diff options
Diffstat (limited to 'target')
| -rw-r--r-- | target/ppc/cpu.h | 57 | ||||
| -rw-r--r-- | target/ppc/cpu_init.c | 20 | ||||
| -rw-r--r-- | target/ppc/excp_helper.c | 36 | ||||
| -rw-r--r-- | target/ppc/gdbstub.c | 40 | ||||
| -rw-r--r-- | target/ppc/helper_regs.c | 41 | ||||
| -rw-r--r-- | target/ppc/mmu_helper.c | 105 | ||||
| -rw-r--r-- | target/ppc/ppc-qmp-cmds.c | 4 | ||||
| -rw-r--r-- | target/ppc/tcg-stub.c | 15 | ||||
| -rw-r--r-- | target/ppc/timebase_helper.c | 309 | ||||
| -rw-r--r-- | target/ppc/translate.c | 42 | ||||
| -rw-r--r-- | target/ppc/translate/vsx-impl.c.inc | 2 |
11 files changed, 562 insertions, 109 deletions
diff --git a/target/ppc/cpu.h b/target/ppc/cpu.h index a44de22ca4..ec14574d14 100644 --- a/target/ppc/cpu.h +++ b/target/ppc/cpu.h @@ -1184,6 +1184,21 @@ DEXCR_ASPECT(NPHIE, 5) DEXCR_ASPECT(PHIE, 6) /*****************************************************************************/ +/* PowerNV ChipTOD and TimeBase State Machine */ +struct pnv_tod_tbst { + int tb_ready_for_tod; /* core TB ready to receive TOD from chiptod */ + int tod_sent_to_tb; /* chiptod sent TOD to the core TB */ + + /* + * "Timers" for async TBST events are simulated by mfTFAC because TFAC + * is polled for such events. These are just used to ensure firmware + * performs the polling at least a few times. + */ + int tb_state_timer; + int tb_sync_pulse_timer; +}; + +/*****************************************************************************/ /* The whole PowerPC CPU context */ /* @@ -1258,6 +1273,12 @@ struct CPUArchState { uint32_t tlb_need_flush; /* Delayed flush needed */ #define TLB_NEED_LOCAL_FLUSH 0x1 #define TLB_NEED_GLOBAL_FLUSH 0x2 + +#if defined(TARGET_PPC64) + /* PowerNV chiptod / timebase facility state. */ + /* Would be nice to put these into PnvCore */ + struct pnv_tod_tbst pnv_tod_tbst; +#endif #endif /* Other registers */ @@ -1750,8 +1771,8 @@ void ppc_compat_add_property(Object *obj, const char *name, #define SPR_USPRG5 (0x105) #define SPR_USPRG6 (0x106) #define SPR_USPRG7 (0x107) -#define SPR_VTBL (0x10C) -#define SPR_VTBU (0x10D) +#define SPR_TBL (0x10C) +#define SPR_TBU (0x10D) #define SPR_SPRG0 (0x110) #define SPR_SPRG1 (0x111) #define SPR_SPRG2 (0x112) @@ -1764,8 +1785,8 @@ void ppc_compat_add_property(Object *obj, const char *name, #define SPR_SPRG7 (0x117) #define SPR_ASR (0x118) #define SPR_EAR (0x11A) -#define SPR_TBL (0x11C) -#define SPR_TBU (0x11D) +#define SPR_WR_TBL (0x11C) +#define SPR_WR_TBU (0x11D) #define SPR_TBU40 (0x11E) #define SPR_SVR (0x11E) #define SPR_BOOKE_PIR (0x11E) @@ -2648,6 +2669,34 @@ enum { HMER_XSCOM_STATUS_MASK = PPC_BITMASK(21, 23), }; +/* TFMR */ +enum { + TFMR_CONTROL_MASK = PPC_BITMASK(0, 24), + TFMR_MASK_HMI = PPC_BIT(10), + TFMR_TB_ECLIPZ = PPC_BIT(14), + TFMR_LOAD_TOD_MOD = PPC_BIT(16), + TFMR_MOVE_CHIP_TOD_TO_TB = PPC_BIT(18), + TFMR_CLEAR_TB_ERRORS = PPC_BIT(24), + TFMR_STATUS_MASK = PPC_BITMASK(25, 63), + TFMR_TBST_ENCODED = PPC_BITMASK(28, 31), /* TBST = TB State */ + TFMR_TBST_LAST = PPC_BITMASK(32, 35), /* Previous TBST */ + TFMR_TB_ENABLED = PPC_BIT(40), + TFMR_TB_VALID = PPC_BIT(41), + TFMR_TB_SYNC_OCCURED = PPC_BIT(42), + TFMR_FIRMWARE_CONTROL_ERROR = PPC_BIT(46), +}; + +/* TFMR TBST (Time Base State Machine). */ +enum { + TBST_RESET = 0x0, + TBST_SEND_TOD_MOD = 0x1, + TBST_NOT_SET = 0x2, + TBST_SYNC_WAIT = 0x6, + TBST_GET_TOD = 0x7, + TBST_TB_RUNNING = 0x8, + TBST_TB_ERROR = 0x9, +}; + /*****************************************************************************/ #define is_isa300(ctx) (!!(ctx->insns_flags2 & PPC2_ISA300)) diff --git a/target/ppc/cpu_init.c b/target/ppc/cpu_init.c index 9931372a08..9bccddb350 100644 --- a/target/ppc/cpu_init.c +++ b/target/ppc/cpu_init.c @@ -5062,7 +5062,7 @@ static void register_970_hid_sprs(CPUPPCState *env) static void register_970_hior_sprs(CPUPPCState *env) { - spr_register(env, SPR_HIOR, "SPR_HIOR", + spr_register(env, SPR_HIOR, "HIOR", SPR_NOACCESS, SPR_NOACCESS, &spr_read_hior, &spr_write_hior, 0x00000000); @@ -5070,11 +5070,11 @@ static void register_970_hior_sprs(CPUPPCState *env) static void register_book3s_ctrl_sprs(CPUPPCState *env) { - spr_register(env, SPR_CTRL, "SPR_CTRL", + spr_register(env, SPR_CTRL, "CTRL", SPR_NOACCESS, SPR_NOACCESS, SPR_NOACCESS, &spr_write_CTRL, 0x00000000); - spr_register(env, SPR_UCTRL, "SPR_UCTRL", + spr_register(env, SPR_UCTRL, "UCTRL", &spr_read_ureg, SPR_NOACCESS, &spr_read_ureg, SPR_NOACCESS, 0x00000000); @@ -5465,7 +5465,7 @@ static void register_book3s_purr_sprs(CPUPPCState *env) static void register_power6_dbg_sprs(CPUPPCState *env) { #if !defined(CONFIG_USER_ONLY) - spr_register(env, SPR_CFAR, "SPR_CFAR", + spr_register(env, SPR_CFAR, "CFAR", SPR_NOACCESS, SPR_NOACCESS, &spr_read_cfar, &spr_write_cfar, 0x00000000); @@ -5483,7 +5483,7 @@ static void register_power5p_common_sprs(CPUPPCState *env) static void register_power6_common_sprs(CPUPPCState *env) { #if !defined(CONFIG_USER_ONLY) - spr_register_kvm(env, SPR_DSCR, "SPR_DSCR", + spr_register_kvm(env, SPR_DSCR, "DSCR", SPR_NOACCESS, SPR_NOACCESS, &spr_read_generic, &spr_write_generic, KVM_REG_PPC_DSCR, 0x00000000); @@ -5695,7 +5695,7 @@ static void register_power8_book4_sprs(CPUPPCState *env) &spr_read_generic, &spr_write_generic, KVM_REG_PPC_ACOP, 0); /* PID is only in BookE in ISA v2.07 */ - spr_register_kvm(env, SPR_BOOKS_PID, "PID", + spr_register_kvm(env, SPR_BOOKS_PID, "PIDR", SPR_NOACCESS, SPR_NOACCESS, &spr_read_generic, &spr_write_pidr, KVM_REG_PPC_PID, 0); @@ -5716,7 +5716,7 @@ static void register_power7_book4_sprs(CPUPPCState *env) &spr_read_generic, &spr_write_generic, KVM_REG_PPC_ACOP, 0); /* PID is only in BookE in ISA v2.06 */ - spr_register_kvm(env, SPR_BOOKS_PID, "PID", + spr_register_kvm(env, SPR_BOOKS_PID, "PIDR", SPR_NOACCESS, SPR_NOACCESS, &spr_read_generic, &spr_write_generic32, KVM_REG_PPC_PID, 0); @@ -5750,7 +5750,7 @@ static void register_power9_mmu_sprs(CPUPPCState *env) &spr_read_generic, &spr_write_generic, 0x0000000000000000); /* PID is part of the BookS ISA from v3.0 */ - spr_register_kvm(env, SPR_BOOKS_PID, "PID", + spr_register_kvm(env, SPR_BOOKS_PID, "PIDR", SPR_NOACCESS, SPR_NOACCESS, &spr_read_generic, &spr_write_pidr, KVM_REG_PPC_PID, 0); @@ -5791,7 +5791,7 @@ static void register_power10_dexcr_sprs(CPUPPCState *env) &spr_read_generic, &spr_write_generic32, 0); - spr_register(env, SPR_UDEXCR, "DEXCR", + spr_register(env, SPR_UDEXCR, "UDEXCR", &spr_read_dexcr_ureg, SPR_NOACCESS, &spr_read_dexcr_ureg, SPR_NOACCESS, 0); @@ -5802,7 +5802,7 @@ static void register_power10_dexcr_sprs(CPUPPCState *env) &spr_read_generic, &spr_write_generic32, 0); - spr_register(env, SPR_UHDEXCR, "HDEXCR", + spr_register(env, SPR_UHDEXCR, "UHDEXCR", &spr_read_dexcr_ureg, SPR_NOACCESS, &spr_read_dexcr_ureg, SPR_NOACCESS, 0); diff --git a/target/ppc/excp_helper.c b/target/ppc/excp_helper.c index 2ec6429e36..98952de267 100644 --- a/target/ppc/excp_helper.c +++ b/target/ppc/excp_helper.c @@ -1312,6 +1312,10 @@ static bool is_prefix_insn_excp(PowerPCCPU *cpu, int excp) { CPUPPCState *env = &cpu->env; + if (!(env->insns_flags2 & PPC2_ISA310)) { + return false; + } + if (!tcg_enabled()) { /* * This does not load instructions and set the prefix bit correctly @@ -1322,6 +1326,15 @@ static bool is_prefix_insn_excp(PowerPCCPU *cpu, int excp) } switch (excp) { + case POWERPC_EXCP_MCHECK: + if (!(env->error_code & PPC_BIT(42))) { + /* + * Fetch attempt caused a machine check, so attempting to fetch + * again would cause a recursive machine check. + */ + return false; + } + break; case POWERPC_EXCP_HDSI: /* HDSI PRTABLE_FAULT has the originating access type in error_code */ if ((env->spr[SPR_HDSISR] & DSISR_PRTABLE_FAULT) && @@ -1332,10 +1345,10 @@ static bool is_prefix_insn_excp(PowerPCCPU *cpu, int excp) * instruction at NIP would cause recursive faults with the same * translation). */ - break; + return false; } - /* fall through */ - case POWERPC_EXCP_MCHECK: + break; + case POWERPC_EXCP_DSI: case POWERPC_EXCP_DSEG: case POWERPC_EXCP_ALIGN: @@ -1346,17 +1359,13 @@ static bool is_prefix_insn_excp(PowerPCCPU *cpu, int excp) case POWERPC_EXCP_VPU: case POWERPC_EXCP_VSXU: case POWERPC_EXCP_FU: - case POWERPC_EXCP_HV_FU: { - uint32_t insn = ppc_ldl_code(env, env->nip); - if (is_prefix_insn(env, insn)) { - return true; - } + case POWERPC_EXCP_HV_FU: break; - } default: - break; + return false; } - return false; + + return is_prefix_insn(env, ppc_ldl_code(env, env->nip)); } #else static bool is_prefix_insn_excp(PowerPCCPU *cpu, int excp) @@ -3224,6 +3233,7 @@ void ppc_cpu_do_transaction_failed(CPUState *cs, hwaddr physaddr, switch (env->excp_model) { #if defined(TARGET_PPC64) + case POWERPC_EXCP_POWER8: case POWERPC_EXCP_POWER9: case POWERPC_EXCP_POWER10: /* @@ -3245,6 +3255,10 @@ void ppc_cpu_do_transaction_failed(CPUState *cs, hwaddr physaddr, env->error_code |= PPC_BIT(42); } else { /* Fetch */ + /* + * is_prefix_insn_excp() tests !PPC_BIT(42) to avoid fetching + * the instruction, so that must always be clear for fetches. + */ env->error_code = PPC_BIT(36) | PPC_BIT(44) | PPC_BIT(45); } break; diff --git a/target/ppc/gdbstub.c b/target/ppc/gdbstub.c index ec5731e5d6..dfe31d0f47 100644 --- a/target/ppc/gdbstub.c +++ b/target/ppc/gdbstub.c @@ -394,7 +394,32 @@ static int gdb_get_spr_reg(CPUPPCState *env, GByteArray *buf, int n) } len = TARGET_LONG_SIZE; - gdb_get_regl(buf, env->spr[reg]); + + /* Handle those SPRs that are not part of the env->spr[] array */ + target_ulong val; + switch (reg) { +#if defined(TARGET_PPC64) + case SPR_CFAR: + val = env->cfar; + break; +#endif + case SPR_HDEC: + val = cpu_ppc_load_hdecr(env); + break; + case SPR_TBL: + val = cpu_ppc_load_tbl(env); + break; + case SPR_TBU: + val = cpu_ppc_load_tbu(env); + break; + case SPR_DECR: + val = cpu_ppc_load_decr(env); + break; + default: + val = env->spr[reg]; + } + gdb_get_regl(buf, val); + ppc_maybe_bswap_register(env, gdb_get_reg_ptr(buf, len), len); return len; } @@ -411,7 +436,18 @@ static int gdb_set_spr_reg(CPUPPCState *env, uint8_t *mem_buf, int n) len = TARGET_LONG_SIZE; ppc_maybe_bswap_register(env, mem_buf, len); - env->spr[reg] = ldn_p(mem_buf, len); + + /* Handle those SPRs that are not part of the env->spr[] array */ + target_ulong val = ldn_p(mem_buf, len); + switch (reg) { +#if defined(TARGET_PPC64) + case SPR_CFAR: + env->cfar = val; + break; +#endif + default: + env->spr[reg] = val; + } return len; } diff --git a/target/ppc/helper_regs.c b/target/ppc/helper_regs.c index e0b2dcd02e..410b39c231 100644 --- a/target/ppc/helper_regs.c +++ b/target/ppc/helper_regs.c @@ -460,22 +460,41 @@ void register_generic_sprs(PowerPCCPU *cpu) } /* Time base */ - spr_register(env, SPR_VTBL, "TBL", - &spr_read_tbl, SPR_NOACCESS, +#if defined(TARGET_PPC64) + spr_register(env, SPR_TBL, "TB", +#else + spr_register(env, SPR_TBL, "TBL", +#endif &spr_read_tbl, SPR_NOACCESS, - 0x00000000); - spr_register(env, SPR_TBL, "TBL", &spr_read_tbl, SPR_NOACCESS, - &spr_read_tbl, &spr_write_tbl, 0x00000000); - spr_register(env, SPR_VTBU, "TBU", + spr_register(env, SPR_TBU, "TBU", &spr_read_tbu, SPR_NOACCESS, &spr_read_tbu, SPR_NOACCESS, 0x00000000); - spr_register(env, SPR_TBU, "TBU", - &spr_read_tbu, SPR_NOACCESS, - &spr_read_tbu, &spr_write_tbu, - 0x00000000); +#ifndef CONFIG_USER_ONLY + if (env->has_hv_mode) { + spr_register_hv(env, SPR_WR_TBL, "TBL", + SPR_NOACCESS, SPR_NOACCESS, + SPR_NOACCESS, SPR_NOACCESS, + SPR_NOACCESS, &spr_write_tbl, + 0x00000000); + spr_register_hv(env, SPR_WR_TBU, "TBU", + SPR_NOACCESS, SPR_NOACCESS, + SPR_NOACCESS, SPR_NOACCESS, + SPR_NOACCESS, &spr_write_tbu, + 0x00000000); + } else { + spr_register(env, SPR_WR_TBL, "TBL", + SPR_NOACCESS, SPR_NOACCESS, + SPR_NOACCESS, &spr_write_tbl, + 0x00000000); + spr_register(env, SPR_WR_TBU, "TBU", + SPR_NOACCESS, SPR_NOACCESS, + SPR_NOACCESS, &spr_write_tbu, + 0x00000000); + } +#endif } void register_non_embedded_sprs(CPUPPCState *env) @@ -490,7 +509,7 @@ void register_non_embedded_sprs(CPUPPCState *env) &spr_read_generic, &spr_write_generic, KVM_REG_PPC_DAR, 0x00000000); /* Timer */ - spr_register(env, SPR_DECR, "DECR", + spr_register(env, SPR_DECR, "DEC", SPR_NOACCESS, SPR_NOACCESS, &spr_read_decr, &spr_write_decr, 0x00000000); diff --git a/target/ppc/mmu_helper.c b/target/ppc/mmu_helper.c index f87d35379a..c071b4d5e2 100644 --- a/target/ppc/mmu_helper.c +++ b/target/ppc/mmu_helper.c @@ -749,12 +749,29 @@ target_ulong helper_4xx_tlbre_lo(CPUPPCState *env, target_ulong entry) return ret; } +static void ppcemb_tlb_flush(CPUState *cs, ppcemb_tlb_t *tlb) +{ + unsigned mmu_idx = 0; + + if (tlb->prot & 0xf) { + mmu_idx |= 0x1; + } + if ((tlb->prot >> 4) & 0xf) { + mmu_idx |= 0x2; + } + if (tlb->attr & 1) { + mmu_idx <<= 2; + } + + tlb_flush_range_by_mmuidx(cs, tlb->EPN, tlb->size, mmu_idx, + TARGET_LONG_BITS); +} + void helper_4xx_tlbwe_hi(CPUPPCState *env, target_ulong entry, target_ulong val) { CPUState *cs = env_cpu(env); ppcemb_tlb_t *tlb; - target_ulong page, end; qemu_log_mask(CPU_LOG_MMU, "%s entry %d val " TARGET_FMT_lx "\n", __func__, (int)entry, @@ -762,14 +779,11 @@ void helper_4xx_tlbwe_hi(CPUPPCState *env, target_ulong entry, entry &= PPC4XX_TLB_ENTRY_MASK; tlb = &env->tlb.tlbe[entry]; /* Invalidate previous TLB (if it's valid) */ - if (tlb->prot & PAGE_VALID) { - end = tlb->EPN + tlb->size; + if ((tlb->prot & PAGE_VALID) && tlb->PID == env->spr[SPR_40x_PID]) { qemu_log_mask(CPU_LOG_MMU, "%s: invalidate old TLB %d start " TARGET_FMT_lx " end " TARGET_FMT_lx "\n", __func__, - (int)entry, tlb->EPN, end); - for (page = tlb->EPN; page < end; page += TARGET_PAGE_SIZE) { - tlb_flush_page(cs, page); - } + (int)entry, tlb->EPN, tlb->EPN + tlb->size); + ppcemb_tlb_flush(cs, tlb); } tlb->size = booke_tlb_to_page_size((val >> PPC4XX_TLBHI_SIZE_SHIFT) & PPC4XX_TLBHI_SIZE_MASK); @@ -803,27 +817,25 @@ void helper_4xx_tlbwe_hi(CPUPPCState *env, target_ulong entry, tlb->prot & PAGE_WRITE ? 'w' : '-', tlb->prot & PAGE_EXEC ? 'x' : '-', tlb->prot & PAGE_VALID ? 'v' : '-', (int)tlb->PID); - /* Invalidate new TLB (if valid) */ - if (tlb->prot & PAGE_VALID) { - end = tlb->EPN + tlb->size; - qemu_log_mask(CPU_LOG_MMU, "%s: invalidate TLB %d start " - TARGET_FMT_lx " end " TARGET_FMT_lx "\n", __func__, - (int)entry, tlb->EPN, end); - for (page = tlb->EPN; page < end; page += TARGET_PAGE_SIZE) { - tlb_flush_page(cs, page); - } - } } void helper_4xx_tlbwe_lo(CPUPPCState *env, target_ulong entry, target_ulong val) { + CPUState *cs = env_cpu(env); ppcemb_tlb_t *tlb; qemu_log_mask(CPU_LOG_MMU, "%s entry %i val " TARGET_FMT_lx "\n", __func__, (int)entry, val); entry &= PPC4XX_TLB_ENTRY_MASK; tlb = &env->tlb.tlbe[entry]; + /* Invalidate previous TLB (if it's valid) */ + if ((tlb->prot & PAGE_VALID) && tlb->PID == env->spr[SPR_40x_PID]) { + qemu_log_mask(CPU_LOG_MMU, "%s: invalidate old TLB %d start " + TARGET_FMT_lx " end " TARGET_FMT_lx "\n", __func__, + (int)entry, tlb->EPN, tlb->EPN + tlb->size); + ppcemb_tlb_flush(cs, tlb); + } tlb->attr = val & PPC4XX_TLBLO_ATTR_MASK; tlb->RPN = val & PPC4XX_TLBLO_RPN_MASK; tlb->prot = PAGE_READ; @@ -841,8 +853,6 @@ void helper_4xx_tlbwe_lo(CPUPPCState *env, target_ulong entry, tlb->prot & PAGE_WRITE ? 'w' : '-', tlb->prot & PAGE_EXEC ? 'x' : '-', tlb->prot & PAGE_VALID ? 'v' : '-', (int)tlb->PID); - - env->tlb_need_flush |= TLB_NEED_LOCAL_FLUSH; } target_ulong helper_4xx_tlbsx(CPUPPCState *env, target_ulong address) @@ -850,54 +860,61 @@ target_ulong helper_4xx_tlbsx(CPUPPCState *env, target_ulong address) return ppcemb_tlb_search(env, address, env->spr[SPR_40x_PID]); } +static bool mmubooke_pid_match(CPUPPCState *env, ppcemb_tlb_t *tlb) +{ + if (tlb->PID == env->spr[SPR_BOOKE_PID]) { + return true; + } + if (!env->nb_pids) { + return false; + } + + if (env->spr[SPR_BOOKE_PID1] && tlb->PID == env->spr[SPR_BOOKE_PID1]) { + return true; + } + if (env->spr[SPR_BOOKE_PID2] && tlb->PID == env->spr[SPR_BOOKE_PID2]) { + return true; + } + + return false; +} + /* PowerPC 440 TLB management */ void helper_440_tlbwe(CPUPPCState *env, uint32_t word, target_ulong entry, target_ulong value) { ppcemb_tlb_t *tlb; - target_ulong EPN, RPN, size; - int do_flush_tlbs; qemu_log_mask(CPU_LOG_MMU, "%s word %d entry %d value " TARGET_FMT_lx "\n", __func__, word, (int)entry, value); - do_flush_tlbs = 0; entry &= 0x3F; tlb = &env->tlb.tlbe[entry]; + + /* Invalidate previous TLB (if it's valid) */ + if ((tlb->prot & PAGE_VALID) && mmubooke_pid_match(env, tlb)) { + qemu_log_mask(CPU_LOG_MMU, "%s: invalidate old TLB %d start " + TARGET_FMT_lx " end " TARGET_FMT_lx "\n", __func__, + (int)entry, tlb->EPN, tlb->EPN + tlb->size); + ppcemb_tlb_flush(env_cpu(env), tlb); + } + switch (word) { default: /* Just here to please gcc */ case 0: - EPN = value & 0xFFFFFC00; - if ((tlb->prot & PAGE_VALID) && EPN != tlb->EPN) { - do_flush_tlbs = 1; - } - tlb->EPN = EPN; - size = booke_tlb_to_page_size((value >> 4) & 0xF); - if ((tlb->prot & PAGE_VALID) && tlb->size < size) { - do_flush_tlbs = 1; - } - tlb->size = size; + tlb->EPN = value & 0xFFFFFC00; + tlb->size = booke_tlb_to_page_size((value >> 4) & 0xF); tlb->attr &= ~0x1; tlb->attr |= (value >> 8) & 1; if (value & 0x200) { tlb->prot |= PAGE_VALID; } else { - if (tlb->prot & PAGE_VALID) { - tlb->prot &= ~PAGE_VALID; - do_flush_tlbs = 1; - } + tlb->prot &= ~PAGE_VALID; } tlb->PID = env->spr[SPR_440_MMUCR] & 0x000000FF; - if (do_flush_tlbs) { - tlb_flush(env_cpu(env)); - } break; case 1: - RPN = value & 0xFFFFFC0F; - if ((tlb->prot & PAGE_VALID) && tlb->RPN != RPN) { - tlb_flush(env_cpu(env)); - } - tlb->RPN = RPN; + tlb->RPN = value & 0xFFFFFC0F; break; case 2: tlb->attr = (tlb->attr & 0x1) | (value & 0x0000FF00); diff --git a/target/ppc/ppc-qmp-cmds.c b/target/ppc/ppc-qmp-cmds.c index c0c137d9d7..ee0b99fce7 100644 --- a/target/ppc/ppc-qmp-cmds.c +++ b/target/ppc/ppc-qmp-cmds.c @@ -103,7 +103,11 @@ const MonitorDef monitor_defs[] = { { "xer", 0, &monitor_get_xer }, { "msr", offsetof(CPUPPCState, msr) }, { "tbu", 0, &monitor_get_tbu, }, +#if defined(TARGET_PPC64) + { "tb", 0, &monitor_get_tbl, }, +#else { "tbl", 0, &monitor_get_tbl, }, +#endif { NULL }, }; diff --git a/target/ppc/tcg-stub.c b/target/ppc/tcg-stub.c index aadcf59d26..740d796b98 100644 --- a/target/ppc/tcg-stub.c +++ b/target/ppc/tcg-stub.c @@ -28,18 +28,3 @@ void create_ppc_opcodes(PowerPCCPU *cpu, Error **errp) void destroy_ppc_opcodes(PowerPCCPU *cpu) { } - -target_ulong softmmu_resize_hpt_prepare(PowerPCCPU *cpu, - SpaprMachineState *spapr, - target_ulong shift) -{ - g_assert_not_reached(); -} - -target_ulong softmmu_resize_hpt_commit(PowerPCCPU *cpu, - SpaprMachineState *spapr, - target_ulong flags, - target_ulong shift) -{ - g_assert_not_reached(); -} diff --git a/target/ppc/timebase_helper.c b/target/ppc/timebase_helper.c index f618ed2922..39d397416e 100644 --- a/target/ppc/timebase_helper.c +++ b/target/ppc/timebase_helper.c @@ -18,6 +18,7 @@ */ #include "qemu/osdep.h" #include "cpu.h" +#include "hw/ppc/ppc.h" #include "exec/helper-proto.h" #include "exec/exec-all.h" #include "qemu/log.h" @@ -59,19 +60,55 @@ target_ulong helper_load_purr(CPUPPCState *env) void helper_store_purr(CPUPPCState *env, target_ulong val) { - cpu_ppc_store_purr(env, val); + CPUState *cs = env_cpu(env); + CPUState *ccs; + uint32_t nr_threads = cs->nr_threads; + + if (nr_threads == 1 || !(env->flags & POWERPC_FLAG_SMT_1LPAR)) { + cpu_ppc_store_purr(env, val); + return; + } + + THREAD_SIBLING_FOREACH(cs, ccs) { + CPUPPCState *cenv = &POWERPC_CPU(ccs)->env; + cpu_ppc_store_purr(cenv, val); + } } #endif #if !defined(CONFIG_USER_ONLY) void helper_store_tbl(CPUPPCState *env, target_ulong val) { - cpu_ppc_store_tbl(env, val); + CPUState *cs = env_cpu(env); + CPUState *ccs; + uint32_t nr_threads = cs->nr_threads; + + if (nr_threads == 1 || !(env->flags & POWERPC_FLAG_SMT_1LPAR)) { + cpu_ppc_store_tbl(env, val); + return; + } + + THREAD_SIBLING_FOREACH(cs, ccs) { + CPUPPCState *cenv = &POWERPC_CPU(ccs)->env; + cpu_ppc_store_tbl(cenv, val); + } } void helper_store_tbu(CPUPPCState *env, target_ulong val) { - cpu_ppc_store_tbu(env, val); + CPUState *cs = env_cpu(env); + CPUState *ccs; + uint32_t nr_threads = cs->nr_threads; + + if (nr_threads == 1 || !(env->flags & POWERPC_FLAG_SMT_1LPAR)) { + cpu_ppc_store_tbu(env, val); + return; + } + + THREAD_SIBLING_FOREACH(cs, ccs) { + CPUPPCState *cenv = &POWERPC_CPU(ccs)->env; + cpu_ppc_store_tbu(cenv, val); + } } void helper_store_atbl(CPUPPCState *env, target_ulong val) @@ -101,17 +138,53 @@ target_ulong helper_load_hdecr(CPUPPCState *env) void helper_store_hdecr(CPUPPCState *env, target_ulong val) { - cpu_ppc_store_hdecr(env, val); + CPUState *cs = env_cpu(env); + CPUState *ccs; + uint32_t nr_threads = cs->nr_threads; + + if (nr_threads == 1 || !(env->flags & POWERPC_FLAG_SMT_1LPAR)) { + cpu_ppc_store_hdecr(env, val); + return; + } + + THREAD_SIBLING_FOREACH(cs, ccs) { + CPUPPCState *cenv = &POWERPC_CPU(ccs)->env; + cpu_ppc_store_hdecr(cenv, val); + } } void helper_store_vtb(CPUPPCState *env, target_ulong val) { - cpu_ppc_store_vtb(env, val); + CPUState *cs = env_cpu(env); + CPUState *ccs; + uint32_t nr_threads = cs->nr_threads; + + if (nr_threads == 1 || !(env->flags & POWERPC_FLAG_SMT_1LPAR)) { + cpu_ppc_store_vtb(env, val); + return; + } + + THREAD_SIBLING_FOREACH(cs, ccs) { + CPUPPCState *cenv = &POWERPC_CPU(ccs)->env; + cpu_ppc_store_vtb(cenv, val); + } } void helper_store_tbu40(CPUPPCState *env, target_ulong val) { - cpu_ppc_store_tbu40(env, val); + CPUState *cs = env_cpu(env); + CPUState *ccs; + uint32_t nr_threads = cs->nr_threads; + + if (nr_threads == 1 || !(env->flags & POWERPC_FLAG_SMT_1LPAR)) { + cpu_ppc_store_tbu40(env, val); + return; + } + + THREAD_SIBLING_FOREACH(cs, ccs) { + CPUPPCState *cenv = &POWERPC_CPU(ccs)->env; + cpu_ppc_store_tbu40(cenv, val); + } } target_ulong helper_load_40x_pit(CPUPPCState *env) @@ -145,15 +218,233 @@ void helper_store_booke_tsr(CPUPPCState *env, target_ulong val) } #if defined(TARGET_PPC64) -/* POWER processor Timebase Facility */ +/* + * POWER processor Timebase Facility + */ + +/* + * The TBST is the timebase state machine, which is a per-core machine that + * is used to synchronize the core TB with the ChipTOD. States 3,4,5 are + * not used in POWER8/9/10. + * + * The state machine gets driven by writes to TFMR SPR from the core, and + * by signals from the ChipTOD. The state machine table for common + * transitions is as follows (according to hardware specs, not necessarily + * this implementation): + * + * | Cur | Event | New | + * +----------------+----------------------------------+-----+ + * | 0 RESET | TFMR |= LOAD_TOD_MOD | 1 | + * | 1 SEND_TOD_MOD | "immediate transition" | 2 | + * | 2 NOT_SET | mttbu/mttbu40/mttbl | 2 | + * | 2 NOT_SET | TFMR |= MOVE_CHIP_TOD_TO_TB | 6 | + * | 6 SYNC_WAIT | "sync pulse from ChipTOD" | 7 | + * | 7 GET_TOD | ChipTOD xscom MOVE_TOD_TO_TB_REG | 8 | + * | 8 TB_RUNNING | mttbu/mttbu40 | 8 | + * | 8 TB_RUNNING | TFMR |= LOAD_TOD_MOD | 1 | + * | 8 TB_RUNNING | mttbl | 9 | + * | 9 TB_ERROR | TFMR |= CLEAR_TB_ERRORS | 0 | + * + * - LOAD_TOD_MOD will also move states 2,6 to state 1, omitted from table + * because it's not a typical init flow. + * + * - The ERROR state can be entered from most/all other states on invalid + * states (e.g., if some TFMR control bit is set from a state where it's + * not listed to cause a transition away from), omitted to avoid clutter. + * + * Note: mttbl causes a timebase error because this inevitably causes + * ticks to be lost and TB to become unsynchronized, whereas TB can be + * adjusted using mttbu* without losing ticks. mttbl behaviour is not + * modelled. + * + * Note: the TB state machine does not actually cause any real TB adjustment! + * TB starts out synchronized across all vCPUs (hardware threads) in + * QMEU, so for now the purpose of the TBST and ChipTOD model is simply + * to step through firmware initialisation sequences. + */ +static unsigned int tfmr_get_tb_state(uint64_t tfmr) +{ + return (tfmr & TFMR_TBST_ENCODED) >> (63 - 31); +} + +static uint64_t tfmr_new_tb_state(uint64_t tfmr, unsigned int tbst) +{ + tfmr &= ~TFMR_TBST_LAST; + tfmr |= (tfmr & TFMR_TBST_ENCODED) >> 4; /* move state to last state */ + tfmr &= ~TFMR_TBST_ENCODED; + tfmr |= (uint64_t)tbst << (63 - 31); /* move new state to state */ + + if (tbst == TBST_TB_RUNNING) { + tfmr |= TFMR_TB_VALID; + } else { + tfmr &= ~TFMR_TB_VALID; + } + + return tfmr; +} + +static void write_tfmr(CPUPPCState *env, target_ulong val) +{ + CPUState *cs = env_cpu(env); + + if (cs->nr_threads == 1) { + env->spr[SPR_TFMR] = val; + } else { + CPUState *ccs; + THREAD_SIBLING_FOREACH(cs, ccs) { + CPUPPCState *cenv = &POWERPC_CPU(ccs)->env; + cenv->spr[SPR_TFMR] = val; + } + } +} + +static void tb_state_machine_step(CPUPPCState *env) +{ + uint64_t tfmr = env->spr[SPR_TFMR]; + unsigned int tbst = tfmr_get_tb_state(tfmr); + + if (!(tfmr & TFMR_TB_ECLIPZ) || tbst == TBST_TB_ERROR) { + return; + } + + if (env->pnv_tod_tbst.tb_sync_pulse_timer) { + env->pnv_tod_tbst.tb_sync_pulse_timer--; + } else { + tfmr |= TFMR_TB_SYNC_OCCURED; + write_tfmr(env, tfmr); + } + + if (env->pnv_tod_tbst.tb_state_timer) { + env->pnv_tod_tbst.tb_state_timer--; + return; + } + + if (tfmr & TFMR_LOAD_TOD_MOD) { + tfmr &= ~TFMR_LOAD_TOD_MOD; + if (tbst == TBST_GET_TOD) { + tfmr = tfmr_new_tb_state(tfmr, TBST_TB_ERROR); + tfmr |= TFMR_FIRMWARE_CONTROL_ERROR; + } else { + tfmr = tfmr_new_tb_state(tfmr, TBST_SEND_TOD_MOD); + /* State seems to transition immediately */ + tfmr = tfmr_new_tb_state(tfmr, TBST_NOT_SET); + } + } else if (tfmr & TFMR_MOVE_CHIP_TOD_TO_TB) { + if (tbst == TBST_SYNC_WAIT) { + tfmr = tfmr_new_tb_state(tfmr, TBST_GET_TOD); + env->pnv_tod_tbst.tb_state_timer = 3; + } else if (tbst == TBST_GET_TOD) { + if (env->pnv_tod_tbst.tod_sent_to_tb) { + tfmr = tfmr_new_tb_state(tfmr, TBST_TB_RUNNING); + tfmr &= ~TFMR_MOVE_CHIP_TOD_TO_TB; + env->pnv_tod_tbst.tb_ready_for_tod = 0; + env->pnv_tod_tbst.tod_sent_to_tb = 0; + } + } else { + qemu_log_mask(LOG_GUEST_ERROR, "TFMR error: MOVE_CHIP_TOD_TO_TB " + "state machine in invalid state 0x%x\n", tbst); + tfmr = tfmr_new_tb_state(tfmr, TBST_TB_ERROR); + tfmr |= TFMR_FIRMWARE_CONTROL_ERROR; + env->pnv_tod_tbst.tb_ready_for_tod = 0; + } + } + + write_tfmr(env, tfmr); +} + target_ulong helper_load_tfmr(CPUPPCState *env) { - return env->spr[SPR_TFMR]; + tb_state_machine_step(env); + + return env->spr[SPR_TFMR] | TFMR_TB_ECLIPZ; } void helper_store_tfmr(CPUPPCState *env, target_ulong val) { - env->spr[SPR_TFMR] = val; + uint64_t tfmr = env->spr[SPR_TFMR]; + uint64_t clear_on_write; + unsigned int tbst = tfmr_get_tb_state(tfmr); + + if (!(val & TFMR_TB_ECLIPZ)) { + qemu_log_mask(LOG_UNIMP, "TFMR non-ECLIPZ mode not implemented\n"); + tfmr &= ~TFMR_TBST_ENCODED; + tfmr &= ~TFMR_TBST_LAST; + goto out; + } + + /* Update control bits */ + tfmr = (tfmr & ~TFMR_CONTROL_MASK) | (val & TFMR_CONTROL_MASK); + + /* Several bits are clear-on-write, only one is implemented so far */ + clear_on_write = val & TFMR_FIRMWARE_CONTROL_ERROR; + tfmr &= ~clear_on_write; + + /* + * mtspr always clears this. The sync pulse timer makes it come back + * after the second mfspr. + */ + tfmr &= ~TFMR_TB_SYNC_OCCURED; + env->pnv_tod_tbst.tb_sync_pulse_timer = 1; + + if (ppc_cpu_tir(env_archcpu(env)) != 0 && + (val & (TFMR_LOAD_TOD_MOD | TFMR_MOVE_CHIP_TOD_TO_TB))) { + qemu_log_mask(LOG_UNIMP, "TFMR timebase state machine can only be " + "driven by thread 0\n"); + goto out; + } + + if (((tfmr | val) & (TFMR_LOAD_TOD_MOD | TFMR_MOVE_CHIP_TOD_TO_TB)) == + (TFMR_LOAD_TOD_MOD | TFMR_MOVE_CHIP_TOD_TO_TB)) { + qemu_log_mask(LOG_GUEST_ERROR, "TFMR error: LOAD_TOD_MOD and " + "MOVE_CHIP_TOD_TO_TB both set\n"); + tfmr = tfmr_new_tb_state(tfmr, TBST_TB_ERROR); + tfmr |= TFMR_FIRMWARE_CONTROL_ERROR; + env->pnv_tod_tbst.tb_ready_for_tod = 0; + goto out; + } + + if (tfmr & TFMR_CLEAR_TB_ERRORS) { + /* + * Workbook says TFMR_CLEAR_TB_ERRORS should be written twice. + * This is not simulated/required here. + */ + tfmr = tfmr_new_tb_state(tfmr, TBST_RESET); + tfmr &= ~TFMR_CLEAR_TB_ERRORS; + tfmr &= ~TFMR_LOAD_TOD_MOD; + tfmr &= ~TFMR_MOVE_CHIP_TOD_TO_TB; + tfmr &= ~TFMR_FIRMWARE_CONTROL_ERROR; /* XXX: should this be cleared? */ + env->pnv_tod_tbst.tb_ready_for_tod = 0; + env->pnv_tod_tbst.tod_sent_to_tb = 0; + goto out; + } + + if (tbst == TBST_TB_ERROR) { + qemu_log_mask(LOG_GUEST_ERROR, "TFMR error: mtspr TFMR in TB_ERROR" + " state\n"); + tfmr |= TFMR_FIRMWARE_CONTROL_ERROR; + return; + } + + if (tfmr & TFMR_LOAD_TOD_MOD) { + /* Wait for an arbitrary 3 mfspr until the next state transition. */ + env->pnv_tod_tbst.tb_state_timer = 3; + } else if (tfmr & TFMR_MOVE_CHIP_TOD_TO_TB) { + if (tbst == TBST_NOT_SET) { + tfmr = tfmr_new_tb_state(tfmr, TBST_SYNC_WAIT); + env->pnv_tod_tbst.tb_ready_for_tod = 1; + env->pnv_tod_tbst.tb_state_timer = 3; /* arbitrary */ + } else { + qemu_log_mask(LOG_GUEST_ERROR, "TFMR error: MOVE_CHIP_TOD_TO_TB " + "not in TB not set state 0x%x\n", + tbst); + tfmr = tfmr_new_tb_state(tfmr, TBST_TB_ERROR); + tfmr |= TFMR_FIRMWARE_CONTROL_ERROR; + env->pnv_tod_tbst.tb_ready_for_tod = 0; + } + } + +out: + write_tfmr(env, tfmr); } #endif diff --git a/target/ppc/translate.c b/target/ppc/translate.c index 049f636927..28fc7791af 100644 --- a/target/ppc/translate.c +++ b/target/ppc/translate.c @@ -247,13 +247,24 @@ static inline bool gen_serialize(DisasContext *ctx) return true; } -#if defined(TARGET_PPC64) && !defined(CONFIG_USER_ONLY) +#if !defined(CONFIG_USER_ONLY) +#if defined(TARGET_PPC64) +static inline bool gen_serialize_core(DisasContext *ctx) +{ + if (ctx->flags & POWERPC_FLAG_SMT) { + return gen_serialize(ctx); + } + return true; +} +#endif + static inline bool gen_serialize_core_lpar(DisasContext *ctx) { +#if defined(TARGET_PPC64) if (ctx->flags & POWERPC_FLAG_SMT_1LPAR) { return gen_serialize(ctx); } - +#endif return true; } #endif @@ -667,12 +678,20 @@ void spr_read_atbu(DisasContext *ctx, int gprn, int sprn) #if !defined(CONFIG_USER_ONLY) void spr_write_tbl(DisasContext *ctx, int sprn, int gprn) { + if (!gen_serialize_core_lpar(ctx)) { + return; + } + translator_io_start(&ctx->base); gen_helper_store_tbl(tcg_env, cpu_gpr[gprn]); } void spr_write_tbu(DisasContext *ctx, int sprn, int gprn) { + if (!gen_serialize_core_lpar(ctx)) { + return; + } + translator_io_start(&ctx->base); gen_helper_store_tbu(tcg_env, cpu_gpr[gprn]); } @@ -696,6 +715,9 @@ void spr_read_purr(DisasContext *ctx, int gprn, int sprn) void spr_write_purr(DisasContext *ctx, int sprn, int gprn) { + if (!gen_serialize_core_lpar(ctx)) { + return; + } translator_io_start(&ctx->base); gen_helper_store_purr(tcg_env, cpu_gpr[gprn]); } @@ -709,6 +731,9 @@ void spr_read_hdecr(DisasContext *ctx, int gprn, int sprn) void spr_write_hdecr(DisasContext *ctx, int sprn, int gprn) { + if (!gen_serialize_core_lpar(ctx)) { + return; + } translator_io_start(&ctx->base); gen_helper_store_hdecr(tcg_env, cpu_gpr[gprn]); } @@ -721,12 +746,18 @@ void spr_read_vtb(DisasContext *ctx, int gprn, int sprn) void spr_write_vtb(DisasContext *ctx, int sprn, int gprn) { + if (!gen_serialize_core_lpar(ctx)) { + return; + } translator_io_start(&ctx->base); gen_helper_store_vtb(tcg_env, cpu_gpr[gprn]); } void spr_write_tbu40(DisasContext *ctx, int sprn, int gprn) { + if (!gen_serialize_core_lpar(ctx)) { + return; + } translator_io_start(&ctx->base); gen_helper_store_tbu40(tcg_env, cpu_gpr[gprn]); } @@ -1220,11 +1251,18 @@ void spr_write_hmer(DisasContext *ctx, int sprn, int gprn) void spr_read_tfmr(DisasContext *ctx, int gprn, int sprn) { + /* Reading TFMR can cause it to be updated, so serialize threads here too */ + if (!gen_serialize_core(ctx)) { + return; + } gen_helper_load_tfmr(cpu_gpr[gprn], tcg_env); } void spr_write_tfmr(DisasContext *ctx, int sprn, int gprn) { + if (!gen_serialize_core(ctx)) { + return; + } gen_helper_store_tfmr(tcg_env, cpu_gpr[gprn]); } diff --git a/target/ppc/translate/vsx-impl.c.inc b/target/ppc/translate/vsx-impl.c.inc index 6db87ab336..0266f09119 100644 --- a/target/ppc/translate/vsx-impl.c.inc +++ b/target/ppc/translate/vsx-impl.c.inc @@ -2268,7 +2268,7 @@ static bool do_lstxv(DisasContext *ctx, int ra, TCGv displ, static bool do_lstxv_D(DisasContext *ctx, arg_D *a, bool store, bool paired) { - if (paired || a->rt >= 32) { + if (paired || a->rt < 32) { REQUIRE_VSX(ctx); } else { REQUIRE_VECTOR(ctx); |