2013-03-12 04:31:07 +04:00
|
|
|
/*
|
|
|
|
|
* PowerPC MMU, TLB and BAT emulation helpers for QEMU.
|
|
|
|
|
*
|
|
|
|
|
* Copyright (c) 2003-2007 Jocelyn Mayer
|
|
|
|
|
* Copyright (c) 2013 David Gibson, IBM Corporation
|
|
|
|
|
*
|
|
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
|
* License as published by the Free Software Foundation; either
|
|
|
|
|
* version 2 of the License, or (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This library is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
|
* Lesser General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
|
|
|
* License along with this library; if not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include "cpu.h"
|
|
|
|
|
#include "helper.h"
|
|
|
|
|
#include "sysemu/kvm.h"
|
|
|
|
|
#include "kvm_ppc.h"
|
|
|
|
|
#include "mmu-hash32.h"
|
|
|
|
|
|
|
|
|
|
//#define DEBUG_MMU
|
|
|
|
|
|
|
|
|
|
#ifdef DEBUG_MMU
|
|
|
|
|
# define LOG_MMU(...) qemu_log(__VA_ARGS__)
|
|
|
|
|
# define LOG_MMU_STATE(env) log_cpu_state((env), 0)
|
|
|
|
|
#else
|
|
|
|
|
# define LOG_MMU(...) do { } while (0)
|
|
|
|
|
# define LOG_MMU_STATE(...) do { } while (0)
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#define PTE_PTEM_MASK 0x7FFFFFBF
|
|
|
|
|
#define PTE_CHECK_MASK (TARGET_PAGE_MASK | 0x7B)
|
|
|
|
|
|
|
|
|
|
static inline int pte_is_valid_hash32(target_ulong pte0)
|
|
|
|
|
{
|
|
|
|
|
return pte0 & 0x80000000 ? 1 : 0;
|
|
|
|
|
}
|
|
|
|
|
|
2013-03-12 04:31:08 +04:00
|
|
|
static int pte_check_hash32(mmu_ctx_t *ctx, target_ulong pte0,
|
|
|
|
|
target_ulong pte1, int h, int rw, int type)
|
2013-03-12 04:31:07 +04:00
|
|
|
{
|
|
|
|
|
target_ulong ptem, mmask;
|
|
|
|
|
int access, ret, pteh, ptev, pp;
|
|
|
|
|
|
|
|
|
|
ret = -1;
|
|
|
|
|
/* Check validity and table match */
|
|
|
|
|
ptev = pte_is_valid_hash32(pte0);
|
|
|
|
|
pteh = (pte0 >> 6) & 1;
|
|
|
|
|
if (ptev && h == pteh) {
|
|
|
|
|
/* Check vsid & api */
|
|
|
|
|
ptem = pte0 & PTE_PTEM_MASK;
|
|
|
|
|
mmask = PTE_CHECK_MASK;
|
|
|
|
|
pp = pte1 & 0x00000003;
|
|
|
|
|
if (ptem == ctx->ptem) {
|
|
|
|
|
if (ctx->raddr != (hwaddr)-1ULL) {
|
|
|
|
|
/* all matches should have equal RPN, WIMG & PP */
|
|
|
|
|
if ((ctx->raddr & mmask) != (pte1 & mmask)) {
|
|
|
|
|
qemu_log("Bad RPN/WIMG/PP\n");
|
|
|
|
|
return -3;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
/* Compute access rights */
|
|
|
|
|
access = pp_check(ctx->key, pp, ctx->nx);
|
|
|
|
|
/* Keep the matching PTE informations */
|
|
|
|
|
ctx->raddr = pte1;
|
|
|
|
|
ctx->prot = access;
|
|
|
|
|
ret = check_prot(ctx->prot, rw, type);
|
|
|
|
|
if (ret == 0) {
|
|
|
|
|
/* Access granted */
|
|
|
|
|
LOG_MMU("PTE access granted !\n");
|
|
|
|
|
} else {
|
|
|
|
|
/* Access right violation */
|
|
|
|
|
LOG_MMU("PTE access rejected\n");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
2013-03-12 04:31:08 +04:00
|
|
|
|
|
|
|
|
/* PTE table lookup */
|
|
|
|
|
int find_pte32(CPUPPCState *env, mmu_ctx_t *ctx, int h,
|
|
|
|
|
int rw, int type, int target_page_bits)
|
|
|
|
|
{
|
|
|
|
|
hwaddr pteg_off;
|
|
|
|
|
target_ulong pte0, pte1;
|
|
|
|
|
int i, good = -1;
|
|
|
|
|
int ret, r;
|
|
|
|
|
|
|
|
|
|
ret = -1; /* No entry found */
|
|
|
|
|
pteg_off = get_pteg_offset(env, ctx->hash[h], HASH_PTE_SIZE_32);
|
|
|
|
|
for (i = 0; i < 8; i++) {
|
|
|
|
|
if (env->external_htab) {
|
|
|
|
|
pte0 = ldl_p(env->external_htab + pteg_off + (i * 8));
|
|
|
|
|
pte1 = ldl_p(env->external_htab + pteg_off + (i * 8) + 4);
|
|
|
|
|
} else {
|
|
|
|
|
pte0 = ldl_phys(env->htab_base + pteg_off + (i * 8));
|
|
|
|
|
pte1 = ldl_phys(env->htab_base + pteg_off + (i * 8) + 4);
|
|
|
|
|
}
|
|
|
|
|
r = pte_check_hash32(ctx, pte0, pte1, h, rw, type);
|
|
|
|
|
LOG_MMU("Load pte from %08" HWADDR_PRIx " => " TARGET_FMT_lx " "
|
|
|
|
|
TARGET_FMT_lx " %d %d %d " TARGET_FMT_lx "\n",
|
|
|
|
|
pteg_off + (i * 8), pte0, pte1, (int)(pte0 >> 31), h,
|
|
|
|
|
(int)((pte0 >> 6) & 1), ctx->ptem);
|
|
|
|
|
switch (r) {
|
|
|
|
|
case -3:
|
|
|
|
|
/* PTE inconsistency */
|
|
|
|
|
return -1;
|
|
|
|
|
case -2:
|
|
|
|
|
/* Access violation */
|
|
|
|
|
ret = -2;
|
|
|
|
|
good = i;
|
|
|
|
|
break;
|
|
|
|
|
case -1:
|
|
|
|
|
default:
|
|
|
|
|
/* No PTE match */
|
|
|
|
|
break;
|
|
|
|
|
case 0:
|
|
|
|
|
/* access granted */
|
|
|
|
|
/* XXX: we should go on looping to check all PTEs consistency
|
|
|
|
|
* but if we can speed-up the whole thing as the
|
|
|
|
|
* result would be undefined if PTEs are not consistent.
|
|
|
|
|
*/
|
|
|
|
|
ret = 0;
|
|
|
|
|
good = i;
|
|
|
|
|
goto done;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if (good != -1) {
|
|
|
|
|
done:
|
|
|
|
|
LOG_MMU("found PTE at addr %08" HWADDR_PRIx " prot=%01x ret=%d\n",
|
|
|
|
|
ctx->raddr, ctx->prot, ret);
|
|
|
|
|
/* Update page flags */
|
|
|
|
|
pte1 = ctx->raddr;
|
|
|
|
|
if (pte_update_flags(ctx, &pte1, ret, rw) == 1) {
|
|
|
|
|
if (env->external_htab) {
|
|
|
|
|
stl_p(env->external_htab + pteg_off + (good * 8) + 4,
|
|
|
|
|
pte1);
|
|
|
|
|
} else {
|
|
|
|
|
stl_phys_notdirty(env->htab_base + pteg_off +
|
|
|
|
|
(good * 8) + 4, pte1);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* We have a TLB that saves 4K pages, so let's
|
|
|
|
|
* split a huge page to 4k chunks */
|
|
|
|
|
if (target_page_bits != TARGET_PAGE_BITS) {
|
|
|
|
|
ctx->raddr |= (ctx->eaddr & ((1 << target_page_bits) - 1))
|
|
|
|
|
& TARGET_PAGE_MASK;
|
|
|
|
|
}
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
