4 * Copyright (c) 2003-2005 Fabrice Bellard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
20 #include "qemu/osdep.h"
23 #include "exec/address-spaces.h"
25 /* Sparc MMU emulation */
27 #if defined(CONFIG_USER_ONLY)
29 int sparc_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int rw,
33 cs->exception_index = TT_TFAULT;
35 cs->exception_index = TT_DFAULT;
42 #ifndef TARGET_SPARC64
44 * Sparc V8 Reference MMU (SRMMU)
46 static const int access_table[8][8] = {
47 { 0, 0, 0, 0, 8, 0, 12, 12 },
48 { 0, 0, 0, 0, 8, 0, 0, 0 },
49 { 8, 8, 0, 0, 0, 8, 12, 12 },
50 { 8, 8, 0, 0, 0, 8, 0, 0 },
51 { 8, 0, 8, 0, 8, 8, 12, 12 },
52 { 8, 0, 8, 0, 8, 0, 8, 0 },
53 { 8, 8, 8, 0, 8, 8, 12, 12 },
54 { 8, 8, 8, 0, 8, 8, 8, 0 }
57 static const int perm_table[2][8] = {
60 PAGE_READ | PAGE_WRITE,
61 PAGE_READ | PAGE_EXEC,
62 PAGE_READ | PAGE_WRITE | PAGE_EXEC,
64 PAGE_READ | PAGE_WRITE,
65 PAGE_READ | PAGE_EXEC,
66 PAGE_READ | PAGE_WRITE | PAGE_EXEC
70 PAGE_READ | PAGE_WRITE,
71 PAGE_READ | PAGE_EXEC,
72 PAGE_READ | PAGE_WRITE | PAGE_EXEC,
80 static int get_physical_address(CPUSPARCState *env, hwaddr *physical,
81 int *prot, int *access_index,
82 target_ulong address, int rw, int mmu_idx,
83 target_ulong *page_size)
88 int error_code = 0, is_dirty, is_user;
89 unsigned long page_offset;
90 CPUState *cs = CPU(sparc_env_get_cpu(env));
92 is_user = mmu_idx == MMU_USER_IDX;
94 if ((env->mmuregs[0] & MMU_E) == 0) { /* MMU disabled */
95 *page_size = TARGET_PAGE_SIZE;
96 /* Boot mode: instruction fetches are taken from PROM */
97 if (rw == 2 && (env->mmuregs[0] & env->def->mmu_bm)) {
98 *physical = env->prom_addr | (address & 0x7ffffULL);
99 *prot = PAGE_READ | PAGE_EXEC;
103 *prot = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
107 *access_index = ((rw & 1) << 2) | (rw & 2) | (is_user ? 0 : 1);
108 *physical = 0xffffffffffff0000ULL;
110 /* SPARC reference MMU table walk: Context table->L1->L2->PTE */
111 /* Context base + context number */
112 pde_ptr = (env->mmuregs[1] << 4) + (env->mmuregs[2] << 2);
113 pde = ldl_phys(cs->as, pde_ptr);
116 switch (pde & PTE_ENTRYTYPE_MASK) {
118 case 0: /* Invalid */
120 case 2: /* L0 PTE, maybe should not happen? */
121 case 3: /* Reserved */
124 pde_ptr = ((address >> 22) & ~3) + ((pde & ~3) << 4);
125 pde = ldl_phys(cs->as, pde_ptr);
127 switch (pde & PTE_ENTRYTYPE_MASK) {
129 case 0: /* Invalid */
130 return (1 << 8) | (1 << 2);
131 case 3: /* Reserved */
132 return (1 << 8) | (4 << 2);
134 pde_ptr = ((address & 0xfc0000) >> 16) + ((pde & ~3) << 4);
135 pde = ldl_phys(cs->as, pde_ptr);
137 switch (pde & PTE_ENTRYTYPE_MASK) {
139 case 0: /* Invalid */
140 return (2 << 8) | (1 << 2);
141 case 3: /* Reserved */
142 return (2 << 8) | (4 << 2);
144 pde_ptr = ((address & 0x3f000) >> 10) + ((pde & ~3) << 4);
145 pde = ldl_phys(cs->as, pde_ptr);
147 switch (pde & PTE_ENTRYTYPE_MASK) {
149 case 0: /* Invalid */
150 return (3 << 8) | (1 << 2);
151 case 1: /* PDE, should not happen */
152 case 3: /* Reserved */
153 return (3 << 8) | (4 << 2);
157 *page_size = TARGET_PAGE_SIZE;
160 page_offset = address & 0x3f000;
161 *page_size = 0x40000;
165 page_offset = address & 0xfff000;
166 *page_size = 0x1000000;
171 access_perms = (pde & PTE_ACCESS_MASK) >> PTE_ACCESS_SHIFT;
172 error_code = access_table[*access_index][access_perms];
173 if (error_code && !((env->mmuregs[0] & MMU_NF) && is_user)) {
177 /* update page modified and dirty bits */
178 is_dirty = (rw & 1) && !(pde & PG_MODIFIED_MASK);
179 if (!(pde & PG_ACCESSED_MASK) || is_dirty) {
180 pde |= PG_ACCESSED_MASK;
182 pde |= PG_MODIFIED_MASK;
184 stl_phys_notdirty(cs->as, pde_ptr, pde);
187 /* the page can be put in the TLB */
188 *prot = perm_table[is_user][access_perms];
189 if (!(pde & PG_MODIFIED_MASK)) {
190 /* only set write access if already dirty... otherwise wait
192 *prot &= ~PAGE_WRITE;
195 /* Even if large ptes, we map only one 4KB page in the cache to
196 avoid filling it too fast */
197 *physical = ((hwaddr)(pde & PTE_ADDR_MASK) << 4) + page_offset;
201 /* Perform address translation */
202 int sparc_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int rw,
205 SPARCCPU *cpu = SPARC_CPU(cs);
206 CPUSPARCState *env = &cpu->env;
209 target_ulong page_size;
210 int error_code = 0, prot, access_index;
212 address &= TARGET_PAGE_MASK;
213 error_code = get_physical_address(env, &paddr, &prot, &access_index,
214 address, rw, mmu_idx, &page_size);
216 if (error_code == 0) {
217 qemu_log_mask(CPU_LOG_MMU,
218 "Translate at %" VADDR_PRIx " -> " TARGET_FMT_plx ", vaddr "
219 TARGET_FMT_lx "\n", address, paddr, vaddr);
220 tlb_set_page(cs, vaddr, paddr, prot, mmu_idx, page_size);
224 if (env->mmuregs[3]) { /* Fault status register */
225 env->mmuregs[3] = 1; /* overflow (not read before another fault) */
227 env->mmuregs[3] |= (access_index << 5) | error_code | 2;
228 env->mmuregs[4] = address; /* Fault address register */
230 if ((env->mmuregs[0] & MMU_NF) || env->psret == 0) {
231 /* No fault mode: if a mapping is available, just override
232 permissions. If no mapping is available, redirect accesses to
233 neverland. Fake/overridden mappings will be flushed when
234 switching to normal mode. */
235 prot = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
236 tlb_set_page(cs, vaddr, paddr, prot, mmu_idx, TARGET_PAGE_SIZE);
240 cs->exception_index = TT_TFAULT;
242 cs->exception_index = TT_DFAULT;
248 target_ulong mmu_probe(CPUSPARCState *env, target_ulong address, int mmulev)
250 CPUState *cs = CPU(sparc_env_get_cpu(env));
254 /* Context base + context number */
255 pde_ptr = (hwaddr)(env->mmuregs[1] << 4) +
256 (env->mmuregs[2] << 2);
257 pde = ldl_phys(cs->as, pde_ptr);
259 switch (pde & PTE_ENTRYTYPE_MASK) {
261 case 0: /* Invalid */
262 case 2: /* PTE, maybe should not happen? */
263 case 3: /* Reserved */
269 pde_ptr = ((address >> 22) & ~3) + ((pde & ~3) << 4);
270 pde = ldl_phys(cs->as, pde_ptr);
272 switch (pde & PTE_ENTRYTYPE_MASK) {
274 case 0: /* Invalid */
275 case 3: /* Reserved */
283 pde_ptr = ((address & 0xfc0000) >> 16) + ((pde & ~3) << 4);
284 pde = ldl_phys(cs->as, pde_ptr);
286 switch (pde & PTE_ENTRYTYPE_MASK) {
288 case 0: /* Invalid */
289 case 3: /* Reserved */
297 pde_ptr = ((address & 0x3f000) >> 10) + ((pde & ~3) << 4);
298 pde = ldl_phys(cs->as, pde_ptr);
300 switch (pde & PTE_ENTRYTYPE_MASK) {
302 case 0: /* Invalid */
303 case 1: /* PDE, should not happen */
304 case 3: /* Reserved */
315 void dump_mmu(FILE *f, fprintf_function cpu_fprintf, CPUSPARCState *env)
317 CPUState *cs = CPU(sparc_env_get_cpu(env));
318 target_ulong va, va1, va2;
319 unsigned int n, m, o;
323 pde_ptr = (env->mmuregs[1] << 4) + (env->mmuregs[2] << 2);
324 pde = ldl_phys(cs->as, pde_ptr);
325 (*cpu_fprintf)(f, "Root ptr: " TARGET_FMT_plx ", ctx: %d\n",
326 (hwaddr)env->mmuregs[1] << 4, env->mmuregs[2]);
327 for (n = 0, va = 0; n < 256; n++, va += 16 * 1024 * 1024) {
328 pde = mmu_probe(env, va, 2);
330 pa = cpu_get_phys_page_debug(cs, va);
331 (*cpu_fprintf)(f, "VA: " TARGET_FMT_lx ", PA: " TARGET_FMT_plx
332 " PDE: " TARGET_FMT_lx "\n", va, pa, pde);
333 for (m = 0, va1 = va; m < 64; m++, va1 += 256 * 1024) {
334 pde = mmu_probe(env, va1, 1);
336 pa = cpu_get_phys_page_debug(cs, va1);
337 (*cpu_fprintf)(f, " VA: " TARGET_FMT_lx ", PA: "
338 TARGET_FMT_plx " PDE: " TARGET_FMT_lx "\n",
340 for (o = 0, va2 = va1; o < 64; o++, va2 += 4 * 1024) {
341 pde = mmu_probe(env, va2, 0);
343 pa = cpu_get_phys_page_debug(cs, va2);
344 (*cpu_fprintf)(f, " VA: " TARGET_FMT_lx ", PA: "
345 TARGET_FMT_plx " PTE: "
356 /* Gdb expects all registers windows to be flushed in ram. This function handles
357 * reads (and only reads) in stack frames as if windows were flushed. We assume
358 * that the sparc ABI is followed.
360 int sparc_cpu_memory_rw_debug(CPUState *cs, vaddr address,
361 uint8_t *buf, int len, bool is_write)
363 SPARCCPU *cpu = SPARC_CPU(cs);
364 CPUSPARCState *env = &cpu->env;
365 target_ulong addr = address;
371 for (i = 0; i < env->nwindows; i++) {
373 target_ulong fp = env->regbase[cwp * 16 + 22];
375 /* Assume fp == 0 means end of frame. */
380 cwp = cpu_cwp_inc(env, cwp + 1);
382 /* Invalid window ? */
383 if (env->wim & (1 << cwp)) {
387 /* According to the ABI, the stack is growing downward. */
388 if (addr + len < fp) {
392 /* Not in this frame. */
393 if (addr > fp + 64) {
397 /* Handle access before this window. */
400 if (cpu_memory_rw_debug(cs, addr, buf, len1, is_write) != 0) {
408 /* Access byte per byte to registers. Not very efficient but speed
418 for (; len1; len1--) {
419 int reg = cwp * 16 + 8 + (off >> 2);
424 u.v = cpu_to_be32(env->regbase[reg]);
425 *buf++ = u.c[off & 3];
436 return cpu_memory_rw_debug(cs, addr, buf, len, is_write);
439 #else /* !TARGET_SPARC64 */
441 /* 41 bit physical address space */
442 static inline hwaddr ultrasparc_truncate_physical(uint64_t x)
444 return x & 0x1ffffffffffULL;
448 * UltraSparc IIi I/DMMUs
451 /* Returns true if TTE tag is valid and matches virtual address value
452 in context requires virtual address mask value calculated from TTE
454 static inline int ultrasparc_tag_match(SparcTLBEntry *tlb,
455 uint64_t address, uint64_t context,
460 switch (TTE_PGSIZE(tlb->tte)) {
463 mask = 0xffffffffffffe000ULL;
466 mask = 0xffffffffffff0000ULL;
469 mask = 0xfffffffffff80000ULL;
472 mask = 0xffffffffffc00000ULL;
476 /* valid, context match, virtual address match? */
477 if (TTE_IS_VALID(tlb->tte) &&
478 (TTE_IS_GLOBAL(tlb->tte) || tlb_compare_context(tlb, context))
479 && compare_masked(address, tlb->tag, mask)) {
480 /* decode physical address */
481 *physical = ((tlb->tte & mask) | (address & ~mask)) & 0x1ffffffe000ULL;
488 static int get_physical_address_data(CPUSPARCState *env,
489 hwaddr *physical, int *prot,
490 target_ulong address, int rw, int mmu_idx)
492 CPUState *cs = CPU(sparc_env_get_cpu(env));
497 int is_user = (mmu_idx == MMU_USER_IDX ||
498 mmu_idx == MMU_USER_SECONDARY_IDX);
500 if ((env->lsu & DMMU_E) == 0) { /* DMMU disabled */
501 *physical = ultrasparc_truncate_physical(address);
502 *prot = PAGE_READ | PAGE_WRITE;
509 context = env->dmmu.mmu_primary_context & 0x1fff;
510 sfsr |= SFSR_CT_PRIMARY;
512 case MMU_USER_SECONDARY_IDX:
513 case MMU_KERNEL_SECONDARY_IDX:
514 context = env->dmmu.mmu_secondary_context & 0x1fff;
515 sfsr |= SFSR_CT_SECONDARY;
517 case MMU_NUCLEUS_IDX:
518 sfsr |= SFSR_CT_NUCLEUS;
526 sfsr |= SFSR_WRITE_BIT;
527 } else if (rw == 4) {
531 for (i = 0; i < 64; i++) {
532 /* ctx match, vaddr match, valid? */
533 if (ultrasparc_tag_match(&env->dtlb[i], address, context, physical)) {
537 /* multiple bits in SFSR.FT may be set on TT_DFAULT */
538 if (TTE_IS_PRIV(env->dtlb[i].tte) && is_user) {
540 sfsr |= SFSR_FT_PRIV_BIT; /* privilege violation */
541 trace_mmu_helper_dfault(address, context, mmu_idx, env->tl);
544 if (TTE_IS_SIDEEFFECT(env->dtlb[i].tte)) {
546 sfsr |= SFSR_FT_NF_E_BIT;
549 if (TTE_IS_NFO(env->dtlb[i].tte)) {
551 sfsr |= SFSR_FT_NFO_BIT;
556 /* faults above are reported with TT_DFAULT. */
557 cs->exception_index = TT_DFAULT;
558 } else if (!TTE_IS_W_OK(env->dtlb[i].tte) && (rw == 1)) {
560 cs->exception_index = TT_DPROT;
562 trace_mmu_helper_dprot(address, context, mmu_idx, env->tl);
567 if (TTE_IS_W_OK(env->dtlb[i].tte)) {
571 TTE_SET_USED(env->dtlb[i].tte);
576 if (env->dmmu.sfsr & SFSR_VALID_BIT) { /* Fault status register */
577 sfsr |= SFSR_OW_BIT; /* overflow (not read before
581 if (env->pstate & PS_PRIV) {
585 /* FIXME: ASI field in SFSR must be set */
586 env->dmmu.sfsr = sfsr | SFSR_VALID_BIT;
588 env->dmmu.sfar = address; /* Fault address register */
590 env->dmmu.tag_access = (address & ~0x1fffULL) | context;
596 trace_mmu_helper_dmiss(address, context);
600 * - UltraSPARC IIi: SFSR and SFAR unmodified
601 * - JPS1: SFAR updated and some fields of SFSR updated
603 env->dmmu.tag_access = (address & ~0x1fffULL) | context;
604 cs->exception_index = TT_DMISS;
608 static int get_physical_address_code(CPUSPARCState *env,
609 hwaddr *physical, int *prot,
610 target_ulong address, int mmu_idx)
612 CPUState *cs = CPU(sparc_env_get_cpu(env));
616 int is_user = (mmu_idx == MMU_USER_IDX ||
617 mmu_idx == MMU_USER_SECONDARY_IDX);
619 if ((env->lsu & IMMU_E) == 0 || (env->pstate & PS_RED) != 0) {
621 *physical = ultrasparc_truncate_physical(address);
627 /* PRIMARY context */
628 context = env->dmmu.mmu_primary_context & 0x1fff;
630 /* NUCLEUS context */
634 for (i = 0; i < 64; i++) {
635 /* ctx match, vaddr match, valid? */
636 if (ultrasparc_tag_match(&env->itlb[i],
637 address, context, physical)) {
639 if (TTE_IS_PRIV(env->itlb[i].tte) && is_user) {
640 /* Fault status register */
641 if (env->immu.sfsr & SFSR_VALID_BIT) {
642 env->immu.sfsr = SFSR_OW_BIT; /* overflow (not read before
647 if (env->pstate & PS_PRIV) {
648 env->immu.sfsr |= SFSR_PR_BIT;
651 env->immu.sfsr |= SFSR_CT_NUCLEUS;
654 /* FIXME: ASI field in SFSR must be set */
655 env->immu.sfsr |= SFSR_FT_PRIV_BIT | SFSR_VALID_BIT;
656 cs->exception_index = TT_TFAULT;
658 env->immu.tag_access = (address & ~0x1fffULL) | context;
660 trace_mmu_helper_tfault(address, context);
665 TTE_SET_USED(env->itlb[i].tte);
670 trace_mmu_helper_tmiss(address, context);
672 /* Context is stored in DMMU (dmmuregs[1]) also for IMMU */
673 env->immu.tag_access = (address & ~0x1fffULL) | context;
674 cs->exception_index = TT_TMISS;
678 static int get_physical_address(CPUSPARCState *env, hwaddr *physical,
679 int *prot, int *access_index,
680 target_ulong address, int rw, int mmu_idx,
681 target_ulong *page_size)
683 /* ??? We treat everything as a small page, then explicitly flush
684 everything when an entry is evicted. */
685 *page_size = TARGET_PAGE_SIZE;
687 /* safety net to catch wrong softmmu index use from dynamic code */
688 if (env->tl > 0 && mmu_idx != MMU_NUCLEUS_IDX) {
690 trace_mmu_helper_get_phys_addr_code(env->tl, mmu_idx,
691 env->dmmu.mmu_primary_context,
692 env->dmmu.mmu_secondary_context,
695 trace_mmu_helper_get_phys_addr_data(env->tl, mmu_idx,
696 env->dmmu.mmu_primary_context,
697 env->dmmu.mmu_secondary_context,
703 return get_physical_address_code(env, physical, prot, address,
706 return get_physical_address_data(env, physical, prot, address, rw,
711 /* Perform address translation */
712 int sparc_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int rw,
715 SPARCCPU *cpu = SPARC_CPU(cs);
716 CPUSPARCState *env = &cpu->env;
719 target_ulong page_size;
720 int error_code = 0, prot, access_index;
722 address &= TARGET_PAGE_MASK;
723 error_code = get_physical_address(env, &paddr, &prot, &access_index,
724 address, rw, mmu_idx, &page_size);
725 if (error_code == 0) {
728 trace_mmu_helper_mmu_fault(address, paddr, mmu_idx, env->tl,
729 env->dmmu.mmu_primary_context,
730 env->dmmu.mmu_secondary_context);
732 tlb_set_page(cs, vaddr, paddr, prot, mmu_idx, page_size);
739 void dump_mmu(FILE *f, fprintf_function cpu_fprintf, CPUSPARCState *env)
744 (*cpu_fprintf)(f, "MMU contexts: Primary: %" PRId64 ", Secondary: %"
746 env->dmmu.mmu_primary_context,
747 env->dmmu.mmu_secondary_context);
748 if ((env->lsu & DMMU_E) == 0) {
749 (*cpu_fprintf)(f, "DMMU disabled\n");
751 (*cpu_fprintf)(f, "DMMU dump\n");
752 for (i = 0; i < 64; i++) {
753 switch (TTE_PGSIZE(env->dtlb[i].tte)) {
768 if (TTE_IS_VALID(env->dtlb[i].tte)) {
769 (*cpu_fprintf)(f, "[%02u] VA: %" PRIx64 ", PA: %llx"
770 ", %s, %s, %s, %s, ctx %" PRId64 " %s\n",
772 env->dtlb[i].tag & (uint64_t)~0x1fffULL,
773 TTE_PA(env->dtlb[i].tte),
775 TTE_IS_PRIV(env->dtlb[i].tte) ? "priv" : "user",
776 TTE_IS_W_OK(env->dtlb[i].tte) ? "RW" : "RO",
777 TTE_IS_LOCKED(env->dtlb[i].tte) ?
778 "locked" : "unlocked",
779 env->dtlb[i].tag & (uint64_t)0x1fffULL,
780 TTE_IS_GLOBAL(env->dtlb[i].tte) ?
785 if ((env->lsu & IMMU_E) == 0) {
786 (*cpu_fprintf)(f, "IMMU disabled\n");
788 (*cpu_fprintf)(f, "IMMU dump\n");
789 for (i = 0; i < 64; i++) {
790 switch (TTE_PGSIZE(env->itlb[i].tte)) {
805 if (TTE_IS_VALID(env->itlb[i].tte)) {
806 (*cpu_fprintf)(f, "[%02u] VA: %" PRIx64 ", PA: %llx"
807 ", %s, %s, %s, ctx %" PRId64 " %s\n",
809 env->itlb[i].tag & (uint64_t)~0x1fffULL,
810 TTE_PA(env->itlb[i].tte),
812 TTE_IS_PRIV(env->itlb[i].tte) ? "priv" : "user",
813 TTE_IS_LOCKED(env->itlb[i].tte) ?
814 "locked" : "unlocked",
815 env->itlb[i].tag & (uint64_t)0x1fffULL,
816 TTE_IS_GLOBAL(env->itlb[i].tte) ?
823 #endif /* TARGET_SPARC64 */
825 static int cpu_sparc_get_phys_page(CPUSPARCState *env, hwaddr *phys,
826 target_ulong addr, int rw, int mmu_idx)
828 target_ulong page_size;
829 int prot, access_index;
831 return get_physical_address(env, phys, &prot, &access_index, addr, rw,
832 mmu_idx, &page_size);
835 #if defined(TARGET_SPARC64)
836 hwaddr cpu_get_phys_page_nofault(CPUSPARCState *env, target_ulong addr,
841 if (cpu_sparc_get_phys_page(env, &phys_addr, addr, 4, mmu_idx) != 0) {
848 hwaddr sparc_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
850 SPARCCPU *cpu = SPARC_CPU(cs);
851 CPUSPARCState *env = &cpu->env;
853 int mmu_idx = cpu_mmu_index(env, false);
854 MemoryRegionSection section;
856 if (cpu_sparc_get_phys_page(env, &phys_addr, addr, 2, mmu_idx) != 0) {
857 if (cpu_sparc_get_phys_page(env, &phys_addr, addr, 0, mmu_idx) != 0) {
861 section = memory_region_find(get_system_memory(), phys_addr, 1);
862 memory_region_unref(section.mr);
863 if (!int128_nz(section.size)) {
Code Review / kvmfornfv.git / blob