]>
Commit | Line | Data |
---|---|---|
9d7c3f4a DG |
1 | /* |
2 | * PowerPC MMU, TLB and BAT emulation helpers for QEMU. | |
3 | * | |
4 | * Copyright (c) 2003-2007 Jocelyn Mayer | |
5 | * Copyright (c) 2013 David Gibson, IBM Corporation | |
6 | * | |
7 | * This library is free software; you can redistribute it and/or | |
8 | * modify it under the terms of the GNU Lesser General Public | |
9 | * License as published by the Free Software Foundation; either | |
6bd039cd | 10 | * version 2.1 of the License, or (at your option) any later version. |
9d7c3f4a DG |
11 | * |
12 | * This library is distributed in the hope that it will be useful, | |
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
15 | * Lesser General Public License for more details. | |
16 | * | |
17 | * You should have received a copy of the GNU Lesser General Public | |
18 | * License along with this library; if not, see <http://www.gnu.org/licenses/>. | |
19 | */ | |
20 | ||
0d75590d | 21 | #include "qemu/osdep.h" |
9d7c3f4a | 22 | #include "cpu.h" |
63c91552 | 23 | #include "exec/exec-all.h" |
9d7c3f4a DG |
24 | #include "sysemu/kvm.h" |
25 | #include "kvm_ppc.h" | |
182357db | 26 | #include "internal.h" |
9d7c3f4a | 27 | #include "mmu-hash32.h" |
d423baf9 | 28 | #include "mmu-books.h" |
508127e2 | 29 | #include "exec/log.h" |
9d7c3f4a | 30 | |
ba1b5df0 | 31 | /* #define DEBUG_BATS */ |
9d7c3f4a | 32 | |
98132796 | 33 | #ifdef DEBUG_BATS |
48880da6 | 34 | # define LOG_BATS(...) qemu_log_mask(CPU_LOG_MMU, __VA_ARGS__) |
98132796 DG |
35 | #else |
36 | # define LOG_BATS(...) do { } while (0) | |
37 | #endif | |
38 | ||
5dc68eb0 DG |
39 | struct mmu_ctx_hash32 { |
40 | hwaddr raddr; /* Real address */ | |
5dc68eb0 | 41 | int prot; /* Protection bits */ |
5dc68eb0 | 42 | int key; /* Access key */ |
5dc68eb0 DG |
43 | }; |
44 | ||
e01b4445 | 45 | static int ppc_hash32_pp_prot(int key, int pp, int nx) |
496272a7 | 46 | { |
e01b4445 | 47 | int prot; |
496272a7 | 48 | |
496272a7 DG |
49 | if (key == 0) { |
50 | switch (pp) { | |
51 | case 0x0: | |
52 | case 0x1: | |
53 | case 0x2: | |
e01b4445 DG |
54 | prot = PAGE_READ | PAGE_WRITE; |
55 | break; | |
56 | ||
496272a7 | 57 | case 0x3: |
e01b4445 | 58 | prot = PAGE_READ; |
496272a7 | 59 | break; |
e01b4445 DG |
60 | |
61 | default: | |
62 | abort(); | |
496272a7 DG |
63 | } |
64 | } else { | |
65 | switch (pp) { | |
66 | case 0x0: | |
e01b4445 | 67 | prot = 0; |
496272a7 | 68 | break; |
e01b4445 | 69 | |
496272a7 DG |
70 | case 0x1: |
71 | case 0x3: | |
e01b4445 | 72 | prot = PAGE_READ; |
496272a7 | 73 | break; |
e01b4445 | 74 | |
496272a7 | 75 | case 0x2: |
e01b4445 | 76 | prot = PAGE_READ | PAGE_WRITE; |
496272a7 | 77 | break; |
e01b4445 DG |
78 | |
79 | default: | |
80 | abort(); | |
496272a7 DG |
81 | } |
82 | } | |
83 | if (nx == 0) { | |
e01b4445 | 84 | prot |= PAGE_EXEC; |
496272a7 DG |
85 | } |
86 | ||
e01b4445 | 87 | return prot; |
496272a7 DG |
88 | } |
89 | ||
d423baf9 | 90 | static int ppc_hash32_pte_prot(int mmu_idx, |
e01b4445 | 91 | target_ulong sr, ppc_hash_pte32_t pte) |
496272a7 | 92 | { |
e01b4445 | 93 | unsigned pp, key; |
496272a7 | 94 | |
d423baf9 | 95 | key = !!(mmuidx_pr(mmu_idx) ? (sr & SR32_KP) : (sr & SR32_KS)); |
e01b4445 | 96 | pp = pte.pte1 & HPTE32_R_PP; |
496272a7 | 97 | |
e01b4445 | 98 | return ppc_hash32_pp_prot(key, pp, !!(sr & SR32_NX)); |
496272a7 DG |
99 | } |
100 | ||
d423baf9 | 101 | static target_ulong hash32_bat_size(int mmu_idx, |
6fc76aa9 | 102 | target_ulong batu, target_ulong batl) |
98132796 | 103 | { |
d423baf9 BL |
104 | if ((mmuidx_pr(mmu_idx) && !(batu & BATU32_VP)) |
105 | || (!mmuidx_pr(mmu_idx) && !(batu & BATU32_VS))) { | |
6fc76aa9 | 106 | return 0; |
98132796 | 107 | } |
6fc76aa9 DG |
108 | |
109 | return BATU32_BEPI & ~((batu & BATU32_BL) << 15); | |
98132796 DG |
110 | } |
111 | ||
7ef23068 | 112 | static int hash32_bat_prot(PowerPCCPU *cpu, |
e1d49515 DG |
113 | target_ulong batu, target_ulong batl) |
114 | { | |
115 | int pp, prot; | |
116 | ||
117 | prot = 0; | |
118 | pp = batl & BATL32_PP; | |
119 | if (pp != 0) { | |
120 | prot = PAGE_READ | PAGE_EXEC; | |
121 | if (pp == 0x2) { | |
122 | prot |= PAGE_WRITE; | |
123 | } | |
124 | } | |
125 | return prot; | |
126 | } | |
127 | ||
31fa64ec | 128 | static hwaddr ppc_hash32_bat_lookup(PowerPCCPU *cpu, target_ulong ea, |
d423baf9 BL |
129 | MMUAccessType access_type, int *prot, |
130 | int mmu_idx) | |
98132796 | 131 | { |
7ef23068 | 132 | CPUPPCState *env = &cpu->env; |
9986ed1e | 133 | target_ulong *BATlt, *BATut; |
31fa64ec | 134 | bool ifetch = access_type == MMU_INST_FETCH; |
145e52f3 | 135 | int i; |
98132796 DG |
136 | |
137 | LOG_BATS("%s: %cBAT v " TARGET_FMT_lx "\n", __func__, | |
31fa64ec RH |
138 | ifetch ? 'I' : 'D', ea); |
139 | if (ifetch) { | |
98132796 DG |
140 | BATlt = env->IBAT[1]; |
141 | BATut = env->IBAT[0]; | |
91cda45b | 142 | } else { |
98132796 DG |
143 | BATlt = env->DBAT[1]; |
144 | BATut = env->DBAT[0]; | |
98132796 DG |
145 | } |
146 | for (i = 0; i < env->nb_BATs; i++) { | |
9986ed1e DG |
147 | target_ulong batu = BATut[i]; |
148 | target_ulong batl = BATlt[i]; | |
6fc76aa9 | 149 | target_ulong mask; |
9986ed1e | 150 | |
005b69fd | 151 | mask = hash32_bat_size(mmu_idx, batu, batl); |
98132796 DG |
152 | LOG_BATS("%s: %cBAT%d v " TARGET_FMT_lx " BATu " TARGET_FMT_lx |
153 | " BATl " TARGET_FMT_lx "\n", __func__, | |
31fa64ec | 154 | ifetch ? 'I' : 'D', i, ea, batu, batl); |
145e52f3 DG |
155 | |
156 | if (mask && ((ea & mask) == (batu & BATU32_BEPI))) { | |
157 | hwaddr raddr = (batl & mask) | (ea & ~mask); | |
158 | ||
005b69fd | 159 | *prot = hash32_bat_prot(cpu, batu, batl); |
145e52f3 DG |
160 | |
161 | return raddr & TARGET_PAGE_MASK; | |
98132796 DG |
162 | } |
163 | } | |
145e52f3 DG |
164 | |
165 | /* No hit */ | |
98132796 | 166 | #if defined(DEBUG_BATS) |
145e52f3 | 167 | if (qemu_log_enabled()) { |
ba1b5df0 FR |
168 | target_ulong *BATu, *BATl; |
169 | target_ulong BEPIl, BEPIu, bl; | |
170 | ||
145e52f3 DG |
171 | LOG_BATS("no BAT match for " TARGET_FMT_lx ":\n", ea); |
172 | for (i = 0; i < 4; i++) { | |
173 | BATu = &BATut[i]; | |
174 | BATl = &BATlt[i]; | |
175 | BEPIu = *BATu & BATU32_BEPIU; | |
176 | BEPIl = *BATu & BATU32_BEPIL; | |
177 | bl = (*BATu & 0x00001FFC) << 15; | |
178 | LOG_BATS("%s: %cBAT%d v " TARGET_FMT_lx " BATu " TARGET_FMT_lx | |
179 | " BATl " TARGET_FMT_lx "\n\t" TARGET_FMT_lx " " | |
180 | TARGET_FMT_lx " " TARGET_FMT_lx "\n", | |
31fa64ec | 181 | __func__, ifetch ? 'I' : 'D', i, ea, |
145e52f3 | 182 | *BATu, *BATl, BEPIu, BEPIl, bl); |
98132796 | 183 | } |
98132796 | 184 | } |
145e52f3 DG |
185 | #endif |
186 | ||
187 | return -1; | |
98132796 DG |
188 | } |
189 | ||
6c3c873c RH |
190 | static bool ppc_hash32_direct_store(PowerPCCPU *cpu, target_ulong sr, |
191 | target_ulong eaddr, | |
192 | MMUAccessType access_type, | |
d423baf9 | 193 | hwaddr *raddr, int *prot, int mmu_idx, |
6c3c873c | 194 | bool guest_visible) |
723ed73a | 195 | { |
7ef23068 DG |
196 | CPUState *cs = CPU(cpu); |
197 | CPUPPCState *env = &cpu->env; | |
d423baf9 | 198 | int key = !!(mmuidx_pr(mmu_idx) ? (sr & SR32_KP) : (sr & SR32_KS)); |
723ed73a | 199 | |
339aaf5b | 200 | qemu_log_mask(CPU_LOG_MMU, "direct store...\n"); |
723ed73a | 201 | |
31fa64ec | 202 | if (access_type == MMU_INST_FETCH) { |
723ed73a | 203 | /* No code fetch is allowed in direct-store areas */ |
6c3c873c RH |
204 | if (guest_visible) { |
205 | cs->exception_index = POWERPC_EXCP_ISI; | |
206 | env->error_code = 0x10000000; | |
207 | } | |
208 | return false; | |
723ed73a DG |
209 | } |
210 | ||
6c3c873c RH |
211 | /* |
212 | * From ppc_cpu_get_phys_page_debug, env->access_type is not set. | |
213 | * Assume ACCESS_INT for that case. | |
214 | */ | |
215 | switch (guest_visible ? env->access_type : ACCESS_INT) { | |
723ed73a DG |
216 | case ACCESS_INT: |
217 | /* Integer load/store : only access allowed */ | |
218 | break; | |
219 | case ACCESS_FLOAT: | |
220 | /* Floating point load/store */ | |
27103424 | 221 | cs->exception_index = POWERPC_EXCP_ALIGN; |
caa597bd DG |
222 | env->error_code = POWERPC_EXCP_ALIGN_FP; |
223 | env->spr[SPR_DAR] = eaddr; | |
6c3c873c | 224 | return false; |
723ed73a DG |
225 | case ACCESS_RES: |
226 | /* lwarx, ldarx or srwcx. */ | |
caa597bd DG |
227 | env->error_code = 0; |
228 | env->spr[SPR_DAR] = eaddr; | |
31fa64ec | 229 | if (access_type == MMU_DATA_STORE) { |
caa597bd DG |
230 | env->spr[SPR_DSISR] = 0x06000000; |
231 | } else { | |
232 | env->spr[SPR_DSISR] = 0x04000000; | |
233 | } | |
6c3c873c | 234 | return false; |
723ed73a | 235 | case ACCESS_CACHE: |
596e3ca8 DG |
236 | /* |
237 | * dcba, dcbt, dcbtst, dcbf, dcbi, dcbst, dcbz, or icbi | |
238 | * | |
239 | * Should make the instruction do no-op. As it already do | |
240 | * no-op, it's quite easy :-) | |
723ed73a DG |
241 | */ |
242 | *raddr = eaddr; | |
6c3c873c | 243 | return true; |
723ed73a DG |
244 | case ACCESS_EXT: |
245 | /* eciwx or ecowx */ | |
27103424 | 246 | cs->exception_index = POWERPC_EXCP_DSI; |
caa597bd DG |
247 | env->error_code = 0; |
248 | env->spr[SPR_DAR] = eaddr; | |
31fa64ec | 249 | if (access_type == MMU_DATA_STORE) { |
caa597bd DG |
250 | env->spr[SPR_DSISR] = 0x06100000; |
251 | } else { | |
252 | env->spr[SPR_DSISR] = 0x04100000; | |
253 | } | |
6c3c873c | 254 | return false; |
723ed73a | 255 | default: |
6c3c873c | 256 | cpu_abort(cs, "ERROR: insn should not need address translation\n"); |
723ed73a | 257 | } |
6c3c873c RH |
258 | |
259 | *prot = key ? PAGE_READ | PAGE_WRITE : PAGE_READ; | |
260 | if (*prot & prot_for_access_type(access_type)) { | |
723ed73a | 261 | *raddr = eaddr; |
6c3c873c RH |
262 | return true; |
263 | } | |
264 | ||
265 | if (guest_visible) { | |
27103424 | 266 | cs->exception_index = POWERPC_EXCP_DSI; |
caa597bd DG |
267 | env->error_code = 0; |
268 | env->spr[SPR_DAR] = eaddr; | |
31fa64ec | 269 | if (access_type == MMU_DATA_STORE) { |
caa597bd DG |
270 | env->spr[SPR_DSISR] = 0x0a000000; |
271 | } else { | |
272 | env->spr[SPR_DSISR] = 0x08000000; | |
273 | } | |
723ed73a | 274 | } |
6c3c873c | 275 | return false; |
723ed73a DG |
276 | } |
277 | ||
7ef23068 | 278 | hwaddr get_pteg_offset32(PowerPCCPU *cpu, hwaddr hash) |
59191721 | 279 | { |
36778660 | 280 | target_ulong mask = ppc_hash32_hpt_mask(cpu); |
7ef23068 | 281 | |
36778660 | 282 | return (hash * HASH_PTEG_SIZE_32) & mask; |
59191721 DG |
283 | } |
284 | ||
7ef23068 | 285 | static hwaddr ppc_hash32_pteg_search(PowerPCCPU *cpu, hwaddr pteg_off, |
aea390e4 DG |
286 | bool secondary, target_ulong ptem, |
287 | ppc_hash_pte32_t *pte) | |
288 | { | |
289 | hwaddr pte_offset = pteg_off; | |
290 | target_ulong pte0, pte1; | |
291 | int i; | |
292 | ||
293 | for (i = 0; i < HPTES_PER_GROUP; i++) { | |
7ef23068 | 294 | pte0 = ppc_hash32_load_hpte0(cpu, pte_offset); |
3054b0ca BH |
295 | /* |
296 | * pte0 contains the valid bit and must be read before pte1, | |
297 | * otherwise we might see an old pte1 with a new valid bit and | |
298 | * thus an inconsistent hpte value | |
299 | */ | |
300 | smp_rmb(); | |
7ef23068 | 301 | pte1 = ppc_hash32_load_hpte1(cpu, pte_offset); |
aea390e4 DG |
302 | |
303 | if ((pte0 & HPTE32_V_VALID) | |
304 | && (secondary == !!(pte0 & HPTE32_V_SECONDARY)) | |
305 | && HPTE32_V_COMPARE(pte0, ptem)) { | |
306 | pte->pte0 = pte0; | |
307 | pte->pte1 = pte1; | |
308 | return pte_offset; | |
309 | } | |
310 | ||
311 | pte_offset += HASH_PTE_SIZE_32; | |
312 | } | |
313 | ||
314 | return -1; | |
315 | } | |
316 | ||
6e8a65ab BH |
317 | static void ppc_hash32_set_r(PowerPCCPU *cpu, hwaddr pte_offset, uint32_t pte1) |
318 | { | |
319 | target_ulong base = ppc_hash32_hpt_base(cpu); | |
320 | hwaddr offset = pte_offset + 6; | |
321 | ||
322 | /* The HW performs a non-atomic byte update */ | |
323 | stb_phys(CPU(cpu)->as, base + offset, ((pte1 >> 8) & 0xff) | 0x01); | |
324 | } | |
325 | ||
326 | static void ppc_hash32_set_c(PowerPCCPU *cpu, hwaddr pte_offset, uint64_t pte1) | |
327 | { | |
328 | target_ulong base = ppc_hash32_hpt_base(cpu); | |
329 | hwaddr offset = pte_offset + 7; | |
330 | ||
331 | /* The HW performs a non-atomic byte update */ | |
332 | stb_phys(CPU(cpu)->as, base + offset, (pte1 & 0xff) | 0x80); | |
333 | } | |
334 | ||
7ef23068 | 335 | static hwaddr ppc_hash32_htab_lookup(PowerPCCPU *cpu, |
7f3bdc2d DG |
336 | target_ulong sr, target_ulong eaddr, |
337 | ppc_hash_pte32_t *pte) | |
c69b6151 | 338 | { |
aea390e4 | 339 | hwaddr pteg_off, pte_offset; |
a1ff751a DG |
340 | hwaddr hash; |
341 | uint32_t vsid, pgidx, ptem; | |
c69b6151 | 342 | |
a1ff751a | 343 | vsid = sr & SR32_VSID; |
a1ff751a DG |
344 | pgidx = (eaddr & ~SEGMENT_MASK_256M) >> TARGET_PAGE_BITS; |
345 | hash = vsid ^ pgidx; | |
346 | ptem = (vsid << 7) | (pgidx >> 10); | |
347 | ||
348 | /* Page address translation */ | |
883f2c59 PMD |
349 | qemu_log_mask(CPU_LOG_MMU, "htab_base " HWADDR_FMT_plx |
350 | " htab_mask " HWADDR_FMT_plx | |
351 | " hash " HWADDR_FMT_plx "\n", | |
36778660 | 352 | ppc_hash32_hpt_base(cpu), ppc_hash32_hpt_mask(cpu), hash); |
a1ff751a DG |
353 | |
354 | /* Primary PTEG lookup */ | |
883f2c59 | 355 | qemu_log_mask(CPU_LOG_MMU, "0 htab=" HWADDR_FMT_plx "/" HWADDR_FMT_plx |
a1ff751a | 356 | " vsid=%" PRIx32 " ptem=%" PRIx32 |
883f2c59 | 357 | " hash=" HWADDR_FMT_plx "\n", |
36778660 DG |
358 | ppc_hash32_hpt_base(cpu), ppc_hash32_hpt_mask(cpu), |
359 | vsid, ptem, hash); | |
7ef23068 DG |
360 | pteg_off = get_pteg_offset32(cpu, hash); |
361 | pte_offset = ppc_hash32_pteg_search(cpu, pteg_off, 0, ptem, pte); | |
a1ff751a DG |
362 | if (pte_offset == -1) { |
363 | /* Secondary PTEG lookup */ | |
883f2c59 | 364 | qemu_log_mask(CPU_LOG_MMU, "1 htab=" HWADDR_FMT_plx "/" HWADDR_FMT_plx |
a1ff751a | 365 | " vsid=%" PRIx32 " api=%" PRIx32 |
883f2c59 | 366 | " hash=" HWADDR_FMT_plx "\n", ppc_hash32_hpt_base(cpu), |
36778660 | 367 | ppc_hash32_hpt_mask(cpu), vsid, ptem, ~hash); |
7ef23068 DG |
368 | pteg_off = get_pteg_offset32(cpu, ~hash); |
369 | pte_offset = ppc_hash32_pteg_search(cpu, pteg_off, 1, ptem, pte); | |
a1ff751a DG |
370 | } |
371 | ||
7f3bdc2d | 372 | return pte_offset; |
c69b6151 | 373 | } |
0480884f | 374 | |
6d11d998 DG |
375 | static hwaddr ppc_hash32_pte_raddr(target_ulong sr, ppc_hash_pte32_t pte, |
376 | target_ulong eaddr) | |
377 | { | |
75d5ec89 | 378 | hwaddr rpn = pte.pte1 & HPTE32_R_RPN; |
6d11d998 DG |
379 | hwaddr mask = ~TARGET_PAGE_MASK; |
380 | ||
381 | return (rpn & ~mask) | (eaddr & mask); | |
382 | } | |
383 | ||
51806b54 | 384 | bool ppc_hash32_xlate(PowerPCCPU *cpu, vaddr eaddr, MMUAccessType access_type, |
d423baf9 | 385 | hwaddr *raddrp, int *psizep, int *protp, int mmu_idx, |
51806b54 | 386 | bool guest_visible) |
0480884f | 387 | { |
d0e39c5d AF |
388 | CPUState *cs = CPU(cpu); |
389 | CPUPPCState *env = &cpu->env; | |
a1ff751a | 390 | target_ulong sr; |
7f3bdc2d DG |
391 | hwaddr pte_offset; |
392 | ppc_hash_pte32_t pte; | |
caa597bd | 393 | int prot; |
182357db | 394 | int need_prot; |
caa597bd | 395 | hwaddr raddr; |
0480884f | 396 | |
6c3c873c RH |
397 | /* There are no hash32 large pages. */ |
398 | *psizep = TARGET_PAGE_BITS; | |
6a980110 | 399 | |
65d61643 | 400 | /* 1. Handle real mode accesses */ |
d423baf9 | 401 | if (mmuidx_real(mmu_idx)) { |
65d61643 | 402 | /* Translation is off */ |
6c3c873c RH |
403 | *raddrp = eaddr; |
404 | *protp = PAGE_READ | PAGE_WRITE | PAGE_EXEC; | |
405 | return true; | |
65d61643 DG |
406 | } |
407 | ||
6c3c873c RH |
408 | need_prot = prot_for_access_type(access_type); |
409 | ||
65d61643 DG |
410 | /* 2. Check Block Address Translation entries (BATs) */ |
411 | if (env->nb_BATs != 0) { | |
d423baf9 | 412 | raddr = ppc_hash32_bat_lookup(cpu, eaddr, access_type, protp, mmu_idx); |
caa597bd | 413 | if (raddr != -1) { |
6c3c873c RH |
414 | if (need_prot & ~*protp) { |
415 | if (guest_visible) { | |
416 | if (access_type == MMU_INST_FETCH) { | |
417 | cs->exception_index = POWERPC_EXCP_ISI; | |
418 | env->error_code = 0x08000000; | |
caa597bd | 419 | } else { |
6c3c873c RH |
420 | cs->exception_index = POWERPC_EXCP_DSI; |
421 | env->error_code = 0; | |
422 | env->spr[SPR_DAR] = eaddr; | |
423 | if (access_type == MMU_DATA_STORE) { | |
424 | env->spr[SPR_DSISR] = 0x0a000000; | |
425 | } else { | |
426 | env->spr[SPR_DSISR] = 0x08000000; | |
427 | } | |
caa597bd DG |
428 | } |
429 | } | |
6c3c873c | 430 | return false; |
e01b4445 | 431 | } |
6c3c873c RH |
432 | *raddrp = raddr; |
433 | return true; | |
65d61643 DG |
434 | } |
435 | } | |
436 | ||
4b9605a5 | 437 | /* 3. Look up the Segment Register */ |
0480884f | 438 | sr = env->sr[eaddr >> 28]; |
4b9605a5 | 439 | |
4b9605a5 DG |
440 | /* 4. Handle direct store segments */ |
441 | if (sr & SR32_T) { | |
6c3c873c | 442 | return ppc_hash32_direct_store(cpu, sr, eaddr, access_type, |
d423baf9 | 443 | raddrp, protp, mmu_idx, guest_visible); |
4b9605a5 DG |
444 | } |
445 | ||
bb218042 | 446 | /* 5. Check for segment level no-execute violation */ |
31fa64ec | 447 | if (access_type == MMU_INST_FETCH && (sr & SR32_NX)) { |
6c3c873c RH |
448 | if (guest_visible) { |
449 | cs->exception_index = POWERPC_EXCP_ISI; | |
450 | env->error_code = 0x10000000; | |
451 | } | |
452 | return false; | |
bb218042 | 453 | } |
7f3bdc2d DG |
454 | |
455 | /* 6. Locate the PTE in the hash table */ | |
7ef23068 | 456 | pte_offset = ppc_hash32_htab_lookup(cpu, sr, eaddr, &pte); |
7f3bdc2d | 457 | if (pte_offset == -1) { |
6c3c873c RH |
458 | if (guest_visible) { |
459 | if (access_type == MMU_INST_FETCH) { | |
460 | cs->exception_index = POWERPC_EXCP_ISI; | |
461 | env->error_code = 0x40000000; | |
caa597bd | 462 | } else { |
6c3c873c RH |
463 | cs->exception_index = POWERPC_EXCP_DSI; |
464 | env->error_code = 0; | |
465 | env->spr[SPR_DAR] = eaddr; | |
466 | if (access_type == MMU_DATA_STORE) { | |
467 | env->spr[SPR_DSISR] = 0x42000000; | |
468 | } else { | |
469 | env->spr[SPR_DSISR] = 0x40000000; | |
470 | } | |
caa597bd DG |
471 | } |
472 | } | |
6c3c873c | 473 | return false; |
7f3bdc2d | 474 | } |
339aaf5b AP |
475 | qemu_log_mask(CPU_LOG_MMU, |
476 | "found PTE at offset %08" HWADDR_PRIx "\n", pte_offset); | |
7f3bdc2d DG |
477 | |
478 | /* 7. Check access permissions */ | |
6a980110 | 479 | |
d423baf9 | 480 | prot = ppc_hash32_pte_prot(mmu_idx, sr, pte); |
6a980110 | 481 | |
182357db | 482 | if (need_prot & ~prot) { |
6a980110 | 483 | /* Access right violation */ |
339aaf5b | 484 | qemu_log_mask(CPU_LOG_MMU, "PTE access rejected\n"); |
6c3c873c RH |
485 | if (guest_visible) { |
486 | if (access_type == MMU_INST_FETCH) { | |
487 | cs->exception_index = POWERPC_EXCP_ISI; | |
488 | env->error_code = 0x08000000; | |
caa597bd | 489 | } else { |
6c3c873c RH |
490 | cs->exception_index = POWERPC_EXCP_DSI; |
491 | env->error_code = 0; | |
492 | env->spr[SPR_DAR] = eaddr; | |
493 | if (access_type == MMU_DATA_STORE) { | |
494 | env->spr[SPR_DSISR] = 0x0a000000; | |
495 | } else { | |
496 | env->spr[SPR_DSISR] = 0x08000000; | |
497 | } | |
caa597bd DG |
498 | } |
499 | } | |
6c3c873c | 500 | return false; |
6a980110 DG |
501 | } |
502 | ||
339aaf5b | 503 | qemu_log_mask(CPU_LOG_MMU, "PTE access granted !\n"); |
87dc3fd1 DG |
504 | |
505 | /* 8. Update PTE referenced and changed bits if necessary */ | |
506 | ||
6e8a65ab BH |
507 | if (!(pte.pte1 & HPTE32_R_R)) { |
508 | ppc_hash32_set_r(cpu, pte_offset, pte.pte1); | |
7f3bdc2d | 509 | } |
6e8a65ab | 510 | if (!(pte.pte1 & HPTE32_R_C)) { |
31fa64ec | 511 | if (access_type == MMU_DATA_STORE) { |
6e8a65ab BH |
512 | ppc_hash32_set_c(cpu, pte_offset, pte.pte1); |
513 | } else { | |
514 | /* | |
515 | * Treat the page as read-only for now, so that a later write | |
516 | * will pass through this function again to set the C bit | |
517 | */ | |
518 | prot &= ~PAGE_WRITE; | |
519 | } | |
520 | } | |
0480884f | 521 | |
6d11d998 DG |
522 | /* 9. Determine the real address from the PTE */ |
523 | ||
6c3c873c RH |
524 | *raddrp = ppc_hash32_pte_raddr(sr, pte, eaddr); |
525 | *protp = prot; | |
526 | return true; | |
0480884f | 527 | } |