]>
Commit | Line | Data |
---|---|---|
79aceca5 FB |
1 | /* |
2 | * PPC emulation helpers for qemu. | |
3 | * | |
4 | * Copyright (c) 2003 Jocelyn Mayer | |
5 | * | |
6 | * This library is free software; you can redistribute it and/or | |
7 | * modify it under the terms of the GNU Lesser General Public | |
8 | * License as published by the Free Software Foundation; either | |
9 | * version 2 of the License, or (at your option) any later version. | |
10 | * | |
11 | * This library is distributed in the hope that it will be useful, | |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
14 | * Lesser General Public License for more details. | |
15 | * | |
16 | * You should have received a copy of the GNU Lesser General Public | |
17 | * License along with this library; if not, write to the Free Software | |
18 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA | |
19 | */ | |
20 | #include "exec.h" | |
9a64fbe4 | 21 | #if defined (USE_OPEN_FIRMWARE) |
a541f297 | 22 | #include <time.h> |
9a64fbe4 FB |
23 | #include "of.h" |
24 | #endif | |
25 | ||
26 | //#define DEBUG_MMU | |
27 | //#define DEBUG_BATS | |
28 | //#define DEBUG_EXCEPTIONS | |
29 | ||
9fddaa0c | 30 | extern FILE *stdout, *stderr; |
9a64fbe4 | 31 | void abort (void); |
79aceca5 | 32 | |
9fddaa0c | 33 | /*****************************************************************************/ |
9a64fbe4 FB |
34 | |
35 | /*****************************************************************************/ | |
36 | /* PPC MMU emulation */ | |
a541f297 FB |
37 | int cpu_ppc_handle_mmu_fault (CPUState *env, uint32_t address, int rw, |
38 | int is_user, int is_softmmu); | |
39 | ||
9a64fbe4 FB |
40 | /* Perform BAT hit & translation */ |
41 | static int get_bat (CPUState *env, uint32_t *real, int *prot, | |
42 | uint32_t virtual, int rw, int type) | |
43 | { | |
44 | uint32_t *BATlt, *BATut, *BATu, *BATl; | |
45 | uint32_t base, BEPIl, BEPIu, bl; | |
46 | int i; | |
47 | int ret = -1; | |
48 | ||
49 | #if defined (DEBUG_BATS) | |
50 | if (loglevel > 0) { | |
51 | fprintf(logfile, "%s: %cBAT v 0x%08x\n", __func__, | |
52 | type == ACCESS_CODE ? 'I' : 'D', virtual); | |
53 | } | |
9a64fbe4 FB |
54 | #endif |
55 | switch (type) { | |
56 | case ACCESS_CODE: | |
57 | BATlt = env->IBAT[1]; | |
58 | BATut = env->IBAT[0]; | |
59 | break; | |
60 | default: | |
61 | BATlt = env->DBAT[1]; | |
62 | BATut = env->DBAT[0]; | |
63 | break; | |
64 | } | |
65 | #if defined (DEBUG_BATS) | |
66 | if (loglevel > 0) { | |
67 | fprintf(logfile, "%s...: %cBAT v 0x%08x\n", __func__, | |
68 | type == ACCESS_CODE ? 'I' : 'D', virtual); | |
69 | } | |
9a64fbe4 FB |
70 | #endif |
71 | base = virtual & 0xFFFC0000; | |
72 | for (i = 0; i < 4; i++) { | |
73 | BATu = &BATut[i]; | |
74 | BATl = &BATlt[i]; | |
75 | BEPIu = *BATu & 0xF0000000; | |
76 | BEPIl = *BATu & 0x0FFE0000; | |
77 | bl = (*BATu & 0x00001FFC) << 15; | |
78 | #if defined (DEBUG_BATS) | |
79 | if (loglevel > 0) { | |
80 | fprintf(logfile, "%s: %cBAT%d v 0x%08x BATu 0x%08x BATl 0x%08x\n", | |
81 | __func__, type == ACCESS_CODE ? 'I' : 'D', i, virtual, | |
82 | *BATu, *BATl); | |
9a64fbe4 FB |
83 | } |
84 | #endif | |
85 | if ((virtual & 0xF0000000) == BEPIu && | |
86 | ((virtual & 0x0FFE0000) & ~bl) == BEPIl) { | |
87 | /* BAT matches */ | |
88 | if ((msr_pr == 0 && (*BATu & 0x00000002)) || | |
89 | (msr_pr == 1 && (*BATu & 0x00000001))) { | |
90 | /* Get physical address */ | |
91 | *real = (*BATl & 0xF0000000) | | |
92 | ((virtual & 0x0FFE0000 & bl) | (*BATl & 0x0FFE0000)) | | |
a541f297 | 93 | (virtual & 0x0001F000); |
9a64fbe4 | 94 | if (*BATl & 0x00000001) |
5f21aef2 | 95 | *prot = PAGE_READ; |
9a64fbe4 | 96 | if (*BATl & 0x00000002) |
5f21aef2 | 97 | *prot = PAGE_WRITE | PAGE_READ; |
9a64fbe4 FB |
98 | #if defined (DEBUG_BATS) |
99 | if (loglevel > 0) { | |
100 | fprintf(logfile, "BAT %d match: r 0x%08x prot=%c%c\n", | |
5f21aef2 FB |
101 | i, *real, *prot & PAGE_READ ? 'R' : '-', |
102 | *prot & PAGE_WRITE ? 'W' : '-'); | |
9a64fbe4 FB |
103 | } |
104 | #endif | |
105 | ret = 0; | |
106 | break; | |
107 | } | |
108 | } | |
109 | } | |
110 | if (ret < 0) { | |
111 | #if defined (DEBUG_BATS) | |
112 | printf("no BAT match for 0x%08x:\n", virtual); | |
113 | for (i = 0; i < 4; i++) { | |
114 | BATu = &BATut[i]; | |
115 | BATl = &BATlt[i]; | |
116 | BEPIu = *BATu & 0xF0000000; | |
117 | BEPIl = *BATu & 0x0FFE0000; | |
118 | bl = (*BATu & 0x00001FFC) << 15; | |
119 | printf("%s: %cBAT%d v 0x%08x BATu 0x%08x BATl 0x%08x \n\t" | |
120 | "0x%08x 0x%08x 0x%08x\n", | |
121 | __func__, type == ACCESS_CODE ? 'I' : 'D', i, virtual, | |
122 | *BATu, *BATl, BEPIu, BEPIl, bl); | |
123 | } | |
124 | #endif | |
9a64fbe4 FB |
125 | } |
126 | /* No hit */ | |
127 | return ret; | |
128 | } | |
129 | ||
130 | /* PTE table lookup */ | |
131 | static int find_pte (uint32_t *RPN, int *prot, uint32_t base, uint32_t va, | |
132 | int h, int key, int rw) | |
133 | { | |
a541f297 | 134 | uint32_t pte0, pte1, keep = 0, access = 0; |
9a64fbe4 FB |
135 | int i, good = -1, store = 0; |
136 | int ret = -1; /* No entry found */ | |
137 | ||
138 | for (i = 0; i < 8; i++) { | |
046d6672 FB |
139 | pte0 = ldl_raw(phys_ram_base + base + (i * 8)); |
140 | pte1 = ldl_raw(phys_ram_base + base + (i * 8) + 4); | |
9a64fbe4 | 141 | #if defined (DEBUG_MMU) |
a541f297 FB |
142 | if (loglevel > 0) { |
143 | fprintf(logfile, "Load pte from 0x%08x => 0x%08x 0x%08x " | |
144 | "%d %d %d 0x%08x\n", base + (i * 8), pte0, pte1, | |
145 | pte0 >> 31, h, (pte0 >> 6) & 1, va); | |
146 | } | |
9a64fbe4 FB |
147 | #endif |
148 | /* Check validity and table match */ | |
149 | if (pte0 & 0x80000000 && (h == ((pte0 >> 6) & 1))) { | |
9a64fbe4 FB |
150 | /* Check vsid & api */ |
151 | if ((pte0 & 0x7FFFFFBF) == va) { | |
9a64fbe4 FB |
152 | if (good == -1) { |
153 | good = i; | |
154 | keep = pte1; | |
155 | } else { | |
156 | /* All matches should have equal RPN, WIMG & PP */ | |
157 | if ((keep & 0xFFFFF07B) != (pte1 & 0xFFFFF07B)) { | |
a541f297 FB |
158 | if (loglevel > 0) |
159 | fprintf(logfile, "Bad RPN/WIMG/PP\n"); | |
9a64fbe4 FB |
160 | return -1; |
161 | } | |
162 | } | |
163 | /* Check access rights */ | |
164 | if (key == 0) { | |
5f21aef2 | 165 | access = PAGE_READ; |
9a64fbe4 | 166 | if ((pte1 & 0x00000003) != 0x3) |
5f21aef2 | 167 | access |= PAGE_WRITE; |
9a64fbe4 FB |
168 | } else { |
169 | switch (pte1 & 0x00000003) { | |
170 | case 0x0: | |
a541f297 | 171 | access = 0; |
9a64fbe4 FB |
172 | break; |
173 | case 0x1: | |
174 | case 0x3: | |
5f21aef2 | 175 | access = PAGE_READ; |
9a64fbe4 FB |
176 | break; |
177 | case 0x2: | |
5f21aef2 | 178 | access = PAGE_READ | PAGE_WRITE; |
9a64fbe4 FB |
179 | break; |
180 | } | |
181 | } | |
a541f297 | 182 | if (ret < 0) { |
5f21aef2 FB |
183 | if ((rw == 0 && (access & PAGE_READ)) || |
184 | (rw == 1 && (access & PAGE_WRITE))) { | |
9a64fbe4 | 185 | #if defined (DEBUG_MMU) |
a541f297 FB |
186 | if (loglevel > 0) |
187 | fprintf(logfile, "PTE access granted !\n"); | |
9a64fbe4 FB |
188 | #endif |
189 | good = i; | |
190 | keep = pte1; | |
191 | ret = 0; | |
a541f297 FB |
192 | } else { |
193 | /* Access right violation */ | |
194 | ret = -2; | |
9a64fbe4 | 195 | #if defined (DEBUG_MMU) |
a541f297 FB |
196 | if (loglevel > 0) |
197 | fprintf(logfile, "PTE access rejected\n"); | |
9a64fbe4 FB |
198 | #endif |
199 | } | |
a541f297 FB |
200 | *prot = access; |
201 | } | |
9a64fbe4 FB |
202 | } |
203 | } | |
204 | } | |
205 | if (good != -1) { | |
206 | *RPN = keep & 0xFFFFF000; | |
207 | #if defined (DEBUG_MMU) | |
a541f297 FB |
208 | if (loglevel > 0) { |
209 | fprintf(logfile, "found PTE at addr 0x%08x prot=0x%01x ret=%d\n", | |
9a64fbe4 | 210 | *RPN, *prot, ret); |
a541f297 | 211 | } |
9a64fbe4 FB |
212 | #endif |
213 | /* Update page flags */ | |
214 | if (!(keep & 0x00000100)) { | |
a541f297 | 215 | /* Access flag */ |
9a64fbe4 FB |
216 | keep |= 0x00000100; |
217 | store = 1; | |
218 | } | |
9a64fbe4 | 219 | if (!(keep & 0x00000080)) { |
a541f297 FB |
220 | if (rw && ret == 0) { |
221 | /* Change flag */ | |
9a64fbe4 FB |
222 | keep |= 0x00000080; |
223 | store = 1; | |
a541f297 FB |
224 | } else { |
225 | /* Force page fault for first write access */ | |
5f21aef2 | 226 | *prot &= ~PAGE_WRITE; |
9a64fbe4 FB |
227 | } |
228 | } | |
a541f297 | 229 | if (store) { |
046d6672 | 230 | stl_raw(phys_ram_base + base + (good * 8) + 4, keep); |
a541f297 | 231 | } |
9a64fbe4 FB |
232 | } |
233 | ||
234 | return ret; | |
79aceca5 FB |
235 | } |
236 | ||
9a64fbe4 | 237 | static inline uint32_t get_pgaddr (uint32_t sdr1, uint32_t hash, uint32_t mask) |
79aceca5 | 238 | { |
9a64fbe4 | 239 | return (sdr1 & 0xFFFF0000) | (hash & mask); |
79aceca5 FB |
240 | } |
241 | ||
9a64fbe4 FB |
242 | /* Perform segment based translation */ |
243 | static int get_segment (CPUState *env, uint32_t *real, int *prot, | |
244 | uint32_t virtual, int rw, int type) | |
79aceca5 | 245 | { |
9a64fbe4 FB |
246 | uint32_t pg_addr, sdr, ptem, vsid, pgidx; |
247 | uint32_t hash, mask; | |
248 | uint32_t sr; | |
249 | int key; | |
250 | int ret = -1, ret2; | |
79aceca5 | 251 | |
9a64fbe4 FB |
252 | sr = env->sr[virtual >> 28]; |
253 | #if defined (DEBUG_MMU) | |
a541f297 FB |
254 | if (loglevel > 0) { |
255 | fprintf(logfile, "Check segment v=0x%08x %d 0x%08x nip=0x%08x " | |
256 | "lr=0x%08x ir=%d dr=%d pr=%d %d t=%d\n", | |
257 | virtual, virtual >> 28, sr, env->nip, | |
258 | env->lr, msr_ir, msr_dr, msr_pr, rw, type); | |
259 | } | |
9a64fbe4 | 260 | #endif |
a541f297 FB |
261 | key = (((sr & 0x20000000) && msr_pr == 1) || |
262 | ((sr & 0x40000000) && msr_pr == 0)) ? 1 : 0; | |
9a64fbe4 FB |
263 | if ((sr & 0x80000000) == 0) { |
264 | #if defined (DEBUG_MMU) | |
a541f297 FB |
265 | if (loglevel > 0) |
266 | fprintf(logfile, "pte segment: key=%d n=0x%08x\n", | |
267 | key, sr & 0x10000000); | |
9a64fbe4 FB |
268 | #endif |
269 | /* Check if instruction fetch is allowed, if needed */ | |
270 | if (type != ACCESS_CODE || (sr & 0x10000000) == 0) { | |
271 | /* Page address translation */ | |
272 | vsid = sr & 0x00FFFFFF; | |
273 | pgidx = (virtual >> 12) & 0xFFFF; | |
a541f297 FB |
274 | sdr = env->sdr1; |
275 | hash = ((vsid ^ pgidx) & 0x0007FFFF) << 6; | |
9a64fbe4 FB |
276 | mask = ((sdr & 0x000001FF) << 16) | 0xFFC0; |
277 | pg_addr = get_pgaddr(sdr, hash, mask); | |
278 | ptem = (vsid << 7) | (pgidx >> 10); | |
279 | #if defined (DEBUG_MMU) | |
a541f297 FB |
280 | if (loglevel > 0) { |
281 | fprintf(logfile, "0 sdr1=0x%08x vsid=0x%06x api=0x%04x " | |
282 | "hash=0x%07x pg_addr=0x%08x\n", sdr, vsid, pgidx, hash, | |
283 | pg_addr); | |
284 | } | |
9a64fbe4 FB |
285 | #endif |
286 | /* Primary table lookup */ | |
287 | ret = find_pte(real, prot, pg_addr, ptem, 0, key, rw); | |
288 | if (ret < 0) { | |
289 | /* Secondary table lookup */ | |
290 | hash = (~hash) & 0x01FFFFC0; | |
291 | pg_addr = get_pgaddr(sdr, hash, mask); | |
292 | #if defined (DEBUG_MMU) | |
a541f297 FB |
293 | if (virtual != 0xEFFFFFFF && loglevel > 0) { |
294 | fprintf(logfile, "1 sdr1=0x%08x vsid=0x%06x api=0x%04x " | |
295 | "hash=0x%05x pg_addr=0x%08x\n", sdr, vsid, pgidx, | |
296 | hash, pg_addr); | |
297 | } | |
9a64fbe4 FB |
298 | #endif |
299 | ret2 = find_pte(real, prot, pg_addr, ptem, 1, key, rw); | |
300 | if (ret2 != -1) | |
301 | ret = ret2; | |
302 | } | |
9a64fbe4 FB |
303 | } else { |
304 | #if defined (DEBUG_MMU) | |
a541f297 FB |
305 | if (loglevel > 0) |
306 | fprintf(logfile, "No access allowed\n"); | |
9a64fbe4 | 307 | #endif |
a541f297 | 308 | ret = -3; |
9a64fbe4 FB |
309 | } |
310 | } else { | |
311 | #if defined (DEBUG_MMU) | |
a541f297 FB |
312 | if (loglevel > 0) |
313 | fprintf(logfile, "direct store...\n"); | |
9a64fbe4 FB |
314 | #endif |
315 | /* Direct-store segment : absolutely *BUGGY* for now */ | |
316 | switch (type) { | |
317 | case ACCESS_INT: | |
318 | /* Integer load/store : only access allowed */ | |
319 | break; | |
320 | case ACCESS_CODE: | |
321 | /* No code fetch is allowed in direct-store areas */ | |
322 | return -4; | |
323 | case ACCESS_FLOAT: | |
324 | /* Floating point load/store */ | |
325 | return -4; | |
326 | case ACCESS_RES: | |
327 | /* lwarx, ldarx or srwcx. */ | |
328 | return -4; | |
329 | case ACCESS_CACHE: | |
330 | /* dcba, dcbt, dcbtst, dcbf, dcbi, dcbst, dcbz, or icbi */ | |
331 | /* Should make the instruction do no-op. | |
332 | * As it already do no-op, it's quite easy :-) | |
333 | */ | |
334 | *real = virtual; | |
335 | return 0; | |
336 | case ACCESS_EXT: | |
337 | /* eciwx or ecowx */ | |
338 | return -4; | |
339 | default: | |
340 | if (logfile) { | |
341 | fprintf(logfile, "ERROR: instruction should not need " | |
342 | "address translation\n"); | |
343 | } | |
344 | printf("ERROR: instruction should not need " | |
345 | "address translation\n"); | |
346 | return -4; | |
347 | } | |
348 | if ((rw == 1 || key != 1) && (rw == 0 || key != 0)) { | |
349 | *real = virtual; | |
350 | ret = 2; | |
351 | } else { | |
352 | ret = -2; | |
353 | } | |
79aceca5 | 354 | } |
9a64fbe4 FB |
355 | |
356 | return ret; | |
79aceca5 FB |
357 | } |
358 | ||
9a64fbe4 FB |
359 | int get_physical_address (CPUState *env, uint32_t *physical, int *prot, |
360 | uint32_t address, int rw, int access_type) | |
361 | { | |
362 | int ret; | |
363 | ||
364 | if (loglevel > 0) { | |
365 | fprintf(logfile, "%s\n", __func__); | |
366 | } | |
a541f297 | 367 | |
9a64fbe4 FB |
368 | if ((access_type == ACCESS_CODE && msr_ir == 0) || msr_dr == 0) { |
369 | /* No address translation */ | |
a541f297 | 370 | *physical = address & ~0xFFF; |
5f21aef2 | 371 | *prot = PAGE_READ | PAGE_WRITE; |
9a64fbe4 FB |
372 | ret = 0; |
373 | } else { | |
374 | /* Try to find a BAT */ | |
375 | ret = get_bat(env, physical, prot, address, rw, access_type); | |
376 | if (ret < 0) { | |
377 | /* We didn't match any BAT entry */ | |
378 | ret = get_segment(env, physical, prot, address, rw, access_type); | |
379 | } | |
380 | } | |
a541f297 FB |
381 | if (loglevel > 0) { |
382 | fprintf(logfile, "%s address %08x => %08x\n", | |
383 | __func__, address, *physical); | |
384 | } | |
9a64fbe4 FB |
385 | |
386 | return ret; | |
387 | } | |
388 | ||
a6b025d3 FB |
389 | #if defined(CONFIG_USER_ONLY) |
390 | target_ulong cpu_get_phys_page_debug(CPUState *env, target_ulong addr) | |
391 | { | |
392 | return addr; | |
393 | } | |
394 | #else | |
395 | target_ulong cpu_get_phys_page_debug(CPUState *env, target_ulong addr) | |
396 | { | |
397 | uint32_t phys_addr; | |
398 | int prot; | |
399 | ||
400 | if (get_physical_address(env, &phys_addr, &prot, addr, 0, ACCESS_INT) != 0) | |
401 | return -1; | |
402 | return phys_addr; | |
403 | } | |
404 | #endif | |
9a64fbe4 FB |
405 | |
406 | #if !defined(CONFIG_USER_ONLY) | |
407 | ||
408 | #define MMUSUFFIX _mmu | |
409 | #define GETPC() (__builtin_return_address(0)) | |
410 | ||
411 | #define SHIFT 0 | |
412 | #include "softmmu_template.h" | |
413 | ||
414 | #define SHIFT 1 | |
415 | #include "softmmu_template.h" | |
416 | ||
417 | #define SHIFT 2 | |
418 | #include "softmmu_template.h" | |
419 | ||
420 | #define SHIFT 3 | |
421 | #include "softmmu_template.h" | |
422 | ||
423 | /* try to fill the TLB and return an exception if error. If retaddr is | |
424 | NULL, it means that the function was called in C code (i.e. not | |
425 | from generated code or from helper.c) */ | |
426 | /* XXX: fix it to restore all registers */ | |
a541f297 | 427 | void tlb_fill(unsigned long addr, int is_write, int is_user, void *retaddr) |
9a64fbe4 FB |
428 | { |
429 | TranslationBlock *tb; | |
9a64fbe4 | 430 | CPUState *saved_env; |
a541f297 FB |
431 | unsigned long pc; |
432 | int ret; | |
9a64fbe4 FB |
433 | |
434 | /* XXX: hack to restore env in all cases, even if not called from | |
435 | generated code */ | |
436 | saved_env = env; | |
437 | env = cpu_single_env; | |
9a64fbe4 FB |
438 | { |
439 | unsigned long tlb_addrr, tlb_addrw; | |
440 | int index; | |
441 | index = (addr >> TARGET_PAGE_BITS) & (CPU_TLB_SIZE - 1); | |
442 | tlb_addrr = env->tlb_read[is_user][index].address; | |
443 | tlb_addrw = env->tlb_write[is_user][index].address; | |
444 | #if 0 | |
445 | printf("%s 1 %p %p idx=%d addr=0x%08lx tbl_addr=0x%08lx 0x%08lx " | |
446 | "(0x%08lx 0x%08lx)\n", __func__, env, | |
447 | &env->tlb_read[is_user][index], index, addr, | |
448 | tlb_addrr, tlb_addrw, addr & TARGET_PAGE_MASK, | |
449 | tlb_addrr & (TARGET_PAGE_MASK | TLB_INVALID_MASK)); | |
450 | #endif | |
451 | } | |
a541f297 | 452 | ret = cpu_ppc_handle_mmu_fault(env, addr, is_write, is_user, 1); |
9a64fbe4 FB |
453 | if (ret) { |
454 | if (retaddr) { | |
455 | /* now we have a real cpu fault */ | |
456 | pc = (unsigned long)retaddr; | |
457 | tb = tb_find_pc(pc); | |
458 | if (tb) { | |
459 | /* the PC is inside the translated code. It means that we have | |
460 | a virtual CPU fault */ | |
b324e814 | 461 | cpu_restore_state(tb, env, pc, NULL); |
9a64fbe4 FB |
462 | } |
463 | } | |
9fddaa0c | 464 | do_raise_exception_err(env->exception_index, env->error_code); |
9a64fbe4 FB |
465 | } |
466 | { | |
467 | unsigned long tlb_addrr, tlb_addrw; | |
468 | int index; | |
469 | index = (addr >> TARGET_PAGE_BITS) & (CPU_TLB_SIZE - 1); | |
470 | tlb_addrr = env->tlb_read[is_user][index].address; | |
471 | tlb_addrw = env->tlb_write[is_user][index].address; | |
472 | #if 0 | |
473 | printf("%s 2 %p %p idx=%d addr=0x%08lx tbl_addr=0x%08lx 0x%08lx " | |
474 | "(0x%08lx 0x%08lx)\n", __func__, env, | |
475 | &env->tlb_read[is_user][index], index, addr, | |
476 | tlb_addrr, tlb_addrw, addr & TARGET_PAGE_MASK, | |
477 | tlb_addrr & (TARGET_PAGE_MASK | TLB_INVALID_MASK)); | |
478 | #endif | |
479 | } | |
480 | env = saved_env; | |
481 | } | |
482 | ||
a541f297 | 483 | void cpu_ppc_init_mmu(CPUState *env) |
9a64fbe4 FB |
484 | { |
485 | /* Nothing to do: all translation are disabled */ | |
486 | } | |
487 | #endif | |
488 | ||
489 | /* Perform address translation */ | |
490 | int cpu_ppc_handle_mmu_fault (CPUState *env, uint32_t address, int rw, | |
a541f297 | 491 | int is_user, int is_softmmu) |
9a64fbe4 FB |
492 | { |
493 | uint32_t physical; | |
494 | int prot; | |
495 | int exception = 0, error_code = 0; | |
a541f297 | 496 | int access_type; |
9a64fbe4 FB |
497 | int ret = 0; |
498 | ||
499 | // printf("%s 0\n", __func__); | |
ac9eb073 | 500 | access_type = env->access_type; |
9a64fbe4 FB |
501 | if (env->user_mode_only) { |
502 | /* user mode only emulation */ | |
1ef59d0a | 503 | ret = -2; |
9a64fbe4 FB |
504 | goto do_fault; |
505 | } | |
a541f297 FB |
506 | /* NASTY BUG workaround */ |
507 | if (access_type == ACCESS_CODE && rw) { | |
1ef59d0a | 508 | printf("%s: ERROR WRITE CODE ACCESS\n", __func__); |
a541f297 FB |
509 | access_type = ACCESS_INT; |
510 | } | |
9a64fbe4 FB |
511 | ret = get_physical_address(env, &physical, &prot, |
512 | address, rw, access_type); | |
513 | if (ret == 0) { | |
a541f297 FB |
514 | ret = tlb_set_page(env, address & ~0xFFF, physical, prot, |
515 | is_user, is_softmmu); | |
9a64fbe4 FB |
516 | } else if (ret < 0) { |
517 | do_fault: | |
518 | #if defined (DEBUG_MMU) | |
a541f297 FB |
519 | if (loglevel > 0) |
520 | cpu_ppc_dump_state(env, logfile, 0); | |
9a64fbe4 FB |
521 | #endif |
522 | if (access_type == ACCESS_CODE) { | |
523 | exception = EXCP_ISI; | |
524 | switch (ret) { | |
525 | case -1: | |
526 | /* No matches in page tables */ | |
527 | error_code = EXCP_ISI_TRANSLATE; | |
528 | break; | |
529 | case -2: | |
530 | /* Access rights violation */ | |
531 | error_code = EXCP_ISI_PROT; | |
532 | break; | |
533 | case -3: | |
a541f297 | 534 | /* No execute protection violation */ |
9a64fbe4 FB |
535 | error_code = EXCP_ISI_NOEXEC; |
536 | break; | |
537 | case -4: | |
538 | /* Direct store exception */ | |
539 | /* No code fetch is allowed in direct-store areas */ | |
a541f297 | 540 | error_code = EXCP_ISI_DIRECT; |
9a64fbe4 FB |
541 | break; |
542 | } | |
543 | } else { | |
544 | exception = EXCP_DSI; | |
545 | switch (ret) { | |
546 | case -1: | |
547 | /* No matches in page tables */ | |
548 | error_code = EXCP_DSI_TRANSLATE; | |
549 | break; | |
550 | case -2: | |
551 | /* Access rights violation */ | |
552 | error_code = EXCP_DSI_PROT; | |
553 | break; | |
554 | case -4: | |
555 | /* Direct store exception */ | |
556 | switch (access_type) { | |
557 | case ACCESS_FLOAT: | |
558 | /* Floating point load/store */ | |
559 | exception = EXCP_ALIGN; | |
560 | error_code = EXCP_ALIGN_FP; | |
561 | break; | |
562 | case ACCESS_RES: | |
563 | /* lwarx, ldarx or srwcx. */ | |
564 | exception = EXCP_DSI; | |
565 | error_code = EXCP_DSI_NOTSUP | EXCP_DSI_DIRECT; | |
9a64fbe4 FB |
566 | break; |
567 | case ACCESS_EXT: | |
568 | /* eciwx or ecowx */ | |
569 | exception = EXCP_DSI; | |
a541f297 FB |
570 | error_code = EXCP_DSI_NOTSUP | EXCP_DSI_DIRECT | |
571 | EXCP_DSI_ECXW; | |
9a64fbe4 FB |
572 | break; |
573 | default: | |
a541f297 | 574 | printf("DSI: invalid exception (%d)\n", ret); |
9a64fbe4 FB |
575 | exception = EXCP_PROGRAM; |
576 | error_code = EXCP_INVAL | EXCP_INVAL_INVAL; | |
577 | break; | |
578 | } | |
579 | } | |
580 | if (rw) | |
581 | error_code |= EXCP_DSI_STORE; | |
a541f297 FB |
582 | /* Store fault address */ |
583 | env->spr[DAR] = address; | |
9a64fbe4 FB |
584 | } |
585 | #if 0 | |
586 | printf("%s: set exception to %d %02x\n", | |
587 | __func__, exception, error_code); | |
588 | #endif | |
589 | env->exception_index = exception; | |
590 | env->error_code = error_code; | |
9a64fbe4 FB |
591 | ret = 1; |
592 | } | |
593 | ||
594 | return ret; | |
595 | } | |
596 | ||
a541f297 | 597 | uint32_t _load_xer (CPUState *env) |
79aceca5 FB |
598 | { |
599 | return (xer_so << XER_SO) | | |
600 | (xer_ov << XER_OV) | | |
601 | (xer_ca << XER_CA) | | |
602 | (xer_bc << XER_BC); | |
603 | } | |
604 | ||
a541f297 | 605 | void _store_xer (CPUState *env, uint32_t value) |
79aceca5 FB |
606 | { |
607 | xer_so = (value >> XER_SO) & 0x01; | |
608 | xer_ov = (value >> XER_OV) & 0x01; | |
609 | xer_ca = (value >> XER_CA) & 0x01; | |
610 | xer_bc = (value >> XER_BC) & 0x1f; | |
611 | } | |
612 | ||
a541f297 | 613 | uint32_t _load_msr (CPUState *env) |
79aceca5 FB |
614 | { |
615 | return (msr_pow << MSR_POW) | | |
616 | (msr_ile << MSR_ILE) | | |
617 | (msr_ee << MSR_EE) | | |
618 | (msr_pr << MSR_PR) | | |
619 | (msr_fp << MSR_FP) | | |
620 | (msr_me << MSR_ME) | | |
621 | (msr_fe0 << MSR_FE0) | | |
622 | (msr_se << MSR_SE) | | |
623 | (msr_be << MSR_BE) | | |
624 | (msr_fe1 << MSR_FE1) | | |
625 | (msr_ip << MSR_IP) | | |
626 | (msr_ir << MSR_IR) | | |
627 | (msr_dr << MSR_DR) | | |
628 | (msr_ri << MSR_RI) | | |
629 | (msr_le << MSR_LE); | |
630 | } | |
631 | ||
a541f297 | 632 | void _store_msr (CPUState *env, uint32_t value) |
79aceca5 | 633 | { |
1ef59d0a FB |
634 | if (((value >> MSR_IR) & 0x01) != msr_ir || |
635 | ((value >> MSR_DR) & 0x01) != msr_dr) { | |
a541f297 | 636 | /* Flush all tlb when changing translation mode or privilege level */ |
1ef59d0a | 637 | tlb_flush(env, 1); |
a541f297 | 638 | } |
9a64fbe4 FB |
639 | msr_pow = (value >> MSR_POW) & 0x03; |
640 | msr_ile = (value >> MSR_ILE) & 0x01; | |
641 | msr_ee = (value >> MSR_EE) & 0x01; | |
642 | msr_pr = (value >> MSR_PR) & 0x01; | |
643 | msr_fp = (value >> MSR_FP) & 0x01; | |
644 | msr_me = (value >> MSR_ME) & 0x01; | |
645 | msr_fe0 = (value >> MSR_FE0) & 0x01; | |
646 | msr_se = (value >> MSR_SE) & 0x01; | |
647 | msr_be = (value >> MSR_BE) & 0x01; | |
648 | msr_fe1 = (value >> MSR_FE1) & 0x01; | |
649 | msr_ip = (value >> MSR_IP) & 0x01; | |
650 | msr_ir = (value >> MSR_IR) & 0x01; | |
651 | msr_dr = (value >> MSR_DR) & 0x01; | |
652 | msr_ri = (value >> MSR_RI) & 0x01; | |
653 | msr_le = (value >> MSR_LE) & 0x01; | |
79aceca5 FB |
654 | } |
655 | ||
9a64fbe4 | 656 | void do_interrupt (CPUState *env) |
79aceca5 | 657 | { |
9a64fbe4 FB |
658 | #if defined (CONFIG_USER_ONLY) |
659 | env->exception_index |= 0x100; | |
660 | #else | |
661 | uint32_t msr; | |
662 | int excp = env->exception_index; | |
79aceca5 | 663 | |
a541f297 | 664 | msr = _load_msr(env); |
9a64fbe4 | 665 | #if defined (DEBUG_EXCEPTIONS) |
a541f297 | 666 | if ((excp == EXCP_PROGRAM || excp == EXCP_DSI) && msr_pr == 1) |
9a64fbe4 FB |
667 | { |
668 | if (loglevel > 0) { | |
669 | fprintf(logfile, "Raise exception at 0x%08x => 0x%08x (%02x)\n", | |
670 | env->nip, excp << 8, env->error_code); | |
79aceca5 | 671 | } |
a541f297 FB |
672 | if (loglevel > 0) |
673 | cpu_ppc_dump_state(env, logfile, 0); | |
79aceca5 | 674 | } |
9a64fbe4 FB |
675 | #endif |
676 | /* Generate informations in save/restore registers */ | |
677 | switch (excp) { | |
678 | case EXCP_OFCALL: | |
679 | #if defined (USE_OPEN_FIRMWARE) | |
680 | env->gpr[3] = OF_client_entry((void *)env->gpr[3]); | |
681 | #endif | |
682 | return; | |
683 | case EXCP_RTASCALL: | |
684 | #if defined (USE_OPEN_FIRMWARE) | |
685 | printf("RTAS call !\n"); | |
686 | env->gpr[3] = RTAS_entry((void *)env->gpr[3]); | |
687 | printf("RTAS call done\n"); | |
688 | #endif | |
689 | return; | |
690 | case EXCP_NONE: | |
691 | /* Do nothing */ | |
692 | #if defined (DEBUG_EXCEPTIONS) | |
693 | printf("%s: escape EXCP_NONE\n", __func__); | |
694 | #endif | |
695 | return; | |
696 | case EXCP_RESET: | |
697 | if (msr_ip) | |
698 | excp += 0xFFC00; | |
699 | goto store_next; | |
700 | case EXCP_MACHINE_CHECK: | |
701 | if (msr_me == 0) { | |
702 | printf("Machine check exception while not allowed !\n"); | |
703 | if (loglevel) { | |
704 | fprintf(logfile, | |
705 | "Machine check exception while not allowed !\n"); | |
79aceca5 | 706 | } |
9a64fbe4 | 707 | abort(); |
79aceca5 | 708 | } |
9a64fbe4 FB |
709 | msr_me = 0; |
710 | break; | |
711 | case EXCP_DSI: | |
712 | /* Store exception cause */ | |
713 | /* data location address has been stored | |
714 | * when the fault has been detected | |
715 | */ | |
a541f297 FB |
716 | msr &= ~0xFFFF0000; |
717 | env->spr[DSISR] = 0; | |
718 | if (env->error_code & EXCP_DSI_TRANSLATE) | |
719 | env->spr[DSISR] |= 0x40000000; | |
720 | else if (env->error_code & EXCP_DSI_PROT) | |
721 | env->spr[DSISR] |= 0x08000000; | |
722 | else if (env->error_code & EXCP_DSI_NOTSUP) { | |
723 | env->spr[DSISR] |= 0x80000000; | |
724 | if (env->error_code & EXCP_DSI_DIRECT) | |
725 | env->spr[DSISR] |= 0x04000000; | |
726 | } | |
727 | if (env->error_code & EXCP_DSI_STORE) | |
728 | env->spr[DSISR] |= 0x02000000; | |
729 | if ((env->error_code & 0xF) == EXCP_DSI_DABR) | |
730 | env->spr[DSISR] |= 0x00400000; | |
731 | if (env->error_code & EXCP_DSI_ECXW) | |
732 | env->spr[DSISR] |= 0x00100000; | |
733 | #if defined (DEBUG_EXCEPTIONS) | |
734 | if (loglevel) { | |
735 | fprintf(logfile, "DSI exception: DSISR=0x%08x, DAR=0x%08x\n", | |
736 | env->spr[DSISR], env->spr[DAR]); | |
737 | } else { | |
738 | printf("DSI exception: DSISR=0x%08x, DAR=0x%08x nip=0x%08x\n", | |
739 | env->spr[DSISR], env->spr[DAR], env->nip); | |
740 | } | |
741 | #endif | |
742 | goto store_next; | |
9a64fbe4 FB |
743 | case EXCP_ISI: |
744 | /* Store exception cause */ | |
a541f297 | 745 | msr &= ~0xFFFF0000; |
9a64fbe4 FB |
746 | if (env->error_code == EXCP_ISI_TRANSLATE) |
747 | msr |= 0x40000000; | |
748 | else if (env->error_code == EXCP_ISI_NOEXEC || | |
a541f297 FB |
749 | env->error_code == EXCP_ISI_GUARD || |
750 | env->error_code == EXCP_ISI_DIRECT) | |
9a64fbe4 FB |
751 | msr |= 0x10000000; |
752 | else | |
753 | msr |= 0x08000000; | |
a541f297 FB |
754 | #if defined (DEBUG_EXCEPTIONS) |
755 | if (loglevel) { | |
756 | fprintf(logfile, "ISI exception: msr=0x%08x, nip=0x%08x\n", | |
757 | msr, env->nip); | |
758 | } else { | |
759 | printf("ISI exception: msr=0x%08x, nip=0x%08x tbl:0x%08x\n", | |
760 | msr, env->nip, env->spr[V_TBL]); | |
761 | } | |
762 | #endif | |
9a64fbe4 FB |
763 | goto store_next; |
764 | case EXCP_EXTERNAL: | |
765 | if (msr_ee == 0) { | |
766 | #if defined (DEBUG_EXCEPTIONS) | |
767 | if (loglevel > 0) { | |
768 | fprintf(logfile, "Skipping hardware interrupt\n"); | |
79aceca5 | 769 | } |
9a64fbe4 | 770 | #endif |
a541f297 | 771 | /* Requeue it */ |
9fddaa0c | 772 | do_raise_exception(EXCP_EXTERNAL); |
9a64fbe4 | 773 | return; |
79aceca5 | 774 | } |
9a64fbe4 FB |
775 | goto store_next; |
776 | case EXCP_ALIGN: | |
777 | /* Store exception cause */ | |
778 | /* Get rS/rD and rA from faulting opcode */ | |
779 | env->spr[DSISR] |= | |
780 | (ldl_code((void *)(env->nip - 4)) & 0x03FF0000) >> 16; | |
781 | /* data location address has been stored | |
782 | * when the fault has been detected | |
783 | */ | |
784 | goto store_current; | |
785 | case EXCP_PROGRAM: | |
786 | msr &= ~0xFFFF0000; | |
787 | switch (env->error_code & ~0xF) { | |
788 | case EXCP_FP: | |
789 | if (msr_fe0 == 0 && msr_fe1 == 0) { | |
790 | #if defined (DEBUG_EXCEPTIONS) | |
791 | printf("Ignore floating point exception\n"); | |
792 | #endif | |
793 | return; | |
79aceca5 | 794 | } |
9a64fbe4 FB |
795 | msr |= 0x00100000; |
796 | /* Set FX */ | |
797 | env->fpscr[7] |= 0x8; | |
798 | /* Finally, update FEX */ | |
799 | if ((((env->fpscr[7] & 0x3) << 3) | (env->fpscr[6] >> 1)) & | |
800 | ((env->fpscr[1] << 1) | (env->fpscr[0] >> 3))) | |
801 | env->fpscr[7] |= 0x4; | |
802 | break; | |
803 | case EXCP_INVAL: | |
a541f297 | 804 | printf("Invalid instruction at 0x%08x\n", env->nip); |
9a64fbe4 FB |
805 | msr |= 0x00080000; |
806 | break; | |
807 | case EXCP_PRIV: | |
808 | msr |= 0x00040000; | |
809 | break; | |
810 | case EXCP_TRAP: | |
811 | msr |= 0x00020000; | |
812 | break; | |
813 | default: | |
814 | /* Should never occur */ | |
815 | break; | |
79aceca5 | 816 | } |
9a64fbe4 FB |
817 | msr |= 0x00010000; |
818 | goto store_current; | |
819 | case EXCP_NO_FP: | |
820 | goto store_current; | |
821 | case EXCP_DECR: | |
822 | if (msr_ee == 0) { | |
823 | /* Requeue it */ | |
9fddaa0c | 824 | do_raise_exception(EXCP_DECR); |
9a64fbe4 FB |
825 | return; |
826 | } | |
827 | goto store_next; | |
828 | case EXCP_SYSCALL: | |
829 | #if defined (DEBUG_EXCEPTIONS) | |
a541f297 FB |
830 | if (msr_pr) { |
831 | if (loglevel) { | |
832 | fprintf(logfile, "syscall %d 0x%08x 0x%08x 0x%08x 0x%08x\n", | |
833 | env->gpr[0], env->gpr[3], env->gpr[4], | |
834 | env->gpr[5], env->gpr[6]); | |
835 | } else { | |
836 | printf("syscall %d from 0x%08x 0x%08x 0x%08x 0x%08x 0x%08x\n", | |
837 | env->gpr[0], env->nip, env->gpr[3], env->gpr[4], | |
838 | env->gpr[5], env->gpr[6]); | |
839 | } | |
840 | } | |
9a64fbe4 FB |
841 | #endif |
842 | goto store_next; | |
843 | case EXCP_TRACE: | |
844 | goto store_next; | |
845 | case EXCP_FP_ASSIST: | |
846 | goto store_next; | |
847 | case EXCP_MTMSR: | |
848 | /* Nothing to do */ | |
9a64fbe4 FB |
849 | return; |
850 | case EXCP_BRANCH: | |
851 | /* Nothing to do */ | |
9a64fbe4 FB |
852 | return; |
853 | case EXCP_RFI: | |
854 | /* Restore user-mode state */ | |
a541f297 | 855 | tb_flush(env); |
9a64fbe4 | 856 | #if defined (DEBUG_EXCEPTIONS) |
a541f297 FB |
857 | if (msr_pr == 1) |
858 | printf("Return from exception => 0x%08x\n", (uint32_t)env->nip); | |
9a64fbe4 FB |
859 | #endif |
860 | return; | |
861 | store_current: | |
862 | /* SRR0 is set to current instruction */ | |
863 | env->spr[SRR0] = (uint32_t)env->nip - 4; | |
864 | break; | |
865 | store_next: | |
866 | /* SRR0 is set to next instruction */ | |
867 | env->spr[SRR0] = (uint32_t)env->nip; | |
868 | break; | |
869 | } | |
870 | env->spr[SRR1] = msr; | |
871 | /* reload MSR with correct bits */ | |
872 | msr_pow = 0; | |
873 | msr_ee = 0; | |
874 | msr_pr = 0; | |
875 | msr_fp = 0; | |
876 | msr_fe0 = 0; | |
877 | msr_se = 0; | |
878 | msr_be = 0; | |
879 | msr_fe1 = 0; | |
880 | msr_ir = 0; | |
881 | msr_dr = 0; | |
882 | msr_ri = 0; | |
883 | msr_le = msr_ile; | |
884 | /* Jump to handler */ | |
885 | env->nip = excp << 8; | |
886 | env->exception_index = EXCP_NONE; | |
887 | /* Invalidate all TLB as we may have changed translation mode */ | |
1ef59d0a | 888 | tlb_flush(env, 1); |
9a64fbe4 FB |
889 | /* ensure that no TB jump will be modified as |
890 | the program flow was changed */ | |
891 | #ifdef __sparc__ | |
892 | tmp_T0 = 0; | |
893 | #else | |
894 | T0 = 0; | |
895 | #endif | |
896 | #endif | |
9fddaa0c | 897 | env->exception_index = -1; |
fb0eaffc | 898 | } |