1 /* 2 * QEMU ARM CP Register access and descriptions 3 * 4 * Copyright (c) 2022 Linaro Ltd 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version 2 9 * of the License, or (at your option) any later version. 10 * 11 * This program is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 * GNU General Public License for more details. 15 * 16 * You should have received a copy of the GNU General Public License 17 * along with this program; if not, see 18 * <http://www.gnu.org/licenses/gpl-2.0.html> 19 */ 20 21 #ifndef TARGET_ARM_CPREGS_H 22 #define TARGET_ARM_CPREGS_H 23 24 /* 25 * ARMCPRegInfo type field bits. If the SPECIAL bit is set this is a 26 * special-behaviour cp reg and bits [11..8] indicate what behaviour 27 * it has. Otherwise it is a simple cp reg, where CONST indicates that 28 * TCG can assume the value to be constant (ie load at translate time) 29 * and 64BIT indicates a 64 bit wide coprocessor register. SUPPRESS_TB_END 30 * indicates that the TB should not be ended after a write to this register 31 * (the default is that the TB ends after cp writes). OVERRIDE permits 32 * a register definition to override a previous definition for the 33 * same (cp, is64, crn, crm, opc1, opc2) tuple: either the new or the 34 * old must have the OVERRIDE bit set. 35 * ALIAS indicates that this register is an alias view of some underlying 36 * state which is also visible via another register, and that the other 37 * register is handling migration and reset; registers marked ALIAS will not be 38 * migrated but may have their state set by syncing of register state from KVM. 39 * NO_RAW indicates that this register has no underlying state and does not 40 * support raw access for state saving/loading; it will not be used for either 41 * migration or KVM state synchronization. (Typically this is for "registers" 42 * which are actually used as instructions for cache maintenance and so on.) 43 * IO indicates that this register does I/O and therefore its accesses 44 * need to be marked with gen_io_start() and also end the TB. In particular, 45 * registers which implement clocks or timers require this. 46 * RAISES_EXC is for when the read or write hook might raise an exception; 47 * the generated code will synchronize the CPU state before calling the hook 48 * so that it is safe for the hook to call raise_exception(). 49 * NEWEL is for writes to registers that might change the exception 50 * level - typically on older ARM chips. For those cases we need to 51 * re-read the new el when recomputing the translation flags. 52 */ 53 #define ARM_CP_SPECIAL 0x0001 54 #define ARM_CP_CONST 0x0002 55 #define ARM_CP_64BIT 0x0004 56 #define ARM_CP_SUPPRESS_TB_END 0x0008 57 #define ARM_CP_OVERRIDE 0x0010 58 #define ARM_CP_ALIAS 0x0020 59 #define ARM_CP_IO 0x0040 60 #define ARM_CP_NO_RAW 0x0080 61 #define ARM_CP_NOP (ARM_CP_SPECIAL | 0x0100) 62 #define ARM_CP_WFI (ARM_CP_SPECIAL | 0x0200) 63 #define ARM_CP_NZCV (ARM_CP_SPECIAL | 0x0300) 64 #define ARM_CP_CURRENTEL (ARM_CP_SPECIAL | 0x0400) 65 #define ARM_CP_DC_ZVA (ARM_CP_SPECIAL | 0x0500) 66 #define ARM_CP_DC_GVA (ARM_CP_SPECIAL | 0x0600) 67 #define ARM_CP_DC_GZVA (ARM_CP_SPECIAL | 0x0700) 68 #define ARM_LAST_SPECIAL ARM_CP_DC_GZVA 69 #define ARM_CP_FPU 0x1000 70 #define ARM_CP_SVE 0x2000 71 #define ARM_CP_NO_GDB 0x4000 72 #define ARM_CP_RAISES_EXC 0x8000 73 #define ARM_CP_NEWEL 0x10000 74 /* Used only as a terminator for ARMCPRegInfo lists */ 75 #define ARM_CP_SENTINEL 0xfffff 76 /* Mask of only the flag bits in a type field */ 77 #define ARM_CP_FLAG_MASK 0x1f0ff 78 79 /* 80 * Valid values for ARMCPRegInfo state field, indicating which of 81 * the AArch32 and AArch64 execution states this register is visible in. 82 * If the reginfo doesn't explicitly specify then it is AArch32 only. 83 * If the reginfo is declared to be visible in both states then a second 84 * reginfo is synthesised for the AArch32 view of the AArch64 register, 85 * such that the AArch32 view is the lower 32 bits of the AArch64 one. 86 * Note that we rely on the values of these enums as we iterate through 87 * the various states in some places. 88 */ 89 enum { 90 ARM_CP_STATE_AA32 = 0, 91 ARM_CP_STATE_AA64 = 1, 92 ARM_CP_STATE_BOTH = 2, 93 }; 94 95 /* 96 * ARM CP register secure state flags. These flags identify security state 97 * attributes for a given CP register entry. 98 * The existence of both or neither secure and non-secure flags indicates that 99 * the register has both a secure and non-secure hash entry. A single one of 100 * these flags causes the register to only be hashed for the specified 101 * security state. 102 * Although definitions may have any combination of the S/NS bits, each 103 * registered entry will only have one to identify whether the entry is secure 104 * or non-secure. 105 */ 106 enum { 107 ARM_CP_SECSTATE_S = (1 << 0), /* bit[0]: Secure state register */ 108 ARM_CP_SECSTATE_NS = (1 << 1), /* bit[1]: Non-secure state register */ 109 }; 110 111 /* 112 * Return true if cptype is a valid type field. This is used to try to 113 * catch errors where the sentinel has been accidentally left off the end 114 * of a list of registers. 115 */ 116 static inline bool cptype_valid(int cptype) 117 { 118 return ((cptype & ~ARM_CP_FLAG_MASK) == 0) 119 || ((cptype & ARM_CP_SPECIAL) && 120 ((cptype & ~ARM_CP_FLAG_MASK) <= ARM_LAST_SPECIAL)); 121 } 122 123 /* 124 * Access rights: 125 * We define bits for Read and Write access for what rev C of the v7-AR ARM ARM 126 * defines as PL0 (user), PL1 (fiq/irq/svc/abt/und/sys, ie privileged), and 127 * PL2 (hyp). The other level which has Read and Write bits is Secure PL1 128 * (ie any of the privileged modes in Secure state, or Monitor mode). 129 * If a register is accessible in one privilege level it's always accessible 130 * in higher privilege levels too. Since "Secure PL1" also follows this rule 131 * (ie anything visible in PL2 is visible in S-PL1, some things are only 132 * visible in S-PL1) but "Secure PL1" is a bit of a mouthful, we bend the 133 * terminology a little and call this PL3. 134 * In AArch64 things are somewhat simpler as the PLx bits line up exactly 135 * with the ELx exception levels. 136 * 137 * If access permissions for a register are more complex than can be 138 * described with these bits, then use a laxer set of restrictions, and 139 * do the more restrictive/complex check inside a helper function. 140 */ 141 #define PL3_R 0x80 142 #define PL3_W 0x40 143 #define PL2_R (0x20 | PL3_R) 144 #define PL2_W (0x10 | PL3_W) 145 #define PL1_R (0x08 | PL2_R) 146 #define PL1_W (0x04 | PL2_W) 147 #define PL0_R (0x02 | PL1_R) 148 #define PL0_W (0x01 | PL1_W) 149 150 /* 151 * For user-mode some registers are accessible to EL0 via a kernel 152 * trap-and-emulate ABI. In this case we define the read permissions 153 * as actually being PL0_R. However some bits of any given register 154 * may still be masked. 155 */ 156 #ifdef CONFIG_USER_ONLY 157 #define PL0U_R PL0_R 158 #else 159 #define PL0U_R PL1_R 160 #endif 161 162 #define PL3_RW (PL3_R | PL3_W) 163 #define PL2_RW (PL2_R | PL2_W) 164 #define PL1_RW (PL1_R | PL1_W) 165 #define PL0_RW (PL0_R | PL0_W) 166 167 typedef enum CPAccessResult { 168 /* Access is permitted */ 169 CP_ACCESS_OK = 0, 170 /* 171 * Access fails due to a configurable trap or enable which would 172 * result in a categorized exception syndrome giving information about 173 * the failing instruction (ie syndrome category 0x3, 0x4, 0x5, 0x6, 174 * 0xc or 0x18). The exception is taken to the usual target EL (EL1 or 175 * PL1 if in EL0, otherwise to the current EL). 176 */ 177 CP_ACCESS_TRAP = 1, 178 /* 179 * Access fails and results in an exception syndrome 0x0 ("uncategorized"). 180 * Note that this is not a catch-all case -- the set of cases which may 181 * result in this failure is specifically defined by the architecture. 182 */ 183 CP_ACCESS_TRAP_UNCATEGORIZED = 2, 184 /* As CP_ACCESS_TRAP, but for traps directly to EL2 or EL3 */ 185 CP_ACCESS_TRAP_EL2 = 3, 186 CP_ACCESS_TRAP_EL3 = 4, 187 /* As CP_ACCESS_UNCATEGORIZED, but for traps directly to EL2 or EL3 */ 188 CP_ACCESS_TRAP_UNCATEGORIZED_EL2 = 5, 189 CP_ACCESS_TRAP_UNCATEGORIZED_EL3 = 6, 190 } CPAccessResult; 191 192 typedef struct ARMCPRegInfo ARMCPRegInfo; 193 194 /* 195 * Access functions for coprocessor registers. These cannot fail and 196 * may not raise exceptions. 197 */ 198 typedef uint64_t CPReadFn(CPUARMState *env, const ARMCPRegInfo *opaque); 199 typedef void CPWriteFn(CPUARMState *env, const ARMCPRegInfo *opaque, 200 uint64_t value); 201 /* Access permission check functions for coprocessor registers. */ 202 typedef CPAccessResult CPAccessFn(CPUARMState *env, 203 const ARMCPRegInfo *opaque, 204 bool isread); 205 /* Hook function for register reset */ 206 typedef void CPResetFn(CPUARMState *env, const ARMCPRegInfo *opaque); 207 208 #define CP_ANY 0xff 209 210 /* Definition of an ARM coprocessor register */ 211 struct ARMCPRegInfo { 212 /* Name of register (useful mainly for debugging, need not be unique) */ 213 const char *name; 214 /* 215 * Location of register: coprocessor number and (crn,crm,opc1,opc2) 216 * tuple. Any of crm, opc1 and opc2 may be CP_ANY to indicate a 217 * 'wildcard' field -- any value of that field in the MRC/MCR insn 218 * will be decoded to this register. The register read and write 219 * callbacks will be passed an ARMCPRegInfo with the crn/crm/opc1/opc2 220 * used by the program, so it is possible to register a wildcard and 221 * then behave differently on read/write if necessary. 222 * For 64 bit registers, only crm and opc1 are relevant; crn and opc2 223 * must both be zero. 224 * For AArch64-visible registers, opc0 is also used. 225 * Since there are no "coprocessors" in AArch64, cp is purely used as a 226 * way to distinguish (for KVM's benefit) guest-visible system registers 227 * from demuxed ones provided to preserve the "no side effects on 228 * KVM register read/write from QEMU" semantics. cp==0x13 is guest 229 * visible (to match KVM's encoding); cp==0 will be converted to 230 * cp==0x13 when the ARMCPRegInfo is registered, for convenience. 231 */ 232 uint8_t cp; 233 uint8_t crn; 234 uint8_t crm; 235 uint8_t opc0; 236 uint8_t opc1; 237 uint8_t opc2; 238 /* Execution state in which this register is visible: ARM_CP_STATE_* */ 239 int state; 240 /* Register type: ARM_CP_* bits/values */ 241 int type; 242 /* Access rights: PL*_[RW] */ 243 int access; 244 /* Security state: ARM_CP_SECSTATE_* bits/values */ 245 int secure; 246 /* 247 * The opaque pointer passed to define_arm_cp_regs_with_opaque() when 248 * this register was defined: can be used to hand data through to the 249 * register read/write functions, since they are passed the ARMCPRegInfo*. 250 */ 251 void *opaque; 252 /* 253 * Value of this register, if it is ARM_CP_CONST. Otherwise, if 254 * fieldoffset is non-zero, the reset value of the register. 255 */ 256 uint64_t resetvalue; 257 /* 258 * Offset of the field in CPUARMState for this register. 259 * This is not needed if either: 260 * 1. type is ARM_CP_CONST or one of the ARM_CP_SPECIALs 261 * 2. both readfn and writefn are specified 262 */ 263 ptrdiff_t fieldoffset; /* offsetof(CPUARMState, field) */ 264 265 /* 266 * Offsets of the secure and non-secure fields in CPUARMState for the 267 * register if it is banked. These fields are only used during the static 268 * registration of a register. During hashing the bank associated 269 * with a given security state is copied to fieldoffset which is used from 270 * there on out. 271 * 272 * It is expected that register definitions use either fieldoffset or 273 * bank_fieldoffsets in the definition but not both. It is also expected 274 * that both bank offsets are set when defining a banked register. This 275 * use indicates that a register is banked. 276 */ 277 ptrdiff_t bank_fieldoffsets[2]; 278 279 /* 280 * Function for making any access checks for this register in addition to 281 * those specified by the 'access' permissions bits. If NULL, no extra 282 * checks required. The access check is performed at runtime, not at 283 * translate time. 284 */ 285 CPAccessFn *accessfn; 286 /* 287 * Function for handling reads of this register. If NULL, then reads 288 * will be done by loading from the offset into CPUARMState specified 289 * by fieldoffset. 290 */ 291 CPReadFn *readfn; 292 /* 293 * Function for handling writes of this register. If NULL, then writes 294 * will be done by writing to the offset into CPUARMState specified 295 * by fieldoffset. 296 */ 297 CPWriteFn *writefn; 298 /* 299 * Function for doing a "raw" read; used when we need to copy 300 * coprocessor state to the kernel for KVM or out for 301 * migration. This only needs to be provided if there is also a 302 * readfn and it has side effects (for instance clear-on-read bits). 303 */ 304 CPReadFn *raw_readfn; 305 /* 306 * Function for doing a "raw" write; used when we need to copy KVM 307 * kernel coprocessor state into userspace, or for inbound 308 * migration. This only needs to be provided if there is also a 309 * writefn and it masks out "unwritable" bits or has write-one-to-clear 310 * or similar behaviour. 311 */ 312 CPWriteFn *raw_writefn; 313 /* 314 * Function for resetting the register. If NULL, then reset will be done 315 * by writing resetvalue to the field specified in fieldoffset. If 316 * fieldoffset is 0 then no reset will be done. 317 */ 318 CPResetFn *resetfn; 319 320 /* 321 * "Original" writefn and readfn. 322 * For ARMv8.1-VHE register aliases, we overwrite the read/write 323 * accessor functions of various EL1/EL0 to perform the runtime 324 * check for which sysreg should actually be modified, and then 325 * forwards the operation. Before overwriting the accessors, 326 * the original function is copied here, so that accesses that 327 * really do go to the EL1/EL0 version proceed normally. 328 * (The corresponding EL2 register is linked via opaque.) 329 */ 330 CPReadFn *orig_readfn; 331 CPWriteFn *orig_writefn; 332 }; 333 334 /* 335 * Macros which are lvalues for the field in CPUARMState for the 336 * ARMCPRegInfo *ri. 337 */ 338 #define CPREG_FIELD32(env, ri) \ 339 (*(uint32_t *)((char *)(env) + (ri)->fieldoffset)) 340 #define CPREG_FIELD64(env, ri) \ 341 (*(uint64_t *)((char *)(env) + (ri)->fieldoffset)) 342 343 #define REGINFO_SENTINEL { .type = ARM_CP_SENTINEL } 344 345 void define_arm_cp_regs_with_opaque(ARMCPU *cpu, 346 const ARMCPRegInfo *regs, void *opaque); 347 void define_one_arm_cp_reg_with_opaque(ARMCPU *cpu, 348 const ARMCPRegInfo *regs, void *opaque); 349 static inline void define_arm_cp_regs(ARMCPU *cpu, const ARMCPRegInfo *regs) 350 { 351 define_arm_cp_regs_with_opaque(cpu, regs, 0); 352 } 353 static inline void define_one_arm_cp_reg(ARMCPU *cpu, const ARMCPRegInfo *regs) 354 { 355 define_one_arm_cp_reg_with_opaque(cpu, regs, 0); 356 } 357 const ARMCPRegInfo *get_arm_cp_reginfo(GHashTable *cpregs, uint32_t encoded_cp); 358 359 /* 360 * Definition of an ARM co-processor register as viewed from 361 * userspace. This is used for presenting sanitised versions of 362 * registers to userspace when emulating the Linux AArch64 CPU 363 * ID/feature ABI (advertised as HWCAP_CPUID). 364 */ 365 typedef struct ARMCPRegUserSpaceInfo { 366 /* Name of register */ 367 const char *name; 368 369 /* Is the name actually a glob pattern */ 370 bool is_glob; 371 372 /* Only some bits are exported to user space */ 373 uint64_t exported_bits; 374 375 /* Fixed bits are applied after the mask */ 376 uint64_t fixed_bits; 377 } ARMCPRegUserSpaceInfo; 378 379 #define REGUSERINFO_SENTINEL { .name = NULL } 380 381 void modify_arm_cp_regs(ARMCPRegInfo *regs, const ARMCPRegUserSpaceInfo *mods); 382 383 /* CPWriteFn that can be used to implement writes-ignored behaviour */ 384 void arm_cp_write_ignore(CPUARMState *env, const ARMCPRegInfo *ri, 385 uint64_t value); 386 /* CPReadFn that can be used for read-as-zero behaviour */ 387 uint64_t arm_cp_read_zero(CPUARMState *env, const ARMCPRegInfo *ri); 388 389 /* 390 * CPResetFn that does nothing, for use if no reset is required even 391 * if fieldoffset is non zero. 392 */ 393 void arm_cp_reset_ignore(CPUARMState *env, const ARMCPRegInfo *opaque); 394 395 /* 396 * Return true if this reginfo struct's field in the cpu state struct 397 * is 64 bits wide. 398 */ 399 static inline bool cpreg_field_is_64bit(const ARMCPRegInfo *ri) 400 { 401 return (ri->state == ARM_CP_STATE_AA64) || (ri->type & ARM_CP_64BIT); 402 } 403 404 static inline bool cp_access_ok(int current_el, 405 const ARMCPRegInfo *ri, int isread) 406 { 407 return (ri->access >> ((current_el * 2) + isread)) & 1; 408 } 409 410 /* Raw read of a coprocessor register (as needed for migration, etc) */ 411 uint64_t read_raw_cp_reg(CPUARMState *env, const ARMCPRegInfo *ri); 412 413 #endif /* TARGET_ARM_CPREGS_H */ 414