* [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs
@ 2014-06-30 23:09 greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 01/33] target-arm: add cpu feature EL3 to CPUs with Security Extensions greg.bellows
` (34 more replies)
0 siblings, 35 replies; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Greg Bellows, serge.fdrv,
edgar.iglesias, christoffer.dall
From: Greg Bellows <greg.bellows@linaro.org>
Updated Fabian's v3 patchset for review comments. This patchset includes
changes in support of the security extension on v7 aarch32 with hooks for later
enabling v8 aarch64.
The patches are built upon and therefore dependent on v3 of Xilinx's second round of EL2/3 patches.
Summary of the changes from v3 -> v4:
* Conditionally register security CP registers.
* Fixed various bugs found in review
* Reverted back to EL array-notation in combination with explicit v7 naming
* Add functionality to handle migration of duplicate CP registrations
Fabian Aggeler (29):
target-arm: add cpu feature EL3 to CPUs with Security Extensions
target-arm: move Aarch32 SCR into security reglist
target-arm: increase arrays of registers R13 & R14
target-arm: add arm_is_secure() function
target-arm: make arm_current_pl() return PL3
target-arm: A32: Emulate the SMC instruction
target-arm: extend Aarch32 async excp masking
target-arm: extend Aarch64 SCR.{FIQ|IRQ} handling
target-arm: add async excp target_el&mode function
target-arm: use dedicated target_el function
target-arm: implement IRQ/FIQ routing to Monitor mode
target-arm: Respect SCR.FW, SCR.AW and SCTLR.NMFI
target-arm: add NSACR register
target-arm: add MVBAR support
target-arm: add macros to access banked registers
target-arm: insert Aarch32 cpregs twice into hashtable
target-arm: arrayfying fieldoffset for banking
target-arm: add SCTLR_EL3 and make SCTLR banked
target-arm: make CSSELR banked
target-arm: add TTBR0_EL3 and make TTBR0/1 banked
target-arm: add TCR_EL3 and make TTBCR banked
target-arm: make c2_mask and c2_base_mask banked
target-arm: make DACR banked
target-arm: make IFSR banked
target-arm: make DFSR banked
target-arm: make IFAR/DFAR banked
target-arm: make PAR banked
target-arm: make VBAR banked
target-arm: make c13 cp regs banked (FCSEIDR, ...)
Greg Bellows (1):
target-arm: Limit migration of duplicate CP regs
Sergey Fedorov (3):
target-arm: reject switching to monitor mode
target-arm: add non-secure Translation Block flag
target-arm: add SDER definition
hw/arm/pxa2xx.c | 4 +-
target-arm/cpu.c | 11 +-
target-arm/cpu.h | 446 +++++++++++++++++++++++++---
target-arm/helper.c | 722 +++++++++++++++++++++++++++++++++++----------
target-arm/internals.h | 5 +
target-arm/machine.c | 4 +-
target-arm/op_helper.c | 2 +-
target-arm/translate-a64.c | 1 +
target-arm/translate.c | 57 +++-
target-arm/translate.h | 1 +
10 files changed, 1019 insertions(+), 234 deletions(-)
--
1.8.3.2
^ permalink raw reply [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 01/33] target-arm: add cpu feature EL3 to CPUs with Security Extensions
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-09-02 16:34 ` Peter Maydell
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 02/33] target-arm: move Aarch32 SCR into security reglist greg.bellows
` (33 subsequent siblings)
34 siblings, 1 reply; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Fabian Aggeler, Greg Bellows,
serge.fdrv, edgar.iglesias, christoffer.dall
From: Fabian Aggeler <aggelerf@ethz.ch>
Set ARM_FEATURE_EL3 feature for CPUs that implement Security Extensions.
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/cpu.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/target-arm/cpu.c b/target-arm/cpu.c
index d77be99..46ee1fe 100644
--- a/target-arm/cpu.c
+++ b/target-arm/cpu.c
@@ -551,6 +551,7 @@ static void arm1176_initfn(Object *obj)
set_feature(&cpu->env, ARM_FEATURE_DUMMY_C15_REGS);
set_feature(&cpu->env, ARM_FEATURE_CACHE_DIRTY_REG);
set_feature(&cpu->env, ARM_FEATURE_CACHE_BLOCK_OPS);
+ set_feature(&cpu->env, ARM_FEATURE_EL3);
cpu->midr = 0x410fb767;
cpu->reset_fpsid = 0x410120b5;
cpu->mvfr0 = 0x11111111;
@@ -637,6 +638,7 @@ static void cortex_a8_initfn(Object *obj)
set_feature(&cpu->env, ARM_FEATURE_NEON);
set_feature(&cpu->env, ARM_FEATURE_THUMB2EE);
set_feature(&cpu->env, ARM_FEATURE_DUMMY_C15_REGS);
+ set_feature(&cpu->env, ARM_FEATURE_EL3);
cpu->midr = 0x410fc080;
cpu->reset_fpsid = 0x410330c0;
cpu->mvfr0 = 0x11110222;
@@ -703,6 +705,7 @@ static void cortex_a9_initfn(Object *obj)
set_feature(&cpu->env, ARM_FEATURE_VFP_FP16);
set_feature(&cpu->env, ARM_FEATURE_NEON);
set_feature(&cpu->env, ARM_FEATURE_THUMB2EE);
+ set_feature(&cpu->env, ARM_FEATURE_EL3);
/* Note that A9 supports the MP extensions even for
* A9UP and single-core A9MP (which are both different
* and valid configurations; we don't model A9UP).
@@ -769,6 +772,7 @@ static void cortex_a15_initfn(Object *obj)
set_feature(&cpu->env, ARM_FEATURE_DUMMY_C15_REGS);
set_feature(&cpu->env, ARM_FEATURE_CBAR_RO);
set_feature(&cpu->env, ARM_FEATURE_LPAE);
+ set_feature(&cpu->env, ARM_FEATURE_EL3);
cpu->kvm_target = QEMU_KVM_ARM_TARGET_CORTEX_A15;
cpu->midr = 0x412fc0f1;
cpu->reset_fpsid = 0x410430f0;
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 02/33] target-arm: move Aarch32 SCR into security reglist
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 01/33] target-arm: add cpu feature EL3 to CPUs with Security Extensions greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-07-01 8:15 ` Edgar E. Iglesias
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 03/33] target-arm: increase arrays of registers R13 & R14 greg.bellows
` (32 subsequent siblings)
34 siblings, 1 reply; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Sergey Fedorov, Fabian Aggeler,
Greg Bellows, serge.fdrv, edgar.iglesias, christoffer.dall
From: Fabian Aggeler <aggelerf@ethz.ch>
Define a new ARM CP register info list for the ARMv7 Security Extension
feature. Register that list only for ARM cores with Security Extension/EL3
support. Moving Aarch32 SCR into Security Extension register group.
Signed-off-by: Sergey Fedorov <s.fedorov@samsung.com>
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
------------------
v3 -> v4
- Renamed security_cp_reginfo to v7_el3_cp_reginfo
- Conditionalized define on whether v7 or v8 were enabled
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/helper.c | 17 +++++++++++++----
1 file changed, 13 insertions(+), 4 deletions(-)
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 7c4b801..1ea30fe 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -792,9 +792,6 @@ static const ARMCPRegInfo v7_cp_reginfo[] = {
.access = PL1_RW, .writefn = vbar_write,
.fieldoffset = offsetof(CPUARMState, cp15.vbar_el[1]),
.resetvalue = 0 },
- { .name = "SCR", .cp = 15, .crn = 1, .crm = 1, .opc1 = 0, .opc2 = 0,
- .access = PL1_RW, .fieldoffset = offsetof(CPUARMState, cp15.c1_scr),
- .resetvalue = 0, },
{ .name = "CCSIDR", .state = ARM_CP_STATE_BOTH,
.opc0 = 3, .crn = 0, .crm = 0, .opc1 = 1, .opc2 = 0,
.access = PL1_R, .readfn = ccsidr_read, .type = ARM_CP_NO_MIGRATE },
@@ -2227,6 +2224,13 @@ static const ARMCPRegInfo v8_el3_cp_reginfo[] = {
REGINFO_SENTINEL
};
+static const ARMCPRegInfo v7_el3_cp_reginfo[] = {
+ { .name = "SCR", .cp = 15, .crn = 1, .crm = 1, .opc1 = 0, .opc2 = 0,
+ .access = PL3_RW, .fieldoffset = offsetof(CPUARMState, cp15.scr_el3),
+ .resetvalue = 0, },
+ REGINFO_SENTINEL
+};
+
static void sctlr_write(CPUARMState *env, const ARMCPRegInfo *ri,
uint64_t value)
{
@@ -2489,7 +2493,12 @@ void register_cp_regs_for_features(ARMCPU *cpu)
}
}
if (arm_feature(env, ARM_FEATURE_EL3)) {
- define_arm_cp_regs(cpu, v8_el3_cp_reginfo);
+ if (arm_feature(env, ARM_FEATURE_V8)) {
+ define_arm_cp_regs(cpu, v8_el3_cp_reginfo);
+ }
+ if (arm_feature(env, ARM_FEATURE_V7)) {
+ define_arm_cp_regs(cpu, v7_el3_cp_reginfo);
+ }
}
if (arm_feature(env, ARM_FEATURE_MPU)) {
/* These are the MPU registers prior to PMSAv6. Any new
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 03/33] target-arm: increase arrays of registers R13 & R14
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 01/33] target-arm: add cpu feature EL3 to CPUs with Security Extensions greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 02/33] target-arm: move Aarch32 SCR into security reglist greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 04/33] target-arm: add arm_is_secure() function greg.bellows
` (31 subsequent siblings)
34 siblings, 0 replies; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Fabian Aggeler, Greg Bellows,
serge.fdrv, edgar.iglesias, christoffer.dall
From: Fabian Aggeler <aggelerf@ethz.ch>
Increasing banked_r13 and banked_r14 to store LR_mon and SP_mon (bank
index 7).
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/cpu.h | 4 ++--
target-arm/machine.c | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index 5accbde..ffc51f2 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -153,8 +153,8 @@ typedef struct CPUARMState {
/* Banked registers. */
uint64_t banked_spsr[8];
- uint32_t banked_r13[6];
- uint32_t banked_r14[6];
+ uint32_t banked_r13[8];
+ uint32_t banked_r14[8];
/* These hold r8-r12. */
uint32_t usr_regs[5];
diff --git a/target-arm/machine.c b/target-arm/machine.c
index 3bcc7cc..5ed495e 100644
--- a/target-arm/machine.c
+++ b/target-arm/machine.c
@@ -234,8 +234,8 @@ const VMStateDescription vmstate_arm_cpu = {
},
VMSTATE_UINT32(env.spsr, ARMCPU),
VMSTATE_UINT64_ARRAY(env.banked_spsr, ARMCPU, 8),
- VMSTATE_UINT32_ARRAY(env.banked_r13, ARMCPU, 6),
- VMSTATE_UINT32_ARRAY(env.banked_r14, ARMCPU, 6),
+ VMSTATE_UINT32_ARRAY(env.banked_r13, ARMCPU, 8),
+ VMSTATE_UINT32_ARRAY(env.banked_r14, ARMCPU, 8),
VMSTATE_UINT32_ARRAY(env.usr_regs, ARMCPU, 5),
VMSTATE_UINT32_ARRAY(env.fiq_regs, ARMCPU, 5),
VMSTATE_UINT64_ARRAY(env.elr_el, ARMCPU, 4),
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 04/33] target-arm: add arm_is_secure() function
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (2 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 03/33] target-arm: increase arrays of registers R13 & R14 greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-07-01 8:17 ` Edgar E. Iglesias
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 05/33] target-arm: reject switching to monitor mode greg.bellows
` (30 subsequent siblings)
34 siblings, 1 reply; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Sergey Fedorov, Fabian Aggeler,
Greg Bellows, serge.fdrv, edgar.iglesias, christoffer.dall
From: Fabian Aggeler <aggelerf@ethz.ch>
arm_is_secure() function allows to determine CPU security state
if the CPU implements Security Extensions/EL3.
arm_is_secure_below_el3() returns true if CPU is in secure state
below EL3.
Signed-off-by: Sergey Fedorov <s.fedorov@samsung.com>
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/cpu.h | 38 ++++++++++++++++++++++++++++++++++++++
1 file changed, 38 insertions(+)
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index ffc51f2..aba077b 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -726,6 +726,44 @@ static inline int arm_feature(CPUARMState *env, int feature)
return (env->features & (1ULL << feature)) != 0;
}
+
+/* Return true if exception level below EL3 is in secure state */
+static inline bool arm_is_secure_below_el3(CPUARMState *env)
+{
+#if !defined(CONFIG_USER_ONLY)
+ if (arm_feature(env, ARM_FEATURE_EL3)) {
+ return !(env->cp15.scr_el3 & SCR_NS);
+ } else if (arm_feature(env, ARM_FEATURE_EL2)) {
+ return false;
+ } else {
+ /* IMPDEF: QEMU defaults to non-secure */
+ return false;
+ }
+#else
+ return false;
+#endif
+}
+
+/* Return true if the processor is in secure state */
+static inline bool arm_is_secure(CPUARMState *env)
+{
+#if !defined(CONFIG_USER_ONLY)
+ if (arm_feature(env, ARM_FEATURE_EL3)) {
+ if (env->aarch64 && extract32(env->pstate, 2, 2) == 3) {
+ /* CPU currently in Aarch64 state and EL3 */
+ return true;
+ } else if (!env->aarch64 &&
+ (env->uncached_cpsr & CPSR_M) == ARM_CPU_MODE_MON) {
+ /* CPU currently in Aarch32 state and monitor mode */
+ return true;
+ }
+ }
+ return arm_is_secure_below_el3(env);
+#else
+ return false;
+#endif
+}
+
/* Return true if the specified exception level is running in AArch64 state. */
static inline bool arm_el_is_aa64(CPUARMState *env, int el)
{
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 05/33] target-arm: reject switching to monitor mode
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (3 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 04/33] target-arm: add arm_is_secure() function greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 06/33] target-arm: make arm_current_pl() return PL3 greg.bellows
` (29 subsequent siblings)
34 siblings, 0 replies; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Sergey Fedorov, Fabian Aggeler,
Greg Bellows, serge.fdrv, edgar.iglesias, christoffer.dall
From: Sergey Fedorov <s.fedorov@samsung.com>
...from non-secure state.
Signed-off-by: Sergey Fedorov <s.fedorov@samsung.com>
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/helper.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 1ea30fe..ed1e3c7 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -3064,6 +3064,8 @@ static int bad_mode_switch(CPUARMState *env, int mode)
case ARM_CPU_MODE_IRQ:
case ARM_CPU_MODE_FIQ:
return 0;
+ case ARM_CPU_MODE_MON:
+ return !arm_is_secure(env);
default:
return 1;
}
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 06/33] target-arm: make arm_current_pl() return PL3
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (4 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 05/33] target-arm: reject switching to monitor mode greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-08-26 14:29 ` Peter Maydell
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 07/33] target-arm: add non-secure Translation Block flag greg.bellows
` (28 subsequent siblings)
34 siblings, 1 reply; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Fabian Aggeler, Greg Bellows,
serge.fdrv, edgar.iglesias, christoffer.dall
From: Fabian Aggeler <aggelerf@ethz.ch>
Make arm_current_pl() return PL3 for secure PL1 and monitor mode.
Increase MMU modes since mmu_index is directly infered from arm_
current_pl(). Changes assertion in arm_el_is_aa64() to allow EL3.
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/cpu.h | 15 +++++++++------
1 file changed, 9 insertions(+), 6 deletions(-)
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index aba077b..1faf1e2 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -100,7 +100,7 @@ typedef uint32_t ARMReadCPFunc(void *opaque, int cp_info,
struct arm_boot_info;
-#define NB_MMU_MODES 2
+#define NB_MMU_MODES 4
/* We currently assume float and double are IEEE single and double
precision respectively.
@@ -726,7 +726,6 @@ static inline int arm_feature(CPUARMState *env, int feature)
return (env->features & (1ULL << feature)) != 0;
}
-
/* Return true if exception level below EL3 is in secure state */
static inline bool arm_is_secure_below_el3(CPUARMState *env)
{
@@ -767,11 +766,12 @@ static inline bool arm_is_secure(CPUARMState *env)
/* Return true if the specified exception level is running in AArch64 state. */
static inline bool arm_el_is_aa64(CPUARMState *env, int el)
{
- /* We don't currently support EL2 or EL3, and this isn't valid for EL0
+ /* We don't currently support EL2, and this isn't valid for EL0
* (if we're in EL0, is_a64() is what you want, and if we're not in EL0
* then the state of EL0 isn't well defined.)
*/
- assert(el == 1);
+ assert(el == 1 || el == 3);
+
/* AArch64-capable CPUs always run with EL1 in AArch64 mode. This
* is a QEMU-imposed simplification which we may wish to change later.
* If we in future support EL2 and/or EL3, then the state of lower
@@ -963,9 +963,12 @@ static inline int arm_current_pl(CPUARMState *env)
if ((env->uncached_cpsr & 0x1f) == ARM_CPU_MODE_USR) {
return 0;
+ } else if (arm_is_secure(env)) {
+ /* Secure PL1 and monitor mode are mapped to PL3 */
+ return 3;
}
- /* We don't currently implement the Virtualization or TrustZone
- * extensions, so PL2 and PL3 don't exist for us.
+ /* We currently do not implement the Virtualization extensions, so PL2 does
+ * not exist for us.
*/
return 1;
}
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 07/33] target-arm: add non-secure Translation Block flag
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (5 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 06/33] target-arm: make arm_current_pl() return PL3 greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-07-01 8:19 ` Edgar E. Iglesias
2014-09-02 16:11 ` Peter Maydell
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 08/33] target-arm: A32: Emulate the SMC instruction greg.bellows
` (27 subsequent siblings)
34 siblings, 2 replies; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Sergey Fedorov, Fabian Aggeler,
Greg Bellows, serge.fdrv, edgar.iglesias, christoffer.dall
From: Sergey Fedorov <s.fedorov@samsung.com>
This patch is based on idea found in patch at
git://github.com/jowinter/qemu-trustzone.git
f3d955c6c0ed8c46bc0eb10b634201032a651dd2 by
Johannes Winter <johannes.winter@iaik.tugraz.at>.
This flag prevents QEMU from executing TCG code generated for other CPU
security state. It also allows to generate different TCG code depending on
CPU secure state.
Signed-off-by: Sergey Fedorov <s.fedorov@samsung.com>
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/cpu.h | 10 ++++++++++
target-arm/translate-a64.c | 1 +
target-arm/translate.c | 3 +++
target-arm/translate.h | 1 +
4 files changed, 15 insertions(+)
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index 1faf1e2..44e0943 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -1291,6 +1291,8 @@ static inline int cpu_mmu_index (CPUARMState *env)
#define ARM_TBFLAG_BSWAP_CODE_MASK (1 << ARM_TBFLAG_BSWAP_CODE_SHIFT)
#define ARM_TBFLAG_CPACR_FPEN_SHIFT 17
#define ARM_TBFLAG_CPACR_FPEN_MASK (1 << ARM_TBFLAG_CPACR_FPEN_SHIFT)
+#define ARM_TBFLAG_NS_SHIFT 18
+#define ARM_TBFLAG_NS_MASK (1 << ARM_TBFLAG_NS_SHIFT)
/* Bit usage when in AArch64 state */
#define ARM_TBFLAG_AA64_EL_SHIFT 0
@@ -1321,6 +1323,8 @@ static inline int cpu_mmu_index (CPUARMState *env)
(((F) & ARM_TBFLAG_AA64_EL_MASK) >> ARM_TBFLAG_AA64_EL_SHIFT)
#define ARM_TBFLAG_AA64_FPEN(F) \
(((F) & ARM_TBFLAG_AA64_FPEN_MASK) >> ARM_TBFLAG_AA64_FPEN_SHIFT)
+#define ARM_TBFLAG_NS(F) \
+ (((F) & ARM_TBFLAG_NS_MASK) >> ARM_TBFLAG_NS_SHIFT)
static inline void cpu_get_tb_cpu_state(CPUARMState *env, target_ulong *pc,
target_ulong *cs_base, int *flags)
@@ -1334,6 +1338,9 @@ static inline void cpu_get_tb_cpu_state(CPUARMState *env, target_ulong *pc,
if (fpen == 3 || (fpen == 1 && arm_current_pl(env) != 0)) {
*flags |= ARM_TBFLAG_AA64_FPEN_MASK;
}
+ if (!arm_is_secure(env)) {
+ *flags |= ARM_TBFLAG_NS_MASK;
+ }
} else {
int privmode;
*pc = env->regs[15];
@@ -1350,6 +1357,9 @@ static inline void cpu_get_tb_cpu_state(CPUARMState *env, target_ulong *pc,
if (privmode) {
*flags |= ARM_TBFLAG_PRIV_MASK;
}
+ if (!arm_is_secure(env)) {
+ *flags |= ARM_TBFLAG_NS_MASK;
+ }
if (env->vfp.xregs[ARM_VFP_FPEXC] & (1 << 30)
|| arm_el_is_aa64(env, 1)) {
*flags |= ARM_TBFLAG_VFPEN_MASK;
diff --git a/target-arm/translate-a64.c b/target-arm/translate-a64.c
index 446d2cd..ad30903 100644
--- a/target-arm/translate-a64.c
+++ b/target-arm/translate-a64.c
@@ -10879,6 +10879,7 @@ void gen_intermediate_code_internal_a64(ARMCPU *cpu,
dc->condexec_cond = 0;
#if !defined(CONFIG_USER_ONLY)
dc->user = (ARM_TBFLAG_AA64_EL(tb->flags) == 0);
+ dc->ns = ARM_TBFLAG_NS(tb->flags);
#endif
dc->cpacr_fpen = ARM_TBFLAG_AA64_FPEN(tb->flags);
dc->vec_len = 0;
diff --git a/target-arm/translate.c b/target-arm/translate.c
index cf4e767..bf17952 100644
--- a/target-arm/translate.c
+++ b/target-arm/translate.c
@@ -53,8 +53,10 @@ static uint32_t gen_opc_condexec_bits[OPC_BUF_SIZE];
#if defined(CONFIG_USER_ONLY)
#define IS_USER(s) 1
+#define IS_NS(s) 1
#else
#define IS_USER(s) (s->user)
+#define IS_NS(s) (s->ns)
#endif
TCGv_ptr cpu_env;
@@ -10904,6 +10906,7 @@ static inline void gen_intermediate_code_internal(ARMCPU *cpu,
dc->condexec_cond = ARM_TBFLAG_CONDEXEC(tb->flags) >> 4;
#if !defined(CONFIG_USER_ONLY)
dc->user = (ARM_TBFLAG_PRIV(tb->flags) == 0);
+ dc->ns = ARM_TBFLAG_NS(tb->flags);
#endif
dc->cpacr_fpen = ARM_TBFLAG_CPACR_FPEN(tb->flags);
dc->vfp_enabled = ARM_TBFLAG_VFPEN(tb->flags);
diff --git a/target-arm/translate.h b/target-arm/translate.h
index 31a0104..6e8620a 100644
--- a/target-arm/translate.h
+++ b/target-arm/translate.h
@@ -19,6 +19,7 @@ typedef struct DisasContext {
int bswap_code;
#if !defined(CONFIG_USER_ONLY)
int user;
+ int ns;
#endif
bool cpacr_fpen; /* FP enabled via CPACR.FPEN */
bool vfp_enabled; /* FP enabled via FPSCR.EN */
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 08/33] target-arm: A32: Emulate the SMC instruction
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (6 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 07/33] target-arm: add non-secure Translation Block flag greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 09/33] target-arm: extend Aarch32 async excp masking greg.bellows
` (26 subsequent siblings)
34 siblings, 0 replies; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Sergey Fedorov, Fabian Aggeler,
Greg Bellows, serge.fdrv, edgar.iglesias, christoffer.dall
From: Fabian Aggeler <aggelerf@ethz.ch>
Implements SMC instruction in Aarch32 using the A32 syndrome. When executing
SMC instruction from monitor CPU mode SCR.NS bit is reset.
Signed-off-by: Sergey Fedorov <s.fedorov@samsung.com>
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/helper.c | 11 +++++++++++
target-arm/internals.h | 5 +++++
target-arm/translate.c | 35 +++++++++++++++++++++++++----------
3 files changed, 41 insertions(+), 10 deletions(-)
diff --git a/target-arm/helper.c b/target-arm/helper.c
index ed1e3c7..2e285ab 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -3603,6 +3603,12 @@ void arm_cpu_do_interrupt(CPUState *cs)
mask = CPSR_A | CPSR_I | CPSR_F;
offset = 4;
break;
+ case EXCP_SMC:
+ new_mode = ARM_CPU_MODE_MON;
+ addr = 0x08;
+ mask = CPSR_A | CPSR_I | CPSR_F;
+ offset = 0;
+ break;
default:
cpu_abort(cs, "Unhandled exception 0x%x\n", cs->exception_index);
return; /* Never happens. Keep compiler happy. */
@@ -3621,6 +3627,11 @@ void arm_cpu_do_interrupt(CPUState *cs)
*/
addr += env->cp15.vbar_el[1];
}
+
+ if ((env->uncached_cpsr & CPSR_M) == ARM_CPU_MODE_MON) {
+ env->cp15.scr_el3 &= ~SCR_NS;
+ }
+
switch_mode (env, new_mode);
env->spsr = cpsr_read(env);
/* Clear IT bits. */
diff --git a/target-arm/internals.h b/target-arm/internals.h
index 8815f7c..cda049a 100644
--- a/target-arm/internals.h
+++ b/target-arm/internals.h
@@ -224,6 +224,11 @@ static inline uint32_t syn_aa32_svc(uint16_t imm16, bool is_thumb)
| (is_thumb ? 0 : ARM_EL_IL);
}
+static inline uint32_t syn_aa32_smc(void)
+{
+ return (EC_AA32_SMC << ARM_EL_EC_SHIFT) | ARM_EL_IL;
+}
+
static inline uint32_t syn_aa64_bkpt(uint16_t imm16)
{
return (EC_AA64_BKPT << ARM_EL_EC_SHIFT) | ARM_EL_IL | imm16;
diff --git a/target-arm/translate.c b/target-arm/translate.c
index bf17952..f657389 100644
--- a/target-arm/translate.c
+++ b/target-arm/translate.c
@@ -7840,15 +7840,25 @@ static void disas_arm_insn(CPUARMState * env, DisasContext *s)
case 7:
{
int imm16 = extract32(insn, 0, 4) | (extract32(insn, 8, 12) << 4);
- /* SMC instruction (op1 == 3)
- and undefined instructions (op1 == 0 || op1 == 2)
- will trap */
- if (op1 != 1) {
+ if (op1 == 1) {
+ /* bkpt */
+ ARCH(5);
+ gen_exception_insn(s, 4, EXCP_BKPT,
+ syn_aa32_bkpt(imm16, false));
+ } else if (op1 == 3) {
+ /* smi/smc */
+ if (!arm_dc_feature(s, ARM_FEATURE_EL3) ||
+ s->current_pl == 0) {
+ goto illegal_op;
+ }
+ tmp = tcg_const_i32(syn_aa32_smc());
+ gen_set_pc_im(s, s->pc);
+ gen_helper_smc(cpu_env, tmp);
+ tcg_temp_free_i32(tmp);
+ break;
+ } else {
goto illegal_op;
}
- /* bkpt */
- ARCH(5);
- gen_exception_insn(s, 4, EXCP_BKPT, syn_aa32_bkpt(imm16, false));
break;
}
case 0x8: /* signed multiply */
@@ -9679,9 +9689,14 @@ static int disas_thumb2_insn(CPUARMState *env, DisasContext *s, uint16_t insn_hw
if (insn & (1 << 26)) {
/* Secure monitor call (v6Z) */
- qemu_log_mask(LOG_UNIMP,
- "arm: unimplemented secure monitor call\n");
- goto illegal_op; /* not implemented. */
+ if (!arm_dc_feature(s, ARM_FEATURE_EL3) ||
+ s->current_pl == 0) {
+ goto illegal_op;
+ }
+ tmp = tcg_const_i32(syn_aa32_smc());
+ gen_set_pc_im(s, s->pc);
+ gen_helper_smc(cpu_env, tmp);
+ tcg_temp_free_i32(tmp);
} else {
op = (insn >> 20) & 7;
switch (op) {
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 09/33] target-arm: extend Aarch32 async excp masking
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (7 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 08/33] target-arm: A32: Emulate the SMC instruction greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-07-01 8:22 ` Edgar E. Iglesias
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 10/33] target-arm: extend Aarch64 SCR.{FIQ|IRQ} handling greg.bellows
` (25 subsequent siblings)
34 siblings, 1 reply; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Fabian Aggeler, Greg Bellows,
serge.fdrv, edgar.iglesias, christoffer.dall
From: Fabian Aggeler <aggelerf@ethz.ch>
This patch extends arm_excp_unmasked() according to ARM ARMv7 and
ARM ARMv8 (all EL running in Aarch32) and adds comments.
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/cpu.h | 77 ++++++++++++++++++++++++++++++++++++++++++++------------
1 file changed, 61 insertions(+), 16 deletions(-)
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index 44e0943..fbd7cad 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -597,6 +597,8 @@ static inline void xpsr_write(CPUARMState *env, uint32_t val, uint32_t mask)
#define SCR_IRQ (1U << 1)
#define SCR_FIQ (1U << 2)
#define SCR_EA (1U << 3)
+#define SCR_FW (1U << 4)
+#define SCR_AW (1U << 5)
#define SCR_SMD (1U << 7)
#define SCR_HCE (1U << 8)
#define SCR_SIF (1U << 9)
@@ -1199,30 +1201,73 @@ static inline bool arm_excp_unmasked(CPUState *cs, unsigned int excp_idx)
{
CPUARMState *env = cs->env_ptr;
unsigned int cur_el = arm_current_pl(env);
- unsigned int target_el = arm_excp_target_el(cs, excp_idx);
- /* FIXME: Use actual secure state. */
- bool secure = false;
- /* Interrupts can only be hypervised and routed to
- * EL2 if we are in NS EL0/1.
- */
- bool irq_can_hyp = !secure && cur_el < 2 && target_el == 2;
+ bool secure = arm_is_secure(env);
+
bool irq_unmasked = ((IS_M(env) && env->regs[15] < 0xfffffff0)
|| !(env->daif & PSTATE_I));
- /* Don't take exceptions if they target a lower EL. */
- if (cur_el > target_el) {
- return false;
- }
-
+ /* ARM ARMv7 B1.8.6 Asynchronous exception masking (table B1-12/B1-13)
+ * ARM ARMv8 G1.11.3 Asynchronous exception masking controls
+ * (table G1-18/G1-19) */
switch (excp_idx) {
case EXCP_FIQ:
- if (irq_can_hyp && (env->cp15.hcr_el2 & HCR_FMO)) {
- return true;
+ if (!secure) {
+ if (arm_feature(env, ARM_FEATURE_EL2) &&
+ (env->cp15.hcr_el2 & HCR_FMO)) {
+ /* CPSR.F/PSTATE.F ignored if
+ * - exception is taken from Non-secure state
+ * - HCR.FMO == 1
+ * - either: - not in Hyp mode
+ * - SCR.FIQ routes exception to monitor mode
+ */
+ if (cur_el < 2) {
+ return true;
+ } else if (arm_feature(env, ARM_FEATURE_EL3) &&
+ (env->cp15.scr_el3 & SCR_FIQ)) {
+ return true;
+ }
+ }
+ /* In ARMv7 only applies if both Security Extensions (EL3) and
+ * Hypervirtualization Extensions (EL2) implemented, while
+ * for ARMv8 it applies also if only EL3 implemented.
+ */
+ if (arm_feature(env, ARM_FEATURE_EL3) &&
+ (arm_feature(env, ARM_FEATURE_EL2) ||
+ arm_feature(env, ARM_FEATURE_V8))) {
+ /* CPSR.F/PSTATE.F ignored if
+ * - exception is taken from Non-secure state
+ * - SCR.FIQ routes exception to monitor mode
+ * - SCR.FW bit is set to 0
+ * - HCR.FMO == 0 (if EL2 implemented)
+ */
+ if ((env->cp15.scr_el3 & SCR_FIQ) &&
+ !(env->cp15.scr_el3 & SCR_FW)) {
+ if (!arm_feature(env, ARM_FEATURE_EL2)) {
+ return true;
+ } else if (!(env->cp15.hcr_el2 & HCR_FMO)) {
+ return true;
+ }
+ }
+ }
}
return !(env->daif & PSTATE_F);
case EXCP_IRQ:
- if (irq_can_hyp && (env->cp15.hcr_el2 & HCR_IMO)) {
- return true;
+ if (!secure) {
+ if (arm_feature(env, ARM_FEATURE_EL2) &&
+ (env->cp15.hcr_el2 & HCR_IMO)) {
+ /* CPSR.I/PSTATE.I ignored if
+ * - exception is taken from Non-secure state
+ * - HCR.IMO == 1
+ * - either: - not in Hyp mode
+ * - SCR.IRQ routes exception to monitor mode
+ */
+ if (cur_el < 2) {
+ return true;
+ } else if (arm_feature(env, ARM_FEATURE_EL3) &&
+ (env->cp15.scr_el3 & SCR_IRQ)) {
+ return true;
+ }
+ }
}
return irq_unmasked;
case EXCP_VFIQ:
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 10/33] target-arm: extend Aarch64 SCR.{FIQ|IRQ} handling
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (8 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 09/33] target-arm: extend Aarch32 async excp masking greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 11/33] target-arm: add async excp target_el&mode function greg.bellows
` (24 subsequent siblings)
34 siblings, 0 replies; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Fabian Aggeler, Greg Bellows,
serge.fdrv, edgar.iglesias, christoffer.dall
From: Fabian Aggeler <aggelerf@ethz.ch>
If EL3 is using Aarch64 IRQ/FIQ masking is ignored in
all exception levels other than EL3 if SCR.{FIQ|IRQ} is
set to 1 (routed to EL3).
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/cpu.h | 98 +++++++++++++++++++++++++++++++++++++++++---------------
1 file changed, 72 insertions(+), 26 deletions(-)
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index fbd7cad..7b2817c 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -1211,20 +1211,43 @@ static inline bool arm_excp_unmasked(CPUState *cs, unsigned int excp_idx)
* (table G1-18/G1-19) */
switch (excp_idx) {
case EXCP_FIQ:
+ if (arm_feature(env, ARM_FEATURE_EL3) && arm_el_is_aa64(env, 3)) {
+ /* If EL3 is using Aarch64 and FIQs are routed to EL3 masking is
+ * ignored in all exception levels except EL3.
+ */
+ if ((env->cp15.scr_el3 & SCR_FIQ) && cur_el < 3) {
+ return true;
+ }
+ /* If we are in EL3 but FIQs are not routed to EL3 the exception
+ * is not taken but remains pending.
+ */
+ if (!(env->cp15.scr_el3 & SCR_FIQ) && cur_el == 3) {
+ return false;
+ }
+ }
if (!secure) {
- if (arm_feature(env, ARM_FEATURE_EL2) &&
- (env->cp15.hcr_el2 & HCR_FMO)) {
- /* CPSR.F/PSTATE.F ignored if
- * - exception is taken from Non-secure state
- * - HCR.FMO == 1
- * - either: - not in Hyp mode
- * - SCR.FIQ routes exception to monitor mode
- */
- if (cur_el < 2) {
- return true;
- } else if (arm_feature(env, ARM_FEATURE_EL3) &&
- (env->cp15.scr_el3 & SCR_FIQ)) {
- return true;
+ if (arm_feature(env, ARM_FEATURE_EL2)) {
+ if (env->cp15.hcr_el2 & HCR_FMO) {
+ /* CPSR.F/PSTATE.F ignored if
+ * - exception is taken from Non-secure state
+ * - HCR.FMO == 1
+ * - either: - not in Hyp mode
+ * - SCR.FIQ routes exception to monitor mode
+ * (EL3 in Aarch32)
+ */
+ if (cur_el < 2) {
+ return true;
+ } else if (arm_feature(env, ARM_FEATURE_EL3) &&
+ (env->cp15.scr_el3 & SCR_FIQ) &&
+ !arm_el_is_aa64(env, 3)) {
+ return true;
+ }
+ } else if (arm_el_is_aa64(env, 3) &&
+ (env->cp15.scr_el3 & SCR_RW) &&
+ cur_el == 2) {
+ /* FIQs not routed to EL2 but currently in EL2 (A64).
+ * Exception is not taken but remains pending. */
+ return false;
}
}
/* In ARMv7 only applies if both Security Extensions (EL3) and
@@ -1252,20 +1275,43 @@ static inline bool arm_excp_unmasked(CPUState *cs, unsigned int excp_idx)
}
return !(env->daif & PSTATE_F);
case EXCP_IRQ:
+ if (arm_feature(env, ARM_FEATURE_EL3) && arm_el_is_aa64(env, 3)) {
+ /* If EL3 is using Aarch64 and IRQs are routed to EL3 masking is
+ * ignored in all exception levels except EL3.
+ */
+ if ((env->cp15.scr_el3 & SCR_IRQ) && cur_el < 3) {
+ return true;
+ }
+ /* If we are in EL3 but IRQ s are not routed to EL3 the exception
+ * is not taken but remains pending.
+ */
+ if (!(env->cp15.scr_el3 & SCR_IRQ) && cur_el == 3) {
+ return false;
+ }
+ }
if (!secure) {
- if (arm_feature(env, ARM_FEATURE_EL2) &&
- (env->cp15.hcr_el2 & HCR_IMO)) {
- /* CPSR.I/PSTATE.I ignored if
- * - exception is taken from Non-secure state
- * - HCR.IMO == 1
- * - either: - not in Hyp mode
- * - SCR.IRQ routes exception to monitor mode
- */
- if (cur_el < 2) {
- return true;
- } else if (arm_feature(env, ARM_FEATURE_EL3) &&
- (env->cp15.scr_el3 & SCR_IRQ)) {
- return true;
+ if (arm_feature(env, ARM_FEATURE_EL2)) {
+ if (env->cp15.hcr_el2 & HCR_IMO) {
+ /* CPSR.I/PSTATE.I ignored if
+ * - exception is taken from Non-secure state
+ * - HCR.IMO == 1
+ * - either: - not in Hyp mode
+ * - SCR.IRQ routes exception to monitor mode
+ * (EL3 in Aarch32)
+ */
+ if (cur_el < 2) {
+ return true;
+ } else if (arm_feature(env, ARM_FEATURE_EL3) &&
+ (env->cp15.scr_el3 & SCR_IRQ) &&
+ !arm_el_is_aa64(env, 3)) {
+ return true;
+ }
+ } else if (arm_el_is_aa64(env, 3) &&
+ (env->cp15.scr_el3 & SCR_RW) &&
+ cur_el == 2) {
+ /* IRQs not routed to EL2 but currently in EL2 (A64).
+ * Exception is not taken but remains pending. */
+ return false;
}
}
}
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 11/33] target-arm: add async excp target_el&mode function
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (9 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 10/33] target-arm: extend Aarch64 SCR.{FIQ|IRQ} handling greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 12/33] target-arm: use dedicated target_el function greg.bellows
` (23 subsequent siblings)
34 siblings, 0 replies; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Fabian Aggeler, Greg Bellows,
serge.fdrv, edgar.iglesias, christoffer.dall
From: Fabian Aggeler <aggelerf@ethz.ch>
Adds a dedicated function for IRQ and FIQ exceptions to determine
target_el and mode (Aarch32) according to tables in ARM ARMv8 and
ARM ARM v7.
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
--------------
v3 -> v4
- Fixed arm_phys_excp_target_el() 0/0/0 case to return excp_mode when EL<2
rather than ABORT.
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/cpu.h | 3 ++
target-arm/helper.c | 137 ++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 140 insertions(+)
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index 7b2817c..1e8d5ee 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -784,6 +784,9 @@ static inline bool arm_el_is_aa64(CPUARMState *env, int el)
void arm_cpu_list(FILE *f, fprintf_function cpu_fprintf);
unsigned int arm_excp_target_el(CPUState *cs, unsigned int excp_idx);
+inline uint32_t arm_phys_excp_target_el(CPUState *cs, uint32_t *target_mode,
+ uint32_t excp_idx, uint32_t cur_el,
+ bool secure);
/* Interface between CPU and Interrupt controller. */
void armv7m_nvic_set_pending(void *opaque, int irq);
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 2e285ab..4233ae3 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -3239,6 +3239,21 @@ uint32_t HELPER(get_r13_banked)(CPUARMState *env, uint32_t mode)
return 0;
}
+inline uint32_t arm_phys_excp_target_el(CPUState *cs, uint32_t *target_mode,
+ uint32_t excp_idx, uint32_t cur_el,
+ bool secure)
+{
+ switch (excp_idx) {
+ case EXCP_IRQ:
+ *target_mode = ARM_CPU_MODE_IRQ;
+ break;
+ case EXCP_FIQ:
+ *target_mode = ARM_CPU_MODE_FIQ;
+ break;
+ }
+ return 1;
+}
+
unsigned int arm_excp_target_el(CPUState *cs, unsigned int excp_idx)
{
return 1;
@@ -3300,6 +3315,128 @@ void switch_mode(CPUARMState *env, int mode)
}
/*
+ * Determine the target EL for physical exceptions
+ */
+inline uint32_t arm_phys_excp_target_el(CPUState *cs, uint32_t *target_mode,
+ uint32_t excp_idx, uint32_t cur_el,
+ bool secure)
+{
+ CPUARMState *env = cs->env_ptr;
+ uint32_t target_el = 1;
+ uint32_t excp_mode = 0;
+
+ bool scr_routing = 0; /* IRQ, FIQ, EA */
+ bool hcr_routing = 0; /* IMO, FMO, AMO */
+
+ switch (excp_idx) {
+ case EXCP_IRQ:
+ scr_routing = (env->cp15.scr_el3 & SCR_IRQ);
+ hcr_routing = (env->cp15.hcr_el2 & HCR_IMO);
+ excp_mode = ARM_CPU_MODE_IRQ;
+ break;
+ case EXCP_FIQ:
+ scr_routing = (env->cp15.scr_el3 & SCR_FIQ);
+ hcr_routing = (env->cp15.hcr_el2 & HCR_FMO);
+ excp_mode = ARM_CPU_MODE_FIQ;
+ }
+
+ /* If HCR.TGE is set all exceptions that would be routed to EL1 are
+ * routed to EL2 (in non-secure world).
+ */
+ if (arm_feature(env, ARM_FEATURE_EL2) && (env->cp15.hcr_el2 & HCR_TGE)) {
+ hcr_routing = 1;
+ }
+
+ /* Determine target EL according to ARM ARMv8 tables G1-15 and G1-16 */
+ if (arm_el_is_aa64(env, 3)) {
+ /* EL3 in Aarch64 */
+ if (scr_routing) {
+ /* IRQ|FIQ|EA == 1 */
+ target_el = 3;
+ } else {
+ if (hcr_routing) {
+ /* IRQ|FIQ|EA == 0
+ * IMO|FMO|AMO == 1 */
+ if (secure) {
+ /* Secure */
+ target_el = 1;
+ if (!arm_el_is_aa64(env, 1)) {
+ /* EL1 using Aarch32 */
+ *target_mode = ARM_CPU_MODE_ABT;
+ }
+ } else if (cur_el < 2) {
+ /* Non-Secure goes to EL2 */
+ target_el = 2;
+ if (!arm_el_is_aa64(env, 2)) {
+ /* EL2 using Aarch32 */
+ *target_mode = ARM_CPU_MODE_HYP;
+ }
+ }
+ } else if (env->cp15.scr_el3 & SCR_RW) {
+ /* IRQ|FIQ|EA == 0
+ * IMO|FMO|AMO == 0
+ * RW == 1 (Next lower level is Aarch64)
+ */
+ if (cur_el < 2) {
+ target_el = 1;
+ } else {
+ /* Interrupt not taken but remains pending */
+ }
+ } else {
+ /* IRQ|FIQ|EA == 0
+ * IMO|FMO|AMO == 0
+ * RW == 0 (Next lower level is Aarch64)
+ */
+ if (cur_el < 2) {
+ target_el = 1;
+ *target_mode = excp_mode;
+ } else if (cur_el == 2) {
+ target_el = 2;
+ *target_mode = ARM_CPU_MODE_HYP;
+ } else {
+ /* Interrupt not taken but remains pending */
+ }
+ }
+ }
+ } else {
+ /* EL3 in Aarch32 */
+ if (scr_routing) {
+ /* IRQ|FIQ|EA == 1 */
+ target_el = 3;
+ *target_mode = ARM_CPU_MODE_MON;
+ } else {
+ if (hcr_routing) {
+ /* IRQ|FIQ|EA == 0
+ * IMO|FMO|AMO == 1
+ */
+ if (secure) {
+ target_el = 3;
+ *target_mode = excp_mode;
+ } else {
+ target_el = 2;
+ *target_mode = ARM_CPU_MODE_HYP;
+ }
+ } else {
+ /* IRQ|FIQ|EA == 0
+ * IMO|FMO|AMO == 0
+ */
+ if (cur_el < 2) {
+ target_el = 1;
+ *target_mode = excp_mode;
+ } else if (cur_el == 2) {
+ target_el = 2;
+ *target_mode = ARM_CPU_MODE_HYP;
+ } else if (secure) {
+ target_el = 3;
+ *target_mode = excp_mode;
+ }
+ }
+ }
+ }
+ return target_el;
+}
+
+/*
* Determine the target EL for a given exception type.
*/
unsigned int arm_excp_target_el(CPUState *cs, unsigned int excp_idx)
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 12/33] target-arm: use dedicated target_el function
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (10 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 11/33] target-arm: add async excp target_el&mode function greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 13/33] target-arm: implement IRQ/FIQ routing to Monitor mode greg.bellows
` (22 subsequent siblings)
34 siblings, 0 replies; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Fabian Aggeler, Greg Bellows,
serge.fdrv, edgar.iglesias, christoffer.dall
From: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/helper.c | 24 ++++++------------------
1 file changed, 6 insertions(+), 18 deletions(-)
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 4233ae3..456b7e7 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -3444,14 +3444,10 @@ unsigned int arm_excp_target_el(CPUState *cs, unsigned int excp_idx)
CPUARMState *env = cs->env_ptr;
unsigned int cur_el = arm_current_pl(env);
unsigned int target_el = 1;
+ unsigned int target_mode;
bool route_to_el2 = false;
- /* FIXME: Use actual secure state. */
- bool secure = false;
- if (!env->aarch64) {
- /* TODO: Add EL2 and 3 exception handling for AArch32. */
- return 1;
- }
+ bool secure = arm_is_secure(env);
if (!secure
&& arm_feature(env, ARM_FEATURE_EL2)
@@ -3473,18 +3469,10 @@ unsigned int arm_excp_target_el(CPUState *cs, unsigned int excp_idx)
}
break;
case EXCP_FIQ:
- case EXCP_IRQ: {
- const uint64_t hcr_mask = excp_idx == EXCP_FIQ ? HCR_FMO : HCR_IMO;
- const uint32_t scr_mask = excp_idx == EXCP_FIQ ? SCR_FIQ : SCR_IRQ;
-
- if (!secure && (env->cp15.hcr_el2 & hcr_mask)) {
- target_el = 2;
- }
- if (env->cp15.scr_el3 & scr_mask) {
- target_el = 3;
- }
- break;
- }
+ case EXCP_IRQ:
+ target_el = arm_phys_excp_target_el(cs, &target_mode, excp_idx,
+ cur_el, secure);
+ break;
case EXCP_VIRQ:
case EXCP_VFIQ:
target_el = 1;
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 13/33] target-arm: implement IRQ/FIQ routing to Monitor mode
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (11 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 12/33] target-arm: use dedicated target_el function greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 14/33] target-arm: Respect SCR.FW, SCR.AW and SCTLR.NMFI greg.bellows
` (21 subsequent siblings)
34 siblings, 0 replies; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Sergey Fedorov, Fabian Aggeler,
Greg Bellows, serge.fdrv, edgar.iglesias, christoffer.dall
From: Fabian Aggeler <aggelerf@ethz.ch>
SCR.{IRQ/FIQ} bits allow to route IRQ/FIQ exceptions to monitor CPU
mode. When taking IRQ exception to monitor mode FIQ exception is
additionally masked.
Signed-off-by: Sergey Fedorov <s.fedorov@samsung.com>
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/helper.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 456b7e7..7a878e9 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -3720,12 +3720,21 @@ void arm_cpu_do_interrupt(CPUState *cs)
/* Disable IRQ and imprecise data aborts. */
mask = CPSR_A | CPSR_I;
offset = 4;
+ if (env->cp15.scr_el3 & SCR_IRQ) {
+ /* IRQ routed to monitor mode */
+ new_mode = ARM_CPU_MODE_MON;
+ mask |= CPSR_F;
+ }
break;
case EXCP_FIQ:
new_mode = ARM_CPU_MODE_FIQ;
addr = 0x1c;
/* Disable FIQ, IRQ and imprecise data aborts. */
mask = CPSR_A | CPSR_I | CPSR_F;
+ if (env->cp15.scr_el3 & SCR_FIQ) {
+ /* FIQ routed to monitor mode */
+ new_mode = ARM_CPU_MODE_MON;
+ }
offset = 4;
break;
case EXCP_SMC:
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 14/33] target-arm: Respect SCR.FW, SCR.AW and SCTLR.NMFI
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (12 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 13/33] target-arm: implement IRQ/FIQ routing to Monitor mode greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 15/33] target-arm: add NSACR register greg.bellows
` (20 subsequent siblings)
34 siblings, 0 replies; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Fabian Aggeler, Greg Bellows,
serge.fdrv, edgar.iglesias, christoffer.dall
From: Fabian Aggeler <aggelerf@ethz.ch>
bits when modifying CPSR.
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---------------
v3 -> v4
- Fixed up conditions for ignoring CPSR.A/F updates by isolating to v7 and
checking for the existence of EL3 and non-existence of EL2.
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/helper.c | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++---
1 file changed, 59 insertions(+), 3 deletions(-)
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 7a878e9..e43545a 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -3106,9 +3106,6 @@ void cpsr_write(CPUARMState *env, uint32_t val, uint32_t mask)
env->GE = (val >> 16) & 0xf;
}
- env->daif &= ~(CPSR_AIF & mask);
- env->daif |= val & CPSR_AIF & mask;
-
if ((env->uncached_cpsr ^ val) & mask & CPSR_M) {
if (bad_mode_switch(env, val & CPSR_M)) {
/* Attempt to switch to an invalid mode: this is UNPREDICTABLE.
@@ -3120,6 +3117,65 @@ void cpsr_write(CPUARMState *env, uint32_t val, uint32_t mask)
switch_mode(env, val & CPSR_M);
}
}
+
+ /* In a V7 implementation that incldoes the security extensions but does
+ * not include Virtualization Extensions the SCR.FW and SCR.AW bits control
+ * whether non-secure software is allowed to change the CPSR_F and CPSR_A
+ * bits respectively.
+ *
+ * In a V8 implementation, it is permitted for privileged software to
+ * change the CPSR A/F bits regardless of the SCR.AW/FW bits. However,
+ * when the SPSR is copied to the CPSR, the SCR.AW/FW bits control whether
+ * the CPSR.A/F bits are copied.
+ */
+ if (!arm_feature(env, ARM_FEATURE_V8)) {
+ if ((mask & CPSR_A) &&
+ (val & CPSR_A) != (env->uncached_cpsr & CPSR_A) &&
+ arm_feature(env, ARM_FEATURE_EL3) &&
+ !arm_feature(env, ARM_FEATURE_EL2) &&
+ !(env->cp15.scr_el3 & SCR_AW) && !arm_is_secure(env)) {
+ qemu_log_mask(LOG_GUEST_ERROR,
+ "Ignoring attempt to switch CPSR_A flag from "
+ "non-secure world with SCR.AW bit clear\n");
+ mask &= ~CPSR_A;
+ }
+
+ if ((mask & CPSR_F) &&
+ (val & CPSR_F) != (env->uncached_cpsr & CPSR_F)) {
+ /*
+ * The existence of the security extension (EL3) and the
+ * non-existence of the virtualization extension affects whether
+ * the CPSR.F bit can be modified.
+ */
+ if (arm_feature(env, ARM_FEATURE_EL3) &&
+ !arm_feature(env, ARM_FEATURE_EL2)) {
+ /* CPSR.F cannot be changed in nonsecure with SCR.FW clear */
+ if (!(env->cp15.scr_el3 & SCR_FW) && !arm_is_secure(env)) {
+ qemu_log_mask(LOG_GUEST_ERROR,
+ "Ignoring attempt to switch CPSR_F flag from "
+ "non-secure world with SCR.FW bit clear\n");
+ mask &= ~CPSR_F;
+ }
+
+ /* Check whether non-maskable FIQ (NMFI) support is enabled.
+ * If this bit is set software is not allowed to mask
+ * FIQs, but is allowed to set CPSR_F to 0.
+ */
+ if ((A32_BANKED_CURRENT_REG_GET(env, sctlr) & SCTLR_NMFI) &&
+ (val & CPSR_F)) {
+ qemu_log_mask(LOG_GUEST_ERROR,
+ "Ignoring attempt to enable CPSR_F flag "
+ "(non-maskable FIQ [NMFI] support "
+ "enabled)\n");
+ mask &= ~CPSR_F;
+ }
+ }
+ }
+ }
+
+ env->daif &= ~(CPSR_AIF & mask);
+ env->daif |= val & CPSR_AIF & mask;
+
mask &= ~CACHED_CPSR_BITS;
env->uncached_cpsr = (env->uncached_cpsr & ~mask) | (val & mask);
}
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 15/33] target-arm: add NSACR register
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (13 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 14/33] target-arm: Respect SCR.FW, SCR.AW and SCTLR.NMFI greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-07-07 9:40 ` Aggeler Fabian
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 16/33] target-arm: add SDER definition greg.bellows
` (19 subsequent siblings)
34 siblings, 1 reply; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Sergey Fedorov, Fabian Aggeler,
Greg Bellows, serge.fdrv, edgar.iglesias, christoffer.dall
From: Fabian Aggeler <aggelerf@ethz.ch>
Implements NSACR register with corresponding read/write functions
for ARMv7 and ARMv8.
Signed-off-by: Sergey Fedorov <s.fedorov@samsung.com>
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/cpu.h | 6 +++++
target-arm/helper.c | 68 ++++++++++++++++++++++++++++++++++++++++++++++++++++-
2 files changed, 73 insertions(+), 1 deletion(-)
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index 1e8d5ee..4625088 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -182,6 +182,7 @@ typedef struct CPUARMState {
uint64_t c1_coproc; /* Coprocessor access register. */
uint32_t c1_xscaleauxcr; /* XScale auxiliary control register. */
uint32_t c1_scr; /* secure config register. */
+ uint32_t c1_nsacr; /* Non-secure access control register. */
uint64_t ttbr0_el1; /* MMU translation table base 0. */
uint64_t ttbr1_el1; /* MMU translation table base 1. */
uint64_t c2_control; /* MMU translation table base control. */
@@ -609,6 +610,11 @@ static inline void xpsr_write(CPUARMState *env, uint32_t val, uint32_t mask)
#define SCR_RES1_MASK (3U << 4)
#define SCR_MASK (0x3fff & ~SCR_RES1_MASK)
+#define NSACR_NSTRCDIS (1U << 20)
+#define NSACR_RFR (1U << 19)
+#define NSACR_NSASEDIS (1U << 15)
+#define NSACR_NSD32DIS (1U << 14)
+
/* Return the current FPSCR value. */
uint32_t vfp_get_fpscr(CPUARMState *env);
void vfp_set_fpscr(CPUARMState *env, uint32_t val);
diff --git a/target-arm/helper.c b/target-arm/helper.c
index e43545a..6342dbf 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -489,7 +489,19 @@ static void cpacr_write(CPUARMState *env, const ARMCPRegInfo *ri,
/* VFP coprocessor: cp10 & cp11 [23:20] */
mask |= (1 << 31) | (1 << 30) | (0xf << 20);
- if (!arm_feature(env, ARM_FEATURE_NEON)) {
+ if (arm_feature(env, ARM_FEATURE_NEON)) {
+ /* NSACR can disable non-secure writes to
+ * ASEDIS [31] or D32DIS [30]
+ */
+ if (arm_feature(env, ARM_FEATURE_EL3) && !arm_is_secure(env)) {
+ if ((env->cp15.c1_nsacr & NSACR_NSASEDIS)) {
+ mask &= ~(1 << 31);
+ }
+ if ((env->cp15.c1_nsacr & NSACR_NSD32DIS)) {
+ mask &= ~(1 << 30);
+ }
+ }
+ } else {
/* ASEDIS [31] bit is RAO/WI */
value |= (1 << 31);
}
@@ -501,6 +513,7 @@ static void cpacr_write(CPUARMState *env, const ARMCPRegInfo *ri,
!arm_feature(env, ARM_FEATURE_VFP3)) {
/* D32DIS [30] is RAO/WI if D16-31 are not implemented. */
value |= (1 << 30);
+ mask |= (1 << 30);
}
}
value &= mask;
@@ -2195,6 +2208,55 @@ static void scr_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value)
raw_write(env, ri, value);
}
+static void nsacr_write(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value)
+{
+ uint32_t mask = 0;
+
+ /* Pre ARMv8 some bits are RAO or UNK/SBZP */
+ if (!arm_feature(env, ARM_FEATURE_V8)) {
+
+ if (arm_feature(env, ARM_FEATURE_VFP)) {
+ mask |= NSACR_NSASEDIS | NSACR_NSD32DIS;
+
+ if (!arm_feature(env, ARM_FEATURE_NEON)) {
+ /* NSASEDIS are RAO/WI */
+ value |= NSACR_NSASEDIS;
+ }
+
+ /* VFPv3 and upwards with NEON implement 32 double precision
+ * registers (D0-D31).
+ */
+ if (!arm_feature(env, ARM_FEATURE_NEON) ||
+ !arm_feature(env, ARM_FEATURE_VFP3)) {
+ /* NSD32DIS is RAO/WI if D16-31 are not implemented. */
+ value |= NSACR_NSD32DIS;
+ }
+ }
+
+ /* cpn bits [13:0] */
+ mask = 0x3fff;
+
+ value &= mask;
+ }
+
+ raw_write(env, ri, value);
+}
+
+static uint64_t nsacr_read(CPUARMState *env, const ARMCPRegInfo *ri)
+{
+ uint64_t ret = raw_read(env, ri);
+
+ if (arm_feature(env, ARM_FEATURE_V8)) {
+ if (!arm_feature(env, ARM_FEATURE_EL3) || (
+ arm_el_is_aa64(env, 3) && !is_a64(env) &&
+ arm_current_pl(env) != 3)) {
+ ret = 0x0000C00;
+ }
+ }
+ return ret;
+}
+
static const ARMCPRegInfo v8_el3_cp_reginfo[] = {
{ .name = "ELR_EL3", .state = ARM_CP_STATE_AA64,
.type = ARM_CP_NO_MIGRATE,
@@ -2228,6 +2290,10 @@ static const ARMCPRegInfo v7_el3_cp_reginfo[] = {
{ .name = "SCR", .cp = 15, .crn = 1, .crm = 1, .opc1 = 0, .opc2 = 0,
.access = PL3_RW, .fieldoffset = offsetof(CPUARMState, cp15.scr_el3),
.resetvalue = 0, },
+ { .name = "NSACR", .cp = 15, .crn = 1, .crm = 1, .opc1 = 0, .opc2 = 2,
+ .access = PL3_RW | PL1_R, .resetvalue = 0,
+ .writefn = nsacr_write, .readfn = nsacr_read,
+ .fieldoffset = offsetof(CPUARMState, cp15.c1_nsacr) },
REGINFO_SENTINEL
};
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 16/33] target-arm: add SDER definition
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (14 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 15/33] target-arm: add NSACR register greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 17/33] target-arm: add MVBAR support greg.bellows
` (18 subsequent siblings)
34 siblings, 0 replies; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Sergey Fedorov, Fabian Aggeler,
Greg Bellows, serge.fdrv, edgar.iglesias, christoffer.dall
From: Sergey Fedorov <s.fedorov@samsung.com>
Signed-off-by: Sergey Fedorov <s.fedorov@samsung.com>
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/cpu.h | 1 +
target-arm/helper.c | 3 +++
2 files changed, 4 insertions(+)
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index 4625088..7aecb0f 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -182,6 +182,7 @@ typedef struct CPUARMState {
uint64_t c1_coproc; /* Coprocessor access register. */
uint32_t c1_xscaleauxcr; /* XScale auxiliary control register. */
uint32_t c1_scr; /* secure config register. */
+ uint32_t c1_sder; /* Secure debug enable register. */
uint32_t c1_nsacr; /* Non-secure access control register. */
uint64_t ttbr0_el1; /* MMU translation table base 0. */
uint64_t ttbr1_el1; /* MMU translation table base 1. */
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 6342dbf..7a2c861 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -2290,6 +2290,9 @@ static const ARMCPRegInfo v7_el3_cp_reginfo[] = {
{ .name = "SCR", .cp = 15, .crn = 1, .crm = 1, .opc1 = 0, .opc2 = 0,
.access = PL3_RW, .fieldoffset = offsetof(CPUARMState, cp15.scr_el3),
.resetvalue = 0, },
+ { .name = "SDER", .cp = 15, .crn = 1, .crm = 1, .opc1 = 0, .opc2 = 1,
+ .access = PL3_RW, .resetvalue = 0,
+ .fieldoffset = offsetof(CPUARMState, cp15.c1_sder) },
{ .name = "NSACR", .cp = 15, .crn = 1, .crm = 1, .opc1 = 0, .opc2 = 2,
.access = PL3_RW | PL1_R, .resetvalue = 0,
.writefn = nsacr_write, .readfn = nsacr_read,
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 17/33] target-arm: add MVBAR support
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (15 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 16/33] target-arm: add SDER definition greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 18/33] target-arm: add macros to access banked registers greg.bellows
` (17 subsequent siblings)
34 siblings, 0 replies; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Sergey Fedorov, Fabian Aggeler,
Greg Bellows, serge.fdrv, edgar.iglesias, christoffer.dall
From: Fabian Aggeler <aggelerf@ethz.ch>
Use MVBAR register as exception vector base address for
exceptions taken to CPU monitor mode.
Signed-off-by: Sergey Fedorov <s.fedorov@samsung.com>
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/cpu.h | 1 +
target-arm/helper.c | 15 +++++++++------
2 files changed, 10 insertions(+), 6 deletions(-)
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index 7aecb0f..a2dab08 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -212,6 +212,7 @@ typedef struct CPUARMState {
uint32_t c9_pminten; /* perf monitor interrupt enables */
uint64_t mair_el1;
uint64_t vbar_el[4]; /* vector base address register */
+ uint64_t mvbar; /* (monitor) vector base address register */
uint32_t c13_fcse; /* FCSE PID. */
uint64_t contextidr_el1; /* Context ID. */
uint64_t tpidr_el0; /* User RW Thread register. */
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 7a2c861..d3dbf33 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -2297,6 +2297,9 @@ static const ARMCPRegInfo v7_el3_cp_reginfo[] = {
.access = PL3_RW | PL1_R, .resetvalue = 0,
.writefn = nsacr_write, .readfn = nsacr_read,
.fieldoffset = offsetof(CPUARMState, cp15.c1_nsacr) },
+ { .name = "MVBAR", .cp = 15, .crn = 12, .crm = 0, .opc1 = 0, .opc2 = 1,
+ .access = PL3_RW, .writefn = vbar_write, .resetvalue = 0,
+ .fieldoffset = offsetof(CPUARMState, cp15.mvbar) },
REGINFO_SENTINEL
};
@@ -3872,16 +3875,16 @@ void arm_cpu_do_interrupt(CPUState *cs)
cpu_abort(cs, "Unhandled exception 0x%x\n", cs->exception_index);
return; /* Never happens. Keep compiler happy. */
}
- /* High vectors. */
- if (env->cp15.c1_sys & SCTLR_V) {
- /* when enabled, base address cannot be remapped. */
+
+ if (new_mode == ARM_CPU_MODE_MON) {
+ addr += env->cp15.mvbar;
+ } else if (env->cp15.c1_sys & SCTLR_V) {
+ /* High vectors. When enabled, base address cannot be remapped. */
addr += 0xffff0000;
} else {
/* ARM v7 architectures provide a vector base address register to remap
* the interrupt vector table.
- * This register is only followed in non-monitor mode, and has a secure
- * and un-secure copy. Since the cpu is always in a un-secure operation
- * and is never in monitor mode this feature is always active.
+ * This register is only followed in non-monitor mode, and is banked.
* Note: only bits 31:5 are valid.
*/
addr += env->cp15.vbar_el[1];
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 18/33] target-arm: add macros to access banked registers
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (16 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 17/33] target-arm: add MVBAR support greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 19/33] target-arm: insert Aarch32 cpregs twice into hashtable greg.bellows
` (16 subsequent siblings)
34 siblings, 0 replies; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Sergey Fedorov, Fabian Aggeler,
Greg Bellows, serge.fdrv, edgar.iglesias, christoffer.dall
From: Fabian Aggeler <aggelerf@ethz.ch>
If EL3 is in Aarch32 state certain cp registers are banked (secure and
non-secure instance). When reading or writing to coprocessor registers
the following macros can be used. If the CPU is in monitor mode SCR.NS
bit determines which instance is going to be accessed.
- USE_SECURE_REG(env): to determine which instance to use, depends on
SCR.NS bit
- A32_BANKED_REG_GET(env, regname): get value of banked register
- A32_BANKED_REG_SET(env, regname): set value of banked register
When accessing banked registers otherwise use s/ns field depending
on whether CPU is in secure state (monitor mode or ns-bit clear).
- A32_BANKED_CURRENT_REG_GET(env, regname)
- A32_BANKED_CURRENT_REG_SET(env, regname)
If EL3 is operating in Aarch64 state coprocessor registers are not
banked anymore. The macros use the non-secure instance (_ns) in this
case, which is architecturally mapped to the Aarch64 EL register.
Signed-off-by: Sergey Fedorov <s.fedorov@samsung.com>
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/cpu.h | 35 +++++++++++++++++++++++++++++++++++
1 file changed, 35 insertions(+)
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index a2dab08..baf6281 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -790,6 +790,41 @@ static inline bool arm_el_is_aa64(CPUARMState *env, int el)
return arm_feature(env, ARM_FEATURE_AARCH64);
}
+/* When EL3 is operating in Aarch32 state, the NS-bit determines
+ * whether the secure instance of a cp-register should be used. */
+#define USE_SECURE_REG(env) ( \
+ arm_feature(env, ARM_FEATURE_EL3) && \
+ !arm_el_is_aa64(env, 3) && \
+ !((env)->cp15.scr_el3 & SCR_NS))
+
+#define A32_BANKED_REG_GET(env, regname) \
+ ((USE_SECURE_REG(env)) ? \
+ (env)->cp15.regname##_s : \
+ (env)->cp15.regname##_ns)
+
+#define A32_BANKED_REG_SET(env, regname, val) \
+ do { \
+ if (USE_SECURE_REG(env)) { \
+ (env)->cp15.regname##_s = (val); \
+ } else { \
+ (env)->cp15.regname##_ns = (val); \
+ } \
+ } while (0)
+
+#define A32_BANKED_CURRENT_REG_GET(env, regname) \
+ ((!arm_el_is_aa64(env, 3) && arm_is_secure(env)) ? \
+ (env)->cp15.regname##_s : \
+ (env)->cp15.regname##_ns)
+
+#define A32_BANKED_CURRENT_REG_SET(env, regname, val) \
+ do { \
+ if (!arm_el_is_aa64(env, 3) && arm_is_secure(env)) { \
+ (env)->cp15.regname##_s = (val); \
+ } else { \
+ (env)->cp15.regname##_ns = (val); \
+ } \
+ } while (0)
+
void arm_cpu_list(FILE *f, fprintf_function cpu_fprintf);
unsigned int arm_excp_target_el(CPUState *cs, unsigned int excp_idx);
inline uint32_t arm_phys_excp_target_el(CPUState *cs, uint32_t *target_mode,
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 19/33] target-arm: insert Aarch32 cpregs twice into hashtable
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (17 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 18/33] target-arm: add macros to access banked registers greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 20/33] target-arm: arrayfying fieldoffset for banking greg.bellows
` (15 subsequent siblings)
34 siblings, 0 replies; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Fabian Aggeler, Greg Bellows,
serge.fdrv, edgar.iglesias, christoffer.dall
From: Fabian Aggeler <aggelerf@ethz.ch>
Prepare for cp register banking by inserting every cp register twice,
once for secure world and once for non-secure world.
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/cpu.h | 14 +++++++++++---
target-arm/helper.c | 20 ++++++++++++++++----
target-arm/translate.c | 19 +++++++++++++------
3 files changed, 40 insertions(+), 13 deletions(-)
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index baf6281..76fd7f3 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -847,6 +847,7 @@ void armv7m_nvic_complete_irq(void *opaque, int irq);
* Crn, Crm, opc1, opc2 fields
* 32 or 64 bit register (ie is it accessed via MRC/MCR
* or via MRRC/MCRR?)
+ * non-secure/secure bank (Aarch32 only)
* We allow 4 bits for opc1 because MRRC/MCRR have a 4 bit field.
* (In this case crn and opc2 should be zero.)
* For AArch64, there is no 32/64 bit size distinction;
@@ -864,9 +865,16 @@ void armv7m_nvic_complete_irq(void *opaque, int irq);
#define CP_REG_AA64_SHIFT 28
#define CP_REG_AA64_MASK (1 << CP_REG_AA64_SHIFT)
-#define ENCODE_CP_REG(cp, is64, crn, crm, opc1, opc2) \
- (((cp) << 16) | ((is64) << 15) | ((crn) << 11) | \
- ((crm) << 7) | ((opc1) << 3) | (opc2))
+/* To enable banking of coprocessor registers depending on ns-bit we
+ * add a bit to distinguish between secure and non-secure cpregs in the
+ * hashtable.
+ */
+#define CP_REG_NS_SHIFT 27
+#define CP_REG_NS_MASK(nsbit) (nsbit << CP_REG_NS_SHIFT)
+
+#define ENCODE_CP_REG(cp, is64, crn, crm, opc1, opc2, ns) \
+ (CP_REG_NS_MASK(ns) | ((cp) << 16) | ((is64) << 15) | \
+ ((crn) << 11) | ((crm) << 7) | ((opc1) << 3) | (opc2))
#define ENCODE_AA64_CP_REG(cp, crn, crm, op0, op1, op2) \
(CP_REG_AA64_MASK | \
diff --git a/target-arm/helper.c b/target-arm/helper.c
index d3dbf33..5d011fd 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -2898,7 +2898,7 @@ CpuDefinitionInfoList *arch_query_cpu_definitions(Error **errp)
static void add_cpreg_to_hashtable(ARMCPU *cpu, const ARMCPRegInfo *r,
void *opaque, int state,
- int crm, int opc1, int opc2)
+ int crm, int opc1, int opc2, int nsbit)
{
/* Private utility function for define_one_arm_cp_reg_with_opaque():
* add a single reginfo struct to the hash table.
@@ -2932,7 +2932,7 @@ static void add_cpreg_to_hashtable(ARMCPU *cpu, const ARMCPRegInfo *r,
*key = ENCODE_AA64_CP_REG(r2->cp, r2->crn, crm,
r2->opc0, opc1, opc2);
} else {
- *key = ENCODE_CP_REG(r2->cp, is64, r2->crn, crm, opc1, opc2);
+ *key = ENCODE_CP_REG(r2->cp, is64, r2->crn, crm, opc1, opc2, nsbit);
}
if (opaque) {
r2->opaque = opaque;
@@ -3081,8 +3081,20 @@ void define_one_arm_cp_reg_with_opaque(ARMCPU *cpu,
if (r->state != state && r->state != ARM_CP_STATE_BOTH) {
continue;
}
- add_cpreg_to_hashtable(cpu, r, opaque, state,
- crm, opc1, opc2);
+ if (state == ARM_CP_STATE_AA32) {
+ /* Under Aarch32 CP registers can be common
+ * (same for secure and non-secure world) or banked.
+ */
+ add_cpreg_to_hashtable(cpu, r, opaque, state,
+ crm, opc1, opc2, !SCR_NS);
+ add_cpreg_to_hashtable(cpu, r, opaque, state,
+ crm, opc1, opc2, SCR_NS);
+ } else {
+ /* Aarch64 registers get mapped to non-secure instance
+ * of Aarch32 */
+ add_cpreg_to_hashtable(cpu, r, opaque, state,
+ crm, opc1, opc2, SCR_NS);
+ }
}
}
}
diff --git a/target-arm/translate.c b/target-arm/translate.c
index f657389..30d9592 100644
--- a/target-arm/translate.c
+++ b/target-arm/translate.c
@@ -6968,7 +6968,7 @@ static int disas_neon_data_insn(CPUARMState * env, DisasContext *s, uint32_t ins
static int disas_coproc_insn(CPUARMState * env, DisasContext *s, uint32_t insn)
{
- int cpnum, is64, crn, crm, opc1, opc2, isread, rt, rt2;
+ int cpnum, is64, crn, crm, opc1, opc2, isread, rt, rt2, ns;
const ARMCPRegInfo *ri;
cpnum = (insn >> 8) & 0xf;
@@ -7012,8 +7012,11 @@ static int disas_coproc_insn(CPUARMState * env, DisasContext *s, uint32_t insn)
isread = (insn >> 20) & 1;
rt = (insn >> 12) & 0xf;
+ /* Monitor mode is always treated as secure but cp register reads/writes
+ * can access secure and non-secure instances using SCR.NS bit*/
+ ns = IS_NS(s) ? 1 : !USE_SECURE_REG(env);
ri = get_arm_cp_reginfo(s->cp_regs,
- ENCODE_CP_REG(cpnum, is64, crn, crm, opc1, opc2));
+ ENCODE_CP_REG(cpnum, is64, crn, crm, opc1, opc2, ns));
if (ri) {
/* Check access permissions */
if (!cp_access_ok(s->current_pl, ri, isread)) {
@@ -7200,12 +7203,16 @@ static int disas_coproc_insn(CPUARMState * env, DisasContext *s, uint32_t insn)
*/
if (is64) {
qemu_log_mask(LOG_UNIMP, "%s access to unsupported AArch32 "
- "64 bit system register cp:%d opc1: %d crm:%d\n",
- isread ? "read" : "write", cpnum, opc1, crm);
+ "64 bit system register cp:%d opc1: %d crm:%d "
+ "(%s)\n",
+ isread ? "read" : "write", cpnum, opc1, crm,
+ ns ? "non-secure" : "secure");
} else {
qemu_log_mask(LOG_UNIMP, "%s access to unsupported AArch32 "
- "system register cp:%d opc1:%d crn:%d crm:%d opc2:%d\n",
- isread ? "read" : "write", cpnum, opc1, crn, crm, opc2);
+ "system register cp:%d opc1:%d crn:%d crm:%d opc2:%d "
+ "(%s)\n",
+ isread ? "read" : "write", cpnum, opc1, crn, crm, opc2,
+ ns ? "non-secure" : "secure");
}
return 1;
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 20/33] target-arm: arrayfying fieldoffset for banking
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (18 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 19/33] target-arm: insert Aarch32 cpregs twice into hashtable greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 21/33] target-arm: add SCTLR_EL3 and make SCTLR banked greg.bellows
` (14 subsequent siblings)
34 siblings, 0 replies; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Fabian Aggeler, Greg Bellows,
serge.fdrv, edgar.iglesias, christoffer.dall
From: Fabian Aggeler <aggelerf@ethz.ch>
Prepare ARMCPRegInfo to support specifying two fieldoffsets per
register definition. This will allow us to keep one register
definition for banked registers (different offsets for secure/
non-secure world).
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/cpu.h | 16 +++++++++++++---
target-arm/helper.c | 35 +++++++++++++++++++++++------------
2 files changed, 36 insertions(+), 15 deletions(-)
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index 76fd7f3..7f715d9 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -1102,12 +1102,22 @@ struct ARMCPRegInfo {
* fieldoffset is non-zero, the reset value of the register.
*/
uint64_t resetvalue;
- /* Offset of the field in CPUARMState for this register. This is not
- * needed if either:
+ /* Offsets of the fields (secure/non-secure) in CPUARMState for this
+ * register. The array will be accessed by the ns bit which means the
+ * secure instance has to be at [0] while the non-secure instance must be
+ * at [1]. If a register is not banked .fieldoffset can be used, which maps
+ * to the non-secure bank.
+ * This is not needed if either:
* 1. type is ARM_CP_CONST or one of the ARM_CP_SPECIALs
* 2. both readfn and writefn are specified
*/
- ptrdiff_t fieldoffset; /* offsetof(CPUARMState, field) */
+ union { /* offsetof(CPUARMState, field) */
+ struct {
+ ptrdiff_t fieldoffset_padding;
+ ptrdiff_t fieldoffset;
+ };
+ ptrdiff_t bank_fieldoffsets[2];
+ };
/* Function for making any access checks for this register in addition to
* those specified by the 'access' permissions bits. If NULL, no extra
* checks required. The access check is performed at runtime, not at
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 5d011fd..f620dce 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -2906,20 +2906,31 @@ static void add_cpreg_to_hashtable(ARMCPU *cpu, const ARMCPRegInfo *r,
uint32_t *key = g_new(uint32_t, 1);
ARMCPRegInfo *r2 = g_memdup(r, sizeof(ARMCPRegInfo));
int is64 = (r->type & ARM_CP_64BIT) ? 1 : 0;
- if (r->state == ARM_CP_STATE_BOTH && state == ARM_CP_STATE_AA32) {
- /* The AArch32 view of a shared register sees the lower 32 bits
- * of a 64 bit backing field. It is not migratable as the AArch64
- * view handles that. AArch64 also handles reset.
- * We assume it is a cp15 register.
- */
- r2->cp = 15;
- r2->type |= ARM_CP_NO_MIGRATE;
- r2->resetfn = arm_cp_reset_ignore;
-#ifdef HOST_WORDS_BIGENDIAN
- if (r2->fieldoffset) {
- r2->fieldoffset += sizeof(uint32_t);
+
+ if (state == ARM_CP_STATE_AA32) {
+ if (r->bank_fieldoffsets[0] && r->bank_fieldoffsets[1]) {
+ /* Register is banked (using both entries in array).
+ * Overwriting fieldoffset as the array was only used to define
+ * banked registers but later only fieldoffset is used.
+ */
+ r2->fieldoffset = r->bank_fieldoffsets[nsbit];
}
+
+ if (r->state == ARM_CP_STATE_BOTH) {
+ /* The AArch32 view of a shared register sees the lower 32 bits
+ * of a 64 bit backing field. It is not migratable as the AArch64
+ * view handles that. AArch64 also handles reset.
+ * We assume it is a cp15 register.
+ */
+ r2->cp = 15;
+ r2->type |= ARM_CP_NO_MIGRATE;
+ r2->resetfn = arm_cp_reset_ignore;
+#ifdef HOST_WORDS_BIGENDIAN
+ if (r2->fieldoffset) {
+ r2->fieldoffset += sizeof(uint32_t);
+ }
#endif
+ }
}
if (state == ARM_CP_STATE_AA64) {
/* To allow abbreviation of ARMCPRegInfo
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 21/33] target-arm: add SCTLR_EL3 and make SCTLR banked
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (19 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 20/33] target-arm: arrayfying fieldoffset for banking greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 22/33] target-arm: make CSSELR banked greg.bellows
` (13 subsequent siblings)
34 siblings, 0 replies; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Fabian Aggeler, Greg Bellows,
serge.fdrv, edgar.iglesias, christoffer.dall
From: Fabian Aggeler <aggelerf@ethz.ch>
Implements SCTLR_EL3 and uses secure/non-secure instance when
needed.
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
hw/arm/pxa2xx.c | 2 +-
target-arm/cpu.c | 5 ++--
target-arm/cpu.h | 13 ++++++++-
target-arm/helper.c | 78 +++++++++++++++++++++++++++++---------------------
target-arm/op_helper.c | 2 +-
5 files changed, 62 insertions(+), 38 deletions(-)
diff --git a/hw/arm/pxa2xx.c b/hw/arm/pxa2xx.c
index 2d28a11..a74f36f 100644
--- a/hw/arm/pxa2xx.c
+++ b/hw/arm/pxa2xx.c
@@ -272,7 +272,7 @@ static void pxa2xx_pwrmode_write(CPUARMState *env, const ARMCPRegInfo *ri,
case 3:
s->cpu->env.uncached_cpsr = ARM_CPU_MODE_SVC;
s->cpu->env.daif = PSTATE_A | PSTATE_F | PSTATE_I;
- s->cpu->env.cp15.c1_sys = 0;
+ s->cpu->env.cp15.sctlr_ns = 0;
s->cpu->env.cp15.c1_coproc = 0;
s->cpu->env.cp15.ttbr0_el1 = 0;
s->cpu->env.cp15.c3 = 0;
diff --git a/target-arm/cpu.c b/target-arm/cpu.c
index 46ee1fe..d03d52e 100644
--- a/target-arm/cpu.c
+++ b/target-arm/cpu.c
@@ -101,7 +101,7 @@ static void arm_cpu_reset(CPUState *s)
#if defined(CONFIG_USER_ONLY)
env->pstate = PSTATE_MODE_EL0t;
/* Userspace expects access to CTL_EL0 and the cache ops */
- env->cp15.c1_sys |= SCTLR_UCT | SCTLR_UCI;
+ env->cp15.sctlr_el1 |= SCTLR_UCT | SCTLR_UCI;
/* and to the FP/Neon instructions */
env->cp15.c1_coproc = deposit64(env->cp15.c1_coproc, 20, 2, 3);
#else
@@ -147,7 +147,8 @@ static void arm_cpu_reset(CPUState *s)
}
}
- if (env->cp15.c1_sys & SCTLR_V) {
+ if (!arm_feature(env, ARM_FEATURE_V8)
+ && (A32_BANKED_CURRENT_REG_GET(env, sctlr) & SCTLR_V)) {
env->regs[15] = 0xFFFF0000;
}
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index 7f715d9..1fcccc8 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -178,7 +178,18 @@ typedef struct CPUARMState {
struct {
uint32_t c0_cpuid;
uint64_t c0_cssel; /* Cache size selection. */
- uint64_t c1_sys; /* System control register. */
+ union { /* System control register. */
+ struct {
+ uint64_t sctlr_ns;
+ uint64_t hsctlr;
+ uint64_t sctlr_s;
+ };
+ struct {
+ uint64_t sctlr_el1;
+ uint64_t sctlr_el2;
+ uint64_t sctlr_el3;
+ };
+ };
uint64_t c1_coproc; /* Coprocessor access register. */
uint32_t c1_xscaleauxcr; /* XScale auxiliary control register. */
uint32_t c1_scr; /* secure config register. */
diff --git a/target-arm/helper.c b/target-arm/helper.c
index f620dce..3b663f1 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -1787,7 +1787,7 @@ static void aa64_fpsr_write(CPUARMState *env, const ARMCPRegInfo *ri,
static CPAccessResult aa64_daif_access(CPUARMState *env, const ARMCPRegInfo *ri)
{
- if (arm_current_pl(env) == 0 && !(env->cp15.c1_sys & SCTLR_UMA)) {
+ if (arm_current_pl(env) == 0 && !(env->cp15.sctlr_el1 & SCTLR_UMA)) {
return CP_ACCESS_TRAP;
}
return CP_ACCESS_OK;
@@ -1805,7 +1805,7 @@ static CPAccessResult aa64_cacheop_access(CPUARMState *env,
/* Cache invalidate/clean: NOP, but EL0 must UNDEF unless
* SCTLR_EL1.UCI is set.
*/
- if (arm_current_pl(env) == 0 && !(env->cp15.c1_sys & SCTLR_UCI)) {
+ if (arm_current_pl(env) == 0 && !(env->cp15.sctlr_el1 & SCTLR_UCI)) {
return CP_ACCESS_TRAP;
}
return CP_ACCESS_OK;
@@ -1843,7 +1843,7 @@ static CPAccessResult aa64_zva_access(CPUARMState *env, const ARMCPRegInfo *ri)
/* We don't implement EL2, so the only control on DC ZVA is the
* bit in the SCTLR which can prohibit access for EL0.
*/
- if (arm_current_pl(env) == 0 && !(env->cp15.c1_sys & SCTLR_DZE)) {
+ if (arm_current_pl(env) == 0 && !(env->cp15.sctlr_el1 & SCTLR_DZE)) {
return CP_ACCESS_TRAP;
}
return CP_ACCESS_OK;
@@ -1882,6 +1882,24 @@ static void spsel_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t val)
update_spsel(env, val);
}
+static void sctlr_write(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value)
+{
+ ARMCPU *cpu = arm_env_get_cpu(env);
+
+ if (raw_read(env, ri) == value) {
+ /* Skip the TLB flush if nothing actually changed; Linux likes
+ * to do a lot of pointless SCTLR writes.
+ */
+ return;
+ }
+
+ raw_write(env, ri, value);
+ /* ??? Lots of these bits are not implemented. */
+ /* This may enable/disable the MMU, so do a TLB flush. */
+ tlb_flush(CPU(cpu), 1);
+}
+
static const ARMCPRegInfo v8_cp_reginfo[] = {
/* Minimal set of EL0-visible registers. This will need to be expanded
* significantly for system emulation of AArch64 CPUs.
@@ -2258,6 +2276,10 @@ static uint64_t nsacr_read(CPUARMState *env, const ARMCPRegInfo *ri)
}
static const ARMCPRegInfo v8_el3_cp_reginfo[] = {
+ { .name = "SCTLR_EL3", .state = ARM_CP_STATE_AA64,
+ .opc0 = 3, .crn = 1, .crm = 0, .opc1 = 6, .opc2 = 0,
+ .access = PL3_RW, .raw_writefn = raw_write, .writefn = sctlr_write,
+ .fieldoffset = offsetof(CPUARMState, cp15.sctlr_el3) },
{ .name = "ELR_EL3", .state = ARM_CP_STATE_AA64,
.type = ARM_CP_NO_MIGRATE,
.opc0 = 3, .opc1 = 6, .crn = 4, .crm = 0, .opc2 = 1,
@@ -2303,30 +2325,12 @@ static const ARMCPRegInfo v7_el3_cp_reginfo[] = {
REGINFO_SENTINEL
};
-static void sctlr_write(CPUARMState *env, const ARMCPRegInfo *ri,
- uint64_t value)
-{
- ARMCPU *cpu = arm_env_get_cpu(env);
-
- if (raw_read(env, ri) == value) {
- /* Skip the TLB flush if nothing actually changed; Linux likes
- * to do a lot of pointless SCTLR writes.
- */
- return;
- }
-
- raw_write(env, ri, value);
- /* ??? Lots of these bits are not implemented. */
- /* This may enable/disable the MMU, so do a TLB flush. */
- tlb_flush(CPU(cpu), 1);
-}
-
static CPAccessResult ctr_el0_access(CPUARMState *env, const ARMCPRegInfo *ri)
{
/* Only accessible in EL0 if SCTLR.UCT is set (and only in AArch64,
* but the AArch32 CTR has its own reginfo struct)
*/
- if (arm_current_pl(env) == 0 && !(env->cp15.c1_sys & SCTLR_UCT)) {
+ if (arm_current_pl(env) == 0 && !(env->cp15.sctlr_el1 & SCTLR_UCT)) {
return CP_ACCESS_TRAP;
}
return CP_ACCESS_OK;
@@ -2768,10 +2772,12 @@ void register_cp_regs_for_features(ARMCPU *cpu)
/* Generic registers whose values depend on the implementation */
{
- ARMCPRegInfo sctlr = {
- .name = "SCTLR", .state = ARM_CP_STATE_BOTH,
+ ARMCPRegInfo sctlr_el1 = {
+ .name = "SCTLR_EL1", .state = ARM_CP_STATE_BOTH,
.opc0 = 3, .crn = 1, .crm = 0, .opc1 = 0, .opc2 = 0,
- .access = PL1_RW, .fieldoffset = offsetof(CPUARMState, cp15.c1_sys),
+ .access = PL1_RW,
+ .bank_fieldoffsets = { offsetof(CPUARMState, cp15.sctlr_s),
+ offsetof(CPUARMState, cp15.sctlr_el1) },
.writefn = sctlr_write, .resetvalue = cpu->reset_sctlr,
.raw_writefn = raw_write,
};
@@ -2780,9 +2786,9 @@ void register_cp_regs_for_features(ARMCPU *cpu)
* arch/arm/mach-pxa/sleep.S expects two instructions following
* an MMU enable to execute from cache. Imitate this behaviour.
*/
- sctlr.type |= ARM_CP_SUPPRESS_TB_END;
+ sctlr_el1.type |= ARM_CP_SUPPRESS_TB_END;
}
- define_one_arm_cp_reg(cpu, &sctlr);
+ define_one_arm_cp_reg(cpu, &sctlr_el1);
}
}
@@ -3901,7 +3907,7 @@ void arm_cpu_do_interrupt(CPUState *cs)
if (new_mode == ARM_CPU_MODE_MON) {
addr += env->cp15.mvbar;
- } else if (env->cp15.c1_sys & SCTLR_V) {
+ } else if (A32_BANKED_CURRENT_REG_GET(env, sctlr) & SCTLR_V) {
/* High vectors. When enabled, base address cannot be remapped. */
addr += 0xffff0000;
} else {
@@ -3927,7 +3933,7 @@ void arm_cpu_do_interrupt(CPUState *cs)
/* this is a lie, as the was no c1_sys on V4T/V5, but who cares
* and we should just guard the thumb mode on V4 */
if (arm_feature(env, ARM_FEATURE_V4T)) {
- env->thumb = (env->cp15.c1_sys & SCTLR_TE) != 0;
+ env->thumb = (A32_BANKED_CURRENT_REG_GET(env, sctlr) & SCTLR_TE) != 0;
}
env->regs[14] = env->regs[15] + offset;
env->regs[15] = addr;
@@ -3958,7 +3964,7 @@ static inline int check_ap(CPUARMState *env, int ap, int domain_prot,
}
if (access_type == 1)
return 0;
- switch (env->cp15.c1_sys & (SCTLR_S | SCTLR_R)) {
+ switch (A32_BANKED_CURRENT_REG_GET(env, sctlr) & (SCTLR_S | SCTLR_R)) {
case SCTLR_S:
return is_user ? 0 : PAGE_READ;
case SCTLR_R:
@@ -4207,7 +4213,8 @@ static int get_phys_addr_v6(CPUARMState *env, uint32_t address, int access_type,
goto do_fault;
/* The simplified model uses AP[0] as an access control bit. */
- if ((env->cp15.c1_sys & SCTLR_AFE) && (ap & 1) == 0) {
+ if ((A32_BANKED_CURRENT_REG_GET(env, sctlr) & SCTLR_AFE)
+ && (ap & 1) == 0) {
/* Access flag fault. */
code = (code == 15) ? 6 : 3;
goto do_fault;
@@ -4538,11 +4545,16 @@ static inline int get_phys_addr(CPUARMState *env, target_ulong address,
hwaddr *phys_ptr, int *prot,
target_ulong *page_size)
{
+ /* This is not entirely correct as get_phys_addr() can also be called
+ * from ats_write() for an address translation of a specific regime.
+ */
+ uint32_t sctlr = A32_BANKED_CURRENT_REG_GET(env, sctlr);
+
/* Fast Context Switch Extension. */
if (address < 0x02000000)
address += env->cp15.c13_fcse;
- if ((env->cp15.c1_sys & SCTLR_M) == 0) {
+ if ((sctlr & SCTLR_M) == 0) {
/* MMU/MPU disabled. */
*phys_ptr = address;
*prot = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
@@ -4555,7 +4567,7 @@ static inline int get_phys_addr(CPUARMState *env, target_ulong address,
} else if (extended_addresses_enabled(env)) {
return get_phys_addr_lpae(env, address, access_type, is_user, phys_ptr,
prot, page_size);
- } else if (env->cp15.c1_sys & SCTLR_XP) {
+ } else if (sctlr & SCTLR_XP) {
return get_phys_addr_v6(env, address, access_type, is_user, phys_ptr,
prot, page_size);
} else {
diff --git a/target-arm/op_helper.c b/target-arm/op_helper.c
index 524dee9..510f68a 100644
--- a/target-arm/op_helper.c
+++ b/target-arm/op_helper.c
@@ -350,7 +350,7 @@ void HELPER(msr_i_pstate)(CPUARMState *env, uint32_t op, uint32_t imm)
* Note that SPSel is never OK from EL0; we rely on handle_msr_i()
* to catch that case at translate time.
*/
- if (arm_current_pl(env) == 0 && !(env->cp15.c1_sys & SCTLR_UMA)) {
+ if (arm_current_pl(env) == 0 && !(env->cp15.sctlr_el1 & SCTLR_UMA)) {
raise_exception(env, EXCP_UDEF);
}
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 22/33] target-arm: make CSSELR banked
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (20 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 21/33] target-arm: add SCTLR_EL3 and make SCTLR banked greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 23/33] target-arm: add TTBR0_EL3 and make TTBR0/1 banked greg.bellows
` (12 subsequent siblings)
34 siblings, 0 replies; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Fabian Aggeler, Greg Bellows,
serge.fdrv, edgar.iglesias, christoffer.dall
From: Fabian Aggeler <aggelerf@ethz.ch>
Rename CSSELR (cache size selection register) and add secure
instance (Aarch32).
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/cpu.h | 10 +++++++++-
target-arm/helper.c | 9 +++++----
2 files changed, 14 insertions(+), 5 deletions(-)
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index 1fcccc8..bc8291a 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -177,7 +177,15 @@ typedef struct CPUARMState {
/* System control coprocessor (cp15) */
struct {
uint32_t c0_cpuid;
- uint64_t c0_cssel; /* Cache size selection. */
+ union { /* Cache size selection */
+ struct {
+ uint64_t csselr_ns;
+ uint64_t csselr_s;
+ };
+ struct {
+ uint64_t csselr_el1;
+ };
+ };
union { /* System control register. */
struct {
uint64_t sctlr_ns;
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 3b663f1..4a3b463 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -700,7 +700,7 @@ static void vbar_write(CPUARMState *env, const ARMCPRegInfo *ri,
static uint64_t ccsidr_read(CPUARMState *env, const ARMCPRegInfo *ri)
{
ARMCPU *cpu = arm_env_get_cpu(env);
- return cpu->ccsidr[env->cp15.c0_cssel];
+ return cpu->ccsidr[A32_BANKED_REG_GET(env, csselr)];
}
static void csselr_write(CPUARMState *env, const ARMCPRegInfo *ri,
@@ -808,10 +808,11 @@ static const ARMCPRegInfo v7_cp_reginfo[] = {
{ .name = "CCSIDR", .state = ARM_CP_STATE_BOTH,
.opc0 = 3, .crn = 0, .crm = 0, .opc1 = 1, .opc2 = 0,
.access = PL1_R, .readfn = ccsidr_read, .type = ARM_CP_NO_MIGRATE },
- { .name = "CSSELR", .state = ARM_CP_STATE_BOTH,
+ { .name = "CSSELR_EL1", .state = ARM_CP_STATE_BOTH,
.opc0 = 3, .crn = 0, .crm = 0, .opc1 = 2, .opc2 = 0,
- .access = PL1_RW, .fieldoffset = offsetof(CPUARMState, cp15.c0_cssel),
- .writefn = csselr_write, .resetvalue = 0 },
+ .access = PL1_RW, .writefn = csselr_write, .resetvalue = 0,
+ .bank_fieldoffsets = { offsetof(CPUARMState, cp15.csselr_s),
+ offsetof(CPUARMState, cp15.csselr_el1) } },
/* Auxiliary ID register: this actually has an IMPDEF value but for now
* just RAZ for all cores:
*/
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 23/33] target-arm: add TTBR0_EL3 and make TTBR0/1 banked
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (21 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 22/33] target-arm: make CSSELR banked greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 24/33] target-arm: add TCR_EL3 and make TTBCR banked greg.bellows
` (11 subsequent siblings)
34 siblings, 0 replies; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Fabian Aggeler, Greg Bellows,
serge.fdrv, edgar.iglesias, christoffer.dall
From: Fabian Aggeler <aggelerf@ethz.ch>
Add TTBR0 and maps secure/non-secure instance of ttbr0 and ttbr1
accordingly (translation table base register).
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/cpu.h | 21 +++++++++++++++++++--
target-arm/helper.c | 46 ++++++++++++++++++++++++++++++++++++----------
2 files changed, 55 insertions(+), 12 deletions(-)
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index bc8291a..a80b966 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -203,8 +203,25 @@ typedef struct CPUARMState {
uint32_t c1_scr; /* secure config register. */
uint32_t c1_sder; /* Secure debug enable register. */
uint32_t c1_nsacr; /* Non-secure access control register. */
- uint64_t ttbr0_el1; /* MMU translation table base 0. */
- uint64_t ttbr1_el1; /* MMU translation table base 1. */
+ union { /* MMU translation table base 0. */
+ struct {
+ uint64_t ttbr0_ns;
+ uint64_t ttbr0_s;
+ };
+ struct {
+ uint64_t ttbr0_el1;
+ uint64_t ttbr0_el3;
+ };
+ };
+ union { /* MMU translation table base 1. */
+ struct {
+ uint64_t ttbr1_ns;
+ uint64_t ttbr1_s;
+ };
+ struct {
+ uint64_t ttbr1_el1;
+ };
+ };
uint64_t c2_control; /* MMU translation table base control. */
uint32_t c2_mask; /* MMU translation table base selection mask. */
uint32_t c2_base_mask; /* MMU translation table base 0 mask. */
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 4a3b463..1eb819d 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -1509,12 +1509,14 @@ static const ARMCPRegInfo vmsa_cp_reginfo[] = {
.fieldoffset = offsetof(CPUARMState, cp15.esr_el[1]), .resetvalue = 0, },
{ .name = "TTBR0_EL1", .state = ARM_CP_STATE_BOTH,
.opc0 = 3, .crn = 2, .crm = 0, .opc1 = 0, .opc2 = 0,
- .access = PL1_RW, .fieldoffset = offsetof(CPUARMState, cp15.ttbr0_el1),
- .writefn = vmsa_ttbr_write, .resetvalue = 0 },
+ .access = PL1_RW, .writefn = vmsa_ttbr_write, .resetvalue = 0,
+ .bank_fieldoffsets = { offsetof(CPUARMState, cp15.ttbr0_s),
+ offsetof(CPUARMState, cp15.ttbr0_el1) } },
{ .name = "TTBR1_EL1", .state = ARM_CP_STATE_BOTH,
.opc0 = 3, .crn = 2, .crm = 0, .opc1 = 0, .opc2 = 1,
- .access = PL1_RW, .fieldoffset = offsetof(CPUARMState, cp15.ttbr1_el1),
- .writefn = vmsa_ttbr_write, .resetvalue = 0 },
+ .access = PL1_RW, .writefn = vmsa_ttbr_write, .resetvalue = 0,
+ .bank_fieldoffsets = { offsetof(CPUARMState, cp15.ttbr1_s),
+ offsetof(CPUARMState, cp15.ttbr1_el1) } },
{ .name = "TCR_EL1", .state = ARM_CP_STATE_AA64,
.opc0 = 3, .crn = 2, .crm = 0, .opc1 = 0, .opc2 = 2,
.access = PL1_RW, .writefn = vmsa_tcr_el1_write,
@@ -1755,11 +1757,13 @@ static const ARMCPRegInfo lpae_cp_reginfo[] = {
.fieldoffset = offsetof(CPUARMState, cp15.par_el1), .resetvalue = 0 },
{ .name = "TTBR0", .cp = 15, .crm = 2, .opc1 = 0,
.access = PL1_RW, .type = ARM_CP_64BIT | ARM_CP_NO_MIGRATE,
- .fieldoffset = offsetof(CPUARMState, cp15.ttbr0_el1),
+ .bank_fieldoffsets = { offsetof(CPUARMState, cp15.ttbr0_s),
+ offsetof(CPUARMState, cp15.ttbr0_ns) },
.writefn = vmsa_ttbr_write, .resetfn = arm_cp_reset_ignore },
{ .name = "TTBR1", .cp = 15, .crm = 2, .opc1 = 1,
.access = PL1_RW, .type = ARM_CP_64BIT | ARM_CP_NO_MIGRATE,
- .fieldoffset = offsetof(CPUARMState, cp15.ttbr1_el1),
+ .bank_fieldoffsets = { offsetof(CPUARMState, cp15.ttbr1_s),
+ offsetof(CPUARMState, cp15.ttbr1_ns) },
.writefn = vmsa_ttbr_write, .resetfn = arm_cp_reset_ignore },
REGINFO_SENTINEL
};
@@ -2281,6 +2285,10 @@ static const ARMCPRegInfo v8_el3_cp_reginfo[] = {
.opc0 = 3, .crn = 1, .crm = 0, .opc1 = 6, .opc2 = 0,
.access = PL3_RW, .raw_writefn = raw_write, .writefn = sctlr_write,
.fieldoffset = offsetof(CPUARMState, cp15.sctlr_el3) },
+ { .name = "TTBR0_EL3", .state = ARM_CP_STATE_AA64,
+ .opc0 = 3, .crn = 2, .crm = 0, .opc1 = 6, .opc2 = 0,
+ .access = PL3_RW, .writefn = vmsa_ttbr_write, .resetvalue = 0,
+ .fieldoffset = offsetof(CPUARMState, cp15.ttbr0_el3) },
{ .name = "ELR_EL3", .state = ARM_CP_STATE_AA64,
.type = ARM_CP_NO_MIGRATE,
.opc0 = 3, .opc1 = 6, .crn = 4, .crm = 0, .opc2 = 1,
@@ -4000,18 +4008,23 @@ static inline int check_ap(CPUARMState *env, int ap, int domain_prot,
static bool get_level1_table_address(CPUARMState *env, uint32_t *table,
uint32_t address)
{
+ /* We only get here if EL1 is running in Aarch32. If EL3 is running in
+ * Aarch32 there is a secure and non-secure instance of the translation
+ * table registers.
+ */
if (address & env->cp15.c2_mask) {
if ((env->cp15.c2_control & TTBCR_PD1)) {
/* Translation table walk disabled for TTBR1 */
return false;
}
- *table = env->cp15.ttbr1_el1 & 0xffffc000;
+ *table = A32_BANKED_CURRENT_REG_GET(env, ttbr1) & 0xffffc000;
} else {
if ((env->cp15.c2_control & TTBCR_PD0)) {
/* Translation table walk disabled for TTBR0 */
return false;
}
- *table = env->cp15.ttbr0_el1 & env->cp15.c2_base_mask;
+ *table = A32_BANKED_CURRENT_REG_GET(env, ttbr0) &
+ env->cp15.c2_base_mask;
}
*table |= (address >> 18) & 0x3ffc;
return true;
@@ -4265,6 +4278,7 @@ static int get_phys_addr_lpae(CPUARMState *env, target_ulong address,
int32_t granule_sz = 9;
int32_t va_size = 32;
int32_t tbi = 0;
+ uint32_t cur_el = arm_current_pl(env);
if (arm_el_is_aa64(env, 1)) {
va_size = 64;
@@ -4316,7 +4330,19 @@ static int get_phys_addr_lpae(CPUARMState *env, target_ulong address,
* we will always flush the TLB any time the ASID is changed).
*/
if (ttbr_select == 0) {
- ttbr = env->cp15.ttbr0_el1;
+ if (arm_el_is_aa64(env, 3)) {
+ switch (cur_el) {
+ case 3:
+ ttbr = env->cp15.ttbr0_el3;
+ break;
+ case 1:
+ case 0:
+ default:
+ ttbr = env->cp15.ttbr0_el1;
+ }
+ } else {
+ ttbr = A32_BANKED_CURRENT_REG_GET(env, ttbr0);
+ }
epd = extract32(env->cp15.c2_control, 7, 1);
tsz = t0sz;
@@ -4328,7 +4354,7 @@ static int get_phys_addr_lpae(CPUARMState *env, target_ulong address,
granule_sz = 11;
}
} else {
- ttbr = env->cp15.ttbr1_el1;
+ ttbr = A32_BANKED_CURRENT_REG_GET(env, ttbr1);
epd = extract32(env->cp15.c2_control, 23, 1);
tsz = t1sz;
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 24/33] target-arm: add TCR_EL3 and make TTBCR banked
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (22 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 23/33] target-arm: add TTBR0_EL3 and make TTBR0/1 banked greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 25/33] target-arm: make c2_mask and c2_base_mask banked greg.bellows
` (10 subsequent siblings)
34 siblings, 0 replies; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Fabian Aggeler, Greg Bellows,
serge.fdrv, edgar.iglesias, christoffer.dall
From: Fabian Aggeler <aggelerf@ethz.ch>
Adds TCR_EL3 system register and makes existing TTBCR banked. Adjust
translation functions to use TCR/TTBCR instance depending on CPU state.
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/cpu.h | 11 ++++++++++-
target-arm/helper.c | 50 ++++++++++++++++++++++++++++++++++++--------------
2 files changed, 46 insertions(+), 15 deletions(-)
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index a80b966..35291a6 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -222,7 +222,16 @@ typedef struct CPUARMState {
uint64_t ttbr1_el1;
};
};
- uint64_t c2_control; /* MMU translation table base control. */
+ union { /* MMU translation table base control. */
+ struct {
+ uint64_t ttbcr_ns;
+ uint64_t ttbcr_s;
+ };
+ struct {
+ uint64_t tcr_el1;
+ uint64_t tcr_el3;
+ };
+ };
uint32_t c2_mask; /* MMU translation table base selection mask. */
uint32_t c2_base_mask; /* MMU translation table base 0 mask. */
uint32_t c2_data; /* MPU data cachable bits. */
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 1eb819d..8326d1f 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -312,7 +312,7 @@ static inline bool extended_addresses_enabled(CPUARMState *env)
{
return arm_el_is_aa64(env, 1)
|| ((arm_feature(env, ARM_FEATURE_LPAE)
- && (env->cp15.c2_control & TTBCR_EAE)));
+ && (A32_BANKED_CURRENT_REG_GET(env, ttbcr) & TTBCR_EAE)));
}
static void dacr_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value)
@@ -1521,11 +1521,12 @@ static const ARMCPRegInfo vmsa_cp_reginfo[] = {
.opc0 = 3, .crn = 2, .crm = 0, .opc1 = 0, .opc2 = 2,
.access = PL1_RW, .writefn = vmsa_tcr_el1_write,
.resetfn = vmsa_ttbcr_reset, .raw_writefn = raw_write,
- .fieldoffset = offsetof(CPUARMState, cp15.c2_control) },
+ .fieldoffset = offsetof(CPUARMState, cp15.tcr_el1) },
{ .name = "TTBCR", .cp = 15, .crn = 2, .crm = 0, .opc1 = 0, .opc2 = 2,
.access = PL1_RW, .type = ARM_CP_NO_MIGRATE, .writefn = vmsa_ttbcr_write,
.resetfn = arm_cp_reset_ignore, .raw_writefn = vmsa_ttbcr_raw_write,
- .fieldoffset = offsetoflow32(CPUARMState, cp15.c2_control) },
+ .bank_fieldoffsets = { offsetoflow32(CPUARMState, cp15.ttbcr_s),
+ offsetoflow32(CPUARMState, cp15.ttbcr_ns) } },
/* 64-bit FAR; this entry also gives us the AArch32 DFAR */
{ .name = "FAR_EL1", .state = ARM_CP_STATE_BOTH,
.opc0 = 3, .crn = 6, .crm = 0, .opc1 = 0, .opc2 = 0,
@@ -2289,6 +2290,11 @@ static const ARMCPRegInfo v8_el3_cp_reginfo[] = {
.opc0 = 3, .crn = 2, .crm = 0, .opc1 = 6, .opc2 = 0,
.access = PL3_RW, .writefn = vmsa_ttbr_write, .resetvalue = 0,
.fieldoffset = offsetof(CPUARMState, cp15.ttbr0_el3) },
+ { .name = "TCR_EL3", .state = ARM_CP_STATE_AA64,
+ .opc0 = 3, .crn = 2, .crm = 0, .opc1 = 6, .opc2 = 2,
+ .access = PL3_RW, .writefn = vmsa_tcr_el1_write,
+ .resetfn = vmsa_ttbcr_reset, .raw_writefn = raw_write,
+ .fieldoffset = offsetof(CPUARMState, cp15.tcr_el3) },
{ .name = "ELR_EL3", .state = ARM_CP_STATE_AA64,
.type = ARM_CP_NO_MIGRATE,
.opc0 = 3, .opc1 = 6, .crn = 4, .crm = 0, .opc2 = 1,
@@ -4013,13 +4019,13 @@ static bool get_level1_table_address(CPUARMState *env, uint32_t *table,
* table registers.
*/
if (address & env->cp15.c2_mask) {
- if ((env->cp15.c2_control & TTBCR_PD1)) {
+ if (A32_BANKED_CURRENT_REG_GET(env, ttbcr) & TTBCR_PD1) {
/* Translation table walk disabled for TTBR1 */
return false;
}
*table = A32_BANKED_CURRENT_REG_GET(env, ttbr1) & 0xffffc000;
} else {
- if ((env->cp15.c2_control & TTBCR_PD0)) {
+ if (A32_BANKED_CURRENT_REG_GET(env, ttbcr) & TTBCR_PD0) {
/* Translation table walk disabled for TTBR0 */
return false;
}
@@ -4279,13 +4285,29 @@ static int get_phys_addr_lpae(CPUARMState *env, target_ulong address,
int32_t va_size = 32;
int32_t tbi = 0;
uint32_t cur_el = arm_current_pl(env);
+ uint64_t tcr;
- if (arm_el_is_aa64(env, 1)) {
+ if (arm_el_is_aa64(env, 3)) {
+ switch (cur_el) {
+ case 3:
+ tcr = env->cp15.tcr_el3;
+ break;
+ case 1:
+ case 0:
+ default:
+ tcr = env->cp15.tcr_el1;
+ }
+
+ } else {
+ tcr = A32_BANKED_CURRENT_REG_GET(env, ttbcr);
+ }
+
+ if (arm_el_is_aa64(env, 1) && (cur_el == 0 || cur_el == 1)) {
va_size = 64;
if (extract64(address, 55, 1))
- tbi = extract64(env->cp15.c2_control, 38, 1);
+ tbi = extract64(tcr, 38, 1);
else
- tbi = extract64(env->cp15.c2_control, 37, 1);
+ tbi = extract64(tcr, 37, 1);
tbi *= 8;
}
@@ -4294,12 +4316,12 @@ static int get_phys_addr_lpae(CPUARMState *env, target_ulong address,
* This is a Non-secure PL0/1 stage 1 translation, so controlled by
* TTBCR/TTBR0/TTBR1 in accordance with ARM ARM DDI0406C table B-32:
*/
- uint32_t t0sz = extract32(env->cp15.c2_control, 0, 6);
+ uint32_t t0sz = extract32(tcr, 0, 6);
if (arm_el_is_aa64(env, 1)) {
t0sz = MIN(t0sz, 39);
t0sz = MAX(t0sz, 16);
}
- uint32_t t1sz = extract32(env->cp15.c2_control, 16, 6);
+ uint32_t t1sz = extract32(tcr, 16, 6);
if (arm_el_is_aa64(env, 1)) {
t1sz = MIN(t1sz, 39);
t1sz = MAX(t1sz, 16);
@@ -4343,10 +4365,10 @@ static int get_phys_addr_lpae(CPUARMState *env, target_ulong address,
} else {
ttbr = A32_BANKED_CURRENT_REG_GET(env, ttbr0);
}
- epd = extract32(env->cp15.c2_control, 7, 1);
+ epd = extract32(tcr, 7, 1);
tsz = t0sz;
- tg = extract32(env->cp15.c2_control, 14, 2);
+ tg = extract32(tcr, 14, 2);
if (tg == 1) { /* 64KB pages */
granule_sz = 13;
}
@@ -4355,10 +4377,10 @@ static int get_phys_addr_lpae(CPUARMState *env, target_ulong address,
}
} else {
ttbr = A32_BANKED_CURRENT_REG_GET(env, ttbr1);
- epd = extract32(env->cp15.c2_control, 23, 1);
+ epd = extract32(tcr, 23, 1);
tsz = t1sz;
- tg = extract32(env->cp15.c2_control, 30, 2);
+ tg = extract32(tcr, 30, 2);
if (tg == 3) { /* 64KB pages */
granule_sz = 13;
}
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 25/33] target-arm: make c2_mask and c2_base_mask banked
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (23 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 24/33] target-arm: add TCR_EL3 and make TTBCR banked greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 26/33] target-arm: make DACR banked greg.bellows
` (9 subsequent siblings)
34 siblings, 0 replies; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Fabian Aggeler, Greg Bellows,
serge.fdrv, edgar.iglesias, christoffer.dall
From: Fabian Aggeler <aggelerf@ethz.ch>
Since TTBCR is banked we will bank c2_mask and c2_base_mask too. This
avoids recalculating them on switches from secure to non-secure world.
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/cpu.h | 10 ++++++++--
target-arm/helper.c | 15 +++++++++------
2 files changed, 17 insertions(+), 8 deletions(-)
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index 35291a6..367665e 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -232,8 +232,14 @@ typedef struct CPUARMState {
uint64_t tcr_el3;
};
};
- uint32_t c2_mask; /* MMU translation table base selection mask. */
- uint32_t c2_base_mask; /* MMU translation table base 0 mask. */
+ struct { /* MMU translation table base selection mask. */
+ uint32_t c2_mask_ns;
+ uint32_t c2_mask_s;
+ };
+ struct { /* MMU translation table base 0 mask. */
+ uint32_t c2_base_mask_ns;
+ uint32_t c2_base_mask_s;
+ };
uint32_t c2_data; /* MPU data cachable bits. */
uint32_t c2_insn; /* MPU instruction cachable bits. */
uint32_t c3; /* MMU domain access control register
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 8326d1f..1006b57 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -1446,8 +1446,11 @@ static void vmsa_ttbcr_raw_write(CPUARMState *env, const ARMCPRegInfo *ri,
* and the c2_mask and c2_base_mask values are meaningless.
*/
raw_write(env, ri, value);
- env->cp15.c2_mask = ~(((uint32_t)0xffffffffu) >> maskshift);
- env->cp15.c2_base_mask = ~((uint32_t)0x3fffu >> maskshift);
+
+ A32_BANKED_CURRENT_REG_SET(env, c2_mask,
+ ~(((uint32_t)0xffffffffu) >> maskshift));
+ A32_BANKED_CURRENT_REG_SET(env, c2_base_mask,
+ ~((uint32_t)0x3fffu >> maskshift));
}
static void vmsa_ttbcr_write(CPUARMState *env, const ARMCPRegInfo *ri,
@@ -1466,9 +1469,9 @@ static void vmsa_ttbcr_write(CPUARMState *env, const ARMCPRegInfo *ri,
static void vmsa_ttbcr_reset(CPUARMState *env, const ARMCPRegInfo *ri)
{
- env->cp15.c2_base_mask = 0xffffc000u;
+ A32_BANKED_CURRENT_REG_SET(env, c2_base_mask, 0xffffc000u);
raw_write(env, ri, 0);
- env->cp15.c2_mask = 0;
+ A32_BANKED_CURRENT_REG_SET(env, c2_mask, 0);
}
static void vmsa_tcr_el1_write(CPUARMState *env, const ARMCPRegInfo *ri,
@@ -4018,7 +4021,7 @@ static bool get_level1_table_address(CPUARMState *env, uint32_t *table,
* Aarch32 there is a secure and non-secure instance of the translation
* table registers.
*/
- if (address & env->cp15.c2_mask) {
+ if (address & A32_BANKED_CURRENT_REG_GET(env, c2_mask)) {
if (A32_BANKED_CURRENT_REG_GET(env, ttbcr) & TTBCR_PD1) {
/* Translation table walk disabled for TTBR1 */
return false;
@@ -4030,7 +4033,7 @@ static bool get_level1_table_address(CPUARMState *env, uint32_t *table,
return false;
}
*table = A32_BANKED_CURRENT_REG_GET(env, ttbr0) &
- env->cp15.c2_base_mask;
+ A32_BANKED_CURRENT_REG_GET(env, c2_base_mask);
}
*table |= (address >> 18) & 0x3ffc;
return true;
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 26/33] target-arm: make DACR banked
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (24 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 25/33] target-arm: make c2_mask and c2_base_mask banked greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 27/33] target-arm: make IFSR banked greg.bellows
` (8 subsequent siblings)
34 siblings, 0 replies; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Fabian Aggeler, Greg Bellows,
serge.fdrv, edgar.iglesias, christoffer.dall
From: Fabian Aggeler <aggelerf@ethz.ch>
When EL3 is running in Aarch32 (or ARMv7 with Security Extensions)
DACR has a secure and a non-secure instance.
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
hw/arm/pxa2xx.c | 2 +-
target-arm/cpu.h | 13 +++++++++++--
target-arm/helper.c | 19 +++++++++++--------
3 files changed, 23 insertions(+), 11 deletions(-)
diff --git a/hw/arm/pxa2xx.c b/hw/arm/pxa2xx.c
index a74f36f..5188187 100644
--- a/hw/arm/pxa2xx.c
+++ b/hw/arm/pxa2xx.c
@@ -275,7 +275,7 @@ static void pxa2xx_pwrmode_write(CPUARMState *env, const ARMCPRegInfo *ri,
s->cpu->env.cp15.sctlr_ns = 0;
s->cpu->env.cp15.c1_coproc = 0;
s->cpu->env.cp15.ttbr0_el1 = 0;
- s->cpu->env.cp15.c3 = 0;
+ s->cpu->env.cp15.dacr_ns = 0;
s->pm_regs[PSSR >> 2] |= 0x8; /* Set STS */
s->pm_regs[RCSR >> 2] |= 0x8; /* Set GPR */
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index 367665e..05eebdf 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -242,8 +242,17 @@ typedef struct CPUARMState {
};
uint32_t c2_data; /* MPU data cachable bits. */
uint32_t c2_insn; /* MPU instruction cachable bits. */
- uint32_t c3; /* MMU domain access control register
- MPU write buffer control. */
+ union { /* MMU domain access control register
+ * MPU write buffer control.
+ */
+ struct {
+ uint32_t dacr_ns;
+ uint32_t dacr_s;
+ };
+ struct {
+ uint32_t dacr32_el2;
+ };
+ };
uint32_t pmsav5_data_ap; /* PMSAv5 MPU data access permissions */
uint32_t pmsav5_insn_ap; /* PMSAv5 MPU insn access permissions */
uint64_t hcr_el2; /* Hypervisor configuration register */
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 1006b57..79bf844 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -413,8 +413,10 @@ static const ARMCPRegInfo not_v8_cp_reginfo[] = {
/* MMU Domain access control / MPU write buffer control */
{ .name = "DACR", .cp = 15,
.crn = 3, .crm = CP_ANY, .opc1 = CP_ANY, .opc2 = CP_ANY,
- .access = PL1_RW, .fieldoffset = offsetof(CPUARMState, cp15.c3),
- .resetvalue = 0, .writefn = dacr_write, .raw_writefn = raw_write, },
+ .access = PL1_RW, .resetvalue = 0,
+ .writefn = dacr_write, .raw_writefn = raw_write,
+ .bank_fieldoffsets = { offsetof(CPUARMState, cp15.dacr_s),
+ offsetof(CPUARMState, cp15.dacr_ns) } },
/* ??? This covers not just the impdef TLB lockdown registers but also
* some v7VMSA registers relating to TEX remap, so it is overly broad.
*/
@@ -2110,10 +2112,11 @@ static const ARMCPRegInfo v8_cp_reginfo[] = {
{ .name = "DCCISW", .cp = 15, .opc1 = 0, .crn = 7, .crm = 14, .opc2 = 2,
.type = ARM_CP_NOP, .access = PL1_W },
/* MMU Domain access control / MPU write buffer control */
- { .name = "DACR", .cp = 15,
- .opc1 = 0, .crn = 3, .crm = 0, .opc2 = 0,
- .access = PL1_RW, .fieldoffset = offsetof(CPUARMState, cp15.c3),
- .resetvalue = 0, .writefn = dacr_write, .raw_writefn = raw_write, },
+ { .name = "DACR", .cp = 15, .opc1 = 0, .crn = 3, .crm = 0, .opc2 = 0,
+ .access = PL1_RW, .resetvalue = 0,
+ .writefn = dacr_write, .raw_writefn = raw_write,
+ .bank_fieldoffsets = { offsetof(CPUARMState, cp15.dacr_s),
+ offsetof(CPUARMState, cp15.dacr_ns) } },
/* Dummy implementation of monitor debug system control register:
* we don't support debug.
*/
@@ -4063,7 +4066,7 @@ static int get_phys_addr_v5(CPUARMState *env, uint32_t address, int access_type,
desc = ldl_phys(cs->as, table);
type = (desc & 3);
domain = (desc >> 5) & 0x0f;
- domain_prot = (env->cp15.c3 >> (domain * 2)) & 3;
+ domain_prot = (A32_BANKED_CURRENT_REG_GET(env, dacr) >> (domain * 2)) & 3;
if (type == 0) {
/* Section translation fault. */
code = 5;
@@ -4175,7 +4178,7 @@ static int get_phys_addr_v6(CPUARMState *env, uint32_t address, int access_type,
/* Page or Section. */
domain = (desc >> 5) & 0x0f;
}
- domain_prot = (env->cp15.c3 >> (domain * 2)) & 3;
+ domain_prot = (A32_BANKED_CURRENT_REG_GET(env, dacr) >> (domain * 2)) & 3;
if (domain_prot == 0 || domain_prot == 2) {
if (type != 1) {
code = 9; /* Section domain fault. */
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 27/33] target-arm: make IFSR banked
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (25 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 26/33] target-arm: make DACR banked greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 28/33] target-arm: make DFSR banked greg.bellows
` (7 subsequent siblings)
34 siblings, 0 replies; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Fabian Aggeler, Greg Bellows,
serge.fdrv, edgar.iglesias, christoffer.dall
From: Fabian Aggeler <aggelerf@ethz.ch>
When EL3 is running in Aarch32 (or ARMv7 with Security Extensions)
IFSR has a secure and a non-secure instance.
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/cpu.h | 10 +++++++++-
target-arm/helper.c | 9 +++++----
2 files changed, 14 insertions(+), 5 deletions(-)
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index 05eebdf..7935915 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -257,7 +257,15 @@ typedef struct CPUARMState {
uint32_t pmsav5_insn_ap; /* PMSAv5 MPU insn access permissions */
uint64_t hcr_el2; /* Hypervisor configuration register */
uint32_t scr_el3; /* Secure configuration register. */
- uint32_t ifsr_el2; /* Fault status registers. */
+ union { /* Fault status registers. */
+ struct {
+ uint32_t ifsr_ns;
+ uint32_t ifsr_s;
+ };
+ struct {
+ uint32_t ifsr32_el2;
+ };
+ };
uint64_t esr_el[4];
uint32_t c6_region[8]; /* MPU base/size registers. */
uint64_t far_el[4]; /* Fault address registers. */
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 79bf844..fea2d59 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -1506,8 +1506,9 @@ static const ARMCPRegInfo vmsa_cp_reginfo[] = {
.fieldoffset = offsetoflow32(CPUARMState, cp15.esr_el[1]),
.resetfn = arm_cp_reset_ignore, },
{ .name = "IFSR", .cp = 15, .crn = 5, .crm = 0, .opc1 = 0, .opc2 = 1,
- .access = PL1_RW,
- .fieldoffset = offsetof(CPUARMState, cp15.ifsr_el2), .resetvalue = 0, },
+ .access = PL1_RW, .resetvalue = 0,
+ .bank_fieldoffsets = { offsetof(CPUARMState, cp15.ifsr_s),
+ offsetof(CPUARMState, cp15.ifsr_ns) } },
{ .name = "ESR_EL1", .state = ARM_CP_STATE_AA64,
.opc0 = 3, .crn = 5, .crm = 2, .opc1 = 0, .opc2 = 0,
.access = PL1_RW,
@@ -3870,11 +3871,11 @@ void arm_cpu_do_interrupt(CPUState *cs)
env->exception.fsr = 2;
/* Fall through to prefetch abort. */
case EXCP_PREFETCH_ABORT:
- env->cp15.ifsr_el2 = env->exception.fsr;
+ A32_BANKED_CURRENT_REG_SET(env, ifsr, env->exception.fsr);
env->cp15.far_el[1] = deposit64(env->cp15.far_el[1], 32, 32,
env->exception.vaddress);
qemu_log_mask(CPU_LOG_INT, "...with IFSR 0x%x IFAR 0x%x\n",
- env->cp15.ifsr_el2, (uint32_t)env->exception.vaddress);
+ env->exception.fsr, (uint32_t)env->exception.vaddress);
new_mode = ARM_CPU_MODE_ABT;
addr = 0x0c;
mask = CPSR_A | CPSR_I;
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 28/33] target-arm: make DFSR banked
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (26 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 27/33] target-arm: make IFSR banked greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 29/33] target-arm: make IFAR/DFAR banked greg.bellows
` (6 subsequent siblings)
34 siblings, 0 replies; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Fabian Aggeler, Greg Bellows,
serge.fdrv, edgar.iglesias, christoffer.dall
From: Fabian Aggeler <aggelerf@ethz.ch>
When EL3 is running in Aarch32 (or ARMv7 with Security Extensions)
DFSR has a secure and a non-secure instance.
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---------------
v3 -> v4
- Reverted esr/dfsr back to array-based notation as a union with v7 naming.
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/cpu.h | 10 +++++++++-
target-arm/helper.c | 7 ++++---
2 files changed, 13 insertions(+), 4 deletions(-)
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index 7935915..872b42d 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -266,7 +266,15 @@ typedef struct CPUARMState {
uint32_t ifsr32_el2;
};
};
- uint64_t esr_el[4];
+ union {
+ struct {
+ uint64_t _unused_dfsr;
+ uint64_t dfsr_ns;
+ uint64_t hsr;
+ uint64_t dfsr_s;
+ };
+ uint64_t esr_el[4];
+ };
uint32_t c6_region[8]; /* MPU base/size registers. */
uint64_t far_el[4]; /* Fault address registers. */
uint64_t par_el1; /* Translation result. */
diff --git a/target-arm/helper.c b/target-arm/helper.c
index fea2d59..fa3ae3a 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -1503,7 +1503,8 @@ static void vmsa_ttbr_write(CPUARMState *env, const ARMCPRegInfo *ri,
static const ARMCPRegInfo vmsa_cp_reginfo[] = {
{ .name = "DFSR", .cp = 15, .crn = 5, .crm = 0, .opc1 = 0, .opc2 = 0,
.access = PL1_RW, .type = ARM_CP_NO_MIGRATE,
- .fieldoffset = offsetoflow32(CPUARMState, cp15.esr_el[1]),
+ .bank_fieldoffsets = { offsetoflow32(CPUARMState, cp15.dfsr_s),
+ offsetoflow32(CPUARMState, cp15.dfsr_ns) },
.resetfn = arm_cp_reset_ignore, },
{ .name = "IFSR", .cp = 15, .crn = 5, .crm = 0, .opc1 = 0, .opc2 = 1,
.access = PL1_RW, .resetvalue = 0,
@@ -3882,11 +3883,11 @@ void arm_cpu_do_interrupt(CPUState *cs)
offset = 4;
break;
case EXCP_DATA_ABORT:
- env->cp15.esr_el[1] = env->exception.fsr;
+ A32_BANKED_CURRENT_REG_SET(env, dfsr, env->exception.fsr);
env->cp15.far_el[1] = deposit64(env->cp15.far_el[1], 0, 32,
env->exception.vaddress);
qemu_log_mask(CPU_LOG_INT, "...with DFSR 0x%x DFAR 0x%x\n",
- (uint32_t)env->cp15.esr_el[1],
+ env->exception.fsr,
(uint32_t)env->exception.vaddress);
new_mode = ARM_CPU_MODE_ABT;
addr = 0x10;
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 29/33] target-arm: make IFAR/DFAR banked
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (27 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 28/33] target-arm: make DFSR banked greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 30/33] target-arm: make PAR banked greg.bellows
` (5 subsequent siblings)
34 siblings, 0 replies; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Fabian Aggeler, Greg Bellows,
serge.fdrv, edgar.iglesias, christoffer.dall
From: Fabian Aggeler <aggelerf@ethz.ch>
When EL3 is running in Aarch32 (or ARMv7 with Security Extensions)
IFAR and DFAR have a secure and a non-secure instance.
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
-----------------
v3 -> v4
- Revert to array-based notation of far_el in combination with v7 naming
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/cpu.c | 2 +-
target-arm/cpu.h | 19 ++++++++++++++++++-
target-arm/helper.c | 21 ++++++++++++---------
3 files changed, 31 insertions(+), 11 deletions(-)
diff --git a/target-arm/cpu.c b/target-arm/cpu.c
index d03d52e..e1774e3 100644
--- a/target-arm/cpu.c
+++ b/target-arm/cpu.c
@@ -464,7 +464,7 @@ static void arm1026_initfn(Object *obj)
ARMCPRegInfo ifar = {
.name = "IFAR", .cp = 15, .crn = 6, .crm = 0, .opc1 = 0, .opc2 = 1,
.access = PL1_RW,
- .fieldoffset = offsetofhigh32(CPUARMState, cp15.far_el[1]),
+ .fieldoffset = offsetofhigh32(CPUARMState, cp15.ifar_ns),
.resetvalue = 0
};
define_one_arm_cp_reg(cpu, &ifar);
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index 872b42d..f29bcaa 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -276,7 +276,24 @@ typedef struct CPUARMState {
uint64_t esr_el[4];
};
uint32_t c6_region[8]; /* MPU base/size registers. */
- uint64_t far_el[4]; /* Fault address registers. */
+ union { /* Fault address registers. */
+ struct {
+ uint64_t _unused_far0;
+#ifdef HOST_WORDS_BIGENDIAN
+ uint32_t ifar_ns;
+ uint32_t dfar_ns;
+ uint32_t ifar_s;
+ uint32_t dfar_s;
+#else
+ uint32_t dfar_ns;
+ uint32_t ifar_ns;
+ uint32_t dfar_s;
+ uint32_t ifar_s;
+#endif
+ uint64_t _unused_far3;;
+ };
+ uint64_t far_el[4];
+ };
uint64_t par_el1; /* Translation result. */
uint32_t c9_insn; /* Cache lockdown registers. */
uint32_t c9_data;
diff --git a/target-arm/helper.c b/target-arm/helper.c
index fa3ae3a..3cc6d42 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -536,7 +536,8 @@ static const ARMCPRegInfo v6_cp_reginfo[] = {
.access = PL0_W, .type = ARM_CP_NOP },
{ .name = "IFAR", .cp = 15, .crn = 6, .crm = 0, .opc1 = 0, .opc2 = 2,
.access = PL1_RW,
- .fieldoffset = offsetofhigh32(CPUARMState, cp15.far_el[1]),
+ .bank_fieldoffsets = { offsetof(CPUARMState, cp15.ifar_s),
+ offsetof(CPUARMState, cp15.ifar_ns) },
.resetvalue = 0, },
/* Watchpoint Fault Address Register : should actually only be present
* for 1136, 1176, 11MPCore.
@@ -1534,11 +1535,15 @@ static const ARMCPRegInfo vmsa_cp_reginfo[] = {
.resetfn = arm_cp_reset_ignore, .raw_writefn = vmsa_ttbcr_raw_write,
.bank_fieldoffsets = { offsetoflow32(CPUARMState, cp15.ttbcr_s),
offsetoflow32(CPUARMState, cp15.ttbcr_ns) } },
- /* 64-bit FAR; this entry also gives us the AArch32 DFAR */
- { .name = "FAR_EL1", .state = ARM_CP_STATE_BOTH,
+ { .name = "DFAR", .cp = 15, .crn = 6, .crm = 0, .opc1 = 0, .opc2 = 0,
+ .access = PL1_RW, .resetvalue = 0,
+ .bank_fieldoffsets = { offsetof(CPUARMState, cp15.dfar_s),
+ offsetof(CPUARMState, cp15.dfar_ns) } },
+ { .name = "FAR_EL1", .state = ARM_CP_STATE_AA64,
.opc0 = 3, .crn = 6, .crm = 0, .opc1 = 0, .opc2 = 0,
- .access = PL1_RW, .fieldoffset = offsetof(CPUARMState, cp15.far_el[1]),
- .resetvalue = 0, },
+ .access = PL1_RW, .resetvalue = 0,
+ .fieldoffset = offsetof(CPUARMState, cp15.far_el[1]),
+ },
REGINFO_SENTINEL
};
@@ -3873,8 +3878,7 @@ void arm_cpu_do_interrupt(CPUState *cs)
/* Fall through to prefetch abort. */
case EXCP_PREFETCH_ABORT:
A32_BANKED_CURRENT_REG_SET(env, ifsr, env->exception.fsr);
- env->cp15.far_el[1] = deposit64(env->cp15.far_el[1], 32, 32,
- env->exception.vaddress);
+ A32_BANKED_CURRENT_REG_SET(env, ifar, env->exception.vaddress);
qemu_log_mask(CPU_LOG_INT, "...with IFSR 0x%x IFAR 0x%x\n",
env->exception.fsr, (uint32_t)env->exception.vaddress);
new_mode = ARM_CPU_MODE_ABT;
@@ -3884,8 +3888,7 @@ void arm_cpu_do_interrupt(CPUState *cs)
break;
case EXCP_DATA_ABORT:
A32_BANKED_CURRENT_REG_SET(env, dfsr, env->exception.fsr);
- env->cp15.far_el[1] = deposit64(env->cp15.far_el[1], 0, 32,
- env->exception.vaddress);
+ A32_BANKED_CURRENT_REG_SET(env, dfar, env->exception.vaddress);
qemu_log_mask(CPU_LOG_INT, "...with DFSR 0x%x DFAR 0x%x\n",
env->exception.fsr,
(uint32_t)env->exception.vaddress);
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 30/33] target-arm: make PAR banked
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (28 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 29/33] target-arm: make IFAR/DFAR banked greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 31/33] target-arm: make VBAR banked greg.bellows
` (4 subsequent siblings)
34 siblings, 0 replies; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Fabian Aggeler, Greg Bellows,
serge.fdrv, edgar.iglesias, christoffer.dall
From: Fabian Aggeler <aggelerf@ethz.ch>
When EL3 is running in Aarch32 (or ARMv7 with Security Extensions)
PAR has a secure and a non-secure instance.
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
-------------
v3 -> v4
- Fix par union/structure definition
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/cpu.h | 10 +++++++++-
target-arm/helper.c | 25 ++++++++++++++-----------
2 files changed, 23 insertions(+), 12 deletions(-)
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index f29bcaa..d5cad97 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -294,7 +294,15 @@ typedef struct CPUARMState {
};
uint64_t far_el[4];
};
- uint64_t par_el1; /* Translation result. */
+ union { /* Translation result. */
+ struct {
+ uint64_t par_ns;
+ uint64_t par_s;
+ };
+ struct {
+ uint64_t par_el1;
+ };
+ };
uint32_t c9_insn; /* Cache lockdown registers. */
uint32_t c9_data;
uint32_t c9_pmcr; /* performance monitor control register */
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 3cc6d42..1178a79 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -1281,7 +1281,7 @@ static void ats_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value)
* fault.
*/
}
- env->cp15.par_el1 = par64;
+ A32_BANKED_CURRENT_REG_SET(env, par, par64);
} else {
/* ret is a DFSR/IFSR value for the short descriptor
* translation table format (with WnR always clear).
@@ -1291,14 +1291,16 @@ static void ats_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value)
/* We do not set any attribute bits in the PAR */
if (page_size == (1 << 24)
&& arm_feature(env, ARM_FEATURE_V7)) {
- env->cp15.par_el1 = (phys_addr & 0xff000000) | 1 << 1;
+ A32_BANKED_CURRENT_REG_SET(env, par,
+ (phys_addr & 0xff000000) | 1 << 1);
} else {
- env->cp15.par_el1 = phys_addr & 0xfffff000;
+ A32_BANKED_CURRENT_REG_SET(env, par, phys_addr & 0xfffff000);
}
} else {
- env->cp15.par_el1 = ((ret & (1 << 10)) >> 5) |
- ((ret & (1 << 12)) >> 6) |
- ((ret & 0xf) << 1) | 1;
+ A32_BANKED_CURRENT_REG_SET(env, par,
+ ((ret & (1 << 10)) >> 5) |
+ ((ret & (1 << 12)) >> 6) |
+ ((ret & 0xf) << 1) | 1);
}
}
}
@@ -1306,9 +1308,9 @@ static void ats_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value)
static const ARMCPRegInfo vapa_cp_reginfo[] = {
{ .name = "PAR", .cp = 15, .crn = 7, .crm = 4, .opc1 = 0, .opc2 = 0,
- .access = PL1_RW, .resetvalue = 0,
- .fieldoffset = offsetoflow32(CPUARMState, cp15.par_el1),
- .writefn = par_write },
+ .access = PL1_RW, .resetvalue = 0, .writefn = par_write,
+ .bank_fieldoffsets = { offsetoflow32(CPUARMState, cp15.par_s),
+ offsetoflow32(CPUARMState, cp15.par_ns) } },
#ifndef CONFIG_USER_ONLY
{ .name = "ATS", .cp = 15, .crn = 7, .crm = 8, .opc1 = 0, .opc2 = CP_ANY,
.access = PL1_W, .accessfn = ats_access,
@@ -1766,8 +1768,9 @@ static const ARMCPRegInfo lpae_cp_reginfo[] = {
{ .name = "DBGDSAR", .cp = 14, .crm = 2, .opc1 = 0,
.access = PL0_R, .type = ARM_CP_CONST|ARM_CP_64BIT, .resetvalue = 0 },
{ .name = "PAR", .cp = 15, .crm = 7, .opc1 = 0,
- .access = PL1_RW, .type = ARM_CP_64BIT,
- .fieldoffset = offsetof(CPUARMState, cp15.par_el1), .resetvalue = 0 },
+ .access = PL1_RW, .type = ARM_CP_64BIT, .resetvalue = 0,
+ .bank_fieldoffsets = { offsetof(CPUARMState, cp15.par_s),
+ offsetof(CPUARMState, cp15.par_ns)} },
{ .name = "TTBR0", .cp = 15, .crm = 2, .opc1 = 0,
.access = PL1_RW, .type = ARM_CP_64BIT | ARM_CP_NO_MIGRATE,
.bank_fieldoffsets = { offsetof(CPUARMState, cp15.ttbr0_s),
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 31/33] target-arm: make VBAR banked
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (29 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 30/33] target-arm: make PAR banked greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 32/33] target-arm: make c13 cp regs banked (FCSEIDR, ...) greg.bellows
` (3 subsequent siblings)
34 siblings, 0 replies; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Fabian Aggeler, Greg Bellows,
serge.fdrv, edgar.iglesias, christoffer.dall
From: Fabian Aggeler <aggelerf@ethz.ch>
When EL3 is running in Aarch32 (or ARMv7 with Security Extensions)
VBAR has a secure and a non-secure instance, which are mapped to
VBAR_EL1 and VBAR_EL3.
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
----------------
v3 -> v4
- Fix vbar union/structure definition
- Revert back to array-based vbar definition combined with v7 naming
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/cpu.h | 10 +++++++++-
target-arm/helper.c | 8 ++++----
2 files changed, 13 insertions(+), 5 deletions(-)
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index d5cad97..aade869 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -312,7 +312,15 @@ typedef struct CPUARMState {
uint32_t c9_pmuserenr; /* perf monitor user enable */
uint32_t c9_pminten; /* perf monitor interrupt enables */
uint64_t mair_el1;
- uint64_t vbar_el[4]; /* vector base address register */
+ union { /* vector base address register */
+ struct {
+ uint64_t _unused_vbar;
+ uint64_t vbar_ns;
+ uint64_t hvbar;
+ uint64_t vbar_s;
+ };
+ uint64_t vbar_el[4];
+ };
uint64_t mvbar; /* (monitor) vector base address register */
uint32_t c13_fcse; /* FCSE PID. */
uint64_t contextidr_el1; /* Context ID. */
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 1178a79..1a07124 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -805,9 +805,9 @@ static const ARMCPRegInfo v7_cp_reginfo[] = {
.resetvalue = 0, .writefn = pmintenclr_write, },
{ .name = "VBAR", .state = ARM_CP_STATE_BOTH,
.opc0 = 3, .crn = 12, .crm = 0, .opc1 = 0, .opc2 = 0,
- .access = PL1_RW, .writefn = vbar_write,
- .fieldoffset = offsetof(CPUARMState, cp15.vbar_el[1]),
- .resetvalue = 0 },
+ .access = PL1_RW, .writefn = vbar_write, .resetvalue = 0,
+ .bank_fieldoffsets = { offsetof(CPUARMState, cp15.vbar_s),
+ offsetof(CPUARMState, cp15.vbar_ns) } },
{ .name = "CCSIDR", .state = ARM_CP_STATE_BOTH,
.opc0 = 3, .crn = 0, .crm = 0, .opc1 = 1, .opc2 = 0,
.access = PL1_R, .readfn = ccsidr_read, .type = ARM_CP_NO_MIGRATE },
@@ -3945,7 +3945,7 @@ void arm_cpu_do_interrupt(CPUState *cs)
* This register is only followed in non-monitor mode, and is banked.
* Note: only bits 31:5 are valid.
*/
- addr += env->cp15.vbar_el[1];
+ addr += A32_BANKED_CURRENT_REG_GET(env, vbar);
}
if ((env->uncached_cpsr & CPSR_M) == ARM_CPU_MODE_MON) {
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 32/33] target-arm: make c13 cp regs banked (FCSEIDR, ...)
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (30 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 31/33] target-arm: make VBAR banked greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 33/33] target-arm: Limit migration of duplicate CP regs greg.bellows
` (2 subsequent siblings)
34 siblings, 0 replies; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Fabian Aggeler, Greg Bellows,
serge.fdrv, edgar.iglesias, christoffer.dall
From: Fabian Aggeler <aggelerf@ethz.ch>
When EL3 is running in Aarch32 (or ARMv7 with Security Extensions)
FCSEIDR, CONTEXTIDR, TPIDRURW, TPIDRURO and TPIDRPRW have a secure
and a non-secure instance.
Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
--------------
v3 -> v4
- Fix tpidrprw mapping
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/cpu.h | 45 ++++++++++++++++++++++++++++++++++++++++-----
target-arm/helper.c | 27 +++++++++++++++++----------
2 files changed, 57 insertions(+), 15 deletions(-)
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index aade869..3c96131 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -322,11 +322,46 @@ typedef struct CPUARMState {
uint64_t vbar_el[4];
};
uint64_t mvbar; /* (monitor) vector base address register */
- uint32_t c13_fcse; /* FCSE PID. */
- uint64_t contextidr_el1; /* Context ID. */
- uint64_t tpidr_el0; /* User RW Thread register. */
- uint64_t tpidrro_el0; /* User RO Thread register. */
- uint64_t tpidr_el1; /* Privileged Thread register. */
+ struct { /* FCSE PID. */
+ uint32_t c13_fcseidr_ns;
+ uint32_t c13_fcseidr_s;
+ };
+ union { /* Context ID. */
+ struct {
+ uint64_t contextidr_ns;
+ uint64_t contextidr_s;
+ };
+ struct {
+ uint64_t contextidr_el1;
+ };
+ };
+ union { /* User RW Thread register. */
+ struct {
+ uint64_t tpidrurw_ns;
+ uint64_t tpidrurw_s;
+ };
+ struct {
+ uint64_t tpidr_el0;
+ };
+ };
+ union { /* User RO Thread register. */
+ struct {
+ uint64_t tpidruro_ns;
+ uint64_t tpidruro_s;
+ };
+ struct {
+ uint64_t tpidrro_el0;
+ };
+ };
+ union { /* Privileged Thread register. */
+ struct {
+ uint64_t tpidrprw_ns;
+ uint64_t tpidrprw_s;
+ };
+ struct {
+ uint64_t tpidr_el1;
+ };
+ };
uint64_t c14_cntfrq; /* Counter Frequency register */
uint64_t c14_cntkctl; /* Timer Control register */
ARMGenericTimer c14_timer[NUM_GTIMERS];
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 1a07124..3bc55fe 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -396,12 +396,15 @@ static const ARMCPRegInfo cp_reginfo[] = {
{ .name = "DBGDIDR", .cp = 14, .crn = 0, .crm = 0, .opc1 = 0, .opc2 = 0,
.access = PL0_R, .type = ARM_CP_CONST, .resetvalue = 0 },
{ .name = "FCSEIDR", .cp = 15, .crn = 13, .crm = 0, .opc1 = 0, .opc2 = 0,
- .access = PL1_RW, .fieldoffset = offsetof(CPUARMState, cp15.c13_fcse),
+ .access = PL1_RW,
+ .bank_fieldoffsets = { offsetof(CPUARMState, cp15.c13_fcseidr_s),
+ offsetof(CPUARMState, cp15.c13_fcseidr_ns) },
.resetvalue = 0, .writefn = fcse_write, .raw_writefn = raw_write, },
{ .name = "CONTEXTIDR", .state = ARM_CP_STATE_BOTH,
.opc0 = 3, .opc1 = 0, .crn = 13, .crm = 0, .opc2 = 1,
.access = PL1_RW,
- .fieldoffset = offsetof(CPUARMState, cp15.contextidr_el1),
+ .bank_fieldoffsets = { offsetof(CPUARMState, cp15.contextidr_s),
+ offsetof(CPUARMState, cp15.contextidr_ns) },
.resetvalue = 0, .writefn = contextidr_write, .raw_writefn = raw_write, },
REGINFO_SENTINEL
};
@@ -889,21 +892,25 @@ static const ARMCPRegInfo v6k_cp_reginfo[] = {
.access = PL0_RW,
.fieldoffset = offsetof(CPUARMState, cp15.tpidr_el0), .resetvalue = 0 },
{ .name = "TPIDRURW", .cp = 15, .crn = 13, .crm = 0, .opc1 = 0, .opc2 = 2,
- .access = PL0_RW,
- .fieldoffset = offsetoflow32(CPUARMState, cp15.tpidr_el0),
- .resetfn = arm_cp_reset_ignore },
+ .access = PL0_RW, .resetfn = arm_cp_reset_ignore,
+ .bank_fieldoffsets = { offsetoflow32(CPUARMState, cp15.tpidrurw_s),
+ offsetoflow32(CPUARMState, cp15.tpidrurw_ns) } },
{ .name = "TPIDRRO_EL0", .state = ARM_CP_STATE_AA64,
.opc0 = 3, .opc1 = 3, .opc2 = 3, .crn = 13, .crm = 0,
.access = PL0_R|PL1_W,
.fieldoffset = offsetof(CPUARMState, cp15.tpidrro_el0), .resetvalue = 0 },
{ .name = "TPIDRURO", .cp = 15, .crn = 13, .crm = 0, .opc1 = 0, .opc2 = 3,
- .access = PL0_R|PL1_W,
- .fieldoffset = offsetoflow32(CPUARMState, cp15.tpidrro_el0),
- .resetfn = arm_cp_reset_ignore },
- { .name = "TPIDR_EL1", .state = ARM_CP_STATE_BOTH,
+ .access = PL0_R|PL1_W, .resetfn = arm_cp_reset_ignore,
+ .bank_fieldoffsets = { offsetoflow32(CPUARMState, cp15.tpidruro_s),
+ offsetoflow32(CPUARMState, cp15.tpidruro_ns) } },
+ { .name = "TPIDR_EL1", .state = ARM_CP_STATE_AA64,
.opc0 = 3, .opc1 = 0, .opc2 = 4, .crn = 13, .crm = 0,
.access = PL1_RW,
.fieldoffset = offsetof(CPUARMState, cp15.tpidr_el1), .resetvalue = 0 },
+ { .name = "TPIDRPRW", .cp = 15, .crn = 13, .crm = 0, .opc1 = 0, .opc2 = 4,
+ .access = PL1_RW, .resetfn = arm_cp_reset_ignore,
+ .bank_fieldoffsets = { offsetoflow32(CPUARMState, cp15.tpidrprw_s),
+ offsetoflow32(CPUARMState, cp15.tpidrprw_ns) } },
REGINFO_SENTINEL
};
@@ -4615,7 +4622,7 @@ static inline int get_phys_addr(CPUARMState *env, target_ulong address,
/* Fast Context Switch Extension. */
if (address < 0x02000000)
- address += env->cp15.c13_fcse;
+ address += A32_BANKED_CURRENT_REG_GET(env, c13_fcseidr);
if ((sctlr & SCTLR_M) == 0) {
/* MMU/MPU disabled. */
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* [Qemu-devel] [PATCH v4 33/33] target-arm: Limit migration of duplicate CP regs
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (31 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 32/33] target-arm: make c13 cp regs banked (FCSEIDR, ...) greg.bellows
@ 2014-06-30 23:09 ` greg.bellows
2014-07-02 9:41 ` [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs Aggeler Fabian
2014-09-05 17:55 ` Peter Maydell
34 siblings, 0 replies; 49+ messages in thread
From: greg.bellows @ 2014-06-30 23:09 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, peter.crosthwaite, Greg Bellows, serge.fdrv,
edgar.iglesias, christoffer.dall
From: Greg Bellows <greg.bellows@linaro.org>
This patch adds code to mark duplicate CP register registrations as NO_MIGRATE
to avoid duplicate migrations.
Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
---
target-arm/helper.c | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 3bc55fe..7c1e2eb 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -2339,7 +2339,11 @@ static const ARMCPRegInfo v8_el3_cp_reginfo[] = {
.access = PL3_RW, .writefn = vbar_write,
.fieldoffset = offsetof(CPUARMState, cp15.vbar_el[3]),
.resetvalue = 0 },
- { .name = "SCR_EL3", .state = ARM_CP_STATE_AA64,
+ /* SCR will always be registered for v7, but not necessarily for v8, so
+ * this entry is marked to allow migration to be handled by the v7
+ * registration instance.
+ */
+ { .name = "SCR_EL3", .state = ARM_CP_STATE_AA64, .type = ARM_CP_NO_MIGRATE,
.opc0 = 3, .opc1 = 6, .crn = 1, .crm = 1, .opc2 = 0,
.access = PL3_RW, .fieldoffset = offsetof(CPUARMState, cp15.scr_el3),
.writefn = scr_write },
@@ -2958,6 +2962,11 @@ static void add_cpreg_to_hashtable(ARMCPU *cpu, const ARMCPRegInfo *r,
* banked registers but later only fieldoffset is used.
*/
r2->fieldoffset = r->bank_fieldoffsets[nsbit];
+ } else if (!nsbit) {
+ /* The register is not banked so we only want to allow migration of
+ * the non-secure instance.
+ */
+ r2->type |= ARM_CP_NO_MIGRATE;
}
if (r->state == ARM_CP_STATE_BOTH) {
--
1.8.3.2
^ permalink raw reply related [flat|nested] 49+ messages in thread
* Re: [Qemu-devel] [PATCH v4 02/33] target-arm: move Aarch32 SCR into security reglist
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 02/33] target-arm: move Aarch32 SCR into security reglist greg.bellows
@ 2014-07-01 8:15 ` Edgar E. Iglesias
0 siblings, 0 replies; 49+ messages in thread
From: Edgar E. Iglesias @ 2014-07-01 8:15 UTC (permalink / raw)
To: greg.bellows
Cc: peter.maydell, peter.crosthwaite, Sergey Fedorov, Fabian Aggeler,
qemu-devel, serge.fdrv, christoffer.dall
On Mon, Jun 30, 2014 at 06:09:02PM -0500, greg.bellows@linaro.org wrote:
> From: Fabian Aggeler <aggelerf@ethz.ch>
>
> Define a new ARM CP register info list for the ARMv7 Security Extension
> feature. Register that list only for ARM cores with Security Extension/EL3
> support. Moving Aarch32 SCR into Security Extension register group.
>
> Signed-off-by: Sergey Fedorov <s.fedorov@samsung.com>
> Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
> Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
>
> ------------------
> v3 -> v4
> - Renamed security_cp_reginfo to v7_el3_cp_reginfo
> - Conditionalized define on whether v7 or v8 were enabled
>
> Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
> ---
> target-arm/helper.c | 17 +++++++++++++----
> 1 file changed, 13 insertions(+), 4 deletions(-)
>
> diff --git a/target-arm/helper.c b/target-arm/helper.c
> index 7c4b801..1ea30fe 100644
> --- a/target-arm/helper.c
> +++ b/target-arm/helper.c
> @@ -792,9 +792,6 @@ static const ARMCPRegInfo v7_cp_reginfo[] = {
> .access = PL1_RW, .writefn = vbar_write,
> .fieldoffset = offsetof(CPUARMState, cp15.vbar_el[1]),
> .resetvalue = 0 },
> - { .name = "SCR", .cp = 15, .crn = 1, .crm = 1, .opc1 = 0, .opc2 = 0,
> - .access = PL1_RW, .fieldoffset = offsetof(CPUARMState, cp15.c1_scr),
> - .resetvalue = 0, },
> { .name = "CCSIDR", .state = ARM_CP_STATE_BOTH,
> .opc0 = 3, .crn = 0, .crm = 0, .opc1 = 1, .opc2 = 0,
> .access = PL1_R, .readfn = ccsidr_read, .type = ARM_CP_NO_MIGRATE },
> @@ -2227,6 +2224,13 @@ static const ARMCPRegInfo v8_el3_cp_reginfo[] = {
> REGINFO_SENTINEL
> };
>
> +static const ARMCPRegInfo v7_el3_cp_reginfo[] = {
> + { .name = "SCR", .cp = 15, .crn = 1, .crm = 1, .opc1 = 0, .opc2 = 0,
> + .access = PL3_RW, .fieldoffset = offsetof(CPUARMState, cp15.scr_el3),
> + .resetvalue = 0, },
> + REGINFO_SENTINEL
> +};
> +
> static void sctlr_write(CPUARMState *env, const ARMCPRegInfo *ri,
> uint64_t value)
> {
> @@ -2489,7 +2493,12 @@ void register_cp_regs_for_features(ARMCPU *cpu)
> }
> }
> if (arm_feature(env, ARM_FEATURE_EL3)) {
> - define_arm_cp_regs(cpu, v8_el3_cp_reginfo);
> + if (arm_feature(env, ARM_FEATURE_V8)) {
> + define_arm_cp_regs(cpu, v8_el3_cp_reginfo);
> + }
> + if (arm_feature(env, ARM_FEATURE_V7)) {
> + define_arm_cp_regs(cpu, v7_el3_cp_reginfo);
> + }
> }
> if (arm_feature(env, ARM_FEATURE_MPU)) {
> /* These are the MPU registers prior to PMSAv6. Any new
> --
> 1.8.3.2
>
^ permalink raw reply [flat|nested] 49+ messages in thread
* Re: [Qemu-devel] [PATCH v4 04/33] target-arm: add arm_is_secure() function
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 04/33] target-arm: add arm_is_secure() function greg.bellows
@ 2014-07-01 8:17 ` Edgar E. Iglesias
2014-07-01 13:51 ` Greg Bellows
0 siblings, 1 reply; 49+ messages in thread
From: Edgar E. Iglesias @ 2014-07-01 8:17 UTC (permalink / raw)
To: greg.bellows
Cc: peter.maydell, peter.crosthwaite, Sergey Fedorov, Fabian Aggeler,
qemu-devel, serge.fdrv, christoffer.dall
On Mon, Jun 30, 2014 at 06:09:04PM -0500, greg.bellows@linaro.org wrote:
> From: Fabian Aggeler <aggelerf@ethz.ch>
>
> arm_is_secure() function allows to determine CPU security state
> if the CPU implements Security Extensions/EL3.
> arm_is_secure_below_el3() returns true if CPU is in secure state
> below EL3.
>
> Signed-off-by: Sergey Fedorov <s.fedorov@samsung.com>
> Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
> Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
> ---
> target-arm/cpu.h | 38 ++++++++++++++++++++++++++++++++++++++
> 1 file changed, 38 insertions(+)
>
> diff --git a/target-arm/cpu.h b/target-arm/cpu.h
> index ffc51f2..aba077b 100644
> --- a/target-arm/cpu.h
> +++ b/target-arm/cpu.h
> @@ -726,6 +726,44 @@ static inline int arm_feature(CPUARMState *env, int feature)
> return (env->features & (1ULL << feature)) != 0;
> }
>
> +
> +/* Return true if exception level below EL3 is in secure state */
> +static inline bool arm_is_secure_below_el3(CPUARMState *env)
> +{
> +#if !defined(CONFIG_USER_ONLY)
> + if (arm_feature(env, ARM_FEATURE_EL3)) {
> + return !(env->cp15.scr_el3 & SCR_NS);
> + } else if (arm_feature(env, ARM_FEATURE_EL2)) {
> + return false;
> + } else {
> + /* IMPDEF: QEMU defaults to non-secure */
> + return false;
> + }
> +#else
> + return false;
> +#endif
> +}
Should we be #ifdefing the entire arm_is_secure_below_el3() as it is
not called from user-only code?
> +
> +/* Return true if the processor is in secure state */
> +static inline bool arm_is_secure(CPUARMState *env)
> +{
> +#if !defined(CONFIG_USER_ONLY)
> + if (arm_feature(env, ARM_FEATURE_EL3)) {
> + if (env->aarch64 && extract32(env->pstate, 2, 2) == 3) {
> + /* CPU currently in Aarch64 state and EL3 */
> + return true;
> + } else if (!env->aarch64 &&
> + (env->uncached_cpsr & CPSR_M) == ARM_CPU_MODE_MON) {
> + /* CPU currently in Aarch32 state and monitor mode */
> + return true;
> + }
> + }
> + return arm_is_secure_below_el3(env);
> +#else
> + return false;
> +#endif
> +}
> +
> /* Return true if the specified exception level is running in AArch64 state. */
> static inline bool arm_el_is_aa64(CPUARMState *env, int el)
> {
> --
> 1.8.3.2
>
^ permalink raw reply [flat|nested] 49+ messages in thread
* Re: [Qemu-devel] [PATCH v4 07/33] target-arm: add non-secure Translation Block flag
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 07/33] target-arm: add non-secure Translation Block flag greg.bellows
@ 2014-07-01 8:19 ` Edgar E. Iglesias
2014-09-02 16:11 ` Peter Maydell
1 sibling, 0 replies; 49+ messages in thread
From: Edgar E. Iglesias @ 2014-07-01 8:19 UTC (permalink / raw)
To: greg.bellows
Cc: peter.maydell, peter.crosthwaite, Sergey Fedorov, Fabian Aggeler,
qemu-devel, serge.fdrv, christoffer.dall
On Mon, Jun 30, 2014 at 06:09:07PM -0500, greg.bellows@linaro.org wrote:
> From: Sergey Fedorov <s.fedorov@samsung.com>
>
> This patch is based on idea found in patch at
> git://github.com/jowinter/qemu-trustzone.git
> f3d955c6c0ed8c46bc0eb10b634201032a651dd2 by
> Johannes Winter <johannes.winter@iaik.tugraz.at>.
>
> This flag prevents QEMU from executing TCG code generated for other CPU
> security state. It also allows to generate different TCG code depending on
> CPU secure state.
>
> Signed-off-by: Sergey Fedorov <s.fedorov@samsung.com>
> Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
> Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
> ---
> target-arm/cpu.h | 10 ++++++++++
> target-arm/translate-a64.c | 1 +
> target-arm/translate.c | 3 +++
> target-arm/translate.h | 1 +
> 4 files changed, 15 insertions(+)
>
> diff --git a/target-arm/cpu.h b/target-arm/cpu.h
> index 1faf1e2..44e0943 100644
> --- a/target-arm/cpu.h
> +++ b/target-arm/cpu.h
> @@ -1291,6 +1291,8 @@ static inline int cpu_mmu_index (CPUARMState *env)
> #define ARM_TBFLAG_BSWAP_CODE_MASK (1 << ARM_TBFLAG_BSWAP_CODE_SHIFT)
> #define ARM_TBFLAG_CPACR_FPEN_SHIFT 17
> #define ARM_TBFLAG_CPACR_FPEN_MASK (1 << ARM_TBFLAG_CPACR_FPEN_SHIFT)
> +#define ARM_TBFLAG_NS_SHIFT 18
> +#define ARM_TBFLAG_NS_MASK (1 << ARM_TBFLAG_NS_SHIFT)
>
> /* Bit usage when in AArch64 state */
> #define ARM_TBFLAG_AA64_EL_SHIFT 0
> @@ -1321,6 +1323,8 @@ static inline int cpu_mmu_index (CPUARMState *env)
> (((F) & ARM_TBFLAG_AA64_EL_MASK) >> ARM_TBFLAG_AA64_EL_SHIFT)
> #define ARM_TBFLAG_AA64_FPEN(F) \
> (((F) & ARM_TBFLAG_AA64_FPEN_MASK) >> ARM_TBFLAG_AA64_FPEN_SHIFT)
> +#define ARM_TBFLAG_NS(F) \
> + (((F) & ARM_TBFLAG_NS_MASK) >> ARM_TBFLAG_NS_SHIFT)
>
> static inline void cpu_get_tb_cpu_state(CPUARMState *env, target_ulong *pc,
> target_ulong *cs_base, int *flags)
> @@ -1334,6 +1338,9 @@ static inline void cpu_get_tb_cpu_state(CPUARMState *env, target_ulong *pc,
> if (fpen == 3 || (fpen == 1 && arm_current_pl(env) != 0)) {
> *flags |= ARM_TBFLAG_AA64_FPEN_MASK;
> }
> + if (!arm_is_secure(env)) {
> + *flags |= ARM_TBFLAG_NS_MASK;
> + }
> } else {
> int privmode;
> *pc = env->regs[15];
> @@ -1350,6 +1357,9 @@ static inline void cpu_get_tb_cpu_state(CPUARMState *env, target_ulong *pc,
> if (privmode) {
> *flags |= ARM_TBFLAG_PRIV_MASK;
> }
> + if (!arm_is_secure(env)) {
> + *flags |= ARM_TBFLAG_NS_MASK;
> + }
> if (env->vfp.xregs[ARM_VFP_FPEXC] & (1 << 30)
> || arm_el_is_aa64(env, 1)) {
> *flags |= ARM_TBFLAG_VFPEN_MASK;
> diff --git a/target-arm/translate-a64.c b/target-arm/translate-a64.c
> index 446d2cd..ad30903 100644
> --- a/target-arm/translate-a64.c
> +++ b/target-arm/translate-a64.c
> @@ -10879,6 +10879,7 @@ void gen_intermediate_code_internal_a64(ARMCPU *cpu,
> dc->condexec_cond = 0;
> #if !defined(CONFIG_USER_ONLY)
> dc->user = (ARM_TBFLAG_AA64_EL(tb->flags) == 0);
> + dc->ns = ARM_TBFLAG_NS(tb->flags);
> #endif
> dc->cpacr_fpen = ARM_TBFLAG_AA64_FPEN(tb->flags);
> dc->vec_len = 0;
> diff --git a/target-arm/translate.c b/target-arm/translate.c
> index cf4e767..bf17952 100644
> --- a/target-arm/translate.c
> +++ b/target-arm/translate.c
> @@ -53,8 +53,10 @@ static uint32_t gen_opc_condexec_bits[OPC_BUF_SIZE];
>
> #if defined(CONFIG_USER_ONLY)
> #define IS_USER(s) 1
> +#define IS_NS(s) 1
> #else
> #define IS_USER(s) (s->user)
> +#define IS_NS(s) (s->ns)
> #endif
>
> TCGv_ptr cpu_env;
> @@ -10904,6 +10906,7 @@ static inline void gen_intermediate_code_internal(ARMCPU *cpu,
> dc->condexec_cond = ARM_TBFLAG_CONDEXEC(tb->flags) >> 4;
> #if !defined(CONFIG_USER_ONLY)
> dc->user = (ARM_TBFLAG_PRIV(tb->flags) == 0);
> + dc->ns = ARM_TBFLAG_NS(tb->flags);
> #endif
> dc->cpacr_fpen = ARM_TBFLAG_CPACR_FPEN(tb->flags);
> dc->vfp_enabled = ARM_TBFLAG_VFPEN(tb->flags);
> diff --git a/target-arm/translate.h b/target-arm/translate.h
> index 31a0104..6e8620a 100644
> --- a/target-arm/translate.h
> +++ b/target-arm/translate.h
> @@ -19,6 +19,7 @@ typedef struct DisasContext {
> int bswap_code;
> #if !defined(CONFIG_USER_ONLY)
> int user;
> + int ns;
> #endif
> bool cpacr_fpen; /* FP enabled via CPACR.FPEN */
> bool vfp_enabled; /* FP enabled via FPSCR.EN */
> --
> 1.8.3.2
>
^ permalink raw reply [flat|nested] 49+ messages in thread
* Re: [Qemu-devel] [PATCH v4 09/33] target-arm: extend Aarch32 async excp masking
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 09/33] target-arm: extend Aarch32 async excp masking greg.bellows
@ 2014-07-01 8:22 ` Edgar E. Iglesias
2014-07-01 13:33 ` Greg Bellows
0 siblings, 1 reply; 49+ messages in thread
From: Edgar E. Iglesias @ 2014-07-01 8:22 UTC (permalink / raw)
To: greg.bellows
Cc: peter.maydell, peter.crosthwaite, Fabian Aggeler, qemu-devel,
serge.fdrv, christoffer.dall
On Mon, Jun 30, 2014 at 06:09:09PM -0500, greg.bellows@linaro.org wrote:
> From: Fabian Aggeler <aggelerf@ethz.ch>
>
> This patch extends arm_excp_unmasked() according to ARM ARMv7 and
> ARM ARMv8 (all EL running in Aarch32) and adds comments.
>
> Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
> Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
> ---
> target-arm/cpu.h | 77 ++++++++++++++++++++++++++++++++++++++++++++------------
> 1 file changed, 61 insertions(+), 16 deletions(-)
>
> diff --git a/target-arm/cpu.h b/target-arm/cpu.h
> index 44e0943..fbd7cad 100644
> --- a/target-arm/cpu.h
> +++ b/target-arm/cpu.h
> @@ -597,6 +597,8 @@ static inline void xpsr_write(CPUARMState *env, uint32_t val, uint32_t mask)
> #define SCR_IRQ (1U << 1)
> #define SCR_FIQ (1U << 2)
> #define SCR_EA (1U << 3)
> +#define SCR_FW (1U << 4)
> +#define SCR_AW (1U << 5)
> #define SCR_SMD (1U << 7)
> #define SCR_HCE (1U << 8)
> #define SCR_SIF (1U << 9)
> @@ -1199,30 +1201,73 @@ static inline bool arm_excp_unmasked(CPUState *cs, unsigned int excp_idx)
> {
> CPUARMState *env = cs->env_ptr;
> unsigned int cur_el = arm_current_pl(env);
> - unsigned int target_el = arm_excp_target_el(cs, excp_idx);
> - /* FIXME: Use actual secure state. */
> - bool secure = false;
> - /* Interrupts can only be hypervised and routed to
> - * EL2 if we are in NS EL0/1.
> - */
> - bool irq_can_hyp = !secure && cur_el < 2 && target_el == 2;
> + bool secure = arm_is_secure(env);
> +
> bool irq_unmasked = ((IS_M(env) && env->regs[15] < 0xfffffff0)
> || !(env->daif & PSTATE_I));
>
> - /* Don't take exceptions if they target a lower EL. */
> - if (cur_el > target_el) {
> - return false;
> - }
> -
Hi,
I think you might have missed a few of comments on the previous review.
If we remove the check for cur_el > target_el, we need to replace it
with something similar for VIRQ/VFIQ. VIRQ and VFIQ target EL1 and
cannot be taken while in EL2 or 3.
Cheers,
Edgar
> + /* ARM ARMv7 B1.8.6 Asynchronous exception masking (table B1-12/B1-13)
> + * ARM ARMv8 G1.11.3 Asynchronous exception masking controls
> + * (table G1-18/G1-19) */
> switch (excp_idx) {
> case EXCP_FIQ:
> - if (irq_can_hyp && (env->cp15.hcr_el2 & HCR_FMO)) {
> - return true;
> + if (!secure) {
> + if (arm_feature(env, ARM_FEATURE_EL2) &&
> + (env->cp15.hcr_el2 & HCR_FMO)) {
> + /* CPSR.F/PSTATE.F ignored if
> + * - exception is taken from Non-secure state
> + * - HCR.FMO == 1
> + * - either: - not in Hyp mode
> + * - SCR.FIQ routes exception to monitor mode
> + */
> + if (cur_el < 2) {
> + return true;
> + } else if (arm_feature(env, ARM_FEATURE_EL3) &&
> + (env->cp15.scr_el3 & SCR_FIQ)) {
> + return true;
> + }
> + }
> + /* In ARMv7 only applies if both Security Extensions (EL3) and
> + * Hypervirtualization Extensions (EL2) implemented, while
> + * for ARMv8 it applies also if only EL3 implemented.
> + */
> + if (arm_feature(env, ARM_FEATURE_EL3) &&
> + (arm_feature(env, ARM_FEATURE_EL2) ||
> + arm_feature(env, ARM_FEATURE_V8))) {
> + /* CPSR.F/PSTATE.F ignored if
> + * - exception is taken from Non-secure state
> + * - SCR.FIQ routes exception to monitor mode
> + * - SCR.FW bit is set to 0
> + * - HCR.FMO == 0 (if EL2 implemented)
> + */
> + if ((env->cp15.scr_el3 & SCR_FIQ) &&
> + !(env->cp15.scr_el3 & SCR_FW)) {
> + if (!arm_feature(env, ARM_FEATURE_EL2)) {
> + return true;
> + } else if (!(env->cp15.hcr_el2 & HCR_FMO)) {
> + return true;
> + }
> + }
> + }
> }
> return !(env->daif & PSTATE_F);
> case EXCP_IRQ:
> - if (irq_can_hyp && (env->cp15.hcr_el2 & HCR_IMO)) {
> - return true;
> + if (!secure) {
> + if (arm_feature(env, ARM_FEATURE_EL2) &&
> + (env->cp15.hcr_el2 & HCR_IMO)) {
> + /* CPSR.I/PSTATE.I ignored if
> + * - exception is taken from Non-secure state
> + * - HCR.IMO == 1
> + * - either: - not in Hyp mode
> + * - SCR.IRQ routes exception to monitor mode
> + */
> + if (cur_el < 2) {
> + return true;
> + } else if (arm_feature(env, ARM_FEATURE_EL3) &&
> + (env->cp15.scr_el3 & SCR_IRQ)) {
> + return true;
> + }
> + }
> }
> return irq_unmasked;
> case EXCP_VFIQ:
> --
> 1.8.3.2
>
^ permalink raw reply [flat|nested] 49+ messages in thread
* Re: [Qemu-devel] [PATCH v4 09/33] target-arm: extend Aarch32 async excp masking
2014-07-01 8:22 ` Edgar E. Iglesias
@ 2014-07-01 13:33 ` Greg Bellows
0 siblings, 0 replies; 49+ messages in thread
From: Greg Bellows @ 2014-07-01 13:33 UTC (permalink / raw)
To: Edgar E. Iglesias
Cc: Peter Maydell, Peter Crosthwaite, Fabian Aggeler,
QEMU Developers, Sergey Fedorov, Christoffer Dall
[-- Attachment #1: Type: text/plain, Size: 5670 bytes --]
Yes, apparently I did, thanks for catching this.
I'll address the comments in v5.
Regards,
Greg
On 1 July 2014 03:22, Edgar E. Iglesias <edgar.iglesias@gmail.com> wrote:
> On Mon, Jun 30, 2014 at 06:09:09PM -0500, greg.bellows@linaro.org wrote:
> > From: Fabian Aggeler <aggelerf@ethz.ch>
> >
> > This patch extends arm_excp_unmasked() according to ARM ARMv7 and
> > ARM ARMv8 (all EL running in Aarch32) and adds comments.
> >
> > Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
> > Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
> > ---
> > target-arm/cpu.h | 77
> ++++++++++++++++++++++++++++++++++++++++++++------------
> > 1 file changed, 61 insertions(+), 16 deletions(-)
> >
> > diff --git a/target-arm/cpu.h b/target-arm/cpu.h
> > index 44e0943..fbd7cad 100644
> > --- a/target-arm/cpu.h
> > +++ b/target-arm/cpu.h
> > @@ -597,6 +597,8 @@ static inline void xpsr_write(CPUARMState *env,
> uint32_t val, uint32_t mask)
> > #define SCR_IRQ (1U << 1)
> > #define SCR_FIQ (1U << 2)
> > #define SCR_EA (1U << 3)
> > +#define SCR_FW (1U << 4)
> > +#define SCR_AW (1U << 5)
> > #define SCR_SMD (1U << 7)
> > #define SCR_HCE (1U << 8)
> > #define SCR_SIF (1U << 9)
> > @@ -1199,30 +1201,73 @@ static inline bool arm_excp_unmasked(CPUState
> *cs, unsigned int excp_idx)
> > {
> > CPUARMState *env = cs->env_ptr;
> > unsigned int cur_el = arm_current_pl(env);
> > - unsigned int target_el = arm_excp_target_el(cs, excp_idx);
> > - /* FIXME: Use actual secure state. */
> > - bool secure = false;
> > - /* Interrupts can only be hypervised and routed to
> > - * EL2 if we are in NS EL0/1.
> > - */
> > - bool irq_can_hyp = !secure && cur_el < 2 && target_el == 2;
> > + bool secure = arm_is_secure(env);
> > +
> > bool irq_unmasked = ((IS_M(env) && env->regs[15] < 0xfffffff0)
> > || !(env->daif & PSTATE_I));
> >
> > - /* Don't take exceptions if they target a lower EL. */
> > - if (cur_el > target_el) {
> > - return false;
> > - }
> > -
>
> Hi,
>
> I think you might have missed a few of comments on the previous review.
> If we remove the check for cur_el > target_el, we need to replace it
> with something similar for VIRQ/VFIQ. VIRQ and VFIQ target EL1 and
> cannot be taken while in EL2 or 3.
>
> Cheers,
> Edgar
>
>
> > + /* ARM ARMv7 B1.8.6 Asynchronous exception masking (table
> B1-12/B1-13)
> > + * ARM ARMv8 G1.11.3 Asynchronous exception masking controls
> > + * (table G1-18/G1-19) */
> > switch (excp_idx) {
> > case EXCP_FIQ:
> > - if (irq_can_hyp && (env->cp15.hcr_el2 & HCR_FMO)) {
> > - return true;
> > + if (!secure) {
> > + if (arm_feature(env, ARM_FEATURE_EL2) &&
> > + (env->cp15.hcr_el2 & HCR_FMO)) {
> > + /* CPSR.F/PSTATE.F ignored if
> > + * - exception is taken from Non-secure state
> > + * - HCR.FMO == 1
> > + * - either: - not in Hyp mode
> > + * - SCR.FIQ routes exception to monitor
> mode
> > + */
> > + if (cur_el < 2) {
> > + return true;
> > + } else if (arm_feature(env, ARM_FEATURE_EL3) &&
> > + (env->cp15.scr_el3 & SCR_FIQ)) {
> > + return true;
> > + }
> > + }
> > + /* In ARMv7 only applies if both Security Extensions (EL3)
> and
> > + * Hypervirtualization Extensions (EL2) implemented, while
> > + * for ARMv8 it applies also if only EL3 implemented.
> > + */
> > + if (arm_feature(env, ARM_FEATURE_EL3) &&
> > + (arm_feature(env, ARM_FEATURE_EL2) ||
> > + arm_feature(env, ARM_FEATURE_V8))) {
> > + /* CPSR.F/PSTATE.F ignored if
> > + * - exception is taken from Non-secure state
> > + * - SCR.FIQ routes exception to monitor mode
> > + * - SCR.FW bit is set to 0
> > + * - HCR.FMO == 0 (if EL2 implemented)
> > + */
> > + if ((env->cp15.scr_el3 & SCR_FIQ) &&
> > + !(env->cp15.scr_el3 & SCR_FW)) {
> > + if (!arm_feature(env, ARM_FEATURE_EL2)) {
> > + return true;
> > + } else if (!(env->cp15.hcr_el2 & HCR_FMO)) {
> > + return true;
> > + }
> > + }
> > + }
> > }
> > return !(env->daif & PSTATE_F);
> > case EXCP_IRQ:
> > - if (irq_can_hyp && (env->cp15.hcr_el2 & HCR_IMO)) {
> > - return true;
> > + if (!secure) {
> > + if (arm_feature(env, ARM_FEATURE_EL2) &&
> > + (env->cp15.hcr_el2 & HCR_IMO)) {
> > + /* CPSR.I/PSTATE.I ignored if
> > + * - exception is taken from Non-secure state
> > + * - HCR.IMO == 1
> > + * - either: - not in Hyp mode
> > + * - SCR.IRQ routes exception to monitor
> mode
> > + */
> > + if (cur_el < 2) {
> > + return true;
> > + } else if (arm_feature(env, ARM_FEATURE_EL3) &&
> > + (env->cp15.scr_el3 & SCR_IRQ)) {
> > + return true;
> > + }
> > + }
> > }
> > return irq_unmasked;
> > case EXCP_VFIQ:
> > --
> > 1.8.3.2
> >
>
[-- Attachment #2: Type: text/html, Size: 7923 bytes --]
^ permalink raw reply [flat|nested] 49+ messages in thread
* Re: [Qemu-devel] [PATCH v4 04/33] target-arm: add arm_is_secure() function
2014-07-01 8:17 ` Edgar E. Iglesias
@ 2014-07-01 13:51 ` Greg Bellows
0 siblings, 0 replies; 49+ messages in thread
From: Greg Bellows @ 2014-07-01 13:51 UTC (permalink / raw)
To: Edgar E. Iglesias
Cc: Peter Maydell, Peter Crosthwaite, Sergey Fedorov, Fabian Aggeler,
QEMU Developers, Sergey Fedorov, Christoffer Dall
[-- Attachment #1: Type: text/plain, Size: 2606 bytes --]
Yes, this makes sense, I will update for v5.
Regards,
Greg
On 1 July 2014 03:17, Edgar E. Iglesias <edgar.iglesias@gmail.com> wrote:
> On Mon, Jun 30, 2014 at 06:09:04PM -0500, greg.bellows@linaro.org wrote:
> > From: Fabian Aggeler <aggelerf@ethz.ch>
> >
> > arm_is_secure() function allows to determine CPU security state
> > if the CPU implements Security Extensions/EL3.
> > arm_is_secure_below_el3() returns true if CPU is in secure state
> > below EL3.
> >
> > Signed-off-by: Sergey Fedorov <s.fedorov@samsung.com>
> > Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
> > Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
> > ---
> > target-arm/cpu.h | 38 ++++++++++++++++++++++++++++++++++++++
> > 1 file changed, 38 insertions(+)
> >
> > diff --git a/target-arm/cpu.h b/target-arm/cpu.h
> > index ffc51f2..aba077b 100644
> > --- a/target-arm/cpu.h
> > +++ b/target-arm/cpu.h
> > @@ -726,6 +726,44 @@ static inline int arm_feature(CPUARMState *env, int
> feature)
> > return (env->features & (1ULL << feature)) != 0;
> > }
> >
> > +
> > +/* Return true if exception level below EL3 is in secure state */
> > +static inline bool arm_is_secure_below_el3(CPUARMState *env)
> > +{
> > +#if !defined(CONFIG_USER_ONLY)
> > + if (arm_feature(env, ARM_FEATURE_EL3)) {
> > + return !(env->cp15.scr_el3 & SCR_NS);
> > + } else if (arm_feature(env, ARM_FEATURE_EL2)) {
> > + return false;
> > + } else {
> > + /* IMPDEF: QEMU defaults to non-secure */
> > + return false;
> > + }
> > +#else
> > + return false;
> > +#endif
> > +}
>
> Should we be #ifdefing the entire arm_is_secure_below_el3() as it is
> not called from user-only code?
>
>
>
> > +
> > +/* Return true if the processor is in secure state */
> > +static inline bool arm_is_secure(CPUARMState *env)
> > +{
> > +#if !defined(CONFIG_USER_ONLY)
> > + if (arm_feature(env, ARM_FEATURE_EL3)) {
> > + if (env->aarch64 && extract32(env->pstate, 2, 2) == 3) {
> > + /* CPU currently in Aarch64 state and EL3 */
> > + return true;
> > + } else if (!env->aarch64 &&
> > + (env->uncached_cpsr & CPSR_M) == ARM_CPU_MODE_MON) {
> > + /* CPU currently in Aarch32 state and monitor mode */
> > + return true;
> > + }
> > + }
> > + return arm_is_secure_below_el3(env);
> > +#else
> > + return false;
> > +#endif
> > +}
> > +
> > /* Return true if the specified exception level is running in AArch64
> state. */
> > static inline bool arm_el_is_aa64(CPUARMState *env, int el)
> > {
> > --
> > 1.8.3.2
> >
>
[-- Attachment #2: Type: text/html, Size: 3843 bytes --]
^ permalink raw reply [flat|nested] 49+ messages in thread
* Re: [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (32 preceding siblings ...)
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 33/33] target-arm: Limit migration of duplicate CP regs greg.bellows
@ 2014-07-02 9:41 ` Aggeler Fabian
2014-09-05 17:55 ` Peter Maydell
34 siblings, 0 replies; 49+ messages in thread
From: Aggeler Fabian @ 2014-07-02 9:41 UTC (permalink / raw)
To: greg.bellows
Cc: peter.maydell, peter.crosthwaite, qemu-devel, serge.fdrv,
edgar.iglesias, christoffer.dall
Hey Greg
Great to see this version. I will try to go through it in the next days.
Best,
Fabian
On 01 Jul 2014, at 01:09, greg.bellows@linaro.org wrote:
> From: Greg Bellows <greg.bellows@linaro.org>
>
> Updated Fabian's v3 patchset for review comments. This patchset includes
> changes in support of the security extension on v7 aarch32 with hooks for later
> enabling v8 aarch64.
>
> The patches are built upon and therefore dependent on v3 of Xilinx's second round of EL2/3 patches.
>
> Summary of the changes from v3 -> v4:
> * Conditionally register security CP registers.
> * Fixed various bugs found in review
> * Reverted back to EL array-notation in combination with explicit v7 naming
> * Add functionality to handle migration of duplicate CP registrations
>
> Fabian Aggeler (29):
> target-arm: add cpu feature EL3 to CPUs with Security Extensions
> target-arm: move Aarch32 SCR into security reglist
> target-arm: increase arrays of registers R13 & R14
> target-arm: add arm_is_secure() function
> target-arm: make arm_current_pl() return PL3
> target-arm: A32: Emulate the SMC instruction
> target-arm: extend Aarch32 async excp masking
> target-arm: extend Aarch64 SCR.{FIQ|IRQ} handling
> target-arm: add async excp target_el&mode function
> target-arm: use dedicated target_el function
> target-arm: implement IRQ/FIQ routing to Monitor mode
> target-arm: Respect SCR.FW, SCR.AW and SCTLR.NMFI
> target-arm: add NSACR register
> target-arm: add MVBAR support
> target-arm: add macros to access banked registers
> target-arm: insert Aarch32 cpregs twice into hashtable
> target-arm: arrayfying fieldoffset for banking
> target-arm: add SCTLR_EL3 and make SCTLR banked
> target-arm: make CSSELR banked
> target-arm: add TTBR0_EL3 and make TTBR0/1 banked
> target-arm: add TCR_EL3 and make TTBCR banked
> target-arm: make c2_mask and c2_base_mask banked
> target-arm: make DACR banked
> target-arm: make IFSR banked
> target-arm: make DFSR banked
> target-arm: make IFAR/DFAR banked
> target-arm: make PAR banked
> target-arm: make VBAR banked
> target-arm: make c13 cp regs banked (FCSEIDR, ...)
>
> Greg Bellows (1):
> target-arm: Limit migration of duplicate CP regs
>
> Sergey Fedorov (3):
> target-arm: reject switching to monitor mode
> target-arm: add non-secure Translation Block flag
> target-arm: add SDER definition
>
> hw/arm/pxa2xx.c | 4 +-
> target-arm/cpu.c | 11 +-
> target-arm/cpu.h | 446 +++++++++++++++++++++++++---
> target-arm/helper.c | 722 +++++++++++++++++++++++++++++++++++----------
> target-arm/internals.h | 5 +
> target-arm/machine.c | 4 +-
> target-arm/op_helper.c | 2 +-
> target-arm/translate-a64.c | 1 +
> target-arm/translate.c | 57 +++-
> target-arm/translate.h | 1 +
> 10 files changed, 1019 insertions(+), 234 deletions(-)
>
> --
> 1.8.3.2
>
>
>
^ permalink raw reply [flat|nested] 49+ messages in thread
* Re: [Qemu-devel] [PATCH v4 15/33] target-arm: add NSACR register
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 15/33] target-arm: add NSACR register greg.bellows
@ 2014-07-07 9:40 ` Aggeler Fabian
2014-07-07 14:15 ` Greg Bellows
0 siblings, 1 reply; 49+ messages in thread
From: Aggeler Fabian @ 2014-07-07 9:40 UTC (permalink / raw)
To: greg.bellows
Cc: Peter Maydell, Peter Crosthwaite,
qemu-devel@nongnu.org Developers, Sergey Fedorov,
Edgar E. Iglesias, Christoffer Dall
On 01 Jul 2014, at 01:09, greg.bellows@linaro.org wrote:
> From: Fabian Aggeler <aggelerf@ethz.ch>
>
> Implements NSACR register with corresponding read/write functions
> for ARMv7 and ARMv8.
>
Actually, in this patch we could add a check in cpu_get_tb_cpu_state() (cpu.h) to not set
the ARM_TBFLAG_CPACR_FPEN_MASK if NSACR disables it.
What do you think?
> Signed-off-by: Sergey Fedorov <s.fedorov@samsung.com>
> Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
> Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
> ---
> target-arm/cpu.h | 6 +++++
> target-arm/helper.c | 68 ++++++++++++++++++++++++++++++++++++++++++++++++++++-
> 2 files changed, 73 insertions(+), 1 deletion(-)
>
> diff --git a/target-arm/cpu.h b/target-arm/cpu.h
> index 1e8d5ee..4625088 100644
> --- a/target-arm/cpu.h
> +++ b/target-arm/cpu.h
> @@ -182,6 +182,7 @@ typedef struct CPUARMState {
> uint64_t c1_coproc; /* Coprocessor access register. */
> uint32_t c1_xscaleauxcr; /* XScale auxiliary control register. */
> uint32_t c1_scr; /* secure config register. */
> + uint32_t c1_nsacr; /* Non-secure access control register. */
> uint64_t ttbr0_el1; /* MMU translation table base 0. */
> uint64_t ttbr1_el1; /* MMU translation table base 1. */
> uint64_t c2_control; /* MMU translation table base control. */
> @@ -609,6 +610,11 @@ static inline void xpsr_write(CPUARMState *env, uint32_t val, uint32_t mask)
> #define SCR_RES1_MASK (3U << 4)
> #define SCR_MASK (0x3fff & ~SCR_RES1_MASK)
>
> +#define NSACR_NSTRCDIS (1U << 20)
> +#define NSACR_RFR (1U << 19)
> +#define NSACR_NSASEDIS (1U << 15)
> +#define NSACR_NSD32DIS (1U << 14)
> +
> /* Return the current FPSCR value. */
> uint32_t vfp_get_fpscr(CPUARMState *env);
> void vfp_set_fpscr(CPUARMState *env, uint32_t val);
> diff --git a/target-arm/helper.c b/target-arm/helper.c
> index e43545a..6342dbf 100644
> --- a/target-arm/helper.c
> +++ b/target-arm/helper.c
> @@ -489,7 +489,19 @@ static void cpacr_write(CPUARMState *env, const ARMCPRegInfo *ri,
> /* VFP coprocessor: cp10 & cp11 [23:20] */
> mask |= (1 << 31) | (1 << 30) | (0xf << 20);
>
> - if (!arm_feature(env, ARM_FEATURE_NEON)) {
> + if (arm_feature(env, ARM_FEATURE_NEON)) {
> + /* NSACR can disable non-secure writes to
> + * ASEDIS [31] or D32DIS [30]
> + */
> + if (arm_feature(env, ARM_FEATURE_EL3) && !arm_is_secure(env)) {
> + if ((env->cp15.c1_nsacr & NSACR_NSASEDIS)) {
> + mask &= ~(1 << 31);
> + }
> + if ((env->cp15.c1_nsacr & NSACR_NSD32DIS)) {
> + mask &= ~(1 << 30);
> + }
> + }
> + } else {
> /* ASEDIS [31] bit is RAO/WI */
> value |= (1 << 31);
> }
> @@ -501,6 +513,7 @@ static void cpacr_write(CPUARMState *env, const ARMCPRegInfo *ri,
> !arm_feature(env, ARM_FEATURE_VFP3)) {
> /* D32DIS [30] is RAO/WI if D16-31 are not implemented. */
> value |= (1 << 30);
> + mask |= (1 << 30);
> }
> }
> value &= mask;
> @@ -2195,6 +2208,55 @@ static void scr_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value)
> raw_write(env, ri, value);
> }
>
> +static void nsacr_write(CPUARMState *env, const ARMCPRegInfo *ri,
> + uint64_t value)
> +{
> + uint32_t mask = 0;
> +
> + /* Pre ARMv8 some bits are RAO or UNK/SBZP */
> + if (!arm_feature(env, ARM_FEATURE_V8)) {
> +
> + if (arm_feature(env, ARM_FEATURE_VFP)) {
> + mask |= NSACR_NSASEDIS | NSACR_NSD32DIS;
> +
> + if (!arm_feature(env, ARM_FEATURE_NEON)) {
> + /* NSASEDIS are RAO/WI */
> + value |= NSACR_NSASEDIS;
> + }
> +
> + /* VFPv3 and upwards with NEON implement 32 double precision
> + * registers (D0-D31).
> + */
> + if (!arm_feature(env, ARM_FEATURE_NEON) ||
> + !arm_feature(env, ARM_FEATURE_VFP3)) {
> + /* NSD32DIS is RAO/WI if D16-31 are not implemented. */
> + value |= NSACR_NSD32DIS;
> + }
> + }
> +
> + /* cpn bits [13:0] */
> + mask = 0x3fff;
> +
> + value &= mask;
> + }
> +
> + raw_write(env, ri, value);
> +}
> +
> +static uint64_t nsacr_read(CPUARMState *env, const ARMCPRegInfo *ri)
> +{
> + uint64_t ret = raw_read(env, ri);
> +
> + if (arm_feature(env, ARM_FEATURE_V8)) {
> + if (!arm_feature(env, ARM_FEATURE_EL3) || (
> + arm_el_is_aa64(env, 3) && !is_a64(env) &&
> + arm_current_pl(env) != 3)) {
> + ret = 0x0000C00;
> + }
> + }
> + return ret;
> +}
> +
> static const ARMCPRegInfo v8_el3_cp_reginfo[] = {
> { .name = "ELR_EL3", .state = ARM_CP_STATE_AA64,
> .type = ARM_CP_NO_MIGRATE,
> @@ -2228,6 +2290,10 @@ static const ARMCPRegInfo v7_el3_cp_reginfo[] = {
> { .name = "SCR", .cp = 15, .crn = 1, .crm = 1, .opc1 = 0, .opc2 = 0,
> .access = PL3_RW, .fieldoffset = offsetof(CPUARMState, cp15.scr_el3),
> .resetvalue = 0, },
> + { .name = "NSACR", .cp = 15, .crn = 1, .crm = 1, .opc1 = 0, .opc2 = 2,
> + .access = PL3_RW | PL1_R, .resetvalue = 0,
> + .writefn = nsacr_write, .readfn = nsacr_read,
> + .fieldoffset = offsetof(CPUARMState, cp15.c1_nsacr) },
> REGINFO_SENTINEL
> };
>
> --
> 1.8.3.2
>
>
>
^ permalink raw reply [flat|nested] 49+ messages in thread
* Re: [Qemu-devel] [PATCH v4 15/33] target-arm: add NSACR register
2014-07-07 9:40 ` Aggeler Fabian
@ 2014-07-07 14:15 ` Greg Bellows
0 siblings, 0 replies; 49+ messages in thread
From: Greg Bellows @ 2014-07-07 14:15 UTC (permalink / raw)
To: Aggeler Fabian
Cc: Peter Maydell, Peter Crosthwaite,
qemu-devel@nongnu.org Developers, Sergey Fedorov,
Edgar E. Iglesias, Christoffer Dall
[-- Attachment #1: Type: text/plain, Size: 6254 bytes --]
That sounds like a valid check to perform. Digging deeper, it seems there
is some downstream FIXME code in translate.c that should account for
cpacr_fpen indicating FP being disabled.
I'll plan to fix this code.
On 7 July 2014 04:40, Aggeler Fabian <aggelerf@student.ethz.ch> wrote:
>
> On 01 Jul 2014, at 01:09, greg.bellows@linaro.org wrote:
>
> > From: Fabian Aggeler <aggelerf@ethz.ch>
> >
> > Implements NSACR register with corresponding read/write functions
> > for ARMv7 and ARMv8.
> >
>
> Actually, in this patch we could add a check in cpu_get_tb_cpu_state()
> (cpu.h) to not set
> the ARM_TBFLAG_CPACR_FPEN_MASK if NSACR disables it.
>
> What do you think?
>
> > Signed-off-by: Sergey Fedorov <s.fedorov@samsung.com>
> > Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
> > Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
> > ---
> > target-arm/cpu.h | 6 +++++
> > target-arm/helper.c | 68
> ++++++++++++++++++++++++++++++++++++++++++++++++++++-
> > 2 files changed, 73 insertions(+), 1 deletion(-)
> >
> > diff --git a/target-arm/cpu.h b/target-arm/cpu.h
> > index 1e8d5ee..4625088 100644
> > --- a/target-arm/cpu.h
> > +++ b/target-arm/cpu.h
> > @@ -182,6 +182,7 @@ typedef struct CPUARMState {
> > uint64_t c1_coproc; /* Coprocessor access register. */
> > uint32_t c1_xscaleauxcr; /* XScale auxiliary control register.
> */
> > uint32_t c1_scr; /* secure config register. */
> > + uint32_t c1_nsacr; /* Non-secure access control register. */
> > uint64_t ttbr0_el1; /* MMU translation table base 0. */
> > uint64_t ttbr1_el1; /* MMU translation table base 1. */
> > uint64_t c2_control; /* MMU translation table base control. */
> > @@ -609,6 +610,11 @@ static inline void xpsr_write(CPUARMState *env,
> uint32_t val, uint32_t mask)
> > #define SCR_RES1_MASK (3U << 4)
> > #define SCR_MASK (0x3fff & ~SCR_RES1_MASK)
> >
> > +#define NSACR_NSTRCDIS (1U << 20)
> > +#define NSACR_RFR (1U << 19)
> > +#define NSACR_NSASEDIS (1U << 15)
> > +#define NSACR_NSD32DIS (1U << 14)
> > +
> > /* Return the current FPSCR value. */
> > uint32_t vfp_get_fpscr(CPUARMState *env);
> > void vfp_set_fpscr(CPUARMState *env, uint32_t val);
> > diff --git a/target-arm/helper.c b/target-arm/helper.c
> > index e43545a..6342dbf 100644
> > --- a/target-arm/helper.c
> > +++ b/target-arm/helper.c
> > @@ -489,7 +489,19 @@ static void cpacr_write(CPUARMState *env, const
> ARMCPRegInfo *ri,
> > /* VFP coprocessor: cp10 & cp11 [23:20] */
> > mask |= (1 << 31) | (1 << 30) | (0xf << 20);
> >
> > - if (!arm_feature(env, ARM_FEATURE_NEON)) {
> > + if (arm_feature(env, ARM_FEATURE_NEON)) {
> > + /* NSACR can disable non-secure writes to
> > + * ASEDIS [31] or D32DIS [30]
> > + */
> > + if (arm_feature(env, ARM_FEATURE_EL3) &&
> !arm_is_secure(env)) {
> > + if ((env->cp15.c1_nsacr & NSACR_NSASEDIS)) {
> > + mask &= ~(1 << 31);
> > + }
> > + if ((env->cp15.c1_nsacr & NSACR_NSD32DIS)) {
> > + mask &= ~(1 << 30);
> > + }
> > + }
> > + } else {
> > /* ASEDIS [31] bit is RAO/WI */
> > value |= (1 << 31);
> > }
> > @@ -501,6 +513,7 @@ static void cpacr_write(CPUARMState *env, const
> ARMCPRegInfo *ri,
> > !arm_feature(env, ARM_FEATURE_VFP3)) {
> > /* D32DIS [30] is RAO/WI if D16-31 are not implemented.
> */
> > value |= (1 << 30);
> > + mask |= (1 << 30);
> > }
> > }
> > value &= mask;
> > @@ -2195,6 +2208,55 @@ static void scr_write(CPUARMState *env, const
> ARMCPRegInfo *ri, uint64_t value)
> > raw_write(env, ri, value);
> > }
> >
> > +static void nsacr_write(CPUARMState *env, const ARMCPRegInfo *ri,
> > + uint64_t value)
> > +{
> > + uint32_t mask = 0;
> > +
> > + /* Pre ARMv8 some bits are RAO or UNK/SBZP */
> > + if (!arm_feature(env, ARM_FEATURE_V8)) {
> > +
> > + if (arm_feature(env, ARM_FEATURE_VFP)) {
> > + mask |= NSACR_NSASEDIS | NSACR_NSD32DIS;
> > +
> > + if (!arm_feature(env, ARM_FEATURE_NEON)) {
> > + /* NSASEDIS are RAO/WI */
> > + value |= NSACR_NSASEDIS;
> > + }
> > +
> > + /* VFPv3 and upwards with NEON implement 32 double precision
> > + * registers (D0-D31).
> > + */
> > + if (!arm_feature(env, ARM_FEATURE_NEON) ||
> > + !arm_feature(env, ARM_FEATURE_VFP3)) {
> > + /* NSD32DIS is RAO/WI if D16-31 are not implemented. */
> > + value |= NSACR_NSD32DIS;
> > + }
> > + }
> > +
> > + /* cpn bits [13:0] */
> > + mask = 0x3fff;
> > +
> > + value &= mask;
> > + }
> > +
> > + raw_write(env, ri, value);
> > +}
> > +
> > +static uint64_t nsacr_read(CPUARMState *env, const ARMCPRegInfo *ri)
> > +{
> > + uint64_t ret = raw_read(env, ri);
> > +
> > + if (arm_feature(env, ARM_FEATURE_V8)) {
> > + if (!arm_feature(env, ARM_FEATURE_EL3) || (
> > + arm_el_is_aa64(env, 3) && !is_a64(env) &&
> > + arm_current_pl(env) != 3)) {
> > + ret = 0x0000C00;
> > + }
> > + }
> > + return ret;
> > +}
> > +
> > static const ARMCPRegInfo v8_el3_cp_reginfo[] = {
> > { .name = "ELR_EL3", .state = ARM_CP_STATE_AA64,
> > .type = ARM_CP_NO_MIGRATE,
> > @@ -2228,6 +2290,10 @@ static const ARMCPRegInfo v7_el3_cp_reginfo[] = {
> > { .name = "SCR", .cp = 15, .crn = 1, .crm = 1, .opc1 = 0, .opc2 = 0,
> > .access = PL3_RW, .fieldoffset = offsetof(CPUARMState,
> cp15.scr_el3),
> > .resetvalue = 0, },
> > + { .name = "NSACR", .cp = 15, .crn = 1, .crm = 1, .opc1 = 0, .opc2 =
> 2,
> > + .access = PL3_RW | PL1_R, .resetvalue = 0,
> > + .writefn = nsacr_write, .readfn = nsacr_read,
> > + .fieldoffset = offsetof(CPUARMState, cp15.c1_nsacr) },
> > REGINFO_SENTINEL
> > };
> >
> > --
> > 1.8.3.2
> >
> >
> >
>
>
[-- Attachment #2: Type: text/html, Size: 8368 bytes --]
^ permalink raw reply [flat|nested] 49+ messages in thread
* Re: [Qemu-devel] [PATCH v4 06/33] target-arm: make arm_current_pl() return PL3
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 06/33] target-arm: make arm_current_pl() return PL3 greg.bellows
@ 2014-08-26 14:29 ` Peter Maydell
2014-08-28 13:53 ` Greg Bellows
0 siblings, 1 reply; 49+ messages in thread
From: Peter Maydell @ 2014-08-26 14:29 UTC (permalink / raw)
To: Greg Bellows
Cc: Peter Crosthwaite, Fabian Aggeler, QEMU Developers,
Sergey Fedorov, Edgar E. Iglesias, Christoffer Dall
On 1 July 2014 00:09, <greg.bellows@linaro.org> wrote:
> From: Fabian Aggeler <aggelerf@ethz.ch>
>
> Make arm_current_pl() return PL3 for secure PL1 and monitor mode.
> Increase MMU modes since mmu_index is directly infered from arm_
> current_pl(). Changes assertion in arm_el_is_aa64() to allow EL3.
> @@ -963,9 +963,12 @@ static inline int arm_current_pl(CPUARMState *env)
>
> if ((env->uncached_cpsr & 0x1f) == ARM_CPU_MODE_USR) {
> return 0;
> + } else if (arm_is_secure(env)) {
> + /* Secure PL1 and monitor mode are mapped to PL3 */
> + return 3;
> }
> - /* We don't currently implement the Virtualization or TrustZone
> - * extensions, so PL2 and PL3 don't exist for us.
> + /* We currently do not implement the Virtualization extensions, so PL2 does
> + * not exist for us.
> */
> return 1;
> }
This worries me a bit, because I suspect we have code that's
treating arm_current_pl() as if it were arm_current_el(), ie that
Secure EL1 will return 1, not 3. Perhaps we need to have
both functions and check that all the callers are using the
right one?
thanks
-- PMM
^ permalink raw reply [flat|nested] 49+ messages in thread
* Re: [Qemu-devel] [PATCH v4 06/33] target-arm: make arm_current_pl() return PL3
2014-08-26 14:29 ` Peter Maydell
@ 2014-08-28 13:53 ` Greg Bellows
0 siblings, 0 replies; 49+ messages in thread
From: Greg Bellows @ 2014-08-28 13:53 UTC (permalink / raw)
To: Peter Maydell
Cc: Peter Crosthwaite, Fabian Aggeler, QEMU Developers,
Sergey Fedorov, Edgar E. Iglesias, Christoffer Dall
[-- Attachment #1: Type: text/plain, Size: 1677 bytes --]
Hi Peter,
Perhaps it is best to eliminate the made up "PL3" to avoid confusion with
EL3. Then this function can simply always return the correct level whether
it is PL or EL. Anywhere we require knowing whether we are secure or not
can be checked separately, which may be clearer anyhow. As well, we could
add a is_secure_pl1() function that would combine the checks.
Thoughts?
Regards,
Greg
On 26 August 2014 09:29, Peter Maydell <peter.maydell@linaro.org> wrote:
> On 1 July 2014 00:09, <greg.bellows@linaro.org> wrote:
> > From: Fabian Aggeler <aggelerf@ethz.ch>
> >
> > Make arm_current_pl() return PL3 for secure PL1 and monitor mode.
> > Increase MMU modes since mmu_index is directly infered from arm_
> > current_pl(). Changes assertion in arm_el_is_aa64() to allow EL3.
>
> > @@ -963,9 +963,12 @@ static inline int arm_current_pl(CPUARMState *env)
> >
> > if ((env->uncached_cpsr & 0x1f) == ARM_CPU_MODE_USR) {
> > return 0;
> > + } else if (arm_is_secure(env)) {
> > + /* Secure PL1 and monitor mode are mapped to PL3 */
> > + return 3;
> > }
> > - /* We don't currently implement the Virtualization or TrustZone
> > - * extensions, so PL2 and PL3 don't exist for us.
> > + /* We currently do not implement the Virtualization extensions, so
> PL2 does
> > + * not exist for us.
> > */
> > return 1;
> > }
>
> This worries me a bit, because I suspect we have code that's
> treating arm_current_pl() as if it were arm_current_el(), ie that
> Secure EL1 will return 1, not 3. Perhaps we need to have
> both functions and check that all the callers are using the
> right one?
>
> thanks
> -- PMM
>
[-- Attachment #2: Type: text/html, Size: 2440 bytes --]
^ permalink raw reply [flat|nested] 49+ messages in thread
* Re: [Qemu-devel] [PATCH v4 07/33] target-arm: add non-secure Translation Block flag
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 07/33] target-arm: add non-secure Translation Block flag greg.bellows
2014-07-01 8:19 ` Edgar E. Iglesias
@ 2014-09-02 16:11 ` Peter Maydell
2014-09-02 16:43 ` Greg Bellows
1 sibling, 1 reply; 49+ messages in thread
From: Peter Maydell @ 2014-09-02 16:11 UTC (permalink / raw)
To: Greg Bellows
Cc: Peter Crosthwaite, Sergey Fedorov, Fabian Aggeler,
QEMU Developers, Sergey Fedorov, Edgar E. Iglesias,
Christoffer Dall
On 1 July 2014 00:09, <greg.bellows@linaro.org> wrote:
> From: Sergey Fedorov <s.fedorov@samsung.com>
>
> This patch is based on idea found in patch at
> git://github.com/jowinter/qemu-trustzone.git
> f3d955c6c0ed8c46bc0eb10b634201032a651dd2 by
> Johannes Winter <johannes.winter@iaik.tugraz.at>.
>
> This flag prevents QEMU from executing TCG code generated for other CPU
> security state. It also allows to generate different TCG code depending on
> CPU secure state.
>
> Signed-off-by: Sergey Fedorov <s.fedorov@samsung.com>
> Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
> Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
> ---
> target-arm/cpu.h | 10 ++++++++++
> target-arm/translate-a64.c | 1 +
> target-arm/translate.c | 3 +++
> target-arm/translate.h | 1 +
> 4 files changed, 15 insertions(+)
>
> diff --git a/target-arm/cpu.h b/target-arm/cpu.h
> index 1faf1e2..44e0943 100644
> --- a/target-arm/cpu.h
> +++ b/target-arm/cpu.h
> @@ -1291,6 +1291,8 @@ static inline int cpu_mmu_index (CPUARMState *env)
> #define ARM_TBFLAG_BSWAP_CODE_MASK (1 << ARM_TBFLAG_BSWAP_CODE_SHIFT)
> #define ARM_TBFLAG_CPACR_FPEN_SHIFT 17
> #define ARM_TBFLAG_CPACR_FPEN_MASK (1 << ARM_TBFLAG_CPACR_FPEN_SHIFT)
> +#define ARM_TBFLAG_NS_SHIFT 18
> +#define ARM_TBFLAG_NS_MASK (1 << ARM_TBFLAG_NS_SHIFT)
>
> /* Bit usage when in AArch64 state */
> #define ARM_TBFLAG_AA64_EL_SHIFT 0
> @@ -1321,6 +1323,8 @@ static inline int cpu_mmu_index (CPUARMState *env)
> (((F) & ARM_TBFLAG_AA64_EL_MASK) >> ARM_TBFLAG_AA64_EL_SHIFT)
> #define ARM_TBFLAG_AA64_FPEN(F) \
> (((F) & ARM_TBFLAG_AA64_FPEN_MASK) >> ARM_TBFLAG_AA64_FPEN_SHIFT)
> +#define ARM_TBFLAG_NS(F) \
> + (((F) & ARM_TBFLAG_NS_MASK) >> ARM_TBFLAG_NS_SHIFT)
>
> static inline void cpu_get_tb_cpu_state(CPUARMState *env, target_ulong *pc,
> target_ulong *cs_base, int *flags)
> @@ -1334,6 +1338,9 @@ static inline void cpu_get_tb_cpu_state(CPUARMState *env, target_ulong *pc,
> if (fpen == 3 || (fpen == 1 && arm_current_pl(env) != 0)) {
> *flags |= ARM_TBFLAG_AA64_FPEN_MASK;
> }
> + if (!arm_is_secure(env)) {
> + *flags |= ARM_TBFLAG_NS_MASK;
> + }
> } else {
> int privmode;
> *pc = env->regs[15];
> @@ -1350,6 +1357,9 @@ static inline void cpu_get_tb_cpu_state(CPUARMState *env, target_ulong *pc,
> if (privmode) {
> *flags |= ARM_TBFLAG_PRIV_MASK;
> }
> + if (!arm_is_secure(env)) {
> + *flags |= ARM_TBFLAG_NS_MASK;
> + }
You can't share the same TBFLAG between the AArch64
and AArch32 tb flags like this -- they have different layouts
of the bits in the flags word.
> if (env->vfp.xregs[ARM_VFP_FPEXC] & (1 << 30)
> || arm_el_is_aa64(env, 1)) {
> *flags |= ARM_TBFLAG_VFPEN_MASK;
> diff --git a/target-arm/translate-a64.c b/target-arm/translate-a64.c
> index 446d2cd..ad30903 100644
> --- a/target-arm/translate-a64.c
> +++ b/target-arm/translate-a64.c
> @@ -10879,6 +10879,7 @@ void gen_intermediate_code_internal_a64(ARMCPU *cpu,
> dc->condexec_cond = 0;
> #if !defined(CONFIG_USER_ONLY)
> dc->user = (ARM_TBFLAG_AA64_EL(tb->flags) == 0);
> + dc->ns = ARM_TBFLAG_NS(tb->flags);
> #endif
> dc->cpacr_fpen = ARM_TBFLAG_AA64_FPEN(tb->flags);
> dc->vec_len = 0;
> diff --git a/target-arm/translate.c b/target-arm/translate.c
> index cf4e767..bf17952 100644
> --- a/target-arm/translate.c
> +++ b/target-arm/translate.c
> @@ -53,8 +53,10 @@ static uint32_t gen_opc_condexec_bits[OPC_BUF_SIZE];
>
> #if defined(CONFIG_USER_ONLY)
> #define IS_USER(s) 1
> +#define IS_NS(s) 1
> #else
> #define IS_USER(s) (s->user)
> +#define IS_NS(s) (s->ns)
> #endif
>
> TCGv_ptr cpu_env;
> @@ -10904,6 +10906,7 @@ static inline void gen_intermediate_code_internal(ARMCPU *cpu,
> dc->condexec_cond = ARM_TBFLAG_CONDEXEC(tb->flags) >> 4;
> #if !defined(CONFIG_USER_ONLY)
> dc->user = (ARM_TBFLAG_PRIV(tb->flags) == 0);
> + dc->ns = ARM_TBFLAG_NS(tb->flags);
> #endif
> dc->cpacr_fpen = ARM_TBFLAG_CPACR_FPEN(tb->flags);
> dc->vfp_enabled = ARM_TBFLAG_VFPEN(tb->flags);
> diff --git a/target-arm/translate.h b/target-arm/translate.h
> index 31a0104..6e8620a 100644
> --- a/target-arm/translate.h
> +++ b/target-arm/translate.h
> @@ -19,6 +19,7 @@ typedef struct DisasContext {
> int bswap_code;
> #if !defined(CONFIG_USER_ONLY)
> int user;
> + int ns;
> #endif
Please don't follow the way the "user" flag is done, it's
weird and something I might eventually tidy up. Just have
a "bool ns" in the DisasContext (not inside the #if), and
set it to true if CONFIG_USER_ONLY is set. Then you
don't need to indirect via an IS_NS() macro, you can just
use s->ns directly.
> bool cpacr_fpen; /* FP enabled via CPACR.FPEN */
> bool vfp_enabled; /* FP enabled via FPSCR.EN */
> --
thanks
-- PMM
^ permalink raw reply [flat|nested] 49+ messages in thread
* Re: [Qemu-devel] [PATCH v4 01/33] target-arm: add cpu feature EL3 to CPUs with Security Extensions
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 01/33] target-arm: add cpu feature EL3 to CPUs with Security Extensions greg.bellows
@ 2014-09-02 16:34 ` Peter Maydell
0 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2014-09-02 16:34 UTC (permalink / raw)
To: Greg Bellows
Cc: Peter Crosthwaite, Fabian Aggeler, QEMU Developers,
Sergey Fedorov, Edgar E. Iglesias, Christoffer Dall
On 1 July 2014 00:09, <greg.bellows@linaro.org> wrote:
> From: Fabian Aggeler <aggelerf@ethz.ch>
>
> Set ARM_FEATURE_EL3 feature for CPUs that implement Security Extensions.
>
> Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
> Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
When this patchset is eventually ready to commit, this
patch needs to be the last one, so we don't enable the
EL3 support until it's complete. (Obviously for testing
purposes it's handy to have it at the front for now though.)
-- PMM
^ permalink raw reply [flat|nested] 49+ messages in thread
* Re: [Qemu-devel] [PATCH v4 07/33] target-arm: add non-secure Translation Block flag
2014-09-02 16:11 ` Peter Maydell
@ 2014-09-02 16:43 ` Greg Bellows
0 siblings, 0 replies; 49+ messages in thread
From: Greg Bellows @ 2014-09-02 16:43 UTC (permalink / raw)
To: Peter Maydell
Cc: Peter Crosthwaite, Sergey Fedorov, Fabian Aggeler,
QEMU Developers, Sergey Fedorov, Edgar E. Iglesias,
Christoffer Dall
[-- Attachment #1: Type: text/plain, Size: 5364 bytes --]
Thanks Peter. I'll fix these in v5.
On 2 September 2014 11:11, Peter Maydell <peter.maydell@linaro.org> wrote:
> On 1 July 2014 00:09, <greg.bellows@linaro.org> wrote:
> > From: Sergey Fedorov <s.fedorov@samsung.com>
> >
> > This patch is based on idea found in patch at
> > git://github.com/jowinter/qemu-trustzone.git
> > f3d955c6c0ed8c46bc0eb10b634201032a651dd2 by
> > Johannes Winter <johannes.winter@iaik.tugraz.at>.
> >
> > This flag prevents QEMU from executing TCG code generated for other CPU
> > security state. It also allows to generate different TCG code depending
> on
> > CPU secure state.
> >
> > Signed-off-by: Sergey Fedorov <s.fedorov@samsung.com>
> > Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
> > Signed-off-by: Greg Bellows <greg.bellows@linaro.org>
> > ---
> > target-arm/cpu.h | 10 ++++++++++
> > target-arm/translate-a64.c | 1 +
> > target-arm/translate.c | 3 +++
> > target-arm/translate.h | 1 +
> > 4 files changed, 15 insertions(+)
> >
> > diff --git a/target-arm/cpu.h b/target-arm/cpu.h
> > index 1faf1e2..44e0943 100644
> > --- a/target-arm/cpu.h
> > +++ b/target-arm/cpu.h
> > @@ -1291,6 +1291,8 @@ static inline int cpu_mmu_index (CPUARMState *env)
> > #define ARM_TBFLAG_BSWAP_CODE_MASK (1 << ARM_TBFLAG_BSWAP_CODE_SHIFT)
> > #define ARM_TBFLAG_CPACR_FPEN_SHIFT 17
> > #define ARM_TBFLAG_CPACR_FPEN_MASK (1 << ARM_TBFLAG_CPACR_FPEN_SHIFT)
> > +#define ARM_TBFLAG_NS_SHIFT 18
> > +#define ARM_TBFLAG_NS_MASK (1 << ARM_TBFLAG_NS_SHIFT)
> >
> > /* Bit usage when in AArch64 state */
> > #define ARM_TBFLAG_AA64_EL_SHIFT 0
> > @@ -1321,6 +1323,8 @@ static inline int cpu_mmu_index (CPUARMState *env)
> > (((F) & ARM_TBFLAG_AA64_EL_MASK) >> ARM_TBFLAG_AA64_EL_SHIFT)
> > #define ARM_TBFLAG_AA64_FPEN(F) \
> > (((F) & ARM_TBFLAG_AA64_FPEN_MASK) >> ARM_TBFLAG_AA64_FPEN_SHIFT)
> > +#define ARM_TBFLAG_NS(F) \
> > + (((F) & ARM_TBFLAG_NS_MASK) >> ARM_TBFLAG_NS_SHIFT)
> >
> > static inline void cpu_get_tb_cpu_state(CPUARMState *env, target_ulong
> *pc,
> > target_ulong *cs_base, int
> *flags)
> > @@ -1334,6 +1338,9 @@ static inline void
> cpu_get_tb_cpu_state(CPUARMState *env, target_ulong *pc,
> > if (fpen == 3 || (fpen == 1 && arm_current_pl(env) != 0)) {
> > *flags |= ARM_TBFLAG_AA64_FPEN_MASK;
> > }
> > + if (!arm_is_secure(env)) {
> > + *flags |= ARM_TBFLAG_NS_MASK;
> > + }
> > } else {
> > int privmode;
> > *pc = env->regs[15];
> > @@ -1350,6 +1357,9 @@ static inline void
> cpu_get_tb_cpu_state(CPUARMState *env, target_ulong *pc,
> > if (privmode) {
> > *flags |= ARM_TBFLAG_PRIV_MASK;
> > }
> > + if (!arm_is_secure(env)) {
> > + *flags |= ARM_TBFLAG_NS_MASK;
> > + }
>
> You can't share the same TBFLAG between the AArch64
> and AArch32 tb flags like this -- they have different layouts
> of the bits in the flags word.
>
> > if (env->vfp.xregs[ARM_VFP_FPEXC] & (1 << 30)
> > || arm_el_is_aa64(env, 1)) {
> > *flags |= ARM_TBFLAG_VFPEN_MASK;
> > diff --git a/target-arm/translate-a64.c b/target-arm/translate-a64.c
> > index 446d2cd..ad30903 100644
> > --- a/target-arm/translate-a64.c
> > +++ b/target-arm/translate-a64.c
> > @@ -10879,6 +10879,7 @@ void gen_intermediate_code_internal_a64(ARMCPU
> *cpu,
> > dc->condexec_cond = 0;
> > #if !defined(CONFIG_USER_ONLY)
> > dc->user = (ARM_TBFLAG_AA64_EL(tb->flags) == 0);
> > + dc->ns = ARM_TBFLAG_NS(tb->flags);
> > #endif
> > dc->cpacr_fpen = ARM_TBFLAG_AA64_FPEN(tb->flags);
> > dc->vec_len = 0;
> > diff --git a/target-arm/translate.c b/target-arm/translate.c
> > index cf4e767..bf17952 100644
> > --- a/target-arm/translate.c
> > +++ b/target-arm/translate.c
> > @@ -53,8 +53,10 @@ static uint32_t gen_opc_condexec_bits[OPC_BUF_SIZE];
> >
> > #if defined(CONFIG_USER_ONLY)
> > #define IS_USER(s) 1
> > +#define IS_NS(s) 1
> > #else
> > #define IS_USER(s) (s->user)
> > +#define IS_NS(s) (s->ns)
> > #endif
> >
> > TCGv_ptr cpu_env;
> > @@ -10904,6 +10906,7 @@ static inline void
> gen_intermediate_code_internal(ARMCPU *cpu,
> > dc->condexec_cond = ARM_TBFLAG_CONDEXEC(tb->flags) >> 4;
> > #if !defined(CONFIG_USER_ONLY)
> > dc->user = (ARM_TBFLAG_PRIV(tb->flags) == 0);
> > + dc->ns = ARM_TBFLAG_NS(tb->flags);
> > #endif
> > dc->cpacr_fpen = ARM_TBFLAG_CPACR_FPEN(tb->flags);
> > dc->vfp_enabled = ARM_TBFLAG_VFPEN(tb->flags);
> > diff --git a/target-arm/translate.h b/target-arm/translate.h
> > index 31a0104..6e8620a 100644
> > --- a/target-arm/translate.h
> > +++ b/target-arm/translate.h
> > @@ -19,6 +19,7 @@ typedef struct DisasContext {
> > int bswap_code;
> > #if !defined(CONFIG_USER_ONLY)
> > int user;
> > + int ns;
> > #endif
>
> Please don't follow the way the "user" flag is done, it's
> weird and something I might eventually tidy up. Just have
> a "bool ns" in the DisasContext (not inside the #if), and
> set it to true if CONFIG_USER_ONLY is set. Then you
> don't need to indirect via an IS_NS() macro, you can just
> use s->ns directly.
>
> > bool cpacr_fpen; /* FP enabled via CPACR.FPEN */
> > bool vfp_enabled; /* FP enabled via FPSCR.EN */
> > --
>
> thanks
> -- PMM
>
[-- Attachment #2: Type: text/html, Size: 7256 bytes --]
^ permalink raw reply [flat|nested] 49+ messages in thread
* Re: [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
` (33 preceding siblings ...)
2014-07-02 9:41 ` [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs Aggeler Fabian
@ 2014-09-05 17:55 ` Peter Maydell
34 siblings, 0 replies; 49+ messages in thread
From: Peter Maydell @ 2014-09-05 17:55 UTC (permalink / raw)
To: Greg Bellows
Cc: Edgar E. Iglesias, Peter Crosthwaite, QEMU Developers,
Christoffer Dall, Sergey Fedorov
On 1 July 2014 00:09, <greg.bellows@linaro.org> wrote:
> From: Greg Bellows <greg.bellows@linaro.org>
>
> Updated Fabian's v3 patchset for review comments. This patchset includes
> changes in support of the security extension on v7 aarch32 with hooks for later
> enabling v8 aarch64.
>
> The patches are built upon and therefore dependent on v3 of Xilinx's second round of EL2/3 patches.
Just a quick summary of what I think are the
"big picture" issues we still need to resolve:
1. how do we implement the S/NS attribute on memory accesses ?
(I wrote up a suggestion for this and sent it out yesterday;
we don't need to actually implement this prior to merging
the other code if guests don't rely on it in practice)
2. what is our approach for maintaining backward compatibility
with existing guests that expect to start in EL1 and/or
without trustzone (or for determining that there isn't
a serious back-compat problem) ?
3. how does this fit in with KVM (where we must start
the guest in NS-EL1 / NS-SVC) ?
4. what are the right set of functions and concepts for
current EL/current PL/S vs NS, given the differences
between AArch32 and AArch64 here (for 32 bit the
Secure Monitor and Secure PL1 are at the same privilege
level; for 64 bit they're EL3 and EL1) ?
I'll try to dig in a bit more and formulate an opinion
about 2-4 next week.
thanks
-- PMM
^ permalink raw reply [flat|nested] 49+ messages in thread
end of thread, other threads:[~2014-09-05 17:56 UTC | newest]
Thread overview: 49+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-06-30 23:09 [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 01/33] target-arm: add cpu feature EL3 to CPUs with Security Extensions greg.bellows
2014-09-02 16:34 ` Peter Maydell
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 02/33] target-arm: move Aarch32 SCR into security reglist greg.bellows
2014-07-01 8:15 ` Edgar E. Iglesias
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 03/33] target-arm: increase arrays of registers R13 & R14 greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 04/33] target-arm: add arm_is_secure() function greg.bellows
2014-07-01 8:17 ` Edgar E. Iglesias
2014-07-01 13:51 ` Greg Bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 05/33] target-arm: reject switching to monitor mode greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 06/33] target-arm: make arm_current_pl() return PL3 greg.bellows
2014-08-26 14:29 ` Peter Maydell
2014-08-28 13:53 ` Greg Bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 07/33] target-arm: add non-secure Translation Block flag greg.bellows
2014-07-01 8:19 ` Edgar E. Iglesias
2014-09-02 16:11 ` Peter Maydell
2014-09-02 16:43 ` Greg Bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 08/33] target-arm: A32: Emulate the SMC instruction greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 09/33] target-arm: extend Aarch32 async excp masking greg.bellows
2014-07-01 8:22 ` Edgar E. Iglesias
2014-07-01 13:33 ` Greg Bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 10/33] target-arm: extend Aarch64 SCR.{FIQ|IRQ} handling greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 11/33] target-arm: add async excp target_el&mode function greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 12/33] target-arm: use dedicated target_el function greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 13/33] target-arm: implement IRQ/FIQ routing to Monitor mode greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 14/33] target-arm: Respect SCR.FW, SCR.AW and SCTLR.NMFI greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 15/33] target-arm: add NSACR register greg.bellows
2014-07-07 9:40 ` Aggeler Fabian
2014-07-07 14:15 ` Greg Bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 16/33] target-arm: add SDER definition greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 17/33] target-arm: add MVBAR support greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 18/33] target-arm: add macros to access banked registers greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 19/33] target-arm: insert Aarch32 cpregs twice into hashtable greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 20/33] target-arm: arrayfying fieldoffset for banking greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 21/33] target-arm: add SCTLR_EL3 and make SCTLR banked greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 22/33] target-arm: make CSSELR banked greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 23/33] target-arm: add TTBR0_EL3 and make TTBR0/1 banked greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 24/33] target-arm: add TCR_EL3 and make TTBCR banked greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 25/33] target-arm: make c2_mask and c2_base_mask banked greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 26/33] target-arm: make DACR banked greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 27/33] target-arm: make IFSR banked greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 28/33] target-arm: make DFSR banked greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 29/33] target-arm: make IFAR/DFAR banked greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 30/33] target-arm: make PAR banked greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 31/33] target-arm: make VBAR banked greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 32/33] target-arm: make c13 cp regs banked (FCSEIDR, ...) greg.bellows
2014-06-30 23:09 ` [Qemu-devel] [PATCH v4 33/33] target-arm: Limit migration of duplicate CP regs greg.bellows
2014-07-02 9:41 ` [Qemu-devel] [PATCH v4 00/33] target-arm: add Security Extensions for CPUs Aggeler Fabian
2014-09-05 17:55 ` Peter Maydell
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.