]>
Commit | Line | Data |
---|---|---|
79aceca5 FB |
1 | /* |
2 | * PPC emulation helpers for qemu. | |
3 | * | |
4 | * Copyright (c) 2003 Jocelyn Mayer | |
5 | * | |
6 | * This library is free software; you can redistribute it and/or | |
7 | * modify it under the terms of the GNU Lesser General Public | |
8 | * License as published by the Free Software Foundation; either | |
9 | * version 2 of the License, or (at your option) any later version. | |
10 | * | |
11 | * This library is distributed in the hope that it will be useful, | |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
14 | * Lesser General Public License for more details. | |
15 | * | |
16 | * You should have received a copy of the GNU Lesser General Public | |
17 | * License along with this library; if not, write to the Free Software | |
18 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA | |
19 | */ | |
20 | #include "exec.h" | |
9a64fbe4 FB |
21 | |
22 | //#define DEBUG_MMU | |
23 | //#define DEBUG_BATS | |
24 | //#define DEBUG_EXCEPTIONS | |
25 | ||
9a64fbe4 FB |
26 | /*****************************************************************************/ |
27 | /* PPC MMU emulation */ | |
a541f297 | 28 | |
9a64fbe4 FB |
29 | /* Perform BAT hit & translation */ |
30 | static int get_bat (CPUState *env, uint32_t *real, int *prot, | |
31 | uint32_t virtual, int rw, int type) | |
32 | { | |
33 | uint32_t *BATlt, *BATut, *BATu, *BATl; | |
34 | uint32_t base, BEPIl, BEPIu, bl; | |
35 | int i; | |
36 | int ret = -1; | |
37 | ||
38 | #if defined (DEBUG_BATS) | |
39 | if (loglevel > 0) { | |
40 | fprintf(logfile, "%s: %cBAT v 0x%08x\n", __func__, | |
41 | type == ACCESS_CODE ? 'I' : 'D', virtual); | |
42 | } | |
9a64fbe4 FB |
43 | #endif |
44 | switch (type) { | |
45 | case ACCESS_CODE: | |
46 | BATlt = env->IBAT[1]; | |
47 | BATut = env->IBAT[0]; | |
48 | break; | |
49 | default: | |
50 | BATlt = env->DBAT[1]; | |
51 | BATut = env->DBAT[0]; | |
52 | break; | |
53 | } | |
54 | #if defined (DEBUG_BATS) | |
55 | if (loglevel > 0) { | |
56 | fprintf(logfile, "%s...: %cBAT v 0x%08x\n", __func__, | |
57 | type == ACCESS_CODE ? 'I' : 'D', virtual); | |
58 | } | |
9a64fbe4 FB |
59 | #endif |
60 | base = virtual & 0xFFFC0000; | |
61 | for (i = 0; i < 4; i++) { | |
62 | BATu = &BATut[i]; | |
63 | BATl = &BATlt[i]; | |
64 | BEPIu = *BATu & 0xF0000000; | |
65 | BEPIl = *BATu & 0x0FFE0000; | |
66 | bl = (*BATu & 0x00001FFC) << 15; | |
67 | #if defined (DEBUG_BATS) | |
68 | if (loglevel > 0) { | |
69 | fprintf(logfile, "%s: %cBAT%d v 0x%08x BATu 0x%08x BATl 0x%08x\n", | |
70 | __func__, type == ACCESS_CODE ? 'I' : 'D', i, virtual, | |
71 | *BATu, *BATl); | |
9a64fbe4 FB |
72 | } |
73 | #endif | |
74 | if ((virtual & 0xF0000000) == BEPIu && | |
75 | ((virtual & 0x0FFE0000) & ~bl) == BEPIl) { | |
76 | /* BAT matches */ | |
77 | if ((msr_pr == 0 && (*BATu & 0x00000002)) || | |
78 | (msr_pr == 1 && (*BATu & 0x00000001))) { | |
79 | /* Get physical address */ | |
80 | *real = (*BATl & 0xF0000000) | | |
81 | ((virtual & 0x0FFE0000 & bl) | (*BATl & 0x0FFE0000)) | | |
a541f297 | 82 | (virtual & 0x0001F000); |
9a64fbe4 | 83 | if (*BATl & 0x00000001) |
5f21aef2 | 84 | *prot = PAGE_READ; |
9a64fbe4 | 85 | if (*BATl & 0x00000002) |
5f21aef2 | 86 | *prot = PAGE_WRITE | PAGE_READ; |
9a64fbe4 FB |
87 | #if defined (DEBUG_BATS) |
88 | if (loglevel > 0) { | |
89 | fprintf(logfile, "BAT %d match: r 0x%08x prot=%c%c\n", | |
5f21aef2 FB |
90 | i, *real, *prot & PAGE_READ ? 'R' : '-', |
91 | *prot & PAGE_WRITE ? 'W' : '-'); | |
9a64fbe4 FB |
92 | } |
93 | #endif | |
94 | ret = 0; | |
95 | break; | |
96 | } | |
97 | } | |
98 | } | |
99 | if (ret < 0) { | |
100 | #if defined (DEBUG_BATS) | |
101 | printf("no BAT match for 0x%08x:\n", virtual); | |
102 | for (i = 0; i < 4; i++) { | |
103 | BATu = &BATut[i]; | |
104 | BATl = &BATlt[i]; | |
105 | BEPIu = *BATu & 0xF0000000; | |
106 | BEPIl = *BATu & 0x0FFE0000; | |
107 | bl = (*BATu & 0x00001FFC) << 15; | |
108 | printf("%s: %cBAT%d v 0x%08x BATu 0x%08x BATl 0x%08x \n\t" | |
109 | "0x%08x 0x%08x 0x%08x\n", | |
110 | __func__, type == ACCESS_CODE ? 'I' : 'D', i, virtual, | |
111 | *BATu, *BATl, BEPIu, BEPIl, bl); | |
112 | } | |
113 | #endif | |
9a64fbe4 FB |
114 | } |
115 | /* No hit */ | |
116 | return ret; | |
117 | } | |
118 | ||
119 | /* PTE table lookup */ | |
120 | static int find_pte (uint32_t *RPN, int *prot, uint32_t base, uint32_t va, | |
121 | int h, int key, int rw) | |
122 | { | |
a541f297 | 123 | uint32_t pte0, pte1, keep = 0, access = 0; |
9a64fbe4 FB |
124 | int i, good = -1, store = 0; |
125 | int ret = -1; /* No entry found */ | |
126 | ||
127 | for (i = 0; i < 8; i++) { | |
8df1cd07 FB |
128 | pte0 = ldl_phys(base + (i * 8)); |
129 | pte1 = ldl_phys(base + (i * 8) + 4); | |
9a64fbe4 | 130 | #if defined (DEBUG_MMU) |
a541f297 FB |
131 | if (loglevel > 0) { |
132 | fprintf(logfile, "Load pte from 0x%08x => 0x%08x 0x%08x " | |
133 | "%d %d %d 0x%08x\n", base + (i * 8), pte0, pte1, | |
134 | pte0 >> 31, h, (pte0 >> 6) & 1, va); | |
135 | } | |
9a64fbe4 FB |
136 | #endif |
137 | /* Check validity and table match */ | |
138 | if (pte0 & 0x80000000 && (h == ((pte0 >> 6) & 1))) { | |
9a64fbe4 FB |
139 | /* Check vsid & api */ |
140 | if ((pte0 & 0x7FFFFFBF) == va) { | |
9a64fbe4 FB |
141 | if (good == -1) { |
142 | good = i; | |
143 | keep = pte1; | |
144 | } else { | |
145 | /* All matches should have equal RPN, WIMG & PP */ | |
146 | if ((keep & 0xFFFFF07B) != (pte1 & 0xFFFFF07B)) { | |
a541f297 FB |
147 | if (loglevel > 0) |
148 | fprintf(logfile, "Bad RPN/WIMG/PP\n"); | |
9a64fbe4 FB |
149 | return -1; |
150 | } | |
151 | } | |
152 | /* Check access rights */ | |
153 | if (key == 0) { | |
5f21aef2 | 154 | access = PAGE_READ; |
9a64fbe4 | 155 | if ((pte1 & 0x00000003) != 0x3) |
5f21aef2 | 156 | access |= PAGE_WRITE; |
9a64fbe4 FB |
157 | } else { |
158 | switch (pte1 & 0x00000003) { | |
159 | case 0x0: | |
a541f297 | 160 | access = 0; |
9a64fbe4 FB |
161 | break; |
162 | case 0x1: | |
163 | case 0x3: | |
5f21aef2 | 164 | access = PAGE_READ; |
9a64fbe4 FB |
165 | break; |
166 | case 0x2: | |
5f21aef2 | 167 | access = PAGE_READ | PAGE_WRITE; |
9a64fbe4 FB |
168 | break; |
169 | } | |
170 | } | |
a541f297 | 171 | if (ret < 0) { |
5f21aef2 FB |
172 | if ((rw == 0 && (access & PAGE_READ)) || |
173 | (rw == 1 && (access & PAGE_WRITE))) { | |
9a64fbe4 | 174 | #if defined (DEBUG_MMU) |
a541f297 FB |
175 | if (loglevel > 0) |
176 | fprintf(logfile, "PTE access granted !\n"); | |
9a64fbe4 FB |
177 | #endif |
178 | good = i; | |
179 | keep = pte1; | |
180 | ret = 0; | |
a541f297 FB |
181 | } else { |
182 | /* Access right violation */ | |
183 | ret = -2; | |
9a64fbe4 | 184 | #if defined (DEBUG_MMU) |
a541f297 FB |
185 | if (loglevel > 0) |
186 | fprintf(logfile, "PTE access rejected\n"); | |
9a64fbe4 FB |
187 | #endif |
188 | } | |
a541f297 FB |
189 | *prot = access; |
190 | } | |
9a64fbe4 FB |
191 | } |
192 | } | |
193 | } | |
194 | if (good != -1) { | |
195 | *RPN = keep & 0xFFFFF000; | |
196 | #if defined (DEBUG_MMU) | |
a541f297 FB |
197 | if (loglevel > 0) { |
198 | fprintf(logfile, "found PTE at addr 0x%08x prot=0x%01x ret=%d\n", | |
9a64fbe4 | 199 | *RPN, *prot, ret); |
a541f297 | 200 | } |
9a64fbe4 FB |
201 | #endif |
202 | /* Update page flags */ | |
203 | if (!(keep & 0x00000100)) { | |
a541f297 | 204 | /* Access flag */ |
9a64fbe4 FB |
205 | keep |= 0x00000100; |
206 | store = 1; | |
207 | } | |
9a64fbe4 | 208 | if (!(keep & 0x00000080)) { |
a541f297 FB |
209 | if (rw && ret == 0) { |
210 | /* Change flag */ | |
9a64fbe4 FB |
211 | keep |= 0x00000080; |
212 | store = 1; | |
a541f297 FB |
213 | } else { |
214 | /* Force page fault for first write access */ | |
5f21aef2 | 215 | *prot &= ~PAGE_WRITE; |
9a64fbe4 FB |
216 | } |
217 | } | |
a541f297 | 218 | if (store) { |
8df1cd07 | 219 | stl_phys_notdirty(base + (good * 8) + 4, keep); |
a541f297 | 220 | } |
9a64fbe4 FB |
221 | } |
222 | ||
223 | return ret; | |
79aceca5 FB |
224 | } |
225 | ||
9a64fbe4 | 226 | static inline uint32_t get_pgaddr (uint32_t sdr1, uint32_t hash, uint32_t mask) |
79aceca5 | 227 | { |
9a64fbe4 | 228 | return (sdr1 & 0xFFFF0000) | (hash & mask); |
79aceca5 FB |
229 | } |
230 | ||
9a64fbe4 FB |
231 | /* Perform segment based translation */ |
232 | static int get_segment (CPUState *env, uint32_t *real, int *prot, | |
233 | uint32_t virtual, int rw, int type) | |
79aceca5 | 234 | { |
9a64fbe4 FB |
235 | uint32_t pg_addr, sdr, ptem, vsid, pgidx; |
236 | uint32_t hash, mask; | |
237 | uint32_t sr; | |
238 | int key; | |
239 | int ret = -1, ret2; | |
79aceca5 | 240 | |
9a64fbe4 FB |
241 | sr = env->sr[virtual >> 28]; |
242 | #if defined (DEBUG_MMU) | |
a541f297 FB |
243 | if (loglevel > 0) { |
244 | fprintf(logfile, "Check segment v=0x%08x %d 0x%08x nip=0x%08x " | |
245 | "lr=0x%08x ir=%d dr=%d pr=%d %d t=%d\n", | |
246 | virtual, virtual >> 28, sr, env->nip, | |
247 | env->lr, msr_ir, msr_dr, msr_pr, rw, type); | |
248 | } | |
9a64fbe4 | 249 | #endif |
a541f297 FB |
250 | key = (((sr & 0x20000000) && msr_pr == 1) || |
251 | ((sr & 0x40000000) && msr_pr == 0)) ? 1 : 0; | |
9a64fbe4 FB |
252 | if ((sr & 0x80000000) == 0) { |
253 | #if defined (DEBUG_MMU) | |
a541f297 FB |
254 | if (loglevel > 0) |
255 | fprintf(logfile, "pte segment: key=%d n=0x%08x\n", | |
256 | key, sr & 0x10000000); | |
9a64fbe4 FB |
257 | #endif |
258 | /* Check if instruction fetch is allowed, if needed */ | |
259 | if (type != ACCESS_CODE || (sr & 0x10000000) == 0) { | |
260 | /* Page address translation */ | |
261 | vsid = sr & 0x00FFFFFF; | |
262 | pgidx = (virtual >> 12) & 0xFFFF; | |
a541f297 FB |
263 | sdr = env->sdr1; |
264 | hash = ((vsid ^ pgidx) & 0x0007FFFF) << 6; | |
9a64fbe4 FB |
265 | mask = ((sdr & 0x000001FF) << 16) | 0xFFC0; |
266 | pg_addr = get_pgaddr(sdr, hash, mask); | |
267 | ptem = (vsid << 7) | (pgidx >> 10); | |
268 | #if defined (DEBUG_MMU) | |
a541f297 FB |
269 | if (loglevel > 0) { |
270 | fprintf(logfile, "0 sdr1=0x%08x vsid=0x%06x api=0x%04x " | |
271 | "hash=0x%07x pg_addr=0x%08x\n", sdr, vsid, pgidx, hash, | |
272 | pg_addr); | |
273 | } | |
9a64fbe4 FB |
274 | #endif |
275 | /* Primary table lookup */ | |
276 | ret = find_pte(real, prot, pg_addr, ptem, 0, key, rw); | |
277 | if (ret < 0) { | |
278 | /* Secondary table lookup */ | |
279 | hash = (~hash) & 0x01FFFFC0; | |
280 | pg_addr = get_pgaddr(sdr, hash, mask); | |
281 | #if defined (DEBUG_MMU) | |
a541f297 FB |
282 | if (virtual != 0xEFFFFFFF && loglevel > 0) { |
283 | fprintf(logfile, "1 sdr1=0x%08x vsid=0x%06x api=0x%04x " | |
284 | "hash=0x%05x pg_addr=0x%08x\n", sdr, vsid, pgidx, | |
285 | hash, pg_addr); | |
286 | } | |
9a64fbe4 FB |
287 | #endif |
288 | ret2 = find_pte(real, prot, pg_addr, ptem, 1, key, rw); | |
289 | if (ret2 != -1) | |
290 | ret = ret2; | |
291 | } | |
9a64fbe4 FB |
292 | } else { |
293 | #if defined (DEBUG_MMU) | |
a541f297 FB |
294 | if (loglevel > 0) |
295 | fprintf(logfile, "No access allowed\n"); | |
9a64fbe4 | 296 | #endif |
a541f297 | 297 | ret = -3; |
9a64fbe4 FB |
298 | } |
299 | } else { | |
300 | #if defined (DEBUG_MMU) | |
a541f297 FB |
301 | if (loglevel > 0) |
302 | fprintf(logfile, "direct store...\n"); | |
9a64fbe4 FB |
303 | #endif |
304 | /* Direct-store segment : absolutely *BUGGY* for now */ | |
305 | switch (type) { | |
306 | case ACCESS_INT: | |
307 | /* Integer load/store : only access allowed */ | |
308 | break; | |
309 | case ACCESS_CODE: | |
310 | /* No code fetch is allowed in direct-store areas */ | |
311 | return -4; | |
312 | case ACCESS_FLOAT: | |
313 | /* Floating point load/store */ | |
314 | return -4; | |
315 | case ACCESS_RES: | |
316 | /* lwarx, ldarx or srwcx. */ | |
317 | return -4; | |
318 | case ACCESS_CACHE: | |
319 | /* dcba, dcbt, dcbtst, dcbf, dcbi, dcbst, dcbz, or icbi */ | |
320 | /* Should make the instruction do no-op. | |
321 | * As it already do no-op, it's quite easy :-) | |
322 | */ | |
323 | *real = virtual; | |
324 | return 0; | |
325 | case ACCESS_EXT: | |
326 | /* eciwx or ecowx */ | |
327 | return -4; | |
328 | default: | |
329 | if (logfile) { | |
330 | fprintf(logfile, "ERROR: instruction should not need " | |
331 | "address translation\n"); | |
332 | } | |
333 | printf("ERROR: instruction should not need " | |
334 | "address translation\n"); | |
335 | return -4; | |
336 | } | |
337 | if ((rw == 1 || key != 1) && (rw == 0 || key != 0)) { | |
338 | *real = virtual; | |
339 | ret = 2; | |
340 | } else { | |
341 | ret = -2; | |
342 | } | |
79aceca5 | 343 | } |
9a64fbe4 FB |
344 | |
345 | return ret; | |
79aceca5 FB |
346 | } |
347 | ||
9a64fbe4 FB |
348 | int get_physical_address (CPUState *env, uint32_t *physical, int *prot, |
349 | uint32_t address, int rw, int access_type) | |
350 | { | |
351 | int ret; | |
514fb8c1 | 352 | #if 0 |
9a64fbe4 FB |
353 | if (loglevel > 0) { |
354 | fprintf(logfile, "%s\n", __func__); | |
355 | } | |
514fb8c1 | 356 | #endif |
4b3686fa FB |
357 | if ((access_type == ACCESS_CODE && msr_ir == 0) || |
358 | (access_type != ACCESS_CODE && msr_dr == 0)) { | |
9a64fbe4 | 359 | /* No address translation */ |
a541f297 | 360 | *physical = address & ~0xFFF; |
5f21aef2 | 361 | *prot = PAGE_READ | PAGE_WRITE; |
9a64fbe4 FB |
362 | ret = 0; |
363 | } else { | |
364 | /* Try to find a BAT */ | |
365 | ret = get_bat(env, physical, prot, address, rw, access_type); | |
366 | if (ret < 0) { | |
367 | /* We didn't match any BAT entry */ | |
368 | ret = get_segment(env, physical, prot, address, rw, access_type); | |
369 | } | |
370 | } | |
514fb8c1 | 371 | #if 0 |
a541f297 FB |
372 | if (loglevel > 0) { |
373 | fprintf(logfile, "%s address %08x => %08x\n", | |
374 | __func__, address, *physical); | |
375 | } | |
514fb8c1 | 376 | #endif |
9a64fbe4 FB |
377 | return ret; |
378 | } | |
379 | ||
a6b025d3 FB |
380 | #if defined(CONFIG_USER_ONLY) |
381 | target_ulong cpu_get_phys_page_debug(CPUState *env, target_ulong addr) | |
382 | { | |
383 | return addr; | |
384 | } | |
385 | #else | |
386 | target_ulong cpu_get_phys_page_debug(CPUState *env, target_ulong addr) | |
387 | { | |
388 | uint32_t phys_addr; | |
389 | int prot; | |
390 | ||
391 | if (get_physical_address(env, &phys_addr, &prot, addr, 0, ACCESS_INT) != 0) | |
392 | return -1; | |
393 | return phys_addr; | |
394 | } | |
395 | #endif | |
9a64fbe4 FB |
396 | |
397 | #if !defined(CONFIG_USER_ONLY) | |
398 | ||
399 | #define MMUSUFFIX _mmu | |
400 | #define GETPC() (__builtin_return_address(0)) | |
401 | ||
402 | #define SHIFT 0 | |
403 | #include "softmmu_template.h" | |
404 | ||
405 | #define SHIFT 1 | |
406 | #include "softmmu_template.h" | |
407 | ||
408 | #define SHIFT 2 | |
409 | #include "softmmu_template.h" | |
410 | ||
411 | #define SHIFT 3 | |
412 | #include "softmmu_template.h" | |
413 | ||
414 | /* try to fill the TLB and return an exception if error. If retaddr is | |
415 | NULL, it means that the function was called in C code (i.e. not | |
416 | from generated code or from helper.c) */ | |
417 | /* XXX: fix it to restore all registers */ | |
0fa85d43 | 418 | void tlb_fill(target_ulong addr, int is_write, int is_user, void *retaddr) |
9a64fbe4 FB |
419 | { |
420 | TranslationBlock *tb; | |
9a64fbe4 | 421 | CPUState *saved_env; |
a541f297 FB |
422 | unsigned long pc; |
423 | int ret; | |
9a64fbe4 FB |
424 | |
425 | /* XXX: hack to restore env in all cases, even if not called from | |
426 | generated code */ | |
427 | saved_env = env; | |
428 | env = cpu_single_env; | |
b769d8fe | 429 | #if 0 |
9a64fbe4 FB |
430 | { |
431 | unsigned long tlb_addrr, tlb_addrw; | |
432 | int index; | |
433 | index = (addr >> TARGET_PAGE_BITS) & (CPU_TLB_SIZE - 1); | |
434 | tlb_addrr = env->tlb_read[is_user][index].address; | |
435 | tlb_addrw = env->tlb_write[is_user][index].address; | |
4b3686fa FB |
436 | if (loglevel) { |
437 | fprintf(logfile, | |
438 | "%s 1 %p %p idx=%d addr=0x%08lx tbl_addr=0x%08lx 0x%08lx " | |
9a64fbe4 FB |
439 | "(0x%08lx 0x%08lx)\n", __func__, env, |
440 | &env->tlb_read[is_user][index], index, addr, | |
441 | tlb_addrr, tlb_addrw, addr & TARGET_PAGE_MASK, | |
442 | tlb_addrr & (TARGET_PAGE_MASK | TLB_INVALID_MASK)); | |
4b3686fa | 443 | } |
9a64fbe4 | 444 | } |
b769d8fe | 445 | #endif |
a541f297 | 446 | ret = cpu_ppc_handle_mmu_fault(env, addr, is_write, is_user, 1); |
9a64fbe4 FB |
447 | if (ret) { |
448 | if (retaddr) { | |
449 | /* now we have a real cpu fault */ | |
450 | pc = (unsigned long)retaddr; | |
451 | tb = tb_find_pc(pc); | |
452 | if (tb) { | |
453 | /* the PC is inside the translated code. It means that we have | |
454 | a virtual CPU fault */ | |
b324e814 | 455 | cpu_restore_state(tb, env, pc, NULL); |
9a64fbe4 FB |
456 | } |
457 | } | |
9fddaa0c | 458 | do_raise_exception_err(env->exception_index, env->error_code); |
9a64fbe4 | 459 | } |
b769d8fe | 460 | #if 0 |
9a64fbe4 FB |
461 | { |
462 | unsigned long tlb_addrr, tlb_addrw; | |
463 | int index; | |
464 | index = (addr >> TARGET_PAGE_BITS) & (CPU_TLB_SIZE - 1); | |
465 | tlb_addrr = env->tlb_read[is_user][index].address; | |
466 | tlb_addrw = env->tlb_write[is_user][index].address; | |
9a64fbe4 FB |
467 | printf("%s 2 %p %p idx=%d addr=0x%08lx tbl_addr=0x%08lx 0x%08lx " |
468 | "(0x%08lx 0x%08lx)\n", __func__, env, | |
469 | &env->tlb_read[is_user][index], index, addr, | |
470 | tlb_addrr, tlb_addrw, addr & TARGET_PAGE_MASK, | |
471 | tlb_addrr & (TARGET_PAGE_MASK | TLB_INVALID_MASK)); | |
9a64fbe4 | 472 | } |
b769d8fe | 473 | #endif |
9a64fbe4 FB |
474 | env = saved_env; |
475 | } | |
476 | ||
a541f297 | 477 | void cpu_ppc_init_mmu(CPUState *env) |
9a64fbe4 FB |
478 | { |
479 | /* Nothing to do: all translation are disabled */ | |
480 | } | |
481 | #endif | |
482 | ||
483 | /* Perform address translation */ | |
484 | int cpu_ppc_handle_mmu_fault (CPUState *env, uint32_t address, int rw, | |
a541f297 | 485 | int is_user, int is_softmmu) |
9a64fbe4 FB |
486 | { |
487 | uint32_t physical; | |
488 | int prot; | |
489 | int exception = 0, error_code = 0; | |
a541f297 | 490 | int access_type; |
9a64fbe4 FB |
491 | int ret = 0; |
492 | ||
b769d8fe FB |
493 | if (rw == 2) { |
494 | /* code access */ | |
495 | rw = 0; | |
496 | access_type = ACCESS_CODE; | |
497 | } else { | |
498 | /* data access */ | |
499 | /* XXX: put correct access by using cpu_restore_state() | |
500 | correctly */ | |
501 | access_type = ACCESS_INT; | |
502 | // access_type = env->access_type; | |
503 | } | |
9a64fbe4 FB |
504 | if (env->user_mode_only) { |
505 | /* user mode only emulation */ | |
1ef59d0a | 506 | ret = -2; |
9a64fbe4 FB |
507 | goto do_fault; |
508 | } | |
509 | ret = get_physical_address(env, &physical, &prot, | |
510 | address, rw, access_type); | |
511 | if (ret == 0) { | |
a541f297 FB |
512 | ret = tlb_set_page(env, address & ~0xFFF, physical, prot, |
513 | is_user, is_softmmu); | |
9a64fbe4 FB |
514 | } else if (ret < 0) { |
515 | do_fault: | |
516 | #if defined (DEBUG_MMU) | |
a541f297 | 517 | if (loglevel > 0) |
7fe48483 | 518 | cpu_dump_state(env, logfile, fprintf, 0); |
9a64fbe4 FB |
519 | #endif |
520 | if (access_type == ACCESS_CODE) { | |
521 | exception = EXCP_ISI; | |
522 | switch (ret) { | |
523 | case -1: | |
524 | /* No matches in page tables */ | |
525 | error_code = EXCP_ISI_TRANSLATE; | |
526 | break; | |
527 | case -2: | |
528 | /* Access rights violation */ | |
529 | error_code = EXCP_ISI_PROT; | |
530 | break; | |
531 | case -3: | |
a541f297 | 532 | /* No execute protection violation */ |
9a64fbe4 FB |
533 | error_code = EXCP_ISI_NOEXEC; |
534 | break; | |
535 | case -4: | |
536 | /* Direct store exception */ | |
537 | /* No code fetch is allowed in direct-store areas */ | |
a541f297 | 538 | error_code = EXCP_ISI_DIRECT; |
9a64fbe4 FB |
539 | break; |
540 | } | |
541 | } else { | |
542 | exception = EXCP_DSI; | |
543 | switch (ret) { | |
544 | case -1: | |
545 | /* No matches in page tables */ | |
546 | error_code = EXCP_DSI_TRANSLATE; | |
547 | break; | |
548 | case -2: | |
549 | /* Access rights violation */ | |
550 | error_code = EXCP_DSI_PROT; | |
551 | break; | |
552 | case -4: | |
553 | /* Direct store exception */ | |
554 | switch (access_type) { | |
555 | case ACCESS_FLOAT: | |
556 | /* Floating point load/store */ | |
557 | exception = EXCP_ALIGN; | |
558 | error_code = EXCP_ALIGN_FP; | |
559 | break; | |
560 | case ACCESS_RES: | |
561 | /* lwarx, ldarx or srwcx. */ | |
562 | exception = EXCP_DSI; | |
563 | error_code = EXCP_DSI_NOTSUP | EXCP_DSI_DIRECT; | |
9a64fbe4 FB |
564 | break; |
565 | case ACCESS_EXT: | |
566 | /* eciwx or ecowx */ | |
567 | exception = EXCP_DSI; | |
a541f297 FB |
568 | error_code = EXCP_DSI_NOTSUP | EXCP_DSI_DIRECT | |
569 | EXCP_DSI_ECXW; | |
9a64fbe4 FB |
570 | break; |
571 | default: | |
a541f297 | 572 | printf("DSI: invalid exception (%d)\n", ret); |
9a64fbe4 FB |
573 | exception = EXCP_PROGRAM; |
574 | error_code = EXCP_INVAL | EXCP_INVAL_INVAL; | |
575 | break; | |
576 | } | |
577 | } | |
578 | if (rw) | |
579 | error_code |= EXCP_DSI_STORE; | |
a541f297 FB |
580 | /* Store fault address */ |
581 | env->spr[DAR] = address; | |
9a64fbe4 FB |
582 | } |
583 | #if 0 | |
584 | printf("%s: set exception to %d %02x\n", | |
585 | __func__, exception, error_code); | |
586 | #endif | |
587 | env->exception_index = exception; | |
588 | env->error_code = error_code; | |
9a64fbe4 FB |
589 | ret = 1; |
590 | } | |
9a64fbe4 FB |
591 | return ret; |
592 | } | |
593 | ||
a541f297 | 594 | uint32_t _load_xer (CPUState *env) |
79aceca5 FB |
595 | { |
596 | return (xer_so << XER_SO) | | |
597 | (xer_ov << XER_OV) | | |
598 | (xer_ca << XER_CA) | | |
599 | (xer_bc << XER_BC); | |
600 | } | |
601 | ||
a541f297 | 602 | void _store_xer (CPUState *env, uint32_t value) |
79aceca5 FB |
603 | { |
604 | xer_so = (value >> XER_SO) & 0x01; | |
605 | xer_ov = (value >> XER_OV) & 0x01; | |
606 | xer_ca = (value >> XER_CA) & 0x01; | |
607 | xer_bc = (value >> XER_BC) & 0x1f; | |
608 | } | |
609 | ||
a541f297 | 610 | uint32_t _load_msr (CPUState *env) |
79aceca5 FB |
611 | { |
612 | return (msr_pow << MSR_POW) | | |
613 | (msr_ile << MSR_ILE) | | |
614 | (msr_ee << MSR_EE) | | |
615 | (msr_pr << MSR_PR) | | |
616 | (msr_fp << MSR_FP) | | |
617 | (msr_me << MSR_ME) | | |
618 | (msr_fe0 << MSR_FE0) | | |
619 | (msr_se << MSR_SE) | | |
620 | (msr_be << MSR_BE) | | |
621 | (msr_fe1 << MSR_FE1) | | |
622 | (msr_ip << MSR_IP) | | |
623 | (msr_ir << MSR_IR) | | |
624 | (msr_dr << MSR_DR) | | |
625 | (msr_ri << MSR_RI) | | |
626 | (msr_le << MSR_LE); | |
627 | } | |
628 | ||
a541f297 | 629 | void _store_msr (CPUState *env, uint32_t value) |
79aceca5 | 630 | { |
4b3686fa | 631 | #if 0 // TRY |
1ef59d0a | 632 | if (((value >> MSR_IR) & 0x01) != msr_ir || |
4b3686fa FB |
633 | ((value >> MSR_DR) & 0x01) != msr_dr) |
634 | { | |
a541f297 | 635 | /* Flush all tlb when changing translation mode or privilege level */ |
1ef59d0a | 636 | tlb_flush(env, 1); |
a541f297 | 637 | } |
4b3686fa | 638 | #endif |
9a64fbe4 FB |
639 | msr_pow = (value >> MSR_POW) & 0x03; |
640 | msr_ile = (value >> MSR_ILE) & 0x01; | |
641 | msr_ee = (value >> MSR_EE) & 0x01; | |
642 | msr_pr = (value >> MSR_PR) & 0x01; | |
643 | msr_fp = (value >> MSR_FP) & 0x01; | |
644 | msr_me = (value >> MSR_ME) & 0x01; | |
645 | msr_fe0 = (value >> MSR_FE0) & 0x01; | |
646 | msr_se = (value >> MSR_SE) & 0x01; | |
647 | msr_be = (value >> MSR_BE) & 0x01; | |
648 | msr_fe1 = (value >> MSR_FE1) & 0x01; | |
649 | msr_ip = (value >> MSR_IP) & 0x01; | |
650 | msr_ir = (value >> MSR_IR) & 0x01; | |
651 | msr_dr = (value >> MSR_DR) & 0x01; | |
652 | msr_ri = (value >> MSR_RI) & 0x01; | |
653 | msr_le = (value >> MSR_LE) & 0x01; | |
18fba28c | 654 | /* XXX: should enter PM state if msr_pow has been set */ |
79aceca5 FB |
655 | } |
656 | ||
18fba28c | 657 | #if defined (CONFIG_USER_ONLY) |
9a64fbe4 | 658 | void do_interrupt (CPUState *env) |
79aceca5 | 659 | { |
18fba28c FB |
660 | env->exception_index = -1; |
661 | } | |
9a64fbe4 | 662 | #else |
18fba28c FB |
663 | void do_interrupt (CPUState *env) |
664 | { | |
9a64fbe4 | 665 | uint32_t msr; |
18fba28c | 666 | int excp; |
79aceca5 | 667 | |
18fba28c | 668 | excp = env->exception_index; |
a541f297 | 669 | msr = _load_msr(env); |
9a64fbe4 | 670 | #if defined (DEBUG_EXCEPTIONS) |
a541f297 | 671 | if ((excp == EXCP_PROGRAM || excp == EXCP_DSI) && msr_pr == 1) |
9a64fbe4 FB |
672 | { |
673 | if (loglevel > 0) { | |
674 | fprintf(logfile, "Raise exception at 0x%08x => 0x%08x (%02x)\n", | |
675 | env->nip, excp << 8, env->error_code); | |
b769d8fe | 676 | } |
a541f297 | 677 | if (loglevel > 0) |
7fe48483 | 678 | cpu_dump_state(env, logfile, fprintf, 0); |
79aceca5 | 679 | } |
9a64fbe4 | 680 | #endif |
b769d8fe FB |
681 | if (loglevel & CPU_LOG_INT) { |
682 | fprintf(logfile, "Raise exception at 0x%08x => 0x%08x (%02x)\n", | |
683 | env->nip, excp << 8, env->error_code); | |
684 | } | |
9a64fbe4 FB |
685 | /* Generate informations in save/restore registers */ |
686 | switch (excp) { | |
9a64fbe4 FB |
687 | case EXCP_NONE: |
688 | /* Do nothing */ | |
689 | #if defined (DEBUG_EXCEPTIONS) | |
690 | printf("%s: escape EXCP_NONE\n", __func__); | |
691 | #endif | |
692 | return; | |
693 | case EXCP_RESET: | |
694 | if (msr_ip) | |
695 | excp += 0xFFC00; | |
696 | goto store_next; | |
697 | case EXCP_MACHINE_CHECK: | |
698 | if (msr_me == 0) { | |
4b3686fa | 699 | cpu_abort(env, "Machine check exception while not allowed\n"); |
79aceca5 | 700 | } |
9a64fbe4 FB |
701 | msr_me = 0; |
702 | break; | |
703 | case EXCP_DSI: | |
704 | /* Store exception cause */ | |
705 | /* data location address has been stored | |
706 | * when the fault has been detected | |
707 | */ | |
a541f297 FB |
708 | msr &= ~0xFFFF0000; |
709 | env->spr[DSISR] = 0; | |
710 | if (env->error_code & EXCP_DSI_TRANSLATE) | |
711 | env->spr[DSISR] |= 0x40000000; | |
712 | else if (env->error_code & EXCP_DSI_PROT) | |
713 | env->spr[DSISR] |= 0x08000000; | |
714 | else if (env->error_code & EXCP_DSI_NOTSUP) { | |
715 | env->spr[DSISR] |= 0x80000000; | |
716 | if (env->error_code & EXCP_DSI_DIRECT) | |
717 | env->spr[DSISR] |= 0x04000000; | |
718 | } | |
719 | if (env->error_code & EXCP_DSI_STORE) | |
720 | env->spr[DSISR] |= 0x02000000; | |
721 | if ((env->error_code & 0xF) == EXCP_DSI_DABR) | |
722 | env->spr[DSISR] |= 0x00400000; | |
723 | if (env->error_code & EXCP_DSI_ECXW) | |
724 | env->spr[DSISR] |= 0x00100000; | |
725 | #if defined (DEBUG_EXCEPTIONS) | |
726 | if (loglevel) { | |
727 | fprintf(logfile, "DSI exception: DSISR=0x%08x, DAR=0x%08x\n", | |
728 | env->spr[DSISR], env->spr[DAR]); | |
729 | } else { | |
730 | printf("DSI exception: DSISR=0x%08x, DAR=0x%08x nip=0x%08x\n", | |
731 | env->spr[DSISR], env->spr[DAR], env->nip); | |
732 | } | |
733 | #endif | |
734 | goto store_next; | |
9a64fbe4 FB |
735 | case EXCP_ISI: |
736 | /* Store exception cause */ | |
a541f297 | 737 | msr &= ~0xFFFF0000; |
9a64fbe4 FB |
738 | if (env->error_code == EXCP_ISI_TRANSLATE) |
739 | msr |= 0x40000000; | |
740 | else if (env->error_code == EXCP_ISI_NOEXEC || | |
a541f297 FB |
741 | env->error_code == EXCP_ISI_GUARD || |
742 | env->error_code == EXCP_ISI_DIRECT) | |
9a64fbe4 FB |
743 | msr |= 0x10000000; |
744 | else | |
745 | msr |= 0x08000000; | |
a541f297 FB |
746 | #if defined (DEBUG_EXCEPTIONS) |
747 | if (loglevel) { | |
748 | fprintf(logfile, "ISI exception: msr=0x%08x, nip=0x%08x\n", | |
749 | msr, env->nip); | |
750 | } else { | |
751 | printf("ISI exception: msr=0x%08x, nip=0x%08x tbl:0x%08x\n", | |
752 | msr, env->nip, env->spr[V_TBL]); | |
753 | } | |
754 | #endif | |
9a64fbe4 FB |
755 | goto store_next; |
756 | case EXCP_EXTERNAL: | |
757 | if (msr_ee == 0) { | |
758 | #if defined (DEBUG_EXCEPTIONS) | |
759 | if (loglevel > 0) { | |
760 | fprintf(logfile, "Skipping hardware interrupt\n"); | |
79aceca5 | 761 | } |
9a64fbe4 | 762 | #endif |
a541f297 | 763 | /* Requeue it */ |
9fddaa0c | 764 | do_raise_exception(EXCP_EXTERNAL); |
9a64fbe4 | 765 | return; |
79aceca5 | 766 | } |
9a64fbe4 FB |
767 | goto store_next; |
768 | case EXCP_ALIGN: | |
769 | /* Store exception cause */ | |
770 | /* Get rS/rD and rA from faulting opcode */ | |
771 | env->spr[DSISR] |= | |
0fa85d43 | 772 | (ldl_code((env->nip - 4)) & 0x03FF0000) >> 16; |
9a64fbe4 FB |
773 | /* data location address has been stored |
774 | * when the fault has been detected | |
775 | */ | |
776 | goto store_current; | |
777 | case EXCP_PROGRAM: | |
778 | msr &= ~0xFFFF0000; | |
779 | switch (env->error_code & ~0xF) { | |
780 | case EXCP_FP: | |
781 | if (msr_fe0 == 0 && msr_fe1 == 0) { | |
782 | #if defined (DEBUG_EXCEPTIONS) | |
783 | printf("Ignore floating point exception\n"); | |
784 | #endif | |
785 | return; | |
79aceca5 | 786 | } |
9a64fbe4 FB |
787 | msr |= 0x00100000; |
788 | /* Set FX */ | |
789 | env->fpscr[7] |= 0x8; | |
790 | /* Finally, update FEX */ | |
791 | if ((((env->fpscr[7] & 0x3) << 3) | (env->fpscr[6] >> 1)) & | |
792 | ((env->fpscr[1] << 1) | (env->fpscr[0] >> 3))) | |
793 | env->fpscr[7] |= 0x4; | |
794 | break; | |
795 | case EXCP_INVAL: | |
4b3686fa | 796 | // printf("Invalid instruction at 0x%08x\n", env->nip); |
9a64fbe4 FB |
797 | msr |= 0x00080000; |
798 | break; | |
799 | case EXCP_PRIV: | |
800 | msr |= 0x00040000; | |
801 | break; | |
802 | case EXCP_TRAP: | |
803 | msr |= 0x00020000; | |
804 | break; | |
805 | default: | |
806 | /* Should never occur */ | |
807 | break; | |
79aceca5 | 808 | } |
9a64fbe4 FB |
809 | msr |= 0x00010000; |
810 | goto store_current; | |
811 | case EXCP_NO_FP: | |
812 | goto store_current; | |
813 | case EXCP_DECR: | |
814 | if (msr_ee == 0) { | |
815 | /* Requeue it */ | |
9fddaa0c | 816 | do_raise_exception(EXCP_DECR); |
9a64fbe4 FB |
817 | return; |
818 | } | |
819 | goto store_next; | |
820 | case EXCP_SYSCALL: | |
b769d8fe FB |
821 | if (loglevel & CPU_LOG_INT) { |
822 | fprintf(logfile, "syscall %d 0x%08x 0x%08x 0x%08x 0x%08x\n", | |
823 | env->gpr[0], env->gpr[3], env->gpr[4], | |
824 | env->gpr[5], env->gpr[6]); | |
825 | if (env->gpr[0] == 4 && env->gpr[3] == 1) { | |
826 | int len, addr, i; | |
827 | uint8_t c; | |
828 | ||
829 | fprintf(logfile, "write: "); | |
830 | addr = env->gpr[4]; | |
831 | len = env->gpr[5]; | |
832 | if (len > 64) | |
833 | len = 64; | |
834 | for(i = 0; i < len; i++) { | |
835 | c = 0; | |
836 | cpu_memory_rw_debug(env, addr + i, &c, 1, 0); | |
837 | if (c < 32 || c > 126) | |
838 | c = '.'; | |
839 | fprintf(logfile, "%c", c); | |
840 | } | |
841 | fprintf(logfile, "\n"); | |
842 | } | |
843 | } | |
9a64fbe4 FB |
844 | goto store_next; |
845 | case EXCP_TRACE: | |
846 | goto store_next; | |
847 | case EXCP_FP_ASSIST: | |
848 | goto store_next; | |
849 | case EXCP_MTMSR: | |
850 | /* Nothing to do */ | |
9a64fbe4 FB |
851 | return; |
852 | case EXCP_BRANCH: | |
853 | /* Nothing to do */ | |
9a64fbe4 FB |
854 | return; |
855 | case EXCP_RFI: | |
856 | /* Restore user-mode state */ | |
a541f297 | 857 | tb_flush(env); |
9a64fbe4 | 858 | #if defined (DEBUG_EXCEPTIONS) |
a541f297 FB |
859 | if (msr_pr == 1) |
860 | printf("Return from exception => 0x%08x\n", (uint32_t)env->nip); | |
9a64fbe4 FB |
861 | #endif |
862 | return; | |
863 | store_current: | |
864 | /* SRR0 is set to current instruction */ | |
865 | env->spr[SRR0] = (uint32_t)env->nip - 4; | |
866 | break; | |
867 | store_next: | |
868 | /* SRR0 is set to next instruction */ | |
869 | env->spr[SRR0] = (uint32_t)env->nip; | |
870 | break; | |
871 | } | |
872 | env->spr[SRR1] = msr; | |
873 | /* reload MSR with correct bits */ | |
874 | msr_pow = 0; | |
875 | msr_ee = 0; | |
876 | msr_pr = 0; | |
877 | msr_fp = 0; | |
878 | msr_fe0 = 0; | |
879 | msr_se = 0; | |
880 | msr_be = 0; | |
881 | msr_fe1 = 0; | |
882 | msr_ir = 0; | |
883 | msr_dr = 0; | |
884 | msr_ri = 0; | |
885 | msr_le = msr_ile; | |
886 | /* Jump to handler */ | |
887 | env->nip = excp << 8; | |
888 | env->exception_index = EXCP_NONE; | |
889 | /* Invalidate all TLB as we may have changed translation mode */ | |
1ef59d0a | 890 | tlb_flush(env, 1); |
9a64fbe4 FB |
891 | /* ensure that no TB jump will be modified as |
892 | the program flow was changed */ | |
893 | #ifdef __sparc__ | |
894 | tmp_T0 = 0; | |
895 | #else | |
896 | T0 = 0; | |
9a64fbe4 | 897 | #endif |
9fddaa0c | 898 | env->exception_index = -1; |
fb0eaffc | 899 | } |
18fba28c | 900 | #endif /* !CONFIG_USER_ONLY */ |