1 /* 2 * PowerPC exception emulation helpers for QEMU. 3 * 4 * Copyright (c) 2003-2007 Jocelyn Mayer 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2.1 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 18 */ 19 #include "qemu/osdep.h" 20 #include "qemu/main-loop.h" 21 #include "qemu/log.h" 22 #include "cpu.h" 23 #include "exec/exec-all.h" 24 #include "internal.h" 25 #include "helper_regs.h" 26 #include "hw/ppc/ppc.h" 27 28 #include "trace.h" 29 30 #ifdef CONFIG_TCG 31 #include "exec/helper-proto.h" 32 #include "exec/cpu_ldst.h" 33 #endif 34 35 /*****************************************************************************/ 36 /* Exception processing */ 37 #if !defined(CONFIG_USER_ONLY) 38 39 static const char *powerpc_excp_name(int excp) 40 { 41 switch (excp) { 42 case POWERPC_EXCP_CRITICAL: return "CRITICAL"; 43 case POWERPC_EXCP_MCHECK: return "MCHECK"; 44 case POWERPC_EXCP_DSI: return "DSI"; 45 case POWERPC_EXCP_ISI: return "ISI"; 46 case POWERPC_EXCP_EXTERNAL: return "EXTERNAL"; 47 case POWERPC_EXCP_ALIGN: return "ALIGN"; 48 case POWERPC_EXCP_PROGRAM: return "PROGRAM"; 49 case POWERPC_EXCP_FPU: return "FPU"; 50 case POWERPC_EXCP_SYSCALL: return "SYSCALL"; 51 case POWERPC_EXCP_APU: return "APU"; 52 case POWERPC_EXCP_DECR: return "DECR"; 53 case POWERPC_EXCP_FIT: return "FIT"; 54 case POWERPC_EXCP_WDT: return "WDT"; 55 case POWERPC_EXCP_DTLB: return "DTLB"; 56 case POWERPC_EXCP_ITLB: return "ITLB"; 57 case POWERPC_EXCP_DEBUG: return "DEBUG"; 58 case POWERPC_EXCP_SPEU: return "SPEU"; 59 case POWERPC_EXCP_EFPDI: return "EFPDI"; 60 case POWERPC_EXCP_EFPRI: return "EFPRI"; 61 case POWERPC_EXCP_EPERFM: return "EPERFM"; 62 case POWERPC_EXCP_DOORI: return "DOORI"; 63 case POWERPC_EXCP_DOORCI: return "DOORCI"; 64 case POWERPC_EXCP_GDOORI: return "GDOORI"; 65 case POWERPC_EXCP_GDOORCI: return "GDOORCI"; 66 case POWERPC_EXCP_HYPPRIV: return "HYPPRIV"; 67 case POWERPC_EXCP_RESET: return "RESET"; 68 case POWERPC_EXCP_DSEG: return "DSEG"; 69 case POWERPC_EXCP_ISEG: return "ISEG"; 70 case POWERPC_EXCP_HDECR: return "HDECR"; 71 case POWERPC_EXCP_TRACE: return "TRACE"; 72 case POWERPC_EXCP_HDSI: return "HDSI"; 73 case POWERPC_EXCP_HISI: return "HISI"; 74 case POWERPC_EXCP_HDSEG: return "HDSEG"; 75 case POWERPC_EXCP_HISEG: return "HISEG"; 76 case POWERPC_EXCP_VPU: return "VPU"; 77 case POWERPC_EXCP_PIT: return "PIT"; 78 case POWERPC_EXCP_EMUL: return "EMUL"; 79 case POWERPC_EXCP_IFTLB: return "IFTLB"; 80 case POWERPC_EXCP_DLTLB: return "DLTLB"; 81 case POWERPC_EXCP_DSTLB: return "DSTLB"; 82 case POWERPC_EXCP_FPA: return "FPA"; 83 case POWERPC_EXCP_DABR: return "DABR"; 84 case POWERPC_EXCP_IABR: return "IABR"; 85 case POWERPC_EXCP_SMI: return "SMI"; 86 case POWERPC_EXCP_PERFM: return "PERFM"; 87 case POWERPC_EXCP_THERM: return "THERM"; 88 case POWERPC_EXCP_VPUA: return "VPUA"; 89 case POWERPC_EXCP_SOFTP: return "SOFTP"; 90 case POWERPC_EXCP_MAINT: return "MAINT"; 91 case POWERPC_EXCP_MEXTBR: return "MEXTBR"; 92 case POWERPC_EXCP_NMEXTBR: return "NMEXTBR"; 93 case POWERPC_EXCP_ITLBE: return "ITLBE"; 94 case POWERPC_EXCP_DTLBE: return "DTLBE"; 95 case POWERPC_EXCP_VSXU: return "VSXU"; 96 case POWERPC_EXCP_FU: return "FU"; 97 case POWERPC_EXCP_HV_EMU: return "HV_EMU"; 98 case POWERPC_EXCP_HV_MAINT: return "HV_MAINT"; 99 case POWERPC_EXCP_HV_FU: return "HV_FU"; 100 case POWERPC_EXCP_SDOOR: return "SDOOR"; 101 case POWERPC_EXCP_SDOOR_HV: return "SDOOR_HV"; 102 case POWERPC_EXCP_HVIRT: return "HVIRT"; 103 case POWERPC_EXCP_SYSCALL_VECTORED: return "SYSCALL_VECTORED"; 104 default: 105 g_assert_not_reached(); 106 } 107 } 108 109 static void dump_syscall(CPUPPCState *env) 110 { 111 qemu_log_mask(CPU_LOG_INT, "syscall r0=%016" PRIx64 112 " r3=%016" PRIx64 " r4=%016" PRIx64 " r5=%016" PRIx64 113 " r6=%016" PRIx64 " r7=%016" PRIx64 " r8=%016" PRIx64 114 " nip=" TARGET_FMT_lx "\n", 115 ppc_dump_gpr(env, 0), ppc_dump_gpr(env, 3), 116 ppc_dump_gpr(env, 4), ppc_dump_gpr(env, 5), 117 ppc_dump_gpr(env, 6), ppc_dump_gpr(env, 7), 118 ppc_dump_gpr(env, 8), env->nip); 119 } 120 121 static void dump_hcall(CPUPPCState *env) 122 { 123 qemu_log_mask(CPU_LOG_INT, "hypercall r3=%016" PRIx64 124 " r4=%016" PRIx64 " r5=%016" PRIx64 " r6=%016" PRIx64 125 " r7=%016" PRIx64 " r8=%016" PRIx64 " r9=%016" PRIx64 126 " r10=%016" PRIx64 " r11=%016" PRIx64 " r12=%016" PRIx64 127 " nip=" TARGET_FMT_lx "\n", 128 ppc_dump_gpr(env, 3), ppc_dump_gpr(env, 4), 129 ppc_dump_gpr(env, 5), ppc_dump_gpr(env, 6), 130 ppc_dump_gpr(env, 7), ppc_dump_gpr(env, 8), 131 ppc_dump_gpr(env, 9), ppc_dump_gpr(env, 10), 132 ppc_dump_gpr(env, 11), ppc_dump_gpr(env, 12), 133 env->nip); 134 } 135 136 static void ppc_excp_debug_sw_tlb(CPUPPCState *env, int excp) 137 { 138 const char *es; 139 target_ulong *miss, *cmp; 140 int en; 141 142 if (!qemu_loglevel_mask(CPU_LOG_MMU)) { 143 return; 144 } 145 146 if (excp == POWERPC_EXCP_IFTLB) { 147 es = "I"; 148 en = 'I'; 149 miss = &env->spr[SPR_IMISS]; 150 cmp = &env->spr[SPR_ICMP]; 151 } else { 152 if (excp == POWERPC_EXCP_DLTLB) { 153 es = "DL"; 154 } else { 155 es = "DS"; 156 } 157 en = 'D'; 158 miss = &env->spr[SPR_DMISS]; 159 cmp = &env->spr[SPR_DCMP]; 160 } 161 qemu_log("6xx %sTLB miss: %cM " TARGET_FMT_lx " %cC " 162 TARGET_FMT_lx " H1 " TARGET_FMT_lx " H2 " 163 TARGET_FMT_lx " %08x\n", es, en, *miss, en, *cmp, 164 env->spr[SPR_HASH1], env->spr[SPR_HASH2], 165 env->error_code); 166 } 167 168 #if defined(TARGET_PPC64) 169 static int powerpc_reset_wakeup(CPUState *cs, CPUPPCState *env, int excp, 170 target_ulong *msr) 171 { 172 /* We no longer are in a PM state */ 173 env->resume_as_sreset = false; 174 175 /* Pretend to be returning from doze always as we don't lose state */ 176 *msr |= SRR1_WS_NOLOSS; 177 178 /* Machine checks are sent normally */ 179 if (excp == POWERPC_EXCP_MCHECK) { 180 return excp; 181 } 182 switch (excp) { 183 case POWERPC_EXCP_RESET: 184 *msr |= SRR1_WAKERESET; 185 break; 186 case POWERPC_EXCP_EXTERNAL: 187 *msr |= SRR1_WAKEEE; 188 break; 189 case POWERPC_EXCP_DECR: 190 *msr |= SRR1_WAKEDEC; 191 break; 192 case POWERPC_EXCP_SDOOR: 193 *msr |= SRR1_WAKEDBELL; 194 break; 195 case POWERPC_EXCP_SDOOR_HV: 196 *msr |= SRR1_WAKEHDBELL; 197 break; 198 case POWERPC_EXCP_HV_MAINT: 199 *msr |= SRR1_WAKEHMI; 200 break; 201 case POWERPC_EXCP_HVIRT: 202 *msr |= SRR1_WAKEHVI; 203 break; 204 default: 205 cpu_abort(cs, "Unsupported exception %d in Power Save mode\n", 206 excp); 207 } 208 return POWERPC_EXCP_RESET; 209 } 210 211 /* 212 * AIL - Alternate Interrupt Location, a mode that allows interrupts to be 213 * taken with the MMU on, and which uses an alternate location (e.g., so the 214 * kernel/hv can map the vectors there with an effective address). 215 * 216 * An interrupt is considered to be taken "with AIL" or "AIL applies" if they 217 * are delivered in this way. AIL requires the LPCR to be set to enable this 218 * mode, and then a number of conditions have to be true for AIL to apply. 219 * 220 * First of all, SRESET, MCE, and HMI are always delivered without AIL, because 221 * they specifically want to be in real mode (e.g., the MCE might be signaling 222 * a SLB multi-hit which requires SLB flush before the MMU can be enabled). 223 * 224 * After that, behaviour depends on the current MSR[IR], MSR[DR], MSR[HV], 225 * whether or not the interrupt changes MSR[HV] from 0 to 1, and the current 226 * radix mode (LPCR[HR]). 227 * 228 * POWER8, POWER9 with LPCR[HR]=0 229 * | LPCR[AIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 230 * +-----------+-------------+---------+-------------+-----+ 231 * | a | 00/01/10 | x | x | 0 | 232 * | a | 11 | 0 | 1 | 0 | 233 * | a | 11 | 1 | 1 | a | 234 * | a | 11 | 0 | 0 | a | 235 * +-------------------------------------------------------+ 236 * 237 * POWER9 with LPCR[HR]=1 238 * | LPCR[AIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 239 * +-----------+-------------+---------+-------------+-----+ 240 * | a | 00/01/10 | x | x | 0 | 241 * | a | 11 | x | x | a | 242 * +-------------------------------------------------------+ 243 * 244 * The difference with POWER9 being that MSR[HV] 0->1 interrupts can be sent to 245 * the hypervisor in AIL mode if the guest is radix. This is good for 246 * performance but allows the guest to influence the AIL of hypervisor 247 * interrupts using its MSR, and also the hypervisor must disallow guest 248 * interrupts (MSR[HV] 0->0) from using AIL if the hypervisor does not want to 249 * use AIL for its MSR[HV] 0->1 interrupts. 250 * 251 * POWER10 addresses those issues with a new LPCR[HAIL] bit that is applied to 252 * interrupts that begin execution with MSR[HV]=1 (so both MSR[HV] 0->1 and 253 * MSR[HV] 1->1). 254 * 255 * HAIL=1 is equivalent to AIL=3, for interrupts delivered with MSR[HV]=1. 256 * 257 * POWER10 behaviour is 258 * | LPCR[AIL] | LPCR[HAIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 259 * +-----------+------------+-------------+---------+-------------+-----+ 260 * | a | h | 00/01/10 | 0 | 0 | 0 | 261 * | a | h | 11 | 0 | 0 | a | 262 * | a | h | x | 0 | 1 | h | 263 * | a | h | 00/01/10 | 1 | 1 | 0 | 264 * | a | h | 11 | 1 | 1 | h | 265 * +--------------------------------------------------------------------+ 266 */ 267 static void ppc_excp_apply_ail(PowerPCCPU *cpu, int excp, target_ulong msr, 268 target_ulong *new_msr, target_ulong *vector) 269 { 270 PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cpu); 271 CPUPPCState *env = &cpu->env; 272 bool mmu_all_on = ((msr >> MSR_IR) & 1) && ((msr >> MSR_DR) & 1); 273 bool hv_escalation = !(msr & MSR_HVB) && (*new_msr & MSR_HVB); 274 int ail = 0; 275 276 if (excp == POWERPC_EXCP_MCHECK || 277 excp == POWERPC_EXCP_RESET || 278 excp == POWERPC_EXCP_HV_MAINT) { 279 /* SRESET, MCE, HMI never apply AIL */ 280 return; 281 } 282 283 if (!(pcc->lpcr_mask & LPCR_AIL)) { 284 /* This CPU does not have AIL */ 285 return; 286 } 287 288 /* P8 & P9 */ 289 if (!(pcc->lpcr_mask & LPCR_HAIL)) { 290 if (!mmu_all_on) { 291 /* AIL only works if MSR[IR] and MSR[DR] are both enabled. */ 292 return; 293 } 294 if (hv_escalation && !(env->spr[SPR_LPCR] & LPCR_HR)) { 295 /* 296 * AIL does not work if there is a MSR[HV] 0->1 transition and the 297 * partition is in HPT mode. For radix guests, such interrupts are 298 * allowed to be delivered to the hypervisor in ail mode. 299 */ 300 return; 301 } 302 303 ail = (env->spr[SPR_LPCR] & LPCR_AIL) >> LPCR_AIL_SHIFT; 304 if (ail == 0) { 305 return; 306 } 307 if (ail == 1) { 308 /* AIL=1 is reserved, treat it like AIL=0 */ 309 return; 310 } 311 312 /* P10 and up */ 313 } else { 314 if (!mmu_all_on && !hv_escalation) { 315 /* 316 * AIL works for HV interrupts even with guest MSR[IR/DR] disabled. 317 * Guest->guest and HV->HV interrupts do require MMU on. 318 */ 319 return; 320 } 321 322 if (*new_msr & MSR_HVB) { 323 if (!(env->spr[SPR_LPCR] & LPCR_HAIL)) { 324 /* HV interrupts depend on LPCR[HAIL] */ 325 return; 326 } 327 ail = 3; /* HAIL=1 gives AIL=3 behaviour for HV interrupts */ 328 } else { 329 ail = (env->spr[SPR_LPCR] & LPCR_AIL) >> LPCR_AIL_SHIFT; 330 } 331 if (ail == 0) { 332 return; 333 } 334 if (ail == 1 || ail == 2) { 335 /* AIL=1 and AIL=2 are reserved, treat them like AIL=0 */ 336 return; 337 } 338 } 339 340 /* 341 * AIL applies, so the new MSR gets IR and DR set, and an offset applied 342 * to the new IP. 343 */ 344 *new_msr |= (1 << MSR_IR) | (1 << MSR_DR); 345 346 if (excp != POWERPC_EXCP_SYSCALL_VECTORED) { 347 if (ail == 2) { 348 *vector |= 0x0000000000018000ull; 349 } else if (ail == 3) { 350 *vector |= 0xc000000000004000ull; 351 } 352 } else { 353 /* 354 * scv AIL is a little different. AIL=2 does not change the address, 355 * only the MSR. AIL=3 replaces the 0x17000 base with 0xc...3000. 356 */ 357 if (ail == 3) { 358 *vector &= ~0x0000000000017000ull; /* Un-apply the base offset */ 359 *vector |= 0xc000000000003000ull; /* Apply scv's AIL=3 offset */ 360 } 361 } 362 } 363 #endif 364 365 static void powerpc_reset_excp_state(PowerPCCPU *cpu) 366 { 367 CPUState *cs = CPU(cpu); 368 CPUPPCState *env = &cpu->env; 369 370 /* Reset exception state */ 371 cs->exception_index = POWERPC_EXCP_NONE; 372 env->error_code = 0; 373 } 374 375 static void powerpc_set_excp_state(PowerPCCPU *cpu, target_ulong vector, 376 target_ulong msr) 377 { 378 CPUPPCState *env = &cpu->env; 379 380 assert((msr & env->msr_mask) == msr); 381 382 /* 383 * We don't use hreg_store_msr here as already have treated any 384 * special case that could occur. Just store MSR and update hflags 385 * 386 * Note: We *MUST* not use hreg_store_msr() as-is anyway because it 387 * will prevent setting of the HV bit which some exceptions might need 388 * to do. 389 */ 390 env->nip = vector; 391 env->msr = msr; 392 hreg_compute_hflags(env); 393 ppc_maybe_interrupt(env); 394 395 powerpc_reset_excp_state(cpu); 396 397 /* 398 * Any interrupt is context synchronizing, check if TCG TLB needs 399 * a delayed flush on ppc64 400 */ 401 check_tlb_flush(env, false); 402 403 /* Reset the reservation */ 404 env->reserve_addr = -1; 405 } 406 407 static void powerpc_excp_40x(PowerPCCPU *cpu, int excp) 408 { 409 CPUState *cs = CPU(cpu); 410 CPUPPCState *env = &cpu->env; 411 target_ulong msr, new_msr, vector; 412 int srr0, srr1; 413 414 /* new srr1 value excluding must-be-zero bits */ 415 msr = env->msr & ~0x783f0000ULL; 416 417 /* 418 * new interrupt handler msr preserves existing ME unless 419 * explicitly overriden. 420 */ 421 new_msr = env->msr & (((target_ulong)1 << MSR_ME)); 422 423 /* target registers */ 424 srr0 = SPR_SRR0; 425 srr1 = SPR_SRR1; 426 427 /* 428 * Hypervisor emulation assistance interrupt only exists on server 429 * arch 2.05 server or later. 430 */ 431 if (excp == POWERPC_EXCP_HV_EMU) { 432 excp = POWERPC_EXCP_PROGRAM; 433 } 434 435 vector = env->excp_vectors[excp]; 436 if (vector == (target_ulong)-1ULL) { 437 cpu_abort(cs, "Raised an exception without defined vector %d\n", 438 excp); 439 } 440 441 vector |= env->excp_prefix; 442 443 switch (excp) { 444 case POWERPC_EXCP_CRITICAL: /* Critical input */ 445 srr0 = SPR_40x_SRR2; 446 srr1 = SPR_40x_SRR3; 447 break; 448 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 449 if (!FIELD_EX64(env->msr, MSR, ME)) { 450 /* 451 * Machine check exception is not enabled. Enter 452 * checkstop state. 453 */ 454 fprintf(stderr, "Machine check while not allowed. " 455 "Entering checkstop state\n"); 456 if (qemu_log_separate()) { 457 qemu_log("Machine check while not allowed. " 458 "Entering checkstop state\n"); 459 } 460 cs->halted = 1; 461 cpu_interrupt_exittb(cs); 462 } 463 464 /* machine check exceptions don't have ME set */ 465 new_msr &= ~((target_ulong)1 << MSR_ME); 466 467 srr0 = SPR_40x_SRR2; 468 srr1 = SPR_40x_SRR3; 469 break; 470 case POWERPC_EXCP_DSI: /* Data storage exception */ 471 trace_ppc_excp_dsi(env->spr[SPR_40x_ESR], env->spr[SPR_40x_DEAR]); 472 break; 473 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 474 trace_ppc_excp_isi(msr, env->nip); 475 break; 476 case POWERPC_EXCP_EXTERNAL: /* External input */ 477 break; 478 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 479 break; 480 case POWERPC_EXCP_PROGRAM: /* Program exception */ 481 switch (env->error_code & ~0xF) { 482 case POWERPC_EXCP_FP: 483 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 484 trace_ppc_excp_fp_ignore(); 485 powerpc_reset_excp_state(cpu); 486 return; 487 } 488 env->spr[SPR_40x_ESR] = ESR_FP; 489 break; 490 case POWERPC_EXCP_INVAL: 491 trace_ppc_excp_inval(env->nip); 492 env->spr[SPR_40x_ESR] = ESR_PIL; 493 break; 494 case POWERPC_EXCP_PRIV: 495 env->spr[SPR_40x_ESR] = ESR_PPR; 496 break; 497 case POWERPC_EXCP_TRAP: 498 env->spr[SPR_40x_ESR] = ESR_PTR; 499 break; 500 default: 501 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 502 env->error_code); 503 break; 504 } 505 break; 506 case POWERPC_EXCP_SYSCALL: /* System call exception */ 507 dump_syscall(env); 508 509 /* 510 * We need to correct the NIP which in this case is supposed 511 * to point to the next instruction 512 */ 513 env->nip += 4; 514 break; 515 case POWERPC_EXCP_FIT: /* Fixed-interval timer interrupt */ 516 trace_ppc_excp_print("FIT"); 517 break; 518 case POWERPC_EXCP_WDT: /* Watchdog timer interrupt */ 519 trace_ppc_excp_print("WDT"); 520 break; 521 case POWERPC_EXCP_DTLB: /* Data TLB error */ 522 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 523 break; 524 case POWERPC_EXCP_PIT: /* Programmable interval timer interrupt */ 525 trace_ppc_excp_print("PIT"); 526 break; 527 case POWERPC_EXCP_DEBUG: /* Debug interrupt */ 528 cpu_abort(cs, "%s exception not implemented\n", 529 powerpc_excp_name(excp)); 530 break; 531 default: 532 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 533 break; 534 } 535 536 /* Save PC */ 537 env->spr[srr0] = env->nip; 538 539 /* Save MSR */ 540 env->spr[srr1] = msr; 541 542 powerpc_set_excp_state(cpu, vector, new_msr); 543 } 544 545 static void powerpc_excp_6xx(PowerPCCPU *cpu, int excp) 546 { 547 CPUState *cs = CPU(cpu); 548 CPUPPCState *env = &cpu->env; 549 target_ulong msr, new_msr, vector; 550 551 /* new srr1 value excluding must-be-zero bits */ 552 msr = env->msr & ~0x783f0000ULL; 553 554 /* 555 * new interrupt handler msr preserves existing ME unless 556 * explicitly overriden 557 */ 558 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 559 560 /* 561 * Hypervisor emulation assistance interrupt only exists on server 562 * arch 2.05 server or later. 563 */ 564 if (excp == POWERPC_EXCP_HV_EMU) { 565 excp = POWERPC_EXCP_PROGRAM; 566 } 567 568 vector = env->excp_vectors[excp]; 569 if (vector == (target_ulong)-1ULL) { 570 cpu_abort(cs, "Raised an exception without defined vector %d\n", 571 excp); 572 } 573 574 vector |= env->excp_prefix; 575 576 switch (excp) { 577 case POWERPC_EXCP_CRITICAL: /* Critical input */ 578 break; 579 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 580 if (!FIELD_EX64(env->msr, MSR, ME)) { 581 /* 582 * Machine check exception is not enabled. Enter 583 * checkstop state. 584 */ 585 fprintf(stderr, "Machine check while not allowed. " 586 "Entering checkstop state\n"); 587 if (qemu_log_separate()) { 588 qemu_log("Machine check while not allowed. " 589 "Entering checkstop state\n"); 590 } 591 cs->halted = 1; 592 cpu_interrupt_exittb(cs); 593 } 594 595 /* machine check exceptions don't have ME set */ 596 new_msr &= ~((target_ulong)1 << MSR_ME); 597 598 break; 599 case POWERPC_EXCP_DSI: /* Data storage exception */ 600 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 601 break; 602 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 603 trace_ppc_excp_isi(msr, env->nip); 604 msr |= env->error_code; 605 break; 606 case POWERPC_EXCP_EXTERNAL: /* External input */ 607 break; 608 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 609 /* Get rS/rD and rA from faulting opcode */ 610 /* 611 * Note: the opcode fields will not be set properly for a 612 * direct store load/store, but nobody cares as nobody 613 * actually uses direct store segments. 614 */ 615 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 616 break; 617 case POWERPC_EXCP_PROGRAM: /* Program exception */ 618 switch (env->error_code & ~0xF) { 619 case POWERPC_EXCP_FP: 620 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 621 trace_ppc_excp_fp_ignore(); 622 powerpc_reset_excp_state(cpu); 623 return; 624 } 625 626 /* 627 * FP exceptions always have NIP pointing to the faulting 628 * instruction, so always use store_next and claim we are 629 * precise in the MSR. 630 */ 631 msr |= 0x00100000; 632 break; 633 case POWERPC_EXCP_INVAL: 634 trace_ppc_excp_inval(env->nip); 635 msr |= 0x00080000; 636 break; 637 case POWERPC_EXCP_PRIV: 638 msr |= 0x00040000; 639 break; 640 case POWERPC_EXCP_TRAP: 641 msr |= 0x00020000; 642 break; 643 default: 644 /* Should never occur */ 645 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 646 env->error_code); 647 break; 648 } 649 break; 650 case POWERPC_EXCP_SYSCALL: /* System call exception */ 651 dump_syscall(env); 652 653 /* 654 * We need to correct the NIP which in this case is supposed 655 * to point to the next instruction 656 */ 657 env->nip += 4; 658 break; 659 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 660 case POWERPC_EXCP_DECR: /* Decrementer exception */ 661 break; 662 case POWERPC_EXCP_DTLB: /* Data TLB error */ 663 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 664 break; 665 case POWERPC_EXCP_RESET: /* System reset exception */ 666 if (FIELD_EX64(env->msr, MSR, POW)) { 667 cpu_abort(cs, "Trying to deliver power-saving system reset " 668 "exception %d with no HV support\n", excp); 669 } 670 break; 671 case POWERPC_EXCP_TRACE: /* Trace exception */ 672 break; 673 case POWERPC_EXCP_IFTLB: /* Instruction fetch TLB error */ 674 case POWERPC_EXCP_DLTLB: /* Data load TLB miss */ 675 case POWERPC_EXCP_DSTLB: /* Data store TLB miss */ 676 /* Swap temporary saved registers with GPRs */ 677 if (!(new_msr & ((target_ulong)1 << MSR_TGPR))) { 678 new_msr |= (target_ulong)1 << MSR_TGPR; 679 hreg_swap_gpr_tgpr(env); 680 } 681 682 ppc_excp_debug_sw_tlb(env, excp); 683 684 msr |= env->crf[0] << 28; 685 msr |= env->error_code; /* key, D/I, S/L bits */ 686 /* Set way using a LRU mechanism */ 687 msr |= ((env->last_way + 1) & (env->nb_ways - 1)) << 17; 688 break; 689 case POWERPC_EXCP_FPA: /* Floating-point assist exception */ 690 case POWERPC_EXCP_DABR: /* Data address breakpoint */ 691 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 692 case POWERPC_EXCP_SMI: /* System management interrupt */ 693 case POWERPC_EXCP_MEXTBR: /* Maskable external breakpoint */ 694 case POWERPC_EXCP_NMEXTBR: /* Non maskable external breakpoint */ 695 cpu_abort(cs, "%s exception not implemented\n", 696 powerpc_excp_name(excp)); 697 break; 698 default: 699 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 700 break; 701 } 702 703 /* 704 * Sort out endianness of interrupt, this differs depending on the 705 * CPU, the HV mode, etc... 706 */ 707 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 708 new_msr |= (target_ulong)1 << MSR_LE; 709 } 710 711 /* Save PC */ 712 env->spr[SPR_SRR0] = env->nip; 713 714 /* Save MSR */ 715 env->spr[SPR_SRR1] = msr; 716 717 powerpc_set_excp_state(cpu, vector, new_msr); 718 } 719 720 static void powerpc_excp_7xx(PowerPCCPU *cpu, int excp) 721 { 722 CPUState *cs = CPU(cpu); 723 CPUPPCState *env = &cpu->env; 724 target_ulong msr, new_msr, vector; 725 726 /* new srr1 value excluding must-be-zero bits */ 727 msr = env->msr & ~0x783f0000ULL; 728 729 /* 730 * new interrupt handler msr preserves existing ME unless 731 * explicitly overriden 732 */ 733 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 734 735 /* 736 * Hypervisor emulation assistance interrupt only exists on server 737 * arch 2.05 server or later. 738 */ 739 if (excp == POWERPC_EXCP_HV_EMU) { 740 excp = POWERPC_EXCP_PROGRAM; 741 } 742 743 vector = env->excp_vectors[excp]; 744 if (vector == (target_ulong)-1ULL) { 745 cpu_abort(cs, "Raised an exception without defined vector %d\n", 746 excp); 747 } 748 749 vector |= env->excp_prefix; 750 751 switch (excp) { 752 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 753 if (!FIELD_EX64(env->msr, MSR, ME)) { 754 /* 755 * Machine check exception is not enabled. Enter 756 * checkstop state. 757 */ 758 fprintf(stderr, "Machine check while not allowed. " 759 "Entering checkstop state\n"); 760 if (qemu_log_separate()) { 761 qemu_log("Machine check while not allowed. " 762 "Entering checkstop state\n"); 763 } 764 cs->halted = 1; 765 cpu_interrupt_exittb(cs); 766 } 767 768 /* machine check exceptions don't have ME set */ 769 new_msr &= ~((target_ulong)1 << MSR_ME); 770 771 break; 772 case POWERPC_EXCP_DSI: /* Data storage exception */ 773 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 774 break; 775 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 776 trace_ppc_excp_isi(msr, env->nip); 777 msr |= env->error_code; 778 break; 779 case POWERPC_EXCP_EXTERNAL: /* External input */ 780 break; 781 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 782 /* Get rS/rD and rA from faulting opcode */ 783 /* 784 * Note: the opcode fields will not be set properly for a 785 * direct store load/store, but nobody cares as nobody 786 * actually uses direct store segments. 787 */ 788 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 789 break; 790 case POWERPC_EXCP_PROGRAM: /* Program exception */ 791 switch (env->error_code & ~0xF) { 792 case POWERPC_EXCP_FP: 793 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 794 trace_ppc_excp_fp_ignore(); 795 powerpc_reset_excp_state(cpu); 796 return; 797 } 798 799 /* 800 * FP exceptions always have NIP pointing to the faulting 801 * instruction, so always use store_next and claim we are 802 * precise in the MSR. 803 */ 804 msr |= 0x00100000; 805 break; 806 case POWERPC_EXCP_INVAL: 807 trace_ppc_excp_inval(env->nip); 808 msr |= 0x00080000; 809 break; 810 case POWERPC_EXCP_PRIV: 811 msr |= 0x00040000; 812 break; 813 case POWERPC_EXCP_TRAP: 814 msr |= 0x00020000; 815 break; 816 default: 817 /* Should never occur */ 818 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 819 env->error_code); 820 break; 821 } 822 break; 823 case POWERPC_EXCP_SYSCALL: /* System call exception */ 824 { 825 int lev = env->error_code; 826 827 if (lev == 1 && cpu->vhyp) { 828 dump_hcall(env); 829 } else { 830 dump_syscall(env); 831 } 832 833 /* 834 * We need to correct the NIP which in this case is supposed 835 * to point to the next instruction 836 */ 837 env->nip += 4; 838 839 /* 840 * The Virtual Open Firmware (VOF) relies on the 'sc 1' 841 * instruction to communicate with QEMU. The pegasos2 machine 842 * uses VOF and the 7xx CPUs, so although the 7xx don't have 843 * HV mode, we need to keep hypercall support. 844 */ 845 if (lev == 1 && cpu->vhyp) { 846 PPCVirtualHypervisorClass *vhc = 847 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 848 vhc->hypercall(cpu->vhyp, cpu); 849 return; 850 } 851 852 break; 853 } 854 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 855 case POWERPC_EXCP_DECR: /* Decrementer exception */ 856 break; 857 case POWERPC_EXCP_RESET: /* System reset exception */ 858 if (FIELD_EX64(env->msr, MSR, POW)) { 859 cpu_abort(cs, "Trying to deliver power-saving system reset " 860 "exception %d with no HV support\n", excp); 861 } 862 break; 863 case POWERPC_EXCP_TRACE: /* Trace exception */ 864 break; 865 case POWERPC_EXCP_IFTLB: /* Instruction fetch TLB error */ 866 case POWERPC_EXCP_DLTLB: /* Data load TLB miss */ 867 case POWERPC_EXCP_DSTLB: /* Data store TLB miss */ 868 ppc_excp_debug_sw_tlb(env, excp); 869 870 msr |= env->crf[0] << 28; 871 msr |= env->error_code; /* key, D/I, S/L bits */ 872 /* Set way using a LRU mechanism */ 873 msr |= ((env->last_way + 1) & (env->nb_ways - 1)) << 17; 874 875 break; 876 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 877 case POWERPC_EXCP_SMI: /* System management interrupt */ 878 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 879 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 880 cpu_abort(cs, "%s exception not implemented\n", 881 powerpc_excp_name(excp)); 882 break; 883 default: 884 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 885 break; 886 } 887 888 /* 889 * Sort out endianness of interrupt, this differs depending on the 890 * CPU, the HV mode, etc... 891 */ 892 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 893 new_msr |= (target_ulong)1 << MSR_LE; 894 } 895 896 /* Save PC */ 897 env->spr[SPR_SRR0] = env->nip; 898 899 /* Save MSR */ 900 env->spr[SPR_SRR1] = msr; 901 902 powerpc_set_excp_state(cpu, vector, new_msr); 903 } 904 905 static void powerpc_excp_74xx(PowerPCCPU *cpu, int excp) 906 { 907 CPUState *cs = CPU(cpu); 908 CPUPPCState *env = &cpu->env; 909 target_ulong msr, new_msr, vector; 910 911 /* new srr1 value excluding must-be-zero bits */ 912 msr = env->msr & ~0x783f0000ULL; 913 914 /* 915 * new interrupt handler msr preserves existing ME unless 916 * explicitly overriden 917 */ 918 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 919 920 /* 921 * Hypervisor emulation assistance interrupt only exists on server 922 * arch 2.05 server or later. 923 */ 924 if (excp == POWERPC_EXCP_HV_EMU) { 925 excp = POWERPC_EXCP_PROGRAM; 926 } 927 928 vector = env->excp_vectors[excp]; 929 if (vector == (target_ulong)-1ULL) { 930 cpu_abort(cs, "Raised an exception without defined vector %d\n", 931 excp); 932 } 933 934 vector |= env->excp_prefix; 935 936 switch (excp) { 937 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 938 if (!FIELD_EX64(env->msr, MSR, ME)) { 939 /* 940 * Machine check exception is not enabled. Enter 941 * checkstop state. 942 */ 943 fprintf(stderr, "Machine check while not allowed. " 944 "Entering checkstop state\n"); 945 if (qemu_log_separate()) { 946 qemu_log("Machine check while not allowed. " 947 "Entering checkstop state\n"); 948 } 949 cs->halted = 1; 950 cpu_interrupt_exittb(cs); 951 } 952 953 /* machine check exceptions don't have ME set */ 954 new_msr &= ~((target_ulong)1 << MSR_ME); 955 956 break; 957 case POWERPC_EXCP_DSI: /* Data storage exception */ 958 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 959 break; 960 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 961 trace_ppc_excp_isi(msr, env->nip); 962 msr |= env->error_code; 963 break; 964 case POWERPC_EXCP_EXTERNAL: /* External input */ 965 break; 966 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 967 /* Get rS/rD and rA from faulting opcode */ 968 /* 969 * Note: the opcode fields will not be set properly for a 970 * direct store load/store, but nobody cares as nobody 971 * actually uses direct store segments. 972 */ 973 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 974 break; 975 case POWERPC_EXCP_PROGRAM: /* Program exception */ 976 switch (env->error_code & ~0xF) { 977 case POWERPC_EXCP_FP: 978 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 979 trace_ppc_excp_fp_ignore(); 980 powerpc_reset_excp_state(cpu); 981 return; 982 } 983 984 /* 985 * FP exceptions always have NIP pointing to the faulting 986 * instruction, so always use store_next and claim we are 987 * precise in the MSR. 988 */ 989 msr |= 0x00100000; 990 break; 991 case POWERPC_EXCP_INVAL: 992 trace_ppc_excp_inval(env->nip); 993 msr |= 0x00080000; 994 break; 995 case POWERPC_EXCP_PRIV: 996 msr |= 0x00040000; 997 break; 998 case POWERPC_EXCP_TRAP: 999 msr |= 0x00020000; 1000 break; 1001 default: 1002 /* Should never occur */ 1003 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 1004 env->error_code); 1005 break; 1006 } 1007 break; 1008 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1009 { 1010 int lev = env->error_code; 1011 1012 if ((lev == 1) && cpu->vhyp) { 1013 dump_hcall(env); 1014 } else { 1015 dump_syscall(env); 1016 } 1017 1018 /* 1019 * We need to correct the NIP which in this case is supposed 1020 * to point to the next instruction 1021 */ 1022 env->nip += 4; 1023 1024 /* 1025 * The Virtual Open Firmware (VOF) relies on the 'sc 1' 1026 * instruction to communicate with QEMU. The pegasos2 machine 1027 * uses VOF and the 74xx CPUs, so although the 74xx don't have 1028 * HV mode, we need to keep hypercall support. 1029 */ 1030 if ((lev == 1) && cpu->vhyp) { 1031 PPCVirtualHypervisorClass *vhc = 1032 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 1033 vhc->hypercall(cpu->vhyp, cpu); 1034 return; 1035 } 1036 1037 break; 1038 } 1039 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1040 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1041 break; 1042 case POWERPC_EXCP_RESET: /* System reset exception */ 1043 if (FIELD_EX64(env->msr, MSR, POW)) { 1044 cpu_abort(cs, "Trying to deliver power-saving system reset " 1045 "exception %d with no HV support\n", excp); 1046 } 1047 break; 1048 case POWERPC_EXCP_TRACE: /* Trace exception */ 1049 break; 1050 case POWERPC_EXCP_VPU: /* Vector unavailable exception */ 1051 break; 1052 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 1053 case POWERPC_EXCP_SMI: /* System management interrupt */ 1054 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 1055 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 1056 case POWERPC_EXCP_VPUA: /* Vector assist exception */ 1057 cpu_abort(cs, "%s exception not implemented\n", 1058 powerpc_excp_name(excp)); 1059 break; 1060 default: 1061 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1062 break; 1063 } 1064 1065 /* 1066 * Sort out endianness of interrupt, this differs depending on the 1067 * CPU, the HV mode, etc... 1068 */ 1069 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 1070 new_msr |= (target_ulong)1 << MSR_LE; 1071 } 1072 1073 /* Save PC */ 1074 env->spr[SPR_SRR0] = env->nip; 1075 1076 /* Save MSR */ 1077 env->spr[SPR_SRR1] = msr; 1078 1079 powerpc_set_excp_state(cpu, vector, new_msr); 1080 } 1081 1082 static void powerpc_excp_booke(PowerPCCPU *cpu, int excp) 1083 { 1084 CPUState *cs = CPU(cpu); 1085 CPUPPCState *env = &cpu->env; 1086 target_ulong msr, new_msr, vector; 1087 int srr0, srr1; 1088 1089 msr = env->msr; 1090 1091 /* 1092 * new interrupt handler msr preserves existing ME unless 1093 * explicitly overriden 1094 */ 1095 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 1096 1097 /* target registers */ 1098 srr0 = SPR_SRR0; 1099 srr1 = SPR_SRR1; 1100 1101 /* 1102 * Hypervisor emulation assistance interrupt only exists on server 1103 * arch 2.05 server or later. 1104 */ 1105 if (excp == POWERPC_EXCP_HV_EMU) { 1106 excp = POWERPC_EXCP_PROGRAM; 1107 } 1108 1109 #ifdef TARGET_PPC64 1110 /* 1111 * SPEU and VPU share the same IVOR but they exist in different 1112 * processors. SPEU is e500v1/2 only and VPU is e6500 only. 1113 */ 1114 if (excp == POWERPC_EXCP_VPU) { 1115 excp = POWERPC_EXCP_SPEU; 1116 } 1117 #endif 1118 1119 vector = env->excp_vectors[excp]; 1120 if (vector == (target_ulong)-1ULL) { 1121 cpu_abort(cs, "Raised an exception without defined vector %d\n", 1122 excp); 1123 } 1124 1125 vector |= env->excp_prefix; 1126 1127 switch (excp) { 1128 case POWERPC_EXCP_CRITICAL: /* Critical input */ 1129 srr0 = SPR_BOOKE_CSRR0; 1130 srr1 = SPR_BOOKE_CSRR1; 1131 break; 1132 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 1133 if (!FIELD_EX64(env->msr, MSR, ME)) { 1134 /* 1135 * Machine check exception is not enabled. Enter 1136 * checkstop state. 1137 */ 1138 fprintf(stderr, "Machine check while not allowed. " 1139 "Entering checkstop state\n"); 1140 if (qemu_log_separate()) { 1141 qemu_log("Machine check while not allowed. " 1142 "Entering checkstop state\n"); 1143 } 1144 cs->halted = 1; 1145 cpu_interrupt_exittb(cs); 1146 } 1147 1148 /* machine check exceptions don't have ME set */ 1149 new_msr &= ~((target_ulong)1 << MSR_ME); 1150 1151 /* FIXME: choose one or the other based on CPU type */ 1152 srr0 = SPR_BOOKE_MCSRR0; 1153 srr1 = SPR_BOOKE_MCSRR1; 1154 1155 env->spr[SPR_BOOKE_CSRR0] = env->nip; 1156 env->spr[SPR_BOOKE_CSRR1] = msr; 1157 1158 break; 1159 case POWERPC_EXCP_DSI: /* Data storage exception */ 1160 trace_ppc_excp_dsi(env->spr[SPR_BOOKE_ESR], env->spr[SPR_BOOKE_DEAR]); 1161 break; 1162 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 1163 trace_ppc_excp_isi(msr, env->nip); 1164 break; 1165 case POWERPC_EXCP_EXTERNAL: /* External input */ 1166 if (env->mpic_proxy) { 1167 /* IACK the IRQ on delivery */ 1168 env->spr[SPR_BOOKE_EPR] = ldl_phys(cs->as, env->mpic_iack); 1169 } 1170 break; 1171 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 1172 break; 1173 case POWERPC_EXCP_PROGRAM: /* Program exception */ 1174 switch (env->error_code & ~0xF) { 1175 case POWERPC_EXCP_FP: 1176 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 1177 trace_ppc_excp_fp_ignore(); 1178 powerpc_reset_excp_state(cpu); 1179 return; 1180 } 1181 1182 /* 1183 * FP exceptions always have NIP pointing to the faulting 1184 * instruction, so always use store_next and claim we are 1185 * precise in the MSR. 1186 */ 1187 msr |= 0x00100000; 1188 env->spr[SPR_BOOKE_ESR] = ESR_FP; 1189 break; 1190 case POWERPC_EXCP_INVAL: 1191 trace_ppc_excp_inval(env->nip); 1192 msr |= 0x00080000; 1193 env->spr[SPR_BOOKE_ESR] = ESR_PIL; 1194 break; 1195 case POWERPC_EXCP_PRIV: 1196 msr |= 0x00040000; 1197 env->spr[SPR_BOOKE_ESR] = ESR_PPR; 1198 break; 1199 case POWERPC_EXCP_TRAP: 1200 msr |= 0x00020000; 1201 env->spr[SPR_BOOKE_ESR] = ESR_PTR; 1202 break; 1203 default: 1204 /* Should never occur */ 1205 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 1206 env->error_code); 1207 break; 1208 } 1209 break; 1210 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1211 dump_syscall(env); 1212 1213 /* 1214 * We need to correct the NIP which in this case is supposed 1215 * to point to the next instruction 1216 */ 1217 env->nip += 4; 1218 break; 1219 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1220 case POWERPC_EXCP_APU: /* Auxiliary processor unavailable */ 1221 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1222 break; 1223 case POWERPC_EXCP_FIT: /* Fixed-interval timer interrupt */ 1224 /* FIT on 4xx */ 1225 trace_ppc_excp_print("FIT"); 1226 break; 1227 case POWERPC_EXCP_WDT: /* Watchdog timer interrupt */ 1228 trace_ppc_excp_print("WDT"); 1229 srr0 = SPR_BOOKE_CSRR0; 1230 srr1 = SPR_BOOKE_CSRR1; 1231 break; 1232 case POWERPC_EXCP_DTLB: /* Data TLB error */ 1233 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 1234 break; 1235 case POWERPC_EXCP_DEBUG: /* Debug interrupt */ 1236 if (env->flags & POWERPC_FLAG_DE) { 1237 /* FIXME: choose one or the other based on CPU type */ 1238 srr0 = SPR_BOOKE_DSRR0; 1239 srr1 = SPR_BOOKE_DSRR1; 1240 1241 env->spr[SPR_BOOKE_CSRR0] = env->nip; 1242 env->spr[SPR_BOOKE_CSRR1] = msr; 1243 1244 /* DBSR already modified by caller */ 1245 } else { 1246 cpu_abort(cs, "Debug exception triggered on unsupported model\n"); 1247 } 1248 break; 1249 case POWERPC_EXCP_SPEU: /* SPE/embedded floating-point unavailable/VPU */ 1250 env->spr[SPR_BOOKE_ESR] = ESR_SPV; 1251 break; 1252 case POWERPC_EXCP_DOORI: /* Embedded doorbell interrupt */ 1253 break; 1254 case POWERPC_EXCP_DOORCI: /* Embedded doorbell critical interrupt */ 1255 srr0 = SPR_BOOKE_CSRR0; 1256 srr1 = SPR_BOOKE_CSRR1; 1257 break; 1258 case POWERPC_EXCP_RESET: /* System reset exception */ 1259 if (FIELD_EX64(env->msr, MSR, POW)) { 1260 cpu_abort(cs, "Trying to deliver power-saving system reset " 1261 "exception %d with no HV support\n", excp); 1262 } 1263 break; 1264 case POWERPC_EXCP_EFPDI: /* Embedded floating-point data interrupt */ 1265 case POWERPC_EXCP_EFPRI: /* Embedded floating-point round interrupt */ 1266 cpu_abort(cs, "%s exception not implemented\n", 1267 powerpc_excp_name(excp)); 1268 break; 1269 default: 1270 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1271 break; 1272 } 1273 1274 #if defined(TARGET_PPC64) 1275 if (env->spr[SPR_BOOKE_EPCR] & EPCR_ICM) { 1276 /* Cat.64-bit: EPCR.ICM is copied to MSR.CM */ 1277 new_msr |= (target_ulong)1 << MSR_CM; 1278 } else { 1279 vector = (uint32_t)vector; 1280 } 1281 #endif 1282 1283 /* Save PC */ 1284 env->spr[srr0] = env->nip; 1285 1286 /* Save MSR */ 1287 env->spr[srr1] = msr; 1288 1289 powerpc_set_excp_state(cpu, vector, new_msr); 1290 } 1291 1292 /* 1293 * When running a nested HV guest under vhyp, external interrupts are 1294 * delivered as HVIRT. 1295 */ 1296 static bool books_vhyp_promotes_external_to_hvirt(PowerPCCPU *cpu) 1297 { 1298 if (cpu->vhyp) { 1299 return vhyp_cpu_in_nested(cpu); 1300 } 1301 return false; 1302 } 1303 1304 #ifdef TARGET_PPC64 1305 /* 1306 * When running under vhyp, hcalls are always intercepted and sent to the 1307 * vhc->hypercall handler. 1308 */ 1309 static bool books_vhyp_handles_hcall(PowerPCCPU *cpu) 1310 { 1311 if (cpu->vhyp) { 1312 return !vhyp_cpu_in_nested(cpu); 1313 } 1314 return false; 1315 } 1316 1317 /* 1318 * When running a nested KVM HV guest under vhyp, HV exceptions are not 1319 * delivered to the guest (because there is no concept of HV support), but 1320 * rather they are sent tothe vhyp to exit from the L2 back to the L1 and 1321 * return from the H_ENTER_NESTED hypercall. 1322 */ 1323 static bool books_vhyp_handles_hv_excp(PowerPCCPU *cpu) 1324 { 1325 if (cpu->vhyp) { 1326 return vhyp_cpu_in_nested(cpu); 1327 } 1328 return false; 1329 } 1330 1331 static void powerpc_excp_books(PowerPCCPU *cpu, int excp) 1332 { 1333 CPUState *cs = CPU(cpu); 1334 CPUPPCState *env = &cpu->env; 1335 target_ulong msr, new_msr, vector; 1336 int srr0, srr1, lev = -1; 1337 1338 /* new srr1 value excluding must-be-zero bits */ 1339 msr = env->msr & ~0x783f0000ULL; 1340 1341 /* 1342 * new interrupt handler msr preserves existing HV and ME unless 1343 * explicitly overriden 1344 */ 1345 new_msr = env->msr & (((target_ulong)1 << MSR_ME) | MSR_HVB); 1346 1347 /* target registers */ 1348 srr0 = SPR_SRR0; 1349 srr1 = SPR_SRR1; 1350 1351 /* 1352 * check for special resume at 0x100 from doze/nap/sleep/winkle on 1353 * P7/P8/P9 1354 */ 1355 if (env->resume_as_sreset) { 1356 excp = powerpc_reset_wakeup(cs, env, excp, &msr); 1357 } 1358 1359 /* 1360 * We don't want to generate a Hypervisor Emulation Assistance 1361 * Interrupt if we don't have HVB in msr_mask (PAPR mode), 1362 * unless running a nested-hv guest, in which case the L1 1363 * kernel wants the interrupt. 1364 */ 1365 if (excp == POWERPC_EXCP_HV_EMU && !(env->msr_mask & MSR_HVB) && 1366 !books_vhyp_handles_hv_excp(cpu)) { 1367 excp = POWERPC_EXCP_PROGRAM; 1368 } 1369 1370 vector = env->excp_vectors[excp]; 1371 if (vector == (target_ulong)-1ULL) { 1372 cpu_abort(cs, "Raised an exception without defined vector %d\n", 1373 excp); 1374 } 1375 1376 vector |= env->excp_prefix; 1377 1378 switch (excp) { 1379 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 1380 if (!FIELD_EX64(env->msr, MSR, ME)) { 1381 /* 1382 * Machine check exception is not enabled. Enter 1383 * checkstop state. 1384 */ 1385 fprintf(stderr, "Machine check while not allowed. " 1386 "Entering checkstop state\n"); 1387 if (qemu_log_separate()) { 1388 qemu_log("Machine check while not allowed. " 1389 "Entering checkstop state\n"); 1390 } 1391 cs->halted = 1; 1392 cpu_interrupt_exittb(cs); 1393 } 1394 if (env->msr_mask & MSR_HVB) { 1395 /* 1396 * ISA specifies HV, but can be delivered to guest with HV 1397 * clear (e.g., see FWNMI in PAPR). 1398 */ 1399 new_msr |= (target_ulong)MSR_HVB; 1400 } 1401 1402 /* machine check exceptions don't have ME set */ 1403 new_msr &= ~((target_ulong)1 << MSR_ME); 1404 1405 break; 1406 case POWERPC_EXCP_DSI: /* Data storage exception */ 1407 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 1408 break; 1409 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 1410 trace_ppc_excp_isi(msr, env->nip); 1411 msr |= env->error_code; 1412 break; 1413 case POWERPC_EXCP_EXTERNAL: /* External input */ 1414 { 1415 bool lpes0; 1416 1417 /* 1418 * LPES0 is only taken into consideration if we support HV 1419 * mode for this CPU. 1420 */ 1421 if (!env->has_hv_mode) { 1422 break; 1423 } 1424 1425 lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1426 1427 if (!lpes0) { 1428 new_msr |= (target_ulong)MSR_HVB; 1429 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1430 srr0 = SPR_HSRR0; 1431 srr1 = SPR_HSRR1; 1432 } 1433 1434 break; 1435 } 1436 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 1437 /* Optional DSISR update was removed from ISA v3.0 */ 1438 if (!(env->insns_flags2 & PPC2_ISA300)) { 1439 /* Get rS/rD and rA from faulting opcode */ 1440 /* 1441 * Note: the opcode fields will not be set properly for a 1442 * direct store load/store, but nobody cares as nobody 1443 * actually uses direct store segments. 1444 */ 1445 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 1446 } 1447 break; 1448 case POWERPC_EXCP_PROGRAM: /* Program exception */ 1449 switch (env->error_code & ~0xF) { 1450 case POWERPC_EXCP_FP: 1451 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 1452 trace_ppc_excp_fp_ignore(); 1453 powerpc_reset_excp_state(cpu); 1454 return; 1455 } 1456 1457 /* 1458 * FP exceptions always have NIP pointing to the faulting 1459 * instruction, so always use store_next and claim we are 1460 * precise in the MSR. 1461 */ 1462 msr |= 0x00100000; 1463 break; 1464 case POWERPC_EXCP_INVAL: 1465 trace_ppc_excp_inval(env->nip); 1466 msr |= 0x00080000; 1467 break; 1468 case POWERPC_EXCP_PRIV: 1469 msr |= 0x00040000; 1470 break; 1471 case POWERPC_EXCP_TRAP: 1472 msr |= 0x00020000; 1473 break; 1474 default: 1475 /* Should never occur */ 1476 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 1477 env->error_code); 1478 break; 1479 } 1480 break; 1481 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1482 lev = env->error_code; 1483 1484 if ((lev == 1) && cpu->vhyp) { 1485 dump_hcall(env); 1486 } else { 1487 dump_syscall(env); 1488 } 1489 1490 /* 1491 * We need to correct the NIP which in this case is supposed 1492 * to point to the next instruction 1493 */ 1494 env->nip += 4; 1495 1496 /* "PAPR mode" built-in hypercall emulation */ 1497 if ((lev == 1) && books_vhyp_handles_hcall(cpu)) { 1498 PPCVirtualHypervisorClass *vhc = 1499 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 1500 vhc->hypercall(cpu->vhyp, cpu); 1501 return; 1502 } 1503 if (lev == 1) { 1504 new_msr |= (target_ulong)MSR_HVB; 1505 } 1506 break; 1507 case POWERPC_EXCP_SYSCALL_VECTORED: /* scv exception */ 1508 lev = env->error_code; 1509 dump_syscall(env); 1510 env->nip += 4; 1511 new_msr |= env->msr & ((target_ulong)1 << MSR_EE); 1512 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1513 1514 vector += lev * 0x20; 1515 1516 env->lr = env->nip; 1517 env->ctr = msr; 1518 break; 1519 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1520 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1521 break; 1522 case POWERPC_EXCP_RESET: /* System reset exception */ 1523 /* A power-saving exception sets ME, otherwise it is unchanged */ 1524 if (FIELD_EX64(env->msr, MSR, POW)) { 1525 /* indicate that we resumed from power save mode */ 1526 msr |= 0x10000; 1527 new_msr |= ((target_ulong)1 << MSR_ME); 1528 } 1529 if (env->msr_mask & MSR_HVB) { 1530 /* 1531 * ISA specifies HV, but can be delivered to guest with HV 1532 * clear (e.g., see FWNMI in PAPR, NMI injection in QEMU). 1533 */ 1534 new_msr |= (target_ulong)MSR_HVB; 1535 } else { 1536 if (FIELD_EX64(env->msr, MSR, POW)) { 1537 cpu_abort(cs, "Trying to deliver power-saving system reset " 1538 "exception %d with no HV support\n", excp); 1539 } 1540 } 1541 break; 1542 case POWERPC_EXCP_DSEG: /* Data segment exception */ 1543 case POWERPC_EXCP_ISEG: /* Instruction segment exception */ 1544 case POWERPC_EXCP_TRACE: /* Trace exception */ 1545 case POWERPC_EXCP_SDOOR: /* Doorbell interrupt */ 1546 case POWERPC_EXCP_PERFM: /* Performance monitor interrupt */ 1547 break; 1548 case POWERPC_EXCP_HISI: /* Hypervisor instruction storage exception */ 1549 msr |= env->error_code; 1550 /* fall through */ 1551 case POWERPC_EXCP_HDECR: /* Hypervisor decrementer exception */ 1552 case POWERPC_EXCP_HDSI: /* Hypervisor data storage exception */ 1553 case POWERPC_EXCP_SDOOR_HV: /* Hypervisor Doorbell interrupt */ 1554 case POWERPC_EXCP_HV_EMU: 1555 case POWERPC_EXCP_HVIRT: /* Hypervisor virtualization */ 1556 srr0 = SPR_HSRR0; 1557 srr1 = SPR_HSRR1; 1558 new_msr |= (target_ulong)MSR_HVB; 1559 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1560 break; 1561 case POWERPC_EXCP_VPU: /* Vector unavailable exception */ 1562 case POWERPC_EXCP_VSXU: /* VSX unavailable exception */ 1563 case POWERPC_EXCP_FU: /* Facility unavailable exception */ 1564 env->spr[SPR_FSCR] |= ((target_ulong)env->error_code << 56); 1565 break; 1566 case POWERPC_EXCP_HV_FU: /* Hypervisor Facility Unavailable Exception */ 1567 env->spr[SPR_HFSCR] |= ((target_ulong)env->error_code << FSCR_IC_POS); 1568 srr0 = SPR_HSRR0; 1569 srr1 = SPR_HSRR1; 1570 new_msr |= (target_ulong)MSR_HVB; 1571 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1572 break; 1573 case POWERPC_EXCP_PERFM_EBB: /* Performance Monitor EBB Exception */ 1574 case POWERPC_EXCP_EXTERNAL_EBB: /* External EBB Exception */ 1575 env->spr[SPR_BESCR] &= ~BESCR_GE; 1576 1577 /* 1578 * Save NIP for rfebb insn in SPR_EBBRR. Next nip is 1579 * stored in the EBB Handler SPR_EBBHR. 1580 */ 1581 env->spr[SPR_EBBRR] = env->nip; 1582 powerpc_set_excp_state(cpu, env->spr[SPR_EBBHR], env->msr); 1583 1584 /* 1585 * This exception is handled in userspace. No need to proceed. 1586 */ 1587 return; 1588 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 1589 case POWERPC_EXCP_VPUA: /* Vector assist exception */ 1590 case POWERPC_EXCP_MAINT: /* Maintenance exception */ 1591 case POWERPC_EXCP_HV_MAINT: /* Hypervisor Maintenance exception */ 1592 cpu_abort(cs, "%s exception not implemented\n", 1593 powerpc_excp_name(excp)); 1594 break; 1595 default: 1596 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1597 break; 1598 } 1599 1600 /* 1601 * Sort out endianness of interrupt, this differs depending on the 1602 * CPU, the HV mode, etc... 1603 */ 1604 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 1605 new_msr |= (target_ulong)1 << MSR_LE; 1606 } 1607 1608 new_msr |= (target_ulong)1 << MSR_SF; 1609 1610 if (excp != POWERPC_EXCP_SYSCALL_VECTORED) { 1611 /* Save PC */ 1612 env->spr[srr0] = env->nip; 1613 1614 /* Save MSR */ 1615 env->spr[srr1] = msr; 1616 } 1617 1618 if ((new_msr & MSR_HVB) && books_vhyp_handles_hv_excp(cpu)) { 1619 PPCVirtualHypervisorClass *vhc = 1620 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 1621 /* Deliver interrupt to L1 by returning from the H_ENTER_NESTED call */ 1622 vhc->deliver_hv_excp(cpu, excp); 1623 1624 powerpc_reset_excp_state(cpu); 1625 1626 } else { 1627 /* Sanity check */ 1628 if (!(env->msr_mask & MSR_HVB) && srr0 == SPR_HSRR0) { 1629 cpu_abort(cs, "Trying to deliver HV exception (HSRR) %d with " 1630 "no HV support\n", excp); 1631 } 1632 1633 /* This can update new_msr and vector if AIL applies */ 1634 ppc_excp_apply_ail(cpu, excp, msr, &new_msr, &vector); 1635 1636 powerpc_set_excp_state(cpu, vector, new_msr); 1637 } 1638 } 1639 #else 1640 static inline void powerpc_excp_books(PowerPCCPU *cpu, int excp) 1641 { 1642 g_assert_not_reached(); 1643 } 1644 #endif 1645 1646 static void powerpc_excp(PowerPCCPU *cpu, int excp) 1647 { 1648 CPUState *cs = CPU(cpu); 1649 CPUPPCState *env = &cpu->env; 1650 1651 if (excp <= POWERPC_EXCP_NONE || excp >= POWERPC_EXCP_NB) { 1652 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1653 } 1654 1655 qemu_log_mask(CPU_LOG_INT, "Raise exception at " TARGET_FMT_lx 1656 " => %s (%d) error=%02x\n", env->nip, powerpc_excp_name(excp), 1657 excp, env->error_code); 1658 env->excp_stats[excp]++; 1659 1660 switch (env->excp_model) { 1661 case POWERPC_EXCP_40x: 1662 powerpc_excp_40x(cpu, excp); 1663 break; 1664 case POWERPC_EXCP_6xx: 1665 powerpc_excp_6xx(cpu, excp); 1666 break; 1667 case POWERPC_EXCP_7xx: 1668 powerpc_excp_7xx(cpu, excp); 1669 break; 1670 case POWERPC_EXCP_74xx: 1671 powerpc_excp_74xx(cpu, excp); 1672 break; 1673 case POWERPC_EXCP_BOOKE: 1674 powerpc_excp_booke(cpu, excp); 1675 break; 1676 case POWERPC_EXCP_970: 1677 case POWERPC_EXCP_POWER7: 1678 case POWERPC_EXCP_POWER8: 1679 case POWERPC_EXCP_POWER9: 1680 case POWERPC_EXCP_POWER10: 1681 powerpc_excp_books(cpu, excp); 1682 break; 1683 default: 1684 g_assert_not_reached(); 1685 } 1686 } 1687 1688 void ppc_cpu_do_interrupt(CPUState *cs) 1689 { 1690 PowerPCCPU *cpu = POWERPC_CPU(cs); 1691 1692 powerpc_excp(cpu, cs->exception_index); 1693 } 1694 1695 #if defined(TARGET_PPC64) 1696 #define P7_UNUSED_INTERRUPTS \ 1697 (PPC_INTERRUPT_RESET | PPC_INTERRUPT_HVIRT | PPC_INTERRUPT_CEXT | \ 1698 PPC_INTERRUPT_WDT | PPC_INTERRUPT_CDOORBELL | PPC_INTERRUPT_FIT | \ 1699 PPC_INTERRUPT_PIT | PPC_INTERRUPT_DOORBELL | PPC_INTERRUPT_HDOORBELL | \ 1700 PPC_INTERRUPT_THERM | PPC_INTERRUPT_EBB) 1701 1702 static int p7_interrupt_powersave(CPUPPCState *env) 1703 { 1704 if ((env->pending_interrupts & PPC_INTERRUPT_EXT) && 1705 (env->spr[SPR_LPCR] & LPCR_P7_PECE0)) { 1706 return PPC_INTERRUPT_EXT; 1707 } 1708 if ((env->pending_interrupts & PPC_INTERRUPT_DECR) && 1709 (env->spr[SPR_LPCR] & LPCR_P7_PECE1)) { 1710 return PPC_INTERRUPT_DECR; 1711 } 1712 if ((env->pending_interrupts & PPC_INTERRUPT_MCK) && 1713 (env->spr[SPR_LPCR] & LPCR_P7_PECE2)) { 1714 return PPC_INTERRUPT_MCK; 1715 } 1716 if ((env->pending_interrupts & PPC_INTERRUPT_HMI) && 1717 (env->spr[SPR_LPCR] & LPCR_P7_PECE2)) { 1718 return PPC_INTERRUPT_HMI; 1719 } 1720 if (env->pending_interrupts & PPC_INTERRUPT_RESET) { 1721 return PPC_INTERRUPT_RESET; 1722 } 1723 return 0; 1724 } 1725 1726 static int p7_next_unmasked_interrupt(CPUPPCState *env) 1727 { 1728 PowerPCCPU *cpu = env_archcpu(env); 1729 CPUState *cs = CPU(cpu); 1730 /* Ignore MSR[EE] when coming out of some power management states */ 1731 bool msr_ee = FIELD_EX64(env->msr, MSR, EE) || env->resume_as_sreset; 1732 1733 assert((env->pending_interrupts & P7_UNUSED_INTERRUPTS) == 0); 1734 1735 if (cs->halted) { 1736 /* LPCR[PECE] controls which interrupts can exit power-saving mode */ 1737 return p7_interrupt_powersave(env); 1738 } 1739 1740 /* Machine check exception */ 1741 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 1742 return PPC_INTERRUPT_MCK; 1743 } 1744 1745 /* Hypervisor decrementer exception */ 1746 if (env->pending_interrupts & PPC_INTERRUPT_HDECR) { 1747 /* LPCR will be clear when not supported so this will work */ 1748 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 1749 if ((msr_ee || !FIELD_EX64_HV(env->msr)) && hdice) { 1750 /* HDEC clears on delivery */ 1751 return PPC_INTERRUPT_HDECR; 1752 } 1753 } 1754 1755 /* External interrupt can ignore MSR:EE under some circumstances */ 1756 if (env->pending_interrupts & PPC_INTERRUPT_EXT) { 1757 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1758 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 1759 /* HEIC blocks delivery to the hypervisor */ 1760 if ((msr_ee && !(heic && FIELD_EX64_HV(env->msr) && 1761 !FIELD_EX64(env->msr, MSR, PR))) || 1762 (env->has_hv_mode && !FIELD_EX64_HV(env->msr) && !lpes0)) { 1763 return PPC_INTERRUPT_EXT; 1764 } 1765 } 1766 if (msr_ee != 0) { 1767 /* Decrementer exception */ 1768 if (env->pending_interrupts & PPC_INTERRUPT_DECR) { 1769 return PPC_INTERRUPT_DECR; 1770 } 1771 if (env->pending_interrupts & PPC_INTERRUPT_PERFM) { 1772 return PPC_INTERRUPT_PERFM; 1773 } 1774 } 1775 1776 return 0; 1777 } 1778 1779 #define P8_UNUSED_INTERRUPTS \ 1780 (PPC_INTERRUPT_RESET | PPC_INTERRUPT_DEBUG | PPC_INTERRUPT_HVIRT | \ 1781 PPC_INTERRUPT_CEXT | PPC_INTERRUPT_WDT | PPC_INTERRUPT_CDOORBELL | \ 1782 PPC_INTERRUPT_FIT | PPC_INTERRUPT_PIT | PPC_INTERRUPT_THERM) 1783 1784 static int p8_interrupt_powersave(CPUPPCState *env) 1785 { 1786 if ((env->pending_interrupts & PPC_INTERRUPT_EXT) && 1787 (env->spr[SPR_LPCR] & LPCR_P8_PECE2)) { 1788 return PPC_INTERRUPT_EXT; 1789 } 1790 if ((env->pending_interrupts & PPC_INTERRUPT_DECR) && 1791 (env->spr[SPR_LPCR] & LPCR_P8_PECE3)) { 1792 return PPC_INTERRUPT_DECR; 1793 } 1794 if ((env->pending_interrupts & PPC_INTERRUPT_MCK) && 1795 (env->spr[SPR_LPCR] & LPCR_P8_PECE4)) { 1796 return PPC_INTERRUPT_MCK; 1797 } 1798 if ((env->pending_interrupts & PPC_INTERRUPT_HMI) && 1799 (env->spr[SPR_LPCR] & LPCR_P8_PECE4)) { 1800 return PPC_INTERRUPT_HMI; 1801 } 1802 if ((env->pending_interrupts & PPC_INTERRUPT_DOORBELL) && 1803 (env->spr[SPR_LPCR] & LPCR_P8_PECE0)) { 1804 return PPC_INTERRUPT_DOORBELL; 1805 } 1806 if ((env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) && 1807 (env->spr[SPR_LPCR] & LPCR_P8_PECE1)) { 1808 return PPC_INTERRUPT_HDOORBELL; 1809 } 1810 if (env->pending_interrupts & PPC_INTERRUPT_RESET) { 1811 return PPC_INTERRUPT_RESET; 1812 } 1813 return 0; 1814 } 1815 1816 static int p8_next_unmasked_interrupt(CPUPPCState *env) 1817 { 1818 PowerPCCPU *cpu = env_archcpu(env); 1819 CPUState *cs = CPU(cpu); 1820 /* Ignore MSR[EE] when coming out of some power management states */ 1821 bool msr_ee = FIELD_EX64(env->msr, MSR, EE) || env->resume_as_sreset; 1822 1823 assert((env->pending_interrupts & P8_UNUSED_INTERRUPTS) == 0); 1824 1825 if (cs->halted) { 1826 /* LPCR[PECE] controls which interrupts can exit power-saving mode */ 1827 return p8_interrupt_powersave(env); 1828 } 1829 1830 /* Machine check exception */ 1831 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 1832 return PPC_INTERRUPT_MCK; 1833 } 1834 1835 /* Hypervisor decrementer exception */ 1836 if (env->pending_interrupts & PPC_INTERRUPT_HDECR) { 1837 /* LPCR will be clear when not supported so this will work */ 1838 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 1839 if ((msr_ee || !FIELD_EX64_HV(env->msr)) && hdice) { 1840 /* HDEC clears on delivery */ 1841 return PPC_INTERRUPT_HDECR; 1842 } 1843 } 1844 1845 /* External interrupt can ignore MSR:EE under some circumstances */ 1846 if (env->pending_interrupts & PPC_INTERRUPT_EXT) { 1847 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1848 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 1849 /* HEIC blocks delivery to the hypervisor */ 1850 if ((msr_ee && !(heic && FIELD_EX64_HV(env->msr) && 1851 !FIELD_EX64(env->msr, MSR, PR))) || 1852 (env->has_hv_mode && !FIELD_EX64_HV(env->msr) && !lpes0)) { 1853 return PPC_INTERRUPT_EXT; 1854 } 1855 } 1856 if (msr_ee != 0) { 1857 /* Decrementer exception */ 1858 if (env->pending_interrupts & PPC_INTERRUPT_DECR) { 1859 return PPC_INTERRUPT_DECR; 1860 } 1861 if (env->pending_interrupts & PPC_INTERRUPT_DOORBELL) { 1862 return PPC_INTERRUPT_DOORBELL; 1863 } 1864 if (env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) { 1865 return PPC_INTERRUPT_HDOORBELL; 1866 } 1867 if (env->pending_interrupts & PPC_INTERRUPT_PERFM) { 1868 return PPC_INTERRUPT_PERFM; 1869 } 1870 /* EBB exception */ 1871 if (env->pending_interrupts & PPC_INTERRUPT_EBB) { 1872 /* 1873 * EBB exception must be taken in problem state and 1874 * with BESCR_GE set. 1875 */ 1876 if (FIELD_EX64(env->msr, MSR, PR) && 1877 (env->spr[SPR_BESCR] & BESCR_GE)) { 1878 return PPC_INTERRUPT_EBB; 1879 } 1880 } 1881 } 1882 1883 return 0; 1884 } 1885 1886 #define P9_UNUSED_INTERRUPTS \ 1887 (PPC_INTERRUPT_RESET | PPC_INTERRUPT_DEBUG | PPC_INTERRUPT_CEXT | \ 1888 PPC_INTERRUPT_WDT | PPC_INTERRUPT_CDOORBELL | PPC_INTERRUPT_FIT | \ 1889 PPC_INTERRUPT_PIT | PPC_INTERRUPT_THERM) 1890 1891 static int p9_interrupt_powersave(CPUPPCState *env) 1892 { 1893 /* External Exception */ 1894 if ((env->pending_interrupts & PPC_INTERRUPT_EXT) && 1895 (env->spr[SPR_LPCR] & LPCR_EEE)) { 1896 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 1897 if (!heic || !FIELD_EX64_HV(env->msr) || 1898 FIELD_EX64(env->msr, MSR, PR)) { 1899 return PPC_INTERRUPT_EXT; 1900 } 1901 } 1902 /* Decrementer Exception */ 1903 if ((env->pending_interrupts & PPC_INTERRUPT_DECR) && 1904 (env->spr[SPR_LPCR] & LPCR_DEE)) { 1905 return PPC_INTERRUPT_DECR; 1906 } 1907 /* Machine Check or Hypervisor Maintenance Exception */ 1908 if (env->spr[SPR_LPCR] & LPCR_OEE) { 1909 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 1910 return PPC_INTERRUPT_MCK; 1911 } 1912 if (env->pending_interrupts & PPC_INTERRUPT_HMI) { 1913 return PPC_INTERRUPT_HMI; 1914 } 1915 } 1916 /* Privileged Doorbell Exception */ 1917 if ((env->pending_interrupts & PPC_INTERRUPT_DOORBELL) && 1918 (env->spr[SPR_LPCR] & LPCR_PDEE)) { 1919 return PPC_INTERRUPT_DOORBELL; 1920 } 1921 /* Hypervisor Doorbell Exception */ 1922 if ((env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) && 1923 (env->spr[SPR_LPCR] & LPCR_HDEE)) { 1924 return PPC_INTERRUPT_HDOORBELL; 1925 } 1926 /* Hypervisor virtualization exception */ 1927 if ((env->pending_interrupts & PPC_INTERRUPT_HVIRT) && 1928 (env->spr[SPR_LPCR] & LPCR_HVEE)) { 1929 return PPC_INTERRUPT_HVIRT; 1930 } 1931 if (env->pending_interrupts & PPC_INTERRUPT_RESET) { 1932 return PPC_INTERRUPT_RESET; 1933 } 1934 return 0; 1935 } 1936 1937 static int p9_next_unmasked_interrupt(CPUPPCState *env) 1938 { 1939 PowerPCCPU *cpu = env_archcpu(env); 1940 CPUState *cs = CPU(cpu); 1941 /* Ignore MSR[EE] when coming out of some power management states */ 1942 bool msr_ee = FIELD_EX64(env->msr, MSR, EE) || env->resume_as_sreset; 1943 1944 assert((env->pending_interrupts & P9_UNUSED_INTERRUPTS) == 0); 1945 1946 if (cs->halted) { 1947 if (env->spr[SPR_PSSCR] & PSSCR_EC) { 1948 /* 1949 * When PSSCR[EC] is set, LPCR[PECE] controls which interrupts can 1950 * wakeup the processor 1951 */ 1952 return p9_interrupt_powersave(env); 1953 } else { 1954 /* 1955 * When it's clear, any system-caused exception exits power-saving 1956 * mode, even the ones that gate on MSR[EE]. 1957 */ 1958 msr_ee = true; 1959 } 1960 } 1961 1962 /* Machine check exception */ 1963 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 1964 return PPC_INTERRUPT_MCK; 1965 } 1966 1967 /* Hypervisor decrementer exception */ 1968 if (env->pending_interrupts & PPC_INTERRUPT_HDECR) { 1969 /* LPCR will be clear when not supported so this will work */ 1970 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 1971 if ((msr_ee || !FIELD_EX64_HV(env->msr)) && hdice) { 1972 /* HDEC clears on delivery */ 1973 return PPC_INTERRUPT_HDECR; 1974 } 1975 } 1976 1977 /* Hypervisor virtualization interrupt */ 1978 if (env->pending_interrupts & PPC_INTERRUPT_HVIRT) { 1979 /* LPCR will be clear when not supported so this will work */ 1980 bool hvice = !!(env->spr[SPR_LPCR] & LPCR_HVICE); 1981 if ((msr_ee || !FIELD_EX64_HV(env->msr)) && hvice) { 1982 return PPC_INTERRUPT_HVIRT; 1983 } 1984 } 1985 1986 /* External interrupt can ignore MSR:EE under some circumstances */ 1987 if (env->pending_interrupts & PPC_INTERRUPT_EXT) { 1988 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1989 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 1990 /* HEIC blocks delivery to the hypervisor */ 1991 if ((msr_ee && !(heic && FIELD_EX64_HV(env->msr) && 1992 !FIELD_EX64(env->msr, MSR, PR))) || 1993 (env->has_hv_mode && !FIELD_EX64_HV(env->msr) && !lpes0)) { 1994 return PPC_INTERRUPT_EXT; 1995 } 1996 } 1997 if (msr_ee != 0) { 1998 /* Decrementer exception */ 1999 if (env->pending_interrupts & PPC_INTERRUPT_DECR) { 2000 return PPC_INTERRUPT_DECR; 2001 } 2002 if (env->pending_interrupts & PPC_INTERRUPT_DOORBELL) { 2003 return PPC_INTERRUPT_DOORBELL; 2004 } 2005 if (env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) { 2006 return PPC_INTERRUPT_HDOORBELL; 2007 } 2008 if (env->pending_interrupts & PPC_INTERRUPT_PERFM) { 2009 return PPC_INTERRUPT_PERFM; 2010 } 2011 /* EBB exception */ 2012 if (env->pending_interrupts & PPC_INTERRUPT_EBB) { 2013 /* 2014 * EBB exception must be taken in problem state and 2015 * with BESCR_GE set. 2016 */ 2017 if (FIELD_EX64(env->msr, MSR, PR) && 2018 (env->spr[SPR_BESCR] & BESCR_GE)) { 2019 return PPC_INTERRUPT_EBB; 2020 } 2021 } 2022 } 2023 2024 return 0; 2025 } 2026 #endif 2027 2028 static int ppc_next_unmasked_interrupt_generic(CPUPPCState *env) 2029 { 2030 bool async_deliver; 2031 2032 /* External reset */ 2033 if (env->pending_interrupts & PPC_INTERRUPT_RESET) { 2034 return PPC_INTERRUPT_RESET; 2035 } 2036 /* Machine check exception */ 2037 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 2038 return PPC_INTERRUPT_MCK; 2039 } 2040 #if 0 /* TODO */ 2041 /* External debug exception */ 2042 if (env->pending_interrupts & PPC_INTERRUPT_DEBUG) { 2043 return PPC_INTERRUPT_DEBUG; 2044 } 2045 #endif 2046 2047 /* 2048 * For interrupts that gate on MSR:EE, we need to do something a 2049 * bit more subtle, as we need to let them through even when EE is 2050 * clear when coming out of some power management states (in order 2051 * for them to become a 0x100). 2052 */ 2053 async_deliver = FIELD_EX64(env->msr, MSR, EE) || env->resume_as_sreset; 2054 2055 /* Hypervisor decrementer exception */ 2056 if (env->pending_interrupts & PPC_INTERRUPT_HDECR) { 2057 /* LPCR will be clear when not supported so this will work */ 2058 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 2059 if ((async_deliver || !FIELD_EX64_HV(env->msr)) && hdice) { 2060 /* HDEC clears on delivery */ 2061 return PPC_INTERRUPT_HDECR; 2062 } 2063 } 2064 2065 /* Hypervisor virtualization interrupt */ 2066 if (env->pending_interrupts & PPC_INTERRUPT_HVIRT) { 2067 /* LPCR will be clear when not supported so this will work */ 2068 bool hvice = !!(env->spr[SPR_LPCR] & LPCR_HVICE); 2069 if ((async_deliver || !FIELD_EX64_HV(env->msr)) && hvice) { 2070 return PPC_INTERRUPT_HVIRT; 2071 } 2072 } 2073 2074 /* External interrupt can ignore MSR:EE under some circumstances */ 2075 if (env->pending_interrupts & PPC_INTERRUPT_EXT) { 2076 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 2077 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 2078 /* HEIC blocks delivery to the hypervisor */ 2079 if ((async_deliver && !(heic && FIELD_EX64_HV(env->msr) && 2080 !FIELD_EX64(env->msr, MSR, PR))) || 2081 (env->has_hv_mode && !FIELD_EX64_HV(env->msr) && !lpes0)) { 2082 return PPC_INTERRUPT_EXT; 2083 } 2084 } 2085 if (FIELD_EX64(env->msr, MSR, CE)) { 2086 /* External critical interrupt */ 2087 if (env->pending_interrupts & PPC_INTERRUPT_CEXT) { 2088 return PPC_INTERRUPT_CEXT; 2089 } 2090 } 2091 if (async_deliver != 0) { 2092 /* Watchdog timer on embedded PowerPC */ 2093 if (env->pending_interrupts & PPC_INTERRUPT_WDT) { 2094 return PPC_INTERRUPT_WDT; 2095 } 2096 if (env->pending_interrupts & PPC_INTERRUPT_CDOORBELL) { 2097 return PPC_INTERRUPT_CDOORBELL; 2098 } 2099 /* Fixed interval timer on embedded PowerPC */ 2100 if (env->pending_interrupts & PPC_INTERRUPT_FIT) { 2101 return PPC_INTERRUPT_FIT; 2102 } 2103 /* Programmable interval timer on embedded PowerPC */ 2104 if (env->pending_interrupts & PPC_INTERRUPT_PIT) { 2105 return PPC_INTERRUPT_PIT; 2106 } 2107 /* Decrementer exception */ 2108 if (env->pending_interrupts & PPC_INTERRUPT_DECR) { 2109 return PPC_INTERRUPT_DECR; 2110 } 2111 if (env->pending_interrupts & PPC_INTERRUPT_DOORBELL) { 2112 return PPC_INTERRUPT_DOORBELL; 2113 } 2114 if (env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) { 2115 return PPC_INTERRUPT_HDOORBELL; 2116 } 2117 if (env->pending_interrupts & PPC_INTERRUPT_PERFM) { 2118 return PPC_INTERRUPT_PERFM; 2119 } 2120 /* Thermal interrupt */ 2121 if (env->pending_interrupts & PPC_INTERRUPT_THERM) { 2122 return PPC_INTERRUPT_THERM; 2123 } 2124 /* EBB exception */ 2125 if (env->pending_interrupts & PPC_INTERRUPT_EBB) { 2126 /* 2127 * EBB exception must be taken in problem state and 2128 * with BESCR_GE set. 2129 */ 2130 if (FIELD_EX64(env->msr, MSR, PR) && 2131 (env->spr[SPR_BESCR] & BESCR_GE)) { 2132 return PPC_INTERRUPT_EBB; 2133 } 2134 } 2135 } 2136 2137 return 0; 2138 } 2139 2140 static int ppc_next_unmasked_interrupt(CPUPPCState *env) 2141 { 2142 switch (env->excp_model) { 2143 #if defined(TARGET_PPC64) 2144 case POWERPC_EXCP_POWER7: 2145 return p7_next_unmasked_interrupt(env); 2146 case POWERPC_EXCP_POWER8: 2147 return p8_next_unmasked_interrupt(env); 2148 case POWERPC_EXCP_POWER9: 2149 case POWERPC_EXCP_POWER10: 2150 return p9_next_unmasked_interrupt(env); 2151 #endif 2152 default: 2153 return ppc_next_unmasked_interrupt_generic(env); 2154 } 2155 } 2156 2157 /* 2158 * Sets CPU_INTERRUPT_HARD if there is at least one unmasked interrupt to be 2159 * delivered and clears CPU_INTERRUPT_HARD otherwise. 2160 * 2161 * This method is called by ppc_set_interrupt when an interrupt is raised or 2162 * lowered, and should also be called whenever an interrupt masking condition 2163 * is changed, e.g.: 2164 * - When relevant bits of MSR are altered, like EE, HV, PR, etc.; 2165 * - When relevant bits of LPCR are altered, like PECE, HDICE, HVICE, etc.; 2166 * - When PSSCR[EC] or env->resume_as_sreset are changed; 2167 * - When cs->halted is changed and the CPU has a different interrupt masking 2168 * logic in power-saving mode (e.g., POWER7/8/9/10); 2169 */ 2170 void ppc_maybe_interrupt(CPUPPCState *env) 2171 { 2172 CPUState *cs = env_cpu(env); 2173 QEMU_IOTHREAD_LOCK_GUARD(); 2174 2175 if (ppc_next_unmasked_interrupt(env)) { 2176 cpu_interrupt(cs, CPU_INTERRUPT_HARD); 2177 } else { 2178 cpu_reset_interrupt(cs, CPU_INTERRUPT_HARD); 2179 } 2180 } 2181 2182 #if defined(TARGET_PPC64) 2183 static void p7_deliver_interrupt(CPUPPCState *env, int interrupt) 2184 { 2185 PowerPCCPU *cpu = env_archcpu(env); 2186 CPUState *cs = env_cpu(env); 2187 2188 switch (interrupt) { 2189 case PPC_INTERRUPT_MCK: /* Machine check exception */ 2190 env->pending_interrupts &= ~PPC_INTERRUPT_MCK; 2191 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 2192 break; 2193 2194 case PPC_INTERRUPT_HDECR: /* Hypervisor decrementer exception */ 2195 /* HDEC clears on delivery */ 2196 env->pending_interrupts &= ~PPC_INTERRUPT_HDECR; 2197 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 2198 break; 2199 2200 case PPC_INTERRUPT_EXT: 2201 if (books_vhyp_promotes_external_to_hvirt(cpu)) { 2202 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2203 } else { 2204 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 2205 } 2206 break; 2207 2208 case PPC_INTERRUPT_DECR: /* Decrementer exception */ 2209 powerpc_excp(cpu, POWERPC_EXCP_DECR); 2210 break; 2211 case PPC_INTERRUPT_PERFM: 2212 env->pending_interrupts &= ~PPC_INTERRUPT_PERFM; 2213 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 2214 break; 2215 case 0: 2216 /* 2217 * This is a bug ! It means that has_work took us out of halt without 2218 * anything to deliver while in a PM state that requires getting 2219 * out via a 0x100 2220 * 2221 * This means we will incorrectly execute past the power management 2222 * instruction instead of triggering a reset. 2223 * 2224 * It generally means a discrepancy between the wakeup conditions in the 2225 * processor has_work implementation and the logic in this function. 2226 */ 2227 assert(!env->resume_as_sreset); 2228 break; 2229 default: 2230 cpu_abort(cs, "Invalid PowerPC interrupt %d. Aborting\n", interrupt); 2231 } 2232 } 2233 2234 static void p8_deliver_interrupt(CPUPPCState *env, int interrupt) 2235 { 2236 PowerPCCPU *cpu = env_archcpu(env); 2237 CPUState *cs = env_cpu(env); 2238 2239 switch (interrupt) { 2240 case PPC_INTERRUPT_MCK: /* Machine check exception */ 2241 env->pending_interrupts &= ~PPC_INTERRUPT_MCK; 2242 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 2243 break; 2244 2245 case PPC_INTERRUPT_HDECR: /* Hypervisor decrementer exception */ 2246 /* HDEC clears on delivery */ 2247 env->pending_interrupts &= ~PPC_INTERRUPT_HDECR; 2248 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 2249 break; 2250 2251 case PPC_INTERRUPT_EXT: 2252 if (books_vhyp_promotes_external_to_hvirt(cpu)) { 2253 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2254 } else { 2255 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 2256 } 2257 break; 2258 2259 case PPC_INTERRUPT_DECR: /* Decrementer exception */ 2260 powerpc_excp(cpu, POWERPC_EXCP_DECR); 2261 break; 2262 case PPC_INTERRUPT_DOORBELL: 2263 env->pending_interrupts &= ~PPC_INTERRUPT_DOORBELL; 2264 if (is_book3s_arch2x(env)) { 2265 powerpc_excp(cpu, POWERPC_EXCP_SDOOR); 2266 } else { 2267 powerpc_excp(cpu, POWERPC_EXCP_DOORI); 2268 } 2269 break; 2270 case PPC_INTERRUPT_HDOORBELL: 2271 env->pending_interrupts &= ~PPC_INTERRUPT_HDOORBELL; 2272 powerpc_excp(cpu, POWERPC_EXCP_SDOOR_HV); 2273 break; 2274 case PPC_INTERRUPT_PERFM: 2275 env->pending_interrupts &= ~PPC_INTERRUPT_PERFM; 2276 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 2277 break; 2278 case PPC_INTERRUPT_EBB: /* EBB exception */ 2279 env->pending_interrupts &= ~PPC_INTERRUPT_EBB; 2280 if (env->spr[SPR_BESCR] & BESCR_PMEO) { 2281 powerpc_excp(cpu, POWERPC_EXCP_PERFM_EBB); 2282 } else if (env->spr[SPR_BESCR] & BESCR_EEO) { 2283 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL_EBB); 2284 } 2285 break; 2286 case 0: 2287 /* 2288 * This is a bug ! It means that has_work took us out of halt without 2289 * anything to deliver while in a PM state that requires getting 2290 * out via a 0x100 2291 * 2292 * This means we will incorrectly execute past the power management 2293 * instruction instead of triggering a reset. 2294 * 2295 * It generally means a discrepancy between the wakeup conditions in the 2296 * processor has_work implementation and the logic in this function. 2297 */ 2298 assert(!env->resume_as_sreset); 2299 break; 2300 default: 2301 cpu_abort(cs, "Invalid PowerPC interrupt %d. Aborting\n", interrupt); 2302 } 2303 } 2304 2305 static void p9_deliver_interrupt(CPUPPCState *env, int interrupt) 2306 { 2307 PowerPCCPU *cpu = env_archcpu(env); 2308 CPUState *cs = env_cpu(env); 2309 2310 if (cs->halted && !(env->spr[SPR_PSSCR] & PSSCR_EC) && 2311 !FIELD_EX64(env->msr, MSR, EE)) { 2312 /* 2313 * A pending interrupt took us out of power-saving, but MSR[EE] says 2314 * that we should return to NIP+4 instead of delivering it. 2315 */ 2316 return; 2317 } 2318 2319 switch (interrupt) { 2320 case PPC_INTERRUPT_MCK: /* Machine check exception */ 2321 env->pending_interrupts &= ~PPC_INTERRUPT_MCK; 2322 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 2323 break; 2324 2325 case PPC_INTERRUPT_HDECR: /* Hypervisor decrementer exception */ 2326 /* HDEC clears on delivery */ 2327 env->pending_interrupts &= ~PPC_INTERRUPT_HDECR; 2328 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 2329 break; 2330 case PPC_INTERRUPT_HVIRT: /* Hypervisor virtualization interrupt */ 2331 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2332 break; 2333 2334 case PPC_INTERRUPT_EXT: 2335 if (books_vhyp_promotes_external_to_hvirt(cpu)) { 2336 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2337 } else { 2338 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 2339 } 2340 break; 2341 2342 case PPC_INTERRUPT_DECR: /* Decrementer exception */ 2343 powerpc_excp(cpu, POWERPC_EXCP_DECR); 2344 break; 2345 case PPC_INTERRUPT_DOORBELL: 2346 env->pending_interrupts &= ~PPC_INTERRUPT_DOORBELL; 2347 powerpc_excp(cpu, POWERPC_EXCP_SDOOR); 2348 break; 2349 case PPC_INTERRUPT_HDOORBELL: 2350 env->pending_interrupts &= ~PPC_INTERRUPT_HDOORBELL; 2351 powerpc_excp(cpu, POWERPC_EXCP_SDOOR_HV); 2352 break; 2353 case PPC_INTERRUPT_PERFM: 2354 env->pending_interrupts &= ~PPC_INTERRUPT_PERFM; 2355 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 2356 break; 2357 case PPC_INTERRUPT_EBB: /* EBB exception */ 2358 env->pending_interrupts &= ~PPC_INTERRUPT_EBB; 2359 if (env->spr[SPR_BESCR] & BESCR_PMEO) { 2360 powerpc_excp(cpu, POWERPC_EXCP_PERFM_EBB); 2361 } else if (env->spr[SPR_BESCR] & BESCR_EEO) { 2362 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL_EBB); 2363 } 2364 break; 2365 case 0: 2366 /* 2367 * This is a bug ! It means that has_work took us out of halt without 2368 * anything to deliver while in a PM state that requires getting 2369 * out via a 0x100 2370 * 2371 * This means we will incorrectly execute past the power management 2372 * instruction instead of triggering a reset. 2373 * 2374 * It generally means a discrepancy between the wakeup conditions in the 2375 * processor has_work implementation and the logic in this function. 2376 */ 2377 assert(!env->resume_as_sreset); 2378 break; 2379 default: 2380 cpu_abort(cs, "Invalid PowerPC interrupt %d. Aborting\n", interrupt); 2381 } 2382 } 2383 #endif 2384 2385 static void ppc_deliver_interrupt_generic(CPUPPCState *env, int interrupt) 2386 { 2387 PowerPCCPU *cpu = env_archcpu(env); 2388 CPUState *cs = env_cpu(env); 2389 2390 switch (interrupt) { 2391 case PPC_INTERRUPT_RESET: /* External reset */ 2392 env->pending_interrupts &= ~PPC_INTERRUPT_RESET; 2393 powerpc_excp(cpu, POWERPC_EXCP_RESET); 2394 break; 2395 case PPC_INTERRUPT_MCK: /* Machine check exception */ 2396 env->pending_interrupts &= ~PPC_INTERRUPT_MCK; 2397 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 2398 break; 2399 2400 case PPC_INTERRUPT_HDECR: /* Hypervisor decrementer exception */ 2401 /* HDEC clears on delivery */ 2402 env->pending_interrupts &= ~PPC_INTERRUPT_HDECR; 2403 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 2404 break; 2405 case PPC_INTERRUPT_HVIRT: /* Hypervisor virtualization interrupt */ 2406 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2407 break; 2408 2409 case PPC_INTERRUPT_EXT: 2410 if (books_vhyp_promotes_external_to_hvirt(cpu)) { 2411 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2412 } else { 2413 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 2414 } 2415 break; 2416 case PPC_INTERRUPT_CEXT: /* External critical interrupt */ 2417 powerpc_excp(cpu, POWERPC_EXCP_CRITICAL); 2418 break; 2419 2420 case PPC_INTERRUPT_WDT: /* Watchdog timer on embedded PowerPC */ 2421 env->pending_interrupts &= ~PPC_INTERRUPT_WDT; 2422 powerpc_excp(cpu, POWERPC_EXCP_WDT); 2423 break; 2424 case PPC_INTERRUPT_CDOORBELL: 2425 env->pending_interrupts &= ~PPC_INTERRUPT_CDOORBELL; 2426 powerpc_excp(cpu, POWERPC_EXCP_DOORCI); 2427 break; 2428 case PPC_INTERRUPT_FIT: /* Fixed interval timer on embedded PowerPC */ 2429 env->pending_interrupts &= ~PPC_INTERRUPT_FIT; 2430 powerpc_excp(cpu, POWERPC_EXCP_FIT); 2431 break; 2432 case PPC_INTERRUPT_PIT: /* Programmable interval timer on embedded ppc */ 2433 env->pending_interrupts &= ~PPC_INTERRUPT_PIT; 2434 powerpc_excp(cpu, POWERPC_EXCP_PIT); 2435 break; 2436 case PPC_INTERRUPT_DECR: /* Decrementer exception */ 2437 if (ppc_decr_clear_on_delivery(env)) { 2438 env->pending_interrupts &= ~PPC_INTERRUPT_DECR; 2439 } 2440 powerpc_excp(cpu, POWERPC_EXCP_DECR); 2441 break; 2442 case PPC_INTERRUPT_DOORBELL: 2443 env->pending_interrupts &= ~PPC_INTERRUPT_DOORBELL; 2444 if (is_book3s_arch2x(env)) { 2445 powerpc_excp(cpu, POWERPC_EXCP_SDOOR); 2446 } else { 2447 powerpc_excp(cpu, POWERPC_EXCP_DOORI); 2448 } 2449 break; 2450 case PPC_INTERRUPT_HDOORBELL: 2451 env->pending_interrupts &= ~PPC_INTERRUPT_HDOORBELL; 2452 powerpc_excp(cpu, POWERPC_EXCP_SDOOR_HV); 2453 break; 2454 case PPC_INTERRUPT_PERFM: 2455 env->pending_interrupts &= ~PPC_INTERRUPT_PERFM; 2456 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 2457 break; 2458 case PPC_INTERRUPT_THERM: /* Thermal interrupt */ 2459 env->pending_interrupts &= ~PPC_INTERRUPT_THERM; 2460 powerpc_excp(cpu, POWERPC_EXCP_THERM); 2461 break; 2462 case PPC_INTERRUPT_EBB: /* EBB exception */ 2463 env->pending_interrupts &= ~PPC_INTERRUPT_EBB; 2464 if (env->spr[SPR_BESCR] & BESCR_PMEO) { 2465 powerpc_excp(cpu, POWERPC_EXCP_PERFM_EBB); 2466 } else if (env->spr[SPR_BESCR] & BESCR_EEO) { 2467 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL_EBB); 2468 } 2469 break; 2470 case 0: 2471 /* 2472 * This is a bug ! It means that has_work took us out of halt without 2473 * anything to deliver while in a PM state that requires getting 2474 * out via a 0x100 2475 * 2476 * This means we will incorrectly execute past the power management 2477 * instruction instead of triggering a reset. 2478 * 2479 * It generally means a discrepancy between the wakeup conditions in the 2480 * processor has_work implementation and the logic in this function. 2481 */ 2482 assert(!env->resume_as_sreset); 2483 break; 2484 default: 2485 cpu_abort(cs, "Invalid PowerPC interrupt %d. Aborting\n", interrupt); 2486 } 2487 } 2488 2489 static void ppc_deliver_interrupt(CPUPPCState *env, int interrupt) 2490 { 2491 switch (env->excp_model) { 2492 #if defined(TARGET_PPC64) 2493 case POWERPC_EXCP_POWER7: 2494 p7_deliver_interrupt(env, interrupt); 2495 break; 2496 case POWERPC_EXCP_POWER8: 2497 p8_deliver_interrupt(env, interrupt); 2498 break; 2499 case POWERPC_EXCP_POWER9: 2500 case POWERPC_EXCP_POWER10: 2501 p9_deliver_interrupt(env, interrupt); 2502 break; 2503 #endif 2504 default: 2505 ppc_deliver_interrupt_generic(env, interrupt); 2506 } 2507 } 2508 2509 void ppc_cpu_do_system_reset(CPUState *cs) 2510 { 2511 PowerPCCPU *cpu = POWERPC_CPU(cs); 2512 2513 powerpc_excp(cpu, POWERPC_EXCP_RESET); 2514 } 2515 2516 void ppc_cpu_do_fwnmi_machine_check(CPUState *cs, target_ulong vector) 2517 { 2518 PowerPCCPU *cpu = POWERPC_CPU(cs); 2519 CPUPPCState *env = &cpu->env; 2520 target_ulong msr = 0; 2521 2522 /* 2523 * Set MSR and NIP for the handler, SRR0/1, DAR and DSISR have already 2524 * been set by KVM. 2525 */ 2526 msr = (1ULL << MSR_ME); 2527 msr |= env->msr & (1ULL << MSR_SF); 2528 if (ppc_interrupts_little_endian(cpu, false)) { 2529 msr |= (1ULL << MSR_LE); 2530 } 2531 2532 /* Anything for nested required here? MSR[HV] bit? */ 2533 2534 powerpc_set_excp_state(cpu, vector, msr); 2535 } 2536 2537 bool ppc_cpu_exec_interrupt(CPUState *cs, int interrupt_request) 2538 { 2539 PowerPCCPU *cpu = POWERPC_CPU(cs); 2540 CPUPPCState *env = &cpu->env; 2541 int interrupt; 2542 2543 if ((interrupt_request & CPU_INTERRUPT_HARD) == 0) { 2544 return false; 2545 } 2546 2547 interrupt = ppc_next_unmasked_interrupt(env); 2548 if (interrupt == 0) { 2549 return false; 2550 } 2551 2552 ppc_deliver_interrupt(env, interrupt); 2553 if (env->pending_interrupts == 0) { 2554 cpu_reset_interrupt(cs, CPU_INTERRUPT_HARD); 2555 } 2556 return true; 2557 } 2558 2559 #endif /* !CONFIG_USER_ONLY */ 2560 2561 /*****************************************************************************/ 2562 /* Exceptions processing helpers */ 2563 2564 void raise_exception_err_ra(CPUPPCState *env, uint32_t exception, 2565 uint32_t error_code, uintptr_t raddr) 2566 { 2567 CPUState *cs = env_cpu(env); 2568 2569 cs->exception_index = exception; 2570 env->error_code = error_code; 2571 cpu_loop_exit_restore(cs, raddr); 2572 } 2573 2574 void raise_exception_err(CPUPPCState *env, uint32_t exception, 2575 uint32_t error_code) 2576 { 2577 raise_exception_err_ra(env, exception, error_code, 0); 2578 } 2579 2580 void raise_exception(CPUPPCState *env, uint32_t exception) 2581 { 2582 raise_exception_err_ra(env, exception, 0, 0); 2583 } 2584 2585 void raise_exception_ra(CPUPPCState *env, uint32_t exception, 2586 uintptr_t raddr) 2587 { 2588 raise_exception_err_ra(env, exception, 0, raddr); 2589 } 2590 2591 #ifdef CONFIG_TCG 2592 void helper_raise_exception_err(CPUPPCState *env, uint32_t exception, 2593 uint32_t error_code) 2594 { 2595 raise_exception_err_ra(env, exception, error_code, 0); 2596 } 2597 2598 void helper_raise_exception(CPUPPCState *env, uint32_t exception) 2599 { 2600 raise_exception_err_ra(env, exception, 0, 0); 2601 } 2602 #endif 2603 2604 #if !defined(CONFIG_USER_ONLY) 2605 #ifdef CONFIG_TCG 2606 void helper_store_msr(CPUPPCState *env, target_ulong val) 2607 { 2608 uint32_t excp = hreg_store_msr(env, val, 0); 2609 2610 if (excp != 0) { 2611 CPUState *cs = env_cpu(env); 2612 cpu_interrupt_exittb(cs); 2613 raise_exception(env, excp); 2614 } 2615 } 2616 2617 void helper_ppc_maybe_interrupt(CPUPPCState *env) 2618 { 2619 ppc_maybe_interrupt(env); 2620 } 2621 2622 #if defined(TARGET_PPC64) 2623 void helper_scv(CPUPPCState *env, uint32_t lev) 2624 { 2625 if (env->spr[SPR_FSCR] & (1ull << FSCR_SCV)) { 2626 raise_exception_err(env, POWERPC_EXCP_SYSCALL_VECTORED, lev); 2627 } else { 2628 raise_exception_err(env, POWERPC_EXCP_FU, FSCR_IC_SCV); 2629 } 2630 } 2631 2632 void helper_pminsn(CPUPPCState *env, uint32_t insn) 2633 { 2634 CPUState *cs; 2635 2636 cs = env_cpu(env); 2637 cs->halted = 1; 2638 2639 /* Condition for waking up at 0x100 */ 2640 env->resume_as_sreset = (insn != PPC_PM_STOP) || 2641 (env->spr[SPR_PSSCR] & PSSCR_EC); 2642 2643 ppc_maybe_interrupt(env); 2644 } 2645 #endif /* defined(TARGET_PPC64) */ 2646 2647 static void do_rfi(CPUPPCState *env, target_ulong nip, target_ulong msr) 2648 { 2649 CPUState *cs = env_cpu(env); 2650 2651 /* MSR:POW cannot be set by any form of rfi */ 2652 msr &= ~(1ULL << MSR_POW); 2653 2654 /* MSR:TGPR cannot be set by any form of rfi */ 2655 if (env->flags & POWERPC_FLAG_TGPR) 2656 msr &= ~(1ULL << MSR_TGPR); 2657 2658 #if defined(TARGET_PPC64) 2659 /* Switching to 32-bit ? Crop the nip */ 2660 if (!msr_is_64bit(env, msr)) { 2661 nip = (uint32_t)nip; 2662 } 2663 #else 2664 nip = (uint32_t)nip; 2665 #endif 2666 /* XXX: beware: this is false if VLE is supported */ 2667 env->nip = nip & ~((target_ulong)0x00000003); 2668 hreg_store_msr(env, msr, 1); 2669 trace_ppc_excp_rfi(env->nip, env->msr); 2670 /* 2671 * No need to raise an exception here, as rfi is always the last 2672 * insn of a TB 2673 */ 2674 cpu_interrupt_exittb(cs); 2675 /* Reset the reservation */ 2676 env->reserve_addr = -1; 2677 2678 /* Context synchronizing: check if TCG TLB needs flush */ 2679 check_tlb_flush(env, false); 2680 } 2681 2682 void helper_rfi(CPUPPCState *env) 2683 { 2684 do_rfi(env, env->spr[SPR_SRR0], env->spr[SPR_SRR1] & 0xfffffffful); 2685 } 2686 2687 #if defined(TARGET_PPC64) 2688 void helper_rfid(CPUPPCState *env) 2689 { 2690 /* 2691 * The architecture defines a number of rules for which bits can 2692 * change but in practice, we handle this in hreg_store_msr() 2693 * which will be called by do_rfi(), so there is no need to filter 2694 * here 2695 */ 2696 do_rfi(env, env->spr[SPR_SRR0], env->spr[SPR_SRR1]); 2697 } 2698 2699 void helper_rfscv(CPUPPCState *env) 2700 { 2701 do_rfi(env, env->lr, env->ctr); 2702 } 2703 2704 void helper_hrfid(CPUPPCState *env) 2705 { 2706 do_rfi(env, env->spr[SPR_HSRR0], env->spr[SPR_HSRR1]); 2707 } 2708 #endif 2709 2710 #if defined(TARGET_PPC64) && !defined(CONFIG_USER_ONLY) 2711 void helper_rfebb(CPUPPCState *env, target_ulong s) 2712 { 2713 target_ulong msr = env->msr; 2714 2715 /* 2716 * Handling of BESCR bits 32:33 according to PowerISA v3.1: 2717 * 2718 * "If BESCR 32:33 != 0b00 the instruction is treated as if 2719 * the instruction form were invalid." 2720 */ 2721 if (env->spr[SPR_BESCR] & BESCR_INVALID) { 2722 raise_exception_err(env, POWERPC_EXCP_PROGRAM, 2723 POWERPC_EXCP_INVAL | POWERPC_EXCP_INVAL_INVAL); 2724 } 2725 2726 env->nip = env->spr[SPR_EBBRR]; 2727 2728 /* Switching to 32-bit ? Crop the nip */ 2729 if (!msr_is_64bit(env, msr)) { 2730 env->nip = (uint32_t)env->spr[SPR_EBBRR]; 2731 } 2732 2733 if (s) { 2734 env->spr[SPR_BESCR] |= BESCR_GE; 2735 } else { 2736 env->spr[SPR_BESCR] &= ~BESCR_GE; 2737 } 2738 } 2739 2740 /* 2741 * Triggers or queues an 'ebb_excp' EBB exception. All checks 2742 * but FSCR, HFSCR and msr_pr must be done beforehand. 2743 * 2744 * PowerISA v3.1 isn't clear about whether an EBB should be 2745 * postponed or cancelled if the EBB facility is unavailable. 2746 * Our assumption here is that the EBB is cancelled if both 2747 * FSCR and HFSCR EBB facilities aren't available. 2748 */ 2749 static void do_ebb(CPUPPCState *env, int ebb_excp) 2750 { 2751 PowerPCCPU *cpu = env_archcpu(env); 2752 2753 /* 2754 * FSCR_EBB and FSCR_IC_EBB are the same bits used with 2755 * HFSCR. 2756 */ 2757 helper_fscr_facility_check(env, FSCR_EBB, 0, FSCR_IC_EBB); 2758 helper_hfscr_facility_check(env, FSCR_EBB, "EBB", FSCR_IC_EBB); 2759 2760 if (ebb_excp == POWERPC_EXCP_PERFM_EBB) { 2761 env->spr[SPR_BESCR] |= BESCR_PMEO; 2762 } else if (ebb_excp == POWERPC_EXCP_EXTERNAL_EBB) { 2763 env->spr[SPR_BESCR] |= BESCR_EEO; 2764 } 2765 2766 if (FIELD_EX64(env->msr, MSR, PR)) { 2767 powerpc_excp(cpu, ebb_excp); 2768 } else { 2769 ppc_set_irq(cpu, PPC_INTERRUPT_EBB, 1); 2770 } 2771 } 2772 2773 void raise_ebb_perfm_exception(CPUPPCState *env) 2774 { 2775 bool perfm_ebb_enabled = env->spr[SPR_POWER_MMCR0] & MMCR0_EBE && 2776 env->spr[SPR_BESCR] & BESCR_PME && 2777 env->spr[SPR_BESCR] & BESCR_GE; 2778 2779 if (!perfm_ebb_enabled) { 2780 return; 2781 } 2782 2783 do_ebb(env, POWERPC_EXCP_PERFM_EBB); 2784 } 2785 #endif 2786 2787 /*****************************************************************************/ 2788 /* Embedded PowerPC specific helpers */ 2789 void helper_40x_rfci(CPUPPCState *env) 2790 { 2791 do_rfi(env, env->spr[SPR_40x_SRR2], env->spr[SPR_40x_SRR3]); 2792 } 2793 2794 void helper_rfci(CPUPPCState *env) 2795 { 2796 do_rfi(env, env->spr[SPR_BOOKE_CSRR0], env->spr[SPR_BOOKE_CSRR1]); 2797 } 2798 2799 void helper_rfdi(CPUPPCState *env) 2800 { 2801 /* FIXME: choose CSRR1 or DSRR1 based on cpu type */ 2802 do_rfi(env, env->spr[SPR_BOOKE_DSRR0], env->spr[SPR_BOOKE_DSRR1]); 2803 } 2804 2805 void helper_rfmci(CPUPPCState *env) 2806 { 2807 /* FIXME: choose CSRR1 or MCSRR1 based on cpu type */ 2808 do_rfi(env, env->spr[SPR_BOOKE_MCSRR0], env->spr[SPR_BOOKE_MCSRR1]); 2809 } 2810 #endif /* CONFIG_TCG */ 2811 #endif /* !defined(CONFIG_USER_ONLY) */ 2812 2813 #ifdef CONFIG_TCG 2814 void helper_tw(CPUPPCState *env, target_ulong arg1, target_ulong arg2, 2815 uint32_t flags) 2816 { 2817 if (!likely(!(((int32_t)arg1 < (int32_t)arg2 && (flags & 0x10)) || 2818 ((int32_t)arg1 > (int32_t)arg2 && (flags & 0x08)) || 2819 ((int32_t)arg1 == (int32_t)arg2 && (flags & 0x04)) || 2820 ((uint32_t)arg1 < (uint32_t)arg2 && (flags & 0x02)) || 2821 ((uint32_t)arg1 > (uint32_t)arg2 && (flags & 0x01))))) { 2822 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2823 POWERPC_EXCP_TRAP, GETPC()); 2824 } 2825 } 2826 2827 #if defined(TARGET_PPC64) 2828 void helper_td(CPUPPCState *env, target_ulong arg1, target_ulong arg2, 2829 uint32_t flags) 2830 { 2831 if (!likely(!(((int64_t)arg1 < (int64_t)arg2 && (flags & 0x10)) || 2832 ((int64_t)arg1 > (int64_t)arg2 && (flags & 0x08)) || 2833 ((int64_t)arg1 == (int64_t)arg2 && (flags & 0x04)) || 2834 ((uint64_t)arg1 < (uint64_t)arg2 && (flags & 0x02)) || 2835 ((uint64_t)arg1 > (uint64_t)arg2 && (flags & 0x01))))) { 2836 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2837 POWERPC_EXCP_TRAP, GETPC()); 2838 } 2839 } 2840 #endif 2841 #endif 2842 2843 #ifdef CONFIG_TCG 2844 static uint32_t helper_SIMON_LIKE_32_64(uint32_t x, uint64_t key, uint32_t lane) 2845 { 2846 const uint16_t c = 0xfffc; 2847 const uint64_t z0 = 0xfa2561cdf44ac398ULL; 2848 uint16_t z = 0, temp; 2849 uint16_t k[32], eff_k[32], xleft[33], xright[33], fxleft[32]; 2850 2851 for (int i = 3; i >= 0; i--) { 2852 k[i] = key & 0xffff; 2853 key >>= 16; 2854 } 2855 xleft[0] = x & 0xffff; 2856 xright[0] = (x >> 16) & 0xffff; 2857 2858 for (int i = 0; i < 28; i++) { 2859 z = (z0 >> (63 - i)) & 1; 2860 temp = ror16(k[i + 3], 3) ^ k[i + 1]; 2861 k[i + 4] = c ^ z ^ k[i] ^ temp ^ ror16(temp, 1); 2862 } 2863 2864 for (int i = 0; i < 8; i++) { 2865 eff_k[4 * i + 0] = k[4 * i + ((0 + lane) % 4)]; 2866 eff_k[4 * i + 1] = k[4 * i + ((1 + lane) % 4)]; 2867 eff_k[4 * i + 2] = k[4 * i + ((2 + lane) % 4)]; 2868 eff_k[4 * i + 3] = k[4 * i + ((3 + lane) % 4)]; 2869 } 2870 2871 for (int i = 0; i < 32; i++) { 2872 fxleft[i] = (rol16(xleft[i], 1) & 2873 rol16(xleft[i], 8)) ^ rol16(xleft[i], 2); 2874 xleft[i + 1] = xright[i] ^ fxleft[i] ^ eff_k[i]; 2875 xright[i + 1] = xleft[i]; 2876 } 2877 2878 return (((uint32_t)xright[32]) << 16) | xleft[32]; 2879 } 2880 2881 static uint64_t hash_digest(uint64_t ra, uint64_t rb, uint64_t key) 2882 { 2883 uint64_t stage0_h = 0ULL, stage0_l = 0ULL; 2884 uint64_t stage1_h, stage1_l; 2885 2886 for (int i = 0; i < 4; i++) { 2887 stage0_h |= ror64(rb & 0xff, 8 * (2 * i + 1)); 2888 stage0_h |= ((ra >> 32) & 0xff) << (8 * 2 * i); 2889 stage0_l |= ror64((rb >> 32) & 0xff, 8 * (2 * i + 1)); 2890 stage0_l |= (ra & 0xff) << (8 * 2 * i); 2891 rb >>= 8; 2892 ra >>= 8; 2893 } 2894 2895 stage1_h = (uint64_t)helper_SIMON_LIKE_32_64(stage0_h >> 32, key, 0) << 32; 2896 stage1_h |= helper_SIMON_LIKE_32_64(stage0_h, key, 1); 2897 stage1_l = (uint64_t)helper_SIMON_LIKE_32_64(stage0_l >> 32, key, 2) << 32; 2898 stage1_l |= helper_SIMON_LIKE_32_64(stage0_l, key, 3); 2899 2900 return stage1_h ^ stage1_l; 2901 } 2902 2903 static void do_hash(CPUPPCState *env, target_ulong ea, target_ulong ra, 2904 target_ulong rb, uint64_t key, bool store) 2905 { 2906 uint64_t calculated_hash = hash_digest(ra, rb, key), loaded_hash; 2907 2908 if (store) { 2909 cpu_stq_data_ra(env, ea, calculated_hash, GETPC()); 2910 } else { 2911 loaded_hash = cpu_ldq_data_ra(env, ea, GETPC()); 2912 if (loaded_hash != calculated_hash) { 2913 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2914 POWERPC_EXCP_TRAP, GETPC()); 2915 } 2916 } 2917 } 2918 2919 #include "qemu/guest-random.h" 2920 2921 #ifdef TARGET_PPC64 2922 #define HELPER_HASH(op, key, store, dexcr_aspect) \ 2923 void helper_##op(CPUPPCState *env, target_ulong ea, target_ulong ra, \ 2924 target_ulong rb) \ 2925 { \ 2926 if (env->msr & R_MSR_PR_MASK) { \ 2927 if (!(env->spr[SPR_DEXCR] & R_DEXCR_PRO_##dexcr_aspect##_MASK || \ 2928 env->spr[SPR_HDEXCR] & R_HDEXCR_ENF_##dexcr_aspect##_MASK)) \ 2929 return; \ 2930 } else if (!(env->msr & R_MSR_HV_MASK)) { \ 2931 if (!(env->spr[SPR_DEXCR] & R_DEXCR_PNH_##dexcr_aspect##_MASK || \ 2932 env->spr[SPR_HDEXCR] & R_HDEXCR_ENF_##dexcr_aspect##_MASK)) \ 2933 return; \ 2934 } else if (!(env->msr & R_MSR_S_MASK)) { \ 2935 if (!(env->spr[SPR_HDEXCR] & R_HDEXCR_HNU_##dexcr_aspect##_MASK)) \ 2936 return; \ 2937 } \ 2938 \ 2939 do_hash(env, ea, ra, rb, key, store); \ 2940 } 2941 #else 2942 #define HELPER_HASH(op, key, store, dexcr_aspect) \ 2943 void helper_##op(CPUPPCState *env, target_ulong ea, target_ulong ra, \ 2944 target_ulong rb) \ 2945 { \ 2946 do_hash(env, ea, ra, rb, key, store); \ 2947 } 2948 #endif /* TARGET_PPC64 */ 2949 2950 HELPER_HASH(HASHST, env->spr[SPR_HASHKEYR], true, NPHIE) 2951 HELPER_HASH(HASHCHK, env->spr[SPR_HASHKEYR], false, NPHIE) 2952 HELPER_HASH(HASHSTP, env->spr[SPR_HASHPKEYR], true, PHIE) 2953 HELPER_HASH(HASHCHKP, env->spr[SPR_HASHPKEYR], false, PHIE) 2954 #endif /* CONFIG_TCG */ 2955 2956 #if !defined(CONFIG_USER_ONLY) 2957 2958 #ifdef CONFIG_TCG 2959 2960 /* Embedded.Processor Control */ 2961 static int dbell2irq(target_ulong rb) 2962 { 2963 int msg = rb & DBELL_TYPE_MASK; 2964 int irq = -1; 2965 2966 switch (msg) { 2967 case DBELL_TYPE_DBELL: 2968 irq = PPC_INTERRUPT_DOORBELL; 2969 break; 2970 case DBELL_TYPE_DBELL_CRIT: 2971 irq = PPC_INTERRUPT_CDOORBELL; 2972 break; 2973 case DBELL_TYPE_G_DBELL: 2974 case DBELL_TYPE_G_DBELL_CRIT: 2975 case DBELL_TYPE_G_DBELL_MC: 2976 /* XXX implement */ 2977 default: 2978 break; 2979 } 2980 2981 return irq; 2982 } 2983 2984 void helper_msgclr(CPUPPCState *env, target_ulong rb) 2985 { 2986 int irq = dbell2irq(rb); 2987 2988 if (irq < 0) { 2989 return; 2990 } 2991 2992 ppc_set_irq(env_archcpu(env), irq, 0); 2993 } 2994 2995 void helper_msgsnd(target_ulong rb) 2996 { 2997 int irq = dbell2irq(rb); 2998 int pir = rb & DBELL_PIRTAG_MASK; 2999 CPUState *cs; 3000 3001 if (irq < 0) { 3002 return; 3003 } 3004 3005 qemu_mutex_lock_iothread(); 3006 CPU_FOREACH(cs) { 3007 PowerPCCPU *cpu = POWERPC_CPU(cs); 3008 CPUPPCState *cenv = &cpu->env; 3009 3010 if ((rb & DBELL_BRDCAST) || (cenv->spr[SPR_BOOKE_PIR] == pir)) { 3011 ppc_set_irq(cpu, irq, 1); 3012 } 3013 } 3014 qemu_mutex_unlock_iothread(); 3015 } 3016 3017 /* Server Processor Control */ 3018 3019 static bool dbell_type_server(target_ulong rb) 3020 { 3021 /* 3022 * A Directed Hypervisor Doorbell message is sent only if the 3023 * message type is 5. All other types are reserved and the 3024 * instruction is a no-op 3025 */ 3026 return (rb & DBELL_TYPE_MASK) == DBELL_TYPE_DBELL_SERVER; 3027 } 3028 3029 void helper_book3s_msgclr(CPUPPCState *env, target_ulong rb) 3030 { 3031 if (!dbell_type_server(rb)) { 3032 return; 3033 } 3034 3035 ppc_set_irq(env_archcpu(env), PPC_INTERRUPT_HDOORBELL, 0); 3036 } 3037 3038 static void book3s_msgsnd_common(int pir, int irq) 3039 { 3040 CPUState *cs; 3041 3042 qemu_mutex_lock_iothread(); 3043 CPU_FOREACH(cs) { 3044 PowerPCCPU *cpu = POWERPC_CPU(cs); 3045 CPUPPCState *cenv = &cpu->env; 3046 3047 /* TODO: broadcast message to all threads of the same processor */ 3048 if (cenv->spr_cb[SPR_PIR].default_value == pir) { 3049 ppc_set_irq(cpu, irq, 1); 3050 } 3051 } 3052 qemu_mutex_unlock_iothread(); 3053 } 3054 3055 void helper_book3s_msgsnd(target_ulong rb) 3056 { 3057 int pir = rb & DBELL_PROCIDTAG_MASK; 3058 3059 if (!dbell_type_server(rb)) { 3060 return; 3061 } 3062 3063 book3s_msgsnd_common(pir, PPC_INTERRUPT_HDOORBELL); 3064 } 3065 3066 #if defined(TARGET_PPC64) 3067 void helper_book3s_msgclrp(CPUPPCState *env, target_ulong rb) 3068 { 3069 helper_hfscr_facility_check(env, HFSCR_MSGP, "msgclrp", HFSCR_IC_MSGP); 3070 3071 if (!dbell_type_server(rb)) { 3072 return; 3073 } 3074 3075 ppc_set_irq(env_archcpu(env), PPC_INTERRUPT_DOORBELL, 0); 3076 } 3077 3078 /* 3079 * sends a message to other threads that are on the same 3080 * multi-threaded processor 3081 */ 3082 void helper_book3s_msgsndp(CPUPPCState *env, target_ulong rb) 3083 { 3084 int pir = env->spr_cb[SPR_PIR].default_value; 3085 3086 helper_hfscr_facility_check(env, HFSCR_MSGP, "msgsndp", HFSCR_IC_MSGP); 3087 3088 if (!dbell_type_server(rb)) { 3089 return; 3090 } 3091 3092 /* TODO: TCG supports only one thread */ 3093 3094 book3s_msgsnd_common(pir, PPC_INTERRUPT_DOORBELL); 3095 } 3096 #endif /* TARGET_PPC64 */ 3097 3098 void ppc_cpu_do_unaligned_access(CPUState *cs, vaddr vaddr, 3099 MMUAccessType access_type, 3100 int mmu_idx, uintptr_t retaddr) 3101 { 3102 CPUPPCState *env = cs->env_ptr; 3103 uint32_t insn; 3104 3105 /* Restore state and reload the insn we executed, for filling in DSISR. */ 3106 cpu_restore_state(cs, retaddr); 3107 insn = cpu_ldl_code(env, env->nip); 3108 3109 switch (env->mmu_model) { 3110 case POWERPC_MMU_SOFT_4xx: 3111 env->spr[SPR_40x_DEAR] = vaddr; 3112 break; 3113 case POWERPC_MMU_BOOKE: 3114 case POWERPC_MMU_BOOKE206: 3115 env->spr[SPR_BOOKE_DEAR] = vaddr; 3116 break; 3117 default: 3118 env->spr[SPR_DAR] = vaddr; 3119 break; 3120 } 3121 3122 cs->exception_index = POWERPC_EXCP_ALIGN; 3123 env->error_code = insn & 0x03FF0000; 3124 cpu_loop_exit(cs); 3125 } 3126 #endif /* CONFIG_TCG */ 3127 #endif /* !CONFIG_USER_ONLY */ 3128