aboutsummaryrefslogtreecommitdiff
path: root/target-arm
AgeCommit message (Collapse)Author
2015-06-02target-arm: Add TPIDR_EL2Edgar E. Iglesias
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1432881807-18164-7-git-send-email-edgar.iglesias@gmail.com [PMM: reordered fields into preferred opc0/opc1/crn/crm/opc2 order] Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-02target-arm: Add SCTLR_EL2Edgar E. Iglesias
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1432881807-18164-6-git-send-email-edgar.iglesias@gmail.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-02target-arm: Add TCR_EL2Edgar E. Iglesias
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1432881807-18164-5-git-send-email-edgar.iglesias@gmail.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-02target-arm: Add MAIR_EL2Edgar E. Iglesias
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1432881807-18164-4-git-send-email-edgar.iglesias@gmail.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-02target-arm: Break down TLB_LOCKDOWNEdgar E. Iglesias
Break down the overly broad wildcard definition of TLB_LOCKDOWN down to v7 level. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1432881807-18164-3-git-send-email-edgar.iglesias@gmail.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-06-02target-arm: Correct check for non-EL3Edgar E. Iglesias
This fixes a compile warning from clang 3.5 (the assertion could never fire). Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1432881807-18164-2-git-send-email-edgar.iglesias@gmail.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: John Snow <jsnow@redhat.com> [PMM: added note in commit message that this is fixing a build warning] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-29target-arm: Avoid buffer overrun on UNPREDICTABLE ldrd/strdPeter Maydell
A LDRD or STRD where rd is not an even number is UNPREDICTABLE. We were letting this fall through, which is OK unless rd is 15, in which case we would attempt to do a load_reg or store_reg to a nonexistent r16 for the second half of the double-word. Catch the odd-numbered-rd cases and UNDEF them instead. To do this we rearrange the structure of the code a little so we can put the UNDEF catches at the top before we've allocated TCG temporaries. Cc: qemu-stable@nongnu.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1431348973-21315-1-git-send-email-peter.maydell@linaro.org
2015-05-29target-arm: Add WFx instruction trap supportGreg Bellows
Add support for trapping WFI and WFE instructions to the proper EL when SCTLR/SCR/HCR settings apply. Signed-off-by: Greg Bellows <greg.bellows@linaro.org> [PMM: removed unnecessary tweaking of syn_wfx() prototype; use raise_exception(); don't trap on WFE (and add comment explaining why not); remove unnecessary ARM_FEATURE checks; trap to EL3, not EL1, if in S-EL0 and SCTLR check fires] Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2015-05-29target-arm: Don't halt on WFI unless we don't have any workPeter Maydell
Just NOP the WFI instruction if we have work to do. This doesn't make much difference currently (though it does avoid jumping out to the top level loop and immediately restarting), but the distinction between "halt" and "don't halt" will become more important when the decision to halt requires us to trap to a higher exception level instead. Suggested-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2015-05-29target-arm: Move TB flags down to fill gapPeter Maydell
Deleting the now-unused ARM_TBFLAG_CPACR_FPEN left a gap in the bit usage; move the following ARM_TBFLAG_XSCALE_CPAR and ARM_TBFLAG_NS_SHIFT down 3 bits to fill the gap. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2015-05-29target-arm: Extend FP checks to use an ELGreg Bellows
Extend the ARM disassemble context to take a target exception EL instead of a boolean enable. This change reverses the polarity of the check making a value of 0 indicate floating point enabled (no exception). Signed-off-by: Greg Bellows <greg.bellows@linaro.org> [PMM: Use a common TB flag field for AArch32 and AArch64; CPTR_EL2 exists in v7; CPTR_EL2 should trap for EL2 accesses; CPTR_EL2 should not trap for secure accesses; CPTR_EL3 should trap for EL3 accesses; CPACR traps for secure accesses should trap to EL3 if EL3 is AArch32] Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2015-05-29target-arm: Make singlestate TB flags common between AArch32/64Peter Maydell
Currently we keep the TB flags PSTATE_SS and SS_ACTIVE in different bit positions for AArch64 and AArch32. Replace these separate definitions with a single common flag in the upper part of the flags word. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2015-05-29target-arm: Add AArch64 CPTR registersGreg Bellows
Adds CPTR_EL2/3 system registers definitions and access function. Signed-off-by: Greg Bellows <greg.bellows@linaro.org> [PMM: merge CPTR_EL2 and HCPTR definitions into a single def using STATE_BOTH; don't use readfn/writefn to implement RAZ/WI registers; don't use accessfn for the no-EL2 CPTR_EL2; fix cpacr_access logic to catch EL2 accesses to CPACR being trapped to EL3; use new CP_ACCESS_TRAP_EL[23] rather than setting exception.target_el directly] Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2015-05-29target-arm: Allow cp access functions to indicate traps to EL2 or EL3Peter Maydell
Some coprocessor access functions will need to indicate that the instruction should trap to EL2 or EL3 rather than the default target exception level; add corresponding CPAccessResult enum entries and handling code. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2015-05-29target-arm: Update interrupt handling to use target ELGreg Bellows
Updated the interrupt handling to utilize and report through the target EL exception field. This includes consolidating and cleaning up code where needed. Target EL is now calculated once in arm_cpu_exec_interrupt() and do_interrupt was updated to use the target_el exception field. The necessary code from arm_excp_target_el() was merged in where needed and the function removed. Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Acked-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1429722561-12651-4-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-29target-arm: Make raise_exception() take syndrome and target ELPeter Maydell
Rather than making every caller of raise_exception set the syndrome and target EL by hand, make these arguments to raise_exception() and have that do the job. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2015-05-29target-arm: Set exception target EL in tlb_fillPeter Maydell
Set the exception target EL for MMU faults in tlb_fill. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2015-05-29target-arm: Move setting of exception info into tlb_fillPeter Maydell
Move the code which sets exception information out of arm_cpu_handle_mmu_fault and into tlb_fill. tlb_fill is the only caller which wants to raise_exception() so it makes more sense for it to handle the whole of the exception setup. As part of this cleanup, move the user-mode-only implementation function for the handle_mmu_fault CPU method into cpu.c so we don't need to make it globally visible, and rename the softmmu-only utility function arm_cpu_handle_mmu_fault to arm_tlb_fill so it's clear that it's not the same thing. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2015-05-29target-arm: Set correct syndrome for faults on MSR DAIF*, immPeter Maydell
If the SCTLR.UMA trap bit is set then attempts by EL0 to update the PSTATE DAIF bits via "MSR DAIFSet, imm" and "MSR DAIFClr, imm" instructions will raise an exception. We were failing to set the syndrome information for this exception, which meant that it would be reported as a repeat of whatever the previous exception was. Set the correct syndrome information. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2015-05-29target-arm: Extend helpers to route exceptionsGreg Bellows
Updated the various helper routines to set the target EL as needed using a dedicated function. Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Acked-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1429722561-12651-3-git-send-email-greg.bellows@linaro.org [PMM: Also set target_el in fault cases in access_check_cp_reg()] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-29target-arm: Add exception target el infrastructureGreg Bellows
Add a CPU state exception target EL field that will be used for communicating the EL to which an exception should be routed. Add a disassembly context field for tracking the EL3 architecture needed for determining the target exception EL. Add a target EL argument to the generic exception helper for callers to specify the EL to which the exception should be routed. Extended the helper to set the newly added CPU state exception target el. Added a function for setting the target exception EL and updated calls to helpers to call it. Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Acked-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1429722561-12651-2-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-18target-arm: Remove unneeded '+'Edgar E. Iglesias
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Message-id: 1431499963-1019-4-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-18target-arm: Correct accessfn for CNTV_TVAL_EL0Edgar E. Iglesias
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1431499963-1019-3-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-18target-arm: Correct accessfn for CNTP_{CT}VAL_EL0Edgar E. Iglesias
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1431499963-1019-2-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-18target-arm: Add WFx syndrome functionGreg Bellows
Adds a utility function for creating a WFx exception syndrome Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Acked-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1429722561-12651-9-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-18target-arm: Add EL3 and EL2 TCR checkingGreg Bellows
Updated get_phys_addr_lpae to check the appropriate TTBCR/TCR depending on the current EL. Support includes using the different TCR format as well as checks to insure TTBR1 is not used when in EL2 or EL3. Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Acked-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1429722561-12651-8-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-18target-arm: Add TTBR regime function and useGreg Bellows
Add a utility function for choosing the correct TTBR system register based on the specified MMU index. Add use of function on physical address lookup. Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Acked-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1429722561-12651-7-git-send-email-greg.bellows@linaro.org [PMM: fixed regime_ttbr() return type to be uint64_t] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-18target-arm: cpu64: Add support for Cortex-A53Peter Crosthwaite
Add the ARM Cortex-A53 processor definition. Similar to A57, but with different L1 I cache policy, phys addr size and different cache geometries. The cache sizes is implementation configurable, but use these values (from Xilinx Zynq MPSoC) as a default until cache size configurability is added. Acked-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Message-id: db439ff834cf0431bc192b05272a3b28fe2045d0.1431381507.git.peter.crosthwaite@xilinx.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-18target-arm: cpu64: generalise name of A57 regsPeter Crosthwaite
Rename some A57 CP register variables in preparation for support for Cortex A53. Use "a57_a53" to describe the shareable features. Some of the CP15 registers (such as ACTLR) are specific to implementation, but we currently just RAZ them so continue with that as the policy for both A57 and A53 processors under a shared definition. Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Message-id: 5a5f957994677d91435190b3be1cefa6f657e274.1431381507.git.peter.crosthwaite@xilinx.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-05-14tcg: Push merged memop+mmu_idx parameter to softmmu routinesRichard Henderson
The extra information is not yet used but it is now available. This requires minor changes through all of the tcg backends. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <rth@twiddle.net>
2015-05-11Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into stagingPeter Maydell
- build bugfix from Fam and new configure check from Emilio - two improvements to "info mtere" from Gerd - KVM support for memory transaction attributes - one more small step towards unlocked MMIO dispatch - one piece of the qemu-nbd errno fixes - trivial-ish patches from Denis and Thomas # gpg: Signature made Fri May 8 13:47:29 2015 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" # gpg: WARNING: This key is not certified with sufficiently trusted signatures! # gpg: It is not certain that the signature belongs to the owner. # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: qemu-nbd: only send a limited number of errno codes on the wire rules.mak: Force CFLAGS for all objects in DSO configure: require __thread support exec: move rcu_read_lock/unlock to address_space_translate callers kvm: add support for memory transaction attributes mtree: also print disabled regions mtree: tag & indent a bit better apic_common: improve readability of apic_reset_common kvm: Silence warning from valgrind Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-04-30kvm: add support for memory transaction attributesPaolo Bonzini
Let kvm_arch_post_run convert fields in the kvm_run struct to MemTxAttrs. These are then passed to address_space_rw. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-04-30tcg: Delete unused cpu_pc_from_tb()Peter Crosthwaite
No code uses the cpu_pc_from_tb() function. Delete from tricore and arm which each provide an unused implementation. Update the comment in tcg.h to reflect that this is obsoleted by synchronize_from_tb. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-04-30arm: cpu.h: Remove unused typdefsPeter Crosthwaite
These CP accessor function prototypes are unused. Remove them. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-04-26Allow ARMv8 SCR.SMD updatesGreg Bellows
Updated scr_write to always allow updates to the SCR.SMD bit on ARMv8 regardless of whether virtualization (EL2) is enabled or not. Signed-off-by: Greg Bellows <greg.bellows@linaro.org> Message-id: 1429888797-4378-1-git-send-email-greg.bellows@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-04-26target-arm: Adjust id_aa64pfr0 when has_el3 CPU property disabledSergey Fedorov
Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com> Message-id: 1429669112-29835-1-git-send-email-serge.fdrv@gmail.com Reviewed-by: Greg Bellows <greg.bellows@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-04-26target-arm: rename c1_coproc to cpacr_el1Sergey Fedorov
Rename the field holding CPACR_EL1 system register state in AArch64 naming style. Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com> [PMM: also fixed a couple of missed occurrences in cpu.c] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-04-26target-arm: Check watchpoints against CPU security statePeter Maydell
Fix a TODO in bp_wp_matches() now that we have a function for testing whether the CPU is currently in Secure mode or not. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
2015-04-26target-arm: Use attribute info to handle user-only watchpointsPeter Maydell
Now that we have memory access attribute information in the watchpoint checking code, we can correctly implement handling of watchpoints which should match only on userspace accesses, where LDRT/STRT/LDT/STT from EL1 are treated as userspace accesses. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
2015-04-26target-arm: Add user-mode transaction attributePeter Maydell
Add a transaction attribute indicating that a memory access is being done from user-mode (unprivileged). This corresponds to an equivalent signal in ARM AMBA buses. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
2015-04-26target-arm: Use correct memory attributes for page table walksPeter Maydell
Factor out the page table walk memory accesses into their own function, so that we can specify the correct S/NS memory attributes for them. This will also provide a place to use the correct endianness and handle the need for a stage-2 translation when virtualization is supported. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
2015-04-26target-arm: Honour NS bits in page tablesPeter Maydell
Honour the NS bit in ARM page tables: * when adding entries to the TLB, include the Secure/NonSecure transaction attribute * set the NS bit in the PAR when doing ATS operations Note that we don't yet correctly use the NSTable bit to cause the page table walk itself to use the right attributes. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
2015-04-01target-arm: kvm64 fix save/restore of SPSR regsAlex Bennée
The current code was negatively indexing the cpu state array and not synchronizing banked spsr register state with the current mode's spsr state, causing occasional failures with migration. Some munging is done to take care of the aarch64 mapping and also to ensure the most current value of the spsr is updated to the banked registers (relevant for KVM<->TCG migration). Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-04-01target-arm: kvm64 sync FP register stateAlex Bennée
For migration to work we need to sync all of the register state. This is especially noticeable when GCC starts using FP registers as spill registers even with integer programs. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-04-01target-arm: kvm: save/restore mp stateAlex Bennée
This adds the saving and restore of the current Multi-Processing state of the machine. While the KVM_GET/SET_MP_STATE API exposes a number of potential states for x86 we only use two for ARM. Either the process is running or not. We then save this state into the cpu_powered TCG state to avoid changing the serialisation format. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-04-01target-arm: Store SPSR_EL1 state in banked_spsr[1] (SPSR_svc)Peter Maydell
The AArch64 SPSR_EL1 register is architecturally mandated to be mapped to the AArch32 SPSR_svc register. This means its state should live in QEMU's env->banked_spsr[1] field. Correct the various places in the code that incorrectly put it in banked_spsr[0]. Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-03-16target-arm: Ignore low bit of PC in M-profile exception returnPeter Maydell
For the ARM M-profile cores, exception return pops various registers including the PC from the stack. The architecture defines that if the lowest bit in the new PC value is set (ie the PC is not halfword aligned) then behaviour is UNPREDICTABLE. In practice hardware implementations seem to simply ignore the low bit, and some buggy RTOSes incorrectly rely on this. QEMU's behaviour was architecturally permitted, but bringing QEMU into line with the hardware behaviour allows more guest code to run. We log the situation as a guest error. This was reported as LP:1428657. Reported-by: Anders Esbensen <anders@lyes.dk> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-03-16target-arm: Fix handling of STM (user) with r15 in register listPeter Maydell
The A32 encoding of LDM distinguishes LDM (user) from LDM (exception return) based on whether r15 is in the register list. However for STM (user) there is no equivalent distinction. We were incorrectly treating "r15 in list" as indicating exception return for both LDM and STM, with the result that an STM (user) involving r15 went into an infinite loop. Fix this; note that the value stored for r15 in this case is the current PC regardless of our current mode. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1426015125-5521-1-git-send-email-peter.maydell@linaro.org
2015-03-16target-arm: get_phys_addr_lpae: more xn controlAndrew Jones
This patch makes the following changes to the determination of whether an address is executable, when translating addresses using LPAE. 1. No longer assumes that PL0 can't execute when it can't read. It can in AArch64, a difference from AArch32. 2. Use va_size == 64 to determine we're in AArch64, rather than arm_feature(env, ARM_FEATURE_V8), which is insufficient. 3. Add additional XN determinants - NS && is_secure && (SCR & SCR_SIF) - WXN && (prot & PAGE_WRITE) - AArch64: (prot_PL0 & PAGE_WRITE) - AArch32: UWXN && (prot_PL0 & PAGE_WRITE) - XN determination should also work in secure mode (untested) - XN may even work in EL2 (currently impossible to test) 4. Cleans up the bloated PAGE_EXEC condition - by removing it. The helper get_S1prot is introduced. It may even work in EL2, when support for that comes, but, as the function name implies, it only works for stage 1 translations. Signed-off-by: Andrew Jones <drjones@redhat.com> Message-id: 1426099139-14463-4-git-send-email-drjones@redhat.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-03-16target-arm: fix get_phys_addr_v6/SCTLR_AFE access checkAndrew Jones
Introduce simple_ap_to_rw_prot(), which has the same behavior as ap_to_rw_prot(), but takes the 2-bit simple AP[2:1] instead of the 3-bit AP[2:0]. Use this in get_phys_addr_v6 when SCTLR_AFE is set, as that bit indicates we should be using the simple AP format. It's unlikely this path is getting used. I don't see CR_AFE getting used by Linux, so possibly not. If it had been, then the check would have been wrong for all but AP[2:1] = 0b11. Anyway, this should fix it up, in case it ever does get used. Signed-off-by: Andrew Jones <drjones@redhat.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1426099139-14463-3-git-send-email-drjones@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>