* [Qemu-devel] [PATCH 00/12] Refactor get_phys_addr() not to return FSR values
@ 2017-12-05 19:46 Peter Maydell
2017-12-05 19:46 ` [Qemu-devel] [PATCH 01/12] target/arm: Provide fault type enum and FSR conversion functions Peter Maydell
` (14 more replies)
0 siblings, 15 replies; 16+ messages in thread
From: Peter Maydell @ 2017-12-05 19:46 UTC (permalink / raw)
To: qemu-arm, qemu-devel; +Cc: patches, Edgar E . Iglesias, Stefano Stabellini
Currently get_phys_addr() and its various subfunctions return a
hard-coded fault status register value for translation failures. This
is awkward because FSR values these days may be either long-descriptor
format or short-descriptor format. Worse, the right FSR type to use
doesn't depend only on the translation table being walked -- some
cases, like fault info reported to AArch32 EL2 for some kinds of ATS
operation, must be in long-descriptor format even if the translation
table being walked was short format. We can't get those cases right
with our current approach. (We put in a bodge fix so we could at
least run Xen, in commit 50cd71b0d347c7.)
This series does a refactoring of get_phys_addr() so that instead
of returning FSR values it puts information in the existing
ARMMMUFaultInfo structure that is sufficient to construct an
FSR value, and the callers then do that using the right condition
for whatever they're doing. I've included Edgar's patch from back
in June that fixes the handling of ATS instructions, which is most
of the point of the refactoring.
Rather than doing it all in one massive unreviewable patch, the
series is structured as:
* patch 1: add fields to ARMMMUFaultInfo, and the utility functions
that return a long or short format FSR given a fault info struct
* patch 2: stop passing an fsr argument to arm_ld*_ptw(), since
nothing actually looks at the result. (This breaks a cycle
arm_ldq_ptw()->S1_ptw_translate()->get_phys_addr_lpae()->arm_ldq_ptw()
which would otherwise make a stepwise refactoring awkward.)
* patches 3 to 8: for each of the different subfunctions of
get_phys_addr(), make them fill in the fault info fields instead
of an fsr value. Temporarily we add calls to arm_fi_to_sfsc()
and arm_fi_to_lfsc() at the callsites in get_phys_addr(), since
the callers of get_phys_addr() still need the fsr values. These
will go away again in a later patch.
* patches 9 and 10: change the callers of get_phys_addr() to use
the info in the fault info struct and ignore the fsr value.
* patch 11: remove the now unused fsr argument (and the temporary
calls to arm_fi_to_sfsc()/arm_fi_to_lfsc())
* patch 12: Edgar's patch for ATS PAR format
Arguably it would be good to push the "create the FSR value"
logic further, into the point where the exception is taken.
(This would let us correct the oddity where for M profile we
get an A/R profile FSR value in arm_v7m_cpu_do_interrupt()
which we then have to convert into the appropriate M profile
fault status bits.) However, migration backcompat makes this
tricky, because at the moment we migrate env->exception.fsr,
and so we'd need to have code just to handle inbound migrations
from old QEMU with an FSR and reconstitute a fault info struct.
So I've stopped here, at least for now.
This whole series sits on top of my v8M TT patchset (which also
had to touch some of the get_phys_addr() code). I've pushed it
to this git branch if that's more convenient:
https://git.linaro.org/people/peter.maydell/qemu-arm.git fsr-in-faultinfo
I have tested a bit (including a Linux KVM EL2 setup), but more
testing would definitely be useful. Stefano: in particular it would
be good to check this hasn't broken Xen again :-)
Based-on: 1512153879-5291-1-git-send-email-peter.maydell@linaro.org
([PATCH 0/7] armv8m: Implement TT, and other bugfixes)
thanks
-- PMM
Edgar E. Iglesias (1):
target/arm: Extend PAR format determination
Peter Maydell (11):
target/arm: Provide fault type enum and FSR conversion functions
target/arm: Remove fsr argument from arm_ld*_ptw()
target/arm: Convert get_phys_addr_v5() to not return FSC values
target/arm: Convert get_phys_addr_v6() to not return FSC values
target/arm: Convert get_phys_addr_lpae() to not return FSC values
target/arm: Convert get_phys_addr_pmsav5() to not return FSC values
target/arm: Convert get_phys_addr_pmsav7() to not return FSC values
target/arm: Convert get_phys_addr_pmsav8() to not return FSC values
target/arm: Use ARMMMUFaultInfo in deliver_fault()
target/arm: Ignore fsr from get_phys_addr() in do_ats_write()
target/arm: Remove fsr argument from get_phys_addr() and
arm_tlb_fill()
target/arm/internals.h | 187 +++++++++++++++++++++++++++++++++++++-
target/arm/helper.c | 238 +++++++++++++++++++++++++++----------------------
target/arm/op_helper.c | 82 +++++------------
3 files changed, 342 insertions(+), 165 deletions(-)
--
2.7.4
^ permalink raw reply [flat|nested] 16+ messages in thread
* [Qemu-devel] [PATCH 01/12] target/arm: Provide fault type enum and FSR conversion functions
2017-12-05 19:46 [Qemu-devel] [PATCH 00/12] Refactor get_phys_addr() not to return FSR values Peter Maydell
@ 2017-12-05 19:46 ` Peter Maydell
2017-12-05 19:46 ` [Qemu-devel] [PATCH 02/12] target/arm: Remove fsr argument from arm_ld*_ptw() Peter Maydell
` (13 subsequent siblings)
14 siblings, 0 replies; 16+ messages in thread
From: Peter Maydell @ 2017-12-05 19:46 UTC (permalink / raw)
To: qemu-arm, qemu-devel; +Cc: patches, Edgar E . Iglesias, Stefano Stabellini
Currently get_phys_addr() and its various subfunctions return
a hard-coded fault status register value for translation
failures. This is awkward because FSR values these days may
be either long-descriptor format or short-descriptor format.
Worse, the right FSR type to use doesn't depend only on the
translation table being walked -- some cases, like fault
info reported to AArch32 EL2 for some kinds of ATS operation,
must be in long-descriptor format even if the translation
table being walked was short format. We can't get those cases
right with our current approach.
Provide fields in the ARMMMUFaultInfo struct which allow
get_phys_addr() to provide sufficient information for a caller to
construct an FSR value themselves, and utility functions which do
this for both long and short format FSR values, as a first step in
switching get_phys_addr() and its children to only returning the
failure cause in the ARMMMUFaultInfo struct.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/internals.h | 185 +++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 185 insertions(+)
diff --git a/target/arm/internals.h b/target/arm/internals.h
index aa9c91b..67b9a52 100644
--- a/target/arm/internals.h
+++ b/target/arm/internals.h
@@ -488,7 +488,39 @@ static inline void arm_clear_exclusive(CPUARMState *env)
}
/**
+ * ARMFaultType: type of an ARM MMU fault
+ * This corresponds to the v8A pseudocode's Fault enumeration,
+ * with extensions for QEMU internal conditions.
+ */
+typedef enum ARMFaultType {
+ ARMFault_None,
+ ARMFault_AccessFlag,
+ ARMFault_Alignment,
+ ARMFault_Background,
+ ARMFault_Domain,
+ ARMFault_Permission,
+ ARMFault_Translation,
+ ARMFault_AddressSize,
+ ARMFault_SyncExternal,
+ ARMFault_SyncExternalOnWalk,
+ ARMFault_SyncParity,
+ ARMFault_SyncParityOnWalk,
+ ARMFault_AsyncParity,
+ ARMFault_AsyncExternal,
+ ARMFault_Debug,
+ ARMFault_TLBConflict,
+ ARMFault_Lockdown,
+ ARMFault_Exclusive,
+ ARMFault_ICacheMaint,
+ ARMFault_QEMU_NSCExec, /* v8M: NS executing in S&NSC memory */
+ ARMFault_QEMU_SFault, /* v8M: SecureFault INVTRAN, INVEP or AUVIOL */
+} ARMFaultType;
+
+/**
* ARMMMUFaultInfo: Information describing an ARM MMU Fault
+ * @type: Type of fault
+ * @level: Table walk level (for translation, access flag and permission faults)
+ * @domain: Domain of the fault address (for non-LPAE CPUs only)
* @s2addr: Address that caused a fault at stage 2
* @stage2: True if we faulted at stage 2
* @s1ptw: True if we faulted at stage 2 while doing a stage 1 page-table walk
@@ -496,12 +528,165 @@ static inline void arm_clear_exclusive(CPUARMState *env)
*/
typedef struct ARMMMUFaultInfo ARMMMUFaultInfo;
struct ARMMMUFaultInfo {
+ ARMFaultType type;
target_ulong s2addr;
+ int level;
+ int domain;
bool stage2;
bool s1ptw;
bool ea;
};
+/**
+ * arm_fi_to_sfsc: Convert fault info struct to short-format FSC
+ * Compare pseudocode EncodeSDFSC(), though unlike that function
+ * we set up a whole FSR-format code including domain field and
+ * putting the high bit of the FSC into bit 10.
+ */
+static inline uint32_t arm_fi_to_sfsc(ARMMMUFaultInfo *fi)
+{
+ uint32_t fsc;
+
+ switch (fi->type) {
+ case ARMFault_None:
+ return 0;
+ case ARMFault_AccessFlag:
+ fsc = fi->level == 1 ? 0x3 : 0x6;
+ break;
+ case ARMFault_Alignment:
+ fsc = 0x1;
+ break;
+ case ARMFault_Permission:
+ fsc = fi->level == 1 ? 0xd : 0xf;
+ break;
+ case ARMFault_Domain:
+ fsc = fi->level == 1 ? 0x9 : 0xb;
+ break;
+ case ARMFault_Translation:
+ fsc = fi->level == 1 ? 0x5 : 0x7;
+ break;
+ case ARMFault_SyncExternal:
+ fsc = 0x8 | (fi->ea << 12);
+ break;
+ case ARMFault_SyncExternalOnWalk:
+ fsc = fi->level == 1 ? 0xc : 0xe;
+ fsc |= (fi->ea << 12);
+ break;
+ case ARMFault_SyncParity:
+ fsc = 0x409;
+ break;
+ case ARMFault_SyncParityOnWalk:
+ fsc = fi->level == 1 ? 0x40c : 0x40e;
+ break;
+ case ARMFault_AsyncParity:
+ fsc = 0x408;
+ break;
+ case ARMFault_AsyncExternal:
+ fsc = 0x406 | (fi->ea << 12);
+ break;
+ case ARMFault_Debug:
+ fsc = 0x2;
+ break;
+ case ARMFault_TLBConflict:
+ fsc = 0x400;
+ break;
+ case ARMFault_Lockdown:
+ fsc = 0x404;
+ break;
+ case ARMFault_Exclusive:
+ fsc = 0x405;
+ break;
+ case ARMFault_ICacheMaint:
+ fsc = 0x4;
+ break;
+ case ARMFault_Background:
+ fsc = 0x0;
+ break;
+ case ARMFault_QEMU_NSCExec:
+ fsc = M_FAKE_FSR_NSC_EXEC;
+ break;
+ case ARMFault_QEMU_SFault:
+ fsc = M_FAKE_FSR_SFAULT;
+ break;
+ default:
+ /* Other faults can't occur in a context that requires a
+ * short-format status code.
+ */
+ g_assert_not_reached();
+ }
+
+ fsc |= (fi->domain << 4);
+ return fsc;
+}
+
+/**
+ * arm_fi_to_lfsc: Convert fault info struct to long-format FSC
+ * Compare pseudocode EncodeLDFSC(), though unlike that function
+ * we fill in also the LPAE bit 9 of a DFSR format.
+ */
+static inline uint32_t arm_fi_to_lfsc(ARMMMUFaultInfo *fi)
+{
+ uint32_t fsc;
+
+ switch (fi->type) {
+ case ARMFault_None:
+ return 0;
+ case ARMFault_AddressSize:
+ fsc = fi->level & 3;
+ break;
+ case ARMFault_AccessFlag:
+ fsc = (fi->level & 3) | (0x2 << 2);
+ break;
+ case ARMFault_Permission:
+ fsc = (fi->level & 3) | (0x3 << 2);
+ break;
+ case ARMFault_Translation:
+ fsc = (fi->level & 3) | (0x1 << 2);
+ break;
+ case ARMFault_SyncExternal:
+ fsc = 0x10 | (fi->ea << 12);
+ break;
+ case ARMFault_SyncExternalOnWalk:
+ fsc = (fi->level & 3) | (0x5 << 2) | (fi->ea << 12);
+ break;
+ case ARMFault_SyncParity:
+ fsc = 0x18;
+ break;
+ case ARMFault_SyncParityOnWalk:
+ fsc = (fi->level & 3) | (0x7 << 2);
+ break;
+ case ARMFault_AsyncParity:
+ fsc = 0x19;
+ break;
+ case ARMFault_AsyncExternal:
+ fsc = 0x11 | (fi->ea << 12);
+ break;
+ case ARMFault_Alignment:
+ fsc = 0x21;
+ break;
+ case ARMFault_Debug:
+ fsc = 0x22;
+ break;
+ case ARMFault_TLBConflict:
+ fsc = 0x30;
+ break;
+ case ARMFault_Lockdown:
+ fsc = 0x34;
+ break;
+ case ARMFault_Exclusive:
+ fsc = 0x35;
+ break;
+ default:
+ /* Other faults can't occur in a context that requires a
+ * long-format status code.
+ */
+ g_assert_not_reached();
+ }
+
+ fsc |= 1 << 9;
+ return fsc;
+}
+
/* Do a page table walk and add page to TLB if possible */
bool arm_tlb_fill(CPUState *cpu, vaddr address,
MMUAccessType access_type, int mmu_idx,
--
2.7.4
^ permalink raw reply related [flat|nested] 16+ messages in thread
* [Qemu-devel] [PATCH 02/12] target/arm: Remove fsr argument from arm_ld*_ptw()
2017-12-05 19:46 [Qemu-devel] [PATCH 00/12] Refactor get_phys_addr() not to return FSR values Peter Maydell
2017-12-05 19:46 ` [Qemu-devel] [PATCH 01/12] target/arm: Provide fault type enum and FSR conversion functions Peter Maydell
@ 2017-12-05 19:46 ` Peter Maydell
2017-12-05 19:46 ` [Qemu-devel] [PATCH 03/12] target/arm: Convert get_phys_addr_v5() to not return FSC values Peter Maydell
` (12 subsequent siblings)
14 siblings, 0 replies; 16+ messages in thread
From: Peter Maydell @ 2017-12-05 19:46 UTC (permalink / raw)
To: qemu-arm, qemu-devel; +Cc: patches, Edgar E . Iglesias, Stefano Stabellini
All the callers of arm_ldq_ptw() and arm_ldl_ptw() ignore the value
that those functions store in the fsr argument on failure: if they
return failure to their callers they will always overwrite the fsr
value with something else.
Remove the argument from these functions and S1_ptw_translate().
This will simplify removing fsr from the calling functions.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/helper.c | 24 +++++++++++-------------
1 file changed, 11 insertions(+), 13 deletions(-)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 5368ad8..30616d9 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -8269,7 +8269,6 @@ static bool get_level1_table_address(CPUARMState *env, ARMMMUIdx mmu_idx,
/* Translate a S1 pagetable walk through S2 if needed. */
static hwaddr S1_ptw_translate(CPUARMState *env, ARMMMUIdx mmu_idx,
hwaddr addr, MemTxAttrs txattrs,
- uint32_t *fsr,
ARMMMUFaultInfo *fi)
{
if ((mmu_idx == ARMMMUIdx_S1NSE0 || mmu_idx == ARMMMUIdx_S1NSE1) &&
@@ -8278,9 +8277,10 @@ static hwaddr S1_ptw_translate(CPUARMState *env, ARMMMUIdx mmu_idx,
hwaddr s2pa;
int s2prot;
int ret;
+ uint32_t fsr;
ret = get_phys_addr_lpae(env, addr, 0, ARMMMUIdx_S2NS, &s2pa,
- &txattrs, &s2prot, &s2size, fsr, fi, NULL);
+ &txattrs, &s2prot, &s2size, &fsr, fi, NULL);
if (ret) {
fi->s2addr = addr;
fi->stage2 = true;
@@ -8300,8 +8300,7 @@ static hwaddr S1_ptw_translate(CPUARMState *env, ARMMMUIdx mmu_idx,
* (but not if it was for a debug access).
*/
static uint32_t arm_ldl_ptw(CPUState *cs, hwaddr addr, bool is_secure,
- ARMMMUIdx mmu_idx, uint32_t *fsr,
- ARMMMUFaultInfo *fi)
+ ARMMMUIdx mmu_idx, ARMMMUFaultInfo *fi)
{
ARMCPU *cpu = ARM_CPU(cs);
CPUARMState *env = &cpu->env;
@@ -8310,7 +8309,7 @@ static uint32_t arm_ldl_ptw(CPUState *cs, hwaddr addr, bool is_secure,
attrs.secure = is_secure;
as = arm_addressspace(cs, attrs);
- addr = S1_ptw_translate(env, mmu_idx, addr, attrs, fsr, fi);
+ addr = S1_ptw_translate(env, mmu_idx, addr, attrs, fi);
if (fi->s1ptw) {
return 0;
}
@@ -8322,8 +8321,7 @@ static uint32_t arm_ldl_ptw(CPUState *cs, hwaddr addr, bool is_secure,
}
static uint64_t arm_ldq_ptw(CPUState *cs, hwaddr addr, bool is_secure,
- ARMMMUIdx mmu_idx, uint32_t *fsr,
- ARMMMUFaultInfo *fi)
+ ARMMMUIdx mmu_idx, ARMMMUFaultInfo *fi)
{
ARMCPU *cpu = ARM_CPU(cs);
CPUARMState *env = &cpu->env;
@@ -8332,7 +8330,7 @@ static uint64_t arm_ldq_ptw(CPUState *cs, hwaddr addr, bool is_secure,
attrs.secure = is_secure;
as = arm_addressspace(cs, attrs);
- addr = S1_ptw_translate(env, mmu_idx, addr, attrs, fsr, fi);
+ addr = S1_ptw_translate(env, mmu_idx, addr, attrs, fi);
if (fi->s1ptw) {
return 0;
}
@@ -8368,7 +8366,7 @@ static bool get_phys_addr_v5(CPUARMState *env, uint32_t address,
goto do_fault;
}
desc = arm_ldl_ptw(cs, table, regime_is_secure(env, mmu_idx),
- mmu_idx, fsr, fi);
+ mmu_idx, fi);
type = (desc & 3);
domain = (desc >> 5) & 0x0f;
if (regime_el(env, mmu_idx) == 1) {
@@ -8405,7 +8403,7 @@ static bool get_phys_addr_v5(CPUARMState *env, uint32_t address,
table = (desc & 0xfffff000) | ((address >> 8) & 0xffc);
}
desc = arm_ldl_ptw(cs, table, regime_is_secure(env, mmu_idx),
- mmu_idx, fsr, fi);
+ mmu_idx, fi);
switch (desc & 3) {
case 0: /* Page translation fault. */
code = 7;
@@ -8487,7 +8485,7 @@ static bool get_phys_addr_v6(CPUARMState *env, uint32_t address,
goto do_fault;
}
desc = arm_ldl_ptw(cs, table, regime_is_secure(env, mmu_idx),
- mmu_idx, fsr, fi);
+ mmu_idx, fi);
type = (desc & 3);
if (type == 0 || (type == 3 && !arm_feature(env, ARM_FEATURE_PXN))) {
/* Section translation fault, or attempt to use the encoding
@@ -8539,7 +8537,7 @@ static bool get_phys_addr_v6(CPUARMState *env, uint32_t address,
/* Lookup l2 entry. */
table = (desc & 0xfffffc00) | ((address >> 10) & 0x3fc);
desc = arm_ldl_ptw(cs, table, regime_is_secure(env, mmu_idx),
- mmu_idx, fsr, fi);
+ mmu_idx, fi);
ap = ((desc >> 4) & 3) | ((desc >> 7) & 4);
switch (desc & 3) {
case 0: /* Page translation fault. */
@@ -8950,7 +8948,7 @@ static bool get_phys_addr_lpae(CPUARMState *env, target_ulong address,
descaddr |= (address >> (stride * (4 - level))) & indexmask;
descaddr &= ~7ULL;
nstable = extract32(tableattrs, 4, 1);
- descriptor = arm_ldq_ptw(cs, descaddr, !nstable, mmu_idx, fsr, fi);
+ descriptor = arm_ldq_ptw(cs, descaddr, !nstable, mmu_idx, fi);
if (fi->s1ptw) {
goto do_fault;
}
--
2.7.4
^ permalink raw reply related [flat|nested] 16+ messages in thread
* [Qemu-devel] [PATCH 03/12] target/arm: Convert get_phys_addr_v5() to not return FSC values
2017-12-05 19:46 [Qemu-devel] [PATCH 00/12] Refactor get_phys_addr() not to return FSR values Peter Maydell
2017-12-05 19:46 ` [Qemu-devel] [PATCH 01/12] target/arm: Provide fault type enum and FSR conversion functions Peter Maydell
2017-12-05 19:46 ` [Qemu-devel] [PATCH 02/12] target/arm: Remove fsr argument from arm_ld*_ptw() Peter Maydell
@ 2017-12-05 19:46 ` Peter Maydell
2017-12-05 19:46 ` [Qemu-devel] [PATCH 04/12] target/arm: Convert get_phys_addr_v6() " Peter Maydell
` (11 subsequent siblings)
14 siblings, 0 replies; 16+ messages in thread
From: Peter Maydell @ 2017-12-05 19:46 UTC (permalink / raw)
To: qemu-arm, qemu-devel; +Cc: patches, Edgar E . Iglesias, Stefano Stabellini
Make get_phys_addr_v5() return a fault type in the ARMMMUFaultInfo
structure, which we convert to the FSC at the callsite.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/helper.c | 33 ++++++++++++++++++---------------
1 file changed, 18 insertions(+), 15 deletions(-)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 30616d9..6aed681 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -8344,11 +8344,11 @@ static uint64_t arm_ldq_ptw(CPUState *cs, hwaddr addr, bool is_secure,
static bool get_phys_addr_v5(CPUARMState *env, uint32_t address,
MMUAccessType access_type, ARMMMUIdx mmu_idx,
hwaddr *phys_ptr, int *prot,
- target_ulong *page_size, uint32_t *fsr,
+ target_ulong *page_size,
ARMMMUFaultInfo *fi)
{
CPUState *cs = CPU(arm_env_get_cpu(env));
- int code;
+ int level = 1;
uint32_t table;
uint32_t desc;
int type;
@@ -8362,7 +8362,7 @@ static bool get_phys_addr_v5(CPUARMState *env, uint32_t address,
/* Lookup l1 descriptor. */
if (!get_level1_table_address(env, mmu_idx, &table, address)) {
/* Section translation fault if page walk is disabled by PD0 or PD1 */
- code = 5;
+ fi->type = ARMFault_Translation;
goto do_fault;
}
desc = arm_ldl_ptw(cs, table, regime_is_secure(env, mmu_idx),
@@ -8377,21 +8377,20 @@ static bool get_phys_addr_v5(CPUARMState *env, uint32_t address,
domain_prot = (dacr >> (domain * 2)) & 3;
if (type == 0) {
/* Section translation fault. */
- code = 5;
+ fi->type = ARMFault_Translation;
goto do_fault;
}
+ if (type != 2) {
+ level = 2;
+ }
if (domain_prot == 0 || domain_prot == 2) {
- if (type == 2)
- code = 9; /* Section domain fault. */
- else
- code = 11; /* Page domain fault. */
+ fi->type = ARMFault_Domain;
goto do_fault;
}
if (type == 2) {
/* 1Mb section. */
phys_addr = (desc & 0xfff00000) | (address & 0x000fffff);
ap = (desc >> 10) & 3;
- code = 13;
*page_size = 1024 * 1024;
} else {
/* Lookup l2 entry. */
@@ -8406,7 +8405,7 @@ static bool get_phys_addr_v5(CPUARMState *env, uint32_t address,
mmu_idx, fi);
switch (desc & 3) {
case 0: /* Page translation fault. */
- code = 7;
+ fi->type = ARMFault_Translation;
goto do_fault;
case 1: /* 64k page. */
phys_addr = (desc & 0xffff0000) | (address & 0xffff);
@@ -8429,7 +8428,7 @@ static bool get_phys_addr_v5(CPUARMState *env, uint32_t address,
/* UNPREDICTABLE in ARMv5; we choose to take a
* page translation fault.
*/
- code = 7;
+ fi->type = ARMFault_Translation;
goto do_fault;
}
} else {
@@ -8442,18 +8441,19 @@ static bool get_phys_addr_v5(CPUARMState *env, uint32_t address,
/* Never happens, but compiler isn't smart enough to tell. */
abort();
}
- code = 15;
}
*prot = ap_to_rw_prot(env, mmu_idx, ap, domain_prot);
*prot |= *prot ? PAGE_EXEC : 0;
if (!(*prot & (1 << access_type))) {
/* Access permission fault. */
+ fi->type = ARMFault_Permission;
goto do_fault;
}
*phys_ptr = phys_addr;
return false;
do_fault:
- *fsr = code | (domain << 4);
+ fi->domain = domain;
+ fi->level = level;
return true;
}
@@ -9863,8 +9863,11 @@ static bool get_phys_addr(CPUARMState *env, target_ulong address,
return get_phys_addr_v6(env, address, access_type, mmu_idx, phys_ptr,
attrs, prot, page_size, fsr, fi);
} else {
- return get_phys_addr_v5(env, address, access_type, mmu_idx, phys_ptr,
- prot, page_size, fsr, fi);
+ bool ret = get_phys_addr_v5(env, address, access_type, mmu_idx,
+ phys_ptr, prot, page_size, fi);
+
+ *fsr = arm_fi_to_sfsc(fi);
+ return ret;
}
}
--
2.7.4
^ permalink raw reply related [flat|nested] 16+ messages in thread
* [Qemu-devel] [PATCH 04/12] target/arm: Convert get_phys_addr_v6() to not return FSC values
2017-12-05 19:46 [Qemu-devel] [PATCH 00/12] Refactor get_phys_addr() not to return FSR values Peter Maydell
` (2 preceding siblings ...)
2017-12-05 19:46 ` [Qemu-devel] [PATCH 03/12] target/arm: Convert get_phys_addr_v5() to not return FSC values Peter Maydell
@ 2017-12-05 19:46 ` Peter Maydell
2017-12-05 19:46 ` [Qemu-devel] [PATCH 05/12] target/arm: Convert get_phys_addr_lpae() " Peter Maydell
` (10 subsequent siblings)
14 siblings, 0 replies; 16+ messages in thread
From: Peter Maydell @ 2017-12-05 19:46 UTC (permalink / raw)
To: qemu-arm, qemu-devel; +Cc: patches, Edgar E . Iglesias, Stefano Stabellini
Make get_phys_addr_v6() return a fault type in the ARMMMUFaultInfo
structure, which we convert to the FSC at the callsite.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/helper.c | 40 ++++++++++++++++++++++------------------
1 file changed, 22 insertions(+), 18 deletions(-)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 6aed681..1e95e3d 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -8460,11 +8460,10 @@ do_fault:
static bool get_phys_addr_v6(CPUARMState *env, uint32_t address,
MMUAccessType access_type, ARMMMUIdx mmu_idx,
hwaddr *phys_ptr, MemTxAttrs *attrs, int *prot,
- target_ulong *page_size, uint32_t *fsr,
- ARMMMUFaultInfo *fi)
+ target_ulong *page_size, ARMMMUFaultInfo *fi)
{
CPUState *cs = CPU(arm_env_get_cpu(env));
- int code;
+ int level = 1;
uint32_t table;
uint32_t desc;
uint32_t xn;
@@ -8481,7 +8480,7 @@ static bool get_phys_addr_v6(CPUARMState *env, uint32_t address,
/* Lookup l1 descriptor. */
if (!get_level1_table_address(env, mmu_idx, &table, address)) {
/* Section translation fault if page walk is disabled by PD0 or PD1 */
- code = 5;
+ fi->type = ARMFault_Translation;
goto do_fault;
}
desc = arm_ldl_ptw(cs, table, regime_is_secure(env, mmu_idx),
@@ -8491,7 +8490,7 @@ static bool get_phys_addr_v6(CPUARMState *env, uint32_t address,
/* Section translation fault, or attempt to use the encoding
* which is Reserved on implementations without PXN.
*/
- code = 5;
+ fi->type = ARMFault_Translation;
goto do_fault;
}
if ((type == 1) || !(desc & (1 << 18))) {
@@ -8503,13 +8502,13 @@ static bool get_phys_addr_v6(CPUARMState *env, uint32_t address,
} else {
dacr = env->cp15.dacr_s;
}
+ if (type == 1) {
+ level = 2;
+ }
domain_prot = (dacr >> (domain * 2)) & 3;
if (domain_prot == 0 || domain_prot == 2) {
- if (type != 1) {
- code = 9; /* Section domain fault. */
- } else {
- code = 11; /* Page domain fault. */
- }
+ /* Section or Page domain fault */
+ fi->type = ARMFault_Domain;
goto do_fault;
}
if (type != 1) {
@@ -8527,7 +8526,6 @@ static bool get_phys_addr_v6(CPUARMState *env, uint32_t address,
ap = ((desc >> 10) & 3) | ((desc >> 13) & 4);
xn = desc & (1 << 4);
pxn = desc & 1;
- code = 13;
ns = extract32(desc, 19, 1);
} else {
if (arm_feature(env, ARM_FEATURE_PXN)) {
@@ -8541,7 +8539,7 @@ static bool get_phys_addr_v6(CPUARMState *env, uint32_t address,
ap = ((desc >> 4) & 3) | ((desc >> 7) & 4);
switch (desc & 3) {
case 0: /* Page translation fault. */
- code = 7;
+ fi->type = ARMFault_Translation;
goto do_fault;
case 1: /* 64k page. */
phys_addr = (desc & 0xffff0000) | (address & 0xffff);
@@ -8557,7 +8555,6 @@ static bool get_phys_addr_v6(CPUARMState *env, uint32_t address,
/* Never happens, but compiler isn't smart enough to tell. */
abort();
}
- code = 15;
}
if (domain_prot == 3) {
*prot = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
@@ -8565,15 +8562,17 @@ static bool get_phys_addr_v6(CPUARMState *env, uint32_t address,
if (pxn && !regime_is_user(env, mmu_idx)) {
xn = 1;
}
- if (xn && access_type == MMU_INST_FETCH)
+ if (xn && access_type == MMU_INST_FETCH) {
+ fi->type = ARMFault_Permission;
goto do_fault;
+ }
if (arm_feature(env, ARM_FEATURE_V6K) &&
(regime_sctlr(env, mmu_idx) & SCTLR_AFE)) {
/* The simplified model uses AP[0] as an access control bit. */
if ((ap & 1) == 0) {
/* Access flag fault. */
- code = (code == 15) ? 6 : 3;
+ fi->type = ARMFault_AccessFlag;
goto do_fault;
}
*prot = simple_ap_to_rw_prot(env, mmu_idx, ap >> 1);
@@ -8585,6 +8584,7 @@ static bool get_phys_addr_v6(CPUARMState *env, uint32_t address,
}
if (!(*prot & (1 << access_type))) {
/* Access permission fault. */
+ fi->type = ARMFault_Permission;
goto do_fault;
}
}
@@ -8598,7 +8598,8 @@ static bool get_phys_addr_v6(CPUARMState *env, uint32_t address,
*phys_ptr = phys_addr;
return false;
do_fault:
- *fsr = code | (domain << 4);
+ fi->domain = domain;
+ fi->level = level;
return true;
}
@@ -9860,8 +9861,11 @@ static bool get_phys_addr(CPUARMState *env, target_ulong address,
return get_phys_addr_lpae(env, address, access_type, mmu_idx, phys_ptr,
attrs, prot, page_size, fsr, fi, cacheattrs);
} else if (regime_sctlr(env, mmu_idx) & SCTLR_XP) {
- return get_phys_addr_v6(env, address, access_type, mmu_idx, phys_ptr,
- attrs, prot, page_size, fsr, fi);
+ bool ret = get_phys_addr_v6(env, address, access_type, mmu_idx,
+ phys_ptr, attrs, prot, page_size, fi);
+
+ *fsr = arm_fi_to_sfsc(fi);
+ return ret;
} else {
bool ret = get_phys_addr_v5(env, address, access_type, mmu_idx,
phys_ptr, prot, page_size, fi);
--
2.7.4
^ permalink raw reply related [flat|nested] 16+ messages in thread
* [Qemu-devel] [PATCH 05/12] target/arm: Convert get_phys_addr_lpae() to not return FSC values
2017-12-05 19:46 [Qemu-devel] [PATCH 00/12] Refactor get_phys_addr() not to return FSR values Peter Maydell
` (3 preceding siblings ...)
2017-12-05 19:46 ` [Qemu-devel] [PATCH 04/12] target/arm: Convert get_phys_addr_v6() " Peter Maydell
@ 2017-12-05 19:46 ` Peter Maydell
2017-12-05 19:46 ` [Qemu-devel] [PATCH 06/12] target/arm: Convert get_phys_addr_pmsav5() " Peter Maydell
` (9 subsequent siblings)
14 siblings, 0 replies; 16+ messages in thread
From: Peter Maydell @ 2017-12-05 19:46 UTC (permalink / raw)
To: qemu-arm, qemu-devel; +Cc: patches, Edgar E . Iglesias, Stefano Stabellini
Make get_phys_addr_v6() return a fault type in the ARMMMUFaultInfo
structure, which we convert to the FSC at the callsite.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/helper.c | 41 ++++++++++++++++++-----------------------
1 file changed, 18 insertions(+), 23 deletions(-)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 1e95e3d..a2a0784 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -34,7 +34,7 @@ static bool get_phys_addr(CPUARMState *env, target_ulong address,
static bool get_phys_addr_lpae(CPUARMState *env, target_ulong address,
MMUAccessType access_type, ARMMMUIdx mmu_idx,
hwaddr *phys_ptr, MemTxAttrs *txattrs, int *prot,
- target_ulong *page_size_ptr, uint32_t *fsr,
+ target_ulong *page_size_ptr,
ARMMMUFaultInfo *fi, ARMCacheAttrs *cacheattrs);
/* Security attributes for an address, as returned by v8m_security_lookup. */
@@ -8277,10 +8277,9 @@ static hwaddr S1_ptw_translate(CPUARMState *env, ARMMMUIdx mmu_idx,
hwaddr s2pa;
int s2prot;
int ret;
- uint32_t fsr;
ret = get_phys_addr_lpae(env, addr, 0, ARMMMUIdx_S2NS, &s2pa,
- &txattrs, &s2prot, &s2size, &fsr, fi, NULL);
+ &txattrs, &s2prot, &s2size, fi, NULL);
if (ret) {
fi->s2addr = addr;
fi->stage2 = true;
@@ -8603,15 +8602,6 @@ do_fault:
return true;
}
-/* Fault type for long-descriptor MMU fault reporting; this corresponds
- * to bits [5..2] in the STATUS field in long-format DFSR/IFSR.
- */
-typedef enum {
- translation_fault = 1,
- access_fault = 2,
- permission_fault = 3,
-} MMUFaultType;
-
/*
* check_s2_mmu_setup
* @cpu: ARMCPU
@@ -8713,13 +8703,13 @@ static uint8_t convert_stage2_attrs(CPUARMState *env, uint8_t s2attrs)
static bool get_phys_addr_lpae(CPUARMState *env, target_ulong address,
MMUAccessType access_type, ARMMMUIdx mmu_idx,
hwaddr *phys_ptr, MemTxAttrs *txattrs, int *prot,
- target_ulong *page_size_ptr, uint32_t *fsr,
+ target_ulong *page_size_ptr,
ARMMMUFaultInfo *fi, ARMCacheAttrs *cacheattrs)
{
ARMCPU *cpu = arm_env_get_cpu(env);
CPUState *cs = CPU(cpu);
/* Read an LPAE long-descriptor translation table. */
- MMUFaultType fault_type = translation_fault;
+ ARMFaultType fault_type = ARMFault_Translation;
uint32_t level;
uint32_t epd = 0;
int32_t t0sz, t1sz;
@@ -8829,7 +8819,7 @@ static bool get_phys_addr_lpae(CPUARMState *env, target_ulong address,
ttbr_select = 1;
} else {
/* in the gap between the two regions, this is a Translation fault */
- fault_type = translation_fault;
+ fault_type = ARMFault_Translation;
goto do_fault;
}
@@ -8915,7 +8905,7 @@ static bool get_phys_addr_lpae(CPUARMState *env, target_ulong address,
ok = check_s2_mmu_setup(cpu, aarch64, startlevel,
inputsize, stride);
if (!ok) {
- fault_type = translation_fault;
+ fault_type = ARMFault_Translation;
goto do_fault;
}
level = startlevel;
@@ -9001,7 +8991,7 @@ static bool get_phys_addr_lpae(CPUARMState *env, target_ulong address,
/* Here descaddr is the final physical address, and attributes
* are all in attrs.
*/
- fault_type = access_fault;
+ fault_type = ARMFault_AccessFlag;
if ((attrs & (1 << 8)) == 0) {
/* Access flag */
goto do_fault;
@@ -9019,7 +9009,7 @@ static bool get_phys_addr_lpae(CPUARMState *env, target_ulong address,
*prot = get_S1prot(env, mmu_idx, aarch64, ap, ns, xn, pxn);
}
- fault_type = permission_fault;
+ fault_type = ARMFault_Permission;
if (!(*prot & (1 << access_type))) {
goto do_fault;
}
@@ -9051,8 +9041,8 @@ static bool get_phys_addr_lpae(CPUARMState *env, target_ulong address,
return false;
do_fault:
- /* Long-descriptor format IFSR/DFSR value */
- *fsr = (1 << 9) | (fault_type << 2) | level;
+ fi->type = fault_type;
+ fi->level = level;
/* Tag the error as S2 for failed S1 PTW at S2 or ordinary S2. */
fi->stage2 = fi->s1ptw || (mmu_idx == ARMMMUIdx_S2NS);
return true;
@@ -9778,8 +9768,9 @@ static bool get_phys_addr(CPUARMState *env, target_ulong address,
/* S1 is done. Now do S2 translation. */
ret = get_phys_addr_lpae(env, ipa, access_type, ARMMMUIdx_S2NS,
phys_ptr, attrs, &s2_prot,
- page_size, fsr, fi,
+ page_size, fi,
cacheattrs != NULL ? &cacheattrs2 : NULL);
+ *fsr = arm_fi_to_lfsc(fi);
fi->s2addr = ipa;
/* Combine the S1 and S2 perms. */
*prot &= s2_prot;
@@ -9858,8 +9849,12 @@ static bool get_phys_addr(CPUARMState *env, target_ulong address,
}
if (regime_using_lpae_format(env, mmu_idx)) {
- return get_phys_addr_lpae(env, address, access_type, mmu_idx, phys_ptr,
- attrs, prot, page_size, fsr, fi, cacheattrs);
+ bool ret = get_phys_addr_lpae(env, address, access_type, mmu_idx,
+ phys_ptr, attrs, prot, page_size,
+ fi, cacheattrs);
+
+ *fsr = arm_fi_to_lfsc(fi);
+ return ret;
} else if (regime_sctlr(env, mmu_idx) & SCTLR_XP) {
bool ret = get_phys_addr_v6(env, address, access_type, mmu_idx,
phys_ptr, attrs, prot, page_size, fi);
--
2.7.4
^ permalink raw reply related [flat|nested] 16+ messages in thread
* [Qemu-devel] [PATCH 06/12] target/arm: Convert get_phys_addr_pmsav5() to not return FSC values
2017-12-05 19:46 [Qemu-devel] [PATCH 00/12] Refactor get_phys_addr() not to return FSR values Peter Maydell
` (4 preceding siblings ...)
2017-12-05 19:46 ` [Qemu-devel] [PATCH 05/12] target/arm: Convert get_phys_addr_lpae() " Peter Maydell
@ 2017-12-05 19:46 ` Peter Maydell
2017-12-05 19:46 ` [Qemu-devel] [PATCH 07/12] target/arm: Convert get_phys_addr_pmsav7() " Peter Maydell
` (8 subsequent siblings)
14 siblings, 0 replies; 16+ messages in thread
From: Peter Maydell @ 2017-12-05 19:46 UTC (permalink / raw)
To: qemu-arm, qemu-devel; +Cc: patches, Edgar E . Iglesias, Stefano Stabellini
Make get_phys_addr_pmsav5() return a fault type in the ARMMMUFaultInfo
structure, which we convert to the FSC at the callsite.
Note that PMSAv5 does not define any guest-visible fault status
register, so the different "fsr" values we were previously
returning are entirely arbitrary. So we can just switch to using
the most appropriae fi->type values without worrying that we
need to special-case FaultInfo->FSC conversion for PMSAv5.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/helper.c | 20 +++++++++++++-------
1 file changed, 13 insertions(+), 7 deletions(-)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index a2a0784..57286a7 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -9547,7 +9547,8 @@ static bool get_phys_addr_pmsav8(CPUARMState *env, uint32_t address,
static bool get_phys_addr_pmsav5(CPUARMState *env, uint32_t address,
MMUAccessType access_type, ARMMMUIdx mmu_idx,
- hwaddr *phys_ptr, int *prot, uint32_t *fsr)
+ hwaddr *phys_ptr, int *prot,
+ ARMMMUFaultInfo *fi)
{
int n;
uint32_t mask;
@@ -9576,7 +9577,7 @@ static bool get_phys_addr_pmsav5(CPUARMState *env, uint32_t address,
}
}
if (n < 0) {
- *fsr = 2;
+ fi->type = ARMFault_Background;
return true;
}
@@ -9588,11 +9589,13 @@ static bool get_phys_addr_pmsav5(CPUARMState *env, uint32_t address,
mask = (mask >> (n * 4)) & 0xf;
switch (mask) {
case 0:
- *fsr = 1;
+ fi->type = ARMFault_Permission;
+ fi->level = 1;
return true;
case 1:
if (is_user) {
- *fsr = 1;
+ fi->type = ARMFault_Permission;
+ fi->level = 1;
return true;
}
*prot = PAGE_READ | PAGE_WRITE;
@@ -9608,7 +9611,8 @@ static bool get_phys_addr_pmsav5(CPUARMState *env, uint32_t address,
break;
case 5:
if (is_user) {
- *fsr = 1;
+ fi->type = ARMFault_Permission;
+ fi->level = 1;
return true;
}
*prot = PAGE_READ;
@@ -9618,7 +9622,8 @@ static bool get_phys_addr_pmsav5(CPUARMState *env, uint32_t address,
break;
default:
/* Bad permission. */
- *fsr = 1;
+ fi->type = ARMFault_Permission;
+ fi->level = 1;
return true;
}
*prot |= PAGE_EXEC;
@@ -9823,7 +9828,8 @@ static bool get_phys_addr(CPUARMState *env, target_ulong address,
} else {
/* Pre-v7 MPU */
ret = get_phys_addr_pmsav5(env, address, access_type, mmu_idx,
- phys_ptr, prot, fsr);
+ phys_ptr, prot, fi);
+ *fsr = arm_fi_to_sfsc(fi);
}
qemu_log_mask(CPU_LOG_MMU, "PMSA MPU lookup for %s at 0x%08" PRIx32
" mmu_idx %u -> %s (prot %c%c%c)\n",
--
2.7.4
^ permalink raw reply related [flat|nested] 16+ messages in thread
* [Qemu-devel] [PATCH 07/12] target/arm: Convert get_phys_addr_pmsav7() to not return FSC values
2017-12-05 19:46 [Qemu-devel] [PATCH 00/12] Refactor get_phys_addr() not to return FSR values Peter Maydell
` (5 preceding siblings ...)
2017-12-05 19:46 ` [Qemu-devel] [PATCH 06/12] target/arm: Convert get_phys_addr_pmsav5() " Peter Maydell
@ 2017-12-05 19:46 ` Peter Maydell
2017-12-05 19:46 ` [Qemu-devel] [PATCH 08/12] target/arm: Convert get_phys_addr_pmsav8() " Peter Maydell
` (7 subsequent siblings)
14 siblings, 0 replies; 16+ messages in thread
From: Peter Maydell @ 2017-12-05 19:46 UTC (permalink / raw)
To: qemu-arm, qemu-devel; +Cc: patches, Edgar E . Iglesias, Stefano Stabellini
Make get_phys_addr_pmsav7() return a fault type in the ARMMMUFaultInfo
structure, which we convert to the FSC at the callsite.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/helper.c | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 57286a7..0f5b161 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -9126,7 +9126,8 @@ static inline bool m_is_system_region(CPUARMState *env, uint32_t address)
static bool get_phys_addr_pmsav7(CPUARMState *env, uint32_t address,
MMUAccessType access_type, ARMMMUIdx mmu_idx,
- hwaddr *phys_ptr, int *prot, uint32_t *fsr)
+ hwaddr *phys_ptr, int *prot,
+ ARMMMUFaultInfo *fi)
{
ARMCPU *cpu = arm_env_get_cpu(env);
int n;
@@ -9221,7 +9222,7 @@ static bool get_phys_addr_pmsav7(CPUARMState *env, uint32_t address,
if (n == -1) { /* no hits */
if (!pmsav7_use_background_region(cpu, mmu_idx, is_user)) {
/* background fault */
- *fsr = 0;
+ fi->type = ARMFault_Background;
return true;
}
get_phys_addr_pmsav7_default(env, mmu_idx, address, prot);
@@ -9279,7 +9280,8 @@ static bool get_phys_addr_pmsav7(CPUARMState *env, uint32_t address,
}
}
- *fsr = 0x00d; /* Permission fault */
+ fi->type = ARMFault_Permission;
+ fi->level = 1;
return !(*prot & (1 << access_type));
}
@@ -9824,7 +9826,8 @@ static bool get_phys_addr(CPUARMState *env, target_ulong address,
} else if (arm_feature(env, ARM_FEATURE_V7)) {
/* PMSAv7 */
ret = get_phys_addr_pmsav7(env, address, access_type, mmu_idx,
- phys_ptr, prot, fsr);
+ phys_ptr, prot, fi);
+ *fsr = arm_fi_to_sfsc(fi);
} else {
/* Pre-v7 MPU */
ret = get_phys_addr_pmsav5(env, address, access_type, mmu_idx,
--
2.7.4
^ permalink raw reply related [flat|nested] 16+ messages in thread
* [Qemu-devel] [PATCH 08/12] target/arm: Convert get_phys_addr_pmsav8() to not return FSC values
2017-12-05 19:46 [Qemu-devel] [PATCH 00/12] Refactor get_phys_addr() not to return FSR values Peter Maydell
` (6 preceding siblings ...)
2017-12-05 19:46 ` [Qemu-devel] [PATCH 07/12] target/arm: Convert get_phys_addr_pmsav7() " Peter Maydell
@ 2017-12-05 19:46 ` Peter Maydell
2017-12-05 19:46 ` [Qemu-devel] [PATCH 09/12] target/arm: Use ARMMMUFaultInfo in deliver_fault() Peter Maydell
` (6 subsequent siblings)
14 siblings, 0 replies; 16+ messages in thread
From: Peter Maydell @ 2017-12-05 19:46 UTC (permalink / raw)
To: qemu-arm, qemu-devel; +Cc: patches, Edgar E . Iglesias, Stefano Stabellini
Make get_phys_addr_pmsav8() return a fault type in the ARMMMUFaultInfo
structure, which we convert to the FSC at the callsite.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/helper.c | 29 ++++++++++++++++++-----------
1 file changed, 18 insertions(+), 11 deletions(-)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 0f5b161..fad4923 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -9367,7 +9367,7 @@ static void v8m_security_lookup(CPUARMState *env, uint32_t address,
static bool pmsav8_mpu_lookup(CPUARMState *env, uint32_t address,
MMUAccessType access_type, ARMMMUIdx mmu_idx,
hwaddr *phys_ptr, MemTxAttrs *txattrs,
- int *prot, uint32_t *fsr, uint32_t *mregion)
+ int *prot, ARMMMUFaultInfo *fi, uint32_t *mregion)
{
/* Perform a PMSAv8 MPU lookup (without also doing the SAU check
* that a full phys-to-virt translation does).
@@ -9423,7 +9423,8 @@ static bool pmsav8_mpu_lookup(CPUARMState *env, uint32_t address,
/* Multiple regions match -- always a failure (unlike
* PMSAv7 where highest-numbered-region wins)
*/
- *fsr = 0x00d; /* permission fault */
+ fi->type = ARMFault_Permission;
+ fi->level = 1;
return true;
}
@@ -9451,7 +9452,7 @@ static bool pmsav8_mpu_lookup(CPUARMState *env, uint32_t address,
if (!hit) {
/* background fault */
- *fsr = 0;
+ fi->type = ARMFault_Background;
return true;
}
@@ -9479,7 +9480,8 @@ static bool pmsav8_mpu_lookup(CPUARMState *env, uint32_t address,
}
}
- *fsr = 0x00d; /* Permission fault */
+ fi->type = ARMFault_Permission;
+ fi->level = 1;
return !(*prot & (1 << access_type));
}
@@ -9487,7 +9489,7 @@ static bool pmsav8_mpu_lookup(CPUARMState *env, uint32_t address,
static bool get_phys_addr_pmsav8(CPUARMState *env, uint32_t address,
MMUAccessType access_type, ARMMMUIdx mmu_idx,
hwaddr *phys_ptr, MemTxAttrs *txattrs,
- int *prot, uint32_t *fsr)
+ int *prot, ARMMMUFaultInfo *fi)
{
uint32_t secure = regime_is_secure(env, mmu_idx);
V8M_SAttributes sattrs = {};
@@ -9513,7 +9515,11 @@ static bool get_phys_addr_pmsav8(CPUARMState *env, uint32_t address,
* (including possibly emulating an SG instruction).
*/
if (sattrs.ns != !secure) {
- *fsr = sattrs.nsc ? M_FAKE_FSR_NSC_EXEC : M_FAKE_FSR_SFAULT;
+ if (sattrs.nsc) {
+ fi->type = ARMFault_QEMU_NSCExec;
+ } else {
+ fi->type = ARMFault_QEMU_SFault;
+ }
*phys_ptr = address;
*prot = 0;
return true;
@@ -9535,7 +9541,7 @@ static bool get_phys_addr_pmsav8(CPUARMState *env, uint32_t address,
* If we added it we would need to do so as a special case
* for M_FAKE_FSR_SFAULT in arm_v7m_cpu_do_interrupt().
*/
- *fsr = M_FAKE_FSR_SFAULT;
+ fi->type = ARMFault_QEMU_SFault;
*phys_ptr = address;
*prot = 0;
return true;
@@ -9544,7 +9550,7 @@ static bool get_phys_addr_pmsav8(CPUARMState *env, uint32_t address,
}
return pmsav8_mpu_lookup(env, address, access_type, mmu_idx, phys_ptr,
- txattrs, prot, fsr, NULL);
+ txattrs, prot, fi, NULL);
}
static bool get_phys_addr_pmsav5(CPUARMState *env, uint32_t address,
@@ -9822,7 +9828,8 @@ static bool get_phys_addr(CPUARMState *env, target_ulong address,
if (arm_feature(env, ARM_FEATURE_V8)) {
/* PMSAv8 */
ret = get_phys_addr_pmsav8(env, address, access_type, mmu_idx,
- phys_ptr, attrs, prot, fsr);
+ phys_ptr, attrs, prot, fi);
+ *fsr = arm_fi_to_sfsc(fi);
} else if (arm_feature(env, ARM_FEATURE_V7)) {
/* PMSAv7 */
ret = get_phys_addr_pmsav7(env, address, access_type, mmu_idx,
@@ -10183,9 +10190,9 @@ uint32_t HELPER(v7m_tt)(CPUARMState *env, uint32_t addr, uint32_t op)
uint32_t tt_resp;
bool r, rw, nsr, nsrw, mrvalid;
int prot;
+ ARMMMUFaultInfo fi = {};
MemTxAttrs attrs = {};
hwaddr phys_addr;
- uint32_t fsr;
ARMMMUIdx mmu_idx;
uint32_t mregion;
bool targetpriv;
@@ -10219,7 +10226,7 @@ uint32_t HELPER(v7m_tt)(CPUARMState *env, uint32_t addr, uint32_t op)
if (arm_current_el(env) != 0 || alt) {
/* We can ignore the return value as prot is always set */
pmsav8_mpu_lookup(env, addr, MMU_DATA_LOAD, mmu_idx,
- &phys_addr, &attrs, &prot, &fsr, &mregion);
+ &phys_addr, &attrs, &prot, &fi, &mregion);
if (mregion == -1) {
mrvalid = false;
mregion = 0;
--
2.7.4
^ permalink raw reply related [flat|nested] 16+ messages in thread
* [Qemu-devel] [PATCH 09/12] target/arm: Use ARMMMUFaultInfo in deliver_fault()
2017-12-05 19:46 [Qemu-devel] [PATCH 00/12] Refactor get_phys_addr() not to return FSR values Peter Maydell
` (7 preceding siblings ...)
2017-12-05 19:46 ` [Qemu-devel] [PATCH 08/12] target/arm: Convert get_phys_addr_pmsav8() " Peter Maydell
@ 2017-12-05 19:46 ` Peter Maydell
2017-12-05 19:46 ` [Qemu-devel] [PATCH 10/12] target/arm: Ignore fsr from get_phys_addr() in do_ats_write() Peter Maydell
` (5 subsequent siblings)
14 siblings, 0 replies; 16+ messages in thread
From: Peter Maydell @ 2017-12-05 19:46 UTC (permalink / raw)
To: qemu-arm, qemu-devel; +Cc: patches, Edgar E . Iglesias, Stefano Stabellini
Now that ARMMMUFaultInfo is guaranteed to have enough information
to construct a fault status code, we can pass it in to the
deliver_fault() function and let it generate the correct type
of FSR for the destination, rather than relying on the value
provided by get_phys_addr().
I don't think there are any cases the old code was getting
wrong, but this is more obviously correct.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/op_helper.c | 79 ++++++++++++++------------------------------------
1 file changed, 22 insertions(+), 57 deletions(-)
diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c
index a40a84a..38e6993 100644
--- a/target/arm/op_helper.c
+++ b/target/arm/op_helper.c
@@ -116,12 +116,13 @@ static inline uint32_t merge_syn_data_abort(uint32_t template_syn,
}
static void deliver_fault(ARMCPU *cpu, vaddr addr, MMUAccessType access_type,
- uint32_t fsr, uint32_t fsc, ARMMMUFaultInfo *fi)
+ int mmu_idx, ARMMMUFaultInfo *fi)
{
CPUARMState *env = &cpu->env;
int target_el;
bool same_el;
- uint32_t syn, exc;
+ uint32_t syn, exc, fsr, fsc;
+ ARMMMUIdx arm_mmu_idx = core_to_arm_mmu_idx(env, mmu_idx);
target_el = exception_target_el(env);
if (fi->stage2) {
@@ -130,14 +131,21 @@ static void deliver_fault(ARMCPU *cpu, vaddr addr, MMUAccessType access_type,
}
same_el = (arm_current_el(env) == target_el);
- if (fsc == 0x3f) {
- /* Caller doesn't have a long-format fault status code. This
- * should only happen if this fault will never actually be reported
- * to an EL that uses a syndrome register. Check that here.
- * 0x3f is a (currently) reserved FSC code, in case the constructed
- * syndrome does leak into the guest somehow.
+ if (target_el == 2 || arm_el_is_aa64(env, target_el) ||
+ arm_s1_regime_using_lpae_format(env, arm_mmu_idx)) {
+ /* LPAE format fault status register : bottom 6 bits are
+ * status code in the same form as needed for syndrome
+ */
+ fsr = arm_fi_to_lfsc(fi);
+ fsc = extract32(fsr, 0, 6);
+ } else {
+ fsr = arm_fi_to_sfsc(fi);
+ /* Short format FSR : this fault will never actually be reported
+ * to an EL that uses a syndrome register. Use a (currently)
+ * reserved FSR code in case the constructed syndrome does leak
+ * into the guest somehow.
*/
- assert(target_el != 2 && !arm_el_is_aa64(env, target_el));
+ fsc = 0x3f;
}
if (access_type == MMU_INST_FETCH) {
@@ -174,29 +182,13 @@ void tlb_fill(CPUState *cs, target_ulong addr, MMUAccessType access_type,
ret = arm_tlb_fill(cs, addr, access_type, mmu_idx, &fsr, &fi);
if (unlikely(ret)) {
ARMCPU *cpu = ARM_CPU(cs);
- uint32_t fsc;
if (retaddr) {
/* now we have a real cpu fault */
cpu_restore_state(cs, retaddr);
}
- if (fsr & (1 << 9)) {
- /* LPAE format fault status register : bottom 6 bits are
- * status code in the same form as needed for syndrome
- */
- fsc = extract32(fsr, 0, 6);
- } else {
- /* Short format FSR : this fault will never actually be reported
- * to an EL that uses a syndrome register. Use a (currently)
- * reserved FSR code in case the constructed syndrome does leak
- * into the guest somehow. deliver_fault will assert that
- * we don't target an EL using the syndrome.
- */
- fsc = 0x3f;
- }
-
- deliver_fault(cpu, addr, access_type, fsr, fsc, &fi);
+ deliver_fault(cpu, addr, access_type, mmu_idx, &fi);
}
}
@@ -206,27 +198,15 @@ void arm_cpu_do_unaligned_access(CPUState *cs, vaddr vaddr,
int mmu_idx, uintptr_t retaddr)
{
ARMCPU *cpu = ARM_CPU(cs);
- CPUARMState *env = &cpu->env;
- uint32_t fsr, fsc;
ARMMMUFaultInfo fi = {};
- ARMMMUIdx arm_mmu_idx = core_to_arm_mmu_idx(env, mmu_idx);
if (retaddr) {
/* now we have a real cpu fault */
cpu_restore_state(cs, retaddr);
}
- /* the DFSR for an alignment fault depends on whether we're using
- * the LPAE long descriptor format, or the short descriptor format
- */
- if (arm_s1_regime_using_lpae_format(env, arm_mmu_idx)) {
- fsr = (1 << 9) | 0x21;
- } else {
- fsr = 0x1;
- }
- fsc = 0x21;
-
- deliver_fault(cpu, vaddr, access_type, fsr, fsc, &fi);
+ fi.type = ARMFault_Alignment;
+ deliver_fault(cpu, vaddr, access_type, mmu_idx, &fi);
}
/* arm_cpu_do_transaction_failed: handle a memory system error response
@@ -240,10 +220,7 @@ void arm_cpu_do_transaction_failed(CPUState *cs, hwaddr physaddr,
MemTxResult response, uintptr_t retaddr)
{
ARMCPU *cpu = ARM_CPU(cs);
- CPUARMState *env = &cpu->env;
- uint32_t fsr, fsc;
ARMMMUFaultInfo fi = {};
- ARMMMUIdx arm_mmu_idx = core_to_arm_mmu_idx(env, mmu_idx);
if (retaddr) {
/* now we have a real cpu fault */
@@ -256,20 +233,8 @@ void arm_cpu_do_transaction_failed(CPUState *cs, hwaddr physaddr,
* Slave error (1); in QEMU we follow that.
*/
fi.ea = (response != MEMTX_DECODE_ERROR);
-
- /* The fault status register format depends on whether we're using
- * the LPAE long descriptor format, or the short descriptor format.
- */
- if (arm_s1_regime_using_lpae_format(env, arm_mmu_idx)) {
- /* long descriptor form, STATUS 0b010000: synchronous ext abort */
- fsr = (fi.ea << 12) | (1 << 9) | 0x10;
- } else {
- /* short descriptor form, FSR 0b01000 : synchronous ext abort */
- fsr = (fi.ea << 12) | 0x8;
- }
- fsc = 0x10;
-
- deliver_fault(cpu, addr, access_type, fsr, fsc, &fi);
+ fi.type = ARMFault_SyncExternal;
+ deliver_fault(cpu, addr, access_type, mmu_idx, &fi);
}
#endif /* !defined(CONFIG_USER_ONLY) */
--
2.7.4
^ permalink raw reply related [flat|nested] 16+ messages in thread
* [Qemu-devel] [PATCH 10/12] target/arm: Ignore fsr from get_phys_addr() in do_ats_write()
2017-12-05 19:46 [Qemu-devel] [PATCH 00/12] Refactor get_phys_addr() not to return FSR values Peter Maydell
` (8 preceding siblings ...)
2017-12-05 19:46 ` [Qemu-devel] [PATCH 09/12] target/arm: Use ARMMMUFaultInfo in deliver_fault() Peter Maydell
@ 2017-12-05 19:46 ` Peter Maydell
2017-12-05 19:46 ` [Qemu-devel] [PATCH 11/12] target/arm: Remove fsr argument from get_phys_addr() and arm_tlb_fill() Peter Maydell
` (4 subsequent siblings)
14 siblings, 0 replies; 16+ messages in thread
From: Peter Maydell @ 2017-12-05 19:46 UTC (permalink / raw)
To: qemu-arm, qemu-devel; +Cc: patches, Edgar E . Iglesias, Stefano Stabellini
In do_ats_write(), rather than using the FSR value from get_phys_addr(),
construct the PAR values using the information in the ARMMMUFaultInfo
struct. This allows us to create a PAR of the correct format regardless
of what the translation table format is.
For the moment we leave the condition for "when should this be a
64 bit PAR" as it was previously; this will need to be fixed to
properly support AArch32 Hyp mode.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/helper.c | 16 ++++++++++------
1 file changed, 10 insertions(+), 6 deletions(-)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index fad4923..17192f8 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -2160,7 +2160,7 @@ static uint64_t do_ats_write(CPUARMState *env, uint64_t value,
hwaddr phys_addr;
target_ulong page_size;
int prot;
- uint32_t fsr;
+ uint32_t fsr_unused;
bool ret;
uint64_t par64;
MemTxAttrs attrs = {};
@@ -2168,12 +2168,12 @@ static uint64_t do_ats_write(CPUARMState *env, uint64_t value,
ARMCacheAttrs cacheattrs = {};
ret = get_phys_addr(env, value, access_type, mmu_idx, &phys_addr, &attrs,
- &prot, &page_size, &fsr, &fi, &cacheattrs);
+ &prot, &page_size, &fsr_unused, &fi, &cacheattrs);
+ /* TODO: this is not the correct condition to use to decide whether
+ * to report a PAR in 64-bit or 32-bit format.
+ */
if (arm_s1_regime_using_lpae_format(env, mmu_idx)) {
- /* fsr is a DFSR/IFSR value for the long descriptor
- * translation table format, but with WnR always clear.
- * Convert it to a 64-bit PAR.
- */
+ /* Create a 64-bit PAR */
par64 = (1 << 11); /* LPAE bit always set */
if (!ret) {
par64 |= phys_addr & ~0xfffULL;
@@ -2183,6 +2183,8 @@ static uint64_t do_ats_write(CPUARMState *env, uint64_t value,
par64 |= (uint64_t)cacheattrs.attrs << 56; /* ATTR */
par64 |= cacheattrs.shareability << 7; /* SH */
} else {
+ uint32_t fsr = arm_fi_to_lfsc(&fi);
+
par64 |= 1; /* F */
par64 |= (fsr & 0x3f) << 1; /* FS */
/* Note that S2WLK and FSTAGE are always zero, because we don't
@@ -2207,6 +2209,8 @@ static uint64_t do_ats_write(CPUARMState *env, uint64_t value,
par64 |= (1 << 9); /* NS */
}
} else {
+ uint32_t fsr = arm_fi_to_sfsc(&fi);
+
par64 = ((fsr & (1 << 10)) >> 5) | ((fsr & (1 << 12)) >> 6) |
((fsr & 0xf) << 1) | 1;
}
--
2.7.4
^ permalink raw reply related [flat|nested] 16+ messages in thread
* [Qemu-devel] [PATCH 11/12] target/arm: Remove fsr argument from get_phys_addr() and arm_tlb_fill()
2017-12-05 19:46 [Qemu-devel] [PATCH 00/12] Refactor get_phys_addr() not to return FSR values Peter Maydell
` (9 preceding siblings ...)
2017-12-05 19:46 ` [Qemu-devel] [PATCH 10/12] target/arm: Ignore fsr from get_phys_addr() in do_ats_write() Peter Maydell
@ 2017-12-05 19:46 ` Peter Maydell
2017-12-05 19:46 ` [Qemu-devel] [PATCH 12/12] target/arm: Extend PAR format determination Peter Maydell
` (3 subsequent siblings)
14 siblings, 0 replies; 16+ messages in thread
From: Peter Maydell @ 2017-12-05 19:46 UTC (permalink / raw)
To: qemu-arm, qemu-devel; +Cc: patches, Edgar E . Iglesias, Stefano Stabellini
All of the callers of get_phys_addr() and arm_tlb_fill() now ignore
the FSR values they return, so we can just remove the argument
entirely.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/internals.h | 2 +-
target/arm/helper.c | 45 ++++++++++++++-------------------------------
target/arm/op_helper.c | 3 +--
3 files changed, 16 insertions(+), 34 deletions(-)
diff --git a/target/arm/internals.h b/target/arm/internals.h
index 67b9a52..876854d 100644
--- a/target/arm/internals.h
+++ b/target/arm/internals.h
@@ -690,7 +690,7 @@ static inline uint32_t arm_fi_to_lfsc(ARMMMUFaultInfo *fi)
/* Do a page table walk and add page to TLB if possible */
bool arm_tlb_fill(CPUState *cpu, vaddr address,
MMUAccessType access_type, int mmu_idx,
- uint32_t *fsr, ARMMMUFaultInfo *fi);
+ ARMMMUFaultInfo *fi);
/* Return true if the stage 1 translation regime is using LPAE format page
* tables */
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 17192f8..c23e424 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -28,7 +28,7 @@ typedef struct ARMCacheAttrs {
static bool get_phys_addr(CPUARMState *env, target_ulong address,
MMUAccessType access_type, ARMMMUIdx mmu_idx,
hwaddr *phys_ptr, MemTxAttrs *attrs, int *prot,
- target_ulong *page_size, uint32_t *fsr,
+ target_ulong *page_size,
ARMMMUFaultInfo *fi, ARMCacheAttrs *cacheattrs);
static bool get_phys_addr_lpae(CPUARMState *env, target_ulong address,
@@ -2160,7 +2160,6 @@ static uint64_t do_ats_write(CPUARMState *env, uint64_t value,
hwaddr phys_addr;
target_ulong page_size;
int prot;
- uint32_t fsr_unused;
bool ret;
uint64_t par64;
MemTxAttrs attrs = {};
@@ -2168,7 +2167,7 @@ static uint64_t do_ats_write(CPUARMState *env, uint64_t value,
ARMCacheAttrs cacheattrs = {};
ret = get_phys_addr(env, value, access_type, mmu_idx, &phys_addr, &attrs,
- &prot, &page_size, &fsr_unused, &fi, &cacheattrs);
+ &prot, &page_size, &fi, &cacheattrs);
/* TODO: this is not the correct condition to use to decide whether
* to report a PAR in 64-bit or 32-bit format.
*/
@@ -6981,7 +6980,6 @@ static bool v7m_read_half_insn(ARMCPU *cpu, ARMMMUIdx mmu_idx,
target_ulong page_size;
hwaddr physaddr;
int prot;
- uint32_t fsr;
v8m_security_lookup(env, addr, MMU_INST_FETCH, mmu_idx, &sattrs);
if (!sattrs.nsc || sattrs.ns) {
@@ -6995,7 +6993,7 @@ static bool v7m_read_half_insn(ARMCPU *cpu, ARMMMUIdx mmu_idx,
return false;
}
if (get_phys_addr(env, addr, MMU_INST_FETCH, mmu_idx,
- &physaddr, &attrs, &prot, &page_size, &fsr, &fi, NULL)) {
+ &physaddr, &attrs, &prot, &page_size, &fi, NULL)) {
/* the MPU lookup failed */
env->v7m.cfsr[env->v7m.secure] |= R_V7M_CFSR_IACCVIOL_MASK;
armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_MEM, env->v7m.secure);
@@ -9752,14 +9750,13 @@ static ARMCacheAttrs combine_cacheattrs(ARMCacheAttrs s1, ARMCacheAttrs s2)
* @attrs: set to the memory transaction attributes to use
* @prot: set to the permissions for the page containing phys_ptr
* @page_size: set to the size of the page containing phys_ptr
- * @fsr: set to the DFSR/IFSR value on failure
* @fi: set to fault info if the translation fails
* @cacheattrs: (if non-NULL) set to the cacheability/shareability attributes
*/
static bool get_phys_addr(CPUARMState *env, target_ulong address,
MMUAccessType access_type, ARMMMUIdx mmu_idx,
hwaddr *phys_ptr, MemTxAttrs *attrs, int *prot,
- target_ulong *page_size, uint32_t *fsr,
+ target_ulong *page_size,
ARMMMUFaultInfo *fi, ARMCacheAttrs *cacheattrs)
{
if (mmu_idx == ARMMMUIdx_S12NSE0 || mmu_idx == ARMMMUIdx_S12NSE1) {
@@ -9774,7 +9771,7 @@ static bool get_phys_addr(CPUARMState *env, target_ulong address,
ret = get_phys_addr(env, address, access_type,
stage_1_mmu_idx(mmu_idx), &ipa, attrs,
- prot, page_size, fsr, fi, cacheattrs);
+ prot, page_size, fi, cacheattrs);
/* If S1 fails or S2 is disabled, return early. */
if (ret || regime_translation_disabled(env, ARMMMUIdx_S2NS)) {
@@ -9787,7 +9784,6 @@ static bool get_phys_addr(CPUARMState *env, target_ulong address,
phys_ptr, attrs, &s2_prot,
page_size, fi,
cacheattrs != NULL ? &cacheattrs2 : NULL);
- *fsr = arm_fi_to_lfsc(fi);
fi->s2addr = ipa;
/* Combine the S1 and S2 perms. */
*prot &= s2_prot;
@@ -9833,17 +9829,14 @@ static bool get_phys_addr(CPUARMState *env, target_ulong address,
/* PMSAv8 */
ret = get_phys_addr_pmsav8(env, address, access_type, mmu_idx,
phys_ptr, attrs, prot, fi);
- *fsr = arm_fi_to_sfsc(fi);
} else if (arm_feature(env, ARM_FEATURE_V7)) {
/* PMSAv7 */
ret = get_phys_addr_pmsav7(env, address, access_type, mmu_idx,
phys_ptr, prot, fi);
- *fsr = arm_fi_to_sfsc(fi);
} else {
/* Pre-v7 MPU */
ret = get_phys_addr_pmsav5(env, address, access_type, mmu_idx,
phys_ptr, prot, fi);
- *fsr = arm_fi_to_sfsc(fi);
}
qemu_log_mask(CPU_LOG_MMU, "PMSA MPU lookup for %s at 0x%08" PRIx32
" mmu_idx %u -> %s (prot %c%c%c)\n",
@@ -9869,24 +9862,15 @@ static bool get_phys_addr(CPUARMState *env, target_ulong address,
}
if (regime_using_lpae_format(env, mmu_idx)) {
- bool ret = get_phys_addr_lpae(env, address, access_type, mmu_idx,
- phys_ptr, attrs, prot, page_size,
- fi, cacheattrs);
-
- *fsr = arm_fi_to_lfsc(fi);
- return ret;
+ return get_phys_addr_lpae(env, address, access_type, mmu_idx,
+ phys_ptr, attrs, prot, page_size,
+ fi, cacheattrs);
} else if (regime_sctlr(env, mmu_idx) & SCTLR_XP) {
- bool ret = get_phys_addr_v6(env, address, access_type, mmu_idx,
- phys_ptr, attrs, prot, page_size, fi);
-
- *fsr = arm_fi_to_sfsc(fi);
- return ret;
+ return get_phys_addr_v6(env, address, access_type, mmu_idx,
+ phys_ptr, attrs, prot, page_size, fi);
} else {
- bool ret = get_phys_addr_v5(env, address, access_type, mmu_idx,
+ return get_phys_addr_v5(env, address, access_type, mmu_idx,
phys_ptr, prot, page_size, fi);
-
- *fsr = arm_fi_to_sfsc(fi);
- return ret;
}
}
@@ -9895,7 +9879,7 @@ static bool get_phys_addr(CPUARMState *env, target_ulong address,
* fsr with ARM DFSR/IFSR fault register format value on failure.
*/
bool arm_tlb_fill(CPUState *cs, vaddr address,
- MMUAccessType access_type, int mmu_idx, uint32_t *fsr,
+ MMUAccessType access_type, int mmu_idx,
ARMMMUFaultInfo *fi)
{
ARMCPU *cpu = ARM_CPU(cs);
@@ -9908,7 +9892,7 @@ bool arm_tlb_fill(CPUState *cs, vaddr address,
ret = get_phys_addr(env, address, access_type,
core_to_arm_mmu_idx(env, mmu_idx), &phys_addr,
- &attrs, &prot, &page_size, fsr, fi, NULL);
+ &attrs, &prot, &page_size, fi, NULL);
if (!ret) {
/* Map a single [sub]page. */
phys_addr &= TARGET_PAGE_MASK;
@@ -9930,14 +9914,13 @@ hwaddr arm_cpu_get_phys_page_attrs_debug(CPUState *cs, vaddr addr,
target_ulong page_size;
int prot;
bool ret;
- uint32_t fsr;
ARMMMUFaultInfo fi = {};
ARMMMUIdx mmu_idx = core_to_arm_mmu_idx(env, cpu_mmu_index(env, false));
*attrs = (MemTxAttrs) {};
ret = get_phys_addr(env, addr, 0, mmu_idx, &phys_addr,
- attrs, &prot, &page_size, &fsr, &fi, NULL);
+ attrs, &prot, &page_size, &fi, NULL);
if (ret) {
return -1;
diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c
index 38e6993..c2bb4f3 100644
--- a/target/arm/op_helper.c
+++ b/target/arm/op_helper.c
@@ -176,10 +176,9 @@ void tlb_fill(CPUState *cs, target_ulong addr, MMUAccessType access_type,
int mmu_idx, uintptr_t retaddr)
{
bool ret;
- uint32_t fsr = 0;
ARMMMUFaultInfo fi = {};
- ret = arm_tlb_fill(cs, addr, access_type, mmu_idx, &fsr, &fi);
+ ret = arm_tlb_fill(cs, addr, access_type, mmu_idx, &fi);
if (unlikely(ret)) {
ARMCPU *cpu = ARM_CPU(cs);
--
2.7.4
^ permalink raw reply related [flat|nested] 16+ messages in thread
* [Qemu-devel] [PATCH 12/12] target/arm: Extend PAR format determination
2017-12-05 19:46 [Qemu-devel] [PATCH 00/12] Refactor get_phys_addr() not to return FSR values Peter Maydell
` (10 preceding siblings ...)
2017-12-05 19:46 ` [Qemu-devel] [PATCH 11/12] target/arm: Remove fsr argument from get_phys_addr() and arm_tlb_fill() Peter Maydell
@ 2017-12-05 19:46 ` Peter Maydell
2017-12-08 0:29 ` [Qemu-devel] [PATCH 00/12] Refactor get_phys_addr() not to return FSR values Richard Henderson
` (2 subsequent siblings)
14 siblings, 0 replies; 16+ messages in thread
From: Peter Maydell @ 2017-12-05 19:46 UTC (permalink / raw)
To: qemu-arm, qemu-devel; +Cc: patches, Edgar E . Iglesias, Stefano Stabellini
From: "Edgar E. Iglesias" <edgar.iglesias@xilinx.com>
Now that do_ats_write() is entirely in control of whether to
generate a 32-bit PAR or a 64-bit PAR, we can make it use the
correct (complicated) condition for doing so.
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
[PMM: Rebased Edgar's patch on top of get_phys_addr() refactoring;
use arm_s1_regime_using_lpae_format() rather than
regime_using_lpae_format() because the latter will assert
if passed ARMMMUIdx_S12NSE0 or ARMMMUIdx_S12NSE1;
updated commit message appropriately]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/helper.c | 33 +++++++++++++++++++++++++++++----
1 file changed, 29 insertions(+), 4 deletions(-)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index c23e424..d526db4 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -2162,16 +2162,41 @@ static uint64_t do_ats_write(CPUARMState *env, uint64_t value,
int prot;
bool ret;
uint64_t par64;
+ bool format64 = false;
MemTxAttrs attrs = {};
ARMMMUFaultInfo fi = {};
ARMCacheAttrs cacheattrs = {};
ret = get_phys_addr(env, value, access_type, mmu_idx, &phys_addr, &attrs,
&prot, &page_size, &fi, &cacheattrs);
- /* TODO: this is not the correct condition to use to decide whether
- * to report a PAR in 64-bit or 32-bit format.
- */
- if (arm_s1_regime_using_lpae_format(env, mmu_idx)) {
+
+ if (is_a64(env)) {
+ format64 = true;
+ } else if (arm_feature(env, ARM_FEATURE_LPAE)) {
+ /*
+ * ATS1Cxx:
+ * * TTBCR.EAE determines whether the result is returned using the
+ * 32-bit or the 64-bit PAR format
+ * * Instructions executed in Hyp mode always use the 64bit format
+ *
+ * ATS1S2NSOxx uses the 64bit format if any of the following is true:
+ * * The Non-secure TTBCR.EAE bit is set to 1
+ * * The implementation includes EL2, and the value of HCR.VM is 1
+ *
+ * ATS1Hx always uses the 64bit format (not supported yet).
+ */
+ format64 = arm_s1_regime_using_lpae_format(env, mmu_idx);
+
+ if (arm_feature(env, ARM_FEATURE_EL2)) {
+ if (mmu_idx == ARMMMUIdx_S12NSE0 || mmu_idx == ARMMMUIdx_S12NSE1) {
+ format64 |= env->cp15.hcr_el2 & HCR_VM;
+ } else {
+ format64 |= arm_current_el(env) == 2;
+ }
+ }
+ }
+
+ if (format64) {
/* Create a 64-bit PAR */
par64 = (1 << 11); /* LPAE bit always set */
if (!ret) {
--
2.7.4
^ permalink raw reply related [flat|nested] 16+ messages in thread
* Re: [Qemu-devel] [PATCH 00/12] Refactor get_phys_addr() not to return FSR values
2017-12-05 19:46 [Qemu-devel] [PATCH 00/12] Refactor get_phys_addr() not to return FSR values Peter Maydell
` (11 preceding siblings ...)
2017-12-05 19:46 ` [Qemu-devel] [PATCH 12/12] target/arm: Extend PAR format determination Peter Maydell
@ 2017-12-08 0:29 ` Richard Henderson
2017-12-08 22:40 ` Stefano Stabellini
2017-12-11 8:47 ` Edgar E. Iglesias
14 siblings, 0 replies; 16+ messages in thread
From: Richard Henderson @ 2017-12-08 0:29 UTC (permalink / raw)
To: Peter Maydell, qemu-arm, qemu-devel
Cc: Edgar E . Iglesias, Stefano Stabellini, patches
On 12/05/2017 11:46 AM, Peter Maydell wrote:
> Edgar E. Iglesias (1):
> target/arm: Extend PAR format determination
>
> Peter Maydell (11):
> target/arm: Provide fault type enum and FSR conversion functions
> target/arm: Remove fsr argument from arm_ld*_ptw()
> target/arm: Convert get_phys_addr_v5() to not return FSC values
> target/arm: Convert get_phys_addr_v6() to not return FSC values
> target/arm: Convert get_phys_addr_lpae() to not return FSC values
> target/arm: Convert get_phys_addr_pmsav5() to not return FSC values
> target/arm: Convert get_phys_addr_pmsav7() to not return FSC values
> target/arm: Convert get_phys_addr_pmsav8() to not return FSC values
> target/arm: Use ARMMMUFaultInfo in deliver_fault()
> target/arm: Ignore fsr from get_phys_addr() in do_ats_write()
> target/arm: Remove fsr argument from get_phys_addr() and
> arm_tlb_fill()
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [Qemu-devel] [PATCH 00/12] Refactor get_phys_addr() not to return FSR values
2017-12-05 19:46 [Qemu-devel] [PATCH 00/12] Refactor get_phys_addr() not to return FSR values Peter Maydell
` (12 preceding siblings ...)
2017-12-08 0:29 ` [Qemu-devel] [PATCH 00/12] Refactor get_phys_addr() not to return FSR values Richard Henderson
@ 2017-12-08 22:40 ` Stefano Stabellini
2017-12-11 8:47 ` Edgar E. Iglesias
14 siblings, 0 replies; 16+ messages in thread
From: Stefano Stabellini @ 2017-12-08 22:40 UTC (permalink / raw)
To: Peter Maydell
Cc: qemu-arm, qemu-devel, Edgar E . Iglesias, Stefano Stabellini, patches
On Tue, 5 Dec 2017, Peter Maydell wrote:
> Currently get_phys_addr() and its various subfunctions return a
> hard-coded fault status register value for translation failures. This
> is awkward because FSR values these days may be either long-descriptor
> format or short-descriptor format. Worse, the right FSR type to use
> doesn't depend only on the translation table being walked -- some
> cases, like fault info reported to AArch32 EL2 for some kinds of ATS
> operation, must be in long-descriptor format even if the translation
> table being walked was short format. We can't get those cases right
> with our current approach. (We put in a bodge fix so we could at
> least run Xen, in commit 50cd71b0d347c7.)
>
> This series does a refactoring of get_phys_addr() so that instead
> of returning FSR values it puts information in the existing
> ARMMMUFaultInfo structure that is sufficient to construct an
> FSR value, and the callers then do that using the right condition
> for whatever they're doing. I've included Edgar's patch from back
> in June that fixes the handling of ATS instructions, which is most
> of the point of the refactoring.
>
> Rather than doing it all in one massive unreviewable patch, the
> series is structured as:
> * patch 1: add fields to ARMMMUFaultInfo, and the utility functions
> that return a long or short format FSR given a fault info struct
> * patch 2: stop passing an fsr argument to arm_ld*_ptw(), since
> nothing actually looks at the result. (This breaks a cycle
> arm_ldq_ptw()->S1_ptw_translate()->get_phys_addr_lpae()->arm_ldq_ptw()
> which would otherwise make a stepwise refactoring awkward.)
> * patches 3 to 8: for each of the different subfunctions of
> get_phys_addr(), make them fill in the fault info fields instead
> of an fsr value. Temporarily we add calls to arm_fi_to_sfsc()
> and arm_fi_to_lfsc() at the callsites in get_phys_addr(), since
> the callers of get_phys_addr() still need the fsr values. These
> will go away again in a later patch.
> * patches 9 and 10: change the callers of get_phys_addr() to use
> the info in the fault info struct and ignore the fsr value.
> * patch 11: remove the now unused fsr argument (and the temporary
> calls to arm_fi_to_sfsc()/arm_fi_to_lfsc())
> * patch 12: Edgar's patch for ATS PAR format
>
> Arguably it would be good to push the "create the FSR value"
> logic further, into the point where the exception is taken.
> (This would let us correct the oddity where for M profile we
> get an A/R profile FSR value in arm_v7m_cpu_do_interrupt()
> which we then have to convert into the appropriate M profile
> fault status bits.) However, migration backcompat makes this
> tricky, because at the moment we migrate env->exception.fsr,
> and so we'd need to have code just to handle inbound migrations
> from old QEMU with an FSR and reconstitute a fault info struct.
> So I've stopped here, at least for now.
>
> This whole series sits on top of my v8M TT patchset (which also
> had to touch some of the get_phys_addr() code). I've pushed it
> to this git branch if that's more convenient:
>
> https://git.linaro.org/people/peter.maydell/qemu-arm.git fsr-in-faultinfo
>
> I have tested a bit (including a Linux KVM EL2 setup), but more
> testing would definitely be useful. Stefano: in particular it would
> be good to check this hasn't broken Xen again :-)
Still works :-)
Tested-by: Stefano Stabellini <sstabellini@kernel.org>
> Based-on: 1512153879-5291-1-git-send-email-peter.maydell@linaro.org
> ([PATCH 0/7] armv8m: Implement TT, and other bugfixes)
>
> thanks
> -- PMM
>
>
> Edgar E. Iglesias (1):
> target/arm: Extend PAR format determination
>
> Peter Maydell (11):
> target/arm: Provide fault type enum and FSR conversion functions
> target/arm: Remove fsr argument from arm_ld*_ptw()
> target/arm: Convert get_phys_addr_v5() to not return FSC values
> target/arm: Convert get_phys_addr_v6() to not return FSC values
> target/arm: Convert get_phys_addr_lpae() to not return FSC values
> target/arm: Convert get_phys_addr_pmsav5() to not return FSC values
> target/arm: Convert get_phys_addr_pmsav7() to not return FSC values
> target/arm: Convert get_phys_addr_pmsav8() to not return FSC values
> target/arm: Use ARMMMUFaultInfo in deliver_fault()
> target/arm: Ignore fsr from get_phys_addr() in do_ats_write()
> target/arm: Remove fsr argument from get_phys_addr() and
> arm_tlb_fill()
>
> target/arm/internals.h | 187 +++++++++++++++++++++++++++++++++++++-
> target/arm/helper.c | 238 +++++++++++++++++++++++++++----------------------
> target/arm/op_helper.c | 82 +++++------------
> 3 files changed, 342 insertions(+), 165 deletions(-)
>
> --
> 2.7.4
>
>
^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [Qemu-devel] [PATCH 00/12] Refactor get_phys_addr() not to return FSR values
2017-12-05 19:46 [Qemu-devel] [PATCH 00/12] Refactor get_phys_addr() not to return FSR values Peter Maydell
` (13 preceding siblings ...)
2017-12-08 22:40 ` Stefano Stabellini
@ 2017-12-11 8:47 ` Edgar E. Iglesias
14 siblings, 0 replies; 16+ messages in thread
From: Edgar E. Iglesias @ 2017-12-11 8:47 UTC (permalink / raw)
To: Peter Maydell; +Cc: qemu-arm, qemu-devel, patches, Stefano Stabellini
On Tue, Dec 05, 2017 at 07:46:20PM +0000, Peter Maydell wrote:
> Currently get_phys_addr() and its various subfunctions return a
> hard-coded fault status register value for translation failures. This
> is awkward because FSR values these days may be either long-descriptor
> format or short-descriptor format. Worse, the right FSR type to use
> doesn't depend only on the translation table being walked -- some
> cases, like fault info reported to AArch32 EL2 for some kinds of ATS
> operation, must be in long-descriptor format even if the translation
> table being walked was short format. We can't get those cases right
> with our current approach. (We put in a bodge fix so we could at
> least run Xen, in commit 50cd71b0d347c7.)
>
> This series does a refactoring of get_phys_addr() so that instead
> of returning FSR values it puts information in the existing
> ARMMMUFaultInfo structure that is sufficient to construct an
> FSR value, and the callers then do that using the right condition
> for whatever they're doing. I've included Edgar's patch from back
> in June that fixes the handling of ATS instructions, which is most
> of the point of the refactoring.
>
> Rather than doing it all in one massive unreviewable patch, the
> series is structured as:
> * patch 1: add fields to ARMMMUFaultInfo, and the utility functions
> that return a long or short format FSR given a fault info struct
> * patch 2: stop passing an fsr argument to arm_ld*_ptw(), since
> nothing actually looks at the result. (This breaks a cycle
> arm_ldq_ptw()->S1_ptw_translate()->get_phys_addr_lpae()->arm_ldq_ptw()
> which would otherwise make a stepwise refactoring awkward.)
> * patches 3 to 8: for each of the different subfunctions of
> get_phys_addr(), make them fill in the fault info fields instead
> of an fsr value. Temporarily we add calls to arm_fi_to_sfsc()
> and arm_fi_to_lfsc() at the callsites in get_phys_addr(), since
> the callers of get_phys_addr() still need the fsr values. These
> will go away again in a later patch.
> * patches 9 and 10: change the callers of get_phys_addr() to use
> the info in the fault info struct and ignore the fsr value.
> * patch 11: remove the now unused fsr argument (and the temporary
> calls to arm_fi_to_sfsc()/arm_fi_to_lfsc())
> * patch 12: Edgar's patch for ATS PAR format
>
> Arguably it would be good to push the "create the FSR value"
> logic further, into the point where the exception is taken.
> (This would let us correct the oddity where for M profile we
> get an A/R profile FSR value in arm_v7m_cpu_do_interrupt()
> which we then have to convert into the appropriate M profile
> fault status bits.) However, migration backcompat makes this
> tricky, because at the moment we migrate env->exception.fsr,
> and so we'd need to have code just to handle inbound migrations
> from old QEMU with an FSR and reconstitute a fault info struct.
> So I've stopped here, at least for now.
>
> This whole series sits on top of my v8M TT patchset (which also
> had to touch some of the get_phys_addr() code). I've pushed it
> to this git branch if that's more convenient:
>
> https://git.linaro.org/people/peter.maydell/qemu-arm.git fsr-in-faultinfo
>
> I have tested a bit (including a Linux KVM EL2 setup), but more
> testing would definitely be useful. Stefano: in particular it would
> be good to check this hasn't broken Xen again :-)
>
> Based-on: 1512153879-5291-1-git-send-email-peter.maydell@linaro.org
> ([PATCH 0/7] armv8m: Implement TT, and other bugfixes)
Hi Peter,
Thans for working on this, the series looks good to me!
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Cheers,
Edgar
>
> thanks
> -- PMM
>
>
> Edgar E. Iglesias (1):
> target/arm: Extend PAR format determination
>
> Peter Maydell (11):
> target/arm: Provide fault type enum and FSR conversion functions
> target/arm: Remove fsr argument from arm_ld*_ptw()
> target/arm: Convert get_phys_addr_v5() to not return FSC values
> target/arm: Convert get_phys_addr_v6() to not return FSC values
> target/arm: Convert get_phys_addr_lpae() to not return FSC values
> target/arm: Convert get_phys_addr_pmsav5() to not return FSC values
> target/arm: Convert get_phys_addr_pmsav7() to not return FSC values
> target/arm: Convert get_phys_addr_pmsav8() to not return FSC values
> target/arm: Use ARMMMUFaultInfo in deliver_fault()
> target/arm: Ignore fsr from get_phys_addr() in do_ats_write()
> target/arm: Remove fsr argument from get_phys_addr() and
> arm_tlb_fill()
>
> target/arm/internals.h | 187 +++++++++++++++++++++++++++++++++++++-
> target/arm/helper.c | 238 +++++++++++++++++++++++++++----------------------
> target/arm/op_helper.c | 82 +++++------------
> 3 files changed, 342 insertions(+), 165 deletions(-)
>
> --
> 2.7.4
>
^ permalink raw reply [flat|nested] 16+ messages in thread
end of thread, other threads:[~2017-12-11 8:47 UTC | newest]
Thread overview: 16+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-12-05 19:46 [Qemu-devel] [PATCH 00/12] Refactor get_phys_addr() not to return FSR values Peter Maydell
2017-12-05 19:46 ` [Qemu-devel] [PATCH 01/12] target/arm: Provide fault type enum and FSR conversion functions Peter Maydell
2017-12-05 19:46 ` [Qemu-devel] [PATCH 02/12] target/arm: Remove fsr argument from arm_ld*_ptw() Peter Maydell
2017-12-05 19:46 ` [Qemu-devel] [PATCH 03/12] target/arm: Convert get_phys_addr_v5() to not return FSC values Peter Maydell
2017-12-05 19:46 ` [Qemu-devel] [PATCH 04/12] target/arm: Convert get_phys_addr_v6() " Peter Maydell
2017-12-05 19:46 ` [Qemu-devel] [PATCH 05/12] target/arm: Convert get_phys_addr_lpae() " Peter Maydell
2017-12-05 19:46 ` [Qemu-devel] [PATCH 06/12] target/arm: Convert get_phys_addr_pmsav5() " Peter Maydell
2017-12-05 19:46 ` [Qemu-devel] [PATCH 07/12] target/arm: Convert get_phys_addr_pmsav7() " Peter Maydell
2017-12-05 19:46 ` [Qemu-devel] [PATCH 08/12] target/arm: Convert get_phys_addr_pmsav8() " Peter Maydell
2017-12-05 19:46 ` [Qemu-devel] [PATCH 09/12] target/arm: Use ARMMMUFaultInfo in deliver_fault() Peter Maydell
2017-12-05 19:46 ` [Qemu-devel] [PATCH 10/12] target/arm: Ignore fsr from get_phys_addr() in do_ats_write() Peter Maydell
2017-12-05 19:46 ` [Qemu-devel] [PATCH 11/12] target/arm: Remove fsr argument from get_phys_addr() and arm_tlb_fill() Peter Maydell
2017-12-05 19:46 ` [Qemu-devel] [PATCH 12/12] target/arm: Extend PAR format determination Peter Maydell
2017-12-08 0:29 ` [Qemu-devel] [PATCH 00/12] Refactor get_phys_addr() not to return FSR values Richard Henderson
2017-12-08 22:40 ` Stefano Stabellini
2017-12-11 8:47 ` Edgar E. Iglesias
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.