]>
Commit | Line | Data |
---|---|---|
9d7c3f4a DG |
1 | /* |
2 | * PowerPC MMU, TLB and BAT emulation helpers for QEMU. | |
3 | * | |
4 | * Copyright (c) 2003-2007 Jocelyn Mayer | |
5 | * Copyright (c) 2013 David Gibson, IBM Corporation | |
6 | * | |
7 | * This library is free software; you can redistribute it and/or | |
8 | * modify it under the terms of the GNU Lesser General Public | |
9 | * License as published by the Free Software Foundation; either | |
6bd039cd | 10 | * version 2.1 of the License, or (at your option) any later version. |
9d7c3f4a DG |
11 | * |
12 | * This library is distributed in the hope that it will be useful, | |
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
15 | * Lesser General Public License for more details. | |
16 | * | |
17 | * You should have received a copy of the GNU Lesser General Public | |
18 | * License along with this library; if not, see <http://www.gnu.org/licenses/>. | |
19 | */ | |
20 | ||
0d75590d | 21 | #include "qemu/osdep.h" |
9d7c3f4a | 22 | #include "cpu.h" |
63c91552 | 23 | #include "exec/exec-all.h" |
9d7c3f4a DG |
24 | #include "sysemu/kvm.h" |
25 | #include "kvm_ppc.h" | |
182357db | 26 | #include "internal.h" |
9d7c3f4a | 27 | #include "mmu-hash32.h" |
d423baf9 | 28 | #include "mmu-books.h" |
508127e2 | 29 | #include "exec/log.h" |
9d7c3f4a | 30 | |
ba1b5df0 | 31 | /* #define DEBUG_BATS */ |
9d7c3f4a | 32 | |
98132796 | 33 | #ifdef DEBUG_BATS |
48880da6 | 34 | # define LOG_BATS(...) qemu_log_mask(CPU_LOG_MMU, __VA_ARGS__) |
98132796 DG |
35 | #else |
36 | # define LOG_BATS(...) do { } while (0) | |
37 | #endif | |
38 | ||
5dc68eb0 DG |
39 | struct mmu_ctx_hash32 { |
40 | hwaddr raddr; /* Real address */ | |
5dc68eb0 | 41 | int prot; /* Protection bits */ |
5dc68eb0 | 42 | int key; /* Access key */ |
5dc68eb0 DG |
43 | }; |
44 | ||
e01b4445 | 45 | static int ppc_hash32_pp_prot(int key, int pp, int nx) |
496272a7 | 46 | { |
e01b4445 | 47 | int prot; |
496272a7 | 48 | |
496272a7 DG |
49 | if (key == 0) { |
50 | switch (pp) { | |
51 | case 0x0: | |
52 | case 0x1: | |
53 | case 0x2: | |
e01b4445 DG |
54 | prot = PAGE_READ | PAGE_WRITE; |
55 | break; | |
56 | ||
496272a7 | 57 | case 0x3: |
e01b4445 | 58 | prot = PAGE_READ; |
496272a7 | 59 | break; |
e01b4445 DG |
60 | |
61 | default: | |
62 | abort(); | |
496272a7 DG |
63 | } |
64 | } else { | |
65 | switch (pp) { | |
66 | case 0x0: | |
e01b4445 | 67 | prot = 0; |
496272a7 | 68 | break; |
e01b4445 | 69 | |
496272a7 DG |
70 | case 0x1: |
71 | case 0x3: | |
e01b4445 | 72 | prot = PAGE_READ; |
496272a7 | 73 | break; |
e01b4445 | 74 | |
496272a7 | 75 | case 0x2: |
e01b4445 | 76 | prot = PAGE_READ | PAGE_WRITE; |
496272a7 | 77 | break; |
e01b4445 DG |
78 | |
79 | default: | |
80 | abort(); | |
496272a7 DG |
81 | } |
82 | } | |
83 | if (nx == 0) { | |
e01b4445 | 84 | prot |= PAGE_EXEC; |
496272a7 DG |
85 | } |
86 | ||
e01b4445 | 87 | return prot; |
496272a7 DG |
88 | } |
89 | ||
d423baf9 | 90 | static int ppc_hash32_pte_prot(int mmu_idx, |
e01b4445 | 91 | target_ulong sr, ppc_hash_pte32_t pte) |
496272a7 | 92 | { |
e01b4445 | 93 | unsigned pp, key; |
496272a7 | 94 | |
d423baf9 | 95 | key = !!(mmuidx_pr(mmu_idx) ? (sr & SR32_KP) : (sr & SR32_KS)); |
e01b4445 | 96 | pp = pte.pte1 & HPTE32_R_PP; |
496272a7 | 97 | |
e01b4445 | 98 | return ppc_hash32_pp_prot(key, pp, !!(sr & SR32_NX)); |
496272a7 DG |
99 | } |
100 | ||
d423baf9 | 101 | static target_ulong hash32_bat_size(int mmu_idx, |
6fc76aa9 | 102 | target_ulong batu, target_ulong batl) |
98132796 | 103 | { |
d423baf9 BL |
104 | if ((mmuidx_pr(mmu_idx) && !(batu & BATU32_VP)) |
105 | || (!mmuidx_pr(mmu_idx) && !(batu & BATU32_VS))) { | |
6fc76aa9 | 106 | return 0; |
98132796 | 107 | } |
6fc76aa9 DG |
108 | |
109 | return BATU32_BEPI & ~((batu & BATU32_BL) << 15); | |
98132796 DG |
110 | } |
111 | ||
7ef23068 | 112 | static int hash32_bat_prot(PowerPCCPU *cpu, |
e1d49515 DG |
113 | target_ulong batu, target_ulong batl) |
114 | { | |
115 | int pp, prot; | |
116 | ||
117 | prot = 0; | |
118 | pp = batl & BATL32_PP; | |
119 | if (pp != 0) { | |
120 | prot = PAGE_READ | PAGE_EXEC; | |
121 | if (pp == 0x2) { | |
122 | prot |= PAGE_WRITE; | |
123 | } | |
124 | } | |
125 | return prot; | |
126 | } | |
127 | ||
7ef23068 | 128 | static target_ulong hash32_bat_601_size(PowerPCCPU *cpu, |
e1d49515 | 129 | target_ulong batu, target_ulong batl) |
98132796 | 130 | { |
6fc76aa9 DG |
131 | if (!(batl & BATL32_601_V)) { |
132 | return 0; | |
133 | } | |
134 | ||
135 | return BATU32_BEPI & ~((batl & BATL32_601_BL) << 17); | |
e1d49515 DG |
136 | } |
137 | ||
d423baf9 | 138 | static int hash32_bat_601_prot(int mmu_idx, |
e1d49515 DG |
139 | target_ulong batu, target_ulong batl) |
140 | { | |
141 | int key, pp; | |
142 | ||
143 | pp = batu & BATU32_601_PP; | |
d423baf9 | 144 | if (mmuidx_pr(mmu_idx) == 0) { |
e1d49515 DG |
145 | key = !!(batu & BATU32_601_KS); |
146 | } else { | |
147 | key = !!(batu & BATU32_601_KP); | |
148 | } | |
e01b4445 | 149 | return ppc_hash32_pp_prot(key, pp, 0); |
98132796 DG |
150 | } |
151 | ||
31fa64ec | 152 | static hwaddr ppc_hash32_bat_lookup(PowerPCCPU *cpu, target_ulong ea, |
d423baf9 BL |
153 | MMUAccessType access_type, int *prot, |
154 | int mmu_idx) | |
98132796 | 155 | { |
7ef23068 | 156 | CPUPPCState *env = &cpu->env; |
9986ed1e | 157 | target_ulong *BATlt, *BATut; |
31fa64ec | 158 | bool ifetch = access_type == MMU_INST_FETCH; |
145e52f3 | 159 | int i; |
98132796 DG |
160 | |
161 | LOG_BATS("%s: %cBAT v " TARGET_FMT_lx "\n", __func__, | |
31fa64ec RH |
162 | ifetch ? 'I' : 'D', ea); |
163 | if (ifetch) { | |
98132796 DG |
164 | BATlt = env->IBAT[1]; |
165 | BATut = env->IBAT[0]; | |
91cda45b | 166 | } else { |
98132796 DG |
167 | BATlt = env->DBAT[1]; |
168 | BATut = env->DBAT[0]; | |
98132796 DG |
169 | } |
170 | for (i = 0; i < env->nb_BATs; i++) { | |
9986ed1e DG |
171 | target_ulong batu = BATut[i]; |
172 | target_ulong batl = BATlt[i]; | |
6fc76aa9 | 173 | target_ulong mask; |
9986ed1e | 174 | |
98132796 | 175 | if (unlikely(env->mmu_model == POWERPC_MMU_601)) { |
7ef23068 | 176 | mask = hash32_bat_601_size(cpu, batu, batl); |
98132796 | 177 | } else { |
d423baf9 | 178 | mask = hash32_bat_size(mmu_idx, batu, batl); |
98132796 DG |
179 | } |
180 | LOG_BATS("%s: %cBAT%d v " TARGET_FMT_lx " BATu " TARGET_FMT_lx | |
181 | " BATl " TARGET_FMT_lx "\n", __func__, | |
31fa64ec | 182 | ifetch ? 'I' : 'D', i, ea, batu, batl); |
145e52f3 DG |
183 | |
184 | if (mask && ((ea & mask) == (batu & BATU32_BEPI))) { | |
185 | hwaddr raddr = (batl & mask) | (ea & ~mask); | |
186 | ||
187 | if (unlikely(env->mmu_model == POWERPC_MMU_601)) { | |
d423baf9 | 188 | *prot = hash32_bat_601_prot(mmu_idx, batu, batl); |
145e52f3 | 189 | } else { |
7ef23068 | 190 | *prot = hash32_bat_prot(cpu, batu, batl); |
98132796 | 191 | } |
145e52f3 DG |
192 | |
193 | return raddr & TARGET_PAGE_MASK; | |
98132796 DG |
194 | } |
195 | } | |
145e52f3 DG |
196 | |
197 | /* No hit */ | |
98132796 | 198 | #if defined(DEBUG_BATS) |
145e52f3 | 199 | if (qemu_log_enabled()) { |
ba1b5df0 FR |
200 | target_ulong *BATu, *BATl; |
201 | target_ulong BEPIl, BEPIu, bl; | |
202 | ||
145e52f3 DG |
203 | LOG_BATS("no BAT match for " TARGET_FMT_lx ":\n", ea); |
204 | for (i = 0; i < 4; i++) { | |
205 | BATu = &BATut[i]; | |
206 | BATl = &BATlt[i]; | |
207 | BEPIu = *BATu & BATU32_BEPIU; | |
208 | BEPIl = *BATu & BATU32_BEPIL; | |
209 | bl = (*BATu & 0x00001FFC) << 15; | |
210 | LOG_BATS("%s: %cBAT%d v " TARGET_FMT_lx " BATu " TARGET_FMT_lx | |
211 | " BATl " TARGET_FMT_lx "\n\t" TARGET_FMT_lx " " | |
212 | TARGET_FMT_lx " " TARGET_FMT_lx "\n", | |
31fa64ec | 213 | __func__, ifetch ? 'I' : 'D', i, ea, |
145e52f3 | 214 | *BATu, *BATl, BEPIu, BEPIl, bl); |
98132796 | 215 | } |
98132796 | 216 | } |
145e52f3 DG |
217 | #endif |
218 | ||
219 | return -1; | |
98132796 DG |
220 | } |
221 | ||
6c3c873c RH |
222 | static bool ppc_hash32_direct_store(PowerPCCPU *cpu, target_ulong sr, |
223 | target_ulong eaddr, | |
224 | MMUAccessType access_type, | |
d423baf9 | 225 | hwaddr *raddr, int *prot, int mmu_idx, |
6c3c873c | 226 | bool guest_visible) |
723ed73a | 227 | { |
7ef23068 DG |
228 | CPUState *cs = CPU(cpu); |
229 | CPUPPCState *env = &cpu->env; | |
d423baf9 | 230 | int key = !!(mmuidx_pr(mmu_idx) ? (sr & SR32_KP) : (sr & SR32_KS)); |
723ed73a | 231 | |
339aaf5b | 232 | qemu_log_mask(CPU_LOG_MMU, "direct store...\n"); |
723ed73a DG |
233 | |
234 | if ((sr & 0x1FF00000) >> 20 == 0x07f) { | |
596e3ca8 DG |
235 | /* |
236 | * Memory-forced I/O controller interface access | |
237 | * | |
238 | * If T=1 and BUID=x'07F', the 601 performs a memory access | |
723ed73a DG |
239 | * to SR[28-31] LA[4-31], bypassing all protection mechanisms. |
240 | */ | |
241 | *raddr = ((sr & 0xF) << 28) | (eaddr & 0x0FFFFFFF); | |
242 | *prot = PAGE_READ | PAGE_WRITE | PAGE_EXEC; | |
6c3c873c | 243 | return true; |
723ed73a DG |
244 | } |
245 | ||
31fa64ec | 246 | if (access_type == MMU_INST_FETCH) { |
723ed73a | 247 | /* No code fetch is allowed in direct-store areas */ |
6c3c873c RH |
248 | if (guest_visible) { |
249 | cs->exception_index = POWERPC_EXCP_ISI; | |
250 | env->error_code = 0x10000000; | |
251 | } | |
252 | return false; | |
723ed73a DG |
253 | } |
254 | ||
6c3c873c RH |
255 | /* |
256 | * From ppc_cpu_get_phys_page_debug, env->access_type is not set. | |
257 | * Assume ACCESS_INT for that case. | |
258 | */ | |
259 | switch (guest_visible ? env->access_type : ACCESS_INT) { | |
723ed73a DG |
260 | case ACCESS_INT: |
261 | /* Integer load/store : only access allowed */ | |
262 | break; | |
263 | case ACCESS_FLOAT: | |
264 | /* Floating point load/store */ | |
27103424 | 265 | cs->exception_index = POWERPC_EXCP_ALIGN; |
caa597bd DG |
266 | env->error_code = POWERPC_EXCP_ALIGN_FP; |
267 | env->spr[SPR_DAR] = eaddr; | |
6c3c873c | 268 | return false; |
723ed73a DG |
269 | case ACCESS_RES: |
270 | /* lwarx, ldarx or srwcx. */ | |
caa597bd DG |
271 | env->error_code = 0; |
272 | env->spr[SPR_DAR] = eaddr; | |
31fa64ec | 273 | if (access_type == MMU_DATA_STORE) { |
caa597bd DG |
274 | env->spr[SPR_DSISR] = 0x06000000; |
275 | } else { | |
276 | env->spr[SPR_DSISR] = 0x04000000; | |
277 | } | |
6c3c873c | 278 | return false; |
723ed73a | 279 | case ACCESS_CACHE: |
596e3ca8 DG |
280 | /* |
281 | * dcba, dcbt, dcbtst, dcbf, dcbi, dcbst, dcbz, or icbi | |
282 | * | |
283 | * Should make the instruction do no-op. As it already do | |
284 | * no-op, it's quite easy :-) | |
723ed73a DG |
285 | */ |
286 | *raddr = eaddr; | |
6c3c873c | 287 | return true; |
723ed73a DG |
288 | case ACCESS_EXT: |
289 | /* eciwx or ecowx */ | |
27103424 | 290 | cs->exception_index = POWERPC_EXCP_DSI; |
caa597bd DG |
291 | env->error_code = 0; |
292 | env->spr[SPR_DAR] = eaddr; | |
31fa64ec | 293 | if (access_type == MMU_DATA_STORE) { |
caa597bd DG |
294 | env->spr[SPR_DSISR] = 0x06100000; |
295 | } else { | |
296 | env->spr[SPR_DSISR] = 0x04100000; | |
297 | } | |
6c3c873c | 298 | return false; |
723ed73a | 299 | default: |
6c3c873c | 300 | cpu_abort(cs, "ERROR: insn should not need address translation\n"); |
723ed73a | 301 | } |
6c3c873c RH |
302 | |
303 | *prot = key ? PAGE_READ | PAGE_WRITE : PAGE_READ; | |
304 | if (*prot & prot_for_access_type(access_type)) { | |
723ed73a | 305 | *raddr = eaddr; |
6c3c873c RH |
306 | return true; |
307 | } | |
308 | ||
309 | if (guest_visible) { | |
27103424 | 310 | cs->exception_index = POWERPC_EXCP_DSI; |
caa597bd DG |
311 | env->error_code = 0; |
312 | env->spr[SPR_DAR] = eaddr; | |
31fa64ec | 313 | if (access_type == MMU_DATA_STORE) { |
caa597bd DG |
314 | env->spr[SPR_DSISR] = 0x0a000000; |
315 | } else { | |
316 | env->spr[SPR_DSISR] = 0x08000000; | |
317 | } | |
723ed73a | 318 | } |
6c3c873c | 319 | return false; |
723ed73a DG |
320 | } |
321 | ||
7ef23068 | 322 | hwaddr get_pteg_offset32(PowerPCCPU *cpu, hwaddr hash) |
59191721 | 323 | { |
36778660 | 324 | target_ulong mask = ppc_hash32_hpt_mask(cpu); |
7ef23068 | 325 | |
36778660 | 326 | return (hash * HASH_PTEG_SIZE_32) & mask; |
59191721 DG |
327 | } |
328 | ||
7ef23068 | 329 | static hwaddr ppc_hash32_pteg_search(PowerPCCPU *cpu, hwaddr pteg_off, |
aea390e4 DG |
330 | bool secondary, target_ulong ptem, |
331 | ppc_hash_pte32_t *pte) | |
332 | { | |
333 | hwaddr pte_offset = pteg_off; | |
334 | target_ulong pte0, pte1; | |
335 | int i; | |
336 | ||
337 | for (i = 0; i < HPTES_PER_GROUP; i++) { | |
7ef23068 | 338 | pte0 = ppc_hash32_load_hpte0(cpu, pte_offset); |
3054b0ca BH |
339 | /* |
340 | * pte0 contains the valid bit and must be read before pte1, | |
341 | * otherwise we might see an old pte1 with a new valid bit and | |
342 | * thus an inconsistent hpte value | |
343 | */ | |
344 | smp_rmb(); | |
7ef23068 | 345 | pte1 = ppc_hash32_load_hpte1(cpu, pte_offset); |
aea390e4 DG |
346 | |
347 | if ((pte0 & HPTE32_V_VALID) | |
348 | && (secondary == !!(pte0 & HPTE32_V_SECONDARY)) | |
349 | && HPTE32_V_COMPARE(pte0, ptem)) { | |
350 | pte->pte0 = pte0; | |
351 | pte->pte1 = pte1; | |
352 | return pte_offset; | |
353 | } | |
354 | ||
355 | pte_offset += HASH_PTE_SIZE_32; | |
356 | } | |
357 | ||
358 | return -1; | |
359 | } | |
360 | ||
6e8a65ab BH |
361 | static void ppc_hash32_set_r(PowerPCCPU *cpu, hwaddr pte_offset, uint32_t pte1) |
362 | { | |
363 | target_ulong base = ppc_hash32_hpt_base(cpu); | |
364 | hwaddr offset = pte_offset + 6; | |
365 | ||
366 | /* The HW performs a non-atomic byte update */ | |
367 | stb_phys(CPU(cpu)->as, base + offset, ((pte1 >> 8) & 0xff) | 0x01); | |
368 | } | |
369 | ||
370 | static void ppc_hash32_set_c(PowerPCCPU *cpu, hwaddr pte_offset, uint64_t pte1) | |
371 | { | |
372 | target_ulong base = ppc_hash32_hpt_base(cpu); | |
373 | hwaddr offset = pte_offset + 7; | |
374 | ||
375 | /* The HW performs a non-atomic byte update */ | |
376 | stb_phys(CPU(cpu)->as, base + offset, (pte1 & 0xff) | 0x80); | |
377 | } | |
378 | ||
7ef23068 | 379 | static hwaddr ppc_hash32_htab_lookup(PowerPCCPU *cpu, |
7f3bdc2d DG |
380 | target_ulong sr, target_ulong eaddr, |
381 | ppc_hash_pte32_t *pte) | |
c69b6151 | 382 | { |
aea390e4 | 383 | hwaddr pteg_off, pte_offset; |
a1ff751a DG |
384 | hwaddr hash; |
385 | uint32_t vsid, pgidx, ptem; | |
c69b6151 | 386 | |
a1ff751a | 387 | vsid = sr & SR32_VSID; |
a1ff751a DG |
388 | pgidx = (eaddr & ~SEGMENT_MASK_256M) >> TARGET_PAGE_BITS; |
389 | hash = vsid ^ pgidx; | |
390 | ptem = (vsid << 7) | (pgidx >> 10); | |
391 | ||
392 | /* Page address translation */ | |
339aaf5b AP |
393 | qemu_log_mask(CPU_LOG_MMU, "htab_base " TARGET_FMT_plx |
394 | " htab_mask " TARGET_FMT_plx | |
a1ff751a | 395 | " hash " TARGET_FMT_plx "\n", |
36778660 | 396 | ppc_hash32_hpt_base(cpu), ppc_hash32_hpt_mask(cpu), hash); |
a1ff751a DG |
397 | |
398 | /* Primary PTEG lookup */ | |
339aaf5b | 399 | qemu_log_mask(CPU_LOG_MMU, "0 htab=" TARGET_FMT_plx "/" TARGET_FMT_plx |
a1ff751a DG |
400 | " vsid=%" PRIx32 " ptem=%" PRIx32 |
401 | " hash=" TARGET_FMT_plx "\n", | |
36778660 DG |
402 | ppc_hash32_hpt_base(cpu), ppc_hash32_hpt_mask(cpu), |
403 | vsid, ptem, hash); | |
7ef23068 DG |
404 | pteg_off = get_pteg_offset32(cpu, hash); |
405 | pte_offset = ppc_hash32_pteg_search(cpu, pteg_off, 0, ptem, pte); | |
a1ff751a DG |
406 | if (pte_offset == -1) { |
407 | /* Secondary PTEG lookup */ | |
339aaf5b | 408 | qemu_log_mask(CPU_LOG_MMU, "1 htab=" TARGET_FMT_plx "/" TARGET_FMT_plx |
a1ff751a | 409 | " vsid=%" PRIx32 " api=%" PRIx32 |
36778660 DG |
410 | " hash=" TARGET_FMT_plx "\n", ppc_hash32_hpt_base(cpu), |
411 | ppc_hash32_hpt_mask(cpu), vsid, ptem, ~hash); | |
7ef23068 DG |
412 | pteg_off = get_pteg_offset32(cpu, ~hash); |
413 | pte_offset = ppc_hash32_pteg_search(cpu, pteg_off, 1, ptem, pte); | |
a1ff751a DG |
414 | } |
415 | ||
7f3bdc2d | 416 | return pte_offset; |
c69b6151 | 417 | } |
0480884f | 418 | |
6d11d998 DG |
419 | static hwaddr ppc_hash32_pte_raddr(target_ulong sr, ppc_hash_pte32_t pte, |
420 | target_ulong eaddr) | |
421 | { | |
75d5ec89 | 422 | hwaddr rpn = pte.pte1 & HPTE32_R_RPN; |
6d11d998 DG |
423 | hwaddr mask = ~TARGET_PAGE_MASK; |
424 | ||
425 | return (rpn & ~mask) | (eaddr & mask); | |
426 | } | |
427 | ||
51806b54 | 428 | bool ppc_hash32_xlate(PowerPCCPU *cpu, vaddr eaddr, MMUAccessType access_type, |
d423baf9 | 429 | hwaddr *raddrp, int *psizep, int *protp, int mmu_idx, |
51806b54 | 430 | bool guest_visible) |
0480884f | 431 | { |
d0e39c5d AF |
432 | CPUState *cs = CPU(cpu); |
433 | CPUPPCState *env = &cpu->env; | |
a1ff751a | 434 | target_ulong sr; |
7f3bdc2d DG |
435 | hwaddr pte_offset; |
436 | ppc_hash_pte32_t pte; | |
caa597bd | 437 | int prot; |
182357db | 438 | int need_prot; |
caa597bd | 439 | hwaddr raddr; |
0480884f | 440 | |
6c3c873c RH |
441 | /* There are no hash32 large pages. */ |
442 | *psizep = TARGET_PAGE_BITS; | |
6a980110 | 443 | |
65d61643 | 444 | /* 1. Handle real mode accesses */ |
d423baf9 | 445 | if (mmuidx_real(mmu_idx)) { |
65d61643 | 446 | /* Translation is off */ |
6c3c873c RH |
447 | *raddrp = eaddr; |
448 | *protp = PAGE_READ | PAGE_WRITE | PAGE_EXEC; | |
449 | return true; | |
65d61643 DG |
450 | } |
451 | ||
6c3c873c RH |
452 | need_prot = prot_for_access_type(access_type); |
453 | ||
65d61643 DG |
454 | /* 2. Check Block Address Translation entries (BATs) */ |
455 | if (env->nb_BATs != 0) { | |
d423baf9 | 456 | raddr = ppc_hash32_bat_lookup(cpu, eaddr, access_type, protp, mmu_idx); |
caa597bd | 457 | if (raddr != -1) { |
6c3c873c RH |
458 | if (need_prot & ~*protp) { |
459 | if (guest_visible) { | |
460 | if (access_type == MMU_INST_FETCH) { | |
461 | cs->exception_index = POWERPC_EXCP_ISI; | |
462 | env->error_code = 0x08000000; | |
caa597bd | 463 | } else { |
6c3c873c RH |
464 | cs->exception_index = POWERPC_EXCP_DSI; |
465 | env->error_code = 0; | |
466 | env->spr[SPR_DAR] = eaddr; | |
467 | if (access_type == MMU_DATA_STORE) { | |
468 | env->spr[SPR_DSISR] = 0x0a000000; | |
469 | } else { | |
470 | env->spr[SPR_DSISR] = 0x08000000; | |
471 | } | |
caa597bd DG |
472 | } |
473 | } | |
6c3c873c | 474 | return false; |
e01b4445 | 475 | } |
6c3c873c RH |
476 | *raddrp = raddr; |
477 | return true; | |
65d61643 DG |
478 | } |
479 | } | |
480 | ||
4b9605a5 | 481 | /* 3. Look up the Segment Register */ |
0480884f | 482 | sr = env->sr[eaddr >> 28]; |
4b9605a5 | 483 | |
4b9605a5 DG |
484 | /* 4. Handle direct store segments */ |
485 | if (sr & SR32_T) { | |
6c3c873c | 486 | return ppc_hash32_direct_store(cpu, sr, eaddr, access_type, |
d423baf9 | 487 | raddrp, protp, mmu_idx, guest_visible); |
4b9605a5 DG |
488 | } |
489 | ||
bb218042 | 490 | /* 5. Check for segment level no-execute violation */ |
31fa64ec | 491 | if (access_type == MMU_INST_FETCH && (sr & SR32_NX)) { |
6c3c873c RH |
492 | if (guest_visible) { |
493 | cs->exception_index = POWERPC_EXCP_ISI; | |
494 | env->error_code = 0x10000000; | |
495 | } | |
496 | return false; | |
bb218042 | 497 | } |
7f3bdc2d DG |
498 | |
499 | /* 6. Locate the PTE in the hash table */ | |
7ef23068 | 500 | pte_offset = ppc_hash32_htab_lookup(cpu, sr, eaddr, &pte); |
7f3bdc2d | 501 | if (pte_offset == -1) { |
6c3c873c RH |
502 | if (guest_visible) { |
503 | if (access_type == MMU_INST_FETCH) { | |
504 | cs->exception_index = POWERPC_EXCP_ISI; | |
505 | env->error_code = 0x40000000; | |
caa597bd | 506 | } else { |
6c3c873c RH |
507 | cs->exception_index = POWERPC_EXCP_DSI; |
508 | env->error_code = 0; | |
509 | env->spr[SPR_DAR] = eaddr; | |
510 | if (access_type == MMU_DATA_STORE) { | |
511 | env->spr[SPR_DSISR] = 0x42000000; | |
512 | } else { | |
513 | env->spr[SPR_DSISR] = 0x40000000; | |
514 | } | |
caa597bd DG |
515 | } |
516 | } | |
6c3c873c | 517 | return false; |
7f3bdc2d | 518 | } |
339aaf5b AP |
519 | qemu_log_mask(CPU_LOG_MMU, |
520 | "found PTE at offset %08" HWADDR_PRIx "\n", pte_offset); | |
7f3bdc2d DG |
521 | |
522 | /* 7. Check access permissions */ | |
6a980110 | 523 | |
d423baf9 | 524 | prot = ppc_hash32_pte_prot(mmu_idx, sr, pte); |
6a980110 | 525 | |
182357db | 526 | if (need_prot & ~prot) { |
6a980110 | 527 | /* Access right violation */ |
339aaf5b | 528 | qemu_log_mask(CPU_LOG_MMU, "PTE access rejected\n"); |
6c3c873c RH |
529 | if (guest_visible) { |
530 | if (access_type == MMU_INST_FETCH) { | |
531 | cs->exception_index = POWERPC_EXCP_ISI; | |
532 | env->error_code = 0x08000000; | |
caa597bd | 533 | } else { |
6c3c873c RH |
534 | cs->exception_index = POWERPC_EXCP_DSI; |
535 | env->error_code = 0; | |
536 | env->spr[SPR_DAR] = eaddr; | |
537 | if (access_type == MMU_DATA_STORE) { | |
538 | env->spr[SPR_DSISR] = 0x0a000000; | |
539 | } else { | |
540 | env->spr[SPR_DSISR] = 0x08000000; | |
541 | } | |
caa597bd DG |
542 | } |
543 | } | |
6c3c873c | 544 | return false; |
6a980110 DG |
545 | } |
546 | ||
339aaf5b | 547 | qemu_log_mask(CPU_LOG_MMU, "PTE access granted !\n"); |
87dc3fd1 DG |
548 | |
549 | /* 8. Update PTE referenced and changed bits if necessary */ | |
550 | ||
6e8a65ab BH |
551 | if (!(pte.pte1 & HPTE32_R_R)) { |
552 | ppc_hash32_set_r(cpu, pte_offset, pte.pte1); | |
7f3bdc2d | 553 | } |
6e8a65ab | 554 | if (!(pte.pte1 & HPTE32_R_C)) { |
31fa64ec | 555 | if (access_type == MMU_DATA_STORE) { |
6e8a65ab BH |
556 | ppc_hash32_set_c(cpu, pte_offset, pte.pte1); |
557 | } else { | |
558 | /* | |
559 | * Treat the page as read-only for now, so that a later write | |
560 | * will pass through this function again to set the C bit | |
561 | */ | |
562 | prot &= ~PAGE_WRITE; | |
563 | } | |
564 | } | |
0480884f | 565 | |
6d11d998 DG |
566 | /* 9. Determine the real address from the PTE */ |
567 | ||
6c3c873c RH |
568 | *raddrp = ppc_hash32_pte_raddr(sr, pte, eaddr); |
569 | *protp = prot; | |
570 | return true; | |
0480884f | 571 | } |