2 * Copyright (c) 2011, Max Filippov, Open Source and Linux Lab.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are met:
7 * * Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * * Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * * Neither the name of the Open Source and Linux Lab nor the
13 * names of its contributors may be used to endorse or promote products
14 * derived from this software without specific prior written permission.
16 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
17 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
20 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 #include "qemu-common.h"
32 #include "host-utils.h"
33 #if !defined(CONFIG_USER_ONLY)
34 #include "hw/loader.h"
37 static void reset_mmu(CPUState
*env
);
39 void cpu_reset(CPUXtensaState
*env
)
41 env
->exception_taken
= 0;
42 env
->pc
= env
->config
->exception_vector
[EXC_RESET
];
43 env
->sregs
[LITBASE
] &= ~1;
44 env
->sregs
[PS
] = xtensa_option_enabled(env
->config
,
45 XTENSA_OPTION_INTERRUPT
) ? 0x1f : 0x10;
46 env
->sregs
[VECBASE
] = env
->config
->vecbase
;
47 env
->sregs
[IBREAKENABLE
] = 0;
49 env
->pending_irq_level
= 0;
53 static struct XtensaConfigList
*xtensa_cores
;
55 void xtensa_register_core(XtensaConfigList
*node
)
57 node
->next
= xtensa_cores
;
61 CPUXtensaState
*cpu_xtensa_init(const char *cpu_model
)
63 static int tcg_inited
;
65 const XtensaConfig
*config
= NULL
;
66 XtensaConfigList
*core
= xtensa_cores
;
68 for (; core
; core
= core
->next
)
69 if (strcmp(core
->config
->name
, cpu_model
) == 0) {
70 config
= core
->config
;
78 env
= g_malloc0(sizeof(*env
));
84 xtensa_translate_init();
93 void xtensa_cpu_list(FILE *f
, fprintf_function cpu_fprintf
)
95 XtensaConfigList
*core
= xtensa_cores
;
96 cpu_fprintf(f
, "Available CPUs:\n");
97 for (; core
; core
= core
->next
) {
98 cpu_fprintf(f
, " %s\n", core
->config
->name
);
102 target_phys_addr_t
cpu_get_phys_page_debug(CPUState
*env
, target_ulong addr
)
108 if (xtensa_get_physical_addr(env
, addr
, 0, 0,
109 &paddr
, &page_size
, &access
) == 0) {
112 if (xtensa_get_physical_addr(env
, addr
, 2, 0,
113 &paddr
, &page_size
, &access
) == 0) {
119 static uint32_t relocated_vector(CPUState
*env
, uint32_t vector
)
121 if (xtensa_option_enabled(env
->config
,
122 XTENSA_OPTION_RELOCATABLE_VECTOR
)) {
123 return vector
- env
->config
->vecbase
+ env
->sregs
[VECBASE
];
130 * Handle penging IRQ.
131 * For the high priority interrupt jump to the corresponding interrupt vector.
132 * For the level-1 interrupt convert it to either user, kernel or double
133 * exception with the 'level-1 interrupt' exception cause.
135 static void handle_interrupt(CPUState
*env
)
137 int level
= env
->pending_irq_level
;
139 if (level
> xtensa_get_cintlevel(env
) &&
140 level
<= env
->config
->nlevel
&&
141 (env
->config
->level_mask
[level
] &
143 env
->sregs
[INTENABLE
])) {
145 env
->sregs
[EPC1
+ level
- 1] = env
->pc
;
146 env
->sregs
[EPS2
+ level
- 2] = env
->sregs
[PS
];
148 (env
->sregs
[PS
] & ~PS_INTLEVEL
) | level
| PS_EXCM
;
149 env
->pc
= relocated_vector(env
,
150 env
->config
->interrupt_vector
[level
]);
152 env
->sregs
[EXCCAUSE
] = LEVEL1_INTERRUPT_CAUSE
;
154 if (env
->sregs
[PS
] & PS_EXCM
) {
155 if (env
->config
->ndepc
) {
156 env
->sregs
[DEPC
] = env
->pc
;
158 env
->sregs
[EPC1
] = env
->pc
;
160 env
->exception_index
= EXC_DOUBLE
;
162 env
->sregs
[EPC1
] = env
->pc
;
163 env
->exception_index
=
164 (env
->sregs
[PS
] & PS_UM
) ? EXC_USER
: EXC_KERNEL
;
166 env
->sregs
[PS
] |= PS_EXCM
;
168 env
->exception_taken
= 1;
172 void do_interrupt(CPUState
*env
)
174 if (env
->exception_index
== EXC_IRQ
) {
175 qemu_log_mask(CPU_LOG_INT
,
176 "%s(EXC_IRQ) level = %d, cintlevel = %d, "
177 "pc = %08x, a0 = %08x, ps = %08x, "
178 "intset = %08x, intenable = %08x, "
180 __func__
, env
->pending_irq_level
, xtensa_get_cintlevel(env
),
181 env
->pc
, env
->regs
[0], env
->sregs
[PS
],
182 env
->sregs
[INTSET
], env
->sregs
[INTENABLE
],
184 handle_interrupt(env
);
187 switch (env
->exception_index
) {
188 case EXC_WINDOW_OVERFLOW4
:
189 case EXC_WINDOW_UNDERFLOW4
:
190 case EXC_WINDOW_OVERFLOW8
:
191 case EXC_WINDOW_UNDERFLOW8
:
192 case EXC_WINDOW_OVERFLOW12
:
193 case EXC_WINDOW_UNDERFLOW12
:
198 qemu_log_mask(CPU_LOG_INT
, "%s(%d) "
199 "pc = %08x, a0 = %08x, ps = %08x, ccount = %08x\n",
200 __func__
, env
->exception_index
,
201 env
->pc
, env
->regs
[0], env
->sregs
[PS
], env
->sregs
[CCOUNT
]);
202 if (env
->config
->exception_vector
[env
->exception_index
]) {
203 env
->pc
= relocated_vector(env
,
204 env
->config
->exception_vector
[env
->exception_index
]);
205 env
->exception_taken
= 1;
207 qemu_log("%s(pc = %08x) bad exception_index: %d\n",
208 __func__
, env
->pc
, env
->exception_index
);
216 qemu_log("%s(pc = %08x) unknown exception_index: %d\n",
217 __func__
, env
->pc
, env
->exception_index
);
220 check_interrupts(env
);
223 static void reset_tlb_mmu_all_ways(CPUState
*env
,
224 const xtensa_tlb
*tlb
, xtensa_tlb_entry entry
[][MAX_TLB_WAY_SIZE
])
228 for (wi
= 0; wi
< tlb
->nways
; ++wi
) {
229 for (ei
= 0; ei
< tlb
->way_size
[wi
]; ++ei
) {
230 entry
[wi
][ei
].asid
= 0;
231 entry
[wi
][ei
].variable
= true;
236 static void reset_tlb_mmu_ways56(CPUState
*env
,
237 const xtensa_tlb
*tlb
, xtensa_tlb_entry entry
[][MAX_TLB_WAY_SIZE
])
239 if (!tlb
->varway56
) {
240 static const xtensa_tlb_entry way5
[] = {
255 static const xtensa_tlb_entry way6
[] = {
270 memcpy(entry
[5], way5
, sizeof(way5
));
271 memcpy(entry
[6], way6
, sizeof(way6
));
274 for (ei
= 0; ei
< 8; ++ei
) {
275 entry
[6][ei
].vaddr
= ei
<< 29;
276 entry
[6][ei
].paddr
= ei
<< 29;
277 entry
[6][ei
].asid
= 1;
278 entry
[6][ei
].attr
= 3;
283 static void reset_tlb_region_way0(CPUState
*env
,
284 xtensa_tlb_entry entry
[][MAX_TLB_WAY_SIZE
])
288 for (ei
= 0; ei
< 8; ++ei
) {
289 entry
[0][ei
].vaddr
= ei
<< 29;
290 entry
[0][ei
].paddr
= ei
<< 29;
291 entry
[0][ei
].asid
= 1;
292 entry
[0][ei
].attr
= 2;
293 entry
[0][ei
].variable
= true;
297 static void reset_mmu(CPUState
*env
)
299 if (xtensa_option_enabled(env
->config
, XTENSA_OPTION_MMU
)) {
300 env
->sregs
[RASID
] = 0x04030201;
301 env
->sregs
[ITLBCFG
] = 0;
302 env
->sregs
[DTLBCFG
] = 0;
303 env
->autorefill_idx
= 0;
304 reset_tlb_mmu_all_ways(env
, &env
->config
->itlb
, env
->itlb
);
305 reset_tlb_mmu_all_ways(env
, &env
->config
->dtlb
, env
->dtlb
);
306 reset_tlb_mmu_ways56(env
, &env
->config
->itlb
, env
->itlb
);
307 reset_tlb_mmu_ways56(env
, &env
->config
->dtlb
, env
->dtlb
);
309 reset_tlb_region_way0(env
, env
->itlb
);
310 reset_tlb_region_way0(env
, env
->dtlb
);
314 static unsigned get_ring(const CPUState
*env
, uint8_t asid
)
317 for (i
= 0; i
< 4; ++i
) {
318 if (((env
->sregs
[RASID
] >> i
* 8) & 0xff) == asid
) {
326 * Lookup xtensa TLB for the given virtual address.
329 * \param pwi: [out] way index
330 * \param pei: [out] entry index
331 * \param pring: [out] access ring
332 * \return 0 if ok, exception cause code otherwise
334 int xtensa_tlb_lookup(const CPUState
*env
, uint32_t addr
, bool dtlb
,
335 uint32_t *pwi
, uint32_t *pei
, uint8_t *pring
)
337 const xtensa_tlb
*tlb
= dtlb
?
338 &env
->config
->dtlb
: &env
->config
->itlb
;
339 const xtensa_tlb_entry (*entry
)[MAX_TLB_WAY_SIZE
] = dtlb
?
340 env
->dtlb
: env
->itlb
;
345 for (wi
= 0; wi
< tlb
->nways
; ++wi
) {
348 split_tlb_entry_spec_way(env
, addr
, dtlb
, &vpn
, wi
, &ei
);
349 if (entry
[wi
][ei
].vaddr
== vpn
&& entry
[wi
][ei
].asid
) {
350 unsigned ring
= get_ring(env
, entry
[wi
][ei
].asid
);
354 LOAD_STORE_TLB_MULTI_HIT_CAUSE
:
355 INST_TLB_MULTI_HIT_CAUSE
;
364 (dtlb
? LOAD_STORE_TLB_MISS_CAUSE
: INST_TLB_MISS_CAUSE
);
368 * Convert MMU ATTR to PAGE_{READ,WRITE,EXEC} mask.
371 static unsigned mmu_attr_to_access(uint32_t attr
)
380 access
|= PAGE_WRITE
;
382 } else if (attr
== 13) {
383 access
|= PAGE_READ
| PAGE_WRITE
;
389 * Convert region protection ATTR to PAGE_{READ,WRITE,EXEC} mask.
392 static unsigned region_attr_to_access(uint32_t attr
)
395 if ((attr
< 6 && attr
!= 3) || attr
== 14) {
396 access
|= PAGE_READ
| PAGE_WRITE
;
398 if (attr
> 0 && attr
< 6) {
404 static bool is_access_granted(unsigned access
, int is_write
)
408 return access
& PAGE_READ
;
411 return access
& PAGE_WRITE
;
414 return access
& PAGE_EXEC
;
421 static int autorefill_mmu(CPUState
*env
, uint32_t vaddr
, bool dtlb
,
422 uint32_t *wi
, uint32_t *ei
, uint8_t *ring
);
424 static int get_physical_addr_mmu(CPUState
*env
,
425 uint32_t vaddr
, int is_write
, int mmu_idx
,
426 uint32_t *paddr
, uint32_t *page_size
, unsigned *access
)
428 bool dtlb
= is_write
!= 2;
432 int ret
= xtensa_tlb_lookup(env
, vaddr
, dtlb
, &wi
, &ei
, &ring
);
434 if ((ret
== INST_TLB_MISS_CAUSE
|| ret
== LOAD_STORE_TLB_MISS_CAUSE
) &&
435 (mmu_idx
!= 0 || ((vaddr
^ env
->sregs
[PTEVADDR
]) & 0xffc00000)) &&
436 autorefill_mmu(env
, vaddr
, dtlb
, &wi
, &ei
, &ring
) == 0) {
443 const xtensa_tlb_entry
*entry
=
444 xtensa_tlb_get_entry(env
, dtlb
, wi
, ei
);
446 if (ring
< mmu_idx
) {
448 LOAD_STORE_PRIVILEGE_CAUSE
:
449 INST_FETCH_PRIVILEGE_CAUSE
;
452 *access
= mmu_attr_to_access(entry
->attr
);
453 if (!is_access_granted(*access
, is_write
)) {
456 STORE_PROHIBITED_CAUSE
:
457 LOAD_PROHIBITED_CAUSE
) :
458 INST_FETCH_PROHIBITED_CAUSE
;
461 *paddr
= entry
->paddr
| (vaddr
& ~xtensa_tlb_get_addr_mask(env
, dtlb
, wi
));
462 *page_size
= ~xtensa_tlb_get_addr_mask(env
, dtlb
, wi
) + 1;
467 static int autorefill_mmu(CPUState
*env
, uint32_t vaddr
, bool dtlb
,
468 uint32_t *wi
, uint32_t *ei
, uint8_t *ring
)
474 (env
->sregs
[PTEVADDR
] | (vaddr
>> 10)) & 0xfffffffc;
475 int ret
= get_physical_addr_mmu(env
, pt_vaddr
, 0, 0,
476 &paddr
, &page_size
, &access
);
478 qemu_log("%s: trying autorefill(%08x) -> %08x\n", __func__
,
479 vaddr
, ret
? ~0 : paddr
);
483 uint32_t pte
= ldl_phys(paddr
);
485 *ring
= (pte
>> 4) & 0x3;
486 *wi
= (++env
->autorefill_idx
) & 0x3;
487 split_tlb_entry_spec_way(env
, vaddr
, dtlb
, &vpn
, *wi
, ei
);
488 xtensa_tlb_set_entry(env
, dtlb
, *wi
, *ei
, vpn
, pte
);
489 qemu_log("%s: autorefill(%08x): %08x -> %08x\n",
490 __func__
, vaddr
, vpn
, pte
);
495 static int get_physical_addr_region(CPUState
*env
,
496 uint32_t vaddr
, int is_write
, int mmu_idx
,
497 uint32_t *paddr
, uint32_t *page_size
, unsigned *access
)
499 bool dtlb
= is_write
!= 2;
501 uint32_t ei
= (vaddr
>> 29) & 0x7;
502 const xtensa_tlb_entry
*entry
=
503 xtensa_tlb_get_entry(env
, dtlb
, wi
, ei
);
505 *access
= region_attr_to_access(entry
->attr
);
506 if (!is_access_granted(*access
, is_write
)) {
509 STORE_PROHIBITED_CAUSE
:
510 LOAD_PROHIBITED_CAUSE
) :
511 INST_FETCH_PROHIBITED_CAUSE
;
514 *paddr
= entry
->paddr
| (vaddr
& ~REGION_PAGE_MASK
);
515 *page_size
= ~REGION_PAGE_MASK
+ 1;
521 * Convert virtual address to physical addr.
522 * MMU may issue pagewalk and change xtensa autorefill TLB way entry.
524 * \return 0 if ok, exception cause code otherwise
526 int xtensa_get_physical_addr(CPUState
*env
,
527 uint32_t vaddr
, int is_write
, int mmu_idx
,
528 uint32_t *paddr
, uint32_t *page_size
, unsigned *access
)
530 if (xtensa_option_enabled(env
->config
, XTENSA_OPTION_MMU
)) {
531 return get_physical_addr_mmu(env
, vaddr
, is_write
, mmu_idx
,
532 paddr
, page_size
, access
);
533 } else if (xtensa_option_bits_enabled(env
->config
,
534 XTENSA_OPTION_BIT(XTENSA_OPTION_REGION_PROTECTION
) |
535 XTENSA_OPTION_BIT(XTENSA_OPTION_REGION_TRANSLATION
))) {
536 return get_physical_addr_region(env
, vaddr
, is_write
, mmu_idx
,
537 paddr
, page_size
, access
);
540 *page_size
= TARGET_PAGE_SIZE
;
541 *access
= PAGE_READ
| PAGE_WRITE
| PAGE_EXEC
;
546 static void dump_tlb(FILE *f
, fprintf_function cpu_fprintf
,
547 CPUState
*env
, bool dtlb
)
550 const xtensa_tlb
*conf
=
551 dtlb
? &env
->config
->dtlb
: &env
->config
->itlb
;
552 unsigned (*attr_to_access
)(uint32_t) =
553 xtensa_option_enabled(env
->config
, XTENSA_OPTION_MMU
) ?
554 mmu_attr_to_access
: region_attr_to_access
;
556 for (wi
= 0; wi
< conf
->nways
; ++wi
) {
557 uint32_t sz
= ~xtensa_tlb_get_addr_mask(env
, dtlb
, wi
) + 1;
559 bool print_header
= true;
561 if (sz
>= 0x100000) {
569 for (ei
= 0; ei
< conf
->way_size
[wi
]; ++ei
) {
570 const xtensa_tlb_entry
*entry
=
571 xtensa_tlb_get_entry(env
, dtlb
, wi
, ei
);
574 unsigned access
= attr_to_access(entry
->attr
);
577 print_header
= false;
578 cpu_fprintf(f
, "Way %u (%d %s)\n", wi
, sz
, sz_text
);
580 "\tVaddr Paddr ASID Attr RWX\n"
581 "\t---------- ---------- ---- ---- ---\n");
584 "\t0x%08x 0x%08x 0x%02x 0x%02x %c%c%c\n",
589 (access
& PAGE_READ
) ? 'R' : '-',
590 (access
& PAGE_WRITE
) ? 'W' : '-',
591 (access
& PAGE_EXEC
) ? 'X' : '-');
597 void dump_mmu(FILE *f
, fprintf_function cpu_fprintf
, CPUState
*env
)
599 if (xtensa_option_bits_enabled(env
->config
,
600 XTENSA_OPTION_BIT(XTENSA_OPTION_REGION_PROTECTION
) |
601 XTENSA_OPTION_BIT(XTENSA_OPTION_REGION_TRANSLATION
) |
602 XTENSA_OPTION_BIT(XTENSA_OPTION_MMU
))) {
604 cpu_fprintf(f
, "ITLB:\n");
605 dump_tlb(f
, cpu_fprintf
, env
, false);
606 cpu_fprintf(f
, "\nDTLB:\n");
607 dump_tlb(f
, cpu_fprintf
, env
, true);
609 cpu_fprintf(f
, "No TLB for this CPU core\n");