aboutsummaryrefslogtreecommitdiff
path: root/target-ppc/cpu.h
AgeCommit message (Collapse)Author
2011-10-31ppc: Alter CPU state to mask out TCG unimplemented instructions as appropriateDavid Gibson
The CPU state contains two bitmaps, initialized from the CPU spec which describes which instructions are implemented on the CPU. A couple of bits are defined which cover instructions (VSX and DFP) which are not currently implemented in TCG. So far, these are only used to handle the case of -cpu host because a KVM guest can use the instructions when the host CPU supports them. However, it's a mild layering violation to simply not include those bits in the CPU descriptions for those CPUs that do support them, just because we can't handle them in TCG. This patch corrects the situation, so that the instruction bits _are_ shown correctly in the cpu spec table, but are masked out from the cpu state in the non-KVM case. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-10-30pseries: Correct vmx/dfp handling in both KVM and TCG casesDavid Gibson
Currently, when KVM is enabled, the pseries machine checks if the host CPU supports VMX, VSX and/or DFP instructions and advertises accordingly in the guest device tree. It does this regardless of what CPU is selected on the command line. On the other hand, when in TCG mode, it never advertises any of these facilities, even basic VMX (Altivec) which is supported in TCG. Now that we have a -cpu host option for ppc, it is fairly straightforward to fix both problems. This patch changes the -cpu host code to override the basic cpu spec derived from the PVR with information queried from the host avout VMX, VSX and DFP capability. The pseries code then uses the instruction availability advertised in the cpu state to set the guest device tree correctly for both the KVM and TCG cases. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-10-30PPC: Bump qemu-system-ppc to 64-bit physical address spaceAlexander Graf
Some 32-bit PPC CPUs can use up to 36 bit of physical address space. Treat them accordingly in the qemu-system-ppc binary type. Signed-off-by: Alexander Graf <agraf@suse.de>
2011-10-30ppc: First cut implementation of -cpu hostDavid Gibson
For convenience with kvm, x86 allows the user to specify -cpu host on the qemu command line, which means make the guest cpu the same as the host cpu. This patch implements the same option for ppc targets. For now, this just read the host PVR (Processor Version Register) and selects one of our existing CPU specs based on it. This means that the option will not work if the host cpu is not supported by TCG, even if that wouldn't matter for use under kvm. In future, we can extend this in future to override parts of the cpu spec based on information obtained from the host (via /proc/cpuinfo, the host device tree, or explicit KVM calls). That will let us handle cases where the real kvm-virtualized CPU doesn't behave exactly like the TCG-emulated CPU. With appropriate annotation of the CPU specs we'll also then be able to use host cpus under kvm even when there isn't a matching full TCG model. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-10-06PPC: booke timersFabien Chouteau
While working on the emulation of the freescale p2010 (e500v2) I realized that there's no implementation of booke's timers features. Currently mpc8544 uses ppc_emb (ppc_emb_timers_init) which is close but not exactly like booke (for example booke uses different SPR). Signed-off-by: Fabien Chouteau <chouteau@adacore.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-10-06Implement POWER7's CFAR in TCGDavid Gibson
This patch implements support for the CFAR SPR on POWER7 (Come From Address Register), which snapshots the PC value at the time of a branch or an rfid. The latest powerpc-next kernel also catches it and can show it in xmon or in the signal frames. This works well enough to let recent kernels boot (which otherwise oops on the CFAR access). It hasn't been tested enough to be confident that the CFAR values are actually accurate, but one thing at a time. Signed-off-by: Ben Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-10-06ppc: booke206: use MAV=2.0 TSIZE definition, fix 4G pagesScott Wood
This definition is backward compatible with MAV=1.0 as long as the guest does not set reserved bits in MAS1/MAS4. Also, fix the shift in booke206_tlb_to_page_size -- it's the base that should be able to hold a 4G page size, not the shift count. Signed-off-by: Scott Wood <scottwood@freescale.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-10-06ppc: booke206: add "info tlb" supportScott Wood
Signed-off-by: Scott Wood <scottwood@freescale.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-10-06kvm: ppc: booke206: use MMU APIScott Wood
Share the TLB array with KVM. This allows us to set the initial TLB both on initial boot and reset, is useful for debugging, and could eventually be used to support migration. Signed-off-by: Scott Wood <scottwood@freescale.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-08-23PPC: E500: Add ESR bit definitionsAlexander Graf
The BookE spec specifies a number of ESR bits. Add defines for them so we can use them later on. Reported-by: Jason Wessel <jason.wessel@windriver.com> Signed-off-by: Alexander Graf <agraf@suse.de> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2011-08-07Remove unused is_softmmu parameter from cpu_handle_mmu_faultBlue Swirl
Parameter is_softmmu (and its evil mutant twin brother is_softmuu) is not used in cpu_*_handle_mmu_fault() functions, remove them and adjust callers. Acked-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-07-12target-alpha, target-ppc: Remove unnecessary setjmp.h includePeter Maydell
Remove the include of setjmp.h from the cpu.h of target-alpha and target-ppc. This is unnecessary because cpu-defs.h already includes this header; this change brings these two targets into line with all the rest. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-07-01Merge branch 'ppc-next' of git://repo.or.cz/qemu/agrafBlue Swirl
* 'ppc-next' of git://repo.or.cz/qemu/agraf: PPC: move TLBs to their own arrays PPC: 440: Use 440 style MMU as default, so Qemu knows the MMU type PPC: E500: Use MAS registers instead of internal TLB representation PPC: Only set lower 32bits with mtmsr PPC: update openbios firmware PPC: mpc8544ds: Add hypervisor node PPC: calculate kernel,initrd,cmdline locations dynamically target-ppc: Handle memory-forced I/O controller access PPC: E500: Implement reboot controller
2011-06-26Move cpu_has_work and cpu_pc_from_tb to cpu.hBlue Swirl
Move functions cpu_has_work() and cpu_pc_from_tb() from exec.h to cpu.h. This is needed by later patches. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-06-17PPC: move TLBs to their own arraysAlexander Graf
Until now, we've created a union over multiple different TLB types and allocated that union. While it's a waste of memory (and cache) to allocate TLB information for a TLB type with much information when you only need little, it also inflicts another issue. With the new KVM API, we can now share the TLB between KVM and qemu, but for that to work we need to have both be in the same layout. We can't just stretch it over to fit some internal different TLB representation. Hence this patch moves all TLB types to their own array, allowing us to only address and allocate exactly the boundaries required for the specific TLB type at hand. Signed-off-by: Alexander Graf <agraf@suse.de>
2011-06-17PPC: E500: Use MAS registers instead of internal TLB representationAlexander Graf
The natural format for e500 cores to do TLB manipulation with are the MAS registers. Instead of converting them into some internal representation and back again when the guest reads them, we can just keep the data identical to the way the guest passed it to us. The main advantage of this approach is that we're getting closer to being able to share MMU data with KVM using shared memory, so that we don't need to copy lots of MMU data back and forth all the time. For this to work however, another patch is required that gets rid of the TLB union, as that destroys our memory layout that needs to be identical with the kernel one. Signed-off-by: Alexander Graf <agraf@suse.de>
2011-05-20w32: Fix compilation and replace non-portable usage of ulongStefan Weil
ulong is undefined for w32 (and maybe other) compilations. Replace it by uintptr_t (which also fixes compilation for w64 and is a better choice for pointer to integer conversions). Cc: Aurelien Jarno <aurelien@aurel32.net> Signed-off-by: Stefan Weil <weil@mail.berlios.de> Reviewed-by: Aurelien Jarno <aurelien@aurel32.net> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-05-14Merge branch 'ppc-next' of git://repo.or.cz/qemu/agrafAurelien Jarno
* 'ppc-next' of git://repo.or.cz/qemu/agraf: PPC: Qdev'ify e500 pci PPC MPC7544DS: Use new TLB helper function PPC: Implement e500 (FSL) MMU PPC: Add another 64 bits to instruction feature mask PPC: Add GS MSR definition PPC: Make MPC8544DS emulation work w/o KVM PPC: Make MPC8544DS obey -cpu switch Fix off-by-one error in sizing pSeries hcall table ppc64: Fix out-of-tree builds kvm: ppc: warn user on PAGE_SIZE mismatch kvm: ppc: detect old headers monitor: add PPC BookE SPRs kvm: ppc: fixes for KVM_SET_SREGS on init ppc64: Don't try to build sPAPR RTAS on Darwin Place pseries vty devices at addresses more similar to existing machines Make pSeries 'model' property more closely resemble real hardware pseries: Increase maximum CPUs to 256
2011-05-12PPC: Implement e500 (FSL) MMUAlexander Graf
Most of the code to support e500 style MMUs is already in place, but we're missing on some of the special TLB0-TLB1 handling code and slightly different TLB modification. This patch adds support for the FSL style MMU. Signed-off-by: Alexander Graf <agraf@suse.de>
2011-05-12PPC: Add another 64 bits to instruction feature maskAlexander Graf
To enable quick runtime detection of instruction groups to the currently selected CPU emulation, we have a feature mask of what exactly the respective instruction supports. This feature mask is 64 bits long and we just successfully exceeded those 64 bits. To add more features, we need to think of something. The easiest solution that came to my mind was to simply add another 64 bits that we can also match on. Since the comparison is only done on start of the qemu process to generate an internal opcode calling table, we should be fine on any performance penalties here. Signed-off-by: Alexander Graf <agraf@suse.de>
2011-05-12PPC: Add GS MSR definitionAlexander Graf
The BookE specification defines MSR bit 28 as Guest State. Add it to the list of MSR macros. Signed-off-by: Alexander Graf <agraf@suse.de>
2011-05-09monitor: add PPC BookE SPRsScott Wood
Read them via KVM_GET_SREGS in kvm_arch_get_registers(), and display them in "info registers". Also get CR and PID from the existing KVM_GET_REGS. Signed-off-by: Scott Wood <scottwood@freescale.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-05-08Fix typo in comment (embeded -> embedded)Stefan Weil
Signed-off-by: Stefan Weil <weil@mail.berlios.de> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2011-04-01Implement PAPR VPA functions for pSeries shared processor partitionsDavid Gibson
Shared-processor partitions are those where a CPU is time-sliced between partitions, rather than being permanently dedicated to a single partition. qemu emulated partitions, since they are just scheduled with the qemu user process, behave mostly like shared processor partitions. In order to better support shared processor partitions (splpar), PAPR defines the "VPA" (Virtual Processor Area), a shared memory communication channel between the hypervisor and partitions. There are also two additional shared memory communication areas for specialized purposes associated with the VPA. A VPA is not essential for operating an splpar, though it can be necessary for obtaining accurate performance measurements in the presence of runtime partition switching. Most importantly, however, the VPA is a prerequisite for PAPR's H_CEDE, hypercall, which allows a partition OS to give up it's shared processor timeslices to other partitions when idle. This patch implements the VPA and H_CEDE hypercalls in qemu. We don't implement any of the more advanced statistics which can be communicated through the VPA. However, this is enough to make normal pSeries kernels do an effective power-save idle on an emulated pSeries, significantly reducing the host load of a qemu emulated pSeries running an idle guest OS. Signed-off-by: David Gibson <dwg@au1.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-04-01Virtual hash page table handling on pSeries machineDavid Gibson
On pSeries logical partitions, excepting the old POWER4-style full system partitions, the guest does not have direct access to the hardware page table. Instead, the pagetable exists in hypervisor memory, and the guest must manipulate it with hypercalls. However, our current pSeries emulation more closely resembles the old style where the guest must set up and handle the pagetables itself. This patch converts it to act like a modern partition. This involves two things: first, the hash translation path is modified to permit the has table to be stored externally to the emulated machine's RAM. The pSeries machine init code configures the CPUs to use this mode. Secondly, we emulate the PAPR hypercalls for manipulating the external hashed page table. Signed-off-by: David Gibson <dwg@au1.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-04-01Add POWER7 support for ppcDavid Gibson
This adds emulation support for the recent POWER7 cpu to qemu. It's far from perfect - it's missing a number of POWER7 features so far, including any support for VSX or decimal floating point instructions. However, it's close enough to boot a kernel with the POWER7 PVR. Signed-off-by: David Gibson <dwg@au1.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-04-01Support 1T segments on ppcDavid Gibson
Traditionally, the "segments" used for the two-stage translation used on powerpc MMUs were 256MB in size. This was the only option on all hash page table based 32-bit powerpc cpus, and on the earlier 64-bit hash page table based cpus. However, newer 64-bit cpus also permit 1TB segments This patch adds support for 1TB segment translation to the qemu code. Signed-off-by: David Gibson <dwg@au1.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-04-01Better factor the ppc hash translation pathDavid Gibson
Currently the path handling hash page table translation in get_segment() has a mix of common and 32 or 64 bit specific code. However the division is not done terribly well which results in a lot of messy code flipping between common and divided paths. This patch improves the organization, consolidating several divided paths into one. This in turn allows simplification of some code in get_segment(), removing a number of ugly interim variables. This new factorization will also make it easier to add support for the 1T segments added in newer CPUs. Signed-off-by: David Gibson <dwg@au1.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-04-01Use "hash" more consistently in ppc mmu codeDavid Gibson
Currently, get_segment() has a variable called hash. However it doesn't (quite) get the hash value for the ppc hashed page table. Instead it gets the hash shifted - effectively the offset of the hash bucket within the hash page table. As well, as being different to the normal use of plain "hash" in the architecture documentation, this usage necessitates some awkward 32/64 dependent masks and shifts which clutter up the path in get_segment(). This patch alters the code to use raw hash values through get_segment() including storing raw hashes instead of pte group offsets in the ctx structure. This cleans up the path noticeably. This does necessitate 32/64 dependent shifts when the hash values are taken out of the ctx structure and used, but those paths already have 32/64 bit variants so this is less awkward than it was in get_segment(). Signed-off-by: David Gibson <dwg@au1.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-04-01Parse SDR1 on mtspr instead of at translate timeDavid Gibson
On ppc machines with hash table MMUs, the special purpose register SDR1 contains both the base address of the encoded size (hashed) page tables. At present, we interpret the SDR1 value within the address translation path. But because the encodings of the size for 32-bit and 64-bit are different this makes for a confusing branch on the MMU type with a bunch of curly shifts and masks in the middle of the translate path. This patch cleans things up by moving the interpretation on SDR1 into the helper function handling the write to the register. This leaves a simple pre-sanitized base address and mask for the hash table in the CPUState structure which is easier to work with in the translation path. This makes the translation path more readable. It addresses the FIXME comment currently in the mtsdr1 helper, by validating the SDR1 value during interpretation. Finally it opens the way for emulating a pSeries-style partition where the hash table used for translation is not mapped into the guests's RAM. Signed-off-by: David Gibson <dwg@au1.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-04-01Correct ppc popcntb logic, implement popcntw and popcntdDavid Gibson
qemu already includes support for the popcntb instruction introduced in POWER5 (although it doesn't actually allow you to choose POWER5). However, the logic is slightly incorrect: it will generate results truncated to 32-bits when the CPU is in 32-bit mode. This is not normal for powerpc - generally arithmetic instructions on a 64-bit powerpc cpu will generate full 64 bit results, it's just that only the low 32 bits will be significant for condition codes. This patch corrects this nit, which actually simplifies the code slightly. In addition, this patch implements the popcntw and popcntd instructions added in POWER7, in preparation for allowing POWER7 as an emulated CPU. Signed-off-by: David Gibson <dwg@au1.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-04-01Implement PowerPC slbmfee and slbmfev instructionsDavid Gibson
For a 64-bit PowerPC target, qemu correctly implements translation through the segment lookaside buffer. Likewise it supports the slbmte instruction which is used to load entries into the SLB. However, it does not emulate the slbmfee and slbmfev instructions which read SLB entries back into registers. Because these are only occasionally used in guests (mostly for debugging) we get away with it. However, given the recent SLB cleanups, it becomes quite easy to implement these, and thereby allow, amongst other things, a guest Linux to use xmon's command to dump the SLB. Signed-off-by: David Gibson <dwg@au1.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-04-01Add a hook to allow hypercalls to be emulated on PowerPCDavid Gibson
PowerPC and POWER chips since the POWER4 and 970 have a special hypervisor mode, and a corresponding form of the system call instruction which traps to the hypervisor. qemu currently has stub implementations of hypervisor mode. That is, the outline is there to allow qemu to run a PowerPC hypervisor under emulation. There are a number of details missing so this won't actually work at present, but the idea is there. What there is no provision at all, is for qemu to instead emulate the hypervisor itself. That is to have hypercalls trap into qemu and their result be emulated from qemu, rather than running hypervisor code within the emulated system. Hypervisor hardware aware KVM implementations are in the works and it would be useful for debugging and development to also allow full emulation of the same para-virtualized guests as such a KVM. Therefore, this patch adds a hook which will allow a machine to set up emulation of hypervisor calls. Signed-off-by: David Gibson <dwg@au1.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2011-04-01Clean up PowerPC SLB handling codeDavid Gibson
Currently the SLB information when emulating a PowerPC 970 is storeed in a structure with the unhelpfully named fields 'tmp' and 'tmp64'. While the layout in these fields does match the description of the SLB in the architecture document, it is not convenient either for looking up the SLB, or for emulating the slbmte instruction. This patch, therefore, reorganizes the SLB entry structure to be divided in the the "ESID related" and "VSID related" fields as they are divided in instructions accessing the SLB. In addition to making the code smaller and more readable, this will make it easier to implement for the 1TB segments used in more recent PowerPC chips. Signed-off-by: David Gibson <dwg@au1.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2010-10-30target-xxx: Use fprintf_function (format checking)Stefan Weil
fprintf_function uses format checking with GCC_FMT_ATTR. Format errors were fixed in * target-i386/helper.c * target-mips/translate.c * target-ppc/translate.c Cc: Blue Swirl <blauwirbel@gmail.com> Signed-off-by: Stefan Weil <weil@mail.berlios.de> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-10-13ppc: remove video.xBlue Swirl
Only Mac-on-Linux stuff used video.x, OpenBIOS does not need it. Remove video.x MoL hacks. Signed-off-by: Alexander Graf <agraf@suse.de> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-09-30powerpc: Add a virtex5 ml507 refdesign boardEdgar E. Iglesias
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2010-09-24powerpc: Improve emulation of the BookE MMUEdgar E. Iglesias
Improve the emulation of the BookE MMU to be able to boot linux on virtex5 boards. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
2010-07-03remove exec-all.h inclusion from cpu.hPaolo Bonzini
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-07-03move cpu_pc_from_tb to target-*/exec.hPaolo Bonzini
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-03-12Target specific usermode cleanupPaul Brook
Disable various target specific code that is only relevant to system emulation. Signed-off-by: Paul Brook <paul@codesourcery.com>
2010-03-12Move TARGET_PHYS_ADDR_SPACE_BITS to target-*/cpu.h.Richard Henderson
Removes a set of ifdefs from exec.c. Introduce TARGET_VIRT_ADDR_SPACE_BITS for all targets other than Alpha. This will be used for page_find_alloc, which is supposed to be using virtual addresses in the first place. Signed-off-by: Richard Henderson <rth@twiddle.net>
2010-02-27target-ppc: fix SPE evcmp* instructionsNathan Froyd
The CRF_{CH,CL,CH_OR_CL,CH_AND_CL} constants were all off by one bit position. Because of this, the SPE evcmp* family of instructions would store values in the result condition register that were also off by one bit position. Fixed by using the CRF_{LT,GT,EQ,SO} constants for the shift amounts. Signed-off-by: Nathan Froyd <froydnj@codesourcery.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2009-12-21PPC: Make DCR uint32_tAlexander Graf
For what I know DCR is always 32 bits wide, so we should also use uint32_t to pass it along the stacks. This fixes a warning when compiling qemu-system-ppc64 with KVM enabled, making it compile without --disable-werror Signed-off-by: Alexander Graf <agraf@suse.de> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2009-12-21PPC64: Fix alternate timebaseAurelien Jarno
Fix the alternate time base the same way as the default timebase. SPR_ATBL should return a 64-bit value on 64 bit implementations. Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2009-12-21PPC64: Fix timebaseAlexander Graf
On PPC we have a 64-bit time base. Usually (PPC32) this is accessed using two separate 32 bit SPR accesses to SPR_TBU and SPR_TBL. On PPC64 the SPR_TBL register acts as 64 bit though, so we get the full 64 bits as return value. If we only take the lower ones, fine. But Linux wants to see all 64 bits or it breaks. This patch makes PPC64 Linux work even after TB crossed the 32-bit boundary, which usually happened a few seconds after bootup. Signed-off-by: Alexander Graf <agraf@suse.de> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2009-11-07PPC: rename cpu_ppc_reset to cpu_reset for consistencyBlue Swirl
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2009-10-23target-ppc: move often used CPU fields at the top of the structureAurelien Jarno
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2009-10-01Revert "Get rid of _t suffix"Anthony Liguori
In the very least, a change like this requires discussion on the list. The naming convention is goofy and it causes a massive merge problem. Something like this _must_ be presented on the list first so people can provide input and cope with it. This reverts commit 99a0949b720a0936da2052cb9a46db04ffc6db29. Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-10-01Get rid of _t suffixmalc
Some not so obvious bits, slirp and Xen were left alone for the time being. Signed-off-by: malc <av1474@comtv.ru>