1 /* 2 * PowerPC exception emulation helpers for QEMU. 3 * 4 * Copyright (c) 2003-2007 Jocelyn Mayer 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2.1 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 18 */ 19 #include "qemu/osdep.h" 20 #include "qemu/main-loop.h" 21 #include "qemu/log.h" 22 #include "cpu.h" 23 #include "exec/exec-all.h" 24 #include "internal.h" 25 #include "helper_regs.h" 26 #include "hw/ppc/ppc.h" 27 28 #include "trace.h" 29 30 #ifdef CONFIG_TCG 31 #include "sysemu/tcg.h" 32 #include "exec/helper-proto.h" 33 #include "exec/cpu_ldst.h" 34 #endif 35 36 /*****************************************************************************/ 37 /* Exception processing */ 38 #ifndef CONFIG_USER_ONLY 39 40 static const char *powerpc_excp_name(int excp) 41 { 42 switch (excp) { 43 case POWERPC_EXCP_CRITICAL: return "CRITICAL"; 44 case POWERPC_EXCP_MCHECK: return "MCHECK"; 45 case POWERPC_EXCP_DSI: return "DSI"; 46 case POWERPC_EXCP_ISI: return "ISI"; 47 case POWERPC_EXCP_EXTERNAL: return "EXTERNAL"; 48 case POWERPC_EXCP_ALIGN: return "ALIGN"; 49 case POWERPC_EXCP_PROGRAM: return "PROGRAM"; 50 case POWERPC_EXCP_FPU: return "FPU"; 51 case POWERPC_EXCP_SYSCALL: return "SYSCALL"; 52 case POWERPC_EXCP_APU: return "APU"; 53 case POWERPC_EXCP_DECR: return "DECR"; 54 case POWERPC_EXCP_FIT: return "FIT"; 55 case POWERPC_EXCP_WDT: return "WDT"; 56 case POWERPC_EXCP_DTLB: return "DTLB"; 57 case POWERPC_EXCP_ITLB: return "ITLB"; 58 case POWERPC_EXCP_DEBUG: return "DEBUG"; 59 case POWERPC_EXCP_SPEU: return "SPEU"; 60 case POWERPC_EXCP_EFPDI: return "EFPDI"; 61 case POWERPC_EXCP_EFPRI: return "EFPRI"; 62 case POWERPC_EXCP_EPERFM: return "EPERFM"; 63 case POWERPC_EXCP_DOORI: return "DOORI"; 64 case POWERPC_EXCP_DOORCI: return "DOORCI"; 65 case POWERPC_EXCP_GDOORI: return "GDOORI"; 66 case POWERPC_EXCP_GDOORCI: return "GDOORCI"; 67 case POWERPC_EXCP_HYPPRIV: return "HYPPRIV"; 68 case POWERPC_EXCP_RESET: return "RESET"; 69 case POWERPC_EXCP_DSEG: return "DSEG"; 70 case POWERPC_EXCP_ISEG: return "ISEG"; 71 case POWERPC_EXCP_HDECR: return "HDECR"; 72 case POWERPC_EXCP_TRACE: return "TRACE"; 73 case POWERPC_EXCP_HDSI: return "HDSI"; 74 case POWERPC_EXCP_HISI: return "HISI"; 75 case POWERPC_EXCP_HDSEG: return "HDSEG"; 76 case POWERPC_EXCP_HISEG: return "HISEG"; 77 case POWERPC_EXCP_VPU: return "VPU"; 78 case POWERPC_EXCP_PIT: return "PIT"; 79 case POWERPC_EXCP_EMUL: return "EMUL"; 80 case POWERPC_EXCP_IFTLB: return "IFTLB"; 81 case POWERPC_EXCP_DLTLB: return "DLTLB"; 82 case POWERPC_EXCP_DSTLB: return "DSTLB"; 83 case POWERPC_EXCP_FPA: return "FPA"; 84 case POWERPC_EXCP_DABR: return "DABR"; 85 case POWERPC_EXCP_IABR: return "IABR"; 86 case POWERPC_EXCP_SMI: return "SMI"; 87 case POWERPC_EXCP_PERFM: return "PERFM"; 88 case POWERPC_EXCP_THERM: return "THERM"; 89 case POWERPC_EXCP_VPUA: return "VPUA"; 90 case POWERPC_EXCP_SOFTP: return "SOFTP"; 91 case POWERPC_EXCP_MAINT: return "MAINT"; 92 case POWERPC_EXCP_MEXTBR: return "MEXTBR"; 93 case POWERPC_EXCP_NMEXTBR: return "NMEXTBR"; 94 case POWERPC_EXCP_ITLBE: return "ITLBE"; 95 case POWERPC_EXCP_DTLBE: return "DTLBE"; 96 case POWERPC_EXCP_VSXU: return "VSXU"; 97 case POWERPC_EXCP_FU: return "FU"; 98 case POWERPC_EXCP_HV_EMU: return "HV_EMU"; 99 case POWERPC_EXCP_HV_MAINT: return "HV_MAINT"; 100 case POWERPC_EXCP_HV_FU: return "HV_FU"; 101 case POWERPC_EXCP_SDOOR: return "SDOOR"; 102 case POWERPC_EXCP_SDOOR_HV: return "SDOOR_HV"; 103 case POWERPC_EXCP_HVIRT: return "HVIRT"; 104 case POWERPC_EXCP_SYSCALL_VECTORED: return "SYSCALL_VECTORED"; 105 default: 106 g_assert_not_reached(); 107 } 108 } 109 110 static void dump_syscall(CPUPPCState *env) 111 { 112 qemu_log_mask(CPU_LOG_INT, "syscall r0=%016" PRIx64 113 " r3=%016" PRIx64 " r4=%016" PRIx64 " r5=%016" PRIx64 114 " r6=%016" PRIx64 " r7=%016" PRIx64 " r8=%016" PRIx64 115 " nip=" TARGET_FMT_lx "\n", 116 ppc_dump_gpr(env, 0), ppc_dump_gpr(env, 3), 117 ppc_dump_gpr(env, 4), ppc_dump_gpr(env, 5), 118 ppc_dump_gpr(env, 6), ppc_dump_gpr(env, 7), 119 ppc_dump_gpr(env, 8), env->nip); 120 } 121 122 static void dump_hcall(CPUPPCState *env) 123 { 124 qemu_log_mask(CPU_LOG_INT, "hypercall r3=%016" PRIx64 125 " r4=%016" PRIx64 " r5=%016" PRIx64 " r6=%016" PRIx64 126 " r7=%016" PRIx64 " r8=%016" PRIx64 " r9=%016" PRIx64 127 " r10=%016" PRIx64 " r11=%016" PRIx64 " r12=%016" PRIx64 128 " nip=" TARGET_FMT_lx "\n", 129 ppc_dump_gpr(env, 3), ppc_dump_gpr(env, 4), 130 ppc_dump_gpr(env, 5), ppc_dump_gpr(env, 6), 131 ppc_dump_gpr(env, 7), ppc_dump_gpr(env, 8), 132 ppc_dump_gpr(env, 9), ppc_dump_gpr(env, 10), 133 ppc_dump_gpr(env, 11), ppc_dump_gpr(env, 12), 134 env->nip); 135 } 136 137 #ifdef CONFIG_TCG 138 /* Return true iff byteswap is needed to load instruction */ 139 static inline bool insn_need_byteswap(CPUArchState *env) 140 { 141 /* SYSTEM builds TARGET_BIG_ENDIAN. Need to swap when MSR[LE] is set */ 142 return !!(env->msr & ((target_ulong)1 << MSR_LE)); 143 } 144 145 static uint32_t ppc_ldl_code(CPUArchState *env, abi_ptr addr) 146 { 147 uint32_t insn = cpu_ldl_code(env, addr); 148 149 if (insn_need_byteswap(env)) { 150 insn = bswap32(insn); 151 } 152 153 return insn; 154 } 155 #endif 156 157 static void ppc_excp_debug_sw_tlb(CPUPPCState *env, int excp) 158 { 159 const char *es; 160 target_ulong *miss, *cmp; 161 int en; 162 163 if (!qemu_loglevel_mask(CPU_LOG_MMU)) { 164 return; 165 } 166 167 if (excp == POWERPC_EXCP_IFTLB) { 168 es = "I"; 169 en = 'I'; 170 miss = &env->spr[SPR_IMISS]; 171 cmp = &env->spr[SPR_ICMP]; 172 } else { 173 if (excp == POWERPC_EXCP_DLTLB) { 174 es = "DL"; 175 } else { 176 es = "DS"; 177 } 178 en = 'D'; 179 miss = &env->spr[SPR_DMISS]; 180 cmp = &env->spr[SPR_DCMP]; 181 } 182 qemu_log("6xx %sTLB miss: %cM " TARGET_FMT_lx " %cC " 183 TARGET_FMT_lx " H1 " TARGET_FMT_lx " H2 " 184 TARGET_FMT_lx " %08x\n", es, en, *miss, en, *cmp, 185 env->spr[SPR_HASH1], env->spr[SPR_HASH2], 186 env->error_code); 187 } 188 189 #ifdef TARGET_PPC64 190 static int powerpc_reset_wakeup(CPUPPCState *env, int excp, target_ulong *msr) 191 { 192 /* We no longer are in a PM state */ 193 env->resume_as_sreset = false; 194 195 /* Pretend to be returning from doze always as we don't lose state */ 196 *msr |= SRR1_WS_NOLOSS; 197 198 /* Machine checks are sent normally */ 199 if (excp == POWERPC_EXCP_MCHECK) { 200 return excp; 201 } 202 switch (excp) { 203 case POWERPC_EXCP_RESET: 204 *msr |= SRR1_WAKERESET; 205 break; 206 case POWERPC_EXCP_EXTERNAL: 207 *msr |= SRR1_WAKEEE; 208 break; 209 case POWERPC_EXCP_DECR: 210 *msr |= SRR1_WAKEDEC; 211 break; 212 case POWERPC_EXCP_SDOOR: 213 *msr |= SRR1_WAKEDBELL; 214 break; 215 case POWERPC_EXCP_SDOOR_HV: 216 *msr |= SRR1_WAKEHDBELL; 217 break; 218 case POWERPC_EXCP_HV_MAINT: 219 *msr |= SRR1_WAKEHMI; 220 break; 221 case POWERPC_EXCP_HVIRT: 222 *msr |= SRR1_WAKEHVI; 223 break; 224 default: 225 cpu_abort(env_cpu(env), 226 "Unsupported exception %d in Power Save mode\n", excp); 227 } 228 return POWERPC_EXCP_RESET; 229 } 230 231 /* 232 * AIL - Alternate Interrupt Location, a mode that allows interrupts to be 233 * taken with the MMU on, and which uses an alternate location (e.g., so the 234 * kernel/hv can map the vectors there with an effective address). 235 * 236 * An interrupt is considered to be taken "with AIL" or "AIL applies" if they 237 * are delivered in this way. AIL requires the LPCR to be set to enable this 238 * mode, and then a number of conditions have to be true for AIL to apply. 239 * 240 * First of all, SRESET, MCE, and HMI are always delivered without AIL, because 241 * they specifically want to be in real mode (e.g., the MCE might be signaling 242 * a SLB multi-hit which requires SLB flush before the MMU can be enabled). 243 * 244 * After that, behaviour depends on the current MSR[IR], MSR[DR], MSR[HV], 245 * whether or not the interrupt changes MSR[HV] from 0 to 1, and the current 246 * radix mode (LPCR[HR]). 247 * 248 * POWER8, POWER9 with LPCR[HR]=0 249 * | LPCR[AIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 250 * +-----------+-------------+---------+-------------+-----+ 251 * | a | 00/01/10 | x | x | 0 | 252 * | a | 11 | 0 | 1 | 0 | 253 * | a | 11 | 1 | 1 | a | 254 * | a | 11 | 0 | 0 | a | 255 * +-------------------------------------------------------+ 256 * 257 * POWER9 with LPCR[HR]=1 258 * | LPCR[AIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 259 * +-----------+-------------+---------+-------------+-----+ 260 * | a | 00/01/10 | x | x | 0 | 261 * | a | 11 | x | x | a | 262 * +-------------------------------------------------------+ 263 * 264 * The difference with POWER9 being that MSR[HV] 0->1 interrupts can be sent to 265 * the hypervisor in AIL mode if the guest is radix. This is good for 266 * performance but allows the guest to influence the AIL of hypervisor 267 * interrupts using its MSR, and also the hypervisor must disallow guest 268 * interrupts (MSR[HV] 0->0) from using AIL if the hypervisor does not want to 269 * use AIL for its MSR[HV] 0->1 interrupts. 270 * 271 * POWER10 addresses those issues with a new LPCR[HAIL] bit that is applied to 272 * interrupts that begin execution with MSR[HV]=1 (so both MSR[HV] 0->1 and 273 * MSR[HV] 1->1). 274 * 275 * HAIL=1 is equivalent to AIL=3, for interrupts delivered with MSR[HV]=1. 276 * 277 * POWER10 behaviour is 278 * | LPCR[AIL] | LPCR[HAIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 279 * +-----------+------------+-------------+---------+-------------+-----+ 280 * | a | h | 00/01/10 | 0 | 0 | 0 | 281 * | a | h | 11 | 0 | 0 | a | 282 * | a | h | x | 0 | 1 | h | 283 * | a | h | 00/01/10 | 1 | 1 | 0 | 284 * | a | h | 11 | 1 | 1 | h | 285 * +--------------------------------------------------------------------+ 286 */ 287 static void ppc_excp_apply_ail(PowerPCCPU *cpu, int excp, target_ulong msr, 288 target_ulong *new_msr, target_ulong *vector) 289 { 290 PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cpu); 291 CPUPPCState *env = &cpu->env; 292 bool mmu_all_on = ((msr >> MSR_IR) & 1) && ((msr >> MSR_DR) & 1); 293 bool hv_escalation = !(msr & MSR_HVB) && (*new_msr & MSR_HVB); 294 int ail = 0; 295 296 if (excp == POWERPC_EXCP_MCHECK || 297 excp == POWERPC_EXCP_RESET || 298 excp == POWERPC_EXCP_HV_MAINT) { 299 /* SRESET, MCE, HMI never apply AIL */ 300 return; 301 } 302 303 if (!(pcc->lpcr_mask & LPCR_AIL)) { 304 /* This CPU does not have AIL */ 305 return; 306 } 307 308 /* P8 & P9 */ 309 if (!(pcc->lpcr_mask & LPCR_HAIL)) { 310 if (!mmu_all_on) { 311 /* AIL only works if MSR[IR] and MSR[DR] are both enabled. */ 312 return; 313 } 314 if (hv_escalation && !(env->spr[SPR_LPCR] & LPCR_HR)) { 315 /* 316 * AIL does not work if there is a MSR[HV] 0->1 transition and the 317 * partition is in HPT mode. For radix guests, such interrupts are 318 * allowed to be delivered to the hypervisor in ail mode. 319 */ 320 return; 321 } 322 323 ail = (env->spr[SPR_LPCR] & LPCR_AIL) >> LPCR_AIL_SHIFT; 324 if (ail == 0) { 325 return; 326 } 327 if (ail == 1) { 328 /* AIL=1 is reserved, treat it like AIL=0 */ 329 return; 330 } 331 332 /* P10 and up */ 333 } else { 334 if (!mmu_all_on && !hv_escalation) { 335 /* 336 * AIL works for HV interrupts even with guest MSR[IR/DR] disabled. 337 * Guest->guest and HV->HV interrupts do require MMU on. 338 */ 339 return; 340 } 341 342 if (*new_msr & MSR_HVB) { 343 if (!(env->spr[SPR_LPCR] & LPCR_HAIL)) { 344 /* HV interrupts depend on LPCR[HAIL] */ 345 return; 346 } 347 ail = 3; /* HAIL=1 gives AIL=3 behaviour for HV interrupts */ 348 } else { 349 ail = (env->spr[SPR_LPCR] & LPCR_AIL) >> LPCR_AIL_SHIFT; 350 } 351 if (ail == 0) { 352 return; 353 } 354 if (ail == 1 || ail == 2) { 355 /* AIL=1 and AIL=2 are reserved, treat them like AIL=0 */ 356 return; 357 } 358 } 359 360 /* 361 * AIL applies, so the new MSR gets IR and DR set, and an offset applied 362 * to the new IP. 363 */ 364 *new_msr |= (1 << MSR_IR) | (1 << MSR_DR); 365 366 if (excp != POWERPC_EXCP_SYSCALL_VECTORED) { 367 if (ail == 2) { 368 *vector |= 0x0000000000018000ull; 369 } else if (ail == 3) { 370 *vector |= 0xc000000000004000ull; 371 } 372 } else { 373 /* 374 * scv AIL is a little different. AIL=2 does not change the address, 375 * only the MSR. AIL=3 replaces the 0x17000 base with 0xc...3000. 376 */ 377 if (ail == 3) { 378 *vector &= ~0x0000000000017000ull; /* Un-apply the base offset */ 379 *vector |= 0xc000000000003000ull; /* Apply scv's AIL=3 offset */ 380 } 381 } 382 } 383 #endif /* TARGET_PPC64 */ 384 385 static void powerpc_reset_excp_state(PowerPCCPU *cpu) 386 { 387 CPUState *cs = CPU(cpu); 388 CPUPPCState *env = &cpu->env; 389 390 /* Reset exception state */ 391 cs->exception_index = POWERPC_EXCP_NONE; 392 env->error_code = 0; 393 } 394 395 static void powerpc_set_excp_state(PowerPCCPU *cpu, target_ulong vector, 396 target_ulong msr) 397 { 398 CPUPPCState *env = &cpu->env; 399 400 assert((msr & env->msr_mask) == msr); 401 402 /* 403 * We don't use hreg_store_msr here as already have treated any 404 * special case that could occur. Just store MSR and update hflags 405 * 406 * Note: We *MUST* not use hreg_store_msr() as-is anyway because it will 407 * prevent setting of the HV bit which some exceptions might need to do. 408 */ 409 env->nip = vector; 410 env->msr = msr; 411 hreg_compute_hflags(env); 412 ppc_maybe_interrupt(env); 413 414 powerpc_reset_excp_state(cpu); 415 416 /* 417 * Any interrupt is context synchronizing, check if TCG TLB needs 418 * a delayed flush on ppc64 419 */ 420 check_tlb_flush(env, false); 421 422 /* Reset the reservation */ 423 env->reserve_addr = -1; 424 } 425 426 static void powerpc_mcheck_checkstop(CPUPPCState *env) 427 { 428 CPUState *cs = env_cpu(env); 429 430 if (FIELD_EX64(env->msr, MSR, ME)) { 431 return; 432 } 433 434 /* Machine check exception is not enabled. Enter checkstop state. */ 435 fprintf(stderr, "Machine check while not allowed. " 436 "Entering checkstop state\n"); 437 if (qemu_log_separate()) { 438 qemu_log("Machine check while not allowed. " 439 "Entering checkstop state\n"); 440 } 441 cs->halted = 1; 442 cpu_interrupt_exittb(cs); 443 } 444 445 static void powerpc_excp_40x(PowerPCCPU *cpu, int excp) 446 { 447 CPUPPCState *env = &cpu->env; 448 target_ulong msr, new_msr, vector; 449 int srr0 = SPR_SRR0, srr1 = SPR_SRR1; 450 451 /* new srr1 value excluding must-be-zero bits */ 452 msr = env->msr & ~0x783f0000ULL; 453 454 /* new interrupt handler msr preserves ME unless explicitly overridden */ 455 new_msr = env->msr & (((target_ulong)1 << MSR_ME)); 456 457 /* HV emu assistance interrupt only exists on server arch 2.05 or later */ 458 if (excp == POWERPC_EXCP_HV_EMU) { 459 excp = POWERPC_EXCP_PROGRAM; 460 } 461 462 vector = env->excp_vectors[excp]; 463 if (vector == (target_ulong)-1ULL) { 464 cpu_abort(env_cpu(env), 465 "Raised an exception without defined vector %d\n", excp); 466 } 467 vector |= env->excp_prefix; 468 469 switch (excp) { 470 case POWERPC_EXCP_CRITICAL: /* Critical input */ 471 srr0 = SPR_40x_SRR2; 472 srr1 = SPR_40x_SRR3; 473 break; 474 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 475 powerpc_mcheck_checkstop(env); 476 /* machine check exceptions don't have ME set */ 477 new_msr &= ~((target_ulong)1 << MSR_ME); 478 srr0 = SPR_40x_SRR2; 479 srr1 = SPR_40x_SRR3; 480 break; 481 case POWERPC_EXCP_DSI: /* Data storage exception */ 482 trace_ppc_excp_dsi(env->spr[SPR_40x_ESR], env->spr[SPR_40x_DEAR]); 483 break; 484 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 485 trace_ppc_excp_isi(msr, env->nip); 486 break; 487 case POWERPC_EXCP_EXTERNAL: /* External input */ 488 break; 489 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 490 break; 491 case POWERPC_EXCP_PROGRAM: /* Program exception */ 492 switch (env->error_code & ~0xF) { 493 case POWERPC_EXCP_FP: 494 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 495 trace_ppc_excp_fp_ignore(); 496 powerpc_reset_excp_state(cpu); 497 return; 498 } 499 env->spr[SPR_40x_ESR] = ESR_FP; 500 break; 501 case POWERPC_EXCP_INVAL: 502 trace_ppc_excp_inval(env->nip); 503 env->spr[SPR_40x_ESR] = ESR_PIL; 504 break; 505 case POWERPC_EXCP_PRIV: 506 env->spr[SPR_40x_ESR] = ESR_PPR; 507 break; 508 case POWERPC_EXCP_TRAP: 509 env->spr[SPR_40x_ESR] = ESR_PTR; 510 break; 511 default: 512 cpu_abort(env_cpu(env), "Invalid program exception %d. Aborting\n", 513 env->error_code); 514 break; 515 } 516 break; 517 case POWERPC_EXCP_SYSCALL: /* System call exception */ 518 dump_syscall(env); 519 520 /* 521 * We need to correct the NIP which in this case is supposed 522 * to point to the next instruction 523 */ 524 env->nip += 4; 525 break; 526 case POWERPC_EXCP_FIT: /* Fixed-interval timer interrupt */ 527 trace_ppc_excp_print("FIT"); 528 break; 529 case POWERPC_EXCP_WDT: /* Watchdog timer interrupt */ 530 trace_ppc_excp_print("WDT"); 531 break; 532 case POWERPC_EXCP_DTLB: /* Data TLB error */ 533 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 534 break; 535 case POWERPC_EXCP_PIT: /* Programmable interval timer interrupt */ 536 trace_ppc_excp_print("PIT"); 537 break; 538 case POWERPC_EXCP_DEBUG: /* Debug interrupt */ 539 cpu_abort(env_cpu(env), "%s exception not implemented\n", 540 powerpc_excp_name(excp)); 541 break; 542 default: 543 cpu_abort(env_cpu(env), "Invalid PowerPC exception %d. Aborting\n", 544 excp); 545 break; 546 } 547 548 env->spr[srr0] = env->nip; 549 env->spr[srr1] = msr; 550 powerpc_set_excp_state(cpu, vector, new_msr); 551 } 552 553 static void powerpc_excp_6xx(PowerPCCPU *cpu, int excp) 554 { 555 CPUPPCState *env = &cpu->env; 556 target_ulong msr, new_msr, vector; 557 558 /* new srr1 value excluding must-be-zero bits */ 559 msr = env->msr & ~0x783f0000ULL; 560 561 /* new interrupt handler msr preserves ME unless explicitly overridden */ 562 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 563 564 /* HV emu assistance interrupt only exists on server arch 2.05 or later */ 565 if (excp == POWERPC_EXCP_HV_EMU) { 566 excp = POWERPC_EXCP_PROGRAM; 567 } 568 569 vector = env->excp_vectors[excp]; 570 if (vector == (target_ulong)-1ULL) { 571 cpu_abort(env_cpu(env), 572 "Raised an exception without defined vector %d\n", excp); 573 } 574 vector |= env->excp_prefix; 575 576 switch (excp) { 577 case POWERPC_EXCP_CRITICAL: /* Critical input */ 578 break; 579 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 580 powerpc_mcheck_checkstop(env); 581 /* machine check exceptions don't have ME set */ 582 new_msr &= ~((target_ulong)1 << MSR_ME); 583 break; 584 case POWERPC_EXCP_DSI: /* Data storage exception */ 585 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 586 break; 587 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 588 trace_ppc_excp_isi(msr, env->nip); 589 msr |= env->error_code; 590 break; 591 case POWERPC_EXCP_EXTERNAL: /* External input */ 592 break; 593 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 594 /* Get rS/rD and rA from faulting opcode */ 595 /* 596 * Note: the opcode fields will not be set properly for a 597 * direct store load/store, but nobody cares as nobody 598 * actually uses direct store segments. 599 */ 600 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 601 break; 602 case POWERPC_EXCP_PROGRAM: /* Program exception */ 603 switch (env->error_code & ~0xF) { 604 case POWERPC_EXCP_FP: 605 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 606 trace_ppc_excp_fp_ignore(); 607 powerpc_reset_excp_state(cpu); 608 return; 609 } 610 /* 611 * NIP always points to the faulting instruction for FP exceptions, 612 * so always use store_next and claim we are precise in the MSR. 613 */ 614 msr |= 0x00100000; 615 break; 616 case POWERPC_EXCP_INVAL: 617 trace_ppc_excp_inval(env->nip); 618 msr |= 0x00080000; 619 break; 620 case POWERPC_EXCP_PRIV: 621 msr |= 0x00040000; 622 break; 623 case POWERPC_EXCP_TRAP: 624 msr |= 0x00020000; 625 break; 626 default: 627 /* Should never occur */ 628 cpu_abort(env_cpu(env), "Invalid program exception %d. Aborting\n", 629 env->error_code); 630 break; 631 } 632 break; 633 case POWERPC_EXCP_SYSCALL: /* System call exception */ 634 dump_syscall(env); 635 636 /* 637 * We need to correct the NIP which in this case is supposed 638 * to point to the next instruction 639 */ 640 env->nip += 4; 641 break; 642 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 643 case POWERPC_EXCP_DECR: /* Decrementer exception */ 644 break; 645 case POWERPC_EXCP_DTLB: /* Data TLB error */ 646 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 647 break; 648 case POWERPC_EXCP_RESET: /* System reset exception */ 649 if (FIELD_EX64(env->msr, MSR, POW)) { 650 cpu_abort(env_cpu(env), 651 "Trying to deliver power-saving system reset exception " 652 "%d with no HV support\n", excp); 653 } 654 break; 655 case POWERPC_EXCP_TRACE: /* Trace exception */ 656 break; 657 case POWERPC_EXCP_IFTLB: /* Instruction fetch TLB error */ 658 case POWERPC_EXCP_DLTLB: /* Data load TLB miss */ 659 case POWERPC_EXCP_DSTLB: /* Data store TLB miss */ 660 /* Swap temporary saved registers with GPRs */ 661 if (!(new_msr & ((target_ulong)1 << MSR_TGPR))) { 662 new_msr |= (target_ulong)1 << MSR_TGPR; 663 hreg_swap_gpr_tgpr(env); 664 } 665 666 ppc_excp_debug_sw_tlb(env, excp); 667 668 msr |= env->crf[0] << 28; 669 msr |= env->error_code; /* key, D/I, S/L bits */ 670 /* Set way using a LRU mechanism */ 671 msr |= ((env->last_way + 1) & (env->nb_ways - 1)) << 17; 672 break; 673 case POWERPC_EXCP_FPA: /* Floating-point assist exception */ 674 case POWERPC_EXCP_DABR: /* Data address breakpoint */ 675 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 676 case POWERPC_EXCP_SMI: /* System management interrupt */ 677 case POWERPC_EXCP_MEXTBR: /* Maskable external breakpoint */ 678 case POWERPC_EXCP_NMEXTBR: /* Non maskable external breakpoint */ 679 cpu_abort(env_cpu(env), "%s exception not implemented\n", 680 powerpc_excp_name(excp)); 681 break; 682 default: 683 cpu_abort(env_cpu(env), "Invalid PowerPC exception %d. Aborting\n", 684 excp); 685 break; 686 } 687 688 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 689 new_msr |= (target_ulong)1 << MSR_LE; 690 } 691 env->spr[SPR_SRR0] = env->nip; 692 env->spr[SPR_SRR1] = msr; 693 powerpc_set_excp_state(cpu, vector, new_msr); 694 } 695 696 static void powerpc_excp_7xx(PowerPCCPU *cpu, int excp) 697 { 698 CPUPPCState *env = &cpu->env; 699 target_ulong msr, new_msr, vector; 700 701 /* new srr1 value excluding must-be-zero bits */ 702 msr = env->msr & ~0x783f0000ULL; 703 704 /* new interrupt handler msr preserves ME unless explicitly overridden */ 705 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 706 707 /* HV emu assistance interrupt only exists on server arch 2.05 or later */ 708 if (excp == POWERPC_EXCP_HV_EMU) { 709 excp = POWERPC_EXCP_PROGRAM; 710 } 711 712 vector = env->excp_vectors[excp]; 713 if (vector == (target_ulong)-1ULL) { 714 cpu_abort(env_cpu(env), 715 "Raised an exception without defined vector %d\n", excp); 716 } 717 vector |= env->excp_prefix; 718 719 switch (excp) { 720 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 721 powerpc_mcheck_checkstop(env); 722 /* machine check exceptions don't have ME set */ 723 new_msr &= ~((target_ulong)1 << MSR_ME); 724 break; 725 case POWERPC_EXCP_DSI: /* Data storage exception */ 726 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 727 break; 728 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 729 trace_ppc_excp_isi(msr, env->nip); 730 msr |= env->error_code; 731 break; 732 case POWERPC_EXCP_EXTERNAL: /* External input */ 733 break; 734 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 735 /* Get rS/rD and rA from faulting opcode */ 736 /* 737 * Note: the opcode fields will not be set properly for a 738 * direct store load/store, but nobody cares as nobody 739 * actually uses direct store segments. 740 */ 741 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 742 break; 743 case POWERPC_EXCP_PROGRAM: /* Program exception */ 744 switch (env->error_code & ~0xF) { 745 case POWERPC_EXCP_FP: 746 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 747 trace_ppc_excp_fp_ignore(); 748 powerpc_reset_excp_state(cpu); 749 return; 750 } 751 /* 752 * NIP always points to the faulting instruction for FP exceptions, 753 * so always use store_next and claim we are precise in the MSR. 754 */ 755 msr |= 0x00100000; 756 break; 757 case POWERPC_EXCP_INVAL: 758 trace_ppc_excp_inval(env->nip); 759 msr |= 0x00080000; 760 break; 761 case POWERPC_EXCP_PRIV: 762 msr |= 0x00040000; 763 break; 764 case POWERPC_EXCP_TRAP: 765 msr |= 0x00020000; 766 break; 767 default: 768 /* Should never occur */ 769 cpu_abort(env_cpu(env), "Invalid program exception %d. Aborting\n", 770 env->error_code); 771 break; 772 } 773 break; 774 case POWERPC_EXCP_SYSCALL: /* System call exception */ 775 { 776 int lev = env->error_code; 777 778 if (lev == 1 && cpu->vhyp) { 779 dump_hcall(env); 780 } else { 781 dump_syscall(env); 782 } 783 784 /* 785 * We need to correct the NIP which in this case is supposed 786 * to point to the next instruction 787 */ 788 env->nip += 4; 789 790 /* 791 * The Virtual Open Firmware (VOF) relies on the 'sc 1' 792 * instruction to communicate with QEMU. The pegasos2 machine 793 * uses VOF and the 7xx CPUs, so although the 7xx don't have 794 * HV mode, we need to keep hypercall support. 795 */ 796 if (lev == 1 && cpu->vhyp) { 797 PPCVirtualHypervisorClass *vhc = 798 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 799 vhc->hypercall(cpu->vhyp, cpu); 800 powerpc_reset_excp_state(cpu); 801 return; 802 } 803 804 break; 805 } 806 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 807 case POWERPC_EXCP_DECR: /* Decrementer exception */ 808 break; 809 case POWERPC_EXCP_RESET: /* System reset exception */ 810 if (FIELD_EX64(env->msr, MSR, POW)) { 811 cpu_abort(env_cpu(env), 812 "Trying to deliver power-saving system reset exception " 813 "%d with no HV support\n", excp); 814 } 815 break; 816 case POWERPC_EXCP_TRACE: /* Trace exception */ 817 break; 818 case POWERPC_EXCP_IFTLB: /* Instruction fetch TLB error */ 819 case POWERPC_EXCP_DLTLB: /* Data load TLB miss */ 820 case POWERPC_EXCP_DSTLB: /* Data store TLB miss */ 821 ppc_excp_debug_sw_tlb(env, excp); 822 msr |= env->crf[0] << 28; 823 msr |= env->error_code; /* key, D/I, S/L bits */ 824 /* Set way using a LRU mechanism */ 825 msr |= ((env->last_way + 1) & (env->nb_ways - 1)) << 17; 826 break; 827 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 828 case POWERPC_EXCP_SMI: /* System management interrupt */ 829 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 830 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 831 cpu_abort(env_cpu(env), "%s exception not implemented\n", 832 powerpc_excp_name(excp)); 833 break; 834 default: 835 cpu_abort(env_cpu(env), "Invalid PowerPC exception %d. Aborting\n", 836 excp); 837 break; 838 } 839 840 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 841 new_msr |= (target_ulong)1 << MSR_LE; 842 } 843 env->spr[SPR_SRR0] = env->nip; 844 env->spr[SPR_SRR1] = msr; 845 powerpc_set_excp_state(cpu, vector, new_msr); 846 } 847 848 static void powerpc_excp_74xx(PowerPCCPU *cpu, int excp) 849 { 850 CPUPPCState *env = &cpu->env; 851 target_ulong msr, new_msr, vector; 852 853 /* new srr1 value excluding must-be-zero bits */ 854 msr = env->msr & ~0x783f0000ULL; 855 856 /* new interrupt handler msr preserves ME unless explicitly overridden */ 857 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 858 859 /* HV emu assistance interrupt only exists on server arch 2.05 or later */ 860 if (excp == POWERPC_EXCP_HV_EMU) { 861 excp = POWERPC_EXCP_PROGRAM; 862 } 863 864 vector = env->excp_vectors[excp]; 865 if (vector == (target_ulong)-1ULL) { 866 cpu_abort(env_cpu(env), 867 "Raised an exception without defined vector %d\n", excp); 868 } 869 vector |= env->excp_prefix; 870 871 switch (excp) { 872 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 873 powerpc_mcheck_checkstop(env); 874 /* machine check exceptions don't have ME set */ 875 new_msr &= ~((target_ulong)1 << MSR_ME); 876 break; 877 case POWERPC_EXCP_DSI: /* Data storage exception */ 878 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 879 break; 880 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 881 trace_ppc_excp_isi(msr, env->nip); 882 msr |= env->error_code; 883 break; 884 case POWERPC_EXCP_EXTERNAL: /* External input */ 885 break; 886 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 887 /* Get rS/rD and rA from faulting opcode */ 888 /* 889 * Note: the opcode fields will not be set properly for a 890 * direct store load/store, but nobody cares as nobody 891 * actually uses direct store segments. 892 */ 893 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 894 break; 895 case POWERPC_EXCP_PROGRAM: /* Program exception */ 896 switch (env->error_code & ~0xF) { 897 case POWERPC_EXCP_FP: 898 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 899 trace_ppc_excp_fp_ignore(); 900 powerpc_reset_excp_state(cpu); 901 return; 902 } 903 /* 904 * NIP always points to the faulting instruction for FP exceptions, 905 * so always use store_next and claim we are precise in the MSR. 906 */ 907 msr |= 0x00100000; 908 break; 909 case POWERPC_EXCP_INVAL: 910 trace_ppc_excp_inval(env->nip); 911 msr |= 0x00080000; 912 break; 913 case POWERPC_EXCP_PRIV: 914 msr |= 0x00040000; 915 break; 916 case POWERPC_EXCP_TRAP: 917 msr |= 0x00020000; 918 break; 919 default: 920 /* Should never occur */ 921 cpu_abort(env_cpu(env), "Invalid program exception %d. Aborting\n", 922 env->error_code); 923 break; 924 } 925 break; 926 case POWERPC_EXCP_SYSCALL: /* System call exception */ 927 { 928 int lev = env->error_code; 929 930 if (lev == 1 && cpu->vhyp) { 931 dump_hcall(env); 932 } else { 933 dump_syscall(env); 934 } 935 936 /* 937 * We need to correct the NIP which in this case is supposed 938 * to point to the next instruction 939 */ 940 env->nip += 4; 941 942 /* 943 * The Virtual Open Firmware (VOF) relies on the 'sc 1' 944 * instruction to communicate with QEMU. The pegasos2 machine 945 * uses VOF and the 74xx CPUs, so although the 74xx don't have 946 * HV mode, we need to keep hypercall support. 947 */ 948 if (lev == 1 && cpu->vhyp) { 949 PPCVirtualHypervisorClass *vhc = 950 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 951 vhc->hypercall(cpu->vhyp, cpu); 952 powerpc_reset_excp_state(cpu); 953 return; 954 } 955 956 break; 957 } 958 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 959 case POWERPC_EXCP_DECR: /* Decrementer exception */ 960 break; 961 case POWERPC_EXCP_RESET: /* System reset exception */ 962 if (FIELD_EX64(env->msr, MSR, POW)) { 963 cpu_abort(env_cpu(env), 964 "Trying to deliver power-saving system reset " 965 "exception %d with no HV support\n", excp); 966 } 967 break; 968 case POWERPC_EXCP_TRACE: /* Trace exception */ 969 break; 970 case POWERPC_EXCP_VPU: /* Vector unavailable exception */ 971 break; 972 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 973 case POWERPC_EXCP_SMI: /* System management interrupt */ 974 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 975 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 976 case POWERPC_EXCP_VPUA: /* Vector assist exception */ 977 cpu_abort(env_cpu(env), "%s exception not implemented\n", 978 powerpc_excp_name(excp)); 979 break; 980 default: 981 cpu_abort(env_cpu(env), "Invalid PowerPC exception %d. Aborting\n", 982 excp); 983 break; 984 } 985 986 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 987 new_msr |= (target_ulong)1 << MSR_LE; 988 } 989 env->spr[SPR_SRR0] = env->nip; 990 env->spr[SPR_SRR1] = msr; 991 powerpc_set_excp_state(cpu, vector, new_msr); 992 } 993 994 static void powerpc_excp_booke(PowerPCCPU *cpu, int excp) 995 { 996 CPUPPCState *env = &cpu->env; 997 target_ulong msr, new_msr, vector; 998 int srr0 = SPR_SRR0, srr1 = SPR_SRR1; 999 1000 /* 1001 * Book E does not play games with certain bits of xSRR1 being MSR save 1002 * bits and others being error status. xSRR1 is the old MSR, period. 1003 */ 1004 msr = env->msr; 1005 1006 /* new interrupt handler msr preserves ME unless explicitly overridden */ 1007 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 1008 1009 /* HV emu assistance interrupt only exists on server arch 2.05 or later */ 1010 if (excp == POWERPC_EXCP_HV_EMU) { 1011 excp = POWERPC_EXCP_PROGRAM; 1012 } 1013 1014 #ifdef TARGET_PPC64 1015 /* 1016 * SPEU and VPU share the same IVOR but they exist in different 1017 * processors. SPEU is e500v1/2 only and VPU is e6500 only. 1018 */ 1019 if (excp == POWERPC_EXCP_VPU) { 1020 excp = POWERPC_EXCP_SPEU; 1021 } 1022 #endif 1023 1024 vector = env->excp_vectors[excp]; 1025 if (vector == (target_ulong)-1ULL) { 1026 cpu_abort(env_cpu(env), 1027 "Raised an exception without defined vector %d\n", excp); 1028 } 1029 vector |= env->excp_prefix; 1030 1031 switch (excp) { 1032 case POWERPC_EXCP_CRITICAL: /* Critical input */ 1033 srr0 = SPR_BOOKE_CSRR0; 1034 srr1 = SPR_BOOKE_CSRR1; 1035 break; 1036 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 1037 powerpc_mcheck_checkstop(env); 1038 /* machine check exceptions don't have ME set */ 1039 new_msr &= ~((target_ulong)1 << MSR_ME); 1040 1041 /* FIXME: choose one or the other based on CPU type */ 1042 srr0 = SPR_BOOKE_MCSRR0; 1043 srr1 = SPR_BOOKE_MCSRR1; 1044 1045 env->spr[SPR_BOOKE_CSRR0] = env->nip; 1046 env->spr[SPR_BOOKE_CSRR1] = msr; 1047 1048 break; 1049 case POWERPC_EXCP_DSI: /* Data storage exception */ 1050 trace_ppc_excp_dsi(env->spr[SPR_BOOKE_ESR], env->spr[SPR_BOOKE_DEAR]); 1051 break; 1052 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 1053 trace_ppc_excp_isi(msr, env->nip); 1054 break; 1055 case POWERPC_EXCP_EXTERNAL: /* External input */ 1056 if (env->mpic_proxy) { 1057 CPUState *cs = env_cpu(env); 1058 /* IACK the IRQ on delivery */ 1059 env->spr[SPR_BOOKE_EPR] = ldl_phys(cs->as, env->mpic_iack); 1060 } 1061 break; 1062 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 1063 break; 1064 case POWERPC_EXCP_PROGRAM: /* Program exception */ 1065 switch (env->error_code & ~0xF) { 1066 case POWERPC_EXCP_FP: 1067 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 1068 trace_ppc_excp_fp_ignore(); 1069 powerpc_reset_excp_state(cpu); 1070 return; 1071 } 1072 /* 1073 * NIP always points to the faulting instruction for FP exceptions, 1074 * so always use store_next and claim we are precise in the MSR. 1075 */ 1076 msr |= 0x00100000; 1077 env->spr[SPR_BOOKE_ESR] = ESR_FP; 1078 break; 1079 case POWERPC_EXCP_INVAL: 1080 trace_ppc_excp_inval(env->nip); 1081 msr |= 0x00080000; 1082 env->spr[SPR_BOOKE_ESR] = ESR_PIL; 1083 break; 1084 case POWERPC_EXCP_PRIV: 1085 msr |= 0x00040000; 1086 env->spr[SPR_BOOKE_ESR] = ESR_PPR; 1087 break; 1088 case POWERPC_EXCP_TRAP: 1089 msr |= 0x00020000; 1090 env->spr[SPR_BOOKE_ESR] = ESR_PTR; 1091 break; 1092 default: 1093 /* Should never occur */ 1094 cpu_abort(env_cpu(env), "Invalid program exception %d. Aborting\n", 1095 env->error_code); 1096 break; 1097 } 1098 break; 1099 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1100 dump_syscall(env); 1101 1102 /* 1103 * We need to correct the NIP which in this case is supposed 1104 * to point to the next instruction 1105 */ 1106 env->nip += 4; 1107 break; 1108 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1109 case POWERPC_EXCP_APU: /* Auxiliary processor unavailable */ 1110 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1111 break; 1112 case POWERPC_EXCP_FIT: /* Fixed-interval timer interrupt */ 1113 /* FIT on 4xx */ 1114 trace_ppc_excp_print("FIT"); 1115 break; 1116 case POWERPC_EXCP_WDT: /* Watchdog timer interrupt */ 1117 trace_ppc_excp_print("WDT"); 1118 srr0 = SPR_BOOKE_CSRR0; 1119 srr1 = SPR_BOOKE_CSRR1; 1120 break; 1121 case POWERPC_EXCP_DTLB: /* Data TLB error */ 1122 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 1123 break; 1124 case POWERPC_EXCP_DEBUG: /* Debug interrupt */ 1125 if (env->flags & POWERPC_FLAG_DE) { 1126 /* FIXME: choose one or the other based on CPU type */ 1127 srr0 = SPR_BOOKE_DSRR0; 1128 srr1 = SPR_BOOKE_DSRR1; 1129 1130 env->spr[SPR_BOOKE_CSRR0] = env->nip; 1131 env->spr[SPR_BOOKE_CSRR1] = msr; 1132 1133 /* DBSR already modified by caller */ 1134 } else { 1135 cpu_abort(env_cpu(env), 1136 "Debug exception triggered on unsupported model\n"); 1137 } 1138 break; 1139 case POWERPC_EXCP_SPEU: /* SPE/embedded floating-point unavailable/VPU */ 1140 env->spr[SPR_BOOKE_ESR] = ESR_SPV; 1141 break; 1142 case POWERPC_EXCP_DOORI: /* Embedded doorbell interrupt */ 1143 break; 1144 case POWERPC_EXCP_DOORCI: /* Embedded doorbell critical interrupt */ 1145 srr0 = SPR_BOOKE_CSRR0; 1146 srr1 = SPR_BOOKE_CSRR1; 1147 break; 1148 case POWERPC_EXCP_RESET: /* System reset exception */ 1149 if (FIELD_EX64(env->msr, MSR, POW)) { 1150 cpu_abort(env_cpu(env), 1151 "Trying to deliver power-saving system reset " 1152 "exception %d with no HV support\n", excp); 1153 } 1154 break; 1155 case POWERPC_EXCP_EFPDI: /* Embedded floating-point data interrupt */ 1156 case POWERPC_EXCP_EFPRI: /* Embedded floating-point round interrupt */ 1157 cpu_abort(env_cpu(env), "%s exception not implemented\n", 1158 powerpc_excp_name(excp)); 1159 break; 1160 default: 1161 cpu_abort(env_cpu(env), "Invalid PowerPC exception %d. Aborting\n", 1162 excp); 1163 break; 1164 } 1165 1166 #ifdef TARGET_PPC64 1167 if (env->spr[SPR_BOOKE_EPCR] & EPCR_ICM) { 1168 /* Cat.64-bit: EPCR.ICM is copied to MSR.CM */ 1169 new_msr |= (target_ulong)1 << MSR_CM; 1170 } else { 1171 vector = (uint32_t)vector; 1172 } 1173 #endif 1174 1175 env->spr[srr0] = env->nip; 1176 env->spr[srr1] = msr; 1177 powerpc_set_excp_state(cpu, vector, new_msr); 1178 } 1179 1180 /* 1181 * When running a nested HV guest under vhyp, external interrupts are 1182 * delivered as HVIRT. 1183 */ 1184 static bool books_vhyp_promotes_external_to_hvirt(PowerPCCPU *cpu) 1185 { 1186 if (cpu->vhyp) { 1187 return vhyp_cpu_in_nested(cpu); 1188 } 1189 return false; 1190 } 1191 1192 #ifdef TARGET_PPC64 1193 /* 1194 * When running under vhyp, hcalls are always intercepted and sent to the 1195 * vhc->hypercall handler. 1196 */ 1197 static bool books_vhyp_handles_hcall(PowerPCCPU *cpu) 1198 { 1199 if (cpu->vhyp) { 1200 return !vhyp_cpu_in_nested(cpu); 1201 } 1202 return false; 1203 } 1204 1205 /* 1206 * When running a nested KVM HV guest under vhyp, HV exceptions are not 1207 * delivered to the guest (because there is no concept of HV support), but 1208 * rather they are sent to the vhyp to exit from the L2 back to the L1 and 1209 * return from the H_ENTER_NESTED hypercall. 1210 */ 1211 static bool books_vhyp_handles_hv_excp(PowerPCCPU *cpu) 1212 { 1213 if (cpu->vhyp) { 1214 return vhyp_cpu_in_nested(cpu); 1215 } 1216 return false; 1217 } 1218 1219 #ifdef CONFIG_TCG 1220 static bool is_prefix_insn(CPUPPCState *env, uint32_t insn) 1221 { 1222 if (!(env->insns_flags2 & PPC2_ISA310)) { 1223 return false; 1224 } 1225 return ((insn & 0xfc000000) == 0x04000000); 1226 } 1227 1228 static bool is_prefix_insn_excp(PowerPCCPU *cpu, int excp) 1229 { 1230 CPUPPCState *env = &cpu->env; 1231 1232 if (!(env->insns_flags2 & PPC2_ISA310)) { 1233 return false; 1234 } 1235 1236 if (!tcg_enabled()) { 1237 /* 1238 * This does not load instructions and set the prefix bit correctly 1239 * for injected interrupts with KVM. That may have to be discovered 1240 * and set by the KVM layer before injecting. 1241 */ 1242 return false; 1243 } 1244 1245 switch (excp) { 1246 case POWERPC_EXCP_MCHECK: 1247 if (!(env->error_code & PPC_BIT(42))) { 1248 /* 1249 * Fetch attempt caused a machine check, so attempting to fetch 1250 * again would cause a recursive machine check. 1251 */ 1252 return false; 1253 } 1254 break; 1255 case POWERPC_EXCP_HDSI: 1256 /* HDSI PRTABLE_FAULT has the originating access type in error_code */ 1257 if ((env->spr[SPR_HDSISR] & DSISR_PRTABLE_FAULT) && 1258 (env->error_code == MMU_INST_FETCH)) { 1259 /* 1260 * Fetch failed due to partition scope translation, so prefix 1261 * indication is not relevant (and attempting to load the 1262 * instruction at NIP would cause recursive faults with the same 1263 * translation). 1264 */ 1265 return false; 1266 } 1267 break; 1268 1269 case POWERPC_EXCP_DSI: 1270 case POWERPC_EXCP_DSEG: 1271 case POWERPC_EXCP_ALIGN: 1272 case POWERPC_EXCP_PROGRAM: 1273 case POWERPC_EXCP_FPU: 1274 case POWERPC_EXCP_TRACE: 1275 case POWERPC_EXCP_HV_EMU: 1276 case POWERPC_EXCP_VPU: 1277 case POWERPC_EXCP_VSXU: 1278 case POWERPC_EXCP_FU: 1279 case POWERPC_EXCP_HV_FU: 1280 break; 1281 default: 1282 return false; 1283 } 1284 1285 return is_prefix_insn(env, ppc_ldl_code(env, env->nip)); 1286 } 1287 #else 1288 static bool is_prefix_insn_excp(PowerPCCPU *cpu, int excp) 1289 { 1290 return false; 1291 } 1292 #endif 1293 1294 static void powerpc_excp_books(PowerPCCPU *cpu, int excp) 1295 { 1296 CPUPPCState *env = &cpu->env; 1297 target_ulong msr, new_msr, vector; 1298 int srr0 = SPR_SRR0, srr1 = SPR_SRR1, lev = -1; 1299 1300 /* new srr1 value excluding must-be-zero bits */ 1301 msr = env->msr & ~0x783f0000ULL; 1302 1303 /* 1304 * new interrupt handler msr preserves HV and ME unless explicitly 1305 * overridden 1306 */ 1307 new_msr = env->msr & (((target_ulong)1 << MSR_ME) | MSR_HVB); 1308 1309 /* 1310 * check for special resume at 0x100 from doze/nap/sleep/winkle on 1311 * P7/P8/P9 1312 */ 1313 if (env->resume_as_sreset) { 1314 excp = powerpc_reset_wakeup(env, excp, &msr); 1315 } 1316 1317 /* 1318 * We don't want to generate a Hypervisor Emulation Assistance 1319 * Interrupt if we don't have HVB in msr_mask (PAPR mode), 1320 * unless running a nested-hv guest, in which case the L1 1321 * kernel wants the interrupt. 1322 */ 1323 if (excp == POWERPC_EXCP_HV_EMU && !(env->msr_mask & MSR_HVB) && 1324 !books_vhyp_handles_hv_excp(cpu)) { 1325 excp = POWERPC_EXCP_PROGRAM; 1326 } 1327 1328 vector = env->excp_vectors[excp]; 1329 if (vector == (target_ulong)-1ULL) { 1330 cpu_abort(env_cpu(env), 1331 "Raised an exception without defined vector %d\n", excp); 1332 } 1333 vector |= env->excp_prefix; 1334 1335 if (is_prefix_insn_excp(cpu, excp)) { 1336 msr |= PPC_BIT(34); 1337 } 1338 1339 switch (excp) { 1340 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 1341 powerpc_mcheck_checkstop(env); 1342 if (env->msr_mask & MSR_HVB) { 1343 /* 1344 * ISA specifies HV, but can be delivered to guest with HV 1345 * clear (e.g., see FWNMI in PAPR). 1346 */ 1347 new_msr |= (target_ulong)MSR_HVB; 1348 1349 /* HV machine check exceptions don't have ME set */ 1350 new_msr &= ~((target_ulong)1 << MSR_ME); 1351 } 1352 1353 msr |= env->error_code; 1354 break; 1355 1356 case POWERPC_EXCP_DSI: /* Data storage exception */ 1357 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 1358 break; 1359 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 1360 trace_ppc_excp_isi(msr, env->nip); 1361 msr |= env->error_code; 1362 break; 1363 case POWERPC_EXCP_EXTERNAL: /* External input */ 1364 { 1365 bool lpes0; 1366 1367 /* LPES0 is only taken into consideration if we support HV mode */ 1368 if (!env->has_hv_mode) { 1369 break; 1370 } 1371 lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1372 if (!lpes0) { 1373 new_msr |= (target_ulong)MSR_HVB; 1374 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1375 srr0 = SPR_HSRR0; 1376 srr1 = SPR_HSRR1; 1377 } 1378 break; 1379 } 1380 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 1381 /* Optional DSISR update was removed from ISA v3.0 */ 1382 if (!(env->insns_flags2 & PPC2_ISA300)) { 1383 /* Get rS/rD and rA from faulting opcode */ 1384 /* 1385 * Note: the opcode fields will not be set properly for a 1386 * direct store load/store, but nobody cares as nobody 1387 * actually uses direct store segments. 1388 */ 1389 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 1390 } 1391 break; 1392 case POWERPC_EXCP_PROGRAM: /* Program exception */ 1393 switch (env->error_code & ~0xF) { 1394 case POWERPC_EXCP_FP: 1395 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 1396 trace_ppc_excp_fp_ignore(); 1397 powerpc_reset_excp_state(cpu); 1398 return; 1399 } 1400 /* 1401 * NIP always points to the faulting instruction for FP exceptions, 1402 * so always use store_next and claim we are precise in the MSR. 1403 */ 1404 msr |= 0x00100000; 1405 break; 1406 case POWERPC_EXCP_INVAL: 1407 trace_ppc_excp_inval(env->nip); 1408 msr |= 0x00080000; 1409 break; 1410 case POWERPC_EXCP_PRIV: 1411 msr |= 0x00040000; 1412 break; 1413 case POWERPC_EXCP_TRAP: 1414 msr |= 0x00020000; 1415 break; 1416 default: 1417 /* Should never occur */ 1418 cpu_abort(env_cpu(env), "Invalid program exception %d. Aborting\n", 1419 env->error_code); 1420 break; 1421 } 1422 break; 1423 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1424 lev = env->error_code; 1425 1426 if (lev == 1 && cpu->vhyp) { 1427 dump_hcall(env); 1428 } else { 1429 dump_syscall(env); 1430 } 1431 1432 /* 1433 * We need to correct the NIP which in this case is supposed 1434 * to point to the next instruction 1435 */ 1436 env->nip += 4; 1437 1438 /* "PAPR mode" built-in hypercall emulation */ 1439 if (lev == 1 && books_vhyp_handles_hcall(cpu)) { 1440 PPCVirtualHypervisorClass *vhc = 1441 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 1442 vhc->hypercall(cpu->vhyp, cpu); 1443 powerpc_reset_excp_state(cpu); 1444 return; 1445 } 1446 if (env->insns_flags2 & PPC2_ISA310) { 1447 /* ISAv3.1 puts LEV into SRR1 */ 1448 msr |= lev << 20; 1449 } 1450 if (lev == 1) { 1451 new_msr |= (target_ulong)MSR_HVB; 1452 } 1453 break; 1454 case POWERPC_EXCP_SYSCALL_VECTORED: /* scv exception */ 1455 lev = env->error_code; 1456 dump_syscall(env); 1457 env->nip += 4; 1458 new_msr |= env->msr & ((target_ulong)1 << MSR_EE); 1459 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1460 1461 vector += lev * 0x20; 1462 1463 env->lr = env->nip; 1464 env->ctr = msr; 1465 break; 1466 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1467 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1468 break; 1469 case POWERPC_EXCP_RESET: /* System reset exception */ 1470 /* A power-saving exception sets ME, otherwise it is unchanged */ 1471 if (FIELD_EX64(env->msr, MSR, POW)) { 1472 /* indicate that we resumed from power save mode */ 1473 msr |= 0x10000; 1474 new_msr |= ((target_ulong)1 << MSR_ME); 1475 } 1476 if (env->msr_mask & MSR_HVB) { 1477 /* 1478 * ISA specifies HV, but can be delivered to guest with HV 1479 * clear (e.g., see FWNMI in PAPR, NMI injection in QEMU). 1480 */ 1481 new_msr |= (target_ulong)MSR_HVB; 1482 } else { 1483 if (FIELD_EX64(env->msr, MSR, POW)) { 1484 cpu_abort(env_cpu(env), 1485 "Trying to deliver power-saving system reset " 1486 "exception %d with no HV support\n", excp); 1487 } 1488 } 1489 break; 1490 case POWERPC_EXCP_TRACE: /* Trace exception */ 1491 msr |= env->error_code; 1492 /* fall through */ 1493 case POWERPC_EXCP_DSEG: /* Data segment exception */ 1494 case POWERPC_EXCP_ISEG: /* Instruction segment exception */ 1495 case POWERPC_EXCP_SDOOR: /* Doorbell interrupt */ 1496 case POWERPC_EXCP_PERFM: /* Performance monitor interrupt */ 1497 break; 1498 case POWERPC_EXCP_HISI: /* Hypervisor instruction storage exception */ 1499 msr |= env->error_code; 1500 /* fall through */ 1501 case POWERPC_EXCP_HDECR: /* Hypervisor decrementer exception */ 1502 case POWERPC_EXCP_HDSI: /* Hypervisor data storage exception */ 1503 case POWERPC_EXCP_SDOOR_HV: /* Hypervisor Doorbell interrupt */ 1504 case POWERPC_EXCP_HVIRT: /* Hypervisor virtualization */ 1505 srr0 = SPR_HSRR0; 1506 srr1 = SPR_HSRR1; 1507 new_msr |= (target_ulong)MSR_HVB; 1508 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1509 break; 1510 #ifdef CONFIG_TCG 1511 case POWERPC_EXCP_HV_EMU: { 1512 uint32_t insn = ppc_ldl_code(env, env->nip); 1513 env->spr[SPR_HEIR] = insn; 1514 if (is_prefix_insn(env, insn)) { 1515 uint32_t insn2 = ppc_ldl_code(env, env->nip + 4); 1516 env->spr[SPR_HEIR] <<= 32; 1517 env->spr[SPR_HEIR] |= insn2; 1518 } 1519 srr0 = SPR_HSRR0; 1520 srr1 = SPR_HSRR1; 1521 new_msr |= (target_ulong)MSR_HVB; 1522 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1523 break; 1524 } 1525 #endif 1526 case POWERPC_EXCP_VPU: /* Vector unavailable exception */ 1527 case POWERPC_EXCP_VSXU: /* VSX unavailable exception */ 1528 case POWERPC_EXCP_FU: /* Facility unavailable exception */ 1529 env->spr[SPR_FSCR] |= ((target_ulong)env->error_code << 56); 1530 break; 1531 case POWERPC_EXCP_HV_FU: /* Hypervisor Facility Unavailable Exception */ 1532 env->spr[SPR_HFSCR] |= ((target_ulong)env->error_code << FSCR_IC_POS); 1533 srr0 = SPR_HSRR0; 1534 srr1 = SPR_HSRR1; 1535 new_msr |= (target_ulong)MSR_HVB; 1536 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1537 break; 1538 case POWERPC_EXCP_PERFM_EBB: /* Performance Monitor EBB Exception */ 1539 case POWERPC_EXCP_EXTERNAL_EBB: /* External EBB Exception */ 1540 env->spr[SPR_BESCR] &= ~BESCR_GE; 1541 1542 /* 1543 * Save NIP for rfebb insn in SPR_EBBRR. Next nip is 1544 * stored in the EBB Handler SPR_EBBHR. 1545 */ 1546 env->spr[SPR_EBBRR] = env->nip; 1547 powerpc_set_excp_state(cpu, env->spr[SPR_EBBHR], env->msr); 1548 1549 /* 1550 * This exception is handled in userspace. No need to proceed. 1551 */ 1552 return; 1553 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 1554 case POWERPC_EXCP_VPUA: /* Vector assist exception */ 1555 case POWERPC_EXCP_MAINT: /* Maintenance exception */ 1556 case POWERPC_EXCP_HV_MAINT: /* Hypervisor Maintenance exception */ 1557 cpu_abort(env_cpu(env), "%s exception not implemented\n", 1558 powerpc_excp_name(excp)); 1559 break; 1560 default: 1561 cpu_abort(env_cpu(env), "Invalid PowerPC exception %d. Aborting\n", 1562 excp); 1563 break; 1564 } 1565 1566 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 1567 new_msr |= (target_ulong)1 << MSR_LE; 1568 } 1569 new_msr |= (target_ulong)1 << MSR_SF; 1570 1571 if (excp != POWERPC_EXCP_SYSCALL_VECTORED) { 1572 env->spr[srr0] = env->nip; 1573 env->spr[srr1] = msr; 1574 } 1575 1576 if ((new_msr & MSR_HVB) && books_vhyp_handles_hv_excp(cpu)) { 1577 PPCVirtualHypervisorClass *vhc = 1578 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 1579 /* Deliver interrupt to L1 by returning from the H_ENTER_NESTED call */ 1580 vhc->deliver_hv_excp(cpu, excp); 1581 powerpc_reset_excp_state(cpu); 1582 } else { 1583 /* Sanity check */ 1584 if (!(env->msr_mask & MSR_HVB) && srr0 == SPR_HSRR0) { 1585 cpu_abort(env_cpu(env), "Trying to deliver HV exception (HSRR) %d " 1586 "with no HV support\n", excp); 1587 } 1588 /* This can update new_msr and vector if AIL applies */ 1589 ppc_excp_apply_ail(cpu, excp, msr, &new_msr, &vector); 1590 powerpc_set_excp_state(cpu, vector, new_msr); 1591 } 1592 } 1593 #else 1594 static inline void powerpc_excp_books(PowerPCCPU *cpu, int excp) 1595 { 1596 g_assert_not_reached(); 1597 } 1598 #endif /* TARGET_PPC64 */ 1599 1600 static void powerpc_excp(PowerPCCPU *cpu, int excp) 1601 { 1602 CPUPPCState *env = &cpu->env; 1603 1604 if (excp <= POWERPC_EXCP_NONE || excp >= POWERPC_EXCP_NB) { 1605 cpu_abort(env_cpu(env), "Invalid PowerPC exception %d. Aborting\n", 1606 excp); 1607 } 1608 1609 qemu_log_mask(CPU_LOG_INT, "Raise exception at " TARGET_FMT_lx 1610 " => %s (%d) error=%02x\n", env->nip, powerpc_excp_name(excp), 1611 excp, env->error_code); 1612 env->excp_stats[excp]++; 1613 1614 switch (env->excp_model) { 1615 case POWERPC_EXCP_40x: 1616 powerpc_excp_40x(cpu, excp); 1617 break; 1618 case POWERPC_EXCP_6xx: 1619 powerpc_excp_6xx(cpu, excp); 1620 break; 1621 case POWERPC_EXCP_7xx: 1622 powerpc_excp_7xx(cpu, excp); 1623 break; 1624 case POWERPC_EXCP_74xx: 1625 powerpc_excp_74xx(cpu, excp); 1626 break; 1627 case POWERPC_EXCP_BOOKE: 1628 powerpc_excp_booke(cpu, excp); 1629 break; 1630 case POWERPC_EXCP_970: 1631 case POWERPC_EXCP_POWER7: 1632 case POWERPC_EXCP_POWER8: 1633 case POWERPC_EXCP_POWER9: 1634 case POWERPC_EXCP_POWER10: 1635 powerpc_excp_books(cpu, excp); 1636 break; 1637 default: 1638 g_assert_not_reached(); 1639 } 1640 } 1641 1642 void ppc_cpu_do_interrupt(CPUState *cs) 1643 { 1644 PowerPCCPU *cpu = POWERPC_CPU(cs); 1645 1646 powerpc_excp(cpu, cs->exception_index); 1647 } 1648 1649 #ifdef TARGET_PPC64 1650 #define P7_UNUSED_INTERRUPTS \ 1651 (PPC_INTERRUPT_RESET | PPC_INTERRUPT_HVIRT | PPC_INTERRUPT_CEXT | \ 1652 PPC_INTERRUPT_WDT | PPC_INTERRUPT_CDOORBELL | PPC_INTERRUPT_FIT | \ 1653 PPC_INTERRUPT_PIT | PPC_INTERRUPT_DOORBELL | PPC_INTERRUPT_HDOORBELL | \ 1654 PPC_INTERRUPT_THERM | PPC_INTERRUPT_EBB) 1655 1656 static int p7_interrupt_powersave(CPUPPCState *env) 1657 { 1658 if ((env->pending_interrupts & PPC_INTERRUPT_EXT) && 1659 (env->spr[SPR_LPCR] & LPCR_P7_PECE0)) { 1660 return PPC_INTERRUPT_EXT; 1661 } 1662 if ((env->pending_interrupts & PPC_INTERRUPT_DECR) && 1663 (env->spr[SPR_LPCR] & LPCR_P7_PECE1)) { 1664 return PPC_INTERRUPT_DECR; 1665 } 1666 if ((env->pending_interrupts & PPC_INTERRUPT_MCK) && 1667 (env->spr[SPR_LPCR] & LPCR_P7_PECE2)) { 1668 return PPC_INTERRUPT_MCK; 1669 } 1670 if ((env->pending_interrupts & PPC_INTERRUPT_HMI) && 1671 (env->spr[SPR_LPCR] & LPCR_P7_PECE2)) { 1672 return PPC_INTERRUPT_HMI; 1673 } 1674 if (env->pending_interrupts & PPC_INTERRUPT_RESET) { 1675 return PPC_INTERRUPT_RESET; 1676 } 1677 return 0; 1678 } 1679 1680 static int p7_next_unmasked_interrupt(CPUPPCState *env) 1681 { 1682 CPUState *cs = env_cpu(env); 1683 1684 /* Ignore MSR[EE] when coming out of some power management states */ 1685 bool msr_ee = FIELD_EX64(env->msr, MSR, EE) || env->resume_as_sreset; 1686 1687 assert((env->pending_interrupts & P7_UNUSED_INTERRUPTS) == 0); 1688 1689 if (cs->halted) { 1690 /* LPCR[PECE] controls which interrupts can exit power-saving mode */ 1691 return p7_interrupt_powersave(env); 1692 } 1693 1694 /* Machine check exception */ 1695 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 1696 return PPC_INTERRUPT_MCK; 1697 } 1698 1699 /* Hypervisor decrementer exception */ 1700 if (env->pending_interrupts & PPC_INTERRUPT_HDECR) { 1701 /* LPCR will be clear when not supported so this will work */ 1702 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 1703 if ((msr_ee || !FIELD_EX64_HV(env->msr)) && hdice) { 1704 /* HDEC clears on delivery */ 1705 return PPC_INTERRUPT_HDECR; 1706 } 1707 } 1708 1709 /* External interrupt can ignore MSR:EE under some circumstances */ 1710 if (env->pending_interrupts & PPC_INTERRUPT_EXT) { 1711 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1712 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 1713 /* HEIC blocks delivery to the hypervisor */ 1714 if ((msr_ee && !(heic && FIELD_EX64_HV(env->msr) && 1715 !FIELD_EX64(env->msr, MSR, PR))) || 1716 (env->has_hv_mode && !FIELD_EX64_HV(env->msr) && !lpes0)) { 1717 return PPC_INTERRUPT_EXT; 1718 } 1719 } 1720 if (msr_ee != 0) { 1721 /* Decrementer exception */ 1722 if (env->pending_interrupts & PPC_INTERRUPT_DECR) { 1723 return PPC_INTERRUPT_DECR; 1724 } 1725 if (env->pending_interrupts & PPC_INTERRUPT_PERFM) { 1726 return PPC_INTERRUPT_PERFM; 1727 } 1728 } 1729 1730 return 0; 1731 } 1732 1733 #define P8_UNUSED_INTERRUPTS \ 1734 (PPC_INTERRUPT_RESET | PPC_INTERRUPT_DEBUG | PPC_INTERRUPT_HVIRT | \ 1735 PPC_INTERRUPT_CEXT | PPC_INTERRUPT_WDT | PPC_INTERRUPT_CDOORBELL | \ 1736 PPC_INTERRUPT_FIT | PPC_INTERRUPT_PIT | PPC_INTERRUPT_THERM) 1737 1738 static int p8_interrupt_powersave(CPUPPCState *env) 1739 { 1740 if ((env->pending_interrupts & PPC_INTERRUPT_EXT) && 1741 (env->spr[SPR_LPCR] & LPCR_P8_PECE2)) { 1742 return PPC_INTERRUPT_EXT; 1743 } 1744 if ((env->pending_interrupts & PPC_INTERRUPT_DECR) && 1745 (env->spr[SPR_LPCR] & LPCR_P8_PECE3)) { 1746 return PPC_INTERRUPT_DECR; 1747 } 1748 if ((env->pending_interrupts & PPC_INTERRUPT_MCK) && 1749 (env->spr[SPR_LPCR] & LPCR_P8_PECE4)) { 1750 return PPC_INTERRUPT_MCK; 1751 } 1752 if ((env->pending_interrupts & PPC_INTERRUPT_HMI) && 1753 (env->spr[SPR_LPCR] & LPCR_P8_PECE4)) { 1754 return PPC_INTERRUPT_HMI; 1755 } 1756 if ((env->pending_interrupts & PPC_INTERRUPT_DOORBELL) && 1757 (env->spr[SPR_LPCR] & LPCR_P8_PECE0)) { 1758 return PPC_INTERRUPT_DOORBELL; 1759 } 1760 if ((env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) && 1761 (env->spr[SPR_LPCR] & LPCR_P8_PECE1)) { 1762 return PPC_INTERRUPT_HDOORBELL; 1763 } 1764 if (env->pending_interrupts & PPC_INTERRUPT_RESET) { 1765 return PPC_INTERRUPT_RESET; 1766 } 1767 return 0; 1768 } 1769 1770 static int p8_next_unmasked_interrupt(CPUPPCState *env) 1771 { 1772 CPUState *cs = env_cpu(env); 1773 1774 /* Ignore MSR[EE] when coming out of some power management states */ 1775 bool msr_ee = FIELD_EX64(env->msr, MSR, EE) || env->resume_as_sreset; 1776 1777 assert((env->pending_interrupts & P8_UNUSED_INTERRUPTS) == 0); 1778 1779 if (cs->halted) { 1780 /* LPCR[PECE] controls which interrupts can exit power-saving mode */ 1781 return p8_interrupt_powersave(env); 1782 } 1783 1784 /* Machine check exception */ 1785 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 1786 return PPC_INTERRUPT_MCK; 1787 } 1788 1789 /* Hypervisor decrementer exception */ 1790 if (env->pending_interrupts & PPC_INTERRUPT_HDECR) { 1791 /* LPCR will be clear when not supported so this will work */ 1792 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 1793 if ((msr_ee || !FIELD_EX64_HV(env->msr)) && hdice) { 1794 /* HDEC clears on delivery */ 1795 return PPC_INTERRUPT_HDECR; 1796 } 1797 } 1798 1799 /* External interrupt can ignore MSR:EE under some circumstances */ 1800 if (env->pending_interrupts & PPC_INTERRUPT_EXT) { 1801 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1802 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 1803 /* HEIC blocks delivery to the hypervisor */ 1804 if ((msr_ee && !(heic && FIELD_EX64_HV(env->msr) && 1805 !FIELD_EX64(env->msr, MSR, PR))) || 1806 (env->has_hv_mode && !FIELD_EX64_HV(env->msr) && !lpes0)) { 1807 return PPC_INTERRUPT_EXT; 1808 } 1809 } 1810 if (msr_ee != 0) { 1811 /* Decrementer exception */ 1812 if (env->pending_interrupts & PPC_INTERRUPT_DECR) { 1813 return PPC_INTERRUPT_DECR; 1814 } 1815 if (env->pending_interrupts & PPC_INTERRUPT_DOORBELL) { 1816 return PPC_INTERRUPT_DOORBELL; 1817 } 1818 if (env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) { 1819 return PPC_INTERRUPT_HDOORBELL; 1820 } 1821 if (env->pending_interrupts & PPC_INTERRUPT_PERFM) { 1822 return PPC_INTERRUPT_PERFM; 1823 } 1824 /* EBB exception */ 1825 if (env->pending_interrupts & PPC_INTERRUPT_EBB) { 1826 /* 1827 * EBB exception must be taken in problem state and 1828 * with BESCR_GE set. 1829 */ 1830 if (FIELD_EX64(env->msr, MSR, PR) && 1831 (env->spr[SPR_BESCR] & BESCR_GE)) { 1832 return PPC_INTERRUPT_EBB; 1833 } 1834 } 1835 } 1836 1837 return 0; 1838 } 1839 1840 #define P9_UNUSED_INTERRUPTS \ 1841 (PPC_INTERRUPT_RESET | PPC_INTERRUPT_DEBUG | PPC_INTERRUPT_CEXT | \ 1842 PPC_INTERRUPT_WDT | PPC_INTERRUPT_CDOORBELL | PPC_INTERRUPT_FIT | \ 1843 PPC_INTERRUPT_PIT | PPC_INTERRUPT_THERM) 1844 1845 static int p9_interrupt_powersave(CPUPPCState *env) 1846 { 1847 /* External Exception */ 1848 if ((env->pending_interrupts & PPC_INTERRUPT_EXT) && 1849 (env->spr[SPR_LPCR] & LPCR_EEE)) { 1850 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 1851 if (!heic || !FIELD_EX64_HV(env->msr) || 1852 FIELD_EX64(env->msr, MSR, PR)) { 1853 return PPC_INTERRUPT_EXT; 1854 } 1855 } 1856 /* Decrementer Exception */ 1857 if ((env->pending_interrupts & PPC_INTERRUPT_DECR) && 1858 (env->spr[SPR_LPCR] & LPCR_DEE)) { 1859 return PPC_INTERRUPT_DECR; 1860 } 1861 /* Machine Check or Hypervisor Maintenance Exception */ 1862 if (env->spr[SPR_LPCR] & LPCR_OEE) { 1863 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 1864 return PPC_INTERRUPT_MCK; 1865 } 1866 if (env->pending_interrupts & PPC_INTERRUPT_HMI) { 1867 return PPC_INTERRUPT_HMI; 1868 } 1869 } 1870 /* Privileged Doorbell Exception */ 1871 if ((env->pending_interrupts & PPC_INTERRUPT_DOORBELL) && 1872 (env->spr[SPR_LPCR] & LPCR_PDEE)) { 1873 return PPC_INTERRUPT_DOORBELL; 1874 } 1875 /* Hypervisor Doorbell Exception */ 1876 if ((env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) && 1877 (env->spr[SPR_LPCR] & LPCR_HDEE)) { 1878 return PPC_INTERRUPT_HDOORBELL; 1879 } 1880 /* Hypervisor virtualization exception */ 1881 if ((env->pending_interrupts & PPC_INTERRUPT_HVIRT) && 1882 (env->spr[SPR_LPCR] & LPCR_HVEE)) { 1883 return PPC_INTERRUPT_HVIRT; 1884 } 1885 if (env->pending_interrupts & PPC_INTERRUPT_RESET) { 1886 return PPC_INTERRUPT_RESET; 1887 } 1888 return 0; 1889 } 1890 1891 static int p9_next_unmasked_interrupt(CPUPPCState *env) 1892 { 1893 CPUState *cs = env_cpu(env); 1894 1895 /* Ignore MSR[EE] when coming out of some power management states */ 1896 bool msr_ee = FIELD_EX64(env->msr, MSR, EE) || env->resume_as_sreset; 1897 1898 assert((env->pending_interrupts & P9_UNUSED_INTERRUPTS) == 0); 1899 1900 if (cs->halted) { 1901 if (env->spr[SPR_PSSCR] & PSSCR_EC) { 1902 /* 1903 * When PSSCR[EC] is set, LPCR[PECE] controls which interrupts can 1904 * wakeup the processor 1905 */ 1906 return p9_interrupt_powersave(env); 1907 } else { 1908 /* 1909 * When it's clear, any system-caused exception exits power-saving 1910 * mode, even the ones that gate on MSR[EE]. 1911 */ 1912 msr_ee = true; 1913 } 1914 } 1915 1916 /* Machine check exception */ 1917 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 1918 return PPC_INTERRUPT_MCK; 1919 } 1920 1921 /* Hypervisor decrementer exception */ 1922 if (env->pending_interrupts & PPC_INTERRUPT_HDECR) { 1923 /* LPCR will be clear when not supported so this will work */ 1924 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 1925 if ((msr_ee || !FIELD_EX64_HV(env->msr)) && hdice) { 1926 /* HDEC clears on delivery */ 1927 return PPC_INTERRUPT_HDECR; 1928 } 1929 } 1930 1931 /* Hypervisor virtualization interrupt */ 1932 if (env->pending_interrupts & PPC_INTERRUPT_HVIRT) { 1933 /* LPCR will be clear when not supported so this will work */ 1934 bool hvice = !!(env->spr[SPR_LPCR] & LPCR_HVICE); 1935 if ((msr_ee || !FIELD_EX64_HV(env->msr)) && hvice) { 1936 return PPC_INTERRUPT_HVIRT; 1937 } 1938 } 1939 1940 /* External interrupt can ignore MSR:EE under some circumstances */ 1941 if (env->pending_interrupts & PPC_INTERRUPT_EXT) { 1942 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1943 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 1944 /* HEIC blocks delivery to the hypervisor */ 1945 if ((msr_ee && !(heic && FIELD_EX64_HV(env->msr) && 1946 !FIELD_EX64(env->msr, MSR, PR))) || 1947 (env->has_hv_mode && !FIELD_EX64_HV(env->msr) && !lpes0)) { 1948 return PPC_INTERRUPT_EXT; 1949 } 1950 } 1951 if (msr_ee != 0) { 1952 /* Decrementer exception */ 1953 if (env->pending_interrupts & PPC_INTERRUPT_DECR) { 1954 return PPC_INTERRUPT_DECR; 1955 } 1956 if (env->pending_interrupts & PPC_INTERRUPT_DOORBELL) { 1957 return PPC_INTERRUPT_DOORBELL; 1958 } 1959 if (env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) { 1960 return PPC_INTERRUPT_HDOORBELL; 1961 } 1962 if (env->pending_interrupts & PPC_INTERRUPT_PERFM) { 1963 return PPC_INTERRUPT_PERFM; 1964 } 1965 /* EBB exception */ 1966 if (env->pending_interrupts & PPC_INTERRUPT_EBB) { 1967 /* 1968 * EBB exception must be taken in problem state and 1969 * with BESCR_GE set. 1970 */ 1971 if (FIELD_EX64(env->msr, MSR, PR) && 1972 (env->spr[SPR_BESCR] & BESCR_GE)) { 1973 return PPC_INTERRUPT_EBB; 1974 } 1975 } 1976 } 1977 1978 return 0; 1979 } 1980 #endif /* TARGET_PPC64 */ 1981 1982 static int ppc_next_unmasked_interrupt(CPUPPCState *env) 1983 { 1984 #ifdef TARGET_PPC64 1985 switch (env->excp_model) { 1986 case POWERPC_EXCP_POWER7: 1987 return p7_next_unmasked_interrupt(env); 1988 case POWERPC_EXCP_POWER8: 1989 return p8_next_unmasked_interrupt(env); 1990 case POWERPC_EXCP_POWER9: 1991 case POWERPC_EXCP_POWER10: 1992 return p9_next_unmasked_interrupt(env); 1993 default: 1994 break; 1995 } 1996 #endif 1997 bool async_deliver; 1998 1999 /* External reset */ 2000 if (env->pending_interrupts & PPC_INTERRUPT_RESET) { 2001 return PPC_INTERRUPT_RESET; 2002 } 2003 /* Machine check exception */ 2004 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 2005 return PPC_INTERRUPT_MCK; 2006 } 2007 #if 0 /* TODO */ 2008 /* External debug exception */ 2009 if (env->pending_interrupts & PPC_INTERRUPT_DEBUG) { 2010 return PPC_INTERRUPT_DEBUG; 2011 } 2012 #endif 2013 2014 /* 2015 * For interrupts that gate on MSR:EE, we need to do something a 2016 * bit more subtle, as we need to let them through even when EE is 2017 * clear when coming out of some power management states (in order 2018 * for them to become a 0x100). 2019 */ 2020 async_deliver = FIELD_EX64(env->msr, MSR, EE) || env->resume_as_sreset; 2021 2022 /* Hypervisor decrementer exception */ 2023 if (env->pending_interrupts & PPC_INTERRUPT_HDECR) { 2024 /* LPCR will be clear when not supported so this will work */ 2025 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 2026 if ((async_deliver || !FIELD_EX64_HV(env->msr)) && hdice) { 2027 /* HDEC clears on delivery */ 2028 return PPC_INTERRUPT_HDECR; 2029 } 2030 } 2031 2032 /* Hypervisor virtualization interrupt */ 2033 if (env->pending_interrupts & PPC_INTERRUPT_HVIRT) { 2034 /* LPCR will be clear when not supported so this will work */ 2035 bool hvice = !!(env->spr[SPR_LPCR] & LPCR_HVICE); 2036 if ((async_deliver || !FIELD_EX64_HV(env->msr)) && hvice) { 2037 return PPC_INTERRUPT_HVIRT; 2038 } 2039 } 2040 2041 /* External interrupt can ignore MSR:EE under some circumstances */ 2042 if (env->pending_interrupts & PPC_INTERRUPT_EXT) { 2043 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 2044 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 2045 /* HEIC blocks delivery to the hypervisor */ 2046 if ((async_deliver && !(heic && FIELD_EX64_HV(env->msr) && 2047 !FIELD_EX64(env->msr, MSR, PR))) || 2048 (env->has_hv_mode && !FIELD_EX64_HV(env->msr) && !lpes0)) { 2049 return PPC_INTERRUPT_EXT; 2050 } 2051 } 2052 if (FIELD_EX64(env->msr, MSR, CE)) { 2053 /* External critical interrupt */ 2054 if (env->pending_interrupts & PPC_INTERRUPT_CEXT) { 2055 return PPC_INTERRUPT_CEXT; 2056 } 2057 } 2058 if (async_deliver != 0) { 2059 /* Watchdog timer on embedded PowerPC */ 2060 if (env->pending_interrupts & PPC_INTERRUPT_WDT) { 2061 return PPC_INTERRUPT_WDT; 2062 } 2063 if (env->pending_interrupts & PPC_INTERRUPT_CDOORBELL) { 2064 return PPC_INTERRUPT_CDOORBELL; 2065 } 2066 /* Fixed interval timer on embedded PowerPC */ 2067 if (env->pending_interrupts & PPC_INTERRUPT_FIT) { 2068 return PPC_INTERRUPT_FIT; 2069 } 2070 /* Programmable interval timer on embedded PowerPC */ 2071 if (env->pending_interrupts & PPC_INTERRUPT_PIT) { 2072 return PPC_INTERRUPT_PIT; 2073 } 2074 /* Decrementer exception */ 2075 if (env->pending_interrupts & PPC_INTERRUPT_DECR) { 2076 return PPC_INTERRUPT_DECR; 2077 } 2078 if (env->pending_interrupts & PPC_INTERRUPT_DOORBELL) { 2079 return PPC_INTERRUPT_DOORBELL; 2080 } 2081 if (env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) { 2082 return PPC_INTERRUPT_HDOORBELL; 2083 } 2084 if (env->pending_interrupts & PPC_INTERRUPT_PERFM) { 2085 return PPC_INTERRUPT_PERFM; 2086 } 2087 /* Thermal interrupt */ 2088 if (env->pending_interrupts & PPC_INTERRUPT_THERM) { 2089 return PPC_INTERRUPT_THERM; 2090 } 2091 /* EBB exception */ 2092 if (env->pending_interrupts & PPC_INTERRUPT_EBB) { 2093 /* 2094 * EBB exception must be taken in problem state and 2095 * with BESCR_GE set. 2096 */ 2097 if (FIELD_EX64(env->msr, MSR, PR) && 2098 (env->spr[SPR_BESCR] & BESCR_GE)) { 2099 return PPC_INTERRUPT_EBB; 2100 } 2101 } 2102 } 2103 2104 return 0; 2105 } 2106 2107 /* 2108 * Sets CPU_INTERRUPT_HARD if there is at least one unmasked interrupt to be 2109 * delivered and clears CPU_INTERRUPT_HARD otherwise. 2110 * 2111 * This method is called by ppc_set_interrupt when an interrupt is raised or 2112 * lowered, and should also be called whenever an interrupt masking condition 2113 * is changed, e.g.: 2114 * - When relevant bits of MSR are altered, like EE, HV, PR, etc.; 2115 * - When relevant bits of LPCR are altered, like PECE, HDICE, HVICE, etc.; 2116 * - When PSSCR[EC] or env->resume_as_sreset are changed; 2117 * - When cs->halted is changed and the CPU has a different interrupt masking 2118 * logic in power-saving mode (e.g., POWER7/8/9/10); 2119 */ 2120 void ppc_maybe_interrupt(CPUPPCState *env) 2121 { 2122 CPUState *cs = env_cpu(env); 2123 BQL_LOCK_GUARD(); 2124 2125 if (ppc_next_unmasked_interrupt(env)) { 2126 cpu_interrupt(cs, CPU_INTERRUPT_HARD); 2127 } else { 2128 cpu_reset_interrupt(cs, CPU_INTERRUPT_HARD); 2129 } 2130 } 2131 2132 #ifdef TARGET_PPC64 2133 static void p7_deliver_interrupt(CPUPPCState *env, int interrupt) 2134 { 2135 PowerPCCPU *cpu = env_archcpu(env); 2136 2137 switch (interrupt) { 2138 case PPC_INTERRUPT_MCK: /* Machine check exception */ 2139 env->pending_interrupts &= ~PPC_INTERRUPT_MCK; 2140 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 2141 break; 2142 2143 case PPC_INTERRUPT_HDECR: /* Hypervisor decrementer exception */ 2144 /* HDEC clears on delivery */ 2145 env->pending_interrupts &= ~PPC_INTERRUPT_HDECR; 2146 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 2147 break; 2148 2149 case PPC_INTERRUPT_EXT: 2150 if (books_vhyp_promotes_external_to_hvirt(cpu)) { 2151 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2152 } else { 2153 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 2154 } 2155 break; 2156 2157 case PPC_INTERRUPT_DECR: /* Decrementer exception */ 2158 powerpc_excp(cpu, POWERPC_EXCP_DECR); 2159 break; 2160 case PPC_INTERRUPT_PERFM: 2161 env->pending_interrupts &= ~PPC_INTERRUPT_PERFM; 2162 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 2163 break; 2164 case 0: 2165 /* 2166 * This is a bug ! It means that has_work took us out of halt without 2167 * anything to deliver while in a PM state that requires getting 2168 * out via a 0x100 2169 * 2170 * This means we will incorrectly execute past the power management 2171 * instruction instead of triggering a reset. 2172 * 2173 * It generally means a discrepancy between the wakeup conditions in the 2174 * processor has_work implementation and the logic in this function. 2175 */ 2176 assert(!env->resume_as_sreset); 2177 break; 2178 default: 2179 cpu_abort(env_cpu(env), "Invalid PowerPC interrupt %d. Aborting\n", 2180 interrupt); 2181 } 2182 } 2183 2184 static void p8_deliver_interrupt(CPUPPCState *env, int interrupt) 2185 { 2186 PowerPCCPU *cpu = env_archcpu(env); 2187 2188 switch (interrupt) { 2189 case PPC_INTERRUPT_MCK: /* Machine check exception */ 2190 env->pending_interrupts &= ~PPC_INTERRUPT_MCK; 2191 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 2192 break; 2193 2194 case PPC_INTERRUPT_HDECR: /* Hypervisor decrementer exception */ 2195 /* HDEC clears on delivery */ 2196 env->pending_interrupts &= ~PPC_INTERRUPT_HDECR; 2197 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 2198 break; 2199 2200 case PPC_INTERRUPT_EXT: 2201 if (books_vhyp_promotes_external_to_hvirt(cpu)) { 2202 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2203 } else { 2204 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 2205 } 2206 break; 2207 2208 case PPC_INTERRUPT_DECR: /* Decrementer exception */ 2209 powerpc_excp(cpu, POWERPC_EXCP_DECR); 2210 break; 2211 case PPC_INTERRUPT_DOORBELL: 2212 env->pending_interrupts &= ~PPC_INTERRUPT_DOORBELL; 2213 if (is_book3s_arch2x(env)) { 2214 powerpc_excp(cpu, POWERPC_EXCP_SDOOR); 2215 } else { 2216 powerpc_excp(cpu, POWERPC_EXCP_DOORI); 2217 } 2218 break; 2219 case PPC_INTERRUPT_HDOORBELL: 2220 env->pending_interrupts &= ~PPC_INTERRUPT_HDOORBELL; 2221 powerpc_excp(cpu, POWERPC_EXCP_SDOOR_HV); 2222 break; 2223 case PPC_INTERRUPT_PERFM: 2224 env->pending_interrupts &= ~PPC_INTERRUPT_PERFM; 2225 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 2226 break; 2227 case PPC_INTERRUPT_EBB: /* EBB exception */ 2228 env->pending_interrupts &= ~PPC_INTERRUPT_EBB; 2229 if (env->spr[SPR_BESCR] & BESCR_PMEO) { 2230 powerpc_excp(cpu, POWERPC_EXCP_PERFM_EBB); 2231 } else if (env->spr[SPR_BESCR] & BESCR_EEO) { 2232 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL_EBB); 2233 } 2234 break; 2235 case 0: 2236 /* 2237 * This is a bug ! It means that has_work took us out of halt without 2238 * anything to deliver while in a PM state that requires getting 2239 * out via a 0x100 2240 * 2241 * This means we will incorrectly execute past the power management 2242 * instruction instead of triggering a reset. 2243 * 2244 * It generally means a discrepancy between the wakeup conditions in the 2245 * processor has_work implementation and the logic in this function. 2246 */ 2247 assert(!env->resume_as_sreset); 2248 break; 2249 default: 2250 cpu_abort(env_cpu(env), "Invalid PowerPC interrupt %d. Aborting\n", 2251 interrupt); 2252 } 2253 } 2254 2255 static void p9_deliver_interrupt(CPUPPCState *env, int interrupt) 2256 { 2257 PowerPCCPU *cpu = env_archcpu(env); 2258 CPUState *cs = env_cpu(env); 2259 2260 if (cs->halted && !(env->spr[SPR_PSSCR] & PSSCR_EC) && 2261 !FIELD_EX64(env->msr, MSR, EE)) { 2262 /* 2263 * A pending interrupt took us out of power-saving, but MSR[EE] says 2264 * that we should return to NIP+4 instead of delivering it. 2265 */ 2266 return; 2267 } 2268 2269 switch (interrupt) { 2270 case PPC_INTERRUPT_MCK: /* Machine check exception */ 2271 env->pending_interrupts &= ~PPC_INTERRUPT_MCK; 2272 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 2273 break; 2274 2275 case PPC_INTERRUPT_HDECR: /* Hypervisor decrementer exception */ 2276 /* HDEC clears on delivery */ 2277 env->pending_interrupts &= ~PPC_INTERRUPT_HDECR; 2278 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 2279 break; 2280 case PPC_INTERRUPT_HVIRT: /* Hypervisor virtualization interrupt */ 2281 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2282 break; 2283 2284 case PPC_INTERRUPT_EXT: 2285 if (books_vhyp_promotes_external_to_hvirt(cpu)) { 2286 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2287 } else { 2288 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 2289 } 2290 break; 2291 2292 case PPC_INTERRUPT_DECR: /* Decrementer exception */ 2293 powerpc_excp(cpu, POWERPC_EXCP_DECR); 2294 break; 2295 case PPC_INTERRUPT_DOORBELL: 2296 env->pending_interrupts &= ~PPC_INTERRUPT_DOORBELL; 2297 powerpc_excp(cpu, POWERPC_EXCP_SDOOR); 2298 break; 2299 case PPC_INTERRUPT_HDOORBELL: 2300 env->pending_interrupts &= ~PPC_INTERRUPT_HDOORBELL; 2301 powerpc_excp(cpu, POWERPC_EXCP_SDOOR_HV); 2302 break; 2303 case PPC_INTERRUPT_PERFM: 2304 env->pending_interrupts &= ~PPC_INTERRUPT_PERFM; 2305 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 2306 break; 2307 case PPC_INTERRUPT_EBB: /* EBB exception */ 2308 env->pending_interrupts &= ~PPC_INTERRUPT_EBB; 2309 if (env->spr[SPR_BESCR] & BESCR_PMEO) { 2310 powerpc_excp(cpu, POWERPC_EXCP_PERFM_EBB); 2311 } else if (env->spr[SPR_BESCR] & BESCR_EEO) { 2312 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL_EBB); 2313 } 2314 break; 2315 case 0: 2316 /* 2317 * This is a bug ! It means that has_work took us out of halt without 2318 * anything to deliver while in a PM state that requires getting 2319 * out via a 0x100 2320 * 2321 * This means we will incorrectly execute past the power management 2322 * instruction instead of triggering a reset. 2323 * 2324 * It generally means a discrepancy between the wakeup conditions in the 2325 * processor has_work implementation and the logic in this function. 2326 */ 2327 assert(!env->resume_as_sreset); 2328 break; 2329 default: 2330 cpu_abort(env_cpu(env), "Invalid PowerPC interrupt %d. Aborting\n", 2331 interrupt); 2332 } 2333 } 2334 #endif /* TARGET_PPC64 */ 2335 2336 static void ppc_deliver_interrupt(CPUPPCState *env, int interrupt) 2337 { 2338 #ifdef TARGET_PPC64 2339 switch (env->excp_model) { 2340 case POWERPC_EXCP_POWER7: 2341 return p7_deliver_interrupt(env, interrupt); 2342 case POWERPC_EXCP_POWER8: 2343 return p8_deliver_interrupt(env, interrupt); 2344 case POWERPC_EXCP_POWER9: 2345 case POWERPC_EXCP_POWER10: 2346 return p9_deliver_interrupt(env, interrupt); 2347 default: 2348 break; 2349 } 2350 #endif 2351 PowerPCCPU *cpu = env_archcpu(env); 2352 2353 switch (interrupt) { 2354 case PPC_INTERRUPT_RESET: /* External reset */ 2355 env->pending_interrupts &= ~PPC_INTERRUPT_RESET; 2356 powerpc_excp(cpu, POWERPC_EXCP_RESET); 2357 break; 2358 case PPC_INTERRUPT_MCK: /* Machine check exception */ 2359 env->pending_interrupts &= ~PPC_INTERRUPT_MCK; 2360 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 2361 break; 2362 2363 case PPC_INTERRUPT_HDECR: /* Hypervisor decrementer exception */ 2364 /* HDEC clears on delivery */ 2365 env->pending_interrupts &= ~PPC_INTERRUPT_HDECR; 2366 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 2367 break; 2368 case PPC_INTERRUPT_HVIRT: /* Hypervisor virtualization interrupt */ 2369 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2370 break; 2371 2372 case PPC_INTERRUPT_EXT: 2373 if (books_vhyp_promotes_external_to_hvirt(cpu)) { 2374 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2375 } else { 2376 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 2377 } 2378 break; 2379 case PPC_INTERRUPT_CEXT: /* External critical interrupt */ 2380 powerpc_excp(cpu, POWERPC_EXCP_CRITICAL); 2381 break; 2382 2383 case PPC_INTERRUPT_WDT: /* Watchdog timer on embedded PowerPC */ 2384 env->pending_interrupts &= ~PPC_INTERRUPT_WDT; 2385 powerpc_excp(cpu, POWERPC_EXCP_WDT); 2386 break; 2387 case PPC_INTERRUPT_CDOORBELL: 2388 env->pending_interrupts &= ~PPC_INTERRUPT_CDOORBELL; 2389 powerpc_excp(cpu, POWERPC_EXCP_DOORCI); 2390 break; 2391 case PPC_INTERRUPT_FIT: /* Fixed interval timer on embedded PowerPC */ 2392 env->pending_interrupts &= ~PPC_INTERRUPT_FIT; 2393 powerpc_excp(cpu, POWERPC_EXCP_FIT); 2394 break; 2395 case PPC_INTERRUPT_PIT: /* Programmable interval timer on embedded ppc */ 2396 env->pending_interrupts &= ~PPC_INTERRUPT_PIT; 2397 powerpc_excp(cpu, POWERPC_EXCP_PIT); 2398 break; 2399 case PPC_INTERRUPT_DECR: /* Decrementer exception */ 2400 if (ppc_decr_clear_on_delivery(env)) { 2401 env->pending_interrupts &= ~PPC_INTERRUPT_DECR; 2402 } 2403 powerpc_excp(cpu, POWERPC_EXCP_DECR); 2404 break; 2405 case PPC_INTERRUPT_DOORBELL: 2406 env->pending_interrupts &= ~PPC_INTERRUPT_DOORBELL; 2407 if (is_book3s_arch2x(env)) { 2408 powerpc_excp(cpu, POWERPC_EXCP_SDOOR); 2409 } else { 2410 powerpc_excp(cpu, POWERPC_EXCP_DOORI); 2411 } 2412 break; 2413 case PPC_INTERRUPT_HDOORBELL: 2414 env->pending_interrupts &= ~PPC_INTERRUPT_HDOORBELL; 2415 powerpc_excp(cpu, POWERPC_EXCP_SDOOR_HV); 2416 break; 2417 case PPC_INTERRUPT_PERFM: 2418 env->pending_interrupts &= ~PPC_INTERRUPT_PERFM; 2419 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 2420 break; 2421 case PPC_INTERRUPT_THERM: /* Thermal interrupt */ 2422 env->pending_interrupts &= ~PPC_INTERRUPT_THERM; 2423 powerpc_excp(cpu, POWERPC_EXCP_THERM); 2424 break; 2425 case PPC_INTERRUPT_EBB: /* EBB exception */ 2426 env->pending_interrupts &= ~PPC_INTERRUPT_EBB; 2427 if (env->spr[SPR_BESCR] & BESCR_PMEO) { 2428 powerpc_excp(cpu, POWERPC_EXCP_PERFM_EBB); 2429 } else if (env->spr[SPR_BESCR] & BESCR_EEO) { 2430 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL_EBB); 2431 } 2432 break; 2433 case 0: 2434 /* 2435 * This is a bug ! It means that has_work took us out of halt without 2436 * anything to deliver while in a PM state that requires getting 2437 * out via a 0x100 2438 * 2439 * This means we will incorrectly execute past the power management 2440 * instruction instead of triggering a reset. 2441 * 2442 * It generally means a discrepancy between the wakeup conditions in the 2443 * processor has_work implementation and the logic in this function. 2444 */ 2445 assert(!env->resume_as_sreset); 2446 break; 2447 default: 2448 cpu_abort(env_cpu(env), "Invalid PowerPC interrupt %d. Aborting\n", 2449 interrupt); 2450 } 2451 } 2452 2453 void ppc_cpu_do_system_reset(CPUState *cs) 2454 { 2455 PowerPCCPU *cpu = POWERPC_CPU(cs); 2456 2457 powerpc_excp(cpu, POWERPC_EXCP_RESET); 2458 } 2459 2460 void ppc_cpu_do_fwnmi_machine_check(CPUState *cs, target_ulong vector) 2461 { 2462 PowerPCCPU *cpu = POWERPC_CPU(cs); 2463 CPUPPCState *env = &cpu->env; 2464 target_ulong msr = 0; 2465 2466 /* 2467 * Set MSR and NIP for the handler, SRR0/1, DAR and DSISR have already 2468 * been set by KVM. 2469 */ 2470 msr = (1ULL << MSR_ME); 2471 msr |= env->msr & (1ULL << MSR_SF); 2472 if (ppc_interrupts_little_endian(cpu, false)) { 2473 msr |= (1ULL << MSR_LE); 2474 } 2475 2476 /* Anything for nested required here? MSR[HV] bit? */ 2477 2478 powerpc_set_excp_state(cpu, vector, msr); 2479 } 2480 2481 bool ppc_cpu_exec_interrupt(CPUState *cs, int interrupt_request) 2482 { 2483 CPUPPCState *env = cpu_env(cs); 2484 int interrupt; 2485 2486 if ((interrupt_request & CPU_INTERRUPT_HARD) == 0) { 2487 return false; 2488 } 2489 2490 interrupt = ppc_next_unmasked_interrupt(env); 2491 if (interrupt == 0) { 2492 return false; 2493 } 2494 2495 ppc_deliver_interrupt(env, interrupt); 2496 if (env->pending_interrupts == 0) { 2497 cpu_reset_interrupt(cs, CPU_INTERRUPT_HARD); 2498 } 2499 return true; 2500 } 2501 2502 #endif /* !CONFIG_USER_ONLY */ 2503 2504 /*****************************************************************************/ 2505 /* Exceptions processing helpers */ 2506 2507 void raise_exception_err_ra(CPUPPCState *env, uint32_t exception, 2508 uint32_t error_code, uintptr_t raddr) 2509 { 2510 CPUState *cs = env_cpu(env); 2511 2512 cs->exception_index = exception; 2513 env->error_code = error_code; 2514 cpu_loop_exit_restore(cs, raddr); 2515 } 2516 2517 void raise_exception_err(CPUPPCState *env, uint32_t exception, 2518 uint32_t error_code) 2519 { 2520 raise_exception_err_ra(env, exception, error_code, 0); 2521 } 2522 2523 void raise_exception(CPUPPCState *env, uint32_t exception) 2524 { 2525 raise_exception_err_ra(env, exception, 0, 0); 2526 } 2527 2528 void raise_exception_ra(CPUPPCState *env, uint32_t exception, 2529 uintptr_t raddr) 2530 { 2531 raise_exception_err_ra(env, exception, 0, raddr); 2532 } 2533 2534 #ifdef CONFIG_TCG 2535 void helper_raise_exception_err(CPUPPCState *env, uint32_t exception, 2536 uint32_t error_code) 2537 { 2538 raise_exception_err_ra(env, exception, error_code, 0); 2539 } 2540 2541 void helper_raise_exception(CPUPPCState *env, uint32_t exception) 2542 { 2543 raise_exception_err_ra(env, exception, 0, 0); 2544 } 2545 2546 #ifndef CONFIG_USER_ONLY 2547 void helper_store_msr(CPUPPCState *env, target_ulong val) 2548 { 2549 uint32_t excp = hreg_store_msr(env, val, 0); 2550 2551 if (excp != 0) { 2552 cpu_interrupt_exittb(env_cpu(env)); 2553 raise_exception(env, excp); 2554 } 2555 } 2556 2557 void helper_ppc_maybe_interrupt(CPUPPCState *env) 2558 { 2559 ppc_maybe_interrupt(env); 2560 } 2561 2562 #ifdef TARGET_PPC64 2563 void helper_scv(CPUPPCState *env, uint32_t lev) 2564 { 2565 if (env->spr[SPR_FSCR] & (1ull << FSCR_SCV)) { 2566 raise_exception_err(env, POWERPC_EXCP_SYSCALL_VECTORED, lev); 2567 } else { 2568 raise_exception_err(env, POWERPC_EXCP_FU, FSCR_IC_SCV); 2569 } 2570 } 2571 2572 void helper_pminsn(CPUPPCState *env, uint32_t insn) 2573 { 2574 CPUState *cs = env_cpu(env); 2575 2576 cs->halted = 1; 2577 2578 /* Condition for waking up at 0x100 */ 2579 env->resume_as_sreset = (insn != PPC_PM_STOP) || 2580 (env->spr[SPR_PSSCR] & PSSCR_EC); 2581 2582 /* HDECR is not to wake from PM state, it may have already fired */ 2583 if (env->resume_as_sreset) { 2584 PowerPCCPU *cpu = env_archcpu(env); 2585 ppc_set_irq(cpu, PPC_INTERRUPT_HDECR, 0); 2586 } 2587 2588 ppc_maybe_interrupt(env); 2589 } 2590 #endif /* TARGET_PPC64 */ 2591 2592 static void do_rfi(CPUPPCState *env, target_ulong nip, target_ulong msr) 2593 { 2594 /* MSR:POW cannot be set by any form of rfi */ 2595 msr &= ~(1ULL << MSR_POW); 2596 2597 /* MSR:TGPR cannot be set by any form of rfi */ 2598 if (env->flags & POWERPC_FLAG_TGPR) 2599 msr &= ~(1ULL << MSR_TGPR); 2600 2601 #ifdef TARGET_PPC64 2602 /* Switching to 32-bit ? Crop the nip */ 2603 if (!msr_is_64bit(env, msr)) { 2604 nip = (uint32_t)nip; 2605 } 2606 #else 2607 nip = (uint32_t)nip; 2608 #endif 2609 /* XXX: beware: this is false if VLE is supported */ 2610 env->nip = nip & ~((target_ulong)0x00000003); 2611 hreg_store_msr(env, msr, 1); 2612 trace_ppc_excp_rfi(env->nip, env->msr); 2613 /* 2614 * No need to raise an exception here, as rfi is always the last 2615 * insn of a TB 2616 */ 2617 cpu_interrupt_exittb(env_cpu(env)); 2618 /* Reset the reservation */ 2619 env->reserve_addr = -1; 2620 2621 /* Context synchronizing: check if TCG TLB needs flush */ 2622 check_tlb_flush(env, false); 2623 } 2624 2625 void helper_rfi(CPUPPCState *env) 2626 { 2627 do_rfi(env, env->spr[SPR_SRR0], env->spr[SPR_SRR1] & 0xfffffffful); 2628 } 2629 2630 #ifdef TARGET_PPC64 2631 void helper_rfid(CPUPPCState *env) 2632 { 2633 /* 2634 * The architecture defines a number of rules for which bits can 2635 * change but in practice, we handle this in hreg_store_msr() 2636 * which will be called by do_rfi(), so there is no need to filter 2637 * here 2638 */ 2639 do_rfi(env, env->spr[SPR_SRR0], env->spr[SPR_SRR1]); 2640 } 2641 2642 void helper_rfscv(CPUPPCState *env) 2643 { 2644 do_rfi(env, env->lr, env->ctr); 2645 } 2646 2647 void helper_hrfid(CPUPPCState *env) 2648 { 2649 do_rfi(env, env->spr[SPR_HSRR0], env->spr[SPR_HSRR1]); 2650 } 2651 2652 void helper_rfebb(CPUPPCState *env, target_ulong s) 2653 { 2654 target_ulong msr = env->msr; 2655 2656 /* 2657 * Handling of BESCR bits 32:33 according to PowerISA v3.1: 2658 * 2659 * "If BESCR 32:33 != 0b00 the instruction is treated as if 2660 * the instruction form were invalid." 2661 */ 2662 if (env->spr[SPR_BESCR] & BESCR_INVALID) { 2663 raise_exception_err(env, POWERPC_EXCP_PROGRAM, 2664 POWERPC_EXCP_INVAL | POWERPC_EXCP_INVAL_INVAL); 2665 } 2666 2667 env->nip = env->spr[SPR_EBBRR]; 2668 2669 /* Switching to 32-bit ? Crop the nip */ 2670 if (!msr_is_64bit(env, msr)) { 2671 env->nip = (uint32_t)env->spr[SPR_EBBRR]; 2672 } 2673 2674 if (s) { 2675 env->spr[SPR_BESCR] |= BESCR_GE; 2676 } else { 2677 env->spr[SPR_BESCR] &= ~BESCR_GE; 2678 } 2679 } 2680 2681 /* 2682 * Triggers or queues an 'ebb_excp' EBB exception. All checks 2683 * but FSCR, HFSCR and msr_pr must be done beforehand. 2684 * 2685 * PowerISA v3.1 isn't clear about whether an EBB should be 2686 * postponed or cancelled if the EBB facility is unavailable. 2687 * Our assumption here is that the EBB is cancelled if both 2688 * FSCR and HFSCR EBB facilities aren't available. 2689 */ 2690 static void do_ebb(CPUPPCState *env, int ebb_excp) 2691 { 2692 PowerPCCPU *cpu = env_archcpu(env); 2693 2694 /* 2695 * FSCR_EBB and FSCR_IC_EBB are the same bits used with 2696 * HFSCR. 2697 */ 2698 helper_fscr_facility_check(env, FSCR_EBB, 0, FSCR_IC_EBB); 2699 helper_hfscr_facility_check(env, FSCR_EBB, "EBB", FSCR_IC_EBB); 2700 2701 if (ebb_excp == POWERPC_EXCP_PERFM_EBB) { 2702 env->spr[SPR_BESCR] |= BESCR_PMEO; 2703 } else if (ebb_excp == POWERPC_EXCP_EXTERNAL_EBB) { 2704 env->spr[SPR_BESCR] |= BESCR_EEO; 2705 } 2706 2707 if (FIELD_EX64(env->msr, MSR, PR)) { 2708 powerpc_excp(cpu, ebb_excp); 2709 } else { 2710 ppc_set_irq(cpu, PPC_INTERRUPT_EBB, 1); 2711 } 2712 } 2713 2714 void raise_ebb_perfm_exception(CPUPPCState *env) 2715 { 2716 bool perfm_ebb_enabled = env->spr[SPR_POWER_MMCR0] & MMCR0_EBE && 2717 env->spr[SPR_BESCR] & BESCR_PME && 2718 env->spr[SPR_BESCR] & BESCR_GE; 2719 2720 if (!perfm_ebb_enabled) { 2721 return; 2722 } 2723 2724 do_ebb(env, POWERPC_EXCP_PERFM_EBB); 2725 } 2726 #endif /* TARGET_PPC64 */ 2727 2728 /*****************************************************************************/ 2729 /* Embedded PowerPC specific helpers */ 2730 void helper_40x_rfci(CPUPPCState *env) 2731 { 2732 do_rfi(env, env->spr[SPR_40x_SRR2], env->spr[SPR_40x_SRR3]); 2733 } 2734 2735 void helper_rfci(CPUPPCState *env) 2736 { 2737 do_rfi(env, env->spr[SPR_BOOKE_CSRR0], env->spr[SPR_BOOKE_CSRR1]); 2738 } 2739 2740 void helper_rfdi(CPUPPCState *env) 2741 { 2742 /* FIXME: choose CSRR1 or DSRR1 based on cpu type */ 2743 do_rfi(env, env->spr[SPR_BOOKE_DSRR0], env->spr[SPR_BOOKE_DSRR1]); 2744 } 2745 2746 void helper_rfmci(CPUPPCState *env) 2747 { 2748 /* FIXME: choose CSRR1 or MCSRR1 based on cpu type */ 2749 do_rfi(env, env->spr[SPR_BOOKE_MCSRR0], env->spr[SPR_BOOKE_MCSRR1]); 2750 } 2751 #endif /* !CONFIG_USER_ONLY */ 2752 2753 void helper_tw(CPUPPCState *env, target_ulong arg1, target_ulong arg2, 2754 uint32_t flags) 2755 { 2756 if (!likely(!(((int32_t)arg1 < (int32_t)arg2 && (flags & 0x10)) || 2757 ((int32_t)arg1 > (int32_t)arg2 && (flags & 0x08)) || 2758 ((int32_t)arg1 == (int32_t)arg2 && (flags & 0x04)) || 2759 ((uint32_t)arg1 < (uint32_t)arg2 && (flags & 0x02)) || 2760 ((uint32_t)arg1 > (uint32_t)arg2 && (flags & 0x01))))) { 2761 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2762 POWERPC_EXCP_TRAP, GETPC()); 2763 } 2764 } 2765 2766 #ifdef TARGET_PPC64 2767 void helper_td(CPUPPCState *env, target_ulong arg1, target_ulong arg2, 2768 uint32_t flags) 2769 { 2770 if (!likely(!(((int64_t)arg1 < (int64_t)arg2 && (flags & 0x10)) || 2771 ((int64_t)arg1 > (int64_t)arg2 && (flags & 0x08)) || 2772 ((int64_t)arg1 == (int64_t)arg2 && (flags & 0x04)) || 2773 ((uint64_t)arg1 < (uint64_t)arg2 && (flags & 0x02)) || 2774 ((uint64_t)arg1 > (uint64_t)arg2 && (flags & 0x01))))) { 2775 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2776 POWERPC_EXCP_TRAP, GETPC()); 2777 } 2778 } 2779 #endif /* TARGET_PPC64 */ 2780 2781 static uint32_t helper_SIMON_LIKE_32_64(uint32_t x, uint64_t key, uint32_t lane) 2782 { 2783 const uint16_t c = 0xfffc; 2784 const uint64_t z0 = 0xfa2561cdf44ac398ULL; 2785 uint16_t z = 0, temp; 2786 uint16_t k[32], eff_k[32], xleft[33], xright[33], fxleft[32]; 2787 2788 for (int i = 3; i >= 0; i--) { 2789 k[i] = key & 0xffff; 2790 key >>= 16; 2791 } 2792 xleft[0] = x & 0xffff; 2793 xright[0] = (x >> 16) & 0xffff; 2794 2795 for (int i = 0; i < 28; i++) { 2796 z = (z0 >> (63 - i)) & 1; 2797 temp = ror16(k[i + 3], 3) ^ k[i + 1]; 2798 k[i + 4] = c ^ z ^ k[i] ^ temp ^ ror16(temp, 1); 2799 } 2800 2801 for (int i = 0; i < 8; i++) { 2802 eff_k[4 * i + 0] = k[4 * i + ((0 + lane) % 4)]; 2803 eff_k[4 * i + 1] = k[4 * i + ((1 + lane) % 4)]; 2804 eff_k[4 * i + 2] = k[4 * i + ((2 + lane) % 4)]; 2805 eff_k[4 * i + 3] = k[4 * i + ((3 + lane) % 4)]; 2806 } 2807 2808 for (int i = 0; i < 32; i++) { 2809 fxleft[i] = (rol16(xleft[i], 1) & 2810 rol16(xleft[i], 8)) ^ rol16(xleft[i], 2); 2811 xleft[i + 1] = xright[i] ^ fxleft[i] ^ eff_k[i]; 2812 xright[i + 1] = xleft[i]; 2813 } 2814 2815 return (((uint32_t)xright[32]) << 16) | xleft[32]; 2816 } 2817 2818 static uint64_t hash_digest(uint64_t ra, uint64_t rb, uint64_t key) 2819 { 2820 uint64_t stage0_h = 0ULL, stage0_l = 0ULL; 2821 uint64_t stage1_h, stage1_l; 2822 2823 for (int i = 0; i < 4; i++) { 2824 stage0_h |= ror64(rb & 0xff, 8 * (2 * i + 1)); 2825 stage0_h |= ((ra >> 32) & 0xff) << (8 * 2 * i); 2826 stage0_l |= ror64((rb >> 32) & 0xff, 8 * (2 * i + 1)); 2827 stage0_l |= (ra & 0xff) << (8 * 2 * i); 2828 rb >>= 8; 2829 ra >>= 8; 2830 } 2831 2832 stage1_h = (uint64_t)helper_SIMON_LIKE_32_64(stage0_h >> 32, key, 0) << 32; 2833 stage1_h |= helper_SIMON_LIKE_32_64(stage0_h, key, 1); 2834 stage1_l = (uint64_t)helper_SIMON_LIKE_32_64(stage0_l >> 32, key, 2) << 32; 2835 stage1_l |= helper_SIMON_LIKE_32_64(stage0_l, key, 3); 2836 2837 return stage1_h ^ stage1_l; 2838 } 2839 2840 static void do_hash(CPUPPCState *env, target_ulong ea, target_ulong ra, 2841 target_ulong rb, uint64_t key, bool store) 2842 { 2843 uint64_t calculated_hash = hash_digest(ra, rb, key), loaded_hash; 2844 2845 if (store) { 2846 cpu_stq_data_ra(env, ea, calculated_hash, GETPC()); 2847 } else { 2848 loaded_hash = cpu_ldq_data_ra(env, ea, GETPC()); 2849 if (loaded_hash != calculated_hash) { 2850 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2851 POWERPC_EXCP_TRAP, GETPC()); 2852 } 2853 } 2854 } 2855 2856 #include "qemu/guest-random.h" 2857 2858 #ifdef TARGET_PPC64 2859 #define HELPER_HASH(op, key, store, dexcr_aspect) \ 2860 void helper_##op(CPUPPCState *env, target_ulong ea, target_ulong ra, \ 2861 target_ulong rb) \ 2862 { \ 2863 if (env->msr & R_MSR_PR_MASK) { \ 2864 if (!(env->spr[SPR_DEXCR] & R_DEXCR_PRO_##dexcr_aspect##_MASK || \ 2865 env->spr[SPR_HDEXCR] & R_HDEXCR_ENF_##dexcr_aspect##_MASK)) \ 2866 return; \ 2867 } else if (!(env->msr & R_MSR_HV_MASK)) { \ 2868 if (!(env->spr[SPR_DEXCR] & R_DEXCR_PNH_##dexcr_aspect##_MASK || \ 2869 env->spr[SPR_HDEXCR] & R_HDEXCR_ENF_##dexcr_aspect##_MASK)) \ 2870 return; \ 2871 } else if (!(env->msr & R_MSR_S_MASK)) { \ 2872 if (!(env->spr[SPR_HDEXCR] & R_HDEXCR_HNU_##dexcr_aspect##_MASK)) \ 2873 return; \ 2874 } \ 2875 \ 2876 do_hash(env, ea, ra, rb, key, store); \ 2877 } 2878 #else 2879 #define HELPER_HASH(op, key, store, dexcr_aspect) \ 2880 void helper_##op(CPUPPCState *env, target_ulong ea, target_ulong ra, \ 2881 target_ulong rb) \ 2882 { \ 2883 do_hash(env, ea, ra, rb, key, store); \ 2884 } 2885 #endif /* TARGET_PPC64 */ 2886 2887 HELPER_HASH(HASHST, env->spr[SPR_HASHKEYR], true, NPHIE) 2888 HELPER_HASH(HASHCHK, env->spr[SPR_HASHKEYR], false, NPHIE) 2889 HELPER_HASH(HASHSTP, env->spr[SPR_HASHPKEYR], true, PHIE) 2890 HELPER_HASH(HASHCHKP, env->spr[SPR_HASHPKEYR], false, PHIE) 2891 2892 #ifndef CONFIG_USER_ONLY 2893 /* Embedded.Processor Control */ 2894 static int dbell2irq(target_ulong rb) 2895 { 2896 int msg = rb & DBELL_TYPE_MASK; 2897 int irq = -1; 2898 2899 switch (msg) { 2900 case DBELL_TYPE_DBELL: 2901 irq = PPC_INTERRUPT_DOORBELL; 2902 break; 2903 case DBELL_TYPE_DBELL_CRIT: 2904 irq = PPC_INTERRUPT_CDOORBELL; 2905 break; 2906 case DBELL_TYPE_G_DBELL: 2907 case DBELL_TYPE_G_DBELL_CRIT: 2908 case DBELL_TYPE_G_DBELL_MC: 2909 /* XXX implement */ 2910 default: 2911 break; 2912 } 2913 2914 return irq; 2915 } 2916 2917 void helper_msgclr(CPUPPCState *env, target_ulong rb) 2918 { 2919 int irq = dbell2irq(rb); 2920 2921 if (irq < 0) { 2922 return; 2923 } 2924 2925 ppc_set_irq(env_archcpu(env), irq, 0); 2926 } 2927 2928 void helper_msgsnd(target_ulong rb) 2929 { 2930 int irq = dbell2irq(rb); 2931 int pir = rb & DBELL_PIRTAG_MASK; 2932 CPUState *cs; 2933 2934 if (irq < 0) { 2935 return; 2936 } 2937 2938 bql_lock(); 2939 CPU_FOREACH(cs) { 2940 PowerPCCPU *cpu = POWERPC_CPU(cs); 2941 CPUPPCState *cenv = &cpu->env; 2942 2943 if ((rb & DBELL_BRDCAST) || (cenv->spr[SPR_BOOKE_PIR] == pir)) { 2944 ppc_set_irq(cpu, irq, 1); 2945 } 2946 } 2947 bql_unlock(); 2948 } 2949 2950 /* Server Processor Control */ 2951 2952 static bool dbell_type_server(target_ulong rb) 2953 { 2954 /* 2955 * A Directed Hypervisor Doorbell message is sent only if the 2956 * message type is 5. All other types are reserved and the 2957 * instruction is a no-op 2958 */ 2959 return (rb & DBELL_TYPE_MASK) == DBELL_TYPE_DBELL_SERVER; 2960 } 2961 2962 void helper_book3s_msgclr(CPUPPCState *env, target_ulong rb) 2963 { 2964 if (!dbell_type_server(rb)) { 2965 return; 2966 } 2967 2968 ppc_set_irq(env_archcpu(env), PPC_INTERRUPT_HDOORBELL, 0); 2969 } 2970 2971 static void book3s_msgsnd_common(int pir, int irq) 2972 { 2973 CPUState *cs; 2974 2975 bql_lock(); 2976 CPU_FOREACH(cs) { 2977 PowerPCCPU *cpu = POWERPC_CPU(cs); 2978 CPUPPCState *cenv = &cpu->env; 2979 2980 /* TODO: broadcast message to all threads of the same processor */ 2981 if (cenv->spr_cb[SPR_PIR].default_value == pir) { 2982 ppc_set_irq(cpu, irq, 1); 2983 } 2984 } 2985 bql_unlock(); 2986 } 2987 2988 void helper_book3s_msgsnd(target_ulong rb) 2989 { 2990 int pir = rb & DBELL_PROCIDTAG_MASK; 2991 2992 if (!dbell_type_server(rb)) { 2993 return; 2994 } 2995 2996 book3s_msgsnd_common(pir, PPC_INTERRUPT_HDOORBELL); 2997 } 2998 2999 #ifdef TARGET_PPC64 3000 void helper_book3s_msgclrp(CPUPPCState *env, target_ulong rb) 3001 { 3002 helper_hfscr_facility_check(env, HFSCR_MSGP, "msgclrp", HFSCR_IC_MSGP); 3003 3004 if (!dbell_type_server(rb)) { 3005 return; 3006 } 3007 3008 ppc_set_irq(env_archcpu(env), PPC_INTERRUPT_DOORBELL, 0); 3009 } 3010 3011 /* 3012 * sends a message to another thread on the same 3013 * multi-threaded processor 3014 */ 3015 void helper_book3s_msgsndp(CPUPPCState *env, target_ulong rb) 3016 { 3017 CPUState *cs = env_cpu(env); 3018 PowerPCCPU *cpu = env_archcpu(env); 3019 CPUState *ccs; 3020 uint32_t nr_threads = cs->nr_threads; 3021 int ttir = rb & PPC_BITMASK(57, 63); 3022 3023 helper_hfscr_facility_check(env, HFSCR_MSGP, "msgsndp", HFSCR_IC_MSGP); 3024 3025 if (!(env->flags & POWERPC_FLAG_SMT_1LPAR)) { 3026 nr_threads = 1; /* msgsndp behaves as 1-thread in LPAR-per-thread mode*/ 3027 } 3028 3029 if (!dbell_type_server(rb) || ttir >= nr_threads) { 3030 return; 3031 } 3032 3033 if (nr_threads == 1) { 3034 ppc_set_irq(cpu, PPC_INTERRUPT_DOORBELL, 1); 3035 return; 3036 } 3037 3038 /* Does iothread need to be locked for walking CPU list? */ 3039 bql_lock(); 3040 THREAD_SIBLING_FOREACH(cs, ccs) { 3041 PowerPCCPU *ccpu = POWERPC_CPU(ccs); 3042 uint32_t thread_id = ppc_cpu_tir(ccpu); 3043 3044 if (ttir == thread_id) { 3045 ppc_set_irq(ccpu, PPC_INTERRUPT_DOORBELL, 1); 3046 bql_unlock(); 3047 return; 3048 } 3049 } 3050 3051 g_assert_not_reached(); 3052 } 3053 #endif /* TARGET_PPC64 */ 3054 3055 /* Single-step tracing */ 3056 void helper_book3s_trace(CPUPPCState *env, target_ulong prev_ip) 3057 { 3058 uint32_t error_code = 0; 3059 if (env->insns_flags2 & PPC2_ISA207S) { 3060 /* Load/store reporting, SRR1[35, 36] and SDAR, are not implemented. */ 3061 env->spr[SPR_POWER_SIAR] = prev_ip; 3062 error_code = PPC_BIT(33); 3063 } 3064 raise_exception_err(env, POWERPC_EXCP_TRACE, error_code); 3065 } 3066 3067 void ppc_cpu_do_unaligned_access(CPUState *cs, vaddr vaddr, 3068 MMUAccessType access_type, 3069 int mmu_idx, uintptr_t retaddr) 3070 { 3071 CPUPPCState *env = cpu_env(cs); 3072 uint32_t insn; 3073 3074 /* Restore state and reload the insn we executed, for filling in DSISR. */ 3075 cpu_restore_state(cs, retaddr); 3076 insn = ppc_ldl_code(env, env->nip); 3077 3078 switch (env->mmu_model) { 3079 case POWERPC_MMU_SOFT_4xx: 3080 env->spr[SPR_40x_DEAR] = vaddr; 3081 break; 3082 case POWERPC_MMU_BOOKE: 3083 case POWERPC_MMU_BOOKE206: 3084 env->spr[SPR_BOOKE_DEAR] = vaddr; 3085 break; 3086 default: 3087 env->spr[SPR_DAR] = vaddr; 3088 break; 3089 } 3090 3091 cs->exception_index = POWERPC_EXCP_ALIGN; 3092 env->error_code = insn & 0x03FF0000; 3093 cpu_loop_exit(cs); 3094 } 3095 3096 void ppc_cpu_do_transaction_failed(CPUState *cs, hwaddr physaddr, 3097 vaddr vaddr, unsigned size, 3098 MMUAccessType access_type, 3099 int mmu_idx, MemTxAttrs attrs, 3100 MemTxResult response, uintptr_t retaddr) 3101 { 3102 CPUPPCState *env = cpu_env(cs); 3103 3104 switch (env->excp_model) { 3105 #if defined(TARGET_PPC64) 3106 case POWERPC_EXCP_POWER8: 3107 case POWERPC_EXCP_POWER9: 3108 case POWERPC_EXCP_POWER10: 3109 /* 3110 * Machine check codes can be found in processor User Manual or 3111 * Linux or skiboot source. 3112 */ 3113 if (access_type == MMU_DATA_LOAD) { 3114 env->spr[SPR_DAR] = vaddr; 3115 env->spr[SPR_DSISR] = PPC_BIT(57); 3116 env->error_code = PPC_BIT(42); 3117 3118 } else if (access_type == MMU_DATA_STORE) { 3119 /* 3120 * MCE for stores in POWER is asynchronous so hardware does 3121 * not set DAR, but QEMU can do better. 3122 */ 3123 env->spr[SPR_DAR] = vaddr; 3124 env->error_code = PPC_BIT(36) | PPC_BIT(43) | PPC_BIT(45); 3125 env->error_code |= PPC_BIT(42); 3126 3127 } else { /* Fetch */ 3128 /* 3129 * is_prefix_insn_excp() tests !PPC_BIT(42) to avoid fetching 3130 * the instruction, so that must always be clear for fetches. 3131 */ 3132 env->error_code = PPC_BIT(36) | PPC_BIT(44) | PPC_BIT(45); 3133 } 3134 break; 3135 #endif 3136 default: 3137 /* 3138 * TODO: Check behaviour for other CPUs, for now do nothing. 3139 * Could add a basic MCE even if real hardware ignores. 3140 */ 3141 return; 3142 } 3143 3144 cs->exception_index = POWERPC_EXCP_MCHECK; 3145 cpu_loop_exit_restore(cs, retaddr); 3146 } 3147 3148 void ppc_cpu_debug_excp_handler(CPUState *cs) 3149 { 3150 #if defined(TARGET_PPC64) 3151 CPUPPCState *env = cpu_env(cs); 3152 3153 if (env->insns_flags2 & PPC2_ISA207S) { 3154 if (cs->watchpoint_hit) { 3155 if (cs->watchpoint_hit->flags & BP_CPU) { 3156 env->spr[SPR_DAR] = cs->watchpoint_hit->hitaddr; 3157 env->spr[SPR_DSISR] = PPC_BIT(41); 3158 cs->watchpoint_hit = NULL; 3159 raise_exception(env, POWERPC_EXCP_DSI); 3160 } 3161 cs->watchpoint_hit = NULL; 3162 } else if (cpu_breakpoint_test(cs, env->nip, BP_CPU)) { 3163 raise_exception_err(env, POWERPC_EXCP_TRACE, 3164 PPC_BIT(33) | PPC_BIT(43)); 3165 } 3166 } 3167 #endif 3168 } 3169 3170 bool ppc_cpu_debug_check_breakpoint(CPUState *cs) 3171 { 3172 #if defined(TARGET_PPC64) 3173 CPUPPCState *env = cpu_env(cs); 3174 3175 if (env->insns_flags2 & PPC2_ISA207S) { 3176 target_ulong priv; 3177 3178 priv = env->spr[SPR_CIABR] & PPC_BITMASK(62, 63); 3179 switch (priv) { 3180 case 0x1: /* problem */ 3181 return env->msr & ((target_ulong)1 << MSR_PR); 3182 case 0x2: /* supervisor */ 3183 return (!(env->msr & ((target_ulong)1 << MSR_PR)) && 3184 !(env->msr & ((target_ulong)1 << MSR_HV))); 3185 case 0x3: /* hypervisor */ 3186 return (!(env->msr & ((target_ulong)1 << MSR_PR)) && 3187 (env->msr & ((target_ulong)1 << MSR_HV))); 3188 default: 3189 g_assert_not_reached(); 3190 } 3191 } 3192 #endif 3193 3194 return false; 3195 } 3196 3197 bool ppc_cpu_debug_check_watchpoint(CPUState *cs, CPUWatchpoint *wp) 3198 { 3199 #if defined(TARGET_PPC64) 3200 CPUPPCState *env = cpu_env(cs); 3201 3202 if (env->insns_flags2 & PPC2_ISA207S) { 3203 if (wp == env->dawr0_watchpoint) { 3204 uint32_t dawrx = env->spr[SPR_DAWRX0]; 3205 bool wt = extract32(dawrx, PPC_BIT_NR(59), 1); 3206 bool wti = extract32(dawrx, PPC_BIT_NR(60), 1); 3207 bool hv = extract32(dawrx, PPC_BIT_NR(61), 1); 3208 bool sv = extract32(dawrx, PPC_BIT_NR(62), 1); 3209 bool pr = extract32(dawrx, PPC_BIT_NR(62), 1); 3210 3211 if ((env->msr & ((target_ulong)1 << MSR_PR)) && !pr) { 3212 return false; 3213 } else if ((env->msr & ((target_ulong)1 << MSR_HV)) && !hv) { 3214 return false; 3215 } else if (!sv) { 3216 return false; 3217 } 3218 3219 if (!wti) { 3220 if (env->msr & ((target_ulong)1 << MSR_DR)) { 3221 if (!wt) { 3222 return false; 3223 } 3224 } else { 3225 if (wt) { 3226 return false; 3227 } 3228 } 3229 } 3230 3231 return true; 3232 } 3233 } 3234 #endif 3235 3236 return false; 3237 } 3238 3239 #endif /* !CONFIG_USER_ONLY */ 3240 #endif /* CONFIG_TCG */ 3241