aboutsummaryrefslogtreecommitdiff
path: root/target/arm/helper.c
AgeCommit message (Collapse)Author
2023-11-27target/arm: Handle overflow in calculation of next timer tickPeter Maydell
In commit edac4d8a168 back in 2015 when we added support for the virtual timer offset CNTVOFF_EL2, we didn't correctly update the timer-recalculation code that figures out when the timer interrupt is next going to change state. We got it wrong in two ways: * for the 0->1 transition, we didn't notice that gt->cval + offset can overflow a uint64_t * for the 1->0 transition, we didn't notice that the transition might now happen before the count rolls over, if offset > count In the former case, we end up trying to set the next interrupt for a time in the past, which results in QEMU hanging as the timer fires continuously. In the latter case, we would fail to update the interrupt status when we are supposed to. Fix the calculations in both cases. The test case is Alex Bennée's from the bug report, and tests the 0->1 transition overflow case. Fixes: edac4d8a168 ("target-arm: Add CNTVOFF_EL2") Cc: qemu-stable@nongnu.org Resolves: https://gitlab.com/qemu-project/qemu/-/issues/60 Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20231120173506.3729884-1-peter.maydell@linaro.org Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
2023-11-08target/arm: hide aliased MIDR from gdbstubAlex Bennée
This is just a constant alias register with the same value as the "other" MIDR so it serves no purpose being presented to gdbstub. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-Id: <20231106185112.2755262-6-alex.bennee@linaro.org>
2023-11-08target/arm: mark the 32bit alias of PAR when LPAE enabledAlex Bennée
We also mark it ARM_CP_NO_GDB so we avoid duplicate PAR's in the system register XML we send to gdb. Suggested-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20231107105145.2916124-1-alex.bennee@linaro.org>
2023-10-27target/arm: Move feature test functions to their own headerPeter Maydell
The feature test functions isar_feature_*() now take up nearly a thousand lines in target/arm/cpu.h. This header file is included by a lot of source files, most of which don't need these functions. Move the feature test functions to their own header file. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20231024163510.2972081-2-peter.maydell@linaro.org
2023-10-19target/arm: Implement FEAT_HPMN0Peter Maydell
FEAT_HPMN0 is a small feature which defines that it is valid for MDCR_EL2.HPMN to be set to 0, meaning "no PMU event counters provided to an EL1 guest" (previously this setting was reserved). QEMU's implementation almost gets HPMN == 0 right, but we need to fix one check in pmevcntr_is_64_bit(). That is enough for us to advertise the feature in the 'max' CPU. (We don't need to make the behaviour conditional on feature presence, because the FEAT_HPMN0 behaviour is within the range of permitted UNPREDICTABLE behaviour for a non-FEAT_HPMN0 implementation.) Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20230921185445.3339214-1-peter.maydell@linaro.org
2023-10-19target/arm: Fix CNTPCT_EL0 trapping from EL0 when HCR_EL2.E2H is 0Michal Orzel
On an attempt to access CNTPCT_EL0 from EL0 using a guest running on top of Xen, a trap from EL2 was observed which is something not reproducible on HW (also, Xen does not trap accesses to physical counter). This is because gt_counter_access() checks for an incorrect bit (1 instead of 0) of CNTHCTL_EL2 if HCR_EL2.E2H is 0 and access is made to physical counter. Refer ARM ARM DDI 0487J.a, D19.12.2: When HCR_EL2.E2H is 0: - EL1PCTEN, bit [0]: refers to physical counter - EL1PCEN, bit [1]: refers to physical timer registers Drop entire block "if (hcr & HCR_E2H) {...} else {...}" from EL0 case and fall through to EL1 case, given that after fixing checking for the correct bit, the handling is the same. Fixes: 5bc8437136fb ("target/arm: Update timer access for VHE") Signed-off-by: Michal Orzel <michal.orzel@amd.com> Tested-by: Oleksandr Tyshchenko <oleksandr_tyshchenko@epam.com> Message-id: 20230928094404.20802-1-michal.orzel@amd.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-10-04accel/tcg: Replace CPUState.env_ptr with cpu_env()Richard Henderson
Reviewed-by: Anton Johansson <anjo@rev.ng> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2023-09-21target/arm: Implement FEAT_MOPS enable bitsPeter Maydell
FEAT_MOPS defines a handful of new enable bits: * HCRX_EL2.MSCEn, SCTLR_EL1.MSCEn, SCTLR_EL2.MSCen: define whether the new insns should UNDEF or not * HCRX_EL2.MCE2: defines whether memops exceptions from EL1 should be taken to EL1 or EL2 Since we don't sanitise what bits can be written for the SCTLR registers, we only need to handle the new bits in HCRX_EL2, and define SCTLR_MSCEN for the new SCTLR bit value. The precedence of "HCRX bits acts as 0 if SCR_EL3.HXEn is 0" versus "bit acts as 1 if EL2 disabled" is not clear from the register definition text, but it is clear in the CheckMOPSEnabled() pseudocode(), so we follow that. We'll have to check whether other bits we need to implement in future follow the same logic or not. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20230912140434.1333369-3-peter.maydell@linaro.org
2023-09-21target/arm: Update user-mode ID reg mask valuesPeter Maydell
For user-only mode we reveal a subset of the AArch64 ID registers to the guest, to emulate the kernel's trap-and-emulate-ID-regs handling. Update the feature bit masks to match upstream kernel commit a48fa7efaf1161c1c. None of these features are yet implemented by QEMU, so this doesn't yet have a behavioural change, but implementation of FEAT_MOPS and FEAT_HBC is imminent. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
2023-09-08target/arm: Implement RMR_ELxRichard Henderson
Provide a stub implementation, as a write is a "request". Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20230831232441.66020-2-richard.henderson@linaro.org Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-09-08target/arm: Add ID_AA64ISAR2_EL1Aaron Lindsay
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Aaron Lindsay <aaron@os.amperecomputing.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20230829232335.965414-3-richard.henderson@linaro.org [PMM: drop the HVF part of the patch and just comment that we need to do something when the register appears in that API] Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-08-31target/arm: Apply access checks to neoverse-n1 special registersRichard Henderson
Access to many of the special registers is enabled or disabled by ACTLR_EL[23], which we implement as constant 0, which means that all writes outside EL3 should trap. Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 20230811214031.171020-7-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-08-31target/arm: Allow cpu to configure GM blocksizeRichard Henderson
Previously we hard-coded the blocksize with GMID_EL1_BS. But the value we choose for -cpu max does not match the value that cortex-a710 uses. Mirror the way we handle dcz_blocksize. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20230811214031.171020-3-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-08-22target/arm/helper: Implement CNTHCTL_EL2.CNT[VP]MASKJean-Philippe Brucker
When FEAT_RME is implemented, these bits override the value of CNT[VP]_CTL_EL0.IMASK in Realm and Root state. Move the IRQ state update into a new gt_update_irq() function and test those bits every time we recompute the IRQ state. Since we're removing the IRQ state from some trace events, add a new trace event for gt_update_irq(). Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org> Message-id: 20230809123706.1842548-7-jean-philippe@linaro.org [PMM: only register change hook if not USER_ONLY and if TCG] Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
2023-08-22target/arm/helper: Check SCR_EL3.{NSE, NS} encoding for AT instructionsJean-Philippe Brucker
The AT instruction is UNDEFINED if the {NSE,NS} configuration is invalid. Add a function to check this on all AT instructions that apply to an EL lower than 3. Suggested-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org> Message-id: 20230809123706.1842548-6-jean-philippe@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
2023-08-22target/arm: Pass security space rather than flag for AT instructionsJean-Philippe Brucker
At the moment we only handle Secure and Nonsecure security spaces for the AT instructions. Add support for Realm and Root. For AArch64, arm_security_space() gives the desired space. ARM DDI0487J says (R_NYXTL): If EL3 is implemented, then when an address translation instruction that applies to an Exception level lower than EL3 is executed, the Effective value of SCR_EL3.{NSE, NS} determines the target Security state that the instruction applies to. For AArch32, some instructions can access NonSecure space from Secure, so we still need to pass the state explicitly to do_ats_write(). Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 20230809123706.1842548-5-jean-philippe@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-08-22target/arm: Skip granule protection checks for AT instructionsJean-Philippe Brucker
GPC checks are not performed on the output address for AT instructions, as stated by ARM DDI 0487J in D8.12.2: When populating PAR_EL1 with the result of an address translation instruction, granule protection checks are not performed on the final output address of a successful translation. Rename get_phys_addr_with_secure(), since it's only used to handle AT instructions. Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 20230809123706.1842548-4-jean-philippe@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-08-22target/arm/helper: Fix tlbmask and tlbbits for TLBI VAE2*Jean-Philippe Brucker
When HCR_EL2.E2H is enabled, TLB entries are formed using the EL2&0 translation regime, instead of the EL2 translation regime. The TLB VAE2* instructions invalidate the regime that corresponds to the current value of HCR_EL2.E2H. At the moment we only invalidate the EL2 translation regime. This causes problems with RMM, which issues TLBI VAE2IS instructions with HCR_EL2.E2H enabled. Update vae2_tlbmask() to take HCR_EL2.E2H into account. Add vae2_tlbbits() as well, since the top-byte-ignore configuration is different between the EL2&0 and EL2 regime. Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 20230809123706.1842548-3-jean-philippe@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-08-22target/arm: Adjust PAR_EL1.SH for Device and Normal-NC memory typesPeter Maydell
The PAR_EL1.SH field documents that for the cases of: * Device memory * Normal memory with both Inner and Outer Non-Cacheable the field should be 0b10 rather than whatever was in the translation table descriptor field. (In the pseudocode this is handled by PAREncodeShareability().) Perform this adjustment when assembling a PAR value. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20230807141514.19075-16-peter.maydell@linaro.org
2023-08-22target/arm: Pass an ARMSecuritySpace to arm_is_el2_enabled_secstate()Peter Maydell
Pass an ARMSecuritySpace instead of a bool secure to arm_is_el2_enabled_secstate(). This doesn't change behaviour. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20230807141514.19075-8-peter.maydell@linaro.org
2023-08-22target/arm/ptw: Pass an ARMSecuritySpace to arm_hcr_el2_eff_secstate()Peter Maydell
arm_hcr_el2_eff_secstate() takes a bool secure, which it uses to determine whether EL2 is enabled in the current security state. With the advent of FEAT_RME this is no longer sufficient, because EL2 can be enabled for Secure state but not for Root, and both of those will pass 'secure == true' in the callsites in ptw.c. As it happens in all of our callsites in ptw.c we either avoid making the call or else avoid using the returned value if we're doing a translation for Root, so this is not a behaviour change even if the experimental FEAT_RME is enabled. But it is less confusing in the ptw.c code if we avoid the use of a bool secure that duplicates some of the information in the ArmSecuritySpace argument. Make arm_hcr_el2_eff_secstate() take an ARMSecuritySpace argument instead. Because we always want to know the HCR_EL2 for the security state defined by the current effective value of SCR_EL3.{NSE,NS}, it makes no sense to pass ARMSS_Root here, and we assert that callers don't do that. To avoid the assert(), we thus push the call to arm_hcr_el2_eff_secstate() down into the cases in regime_translation_disabled() that need it, rather than calling the function and ignoring the result for the Root space translations. All other calls to this function in ptw.c are already in places where we have confirmed that the mmu_idx is a stage 2 translation or that the regime EL is not 3. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20230807141514.19075-7-peter.maydell@linaro.org
2023-07-25arm: spelling fixesMichael Tokarev
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
2023-07-06target/arm: Handle IC IVAU to improve compatibility with JITsJohn Högberg
Unlike architectures with precise self-modifying code semantics (e.g. x86) ARM processors do not maintain coherency for instruction execution and memory, requiring an instruction synchronization barrier on every core that will execute the new code, and on many models also the explicit use of cache management instructions. While this is required to make JITs work on actual hardware, QEMU has gotten away with not handling this since it does not emulate caches, and unconditionally invalidates code whenever the softmmu or the user-mode page protection logic detects that code has been modified. Unfortunately the latter does not work in the face of dual-mapped code (a common W^X workaround), where one page is executable and the other is writable: user-mode has no way to connect one with the other as that is only known to the kernel and the emulated application. This commit works around the issue by telling software that instruction cache invalidation is required by clearing the CPR_EL0.DIC flag (regardless of whether the emulated processor needs it), and then invalidating code in IC IVAU instructions. Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1034 Co-authored-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: John Högberg <john.hogberg@ericsson.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 168778890374.24232.3402138851538068785-1@git.sr.ht [PMM: removed unnecessary AArch64 feature check; moved "clear CTR_EL1.DIC" code up a bit so it's not in the middle of the vfp/neon related tests] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-07-04target/arm: Add raw_writes ops for register whose write induce TLB maintenanceEric Auger
Some registers whose 'cooked' writefns induce TLB maintenance do not have raw_writefn ops defined. If only the writefn ops is set (ie. no raw_writefn is provided), it is assumed the cooked also work as the raw one. For those registers it is not obvious the tlb_flush works on KVM mode so better/safer setting the raw write. Signed-off-by: Eric Auger <eric.auger@redhat.com> Suggested-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-06-26target: Widen pc/cs_base in cpu_get_tb_cpu_stateAnton Johansson
Signed-off-by: Anton Johansson <anjo@rev.ng> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20230621135633.1649-4-anjo@rev.ng> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2023-06-23target/arm: Implement GPC exceptionsRichard Henderson
Handle GPC Fault types in arm_deliver_fault, reporting as either a GPC exception at EL3, or falling through to insn or data aborts at various exception levels. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20230620124418.805717-19-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-06-23target/arm: Introduce ARMSecuritySpaceRichard Henderson
Introduce both the enumeration and functions to retrieve the current state, and state outside of EL3. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20230620124418.805717-6-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-06-23target/arm: Add RME cpregsRichard Henderson
This includes GPCCR, GPTBR, MFAR, the TLB flush insns PAALL, PAALLOS, RPALOS, RPAOS, and the cache flush insns CIPAPA and CIGDPAPA. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20230620124418.805717-5-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-06-23target/arm: SCR_EL3.NS may be RES1Richard Henderson
With RME, SEL2 must also be present to support secure state. The NS bit is RES1 if SEL2 is not present. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20230620124418.805717-4-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-06-23target/arm: Update SCR and HCR for RMERichard Henderson
Define the missing SCR and HCR bits, allow SCR_NSE and {SCR,HCR}_GPF to be set, and invalidate TLBs when NSE changes. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20230620124418.805717-3-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-06-06target/arm: allow DC CVA[D]P in user mode emulationZhuojia Shen
DC CVAP and DC CVADP instructions can be executed in EL0 on Linux, either directly when SCTLR_EL1.UCI == 1 or emulated by the kernel (see user_cache_maint_handler() in arch/arm64/kernel/traps.c). This patch enables execution of the two instructions in user mode emulation. Signed-off-by: Zhuojia Shen <chaosdefinition@hotmail.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-05-12target/arm: Correct AArch64.S2MinTxSZ 32-bit EL1 input size checkPeter Maydell
In check_s2_mmu_setup() we have a check that is attempting to implement the part of AArch64.S2MinTxSZ that is specific to when EL1 is AArch32: if !s1aarch64 then // EL1 is AArch32 min_txsz = Min(min_txsz, 24); Unfortunately we got this wrong in two ways: (1) The minimum txsz corresponds to a maximum inputsize, but we got the sense of the comparison wrong and were faulting for all inputsizes less than 40 bits (2) We try to implement this as an extra check that happens after we've done the same txsz checks we would do for an AArch64 EL1, but in fact the pseudocode is *loosening* the requirements, so that txsz values that would fault for an AArch64 EL1 do not fault for AArch32 EL1, because it does Min(old_min, 24), not Max(old_min, 24). You can see this also in the text of the Arm ARM in table D8-8, which shows that where the implemented PA size is less than 40 bits an AArch32 EL1 is still OK with a configured stage2 T0SZ for a 40 bit IPA, whereas if EL1 is AArch64 then the T0SZ must be big enough to constrain the IPA to the implemented PA size. Because of part (2), we can't do this as a separate check, but have to integrate it into aa64_va_parameters(). Add a new argument to that function to indicate that EL1 is 32-bit. All the existing callsites except the one in get_phys_addr_lpae() can pass 'false', because they are either doing a lookup for a stage 1 regime or else they don't care about the tsz/tsz_oob fields. Cc: qemu-stable@nongnu.org Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1627 Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20230509092059.3176487-1-peter.maydell@linaro.org
2023-03-06target/arm: Stub arm_hcr_el2_eff for m-profileRichard Henderson
M-profile doesn't have HCR_EL2. While we could test features before each call, zero is a generally safe return value to disable the code in the caller. This test is required to avoid an assert in arm_is_secure_below_el3. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20230227225832.816605-3-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-03-02target/arm: Restrict 'qapi-commands-machine.h' to system emulationPhilippe Mathieu-Daudé
Since commit a0e61807a3 ("qapi: Remove QMP events and commands from user-mode builds") we don't generate the "qapi-commands-machine.h" header in a user-emulation-only build. Move the QMP functions from helper.c (which is always compiled) to monitor.c (which is only compiled when system-emulation is selected). Rename monitor.c to arm-qmp-cmds.c. Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20230223155540.30370-2-philmd@linaro.org> Signed-off-by: Markus Armbruster <armbru@redhat.com> [Straightforward conflict with commit 9def656e7a2 resolved]
2023-02-27target/arm: Move hflags code into the tcg directoryFabiano Rosas
The hflags are used only for TCG code, so introduce a new file hflags.c to keep that code. Signed-off-by: Fabiano Rosas <farosas@suse.de> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-02-27target/arm: Wrap arm_rebuild_hflags calls with tcg_enabledFabiano Rosas
This is in preparation to moving the hflags code into its own file under the tcg/ directory. Signed-off-by: Fabiano Rosas <farosas@suse.de> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-02-16target/arm: wrap call to aarch64_sve_change_el in tcg_enabled()Claudio Fontana
Signed-off-by: Claudio Fontana <cfontana@suse.de> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Fabiano Rosas <farosas@suse.de> Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-02-16target/arm: wrap psci call with tcg_enabledClaudio Fontana
for "all" builds (tcg + kvm), we want to avoid doing the psci check if tcg is built-in, but not enabled. Signed-off-by: Claudio Fontana <cfontana@suse.de> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Fabiano Rosas <farosas@suse.de> Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-02-16target/arm: rename handle_semihosting to tcg_handle_semihostingClaudio Fontana
make it clearer from the name that this is a tcg-only function. Signed-off-by: Claudio Fontana <cfontana@suse.de> Signed-off-by: Fabiano Rosas <farosas@suse.de> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-02-16target/arm: Constify ID_PFR1 on user emulationPhilippe Mathieu-Daudé
Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org> Message-id: 20230206223502.25122-5-philmd@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2023-02-03target/arm: Implement the HFGITR_EL2.SVC_EL0 and SVC_EL1 trapsPeter Maydell
Implement the HFGITR_EL2.SVC_EL0 and SVC_EL1 fine-grained traps. These trap execution of the SVC instruction from AArch32 and AArch64. (As usual, AArch32 can only trap from EL0, as fine grained traps are disabled with an AArch32 EL1.) Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Tested-by: Fuad Tabba <tabba@google.com> Message-id: 20230130182459.3309057-22-peter.maydell@linaro.org Message-id: 20230127175507.2895013-22-peter.maydell@linaro.org
2023-02-03target/arm: Implement the HFGITR_EL2.ERET trapPeter Maydell
Implement the HFGITR_EL2.ERET fine-grained trap. This traps execution from AArch64 EL1 of ERET, ERETAA and ERETAB. The trap is reported with a syndrome value of 0x1a. The trap must take precedence over a possible pointer-authentication trap for ERETAA and ERETAB. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Tested-by: Fuad Tabba <tabba@google.com> Message-id: 20230130182459.3309057-21-peter.maydell@linaro.org Message-id: 20230127175507.2895013-21-peter.maydell@linaro.org
2023-02-03target/arm: Mark up sysregs for HFGITR bits 48..63Peter Maydell
Mark up the sysreg definitions for the system instructions trapped by HFGITR bits 48..63. Some of these bits are for trapping instructions which are not in the system instruction encoding (i.e. which are not handled by the ARMCPRegInfo mechanism): * ERET, ERETAA, ERETAB * SVC We will have to handle those separately and manually. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Tested-by: Fuad Tabba <tabba@google.com> Message-id: 20230130182459.3309057-20-peter.maydell@linaro.org Message-id: 20230127175507.2895013-20-peter.maydell@linaro.org
2023-02-03target/arm: Mark up sysregs for HFGITR bits 18..47Peter Maydell
Mark up the sysreg definitions for the system instructions trapped by HFGITR bits 18..47. These bits cover TLBI TLB maintenance instructions. (If we implemented FEAT_XS we would need to trap some of the instructions added by that feature using these bits; but we don't yet, so will need to add the .fgt markup when we do.) Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Tested-by: Fuad Tabba <tabba@google.com> Message-id: 20230130182459.3309057-19-peter.maydell@linaro.org Message-id: 20230127175507.2895013-19-peter.maydell@linaro.org
2023-02-03target/arm: Mark up sysregs for HFGITR bits 12..17Peter Maydell
Mark up the sysreg definitions for the system instructions trapped by HFGITR bits 12..17. These bits cover AT address translation instructions. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Tested-by: Fuad Tabba <tabba@google.com> Message-id: 20230130182459.3309057-18-peter.maydell@linaro.org Message-id: 20230127175507.2895013-18-peter.maydell@linaro.org
2023-02-03target/arm: Mark up sysregs for HFGITR bits 0..11Peter Maydell
Mark up the sysreg definitions for the system instructions trapped by HFGITR bits 0..11. These bits cover various cache maintenance operations. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Tested-by: Fuad Tabba <tabba@google.com> Message-id: 20230130182459.3309057-17-peter.maydell@linaro.org Message-id: 20230127175507.2895013-17-peter.maydell@linaro.org
2023-02-03target/arm: Mark up sysregs for HDFGRTR bits 12..63Peter Maydell
Mark up the sysreg definitions for the registers trapped by HDFGRTR/HDFGWTR bits 12..x. Bits 12..22 and bit 58 are for PMU registers. The remaining bits in HDFGRTR/HDFGWTR are for traps on registers that are part of features we don't implement: Bits 23..32 and 63 : FEAT_SPE Bits 33..48 : FEAT_ETE Bits 50..56 : FEAT_TRBE Bits 59..61 : FEAT_BRBE Bit 62 : FEAT_SPEv1p2. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Tested-by: Fuad Tabba <tabba@google.com> Message-id: 20230130182459.3309057-16-peter.maydell@linaro.org Message-id: 20230127175507.2895013-16-peter.maydell@linaro.org
2023-02-03target/arm: Mark up sysregs for HFGRTR bits 36..63Peter Maydell
Mark up the sysreg definitions for the registers trapped by HFGRTR/HFGWTR bits 36..63. Of these, some correspond to RAS registers which we implement as always-UNDEF: these don't need any extra handling for FGT because the UNDEF-to-EL1 always takes priority over any theoretical FGT-trap-to-EL2. Bit 50 (NACCDATA_EL1) is for the ACCDATA_EL1 register which is part of the FEAT_LS64_ACCDATA feature which we don't yet implement. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Tested-by: Fuad Tabba <tabba@google.com> Message-id: 20230130182459.3309057-14-peter.maydell@linaro.org Message-id: 20230127175507.2895013-14-peter.maydell@linaro.org
2023-02-03target/arm: Mark up sysregs for HFGRTR bits 24..35Peter Maydell
Mark up the sysreg definitions for the registers trapped by HFGRTR/HFGWTR bits 24..35. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Tested-by: Fuad Tabba <tabba@google.com> Message-id: 20230130182459.3309057-13-peter.maydell@linaro.org Message-id: 20230127175507.2895013-13-peter.maydell@linaro.org
2023-02-03target/arm: Mark up sysregs for HFGRTR bits 12..23Peter Maydell
Mark up the sysreg definitions for the registers trapped by HFGRTR/HFGWTR bits 12..23. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Tested-by: Fuad Tabba <tabba@google.com> Message-id: 20230130182459.3309057-12-peter.maydell@linaro.org Message-id: 20230127175507.2895013-12-peter.maydell@linaro.org