access_type, eaddr, fault_cause);
         }
         return 1;
     }
 
     if (guest_visible) {
-        ppc_radix64_set_rc(cpu, rwx, pte, pte_addr, g_prot);
+        ppc_radix64_set_rc(cpu, access_type, pte, pte_addr, g_prot);
     }
 
     return 0;
@@ -439,7 +464,8 @@ static int ppc_radix64_process_scoped_xlate(PowerPCCPU *cpu, int rwx,
  *              | = On        | Process Scoped |    Scoped     |
  *              +-------------+----------------+---------------+
  */
-static int ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr, int rwx,
+static int ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr,
+                             MMUAccessType access_type,
                              bool relocation,
                              hwaddr *raddr, int *psizep, int *protp,
                              bool guest_visible)
@@ -453,7 +479,7 @@ static int ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr, int rwx,
     /* Virtual Mode Access - get the fully qualified address */
     if (!ppc_radix64_get_fully_qualified_addr(&cpu->env, eaddr, &lpid, &pid)) {
         if (guest_visible) {
-            ppc_radix64_raise_segi(cpu, rwx, eaddr);
+            ppc_radix64_raise_segi(cpu, access_type, eaddr);
         }
         return 1;
     }
@@ -466,13 +492,13 @@ static int ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr, int rwx,
     } else {
         if (!ppc64_v3_get_pate(cpu, lpid, &pate)) {
             if (guest_visible) {
-                ppc_radix64_raise_si(cpu, rwx, eaddr, DSISR_NOPTE);
+                ppc_radix64_raise_si(cpu, access_type, eaddr, DSISR_NOPTE);
             }
             return 1;
         }
         if (!validate_pate(cpu, lpid, &pate)) {
             if (guest_visible) {
-                ppc_radix64_raise_si(cpu, rwx, eaddr, DSISR_R_BADCONFIG);
+                ppc_radix64_raise_si(cpu, access_type, eaddr, DSISR_R_BADCONFIG);
             }
             return 1;
         }
@@ -490,7 +516,7 @@ static int ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr, int rwx,
      * - Translates an effective address to a guest real address.
      */
     if (relocation) {
-        int ret = ppc_radix64_process_scoped_xlate(cpu, rwx, eaddr, pid,
+        int ret = ppc_radix64_process_scoped_xlate(cpu, access_type, eaddr, pid,
                                                    pate, &g_raddr, &prot,
                                                    &psize, guest_visible);
         if (ret) {
@@ -513,9 +539,10 @@ static int ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr, int rwx,
         if (lpid || !msr_hv) {
             int ret;
 
-            ret = ppc_radix64_partition_scoped_xlate(cpu, rwx, eaddr, g_raddr,
-                                                     pate, raddr, &prot, &psize,
-                                                     false, guest_visible);
+            ret = ppc_radix64_partition_scoped_xlate(cpu, access_type, eaddr,
+                                                     g_raddr, pate, raddr,
+                                                     &prot, &psize, false,
+                                                     guest_visible);
             if (ret) {
                 return ret;
             }
@@ -536,12 +563,14 @@ int ppc_radix64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr, int rwx,
     CPUPPCState *env = &cpu->env;
     int page_size, prot;
     bool relocation;
+    MMUAccessType access_type;
     hwaddr raddr;
 
     assert(!(msr_hv && cpu->vhyp));
     assert((rwx == 0) || (rwx == 1) || (rwx == 2));
+    access_type = rwx;
 
-    relocation = ((rwx == 2) && (msr_ir == 1)) || ((rwx != 2) && (msr_dr == 1));
+    relocation = (access_type == MMU_INST_FETCH ? msr_ir : msr_dr);
     /* HV or virtual hypervisor Real Mode Access */
     if (!relocation && (msr_hv || cpu->vhyp)) {
         /* In real mode top 4 effective addr bits (mostly) ignored */
@@ -570,7 +599,7 @@ int ppc_radix64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr, int rwx,
     }
 
     /* Translate eaddr to raddr (where raddr is addr qemu needs for access) */
-    if (ppc_radix64_xlate(cpu, eaddr, rwx, relocation, &raddr,
+    if (ppc_radix64_xlate(cpu, eaddr, access_type, relocation, &raddr,
                           &page_size, &prot, true)) {
         return 1;
     }
-- 
2.25.1



^ permalink raw reply	[flat|nested] 46+ messages in thread

* [PATCH 03/24] target/ppc: Use MMUAccessType in mmu-hash64.c
  2021-05-18 20:11 [PATCH 00/24] target/ppc: Clean up mmu translation Richard Henderson
  2021-05-18 20:11 ` [PATCH 01/24] target/ppc: Introduce prot_for_access_type Richard Henderson
  2021-05-18 20:11 ` [PATCH 02/24] target/ppc: Use MMUAccessType in mmu-radix64.c Richard Henderson
@ 2021-05-18 20:11 ` Richard Henderson
  2021-05-18 20:11 ` [PATCH 04/24] target/ppc: Use MMUAccessType in mmu-hash32.c Richard Henderson
                   ` (21 subsequent siblings)
  24 siblings, 0 replies; 46+ messages in thread
From: Richard Henderson @ 2021-05-18 20:11 UTC (permalink / raw)
  To: qemu-devel; +Cc: bruno.larsen, Ricgard Henderson, qemu-ppc, david

We must leave the 'int rwx' parameter to ppc_hash64_handle_mmu_fault
for now, but will clean that up later.

Signed-off-by: Ricgard Henderson <richard.henderson@linaro.org>
---
 target/ppc/mmu-hash64.c | 61 ++++++++++++++++++++++++++---------------
 1 file changed, 39 insertions(+), 22 deletions(-)

diff --git a/target/ppc/mmu-hash64.c b/target/ppc/mmu-hash64.c
index d5b70ddc9c..f48b625f48 100644
--- a/target/ppc/mmu-hash64.c
+++ b/target/ppc/mmu-hash64.c
@@ -877,10 +877,12 @@ int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
     hwaddr ptex;
     ppc_hash_pte64_t pte;
     int exec_prot, pp_prot, amr_prot, prot;
+    MMUAccessType access_type;
     int need_prot;
     hwaddr raddr;
 
     assert((rwx == 0) || (rwx == 1) || (rwx == 2));
+    access_type = rwx;
 
     /*
      * Note on LPCR usage: 970 uses HID4, but our special variant of
@@ -891,7 +893,7 @@ int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
      */
 
     /* 1. Handle real mode accesses */
-    if (((rwx == 2) && (msr_ir == 0)) || ((rwx != 2) && (msr_dr == 0))) {
+    if (access_type == MMU_INST_FETCH ? !msr_ir : !msr_dr) {
         /*
          * Translation is supposedly "off", but in real mode the top 4
          * effective address bits are (mostly) ignored
@@ -924,14 +926,19 @@ int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
 
             /* Emulated old-style RMO mode, bounds check against RMLS */
             if (raddr >= limit) {
-                if (rwx == 2) {
+                switch (access_type) {
+                case MMU_INST_FETCH:
                     ppc_hash64_set_isi(cs, SRR1_PROTFAULT);
-                } else {
-                    int dsisr = DSISR_PROTFAULT;
-                    if (rwx == 1) {
-                        dsisr |= DSISR_ISSTORE;
-                    }
-                    ppc_hash64_set_dsi(cs, eaddr, dsisr);
+                    break;
+                case MMU_DATA_LOAD:
+                    ppc_hash64_set_dsi(cs, eaddr, DSISR_PROTFAULT);
+                    break;
+                case MMU_DATA_STORE:
+                    ppc_hash64_set_dsi(cs, eaddr,
+                                       DSISR_PROTFAULT | DSISR_ISSTORE);
+                    break;
+                default:
+                    g_assert_not_reached();
                 }
                 return 1;
             }
@@ -954,13 +961,19 @@ int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
             exit(1);
         }
         /* Segment still not found, generate the appropriate interrupt */
-        if (rwx == 2) {
+        switch (access_type) {
+        case MMU_INST_FETCH:
             cs->exception_index = POWERPC_EXCP_ISEG;
             env->error_code = 0;
-        } else {
+            break;
+        case MMU_DATA_LOAD:
+        case MMU_DATA_STORE:
             cs->exception_index = POWERPC_EXCP_DSEG;
             env->error_code = 0;
             env->spr[SPR_DAR] = eaddr;
+            break;
+        default:
+            g_assert_not_reached();
         }
         return 1;
     }
@@ -968,7 +981,7 @@ int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
 skip_slb_search:
 
     /* 3. Check for segment level no-execute violation */
-    if ((rwx == 2) && (slb->vsid & SLB_VSID_N)) {
+    if (access_type == MMU_INST_FETCH && (slb->vsid & SLB_VSID_N)) {
         ppc_hash64_set_isi(cs, SRR1_NOEXEC_GUARD);
         return 1;
     }
@@ -976,14 +989,18 @@ skip_slb_search:
     /* 4. Locate the PTE in the hash table */
     ptex = ppc_hash64_htab_lookup(cpu, slb, eaddr, &pte, &apshift);
     if (ptex == -1) {
-        if (rwx == 2) {
+        switch (access_type) {
+        case MMU_INST_FETCH:
             ppc_hash64_set_isi(cs, SRR1_NOPTE);
-        } else {
-            int dsisr = DSISR_NOPTE;
-            if (rwx == 1) {
-                dsisr |= DSISR_ISSTORE;
-            }
-            ppc_hash64_set_dsi(cs, eaddr, dsisr);
+            break;
+        case MMU_DATA_LOAD:
+            ppc_hash64_set_dsi(cs, eaddr, DSISR_NOPTE);
+            break;
+        case MMU_DATA_STORE:
+            ppc_hash64_set_dsi(cs, eaddr, DSISR_NOPTE | DSISR_ISSTORE);
+            break;
+        default:
+            g_assert_not_reached();
         }
         return 1;
     }
@@ -997,11 +1014,11 @@ skip_slb_search:
     amr_prot = ppc_hash64_amr_prot(cpu, pte);
     prot = exec_prot & pp_prot & amr_prot;
 
-    need_prot = prot_for_access_type(rwx);
+    need_prot = prot_for_access_type(access_type);
     if (need_prot & ~prot) {
         /* Access right violation */
         qemu_log_mask(CPU_LOG_MMU, "PTE access rejected\n");
-        if (rwx == 2) {
+        if (access_type == MMU_INST_FETCH) {
             int srr1 = 0;
             if (PAGE_EXEC & ~exec_prot) {
                 srr1 |= SRR1_NOEXEC_GUARD; /* Access violates noexec or guard */
@@ -1017,7 +1034,7 @@ skip_slb_search:
             if (need_prot & ~pp_prot) {
                 dsisr |= DSISR_PROTFAULT;
             }
-            if (rwx == 1) {
+            if (access_type == MMU_DATA_STORE) {
                 dsisr |= DSISR_ISSTORE;
             }
             if (need_prot & ~amr_prot) {
@@ -1036,7 +1053,7 @@ skip_slb_search:
         ppc_hash64_set_r(cpu, ptex, pte.pte1);
     }
     if (!(pte.pte1 & HPTE64_R_C)) {
-        if (rwx == 1) {
+        if (access_type == MMU_DATA_STORE) {
             ppc_hash64_set_c(cpu, ptex, pte.pte1);
         } else {
             /*
-- 
2.25.1



^ permalink raw reply	[flat|nested] 46+ messages in thread

* [PATCH 04/24] target/ppc: Use MMUAccessType in mmu-hash32.c
  2021-05-18 20:11 [PATCH 00/24] target/ppc: Clean up mmu translation Richard Henderson
                   ` (2 preceding siblings ...)
  2021-05-18 20:11 ` [PATCH 03/24] target/ppc: Use MMUAccessType in mmu-hash64.c Richard Henderson
@ 2021-05-18 20:11 ` Richard Henderson
  2021-05-18 20:11 ` [PATCH 05/24] target/ppc: Rename access_type to type in mmu_helper.c Richard Henderson
                   ` (20 subsequent siblings)
  24 siblings, 0 replies; 46+ messages in thread
From: Richard Henderson @ 2021-05-18 20:11 UTC (permalink / raw)
  To: qemu-devel; +Cc: bruno.larsen, qemu-ppc, david

We must leave the 'int rwx' parameter to ppc_hash32_handle_mmu_fault
for now, but will clean that up later.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/ppc/mmu-hash32.c | 53 ++++++++++++++++++++++-------------------
 1 file changed, 29 insertions(+), 24 deletions(-)

diff --git a/target/ppc/mmu-hash32.c b/target/ppc/mmu-hash32.c
index 233a66658e..744a763f44 100644
--- a/target/ppc/mmu-hash32.c
+++ b/target/ppc/mmu-hash32.c
@@ -153,16 +153,17 @@ static int hash32_bat_601_prot(PowerPCCPU *cpu,
     return ppc_hash32_pp_prot(key, pp, 0);
 }
 
-static hwaddr ppc_hash32_bat_lookup(PowerPCCPU *cpu, target_ulong ea, int rwx,
-                                    int *prot)
+static hwaddr ppc_hash32_bat_lookup(PowerPCCPU *cpu, target_ulong ea,
+                                    MMUAccessType access_type, int *prot)
 {
     CPUPPCState *env = &cpu->env;
     target_ulong *BATlt, *BATut;
+    bool ifetch = access_type == MMU_INST_FETCH;
     int i;
 
     LOG_BATS("%s: %cBAT v " TARGET_FMT_lx "\n", __func__,
-             rwx == 2 ? 'I' : 'D', ea);
-    if (rwx == 2) {
+             ifetch ? 'I' : 'D', ea);
+    if (ifetch) {
         BATlt = env->IBAT[1];
         BATut = env->IBAT[0];
     } else {
@@ -181,7 +182,7 @@ static hwaddr ppc_hash32_bat_lookup(PowerPCCPU *cpu, target_ulong ea, int rwx,
         }
         LOG_BATS("%s: %cBAT%d v " TARGET_FMT_lx " BATu " TARGET_FMT_lx
                  " BATl " TARGET_FMT_lx "\n", __func__,
-                 type == ACCESS_CODE ? 'I' : 'D', i, ea, batu, batl);
+                 ifetch ? 'I' : 'D', i, ea, batu, batl);
 
         if (mask && ((ea & mask) == (batu & BATU32_BEPI))) {
             hwaddr raddr = (batl & mask) | (ea & ~mask);
@@ -209,7 +210,7 @@ static hwaddr ppc_hash32_bat_lookup(PowerPCCPU *cpu, target_ulong ea, int rwx,
             LOG_BATS("%s: %cBAT%d v " TARGET_FMT_lx " BATu " TARGET_FMT_lx
                      " BATl " TARGET_FMT_lx "\n\t" TARGET_FMT_lx " "
                      TARGET_FMT_lx " " TARGET_FMT_lx "\n",
-                     __func__, type == ACCESS_CODE ? 'I' : 'D', i, ea,
+                     __func__, ifetch ? 'I' : 'D', i, ea,
                      *BATu, *BATl, BEPIu, BEPIl, bl);
         }
     }
@@ -219,7 +220,8 @@ static hwaddr ppc_hash32_bat_lookup(PowerPCCPU *cpu, target_ulong ea, int rwx,
 }
 
 static int ppc_hash32_direct_store(PowerPCCPU *cpu, target_ulong sr,
-                                   target_ulong eaddr, int rwx,
+                                   target_ulong eaddr,
+                                   MMUAccessType access_type,
                                    hwaddr *raddr, int *prot)
 {
     CPUState *cs = CPU(cpu);
@@ -240,7 +242,7 @@ static int ppc_hash32_direct_store(PowerPCCPU *cpu, target_ulong sr,
         return 0;
     }
 
-    if (rwx == 2) {
+    if (access_type == MMU_INST_FETCH) {
         /* No code fetch is allowed in direct-store areas */
         cs->exception_index = POWERPC_EXCP_ISI;
         env->error_code = 0x10000000;
@@ -261,7 +263,7 @@ static int ppc_hash32_direct_store(PowerPCCPU *cpu, target_ulong sr,
         /* lwarx, ldarx or srwcx. */
         env->error_code = 0;
         env->spr[SPR_DAR] = eaddr;
-        if (rwx == 1) {
+        if (access_type == MMU_DATA_STORE) {
             env->spr[SPR_DSISR] = 0x06000000;
         } else {
             env->spr[SPR_DSISR] = 0x04000000;
@@ -281,7 +283,7 @@ static int ppc_hash32_direct_store(PowerPCCPU *cpu, target_ulong sr,
         cs->exception_index = POWERPC_EXCP_DSI;
         env->error_code = 0;
         env->spr[SPR_DAR] = eaddr;
-        if (rwx == 1) {
+        if (access_type == MMU_DATA_STORE) {
             env->spr[SPR_DSISR] = 0x06100000;
         } else {
             env->spr[SPR_DSISR] = 0x04100000;
@@ -291,14 +293,15 @@ static int ppc_hash32_direct_store(PowerPCCPU *cpu, target_ulong sr,
         cpu_abort(cs, "ERROR: instruction should not need "
                  "address translation\n");
     }
-    if ((rwx == 1 || key != 1) && (rwx == 0 || key != 0)) {
+    if ((access_type == MMU_DATA_STORE || key != 1) &&
+        (access_type == MMU_DATA_LOAD || key != 0)) {
         *raddr = eaddr;
         return 0;
     } else {
         cs->exception_index = POWERPC_EXCP_DSI;
         env->error_code = 0;
         env->spr[SPR_DAR] = eaddr;
-        if (rwx == 1) {
+        if (access_type == MMU_DATA_STORE) {
             env->spr[SPR_DSISR] = 0x0a000000;
         } else {
             env->spr[SPR_DSISR] = 0x08000000;
@@ -423,13 +426,15 @@ int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr, int rwx,
     ppc_hash_pte32_t pte;
     int prot;
     int need_prot;
+    MMUAccessType access_type;
     hwaddr raddr;
 
     assert((rwx == 0) || (rwx == 1) || (rwx == 2));
-    need_prot = prot_for_access_type(rwx);
+    access_type = rwx;
+    need_prot = prot_for_access_type(access_type);
 
     /* 1. Handle real mode accesses */
-    if (((rwx == 2) && (msr_ir == 0)) || ((rwx != 2) && (msr_dr == 0))) {
+    if (access_type == MMU_INST_FETCH ? !msr_ir : !msr_dr) {
         /* Translation is off */
         raddr = eaddr;
         tlb_set_page(cs, eaddr & TARGET_PAGE_MASK, raddr & TARGET_PAGE_MASK,
@@ -440,17 +445,17 @@ int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr, int rwx,
 
     /* 2. Check Block Address Translation entries (BATs) */
     if (env->nb_BATs != 0) {
-        raddr = ppc_hash32_bat_lookup(cpu, eaddr, rwx, &prot);
+        raddr = ppc_hash32_bat_lookup(cpu, eaddr, access_type, &prot);
         if (raddr != -1) {
             if (need_prot & ~prot) {
-                if (rwx == 2) {
+                if (access_type == MMU_INST_FETCH) {
                     cs->exception_index = POWERPC_EXCP_ISI;
                     env->error_code = 0x08000000;
                 } else {
                     cs->exception_index = POWERPC_EXCP_DSI;
                     env->error_code = 0;
                     env->spr[SPR_DAR] = eaddr;
-                    if (rwx == 1) {
+                    if (access_type == MMU_DATA_STORE) {
                         env->spr[SPR_DSISR] = 0x0a000000;
                     } else {
                         env->spr[SPR_DSISR] = 0x08000000;
@@ -471,7 +476,7 @@ int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr, int rwx,
 
     /* 4. Handle direct store segments */
     if (sr & SR32_T) {
-        if (ppc_hash32_direct_store(cpu, sr, eaddr, rwx,
+        if (ppc_hash32_direct_store(cpu, sr, eaddr, access_type,
                                     &raddr, &prot) == 0) {
             tlb_set_page(cs, eaddr & TARGET_PAGE_MASK,
                          raddr & TARGET_PAGE_MASK, prot, mmu_idx,
@@ -483,7 +488,7 @@ int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr, int rwx,
     }
 
     /* 5. Check for segment level no-execute violation */
-    if ((rwx == 2) && (sr & SR32_NX)) {
+    if (access_type == MMU_INST_FETCH && (sr & SR32_NX)) {
         cs->exception_index = POWERPC_EXCP_ISI;
         env->error_code = 0x10000000;
         return 1;
@@ -492,14 +497,14 @@ int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr, int rwx,
     /* 6. Locate the PTE in the hash table */
     pte_offset = ppc_hash32_htab_lookup(cpu, sr, eaddr, &pte);
     if (pte_offset == -1) {
-        if (rwx == 2) {
+        if (access_type == MMU_INST_FETCH) {
             cs->exception_index = POWERPC_EXCP_ISI;
             env->error_code = 0x40000000;
         } else {
             cs->exception_index = POWERPC_EXCP_DSI;
             env->error_code = 0;
             env->spr[SPR_DAR] = eaddr;
-            if (rwx == 1) {
+            if (access_type == MMU_DATA_STORE) {
                 env->spr[SPR_DSISR] = 0x42000000;
             } else {
                 env->spr[SPR_DSISR] = 0x40000000;
@@ -518,14 +523,14 @@ int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr, int rwx,
     if (need_prot & ~prot) {
         /* Access right violation */
         qemu_log_mask(CPU_LOG_MMU, "PTE access rejected\n");
-        if (rwx == 2) {
+        if (access_type == MMU_INST_FETCH) {
             cs->exception_index = POWERPC_EXCP_ISI;
             env->error_code = 0x08000000;
         } else {
             cs->exception_index = POWERPC_EXCP_DSI;
             env->error_code = 0;
             env->spr[SPR_DAR] = eaddr;
-            if (rwx == 1) {
+            if (access_type == MMU_DATA_STORE) {
                 env->spr[SPR_DSISR] = 0x0a000000;
             } else {
                 env->spr[SPR_DSISR] = 0x08000000;
@@ -542,7 +547,7 @@ int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr, int rwx,
         ppc_hash32_set_r(cpu, pte_offset, pte.pte1);
     }
     if (!(pte.pte1 & HPTE32_R_C)) {
-        if (rwx == 1) {
+        if (access_type == MMU_DATA_STORE) {
             ppc_hash32_set_c(cpu, pte_offset, pte.pte1);
         } else {
             /*
-- 
2.25.1



^ permalink raw reply	[flat|nested] 46+ messages in thread

* [PATCH 05/24] target/ppc: Rename access_type to type in mmu_helper.c
  2021-05-18 20:11 [PATCH 00/24] target/ppc: Clean up mmu translation Richard Henderson
                   ` (3 preceding siblings ...)
  2021-05-18 20:11 ` [PATCH 04/24] target/ppc: Use MMUAccessType in mmu-hash32.c Richard Henderson
@ 2021-05-18 20:11 ` Richard Henderson
  2021-05-18 20:11 ` [PATCH 06/24] target/ppc: Use MMUAccessType " Richard Henderson
                   ` (19 subsequent siblings)
  24 siblings, 0 replies; 46+ messages in thread
From: Richard Henderson @ 2021-05-18 20:11 UTC (permalink / raw)
  To: qemu-devel; +Cc: bruno.larsen, qemu-ppc, david

The variable that holds ACCESS_INT, ACCESS_FLOAT, etc is
variously called 'int type' or 'int access_type' within
this file.  Standardize on 'int type' throughout.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/ppc/mmu_helper.c | 64 ++++++++++++++++++++---------------------
 1 file changed, 32 insertions(+), 32 deletions(-)

diff --git a/target/ppc/mmu_helper.c b/target/ppc/mmu_helper.c
index 06e1ebdcbc..dd2f1e2a90 100644
--- a/target/ppc/mmu_helper.c
+++ b/target/ppc/mmu_helper.c
@@ -126,11 +126,11 @@ static int pp_check(int key, int pp, int nx)
     return access;
 }
 
-static int check_prot(int prot, int rw, int access_type)
+static int check_prot(int prot, int rw, int type)
 {
     int ret;
 
-    if (access_type == ACCESS_CODE) {
+    if (type == ACCESS_CODE) {
         if (prot & PAGE_EXEC) {
             ret = 0;
         } else {
@@ -309,7 +309,7 @@ static void ppc6xx_tlb_store(CPUPPCState *env, target_ulong EPN, int way,
 }
 
 static inline int ppc6xx_tlb_check(CPUPPCState *env, mmu_ctx_t *ctx,
-                                   target_ulong eaddr, int rw, int access_type)
+                                   target_ulong eaddr, int rw, int type)
 {
     ppc6xx_tlb_t *tlb;
     int nr, best, way;
@@ -319,7 +319,7 @@ static inline int ppc6xx_tlb_check(CPUPPCState *env, mmu_ctx_t *ctx,
     ret = -1; /* No TLB found */
     for (way = 0; way < env->nb_ways; way++) {
         nr = ppc6xx_tlb_getnum(env, eaddr, way,
-                               access_type == ACCESS_CODE ? 1 : 0);
+                               type == ACCESS_CODE ? 1 : 0);
         tlb = &env->tlb.tlb6[nr];
         /* This test "emulates" the PTE index match for hardware TLBs */
         if ((eaddr & TARGET_PAGE_MASK) != tlb->EPN) {
@@ -333,9 +333,9 @@ static inline int ppc6xx_tlb_check(CPUPPCState *env, mmu_ctx_t *ctx,
                   TARGET_FMT_lx " %c %c\n", nr, env->nb_tlb,
                   pte_is_valid(tlb->pte0) ? "valid" : "inval",
                   tlb->EPN, eaddr, tlb->pte1,
-                  rw ? 'S' : 'L', access_type == ACCESS_CODE ? 'I' : 'D');
+                  rw ? 'S' : 'L', type == ACCESS_CODE ? 'I' : 'D');
         switch (ppc6xx_tlb_pte_check(ctx, tlb->pte0, tlb->pte1,
-                                     0, rw, access_type)) {
+                                     0, rw, type)) {
         case -3:
             /* TLB inconsistency */
             return -1;
@@ -683,7 +683,7 @@ static inline void ppc4xx_tlb_invalidate_all(CPUPPCState *env)
 
 static int mmu40x_get_physical_address(CPUPPCState *env, mmu_ctx_t *ctx,
                                        target_ulong address, int rw,
-                                       int access_type)
+                                       int type)
 {
     ppcemb_tlb_t *tlb;
     hwaddr raddr;
@@ -727,7 +727,7 @@ static int mmu40x_get_physical_address(CPUPPCState *env, mmu_ctx_t *ctx,
         check_perms:
             /* Check from TLB entry */
             ctx->prot = tlb->prot;
-            ret = check_prot(ctx->prot, rw, access_type);
+            ret = check_prot(ctx->prot, rw, type);
             if (ret == -2) {
                 env->spr[SPR_40x_ESR] = 0;
             }
@@ -760,7 +760,7 @@ void store_40x_sler(CPUPPCState *env, uint32_t val)
 static inline int mmubooke_check_tlb(CPUPPCState *env, ppcemb_tlb_t *tlb,
                                      hwaddr *raddr, int *prot,
                                      target_ulong address, int rw,
-                                     int access_type, int i)
+                                     int type, int i)
 {
     int ret, prot2;
 
@@ -794,7 +794,7 @@ found_tlb:
     }
 
     /* Check the address space */
-    if (access_type == ACCESS_CODE) {
+    if (type == ACCESS_CODE) {
         if (msr_ir != (tlb->attr & 1)) {
             LOG_SWTLB("%s: AS doesn't match\n", __func__);
             return -1;
@@ -829,7 +829,7 @@ found_tlb:
 
 static int mmubooke_get_physical_address(CPUPPCState *env, mmu_ctx_t *ctx,
                                          target_ulong address, int rw,
-                                         int access_type)
+                                         int type)
 {
     ppcemb_tlb_t *tlb;
     hwaddr raddr;
@@ -840,7 +840,7 @@ static int mmubooke_get_physical_address(CPUPPCState *env, mmu_ctx_t *ctx,
     for (i = 0; i < env->nb_tlb; i++) {
         tlb = &env->tlb.tlbe[i];
         ret = mmubooke_check_tlb(env, tlb, &raddr, &ctx->prot, address, rw,
-                                 access_type, i);
+                                 type, i);
         if (ret != -1) {
             break;
         }
@@ -984,7 +984,7 @@ static bool mmubooke206_get_as(CPUPPCState *env,
 static int mmubooke206_check_tlb(CPUPPCState *env, ppcmas_tlb_t *tlb,
                                  hwaddr *raddr, int *prot,
                                  target_ulong address, int rw,
-                                 int access_type, int mmu_idx)
+                                 int type, int mmu_idx)
 {
     int ret;
     int prot2 = 0;
@@ -1043,7 +1043,7 @@ found_tlb:
     }
 
     /* Check the address space and permissions */
-    if (access_type == ACCESS_CODE) {
+    if (type == ACCESS_CODE) {
         /* There is no way to fetch code using epid load */
         assert(!use_epid);
         if (msr_ir != ((tlb->mas1 & MAS1_TS) >> MAS1_TS_SHIFT)) {
@@ -1080,7 +1080,7 @@ found_tlb:
 
 static int mmubooke206_get_physical_address(CPUPPCState *env, mmu_ctx_t *ctx,
                                             target_ulong address, int rw,
-                                            int access_type, int mmu_idx)
+                                            int type, int mmu_idx)
 {
     ppcmas_tlb_t *tlb;
     hwaddr raddr;
@@ -1098,7 +1098,7 @@ static int mmubooke206_get_physical_address(CPUPPCState *env, mmu_ctx_t *ctx,
                 continue;
             }
             ret = mmubooke206_check_tlb(env, tlb, &raddr, &ctx->prot, address,
-                                        rw, access_type, mmu_idx);
+                                        rw, type, mmu_idx);
             if (ret != -1) {
                 goto found_tlb;
             }
@@ -1415,12 +1415,12 @@ static inline int check_physical(CPUPPCState *env, mmu_ctx_t *ctx,
 
 static int get_physical_address_wtlb(
     CPUPPCState *env, mmu_ctx_t *ctx,
-    target_ulong eaddr, int rw, int access_type,
+    target_ulong eaddr, int rw, int type,
     int mmu_idx)
 {
     int ret = -1;
-    bool real_mode = (access_type == ACCESS_CODE && msr_ir == 0)
-        || (access_type != ACCESS_CODE && msr_dr == 0);
+    bool real_mode = (type == ACCESS_CODE && msr_ir == 0)
+        || (type != ACCESS_CODE && msr_dr == 0);
 
     switch (env->mmu_model) {
     case POWERPC_MMU_SOFT_6xx:
@@ -1430,11 +1430,11 @@ static int get_physical_address_wtlb(
         } else {
             /* Try to find a BAT */
             if (env->nb_BATs != 0) {
-                ret = get_bat_6xx_tlb(env, ctx, eaddr, rw, access_type);
+                ret = get_bat_6xx_tlb(env, ctx, eaddr, rw, type);
             }
             if (ret < 0) {
                 /* We didn't match any BAT entry or don't have BATs */
-                ret = get_segment_6xx_tlb(env, ctx, eaddr, rw, access_type);
+                ret = get_segment_6xx_tlb(env, ctx, eaddr, rw, type);
             }
         }
         break;
@@ -1445,16 +1445,16 @@ static int get_physical_address_wtlb(
             ret = check_physical(env, ctx, eaddr, rw);
         } else {
             ret = mmu40x_get_physical_address(env, ctx, eaddr,
-                                              rw, access_type);
+                                              rw, type);
         }
         break;
     case POWERPC_MMU_BOOKE:
         ret = mmubooke_get_physical_address(env, ctx, eaddr,
-                                            rw, access_type);
+                                            rw, type);
         break;
     case POWERPC_MMU_BOOKE206:
         ret = mmubooke206_get_physical_address(env, ctx, eaddr, rw,
-                                               access_type, mmu_idx);
+                                               type, mmu_idx);
         break;
     case POWERPC_MMU_MPC8xx:
         /* XXX: TODO */
@@ -1478,9 +1478,9 @@ static int get_physical_address_wtlb(
 
 static int get_physical_address(
     CPUPPCState *env, mmu_ctx_t *ctx,
-    target_ulong eaddr, int rw, int access_type)
+    target_ulong eaddr, int rw, int type)
 {
-    return get_physical_address_wtlb(env, ctx, eaddr, rw, access_type, 0);
+    return get_physical_address_wtlb(env, ctx, eaddr, rw, type, 0);
 }
 
 hwaddr ppc_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
@@ -1584,19 +1584,19 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
     CPUState *cs = env_cpu(env);
     PowerPCCPU *cpu = POWERPC_CPU(cs);
     mmu_ctx_t ctx;
-    int access_type;
+    int type;
     int ret = 0;
 
     if (rw == 2) {
         /* code access */
         rw = 0;
-        access_type = ACCESS_CODE;
+        type = ACCESS_CODE;
     } else {
         /* data access */
-        access_type = env->access_type;
+        type = env->access_type;
     }
     ret = get_physical_address_wtlb(env, &ctx, address, rw,
-                                    access_type, mmu_idx);
+                                    type, mmu_idx);
     if (ret == 0) {
         tlb_set_page(cs, address & TARGET_PAGE_MASK,
                      ctx.raddr & TARGET_PAGE_MASK, ctx.prot,
@@ -1604,7 +1604,7 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
         ret = 0;
     } else if (ret < 0) {
         LOG_MMU_STATE(cs);
-        if (access_type == ACCESS_CODE) {
+        if (type == ACCESS_CODE) {
             switch (ret) {
             case -1:
                 /* No matches in page tables or TLB */
@@ -1761,7 +1761,7 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
                 break;
             case -4:
                 /* Direct store exception */
-                switch (access_type) {
+                switch (type) {
                 case ACCESS_FLOAT:
                     /* Floating point load/store */
                     cs->exception_index = POWERPC_EXCP_ALIGN;
-- 
2.25.1



^ permalink raw reply	[flat|nested] 46+ messages in thread

* [PATCH 06/24] target/ppc: Use MMUAccessType in mmu_helper.c
  2021-05-18 20:11 [PATCH 00/24] target/ppc: Clean up mmu translation Richard Henderson
                   ` (4 preceding siblings ...)
  2021-05-18 20:11 ` [PATCH 05/24] target/ppc: Rename access_type to type in mmu_helper.c Richard Henderson
@ 2021-05-18 20:11 ` Richard Henderson
  2021-05-18 20:11 ` [PATCH 07/24] target/ppc: Remove type argument from check_prot Richard Henderson
                   ` (18 subsequent siblings)
  24 siblings, 0 replies; 46+ messages in thread
From: Richard Henderson @ 2021-05-18 20:11 UTC (permalink / raw)
  To: qemu-devel; +Cc: bruno.larsen, qemu-ppc, david

This replaces 'int rw' with 'MMUAccessType access_type'.
Comparisons vs zero become either MMU_DATA_LOAD or MMU_DATA_STORE,
since we had previously squashed rw to 0 for code access.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/ppc/mmu_helper.c | 161 +++++++++++++++++++++-------------------
 1 file changed, 85 insertions(+), 76 deletions(-)

diff --git a/target/ppc/mmu_helper.c b/target/ppc/mmu_helper.c
index dd2f1e2a90..2aa1b777de 100644
--- a/target/ppc/mmu_helper.c
+++ b/target/ppc/mmu_helper.c
@@ -126,7 +126,7 @@ static int pp_check(int key, int pp, int nx)
     return access;
 }
 
-static int check_prot(int prot, int rw, int type)
+static int check_prot(int prot, MMUAccessType access_type, int type)
 {
     int ret;
 
@@ -136,7 +136,7 @@ static int check_prot(int prot, int rw, int type)
         } else {
             ret = -2;
         }
-    } else if (rw) {
+    } else if (access_type == MMU_DATA_STORE) {
         if (prot & PAGE_WRITE) {
             ret = 0;
         } else {
@@ -153,9 +153,9 @@ static int check_prot(int prot, int rw, int type)
     return ret;
 }
 
-static inline int ppc6xx_tlb_pte_check(mmu_ctx_t *ctx, target_ulong pte0,
-                                       target_ulong pte1, int h,
-                                       int rw, int type)
+static int ppc6xx_tlb_pte_check(mmu_ctx_t *ctx, target_ulong pte0,
+                                target_ulong pte1, int h,
+                                MMUAccessType access_type, int type)
 {
     target_ulong ptem, mmask;
     int access, ret, pteh, ptev, pp;
@@ -182,7 +182,7 @@ static inline int ppc6xx_tlb_pte_check(mmu_ctx_t *ctx, target_ulong pte0,
             /* Keep the matching PTE information */
             ctx->raddr = pte1;
             ctx->prot = access;
-            ret = check_prot(ctx->prot, rw, type);
+            ret = check_prot(ctx->prot, access_type, type);
             if (ret == 0) {
                 /* Access granted */
                 qemu_log_mask(CPU_LOG_MMU, "PTE access granted !\n");
@@ -197,7 +197,7 @@ static inline int ppc6xx_tlb_pte_check(mmu_ctx_t *ctx, target_ulong pte0,
 }
 
 static int pte_update_flags(mmu_ctx_t *ctx, target_ulong *pte1p,
-                            int ret, int rw)
+                            int ret, MMUAccessType access_type)
 {
     int store = 0;
 
@@ -208,7 +208,7 @@ static int pte_update_flags(mmu_ctx_t *ctx, target_ulong *pte1p,
         store = 1;
     }
     if (!(*pte1p & 0x00000080)) {
-        if (rw == 1 && ret == 0) {
+        if (access_type == MMU_DATA_STORE && ret == 0) {
             /* Update changed flag */
             *pte1p |= 0x00000080;
             store = 1;
@@ -308,8 +308,9 @@ static void ppc6xx_tlb_store(CPUPPCState *env, target_ulong EPN, int way,
     env->last_way = way;
 }
 
-static inline int ppc6xx_tlb_check(CPUPPCState *env, mmu_ctx_t *ctx,
-                                   target_ulong eaddr, int rw, int type)
+static int ppc6xx_tlb_check(CPUPPCState *env, mmu_ctx_t *ctx,
+                            target_ulong eaddr,
+                            MMUAccessType access_type, int type)
 {
     ppc6xx_tlb_t *tlb;
     int nr, best, way;
@@ -333,9 +334,10 @@ static inline int ppc6xx_tlb_check(CPUPPCState *env, mmu_ctx_t *ctx,
                   TARGET_FMT_lx " %c %c\n", nr, env->nb_tlb,
                   pte_is_valid(tlb->pte0) ? "valid" : "inval",
                   tlb->EPN, eaddr, tlb->pte1,
-                  rw ? 'S' : 'L', type == ACCESS_CODE ? 'I' : 'D');
+                  access_type == MMU_DATA_STORE ? 'S' : 'L',
+                  type == ACCESS_CODE ? 'I' : 'D');
         switch (ppc6xx_tlb_pte_check(ctx, tlb->pte0, tlb->pte1,
-                                     0, rw, type)) {
+                                     0, access_type, type)) {
         case -3:
             /* TLB inconsistency */
             return -1;
@@ -366,7 +368,7 @@ static inline int ppc6xx_tlb_check(CPUPPCState *env, mmu_ctx_t *ctx,
         LOG_SWTLB("found TLB at addr " TARGET_FMT_plx " prot=%01x ret=%d\n",
                   ctx->raddr & TARGET_PAGE_MASK, ctx->prot, ret);
         /* Update page flags */
-        pte_update_flags(ctx, &env->tlb.tlb6[best].pte1, ret, rw);
+        pte_update_flags(ctx, &env->tlb.tlb6[best].pte1, ret, access_type);
     }
 
     return ret;
@@ -400,7 +402,8 @@ static inline void bat_size_prot(CPUPPCState *env, target_ulong *blp,
 }
 
 static int get_bat_6xx_tlb(CPUPPCState *env, mmu_ctx_t *ctx,
-                           target_ulong virtual, int rw, int type)
+                           target_ulong virtual, MMUAccessType access_type,
+                           int type)
 {
     target_ulong *BATlt, *BATut, *BATu, *BATl;
     target_ulong BEPIl, BEPIu, bl;
@@ -438,7 +441,7 @@ static int get_bat_6xx_tlb(CPUPPCState *env, mmu_ctx_t *ctx,
                     (virtual & 0x0001F000);
                 /* Compute access rights */
                 ctx->prot = prot;
-                ret = check_prot(ctx->prot, rw, type);
+                ret = check_prot(ctx->prot, access_type, type);
                 if (ret == 0) {
                     LOG_BATS("BAT %d match: r " TARGET_FMT_plx " prot=%c%c\n",
                              i, ctx->raddr, ctx->prot & PAGE_READ ? 'R' : '-',
@@ -472,8 +475,9 @@ static int get_bat_6xx_tlb(CPUPPCState *env, mmu_ctx_t *ctx,
 }
 
 /* Perform segment based translation */
-static inline int get_segment_6xx_tlb(CPUPPCState *env, mmu_ctx_t *ctx,
-                                      target_ulong eaddr, int rw, int type)
+static int get_segment_6xx_tlb(CPUPPCState *env, mmu_ctx_t *ctx,
+                               target_ulong eaddr, MMUAccessType access_type,
+                               int type)
 {
     PowerPCCPU *cpu = env_archcpu(env);
     hwaddr hash;
@@ -497,7 +501,7 @@ static inline int get_segment_6xx_tlb(CPUPPCState *env, mmu_ctx_t *ctx,
             " nip=" TARGET_FMT_lx " lr=" TARGET_FMT_lx
             " ir=%d dr=%d pr=%d %d t=%d\n",
             eaddr, (int)(eaddr >> 28), sr, env->nip, env->lr, (int)msr_ir,
-            (int)msr_dr, pr != 0 ? 1 : 0, rw, type);
+            (int)msr_dr, pr != 0 ? 1 : 0, access_type == MMU_DATA_STORE, type);
     pgidx = (eaddr & ~SEGMENT_MASK_256M) >> target_page_bits;
     hash = vsid ^ pgidx;
     ctx->ptem = (vsid << 7) | (pgidx >> 10);
@@ -520,7 +524,7 @@ static inline int get_segment_6xx_tlb(CPUPPCState *env, mmu_ctx_t *ctx,
             /* Initialize real address with an invalid value */
             ctx->raddr = (hwaddr)-1ULL;
             /* Software TLB search */
-            ret = ppc6xx_tlb_check(env, ctx, eaddr, rw, type);
+            ret = ppc6xx_tlb_check(env, ctx, eaddr, access_type, type);
 #if defined(DUMP_PAGE_TABLES)
             if (qemu_loglevel_mask(CPU_LOG_MMU)) {
                 CPUState *cs = env_cpu(env);
@@ -603,7 +607,8 @@ static inline int get_segment_6xx_tlb(CPUPPCState *env, mmu_ctx_t *ctx,
                           "address translation\n");
             return -4;
         }
-        if ((rw == 1 || ctx->key != 1) && (rw == 0 || ctx->key != 0)) {
+        if ((access_type == MMU_DATA_STORE || ctx->key != 1) &&
+            (access_type == MMU_DATA_LOAD || ctx->key != 0)) {
             ctx->raddr = eaddr;
             ret = 2;
         } else {
@@ -682,7 +687,8 @@ static inline void ppc4xx_tlb_invalidate_all(CPUPPCState *env)
 }
 
 static int mmu40x_get_physical_address(CPUPPCState *env, mmu_ctx_t *ctx,
-                                       target_ulong address, int rw,
+                                       target_ulong address,
+                                       MMUAccessType access_type,
                                        int type)
 {
     ppcemb_tlb_t *tlb;
@@ -700,8 +706,8 @@ static int mmu40x_get_physical_address(CPUPPCState *env, mmu_ctx_t *ctx,
         }
         zsel = (tlb->attr >> 4) & 0xF;
         zpr = (env->spr[SPR_40x_ZPR] >> (30 - (2 * zsel))) & 0x3;
-        LOG_SWTLB("%s: TLB %d zsel %d zpr %d rw %d attr %08x\n",
-                    __func__, i, zsel, zpr, rw, tlb->attr);
+        LOG_SWTLB("%s: TLB %d zsel %d zpr %d ty %d attr %08x\n",
+                    __func__, i, zsel, zpr, access_type, tlb->attr);
         /* Check execute enable bit */
         switch (zpr) {
         case 0x2:
@@ -727,7 +733,7 @@ static int mmu40x_get_physical_address(CPUPPCState *env, mmu_ctx_t *ctx,
         check_perms:
             /* Check from TLB entry */
             ctx->prot = tlb->prot;
-            ret = check_prot(ctx->prot, rw, type);
+            ret = check_prot(ctx->prot, access_type, type);
             if (ret == -2) {
                 env->spr[SPR_40x_ESR] = 0;
             }
@@ -757,10 +763,9 @@ void store_40x_sler(CPUPPCState *env, uint32_t val)
     env->spr[SPR_405_SLER] = val;
 }
 
-static inline int mmubooke_check_tlb(CPUPPCState *env, ppcemb_tlb_t *tlb,
-                                     hwaddr *raddr, int *prot,
-                                     target_ulong address, int rw,
-                                     int type, int i)
+static int mmubooke_check_tlb(CPUPPCState *env, ppcemb_tlb_t *tlb,
+                              hwaddr *raddr, int *prot, target_ulong address,
+                              MMUAccessType access_type, int type, int i)
 {
     int ret, prot2;
 
@@ -815,7 +820,7 @@ found_tlb:
         }
 
         *prot = prot2;
-        if ((!rw && prot2 & PAGE_READ) || (rw && (prot2 & PAGE_WRITE))) {
+        if (prot2 & (access_type == MMU_DATA_LOAD ? PAGE_READ : PAGE_WRITE)) {
             LOG_SWTLB("%s: found TLB!\n", __func__);
             return 0;
         }
@@ -828,7 +833,8 @@ found_tlb:
 }
 
 static int mmubooke_get_physical_address(CPUPPCState *env, mmu_ctx_t *ctx,
-                                         target_ulong address, int rw,
+                                         target_ulong address,
+                                         MMUAccessType access_type,
                                          int type)
 {
     ppcemb_tlb_t *tlb;
@@ -839,8 +845,8 @@ static int mmubooke_get_physical_address(CPUPPCState *env, mmu_ctx_t *ctx,
     raddr = (hwaddr)-1ULL;
     for (i = 0; i < env->nb_tlb; i++) {
         tlb = &env->tlb.tlbe[i];
-        ret = mmubooke_check_tlb(env, tlb, &raddr, &ctx->prot, address, rw,
-                                 type, i);
+        ret = mmubooke_check_tlb(env, tlb, &raddr, &ctx->prot, address,
+                                 access_type, type, i);
         if (ret != -1) {
             break;
         }
@@ -938,10 +944,10 @@ static bool is_epid_mmu(int mmu_idx)
     return mmu_idx == PPC_TLB_EPID_STORE || mmu_idx == PPC_TLB_EPID_LOAD;
 }
 
-static uint32_t mmubooke206_esr(int mmu_idx, bool rw)
+static uint32_t mmubooke206_esr(int mmu_idx, MMUAccessType access_type)
 {
     uint32_t esr = 0;
-    if (rw) {
+    if (access_type == MMU_DATA_STORE) {
         esr |= ESR_ST;
     }
     if (is_epid_mmu(mmu_idx)) {
@@ -983,7 +989,8 @@ static bool mmubooke206_get_as(CPUPPCState *env,
 /* Check if the tlb found by hashing really matches */
 static int mmubooke206_check_tlb(CPUPPCState *env, ppcmas_tlb_t *tlb,
                                  hwaddr *raddr, int *prot,
-                                 target_ulong address, int rw,
+                                 target_ulong address,
+                                 MMUAccessType access_type,
                                  int type, int mmu_idx)
 {
     int ret;
@@ -1066,7 +1073,7 @@ found_tlb:
         }
 
         *prot = prot2;
-        if ((!rw && prot2 & PAGE_READ) || (rw && (prot2 & PAGE_WRITE))) {
+        if (prot2 & (access_type == MMU_DATA_LOAD ? PAGE_READ : PAGE_WRITE)) {
             LOG_SWTLB("%s: found TLB!\n", __func__);
             return 0;
         }
@@ -1079,7 +1086,8 @@ found_tlb:
 }
 
 static int mmubooke206_get_physical_address(CPUPPCState *env, mmu_ctx_t *ctx,
-                                            target_ulong address, int rw,
+                                            target_ulong address,
+                                            MMUAccessType access_type,
                                             int type, int mmu_idx)
 {
     ppcmas_tlb_t *tlb;
@@ -1098,7 +1106,7 @@ static int mmubooke206_get_physical_address(CPUPPCState *env, mmu_ctx_t *ctx,
                 continue;
             }
             ret = mmubooke206_check_tlb(env, tlb, &raddr, &ctx->prot, address,
-                                        rw, type, mmu_idx);
+                                        access_type, type, mmu_idx);
             if (ret != -1) {
                 goto found_tlb;
             }
@@ -1361,8 +1369,8 @@ void dump_mmu(CPUPPCState *env)
     }
 }
 
-static inline int check_physical(CPUPPCState *env, mmu_ctx_t *ctx,
-                                 target_ulong eaddr, int rw)
+static int check_physical(CPUPPCState *env, mmu_ctx_t *ctx, target_ulong eaddr,
+                          MMUAccessType access_type)
 {
     int in_plb, ret;
 
@@ -1393,7 +1401,7 @@ static inline int check_physical(CPUPPCState *env, mmu_ctx_t *ctx,
                  eaddr >= env->pb[2] && eaddr < env->pb[3]) ? 1 : 0;
             if (in_plb ^ msr_px) {
                 /* Access in protected area */
-                if (rw == 1) {
+                if (access_type == MMU_DATA_STORE) {
                     /* Access is not allowed */
                     ret = -2;
                 }
@@ -1413,10 +1421,10 @@ static inline int check_physical(CPUPPCState *env, mmu_ctx_t *ctx,
     return ret;
 }
 
-static int get_physical_address_wtlb(
-    CPUPPCState *env, mmu_ctx_t *ctx,
-    target_ulong eaddr, int rw, int type,
-    int mmu_idx)
+static int get_physical_address_wtlb(CPUPPCState *env, mmu_ctx_t *ctx,
+                                     target_ulong eaddr,
+                                     MMUAccessType access_type, int type,
+                                     int mmu_idx)
 {
     int ret = -1;
     bool real_mode = (type == ACCESS_CODE && msr_ir == 0)
@@ -1426,15 +1434,15 @@ static int get_physical_address_wtlb(
     case POWERPC_MMU_SOFT_6xx:
     case POWERPC_MMU_SOFT_74xx:
         if (real_mode) {
-            ret = check_physical(env, ctx, eaddr, rw);
+            ret = check_physical(env, ctx, eaddr, access_type);
         } else {
             /* Try to find a BAT */
             if (env->nb_BATs != 0) {
-                ret = get_bat_6xx_tlb(env, ctx, eaddr, rw, type);
+                ret = get_bat_6xx_tlb(env, ctx, eaddr, access_type, type);
             }
             if (ret < 0) {
                 /* We didn't match any BAT entry or don't have BATs */
-                ret = get_segment_6xx_tlb(env, ctx, eaddr, rw, type);
+                ret = get_segment_6xx_tlb(env, ctx, eaddr, access_type, type);
             }
         }
         break;
@@ -1442,18 +1450,18 @@ static int get_physical_address_wtlb(
     case POWERPC_MMU_SOFT_4xx:
     case POWERPC_MMU_SOFT_4xx_Z:
         if (real_mode) {
-            ret = check_physical(env, ctx, eaddr, rw);
+            ret = check_physical(env, ctx, eaddr, access_type);
         } else {
             ret = mmu40x_get_physical_address(env, ctx, eaddr,
-                                              rw, type);
+                                              access_type, type);
         }
         break;
     case POWERPC_MMU_BOOKE:
         ret = mmubooke_get_physical_address(env, ctx, eaddr,
-                                            rw, type);
+                                            access_type, type);
         break;
     case POWERPC_MMU_BOOKE206:
-        ret = mmubooke206_get_physical_address(env, ctx, eaddr, rw,
+        ret = mmubooke206_get_physical_address(env, ctx, eaddr, access_type,
                                                type, mmu_idx);
         break;
     case POWERPC_MMU_MPC8xx:
@@ -1462,7 +1470,7 @@ static int get_physical_address_wtlb(
         break;
     case POWERPC_MMU_REAL:
         if (real_mode) {
-            ret = check_physical(env, ctx, eaddr, rw);
+            ret = check_physical(env, ctx, eaddr, access_type);
         } else {
             cpu_abort(env_cpu(env),
                       "PowerPC in real mode do not do any translation\n");
@@ -1476,11 +1484,11 @@ static int get_physical_address_wtlb(
     return ret;
 }
 
-static int get_physical_address(
-    CPUPPCState *env, mmu_ctx_t *ctx,
-    target_ulong eaddr, int rw, int type)
+static int get_physical_address(CPUPPCState *env, mmu_ctx_t *ctx,
+                                target_ulong eaddr, MMUAccessType access_type,
+                                int type)
 {
-    return get_physical_address_wtlb(env, ctx, eaddr, rw, type, 0);
+    return get_physical_address_wtlb(env, ctx, eaddr, access_type, type, 0);
 }
 
 hwaddr ppc_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
@@ -1508,14 +1516,15 @@ hwaddr ppc_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
         ;
     }
 
-    if (unlikely(get_physical_address(env, &ctx, addr, 0, ACCESS_INT) != 0)) {
+    if (unlikely(get_physical_address(env, &ctx, addr, MMU_DATA_LOAD,
+                                      ACCESS_INT) != 0)) {
 
         /*
          * Some MMUs have separate TLBs for code and data. If we only
          * try an ACCESS_INT, we may not be able to read instructions
          * mapped by code TLBs, so we also try a ACCESS_CODE.
          */
-        if (unlikely(get_physical_address(env, &ctx, addr, 0,
+        if (unlikely(get_physical_address(env, &ctx, addr, MMU_INST_FETCH,
                                           ACCESS_CODE) != 0)) {
             return -1;
         }
@@ -1525,13 +1534,14 @@ hwaddr ppc_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
 }
 
 static void booke206_update_mas_tlb_miss(CPUPPCState *env, target_ulong address,
-                                     int rw, int mmu_idx)
+                                         MMUAccessType access_type, int mmu_idx)
 {
     uint32_t epid;
     bool as, pr;
     uint32_t missed_tid = 0;
     bool use_epid = mmubooke206_get_as(env, mmu_idx, &epid, &as, &pr);
-    if (rw == 2) {
+
+    if (access_type == MMU_INST_FETCH) {
         as = msr_ir;
     }
     env->spr[SPR_BOOKE_MAS0] = env->spr[SPR_BOOKE_MAS4] & MAS4_TLBSELD_MASK;
@@ -1579,7 +1589,7 @@ static void booke206_update_mas_tlb_miss(CPUPPCState *env, target_ulong address,
 
 /* Perform address translation */
 static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
-                                    int rw, int mmu_idx)
+                                    MMUAccessType access_type, int mmu_idx)
 {
     CPUState *cs = env_cpu(env);
     PowerPCCPU *cpu = POWERPC_CPU(cs);
@@ -1587,15 +1597,14 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
     int type;
     int ret = 0;
 
-    if (rw == 2) {
+    if (access_type == MMU_INST_FETCH) {
         /* code access */
-        rw = 0;
         type = ACCESS_CODE;
     } else {
         /* data access */
         type = env->access_type;
     }
-    ret = get_physical_address_wtlb(env, &ctx, address, rw,
+    ret = get_physical_address_wtlb(env, &ctx, address, access_type,
                                     type, mmu_idx);
     if (ret == 0) {
         tlb_set_page(cs, address & TARGET_PAGE_MASK,
@@ -1632,7 +1641,7 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
                     cs->exception_index = POWERPC_EXCP_ITLB;
                     env->error_code = 0;
                     env->spr[SPR_BOOKE_DEAR] = address;
-                    env->spr[SPR_BOOKE_ESR] = mmubooke206_esr(mmu_idx, 0);
+                    env->spr[SPR_BOOKE_ESR] = mmubooke206_esr(mmu_idx, MMU_DATA_LOAD);
                     return -1;
                 case POWERPC_MMU_MPC8xx:
                     /* XXX: TODO */
@@ -1674,7 +1683,7 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
                 /* No matches in page tables or TLB */
                 switch (env->mmu_model) {
                 case POWERPC_MMU_SOFT_6xx:
-                    if (rw == 1) {
+                    if (access_type == MMU_DATA_STORE) {
                         cs->exception_index = POWERPC_EXCP_DSTLB;
                         env->error_code = 1 << 16;
                     } else {
@@ -1691,7 +1700,7 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
                         get_pteg_offset32(cpu, ctx.hash[1]);
                     break;
                 case POWERPC_MMU_SOFT_74xx:
-                    if (rw == 1) {
+                    if (access_type == MMU_DATA_STORE) {
                         cs->exception_index = POWERPC_EXCP_DSTLB;
                     } else {
                         cs->exception_index = POWERPC_EXCP_DLTLB;
@@ -1708,7 +1717,7 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
                     cs->exception_index = POWERPC_EXCP_DTLB;
                     env->error_code = 0;
                     env->spr[SPR_40x_DEAR] = address;
-                    if (rw) {
+                    if (access_type == MMU_DATA_STORE) {
                         env->spr[SPR_40x_ESR] = 0x00800000;
                     } else {
                         env->spr[SPR_40x_ESR] = 0x00000000;
@@ -1719,13 +1728,13 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
                     cpu_abort(cs, "MPC8xx MMU model is not implemented\n");
                     break;
                 case POWERPC_MMU_BOOKE206:
-                    booke206_update_mas_tlb_miss(env, address, rw, mmu_idx);
+                    booke206_update_mas_tlb_miss(env, address, access_type, mmu_idx);
                     /* fall through */
                 case POWERPC_MMU_BOOKE:
                     cs->exception_index = POWERPC_EXCP_DTLB;
                     env->error_code = 0;
                     env->spr[SPR_BOOKE_DEAR] = address;
-                    env->spr[SPR_BOOKE_ESR] = mmubooke206_esr(mmu_idx, rw);
+                    env->spr[SPR_BOOKE_ESR] = mmubooke206_esr(mmu_idx, access_type);
                     return -1;
                 case POWERPC_MMU_REAL:
                     cpu_abort(cs, "PowerPC in real mode should never raise "
@@ -1743,16 +1752,16 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
                 if (env->mmu_model == POWERPC_MMU_SOFT_4xx
                     || env->mmu_model == POWERPC_MMU_SOFT_4xx_Z) {
                     env->spr[SPR_40x_DEAR] = address;
-                    if (rw) {
+                    if (access_type == MMU_DATA_STORE) {
                         env->spr[SPR_40x_ESR] |= 0x00800000;
                     }
                 } else if ((env->mmu_model == POWERPC_MMU_BOOKE) ||
                            (env->mmu_model == POWERPC_MMU_BOOKE206)) {
                     env->spr[SPR_BOOKE_DEAR] = address;
-                    env->spr[SPR_BOOKE_ESR] = mmubooke206_esr(mmu_idx, rw);
+                    env->spr[SPR_BOOKE_ESR] = mmubooke206_esr(mmu_idx, access_type);
                 } else {
                     env->spr[SPR_DAR] = address;
-                    if (rw == 1) {
+                    if (access_type == MMU_DATA_STORE) {
                         env->spr[SPR_DSISR] = 0x0A000000;
                     } else {
                         env->spr[SPR_DSISR] = 0x08000000;
@@ -1773,7 +1782,7 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
                     cs->exception_index = POWERPC_EXCP_DSI;
                     env->error_code = 0;
                     env->spr[SPR_DAR] = address;
-                    if (rw == 1) {
+                    if (access_type == MMU_DATA_STORE) {
                         env->spr[SPR_DSISR] = 0x06000000;
                     } else {
                         env->spr[SPR_DSISR] = 0x04000000;
@@ -1784,7 +1793,7 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
                     cs->exception_index = POWERPC_EXCP_DSI;
                     env->error_code = 0;
                     env->spr[SPR_DAR] = address;
-                    if (rw == 1) {
+                    if (access_type == MMU_DATA_STORE) {
                         env->spr[SPR_DSISR] = 0x06100000;
                     } else {
                         env->spr[SPR_DSISR] = 0x04100000;
-- 
2.25.1



^ permalink raw reply	[flat|nested] 46+ messages in thread

* [PATCH 07/24] target/ppc: Remove type argument from check_prot
  2021-05-18 20:11 [PATCH 00/24] target/ppc: Clean up mmu translation Richard Henderson
                   ` (5 preceding siblings ...)
  2021-05-18 20:11 ` [PATCH 06/24] target/ppc: Use MMUAccessType " Richard Henderson
@ 2021-05-18 20:11 ` Richard Henderson
  2021-05-18 20:11 ` [PATCH 08/24] target/ppc: Remove type argument from ppc6xx_tlb_pte_check Richard Henderson
                   ` (17 subsequent siblings)
  24 siblings, 0 replies; 46+ messages in thread
From: Richard Henderson @ 2021-05-18 20:11 UTC (permalink / raw)
  To: qemu-devel; +Cc: bruno.larsen, qemu-ppc, david

We can now use MMU_INST_FETCH from access_type for this.
Use prot_for_access_type to simplify everything.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/ppc/mmu_helper.c | 35 +++++++----------------------------
 1 file changed, 7 insertions(+), 28 deletions(-)

diff --git a/target/ppc/mmu_helper.c b/target/ppc/mmu_helper.c
index 2aa1b777de..e3912e4094 100644
--- a/target/ppc/mmu_helper.c
+++ b/target/ppc/mmu_helper.c
@@ -32,6 +32,7 @@
 #include "qemu/error-report.h"
 #include "qemu/main-loop.h"
 #include "qemu/qemu-print.h"
+#include "internal.h"
 #include "mmu-book3s-v3.h"
 #include "mmu-radix64.h"
 
@@ -126,33 +127,11 @@ static int pp_check(int key, int pp, int nx)
     return access;
 }
 
-static int check_prot(int prot, MMUAccessType access_type, int type)
+static int check_prot(int prot, MMUAccessType access_type)
 {
-    int ret;
-
-    if (type == ACCESS_CODE) {
-        if (prot & PAGE_EXEC) {
-            ret = 0;
-        } else {
-            ret = -2;
-        }
-    } else if (access_type == MMU_DATA_STORE) {
-        if (prot & PAGE_WRITE) {
-            ret = 0;
-        } else {
-            ret = -2;
-        }
-    } else {
-        if (prot & PAGE_READ) {
-            ret = 0;
-        } else {
-            ret = -2;
-        }
-    }
-
-    return ret;
+    return prot & prot_for_access_type(access_type) ? 0 : -2;
 }
-
+ 
 static int ppc6xx_tlb_pte_check(mmu_ctx_t *ctx, target_ulong pte0,
                                 target_ulong pte1, int h,
                                 MMUAccessType access_type, int type)
@@ -182,7 +161,7 @@ static int ppc6xx_tlb_pte_check(mmu_ctx_t *ctx, target_ulong pte0,
             /* Keep the matching PTE information */
             ctx->raddr = pte1;
             ctx->prot = access;
-            ret = check_prot(ctx->prot, access_type, type);
+            ret = check_prot(ctx->prot, access_type);
             if (ret == 0) {
                 /* Access granted */
                 qemu_log_mask(CPU_LOG_MMU, "PTE access granted !\n");
@@ -441,7 +420,7 @@ static int get_bat_6xx_tlb(CPUPPCState *env, mmu_ctx_t *ctx,
                     (virtual & 0x0001F000);
                 /* Compute access rights */
                 ctx->prot = prot;
-                ret = check_prot(ctx->prot, access_type, type);
+                ret = check_prot(ctx->prot, access_type);
                 if (ret == 0) {
                     LOG_BATS("BAT %d match: r " TARGET_FMT_plx " prot=%c%c\n",
                              i, ctx->raddr, ctx->prot & PAGE_READ ? 'R' : '-',
@@ -733,7 +712,7 @@ static int mmu40x_get_physical_address(CPUPPCState *env, mmu_ctx_t *ctx,
         check_perms:
             /* Check from TLB entry */
             ctx->prot = tlb->prot;
-            ret = check_prot(ctx->prot, access_type, type);
+            ret = check_prot(ctx->prot, access_type);
             if (ret == -2) {
                 env->spr[SPR_40x_ESR] = 0;
             }
-- 
2.25.1



^ permalink raw reply	[flat|nested] 46+ messages in thread

* [PATCH 08/24] target/ppc: Remove type argument from ppc6xx_tlb_pte_check
  2021-05-18 20:11 [PATCH 00/24] target/ppc: Clean up mmu translation Richard Henderson
                   ` (6 preceding siblings ...)
  2021-05-18 20:11 ` [PATCH 07/24] target/ppc: Remove type argument from check_prot Richard Henderson
@ 2021-05-18 20:11 ` Richard Henderson
  2021-05-18 20:11 ` [PATCH 09/24] target/ppc: Remove type argument from ppc6xx_tlb_check Richard Henderson
                   ` (16 subsequent siblings)
  24 siblings, 0 replies; 46+ messages in thread
From: Richard Henderson @ 2021-05-18 20:11 UTC (permalink / raw)
  To: qemu-devel; +Cc: bruno.larsen, qemu-ppc, david

It is no longer used.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/ppc/mmu_helper.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/target/ppc/mmu_helper.c b/target/ppc/mmu_helper.c
index e3912e4094..197a75c9e3 100644
--- a/target/ppc/mmu_helper.c
+++ b/target/ppc/mmu_helper.c
@@ -134,7 +134,7 @@ static int check_prot(int prot, MMUAccessType access_type)
  
 static int ppc6xx_tlb_pte_check(mmu_ctx_t *ctx, target_ulong pte0,
                                 target_ulong pte1, int h,
-                                MMUAccessType access_type, int type)
+                                MMUAccessType access_type)
 {
     target_ulong ptem, mmask;
     int access, ret, pteh, ptev, pp;
@@ -316,7 +316,7 @@ static int ppc6xx_tlb_check(CPUPPCState *env, mmu_ctx_t *ctx,
                   access_type == MMU_DATA_STORE ? 'S' : 'L',
                   type == ACCESS_CODE ? 'I' : 'D');
         switch (ppc6xx_tlb_pte_check(ctx, tlb->pte0, tlb->pte1,
-                                     0, access_type, type)) {
+                                     0, access_type)) {
         case -3:
             /* TLB inconsistency */
             return -1;
-- 
2.25.1



^ permalink raw reply	[flat|nested] 46+ messages in thread

* [PATCH 09/24] target/ppc: Remove type argument from ppc6xx_tlb_check
  2021-05-18 20:11 [PATCH 00/24] target/ppc: Clean up mmu translation Richard Henderson
                   ` (7 preceding siblings ...)
  2021-05-18 20:11 ` [PATCH 08/24] target/ppc: Remove type argument from ppc6xx_tlb_pte_check Richard Henderson
@ 2021-05-18 20:11 ` Richard Henderson
  2021-05-18 20:11 ` [PATCH 10/24] target/ppc: Remove type argument from get_bat_6xx_tlb Richard Henderson
                   ` (15 subsequent siblings)
  24 siblings, 0 replies; 46+ messages in thread
From: Richard Henderson @ 2021-05-18 20:11 UTC (permalink / raw)
  To: qemu-devel; +Cc: bruno.larsen, qemu-ppc, david

We can now use MMU_INST_FETCH from access_type for this.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/ppc/mmu_helper.c | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/target/ppc/mmu_helper.c b/target/ppc/mmu_helper.c
index 197a75c9e3..506b0e4d90 100644
--- a/target/ppc/mmu_helper.c
+++ b/target/ppc/mmu_helper.c
@@ -288,8 +288,7 @@ static void ppc6xx_tlb_store(CPUPPCState *env, target_ulong EPN, int way,
 }
 
 static int ppc6xx_tlb_check(CPUPPCState *env, mmu_ctx_t *ctx,
-                            target_ulong eaddr,
-                            MMUAccessType access_type, int type)
+                            target_ulong eaddr, MMUAccessType access_type)
 {
     ppc6xx_tlb_t *tlb;
     int nr, best, way;
@@ -298,8 +297,7 @@ static int ppc6xx_tlb_check(CPUPPCState *env, mmu_ctx_t *ctx,
     best = -1;
     ret = -1; /* No TLB found */
     for (way = 0; way < env->nb_ways; way++) {
-        nr = ppc6xx_tlb_getnum(env, eaddr, way,
-                               type == ACCESS_CODE ? 1 : 0);
+        nr = ppc6xx_tlb_getnum(env, eaddr, way, access_type == MMU_INST_FETCH);
         tlb = &env->tlb.tlb6[nr];
         /* This test "emulates" the PTE index match for hardware TLBs */
         if ((eaddr & TARGET_PAGE_MASK) != tlb->EPN) {
@@ -314,7 +312,7 @@ static int ppc6xx_tlb_check(CPUPPCState *env, mmu_ctx_t *ctx,
                   pte_is_valid(tlb->pte0) ? "valid" : "inval",
                   tlb->EPN, eaddr, tlb->pte1,
                   access_type == MMU_DATA_STORE ? 'S' : 'L',
-                  type == ACCESS_CODE ? 'I' : 'D');
+                  access_type == MMU_INST_FETCH ? 'I' : 'D');
         switch (ppc6xx_tlb_pte_check(ctx, tlb->pte0, tlb->pte1,
                                      0, access_type)) {
         case -3:
@@ -503,7 +501,7 @@ static int get_segment_6xx_tlb(CPUPPCState *env, mmu_ctx_t *ctx,
             /* Initialize real address with an invalid value */
             ctx->raddr = (hwaddr)-1ULL;
             /* Software TLB search */
-            ret = ppc6xx_tlb_check(env, ctx, eaddr, access_type, type);
+            ret = ppc6xx_tlb_check(env, ctx, eaddr, access_type);
 #if defined(DUMP_PAGE_TABLES)
             if (qemu_loglevel_mask(CPU_LOG_MMU)) {
                 CPUState *cs = env_cpu(env);
-- 
2.25.1



^ permalink raw reply	[flat|nested] 46+ messages in thread

* [PATCH 10/24] target/ppc: Remove type argument from get_bat_6xx_tlb
  2021-05-18 20:11 [PATCH 00/24] target/ppc: Clean up mmu translation Richard Henderson
                   ` (8 preceding siblings ...)
  2021-05-18 20:11 ` [PATCH 09/24] target/ppc: Remove type argument from ppc6xx_tlb_check Richard Henderson
@ 2021-05-18 20:11 ` Richard Henderson
  2021-05-18 20:11 ` [PATCH 11/24] target/ppc: Remove type argument from mmu40x_get_physical_address Richard Henderson
                   ` (14 subsequent siblings)
  24 siblings, 0 replies; 46+ messages in thread
From: Richard Henderson @ 2021-05-18 20:11 UTC (permalink / raw)
  To: qemu-devel; +Cc: bruno.larsen, qemu-ppc, david

We can now use MMU_INST_FETCH from access_type for this.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/ppc/mmu_helper.c | 19 ++++++++-----------
 1 file changed, 8 insertions(+), 11 deletions(-)

diff --git a/target/ppc/mmu_helper.c b/target/ppc/mmu_helper.c
index 506b0e4d90..0809210d3b 100644
--- a/target/ppc/mmu_helper.c
+++ b/target/ppc/mmu_helper.c
@@ -379,25 +379,22 @@ static inline void bat_size_prot(CPUPPCState *env, target_ulong *blp,
 }
 
 static int get_bat_6xx_tlb(CPUPPCState *env, mmu_ctx_t *ctx,
-                           target_ulong virtual, MMUAccessType access_type,
-                           int type)
+                           target_ulong virtual, MMUAccessType access_type)
 {
     target_ulong *BATlt, *BATut, *BATu, *BATl;
     target_ulong BEPIl, BEPIu, bl;
     int i, valid, prot;
     int ret = -1;
+    bool ifetch = access_type == MMU_INST_FETCH;
 
     LOG_BATS("%s: %cBAT v " TARGET_FMT_lx "\n", __func__,
-             type == ACCESS_CODE ? 'I' : 'D', virtual);
-    switch (type) {
-    case ACCESS_CODE:
+             ifetch ? 'I' : 'D', virtual);
+    if (ifetch) {
         BATlt = env->IBAT[1];
         BATut = env->IBAT[0];
-        break;
-    default:
+    } else {
         BATlt = env->DBAT[1];
         BATut = env->DBAT[0];
-        break;
     }
     for (i = 0; i < env->nb_BATs; i++) {
         BATu = &BATut[i];
@@ -407,7 +404,7 @@ static int get_bat_6xx_tlb(CPUPPCState *env, mmu_ctx_t *ctx,
         bat_size_prot(env, &bl, &valid, &prot, BATu, BATl);
         LOG_BATS("%s: %cBAT%d v " TARGET_FMT_lx " BATu " TARGET_FMT_lx
                  " BATl " TARGET_FMT_lx "\n", __func__,
-                 type == ACCESS_CODE ? 'I' : 'D', i, virtual, *BATu, *BATl);
+                 ifetch ? 'I' : 'D', i, virtual, *BATu, *BATl);
         if ((virtual & 0xF0000000) == BEPIu &&
             ((virtual & 0x0FFE0000) & ~bl) == BEPIl) {
             /* BAT matches */
@@ -441,7 +438,7 @@ static int get_bat_6xx_tlb(CPUPPCState *env, mmu_ctx_t *ctx,
                 LOG_BATS("%s: %cBAT%d v " TARGET_FMT_lx " BATu " TARGET_FMT_lx
                          " BATl " TARGET_FMT_lx "\n\t" TARGET_FMT_lx " "
                          TARGET_FMT_lx " " TARGET_FMT_lx "\n",
-                         __func__, type == ACCESS_CODE ? 'I' : 'D', i, virtual,
+                         __func__, ifetch ? 'I' : 'D', i, virtual,
                          *BATu, *BATl, BEPIu, BEPIl, bl);
             }
         }
@@ -1415,7 +1412,7 @@ static int get_physical_address_wtlb(CPUPPCState *env, mmu_ctx_t *ctx,
         } else {
             /* Try to find a BAT */
             if (env->nb_BATs != 0) {
-                ret = get_bat_6xx_tlb(env, ctx, eaddr, access_type, type);
+                ret = get_bat_6xx_tlb(env, ctx, eaddr, access_type);
             }
             if (ret < 0) {
                 /* We didn't match any BAT entry or don't have BATs */
-- 
2.25.1



^ permalink raw reply	[flat|nested] 46+ messages in thread

* [PATCH 11/24] target/ppc: Remove type argument from mmu40x_get_physical_address
  2021-05-18 20:11 [PATCH 00/24] target/ppc: Clean up mmu translation Richard Henderson
                   ` (9 preceding siblings ...)
  2021-05-18 20:11 ` [PATCH 10/24] target/ppc: Remove type argument from get_bat_6xx_tlb Richard Henderson
@ 2021-05-18 20:11 ` Richard Henderson
  2021-05-18 20:11 ` [PATCH 12/24] target/ppc: Remove type argument from mmubooke_check_tlb Richard Henderson
                   ` (13 subsequent siblings)
  24 siblings, 0 replies; 46+ messages in thread
From: Richard Henderson @ 2021-05-18 20:11 UTC (permalink / raw)
  To: qemu-devel; +Cc: bruno.larsen, qemu-ppc, david

It is no longer used.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/ppc/mmu_helper.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/target/ppc/mmu_helper.c b/target/ppc/mmu_helper.c
index 0809210d3b..6860a2aea0 100644
--- a/target/ppc/mmu_helper.c
+++ b/target/ppc/mmu_helper.c
@@ -662,8 +662,7 @@ static inline void ppc4xx_tlb_invalidate_all(CPUPPCState *env)
 
 static int mmu40x_get_physical_address(CPUPPCState *env, mmu_ctx_t *ctx,
                                        target_ulong address,
-                                       MMUAccessType access_type,
-                                       int type)
+                                       MMUAccessType access_type)
 {
     ppcemb_tlb_t *tlb;
     hwaddr raddr;
@@ -1426,8 +1425,7 @@ static int get_physical_address_wtlb(CPUPPCState *env, mmu_ctx_t *ctx,
         if (real_mode) {
             ret = check_physical(env, ctx, eaddr, access_type);
         } else {
-            ret = mmu40x_get_physical_address(env, ctx, eaddr,
-                                              access_type, type);
+            ret = mmu40x_get_physical_address(env, ctx, eaddr, access_type);
         }
         break;
     case POWERPC_MMU_BOOKE:
-- 
2.25.1



^ permalink raw reply	[flat|nested] 46+ messages in thread

* [PATCH 12/24] target/ppc: Remove type argument from mmubooke_check_tlb
  2021-05-18 20:11 [PATCH 00/24] target/ppc: Clean up mmu translation Richard Henderson
                   ` (10 preceding siblings ...)
  2021-05-18 20:11 ` [PATCH 11/24] target/ppc: Remove type argument from mmu40x_get_physical_address Richard Henderson
@ 2021-05-18 20:11 ` Richard Henderson
  2021-05-18 20:11 ` [PATCH 13/24] target/ppc: Remove type argument from mmubooke_get_physical_address Richard Henderson
                   ` (12 subsequent siblings)
  24 siblings, 0 replies; 46+ messages in thread
From: Richard Henderson @ 2021-05-18 20:11 UTC (permalink / raw)
  To: qemu-devel; +Cc: bruno.larsen, qemu-ppc, david

We can now use MMU_INST_FETCH from access_type for this.
Unify the I/D code paths, making use of prot_for_access_type.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/ppc/mmu_helper.c | 46 +++++++++++++----------------------------
 1 file changed, 14 insertions(+), 32 deletions(-)

diff --git a/target/ppc/mmu_helper.c b/target/ppc/mmu_helper.c
index 6860a2aea0..83e7e0dd13 100644
--- a/target/ppc/mmu_helper.c
+++ b/target/ppc/mmu_helper.c
@@ -738,9 +738,9 @@ void store_40x_sler(CPUPPCState *env, uint32_t val)
 
 static int mmubooke_check_tlb(CPUPPCState *env, ppcemb_tlb_t *tlb,
                               hwaddr *raddr, int *prot, target_ulong address,
-                              MMUAccessType access_type, int type, int i)
+                              MMUAccessType access_type, int i)
 {
-    int ret, prot2;
+    int prot2;
 
     if (ppcemb_tlb_check(env, tlb, raddr, address,
                          env->spr[SPR_BOOKE_PID],
@@ -772,37 +772,19 @@ found_tlb:
     }
 
     /* Check the address space */
-    if (type == ACCESS_CODE) {
-        if (msr_ir != (tlb->attr & 1)) {
-            LOG_SWTLB("%s: AS doesn't match\n", __func__);
-            return -1;
-        }
-
-        *prot = prot2;
-        if (prot2 & PAGE_EXEC) {
-            LOG_SWTLB("%s: good TLB!\n", __func__);
-            return 0;
-        }
-
-        LOG_SWTLB("%s: no PAGE_EXEC: %x\n", __func__, prot2);
-        ret = -3;
-    } else {
-        if (msr_dr != (tlb->attr & 1)) {
-            LOG_SWTLB("%s: AS doesn't match\n", __func__);
-            return -1;
-        }
-
-        *prot = prot2;
-        if (prot2 & (access_type == MMU_DATA_LOAD ? PAGE_READ : PAGE_WRITE)) {
-            LOG_SWTLB("%s: found TLB!\n", __func__);
-            return 0;
-        }
-
-        LOG_SWTLB("%s: PAGE_READ/WRITE doesn't match: %x\n", __func__, prot2);
-        ret = -2;
+    if ((access_type == MMU_INST_FETCH ? msr_ir : msr_dr) != (tlb->attr & 1)) {
+        LOG_SWTLB("%s: AS doesn't match\n", __func__);
+        return -1;
     }
 
-    return ret;
+    *prot = prot2;
+    if (prot2 & prot_for_access_type(access_type)) {
+        LOG_SWTLB("%s: good TLB!\n", __func__);
+        return 0;
+    }
+
+    LOG_SWTLB("%s: no prot match: %x\n", __func__, prot2);
+    return access_type == MMU_INST_FETCH ? -3 : -2;
 }
 
 static int mmubooke_get_physical_address(CPUPPCState *env, mmu_ctx_t *ctx,
@@ -819,7 +801,7 @@ static int mmubooke_get_physical_address(CPUPPCState *env, mmu_ctx_t *ctx,
     for (i = 0; i < env->nb_tlb; i++) {
         tlb = &env->tlb.tlbe[i];
         ret = mmubooke_check_tlb(env, tlb, &raddr, &ctx->prot, address,
-                                 access_type, type, i);
+                                 access_type, i);
         if (ret != -1) {
             break;
         }
-- 
2.25.1



^ permalink raw reply	[flat|nested] 46+ messages in thread

* [PATCH 13/24] target/ppc: Remove type argument from mmubooke_get_physical_address
  2021-05-18 20:11 [PATCH 00/24] target/ppc: Clean up mmu translation Richard Henderson
                   ` (11 preceding siblings ...)
  2021-05-18 20:11 ` [PATCH 12/24] target/ppc: Remove type argument from mmubooke_check_tlb Richard Henderson
@ 2021-05-18 20:11 ` Richard Henderson
  2021-05-18 20:11 ` [PATCH 14/24] target/ppc: Remove type argument from mmubooke206_check_tlb Richard Henderson
                   ` (11 subsequent siblings)
  24 siblings, 0 replies; 46+ messages in thread
From: Richard Henderson @ 2021-05-18 20:11 UTC (permalink / raw)
  To: qemu-devel; +Cc: bruno.larsen, qemu-ppc, david

It is no longer used.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/ppc/mmu_helper.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/target/ppc/mmu_helper.c b/target/ppc/mmu_helper.c
index 83e7e0dd13..bf0fcca9be 100644
--- a/target/ppc/mmu_helper.c
+++ b/target/ppc/mmu_helper.c
@@ -789,8 +789,7 @@ found_tlb:
 
 static int mmubooke_get_physical_address(CPUPPCState *env, mmu_ctx_t *ctx,
                                          target_ulong address,
-                                         MMUAccessType access_type,
-                                         int type)
+                                         MMUAccessType access_type)
 {
     ppcemb_tlb_t *tlb;
     hwaddr raddr;
@@ -1411,8 +1410,7 @@ static int get_physical_address_wtlb(CPUPPCState *env, mmu_ctx_t *ctx,
         }
         break;
     case POWERPC_MMU_BOOKE:
-        ret = mmubooke_get_physical_address(env, ctx, eaddr,
-                                            access_type, type);
+        ret = mmubooke_get_physical_address(env, ctx, eaddr, access_type);
         break;
     case POWERPC_MMU_BOOKE206:
         ret = mmubooke206_get_physical_address(env, ctx, eaddr, access_type,
-- 
2.25.1



^ permalink raw reply	[flat|nested] 46+ messages in thread

* [PATCH 14/24] target/ppc: Remove type argument from mmubooke206_check_tlb
  2021-05-18 20:11 [PATCH 00/24] target/ppc: Clean up mmu translation Richard Henderson
                   ` (12 preceding siblings ...)
  2021-05-18 20:11 ` [PATCH 13/24] target/ppc: Remove type argument from mmubooke_get_physical_address Richard Henderson
@ 2021-05-18 20:11 ` Richard Henderson
  2021-05-18 20:11 ` [PATCH 15/24] target/ppc: Remove type argument for mmubooke206_get_physical_address Richard Henderson
                   ` (10 subsequent siblings)
  24 siblings, 0 replies; 46+ messages in thread
From: Richard Henderson @ 2021-05-18 20:11 UTC (permalink / raw)
  To: qemu-devel; +Cc: bruno.larsen, qemu-ppc, david

We can now use MMU_INST_FETCH from access_type for this.
Unify the I/D code paths, making use of prot_for_access_type.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/ppc/mmu_helper.c | 50 ++++++++++++++---------------------------
 1 file changed, 17 insertions(+), 33 deletions(-)

diff --git a/target/ppc/mmu_helper.c b/target/ppc/mmu_helper.c
index bf0fcca9be..90038e3e76 100644
--- a/target/ppc/mmu_helper.c
+++ b/target/ppc/mmu_helper.c
@@ -944,10 +944,8 @@ static bool mmubooke206_get_as(CPUPPCState *env,
 static int mmubooke206_check_tlb(CPUPPCState *env, ppcmas_tlb_t *tlb,
                                  hwaddr *raddr, int *prot,
                                  target_ulong address,
-                                 MMUAccessType access_type,
-                                 int type, int mmu_idx)
+                                 MMUAccessType access_type, int mmu_idx)
 {
-    int ret;
     int prot2 = 0;
     uint32_t epid;
     bool as, pr;
@@ -1004,39 +1002,25 @@ found_tlb:
     }
 
     /* Check the address space and permissions */
-    if (type == ACCESS_CODE) {
+    if (access_type == MMU_INST_FETCH) {
         /* There is no way to fetch code using epid load */
         assert(!use_epid);
-        if (msr_ir != ((tlb->mas1 & MAS1_TS) >> MAS1_TS_SHIFT)) {
-            LOG_SWTLB("%s: AS doesn't match\n", __func__);
-            return -1;
-        }
-
-        *prot = prot2;
-        if (prot2 & PAGE_EXEC) {
-            LOG_SWTLB("%s: good TLB!\n", __func__);
-            return 0;
-        }
-
-        LOG_SWTLB("%s: no PAGE_EXEC: %x\n", __func__, prot2);
-        ret = -3;
-    } else {
-        if (as != ((tlb->mas1 & MAS1_TS) >> MAS1_TS_SHIFT)) {
-            LOG_SWTLB("%s: AS doesn't match\n", __func__);
-            return -1;
-        }
-
-        *prot = prot2;
-        if (prot2 & (access_type == MMU_DATA_LOAD ? PAGE_READ : PAGE_WRITE)) {
-            LOG_SWTLB("%s: found TLB!\n", __func__);
-            return 0;
-        }
-
-        LOG_SWTLB("%s: PAGE_READ/WRITE doesn't match: %x\n", __func__, prot2);
-        ret = -2;
+        as = msr_ir;
     }
 
-    return ret;
+    if (as != ((tlb->mas1 & MAS1_TS) >> MAS1_TS_SHIFT)) {
+        LOG_SWTLB("%s: AS doesn't match\n", __func__);
+        return -1;
+    }
+
+    *prot = prot2;
+    if (prot2 & prot_for_access_type(access_type)) {
+        LOG_SWTLB("%s: good TLB!\n", __func__);
+        return 0;
+    }
+
+    LOG_SWTLB("%s: no prot match: %x\n", __func__, prot2);
+    return access_type == MMU_INST_FETCH ? -3 : -2;
 }
 
 static int mmubooke206_get_physical_address(CPUPPCState *env, mmu_ctx_t *ctx,
@@ -1060,7 +1044,7 @@ static int mmubooke206_get_physical_address(CPUPPCState *env, mmu_ctx_t *ctx,
                 continue;
             }
             ret = mmubooke206_check_tlb(env, tlb, &raddr, &ctx->prot, address,
-                                        access_type, type, mmu_idx);
+                                        access_type, mmu_idx);
             if (ret != -1) {
                 goto found_tlb;
             }
-- 
2.25.1



^ permalink raw reply	[flat|nested] 46+ messages in thread

* [PATCH 15/24] target/ppc: Remove type argument for mmubooke206_get_physical_address
  2021-05-18 20:11 [PATCH 00/24] target/ppc: Clean up mmu translation Richard Henderson
                   ` (13 preceding siblings ...)
  2021-05-18 20:11 ` [PATCH 14/24] target/ppc: Remove type argument from mmubooke206_check_tlb Richard Henderson
@ 2021-05-18 20:11 ` Richard Henderson
  2021-05-18 20:11 ` [PATCH 16/24] target/ppc: Remove PowerPCCPUClass.handle_mmu_fault Richard Henderson
                   ` (9 subsequent siblings)
  24 siblings, 0 replies; 46+ messages in thread
From: Richard Henderson @ 2021-05-18 20:11 UTC (permalink / raw)
  To: qemu-devel; +Cc: bruno.larsen, qemu-ppc, david

It is no longer used.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/ppc/mmu_helper.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/target/ppc/mmu_helper.c b/target/ppc/mmu_helper.c
index 90038e3e76..ef634fcb33 100644
--- a/target/ppc/mmu_helper.c
+++ b/target/ppc/mmu_helper.c
@@ -1026,7 +1026,7 @@ found_tlb:
 static int mmubooke206_get_physical_address(CPUPPCState *env, mmu_ctx_t *ctx,
                                             target_ulong address,
                                             MMUAccessType access_type,
-                                            int type, int mmu_idx)
+                                            int mmu_idx)
 {
     ppcmas_tlb_t *tlb;
     hwaddr raddr;
@@ -1398,7 +1398,7 @@ static int get_physical_address_wtlb(CPUPPCState *env, mmu_ctx_t *ctx,
         break;
     case POWERPC_MMU_BOOKE206:
         ret = mmubooke206_get_physical_address(env, ctx, eaddr, access_type,
-                                               type, mmu_idx);
+                                               mmu_idx);
         break;
     case POWERPC_MMU_MPC8xx:
         /* XXX: TODO */
-- 
2.25.1



^ permalink raw reply	[flat|nested] 46+ messages in thread

* [PATCH 16/24] target/ppc: Remove PowerPCCPUClass.handle_mmu_fault
  2021-05-18 20:11 [PATCH 00/24] target/ppc: Clean up mmu translation Richard Henderson
                   ` (14 preceding siblings ...)
  2021-05-18 20:11 ` [PATCH 15/24] target/ppc: Remove type argument for mmubooke206_get_physical_address Richard Henderson
@ 2021-05-18 20:11 ` Richard Henderson
  2021-05-19 13:02   ` Bruno Piazera Larsen
  2021-05-24  3:28   ` David Gibson
  2021-05-18 20:11 ` [PATCH 17/24] target/ppc: Use MMUAccessType with *_handle_mmu_fault Richard Henderson
                   ` (8 subsequent siblings)
  24 siblings, 2 replies; 46+ messages in thread
From: Richard Henderson @ 2021-05-18 20:11 UTC (permalink / raw)
  To: qemu-devel; +Cc: bruno.larsen, qemu-ppc, david

Instead, use a switch on env->mmu_model.  This avoids some
replicated information in cpu setup.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/ppc/cpu-qom.h    |  1 -
 target/ppc/cpu_init.c   | 45 -----------------------------------------
 target/ppc/mmu_helper.c | 24 ++++++++++++++++++----
 3 files changed, 20 insertions(+), 50 deletions(-)

diff --git a/target/ppc/cpu-qom.h b/target/ppc/cpu-qom.h
index 06b6571bc9..3b14d2f134 100644
--- a/target/ppc/cpu-qom.h
+++ b/target/ppc/cpu-qom.h
@@ -198,7 +198,6 @@ struct PowerPCCPUClass {
     int n_host_threads;
     void (*init_proc)(CPUPPCState *env);
     int  (*check_pow)(CPUPPCState *env);
-    int (*handle_mmu_fault)(PowerPCCPU *cpu, vaddr eaddr, int rwx, int mmu_idx);
     bool (*interrupts_big_endian)(PowerPCCPU *cpu);
 };
 
diff --git a/target/ppc/cpu_init.c b/target/ppc/cpu_init.c
index d0fa219880..d33aded7cf 100644
--- a/target/ppc/cpu_init.c
+++ b/target/ppc/cpu_init.c
@@ -4580,9 +4580,6 @@ POWERPC_FAMILY(601)(ObjectClass *oc, void *data)
                     (1ull << MSR_IR) |
                     (1ull << MSR_DR);
     pcc->mmu_model = POWERPC_MMU_601;
-#if defined(CONFIG_SOFTMMU)
-    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
-#endif
     pcc->excp_model = POWERPC_EXCP_601;
     pcc->bus_model = PPC_FLAGS_INPUT_6xx;
     pcc->bfd_mach = bfd_mach_ppc_601;
@@ -4625,9 +4622,6 @@ POWERPC_FAMILY(601v)(ObjectClass *oc, void *data)
                     (1ull << MSR_IR) |
                     (1ull << MSR_DR);
     pcc->mmu_model = POWERPC_MMU_601;
-#if defined(CONFIG_SOFTMMU)
-    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
-#endif
     pcc->bus_model = PPC_FLAGS_INPUT_6xx;
     pcc->bfd_mach = bfd_mach_ppc_601;
     pcc->flags = POWERPC_FLAG_SE | POWERPC_FLAG_RTC_CLK | POWERPC_FLAG_HID0_LE;
@@ -4891,9 +4885,6 @@ POWERPC_FAMILY(604)(ObjectClass *oc, void *data)
                     (1ull << MSR_RI) |
                     (1ull << MSR_LE);
     pcc->mmu_model = POWERPC_MMU_32B;
-#if defined(CONFIG_SOFTMMU)
-    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
-#endif
     pcc->excp_model = POWERPC_EXCP_604;
     pcc->bus_model = PPC_FLAGS_INPUT_6xx;
     pcc->bfd_mach = bfd_mach_ppc_604;
@@ -4975,9 +4966,6 @@ POWERPC_FAMILY(604E)(ObjectClass *oc, void *data)
                     (1ull << MSR_RI) |
                     (1ull << MSR_LE);
     pcc->mmu_model = POWERPC_MMU_32B;
-#if defined(CONFIG_SOFTMMU)
-    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
-#endif
     pcc->excp_model = POWERPC_EXCP_604;
     pcc->bus_model = PPC_FLAGS_INPUT_6xx;
     pcc->bfd_mach = bfd_mach_ppc_604;
@@ -5046,9 +5034,6 @@ POWERPC_FAMILY(740)(ObjectClass *oc, void *data)
                     (1ull << MSR_RI) |
                     (1ull << MSR_LE);
     pcc->mmu_model = POWERPC_MMU_32B;
-#if defined(CONFIG_SOFTMMU)
-    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
-#endif
     pcc->excp_model = POWERPC_EXCP_7x0;
     pcc->bus_model = PPC_FLAGS_INPUT_6xx;
     pcc->bfd_mach = bfd_mach_ppc_750;
@@ -5126,9 +5111,6 @@ POWERPC_FAMILY(750)(ObjectClass *oc, void *data)
                     (1ull << MSR_RI) |
                     (1ull << MSR_LE);
     pcc->mmu_model = POWERPC_MMU_32B;
-#if defined(CONFIG_SOFTMMU)
-    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
-#endif
     pcc->excp_model = POWERPC_EXCP_7x0;
     pcc->bus_model = PPC_FLAGS_INPUT_6xx;
     pcc->bfd_mach = bfd_mach_ppc_750;
@@ -5329,9 +5311,6 @@ POWERPC_FAMILY(750cl)(ObjectClass *oc, void *data)
                     (1ull << MSR_RI) |
                     (1ull << MSR_LE);
     pcc->mmu_model = POWERPC_MMU_32B;
-#if defined(CONFIG_SOFTMMU)
-    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
-#endif
     pcc->excp_model = POWERPC_EXCP_7x0;
     pcc->bus_model = PPC_FLAGS_INPUT_6xx;
     pcc->bfd_mach = bfd_mach_ppc_750;
@@ -5412,9 +5391,6 @@ POWERPC_FAMILY(750cx)(ObjectClass *oc, void *data)
                     (1ull << MSR_RI) |
                     (1ull << MSR_LE);
     pcc->mmu_model = POWERPC_MMU_32B;
-#if defined(CONFIG_SOFTMMU)
-    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
-#endif
     pcc->excp_model = POWERPC_EXCP_7x0;
     pcc->bus_model = PPC_FLAGS_INPUT_6xx;
     pcc->bfd_mach = bfd_mach_ppc_750;
@@ -5500,9 +5476,6 @@ POWERPC_FAMILY(750fx)(ObjectClass *oc, void *data)
                     (1ull << MSR_RI) |
                     (1ull << MSR_LE);
     pcc->mmu_model = POWERPC_MMU_32B;
-#if defined(CONFIG_SOFTMMU)
-    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
-#endif
     pcc->excp_model = POWERPC_EXCP_7x0;
     pcc->bus_model = PPC_FLAGS_INPUT_6xx;
     pcc->bfd_mach = bfd_mach_ppc_750;
@@ -5588,9 +5561,6 @@ POWERPC_FAMILY(750gx)(ObjectClass *oc, void *data)
                     (1ull << MSR_RI) |
                     (1ull << MSR_LE);
     pcc->mmu_model = POWERPC_MMU_32B;
-#if defined(CONFIG_SOFTMMU)
-    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
-#endif
     pcc->excp_model = POWERPC_EXCP_7x0;
     pcc->bus_model = PPC_FLAGS_INPUT_6xx;
     pcc->bfd_mach = bfd_mach_ppc_750;
@@ -5830,9 +5800,6 @@ POWERPC_FAMILY(7400)(ObjectClass *oc, void *data)
                     (1ull << MSR_RI) |
                     (1ull << MSR_LE);
     pcc->mmu_model = POWERPC_MMU_32B;
-#if defined(CONFIG_SOFTMMU)
-    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
-#endif
     pcc->excp_model = POWERPC_EXCP_74xx;
     pcc->bus_model = PPC_FLAGS_INPUT_6xx;
     pcc->bfd_mach = bfd_mach_ppc_7400;
@@ -5916,9 +5883,6 @@ POWERPC_FAMILY(7410)(ObjectClass *oc, void *data)
                     (1ull << MSR_RI) |
                     (1ull << MSR_LE);
     pcc->mmu_model = POWERPC_MMU_32B;
-#if defined(CONFIG_SOFTMMU)
-    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
-#endif
     pcc->excp_model = POWERPC_EXCP_74xx;
     pcc->bus_model = PPC_FLAGS_INPUT_6xx;
     pcc->bfd_mach = bfd_mach_ppc_7400;
@@ -6745,9 +6709,6 @@ POWERPC_FAMILY(e600)(ObjectClass *oc, void *data)
                     (1ull << MSR_RI) |
                     (1ull << MSR_LE);
     pcc->mmu_model = POWERPC_MMU_32B;
-#if defined(CONFIG_SOFTMMU)
-    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
-#endif
     pcc->excp_model = POWERPC_EXCP_74xx;
     pcc->bus_model = PPC_FLAGS_INPUT_6xx;
     pcc->bfd_mach = bfd_mach_ppc_7400;
@@ -7507,7 +7468,6 @@ POWERPC_FAMILY(970)(ObjectClass *oc, void *data)
                     (1ull << MSR_RI);
     pcc->mmu_model = POWERPC_MMU_64B;
 #if defined(CONFIG_SOFTMMU)
-    pcc->handle_mmu_fault = ppc_hash64_handle_mmu_fault;
     pcc->hash64_opts = &ppc_hash64_opts_basic;
 #endif
     pcc->excp_model = POWERPC_EXCP_970;
@@ -7585,7 +7545,6 @@ POWERPC_FAMILY(POWER5P)(ObjectClass *oc, void *data)
         LPCR_RMI | LPCR_HDICE;
     pcc->mmu_model = POWERPC_MMU_2_03;
 #if defined(CONFIG_SOFTMMU)
-    pcc->handle_mmu_fault = ppc_hash64_handle_mmu_fault;
     pcc->hash64_opts = &ppc_hash64_opts_basic;
     pcc->lrg_decr_bits = 32;
 #endif
@@ -7729,7 +7688,6 @@ POWERPC_FAMILY(POWER7)(ObjectClass *oc, void *data)
     pcc->lpcr_pm = LPCR_P7_PECE0 | LPCR_P7_PECE1 | LPCR_P7_PECE2;
     pcc->mmu_model = POWERPC_MMU_2_06;
 #if defined(CONFIG_SOFTMMU)
-    pcc->handle_mmu_fault = ppc_hash64_handle_mmu_fault;
     pcc->hash64_opts = &ppc_hash64_opts_POWER7;
     pcc->lrg_decr_bits = 32;
 #endif
@@ -7906,7 +7864,6 @@ POWERPC_FAMILY(POWER8)(ObjectClass *oc, void *data)
                    LPCR_P8_PECE3 | LPCR_P8_PECE4;
     pcc->mmu_model = POWERPC_MMU_2_07;
 #if defined(CONFIG_SOFTMMU)
-    pcc->handle_mmu_fault = ppc_hash64_handle_mmu_fault;
     pcc->hash64_opts = &ppc_hash64_opts_POWER7;
     pcc->lrg_decr_bits = 32;
     pcc->n_host_threads = 8;
@@ -8122,7 +8079,6 @@ POWERPC_FAMILY(POWER9)(ObjectClass *oc, void *data)
     pcc->lpcr_pm = LPCR_PDEE | LPCR_HDEE | LPCR_EEE | LPCR_DEE | LPCR_OEE;
     pcc->mmu_model = POWERPC_MMU_3_00;
 #if defined(CONFIG_SOFTMMU)
-    pcc->handle_mmu_fault = ppc64_v3_handle_mmu_fault;
     /* segment page size remain the same */
     pcc->hash64_opts = &ppc_hash64_opts_POWER7;
     pcc->radix_page_info = &POWER9_radix_page_info;
@@ -8334,7 +8290,6 @@ POWERPC_FAMILY(POWER10)(ObjectClass *oc, void *data)
     pcc->lpcr_pm = LPCR_PDEE | LPCR_HDEE | LPCR_EEE | LPCR_DEE | LPCR_OEE;
     pcc->mmu_model = POWERPC_MMU_3_00;
 #if defined(CONFIG_SOFTMMU)
-    pcc->handle_mmu_fault = ppc64_v3_handle_mmu_fault;
     /* segment page size remain the same */
     pcc->hash64_opts = &ppc_hash64_opts_POWER7;
     pcc->radix_page_info = &POWER10_radix_page_info;
diff --git a/target/ppc/mmu_helper.c b/target/ppc/mmu_helper.c
index ef634fcb33..863e556a22 100644
--- a/target/ppc/mmu_helper.c
+++ b/target/ppc/mmu_helper.c
@@ -2963,14 +2963,30 @@ bool ppc_cpu_tlb_fill(CPUState *cs, vaddr addr, int size,
                       bool probe, uintptr_t retaddr)
 {
     PowerPCCPU *cpu = POWERPC_CPU(cs);
-    PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cs);
     CPUPPCState *env = &cpu->env;
     int ret;
 
-    if (pcc->handle_mmu_fault) {
-        ret = pcc->handle_mmu_fault(cpu, addr, access_type, mmu_idx);
-    } else {
+    switch (env->mmu_model) {
+#if defined(TARGET_PPC64)
+    case POWERPC_MMU_64B:
+    case POWERPC_MMU_2_03:
+    case POWERPC_MMU_2_06:
+    case POWERPC_MMU_2_07:
+        ret = ppc_hash64_handle_mmu_fault(cpu, addr, access_type, mmu_idx);
+        break;
+    case POWERPC_MMU_3_00:
+        ret = ppc64_v3_handle_mmu_fault(cpu, addr, access_type, mmu_idx);
+        break;
+#endif
+
+    case POWERPC_MMU_32B:
+    case POWERPC_MMU_601:
+        ret = ppc_hash32_handle_mmu_fault(cpu, addr, access_type, mmu_idx);
+        break;
+
+    default:
         ret = cpu_ppc_handle_mmu_fault(env, addr, access_type, mmu_idx);
+        break;
     }
     if (unlikely(ret != 0)) {
         if (probe) {
-- 
2.25.1



^ permalink raw reply	[flat|nested] 46+ messages in thread

* [PATCH 17/24] target/ppc: Use MMUAccessType with *_handle_mmu_fault
  2021-05-18 20:11 [PATCH 00/24] target/ppc: Clean up mmu translation Richard Henderson
                   ` (15 preceding siblings ...)
  2021-05-18 20:11 ` [PATCH 16/24] target/ppc: Remove PowerPCCPUClass.handle_mmu_fault Richard Henderson
@ 2021-05-18 20:11 ` Richard Henderson
  2021-05-19 13:02   ` Bruno Piazera Larsen
  2021-05-18 20:11 ` [PATCH 18/24] target/ppc: Push real-mode handling into ppc_radix64_xlate Richard Henderson
                   ` (7 subsequent siblings)
  24 siblings, 1 reply; 46+ messages in thread
From: Richard Henderson @ 2021-05-18 20:11 UTC (permalink / raw)
  To: qemu-devel; +Cc: bruno.larsen, qemu-ppc, david

These changes were waiting until we didn't need to match
the function type of PowerPCCPUClass.handle_mmu_fault.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/ppc/mmu-hash32.h  | 4 ++--
 target/ppc/mmu-hash64.h  | 4 ++--
 target/ppc/mmu-radix64.h | 4 ++--
 target/ppc/mmu-hash32.c  | 7 ++-----
 target/ppc/mmu-hash64.c  | 6 +-----
 target/ppc/mmu-radix64.c | 7 ++-----
 6 files changed, 11 insertions(+), 21 deletions(-)

diff --git a/target/ppc/mmu-hash32.h b/target/ppc/mmu-hash32.h
index 898021f0d8..30e35718a7 100644
--- a/target/ppc/mmu-hash32.h
+++ b/target/ppc/mmu-hash32.h
@@ -5,8 +5,8 @@
 
 hwaddr get_pteg_offset32(PowerPCCPU *cpu, hwaddr hash);
 hwaddr ppc_hash32_get_phys_page_debug(PowerPCCPU *cpu, target_ulong addr);
-int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr address, int rw,
-                                int mmu_idx);
+int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr address,
+                                MMUAccessType access_type, int mmu_idx);
 
 /*
  * Segment register definitions
diff --git a/target/ppc/mmu-hash64.h b/target/ppc/mmu-hash64.h
index 4b8b8e7950..3e8a8eec1f 100644
--- a/target/ppc/mmu-hash64.h
+++ b/target/ppc/mmu-hash64.h
@@ -8,8 +8,8 @@ void dump_slb(PowerPCCPU *cpu);
 int ppc_store_slb(PowerPCCPU *cpu, target_ulong slot,
                   target_ulong esid, target_ulong vsid);
 hwaddr ppc_hash64_get_phys_page_debug(PowerPCCPU *cpu, target_ulong addr);
-int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr address, int rw,
-                                int mmu_idx);
+int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr address,
+                                MMUAccessType access_type, int mmu_idx);
 void ppc_hash64_tlb_flush_hpte(PowerPCCPU *cpu,
                                target_ulong pte_index,
                                target_ulong pte0, target_ulong pte1);
diff --git a/target/ppc/mmu-radix64.h b/target/ppc/mmu-radix64.h
index f28c5794d0..94bd72cb38 100644
--- a/target/ppc/mmu-radix64.h
+++ b/target/ppc/mmu-radix64.h
@@ -44,8 +44,8 @@
 
 #ifdef TARGET_PPC64
 
-int ppc_radix64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr, int rwx,
-                                 int mmu_idx);
+int ppc_radix64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
+                                 MMUAccessType access_type, int mmu_idx);
 hwaddr ppc_radix64_get_phys_page_debug(PowerPCCPU *cpu, target_ulong addr);
 
 static inline int ppc_radix64_get_prot_eaa(uint64_t pte)
diff --git a/target/ppc/mmu-hash32.c b/target/ppc/mmu-hash32.c
index 744a763f44..d51be59f95 100644
--- a/target/ppc/mmu-hash32.c
+++ b/target/ppc/mmu-hash32.c
@@ -416,8 +416,8 @@ static hwaddr ppc_hash32_pte_raddr(target_ulong sr, ppc_hash_pte32_t pte,
     return (rpn & ~mask) | (eaddr & mask);
 }
 
-int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr, int rwx,
-                                int mmu_idx)
+int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
+                                MMUAccessType access_type, int mmu_idx)
 {
     CPUState *cs = CPU(cpu);
     CPUPPCState *env = &cpu->env;
@@ -426,11 +426,8 @@ int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr, int rwx,
     ppc_hash_pte32_t pte;
     int prot;
     int need_prot;
-    MMUAccessType access_type;
     hwaddr raddr;
 
-    assert((rwx == 0) || (rwx == 1) || (rwx == 2));
-    access_type = rwx;
     need_prot = prot_for_access_type(access_type);
 
     /* 1. Handle real mode accesses */
diff --git a/target/ppc/mmu-hash64.c b/target/ppc/mmu-hash64.c
index f48b625f48..877a01a296 100644
--- a/target/ppc/mmu-hash64.c
+++ b/target/ppc/mmu-hash64.c
@@ -867,7 +867,7 @@ static int build_vrma_slbe(PowerPCCPU *cpu, ppc_slb_t *slb)
 }
 
 int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
-                                int rwx, int mmu_idx)
+                                MMUAccessType access_type, int mmu_idx)
 {
     CPUState *cs = CPU(cpu);
     CPUPPCState *env = &cpu->env;
@@ -877,13 +877,9 @@ int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
     hwaddr ptex;
     ppc_hash_pte64_t pte;
     int exec_prot, pp_prot, amr_prot, prot;
-    MMUAccessType access_type;
     int need_prot;
     hwaddr raddr;
 
-    assert((rwx == 0) || (rwx == 1) || (rwx == 2));
-    access_type = rwx;
-
     /*
      * Note on LPCR usage: 970 uses HID4, but our special variant of
      * store_spr copies relevant fields into env->spr[SPR_LPCR].
diff --git a/target/ppc/mmu-radix64.c b/target/ppc/mmu-radix64.c
index 7972153f23..f6d96f73b2 100644
--- a/target/ppc/mmu-radix64.c
+++ b/target/ppc/mmu-radix64.c
@@ -556,19 +556,16 @@ static int ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr,
     return 0;
 }
 
-int ppc_radix64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr, int rwx,
-                                 int mmu_idx)
+int ppc_radix64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
+                                 MMUAccessType access_type, int mmu_idx)
 {
     CPUState *cs = CPU(cpu);
     CPUPPCState *env = &cpu->env;
     int page_size, prot;
     bool relocation;
-    MMUAccessType access_type;
     hwaddr raddr;
 
     assert(!(msr_hv && cpu->vhyp));
-    assert((rwx == 0) || (rwx == 1) || (rwx == 2));
-    access_type = rwx;
 
     relocation = (access_type == MMU_INST_FETCH ? msr_ir : msr_dr);
     /* HV or virtual hypervisor Real Mode Access */
-- 
2.25.1



^ permalink raw reply	[flat|nested] 46+ messages in thread

* [PATCH 18/24] target/ppc: Push real-mode handling into ppc_radix64_xlate
  2021-05-18 20:11 [PATCH 00/24] target/ppc: Clean up mmu translation Richard Henderson
                   ` (16 preceding siblings ...)
  2021-05-18 20:11 ` [PATCH 17/24] target/ppc: Use MMUAccessType with *_handle_mmu_fault Richard Henderson
@ 2021-05-18 20:11 ` Richard Henderson
  2021-05-19 17:44   ` Bruno Piazera Larsen
  2021-05-18 20:11 ` [PATCH 19/24] target/ppc: Use bool success for ppc_radix64_xlate Richard Henderson
                   ` (6 subsequent siblings)
  24 siblings, 1 reply; 46+ messages in thread
From: Richard Henderson @ 2021-05-18 20:11 UTC (permalink / raw)
  To: qemu-devel; +Cc: bruno.larsen, qemu-ppc, david

This removes some incomplete duplication between
ppc_radix64_handle_mmu_fault and ppc_radix64_get_phys_page_debug.
The former was correct wrt SPR_HRMOR and the latter was not.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/ppc/mmu-radix64.c | 77 ++++++++++++++++++----------------------
 1 file changed, 34 insertions(+), 43 deletions(-)

diff --git a/target/ppc/mmu-radix64.c b/target/ppc/mmu-radix64.c
index f6d96f73b2..76a5cc8cdb 100644
--- a/target/ppc/mmu-radix64.c
+++ b/target/ppc/mmu-radix64.c
@@ -466,7 +466,6 @@ static int ppc_radix64_process_scoped_xlate(PowerPCCPU *cpu,
  */
 static int ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr,
                              MMUAccessType access_type,
-                             bool relocation,
                              hwaddr *raddr, int *psizep, int *protp,
                              bool guest_visible)
 {
@@ -475,6 +474,37 @@ static int ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr,
     ppc_v3_pate_t pate;
     int psize, prot;
     hwaddr g_raddr;
+    bool relocation;
+
+    assert(!(msr_hv && cpu->vhyp));
+
+    relocation = (access_type == MMU_INST_FETCH ? msr_ir : msr_dr);
+
+    /* HV or virtual hypervisor Real Mode Access */
+    if (!relocation && (msr_hv || cpu->vhyp)) {
+        /* In real mode top 4 effective addr bits (mostly) ignored */
+        *raddr = eaddr & 0x0FFFFFFFFFFFFFFFULL;
+
+        /* In HV mode, add HRMOR if top EA bit is clear */
+        if (msr_hv || !env->has_hv_mode) {
+            if (!(eaddr >> 63)) {
+                *raddr |= env->spr[SPR_HRMOR];
+           }
+        }
+        *protp = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
+        *psizep = TARGET_PAGE_BITS;
+        return 0;
+    }
+
+    /*
+     * Check UPRT (we avoid the check in real mode to deal with
+     * transitional states during kexec.
+     */
+    if (guest_visible && !ppc64_use_proc_tbl(cpu)) {
+        qemu_log_mask(LOG_GUEST_ERROR,
+                      "LPCR:UPRT not set in radix mode ! LPCR="
+                      TARGET_FMT_lx "\n", env->spr[SPR_LPCR]);
+    }
 
     /* Virtual Mode Access - get the fully qualified address */
     if (!ppc_radix64_get_fully_qualified_addr(&cpu->env, eaddr, &lpid, &pid)) {
@@ -560,43 +590,11 @@ int ppc_radix64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
                                  MMUAccessType access_type, int mmu_idx)
 {
     CPUState *cs = CPU(cpu);
-    CPUPPCState *env = &cpu->env;
     int page_size, prot;
-    bool relocation;
     hwaddr raddr;
 
-    assert(!(msr_hv && cpu->vhyp));
-
-    relocation = (access_type == MMU_INST_FETCH ? msr_ir : msr_dr);
-    /* HV or virtual hypervisor Real Mode Access */
-    if (!relocation && (msr_hv || cpu->vhyp)) {
-        /* In real mode top 4 effective addr bits (mostly) ignored */
-        raddr = eaddr & 0x0FFFFFFFFFFFFFFFULL;
-
-        /* In HV mode, add HRMOR if top EA bit is clear */
-        if (msr_hv || !env->has_hv_mode) {
-            if (!(eaddr >> 63)) {
-                raddr |= env->spr[SPR_HRMOR];
-           }
-        }
-        tlb_set_page(cs, eaddr & TARGET_PAGE_MASK, raddr & TARGET_PAGE_MASK,
-                     PAGE_READ | PAGE_WRITE | PAGE_EXEC, mmu_idx,
-                     TARGET_PAGE_SIZE);
-        return 0;
-    }
-
-    /*
-     * Check UPRT (we avoid the check in real mode to deal with
-     * transitional states during kexec.
-     */
-    if (!ppc64_use_proc_tbl(cpu)) {
-        qemu_log_mask(LOG_GUEST_ERROR,
-                      "LPCR:UPRT not set in radix mode ! LPCR="
-                      TARGET_FMT_lx "\n", env->spr[SPR_LPCR]);
-    }
-
     /* Translate eaddr to raddr (where raddr is addr qemu needs for access) */
-    if (ppc_radix64_xlate(cpu, eaddr, access_type, relocation, &raddr,
+    if (ppc_radix64_xlate(cpu, eaddr, access_type, &raddr,
                           &page_size, &prot, true)) {
         return 1;
     }
@@ -608,18 +606,11 @@ int ppc_radix64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
 
 hwaddr ppc_radix64_get_phys_page_debug(PowerPCCPU *cpu, target_ulong eaddr)
 {
-    CPUPPCState *env = &cpu->env;
     int psize, prot;
     hwaddr raddr;
 
-    /* Handle Real Mode */
-    if ((msr_dr == 0) && (msr_hv || cpu->vhyp)) {
-        /* In real mode top 4 effective addr bits (mostly) ignored */
-        return eaddr & 0x0FFFFFFFFFFFFFFFULL;
-    }
-
-    if (ppc_radix64_xlate(cpu, eaddr, 0, msr_dr, &raddr, &psize,
-                          &prot, false)) {
+    if (ppc_radix64_xlate(cpu, eaddr, MMU_DATA_LOAD, &raddr,
+                          &psize, &prot, false)) {
         return -1;
     }
 
-- 
2.25.1



^ permalink raw reply	[flat|nested] 46+ messages in thread

* [PATCH 19/24] target/ppc: Use bool success for ppc_radix64_xlate
  2021-05-18 20:11 [PATCH 00/24] target/ppc: Clean up mmu translation Richard Henderson
                   ` (17 preceding siblings ...)
  2021-05-18 20:11 ` [PATCH 18/24] target/ppc: Push real-mode handling into ppc_radix64_xlate Richard Henderson
@ 2021-05-18 20:11 ` Richard Henderson
  2021-05-19 17:53   ` Bruno Piazera Larsen
  2021-05-18 20:11 ` [PATCH 20/24] target/ppc: Split out ppc_hash64_xlate Richard Henderson
                   ` (5 subsequent siblings)
  24 siblings, 1 reply; 46+ messages in thread
From: Richard Henderson @ 2021-05-18 20:11 UTC (permalink / raw)
  To: qemu-devel; +Cc: bruno.larsen, qemu-ppc, david

Instead of returning non-zero for failure, return true for success.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/ppc/mmu-radix64.c | 30 +++++++++++++++---------------
 1 file changed, 15 insertions(+), 15 deletions(-)

diff --git a/target/ppc/mmu-radix64.c b/target/ppc/mmu-radix64.c
index 76a5cc8cdb..7af3e697b2 100644
--- a/target/ppc/mmu-radix64.c
+++ b/target/ppc/mmu-radix64.c
@@ -464,10 +464,10 @@ static int ppc_radix64_process_scoped_xlate(PowerPCCPU *cpu,
  *              | = On        | Process Scoped |    Scoped     |
  *              +-------------+----------------+---------------+
  */
-static int ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr,
-                             MMUAccessType access_type,
-                             hwaddr *raddr, int *psizep, int *protp,
-                             bool guest_visible)
+static bool ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr,
+                              MMUAccessType access_type,
+                              hwaddr *raddr, int *psizep, int *protp,
+                              bool guest_visible)
 {
     CPUPPCState *env = &cpu->env;
     uint64_t lpid, pid;
@@ -493,7 +493,7 @@ static int ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr,
         }
         *protp = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
         *psizep = TARGET_PAGE_BITS;
-        return 0;
+        return true;
     }
 
     /*
@@ -511,7 +511,7 @@ static int ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr,
         if (guest_visible) {
             ppc_radix64_raise_segi(cpu, access_type, eaddr);
         }
-        return 1;
+        return false;
     }
 
     /* Get Process Table */
@@ -524,13 +524,13 @@ static int ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr,
             if (guest_visible) {
                 ppc_radix64_raise_si(cpu, access_type, eaddr, DSISR_NOPTE);
             }
-            return 1;
+            return false;
         }
         if (!validate_pate(cpu, lpid, &pate)) {
             if (guest_visible) {
                 ppc_radix64_raise_si(cpu, access_type, eaddr, DSISR_R_BADCONFIG);
             }
-            return 1;
+            return false;
         }
     }
 
@@ -550,7 +550,7 @@ static int ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr,
                                                    pate, &g_raddr, &prot,
                                                    &psize, guest_visible);
         if (ret) {
-            return ret;
+            return false;
         }
         *psizep = MIN(*psizep, psize);
         *protp &= prot;
@@ -574,7 +574,7 @@ static int ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr,
                                                      &prot, &psize, false,
                                                      guest_visible);
             if (ret) {
-                return ret;
+                return false;
             }
             *psizep = MIN(*psizep, psize);
             *protp &= prot;
@@ -583,7 +583,7 @@ static int ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr,
         }
     }
 
-    return 0;
+    return true;
 }
 
 int ppc_radix64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
@@ -594,8 +594,8 @@ int ppc_radix64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
     hwaddr raddr;
 
     /* Translate eaddr to raddr (where raddr is addr qemu needs for access) */
-    if (ppc_radix64_xlate(cpu, eaddr, access_type, &raddr,
-                          &page_size, &prot, true)) {
+    if (!ppc_radix64_xlate(cpu, eaddr, access_type, &raddr,
+                           &page_size, &prot, true)) {
         return 1;
     }
 
@@ -609,8 +609,8 @@ hwaddr ppc_radix64_get_phys_page_debug(PowerPCCPU *cpu, target_ulong eaddr)
     int psize, prot;
     hwaddr raddr;
 
-    if (ppc_radix64_xlate(cpu, eaddr, MMU_DATA_LOAD, &raddr,
-                          &psize, &prot, false)) {
+    if (!ppc_radix64_xlate(cpu, eaddr, MMU_DATA_LOAD, &raddr,
+                           &psize, &prot, false)) {
         return -1;
     }
 
-- 
2.25.1



^ permalink raw reply	[flat|nested] 46+ messages in thread

* [PATCH 20/24] target/ppc: Split out ppc_hash64_xlate
  2021-05-18 20:11 [PATCH 00/24] target/ppc: Clean up mmu translation Richard Henderson
                   ` (18 preceding siblings ...)
  2021-05-18 20:11 ` [PATCH 19/24] target/ppc: Use bool success for ppc_radix64_xlate Richard Henderson
@ 2021-05-18 20:11 ` Richard Henderson
  2021-05-19 18:09   ` Bruno Piazera Larsen
  2021-05-18 20:11 ` [PATCH 21/24] target/ppc: Split out ppc_hash32_xlate Richard Henderson
                   ` (4 subsequent siblings)
  24 siblings, 1 reply; 46+ messages in thread
From: Richard Henderson @ 2021-05-18 20:11 UTC (permalink / raw)
  To: qemu-devel; +Cc: bruno.larsen, qemu-ppc, david

Mirror the interface of ppc_radix64_xlate, putting all of
the logic for hash64 translation into a single function.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/ppc/mmu-hash64.c | 125 +++++++++++++++++++---------------------
 1 file changed, 59 insertions(+), 66 deletions(-)

diff --git a/target/ppc/mmu-hash64.c b/target/ppc/mmu-hash64.c
index 877a01a296..3024dd1e8c 100644
--- a/target/ppc/mmu-hash64.c
+++ b/target/ppc/mmu-hash64.c
@@ -866,8 +866,10 @@ static int build_vrma_slbe(PowerPCCPU *cpu, ppc_slb_t *slb)
     return -1;
 }
 
-int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
-                                MMUAccessType access_type, int mmu_idx)
+static bool ppc_hash64_xlate(PowerPCCPU *cpu, vaddr eaddr,
+                             MMUAccessType access_type,
+                             hwaddr *raddrp, int *psizep, int *protp,
+                             bool guest_visible)
 {
     CPUState *cs = CPU(cpu);
     CPUPPCState *env = &cpu->env;
@@ -911,9 +913,11 @@ int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
             slb = &vrma_slbe;
             if (build_vrma_slbe(cpu, slb) != 0) {
                 /* Invalid VRMA setup, machine check */
-                cs->exception_index = POWERPC_EXCP_MCHECK;
-                env->error_code = 0;
-                return 1;
+                if (guest_visible) {
+                    cs->exception_index = POWERPC_EXCP_MCHECK;
+                    env->error_code = 0;
+                }
+                return false;
             }
 
             goto skip_slb_search;
@@ -922,6 +926,9 @@ int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
 
             /* Emulated old-style RMO mode, bounds check against RMLS */
             if (raddr >= limit) {
+                if (!guest_visible) {
+                    return false;
+                }
                 switch (access_type) {
                 case MMU_INST_FETCH:
                     ppc_hash64_set_isi(cs, SRR1_PROTFAULT);
@@ -936,15 +943,16 @@ int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
                 default:
                     g_assert_not_reached();
                 }
-                return 1;
+                return false;
             }
 
             raddr |= env->spr[SPR_RMOR];
         }
-        tlb_set_page(cs, eaddr & TARGET_PAGE_MASK, raddr & TARGET_PAGE_MASK,
-                     PAGE_READ | PAGE_WRITE | PAGE_EXEC, mmu_idx,
-                     TARGET_PAGE_SIZE);
-        return 0;
+
+        *raddrp = raddr;
+        *protp = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
+        *psizep = TARGET_PAGE_BITS;
+        return true;
     }
 
     /* 2. Translation is on, so look up the SLB */
@@ -957,6 +965,9 @@ int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
             exit(1);
         }
         /* Segment still not found, generate the appropriate interrupt */
+        if (!guest_visible) {
+            return false;
+        }
         switch (access_type) {
         case MMU_INST_FETCH:
             cs->exception_index = POWERPC_EXCP_ISEG;
@@ -971,20 +982,25 @@ int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
         default:
             g_assert_not_reached();
         }
-        return 1;
+        return false;
     }
 
-skip_slb_search:
+ skip_slb_search:
 
     /* 3. Check for segment level no-execute violation */
     if (access_type == MMU_INST_FETCH && (slb->vsid & SLB_VSID_N)) {
-        ppc_hash64_set_isi(cs, SRR1_NOEXEC_GUARD);
-        return 1;
+        if (guest_visible) {
+            ppc_hash64_set_isi(cs, SRR1_NOEXEC_GUARD);
+        }
+        return false;
     }
 
     /* 4. Locate the PTE in the hash table */
     ptex = ppc_hash64_htab_lookup(cpu, slb, eaddr, &pte, &apshift);
     if (ptex == -1) {
+        if (!guest_visible) {
+            return false;
+        }
         switch (access_type) {
         case MMU_INST_FETCH:
             ppc_hash64_set_isi(cs, SRR1_NOPTE);
@@ -998,7 +1014,7 @@ skip_slb_search:
         default:
             g_assert_not_reached();
         }
-        return 1;
+        return false;
     }
     qemu_log_mask(CPU_LOG_MMU,
                   "found PTE at index %08" HWADDR_PRIx "\n", ptex);
@@ -1014,6 +1030,9 @@ skip_slb_search:
     if (need_prot & ~prot) {
         /* Access right violation */
         qemu_log_mask(CPU_LOG_MMU, "PTE access rejected\n");
+        if (!guest_visible) {
+            return false;
+        }
         if (access_type == MMU_INST_FETCH) {
             int srr1 = 0;
             if (PAGE_EXEC & ~exec_prot) {
@@ -1038,7 +1057,7 @@ skip_slb_search:
             }
             ppc_hash64_set_dsi(cs, eaddr, dsisr);
         }
-        return 1;
+        return false;
     }
 
     qemu_log_mask(CPU_LOG_MMU, "PTE access granted !\n");
@@ -1062,66 +1081,40 @@ skip_slb_search:
 
     /* 7. Determine the real address from the PTE */
 
-    raddr = deposit64(pte.pte1 & HPTE64_R_RPN, 0, apshift, eaddr);
+    *raddrp = deposit64(pte.pte1 & HPTE64_R_RPN, 0, apshift, eaddr);
+    *protp = prot;
+    *psizep = apshift;
+    return true;
+}
+
+int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
+                                MMUAccessType access_type, int mmu_idx)
+{
+    CPUState *cs = CPU(cpu);
+    int page_size, prot;
+    hwaddr raddr;
+
+    if (!ppc_hash64_xlate(cpu, eaddr, access_type, &raddr,
+                          &page_size, &prot, true)) {
+        return 1;
+    }
 
     tlb_set_page(cs, eaddr & TARGET_PAGE_MASK, raddr & TARGET_PAGE_MASK,
-                 prot, mmu_idx, 1ULL << apshift);
-
+                 prot, mmu_idx, 1UL << page_size);
     return 0;
 }
 
-hwaddr ppc_hash64_get_phys_page_debug(PowerPCCPU *cpu, target_ulong addr)
+hwaddr ppc_hash64_get_phys_page_debug(PowerPCCPU *cpu, target_ulong eaddr)
 {
-    CPUPPCState *env = &cpu->env;
-    ppc_slb_t vrma_slbe;
-    ppc_slb_t *slb;
-    hwaddr ptex, raddr;
-    ppc_hash_pte64_t pte;
-    unsigned apshift;
+    int psize, prot;
+    hwaddr raddr;
 
-    /* Handle real mode */
-    if (msr_dr == 0) {
-        /* In real mode the top 4 effective address bits are ignored */
-        raddr = addr & 0x0FFFFFFFFFFFFFFFULL;
-
-        if (cpu->vhyp) {
-            /*
-             * In virtual hypervisor mode, there's nothing to do:
-             *   EA == GPA == qemu guest address
-             */
-            return raddr;
-        } else if ((msr_hv || !env->has_hv_mode) && !(addr >> 63)) {
-            /* In HV mode, add HRMOR if top EA bit is clear */
-            return raddr | env->spr[SPR_HRMOR];
-        } else if (ppc_hash64_use_vrma(env)) {
-            /* Emulated VRMA mode */
-            slb = &vrma_slbe;
-            if (build_vrma_slbe(cpu, slb) != 0) {
-                return -1;
-            }
-        } else {
-            target_ulong limit = rmls_limit(cpu);
-
-            /* Emulated old-style RMO mode, bounds check against RMLS */
-            if (raddr >= limit) {
-                return -1;
-            }
-            return raddr | env->spr[SPR_RMOR];
-        }
-    } else {
-        slb = slb_lookup(cpu, addr);
-        if (!slb) {
-            return -1;
-        }
-    }
-
-    ptex = ppc_hash64_htab_lookup(cpu, slb, addr, &pte, &apshift);
-    if (ptex == -1) {
+    if (!ppc_hash64_xlate(cpu, eaddr, MMU_DATA_LOAD, &raddr,
+                          &psize, &prot, false)) {
         return -1;
     }
 
-    return deposit64(pte.pte1 & HPTE64_R_RPN, 0, apshift, addr)
-        & TARGET_PAGE_MASK;
+    return raddr & TARGET_PAGE_MASK;
 }
 
 void ppc_hash64_tlb_flush_hpte(PowerPCCPU *cpu, target_ulong ptex,
-- 
2.25.1



^ permalink raw reply	[flat|nested] 46+ messages in thread

* [PATCH 21/24] target/ppc: Split out ppc_hash32_xlate
  2021-05-18 20:11 [PATCH 00/24] target/ppc: Clean up mmu translation Richard Henderson
                   ` (19 preceding siblings ...)
  2021-05-18 20:11 ` [PATCH 20/24] target/ppc: Split out ppc_hash64_xlate Richard Henderson
@ 2021-05-18 20:11 ` Richard Henderson
  2021-05-19 18:20   ` Bruno Piazera Larsen
  2021-05-18 20:11 ` [PATCH 22/24] target/ppc: Split out ppc_jumbo_xlate Richard Henderson
                   ` (3 subsequent siblings)
  24 siblings, 1 reply; 46+ messages in thread
From: Richard Henderson @ 2021-05-18 20:11 UTC (permalink / raw)
  To: qemu-devel; +Cc: bruno.larsen, qemu-ppc, david

Mirror the interface of ppc_radix64_xlate, putting all of
the logic for hash32 translation into a single entry point.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/ppc/mmu-hash32.c | 224 ++++++++++++++++++++--------------------
 1 file changed, 113 insertions(+), 111 deletions(-)

diff --git a/target/ppc/mmu-hash32.c b/target/ppc/mmu-hash32.c
index d51be59f95..959dc2ab53 100644
--- a/target/ppc/mmu-hash32.c
+++ b/target/ppc/mmu-hash32.c
@@ -219,10 +219,11 @@ static hwaddr ppc_hash32_bat_lookup(PowerPCCPU *cpu, target_ulong ea,
     return -1;
 }
 
-static int ppc_hash32_direct_store(PowerPCCPU *cpu, target_ulong sr,
-                                   target_ulong eaddr,
-                                   MMUAccessType access_type,
-                                   hwaddr *raddr, int *prot)
+static bool ppc_hash32_direct_store(PowerPCCPU *cpu, target_ulong sr,
+                                    target_ulong eaddr,
+                                    MMUAccessType access_type,
+                                    hwaddr *raddr, int *prot,
+                                    bool guest_visible)
 {
     CPUState *cs = CPU(cpu);
     CPUPPCState *env = &cpu->env;
@@ -239,17 +240,23 @@ static int ppc_hash32_direct_store(PowerPCCPU *cpu, target_ulong sr,
          */
         *raddr = ((sr & 0xF) << 28) | (eaddr & 0x0FFFFFFF);
         *prot = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
-        return 0;
+        return true;
     }
 
     if (access_type == MMU_INST_FETCH) {
         /* No code fetch is allowed in direct-store areas */
-        cs->exception_index = POWERPC_EXCP_ISI;
-        env->error_code = 0x10000000;
-        return 1;
+        if (guest_visible) {
+            cs->exception_index = POWERPC_EXCP_ISI;
+            env->error_code = 0x10000000;
+        }
+        return false;
     }
 
-    switch (env->access_type) {
+    /*
+     * From ppc_cpu_get_phys_page_debug, env->access_type is not set.
+     * Assume ACCESS_INT for that case.
+     */
+    switch (guest_visible ? env->access_type : ACCESS_INT) {
     case ACCESS_INT:
         /* Integer load/store : only access allowed */
         break;
@@ -258,7 +265,7 @@ static int ppc_hash32_direct_store(PowerPCCPU *cpu, target_ulong sr,
         cs->exception_index = POWERPC_EXCP_ALIGN;
         env->error_code = POWERPC_EXCP_ALIGN_FP;
         env->spr[SPR_DAR] = eaddr;
-        return 1;
+        return false;
     case ACCESS_RES:
         /* lwarx, ldarx or srwcx. */
         env->error_code = 0;
@@ -268,7 +275,7 @@ static int ppc_hash32_direct_store(PowerPCCPU *cpu, target_ulong sr,
         } else {
             env->spr[SPR_DSISR] = 0x04000000;
         }
-        return 1;
+        return false;
     case ACCESS_CACHE:
         /*
          * dcba, dcbt, dcbtst, dcbf, dcbi, dcbst, dcbz, or icbi
@@ -277,7 +284,7 @@ static int ppc_hash32_direct_store(PowerPCCPU *cpu, target_ulong sr,
          * no-op, it's quite easy :-)
          */
         *raddr = eaddr;
-        return 0;
+        return true;
     case ACCESS_EXT:
         /* eciwx or ecowx */
         cs->exception_index = POWERPC_EXCP_DSI;
@@ -288,16 +295,18 @@ static int ppc_hash32_direct_store(PowerPCCPU *cpu, target_ulong sr,
         } else {
             env->spr[SPR_DSISR] = 0x04100000;
         }
-        return 1;
+        return false;
     default:
-        cpu_abort(cs, "ERROR: instruction should not need "
-                 "address translation\n");
+        cpu_abort(cs, "ERROR: insn should not need address translation\n");
     }
-    if ((access_type == MMU_DATA_STORE || key != 1) &&
-        (access_type == MMU_DATA_LOAD || key != 0)) {
+
+    *prot = key ? PAGE_READ | PAGE_WRITE : PAGE_READ;
+    if (*prot & prot_for_access_type(access_type)) {
         *raddr = eaddr;
-        return 0;
-    } else {
+        return true;
+    }
+
+    if (guest_visible) {
         cs->exception_index = POWERPC_EXCP_DSI;
         env->error_code = 0;
         env->spr[SPR_DAR] = eaddr;
@@ -306,8 +315,8 @@ static int ppc_hash32_direct_store(PowerPCCPU *cpu, target_ulong sr,
         } else {
             env->spr[SPR_DSISR] = 0x08000000;
         }
-        return 1;
     }
+    return false;
 }
 
 hwaddr get_pteg_offset32(PowerPCCPU *cpu, hwaddr hash)
@@ -416,8 +425,10 @@ static hwaddr ppc_hash32_pte_raddr(target_ulong sr, ppc_hash_pte32_t pte,
     return (rpn & ~mask) | (eaddr & mask);
 }
 
-int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
-                                MMUAccessType access_type, int mmu_idx)
+static bool ppc_hash32_xlate(PowerPCCPU *cpu, vaddr eaddr,
+                             MMUAccessType access_type,
+                             hwaddr *raddrp, int *psizep, int *protp,
+                             bool guest_visible)
 {
     CPUState *cs = CPU(cpu);
     CPUPPCState *env = &cpu->env;
@@ -428,43 +439,43 @@ int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
     int need_prot;
     hwaddr raddr;
 
-    need_prot = prot_for_access_type(access_type);
+    /* There are no hash32 large pages. */
+    *psizep = TARGET_PAGE_BITS;
 
     /* 1. Handle real mode accesses */
     if (access_type == MMU_INST_FETCH ? !msr_ir : !msr_dr) {
         /* Translation is off */
-        raddr = eaddr;
-        tlb_set_page(cs, eaddr & TARGET_PAGE_MASK, raddr & TARGET_PAGE_MASK,
-                     PAGE_READ | PAGE_WRITE | PAGE_EXEC, mmu_idx,
-                     TARGET_PAGE_SIZE);
-        return 0;
+        *raddrp = eaddr;
+        *protp = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
+        return true;
     }
 
+    need_prot = prot_for_access_type(access_type);
+
     /* 2. Check Block Address Translation entries (BATs) */
     if (env->nb_BATs != 0) {
-        raddr = ppc_hash32_bat_lookup(cpu, eaddr, access_type, &prot);
+        raddr = ppc_hash32_bat_lookup(cpu, eaddr, access_type, protp);
         if (raddr != -1) {
-            if (need_prot & ~prot) {
-                if (access_type == MMU_INST_FETCH) {
-                    cs->exception_index = POWERPC_EXCP_ISI;
-                    env->error_code = 0x08000000;
-                } else {
-                    cs->exception_index = POWERPC_EXCP_DSI;
-                    env->error_code = 0;
-                    env->spr[SPR_DAR] = eaddr;
-                    if (access_type == MMU_DATA_STORE) {
-                        env->spr[SPR_DSISR] = 0x0a000000;
+            if (need_prot & ~*protp) {
+                if (guest_visible) {
+                    if (access_type == MMU_INST_FETCH) {
+                        cs->exception_index = POWERPC_EXCP_ISI;
+                        env->error_code = 0x08000000;
                     } else {
-                        env->spr[SPR_DSISR] = 0x08000000;
+                        cs->exception_index = POWERPC_EXCP_DSI;
+                        env->error_code = 0;
+                        env->spr[SPR_DAR] = eaddr;
+                        if (access_type == MMU_DATA_STORE) {
+                            env->spr[SPR_DSISR] = 0x0a000000;
+                        } else {
+                            env->spr[SPR_DSISR] = 0x08000000;
+                        }
                     }
                 }
-                return 1;
+                return false;
             }
-
-            tlb_set_page(cs, eaddr & TARGET_PAGE_MASK,
-                         raddr & TARGET_PAGE_MASK, prot, mmu_idx,
-                         TARGET_PAGE_SIZE);
-            return 0;
+            *raddrp = raddr;
+            return true;
         }
     }
 
@@ -473,42 +484,38 @@ int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
 
     /* 4. Handle direct store segments */
     if (sr & SR32_T) {
-        if (ppc_hash32_direct_store(cpu, sr, eaddr, access_type,
-                                    &raddr, &prot) == 0) {
-            tlb_set_page(cs, eaddr & TARGET_PAGE_MASK,
-                         raddr & TARGET_PAGE_MASK, prot, mmu_idx,
-                         TARGET_PAGE_SIZE);
-            return 0;
-        } else {
-            return 1;
-        }
+        return ppc_hash32_direct_store(cpu, sr, eaddr, access_type,
+                                       raddrp, protp, guest_visible);
     }
 
     /* 5. Check for segment level no-execute violation */
     if (access_type == MMU_INST_FETCH && (sr & SR32_NX)) {
-        cs->exception_index = POWERPC_EXCP_ISI;
-        env->error_code = 0x10000000;
-        return 1;
+        if (guest_visible) {
+            cs->exception_index = POWERPC_EXCP_ISI;
+            env->error_code = 0x10000000;
+        }
+        return false;
     }
 
     /* 6. Locate the PTE in the hash table */
     pte_offset = ppc_hash32_htab_lookup(cpu, sr, eaddr, &pte);
     if (pte_offset == -1) {
-        if (access_type == MMU_INST_FETCH) {
-            cs->exception_index = POWERPC_EXCP_ISI;
-            env->error_code = 0x40000000;
-        } else {
-            cs->exception_index = POWERPC_EXCP_DSI;
-            env->error_code = 0;
-            env->spr[SPR_DAR] = eaddr;
-            if (access_type == MMU_DATA_STORE) {
-                env->spr[SPR_DSISR] = 0x42000000;
+        if (guest_visible) {
+            if (access_type == MMU_INST_FETCH) {
+                cs->exception_index = POWERPC_EXCP_ISI;
+                env->error_code = 0x40000000;
             } else {
-                env->spr[SPR_DSISR] = 0x40000000;
+                cs->exception_index = POWERPC_EXCP_DSI;
+                env->error_code = 0;
+                env->spr[SPR_DAR] = eaddr;
+                if (access_type == MMU_DATA_STORE) {
+                    env->spr[SPR_DSISR] = 0x42000000;
+                } else {
+                    env->spr[SPR_DSISR] = 0x40000000;
+                }
             }
         }
-
-        return 1;
+        return false;
     }
     qemu_log_mask(CPU_LOG_MMU,
                 "found PTE at offset %08" HWADDR_PRIx "\n", pte_offset);
@@ -520,20 +527,22 @@ int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
     if (need_prot & ~prot) {
         /* Access right violation */
         qemu_log_mask(CPU_LOG_MMU, "PTE access rejected\n");
-        if (access_type == MMU_INST_FETCH) {
-            cs->exception_index = POWERPC_EXCP_ISI;
-            env->error_code = 0x08000000;
-        } else {
-            cs->exception_index = POWERPC_EXCP_DSI;
-            env->error_code = 0;
-            env->spr[SPR_DAR] = eaddr;
-            if (access_type == MMU_DATA_STORE) {
-                env->spr[SPR_DSISR] = 0x0a000000;
+        if (guest_visible) {
+            if (access_type == MMU_INST_FETCH) {
+                cs->exception_index = POWERPC_EXCP_ISI;
+                env->error_code = 0x08000000;
             } else {
-                env->spr[SPR_DSISR] = 0x08000000;
+                cs->exception_index = POWERPC_EXCP_DSI;
+                env->error_code = 0;
+                env->spr[SPR_DAR] = eaddr;
+                if (access_type == MMU_DATA_STORE) {
+                    env->spr[SPR_DSISR] = 0x0a000000;
+                } else {
+                    env->spr[SPR_DSISR] = 0x08000000;
+                }
             }
         }
-        return 1;
+        return false;
     }
 
     qemu_log_mask(CPU_LOG_MMU, "PTE access granted !\n");
@@ -557,45 +566,38 @@ int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
 
     /* 9. Determine the real address from the PTE */
 
-    raddr = ppc_hash32_pte_raddr(sr, pte, eaddr);
+    *raddrp = ppc_hash32_pte_raddr(sr, pte, eaddr);
+    *protp = prot;
+    return true;
+}
+
+int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
+                                MMUAccessType access_type, int mmu_idx)
+{
+    CPUState *cs = CPU(cpu);
+    int page_size, prot;
+    hwaddr raddr;
+
+    /* Translate eaddr to raddr (where raddr is addr qemu needs for access) */
+    if (!ppc_hash32_xlate(cpu, eaddr, access_type, &raddr,
+                           &page_size, &prot, true)) {
+        return 1;
+    }
 
     tlb_set_page(cs, eaddr & TARGET_PAGE_MASK, raddr & TARGET_PAGE_MASK,
-                 prot, mmu_idx, TARGET_PAGE_SIZE);
-
+                 prot, mmu_idx, 1UL << page_size);
     return 0;
 }
 
 hwaddr ppc_hash32_get_phys_page_debug(PowerPCCPU *cpu, target_ulong eaddr)
 {
-    CPUPPCState *env = &cpu->env;
-    target_ulong sr;
-    hwaddr pte_offset;
-    ppc_hash_pte32_t pte;
-    int prot;
+    int psize, prot;
+    hwaddr raddr;
 
-    if (msr_dr == 0) {
-        /* Translation is off */
-        return eaddr;
-    }
-
-    if (env->nb_BATs != 0) {
-        hwaddr raddr = ppc_hash32_bat_lookup(cpu, eaddr, 0, &prot);
-        if (raddr != -1) {
-            return raddr;
-        }
-    }
-
-    sr = env->sr[eaddr >> 28];
-
-    if (sr & SR32_T) {
-        /* FIXME: Add suitable debug support for Direct Store segments */
+    if (!ppc_hash32_xlate(cpu, eaddr, MMU_DATA_LOAD, &raddr,
+                           &psize, &prot, false)) {
         return -1;
     }
 
-    pte_offset = ppc_hash32_htab_lookup(cpu, sr, eaddr, &pte);
-    if (pte_offset == -1) {
-        return -1;
-    }
-
-    return ppc_hash32_pte_raddr(sr, pte, eaddr) & TARGET_PAGE_MASK;
+    return raddr & TARGET_PAGE_MASK;
 }
-- 
2.25.1



^ permalink raw reply	[flat|nested] 46+ messages in thread

* [PATCH 22/24] target/ppc: Split out ppc_jumbo_xlate
  2021-05-18 20:11 [PATCH 00/24] target/ppc: Clean up mmu translation Richard Henderson
                   ` (20 preceding siblings ...)
  2021-05-18 20:11 ` [PATCH 21/24] target/ppc: Split out ppc_hash32_xlate Richard Henderson
@ 2021-05-18 20:11 ` Richard Henderson
  2021-05-19 18:40   ` Bruno Piazera Larsen
  2021-05-18 20:11 ` [PATCH 23/24] target/ppc: Introduce ppc_xlate Richard Henderson
                   ` (2 subsequent siblings)
  24 siblings, 1 reply; 46+ messages in thread
From: Richard Henderson @ 2021-05-18 20:11 UTC (permalink / raw)
  To: qemu-devel; +Cc: bruno.larsen, qemu-ppc, david

Mirror the interface of ppc_radix64_xlate (mostly), putting all
of the logic for older mmu translation into a single entry point.
For booke, we need to add mmu_idx to the xlate-style interface.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/ppc/mmu_helper.c | 181 +++++++++++++++++++++-------------------
 1 file changed, 97 insertions(+), 84 deletions(-)

diff --git a/target/ppc/mmu_helper.c b/target/ppc/mmu_helper.c
index 863e556a22..68c2e59238 100644
--- a/target/ppc/mmu_helper.c
+++ b/target/ppc/mmu_helper.c
@@ -1427,48 +1427,6 @@ static int get_physical_address(CPUPPCState *env, mmu_ctx_t *ctx,
     return get_physical_address_wtlb(env, ctx, eaddr, access_type, type, 0);
 }
 
-hwaddr ppc_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
-{
-    PowerPCCPU *cpu = POWERPC_CPU(cs);
-    CPUPPCState *env = &cpu->env;
-    mmu_ctx_t ctx;
-
-    switch (env->mmu_model) {
-#if defined(TARGET_PPC64)
-    case POWERPC_MMU_64B:
-    case POWERPC_MMU_2_03:
-    case POWERPC_MMU_2_06:
-    case POWERPC_MMU_2_07:
-        return ppc_hash64_get_phys_page_debug(cpu, addr);
-    case POWERPC_MMU_3_00:
-        return ppc64_v3_get_phys_page_debug(cpu, addr);
-#endif
-
-    case POWERPC_MMU_32B:
-    case POWERPC_MMU_601:
-        return ppc_hash32_get_phys_page_debug(cpu, addr);
-
-    default:
-        ;
-    }
-
-    if (unlikely(get_physical_address(env, &ctx, addr, MMU_DATA_LOAD,
-                                      ACCESS_INT) != 0)) {
-
-        /*
-         * Some MMUs have separate TLBs for code and data. If we only
-         * try an ACCESS_INT, we may not be able to read instructions
-         * mapped by code TLBs, so we also try a ACCESS_CODE.
-         */
-        if (unlikely(get_physical_address(env, &ctx, addr, MMU_INST_FETCH,
-                                          ACCESS_CODE) != 0)) {
-            return -1;
-        }
-    }
-
-    return ctx.raddr & TARGET_PAGE_MASK;
-}
-
 static void booke206_update_mas_tlb_miss(CPUPPCState *env, target_ulong address,
                                          MMUAccessType access_type, int mmu_idx)
 {
@@ -1524,30 +1482,38 @@ static void booke206_update_mas_tlb_miss(CPUPPCState *env, target_ulong address,
 }
 
 /* Perform address translation */
-static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
-                                    MMUAccessType access_type, int mmu_idx)
+/* TODO: Split this by mmu_model. */
+static bool ppc_jumbo_xlate(PowerPCCPU *cpu, vaddr eaddr,
+                            MMUAccessType access_type,
+                            hwaddr *raddrp, int *psizep, int *protp,
+                            int mmu_idx, bool guest_visible)
 {
-    CPUState *cs = env_cpu(env);
-    PowerPCCPU *cpu = POWERPC_CPU(cs);
+    CPUState *cs = CPU(cpu);
+    CPUPPCState *env = &cpu->env;
     mmu_ctx_t ctx;
     int type;
-    int ret = 0;
+    int ret;
 
     if (access_type == MMU_INST_FETCH) {
         /* code access */
         type = ACCESS_CODE;
-    } else {
+    } else if (guest_visible) {
         /* data access */
         type = env->access_type;
+    } else {
+        type = ACCESS_INT;
     }
-    ret = get_physical_address_wtlb(env, &ctx, address, access_type,
+
+    ret = get_physical_address_wtlb(env, &ctx, eaddr, access_type,
                                     type, mmu_idx);
     if (ret == 0) {
-        tlb_set_page(cs, address & TARGET_PAGE_MASK,
-                     ctx.raddr & TARGET_PAGE_MASK, ctx.prot,
-                     mmu_idx, TARGET_PAGE_SIZE);
-        ret = 0;
-    } else if (ret < 0) {
+        *raddrp = ctx.raddr;
+        *protp = ctx.prot;
+        *psizep = TARGET_PAGE_BITS;
+        return true;
+    }
+
+    if (guest_visible) {
         LOG_MMU_STATE(cs);
         if (type == ACCESS_CODE) {
             switch (ret) {
@@ -1557,7 +1523,7 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
                 case POWERPC_MMU_SOFT_6xx:
                     cs->exception_index = POWERPC_EXCP_IFTLB;
                     env->error_code = 1 << 18;
-                    env->spr[SPR_IMISS] = address;
+                    env->spr[SPR_IMISS] = eaddr;
                     env->spr[SPR_ICMP] = 0x80000000 | ctx.ptem;
                     goto tlb_miss;
                 case POWERPC_MMU_SOFT_74xx:
@@ -1567,29 +1533,25 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
                 case POWERPC_MMU_SOFT_4xx_Z:
                     cs->exception_index = POWERPC_EXCP_ITLB;
                     env->error_code = 0;
-                    env->spr[SPR_40x_DEAR] = address;
+                    env->spr[SPR_40x_DEAR] = eaddr;
                     env->spr[SPR_40x_ESR] = 0x00000000;
                     break;
                 case POWERPC_MMU_BOOKE206:
-                    booke206_update_mas_tlb_miss(env, address, 2, mmu_idx);
+                    booke206_update_mas_tlb_miss(env, eaddr, 2, mmu_idx);
                     /* fall through */
                 case POWERPC_MMU_BOOKE:
                     cs->exception_index = POWERPC_EXCP_ITLB;
                     env->error_code = 0;
-                    env->spr[SPR_BOOKE_DEAR] = address;
+                    env->spr[SPR_BOOKE_DEAR] = eaddr;
                     env->spr[SPR_BOOKE_ESR] = mmubooke206_esr(mmu_idx, MMU_DATA_LOAD);
-                    return -1;
-                case POWERPC_MMU_MPC8xx:
-                    /* XXX: TODO */
-                    cpu_abort(cs, "MPC8xx MMU model is not implemented\n");
                     break;
+                case POWERPC_MMU_MPC8xx:
+                    cpu_abort(cs, "MPC8xx MMU model is not implemented\n");
                 case POWERPC_MMU_REAL:
                     cpu_abort(cs, "PowerPC in real mode should never raise "
                               "any MMU exceptions\n");
-                    return -1;
                 default:
                     cpu_abort(cs, "Unknown or invalid MMU model\n");
-                    return -1;
                 }
                 break;
             case -2:
@@ -1626,7 +1588,7 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
                         cs->exception_index = POWERPC_EXCP_DLTLB;
                         env->error_code = 0;
                     }
-                    env->spr[SPR_DMISS] = address;
+                    env->spr[SPR_DMISS] = eaddr;
                     env->spr[SPR_DCMP] = 0x80000000 | ctx.ptem;
                 tlb_miss:
                     env->error_code |= ctx.key << 19;
@@ -1644,7 +1606,7 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
                 tlb_miss_74xx:
                     /* Implement LRU algorithm */
                     env->error_code = ctx.key << 19;
-                    env->spr[SPR_TLBMISS] = (address & ~((target_ulong)0x3)) |
+                    env->spr[SPR_TLBMISS] = (eaddr & ~((target_ulong)0x3)) |
                         ((env->last_way + 1) & (env->nb_ways - 1));
                     env->spr[SPR_PTEHI] = 0x80000000 | ctx.ptem;
                     break;
@@ -1652,7 +1614,7 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
                 case POWERPC_MMU_SOFT_4xx_Z:
                     cs->exception_index = POWERPC_EXCP_DTLB;
                     env->error_code = 0;
-                    env->spr[SPR_40x_DEAR] = address;
+                    env->spr[SPR_40x_DEAR] = eaddr;
                     if (access_type == MMU_DATA_STORE) {
                         env->spr[SPR_40x_ESR] = 0x00800000;
                     } else {
@@ -1662,23 +1624,20 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
                 case POWERPC_MMU_MPC8xx:
                     /* XXX: TODO */
                     cpu_abort(cs, "MPC8xx MMU model is not implemented\n");
-                    break;
                 case POWERPC_MMU_BOOKE206:
-                    booke206_update_mas_tlb_miss(env, address, access_type, mmu_idx);
+                    booke206_update_mas_tlb_miss(env, eaddr, access_type, mmu_idx);
                     /* fall through */
                 case POWERPC_MMU_BOOKE:
                     cs->exception_index = POWERPC_EXCP_DTLB;
                     env->error_code = 0;
-                    env->spr[SPR_BOOKE_DEAR] = address;
+                    env->spr[SPR_BOOKE_DEAR] = eaddr;
                     env->spr[SPR_BOOKE_ESR] = mmubooke206_esr(mmu_idx, access_type);
-                    return -1;
+                    break;
                 case POWERPC_MMU_REAL:
                     cpu_abort(cs, "PowerPC in real mode should never raise "
                               "any MMU exceptions\n");
-                    return -1;
                 default:
                     cpu_abort(cs, "Unknown or invalid MMU model\n");
-                    return -1;
                 }
                 break;
             case -2:
@@ -1687,16 +1646,16 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
                 env->error_code = 0;
                 if (env->mmu_model == POWERPC_MMU_SOFT_4xx
                     || env->mmu_model == POWERPC_MMU_SOFT_4xx_Z) {
-                    env->spr[SPR_40x_DEAR] = address;
+                    env->spr[SPR_40x_DEAR] = eaddr;
                     if (access_type == MMU_DATA_STORE) {
                         env->spr[SPR_40x_ESR] |= 0x00800000;
                     }
                 } else if ((env->mmu_model == POWERPC_MMU_BOOKE) ||
                            (env->mmu_model == POWERPC_MMU_BOOKE206)) {
-                    env->spr[SPR_BOOKE_DEAR] = address;
+                    env->spr[SPR_BOOKE_DEAR] = eaddr;
                     env->spr[SPR_BOOKE_ESR] = mmubooke206_esr(mmu_idx, access_type);
                 } else {
-                    env->spr[SPR_DAR] = address;
+                    env->spr[SPR_DAR] = eaddr;
                     if (access_type == MMU_DATA_STORE) {
                         env->spr[SPR_DSISR] = 0x0A000000;
                     } else {
@@ -1711,13 +1670,13 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
                     /* Floating point load/store */
                     cs->exception_index = POWERPC_EXCP_ALIGN;
                     env->error_code = POWERPC_EXCP_ALIGN_FP;
-                    env->spr[SPR_DAR] = address;
+                    env->spr[SPR_DAR] = eaddr;
                     break;
                 case ACCESS_RES:
                     /* lwarx, ldarx or stwcx. */
                     cs->exception_index = POWERPC_EXCP_DSI;
                     env->error_code = 0;
-                    env->spr[SPR_DAR] = address;
+                    env->spr[SPR_DAR] = eaddr;
                     if (access_type == MMU_DATA_STORE) {
                         env->spr[SPR_DSISR] = 0x06000000;
                     } else {
@@ -1728,7 +1687,7 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
                     /* eciwx or ecowx */
                     cs->exception_index = POWERPC_EXCP_DSI;
                     env->error_code = 0;
-                    env->spr[SPR_DAR] = address;
+                    env->spr[SPR_DAR] = eaddr;
                     if (access_type == MMU_DATA_STORE) {
                         env->spr[SPR_DSISR] = 0x06100000;
                     } else {
@@ -1740,16 +1699,14 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
                     cs->exception_index = POWERPC_EXCP_PROGRAM;
                     env->error_code =
                         POWERPC_EXCP_INVAL | POWERPC_EXCP_INVAL_INVAL;
-                    env->spr[SPR_DAR] = address;
+                    env->spr[SPR_DAR] = eaddr;
                     break;
                 }
                 break;
             }
         }
-        ret = 1;
     }
-
-    return ret;
+    return false;
 }
 
 /*****************************************************************************/
@@ -2958,6 +2915,62 @@ void helper_check_tlb_flush_global(CPUPPCState *env)
 
 /*****************************************************************************/
 
+static int cpu_ppc_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
+                                    MMUAccessType access_type, int mmu_idx)
+{
+    CPUState *cs = CPU(cpu);
+    int page_size, prot;
+    hwaddr raddr;
+
+    if (!ppc_jumbo_xlate(cpu, eaddr, access_type, &raddr,
+                         &page_size, &prot, mmu_idx, true)) {
+        return 1;
+    }
+
+    tlb_set_page(cs, eaddr & TARGET_PAGE_MASK, raddr & TARGET_PAGE_MASK,
+                 prot, mmu_idx, 1UL << page_size);
+    return 0;
+}
+
+hwaddr ppc_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
+{
+    PowerPCCPU *cpu = POWERPC_CPU(cs);
+    CPUPPCState *env = &cpu->env;
+    hwaddr raddr;
+    int s, p;
+
+    switch (env->mmu_model) {
+#if defined(TARGET_PPC64)
+    case POWERPC_MMU_64B:
+    case POWERPC_MMU_2_03:
+    case POWERPC_MMU_2_06:
+    case POWERPC_MMU_2_07:
+        return ppc_hash64_get_phys_page_debug(cpu, addr);
+    case POWERPC_MMU_3_00:
+        return ppc64_v3_get_phys_page_debug(cpu, addr);
+#endif
+
+    case POWERPC_MMU_32B:
+    case POWERPC_MMU_601:
+        return ppc_hash32_get_phys_page_debug(cpu, addr);
+
+    default:
+        ;
+    }
+
+    /*
+     * Some MMUs have separate TLBs for code and data. If we only
+     * try an MMU_DATA_LOAD, we may not be able to read instructions
+     * mapped by code TLBs, so we also try a MMU_INST_FETCH.
+     */
+    if (ppc_jumbo_xlate(cpu, addr, MMU_DATA_LOAD, &raddr, &s, &p, 0, false) ||
+        ppc_jumbo_xlate(cpu, addr, MMU_INST_FETCH, &raddr, &s, &p, 0, false)) {
+        return raddr & TARGET_PAGE_MASK;
+    }
+    return -1;
+}
+
+
 bool ppc_cpu_tlb_fill(CPUState *cs, vaddr addr, int size,
                       MMUAccessType access_type, int mmu_idx,
                       bool probe, uintptr_t retaddr)
@@ -2985,7 +2998,7 @@ bool ppc_cpu_tlb_fill(CPUState *cs, vaddr addr, int size,
         break;
 
     default:
-        ret = cpu_ppc_handle_mmu_fault(env, addr, access_type, mmu_idx);
+        ret = cpu_ppc_handle_mmu_fault(cpu, addr, access_type, mmu_idx);
         break;
     }
     if (unlikely(ret != 0)) {
-- 
2.25.1



^ permalink raw reply	[flat|nested] 46+ messages in thread

* [PATCH 23/24] target/ppc: Introduce ppc_xlate
  2021-05-18 20:11 [PATCH 00/24] target/ppc: Clean up mmu translation Richard Henderson
                   ` (21 preceding siblings ...)
  2021-05-18 20:11 ` [PATCH 22/24] target/ppc: Split out ppc_jumbo_xlate Richard Henderson
@ 2021-05-18 20:11 ` Richard Henderson
  2021-05-19 18:53   ` Bruno Piazera Larsen
  2021-05-18 20:11 ` [PATCH 24/24] target/ppc: Restrict ppc_cpu_tlb_fill to TCG Richard Henderson
  2021-05-19  2:52 ` [PATCH 00/24] target/ppc: Clean up mmu translation David Gibson
  24 siblings, 1 reply; 46+ messages in thread
From: Richard Henderson @ 2021-05-18 20:11 UTC (permalink / raw)
  To: qemu-devel; +Cc: bruno.larsen, qemu-ppc, david

Create one common dispatch for all of the ppc_*_xlate functions.
Use ppc64_v3_radix to directly dispatch between ppc_radix64_xlate
and ppc_hash64_xlate.

Remove the separate *_handle_mmu_fault and *_get_phys_page_debug
functions, using common code for ppc_cpu_tlb_fill and
ppc_cpu_get_phys_page_debug.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/ppc/mmu-book3s-v3.h |   5 --
 target/ppc/mmu-hash32.h    |   6 +--
 target/ppc/mmu-hash64.h    |   6 +--
 target/ppc/mmu-radix64.h   |   6 +--
 target/ppc/mmu-book3s-v3.c |  19 -------
 target/ppc/mmu-hash32.c    |  38 ++-----------
 target/ppc/mmu-hash64.c    |  37 ++-----------
 target/ppc/mmu-radix64.c   |  38 ++-----------
 target/ppc/mmu_helper.c    | 106 ++++++++++++++-----------------------
 9 files changed, 58 insertions(+), 203 deletions(-)

diff --git a/target/ppc/mmu-book3s-v3.h b/target/ppc/mmu-book3s-v3.h
index 7b89be54b8..a1326df969 100644
--- a/target/ppc/mmu-book3s-v3.h
+++ b/target/ppc/mmu-book3s-v3.h
@@ -67,11 +67,6 @@ static inline bool ppc64_v3_radix(PowerPCCPU *cpu)
     return !!(cpu->env.spr[SPR_LPCR] & LPCR_HR);
 }
 
-hwaddr ppc64_v3_get_phys_page_debug(PowerPCCPU *cpu, vaddr eaddr);
-
-int ppc64_v3_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr, int rwx,
-                              int mmu_idx);
-
 static inline hwaddr ppc_hash64_hpt_base(PowerPCCPU *cpu)
 {
     uint64_t base;
diff --git a/target/ppc/mmu-hash32.h b/target/ppc/mmu-hash32.h
index 30e35718a7..8694eccabd 100644
--- a/target/ppc/mmu-hash32.h
+++ b/target/ppc/mmu-hash32.h
@@ -4,9 +4,9 @@
 #ifndef CONFIG_USER_ONLY
 
 hwaddr get_pteg_offset32(PowerPCCPU *cpu, hwaddr hash);
-hwaddr ppc_hash32_get_phys_page_debug(PowerPCCPU *cpu, target_ulong addr);
-int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr address,
-                                MMUAccessType access_type, int mmu_idx);
+bool ppc_hash32_xlate(PowerPCCPU *cpu, vaddr eaddr, MMUAccessType access_type,
+                      hwaddr *raddrp, int *psizep, int *protp,
+                      bool guest_visible);
 
 /*
  * Segment register definitions
diff --git a/target/ppc/mmu-hash64.h b/target/ppc/mmu-hash64.h
index 3e8a8eec1f..9f338e1fe9 100644
--- a/target/ppc/mmu-hash64.h
+++ b/target/ppc/mmu-hash64.h
@@ -7,9 +7,9 @@
 void dump_slb(PowerPCCPU *cpu);
 int ppc_store_slb(PowerPCCPU *cpu, target_ulong slot,
                   target_ulong esid, target_ulong vsid);
-hwaddr ppc_hash64_get_phys_page_debug(PowerPCCPU *cpu, target_ulong addr);
-int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr address,
-                                MMUAccessType access_type, int mmu_idx);
+bool ppc_hash64_xlate(PowerPCCPU *cpu, vaddr eaddr, MMUAccessType access_type,
+                      hwaddr *raddrp, int *psizep, int *protp,
+                      bool guest_visible);
 void ppc_hash64_tlb_flush_hpte(PowerPCCPU *cpu,
                                target_ulong pte_index,
                                target_ulong pte0, target_ulong pte1);
diff --git a/target/ppc/mmu-radix64.h b/target/ppc/mmu-radix64.h
index 94bd72cb38..6b13b89b64 100644
--- a/target/ppc/mmu-radix64.h
+++ b/target/ppc/mmu-radix64.h
@@ -44,9 +44,9 @@
 
 #ifdef TARGET_PPC64
 
-int ppc_radix64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
-                                 MMUAccessType access_type, int mmu_idx);
-hwaddr ppc_radix64_get_phys_page_debug(PowerPCCPU *cpu, target_ulong addr);
+bool ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr, MMUAccessType access_type,
+                       hwaddr *raddr, int *psizep, int *protp,
+                       bool guest_visible);
 
 static inline int ppc_radix64_get_prot_eaa(uint64_t pte)
 {
diff --git a/target/ppc/mmu-book3s-v3.c b/target/ppc/mmu-book3s-v3.c
index c78fd8dc0e..f4985bae78 100644
--- a/target/ppc/mmu-book3s-v3.c
+++ b/target/ppc/mmu-book3s-v3.c
@@ -23,25 +23,6 @@
 #include "mmu-book3s-v3.h"
 #include "mmu-radix64.h"
 
-int ppc64_v3_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr, int rwx,
-                              int mmu_idx)
-{
-    if (ppc64_v3_radix(cpu)) { /* Guest uses radix */
-        return ppc_radix64_handle_mmu_fault(cpu, eaddr, rwx, mmu_idx);
-    } else { /* Guest uses hash */
-        return ppc_hash64_handle_mmu_fault(cpu, eaddr, rwx, mmu_idx);
-    }
-}
-
-hwaddr ppc64_v3_get_phys_page_debug(PowerPCCPU *cpu, vaddr eaddr)
-{
-    if (ppc64_v3_radix(cpu)) {
-        return ppc_radix64_get_phys_page_debug(cpu, eaddr);
-    } else {
-        return ppc_hash64_get_phys_page_debug(cpu, eaddr);
-    }
-}
-
 bool ppc64_v3_get_pate(PowerPCCPU *cpu, target_ulong lpid, ppc_v3_pate_t *entry)
 {
     uint64_t patb = cpu->env.spr[SPR_PTCR] & PTCR_PATB;
diff --git a/target/ppc/mmu-hash32.c b/target/ppc/mmu-hash32.c
index 959dc2ab53..32d1f4a954 100644
--- a/target/ppc/mmu-hash32.c
+++ b/target/ppc/mmu-hash32.c
@@ -425,10 +425,9 @@ static hwaddr ppc_hash32_pte_raddr(target_ulong sr, ppc_hash_pte32_t pte,
     return (rpn & ~mask) | (eaddr & mask);
 }
 
-static bool ppc_hash32_xlate(PowerPCCPU *cpu, vaddr eaddr,
-                             MMUAccessType access_type,
-                             hwaddr *raddrp, int *psizep, int *protp,
-                             bool guest_visible)
+bool ppc_hash32_xlate(PowerPCCPU *cpu, vaddr eaddr, MMUAccessType access_type,
+                      hwaddr *raddrp, int *psizep, int *protp,
+                      bool guest_visible)
 {
     CPUState *cs = CPU(cpu);
     CPUPPCState *env = &cpu->env;
@@ -570,34 +569,3 @@ static bool ppc_hash32_xlate(PowerPCCPU *cpu, vaddr eaddr,
     *protp = prot;
     return true;
 }
-
-int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
-                                MMUAccessType access_type, int mmu_idx)
-{
-    CPUState *cs = CPU(cpu);
-    int page_size, prot;
-    hwaddr raddr;
-
-    /* Translate eaddr to raddr (where raddr is addr qemu needs for access) */
-    if (!ppc_hash32_xlate(cpu, eaddr, access_type, &raddr,
-                           &page_size, &prot, true)) {
-        return 1;
-    }
-
-    tlb_set_page(cs, eaddr & TARGET_PAGE_MASK, raddr & TARGET_PAGE_MASK,
-                 prot, mmu_idx, 1UL << page_size);
-    return 0;
-}
-
-hwaddr ppc_hash32_get_phys_page_debug(PowerPCCPU *cpu, target_ulong eaddr)
-{
-    int psize, prot;
-    hwaddr raddr;
-
-    if (!ppc_hash32_xlate(cpu, eaddr, MMU_DATA_LOAD, &raddr,
-                           &psize, &prot, false)) {
-        return -1;
-    }
-
-    return raddr & TARGET_PAGE_MASK;
-}
diff --git a/target/ppc/mmu-hash64.c b/target/ppc/mmu-hash64.c
index 3024dd1e8c..ce0068590f 100644
--- a/target/ppc/mmu-hash64.c
+++ b/target/ppc/mmu-hash64.c
@@ -866,10 +866,9 @@ static int build_vrma_slbe(PowerPCCPU *cpu, ppc_slb_t *slb)
     return -1;
 }
 
-static bool ppc_hash64_xlate(PowerPCCPU *cpu, vaddr eaddr,
-                             MMUAccessType access_type,
-                             hwaddr *raddrp, int *psizep, int *protp,
-                             bool guest_visible)
+bool ppc_hash64_xlate(PowerPCCPU *cpu, vaddr eaddr, MMUAccessType access_type,
+                      hwaddr *raddrp, int *psizep, int *protp,
+                      bool guest_visible)
 {
     CPUState *cs = CPU(cpu);
     CPUPPCState *env = &cpu->env;
@@ -1087,36 +1086,6 @@ static bool ppc_hash64_xlate(PowerPCCPU *cpu, vaddr eaddr,
     return true;
 }
 
-int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
-                                MMUAccessType access_type, int mmu_idx)
-{
-    CPUState *cs = CPU(cpu);
-    int page_size, prot;
-    hwaddr raddr;
-
-    if (!ppc_hash64_xlate(cpu, eaddr, access_type, &raddr,
-                          &page_size, &prot, true)) {
-        return 1;
-    }
-
-    tlb_set_page(cs, eaddr & TARGET_PAGE_MASK, raddr & TARGET_PAGE_MASK,
-                 prot, mmu_idx, 1UL << page_size);
-    return 0;
-}
-
-hwaddr ppc_hash64_get_phys_page_debug(PowerPCCPU *cpu, target_ulong eaddr)
-{
-    int psize, prot;
-    hwaddr raddr;
-
-    if (!ppc_hash64_xlate(cpu, eaddr, MMU_DATA_LOAD, &raddr,
-                          &psize, &prot, false)) {
-        return -1;
-    }
-
-    return raddr & TARGET_PAGE_MASK;
-}
-
 void ppc_hash64_tlb_flush_hpte(PowerPCCPU *cpu, target_ulong ptex,
                                target_ulong pte0, target_ulong pte1)
 {
diff --git a/target/ppc/mmu-radix64.c b/target/ppc/mmu-radix64.c
index 7af3e697b2..eabfe4e261 100644
--- a/target/ppc/mmu-radix64.c
+++ b/target/ppc/mmu-radix64.c
@@ -464,10 +464,9 @@ static int ppc_radix64_process_scoped_xlate(PowerPCCPU *cpu,
  *              | = On        | Process Scoped |    Scoped     |
  *              +-------------+----------------+---------------+
  */
-static bool ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr,
-                              MMUAccessType access_type,
-                              hwaddr *raddr, int *psizep, int *protp,
-                              bool guest_visible)
+bool ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr, MMUAccessType access_type,
+                       hwaddr *raddr, int *psizep, int *protp,
+                       bool guest_visible)
 {
     CPUPPCState *env = &cpu->env;
     uint64_t lpid, pid;
@@ -585,34 +584,3 @@ static bool ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr,
 
     return true;
 }
-
-int ppc_radix64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
-                                 MMUAccessType access_type, int mmu_idx)
-{
-    CPUState *cs = CPU(cpu);
-    int page_size, prot;
-    hwaddr raddr;
-
-    /* Translate eaddr to raddr (where raddr is addr qemu needs for access) */
-    if (!ppc_radix64_xlate(cpu, eaddr, access_type, &raddr,
-                           &page_size, &prot, true)) {
-        return 1;
-    }
-
-    tlb_set_page(cs, eaddr & TARGET_PAGE_MASK, raddr & TARGET_PAGE_MASK,
-                 prot, mmu_idx, 1UL << page_size);
-    return 0;
-}
-
-hwaddr ppc_radix64_get_phys_page_debug(PowerPCCPU *cpu, target_ulong eaddr)
-{
-    int psize, prot;
-    hwaddr raddr;
-
-    if (!ppc_radix64_xlate(cpu, eaddr, MMU_DATA_LOAD, &raddr,
-                           &psize, &prot, false)) {
-        return -1;
-    }
-
-    return raddr & TARGET_PAGE_MASK;
-}
diff --git a/target/ppc/mmu_helper.c b/target/ppc/mmu_helper.c
index 68c2e59238..2535ea1836 100644
--- a/target/ppc/mmu_helper.c
+++ b/target/ppc/mmu_helper.c
@@ -2915,98 +2915,72 @@ void helper_check_tlb_flush_global(CPUPPCState *env)
 
 /*****************************************************************************/
 
-static int cpu_ppc_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
-                                    MMUAccessType access_type, int mmu_idx)
+static bool ppc_xlate(PowerPCCPU *cpu, vaddr eaddr, MMUAccessType access_type,
+                      hwaddr *raddrp, int *psizep, int *protp,
+                      int mmu_idx, bool guest_visible)
 {
-    CPUState *cs = CPU(cpu);
-    int page_size, prot;
-    hwaddr raddr;
+    switch (cpu->env.mmu_model) {
+#if defined(TARGET_PPC64)
+    case POWERPC_MMU_3_00:
+        if (ppc64_v3_radix(cpu)) {
+            return ppc_radix64_xlate(cpu, eaddr, access_type,
+                                     raddrp, psizep, protp, guest_visible);
+        }
+        /* fall through */
+    case POWERPC_MMU_64B:
+    case POWERPC_MMU_2_03:
+    case POWERPC_MMU_2_06:
+    case POWERPC_MMU_2_07:
+        return ppc_hash64_xlate(cpu, eaddr, access_type,
+                                raddrp, psizep, protp, guest_visible);
+#endif
 
-    if (!ppc_jumbo_xlate(cpu, eaddr, access_type, &raddr,
-                         &page_size, &prot, mmu_idx, true)) {
-        return 1;
+    case POWERPC_MMU_32B:
+    case POWERPC_MMU_601:
+        return ppc_hash32_xlate(cpu, eaddr, access_type,
+                                raddrp, psizep, protp, guest_visible);
+
+    default:
+        return ppc_jumbo_xlate(cpu, eaddr, access_type, raddrp,
+                               psizep, protp, mmu_idx, guest_visible);
     }
-
-    tlb_set_page(cs, eaddr & TARGET_PAGE_MASK, raddr & TARGET_PAGE_MASK,
-                 prot, mmu_idx, 1UL << page_size);
-    return 0;
 }
 
 hwaddr ppc_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
 {
     PowerPCCPU *cpu = POWERPC_CPU(cs);
-    CPUPPCState *env = &cpu->env;
     hwaddr raddr;
     int s, p;
 
-    switch (env->mmu_model) {
-#if defined(TARGET_PPC64)
-    case POWERPC_MMU_64B:
-    case POWERPC_MMU_2_03:
-    case POWERPC_MMU_2_06:
-    case POWERPC_MMU_2_07:
-        return ppc_hash64_get_phys_page_debug(cpu, addr);
-    case POWERPC_MMU_3_00:
-        return ppc64_v3_get_phys_page_debug(cpu, addr);
-#endif
-
-    case POWERPC_MMU_32B:
-    case POWERPC_MMU_601:
-        return ppc_hash32_get_phys_page_debug(cpu, addr);
-
-    default:
-        ;
-    }
-
     /*
      * Some MMUs have separate TLBs for code and data. If we only
      * try an MMU_DATA_LOAD, we may not be able to read instructions
      * mapped by code TLBs, so we also try a MMU_INST_FETCH.
      */
-    if (ppc_jumbo_xlate(cpu, addr, MMU_DATA_LOAD, &raddr, &s, &p, 0, false) ||
-        ppc_jumbo_xlate(cpu, addr, MMU_INST_FETCH, &raddr, &s, &p, 0, false)) {
+    if (ppc_xlate(cpu, addr, MMU_DATA_LOAD, &raddr, &s, &p, 0, false) ||
+        ppc_xlate(cpu, addr, MMU_INST_FETCH, &raddr, &s, &p, 0, false)) {
         return raddr & TARGET_PAGE_MASK;
     }
     return -1;
 }
 
-
-bool ppc_cpu_tlb_fill(CPUState *cs, vaddr addr, int size,
+bool ppc_cpu_tlb_fill(CPUState *cs, vaddr eaddr, int size,
                       MMUAccessType access_type, int mmu_idx,
                       bool probe, uintptr_t retaddr)
 {
     PowerPCCPU *cpu = POWERPC_CPU(cs);
-    CPUPPCState *env = &cpu->env;
-    int ret;
+    hwaddr raddr;
+    int page_size, prot;
 
-    switch (env->mmu_model) {
-#if defined(TARGET_PPC64)
-    case POWERPC_MMU_64B:
-    case POWERPC_MMU_2_03:
-    case POWERPC_MMU_2_06:
-    case POWERPC_MMU_2_07:
-        ret = ppc_hash64_handle_mmu_fault(cpu, addr, access_type, mmu_idx);
-        break;
-    case POWERPC_MMU_3_00:
-        ret = ppc64_v3_handle_mmu_fault(cpu, addr, access_type, mmu_idx);
-        break;
-#endif
-
-    case POWERPC_MMU_32B:
-    case POWERPC_MMU_601:
-        ret = ppc_hash32_handle_mmu_fault(cpu, addr, access_type, mmu_idx);
-        break;
-
-    default:
-        ret = cpu_ppc_handle_mmu_fault(cpu, addr, access_type, mmu_idx);
-        break;
+    if (ppc_xlate(cpu, eaddr, access_type, &raddr,
+                  &page_size, &prot, mmu_idx, !probe)) {
+        tlb_set_page(cs, eaddr & TARGET_PAGE_MASK, raddr & TARGET_PAGE_MASK,
+                     prot, mmu_idx, 1UL << page_size);
+        return true;
     }
-    if (unlikely(ret != 0)) {
-        if (probe) {
-            return false;
-        }
-        raise_exception_err_ra(env, cs->exception_index, env->error_code,
-                               retaddr);
+    if (probe) {
+        return false;
     }
-    return true;
+    raise_exception_err_ra(&cpu->env, cs->exception_index,
+                           cpu->env.error_code, retaddr);
 }
-- 
2.25.1



^ permalink raw reply	[flat|nested] 46+ messages in thread

* [PATCH 24/24] target/ppc: Restrict ppc_cpu_tlb_fill to TCG
  2021-05-18 20:11 [PATCH 00/24] target/ppc: Clean up mmu translation Richard Henderson
                   ` (22 preceding siblings ...)
  2021-05-18 20:11 ` [PATCH 23/24] target/ppc: Introduce ppc_xlate Richard Henderson
@ 2021-05-18 20:11 ` Richard Henderson
  2021-05-20 13:18   ` Bruno Piazera Larsen
  2021-05-19  2:52 ` [PATCH 00/24] target/ppc: Clean up mmu translation David Gibson
  24 siblings, 1 reply; 46+ messages in thread
From: Richard Henderson @ 2021-05-18 20:11 UTC (permalink / raw)
  To: qemu-devel; +Cc: bruno.larsen, qemu-ppc, david

This function is used by TCGCPUOps, and is thus TCG specific.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/ppc/mmu_helper.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/target/ppc/mmu_helper.c b/target/ppc/mmu_helper.c
index 2535ea1836..78e6f7496b 100644
--- a/target/ppc/mmu_helper.c
+++ b/target/ppc/mmu_helper.c
@@ -2964,6 +2964,7 @@ hwaddr ppc_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
     return -1;
 }
 
+#ifdef CONFIG_TCG
 bool ppc_cpu_tlb_fill(CPUState *cs, vaddr eaddr, int size,
                       MMUAccessType access_type, int mmu_idx,
                       bool probe, uintptr_t retaddr)
@@ -2984,3 +2985,4 @@ bool ppc_cpu_tlb_fill(CPUState *cs, vaddr eaddr, int size,
     raise_exception_err_ra(&cpu->env, cs->exception_index,
                            cpu->env.error_code, retaddr);
 }
+#endif
-- 
2.25.1



^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 00/24] target/ppc: Clean up mmu translation
  2021-05-18 20:11 [PATCH 00/24] target/ppc: Clean up mmu translation Richard Henderson
                   ` (23 preceding siblings ...)
  2021-05-18 20:11 ` [PATCH 24/24] target/ppc: Restrict ppc_cpu_tlb_fill to TCG Richard Henderson
@ 2021-05-19  2:52 ` David Gibson
  2021-05-19 20:37   ` Richard Henderson
  24 siblings, 1 reply; 46+ messages in thread
From: David Gibson @ 2021-05-19  2:52 UTC (permalink / raw)
  To: Richard Henderson; +Cc: bruno.larsen, qemu-ppc, qemu-devel

[-- Attachment #1: Type: text/plain, Size: 597 bytes --]

On Tue, May 18, 2021 at 03:11:22PM -0500, Richard Henderson wrote:
> This attempts the cleanup I've been talking about with Bruno.
> 
> On the way, there's a lot of MMUAccessType cleanup, to get the
> code into the form I wanted the interface to share.  There's a
> lot more cleanup that could be done, particularly wrt the older
> mmu models.

I've applied 1..15, still looking at the rest.

-- 
David Gibson			| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au	| minimalist, thank you.  NOT _the_ _other_
				| _way_ _around_!
http://www.ozlabs.org/~dgibson

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 16/24] target/ppc: Remove PowerPCCPUClass.handle_mmu_fault
  2021-05-18 20:11 ` [PATCH 16/24] target/ppc: Remove PowerPCCPUClass.handle_mmu_fault Richard Henderson
@ 2021-05-19 13:02   ` Bruno Piazera Larsen
  2021-05-24  3:28   ` David Gibson
  1 sibling, 0 replies; 46+ messages in thread
From: Bruno Piazera Larsen @ 2021-05-19 13:02 UTC (permalink / raw)
  To: Richard Henderson, qemu-devel; +Cc: qemu-ppc, david

[-- Attachment #1: Type: text/plain, Size: 10833 bytes --]


On 18/05/2021 17:11, Richard Henderson wrote:
> Instead, use a switch on env->mmu_model.  This avoids some
> replicated information in cpu setup.
>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

Reviewed-by: Bruno Larsen (billionai)<bruno.larsen@eldorado.org.br>

> ---
>   target/ppc/cpu-qom.h    |  1 -
>   target/ppc/cpu_init.c   | 45 -----------------------------------------
>   target/ppc/mmu_helper.c | 24 ++++++++++++++++++----
>   3 files changed, 20 insertions(+), 50 deletions(-)
>
> diff --git a/target/ppc/cpu-qom.h b/target/ppc/cpu-qom.h
> index 06b6571bc9..3b14d2f134 100644
> --- a/target/ppc/cpu-qom.h
> +++ b/target/ppc/cpu-qom.h
> @@ -198,7 +198,6 @@ struct PowerPCCPUClass {
>       int n_host_threads;
>       void (*init_proc)(CPUPPCState *env);
>       int  (*check_pow)(CPUPPCState *env);
> -    int (*handle_mmu_fault)(PowerPCCPU *cpu, vaddr eaddr, int rwx, int mmu_idx);
>       bool (*interrupts_big_endian)(PowerPCCPU *cpu);
>   };
>   
> diff --git a/target/ppc/cpu_init.c b/target/ppc/cpu_init.c
> index d0fa219880..d33aded7cf 100644
> --- a/target/ppc/cpu_init.c
> +++ b/target/ppc/cpu_init.c
> @@ -4580,9 +4580,6 @@ POWERPC_FAMILY(601)(ObjectClass *oc, void *data)
>                       (1ull << MSR_IR) |
>                       (1ull << MSR_DR);
>       pcc->mmu_model = POWERPC_MMU_601;
> -#if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
> -#endif
>       pcc->excp_model = POWERPC_EXCP_601;
>       pcc->bus_model = PPC_FLAGS_INPUT_6xx;
>       pcc->bfd_mach = bfd_mach_ppc_601;
> @@ -4625,9 +4622,6 @@ POWERPC_FAMILY(601v)(ObjectClass *oc, void *data)
>                       (1ull << MSR_IR) |
>                       (1ull << MSR_DR);
>       pcc->mmu_model = POWERPC_MMU_601;
> -#if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
> -#endif
>       pcc->bus_model = PPC_FLAGS_INPUT_6xx;
>       pcc->bfd_mach = bfd_mach_ppc_601;
>       pcc->flags = POWERPC_FLAG_SE | POWERPC_FLAG_RTC_CLK | POWERPC_FLAG_HID0_LE;
> @@ -4891,9 +4885,6 @@ POWERPC_FAMILY(604)(ObjectClass *oc, void *data)
>                       (1ull << MSR_RI) |
>                       (1ull << MSR_LE);
>       pcc->mmu_model = POWERPC_MMU_32B;
> -#if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
> -#endif
>       pcc->excp_model = POWERPC_EXCP_604;
>       pcc->bus_model = PPC_FLAGS_INPUT_6xx;
>       pcc->bfd_mach = bfd_mach_ppc_604;
> @@ -4975,9 +4966,6 @@ POWERPC_FAMILY(604E)(ObjectClass *oc, void *data)
>                       (1ull << MSR_RI) |
>                       (1ull << MSR_LE);
>       pcc->mmu_model = POWERPC_MMU_32B;
> -#if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
> -#endif
>       pcc->excp_model = POWERPC_EXCP_604;
>       pcc->bus_model = PPC_FLAGS_INPUT_6xx;
>       pcc->bfd_mach = bfd_mach_ppc_604;
> @@ -5046,9 +5034,6 @@ POWERPC_FAMILY(740)(ObjectClass *oc, void *data)
>                       (1ull << MSR_RI) |
>                       (1ull << MSR_LE);
>       pcc->mmu_model = POWERPC_MMU_32B;
> -#if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
> -#endif
>       pcc->excp_model = POWERPC_EXCP_7x0;
>       pcc->bus_model = PPC_FLAGS_INPUT_6xx;
>       pcc->bfd_mach = bfd_mach_ppc_750;
> @@ -5126,9 +5111,6 @@ POWERPC_FAMILY(750)(ObjectClass *oc, void *data)
>                       (1ull << MSR_RI) |
>                       (1ull << MSR_LE);
>       pcc->mmu_model = POWERPC_MMU_32B;
> -#if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
> -#endif
>       pcc->excp_model = POWERPC_EXCP_7x0;
>       pcc->bus_model = PPC_FLAGS_INPUT_6xx;
>       pcc->bfd_mach = bfd_mach_ppc_750;
> @@ -5329,9 +5311,6 @@ POWERPC_FAMILY(750cl)(ObjectClass *oc, void *data)
>                       (1ull << MSR_RI) |
>                       (1ull << MSR_LE);
>       pcc->mmu_model = POWERPC_MMU_32B;
> -#if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
> -#endif
>       pcc->excp_model = POWERPC_EXCP_7x0;
>       pcc->bus_model = PPC_FLAGS_INPUT_6xx;
>       pcc->bfd_mach = bfd_mach_ppc_750;
> @@ -5412,9 +5391,6 @@ POWERPC_FAMILY(750cx)(ObjectClass *oc, void *data)
>                       (1ull << MSR_RI) |
>                       (1ull << MSR_LE);
>       pcc->mmu_model = POWERPC_MMU_32B;
> -#if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
> -#endif
>       pcc->excp_model = POWERPC_EXCP_7x0;
>       pcc->bus_model = PPC_FLAGS_INPUT_6xx;
>       pcc->bfd_mach = bfd_mach_ppc_750;
> @@ -5500,9 +5476,6 @@ POWERPC_FAMILY(750fx)(ObjectClass *oc, void *data)
>                       (1ull << MSR_RI) |
>                       (1ull << MSR_LE);
>       pcc->mmu_model = POWERPC_MMU_32B;
> -#if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
> -#endif
>       pcc->excp_model = POWERPC_EXCP_7x0;
>       pcc->bus_model = PPC_FLAGS_INPUT_6xx;
>       pcc->bfd_mach = bfd_mach_ppc_750;
> @@ -5588,9 +5561,6 @@ POWERPC_FAMILY(750gx)(ObjectClass *oc, void *data)
>                       (1ull << MSR_RI) |
>                       (1ull << MSR_LE);
>       pcc->mmu_model = POWERPC_MMU_32B;
> -#if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
> -#endif
>       pcc->excp_model = POWERPC_EXCP_7x0;
>       pcc->bus_model = PPC_FLAGS_INPUT_6xx;
>       pcc->bfd_mach = bfd_mach_ppc_750;
> @@ -5830,9 +5800,6 @@ POWERPC_FAMILY(7400)(ObjectClass *oc, void *data)
>                       (1ull << MSR_RI) |
>                       (1ull << MSR_LE);
>       pcc->mmu_model = POWERPC_MMU_32B;
> -#if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
> -#endif
>       pcc->excp_model = POWERPC_EXCP_74xx;
>       pcc->bus_model = PPC_FLAGS_INPUT_6xx;
>       pcc->bfd_mach = bfd_mach_ppc_7400;
> @@ -5916,9 +5883,6 @@ POWERPC_FAMILY(7410)(ObjectClass *oc, void *data)
>                       (1ull << MSR_RI) |
>                       (1ull << MSR_LE);
>       pcc->mmu_model = POWERPC_MMU_32B;
> -#if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
> -#endif
>       pcc->excp_model = POWERPC_EXCP_74xx;
>       pcc->bus_model = PPC_FLAGS_INPUT_6xx;
>       pcc->bfd_mach = bfd_mach_ppc_7400;
> @@ -6745,9 +6709,6 @@ POWERPC_FAMILY(e600)(ObjectClass *oc, void *data)
>                       (1ull << MSR_RI) |
>                       (1ull << MSR_LE);
>       pcc->mmu_model = POWERPC_MMU_32B;
> -#if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
> -#endif
>       pcc->excp_model = POWERPC_EXCP_74xx;
>       pcc->bus_model = PPC_FLAGS_INPUT_6xx;
>       pcc->bfd_mach = bfd_mach_ppc_7400;
> @@ -7507,7 +7468,6 @@ POWERPC_FAMILY(970)(ObjectClass *oc, void *data)
>                       (1ull << MSR_RI);
>       pcc->mmu_model = POWERPC_MMU_64B;
>   #if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash64_handle_mmu_fault;
>       pcc->hash64_opts = &ppc_hash64_opts_basic;
>   #endif
>       pcc->excp_model = POWERPC_EXCP_970;
> @@ -7585,7 +7545,6 @@ POWERPC_FAMILY(POWER5P)(ObjectClass *oc, void *data)
>           LPCR_RMI | LPCR_HDICE;
>       pcc->mmu_model = POWERPC_MMU_2_03;
>   #if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash64_handle_mmu_fault;
>       pcc->hash64_opts = &ppc_hash64_opts_basic;
>       pcc->lrg_decr_bits = 32;
>   #endif
> @@ -7729,7 +7688,6 @@ POWERPC_FAMILY(POWER7)(ObjectClass *oc, void *data)
>       pcc->lpcr_pm = LPCR_P7_PECE0 | LPCR_P7_PECE1 | LPCR_P7_PECE2;
>       pcc->mmu_model = POWERPC_MMU_2_06;
>   #if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash64_handle_mmu_fault;
>       pcc->hash64_opts = &ppc_hash64_opts_POWER7;
>       pcc->lrg_decr_bits = 32;
>   #endif
> @@ -7906,7 +7864,6 @@ POWERPC_FAMILY(POWER8)(ObjectClass *oc, void *data)
>                      LPCR_P8_PECE3 | LPCR_P8_PECE4;
>       pcc->mmu_model = POWERPC_MMU_2_07;
>   #if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash64_handle_mmu_fault;
>       pcc->hash64_opts = &ppc_hash64_opts_POWER7;
>       pcc->lrg_decr_bits = 32;
>       pcc->n_host_threads = 8;
> @@ -8122,7 +8079,6 @@ POWERPC_FAMILY(POWER9)(ObjectClass *oc, void *data)
>       pcc->lpcr_pm = LPCR_PDEE | LPCR_HDEE | LPCR_EEE | LPCR_DEE | LPCR_OEE;
>       pcc->mmu_model = POWERPC_MMU_3_00;
>   #if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc64_v3_handle_mmu_fault;
>       /* segment page size remain the same */
>       pcc->hash64_opts = &ppc_hash64_opts_POWER7;
>       pcc->radix_page_info = &POWER9_radix_page_info;
> @@ -8334,7 +8290,6 @@ POWERPC_FAMILY(POWER10)(ObjectClass *oc, void *data)
>       pcc->lpcr_pm = LPCR_PDEE | LPCR_HDEE | LPCR_EEE | LPCR_DEE | LPCR_OEE;
>       pcc->mmu_model = POWERPC_MMU_3_00;
>   #if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc64_v3_handle_mmu_fault;
>       /* segment page size remain the same */
>       pcc->hash64_opts = &ppc_hash64_opts_POWER7;
>       pcc->radix_page_info = &POWER10_radix_page_info;
> diff --git a/target/ppc/mmu_helper.c b/target/ppc/mmu_helper.c
> index ef634fcb33..863e556a22 100644
> --- a/target/ppc/mmu_helper.c
> +++ b/target/ppc/mmu_helper.c
> @@ -2963,14 +2963,30 @@ bool ppc_cpu_tlb_fill(CPUState *cs, vaddr addr, int size,
>                         bool probe, uintptr_t retaddr)
>   {
>       PowerPCCPU *cpu = POWERPC_CPU(cs);
> -    PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cs);
>       CPUPPCState *env = &cpu->env;
>       int ret;
>   
> -    if (pcc->handle_mmu_fault) {
> -        ret = pcc->handle_mmu_fault(cpu, addr, access_type, mmu_idx);
> -    } else {
> +    switch (env->mmu_model) {
> +#if defined(TARGET_PPC64)
> +    case POWERPC_MMU_64B:
> +    case POWERPC_MMU_2_03:
> +    case POWERPC_MMU_2_06:
> +    case POWERPC_MMU_2_07:
> +        ret = ppc_hash64_handle_mmu_fault(cpu, addr, access_type, mmu_idx);
> +        break;
> +    case POWERPC_MMU_3_00:
> +        ret = ppc64_v3_handle_mmu_fault(cpu, addr, access_type, mmu_idx);
> +        break;
> +#endif
> +
> +    case POWERPC_MMU_32B:
> +    case POWERPC_MMU_601:
> +        ret = ppc_hash32_handle_mmu_fault(cpu, addr, access_type, mmu_idx);
> +        break;
> +
> +    default:
>           ret = cpu_ppc_handle_mmu_fault(env, addr, access_type, mmu_idx);
> +        break;
>       }
>       if (unlikely(ret != 0)) {
>           if (probe) {
-- 
Bruno Piazera Larsen
Instituto de Pesquisas ELDORADO 
<https://www.eldorado.org.br/?utm_campaign=assinatura_de_e-mail&utm_medium=email&utm_source=RD+Station>
Departamento Computação Embarcada
Analista de Software Trainee
Aviso Legal - Disclaimer <https://www.eldorado.org.br/disclaimer.html>

[-- Attachment #2: Type: text/html, Size: 11588 bytes --]

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 17/24] target/ppc: Use MMUAccessType with *_handle_mmu_fault
  2021-05-18 20:11 ` [PATCH 17/24] target/ppc: Use MMUAccessType with *_handle_mmu_fault Richard Henderson
@ 2021-05-19 13:02   ` Bruno Piazera Larsen
  0 siblings, 0 replies; 46+ messages in thread
From: Bruno Piazera Larsen @ 2021-05-19 13:02 UTC (permalink / raw)
  To: Richard Henderson, qemu-devel; +Cc: qemu-ppc, david

[-- Attachment #1: Type: text/plain, Size: 6154 bytes --]


On 18/05/2021 17:11, Richard Henderson wrote:
> These changes were waiting until we didn't need to match
> the function type of PowerPCCPUClass.handle_mmu_fault.
>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

Reviewed-by: Bruno Larsen (billionai)<bruno.larsen@eldorado.org.br>

> ---
>   target/ppc/mmu-hash32.h  | 4 ++--
>   target/ppc/mmu-hash64.h  | 4 ++--
>   target/ppc/mmu-radix64.h | 4 ++--
>   target/ppc/mmu-hash32.c  | 7 ++-----
>   target/ppc/mmu-hash64.c  | 6 +-----
>   target/ppc/mmu-radix64.c | 7 ++-----
>   6 files changed, 11 insertions(+), 21 deletions(-)
>
> diff --git a/target/ppc/mmu-hash32.h b/target/ppc/mmu-hash32.h
> index 898021f0d8..30e35718a7 100644
> --- a/target/ppc/mmu-hash32.h
> +++ b/target/ppc/mmu-hash32.h
> @@ -5,8 +5,8 @@
>   
>   hwaddr get_pteg_offset32(PowerPCCPU *cpu, hwaddr hash);
>   hwaddr ppc_hash32_get_phys_page_debug(PowerPCCPU *cpu, target_ulong addr);
> -int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr address, int rw,
> -                                int mmu_idx);
> +int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr address,
> +                                MMUAccessType access_type, int mmu_idx);
>   
>   /*
>    * Segment register definitions
> diff --git a/target/ppc/mmu-hash64.h b/target/ppc/mmu-hash64.h
> index 4b8b8e7950..3e8a8eec1f 100644
> --- a/target/ppc/mmu-hash64.h
> +++ b/target/ppc/mmu-hash64.h
> @@ -8,8 +8,8 @@ void dump_slb(PowerPCCPU *cpu);
>   int ppc_store_slb(PowerPCCPU *cpu, target_ulong slot,
>                     target_ulong esid, target_ulong vsid);
>   hwaddr ppc_hash64_get_phys_page_debug(PowerPCCPU *cpu, target_ulong addr);
> -int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr address, int rw,
> -                                int mmu_idx);
> +int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr address,
> +                                MMUAccessType access_type, int mmu_idx);
>   void ppc_hash64_tlb_flush_hpte(PowerPCCPU *cpu,
>                                  target_ulong pte_index,
>                                  target_ulong pte0, target_ulong pte1);
> diff --git a/target/ppc/mmu-radix64.h b/target/ppc/mmu-radix64.h
> index f28c5794d0..94bd72cb38 100644
> --- a/target/ppc/mmu-radix64.h
> +++ b/target/ppc/mmu-radix64.h
> @@ -44,8 +44,8 @@
>   
>   #ifdef TARGET_PPC64
>   
> -int ppc_radix64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr, int rwx,
> -                                 int mmu_idx);
> +int ppc_radix64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
> +                                 MMUAccessType access_type, int mmu_idx);
>   hwaddr ppc_radix64_get_phys_page_debug(PowerPCCPU *cpu, target_ulong addr);
>   
>   static inline int ppc_radix64_get_prot_eaa(uint64_t pte)
> diff --git a/target/ppc/mmu-hash32.c b/target/ppc/mmu-hash32.c
> index 744a763f44..d51be59f95 100644
> --- a/target/ppc/mmu-hash32.c
> +++ b/target/ppc/mmu-hash32.c
> @@ -416,8 +416,8 @@ static hwaddr ppc_hash32_pte_raddr(target_ulong sr, ppc_hash_pte32_t pte,
>       return (rpn & ~mask) | (eaddr & mask);
>   }
>   
> -int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr, int rwx,
> -                                int mmu_idx)
> +int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
> +                                MMUAccessType access_type, int mmu_idx)
>   {
>       CPUState *cs = CPU(cpu);
>       CPUPPCState *env = &cpu->env;
> @@ -426,11 +426,8 @@ int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr, int rwx,
>       ppc_hash_pte32_t pte;
>       int prot;
>       int need_prot;
> -    MMUAccessType access_type;
>       hwaddr raddr;
>   
> -    assert((rwx == 0) || (rwx == 1) || (rwx == 2));
> -    access_type = rwx;
>       need_prot = prot_for_access_type(access_type);
>   
>       /* 1. Handle real mode accesses */
> diff --git a/target/ppc/mmu-hash64.c b/target/ppc/mmu-hash64.c
> index f48b625f48..877a01a296 100644
> --- a/target/ppc/mmu-hash64.c
> +++ b/target/ppc/mmu-hash64.c
> @@ -867,7 +867,7 @@ static int build_vrma_slbe(PowerPCCPU *cpu, ppc_slb_t *slb)
>   }
>   
>   int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
> -                                int rwx, int mmu_idx)
> +                                MMUAccessType access_type, int mmu_idx)
>   {
>       CPUState *cs = CPU(cpu);
>       CPUPPCState *env = &cpu->env;
> @@ -877,13 +877,9 @@ int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
>       hwaddr ptex;
>       ppc_hash_pte64_t pte;
>       int exec_prot, pp_prot, amr_prot, prot;
> -    MMUAccessType access_type;
>       int need_prot;
>       hwaddr raddr;
>   
> -    assert((rwx == 0) || (rwx == 1) || (rwx == 2));
> -    access_type = rwx;
> -
>       /*
>        * Note on LPCR usage: 970 uses HID4, but our special variant of
>        * store_spr copies relevant fields into env->spr[SPR_LPCR].
> diff --git a/target/ppc/mmu-radix64.c b/target/ppc/mmu-radix64.c
> index 7972153f23..f6d96f73b2 100644
> --- a/target/ppc/mmu-radix64.c
> +++ b/target/ppc/mmu-radix64.c
> @@ -556,19 +556,16 @@ static int ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr,
>       return 0;
>   }
>   
> -int ppc_radix64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr, int rwx,
> -                                 int mmu_idx)
> +int ppc_radix64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
> +                                 MMUAccessType access_type, int mmu_idx)
>   {
>       CPUState *cs = CPU(cpu);
>       CPUPPCState *env = &cpu->env;
>       int page_size, prot;
>       bool relocation;
> -    MMUAccessType access_type;
>       hwaddr raddr;
>   
>       assert(!(msr_hv && cpu->vhyp));
> -    assert((rwx == 0) || (rwx == 1) || (rwx == 2));
> -    access_type = rwx;
>   
>       relocation = (access_type == MMU_INST_FETCH ? msr_ir : msr_dr);
>       /* HV or virtual hypervisor Real Mode Access */
-- 
Bruno Piazera Larsen
Instituto de Pesquisas ELDORADO 
<https://www.eldorado.org.br/?utm_campaign=assinatura_de_e-mail&utm_medium=email&utm_source=RD+Station>
Departamento Computação Embarcada
Analista de Software Trainee
Aviso Legal - Disclaimer <https://www.eldorado.org.br/disclaimer.html>

[-- Attachment #2: Type: text/html, Size: 6736 bytes --]

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 18/24] target/ppc: Push real-mode handling into ppc_radix64_xlate
  2021-05-18 20:11 ` [PATCH 18/24] target/ppc: Push real-mode handling into ppc_radix64_xlate Richard Henderson
@ 2021-05-19 17:44   ` Bruno Piazera Larsen
  0 siblings, 0 replies; 46+ messages in thread
From: Bruno Piazera Larsen @ 2021-05-19 17:44 UTC (permalink / raw)
  To: Richard Henderson, qemu-devel; +Cc: qemu-ppc, david

[-- Attachment #1: Type: text/plain, Size: 5328 bytes --]


On 18/05/2021 17:11, Richard Henderson wrote:
> This removes some incomplete duplication between
> ppc_radix64_handle_mmu_fault and ppc_radix64_get_phys_page_debug.
> The former was correct wrt SPR_HRMOR and the latter was not.
>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

Reviewed-by: Bruno Larsen (billionai)<bruno.larsen@eldorado.org.br>

> ---
>   target/ppc/mmu-radix64.c | 77 ++++++++++++++++++----------------------
>   1 file changed, 34 insertions(+), 43 deletions(-)
>
> diff --git a/target/ppc/mmu-radix64.c b/target/ppc/mmu-radix64.c
> index f6d96f73b2..76a5cc8cdb 100644
> --- a/target/ppc/mmu-radix64.c
> +++ b/target/ppc/mmu-radix64.c
> @@ -466,7 +466,6 @@ static int ppc_radix64_process_scoped_xlate(PowerPCCPU *cpu,
>    */
>   static int ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr,
>                                MMUAccessType access_type,
> -                             bool relocation,
>                                hwaddr *raddr, int *psizep, int *protp,
>                                bool guest_visible)
>   {
> @@ -475,6 +474,37 @@ static int ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr,
>       ppc_v3_pate_t pate;
>       int psize, prot;
>       hwaddr g_raddr;
> +    bool relocation;
> +
> +    assert(!(msr_hv && cpu->vhyp));
> +
> +    relocation = (access_type == MMU_INST_FETCH ? msr_ir : msr_dr);
> +
> +    /* HV or virtual hypervisor Real Mode Access */
> +    if (!relocation && (msr_hv || cpu->vhyp)) {
> +        /* In real mode top 4 effective addr bits (mostly) ignored */
> +        *raddr = eaddr & 0x0FFFFFFFFFFFFFFFULL;
> +
> +        /* In HV mode, add HRMOR if top EA bit is clear */
> +        if (msr_hv || !env->has_hv_mode) {
> +            if (!(eaddr >> 63)) {
> +                *raddr |= env->spr[SPR_HRMOR];
> +           }
> +        }
> +        *protp = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
> +        *psizep = TARGET_PAGE_BITS;
> +        return 0;
> +    }
> +
> +    /*
> +     * Check UPRT (we avoid the check in real mode to deal with
> +     * transitional states during kexec.
> +     */
> +    if (guest_visible && !ppc64_use_proc_tbl(cpu)) {
> +        qemu_log_mask(LOG_GUEST_ERROR,
> +                      "LPCR:UPRT not set in radix mode ! LPCR="
> +                      TARGET_FMT_lx "\n", env->spr[SPR_LPCR]);
> +    }
>   
>       /* Virtual Mode Access - get the fully qualified address */
>       if (!ppc_radix64_get_fully_qualified_addr(&cpu->env, eaddr, &lpid, &pid)) {
> @@ -560,43 +590,11 @@ int ppc_radix64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
>                                    MMUAccessType access_type, int mmu_idx)
>   {
>       CPUState *cs = CPU(cpu);
> -    CPUPPCState *env = &cpu->env;
>       int page_size, prot;
> -    bool relocation;
>       hwaddr raddr;
>   
> -    assert(!(msr_hv && cpu->vhyp));
> -
> -    relocation = (access_type == MMU_INST_FETCH ? msr_ir : msr_dr);
> -    /* HV or virtual hypervisor Real Mode Access */
> -    if (!relocation && (msr_hv || cpu->vhyp)) {
> -        /* In real mode top 4 effective addr bits (mostly) ignored */
> -        raddr = eaddr & 0x0FFFFFFFFFFFFFFFULL;
> -
> -        /* In HV mode, add HRMOR if top EA bit is clear */
> -        if (msr_hv || !env->has_hv_mode) {
> -            if (!(eaddr >> 63)) {
> -                raddr |= env->spr[SPR_HRMOR];
> -           }
> -        }
> -        tlb_set_page(cs, eaddr & TARGET_PAGE_MASK, raddr & TARGET_PAGE_MASK,
> -                     PAGE_READ | PAGE_WRITE | PAGE_EXEC, mmu_idx,
> -                     TARGET_PAGE_SIZE);
> -        return 0;
> -    }
> -
> -    /*
> -     * Check UPRT (we avoid the check in real mode to deal with
> -     * transitional states during kexec.
> -     */
> -    if (!ppc64_use_proc_tbl(cpu)) {
> -        qemu_log_mask(LOG_GUEST_ERROR,
> -                      "LPCR:UPRT not set in radix mode ! LPCR="
> -                      TARGET_FMT_lx "\n", env->spr[SPR_LPCR]);
> -    }
> -
>       /* Translate eaddr to raddr (where raddr is addr qemu needs for access) */
> -    if (ppc_radix64_xlate(cpu, eaddr, access_type, relocation, &raddr,
> +    if (ppc_radix64_xlate(cpu, eaddr, access_type, &raddr,
>                             &page_size, &prot, true)) {
>           return 1;
>       }
> @@ -608,18 +606,11 @@ int ppc_radix64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
>   
>   hwaddr ppc_radix64_get_phys_page_debug(PowerPCCPU *cpu, target_ulong eaddr)
>   {
> -    CPUPPCState *env = &cpu->env;
>       int psize, prot;
>       hwaddr raddr;
>   
> -    /* Handle Real Mode */
> -    if ((msr_dr == 0) && (msr_hv || cpu->vhyp)) {
> -        /* In real mode top 4 effective addr bits (mostly) ignored */
> -        return eaddr & 0x0FFFFFFFFFFFFFFFULL;
> -    }
> -
> -    if (ppc_radix64_xlate(cpu, eaddr, 0, msr_dr, &raddr, &psize,
> -                          &prot, false)) {
> +    if (ppc_radix64_xlate(cpu, eaddr, MMU_DATA_LOAD, &raddr,
> +                          &psize, &prot, false)) {
>           return -1;
>       }
>   
-- 
Bruno Piazera Larsen
Instituto de Pesquisas ELDORADO 
<https://www.eldorado.org.br/?utm_campaign=assinatura_de_e-mail&utm_medium=email&utm_source=RD+Station>
Departamento Computação Embarcada
Analista de Software Trainee
Aviso Legal - Disclaimer <https://www.eldorado.org.br/disclaimer.html>

[-- Attachment #2: Type: text/html, Size: 6110 bytes --]

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 19/24] target/ppc: Use bool success for ppc_radix64_xlate
  2021-05-18 20:11 ` [PATCH 19/24] target/ppc: Use bool success for ppc_radix64_xlate Richard Henderson
@ 2021-05-19 17:53   ` Bruno Piazera Larsen
  0 siblings, 0 replies; 46+ messages in thread
From: Bruno Piazera Larsen @ 2021-05-19 17:53 UTC (permalink / raw)
  To: Richard Henderson, qemu-devel; +Cc: qemu-ppc, david

[-- Attachment #1: Type: text/plain, Size: 4705 bytes --]


On 18/05/2021 17:11, Richard Henderson wrote:
> Instead of returning non-zero for failure, return true for success.
>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

Reviewed-by: Bruno Larsen (billionai)<bruno.larsen@eldorado.org.br>

> ---
>   target/ppc/mmu-radix64.c | 30 +++++++++++++++---------------
>   1 file changed, 15 insertions(+), 15 deletions(-)
>
> diff --git a/target/ppc/mmu-radix64.c b/target/ppc/mmu-radix64.c
> index 76a5cc8cdb..7af3e697b2 100644
> --- a/target/ppc/mmu-radix64.c
> +++ b/target/ppc/mmu-radix64.c
> @@ -464,10 +464,10 @@ static int ppc_radix64_process_scoped_xlate(PowerPCCPU *cpu,
>    *              | = On        | Process Scoped |    Scoped     |
>    *              +-------------+----------------+---------------+
>    */
> -static int ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr,
> -                             MMUAccessType access_type,
> -                             hwaddr *raddr, int *psizep, int *protp,
> -                             bool guest_visible)
> +static bool ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr,
> +                              MMUAccessType access_type,
> +                              hwaddr *raddr, int *psizep, int *protp,
> +                              bool guest_visible)
>   {
>       CPUPPCState *env = &cpu->env;
>       uint64_t lpid, pid;
> @@ -493,7 +493,7 @@ static int ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr,
>           }
>           *protp = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
>           *psizep = TARGET_PAGE_BITS;
> -        return 0;
> +        return true;
>       }
>   
>       /*
> @@ -511,7 +511,7 @@ static int ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr,
>           if (guest_visible) {
>               ppc_radix64_raise_segi(cpu, access_type, eaddr);
>           }
> -        return 1;
> +        return false;
>       }
>   
>       /* Get Process Table */
> @@ -524,13 +524,13 @@ static int ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr,
>               if (guest_visible) {
>                   ppc_radix64_raise_si(cpu, access_type, eaddr, DSISR_NOPTE);
>               }
> -            return 1;
> +            return false;
>           }
>           if (!validate_pate(cpu, lpid, &pate)) {
>               if (guest_visible) {
>                   ppc_radix64_raise_si(cpu, access_type, eaddr, DSISR_R_BADCONFIG);
>               }
> -            return 1;
> +            return false;
>           }
>       }
>   
> @@ -550,7 +550,7 @@ static int ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr,
>                                                      pate, &g_raddr, &prot,
>                                                      &psize, guest_visible);
>           if (ret) {
> -            return ret;
> +            return false;
>           }
>           *psizep = MIN(*psizep, psize);
>           *protp &= prot;
> @@ -574,7 +574,7 @@ static int ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr,
>                                                        &prot, &psize, false,
>                                                        guest_visible);
>               if (ret) {
> -                return ret;
> +                return false;
>               }
>               *psizep = MIN(*psizep, psize);
>               *protp &= prot;
> @@ -583,7 +583,7 @@ static int ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr,
>           }
>       }
>   
> -    return 0;
> +    return true;
>   }
>   
>   int ppc_radix64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
> @@ -594,8 +594,8 @@ int ppc_radix64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
>       hwaddr raddr;
>   
>       /* Translate eaddr to raddr (where raddr is addr qemu needs for access) */
> -    if (ppc_radix64_xlate(cpu, eaddr, access_type, &raddr,
> -                          &page_size, &prot, true)) {
> +    if (!ppc_radix64_xlate(cpu, eaddr, access_type, &raddr,
> +                           &page_size, &prot, true)) {
>           return 1;
>       }
>   
> @@ -609,8 +609,8 @@ hwaddr ppc_radix64_get_phys_page_debug(PowerPCCPU *cpu, target_ulong eaddr)
>       int psize, prot;
>       hwaddr raddr;
>   
> -    if (ppc_radix64_xlate(cpu, eaddr, MMU_DATA_LOAD, &raddr,
> -                          &psize, &prot, false)) {
> +    if (!ppc_radix64_xlate(cpu, eaddr, MMU_DATA_LOAD, &raddr,
> +                           &psize, &prot, false)) {
>           return -1;
>       }
>   
-- 
Bruno Piazera Larsen
Instituto de Pesquisas ELDORADO 
<https://www.eldorado.org.br/?utm_campaign=assinatura_de_e-mail&utm_medium=email&utm_source=RD+Station>
Departamento Computação Embarcada
Analista de Software Trainee
Aviso Legal - Disclaimer <https://www.eldorado.org.br/disclaimer.html>

[-- Attachment #2: Type: text/html, Size: 5396 bytes --]

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 20/24] target/ppc: Split out ppc_hash64_xlate
  2021-05-18 20:11 ` [PATCH 20/24] target/ppc: Split out ppc_hash64_xlate Richard Henderson
@ 2021-05-19 18:09   ` Bruno Piazera Larsen
  0 siblings, 0 replies; 46+ messages in thread
From: Bruno Piazera Larsen @ 2021-05-19 18:09 UTC (permalink / raw)
  To: Richard Henderson, qemu-devel; +Cc: qemu-ppc, david

[-- Attachment #1: Type: text/plain, Size: 8807 bytes --]


On 18/05/2021 17:11, Richard Henderson wrote:
> Mirror the interface of ppc_radix64_xlate, putting all of
> the logic for hash64 translation into a single function.
>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

Is it worth it to describe a bit better where the logic was removed 
from? Something like "... ... hash64 translation from handle_mmu_fault 
and get_phys_page_debug" maybe?

otherwise:

Reviewed-by: Bruno Larsen (billionai)<bruno.larsen@eldorado.org.br>

> ---
>   target/ppc/mmu-hash64.c | 125 +++++++++++++++++++---------------------
>   1 file changed, 59 insertions(+), 66 deletions(-)
>
> diff --git a/target/ppc/mmu-hash64.c b/target/ppc/mmu-hash64.c
> index 877a01a296..3024dd1e8c 100644
> --- a/target/ppc/mmu-hash64.c
> +++ b/target/ppc/mmu-hash64.c
> @@ -866,8 +866,10 @@ static int build_vrma_slbe(PowerPCCPU *cpu, ppc_slb_t *slb)
>       return -1;
>   }
>   
> -int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
> -                                MMUAccessType access_type, int mmu_idx)
> +static bool ppc_hash64_xlate(PowerPCCPU *cpu, vaddr eaddr,
> +                             MMUAccessType access_type,
> +                             hwaddr *raddrp, int *psizep, int *protp,
> +                             bool guest_visible)
>   {
>       CPUState *cs = CPU(cpu);
>       CPUPPCState *env = &cpu->env;
> @@ -911,9 +913,11 @@ int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
>               slb = &vrma_slbe;
>               if (build_vrma_slbe(cpu, slb) != 0) {
>                   /* Invalid VRMA setup, machine check */
> -                cs->exception_index = POWERPC_EXCP_MCHECK;
> -                env->error_code = 0;
> -                return 1;
> +                if (guest_visible) {
> +                    cs->exception_index = POWERPC_EXCP_MCHECK;
> +                    env->error_code = 0;
> +                }
> +                return false;
>               }
>   
>               goto skip_slb_search;
> @@ -922,6 +926,9 @@ int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
>   
>               /* Emulated old-style RMO mode, bounds check against RMLS */
>               if (raddr >= limit) {
> +                if (!guest_visible) {
> +                    return false;
> +                }
>                   switch (access_type) {
>                   case MMU_INST_FETCH:
>                       ppc_hash64_set_isi(cs, SRR1_PROTFAULT);
> @@ -936,15 +943,16 @@ int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
>                   default:
>                       g_assert_not_reached();
>                   }
> -                return 1;
> +                return false;
>               }
>   
>               raddr |= env->spr[SPR_RMOR];
>           }
> -        tlb_set_page(cs, eaddr & TARGET_PAGE_MASK, raddr & TARGET_PAGE_MASK,
> -                     PAGE_READ | PAGE_WRITE | PAGE_EXEC, mmu_idx,
> -                     TARGET_PAGE_SIZE);
> -        return 0;
> +
> +        *raddrp = raddr;
> +        *protp = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
> +        *psizep = TARGET_PAGE_BITS;
> +        return true;
>       }
>   
>       /* 2. Translation is on, so look up the SLB */
> @@ -957,6 +965,9 @@ int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
>               exit(1);
>           }
>           /* Segment still not found, generate the appropriate interrupt */
> +        if (!guest_visible) {
> +            return false;
> +        }
>           switch (access_type) {
>           case MMU_INST_FETCH:
>               cs->exception_index = POWERPC_EXCP_ISEG;
> @@ -971,20 +982,25 @@ int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
>           default:
>               g_assert_not_reached();
>           }
> -        return 1;
> +        return false;
>       }
>   
> -skip_slb_search:
> + skip_slb_search:
>   
>       /* 3. Check for segment level no-execute violation */
>       if (access_type == MMU_INST_FETCH && (slb->vsid & SLB_VSID_N)) {
> -        ppc_hash64_set_isi(cs, SRR1_NOEXEC_GUARD);
> -        return 1;
> +        if (guest_visible) {
> +            ppc_hash64_set_isi(cs, SRR1_NOEXEC_GUARD);
> +        }
> +        return false;
>       }
>   
>       /* 4. Locate the PTE in the hash table */
>       ptex = ppc_hash64_htab_lookup(cpu, slb, eaddr, &pte, &apshift);
>       if (ptex == -1) {
> +        if (!guest_visible) {
> +            return false;
> +        }
>           switch (access_type) {
>           case MMU_INST_FETCH:
>               ppc_hash64_set_isi(cs, SRR1_NOPTE);
> @@ -998,7 +1014,7 @@ skip_slb_search:
>           default:
>               g_assert_not_reached();
>           }
> -        return 1;
> +        return false;
>       }
>       qemu_log_mask(CPU_LOG_MMU,
>                     "found PTE at index %08" HWADDR_PRIx "\n", ptex);
> @@ -1014,6 +1030,9 @@ skip_slb_search:
>       if (need_prot & ~prot) {
>           /* Access right violation */
>           qemu_log_mask(CPU_LOG_MMU, "PTE access rejected\n");
> +        if (!guest_visible) {
> +            return false;
> +        }
>           if (access_type == MMU_INST_FETCH) {
>               int srr1 = 0;
>               if (PAGE_EXEC & ~exec_prot) {
> @@ -1038,7 +1057,7 @@ skip_slb_search:
>               }
>               ppc_hash64_set_dsi(cs, eaddr, dsisr);
>           }
> -        return 1;
> +        return false;
>       }
>   
>       qemu_log_mask(CPU_LOG_MMU, "PTE access granted !\n");
> @@ -1062,66 +1081,40 @@ skip_slb_search:
>   
>       /* 7. Determine the real address from the PTE */
>   
> -    raddr = deposit64(pte.pte1 & HPTE64_R_RPN, 0, apshift, eaddr);
> +    *raddrp = deposit64(pte.pte1 & HPTE64_R_RPN, 0, apshift, eaddr);
> +    *protp = prot;
> +    *psizep = apshift;
> +    return true;
> +}
> +
> +int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
> +                                MMUAccessType access_type, int mmu_idx)
> +{
> +    CPUState *cs = CPU(cpu);
> +    int page_size, prot;
> +    hwaddr raddr;
> +
> +    if (!ppc_hash64_xlate(cpu, eaddr, access_type, &raddr,
> +                          &page_size, &prot, true)) {
> +        return 1;
> +    }
>   
>       tlb_set_page(cs, eaddr & TARGET_PAGE_MASK, raddr & TARGET_PAGE_MASK,
> -                 prot, mmu_idx, 1ULL << apshift);
> -
> +                 prot, mmu_idx, 1UL << page_size);
>       return 0;
>   }
>   
> -hwaddr ppc_hash64_get_phys_page_debug(PowerPCCPU *cpu, target_ulong addr)
> +hwaddr ppc_hash64_get_phys_page_debug(PowerPCCPU *cpu, target_ulong eaddr)
>   {
> -    CPUPPCState *env = &cpu->env;
> -    ppc_slb_t vrma_slbe;
> -    ppc_slb_t *slb;
> -    hwaddr ptex, raddr;
> -    ppc_hash_pte64_t pte;
> -    unsigned apshift;
> +    int psize, prot;
> +    hwaddr raddr;
>   
> -    /* Handle real mode */
> -    if (msr_dr == 0) {
> -        /* In real mode the top 4 effective address bits are ignored */
> -        raddr = addr & 0x0FFFFFFFFFFFFFFFULL;
> -
> -        if (cpu->vhyp) {
> -            /*
> -             * In virtual hypervisor mode, there's nothing to do:
> -             *   EA == GPA == qemu guest address
> -             */
> -            return raddr;
> -        } else if ((msr_hv || !env->has_hv_mode) && !(addr >> 63)) {
> -            /* In HV mode, add HRMOR if top EA bit is clear */
> -            return raddr | env->spr[SPR_HRMOR];
> -        } else if (ppc_hash64_use_vrma(env)) {
> -            /* Emulated VRMA mode */
> -            slb = &vrma_slbe;
> -            if (build_vrma_slbe(cpu, slb) != 0) {
> -                return -1;
> -            }
> -        } else {
> -            target_ulong limit = rmls_limit(cpu);
> -
> -            /* Emulated old-style RMO mode, bounds check against RMLS */
> -            if (raddr >= limit) {
> -                return -1;
> -            }
> -            return raddr | env->spr[SPR_RMOR];
> -        }
> -    } else {
> -        slb = slb_lookup(cpu, addr);
> -        if (!slb) {
> -            return -1;
> -        }
> -    }
> -
> -    ptex = ppc_hash64_htab_lookup(cpu, slb, addr, &pte, &apshift);
> -    if (ptex == -1) {
> +    if (!ppc_hash64_xlate(cpu, eaddr, MMU_DATA_LOAD, &raddr,
> +                          &psize, &prot, false)) {
>           return -1;
>       }
>   
> -    return deposit64(pte.pte1 & HPTE64_R_RPN, 0, apshift, addr)
> -        & TARGET_PAGE_MASK;
> +    return raddr & TARGET_PAGE_MASK;
>   }
>   
>   void ppc_hash64_tlb_flush_hpte(PowerPCCPU *cpu, target_ulong ptex,
-- 
Bruno Piazera Larsen
Instituto de Pesquisas ELDORADO 
<https://www.eldorado.org.br/?utm_campaign=assinatura_de_e-mail&utm_medium=email&utm_source=RD+Station>
Departamento Computação Embarcada
Analista de Software Trainee
Aviso Legal - Disclaimer <https://www.eldorado.org.br/disclaimer.html>

[-- Attachment #2: Type: text/html, Size: 9368 bytes --]

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 21/24] target/ppc: Split out ppc_hash32_xlate
  2021-05-18 20:11 ` [PATCH 21/24] target/ppc: Split out ppc_hash32_xlate Richard Henderson
@ 2021-05-19 18:20   ` Bruno Piazera Larsen
  0 siblings, 0 replies; 46+ messages in thread
From: Bruno Piazera Larsen @ 2021-05-19 18:20 UTC (permalink / raw)
  To: Richard Henderson, qemu-devel; +Cc: qemu-ppc, david

[-- Attachment #1: Type: text/plain, Size: 14639 bytes --]

On 18/05/2021 17:11, Richard Henderson wrote:
> Mirror the interface of ppc_radix64_xlate, putting all of
> the logic for hash32 translation into a single entry point.
>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
I'm a bit out of my depth with the logic here, but I tried some 
acceptance tests, everything worked, and the logic sounds reasonable, so

Acked-by: Bruno Larsen (billionai)<bruno.larsen@eldorado.org.br>

> ---
>   target/ppc/mmu-hash32.c | 224 ++++++++++++++++++++--------------------
>   1 file changed, 113 insertions(+), 111 deletions(-)
>
> diff --git a/target/ppc/mmu-hash32.c b/target/ppc/mmu-hash32.c
> index d51be59f95..959dc2ab53 100644
> --- a/target/ppc/mmu-hash32.c
> +++ b/target/ppc/mmu-hash32.c
> @@ -219,10 +219,11 @@ static hwaddr ppc_hash32_bat_lookup(PowerPCCPU *cpu, target_ulong ea,
>       return -1;
>   }
>   
> -static int ppc_hash32_direct_store(PowerPCCPU *cpu, target_ulong sr,
> -                                   target_ulong eaddr,
> -                                   MMUAccessType access_type,
> -                                   hwaddr *raddr, int *prot)
> +static bool ppc_hash32_direct_store(PowerPCCPU *cpu, target_ulong sr,
> +                                    target_ulong eaddr,
> +                                    MMUAccessType access_type,
> +                                    hwaddr *raddr, int *prot,
> +                                    bool guest_visible)
>   {
>       CPUState *cs = CPU(cpu);
>       CPUPPCState *env = &cpu->env;
> @@ -239,17 +240,23 @@ static int ppc_hash32_direct_store(PowerPCCPU *cpu, target_ulong sr,
>            */
>           *raddr = ((sr & 0xF) << 28) | (eaddr & 0x0FFFFFFF);
>           *prot = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
> -        return 0;
> +        return true;
>       }
>   
>       if (access_type == MMU_INST_FETCH) {
>           /* No code fetch is allowed in direct-store areas */
> -        cs->exception_index = POWERPC_EXCP_ISI;
> -        env->error_code = 0x10000000;
> -        return 1;
> +        if (guest_visible) {
> +            cs->exception_index = POWERPC_EXCP_ISI;
> +            env->error_code = 0x10000000;
> +        }
> +        return false;
>       }
>   
> -    switch (env->access_type) {
> +    /*
> +     * From ppc_cpu_get_phys_page_debug, env->access_type is not set.
> +     * Assume ACCESS_INT for that case.
> +     */
> +    switch (guest_visible ? env->access_type : ACCESS_INT) {
>       case ACCESS_INT:
>           /* Integer load/store : only access allowed */
>           break;
> @@ -258,7 +265,7 @@ static int ppc_hash32_direct_store(PowerPCCPU *cpu, target_ulong sr,
>           cs->exception_index = POWERPC_EXCP_ALIGN;
>           env->error_code = POWERPC_EXCP_ALIGN_FP;
>           env->spr[SPR_DAR] = eaddr;
> -        return 1;
> +        return false;
>       case ACCESS_RES:
>           /* lwarx, ldarx or srwcx. */
>           env->error_code = 0;
> @@ -268,7 +275,7 @@ static int ppc_hash32_direct_store(PowerPCCPU *cpu, target_ulong sr,
>           } else {
>               env->spr[SPR_DSISR] = 0x04000000;
>           }
> -        return 1;
> +        return false;
>       case ACCESS_CACHE:
>           /*
>            * dcba, dcbt, dcbtst, dcbf, dcbi, dcbst, dcbz, or icbi
> @@ -277,7 +284,7 @@ static int ppc_hash32_direct_store(PowerPCCPU *cpu, target_ulong sr,
>            * no-op, it's quite easy :-)
>            */
>           *raddr = eaddr;
> -        return 0;
> +        return true;
>       case ACCESS_EXT:
>           /* eciwx or ecowx */
>           cs->exception_index = POWERPC_EXCP_DSI;
> @@ -288,16 +295,18 @@ static int ppc_hash32_direct_store(PowerPCCPU *cpu, target_ulong sr,
>           } else {
>               env->spr[SPR_DSISR] = 0x04100000;
>           }
> -        return 1;
> +        return false;
>       default:
> -        cpu_abort(cs, "ERROR: instruction should not need "
> -                 "address translation\n");
> +        cpu_abort(cs, "ERROR: insn should not need address translation\n");
>       }
> -    if ((access_type == MMU_DATA_STORE || key != 1) &&
> -        (access_type == MMU_DATA_LOAD || key != 0)) {
> +
> +    *prot = key ? PAGE_READ | PAGE_WRITE : PAGE_READ;
> +    if (*prot & prot_for_access_type(access_type)) {
>           *raddr = eaddr;
> -        return 0;
> -    } else {
> +        return true;
> +    }
> +
> +    if (guest_visible) {
>           cs->exception_index = POWERPC_EXCP_DSI;
>           env->error_code = 0;
>           env->spr[SPR_DAR] = eaddr;
> @@ -306,8 +315,8 @@ static int ppc_hash32_direct_store(PowerPCCPU *cpu, target_ulong sr,
>           } else {
>               env->spr[SPR_DSISR] = 0x08000000;
>           }
> -        return 1;
>       }
> +    return false;
>   }
>   
>   hwaddr get_pteg_offset32(PowerPCCPU *cpu, hwaddr hash)
> @@ -416,8 +425,10 @@ static hwaddr ppc_hash32_pte_raddr(target_ulong sr, ppc_hash_pte32_t pte,
>       return (rpn & ~mask) | (eaddr & mask);
>   }
>   
> -int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
> -                                MMUAccessType access_type, int mmu_idx)
> +static bool ppc_hash32_xlate(PowerPCCPU *cpu, vaddr eaddr,
> +                             MMUAccessType access_type,
> +                             hwaddr *raddrp, int *psizep, int *protp,
> +                             bool guest_visible)
>   {
>       CPUState *cs = CPU(cpu);
>       CPUPPCState *env = &cpu->env;
> @@ -428,43 +439,43 @@ int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
>       int need_prot;
>       hwaddr raddr;
>   
> -    need_prot = prot_for_access_type(access_type);
> +    /* There are no hash32 large pages. */
> +    *psizep = TARGET_PAGE_BITS;
>   
>       /* 1. Handle real mode accesses */
>       if (access_type == MMU_INST_FETCH ? !msr_ir : !msr_dr) {
>           /* Translation is off */
> -        raddr = eaddr;
> -        tlb_set_page(cs, eaddr & TARGET_PAGE_MASK, raddr & TARGET_PAGE_MASK,
> -                     PAGE_READ | PAGE_WRITE | PAGE_EXEC, mmu_idx,
> -                     TARGET_PAGE_SIZE);
> -        return 0;
> +        *raddrp = eaddr;
> +        *protp = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
> +        return true;
>       }
>   
> +    need_prot = prot_for_access_type(access_type);
> +
>       /* 2. Check Block Address Translation entries (BATs) */
>       if (env->nb_BATs != 0) {
> -        raddr = ppc_hash32_bat_lookup(cpu, eaddr, access_type, &prot);
> +        raddr = ppc_hash32_bat_lookup(cpu, eaddr, access_type, protp);
>           if (raddr != -1) {
> -            if (need_prot & ~prot) {
> -                if (access_type == MMU_INST_FETCH) {
> -                    cs->exception_index = POWERPC_EXCP_ISI;
> -                    env->error_code = 0x08000000;
> -                } else {
> -                    cs->exception_index = POWERPC_EXCP_DSI;
> -                    env->error_code = 0;
> -                    env->spr[SPR_DAR] = eaddr;
> -                    if (access_type == MMU_DATA_STORE) {
> -                        env->spr[SPR_DSISR] = 0x0a000000;
> +            if (need_prot & ~*protp) {
> +                if (guest_visible) {
> +                    if (access_type == MMU_INST_FETCH) {
> +                        cs->exception_index = POWERPC_EXCP_ISI;
> +                        env->error_code = 0x08000000;
>                       } else {
> -                        env->spr[SPR_DSISR] = 0x08000000;
> +                        cs->exception_index = POWERPC_EXCP_DSI;
> +                        env->error_code = 0;
> +                        env->spr[SPR_DAR] = eaddr;
> +                        if (access_type == MMU_DATA_STORE) {
> +                            env->spr[SPR_DSISR] = 0x0a000000;
> +                        } else {
> +                            env->spr[SPR_DSISR] = 0x08000000;
> +                        }
>                       }
>                   }
> -                return 1;
> +                return false;
>               }
> -
> -            tlb_set_page(cs, eaddr & TARGET_PAGE_MASK,
> -                         raddr & TARGET_PAGE_MASK, prot, mmu_idx,
> -                         TARGET_PAGE_SIZE);
> -            return 0;
> +            *raddrp = raddr;
> +            return true;
>           }
>       }
>   
> @@ -473,42 +484,38 @@ int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
>   
>       /* 4. Handle direct store segments */
>       if (sr & SR32_T) {
> -        if (ppc_hash32_direct_store(cpu, sr, eaddr, access_type,
> -                                    &raddr, &prot) == 0) {
> -            tlb_set_page(cs, eaddr & TARGET_PAGE_MASK,
> -                         raddr & TARGET_PAGE_MASK, prot, mmu_idx,
> -                         TARGET_PAGE_SIZE);
> -            return 0;
> -        } else {
> -            return 1;
> -        }
> +        return ppc_hash32_direct_store(cpu, sr, eaddr, access_type,
> +                                       raddrp, protp, guest_visible);
>       }
>   
>       /* 5. Check for segment level no-execute violation */
>       if (access_type == MMU_INST_FETCH && (sr & SR32_NX)) {
> -        cs->exception_index = POWERPC_EXCP_ISI;
> -        env->error_code = 0x10000000;
> -        return 1;
> +        if (guest_visible) {
> +            cs->exception_index = POWERPC_EXCP_ISI;
> +            env->error_code = 0x10000000;
> +        }
> +        return false;
>       }
>   
>       /* 6. Locate the PTE in the hash table */
>       pte_offset = ppc_hash32_htab_lookup(cpu, sr, eaddr, &pte);
>       if (pte_offset == -1) {
> -        if (access_type == MMU_INST_FETCH) {
> -            cs->exception_index = POWERPC_EXCP_ISI;
> -            env->error_code = 0x40000000;
> -        } else {
> -            cs->exception_index = POWERPC_EXCP_DSI;
> -            env->error_code = 0;
> -            env->spr[SPR_DAR] = eaddr;
> -            if (access_type == MMU_DATA_STORE) {
> -                env->spr[SPR_DSISR] = 0x42000000;
> +        if (guest_visible) {
> +            if (access_type == MMU_INST_FETCH) {
> +                cs->exception_index = POWERPC_EXCP_ISI;
> +                env->error_code = 0x40000000;
>               } else {
> -                env->spr[SPR_DSISR] = 0x40000000;
> +                cs->exception_index = POWERPC_EXCP_DSI;
> +                env->error_code = 0;
> +                env->spr[SPR_DAR] = eaddr;
> +                if (access_type == MMU_DATA_STORE) {
> +                    env->spr[SPR_DSISR] = 0x42000000;
> +                } else {
> +                    env->spr[SPR_DSISR] = 0x40000000;
> +                }
>               }
>           }
> -
> -        return 1;
> +        return false;
>       }
>       qemu_log_mask(CPU_LOG_MMU,
>                   "found PTE at offset %08" HWADDR_PRIx "\n", pte_offset);
> @@ -520,20 +527,22 @@ int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
>       if (need_prot & ~prot) {
>           /* Access right violation */
>           qemu_log_mask(CPU_LOG_MMU, "PTE access rejected\n");
> -        if (access_type == MMU_INST_FETCH) {
> -            cs->exception_index = POWERPC_EXCP_ISI;
> -            env->error_code = 0x08000000;
> -        } else {
> -            cs->exception_index = POWERPC_EXCP_DSI;
> -            env->error_code = 0;
> -            env->spr[SPR_DAR] = eaddr;
> -            if (access_type == MMU_DATA_STORE) {
> -                env->spr[SPR_DSISR] = 0x0a000000;
> +        if (guest_visible) {
> +            if (access_type == MMU_INST_FETCH) {
> +                cs->exception_index = POWERPC_EXCP_ISI;
> +                env->error_code = 0x08000000;
>               } else {
> -                env->spr[SPR_DSISR] = 0x08000000;
> +                cs->exception_index = POWERPC_EXCP_DSI;
> +                env->error_code = 0;
> +                env->spr[SPR_DAR] = eaddr;
> +                if (access_type == MMU_DATA_STORE) {
> +                    env->spr[SPR_DSISR] = 0x0a000000;
> +                } else {
> +                    env->spr[SPR_DSISR] = 0x08000000;
> +                }
>               }
>           }
> -        return 1;
> +        return false;
>       }
>   
>       qemu_log_mask(CPU_LOG_MMU, "PTE access granted !\n");
> @@ -557,45 +566,38 @@ int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
>   
>       /* 9. Determine the real address from the PTE */
>   
> -    raddr = ppc_hash32_pte_raddr(sr, pte, eaddr);
> +    *raddrp = ppc_hash32_pte_raddr(sr, pte, eaddr);
> +    *protp = prot;
> +    return true;
> +}
> +
> +int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
> +                                MMUAccessType access_type, int mmu_idx)
> +{
> +    CPUState *cs = CPU(cpu);
> +    int page_size, prot;
> +    hwaddr raddr;
> +
> +    /* Translate eaddr to raddr (where raddr is addr qemu needs for access) */
> +    if (!ppc_hash32_xlate(cpu, eaddr, access_type, &raddr,
> +                           &page_size, &prot, true)) {
> +        return 1;
> +    }
>   
>       tlb_set_page(cs, eaddr & TARGET_PAGE_MASK, raddr & TARGET_PAGE_MASK,
> -                 prot, mmu_idx, TARGET_PAGE_SIZE);
> -
> +                 prot, mmu_idx, 1UL << page_size);
>       return 0;
>   }
>   
>   hwaddr ppc_hash32_get_phys_page_debug(PowerPCCPU *cpu, target_ulong eaddr)
>   {
> -    CPUPPCState *env = &cpu->env;
> -    target_ulong sr;
> -    hwaddr pte_offset;
> -    ppc_hash_pte32_t pte;
> -    int prot;
> +    int psize, prot;
> +    hwaddr raddr;
>   
> -    if (msr_dr == 0) {
> -        /* Translation is off */
> -        return eaddr;
> -    }
> -
> -    if (env->nb_BATs != 0) {
> -        hwaddr raddr = ppc_hash32_bat_lookup(cpu, eaddr, 0, &prot);
> -        if (raddr != -1) {
> -            return raddr;
> -        }
> -    }
> -
> -    sr = env->sr[eaddr >> 28];
> -
> -    if (sr & SR32_T) {
> -        /* FIXME: Add suitable debug support for Direct Store segments */
> +    if (!ppc_hash32_xlate(cpu, eaddr, MMU_DATA_LOAD, &raddr,
> +                           &psize, &prot, false)) {
>           return -1;
>       }
>   
> -    pte_offset = ppc_hash32_htab_lookup(cpu, sr, eaddr, &pte);
> -    if (pte_offset == -1) {
> -        return -1;
> -    }
> -
> -    return ppc_hash32_pte_raddr(sr, pte, eaddr) & TARGET_PAGE_MASK;
> +    return raddr & TARGET_PAGE_MASK;
>   }
-- 
Bruno Piazera Larsen
Instituto de Pesquisas ELDORADO 
<https://www.eldorado.org.br/?utm_campaign=assinatura_de_e-mail&utm_medium=email&utm_source=RD+Station>
Departamento Computação Embarcada
Analista de Software Trainee
Aviso Legal - Disclaimer <https://www.eldorado.org.br/disclaimer.html>

[-- Attachment #2: Type: text/html, Size: 15050 bytes --]

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 22/24] target/ppc: Split out ppc_jumbo_xlate
  2021-05-18 20:11 ` [PATCH 22/24] target/ppc: Split out ppc_jumbo_xlate Richard Henderson
@ 2021-05-19 18:40   ` Bruno Piazera Larsen
  2021-05-24  3:19     ` David Gibson
  0 siblings, 1 reply; 46+ messages in thread
From: Bruno Piazera Larsen @ 2021-05-19 18:40 UTC (permalink / raw)
  To: Richard Henderson, qemu-devel; +Cc: qemu-ppc, david

[-- Attachment #1: Type: text/plain, Size: 15612 bytes --]


On 18/05/2021 17:11, Richard Henderson wrote:
> Mirror the interface of ppc_radix64_xlate (mostly), putting all
> of the logic for older mmu translation into a single entry point.
> For booke, we need to add mmu_idx to the xlate-style interface.
>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Out of my depth again, but testing seems fine, so

Acked-by: Bruno Larsen (billionai)<bruno.larsen@eldorado.org.br>

> ---
>   target/ppc/mmu_helper.c | 181 +++++++++++++++++++++-------------------
>   1 file changed, 97 insertions(+), 84 deletions(-)
>
> diff --git a/target/ppc/mmu_helper.c b/target/ppc/mmu_helper.c
> index 863e556a22..68c2e59238 100644
> --- a/target/ppc/mmu_helper.c
> +++ b/target/ppc/mmu_helper.c
> @@ -1427,48 +1427,6 @@ static int get_physical_address(CPUPPCState *env, mmu_ctx_t *ctx,
>       return get_physical_address_wtlb(env, ctx, eaddr, access_type, type, 0);
>   }
>   
> -hwaddr ppc_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
> -{
> -    PowerPCCPU *cpu = POWERPC_CPU(cs);
> -    CPUPPCState *env = &cpu->env;
> -    mmu_ctx_t ctx;
> -
> -    switch (env->mmu_model) {
> -#if defined(TARGET_PPC64)
> -    case POWERPC_MMU_64B:
> -    case POWERPC_MMU_2_03:
> -    case POWERPC_MMU_2_06:
> -    case POWERPC_MMU_2_07:
> -        return ppc_hash64_get_phys_page_debug(cpu, addr);
> -    case POWERPC_MMU_3_00:
> -        return ppc64_v3_get_phys_page_debug(cpu, addr);
> -#endif
> -
> -    case POWERPC_MMU_32B:
> -    case POWERPC_MMU_601:
> -        return ppc_hash32_get_phys_page_debug(cpu, addr);
> -
> -    default:
> -        ;
> -    }
> -
> -    if (unlikely(get_physical_address(env, &ctx, addr, MMU_DATA_LOAD,
> -                                      ACCESS_INT) != 0)) {
> -
> -        /*
> -         * Some MMUs have separate TLBs for code and data. If we only
> -         * try an ACCESS_INT, we may not be able to read instructions
> -         * mapped by code TLBs, so we also try a ACCESS_CODE.
> -         */
> -        if (unlikely(get_physical_address(env, &ctx, addr, MMU_INST_FETCH,
> -                                          ACCESS_CODE) != 0)) {
> -            return -1;
> -        }
> -    }
> -
> -    return ctx.raddr & TARGET_PAGE_MASK;
> -}
> -
>   static void booke206_update_mas_tlb_miss(CPUPPCState *env, target_ulong address,
>                                            MMUAccessType access_type, int mmu_idx)
>   {
> @@ -1524,30 +1482,38 @@ static void booke206_update_mas_tlb_miss(CPUPPCState *env, target_ulong address,
>   }
>   
>   /* Perform address translation */
> -static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
> -                                    MMUAccessType access_type, int mmu_idx)
> +/* TODO: Split this by mmu_model. */
> +static bool ppc_jumbo_xlate(PowerPCCPU *cpu, vaddr eaddr,
> +                            MMUAccessType access_type,
> +                            hwaddr *raddrp, int *psizep, int *protp,
> +                            int mmu_idx, bool guest_visible)
>   {
> -    CPUState *cs = env_cpu(env);
> -    PowerPCCPU *cpu = POWERPC_CPU(cs);
> +    CPUState *cs = CPU(cpu);
> +    CPUPPCState *env = &cpu->env;
>       mmu_ctx_t ctx;
>       int type;
> -    int ret = 0;
> +    int ret;
>   
>       if (access_type == MMU_INST_FETCH) {
>           /* code access */
>           type = ACCESS_CODE;
> -    } else {
> +    } else if (guest_visible) {
>           /* data access */
>           type = env->access_type;
> +    } else {
> +        type = ACCESS_INT;
>       }
> -    ret = get_physical_address_wtlb(env, &ctx, address, access_type,
> +
> +    ret = get_physical_address_wtlb(env, &ctx, eaddr, access_type,
>                                       type, mmu_idx);
>       if (ret == 0) {
> -        tlb_set_page(cs, address & TARGET_PAGE_MASK,
> -                     ctx.raddr & TARGET_PAGE_MASK, ctx.prot,
> -                     mmu_idx, TARGET_PAGE_SIZE);
> -        ret = 0;
> -    } else if (ret < 0) {
> +        *raddrp = ctx.raddr;
> +        *protp = ctx.prot;
> +        *psizep = TARGET_PAGE_BITS;
> +        return true;
> +    }
> +
> +    if (guest_visible) {
>           LOG_MMU_STATE(cs);
>           if (type == ACCESS_CODE) {
>               switch (ret) {
> @@ -1557,7 +1523,7 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
>                   case POWERPC_MMU_SOFT_6xx:
>                       cs->exception_index = POWERPC_EXCP_IFTLB;
>                       env->error_code = 1 << 18;
> -                    env->spr[SPR_IMISS] = address;
> +                    env->spr[SPR_IMISS] = eaddr;
>                       env->spr[SPR_ICMP] = 0x80000000 | ctx.ptem;
>                       goto tlb_miss;
>                   case POWERPC_MMU_SOFT_74xx:
> @@ -1567,29 +1533,25 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
>                   case POWERPC_MMU_SOFT_4xx_Z:
>                       cs->exception_index = POWERPC_EXCP_ITLB;
>                       env->error_code = 0;
> -                    env->spr[SPR_40x_DEAR] = address;
> +                    env->spr[SPR_40x_DEAR] = eaddr;
>                       env->spr[SPR_40x_ESR] = 0x00000000;
>                       break;
>                   case POWERPC_MMU_BOOKE206:
> -                    booke206_update_mas_tlb_miss(env, address, 2, mmu_idx);
> +                    booke206_update_mas_tlb_miss(env, eaddr, 2, mmu_idx);
>                       /* fall through */
>                   case POWERPC_MMU_BOOKE:
>                       cs->exception_index = POWERPC_EXCP_ITLB;
>                       env->error_code = 0;
> -                    env->spr[SPR_BOOKE_DEAR] = address;
> +                    env->spr[SPR_BOOKE_DEAR] = eaddr;
>                       env->spr[SPR_BOOKE_ESR] = mmubooke206_esr(mmu_idx, MMU_DATA_LOAD);
> -                    return -1;
> -                case POWERPC_MMU_MPC8xx:
> -                    /* XXX: TODO */
> -                    cpu_abort(cs, "MPC8xx MMU model is not implemented\n");
>                       break;
> +                case POWERPC_MMU_MPC8xx:
> +                    cpu_abort(cs, "MPC8xx MMU model is not implemented\n");
>                   case POWERPC_MMU_REAL:
>                       cpu_abort(cs, "PowerPC in real mode should never raise "
>                                 "any MMU exceptions\n");
> -                    return -1;
>                   default:
>                       cpu_abort(cs, "Unknown or invalid MMU model\n");
> -                    return -1;
>                   }
>                   break;
>               case -2:
> @@ -1626,7 +1588,7 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
>                           cs->exception_index = POWERPC_EXCP_DLTLB;
>                           env->error_code = 0;
>                       }
> -                    env->spr[SPR_DMISS] = address;
> +                    env->spr[SPR_DMISS] = eaddr;
>                       env->spr[SPR_DCMP] = 0x80000000 | ctx.ptem;
>                   tlb_miss:
>                       env->error_code |= ctx.key << 19;
> @@ -1644,7 +1606,7 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
>                   tlb_miss_74xx:
>                       /* Implement LRU algorithm */
>                       env->error_code = ctx.key << 19;
> -                    env->spr[SPR_TLBMISS] = (address & ~((target_ulong)0x3)) |
> +                    env->spr[SPR_TLBMISS] = (eaddr & ~((target_ulong)0x3)) |
>                           ((env->last_way + 1) & (env->nb_ways - 1));
>                       env->spr[SPR_PTEHI] = 0x80000000 | ctx.ptem;
>                       break;
> @@ -1652,7 +1614,7 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
>                   case POWERPC_MMU_SOFT_4xx_Z:
>                       cs->exception_index = POWERPC_EXCP_DTLB;
>                       env->error_code = 0;
> -                    env->spr[SPR_40x_DEAR] = address;
> +                    env->spr[SPR_40x_DEAR] = eaddr;
>                       if (access_type == MMU_DATA_STORE) {
>                           env->spr[SPR_40x_ESR] = 0x00800000;
>                       } else {
> @@ -1662,23 +1624,20 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
>                   case POWERPC_MMU_MPC8xx:
>                       /* XXX: TODO */
>                       cpu_abort(cs, "MPC8xx MMU model is not implemented\n");
> -                    break;
>                   case POWERPC_MMU_BOOKE206:
> -                    booke206_update_mas_tlb_miss(env, address, access_type, mmu_idx);
> +                    booke206_update_mas_tlb_miss(env, eaddr, access_type, mmu_idx);
>                       /* fall through */
>                   case POWERPC_MMU_BOOKE:
>                       cs->exception_index = POWERPC_EXCP_DTLB;
>                       env->error_code = 0;
> -                    env->spr[SPR_BOOKE_DEAR] = address;
> +                    env->spr[SPR_BOOKE_DEAR] = eaddr;
>                       env->spr[SPR_BOOKE_ESR] = mmubooke206_esr(mmu_idx, access_type);
> -                    return -1;
> +                    break;
>                   case POWERPC_MMU_REAL:
>                       cpu_abort(cs, "PowerPC in real mode should never raise "
>                                 "any MMU exceptions\n");
> -                    return -1;
>                   default:
>                       cpu_abort(cs, "Unknown or invalid MMU model\n");
> -                    return -1;
>                   }
>                   break;
>               case -2:
> @@ -1687,16 +1646,16 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
>                   env->error_code = 0;
>                   if (env->mmu_model == POWERPC_MMU_SOFT_4xx
>                       || env->mmu_model == POWERPC_MMU_SOFT_4xx_Z) {
> -                    env->spr[SPR_40x_DEAR] = address;
> +                    env->spr[SPR_40x_DEAR] = eaddr;
>                       if (access_type == MMU_DATA_STORE) {
>                           env->spr[SPR_40x_ESR] |= 0x00800000;
>                       }
>                   } else if ((env->mmu_model == POWERPC_MMU_BOOKE) ||
>                              (env->mmu_model == POWERPC_MMU_BOOKE206)) {
> -                    env->spr[SPR_BOOKE_DEAR] = address;
> +                    env->spr[SPR_BOOKE_DEAR] = eaddr;
>                       env->spr[SPR_BOOKE_ESR] = mmubooke206_esr(mmu_idx, access_type);
>                   } else {
> -                    env->spr[SPR_DAR] = address;
> +                    env->spr[SPR_DAR] = eaddr;
>                       if (access_type == MMU_DATA_STORE) {
>                           env->spr[SPR_DSISR] = 0x0A000000;
>                       } else {
> @@ -1711,13 +1670,13 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
>                       /* Floating point load/store */
>                       cs->exception_index = POWERPC_EXCP_ALIGN;
>                       env->error_code = POWERPC_EXCP_ALIGN_FP;
> -                    env->spr[SPR_DAR] = address;
> +                    env->spr[SPR_DAR] = eaddr;
>                       break;
>                   case ACCESS_RES:
>                       /* lwarx, ldarx or stwcx. */
>                       cs->exception_index = POWERPC_EXCP_DSI;
>                       env->error_code = 0;
> -                    env->spr[SPR_DAR] = address;
> +                    env->spr[SPR_DAR] = eaddr;
>                       if (access_type == MMU_DATA_STORE) {
>                           env->spr[SPR_DSISR] = 0x06000000;
>                       } else {
> @@ -1728,7 +1687,7 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
>                       /* eciwx or ecowx */
>                       cs->exception_index = POWERPC_EXCP_DSI;
>                       env->error_code = 0;
> -                    env->spr[SPR_DAR] = address;
> +                    env->spr[SPR_DAR] = eaddr;
>                       if (access_type == MMU_DATA_STORE) {
>                           env->spr[SPR_DSISR] = 0x06100000;
>                       } else {
> @@ -1740,16 +1699,14 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
>                       cs->exception_index = POWERPC_EXCP_PROGRAM;
>                       env->error_code =
>                           POWERPC_EXCP_INVAL | POWERPC_EXCP_INVAL_INVAL;
> -                    env->spr[SPR_DAR] = address;
> +                    env->spr[SPR_DAR] = eaddr;
>                       break;
>                   }
>                   break;
>               }
>           }
> -        ret = 1;
>       }
> -
> -    return ret;
> +    return false;
>   }
>   
>   /*****************************************************************************/
> @@ -2958,6 +2915,62 @@ void helper_check_tlb_flush_global(CPUPPCState *env)
>   
>   /*****************************************************************************/
>   
> +static int cpu_ppc_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
> +                                    MMUAccessType access_type, int mmu_idx)
> +{
> +    CPUState *cs = CPU(cpu);
> +    int page_size, prot;
> +    hwaddr raddr;
> +
> +    if (!ppc_jumbo_xlate(cpu, eaddr, access_type, &raddr,
> +                         &page_size, &prot, mmu_idx, true)) {
> +        return 1;
> +    }
> +
> +    tlb_set_page(cs, eaddr & TARGET_PAGE_MASK, raddr & TARGET_PAGE_MASK,
> +                 prot, mmu_idx, 1UL << page_size);
> +    return 0;
> +}
> +
> +hwaddr ppc_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
> +{
> +    PowerPCCPU *cpu = POWERPC_CPU(cs);
> +    CPUPPCState *env = &cpu->env;
> +    hwaddr raddr;
> +    int s, p;
> +
> +    switch (env->mmu_model) {
> +#if defined(TARGET_PPC64)
> +    case POWERPC_MMU_64B:
> +    case POWERPC_MMU_2_03:
> +    case POWERPC_MMU_2_06:
> +    case POWERPC_MMU_2_07:
> +        return ppc_hash64_get_phys_page_debug(cpu, addr);
> +    case POWERPC_MMU_3_00:
> +        return ppc64_v3_get_phys_page_debug(cpu, addr);
> +#endif
> +
> +    case POWERPC_MMU_32B:
> +    case POWERPC_MMU_601:
> +        return ppc_hash32_get_phys_page_debug(cpu, addr);
> +
> +    default:
> +        ;
> +    }
> +
> +    /*
> +     * Some MMUs have separate TLBs for code and data. If we only
> +     * try an MMU_DATA_LOAD, we may not be able to read instructions
> +     * mapped by code TLBs, so we also try a MMU_INST_FETCH.
> +     */
> +    if (ppc_jumbo_xlate(cpu, addr, MMU_DATA_LOAD, &raddr, &s, &p, 0, false) ||
> +        ppc_jumbo_xlate(cpu, addr, MMU_INST_FETCH, &raddr, &s, &p, 0, false)) {
> +        return raddr & TARGET_PAGE_MASK;
> +    }
> +    return -1;
> +}
> +
> +
>   bool ppc_cpu_tlb_fill(CPUState *cs, vaddr addr, int size,
>                         MMUAccessType access_type, int mmu_idx,
>                         bool probe, uintptr_t retaddr)
> @@ -2985,7 +2998,7 @@ bool ppc_cpu_tlb_fill(CPUState *cs, vaddr addr, int size,
>           break;
>   
>       default:
> -        ret = cpu_ppc_handle_mmu_fault(env, addr, access_type, mmu_idx);
> +        ret = cpu_ppc_handle_mmu_fault(cpu, addr, access_type, mmu_idx);
>           break;
>       }
>       if (unlikely(ret != 0)) {
-- 
Bruno Piazera Larsen
Instituto de Pesquisas ELDORADO 
<https://www.eldorado.org.br/?utm_campaign=assinatura_de_e-mail&utm_medium=email&utm_source=RD+Station>
Departamento Computação Embarcada
Analista de Software Trainee
Aviso Legal - Disclaimer <https://www.eldorado.org.br/disclaimer.html>

[-- Attachment #2: Type: text/html, Size: 16021 bytes --]

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 23/24] target/ppc: Introduce ppc_xlate
  2021-05-18 20:11 ` [PATCH 23/24] target/ppc: Introduce ppc_xlate Richard Henderson
@ 2021-05-19 18:53   ` Bruno Piazera Larsen
  0 siblings, 0 replies; 46+ messages in thread
From: Bruno Piazera Larsen @ 2021-05-19 18:53 UTC (permalink / raw)
  To: Richard Henderson, qemu-devel; +Cc: qemu-ppc, david

[-- Attachment #1: Type: text/plain, Size: 16569 bytes --]


On 18/05/2021 17:11, Richard Henderson wrote:
> Create one common dispatch for all of the ppc_*_xlate functions.
> Use ppc64_v3_radix to directly dispatch between ppc_radix64_xlate
> and ppc_hash64_xlate.
>
> Remove the separate *_handle_mmu_fault and *_get_phys_page_debug
> functions, using common code for ppc_cpu_tlb_fill and
> ppc_cpu_get_phys_page_debug.
>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

Ah, this finally makes sense! I agree that this solution looks quite a 
bit better than what was here before, and acceptance tests say 
everything is fine, so fwiw

Reviewed-by: Bruno Larsen (billionai)<bruno.larsen@eldorado.org.br>

> ---
>   target/ppc/mmu-book3s-v3.h |   5 --
>   target/ppc/mmu-hash32.h    |   6 +--
>   target/ppc/mmu-hash64.h    |   6 +--
>   target/ppc/mmu-radix64.h   |   6 +--
>   target/ppc/mmu-book3s-v3.c |  19 -------
>   target/ppc/mmu-hash32.c    |  38 ++-----------
>   target/ppc/mmu-hash64.c    |  37 ++-----------
>   target/ppc/mmu-radix64.c   |  38 ++-----------
>   target/ppc/mmu_helper.c    | 106 ++++++++++++++-----------------------
>   9 files changed, 58 insertions(+), 203 deletions(-)
>
> diff --git a/target/ppc/mmu-book3s-v3.h b/target/ppc/mmu-book3s-v3.h
> index 7b89be54b8..a1326df969 100644
> --- a/target/ppc/mmu-book3s-v3.h
> +++ b/target/ppc/mmu-book3s-v3.h
> @@ -67,11 +67,6 @@ static inline bool ppc64_v3_radix(PowerPCCPU *cpu)
>       return !!(cpu->env.spr[SPR_LPCR] & LPCR_HR);
>   }
>   
> -hwaddr ppc64_v3_get_phys_page_debug(PowerPCCPU *cpu, vaddr eaddr);
> -
> -int ppc64_v3_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr, int rwx,
> -                              int mmu_idx);
> -
>   static inline hwaddr ppc_hash64_hpt_base(PowerPCCPU *cpu)
>   {
>       uint64_t base;
> diff --git a/target/ppc/mmu-hash32.h b/target/ppc/mmu-hash32.h
> index 30e35718a7..8694eccabd 100644
> --- a/target/ppc/mmu-hash32.h
> +++ b/target/ppc/mmu-hash32.h
> @@ -4,9 +4,9 @@
>   #ifndef CONFIG_USER_ONLY
>   
>   hwaddr get_pteg_offset32(PowerPCCPU *cpu, hwaddr hash);
> -hwaddr ppc_hash32_get_phys_page_debug(PowerPCCPU *cpu, target_ulong addr);
> -int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr address,
> -                                MMUAccessType access_type, int mmu_idx);
> +bool ppc_hash32_xlate(PowerPCCPU *cpu, vaddr eaddr, MMUAccessType access_type,
> +                      hwaddr *raddrp, int *psizep, int *protp,
> +                      bool guest_visible);
>   
>   /*
>    * Segment register definitions
> diff --git a/target/ppc/mmu-hash64.h b/target/ppc/mmu-hash64.h
> index 3e8a8eec1f..9f338e1fe9 100644
> --- a/target/ppc/mmu-hash64.h
> +++ b/target/ppc/mmu-hash64.h
> @@ -7,9 +7,9 @@
>   void dump_slb(PowerPCCPU *cpu);
>   int ppc_store_slb(PowerPCCPU *cpu, target_ulong slot,
>                     target_ulong esid, target_ulong vsid);
> -hwaddr ppc_hash64_get_phys_page_debug(PowerPCCPU *cpu, target_ulong addr);
> -int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr address,
> -                                MMUAccessType access_type, int mmu_idx);
> +bool ppc_hash64_xlate(PowerPCCPU *cpu, vaddr eaddr, MMUAccessType access_type,
> +                      hwaddr *raddrp, int *psizep, int *protp,
> +                      bool guest_visible);
>   void ppc_hash64_tlb_flush_hpte(PowerPCCPU *cpu,
>                                  target_ulong pte_index,
>                                  target_ulong pte0, target_ulong pte1);
> diff --git a/target/ppc/mmu-radix64.h b/target/ppc/mmu-radix64.h
> index 94bd72cb38..6b13b89b64 100644
> --- a/target/ppc/mmu-radix64.h
> +++ b/target/ppc/mmu-radix64.h
> @@ -44,9 +44,9 @@
>   
>   #ifdef TARGET_PPC64
>   
> -int ppc_radix64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
> -                                 MMUAccessType access_type, int mmu_idx);
> -hwaddr ppc_radix64_get_phys_page_debug(PowerPCCPU *cpu, target_ulong addr);
> +bool ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr, MMUAccessType access_type,
> +                       hwaddr *raddr, int *psizep, int *protp,
> +                       bool guest_visible);
>   
>   static inline int ppc_radix64_get_prot_eaa(uint64_t pte)
>   {
> diff --git a/target/ppc/mmu-book3s-v3.c b/target/ppc/mmu-book3s-v3.c
> index c78fd8dc0e..f4985bae78 100644
> --- a/target/ppc/mmu-book3s-v3.c
> +++ b/target/ppc/mmu-book3s-v3.c
> @@ -23,25 +23,6 @@
>   #include "mmu-book3s-v3.h"
>   #include "mmu-radix64.h"
>   
> -int ppc64_v3_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr, int rwx,
> -                              int mmu_idx)
> -{
> -    if (ppc64_v3_radix(cpu)) { /* Guest uses radix */
> -        return ppc_radix64_handle_mmu_fault(cpu, eaddr, rwx, mmu_idx);
> -    } else { /* Guest uses hash */
> -        return ppc_hash64_handle_mmu_fault(cpu, eaddr, rwx, mmu_idx);
> -    }
> -}
> -
> -hwaddr ppc64_v3_get_phys_page_debug(PowerPCCPU *cpu, vaddr eaddr)
> -{
> -    if (ppc64_v3_radix(cpu)) {
> -        return ppc_radix64_get_phys_page_debug(cpu, eaddr);
> -    } else {
> -        return ppc_hash64_get_phys_page_debug(cpu, eaddr);
> -    }
> -}
> -
>   bool ppc64_v3_get_pate(PowerPCCPU *cpu, target_ulong lpid, ppc_v3_pate_t *entry)
>   {
>       uint64_t patb = cpu->env.spr[SPR_PTCR] & PTCR_PATB;
> diff --git a/target/ppc/mmu-hash32.c b/target/ppc/mmu-hash32.c
> index 959dc2ab53..32d1f4a954 100644
> --- a/target/ppc/mmu-hash32.c
> +++ b/target/ppc/mmu-hash32.c
> @@ -425,10 +425,9 @@ static hwaddr ppc_hash32_pte_raddr(target_ulong sr, ppc_hash_pte32_t pte,
>       return (rpn & ~mask) | (eaddr & mask);
>   }
>   
> -static bool ppc_hash32_xlate(PowerPCCPU *cpu, vaddr eaddr,
> -                             MMUAccessType access_type,
> -                             hwaddr *raddrp, int *psizep, int *protp,
> -                             bool guest_visible)
> +bool ppc_hash32_xlate(PowerPCCPU *cpu, vaddr eaddr, MMUAccessType access_type,
> +                      hwaddr *raddrp, int *psizep, int *protp,
> +                      bool guest_visible)
>   {
>       CPUState *cs = CPU(cpu);
>       CPUPPCState *env = &cpu->env;
> @@ -570,34 +569,3 @@ static bool ppc_hash32_xlate(PowerPCCPU *cpu, vaddr eaddr,
>       *protp = prot;
>       return true;
>   }
> -
> -int ppc_hash32_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
> -                                MMUAccessType access_type, int mmu_idx)
> -{
> -    CPUState *cs = CPU(cpu);
> -    int page_size, prot;
> -    hwaddr raddr;
> -
> -    /* Translate eaddr to raddr (where raddr is addr qemu needs for access) */
> -    if (!ppc_hash32_xlate(cpu, eaddr, access_type, &raddr,
> -                           &page_size, &prot, true)) {
> -        return 1;
> -    }
> -
> -    tlb_set_page(cs, eaddr & TARGET_PAGE_MASK, raddr & TARGET_PAGE_MASK,
> -                 prot, mmu_idx, 1UL << page_size);
> -    return 0;
> -}
> -
> -hwaddr ppc_hash32_get_phys_page_debug(PowerPCCPU *cpu, target_ulong eaddr)
> -{
> -    int psize, prot;
> -    hwaddr raddr;
> -
> -    if (!ppc_hash32_xlate(cpu, eaddr, MMU_DATA_LOAD, &raddr,
> -                           &psize, &prot, false)) {
> -        return -1;
> -    }
> -
> -    return raddr & TARGET_PAGE_MASK;
> -}
> diff --git a/target/ppc/mmu-hash64.c b/target/ppc/mmu-hash64.c
> index 3024dd1e8c..ce0068590f 100644
> --- a/target/ppc/mmu-hash64.c
> +++ b/target/ppc/mmu-hash64.c
> @@ -866,10 +866,9 @@ static int build_vrma_slbe(PowerPCCPU *cpu, ppc_slb_t *slb)
>       return -1;
>   }
>   
> -static bool ppc_hash64_xlate(PowerPCCPU *cpu, vaddr eaddr,
> -                             MMUAccessType access_type,
> -                             hwaddr *raddrp, int *psizep, int *protp,
> -                             bool guest_visible)
> +bool ppc_hash64_xlate(PowerPCCPU *cpu, vaddr eaddr, MMUAccessType access_type,
> +                      hwaddr *raddrp, int *psizep, int *protp,
> +                      bool guest_visible)
>   {
>       CPUState *cs = CPU(cpu);
>       CPUPPCState *env = &cpu->env;
> @@ -1087,36 +1086,6 @@ static bool ppc_hash64_xlate(PowerPCCPU *cpu, vaddr eaddr,
>       return true;
>   }
>   
> -int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
> -                                MMUAccessType access_type, int mmu_idx)
> -{
> -    CPUState *cs = CPU(cpu);
> -    int page_size, prot;
> -    hwaddr raddr;
> -
> -    if (!ppc_hash64_xlate(cpu, eaddr, access_type, &raddr,
> -                          &page_size, &prot, true)) {
> -        return 1;
> -    }
> -
> -    tlb_set_page(cs, eaddr & TARGET_PAGE_MASK, raddr & TARGET_PAGE_MASK,
> -                 prot, mmu_idx, 1UL << page_size);
> -    return 0;
> -}
> -
> -hwaddr ppc_hash64_get_phys_page_debug(PowerPCCPU *cpu, target_ulong eaddr)
> -{
> -    int psize, prot;
> -    hwaddr raddr;
> -
> -    if (!ppc_hash64_xlate(cpu, eaddr, MMU_DATA_LOAD, &raddr,
> -                          &psize, &prot, false)) {
> -        return -1;
> -    }
> -
> -    return raddr & TARGET_PAGE_MASK;
> -}
> -
>   void ppc_hash64_tlb_flush_hpte(PowerPCCPU *cpu, target_ulong ptex,
>                                  target_ulong pte0, target_ulong pte1)
>   {
> diff --git a/target/ppc/mmu-radix64.c b/target/ppc/mmu-radix64.c
> index 7af3e697b2..eabfe4e261 100644
> --- a/target/ppc/mmu-radix64.c
> +++ b/target/ppc/mmu-radix64.c
> @@ -464,10 +464,9 @@ static int ppc_radix64_process_scoped_xlate(PowerPCCPU *cpu,
>    *              | = On        | Process Scoped |    Scoped     |
>    *              +-------------+----------------+---------------+
>    */
> -static bool ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr,
> -                              MMUAccessType access_type,
> -                              hwaddr *raddr, int *psizep, int *protp,
> -                              bool guest_visible)
> +bool ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr, MMUAccessType access_type,
> +                       hwaddr *raddr, int *psizep, int *protp,
> +                       bool guest_visible)
>   {
>       CPUPPCState *env = &cpu->env;
>       uint64_t lpid, pid;
> @@ -585,34 +584,3 @@ static bool ppc_radix64_xlate(PowerPCCPU *cpu, vaddr eaddr,
>   
>       return true;
>   }
> -
> -int ppc_radix64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
> -                                 MMUAccessType access_type, int mmu_idx)
> -{
> -    CPUState *cs = CPU(cpu);
> -    int page_size, prot;
> -    hwaddr raddr;
> -
> -    /* Translate eaddr to raddr (where raddr is addr qemu needs for access) */
> -    if (!ppc_radix64_xlate(cpu, eaddr, access_type, &raddr,
> -                           &page_size, &prot, true)) {
> -        return 1;
> -    }
> -
> -    tlb_set_page(cs, eaddr & TARGET_PAGE_MASK, raddr & TARGET_PAGE_MASK,
> -                 prot, mmu_idx, 1UL << page_size);
> -    return 0;
> -}
> -
> -hwaddr ppc_radix64_get_phys_page_debug(PowerPCCPU *cpu, target_ulong eaddr)
> -{
> -    int psize, prot;
> -    hwaddr raddr;
> -
> -    if (!ppc_radix64_xlate(cpu, eaddr, MMU_DATA_LOAD, &raddr,
> -                           &psize, &prot, false)) {
> -        return -1;
> -    }
> -
> -    return raddr & TARGET_PAGE_MASK;
> -}
> diff --git a/target/ppc/mmu_helper.c b/target/ppc/mmu_helper.c
> index 68c2e59238..2535ea1836 100644
> --- a/target/ppc/mmu_helper.c
> +++ b/target/ppc/mmu_helper.c
> @@ -2915,98 +2915,72 @@ void helper_check_tlb_flush_global(CPUPPCState *env)
>   
>   /*****************************************************************************/
>   
> -static int cpu_ppc_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
> -                                    MMUAccessType access_type, int mmu_idx)
> +static bool ppc_xlate(PowerPCCPU *cpu, vaddr eaddr, MMUAccessType access_type,
> +                      hwaddr *raddrp, int *psizep, int *protp,
> +                      int mmu_idx, bool guest_visible)
>   {
> -    CPUState *cs = CPU(cpu);
> -    int page_size, prot;
> -    hwaddr raddr;
> +    switch (cpu->env.mmu_model) {
> +#if defined(TARGET_PPC64)
> +    case POWERPC_MMU_3_00:
> +        if (ppc64_v3_radix(cpu)) {
> +            return ppc_radix64_xlate(cpu, eaddr, access_type,
> +                                     raddrp, psizep, protp, guest_visible);
> +        }
> +        /* fall through */
> +    case POWERPC_MMU_64B:
> +    case POWERPC_MMU_2_03:
> +    case POWERPC_MMU_2_06:
> +    case POWERPC_MMU_2_07:
> +        return ppc_hash64_xlate(cpu, eaddr, access_type,
> +                                raddrp, psizep, protp, guest_visible);
> +#endif
>   
> -    if (!ppc_jumbo_xlate(cpu, eaddr, access_type, &raddr,
> -                         &page_size, &prot, mmu_idx, true)) {
> -        return 1;
> +    case POWERPC_MMU_32B:
> +    case POWERPC_MMU_601:
> +        return ppc_hash32_xlate(cpu, eaddr, access_type,
> +                                raddrp, psizep, protp, guest_visible);
> +
> +    default:
> +        return ppc_jumbo_xlate(cpu, eaddr, access_type, raddrp,
> +                               psizep, protp, mmu_idx, guest_visible);
>       }
> -
> -    tlb_set_page(cs, eaddr & TARGET_PAGE_MASK, raddr & TARGET_PAGE_MASK,
> -                 prot, mmu_idx, 1UL << page_size);
> -    return 0;
>   }
>   
>   hwaddr ppc_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
>   {
>       PowerPCCPU *cpu = POWERPC_CPU(cs);
> -    CPUPPCState *env = &cpu->env;
>       hwaddr raddr;
>       int s, p;
>   
> -    switch (env->mmu_model) {
> -#if defined(TARGET_PPC64)
> -    case POWERPC_MMU_64B:
> -    case POWERPC_MMU_2_03:
> -    case POWERPC_MMU_2_06:
> -    case POWERPC_MMU_2_07:
> -        return ppc_hash64_get_phys_page_debug(cpu, addr);
> -    case POWERPC_MMU_3_00:
> -        return ppc64_v3_get_phys_page_debug(cpu, addr);
> -#endif
> -
> -    case POWERPC_MMU_32B:
> -    case POWERPC_MMU_601:
> -        return ppc_hash32_get_phys_page_debug(cpu, addr);
> -
> -    default:
> -        ;
> -    }
> -
>       /*
>        * Some MMUs have separate TLBs for code and data. If we only
>        * try an MMU_DATA_LOAD, we may not be able to read instructions
>        * mapped by code TLBs, so we also try a MMU_INST_FETCH.
>        */
> -    if (ppc_jumbo_xlate(cpu, addr, MMU_DATA_LOAD, &raddr, &s, &p, 0, false) ||
> -        ppc_jumbo_xlate(cpu, addr, MMU_INST_FETCH, &raddr, &s, &p, 0, false)) {
> +    if (ppc_xlate(cpu, addr, MMU_DATA_LOAD, &raddr, &s, &p, 0, false) ||
> +        ppc_xlate(cpu, addr, MMU_INST_FETCH, &raddr, &s, &p, 0, false)) {
>           return raddr & TARGET_PAGE_MASK;
>       }
>       return -1;
>   }
>   
> -
> -bool ppc_cpu_tlb_fill(CPUState *cs, vaddr addr, int size,
> +bool ppc_cpu_tlb_fill(CPUState *cs, vaddr eaddr, int size,
>                         MMUAccessType access_type, int mmu_idx,
>                         bool probe, uintptr_t retaddr)
>   {
>       PowerPCCPU *cpu = POWERPC_CPU(cs);
> -    CPUPPCState *env = &cpu->env;
> -    int ret;
> +    hwaddr raddr;
> +    int page_size, prot;
>   
> -    switch (env->mmu_model) {
> -#if defined(TARGET_PPC64)
> -    case POWERPC_MMU_64B:
> -    case POWERPC_MMU_2_03:
> -    case POWERPC_MMU_2_06:
> -    case POWERPC_MMU_2_07:
> -        ret = ppc_hash64_handle_mmu_fault(cpu, addr, access_type, mmu_idx);
> -        break;
> -    case POWERPC_MMU_3_00:
> -        ret = ppc64_v3_handle_mmu_fault(cpu, addr, access_type, mmu_idx);
> -        break;
> -#endif
> -
> -    case POWERPC_MMU_32B:
> -    case POWERPC_MMU_601:
> -        ret = ppc_hash32_handle_mmu_fault(cpu, addr, access_type, mmu_idx);
> -        break;
> -
> -    default:
> -        ret = cpu_ppc_handle_mmu_fault(cpu, addr, access_type, mmu_idx);
> -        break;
> +    if (ppc_xlate(cpu, eaddr, access_type, &raddr,
> +                  &page_size, &prot, mmu_idx, !probe)) {
> +        tlb_set_page(cs, eaddr & TARGET_PAGE_MASK, raddr & TARGET_PAGE_MASK,
> +                     prot, mmu_idx, 1UL << page_size);
> +        return true;
>       }
> -    if (unlikely(ret != 0)) {
> -        if (probe) {
> -            return false;
> -        }
> -        raise_exception_err_ra(env, cs->exception_index, env->error_code,
> -                               retaddr);
> +    if (probe) {
> +        return false;
>       }
> -    return true;
> +    raise_exception_err_ra(&cpu->env, cs->exception_index,
> +                           cpu->env.error_code, retaddr);
>   }
-- 
Bruno Piazera Larsen
Instituto de Pesquisas ELDORADO 
<https://www.eldorado.org.br/?utm_campaign=assinatura_de_e-mail&utm_medium=email&utm_source=RD+Station>
Departamento Computação Embarcada
Analista de Software Trainee
Aviso Legal - Disclaimer <https://www.eldorado.org.br/disclaimer.html>

[-- Attachment #2: Type: text/html, Size: 16851 bytes --]

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 00/24] target/ppc: Clean up mmu translation
  2021-05-19  2:52 ` [PATCH 00/24] target/ppc: Clean up mmu translation David Gibson
@ 2021-05-19 20:37   ` Richard Henderson
  2021-05-19 22:47     ` Richard Henderson
  0 siblings, 1 reply; 46+ messages in thread
From: Richard Henderson @ 2021-05-19 20:37 UTC (permalink / raw)
  To: David Gibson; +Cc: bruno.larsen, qemu-ppc, qemu-devel

On 5/18/21 9:52 PM, David Gibson wrote:
> On Tue, May 18, 2021 at 03:11:22PM -0500, Richard Henderson wrote:
>> This attempts the cleanup I've been talking about with Bruno.
>>
>> On the way, there's a lot of MMUAccessType cleanup, to get the
>> code into the form I wanted the interface to share.  There's a
>> lot more cleanup that could be done, particularly wrt the older
>> mmu models.
> 
> I've applied 1..15, still looking at the rest.

Please dequeue.  I want to create a new mmu-internal.h, which affects all the 
patches from #1.


r~



^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 00/24] target/ppc: Clean up mmu translation
  2021-05-19 20:37   ` Richard Henderson
@ 2021-05-19 22:47     ` Richard Henderson
  2021-05-24  3:26       ` David Gibson
  0 siblings, 1 reply; 46+ messages in thread
From: Richard Henderson @ 2021-05-19 22:47 UTC (permalink / raw)
  To: David Gibson; +Cc: bruno.larsen, qemu-ppc, qemu-devel

On 5/19/21 3:37 PM, Richard Henderson wrote:
> On 5/18/21 9:52 PM, David Gibson wrote:
>> I've applied 1..15, still looking at the rest.
> 
> Please dequeue.  I want to create a new mmu-internal.h, which affects all the 
> patches from #1.

Alternately, don't.  I can move the function later, and it may be a while 
before I can get back to this.

Two outstanding bugs:

(1) mmu-radix64.c vs hypervisors.  You'll not see these unless you run kvm 
inside of tcg.

Basically, all usage of msr_{hv,pr,ir,dr} within ppc_*_xlate is incorrect.  We 
should be pulling these from the 3 bits of mmu_idx, as outlined in the table in 
hreg_compute_hflags_value.

When you start propagating that around, you see that the second-level 
translation for loading the pte (2 of the 3 calls to 
ppc_radix64_partition_scoped_xlate) should not be using the mmu_idx related to 
the user-mode guest access, but should be using the mmu_idx of the 
kernel/hypervisor that owns the page table.

I can't see that mmu-radix64.c has the same problem.  I'm not really sure how 
the second-level translation for hypervisors works there.  Is it by the 
hypervisor altering the hash table as it is loaded?

(2) The direct-segment accesses for 6xx and hash32 use ACCESS_* to 
conditionally reject an mmu access.  This is flawed, because we only arrive 
into these translation routines on the softtlb slow path.  If we have an 
ACCESS_INT and then an ACCESS_FLOAT, the first will load a tlb entry which the 
second will use to stay on the fast path.

There are several possible solutions:

  (A) Give tlb_set_page size == 1 for direct-segment addresses.
      This will cause cputlb.c to force all references to the page
      back through the slow path and through tlb_fill.  At which
      point env->access_type is correct for each access, and we
      can reject on type.

      This could be really slow.  But since these direct-segment
      accesses are also uncached, I would expect the guest OS to
      only be using them for i/o access.  Which is already slow,
      so perhaps the extra trip through tlb_fill isn't noticeable.

  (B) Use additional mmu_idx.  Not ideal, since we wouldn't be
      sharing softtlb entries for ACCESS_INT and ACCESS_FLOAT
      and ACCESS_RES for the normal case.  But the relevant
      mmu_models do not have hypervisor support, so we could
      still fit them in to 8 mmu_idx.  We'd probably want to
      use special code for ACCESS_CACHE and ACCESS_EXT here.

  (C) Ignore this special case entirely, dropping everything
      related to env->access_type.  The section of code that
      uses them is all for really old machine types with
      comments like

         /* Direct-store segment : absolutely *BUGGY* for now */

      which is not encouraging.  And short of writing our own
      test cases we're not likely to have any code to exercise
      this.


r~


^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 24/24] target/ppc: Restrict ppc_cpu_tlb_fill to TCG
  2021-05-18 20:11 ` [PATCH 24/24] target/ppc: Restrict ppc_cpu_tlb_fill to TCG Richard Henderson
@ 2021-05-20 13:18   ` Bruno Piazera Larsen
  2021-05-20 14:52     ` Richard Henderson
  0 siblings, 1 reply; 46+ messages in thread
From: Bruno Piazera Larsen @ 2021-05-20 13:18 UTC (permalink / raw)
  To: Richard Henderson, qemu-devel; +Cc: qemu-ppc, david

[-- Attachment #1: Type: text/plain, Size: 1506 bytes --]


On 18/05/2021 17:11, Richard Henderson wrote:
> This function is used by TCGCPUOps, and is thus TCG specific.
>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
>   target/ppc/mmu_helper.c | 2 ++
>   1 file changed, 2 insertions(+)
>
> diff --git a/target/ppc/mmu_helper.c b/target/ppc/mmu_helper.c
> index 2535ea1836..78e6f7496b 100644
> --- a/target/ppc/mmu_helper.c
> +++ b/target/ppc/mmu_helper.c
> @@ -2964,6 +2964,7 @@ hwaddr ppc_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
>       return -1;
>   }
>   
> +#ifdef CONFIG_TCG
>   bool ppc_cpu_tlb_fill(CPUState *cs, vaddr eaddr, int size,
>                         MMUAccessType access_type, int mmu_idx,
>                         bool probe, uintptr_t retaddr)
> @@ -2984,3 +2985,4 @@ bool ppc_cpu_tlb_fill(CPUState *cs, vaddr eaddr, int size,
>       raise_exception_err_ra(&cpu->env, cs->exception_index,
>                              cpu->env.error_code, retaddr);
>   }
> +#endif

This patch makes it look like we would compile mmu_helper.c after all. 
Is that it? That looks like the simplest solution (ifdef'ing away all 
helpers) but I thought mmu_helper was supposed to have all TCG-only code 
relating to MMU.

-- 

Bruno Piazera Larsen
Instituto de Pesquisas ELDORADO 
<https://www.eldorado.org.br/?utm_campaign=assinatura_de_e-mail&utm_medium=email&utm_source=RD+Station>
Departamento Computação Embarcada
Analista de Software Trainee
Aviso Legal - Disclaimer <https://www.eldorado.org.br/disclaimer.html>

[-- Attachment #2: Type: text/html, Size: 2080 bytes --]

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 24/24] target/ppc: Restrict ppc_cpu_tlb_fill to TCG
  2021-05-20 13:18   ` Bruno Piazera Larsen
@ 2021-05-20 14:52     ` Richard Henderson
  2021-05-20 17:13       ` Bruno Piazera Larsen
  0 siblings, 1 reply; 46+ messages in thread
From: Richard Henderson @ 2021-05-20 14:52 UTC (permalink / raw)
  To: Bruno Piazera Larsen, qemu-devel; +Cc: qemu-ppc, david

On 5/20/21 8:18 AM, Bruno Piazera Larsen wrote:
>> +#ifdef CONFIG_TCG
>>   bool ppc_cpu_tlb_fill(CPUState *cs, vaddr eaddr, int size,
>>                         MMUAccessType access_type, int mmu_idx,
>>                         bool probe, uintptr_t retaddr)
>> @@ -2984,3 +2985,4 @@ bool ppc_cpu_tlb_fill(CPUState *cs, vaddr eaddr, int size,
>>       raise_exception_err_ra(&cpu->env, cs->exception_index,
>>                              cpu->env.error_code, retaddr);
>>   }
>> +#endif
> 
> This patch makes it look like we would compile mmu_helper.c after all. Is that 
> it? That looks like the simplest solution (ifdef'ing away all helpers) but I 
> thought mmu_helper was supposed to have all TCG-only code relating to MMU.

Yes, we will always compile mmu_helper.c. -- it was always going to have the 
stuff for gdbstub.

It was exc_helper which I was hoping for tcg-only (but then we decided that 
ifdefs were going to be the short-term solution).


r~


^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 24/24] target/ppc: Restrict ppc_cpu_tlb_fill to TCG
  2021-05-20 14:52     ` Richard Henderson
@ 2021-05-20 17:13       ` Bruno Piazera Larsen
  0 siblings, 0 replies; 46+ messages in thread
From: Bruno Piazera Larsen @ 2021-05-20 17:13 UTC (permalink / raw)
  To: Richard Henderson, qemu-devel; +Cc: lucas.araujo, qemu-ppc, david

[-- Attachment #1: Type: text/plain, Size: 2242 bytes --]


On 20/05/2021 11:52, Richard Henderson wrote:
> On 5/20/21 8:18 AM, Bruno Piazera Larsen wrote:
>>> +#ifdef CONFIG_TCG
>>>   bool ppc_cpu_tlb_fill(CPUState *cs, vaddr eaddr, int size,
>>>                         MMUAccessType access_type, int mmu_idx,
>>>                         bool probe, uintptr_t retaddr)
>>> @@ -2984,3 +2985,4 @@ bool ppc_cpu_tlb_fill(CPUState *cs, vaddr 
>>> eaddr, int size,
>>>       raise_exception_err_ra(&cpu->env, cs->exception_index,
>>>                              cpu->env.error_code, retaddr);
>>>   }
>>> +#endif
>>
>> This patch makes it look like we would compile mmu_helper.c after 
>> all. Is that it? That looks like the simplest solution (ifdef'ing 
>> away all helpers) but I thought mmu_helper was supposed to have all 
>> TCG-only code relating to MMU.
>
> Yes, we will always compile mmu_helper.c. -- it was always going to 
> have the stuff for gdbstub.
>
> It was exc_helper which I was hoping for tcg-only (but then we decided 
> that ifdefs were going to be the short-term solution).
>
Ah, it was just me misremembering then. Well, with this patch and the 
final bits that I hadn't sent with v2 (I didn't want to change 
meson.build without fully supporting disable-tcg) everything is 
compiling, but tests are... spotty, at best

The check-acceptance group of tests only had one test that was passed, 
the tests/acceptance/machine_ppc.py:PpcMachine.test_ppc64_pseries, all 
the others either timed out or failed, and make check got up to 
prom-env-test, which failed and left the whole thing hanging. The fail 
was: ../../tests/qtest/prom-env-test.c:43:check_guest_memory: assertion 
failed (signature == MAGIC): (0x00000000 == 0xcafec0de)

I bring this up because I don't know how much shoul dbe working and how 
much is TCG-only testing which shouldn't be running and we should 
disable for the final patch

-- 
Bruno Piazera Larsen
Instituto de Pesquisas ELDORADO 
<https://www.eldorado.org.br/?utm_campaign=assinatura_de_e-mail&utm_medium=email&utm_source=RD+Station>
Departamento Computação Embarcada
Analista de Software Trainee
Aviso Legal - Disclaimer <https://www.eldorado.org.br/disclaimer.html>

[-- Attachment #2: Type: text/html, Size: 3230 bytes --]

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 22/24] target/ppc: Split out ppc_jumbo_xlate
  2021-05-19 18:40   ` Bruno Piazera Larsen
@ 2021-05-24  3:19     ` David Gibson
  0 siblings, 0 replies; 46+ messages in thread
From: David Gibson @ 2021-05-24  3:19 UTC (permalink / raw)
  To: Bruno Piazera Larsen; +Cc: qemu-ppc, Richard Henderson, qemu-devel

[-- Attachment #1: Type: text/plain, Size: 16645 bytes --]

On Wed, May 19, 2021 at 03:40:15PM -0300, Bruno Piazera Larsen wrote:
> 
> On 18/05/2021 17:11, Richard Henderson wrote:
> > Mirror the interface of ppc_radix64_xlate (mostly), putting all
> > of the logic for older mmu translation into a single entry point.
> > For booke, we need to add mmu_idx to the xlate-style interface.
> > 
> > Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> Out of my depth again, but testing seems fine, so

In this case you want "Tested-by" rather than "Acked-by".

> Acked-by: Bruno Larsen (billionai)<bruno.larsen@eldorado.org.br>
> 
> > ---
> >   target/ppc/mmu_helper.c | 181 +++++++++++++++++++++-------------------
> >   1 file changed, 97 insertions(+), 84 deletions(-)
> > 
> > diff --git a/target/ppc/mmu_helper.c b/target/ppc/mmu_helper.c
> > index 863e556a22..68c2e59238 100644
> > --- a/target/ppc/mmu_helper.c
> > +++ b/target/ppc/mmu_helper.c
> > @@ -1427,48 +1427,6 @@ static int get_physical_address(CPUPPCState *env, mmu_ctx_t *ctx,
> >       return get_physical_address_wtlb(env, ctx, eaddr, access_type, type, 0);
> >   }
> > -hwaddr ppc_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
> > -{
> > -    PowerPCCPU *cpu = POWERPC_CPU(cs);
> > -    CPUPPCState *env = &cpu->env;
> > -    mmu_ctx_t ctx;
> > -
> > -    switch (env->mmu_model) {
> > -#if defined(TARGET_PPC64)
> > -    case POWERPC_MMU_64B:
> > -    case POWERPC_MMU_2_03:
> > -    case POWERPC_MMU_2_06:
> > -    case POWERPC_MMU_2_07:
> > -        return ppc_hash64_get_phys_page_debug(cpu, addr);
> > -    case POWERPC_MMU_3_00:
> > -        return ppc64_v3_get_phys_page_debug(cpu, addr);
> > -#endif
> > -
> > -    case POWERPC_MMU_32B:
> > -    case POWERPC_MMU_601:
> > -        return ppc_hash32_get_phys_page_debug(cpu, addr);
> > -
> > -    default:
> > -        ;
> > -    }
> > -
> > -    if (unlikely(get_physical_address(env, &ctx, addr, MMU_DATA_LOAD,
> > -                                      ACCESS_INT) != 0)) {
> > -
> > -        /*
> > -         * Some MMUs have separate TLBs for code and data. If we only
> > -         * try an ACCESS_INT, we may not be able to read instructions
> > -         * mapped by code TLBs, so we also try a ACCESS_CODE.
> > -         */
> > -        if (unlikely(get_physical_address(env, &ctx, addr, MMU_INST_FETCH,
> > -                                          ACCESS_CODE) != 0)) {
> > -            return -1;
> > -        }
> > -    }
> > -
> > -    return ctx.raddr & TARGET_PAGE_MASK;
> > -}
> > -
> >   static void booke206_update_mas_tlb_miss(CPUPPCState *env, target_ulong address,
> >                                            MMUAccessType access_type, int mmu_idx)
> >   {
> > @@ -1524,30 +1482,38 @@ static void booke206_update_mas_tlb_miss(CPUPPCState *env, target_ulong address,
> >   }
> >   /* Perform address translation */
> > -static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
> > -                                    MMUAccessType access_type, int mmu_idx)
> > +/* TODO: Split this by mmu_model. */
> > +static bool ppc_jumbo_xlate(PowerPCCPU *cpu, vaddr eaddr,
> > +                            MMUAccessType access_type,
> > +                            hwaddr *raddrp, int *psizep, int *protp,
> > +                            int mmu_idx, bool guest_visible)
> >   {
> > -    CPUState *cs = env_cpu(env);
> > -    PowerPCCPU *cpu = POWERPC_CPU(cs);
> > +    CPUState *cs = CPU(cpu);
> > +    CPUPPCState *env = &cpu->env;
> >       mmu_ctx_t ctx;
> >       int type;
> > -    int ret = 0;
> > +    int ret;
> >       if (access_type == MMU_INST_FETCH) {
> >           /* code access */
> >           type = ACCESS_CODE;
> > -    } else {
> > +    } else if (guest_visible) {
> >           /* data access */
> >           type = env->access_type;
> > +    } else {
> > +        type = ACCESS_INT;
> >       }
> > -    ret = get_physical_address_wtlb(env, &ctx, address, access_type,
> > +
> > +    ret = get_physical_address_wtlb(env, &ctx, eaddr, access_type,
> >                                       type, mmu_idx);
> >       if (ret == 0) {
> > -        tlb_set_page(cs, address & TARGET_PAGE_MASK,
> > -                     ctx.raddr & TARGET_PAGE_MASK, ctx.prot,
> > -                     mmu_idx, TARGET_PAGE_SIZE);
> > -        ret = 0;
> > -    } else if (ret < 0) {
> > +        *raddrp = ctx.raddr;
> > +        *protp = ctx.prot;
> > +        *psizep = TARGET_PAGE_BITS;
> > +        return true;
> > +    }
> > +
> > +    if (guest_visible) {
> >           LOG_MMU_STATE(cs);
> >           if (type == ACCESS_CODE) {
> >               switch (ret) {
> > @@ -1557,7 +1523,7 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
> >                   case POWERPC_MMU_SOFT_6xx:
> >                       cs->exception_index = POWERPC_EXCP_IFTLB;
> >                       env->error_code = 1 << 18;
> > -                    env->spr[SPR_IMISS] = address;
> > +                    env->spr[SPR_IMISS] = eaddr;
> >                       env->spr[SPR_ICMP] = 0x80000000 | ctx.ptem;
> >                       goto tlb_miss;
> >                   case POWERPC_MMU_SOFT_74xx:
> > @@ -1567,29 +1533,25 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
> >                   case POWERPC_MMU_SOFT_4xx_Z:
> >                       cs->exception_index = POWERPC_EXCP_ITLB;
> >                       env->error_code = 0;
> > -                    env->spr[SPR_40x_DEAR] = address;
> > +                    env->spr[SPR_40x_DEAR] = eaddr;
> >                       env->spr[SPR_40x_ESR] = 0x00000000;
> >                       break;
> >                   case POWERPC_MMU_BOOKE206:
> > -                    booke206_update_mas_tlb_miss(env, address, 2, mmu_idx);
> > +                    booke206_update_mas_tlb_miss(env, eaddr, 2, mmu_idx);
> >                       /* fall through */
> >                   case POWERPC_MMU_BOOKE:
> >                       cs->exception_index = POWERPC_EXCP_ITLB;
> >                       env->error_code = 0;
> > -                    env->spr[SPR_BOOKE_DEAR] = address;
> > +                    env->spr[SPR_BOOKE_DEAR] = eaddr;
> >                       env->spr[SPR_BOOKE_ESR] = mmubooke206_esr(mmu_idx, MMU_DATA_LOAD);
> > -                    return -1;
> > -                case POWERPC_MMU_MPC8xx:
> > -                    /* XXX: TODO */
> > -                    cpu_abort(cs, "MPC8xx MMU model is not implemented\n");
> >                       break;
> > +                case POWERPC_MMU_MPC8xx:
> > +                    cpu_abort(cs, "MPC8xx MMU model is not implemented\n");
> >                   case POWERPC_MMU_REAL:
> >                       cpu_abort(cs, "PowerPC in real mode should never raise "
> >                                 "any MMU exceptions\n");
> > -                    return -1;
> >                   default:
> >                       cpu_abort(cs, "Unknown or invalid MMU model\n");
> > -                    return -1;
> >                   }
> >                   break;
> >               case -2:
> > @@ -1626,7 +1588,7 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
> >                           cs->exception_index = POWERPC_EXCP_DLTLB;
> >                           env->error_code = 0;
> >                       }
> > -                    env->spr[SPR_DMISS] = address;
> > +                    env->spr[SPR_DMISS] = eaddr;
> >                       env->spr[SPR_DCMP] = 0x80000000 | ctx.ptem;
> >                   tlb_miss:
> >                       env->error_code |= ctx.key << 19;
> > @@ -1644,7 +1606,7 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
> >                   tlb_miss_74xx:
> >                       /* Implement LRU algorithm */
> >                       env->error_code = ctx.key << 19;
> > -                    env->spr[SPR_TLBMISS] = (address & ~((target_ulong)0x3)) |
> > +                    env->spr[SPR_TLBMISS] = (eaddr & ~((target_ulong)0x3)) |
> >                           ((env->last_way + 1) & (env->nb_ways - 1));
> >                       env->spr[SPR_PTEHI] = 0x80000000 | ctx.ptem;
> >                       break;
> > @@ -1652,7 +1614,7 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
> >                   case POWERPC_MMU_SOFT_4xx_Z:
> >                       cs->exception_index = POWERPC_EXCP_DTLB;
> >                       env->error_code = 0;
> > -                    env->spr[SPR_40x_DEAR] = address;
> > +                    env->spr[SPR_40x_DEAR] = eaddr;
> >                       if (access_type == MMU_DATA_STORE) {
> >                           env->spr[SPR_40x_ESR] = 0x00800000;
> >                       } else {
> > @@ -1662,23 +1624,20 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
> >                   case POWERPC_MMU_MPC8xx:
> >                       /* XXX: TODO */
> >                       cpu_abort(cs, "MPC8xx MMU model is not implemented\n");
> > -                    break;
> >                   case POWERPC_MMU_BOOKE206:
> > -                    booke206_update_mas_tlb_miss(env, address, access_type, mmu_idx);
> > +                    booke206_update_mas_tlb_miss(env, eaddr, access_type, mmu_idx);
> >                       /* fall through */
> >                   case POWERPC_MMU_BOOKE:
> >                       cs->exception_index = POWERPC_EXCP_DTLB;
> >                       env->error_code = 0;
> > -                    env->spr[SPR_BOOKE_DEAR] = address;
> > +                    env->spr[SPR_BOOKE_DEAR] = eaddr;
> >                       env->spr[SPR_BOOKE_ESR] = mmubooke206_esr(mmu_idx, access_type);
> > -                    return -1;
> > +                    break;
> >                   case POWERPC_MMU_REAL:
> >                       cpu_abort(cs, "PowerPC in real mode should never raise "
> >                                 "any MMU exceptions\n");
> > -                    return -1;
> >                   default:
> >                       cpu_abort(cs, "Unknown or invalid MMU model\n");
> > -                    return -1;
> >                   }
> >                   break;
> >               case -2:
> > @@ -1687,16 +1646,16 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
> >                   env->error_code = 0;
> >                   if (env->mmu_model == POWERPC_MMU_SOFT_4xx
> >                       || env->mmu_model == POWERPC_MMU_SOFT_4xx_Z) {
> > -                    env->spr[SPR_40x_DEAR] = address;
> > +                    env->spr[SPR_40x_DEAR] = eaddr;
> >                       if (access_type == MMU_DATA_STORE) {
> >                           env->spr[SPR_40x_ESR] |= 0x00800000;
> >                       }
> >                   } else if ((env->mmu_model == POWERPC_MMU_BOOKE) ||
> >                              (env->mmu_model == POWERPC_MMU_BOOKE206)) {
> > -                    env->spr[SPR_BOOKE_DEAR] = address;
> > +                    env->spr[SPR_BOOKE_DEAR] = eaddr;
> >                       env->spr[SPR_BOOKE_ESR] = mmubooke206_esr(mmu_idx, access_type);
> >                   } else {
> > -                    env->spr[SPR_DAR] = address;
> > +                    env->spr[SPR_DAR] = eaddr;
> >                       if (access_type == MMU_DATA_STORE) {
> >                           env->spr[SPR_DSISR] = 0x0A000000;
> >                       } else {
> > @@ -1711,13 +1670,13 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
> >                       /* Floating point load/store */
> >                       cs->exception_index = POWERPC_EXCP_ALIGN;
> >                       env->error_code = POWERPC_EXCP_ALIGN_FP;
> > -                    env->spr[SPR_DAR] = address;
> > +                    env->spr[SPR_DAR] = eaddr;
> >                       break;
> >                   case ACCESS_RES:
> >                       /* lwarx, ldarx or stwcx. */
> >                       cs->exception_index = POWERPC_EXCP_DSI;
> >                       env->error_code = 0;
> > -                    env->spr[SPR_DAR] = address;
> > +                    env->spr[SPR_DAR] = eaddr;
> >                       if (access_type == MMU_DATA_STORE) {
> >                           env->spr[SPR_DSISR] = 0x06000000;
> >                       } else {
> > @@ -1728,7 +1687,7 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
> >                       /* eciwx or ecowx */
> >                       cs->exception_index = POWERPC_EXCP_DSI;
> >                       env->error_code = 0;
> > -                    env->spr[SPR_DAR] = address;
> > +                    env->spr[SPR_DAR] = eaddr;
> >                       if (access_type == MMU_DATA_STORE) {
> >                           env->spr[SPR_DSISR] = 0x06100000;
> >                       } else {
> > @@ -1740,16 +1699,14 @@ static int cpu_ppc_handle_mmu_fault(CPUPPCState *env, target_ulong address,
> >                       cs->exception_index = POWERPC_EXCP_PROGRAM;
> >                       env->error_code =
> >                           POWERPC_EXCP_INVAL | POWERPC_EXCP_INVAL_INVAL;
> > -                    env->spr[SPR_DAR] = address;
> > +                    env->spr[SPR_DAR] = eaddr;
> >                       break;
> >                   }
> >                   break;
> >               }
> >           }
> > -        ret = 1;
> >       }
> > -
> > -    return ret;
> > +    return false;
> >   }
> >   /*****************************************************************************/
> > @@ -2958,6 +2915,62 @@ void helper_check_tlb_flush_global(CPUPPCState *env)
> >   /*****************************************************************************/
> > +static int cpu_ppc_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
> > +                                    MMUAccessType access_type, int mmu_idx)
> > +{
> > +    CPUState *cs = CPU(cpu);
> > +    int page_size, prot;
> > +    hwaddr raddr;
> > +
> > +    if (!ppc_jumbo_xlate(cpu, eaddr, access_type, &raddr,
> > +                         &page_size, &prot, mmu_idx, true)) {
> > +        return 1;
> > +    }
> > +
> > +    tlb_set_page(cs, eaddr & TARGET_PAGE_MASK, raddr & TARGET_PAGE_MASK,
> > +                 prot, mmu_idx, 1UL << page_size);
> > +    return 0;
> > +}
> > +
> > +hwaddr ppc_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
> > +{
> > +    PowerPCCPU *cpu = POWERPC_CPU(cs);
> > +    CPUPPCState *env = &cpu->env;
> > +    hwaddr raddr;
> > +    int s, p;
> > +
> > +    switch (env->mmu_model) {
> > +#if defined(TARGET_PPC64)
> > +    case POWERPC_MMU_64B:
> > +    case POWERPC_MMU_2_03:
> > +    case POWERPC_MMU_2_06:
> > +    case POWERPC_MMU_2_07:
> > +        return ppc_hash64_get_phys_page_debug(cpu, addr);
> > +    case POWERPC_MMU_3_00:
> > +        return ppc64_v3_get_phys_page_debug(cpu, addr);
> > +#endif
> > +
> > +    case POWERPC_MMU_32B:
> > +    case POWERPC_MMU_601:
> > +        return ppc_hash32_get_phys_page_debug(cpu, addr);
> > +
> > +    default:
> > +        ;
> > +    }
> > +
> > +    /*
> > +     * Some MMUs have separate TLBs for code and data. If we only
> > +     * try an MMU_DATA_LOAD, we may not be able to read instructions
> > +     * mapped by code TLBs, so we also try a MMU_INST_FETCH.
> > +     */
> > +    if (ppc_jumbo_xlate(cpu, addr, MMU_DATA_LOAD, &raddr, &s, &p, 0, false) ||
> > +        ppc_jumbo_xlate(cpu, addr, MMU_INST_FETCH, &raddr, &s, &p, 0, false)) {
> > +        return raddr & TARGET_PAGE_MASK;
> > +    }
> > +    return -1;
> > +}
> > +
> > +
> >   bool ppc_cpu_tlb_fill(CPUState *cs, vaddr addr, int size,
> >                         MMUAccessType access_type, int mmu_idx,
> >                         bool probe, uintptr_t retaddr)
> > @@ -2985,7 +2998,7 @@ bool ppc_cpu_tlb_fill(CPUState *cs, vaddr addr, int size,
> >           break;
> >       default:
> > -        ret = cpu_ppc_handle_mmu_fault(env, addr, access_type, mmu_idx);
> > +        ret = cpu_ppc_handle_mmu_fault(cpu, addr, access_type, mmu_idx);
> >           break;
> >       }
> >       if (unlikely(ret != 0)) {

-- 
David Gibson			| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au	| minimalist, thank you.  NOT _the_ _other_
				| _way_ _around_!
http://www.ozlabs.org/~dgibson

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 00/24] target/ppc: Clean up mmu translation
  2021-05-19 22:47     ` Richard Henderson
@ 2021-05-24  3:26       ` David Gibson
  2021-05-24  4:47         ` Richard Henderson
  2021-05-24 12:16         ` Bruno Piazera Larsen
  0 siblings, 2 replies; 46+ messages in thread
From: David Gibson @ 2021-05-24  3:26 UTC (permalink / raw)
  To: Richard Henderson; +Cc: qemu-ppc, qemu-devel

[-- Attachment #1: Type: text/plain, Size: 4329 bytes --]

On Wed, May 19, 2021 at 05:47:05PM -0500, Richard Henderson wrote:
> On 5/19/21 3:37 PM, Richard Henderson wrote:
> > On 5/18/21 9:52 PM, David Gibson wrote:
> > > I've applied 1..15, still looking at the rest.
> > 
> > Please dequeue.  I want to create a new mmu-internal.h, which affects
> > all the patches from #1.
> 
> Alternately, don't.  I can move the function later, and it may be a while
> before I can get back to this.

Ok, I'll leave them in, since they're good cleanups even without the
rest of the series.

> 
> Two outstanding bugs:
> 
> (1) mmu-radix64.c vs hypervisors.  You'll not see these unless you run kvm
> inside of tcg.
> 
> Basically, all usage of msr_{hv,pr,ir,dr} within ppc_*_xlate is incorrect.
> We should be pulling these from the 3 bits of mmu_idx, as outlined in the
> table in hreg_compute_hflags_value.

Ah, that's probably my fault.  I reworked those substantially from the
original code (closer to mmu_helper.c).  I guess I didn't (and I
suspect I still don't) really understand how the softmmu works.

> When you start propagating that around, you see that the second-level
> translation for loading the pte (2 of the 3 calls to
> ppc_radix64_partition_scoped_xlate) should not be using the mmu_idx related
> to the user-mode guest access, but should be using the mmu_idx of the
> kernel/hypervisor that owns the page table.
> 
> I can't see that mmu-radix64.c has the same problem.  I'm not really sure
> how the second-level translation for hypervisors works there.  Is it by the
> hypervisor altering the hash table as it is loaded?

Uh.. you started by saying mmu-radix64.c then talked about the hash
table, so I'm not sure which model you're talking about.

For hash + hypervisor, then yes, there is no hardware 2-level
translation, it all works by paravirtualizing updates to the hash
table (this is the H_ENTER etc. code in hw/ppc/spapr_softmmu.c).

> (2) The direct-segment accesses for 6xx and hash32 use ACCESS_* to
> conditionally reject an mmu access.  This is flawed, because we only arrive
> into these translation routines on the softtlb slow path.  If we have an
> ACCESS_INT and then an ACCESS_FLOAT, the first will load a tlb entry which
> the second will use to stay on the fast path.
> 
> There are several possible solutions:
> 
>  (A) Give tlb_set_page size == 1 for direct-segment addresses.
>      This will cause cputlb.c to force all references to the page
>      back through the slow path and through tlb_fill.  At which
>      point env->access_type is correct for each access, and we
>      can reject on type.
> 
>      This could be really slow.  But since these direct-segment
>      accesses are also uncached, I would expect the guest OS to
>      only be using them for i/o access.  Which is already slow,
>      so perhaps the extra trip through tlb_fill isn't noticeable.
> 
>  (B) Use additional mmu_idx.  Not ideal, since we wouldn't be
>      sharing softtlb entries for ACCESS_INT and ACCESS_FLOAT
>      and ACCESS_RES for the normal case.  But the relevant
>      mmu_models do not have hypervisor support, so we could
>      still fit them in to 8 mmu_idx.  We'd probably want to
>      use special code for ACCESS_CACHE and ACCESS_EXT here.
> 
>  (C) Ignore this special case entirely, dropping everything
>      related to env->access_type.  The section of code that
>      uses them is all for really old machine types with
>      comments like
> 
>         /* Direct-store segment : absolutely *BUGGY* for now */
> 
>      which is not encouraging.  And short of writing our own
>      test cases we're not likely to have any code to exercise
>      this.

Indeed.  Direct store segments are basically ancient history of the
POWER architecture which Linux never used, and I don't think much else
did either.  So I'm inclined to go with

  (D) Just rip out all the direct store segment code and replace with
      some LOG_UNIMPs.  Re-adding it working can be the job of the
      probably non-existent person who has an actual use case using
      them.

-- 
David Gibson			| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au	| minimalist, thank you.  NOT _the_ _other_
				| _way_ _around_!
http://www.ozlabs.org/~dgibson

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 16/24] target/ppc: Remove PowerPCCPUClass.handle_mmu_fault
  2021-05-18 20:11 ` [PATCH 16/24] target/ppc: Remove PowerPCCPUClass.handle_mmu_fault Richard Henderson
  2021-05-19 13:02   ` Bruno Piazera Larsen
@ 2021-05-24  3:28   ` David Gibson
  2021-05-24  4:36     ` Richard Henderson
  1 sibling, 1 reply; 46+ messages in thread
From: David Gibson @ 2021-05-24  3:28 UTC (permalink / raw)
  To: Richard Henderson; +Cc: qemu-ppc, qemu-devel

[-- Attachment #1: Type: text/plain, Size: 11075 bytes --]

On Tue, May 18, 2021 at 03:11:38PM -0500, Richard Henderson wrote:
> Instead, use a switch on env->mmu_model.  This avoids some
> replicated information in cpu setup.

I have mixed feelings about this, since I introduced
pcc->handle_mmu_fault specifically to get rid of the nasty
mega-switch, with the hope of eventually getting rid of env->mmu_model
entirely.

But.. it does simplify your patch series, which makes a good change
overall.

> 
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
>  target/ppc/cpu-qom.h    |  1 -
>  target/ppc/cpu_init.c   | 45 -----------------------------------------
>  target/ppc/mmu_helper.c | 24 ++++++++++++++++++----
>  3 files changed, 20 insertions(+), 50 deletions(-)
> 
> diff --git a/target/ppc/cpu-qom.h b/target/ppc/cpu-qom.h
> index 06b6571bc9..3b14d2f134 100644
> --- a/target/ppc/cpu-qom.h
> +++ b/target/ppc/cpu-qom.h
> @@ -198,7 +198,6 @@ struct PowerPCCPUClass {
>      int n_host_threads;
>      void (*init_proc)(CPUPPCState *env);
>      int  (*check_pow)(CPUPPCState *env);
> -    int (*handle_mmu_fault)(PowerPCCPU *cpu, vaddr eaddr, int rwx, int mmu_idx);
>      bool (*interrupts_big_endian)(PowerPCCPU *cpu);
>  };
>  
> diff --git a/target/ppc/cpu_init.c b/target/ppc/cpu_init.c
> index d0fa219880..d33aded7cf 100644
> --- a/target/ppc/cpu_init.c
> +++ b/target/ppc/cpu_init.c
> @@ -4580,9 +4580,6 @@ POWERPC_FAMILY(601)(ObjectClass *oc, void *data)
>                      (1ull << MSR_IR) |
>                      (1ull << MSR_DR);
>      pcc->mmu_model = POWERPC_MMU_601;
> -#if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
> -#endif
>      pcc->excp_model = POWERPC_EXCP_601;
>      pcc->bus_model = PPC_FLAGS_INPUT_6xx;
>      pcc->bfd_mach = bfd_mach_ppc_601;
> @@ -4625,9 +4622,6 @@ POWERPC_FAMILY(601v)(ObjectClass *oc, void *data)
>                      (1ull << MSR_IR) |
>                      (1ull << MSR_DR);
>      pcc->mmu_model = POWERPC_MMU_601;
> -#if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
> -#endif
>      pcc->bus_model = PPC_FLAGS_INPUT_6xx;
>      pcc->bfd_mach = bfd_mach_ppc_601;
>      pcc->flags = POWERPC_FLAG_SE | POWERPC_FLAG_RTC_CLK | POWERPC_FLAG_HID0_LE;
> @@ -4891,9 +4885,6 @@ POWERPC_FAMILY(604)(ObjectClass *oc, void *data)
>                      (1ull << MSR_RI) |
>                      (1ull << MSR_LE);
>      pcc->mmu_model = POWERPC_MMU_32B;
> -#if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
> -#endif
>      pcc->excp_model = POWERPC_EXCP_604;
>      pcc->bus_model = PPC_FLAGS_INPUT_6xx;
>      pcc->bfd_mach = bfd_mach_ppc_604;
> @@ -4975,9 +4966,6 @@ POWERPC_FAMILY(604E)(ObjectClass *oc, void *data)
>                      (1ull << MSR_RI) |
>                      (1ull << MSR_LE);
>      pcc->mmu_model = POWERPC_MMU_32B;
> -#if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
> -#endif
>      pcc->excp_model = POWERPC_EXCP_604;
>      pcc->bus_model = PPC_FLAGS_INPUT_6xx;
>      pcc->bfd_mach = bfd_mach_ppc_604;
> @@ -5046,9 +5034,6 @@ POWERPC_FAMILY(740)(ObjectClass *oc, void *data)
>                      (1ull << MSR_RI) |
>                      (1ull << MSR_LE);
>      pcc->mmu_model = POWERPC_MMU_32B;
> -#if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
> -#endif
>      pcc->excp_model = POWERPC_EXCP_7x0;
>      pcc->bus_model = PPC_FLAGS_INPUT_6xx;
>      pcc->bfd_mach = bfd_mach_ppc_750;
> @@ -5126,9 +5111,6 @@ POWERPC_FAMILY(750)(ObjectClass *oc, void *data)
>                      (1ull << MSR_RI) |
>                      (1ull << MSR_LE);
>      pcc->mmu_model = POWERPC_MMU_32B;
> -#if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
> -#endif
>      pcc->excp_model = POWERPC_EXCP_7x0;
>      pcc->bus_model = PPC_FLAGS_INPUT_6xx;
>      pcc->bfd_mach = bfd_mach_ppc_750;
> @@ -5329,9 +5311,6 @@ POWERPC_FAMILY(750cl)(ObjectClass *oc, void *data)
>                      (1ull << MSR_RI) |
>                      (1ull << MSR_LE);
>      pcc->mmu_model = POWERPC_MMU_32B;
> -#if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
> -#endif
>      pcc->excp_model = POWERPC_EXCP_7x0;
>      pcc->bus_model = PPC_FLAGS_INPUT_6xx;
>      pcc->bfd_mach = bfd_mach_ppc_750;
> @@ -5412,9 +5391,6 @@ POWERPC_FAMILY(750cx)(ObjectClass *oc, void *data)
>                      (1ull << MSR_RI) |
>                      (1ull << MSR_LE);
>      pcc->mmu_model = POWERPC_MMU_32B;
> -#if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
> -#endif
>      pcc->excp_model = POWERPC_EXCP_7x0;
>      pcc->bus_model = PPC_FLAGS_INPUT_6xx;
>      pcc->bfd_mach = bfd_mach_ppc_750;
> @@ -5500,9 +5476,6 @@ POWERPC_FAMILY(750fx)(ObjectClass *oc, void *data)
>                      (1ull << MSR_RI) |
>                      (1ull << MSR_LE);
>      pcc->mmu_model = POWERPC_MMU_32B;
> -#if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
> -#endif
>      pcc->excp_model = POWERPC_EXCP_7x0;
>      pcc->bus_model = PPC_FLAGS_INPUT_6xx;
>      pcc->bfd_mach = bfd_mach_ppc_750;
> @@ -5588,9 +5561,6 @@ POWERPC_FAMILY(750gx)(ObjectClass *oc, void *data)
>                      (1ull << MSR_RI) |
>                      (1ull << MSR_LE);
>      pcc->mmu_model = POWERPC_MMU_32B;
> -#if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
> -#endif
>      pcc->excp_model = POWERPC_EXCP_7x0;
>      pcc->bus_model = PPC_FLAGS_INPUT_6xx;
>      pcc->bfd_mach = bfd_mach_ppc_750;
> @@ -5830,9 +5800,6 @@ POWERPC_FAMILY(7400)(ObjectClass *oc, void *data)
>                      (1ull << MSR_RI) |
>                      (1ull << MSR_LE);
>      pcc->mmu_model = POWERPC_MMU_32B;
> -#if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
> -#endif
>      pcc->excp_model = POWERPC_EXCP_74xx;
>      pcc->bus_model = PPC_FLAGS_INPUT_6xx;
>      pcc->bfd_mach = bfd_mach_ppc_7400;
> @@ -5916,9 +5883,6 @@ POWERPC_FAMILY(7410)(ObjectClass *oc, void *data)
>                      (1ull << MSR_RI) |
>                      (1ull << MSR_LE);
>      pcc->mmu_model = POWERPC_MMU_32B;
> -#if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
> -#endif
>      pcc->excp_model = POWERPC_EXCP_74xx;
>      pcc->bus_model = PPC_FLAGS_INPUT_6xx;
>      pcc->bfd_mach = bfd_mach_ppc_7400;
> @@ -6745,9 +6709,6 @@ POWERPC_FAMILY(e600)(ObjectClass *oc, void *data)
>                      (1ull << MSR_RI) |
>                      (1ull << MSR_LE);
>      pcc->mmu_model = POWERPC_MMU_32B;
> -#if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash32_handle_mmu_fault;
> -#endif
>      pcc->excp_model = POWERPC_EXCP_74xx;
>      pcc->bus_model = PPC_FLAGS_INPUT_6xx;
>      pcc->bfd_mach = bfd_mach_ppc_7400;
> @@ -7507,7 +7468,6 @@ POWERPC_FAMILY(970)(ObjectClass *oc, void *data)
>                      (1ull << MSR_RI);
>      pcc->mmu_model = POWERPC_MMU_64B;
>  #if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash64_handle_mmu_fault;
>      pcc->hash64_opts = &ppc_hash64_opts_basic;
>  #endif
>      pcc->excp_model = POWERPC_EXCP_970;
> @@ -7585,7 +7545,6 @@ POWERPC_FAMILY(POWER5P)(ObjectClass *oc, void *data)
>          LPCR_RMI | LPCR_HDICE;
>      pcc->mmu_model = POWERPC_MMU_2_03;
>  #if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash64_handle_mmu_fault;
>      pcc->hash64_opts = &ppc_hash64_opts_basic;
>      pcc->lrg_decr_bits = 32;
>  #endif
> @@ -7729,7 +7688,6 @@ POWERPC_FAMILY(POWER7)(ObjectClass *oc, void *data)
>      pcc->lpcr_pm = LPCR_P7_PECE0 | LPCR_P7_PECE1 | LPCR_P7_PECE2;
>      pcc->mmu_model = POWERPC_MMU_2_06;
>  #if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash64_handle_mmu_fault;
>      pcc->hash64_opts = &ppc_hash64_opts_POWER7;
>      pcc->lrg_decr_bits = 32;
>  #endif
> @@ -7906,7 +7864,6 @@ POWERPC_FAMILY(POWER8)(ObjectClass *oc, void *data)
>                     LPCR_P8_PECE3 | LPCR_P8_PECE4;
>      pcc->mmu_model = POWERPC_MMU_2_07;
>  #if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc_hash64_handle_mmu_fault;
>      pcc->hash64_opts = &ppc_hash64_opts_POWER7;
>      pcc->lrg_decr_bits = 32;
>      pcc->n_host_threads = 8;
> @@ -8122,7 +8079,6 @@ POWERPC_FAMILY(POWER9)(ObjectClass *oc, void *data)
>      pcc->lpcr_pm = LPCR_PDEE | LPCR_HDEE | LPCR_EEE | LPCR_DEE | LPCR_OEE;
>      pcc->mmu_model = POWERPC_MMU_3_00;
>  #if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc64_v3_handle_mmu_fault;
>      /* segment page size remain the same */
>      pcc->hash64_opts = &ppc_hash64_opts_POWER7;
>      pcc->radix_page_info = &POWER9_radix_page_info;
> @@ -8334,7 +8290,6 @@ POWERPC_FAMILY(POWER10)(ObjectClass *oc, void *data)
>      pcc->lpcr_pm = LPCR_PDEE | LPCR_HDEE | LPCR_EEE | LPCR_DEE | LPCR_OEE;
>      pcc->mmu_model = POWERPC_MMU_3_00;
>  #if defined(CONFIG_SOFTMMU)
> -    pcc->handle_mmu_fault = ppc64_v3_handle_mmu_fault;
>      /* segment page size remain the same */
>      pcc->hash64_opts = &ppc_hash64_opts_POWER7;
>      pcc->radix_page_info = &POWER10_radix_page_info;
> diff --git a/target/ppc/mmu_helper.c b/target/ppc/mmu_helper.c
> index ef634fcb33..863e556a22 100644
> --- a/target/ppc/mmu_helper.c
> +++ b/target/ppc/mmu_helper.c
> @@ -2963,14 +2963,30 @@ bool ppc_cpu_tlb_fill(CPUState *cs, vaddr addr, int size,
>                        bool probe, uintptr_t retaddr)
>  {
>      PowerPCCPU *cpu = POWERPC_CPU(cs);
> -    PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cs);
>      CPUPPCState *env = &cpu->env;
>      int ret;
>  
> -    if (pcc->handle_mmu_fault) {
> -        ret = pcc->handle_mmu_fault(cpu, addr, access_type, mmu_idx);
> -    } else {
> +    switch (env->mmu_model) {
> +#if defined(TARGET_PPC64)
> +    case POWERPC_MMU_64B:
> +    case POWERPC_MMU_2_03:
> +    case POWERPC_MMU_2_06:
> +    case POWERPC_MMU_2_07:
> +        ret = ppc_hash64_handle_mmu_fault(cpu, addr, access_type, mmu_idx);
> +        break;
> +    case POWERPC_MMU_3_00:
> +        ret = ppc64_v3_handle_mmu_fault(cpu, addr, access_type, mmu_idx);
> +        break;
> +#endif
> +
> +    case POWERPC_MMU_32B:
> +    case POWERPC_MMU_601:
> +        ret = ppc_hash32_handle_mmu_fault(cpu, addr, access_type, mmu_idx);
> +        break;
> +
> +    default:
>          ret = cpu_ppc_handle_mmu_fault(env, addr, access_type, mmu_idx);
> +        break;
>      }
>      if (unlikely(ret != 0)) {
>          if (probe) {

-- 
David Gibson			| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au	| minimalist, thank you.  NOT _the_ _other_
				| _way_ _around_!
http://www.ozlabs.org/~dgibson

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 16/24] target/ppc: Remove PowerPCCPUClass.handle_mmu_fault
  2021-05-24  3:28   ` David Gibson
@ 2021-05-24  4:36     ` Richard Henderson
  2021-05-24  5:11       ` David Gibson
  0 siblings, 1 reply; 46+ messages in thread
From: Richard Henderson @ 2021-05-24  4:36 UTC (permalink / raw)
  To: David Gibson; +Cc: qemu-ppc, qemu-devel

On 5/23/21 10:28 PM, David Gibson wrote:
> On Tue, May 18, 2021 at 03:11:38PM -0500, Richard Henderson wrote:
>> Instead, use a switch on env->mmu_model.  This avoids some
>> replicated information in cpu setup.
> 
> I have mixed feelings about this, since I introduced
> pcc->handle_mmu_fault specifically to get rid of the nasty
> mega-switch, with the hope of eventually getting rid of env->mmu_model
> entirely.
> 
> But.. it does simplify your patch series, which makes a good change
> overall.

Having browsed the mmu code for a while, I would imagine a good change would be 
to have several hooks, and the mmu_model enum, all in the same const struct. 
But the current situation is untennable.


r~


^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 00/24] target/ppc: Clean up mmu translation
  2021-05-24  3:26       ` David Gibson
@ 2021-05-24  4:47         ` Richard Henderson
  2021-05-24 12:16         ` Bruno Piazera Larsen
  1 sibling, 0 replies; 46+ messages in thread
From: Richard Henderson @ 2021-05-24  4:47 UTC (permalink / raw)
  To: David Gibson; +Cc: qemu-ppc, qemu-devel

On 5/23/21 10:26 PM, David Gibson wrote:
> On Wed, May 19, 2021 at 05:47:05PM -0500, Richard Henderson wrote:
>> On 5/19/21 3:37 PM, Richard Henderson wrote:
>>> On 5/18/21 9:52 PM, David Gibson wrote:
>>>> I've applied 1..15, still looking at the rest.
>>>
>>> Please dequeue.  I want to create a new mmu-internal.h, which affects
>>> all the patches from #1.
>>
>> Alternately, don't.  I can move the function later, and it may be a while
>> before I can get back to this.
> 
> Ok, I'll leave them in, since they're good cleanups even without the
> rest of the series.
> 
>>
>> Two outstanding bugs:
>>
>> (1) mmu-radix64.c vs hypervisors.  You'll not see these unless you run kvm
>> inside of tcg.
>>
>> Basically, all usage of msr_{hv,pr,ir,dr} within ppc_*_xlate is incorrect.
>> We should be pulling these from the 3 bits of mmu_idx, as outlined in the
>> table in hreg_compute_hflags_value.
> 
> Ah, that's probably my fault.  I reworked those substantially from the
> original code (closer to mmu_helper.c).  I guess I didn't (and I
> suspect I still don't) really understand how the softmmu works.
> 
>> When you start propagating that around, you see that the second-level
>> translation for loading the pte (2 of the 3 calls to
>> ppc_radix64_partition_scoped_xlate) should not be using the mmu_idx related
>> to the user-mode guest access, but should be using the mmu_idx of the
>> kernel/hypervisor that owns the page table.
>>
>> I can't see that mmu-radix64.c has the same problem.  I'm not really sure
>> how the second-level translation for hypervisors works there.  Is it by the
>> hypervisor altering the hash table as it is loaded?
> 
> Uh.. you started by saying mmu-radix64.c then talked about the hash
> table, so I'm not sure which model you're talking about.

radix64 definitely has a problem.
Then I wondered if hash64 had the same problem.

> 
> For hash + hypervisor, then yes, there is no hardware 2-level
> translation, it all works by paravirtualizing updates to the hash
> table (this is the H_ENTER etc. code in hw/ppc/spapr_softmmu.c).

Ah, gotcha.  So, no, hash64 is unaffected.

> Indeed.  Direct store segments are basically ancient history of the
> POWER architecture which Linux never used, and I don't think much else
> did either.  So I'm inclined to go with
> 
>    (D) Just rip out all the direct store segment code and replace with
>        some LOG_UNIMPs.  Re-adding it working can be the job of the
>        probably non-existent person who has an actual use case using
>        them.

Fair enough.


r~


^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 16/24] target/ppc: Remove PowerPCCPUClass.handle_mmu_fault
  2021-05-24  4:36     ` Richard Henderson
@ 2021-05-24  5:11       ` David Gibson
  0 siblings, 0 replies; 46+ messages in thread
From: David Gibson @ 2021-05-24  5:11 UTC (permalink / raw)
  To: Richard Henderson; +Cc: qemu-ppc, qemu-devel

[-- Attachment #1: Type: text/plain, Size: 1058 bytes --]

On Sun, May 23, 2021 at 11:36:44PM -0500, Richard Henderson wrote:
65;6401;1c> On 5/23/21 10:28 PM, David Gibson wrote:
> > On Tue, May 18, 2021 at 03:11:38PM -0500, Richard Henderson wrote:
> > > Instead, use a switch on env->mmu_model.  This avoids some
> > > replicated information in cpu setup.
> > 
> > I have mixed feelings about this, since I introduced
> > pcc->handle_mmu_fault specifically to get rid of the nasty
> > mega-switch, with the hope of eventually getting rid of env->mmu_model
> > entirely.
> > 
> > But.. it does simplify your patch series, which makes a good change
> > overall.
> 
> Having browsed the mmu code for a while, I would imagine a good change would
> be to have several hooks, and the mmu_model enum, all in the same const
> struct. But the current situation is untennable.

Yeah, fair.

> 
> 
> r~
> 

-- 
David Gibson			| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au	| minimalist, thank you.  NOT _the_ _other_
				| _way_ _around_!
http://www.ozlabs.org/~dgibson

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 00/24] target/ppc: Clean up mmu translation
  2021-05-24  3:26       ` David Gibson
  2021-05-24  4:47         ` Richard Henderson
@ 2021-05-24 12:16         ` Bruno Piazera Larsen
  1 sibling, 0 replies; 46+ messages in thread
From: Bruno Piazera Larsen @ 2021-05-24 12:16 UTC (permalink / raw)
  To: David Gibson, Richard Henderson
  Cc: Lucas Mateus Castro (alqotel), qemu-ppc, qemu-devel, Fabiano Rosas

[-- Attachment #1: Type: text/plain, Size: 1335 bytes --]


On 24/05/2021 00:26, David Gibson wrote:
> On Wed, May 19, 2021 at 05:47:05PM -0500, Richard Henderson wrote:
>> On 5/19/21 3:37 PM, Richard Henderson wrote:
>>> On 5/18/21 9:52 PM, David Gibson wrote:
>>>> I've applied 1..15, still looking at the rest.
>>> Please dequeue.  I want to create a new mmu-internal.h, which affects
>>> all the patches from #1.
>> Alternately, don't.  I can move the function later, and it may be a while
>> before I can get back to this.
> Ok, I'll leave them in, since they're good cleanups even without the
> rest of the series.

Just as a heads up, for the disable-tcg to work, we need the rest of the 
patches, so we sort of need the rest as soon as possible.

 From a quick conversation with farosas (cc'ed here), I think these 
might be old bugs (or at least one of them were, and I'm missing 
something), which either me or lucas (also cc'ed) were planning on 
tackling next.

If my understanding is correct, I don't think we lose anything by 
applying those and we finally support the disable flag.

-- 
Bruno Piazera Larsen
Instituto de Pesquisas ELDORADO 
<https://www.eldorado.org.br/?utm_campaign=assinatura_de_e-mail&utm_medium=email&utm_source=RD+Station>
Departamento Computação Embarcada
Analista de Software Trainee
Aviso Legal - Disclaimer <https://www.eldorado.org.br/disclaimer.html>

[-- Attachment #2: Type: text/html, Size: 2323 bytes --]

^ permalink raw reply	[flat|nested] 46+ messages in thread

end of thread, other threads:[~2021-05-24 12:18 UTC | newest]

Thread overview: 46+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-05-18 20:11 [PATCH 00/24] target/ppc: Clean up mmu translation Richard Henderson
2021-05-18 20:11 ` [PATCH 01/24] target/ppc: Introduce prot_for_access_type Richard Henderson
2021-05-18 20:11 ` [PATCH 02/24] target/ppc: Use MMUAccessType in mmu-radix64.c Richard Henderson
2021-05-18 20:11 ` [PATCH 03/24] target/ppc: Use MMUAccessType in mmu-hash64.c Richard Henderson
2021-05-18 20:11 ` [PATCH 04/24] target/ppc: Use MMUAccessType in mmu-hash32.c Richard Henderson
2021-05-18 20:11 ` [PATCH 05/24] target/ppc: Rename access_type to type in mmu_helper.c Richard Henderson
2021-05-18 20:11 ` [PATCH 06/24] target/ppc: Use MMUAccessType " Richard Henderson
2021-05-18 20:11 ` [PATCH 07/24] target/ppc: Remove type argument from check_prot Richard Henderson
2021-05-18 20:11 ` [PATCH 08/24] target/ppc: Remove type argument from ppc6xx_tlb_pte_check Richard Henderson
2021-05-18 20:11 ` [PATCH 09/24] target/ppc: Remove type argument from ppc6xx_tlb_check Richard Henderson
2021-05-18 20:11 ` [PATCH 10/24] target/ppc: Remove type argument from get_bat_6xx_tlb Richard Henderson
2021-05-18 20:11 ` [PATCH 11/24] target/ppc: Remove type argument from mmu40x_get_physical_address Richard Henderson
2021-05-18 20:11 ` [PATCH 12/24] target/ppc: Remove type argument from mmubooke_check_tlb Richard Henderson
2021-05-18 20:11 ` [PATCH 13/24] target/ppc: Remove type argument from mmubooke_get_physical_address Richard Henderson
2021-05-18 20:11 ` [PATCH 14/24] target/ppc: Remove type argument from mmubooke206_check_tlb Richard Henderson
2021-05-18 20:11 ` [PATCH 15/24] target/ppc: Remove type argument for mmubooke206_get_physical_address Richard Henderson
2021-05-18 20:11 ` [PATCH 16/24] target/ppc: Remove PowerPCCPUClass.handle_mmu_fault Richard Henderson
2021-05-19 13:02   ` Bruno Piazera Larsen
2021-05-24  3:28   ` David Gibson
2021-05-24  4:36     ` Richard Henderson
2021-05-24  5:11       ` David Gibson
2021-05-18 20:11 ` [PATCH 17/24] target/ppc: Use MMUAccessType with *_handle_mmu_fault Richard Henderson
2021-05-19 13:02   ` Bruno Piazera Larsen
2021-05-18 20:11 ` [PATCH 18/24] target/ppc: Push real-mode handling into ppc_radix64_xlate Richard Henderson
2021-05-19 17:44   ` Bruno Piazera Larsen
2021-05-18 20:11 ` [PATCH 19/24] target/ppc: Use bool success for ppc_radix64_xlate Richard Henderson
2021-05-19 17:53   ` Bruno Piazera Larsen
2021-05-18 20:11 ` [PATCH 20/24] target/ppc: Split out ppc_hash64_xlate Richard Henderson
2021-05-19 18:09   ` Bruno Piazera Larsen
2021-05-18 20:11 ` [PATCH 21/24] target/ppc: Split out ppc_hash32_xlate Richard Henderson
2021-05-19 18:20   ` Bruno Piazera Larsen
2021-05-18 20:11 ` [PATCH 22/24] target/ppc: Split out ppc_jumbo_xlate Richard Henderson
2021-05-19 18:40   ` Bruno Piazera Larsen
2021-05-24  3:19     ` David Gibson
2021-05-18 20:11 ` [PATCH 23/24] target/ppc: Introduce ppc_xlate Richard Henderson
2021-05-19 18:53   ` Bruno Piazera Larsen
2021-05-18 20:11 ` [PATCH 24/24] target/ppc: Restrict ppc_cpu_tlb_fill to TCG Richard Henderson
2021-05-20 13:18   ` Bruno Piazera Larsen
2021-05-20 14:52     ` Richard Henderson
2021-05-20 17:13       ` Bruno Piazera Larsen
2021-05-19  2:52 ` [PATCH 00/24] target/ppc: Clean up mmu translation David Gibson
2021-05-19 20:37   ` Richard Henderson
2021-05-19 22:47     ` Richard Henderson
2021-05-24  3:26       ` David Gibson
2021-05-24  4:47         ` Richard Henderson
2021-05-24 12:16         ` Bruno Piazera Larsen

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.