aboutsummaryrefslogtreecommitdiff
path: root/target/ppc/mmu-radix64.c
AgeCommit message (Collapse)Author
2023-09-06target/ppc: Generate storage interrupts for radix RC changesShawn Anastasio
Change radix model to always generate a storage interrupt when the R/C bits are not set appropriately in a PTE instead of setting the bits itself. According to the ISA both behaviors are valid, but in practice this change more closely matches behavior observed on the POWER9 CPU. From the POWER9 Processor User's Manual, Section 4.10.13.1: "When performing Radix translation, the POWER9 hardware triggers the appropriate interrupt ... for the mode and type of access whenever Reference (R) and Change (C) bits require setting in either the guest or host page-table entry (PTE)." Signed-off-by: Shawn Anastasio <sanastasio@raptorengineering.com> Reviewed-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: Nicholas Piggin <npiggin@gmail.com> Signed-off-by: Cédric Le Goater <clg@kaod.org>
2023-06-25target/ppc: Add SRR1 prefix indication to interrupt handlersNicholas Piggin
ISA v3.1 introduced prefix instructions. Among the changes, various synchronous interrupts report whether they were caused by a prefix instruction in (H)SRR1. The case of instruction fetch that causes an HDSI due to access of a process-scoped table faulting on the partition scoped translation is the tricky one. As with ISIs and HISIs, this does not try to set the prefix bit because there is no instruction image to be loaded. The HDSI needs the originating access type to be passed through to the handler to distinguish this from HDSIs that fault translating process scoped tables originating from a load or store instruction (in that case the prefix bit should be provided). Reviewed-by: Fabiano Rosas <farosas@suse.de> Signed-off-by: Nicholas Piggin <npiggin@gmail.com> [ clg: checkpatch issues ] Signed-off-by: Cédric Le Goater <clg@kaod.org>
2023-06-25target/ppc: Change partition-scope translate interfaceNicholas Piggin
Rather than always performing partition scope page table translation with access type of 0 (MMU_DATA_LOAD), pass through the processor access type which first initiated the translation sequence. Process- scoped page table loads are then set to MMU_DATA_LOAD access type in the xlate function. This will allow more information to be passed to the exception handler in the next patch. Signed-off-by: Nicholas Piggin <npiggin@gmail.com> Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-10-29target/ppc: Fix regression in Radix MMULeandro Lupori
Commit 47e83d9107 ended up unintentionally changing the control flow of ppc_radix64_process_scoped_xlate(). When guest_visible is false, it must not raise an exception, even if the radix configuration is not valid. This regression prevented Linux boot in a nested environment with L1 using TCG and emulating KVM (cap-nested-hv=on) and L2 using KVM. L2 would hang on Linux's futex_init(), when it tested how a futex_atomic_cmpxchg_inatomic() handled a fault, because L1 would start a loop of trying to perform partition scoped translations and raising exceptions. Fixes: 47e83d9107 ("target/ppc: Improve Radix xlate level validation") Reported-by: Victor Colombo <victor.colombo@eldorado.org.br> Signed-off-by: Leandro Lupori <leandro.lupori@eldorado.org.br> Tested-by: Víctor Colombo <victor.colombo@eldorado.org.br> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Message-Id: <20221028183617.121786-1-leandro.lupori@eldorado.org.br> [danielhb: use %"PRIu64" to print 'nls'] Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2022-07-18target/ppc: Check page dir/table base alignmentLeandro Lupori
According to PowerISA 3.1B, Book III 6.7.6 programming note, the page directory base addresses are expected to be aligned to their size. Real hardware seems to rely on that and will access the wrong address if they are misaligned. This results in a translation failure even if the page tables seem to be properly populated. Signed-off-by: Leandro Lupori <leandro.lupori@eldorado.org.br> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Message-Id: <20220628133959.15131-4-leandro.lupori@eldorado.org.br> Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2022-07-18target/ppc: Improve Radix xlate level validationLeandro Lupori
Check if the number and size of Radix levels are valid on POWER9/POWER10 CPUs, according to the supported Radix Tree Configurations described in their User Manuals. Signed-off-by: Leandro Lupori <leandro.lupori@eldorado.org.br> Reviewed-by: Fabiano Rosas <farosas@linux.ibm.com> Message-Id: <20220628133959.15131-3-leandro.lupori@eldorado.org.br> Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2022-07-18ppc: Check partition and process table alignmentLeandro Lupori
Check if partition and process tables are properly aligned, in their size, according to PowerISA 3.1B, Book III 6.7.6 programming note. Hardware and KVM also raise an exception in these cases. Signed-off-by: Leandro Lupori <leandro.lupori@eldorado.org.br> Reviewed-by: Fabiano Rosas <farosas@linux.ibm.com> Message-Id: <20220628133959.15131-2-leandro.lupori@eldorado.org.br> Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2022-05-05target/ppc: Remove msr_hv macroVíctor Colombo
msr_hv macro hides the usage of env->msr, which is a bad behavior. Substitute it with FIELD_EX64 calls that explicitly use env->msr as a parameter. Suggested-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Víctor Colombo <victor.colombo@eldorado.org.br> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20220504210541.115256-20-victor.colombo@eldorado.org.br> Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2022-05-05target/ppc: Remove msr_pr macroVíctor Colombo
msr_pr macro hides the usage of env->msr, which is a bad behavior Substitute it with FIELD_EX64 calls that explicitly use env->msr as a parameter. Suggested-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Víctor Colombo <victor.colombo@eldorado.org.br> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20220504210541.115256-4-victor.colombo@eldorado.org.br> Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2022-03-14target/ppc: fix ISI fault cause for Radix MMULeandro Lupori
Fix Instruction Storage Interrupt (ISI) fault cause for Radix MMU, when caused by missing PAGE_EXEC permission, to be SRR1_NOEXEC_GUARD instead of DSISR_PROTFAULT. This matches POWER9 hardware behavior. Fixes: d5fee0bbe68 ("target/ppc: Implement ISA V3.00 radix page fault handler") Signed-off-by: Leandro Lupori <leandro.lupori@eldorado.org.br> Message-Id: <20220309192756.145283-1-leandro.lupori@eldorado.org.br> Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-02-18target/ppc: Introduce a vhyp framework for nested HV supportNicholas Piggin
Introduce virtual hypervisor methods that can support a "Nested KVM HV" implementation using the bare metal 2-level radix MMU, and using HV exceptions to return from H_ENTER_NESTED (rather than cause interrupts). HV exceptions can now be raised in the TCG spapr machine when running a nested KVM HV guest. The main ones are the lev==1 syscall, the hdecr, hdsi and hisi, hv fu, and hv emu, and h_virt external interrupts. HV exceptions are intercepted in the exception handler code and instead of causing interrupts in the guest and switching the machine to HV mode, they go to the vhyp where it may exit the H_ENTER_NESTED hcall with the interrupt vector numer as return value as required by the hcall API. Address translation is provided by the 2-level page table walker that is implemented for the bare metal radix MMU. The partition scope page table is pointed to the L1's partition scope by the get_pate vhc method. Reviewed-by: Fabiano Rosas <farosas@linux.ibm.com> Signed-off-by: Nicholas Piggin <npiggin@gmail.com> Reviewed-by: Cédric Le Goater <clg@kaod.org> Message-Id: <20220216102545.1808018-9-npiggin@gmail.com> Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-02-18target/ppc: make vhyp get_pate method take lpid and return successNicholas Piggin
In prepartion for implementing a full partition table option for vhyp, update the get_pate method to take an lpid and return a success/fail indicator. The spapr implementation currently just asserts lpid is always 0 and always return success. Reviewed-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: Nicholas Piggin <npiggin@gmail.com> [ clg: checkpatch fixes ] Message-Id: <20220216102545.1808018-6-npiggin@gmail.com> Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-02-18target/ppc: add vhyp addressing mode helper for radix MMUNicholas Piggin
The radix on vhyp MMU uses a single-level radix table walk, with the partition scope mapping provided by the flat QEMU machine memory. A subsequent change will use the two-level radix walk on vhyp in some situations, so provide a helper which can abstract that logic. Reviewed-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: Nicholas Piggin <npiggin@gmail.com> Message-Id: <20220216102545.1808018-5-npiggin@gmail.com> Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-02-18target/ppc: raise HV interrupts for partition table entry problemsNicholas Piggin
Invalid or missing partition table entry exceptions should cause HV interrupts. HDSISR is set to bad MMU config, which is consistent with the ISA and experimentally matches what POWER9 generates. Reviewed-by: Fabiano Rosas <farosas@linux.ibm.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Signed-off-by: Nicholas Piggin <npiggin@gmail.com> [ clg: checkpatch fixes ] Message-Id: <20220216102545.1808018-2-npiggin@gmail.com> Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-02-09target/ppc: Fix radix loggingCédric Le Goater
ppc_radix64_partition_scoped_xlate() logs the host page protection bits variable but it is uninitialized. The value is set later on in ppc_radix64_check_prot(). Remove the output. Fixes: Coverity CID 1468942 Signed-off-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: Greg Kurz <groug@kaod.org> Message-Id: <20220203142145.1301749-1-clg@kaod.org> Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-01-04target/ppc: Check effective address validityCédric Le Goater
For Radix translation, the EA range is 64-bits. when EA(2:11) are nonzero, a segment interrupt should occur. Signed-off-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: Frederic Barrat <fbarrat@linux.ibm.com> Message-Id: <20211231073122.3183583-1-clg@kaod.org> Signed-off-by: Cédric Le Goater <clg@kaod.org>
2022-01-04target/ppc: Improve logging in Radix MMUCédric Le Goater
Signed-off-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20211222071002.1568894-1-clg@kaod.org> Signed-off-by: Cédric Le Goater <clg@kaod.org>
2021-07-09target/ppc: fix address translation bug for radix mmusBruno Larsen (billionai)
This commit attempts to fix a technical hiccup first mentioned by Richard Henderson in https://lists.nongnu.org/archive/html/qemu-devel/2021-05/msg06247.html To sumarize the hiccup here, when radix-style mmus are translating an address, they might need to call a second level of translation, with hypervisor privileges. However, the way it was being done up until this point meant that the second level translation had the same privileges as the first level. It could lead to a bug in address translation when running KVM inside a TCG guest, but this bug was never experienced by users, so this isn't as much a bug fix as it is a correctness cleanup. This patch attempts that cleanup by making radix64_*_xlate functions receive the mmu_idx, and passing one with the correct permission for the second level translation. The mmuidx macros added by this patch are only correct for non-bookE mmus, because BookE style set the IS and DS bits inverted and there might be other subtle differences. However, there doesn't seem to be BookE cpus that have radix-style mmus, so we left a comment there to document the issue, in case a machine does have that and was missed. As part of this cleanup, we now need to send the correct mmmu_idx when calling get_phys_page_debug, otherwise we might not be able to see the memory that the CPU could Suggested-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Bruno Larsen (billionai) <bruno.larsen@eldorado.org.br> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Cédric Le Goater <clg@kaod.org> Tested-by: Cédric Le Goater <clg@kaod.org> Message-Id: <20210628133610.1143-2-bruno.larsen@eldorado.org.br> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2021-07-09target/ppc: Introduce ppc_xlateRichard Henderson
Create one common dispatch for all of the ppc_*_xlate functions. Use ppc64_v3_radix to directly dispatch between ppc_radix64_xlate and ppc_hash64_xlate. Remove the separate *_handle_mmu_fault and *_get_phys_page_debug functions, using common code for ppc_cpu_tlb_fill and ppc_cpu_get_phys_page_debug. Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20210621125115.67717-9-bruno.larsen@eldorado.org.br> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2021-07-09target/ppc: Use bool success for ppc_radix64_xlateRichard Henderson
Instead of returning non-zero for failure, return true for success. Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20210621125115.67717-5-bruno.larsen@eldorado.org.br> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2021-07-09target/ppc: Push real-mode handling into ppc_radix64_xlateRichard Henderson
This removes some incomplete duplication between ppc_radix64_handle_mmu_fault and ppc_radix64_get_phys_page_debug. The former was correct wrt SPR_HRMOR and the latter was not. Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20210621125115.67717-4-bruno.larsen@eldorado.org.br> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2021-07-09target/ppc: Use MMUAccessType with *_handle_mmu_faultRichard Henderson
These changes were waiting until we didn't need to match the function type of PowerPCCPUClass.handle_mmu_fault. Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20210621125115.67717-3-bruno.larsen@eldorado.org.br> Reviewed-by: Greg Kurz <groug@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2021-06-03target/ppc: removed unnecessary inclusion of helper-proto.hBruno Larsen (billionai)
These files included helper-proto.h, but didn't use or declare any helpers, so the #include has been removed Signed-off-by: Bruno Larsen (billionai) <bruno.larsen@eldorado.org.br> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20210521201759.85475-6-bruno.larsen@eldorado.org.br> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2021-05-19target/ppc: Use MMUAccessType in mmu-radix64.cRichard Henderson
We must leave the 'int rwx' parameter to ppc_radix64_handle_mmu_fault for now, but will clean that up later. Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20210518201146.794854-3-richard.henderson@linaro.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2021-05-19target/ppc: Introduce prot_for_access_typeRichard Henderson
Use this in the three places we currently have a local array indexed by rwx (which happens to have the same values). The types will match up correctly with additional changes. Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20210518201146.794854-2-richard.henderson@linaro.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-11-15powerpc tcg: Fix Lesser GPL version numberChetan Pant
There is no "version 2" of the "Lesser" General Public License. It is either "GPL version 2.0" or "Lesser GPL version 2.1". This patch replaces all occurrences of "Lesser GPL version 2" with "Lesser GPL version 2.1" in comment section. Signed-off-by: Chetan Pant <chetan4windows@gmail.com> Message-Id: <20201019061126.3102-1-chetan4windows@gmail.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
2020-05-27target/ppc: Fix argument to ppc_radix64_partition_scoped_xlate() againGreg Kurz
The penultimate argument of function ppc_radix64_partition_scoped_xlate() has the bool type. Fixes: d04ea940c597 "target/ppc: Add support for Radix partition-scoped translation" Signed-off-by: Greg Kurz <groug@kaod.org> Message-Id: <159051003729.407106.10610703877543955831.stgit@bahia.lan> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-05-27target/ppc: Don't update radix PTE R/C bits with gdbstubGreg Kurz
gdbstub shouldn't silently change guest visible state when doing address translation. Since the R/C bits can only be updated when handling a MMU fault, let's reuse the cause_excp flag and rename it to guest_visible. While here drop a not very useful comment. This was found while reading the code. I could verify that this affects both powernv and pseries, but I failed to observe any actual bug. Fixes: d04ea940c597 "target/ppc: Add support for Radix partition-scoped translation" Signed-off-by: Greg Kurz <groug@kaod.org> Message-Id: <158941063899.240484.2778628492106387793.stgit@bahia.lan> Reviewed-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-05-27target/ppc: Fix arguments to ppc_radix64_partition_scoped_xlate()Greg Kurz
The last two arguments have the bool type. Also, we shouldn't raise an exception when using gdbstub. This was found while reading the code. Since it only affects the powernv machine, I didn't dig further to find an actual bug. Fixes: d04ea940c597 "target/ppc: Add support for Radix partition-scoped translation" Signed-off-by: Greg Kurz <groug@kaod.org> Message-Id: <158941063281.240484.9114539141307005992.stgit@bahia.lan> Reviewed-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-05-27target/ppc: Add missing braces in ppc_radix64_partition_scoped_xlate()Greg Kurz
As per CODING_STYLE. Fixes: d04ea940c597 "target/ppc: Add support for Radix partition-scoped translation" Signed-off-by: Greg Kurz <groug@kaod.org> Message-Id: <158941062665.240484.2663106458734800894.stgit@bahia.lan> Reviewed-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-05-27target/ppc: Don't initialize some local variables in ppc_radix64_xlate()Greg Kurz
It is the job of the ppc_radix64_get_fully_qualified_addr() function which is called at the beginning of ppc_radix64_xlate() to set both lpid *and* pid. It doesn't buy us anything to initialize them first. Worse, a bug in ppc_radix64_get_fully_qualified_addr(), eg. failing to set either lpid or pid, would be undetectable by static analysis tools like coverity. Some recent versions of gcc (eg. gcc-9.3.1-2.fc30) may still think that lpid or pid is used uninitialized though, so this also adds default cases in the switch statements to make it clear this cannot happen. Signed-off-by: Greg Kurz <groug@kaod.org> Message-Id: <158941062048.240484.9693581559252337111.stgit@bahia.lan> Reviewed-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-05-27target/ppc: Pass const pointer to ppc_radix64_get_fully_qualified_addr()Greg Kurz
This doesn't require write access to the CPU registers. Signed-off-by: Greg Kurz <groug@kaod.org> Message-Id: <158941061434.240484.10700096396035994133.stgit@bahia.lan> Reviewed-by: Cédric Le Goater <clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-05-07target/ppc: Add support for Radix partition-scoped translationCédric Le Goater
The Radix tree translation model currently supports process-scoped translation for the PowerNV machine (Hypervisor mode) and for the pSeries machine (Guest mode). Guests running under an emulated Hypervisor (PowerNV machine) require a new type of Radix translation, called partition-scoped, which is missing today. The Radix tree translation is a 2 steps process. The first step, process-scoped translation, converts an effective Address to a guest real address, and the second step, partition-scoped translation, converts a guest real address to a host real address. There are difference cases to covers : * Hypervisor real mode access: no Radix translation. * Hypervisor or host application access (quadrant 0 and 3) with relocation on: process-scoped translation. * Guest OS real mode access: only partition-scoped translation. * Guest OS real or guest application access (quadrant 0 and 3) with relocation on: both process-scoped translation and partition-scoped translations. * Hypervisor access in quadrant 1 and 2 with relocation on: both process-scoped translation and partition-scoped translations. The radix tree partition-scoped translation is performed using tables pointed to by the first double-word of the Partition Table Entries and process-scoped translation uses tables pointed to by the Process Table Entries (second double-word of the Partition Table Entries). Both partition-scoped and process-scoped translations process are identical and thus the radix tree traversing code is largely reused. However, errors in partition-scoped translations generate hypervisor exceptions. Signed-off-by: Suraj Jitindar Singh <sjitindarsingh@gmail.com> Signed-off-by: Greg Kurz <groug@kaod.org> Signed-off-by: Cédric Le Goater <clg@kaod.org> Message-Id: <20200403140056.59465-5-clg@kaod.org> [dwg: Fixup from Greg Kurz folded in] Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-05-07target/ppc: Rework ppc_radix64_walk_tree() for partition-scoped translationCédric Le Goater
The ppc_radix64_walk_tree() routine walks through the nested radix tables to look for a PTE. Split it in two and introduce a new routine ppc_radix64_next_level() which we will use for partition-scoped Radix translation when translating the process tree addresses. The prototypes are slightly change to use a 'AddressSpace *' parameter, instead of a 'PowerPCCPU *' which is not required, and to return an error code instead of a PTE value. It clarifies error handling in the callers. Signed-off-by: Suraj Jitindar Singh <sjitindarsingh@gmail.com> Signed-off-by: Greg Kurz <groug@kaod.org> Signed-off-by: Cédric Le Goater <clg@kaod.org> Message-Id: <20200403140056.59465-4-clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-05-07target/ppc: Extend ppc_radix64_check_prot() with a 'partition_scoped' boolCédric Le Goater
This prepares ground for partition-scoped Radix translation. Signed-off-by: Suraj Jitindar Singh <sjitindarsingh@gmail.com> Signed-off-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: Greg Kurz <groug@kaod.org> Message-Id: <20200403140056.59465-3-clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-05-07target/ppc: Introduce ppc_radix64_xlate() for Radix tree translationCédric Le Goater
This is moving code under a new ppc_radix64_xlate() routine shared by the MMU Radix page fault handler and the 'get_phys_page_debug' PPC callback. The difference being that 'get_phys_page_debug' does not generate exceptions. The specific part of process-scoped Radix translation is moved under ppc_radix64_process_scoped_xlate() in preparation of the future support for partition-scoped Radix translation. Routines raising the exceptions now take a 'cause_excp' bool to cover the 'get_phys_page_debug' case. It should be functionally equivalent. Signed-off-by: Suraj Jitindar Singh <sjitindarsingh@gmail.com> Signed-off-by: Cédric Le Goater <clg@kaod.org> Message-Id: <20200403140056.59465-2-clg@kaod.org> Reviewed-by: Greg Kurz <groug@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-05-07target/ppc: Assert if HV mode is set when running under a pseries machineCédric Le Goater
Signed-off-by: Suraj Jitindar Singh <sjitindarsingh@gmail.com> Signed-off-by: Cédric Le Goater <clg@kaod.org> Message-Id: <20200330094946.24678-4-clg@kaod.org> Reviewed-by: Greg Kurz <groug@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-05-07target/ppc: Introduce a relocation bool in ppc_radix64_handle_mmu_fault()Cédric Le Goater
It will ease the introduction of new routines for partition-scoped Radix translation. Signed-off-by: Suraj Jitindar Singh <sjitindarsingh@gmail.com> Signed-off-by: Cédric Le Goater <clg@kaod.org> Message-Id: <20200330094946.24678-3-clg@kaod.org> Reviewed-by: Greg Kurz <groug@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-05-07target/ppc: Enforce that the root page directory size must be at least 5Suraj Jitindar Singh
According to the ISA the root page directory size of a radix tree for either process- or partition-scoped translation must be >= 5. Thus add this to the list of conditions checked when validating the partition table entry in validate_pate(); Signed-off-by: Suraj Jitindar Singh <sjitindarsingh@gmail.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Cédric Le Goater <clg@kaod.org> Message-Id: <20200330094946.24678-2-clg@kaod.org> Reviewed-by: Greg Kurz <groug@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-02-02ppc/pnv: Add support for HRMOR on Radix hostCédric Le Goater
When in HV mode, if EA[0] is 0, the Hypervisor Offset Real Mode Register controls the access. Signed-off-by: Cédric Le Goater <clg@kaod.org> Message-Id: <20200127144154.10170-2-clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-04-26target/ppc: Don't check UPRT in radix mode when in HV real modeBenjamin Herrenschmidt
It appears that during kexec, we run for a while in hypervisor real mode with LPCR:HR set and LPCR:UPRT clear, which trips the assertion in ppc_radix64_handle_mmu_fault(). First this shouldn't be an assertion, it's a guest error. Then we shouldn't be checking these things in hypervisor real mode (or in virtual hypervisor guest real mode which is similar) as the real HW won't use those LPCR bits in those cases anyway, so technically it's ok to have this discrepancy. Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: Cédric Le Goater <clg@kaod.org> Message-Id: <20190411080004.8690-2-clg@kaod.org> [dwg: Fix for 32-bit builds] Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-02-26target/ppc: Basic POWER9 bare-metal radix MMU supportBenjamin Herrenschmidt
No guest support yet Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: Cédric Le Goater <clg@kaod.org> Message-Id: <20190215170029.15641-13-clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2019-02-26target/ppc: Rename PATB/PATBE -> PATEBenjamin Herrenschmidt
That "b" means "base address" and thus shouldn't be in the name of actual entries and related constants. This patch keeps the synthetic patb_entry field of the spapr virtual hypervisor unchanged until I figure out if that has an impact on the migration stream. Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: Cédric Le Goater <clg@kaod.org> Message-Id: <20190215170029.15641-11-clg@kaod.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2018-02-09Include qapi/error.h exactly where neededMarkus Armbruster
This cleanup makes the number of objects depending on qapi/error.h drop from 1910 (out of 4743) to 1612 in my "build everything" tree. While there, separate #include from file comment with a blank line, and drop a useless comment on why qemu/osdep.h is included first. Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20180201111846.21846-5-armbru@redhat.com> [Semantic conflict with commit 34e304e975 resolved, OSX breakage fixed]
2017-07-11target/ppc: Add debug function for radix mmu translationSuraj Jitindar Singh
In target/ppc/mmu-hash64.c there already exists the function ppc_hash64_get_phys_page_debug() to get the physical (real) address for a given effective address in hash mode. Implement the function ppc_radix64_get_phys_page_debug() to allow a real address to be obtained for a given effective address in radix mode. This is used when a debugger is attached to qemu. Previously we just had a comment saying this is unimplemented which then fell through to the default case and caused an abort due to unrecognised mmu model as the default had no case for the V3 mmu, which was misleading at best. We reuse ppc_radix64_walk_tree() which is used by the radix fault handler since the process of walking the radix tree is identical. Reported-by: Balbir Singh <bsingharora@gmail.com> Signed-off-by: Suraj Jitindar Singh <sjitindarsingh@gmail.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-07-11target/ppc: Refactor tcg radix mmu codeSuraj Jitindar Singh
The mmu-radix64.c file implements functions to enable the radix mmu emulation in tcg mode. There is a function ppc_radix64_walk_tree() which performs the radix tree walk and also implicitly checks the pte protection. Move the protection checking of the pte from the ppc_radix64_walk_tree() function into the caller. This means the ppc_radix64_walk_tree() function can be used without protection checking which is useful for debugging. ppc_radix64_walk_tree() no longer needs to take the rwx and prot variables. Signed-off-by: Suraj Jitindar Singh <sjitindarsingh@gmail.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-06-30target/ppc: Fix return value in tcg radix mmu fault handlerSuraj Jitindar Singh
The mmu fault handler should return 0 if it was able to successfully handle the fault and a positive value otherwise. Currently the tcg radix mmu fault handler will return 1 after successfully handling a fault in virtual mode. This is incorrect so fix it so that it returns 0 in this case. The handler already correctly returns 0 when a fault was handled in real mode and 1 if an interrupt was generated. Fixes: d5fee0bbe68d ("target/ppc: Implement ISA V3.00 radix page fault handler") Signed-off-by: Suraj Jitindar Singh <sjitindarsingh@gmail.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2017-05-11target/ppc: Implement ISA V3.00 radix page fault handlerSuraj Jitindar Singh
ISA V3.00 introduced a new radix mmu model. Implement the page fault handler for this so we can run a tcg guest in radix mode and perform address translation correctly. In real mode (mmu turned off) addresses are masked to remove the top 4 bits and then are subject to partition scoped translation, since we only support pseries at this stage it is only necessary to perform the masking and then we're done. In virtual mode (mmu turned on) address translation if performed as follows: 1. Use the quadrant to determine the fully qualified address. The fully qualified address is defined as the combination of the effective address, the effective logical partition id (LPID) and the effective process id (PID). Based on the quadrant (EA63:62) we set the pid and lpid like so: quadrant 0: lpid = LPIDR, pid = PIDR quadrant 1: HV only (not allowed in pseries) quadrant 2: HV only (not allowed in pseries) quadrant 3: lpid = LPIDR, pid = 0 If we can't get the fully qualified address we raise a segment interrupt. 2. Find the guest radix tree We ask the virtual hypervisor for the partition table which was registered with H_REGISTER_PROC_TBL which points us to the process table in guest memory. We then index this table by pid to get the process table entry which points us to the appropriate radix tree to translate the address. If the process table isn't big enough to contain an entry for the current pid then we raise a storage interrupt. 3. Walk the radix tree Next we walk the radix tree where each level is a table of page directory entries indexed by some number of bits from the effective address, where the number of bits is determined by the table size. We continue to walk the tree (while entries are valid and the table is of minimum size) until we reach a table of page table entries, indicated by having the leaf bit set. The appropriate pte is then checked for sufficient access permissions, the reference and change bits are updated and the real address is calculated from the real page number bits of the pte and the low bits of the effective address. If we can't find an entry or can't access the entry bacause of permissions then we raise a storage interrupt. Signed-off-by: Suraj Jitindar Singh <sjitindarsingh@gmail.com> [dwg: Add missing parentheses to macro] Signed-off-by: David Gibson <david@gibson.dropbear.id.au>