1 /* 2 * PowerPC exception emulation helpers for QEMU. 3 * 4 * Copyright (c) 2003-2007 Jocelyn Mayer 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2.1 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 18 */ 19 #include "qemu/osdep.h" 20 #include "qemu/main-loop.h" 21 #include "qemu/log.h" 22 #include "cpu.h" 23 #include "exec/exec-all.h" 24 #include "internal.h" 25 #include "helper_regs.h" 26 #include "hw/ppc/ppc.h" 27 28 #include "trace.h" 29 30 #ifdef CONFIG_TCG 31 #include "sysemu/tcg.h" 32 #include "exec/helper-proto.h" 33 #include "exec/cpu_ldst.h" 34 #endif 35 36 /*****************************************************************************/ 37 /* Exception processing */ 38 #if !defined(CONFIG_USER_ONLY) 39 40 static const char *powerpc_excp_name(int excp) 41 { 42 switch (excp) { 43 case POWERPC_EXCP_CRITICAL: return "CRITICAL"; 44 case POWERPC_EXCP_MCHECK: return "MCHECK"; 45 case POWERPC_EXCP_DSI: return "DSI"; 46 case POWERPC_EXCP_ISI: return "ISI"; 47 case POWERPC_EXCP_EXTERNAL: return "EXTERNAL"; 48 case POWERPC_EXCP_ALIGN: return "ALIGN"; 49 case POWERPC_EXCP_PROGRAM: return "PROGRAM"; 50 case POWERPC_EXCP_FPU: return "FPU"; 51 case POWERPC_EXCP_SYSCALL: return "SYSCALL"; 52 case POWERPC_EXCP_APU: return "APU"; 53 case POWERPC_EXCP_DECR: return "DECR"; 54 case POWERPC_EXCP_FIT: return "FIT"; 55 case POWERPC_EXCP_WDT: return "WDT"; 56 case POWERPC_EXCP_DTLB: return "DTLB"; 57 case POWERPC_EXCP_ITLB: return "ITLB"; 58 case POWERPC_EXCP_DEBUG: return "DEBUG"; 59 case POWERPC_EXCP_SPEU: return "SPEU"; 60 case POWERPC_EXCP_EFPDI: return "EFPDI"; 61 case POWERPC_EXCP_EFPRI: return "EFPRI"; 62 case POWERPC_EXCP_EPERFM: return "EPERFM"; 63 case POWERPC_EXCP_DOORI: return "DOORI"; 64 case POWERPC_EXCP_DOORCI: return "DOORCI"; 65 case POWERPC_EXCP_GDOORI: return "GDOORI"; 66 case POWERPC_EXCP_GDOORCI: return "GDOORCI"; 67 case POWERPC_EXCP_HYPPRIV: return "HYPPRIV"; 68 case POWERPC_EXCP_RESET: return "RESET"; 69 case POWERPC_EXCP_DSEG: return "DSEG"; 70 case POWERPC_EXCP_ISEG: return "ISEG"; 71 case POWERPC_EXCP_HDECR: return "HDECR"; 72 case POWERPC_EXCP_TRACE: return "TRACE"; 73 case POWERPC_EXCP_HDSI: return "HDSI"; 74 case POWERPC_EXCP_HISI: return "HISI"; 75 case POWERPC_EXCP_HDSEG: return "HDSEG"; 76 case POWERPC_EXCP_HISEG: return "HISEG"; 77 case POWERPC_EXCP_VPU: return "VPU"; 78 case POWERPC_EXCP_PIT: return "PIT"; 79 case POWERPC_EXCP_EMUL: return "EMUL"; 80 case POWERPC_EXCP_IFTLB: return "IFTLB"; 81 case POWERPC_EXCP_DLTLB: return "DLTLB"; 82 case POWERPC_EXCP_DSTLB: return "DSTLB"; 83 case POWERPC_EXCP_FPA: return "FPA"; 84 case POWERPC_EXCP_DABR: return "DABR"; 85 case POWERPC_EXCP_IABR: return "IABR"; 86 case POWERPC_EXCP_SMI: return "SMI"; 87 case POWERPC_EXCP_PERFM: return "PERFM"; 88 case POWERPC_EXCP_THERM: return "THERM"; 89 case POWERPC_EXCP_VPUA: return "VPUA"; 90 case POWERPC_EXCP_SOFTP: return "SOFTP"; 91 case POWERPC_EXCP_MAINT: return "MAINT"; 92 case POWERPC_EXCP_MEXTBR: return "MEXTBR"; 93 case POWERPC_EXCP_NMEXTBR: return "NMEXTBR"; 94 case POWERPC_EXCP_ITLBE: return "ITLBE"; 95 case POWERPC_EXCP_DTLBE: return "DTLBE"; 96 case POWERPC_EXCP_VSXU: return "VSXU"; 97 case POWERPC_EXCP_FU: return "FU"; 98 case POWERPC_EXCP_HV_EMU: return "HV_EMU"; 99 case POWERPC_EXCP_HV_MAINT: return "HV_MAINT"; 100 case POWERPC_EXCP_HV_FU: return "HV_FU"; 101 case POWERPC_EXCP_SDOOR: return "SDOOR"; 102 case POWERPC_EXCP_SDOOR_HV: return "SDOOR_HV"; 103 case POWERPC_EXCP_HVIRT: return "HVIRT"; 104 case POWERPC_EXCP_SYSCALL_VECTORED: return "SYSCALL_VECTORED"; 105 default: 106 g_assert_not_reached(); 107 } 108 } 109 110 static void dump_syscall(CPUPPCState *env) 111 { 112 qemu_log_mask(CPU_LOG_INT, "syscall r0=%016" PRIx64 113 " r3=%016" PRIx64 " r4=%016" PRIx64 " r5=%016" PRIx64 114 " r6=%016" PRIx64 " r7=%016" PRIx64 " r8=%016" PRIx64 115 " nip=" TARGET_FMT_lx "\n", 116 ppc_dump_gpr(env, 0), ppc_dump_gpr(env, 3), 117 ppc_dump_gpr(env, 4), ppc_dump_gpr(env, 5), 118 ppc_dump_gpr(env, 6), ppc_dump_gpr(env, 7), 119 ppc_dump_gpr(env, 8), env->nip); 120 } 121 122 static void dump_hcall(CPUPPCState *env) 123 { 124 qemu_log_mask(CPU_LOG_INT, "hypercall r3=%016" PRIx64 125 " r4=%016" PRIx64 " r5=%016" PRIx64 " r6=%016" PRIx64 126 " r7=%016" PRIx64 " r8=%016" PRIx64 " r9=%016" PRIx64 127 " r10=%016" PRIx64 " r11=%016" PRIx64 " r12=%016" PRIx64 128 " nip=" TARGET_FMT_lx "\n", 129 ppc_dump_gpr(env, 3), ppc_dump_gpr(env, 4), 130 ppc_dump_gpr(env, 5), ppc_dump_gpr(env, 6), 131 ppc_dump_gpr(env, 7), ppc_dump_gpr(env, 8), 132 ppc_dump_gpr(env, 9), ppc_dump_gpr(env, 10), 133 ppc_dump_gpr(env, 11), ppc_dump_gpr(env, 12), 134 env->nip); 135 } 136 137 #ifdef CONFIG_TCG 138 /* Return true iff byteswap is needed to load instruction */ 139 static inline bool insn_need_byteswap(CPUArchState *env) 140 { 141 /* SYSTEM builds TARGET_BIG_ENDIAN. Need to swap when MSR[LE] is set */ 142 return !!(env->msr & ((target_ulong)1 << MSR_LE)); 143 } 144 145 static uint32_t ppc_ldl_code(CPUArchState *env, abi_ptr addr) 146 { 147 uint32_t insn = cpu_ldl_code(env, addr); 148 149 if (insn_need_byteswap(env)) { 150 insn = bswap32(insn); 151 } 152 153 return insn; 154 } 155 #endif 156 157 static void ppc_excp_debug_sw_tlb(CPUPPCState *env, int excp) 158 { 159 const char *es; 160 target_ulong *miss, *cmp; 161 int en; 162 163 if (!qemu_loglevel_mask(CPU_LOG_MMU)) { 164 return; 165 } 166 167 if (excp == POWERPC_EXCP_IFTLB) { 168 es = "I"; 169 en = 'I'; 170 miss = &env->spr[SPR_IMISS]; 171 cmp = &env->spr[SPR_ICMP]; 172 } else { 173 if (excp == POWERPC_EXCP_DLTLB) { 174 es = "DL"; 175 } else { 176 es = "DS"; 177 } 178 en = 'D'; 179 miss = &env->spr[SPR_DMISS]; 180 cmp = &env->spr[SPR_DCMP]; 181 } 182 qemu_log("6xx %sTLB miss: %cM " TARGET_FMT_lx " %cC " 183 TARGET_FMT_lx " H1 " TARGET_FMT_lx " H2 " 184 TARGET_FMT_lx " %08x\n", es, en, *miss, en, *cmp, 185 env->spr[SPR_HASH1], env->spr[SPR_HASH2], 186 env->error_code); 187 } 188 189 #if defined(TARGET_PPC64) 190 static int powerpc_reset_wakeup(CPUPPCState *env, int excp, target_ulong *msr) 191 { 192 /* We no longer are in a PM state */ 193 env->resume_as_sreset = false; 194 195 /* Pretend to be returning from doze always as we don't lose state */ 196 *msr |= SRR1_WS_NOLOSS; 197 198 /* Machine checks are sent normally */ 199 if (excp == POWERPC_EXCP_MCHECK) { 200 return excp; 201 } 202 switch (excp) { 203 case POWERPC_EXCP_RESET: 204 *msr |= SRR1_WAKERESET; 205 break; 206 case POWERPC_EXCP_EXTERNAL: 207 *msr |= SRR1_WAKEEE; 208 break; 209 case POWERPC_EXCP_DECR: 210 *msr |= SRR1_WAKEDEC; 211 break; 212 case POWERPC_EXCP_SDOOR: 213 *msr |= SRR1_WAKEDBELL; 214 break; 215 case POWERPC_EXCP_SDOOR_HV: 216 *msr |= SRR1_WAKEHDBELL; 217 break; 218 case POWERPC_EXCP_HV_MAINT: 219 *msr |= SRR1_WAKEHMI; 220 break; 221 case POWERPC_EXCP_HVIRT: 222 *msr |= SRR1_WAKEHVI; 223 break; 224 default: 225 cpu_abort(env_cpu(env), 226 "Unsupported exception %d in Power Save mode\n", excp); 227 } 228 return POWERPC_EXCP_RESET; 229 } 230 231 /* 232 * AIL - Alternate Interrupt Location, a mode that allows interrupts to be 233 * taken with the MMU on, and which uses an alternate location (e.g., so the 234 * kernel/hv can map the vectors there with an effective address). 235 * 236 * An interrupt is considered to be taken "with AIL" or "AIL applies" if they 237 * are delivered in this way. AIL requires the LPCR to be set to enable this 238 * mode, and then a number of conditions have to be true for AIL to apply. 239 * 240 * First of all, SRESET, MCE, and HMI are always delivered without AIL, because 241 * they specifically want to be in real mode (e.g., the MCE might be signaling 242 * a SLB multi-hit which requires SLB flush before the MMU can be enabled). 243 * 244 * After that, behaviour depends on the current MSR[IR], MSR[DR], MSR[HV], 245 * whether or not the interrupt changes MSR[HV] from 0 to 1, and the current 246 * radix mode (LPCR[HR]). 247 * 248 * POWER8, POWER9 with LPCR[HR]=0 249 * | LPCR[AIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 250 * +-----------+-------------+---------+-------------+-----+ 251 * | a | 00/01/10 | x | x | 0 | 252 * | a | 11 | 0 | 1 | 0 | 253 * | a | 11 | 1 | 1 | a | 254 * | a | 11 | 0 | 0 | a | 255 * +-------------------------------------------------------+ 256 * 257 * POWER9 with LPCR[HR]=1 258 * | LPCR[AIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 259 * +-----------+-------------+---------+-------------+-----+ 260 * | a | 00/01/10 | x | x | 0 | 261 * | a | 11 | x | x | a | 262 * +-------------------------------------------------------+ 263 * 264 * The difference with POWER9 being that MSR[HV] 0->1 interrupts can be sent to 265 * the hypervisor in AIL mode if the guest is radix. This is good for 266 * performance but allows the guest to influence the AIL of hypervisor 267 * interrupts using its MSR, and also the hypervisor must disallow guest 268 * interrupts (MSR[HV] 0->0) from using AIL if the hypervisor does not want to 269 * use AIL for its MSR[HV] 0->1 interrupts. 270 * 271 * POWER10 addresses those issues with a new LPCR[HAIL] bit that is applied to 272 * interrupts that begin execution with MSR[HV]=1 (so both MSR[HV] 0->1 and 273 * MSR[HV] 1->1). 274 * 275 * HAIL=1 is equivalent to AIL=3, for interrupts delivered with MSR[HV]=1. 276 * 277 * POWER10 behaviour is 278 * | LPCR[AIL] | LPCR[HAIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 279 * +-----------+------------+-------------+---------+-------------+-----+ 280 * | a | h | 00/01/10 | 0 | 0 | 0 | 281 * | a | h | 11 | 0 | 0 | a | 282 * | a | h | x | 0 | 1 | h | 283 * | a | h | 00/01/10 | 1 | 1 | 0 | 284 * | a | h | 11 | 1 | 1 | h | 285 * +--------------------------------------------------------------------+ 286 */ 287 static void ppc_excp_apply_ail(PowerPCCPU *cpu, int excp, target_ulong msr, 288 target_ulong *new_msr, target_ulong *vector) 289 { 290 PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cpu); 291 CPUPPCState *env = &cpu->env; 292 bool mmu_all_on = ((msr >> MSR_IR) & 1) && ((msr >> MSR_DR) & 1); 293 bool hv_escalation = !(msr & MSR_HVB) && (*new_msr & MSR_HVB); 294 int ail = 0; 295 296 if (excp == POWERPC_EXCP_MCHECK || 297 excp == POWERPC_EXCP_RESET || 298 excp == POWERPC_EXCP_HV_MAINT) { 299 /* SRESET, MCE, HMI never apply AIL */ 300 return; 301 } 302 303 if (!(pcc->lpcr_mask & LPCR_AIL)) { 304 /* This CPU does not have AIL */ 305 return; 306 } 307 308 /* P8 & P9 */ 309 if (!(pcc->lpcr_mask & LPCR_HAIL)) { 310 if (!mmu_all_on) { 311 /* AIL only works if MSR[IR] and MSR[DR] are both enabled. */ 312 return; 313 } 314 if (hv_escalation && !(env->spr[SPR_LPCR] & LPCR_HR)) { 315 /* 316 * AIL does not work if there is a MSR[HV] 0->1 transition and the 317 * partition is in HPT mode. For radix guests, such interrupts are 318 * allowed to be delivered to the hypervisor in ail mode. 319 */ 320 return; 321 } 322 323 ail = (env->spr[SPR_LPCR] & LPCR_AIL) >> LPCR_AIL_SHIFT; 324 if (ail == 0) { 325 return; 326 } 327 if (ail == 1) { 328 /* AIL=1 is reserved, treat it like AIL=0 */ 329 return; 330 } 331 332 /* P10 and up */ 333 } else { 334 if (!mmu_all_on && !hv_escalation) { 335 /* 336 * AIL works for HV interrupts even with guest MSR[IR/DR] disabled. 337 * Guest->guest and HV->HV interrupts do require MMU on. 338 */ 339 return; 340 } 341 342 if (*new_msr & MSR_HVB) { 343 if (!(env->spr[SPR_LPCR] & LPCR_HAIL)) { 344 /* HV interrupts depend on LPCR[HAIL] */ 345 return; 346 } 347 ail = 3; /* HAIL=1 gives AIL=3 behaviour for HV interrupts */ 348 } else { 349 ail = (env->spr[SPR_LPCR] & LPCR_AIL) >> LPCR_AIL_SHIFT; 350 } 351 if (ail == 0) { 352 return; 353 } 354 if (ail == 1 || ail == 2) { 355 /* AIL=1 and AIL=2 are reserved, treat them like AIL=0 */ 356 return; 357 } 358 } 359 360 /* 361 * AIL applies, so the new MSR gets IR and DR set, and an offset applied 362 * to the new IP. 363 */ 364 *new_msr |= (1 << MSR_IR) | (1 << MSR_DR); 365 366 if (excp != POWERPC_EXCP_SYSCALL_VECTORED) { 367 if (ail == 2) { 368 *vector |= 0x0000000000018000ull; 369 } else if (ail == 3) { 370 *vector |= 0xc000000000004000ull; 371 } 372 } else { 373 /* 374 * scv AIL is a little different. AIL=2 does not change the address, 375 * only the MSR. AIL=3 replaces the 0x17000 base with 0xc...3000. 376 */ 377 if (ail == 3) { 378 *vector &= ~0x0000000000017000ull; /* Un-apply the base offset */ 379 *vector |= 0xc000000000003000ull; /* Apply scv's AIL=3 offset */ 380 } 381 } 382 } 383 #endif 384 385 static void powerpc_reset_excp_state(PowerPCCPU *cpu) 386 { 387 CPUState *cs = CPU(cpu); 388 CPUPPCState *env = &cpu->env; 389 390 /* Reset exception state */ 391 cs->exception_index = POWERPC_EXCP_NONE; 392 env->error_code = 0; 393 } 394 395 static void powerpc_set_excp_state(PowerPCCPU *cpu, target_ulong vector, 396 target_ulong msr) 397 { 398 CPUPPCState *env = &cpu->env; 399 400 assert((msr & env->msr_mask) == msr); 401 402 /* 403 * We don't use hreg_store_msr here as already have treated any 404 * special case that could occur. Just store MSR and update hflags 405 * 406 * Note: We *MUST* not use hreg_store_msr() as-is anyway because it 407 * will prevent setting of the HV bit which some exceptions might need 408 * to do. 409 */ 410 env->nip = vector; 411 env->msr = msr; 412 hreg_compute_hflags(env); 413 ppc_maybe_interrupt(env); 414 415 powerpc_reset_excp_state(cpu); 416 417 /* 418 * Any interrupt is context synchronizing, check if TCG TLB needs 419 * a delayed flush on ppc64 420 */ 421 check_tlb_flush(env, false); 422 423 /* Reset the reservation */ 424 env->reserve_addr = -1; 425 } 426 427 static void powerpc_mcheck_checkstop(CPUPPCState *env) 428 { 429 CPUState *cs = env_cpu(env); 430 431 if (FIELD_EX64(env->msr, MSR, ME)) { 432 return; 433 } 434 435 /* Machine check exception is not enabled. Enter checkstop state. */ 436 fprintf(stderr, "Machine check while not allowed. " 437 "Entering checkstop state\n"); 438 if (qemu_log_separate()) { 439 qemu_log("Machine check while not allowed. " 440 "Entering checkstop state\n"); 441 } 442 cs->halted = 1; 443 cpu_interrupt_exittb(cs); 444 } 445 446 static void powerpc_excp_40x(PowerPCCPU *cpu, int excp) 447 { 448 CPUState *cs = CPU(cpu); 449 CPUPPCState *env = &cpu->env; 450 target_ulong msr, new_msr, vector; 451 int srr0, srr1; 452 453 /* new srr1 value excluding must-be-zero bits */ 454 msr = env->msr & ~0x783f0000ULL; 455 456 /* 457 * new interrupt handler msr preserves existing ME unless 458 * explicitly overriden. 459 */ 460 new_msr = env->msr & (((target_ulong)1 << MSR_ME)); 461 462 /* target registers */ 463 srr0 = SPR_SRR0; 464 srr1 = SPR_SRR1; 465 466 /* 467 * Hypervisor emulation assistance interrupt only exists on server 468 * arch 2.05 server or later. 469 */ 470 if (excp == POWERPC_EXCP_HV_EMU) { 471 excp = POWERPC_EXCP_PROGRAM; 472 } 473 474 vector = env->excp_vectors[excp]; 475 if (vector == (target_ulong)-1ULL) { 476 cpu_abort(cs, "Raised an exception without defined vector %d\n", 477 excp); 478 } 479 480 vector |= env->excp_prefix; 481 482 switch (excp) { 483 case POWERPC_EXCP_CRITICAL: /* Critical input */ 484 srr0 = SPR_40x_SRR2; 485 srr1 = SPR_40x_SRR3; 486 break; 487 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 488 powerpc_mcheck_checkstop(env); 489 /* machine check exceptions don't have ME set */ 490 new_msr &= ~((target_ulong)1 << MSR_ME); 491 492 srr0 = SPR_40x_SRR2; 493 srr1 = SPR_40x_SRR3; 494 break; 495 case POWERPC_EXCP_DSI: /* Data storage exception */ 496 trace_ppc_excp_dsi(env->spr[SPR_40x_ESR], env->spr[SPR_40x_DEAR]); 497 break; 498 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 499 trace_ppc_excp_isi(msr, env->nip); 500 break; 501 case POWERPC_EXCP_EXTERNAL: /* External input */ 502 break; 503 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 504 break; 505 case POWERPC_EXCP_PROGRAM: /* Program exception */ 506 switch (env->error_code & ~0xF) { 507 case POWERPC_EXCP_FP: 508 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 509 trace_ppc_excp_fp_ignore(); 510 powerpc_reset_excp_state(cpu); 511 return; 512 } 513 env->spr[SPR_40x_ESR] = ESR_FP; 514 break; 515 case POWERPC_EXCP_INVAL: 516 trace_ppc_excp_inval(env->nip); 517 env->spr[SPR_40x_ESR] = ESR_PIL; 518 break; 519 case POWERPC_EXCP_PRIV: 520 env->spr[SPR_40x_ESR] = ESR_PPR; 521 break; 522 case POWERPC_EXCP_TRAP: 523 env->spr[SPR_40x_ESR] = ESR_PTR; 524 break; 525 default: 526 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 527 env->error_code); 528 break; 529 } 530 break; 531 case POWERPC_EXCP_SYSCALL: /* System call exception */ 532 dump_syscall(env); 533 534 /* 535 * We need to correct the NIP which in this case is supposed 536 * to point to the next instruction 537 */ 538 env->nip += 4; 539 break; 540 case POWERPC_EXCP_FIT: /* Fixed-interval timer interrupt */ 541 trace_ppc_excp_print("FIT"); 542 break; 543 case POWERPC_EXCP_WDT: /* Watchdog timer interrupt */ 544 trace_ppc_excp_print("WDT"); 545 break; 546 case POWERPC_EXCP_DTLB: /* Data TLB error */ 547 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 548 break; 549 case POWERPC_EXCP_PIT: /* Programmable interval timer interrupt */ 550 trace_ppc_excp_print("PIT"); 551 break; 552 case POWERPC_EXCP_DEBUG: /* Debug interrupt */ 553 cpu_abort(cs, "%s exception not implemented\n", 554 powerpc_excp_name(excp)); 555 break; 556 default: 557 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 558 break; 559 } 560 561 /* Save PC */ 562 env->spr[srr0] = env->nip; 563 564 /* Save MSR */ 565 env->spr[srr1] = msr; 566 567 powerpc_set_excp_state(cpu, vector, new_msr); 568 } 569 570 static void powerpc_excp_6xx(PowerPCCPU *cpu, int excp) 571 { 572 CPUState *cs = CPU(cpu); 573 CPUPPCState *env = &cpu->env; 574 target_ulong msr, new_msr, vector; 575 576 /* new srr1 value excluding must-be-zero bits */ 577 msr = env->msr & ~0x783f0000ULL; 578 579 /* 580 * new interrupt handler msr preserves existing ME unless 581 * explicitly overriden 582 */ 583 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 584 585 /* 586 * Hypervisor emulation assistance interrupt only exists on server 587 * arch 2.05 server or later. 588 */ 589 if (excp == POWERPC_EXCP_HV_EMU) { 590 excp = POWERPC_EXCP_PROGRAM; 591 } 592 593 vector = env->excp_vectors[excp]; 594 if (vector == (target_ulong)-1ULL) { 595 cpu_abort(cs, "Raised an exception without defined vector %d\n", 596 excp); 597 } 598 599 vector |= env->excp_prefix; 600 601 switch (excp) { 602 case POWERPC_EXCP_CRITICAL: /* Critical input */ 603 break; 604 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 605 powerpc_mcheck_checkstop(env); 606 /* machine check exceptions don't have ME set */ 607 new_msr &= ~((target_ulong)1 << MSR_ME); 608 609 break; 610 case POWERPC_EXCP_DSI: /* Data storage exception */ 611 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 612 break; 613 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 614 trace_ppc_excp_isi(msr, env->nip); 615 msr |= env->error_code; 616 break; 617 case POWERPC_EXCP_EXTERNAL: /* External input */ 618 break; 619 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 620 /* Get rS/rD and rA from faulting opcode */ 621 /* 622 * Note: the opcode fields will not be set properly for a 623 * direct store load/store, but nobody cares as nobody 624 * actually uses direct store segments. 625 */ 626 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 627 break; 628 case POWERPC_EXCP_PROGRAM: /* Program exception */ 629 switch (env->error_code & ~0xF) { 630 case POWERPC_EXCP_FP: 631 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 632 trace_ppc_excp_fp_ignore(); 633 powerpc_reset_excp_state(cpu); 634 return; 635 } 636 637 /* 638 * FP exceptions always have NIP pointing to the faulting 639 * instruction, so always use store_next and claim we are 640 * precise in the MSR. 641 */ 642 msr |= 0x00100000; 643 break; 644 case POWERPC_EXCP_INVAL: 645 trace_ppc_excp_inval(env->nip); 646 msr |= 0x00080000; 647 break; 648 case POWERPC_EXCP_PRIV: 649 msr |= 0x00040000; 650 break; 651 case POWERPC_EXCP_TRAP: 652 msr |= 0x00020000; 653 break; 654 default: 655 /* Should never occur */ 656 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 657 env->error_code); 658 break; 659 } 660 break; 661 case POWERPC_EXCP_SYSCALL: /* System call exception */ 662 dump_syscall(env); 663 664 /* 665 * We need to correct the NIP which in this case is supposed 666 * to point to the next instruction 667 */ 668 env->nip += 4; 669 break; 670 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 671 case POWERPC_EXCP_DECR: /* Decrementer exception */ 672 break; 673 case POWERPC_EXCP_DTLB: /* Data TLB error */ 674 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 675 break; 676 case POWERPC_EXCP_RESET: /* System reset exception */ 677 if (FIELD_EX64(env->msr, MSR, POW)) { 678 cpu_abort(cs, "Trying to deliver power-saving system reset " 679 "exception %d with no HV support\n", excp); 680 } 681 break; 682 case POWERPC_EXCP_TRACE: /* Trace exception */ 683 break; 684 case POWERPC_EXCP_IFTLB: /* Instruction fetch TLB error */ 685 case POWERPC_EXCP_DLTLB: /* Data load TLB miss */ 686 case POWERPC_EXCP_DSTLB: /* Data store TLB miss */ 687 /* Swap temporary saved registers with GPRs */ 688 if (!(new_msr & ((target_ulong)1 << MSR_TGPR))) { 689 new_msr |= (target_ulong)1 << MSR_TGPR; 690 hreg_swap_gpr_tgpr(env); 691 } 692 693 ppc_excp_debug_sw_tlb(env, excp); 694 695 msr |= env->crf[0] << 28; 696 msr |= env->error_code; /* key, D/I, S/L bits */ 697 /* Set way using a LRU mechanism */ 698 msr |= ((env->last_way + 1) & (env->nb_ways - 1)) << 17; 699 break; 700 case POWERPC_EXCP_FPA: /* Floating-point assist exception */ 701 case POWERPC_EXCP_DABR: /* Data address breakpoint */ 702 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 703 case POWERPC_EXCP_SMI: /* System management interrupt */ 704 case POWERPC_EXCP_MEXTBR: /* Maskable external breakpoint */ 705 case POWERPC_EXCP_NMEXTBR: /* Non maskable external breakpoint */ 706 cpu_abort(cs, "%s exception not implemented\n", 707 powerpc_excp_name(excp)); 708 break; 709 default: 710 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 711 break; 712 } 713 714 /* 715 * Sort out endianness of interrupt, this differs depending on the 716 * CPU, the HV mode, etc... 717 */ 718 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 719 new_msr |= (target_ulong)1 << MSR_LE; 720 } 721 722 /* Save PC */ 723 env->spr[SPR_SRR0] = env->nip; 724 725 /* Save MSR */ 726 env->spr[SPR_SRR1] = msr; 727 728 powerpc_set_excp_state(cpu, vector, new_msr); 729 } 730 731 static void powerpc_excp_7xx(PowerPCCPU *cpu, int excp) 732 { 733 CPUState *cs = CPU(cpu); 734 CPUPPCState *env = &cpu->env; 735 target_ulong msr, new_msr, vector; 736 737 /* new srr1 value excluding must-be-zero bits */ 738 msr = env->msr & ~0x783f0000ULL; 739 740 /* 741 * new interrupt handler msr preserves existing ME unless 742 * explicitly overriden 743 */ 744 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 745 746 /* 747 * Hypervisor emulation assistance interrupt only exists on server 748 * arch 2.05 server or later. 749 */ 750 if (excp == POWERPC_EXCP_HV_EMU) { 751 excp = POWERPC_EXCP_PROGRAM; 752 } 753 754 vector = env->excp_vectors[excp]; 755 if (vector == (target_ulong)-1ULL) { 756 cpu_abort(cs, "Raised an exception without defined vector %d\n", 757 excp); 758 } 759 760 vector |= env->excp_prefix; 761 762 switch (excp) { 763 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 764 powerpc_mcheck_checkstop(env); 765 /* machine check exceptions don't have ME set */ 766 new_msr &= ~((target_ulong)1 << MSR_ME); 767 768 break; 769 case POWERPC_EXCP_DSI: /* Data storage exception */ 770 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 771 break; 772 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 773 trace_ppc_excp_isi(msr, env->nip); 774 msr |= env->error_code; 775 break; 776 case POWERPC_EXCP_EXTERNAL: /* External input */ 777 break; 778 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 779 /* Get rS/rD and rA from faulting opcode */ 780 /* 781 * Note: the opcode fields will not be set properly for a 782 * direct store load/store, but nobody cares as nobody 783 * actually uses direct store segments. 784 */ 785 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 786 break; 787 case POWERPC_EXCP_PROGRAM: /* Program exception */ 788 switch (env->error_code & ~0xF) { 789 case POWERPC_EXCP_FP: 790 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 791 trace_ppc_excp_fp_ignore(); 792 powerpc_reset_excp_state(cpu); 793 return; 794 } 795 796 /* 797 * FP exceptions always have NIP pointing to the faulting 798 * instruction, so always use store_next and claim we are 799 * precise in the MSR. 800 */ 801 msr |= 0x00100000; 802 break; 803 case POWERPC_EXCP_INVAL: 804 trace_ppc_excp_inval(env->nip); 805 msr |= 0x00080000; 806 break; 807 case POWERPC_EXCP_PRIV: 808 msr |= 0x00040000; 809 break; 810 case POWERPC_EXCP_TRAP: 811 msr |= 0x00020000; 812 break; 813 default: 814 /* Should never occur */ 815 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 816 env->error_code); 817 break; 818 } 819 break; 820 case POWERPC_EXCP_SYSCALL: /* System call exception */ 821 { 822 int lev = env->error_code; 823 824 if (lev == 1 && cpu->vhyp) { 825 dump_hcall(env); 826 } else { 827 dump_syscall(env); 828 } 829 830 /* 831 * We need to correct the NIP which in this case is supposed 832 * to point to the next instruction 833 */ 834 env->nip += 4; 835 836 /* 837 * The Virtual Open Firmware (VOF) relies on the 'sc 1' 838 * instruction to communicate with QEMU. The pegasos2 machine 839 * uses VOF and the 7xx CPUs, so although the 7xx don't have 840 * HV mode, we need to keep hypercall support. 841 */ 842 if (lev == 1 && cpu->vhyp) { 843 PPCVirtualHypervisorClass *vhc = 844 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 845 vhc->hypercall(cpu->vhyp, cpu); 846 return; 847 } 848 849 break; 850 } 851 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 852 case POWERPC_EXCP_DECR: /* Decrementer exception */ 853 break; 854 case POWERPC_EXCP_RESET: /* System reset exception */ 855 if (FIELD_EX64(env->msr, MSR, POW)) { 856 cpu_abort(cs, "Trying to deliver power-saving system reset " 857 "exception %d with no HV support\n", excp); 858 } 859 break; 860 case POWERPC_EXCP_TRACE: /* Trace exception */ 861 break; 862 case POWERPC_EXCP_IFTLB: /* Instruction fetch TLB error */ 863 case POWERPC_EXCP_DLTLB: /* Data load TLB miss */ 864 case POWERPC_EXCP_DSTLB: /* Data store TLB miss */ 865 ppc_excp_debug_sw_tlb(env, excp); 866 867 msr |= env->crf[0] << 28; 868 msr |= env->error_code; /* key, D/I, S/L bits */ 869 /* Set way using a LRU mechanism */ 870 msr |= ((env->last_way + 1) & (env->nb_ways - 1)) << 17; 871 872 break; 873 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 874 case POWERPC_EXCP_SMI: /* System management interrupt */ 875 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 876 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 877 cpu_abort(cs, "%s exception not implemented\n", 878 powerpc_excp_name(excp)); 879 break; 880 default: 881 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 882 break; 883 } 884 885 /* 886 * Sort out endianness of interrupt, this differs depending on the 887 * CPU, the HV mode, etc... 888 */ 889 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 890 new_msr |= (target_ulong)1 << MSR_LE; 891 } 892 893 /* Save PC */ 894 env->spr[SPR_SRR0] = env->nip; 895 896 /* Save MSR */ 897 env->spr[SPR_SRR1] = msr; 898 899 powerpc_set_excp_state(cpu, vector, new_msr); 900 } 901 902 static void powerpc_excp_74xx(PowerPCCPU *cpu, int excp) 903 { 904 CPUState *cs = CPU(cpu); 905 CPUPPCState *env = &cpu->env; 906 target_ulong msr, new_msr, vector; 907 908 /* new srr1 value excluding must-be-zero bits */ 909 msr = env->msr & ~0x783f0000ULL; 910 911 /* 912 * new interrupt handler msr preserves existing ME unless 913 * explicitly overriden 914 */ 915 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 916 917 /* 918 * Hypervisor emulation assistance interrupt only exists on server 919 * arch 2.05 server or later. 920 */ 921 if (excp == POWERPC_EXCP_HV_EMU) { 922 excp = POWERPC_EXCP_PROGRAM; 923 } 924 925 vector = env->excp_vectors[excp]; 926 if (vector == (target_ulong)-1ULL) { 927 cpu_abort(cs, "Raised an exception without defined vector %d\n", 928 excp); 929 } 930 931 vector |= env->excp_prefix; 932 933 switch (excp) { 934 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 935 powerpc_mcheck_checkstop(env); 936 /* machine check exceptions don't have ME set */ 937 new_msr &= ~((target_ulong)1 << MSR_ME); 938 939 break; 940 case POWERPC_EXCP_DSI: /* Data storage exception */ 941 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 942 break; 943 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 944 trace_ppc_excp_isi(msr, env->nip); 945 msr |= env->error_code; 946 break; 947 case POWERPC_EXCP_EXTERNAL: /* External input */ 948 break; 949 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 950 /* Get rS/rD and rA from faulting opcode */ 951 /* 952 * Note: the opcode fields will not be set properly for a 953 * direct store load/store, but nobody cares as nobody 954 * actually uses direct store segments. 955 */ 956 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 957 break; 958 case POWERPC_EXCP_PROGRAM: /* Program exception */ 959 switch (env->error_code & ~0xF) { 960 case POWERPC_EXCP_FP: 961 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 962 trace_ppc_excp_fp_ignore(); 963 powerpc_reset_excp_state(cpu); 964 return; 965 } 966 967 /* 968 * FP exceptions always have NIP pointing to the faulting 969 * instruction, so always use store_next and claim we are 970 * precise in the MSR. 971 */ 972 msr |= 0x00100000; 973 break; 974 case POWERPC_EXCP_INVAL: 975 trace_ppc_excp_inval(env->nip); 976 msr |= 0x00080000; 977 break; 978 case POWERPC_EXCP_PRIV: 979 msr |= 0x00040000; 980 break; 981 case POWERPC_EXCP_TRAP: 982 msr |= 0x00020000; 983 break; 984 default: 985 /* Should never occur */ 986 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 987 env->error_code); 988 break; 989 } 990 break; 991 case POWERPC_EXCP_SYSCALL: /* System call exception */ 992 { 993 int lev = env->error_code; 994 995 if (lev == 1 && cpu->vhyp) { 996 dump_hcall(env); 997 } else { 998 dump_syscall(env); 999 } 1000 1001 /* 1002 * We need to correct the NIP which in this case is supposed 1003 * to point to the next instruction 1004 */ 1005 env->nip += 4; 1006 1007 /* 1008 * The Virtual Open Firmware (VOF) relies on the 'sc 1' 1009 * instruction to communicate with QEMU. The pegasos2 machine 1010 * uses VOF and the 74xx CPUs, so although the 74xx don't have 1011 * HV mode, we need to keep hypercall support. 1012 */ 1013 if (lev == 1 && cpu->vhyp) { 1014 PPCVirtualHypervisorClass *vhc = 1015 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 1016 vhc->hypercall(cpu->vhyp, cpu); 1017 return; 1018 } 1019 1020 break; 1021 } 1022 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1023 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1024 break; 1025 case POWERPC_EXCP_RESET: /* System reset exception */ 1026 if (FIELD_EX64(env->msr, MSR, POW)) { 1027 cpu_abort(cs, "Trying to deliver power-saving system reset " 1028 "exception %d with no HV support\n", excp); 1029 } 1030 break; 1031 case POWERPC_EXCP_TRACE: /* Trace exception */ 1032 break; 1033 case POWERPC_EXCP_VPU: /* Vector unavailable exception */ 1034 break; 1035 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 1036 case POWERPC_EXCP_SMI: /* System management interrupt */ 1037 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 1038 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 1039 case POWERPC_EXCP_VPUA: /* Vector assist exception */ 1040 cpu_abort(cs, "%s exception not implemented\n", 1041 powerpc_excp_name(excp)); 1042 break; 1043 default: 1044 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1045 break; 1046 } 1047 1048 /* 1049 * Sort out endianness of interrupt, this differs depending on the 1050 * CPU, the HV mode, etc... 1051 */ 1052 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 1053 new_msr |= (target_ulong)1 << MSR_LE; 1054 } 1055 1056 /* Save PC */ 1057 env->spr[SPR_SRR0] = env->nip; 1058 1059 /* Save MSR */ 1060 env->spr[SPR_SRR1] = msr; 1061 1062 powerpc_set_excp_state(cpu, vector, new_msr); 1063 } 1064 1065 static void powerpc_excp_booke(PowerPCCPU *cpu, int excp) 1066 { 1067 CPUState *cs = CPU(cpu); 1068 CPUPPCState *env = &cpu->env; 1069 target_ulong msr, new_msr, vector; 1070 int srr0, srr1; 1071 1072 msr = env->msr; 1073 1074 /* 1075 * new interrupt handler msr preserves existing ME unless 1076 * explicitly overriden 1077 */ 1078 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 1079 1080 /* target registers */ 1081 srr0 = SPR_SRR0; 1082 srr1 = SPR_SRR1; 1083 1084 /* 1085 * Hypervisor emulation assistance interrupt only exists on server 1086 * arch 2.05 server or later. 1087 */ 1088 if (excp == POWERPC_EXCP_HV_EMU) { 1089 excp = POWERPC_EXCP_PROGRAM; 1090 } 1091 1092 #ifdef TARGET_PPC64 1093 /* 1094 * SPEU and VPU share the same IVOR but they exist in different 1095 * processors. SPEU is e500v1/2 only and VPU is e6500 only. 1096 */ 1097 if (excp == POWERPC_EXCP_VPU) { 1098 excp = POWERPC_EXCP_SPEU; 1099 } 1100 #endif 1101 1102 vector = env->excp_vectors[excp]; 1103 if (vector == (target_ulong)-1ULL) { 1104 cpu_abort(cs, "Raised an exception without defined vector %d\n", 1105 excp); 1106 } 1107 1108 vector |= env->excp_prefix; 1109 1110 switch (excp) { 1111 case POWERPC_EXCP_CRITICAL: /* Critical input */ 1112 srr0 = SPR_BOOKE_CSRR0; 1113 srr1 = SPR_BOOKE_CSRR1; 1114 break; 1115 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 1116 powerpc_mcheck_checkstop(env); 1117 /* machine check exceptions don't have ME set */ 1118 new_msr &= ~((target_ulong)1 << MSR_ME); 1119 1120 /* FIXME: choose one or the other based on CPU type */ 1121 srr0 = SPR_BOOKE_MCSRR0; 1122 srr1 = SPR_BOOKE_MCSRR1; 1123 1124 env->spr[SPR_BOOKE_CSRR0] = env->nip; 1125 env->spr[SPR_BOOKE_CSRR1] = msr; 1126 1127 break; 1128 case POWERPC_EXCP_DSI: /* Data storage exception */ 1129 trace_ppc_excp_dsi(env->spr[SPR_BOOKE_ESR], env->spr[SPR_BOOKE_DEAR]); 1130 break; 1131 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 1132 trace_ppc_excp_isi(msr, env->nip); 1133 break; 1134 case POWERPC_EXCP_EXTERNAL: /* External input */ 1135 if (env->mpic_proxy) { 1136 /* IACK the IRQ on delivery */ 1137 env->spr[SPR_BOOKE_EPR] = ldl_phys(cs->as, env->mpic_iack); 1138 } 1139 break; 1140 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 1141 break; 1142 case POWERPC_EXCP_PROGRAM: /* Program exception */ 1143 switch (env->error_code & ~0xF) { 1144 case POWERPC_EXCP_FP: 1145 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 1146 trace_ppc_excp_fp_ignore(); 1147 powerpc_reset_excp_state(cpu); 1148 return; 1149 } 1150 1151 /* 1152 * FP exceptions always have NIP pointing to the faulting 1153 * instruction, so always use store_next and claim we are 1154 * precise in the MSR. 1155 */ 1156 msr |= 0x00100000; 1157 env->spr[SPR_BOOKE_ESR] = ESR_FP; 1158 break; 1159 case POWERPC_EXCP_INVAL: 1160 trace_ppc_excp_inval(env->nip); 1161 msr |= 0x00080000; 1162 env->spr[SPR_BOOKE_ESR] = ESR_PIL; 1163 break; 1164 case POWERPC_EXCP_PRIV: 1165 msr |= 0x00040000; 1166 env->spr[SPR_BOOKE_ESR] = ESR_PPR; 1167 break; 1168 case POWERPC_EXCP_TRAP: 1169 msr |= 0x00020000; 1170 env->spr[SPR_BOOKE_ESR] = ESR_PTR; 1171 break; 1172 default: 1173 /* Should never occur */ 1174 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 1175 env->error_code); 1176 break; 1177 } 1178 break; 1179 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1180 dump_syscall(env); 1181 1182 /* 1183 * We need to correct the NIP which in this case is supposed 1184 * to point to the next instruction 1185 */ 1186 env->nip += 4; 1187 break; 1188 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1189 case POWERPC_EXCP_APU: /* Auxiliary processor unavailable */ 1190 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1191 break; 1192 case POWERPC_EXCP_FIT: /* Fixed-interval timer interrupt */ 1193 /* FIT on 4xx */ 1194 trace_ppc_excp_print("FIT"); 1195 break; 1196 case POWERPC_EXCP_WDT: /* Watchdog timer interrupt */ 1197 trace_ppc_excp_print("WDT"); 1198 srr0 = SPR_BOOKE_CSRR0; 1199 srr1 = SPR_BOOKE_CSRR1; 1200 break; 1201 case POWERPC_EXCP_DTLB: /* Data TLB error */ 1202 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 1203 break; 1204 case POWERPC_EXCP_DEBUG: /* Debug interrupt */ 1205 if (env->flags & POWERPC_FLAG_DE) { 1206 /* FIXME: choose one or the other based on CPU type */ 1207 srr0 = SPR_BOOKE_DSRR0; 1208 srr1 = SPR_BOOKE_DSRR1; 1209 1210 env->spr[SPR_BOOKE_CSRR0] = env->nip; 1211 env->spr[SPR_BOOKE_CSRR1] = msr; 1212 1213 /* DBSR already modified by caller */ 1214 } else { 1215 cpu_abort(cs, "Debug exception triggered on unsupported model\n"); 1216 } 1217 break; 1218 case POWERPC_EXCP_SPEU: /* SPE/embedded floating-point unavailable/VPU */ 1219 env->spr[SPR_BOOKE_ESR] = ESR_SPV; 1220 break; 1221 case POWERPC_EXCP_DOORI: /* Embedded doorbell interrupt */ 1222 break; 1223 case POWERPC_EXCP_DOORCI: /* Embedded doorbell critical interrupt */ 1224 srr0 = SPR_BOOKE_CSRR0; 1225 srr1 = SPR_BOOKE_CSRR1; 1226 break; 1227 case POWERPC_EXCP_RESET: /* System reset exception */ 1228 if (FIELD_EX64(env->msr, MSR, POW)) { 1229 cpu_abort(cs, "Trying to deliver power-saving system reset " 1230 "exception %d with no HV support\n", excp); 1231 } 1232 break; 1233 case POWERPC_EXCP_EFPDI: /* Embedded floating-point data interrupt */ 1234 case POWERPC_EXCP_EFPRI: /* Embedded floating-point round interrupt */ 1235 cpu_abort(cs, "%s exception not implemented\n", 1236 powerpc_excp_name(excp)); 1237 break; 1238 default: 1239 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1240 break; 1241 } 1242 1243 #if defined(TARGET_PPC64) 1244 if (env->spr[SPR_BOOKE_EPCR] & EPCR_ICM) { 1245 /* Cat.64-bit: EPCR.ICM is copied to MSR.CM */ 1246 new_msr |= (target_ulong)1 << MSR_CM; 1247 } else { 1248 vector = (uint32_t)vector; 1249 } 1250 #endif 1251 1252 /* Save PC */ 1253 env->spr[srr0] = env->nip; 1254 1255 /* Save MSR */ 1256 env->spr[srr1] = msr; 1257 1258 powerpc_set_excp_state(cpu, vector, new_msr); 1259 } 1260 1261 /* 1262 * When running a nested HV guest under vhyp, external interrupts are 1263 * delivered as HVIRT. 1264 */ 1265 static bool books_vhyp_promotes_external_to_hvirt(PowerPCCPU *cpu) 1266 { 1267 if (cpu->vhyp) { 1268 return vhyp_cpu_in_nested(cpu); 1269 } 1270 return false; 1271 } 1272 1273 #ifdef TARGET_PPC64 1274 /* 1275 * When running under vhyp, hcalls are always intercepted and sent to the 1276 * vhc->hypercall handler. 1277 */ 1278 static bool books_vhyp_handles_hcall(PowerPCCPU *cpu) 1279 { 1280 if (cpu->vhyp) { 1281 return !vhyp_cpu_in_nested(cpu); 1282 } 1283 return false; 1284 } 1285 1286 /* 1287 * When running a nested KVM HV guest under vhyp, HV exceptions are not 1288 * delivered to the guest (because there is no concept of HV support), but 1289 * rather they are sent tothe vhyp to exit from the L2 back to the L1 and 1290 * return from the H_ENTER_NESTED hypercall. 1291 */ 1292 static bool books_vhyp_handles_hv_excp(PowerPCCPU *cpu) 1293 { 1294 if (cpu->vhyp) { 1295 return vhyp_cpu_in_nested(cpu); 1296 } 1297 return false; 1298 } 1299 1300 #ifdef CONFIG_TCG 1301 static bool is_prefix_insn(CPUPPCState *env, uint32_t insn) 1302 { 1303 if (!(env->insns_flags2 & PPC2_ISA310)) { 1304 return false; 1305 } 1306 return ((insn & 0xfc000000) == 0x04000000); 1307 } 1308 1309 static bool is_prefix_insn_excp(PowerPCCPU *cpu, int excp) 1310 { 1311 CPUPPCState *env = &cpu->env; 1312 1313 if (!tcg_enabled()) { 1314 /* 1315 * This does not load instructions and set the prefix bit correctly 1316 * for injected interrupts with KVM. That may have to be discovered 1317 * and set by the KVM layer before injecting. 1318 */ 1319 return false; 1320 } 1321 1322 switch (excp) { 1323 case POWERPC_EXCP_HDSI: 1324 /* HDSI PRTABLE_FAULT has the originating access type in error_code */ 1325 if ((env->spr[SPR_HDSISR] & DSISR_PRTABLE_FAULT) && 1326 (env->error_code == MMU_INST_FETCH)) { 1327 /* 1328 * Fetch failed due to partition scope translation, so prefix 1329 * indication is not relevant (and attempting to load the 1330 * instruction at NIP would cause recursive faults with the same 1331 * translation). 1332 */ 1333 break; 1334 } 1335 /* fall through */ 1336 case POWERPC_EXCP_MCHECK: 1337 case POWERPC_EXCP_DSI: 1338 case POWERPC_EXCP_DSEG: 1339 case POWERPC_EXCP_ALIGN: 1340 case POWERPC_EXCP_PROGRAM: 1341 case POWERPC_EXCP_FPU: 1342 case POWERPC_EXCP_TRACE: 1343 case POWERPC_EXCP_HV_EMU: 1344 case POWERPC_EXCP_VPU: 1345 case POWERPC_EXCP_VSXU: 1346 case POWERPC_EXCP_FU: 1347 case POWERPC_EXCP_HV_FU: { 1348 uint32_t insn = ppc_ldl_code(env, env->nip); 1349 if (is_prefix_insn(env, insn)) { 1350 return true; 1351 } 1352 break; 1353 } 1354 default: 1355 break; 1356 } 1357 return false; 1358 } 1359 #else 1360 static bool is_prefix_insn_excp(PowerPCCPU *cpu, int excp) 1361 { 1362 return false; 1363 } 1364 #endif 1365 1366 static void powerpc_excp_books(PowerPCCPU *cpu, int excp) 1367 { 1368 CPUState *cs = CPU(cpu); 1369 CPUPPCState *env = &cpu->env; 1370 target_ulong msr, new_msr, vector; 1371 int srr0, srr1, lev = -1; 1372 1373 /* new srr1 value excluding must-be-zero bits */ 1374 msr = env->msr & ~0x783f0000ULL; 1375 1376 /* 1377 * new interrupt handler msr preserves existing HV and ME unless 1378 * explicitly overriden 1379 */ 1380 new_msr = env->msr & (((target_ulong)1 << MSR_ME) | MSR_HVB); 1381 1382 /* target registers */ 1383 srr0 = SPR_SRR0; 1384 srr1 = SPR_SRR1; 1385 1386 /* 1387 * check for special resume at 0x100 from doze/nap/sleep/winkle on 1388 * P7/P8/P9 1389 */ 1390 if (env->resume_as_sreset) { 1391 excp = powerpc_reset_wakeup(env, excp, &msr); 1392 } 1393 1394 /* 1395 * We don't want to generate a Hypervisor Emulation Assistance 1396 * Interrupt if we don't have HVB in msr_mask (PAPR mode), 1397 * unless running a nested-hv guest, in which case the L1 1398 * kernel wants the interrupt. 1399 */ 1400 if (excp == POWERPC_EXCP_HV_EMU && !(env->msr_mask & MSR_HVB) && 1401 !books_vhyp_handles_hv_excp(cpu)) { 1402 excp = POWERPC_EXCP_PROGRAM; 1403 } 1404 1405 vector = env->excp_vectors[excp]; 1406 if (vector == (target_ulong)-1ULL) { 1407 cpu_abort(cs, "Raised an exception without defined vector %d\n", 1408 excp); 1409 } 1410 1411 vector |= env->excp_prefix; 1412 1413 if (is_prefix_insn_excp(cpu, excp)) { 1414 msr |= PPC_BIT(34); 1415 } 1416 1417 switch (excp) { 1418 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 1419 powerpc_mcheck_checkstop(env); 1420 if (env->msr_mask & MSR_HVB) { 1421 /* 1422 * ISA specifies HV, but can be delivered to guest with HV 1423 * clear (e.g., see FWNMI in PAPR). 1424 */ 1425 new_msr |= (target_ulong)MSR_HVB; 1426 } 1427 1428 /* machine check exceptions don't have ME set */ 1429 new_msr &= ~((target_ulong)1 << MSR_ME); 1430 1431 msr |= env->error_code; 1432 break; 1433 1434 case POWERPC_EXCP_DSI: /* Data storage exception */ 1435 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 1436 break; 1437 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 1438 trace_ppc_excp_isi(msr, env->nip); 1439 msr |= env->error_code; 1440 break; 1441 case POWERPC_EXCP_EXTERNAL: /* External input */ 1442 { 1443 bool lpes0; 1444 1445 /* 1446 * LPES0 is only taken into consideration if we support HV 1447 * mode for this CPU. 1448 */ 1449 if (!env->has_hv_mode) { 1450 break; 1451 } 1452 1453 lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1454 1455 if (!lpes0) { 1456 new_msr |= (target_ulong)MSR_HVB; 1457 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1458 srr0 = SPR_HSRR0; 1459 srr1 = SPR_HSRR1; 1460 } 1461 1462 break; 1463 } 1464 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 1465 /* Optional DSISR update was removed from ISA v3.0 */ 1466 if (!(env->insns_flags2 & PPC2_ISA300)) { 1467 /* Get rS/rD and rA from faulting opcode */ 1468 /* 1469 * Note: the opcode fields will not be set properly for a 1470 * direct store load/store, but nobody cares as nobody 1471 * actually uses direct store segments. 1472 */ 1473 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 1474 } 1475 break; 1476 case POWERPC_EXCP_PROGRAM: /* Program exception */ 1477 switch (env->error_code & ~0xF) { 1478 case POWERPC_EXCP_FP: 1479 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 1480 trace_ppc_excp_fp_ignore(); 1481 powerpc_reset_excp_state(cpu); 1482 return; 1483 } 1484 1485 /* 1486 * FP exceptions always have NIP pointing to the faulting 1487 * instruction, so always use store_next and claim we are 1488 * precise in the MSR. 1489 */ 1490 msr |= 0x00100000; 1491 break; 1492 case POWERPC_EXCP_INVAL: 1493 trace_ppc_excp_inval(env->nip); 1494 msr |= 0x00080000; 1495 break; 1496 case POWERPC_EXCP_PRIV: 1497 msr |= 0x00040000; 1498 break; 1499 case POWERPC_EXCP_TRAP: 1500 msr |= 0x00020000; 1501 break; 1502 default: 1503 /* Should never occur */ 1504 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 1505 env->error_code); 1506 break; 1507 } 1508 break; 1509 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1510 lev = env->error_code; 1511 1512 if (lev == 1 && cpu->vhyp) { 1513 dump_hcall(env); 1514 } else { 1515 dump_syscall(env); 1516 } 1517 1518 /* 1519 * We need to correct the NIP which in this case is supposed 1520 * to point to the next instruction 1521 */ 1522 env->nip += 4; 1523 1524 /* "PAPR mode" built-in hypercall emulation */ 1525 if (lev == 1 && books_vhyp_handles_hcall(cpu)) { 1526 PPCVirtualHypervisorClass *vhc = 1527 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 1528 vhc->hypercall(cpu->vhyp, cpu); 1529 return; 1530 } 1531 if (env->insns_flags2 & PPC2_ISA310) { 1532 /* ISAv3.1 puts LEV into SRR1 */ 1533 msr |= lev << 20; 1534 } 1535 if (lev == 1) { 1536 new_msr |= (target_ulong)MSR_HVB; 1537 } 1538 break; 1539 case POWERPC_EXCP_SYSCALL_VECTORED: /* scv exception */ 1540 lev = env->error_code; 1541 dump_syscall(env); 1542 env->nip += 4; 1543 new_msr |= env->msr & ((target_ulong)1 << MSR_EE); 1544 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1545 1546 vector += lev * 0x20; 1547 1548 env->lr = env->nip; 1549 env->ctr = msr; 1550 break; 1551 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1552 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1553 break; 1554 case POWERPC_EXCP_RESET: /* System reset exception */ 1555 /* A power-saving exception sets ME, otherwise it is unchanged */ 1556 if (FIELD_EX64(env->msr, MSR, POW)) { 1557 /* indicate that we resumed from power save mode */ 1558 msr |= 0x10000; 1559 new_msr |= ((target_ulong)1 << MSR_ME); 1560 } 1561 if (env->msr_mask & MSR_HVB) { 1562 /* 1563 * ISA specifies HV, but can be delivered to guest with HV 1564 * clear (e.g., see FWNMI in PAPR, NMI injection in QEMU). 1565 */ 1566 new_msr |= (target_ulong)MSR_HVB; 1567 } else { 1568 if (FIELD_EX64(env->msr, MSR, POW)) { 1569 cpu_abort(cs, "Trying to deliver power-saving system reset " 1570 "exception %d with no HV support\n", excp); 1571 } 1572 } 1573 break; 1574 case POWERPC_EXCP_DSEG: /* Data segment exception */ 1575 case POWERPC_EXCP_ISEG: /* Instruction segment exception */ 1576 case POWERPC_EXCP_TRACE: /* Trace exception */ 1577 case POWERPC_EXCP_SDOOR: /* Doorbell interrupt */ 1578 case POWERPC_EXCP_PERFM: /* Performance monitor interrupt */ 1579 break; 1580 case POWERPC_EXCP_HISI: /* Hypervisor instruction storage exception */ 1581 msr |= env->error_code; 1582 /* fall through */ 1583 case POWERPC_EXCP_HDECR: /* Hypervisor decrementer exception */ 1584 case POWERPC_EXCP_HDSI: /* Hypervisor data storage exception */ 1585 case POWERPC_EXCP_SDOOR_HV: /* Hypervisor Doorbell interrupt */ 1586 case POWERPC_EXCP_HVIRT: /* Hypervisor virtualization */ 1587 srr0 = SPR_HSRR0; 1588 srr1 = SPR_HSRR1; 1589 new_msr |= (target_ulong)MSR_HVB; 1590 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1591 break; 1592 #ifdef CONFIG_TCG 1593 case POWERPC_EXCP_HV_EMU: { 1594 uint32_t insn = ppc_ldl_code(env, env->nip); 1595 env->spr[SPR_HEIR] = insn; 1596 if (is_prefix_insn(env, insn)) { 1597 uint32_t insn2 = ppc_ldl_code(env, env->nip + 4); 1598 env->spr[SPR_HEIR] <<= 32; 1599 env->spr[SPR_HEIR] |= insn2; 1600 } 1601 srr0 = SPR_HSRR0; 1602 srr1 = SPR_HSRR1; 1603 new_msr |= (target_ulong)MSR_HVB; 1604 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1605 break; 1606 } 1607 #endif 1608 case POWERPC_EXCP_VPU: /* Vector unavailable exception */ 1609 case POWERPC_EXCP_VSXU: /* VSX unavailable exception */ 1610 case POWERPC_EXCP_FU: /* Facility unavailable exception */ 1611 env->spr[SPR_FSCR] |= ((target_ulong)env->error_code << 56); 1612 break; 1613 case POWERPC_EXCP_HV_FU: /* Hypervisor Facility Unavailable Exception */ 1614 env->spr[SPR_HFSCR] |= ((target_ulong)env->error_code << FSCR_IC_POS); 1615 srr0 = SPR_HSRR0; 1616 srr1 = SPR_HSRR1; 1617 new_msr |= (target_ulong)MSR_HVB; 1618 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1619 break; 1620 case POWERPC_EXCP_PERFM_EBB: /* Performance Monitor EBB Exception */ 1621 case POWERPC_EXCP_EXTERNAL_EBB: /* External EBB Exception */ 1622 env->spr[SPR_BESCR] &= ~BESCR_GE; 1623 1624 /* 1625 * Save NIP for rfebb insn in SPR_EBBRR. Next nip is 1626 * stored in the EBB Handler SPR_EBBHR. 1627 */ 1628 env->spr[SPR_EBBRR] = env->nip; 1629 powerpc_set_excp_state(cpu, env->spr[SPR_EBBHR], env->msr); 1630 1631 /* 1632 * This exception is handled in userspace. No need to proceed. 1633 */ 1634 return; 1635 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 1636 case POWERPC_EXCP_VPUA: /* Vector assist exception */ 1637 case POWERPC_EXCP_MAINT: /* Maintenance exception */ 1638 case POWERPC_EXCP_HV_MAINT: /* Hypervisor Maintenance exception */ 1639 cpu_abort(cs, "%s exception not implemented\n", 1640 powerpc_excp_name(excp)); 1641 break; 1642 default: 1643 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1644 break; 1645 } 1646 1647 /* 1648 * Sort out endianness of interrupt, this differs depending on the 1649 * CPU, the HV mode, etc... 1650 */ 1651 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 1652 new_msr |= (target_ulong)1 << MSR_LE; 1653 } 1654 1655 new_msr |= (target_ulong)1 << MSR_SF; 1656 1657 if (excp != POWERPC_EXCP_SYSCALL_VECTORED) { 1658 /* Save PC */ 1659 env->spr[srr0] = env->nip; 1660 1661 /* Save MSR */ 1662 env->spr[srr1] = msr; 1663 } 1664 1665 if ((new_msr & MSR_HVB) && books_vhyp_handles_hv_excp(cpu)) { 1666 PPCVirtualHypervisorClass *vhc = 1667 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 1668 /* Deliver interrupt to L1 by returning from the H_ENTER_NESTED call */ 1669 vhc->deliver_hv_excp(cpu, excp); 1670 1671 powerpc_reset_excp_state(cpu); 1672 1673 } else { 1674 /* Sanity check */ 1675 if (!(env->msr_mask & MSR_HVB) && srr0 == SPR_HSRR0) { 1676 cpu_abort(cs, "Trying to deliver HV exception (HSRR) %d with " 1677 "no HV support\n", excp); 1678 } 1679 1680 /* This can update new_msr and vector if AIL applies */ 1681 ppc_excp_apply_ail(cpu, excp, msr, &new_msr, &vector); 1682 1683 powerpc_set_excp_state(cpu, vector, new_msr); 1684 } 1685 } 1686 #else 1687 static inline void powerpc_excp_books(PowerPCCPU *cpu, int excp) 1688 { 1689 g_assert_not_reached(); 1690 } 1691 #endif 1692 1693 static void powerpc_excp(PowerPCCPU *cpu, int excp) 1694 { 1695 CPUState *cs = CPU(cpu); 1696 CPUPPCState *env = &cpu->env; 1697 1698 if (excp <= POWERPC_EXCP_NONE || excp >= POWERPC_EXCP_NB) { 1699 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1700 } 1701 1702 qemu_log_mask(CPU_LOG_INT, "Raise exception at " TARGET_FMT_lx 1703 " => %s (%d) error=%02x\n", env->nip, powerpc_excp_name(excp), 1704 excp, env->error_code); 1705 env->excp_stats[excp]++; 1706 1707 switch (env->excp_model) { 1708 case POWERPC_EXCP_40x: 1709 powerpc_excp_40x(cpu, excp); 1710 break; 1711 case POWERPC_EXCP_6xx: 1712 powerpc_excp_6xx(cpu, excp); 1713 break; 1714 case POWERPC_EXCP_7xx: 1715 powerpc_excp_7xx(cpu, excp); 1716 break; 1717 case POWERPC_EXCP_74xx: 1718 powerpc_excp_74xx(cpu, excp); 1719 break; 1720 case POWERPC_EXCP_BOOKE: 1721 powerpc_excp_booke(cpu, excp); 1722 break; 1723 case POWERPC_EXCP_970: 1724 case POWERPC_EXCP_POWER7: 1725 case POWERPC_EXCP_POWER8: 1726 case POWERPC_EXCP_POWER9: 1727 case POWERPC_EXCP_POWER10: 1728 powerpc_excp_books(cpu, excp); 1729 break; 1730 default: 1731 g_assert_not_reached(); 1732 } 1733 } 1734 1735 void ppc_cpu_do_interrupt(CPUState *cs) 1736 { 1737 PowerPCCPU *cpu = POWERPC_CPU(cs); 1738 1739 powerpc_excp(cpu, cs->exception_index); 1740 } 1741 1742 #if defined(TARGET_PPC64) 1743 #define P7_UNUSED_INTERRUPTS \ 1744 (PPC_INTERRUPT_RESET | PPC_INTERRUPT_HVIRT | PPC_INTERRUPT_CEXT | \ 1745 PPC_INTERRUPT_WDT | PPC_INTERRUPT_CDOORBELL | PPC_INTERRUPT_FIT | \ 1746 PPC_INTERRUPT_PIT | PPC_INTERRUPT_DOORBELL | PPC_INTERRUPT_HDOORBELL | \ 1747 PPC_INTERRUPT_THERM | PPC_INTERRUPT_EBB) 1748 1749 static int p7_interrupt_powersave(CPUPPCState *env) 1750 { 1751 if ((env->pending_interrupts & PPC_INTERRUPT_EXT) && 1752 (env->spr[SPR_LPCR] & LPCR_P7_PECE0)) { 1753 return PPC_INTERRUPT_EXT; 1754 } 1755 if ((env->pending_interrupts & PPC_INTERRUPT_DECR) && 1756 (env->spr[SPR_LPCR] & LPCR_P7_PECE1)) { 1757 return PPC_INTERRUPT_DECR; 1758 } 1759 if ((env->pending_interrupts & PPC_INTERRUPT_MCK) && 1760 (env->spr[SPR_LPCR] & LPCR_P7_PECE2)) { 1761 return PPC_INTERRUPT_MCK; 1762 } 1763 if ((env->pending_interrupts & PPC_INTERRUPT_HMI) && 1764 (env->spr[SPR_LPCR] & LPCR_P7_PECE2)) { 1765 return PPC_INTERRUPT_HMI; 1766 } 1767 if (env->pending_interrupts & PPC_INTERRUPT_RESET) { 1768 return PPC_INTERRUPT_RESET; 1769 } 1770 return 0; 1771 } 1772 1773 static int p7_next_unmasked_interrupt(CPUPPCState *env) 1774 { 1775 CPUState *cs = env_cpu(env); 1776 1777 /* Ignore MSR[EE] when coming out of some power management states */ 1778 bool msr_ee = FIELD_EX64(env->msr, MSR, EE) || env->resume_as_sreset; 1779 1780 assert((env->pending_interrupts & P7_UNUSED_INTERRUPTS) == 0); 1781 1782 if (cs->halted) { 1783 /* LPCR[PECE] controls which interrupts can exit power-saving mode */ 1784 return p7_interrupt_powersave(env); 1785 } 1786 1787 /* Machine check exception */ 1788 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 1789 return PPC_INTERRUPT_MCK; 1790 } 1791 1792 /* Hypervisor decrementer exception */ 1793 if (env->pending_interrupts & PPC_INTERRUPT_HDECR) { 1794 /* LPCR will be clear when not supported so this will work */ 1795 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 1796 if ((msr_ee || !FIELD_EX64_HV(env->msr)) && hdice) { 1797 /* HDEC clears on delivery */ 1798 return PPC_INTERRUPT_HDECR; 1799 } 1800 } 1801 1802 /* External interrupt can ignore MSR:EE under some circumstances */ 1803 if (env->pending_interrupts & PPC_INTERRUPT_EXT) { 1804 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1805 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 1806 /* HEIC blocks delivery to the hypervisor */ 1807 if ((msr_ee && !(heic && FIELD_EX64_HV(env->msr) && 1808 !FIELD_EX64(env->msr, MSR, PR))) || 1809 (env->has_hv_mode && !FIELD_EX64_HV(env->msr) && !lpes0)) { 1810 return PPC_INTERRUPT_EXT; 1811 } 1812 } 1813 if (msr_ee != 0) { 1814 /* Decrementer exception */ 1815 if (env->pending_interrupts & PPC_INTERRUPT_DECR) { 1816 return PPC_INTERRUPT_DECR; 1817 } 1818 if (env->pending_interrupts & PPC_INTERRUPT_PERFM) { 1819 return PPC_INTERRUPT_PERFM; 1820 } 1821 } 1822 1823 return 0; 1824 } 1825 1826 #define P8_UNUSED_INTERRUPTS \ 1827 (PPC_INTERRUPT_RESET | PPC_INTERRUPT_DEBUG | PPC_INTERRUPT_HVIRT | \ 1828 PPC_INTERRUPT_CEXT | PPC_INTERRUPT_WDT | PPC_INTERRUPT_CDOORBELL | \ 1829 PPC_INTERRUPT_FIT | PPC_INTERRUPT_PIT | PPC_INTERRUPT_THERM) 1830 1831 static int p8_interrupt_powersave(CPUPPCState *env) 1832 { 1833 if ((env->pending_interrupts & PPC_INTERRUPT_EXT) && 1834 (env->spr[SPR_LPCR] & LPCR_P8_PECE2)) { 1835 return PPC_INTERRUPT_EXT; 1836 } 1837 if ((env->pending_interrupts & PPC_INTERRUPT_DECR) && 1838 (env->spr[SPR_LPCR] & LPCR_P8_PECE3)) { 1839 return PPC_INTERRUPT_DECR; 1840 } 1841 if ((env->pending_interrupts & PPC_INTERRUPT_MCK) && 1842 (env->spr[SPR_LPCR] & LPCR_P8_PECE4)) { 1843 return PPC_INTERRUPT_MCK; 1844 } 1845 if ((env->pending_interrupts & PPC_INTERRUPT_HMI) && 1846 (env->spr[SPR_LPCR] & LPCR_P8_PECE4)) { 1847 return PPC_INTERRUPT_HMI; 1848 } 1849 if ((env->pending_interrupts & PPC_INTERRUPT_DOORBELL) && 1850 (env->spr[SPR_LPCR] & LPCR_P8_PECE0)) { 1851 return PPC_INTERRUPT_DOORBELL; 1852 } 1853 if ((env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) && 1854 (env->spr[SPR_LPCR] & LPCR_P8_PECE1)) { 1855 return PPC_INTERRUPT_HDOORBELL; 1856 } 1857 if (env->pending_interrupts & PPC_INTERRUPT_RESET) { 1858 return PPC_INTERRUPT_RESET; 1859 } 1860 return 0; 1861 } 1862 1863 static int p8_next_unmasked_interrupt(CPUPPCState *env) 1864 { 1865 CPUState *cs = env_cpu(env); 1866 1867 /* Ignore MSR[EE] when coming out of some power management states */ 1868 bool msr_ee = FIELD_EX64(env->msr, MSR, EE) || env->resume_as_sreset; 1869 1870 assert((env->pending_interrupts & P8_UNUSED_INTERRUPTS) == 0); 1871 1872 if (cs->halted) { 1873 /* LPCR[PECE] controls which interrupts can exit power-saving mode */ 1874 return p8_interrupt_powersave(env); 1875 } 1876 1877 /* Machine check exception */ 1878 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 1879 return PPC_INTERRUPT_MCK; 1880 } 1881 1882 /* Hypervisor decrementer exception */ 1883 if (env->pending_interrupts & PPC_INTERRUPT_HDECR) { 1884 /* LPCR will be clear when not supported so this will work */ 1885 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 1886 if ((msr_ee || !FIELD_EX64_HV(env->msr)) && hdice) { 1887 /* HDEC clears on delivery */ 1888 return PPC_INTERRUPT_HDECR; 1889 } 1890 } 1891 1892 /* External interrupt can ignore MSR:EE under some circumstances */ 1893 if (env->pending_interrupts & PPC_INTERRUPT_EXT) { 1894 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1895 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 1896 /* HEIC blocks delivery to the hypervisor */ 1897 if ((msr_ee && !(heic && FIELD_EX64_HV(env->msr) && 1898 !FIELD_EX64(env->msr, MSR, PR))) || 1899 (env->has_hv_mode && !FIELD_EX64_HV(env->msr) && !lpes0)) { 1900 return PPC_INTERRUPT_EXT; 1901 } 1902 } 1903 if (msr_ee != 0) { 1904 /* Decrementer exception */ 1905 if (env->pending_interrupts & PPC_INTERRUPT_DECR) { 1906 return PPC_INTERRUPT_DECR; 1907 } 1908 if (env->pending_interrupts & PPC_INTERRUPT_DOORBELL) { 1909 return PPC_INTERRUPT_DOORBELL; 1910 } 1911 if (env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) { 1912 return PPC_INTERRUPT_HDOORBELL; 1913 } 1914 if (env->pending_interrupts & PPC_INTERRUPT_PERFM) { 1915 return PPC_INTERRUPT_PERFM; 1916 } 1917 /* EBB exception */ 1918 if (env->pending_interrupts & PPC_INTERRUPT_EBB) { 1919 /* 1920 * EBB exception must be taken in problem state and 1921 * with BESCR_GE set. 1922 */ 1923 if (FIELD_EX64(env->msr, MSR, PR) && 1924 (env->spr[SPR_BESCR] & BESCR_GE)) { 1925 return PPC_INTERRUPT_EBB; 1926 } 1927 } 1928 } 1929 1930 return 0; 1931 } 1932 1933 #define P9_UNUSED_INTERRUPTS \ 1934 (PPC_INTERRUPT_RESET | PPC_INTERRUPT_DEBUG | PPC_INTERRUPT_CEXT | \ 1935 PPC_INTERRUPT_WDT | PPC_INTERRUPT_CDOORBELL | PPC_INTERRUPT_FIT | \ 1936 PPC_INTERRUPT_PIT | PPC_INTERRUPT_THERM) 1937 1938 static int p9_interrupt_powersave(CPUPPCState *env) 1939 { 1940 /* External Exception */ 1941 if ((env->pending_interrupts & PPC_INTERRUPT_EXT) && 1942 (env->spr[SPR_LPCR] & LPCR_EEE)) { 1943 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 1944 if (!heic || !FIELD_EX64_HV(env->msr) || 1945 FIELD_EX64(env->msr, MSR, PR)) { 1946 return PPC_INTERRUPT_EXT; 1947 } 1948 } 1949 /* Decrementer Exception */ 1950 if ((env->pending_interrupts & PPC_INTERRUPT_DECR) && 1951 (env->spr[SPR_LPCR] & LPCR_DEE)) { 1952 return PPC_INTERRUPT_DECR; 1953 } 1954 /* Machine Check or Hypervisor Maintenance Exception */ 1955 if (env->spr[SPR_LPCR] & LPCR_OEE) { 1956 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 1957 return PPC_INTERRUPT_MCK; 1958 } 1959 if (env->pending_interrupts & PPC_INTERRUPT_HMI) { 1960 return PPC_INTERRUPT_HMI; 1961 } 1962 } 1963 /* Privileged Doorbell Exception */ 1964 if ((env->pending_interrupts & PPC_INTERRUPT_DOORBELL) && 1965 (env->spr[SPR_LPCR] & LPCR_PDEE)) { 1966 return PPC_INTERRUPT_DOORBELL; 1967 } 1968 /* Hypervisor Doorbell Exception */ 1969 if ((env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) && 1970 (env->spr[SPR_LPCR] & LPCR_HDEE)) { 1971 return PPC_INTERRUPT_HDOORBELL; 1972 } 1973 /* Hypervisor virtualization exception */ 1974 if ((env->pending_interrupts & PPC_INTERRUPT_HVIRT) && 1975 (env->spr[SPR_LPCR] & LPCR_HVEE)) { 1976 return PPC_INTERRUPT_HVIRT; 1977 } 1978 if (env->pending_interrupts & PPC_INTERRUPT_RESET) { 1979 return PPC_INTERRUPT_RESET; 1980 } 1981 return 0; 1982 } 1983 1984 static int p9_next_unmasked_interrupt(CPUPPCState *env) 1985 { 1986 CPUState *cs = env_cpu(env); 1987 1988 /* Ignore MSR[EE] when coming out of some power management states */ 1989 bool msr_ee = FIELD_EX64(env->msr, MSR, EE) || env->resume_as_sreset; 1990 1991 assert((env->pending_interrupts & P9_UNUSED_INTERRUPTS) == 0); 1992 1993 if (cs->halted) { 1994 if (env->spr[SPR_PSSCR] & PSSCR_EC) { 1995 /* 1996 * When PSSCR[EC] is set, LPCR[PECE] controls which interrupts can 1997 * wakeup the processor 1998 */ 1999 return p9_interrupt_powersave(env); 2000 } else { 2001 /* 2002 * When it's clear, any system-caused exception exits power-saving 2003 * mode, even the ones that gate on MSR[EE]. 2004 */ 2005 msr_ee = true; 2006 } 2007 } 2008 2009 /* Machine check exception */ 2010 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 2011 return PPC_INTERRUPT_MCK; 2012 } 2013 2014 /* Hypervisor decrementer exception */ 2015 if (env->pending_interrupts & PPC_INTERRUPT_HDECR) { 2016 /* LPCR will be clear when not supported so this will work */ 2017 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 2018 if ((msr_ee || !FIELD_EX64_HV(env->msr)) && hdice) { 2019 /* HDEC clears on delivery */ 2020 return PPC_INTERRUPT_HDECR; 2021 } 2022 } 2023 2024 /* Hypervisor virtualization interrupt */ 2025 if (env->pending_interrupts & PPC_INTERRUPT_HVIRT) { 2026 /* LPCR will be clear when not supported so this will work */ 2027 bool hvice = !!(env->spr[SPR_LPCR] & LPCR_HVICE); 2028 if ((msr_ee || !FIELD_EX64_HV(env->msr)) && hvice) { 2029 return PPC_INTERRUPT_HVIRT; 2030 } 2031 } 2032 2033 /* External interrupt can ignore MSR:EE under some circumstances */ 2034 if (env->pending_interrupts & PPC_INTERRUPT_EXT) { 2035 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 2036 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 2037 /* HEIC blocks delivery to the hypervisor */ 2038 if ((msr_ee && !(heic && FIELD_EX64_HV(env->msr) && 2039 !FIELD_EX64(env->msr, MSR, PR))) || 2040 (env->has_hv_mode && !FIELD_EX64_HV(env->msr) && !lpes0)) { 2041 return PPC_INTERRUPT_EXT; 2042 } 2043 } 2044 if (msr_ee != 0) { 2045 /* Decrementer exception */ 2046 if (env->pending_interrupts & PPC_INTERRUPT_DECR) { 2047 return PPC_INTERRUPT_DECR; 2048 } 2049 if (env->pending_interrupts & PPC_INTERRUPT_DOORBELL) { 2050 return PPC_INTERRUPT_DOORBELL; 2051 } 2052 if (env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) { 2053 return PPC_INTERRUPT_HDOORBELL; 2054 } 2055 if (env->pending_interrupts & PPC_INTERRUPT_PERFM) { 2056 return PPC_INTERRUPT_PERFM; 2057 } 2058 /* EBB exception */ 2059 if (env->pending_interrupts & PPC_INTERRUPT_EBB) { 2060 /* 2061 * EBB exception must be taken in problem state and 2062 * with BESCR_GE set. 2063 */ 2064 if (FIELD_EX64(env->msr, MSR, PR) && 2065 (env->spr[SPR_BESCR] & BESCR_GE)) { 2066 return PPC_INTERRUPT_EBB; 2067 } 2068 } 2069 } 2070 2071 return 0; 2072 } 2073 #endif 2074 2075 static int ppc_next_unmasked_interrupt_generic(CPUPPCState *env) 2076 { 2077 bool async_deliver; 2078 2079 /* External reset */ 2080 if (env->pending_interrupts & PPC_INTERRUPT_RESET) { 2081 return PPC_INTERRUPT_RESET; 2082 } 2083 /* Machine check exception */ 2084 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 2085 return PPC_INTERRUPT_MCK; 2086 } 2087 #if 0 /* TODO */ 2088 /* External debug exception */ 2089 if (env->pending_interrupts & PPC_INTERRUPT_DEBUG) { 2090 return PPC_INTERRUPT_DEBUG; 2091 } 2092 #endif 2093 2094 /* 2095 * For interrupts that gate on MSR:EE, we need to do something a 2096 * bit more subtle, as we need to let them through even when EE is 2097 * clear when coming out of some power management states (in order 2098 * for them to become a 0x100). 2099 */ 2100 async_deliver = FIELD_EX64(env->msr, MSR, EE) || env->resume_as_sreset; 2101 2102 /* Hypervisor decrementer exception */ 2103 if (env->pending_interrupts & PPC_INTERRUPT_HDECR) { 2104 /* LPCR will be clear when not supported so this will work */ 2105 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 2106 if ((async_deliver || !FIELD_EX64_HV(env->msr)) && hdice) { 2107 /* HDEC clears on delivery */ 2108 return PPC_INTERRUPT_HDECR; 2109 } 2110 } 2111 2112 /* Hypervisor virtualization interrupt */ 2113 if (env->pending_interrupts & PPC_INTERRUPT_HVIRT) { 2114 /* LPCR will be clear when not supported so this will work */ 2115 bool hvice = !!(env->spr[SPR_LPCR] & LPCR_HVICE); 2116 if ((async_deliver || !FIELD_EX64_HV(env->msr)) && hvice) { 2117 return PPC_INTERRUPT_HVIRT; 2118 } 2119 } 2120 2121 /* External interrupt can ignore MSR:EE under some circumstances */ 2122 if (env->pending_interrupts & PPC_INTERRUPT_EXT) { 2123 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 2124 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 2125 /* HEIC blocks delivery to the hypervisor */ 2126 if ((async_deliver && !(heic && FIELD_EX64_HV(env->msr) && 2127 !FIELD_EX64(env->msr, MSR, PR))) || 2128 (env->has_hv_mode && !FIELD_EX64_HV(env->msr) && !lpes0)) { 2129 return PPC_INTERRUPT_EXT; 2130 } 2131 } 2132 if (FIELD_EX64(env->msr, MSR, CE)) { 2133 /* External critical interrupt */ 2134 if (env->pending_interrupts & PPC_INTERRUPT_CEXT) { 2135 return PPC_INTERRUPT_CEXT; 2136 } 2137 } 2138 if (async_deliver != 0) { 2139 /* Watchdog timer on embedded PowerPC */ 2140 if (env->pending_interrupts & PPC_INTERRUPT_WDT) { 2141 return PPC_INTERRUPT_WDT; 2142 } 2143 if (env->pending_interrupts & PPC_INTERRUPT_CDOORBELL) { 2144 return PPC_INTERRUPT_CDOORBELL; 2145 } 2146 /* Fixed interval timer on embedded PowerPC */ 2147 if (env->pending_interrupts & PPC_INTERRUPT_FIT) { 2148 return PPC_INTERRUPT_FIT; 2149 } 2150 /* Programmable interval timer on embedded PowerPC */ 2151 if (env->pending_interrupts & PPC_INTERRUPT_PIT) { 2152 return PPC_INTERRUPT_PIT; 2153 } 2154 /* Decrementer exception */ 2155 if (env->pending_interrupts & PPC_INTERRUPT_DECR) { 2156 return PPC_INTERRUPT_DECR; 2157 } 2158 if (env->pending_interrupts & PPC_INTERRUPT_DOORBELL) { 2159 return PPC_INTERRUPT_DOORBELL; 2160 } 2161 if (env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) { 2162 return PPC_INTERRUPT_HDOORBELL; 2163 } 2164 if (env->pending_interrupts & PPC_INTERRUPT_PERFM) { 2165 return PPC_INTERRUPT_PERFM; 2166 } 2167 /* Thermal interrupt */ 2168 if (env->pending_interrupts & PPC_INTERRUPT_THERM) { 2169 return PPC_INTERRUPT_THERM; 2170 } 2171 /* EBB exception */ 2172 if (env->pending_interrupts & PPC_INTERRUPT_EBB) { 2173 /* 2174 * EBB exception must be taken in problem state and 2175 * with BESCR_GE set. 2176 */ 2177 if (FIELD_EX64(env->msr, MSR, PR) && 2178 (env->spr[SPR_BESCR] & BESCR_GE)) { 2179 return PPC_INTERRUPT_EBB; 2180 } 2181 } 2182 } 2183 2184 return 0; 2185 } 2186 2187 static int ppc_next_unmasked_interrupt(CPUPPCState *env) 2188 { 2189 switch (env->excp_model) { 2190 #if defined(TARGET_PPC64) 2191 case POWERPC_EXCP_POWER7: 2192 return p7_next_unmasked_interrupt(env); 2193 case POWERPC_EXCP_POWER8: 2194 return p8_next_unmasked_interrupt(env); 2195 case POWERPC_EXCP_POWER9: 2196 case POWERPC_EXCP_POWER10: 2197 return p9_next_unmasked_interrupt(env); 2198 #endif 2199 default: 2200 return ppc_next_unmasked_interrupt_generic(env); 2201 } 2202 } 2203 2204 /* 2205 * Sets CPU_INTERRUPT_HARD if there is at least one unmasked interrupt to be 2206 * delivered and clears CPU_INTERRUPT_HARD otherwise. 2207 * 2208 * This method is called by ppc_set_interrupt when an interrupt is raised or 2209 * lowered, and should also be called whenever an interrupt masking condition 2210 * is changed, e.g.: 2211 * - When relevant bits of MSR are altered, like EE, HV, PR, etc.; 2212 * - When relevant bits of LPCR are altered, like PECE, HDICE, HVICE, etc.; 2213 * - When PSSCR[EC] or env->resume_as_sreset are changed; 2214 * - When cs->halted is changed and the CPU has a different interrupt masking 2215 * logic in power-saving mode (e.g., POWER7/8/9/10); 2216 */ 2217 void ppc_maybe_interrupt(CPUPPCState *env) 2218 { 2219 CPUState *cs = env_cpu(env); 2220 QEMU_IOTHREAD_LOCK_GUARD(); 2221 2222 if (ppc_next_unmasked_interrupt(env)) { 2223 cpu_interrupt(cs, CPU_INTERRUPT_HARD); 2224 } else { 2225 cpu_reset_interrupt(cs, CPU_INTERRUPT_HARD); 2226 } 2227 } 2228 2229 #if defined(TARGET_PPC64) 2230 static void p7_deliver_interrupt(CPUPPCState *env, int interrupt) 2231 { 2232 PowerPCCPU *cpu = env_archcpu(env); 2233 CPUState *cs = env_cpu(env); 2234 2235 switch (interrupt) { 2236 case PPC_INTERRUPT_MCK: /* Machine check exception */ 2237 env->pending_interrupts &= ~PPC_INTERRUPT_MCK; 2238 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 2239 break; 2240 2241 case PPC_INTERRUPT_HDECR: /* Hypervisor decrementer exception */ 2242 /* HDEC clears on delivery */ 2243 env->pending_interrupts &= ~PPC_INTERRUPT_HDECR; 2244 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 2245 break; 2246 2247 case PPC_INTERRUPT_EXT: 2248 if (books_vhyp_promotes_external_to_hvirt(cpu)) { 2249 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2250 } else { 2251 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 2252 } 2253 break; 2254 2255 case PPC_INTERRUPT_DECR: /* Decrementer exception */ 2256 powerpc_excp(cpu, POWERPC_EXCP_DECR); 2257 break; 2258 case PPC_INTERRUPT_PERFM: 2259 env->pending_interrupts &= ~PPC_INTERRUPT_PERFM; 2260 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 2261 break; 2262 case 0: 2263 /* 2264 * This is a bug ! It means that has_work took us out of halt without 2265 * anything to deliver while in a PM state that requires getting 2266 * out via a 0x100 2267 * 2268 * This means we will incorrectly execute past the power management 2269 * instruction instead of triggering a reset. 2270 * 2271 * It generally means a discrepancy between the wakeup conditions in the 2272 * processor has_work implementation and the logic in this function. 2273 */ 2274 assert(!env->resume_as_sreset); 2275 break; 2276 default: 2277 cpu_abort(cs, "Invalid PowerPC interrupt %d. Aborting\n", interrupt); 2278 } 2279 } 2280 2281 static void p8_deliver_interrupt(CPUPPCState *env, int interrupt) 2282 { 2283 PowerPCCPU *cpu = env_archcpu(env); 2284 CPUState *cs = env_cpu(env); 2285 2286 switch (interrupt) { 2287 case PPC_INTERRUPT_MCK: /* Machine check exception */ 2288 env->pending_interrupts &= ~PPC_INTERRUPT_MCK; 2289 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 2290 break; 2291 2292 case PPC_INTERRUPT_HDECR: /* Hypervisor decrementer exception */ 2293 /* HDEC clears on delivery */ 2294 env->pending_interrupts &= ~PPC_INTERRUPT_HDECR; 2295 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 2296 break; 2297 2298 case PPC_INTERRUPT_EXT: 2299 if (books_vhyp_promotes_external_to_hvirt(cpu)) { 2300 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2301 } else { 2302 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 2303 } 2304 break; 2305 2306 case PPC_INTERRUPT_DECR: /* Decrementer exception */ 2307 powerpc_excp(cpu, POWERPC_EXCP_DECR); 2308 break; 2309 case PPC_INTERRUPT_DOORBELL: 2310 env->pending_interrupts &= ~PPC_INTERRUPT_DOORBELL; 2311 if (is_book3s_arch2x(env)) { 2312 powerpc_excp(cpu, POWERPC_EXCP_SDOOR); 2313 } else { 2314 powerpc_excp(cpu, POWERPC_EXCP_DOORI); 2315 } 2316 break; 2317 case PPC_INTERRUPT_HDOORBELL: 2318 env->pending_interrupts &= ~PPC_INTERRUPT_HDOORBELL; 2319 powerpc_excp(cpu, POWERPC_EXCP_SDOOR_HV); 2320 break; 2321 case PPC_INTERRUPT_PERFM: 2322 env->pending_interrupts &= ~PPC_INTERRUPT_PERFM; 2323 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 2324 break; 2325 case PPC_INTERRUPT_EBB: /* EBB exception */ 2326 env->pending_interrupts &= ~PPC_INTERRUPT_EBB; 2327 if (env->spr[SPR_BESCR] & BESCR_PMEO) { 2328 powerpc_excp(cpu, POWERPC_EXCP_PERFM_EBB); 2329 } else if (env->spr[SPR_BESCR] & BESCR_EEO) { 2330 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL_EBB); 2331 } 2332 break; 2333 case 0: 2334 /* 2335 * This is a bug ! It means that has_work took us out of halt without 2336 * anything to deliver while in a PM state that requires getting 2337 * out via a 0x100 2338 * 2339 * This means we will incorrectly execute past the power management 2340 * instruction instead of triggering a reset. 2341 * 2342 * It generally means a discrepancy between the wakeup conditions in the 2343 * processor has_work implementation and the logic in this function. 2344 */ 2345 assert(!env->resume_as_sreset); 2346 break; 2347 default: 2348 cpu_abort(cs, "Invalid PowerPC interrupt %d. Aborting\n", interrupt); 2349 } 2350 } 2351 2352 static void p9_deliver_interrupt(CPUPPCState *env, int interrupt) 2353 { 2354 PowerPCCPU *cpu = env_archcpu(env); 2355 CPUState *cs = env_cpu(env); 2356 2357 if (cs->halted && !(env->spr[SPR_PSSCR] & PSSCR_EC) && 2358 !FIELD_EX64(env->msr, MSR, EE)) { 2359 /* 2360 * A pending interrupt took us out of power-saving, but MSR[EE] says 2361 * that we should return to NIP+4 instead of delivering it. 2362 */ 2363 return; 2364 } 2365 2366 switch (interrupt) { 2367 case PPC_INTERRUPT_MCK: /* Machine check exception */ 2368 env->pending_interrupts &= ~PPC_INTERRUPT_MCK; 2369 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 2370 break; 2371 2372 case PPC_INTERRUPT_HDECR: /* Hypervisor decrementer exception */ 2373 /* HDEC clears on delivery */ 2374 env->pending_interrupts &= ~PPC_INTERRUPT_HDECR; 2375 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 2376 break; 2377 case PPC_INTERRUPT_HVIRT: /* Hypervisor virtualization interrupt */ 2378 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2379 break; 2380 2381 case PPC_INTERRUPT_EXT: 2382 if (books_vhyp_promotes_external_to_hvirt(cpu)) { 2383 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2384 } else { 2385 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 2386 } 2387 break; 2388 2389 case PPC_INTERRUPT_DECR: /* Decrementer exception */ 2390 powerpc_excp(cpu, POWERPC_EXCP_DECR); 2391 break; 2392 case PPC_INTERRUPT_DOORBELL: 2393 env->pending_interrupts &= ~PPC_INTERRUPT_DOORBELL; 2394 powerpc_excp(cpu, POWERPC_EXCP_SDOOR); 2395 break; 2396 case PPC_INTERRUPT_HDOORBELL: 2397 env->pending_interrupts &= ~PPC_INTERRUPT_HDOORBELL; 2398 powerpc_excp(cpu, POWERPC_EXCP_SDOOR_HV); 2399 break; 2400 case PPC_INTERRUPT_PERFM: 2401 env->pending_interrupts &= ~PPC_INTERRUPT_PERFM; 2402 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 2403 break; 2404 case PPC_INTERRUPT_EBB: /* EBB exception */ 2405 env->pending_interrupts &= ~PPC_INTERRUPT_EBB; 2406 if (env->spr[SPR_BESCR] & BESCR_PMEO) { 2407 powerpc_excp(cpu, POWERPC_EXCP_PERFM_EBB); 2408 } else if (env->spr[SPR_BESCR] & BESCR_EEO) { 2409 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL_EBB); 2410 } 2411 break; 2412 case 0: 2413 /* 2414 * This is a bug ! It means that has_work took us out of halt without 2415 * anything to deliver while in a PM state that requires getting 2416 * out via a 0x100 2417 * 2418 * This means we will incorrectly execute past the power management 2419 * instruction instead of triggering a reset. 2420 * 2421 * It generally means a discrepancy between the wakeup conditions in the 2422 * processor has_work implementation and the logic in this function. 2423 */ 2424 assert(!env->resume_as_sreset); 2425 break; 2426 default: 2427 cpu_abort(cs, "Invalid PowerPC interrupt %d. Aborting\n", interrupt); 2428 } 2429 } 2430 #endif 2431 2432 static void ppc_deliver_interrupt_generic(CPUPPCState *env, int interrupt) 2433 { 2434 PowerPCCPU *cpu = env_archcpu(env); 2435 CPUState *cs = env_cpu(env); 2436 2437 switch (interrupt) { 2438 case PPC_INTERRUPT_RESET: /* External reset */ 2439 env->pending_interrupts &= ~PPC_INTERRUPT_RESET; 2440 powerpc_excp(cpu, POWERPC_EXCP_RESET); 2441 break; 2442 case PPC_INTERRUPT_MCK: /* Machine check exception */ 2443 env->pending_interrupts &= ~PPC_INTERRUPT_MCK; 2444 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 2445 break; 2446 2447 case PPC_INTERRUPT_HDECR: /* Hypervisor decrementer exception */ 2448 /* HDEC clears on delivery */ 2449 env->pending_interrupts &= ~PPC_INTERRUPT_HDECR; 2450 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 2451 break; 2452 case PPC_INTERRUPT_HVIRT: /* Hypervisor virtualization interrupt */ 2453 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2454 break; 2455 2456 case PPC_INTERRUPT_EXT: 2457 if (books_vhyp_promotes_external_to_hvirt(cpu)) { 2458 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2459 } else { 2460 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 2461 } 2462 break; 2463 case PPC_INTERRUPT_CEXT: /* External critical interrupt */ 2464 powerpc_excp(cpu, POWERPC_EXCP_CRITICAL); 2465 break; 2466 2467 case PPC_INTERRUPT_WDT: /* Watchdog timer on embedded PowerPC */ 2468 env->pending_interrupts &= ~PPC_INTERRUPT_WDT; 2469 powerpc_excp(cpu, POWERPC_EXCP_WDT); 2470 break; 2471 case PPC_INTERRUPT_CDOORBELL: 2472 env->pending_interrupts &= ~PPC_INTERRUPT_CDOORBELL; 2473 powerpc_excp(cpu, POWERPC_EXCP_DOORCI); 2474 break; 2475 case PPC_INTERRUPT_FIT: /* Fixed interval timer on embedded PowerPC */ 2476 env->pending_interrupts &= ~PPC_INTERRUPT_FIT; 2477 powerpc_excp(cpu, POWERPC_EXCP_FIT); 2478 break; 2479 case PPC_INTERRUPT_PIT: /* Programmable interval timer on embedded ppc */ 2480 env->pending_interrupts &= ~PPC_INTERRUPT_PIT; 2481 powerpc_excp(cpu, POWERPC_EXCP_PIT); 2482 break; 2483 case PPC_INTERRUPT_DECR: /* Decrementer exception */ 2484 if (ppc_decr_clear_on_delivery(env)) { 2485 env->pending_interrupts &= ~PPC_INTERRUPT_DECR; 2486 } 2487 powerpc_excp(cpu, POWERPC_EXCP_DECR); 2488 break; 2489 case PPC_INTERRUPT_DOORBELL: 2490 env->pending_interrupts &= ~PPC_INTERRUPT_DOORBELL; 2491 if (is_book3s_arch2x(env)) { 2492 powerpc_excp(cpu, POWERPC_EXCP_SDOOR); 2493 } else { 2494 powerpc_excp(cpu, POWERPC_EXCP_DOORI); 2495 } 2496 break; 2497 case PPC_INTERRUPT_HDOORBELL: 2498 env->pending_interrupts &= ~PPC_INTERRUPT_HDOORBELL; 2499 powerpc_excp(cpu, POWERPC_EXCP_SDOOR_HV); 2500 break; 2501 case PPC_INTERRUPT_PERFM: 2502 env->pending_interrupts &= ~PPC_INTERRUPT_PERFM; 2503 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 2504 break; 2505 case PPC_INTERRUPT_THERM: /* Thermal interrupt */ 2506 env->pending_interrupts &= ~PPC_INTERRUPT_THERM; 2507 powerpc_excp(cpu, POWERPC_EXCP_THERM); 2508 break; 2509 case PPC_INTERRUPT_EBB: /* EBB exception */ 2510 env->pending_interrupts &= ~PPC_INTERRUPT_EBB; 2511 if (env->spr[SPR_BESCR] & BESCR_PMEO) { 2512 powerpc_excp(cpu, POWERPC_EXCP_PERFM_EBB); 2513 } else if (env->spr[SPR_BESCR] & BESCR_EEO) { 2514 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL_EBB); 2515 } 2516 break; 2517 case 0: 2518 /* 2519 * This is a bug ! It means that has_work took us out of halt without 2520 * anything to deliver while in a PM state that requires getting 2521 * out via a 0x100 2522 * 2523 * This means we will incorrectly execute past the power management 2524 * instruction instead of triggering a reset. 2525 * 2526 * It generally means a discrepancy between the wakeup conditions in the 2527 * processor has_work implementation and the logic in this function. 2528 */ 2529 assert(!env->resume_as_sreset); 2530 break; 2531 default: 2532 cpu_abort(cs, "Invalid PowerPC interrupt %d. Aborting\n", interrupt); 2533 } 2534 } 2535 2536 static void ppc_deliver_interrupt(CPUPPCState *env, int interrupt) 2537 { 2538 switch (env->excp_model) { 2539 #if defined(TARGET_PPC64) 2540 case POWERPC_EXCP_POWER7: 2541 p7_deliver_interrupt(env, interrupt); 2542 break; 2543 case POWERPC_EXCP_POWER8: 2544 p8_deliver_interrupt(env, interrupt); 2545 break; 2546 case POWERPC_EXCP_POWER9: 2547 case POWERPC_EXCP_POWER10: 2548 p9_deliver_interrupt(env, interrupt); 2549 break; 2550 #endif 2551 default: 2552 ppc_deliver_interrupt_generic(env, interrupt); 2553 } 2554 } 2555 2556 void ppc_cpu_do_system_reset(CPUState *cs) 2557 { 2558 PowerPCCPU *cpu = POWERPC_CPU(cs); 2559 2560 powerpc_excp(cpu, POWERPC_EXCP_RESET); 2561 } 2562 2563 void ppc_cpu_do_fwnmi_machine_check(CPUState *cs, target_ulong vector) 2564 { 2565 PowerPCCPU *cpu = POWERPC_CPU(cs); 2566 CPUPPCState *env = &cpu->env; 2567 target_ulong msr = 0; 2568 2569 /* 2570 * Set MSR and NIP for the handler, SRR0/1, DAR and DSISR have already 2571 * been set by KVM. 2572 */ 2573 msr = (1ULL << MSR_ME); 2574 msr |= env->msr & (1ULL << MSR_SF); 2575 if (ppc_interrupts_little_endian(cpu, false)) { 2576 msr |= (1ULL << MSR_LE); 2577 } 2578 2579 /* Anything for nested required here? MSR[HV] bit? */ 2580 2581 powerpc_set_excp_state(cpu, vector, msr); 2582 } 2583 2584 bool ppc_cpu_exec_interrupt(CPUState *cs, int interrupt_request) 2585 { 2586 PowerPCCPU *cpu = POWERPC_CPU(cs); 2587 CPUPPCState *env = &cpu->env; 2588 int interrupt; 2589 2590 if ((interrupt_request & CPU_INTERRUPT_HARD) == 0) { 2591 return false; 2592 } 2593 2594 interrupt = ppc_next_unmasked_interrupt(env); 2595 if (interrupt == 0) { 2596 return false; 2597 } 2598 2599 ppc_deliver_interrupt(env, interrupt); 2600 if (env->pending_interrupts == 0) { 2601 cpu_reset_interrupt(cs, CPU_INTERRUPT_HARD); 2602 } 2603 return true; 2604 } 2605 2606 #endif /* !CONFIG_USER_ONLY */ 2607 2608 /*****************************************************************************/ 2609 /* Exceptions processing helpers */ 2610 2611 void raise_exception_err_ra(CPUPPCState *env, uint32_t exception, 2612 uint32_t error_code, uintptr_t raddr) 2613 { 2614 CPUState *cs = env_cpu(env); 2615 2616 cs->exception_index = exception; 2617 env->error_code = error_code; 2618 cpu_loop_exit_restore(cs, raddr); 2619 } 2620 2621 void raise_exception_err(CPUPPCState *env, uint32_t exception, 2622 uint32_t error_code) 2623 { 2624 raise_exception_err_ra(env, exception, error_code, 0); 2625 } 2626 2627 void raise_exception(CPUPPCState *env, uint32_t exception) 2628 { 2629 raise_exception_err_ra(env, exception, 0, 0); 2630 } 2631 2632 void raise_exception_ra(CPUPPCState *env, uint32_t exception, 2633 uintptr_t raddr) 2634 { 2635 raise_exception_err_ra(env, exception, 0, raddr); 2636 } 2637 2638 #ifdef CONFIG_TCG 2639 void helper_raise_exception_err(CPUPPCState *env, uint32_t exception, 2640 uint32_t error_code) 2641 { 2642 raise_exception_err_ra(env, exception, error_code, 0); 2643 } 2644 2645 void helper_raise_exception(CPUPPCState *env, uint32_t exception) 2646 { 2647 raise_exception_err_ra(env, exception, 0, 0); 2648 } 2649 #endif 2650 2651 #if !defined(CONFIG_USER_ONLY) 2652 #ifdef CONFIG_TCG 2653 void helper_store_msr(CPUPPCState *env, target_ulong val) 2654 { 2655 uint32_t excp = hreg_store_msr(env, val, 0); 2656 2657 if (excp != 0) { 2658 cpu_interrupt_exittb(env_cpu(env)); 2659 raise_exception(env, excp); 2660 } 2661 } 2662 2663 void helper_ppc_maybe_interrupt(CPUPPCState *env) 2664 { 2665 ppc_maybe_interrupt(env); 2666 } 2667 2668 #if defined(TARGET_PPC64) 2669 void helper_scv(CPUPPCState *env, uint32_t lev) 2670 { 2671 if (env->spr[SPR_FSCR] & (1ull << FSCR_SCV)) { 2672 raise_exception_err(env, POWERPC_EXCP_SYSCALL_VECTORED, lev); 2673 } else { 2674 raise_exception_err(env, POWERPC_EXCP_FU, FSCR_IC_SCV); 2675 } 2676 } 2677 2678 void helper_pminsn(CPUPPCState *env, uint32_t insn) 2679 { 2680 CPUState *cs = env_cpu(env); 2681 2682 cs->halted = 1; 2683 2684 /* Condition for waking up at 0x100 */ 2685 env->resume_as_sreset = (insn != PPC_PM_STOP) || 2686 (env->spr[SPR_PSSCR] & PSSCR_EC); 2687 2688 /* HDECR is not to wake from PM state, it may have already fired */ 2689 if (env->resume_as_sreset) { 2690 PowerPCCPU *cpu = env_archcpu(env); 2691 ppc_set_irq(cpu, PPC_INTERRUPT_HDECR, 0); 2692 } 2693 2694 ppc_maybe_interrupt(env); 2695 } 2696 #endif /* defined(TARGET_PPC64) */ 2697 2698 static void do_rfi(CPUPPCState *env, target_ulong nip, target_ulong msr) 2699 { 2700 /* MSR:POW cannot be set by any form of rfi */ 2701 msr &= ~(1ULL << MSR_POW); 2702 2703 /* MSR:TGPR cannot be set by any form of rfi */ 2704 if (env->flags & POWERPC_FLAG_TGPR) 2705 msr &= ~(1ULL << MSR_TGPR); 2706 2707 #if defined(TARGET_PPC64) 2708 /* Switching to 32-bit ? Crop the nip */ 2709 if (!msr_is_64bit(env, msr)) { 2710 nip = (uint32_t)nip; 2711 } 2712 #else 2713 nip = (uint32_t)nip; 2714 #endif 2715 /* XXX: beware: this is false if VLE is supported */ 2716 env->nip = nip & ~((target_ulong)0x00000003); 2717 hreg_store_msr(env, msr, 1); 2718 trace_ppc_excp_rfi(env->nip, env->msr); 2719 /* 2720 * No need to raise an exception here, as rfi is always the last 2721 * insn of a TB 2722 */ 2723 cpu_interrupt_exittb(env_cpu(env)); 2724 /* Reset the reservation */ 2725 env->reserve_addr = -1; 2726 2727 /* Context synchronizing: check if TCG TLB needs flush */ 2728 check_tlb_flush(env, false); 2729 } 2730 2731 void helper_rfi(CPUPPCState *env) 2732 { 2733 do_rfi(env, env->spr[SPR_SRR0], env->spr[SPR_SRR1] & 0xfffffffful); 2734 } 2735 2736 #if defined(TARGET_PPC64) 2737 void helper_rfid(CPUPPCState *env) 2738 { 2739 /* 2740 * The architecture defines a number of rules for which bits can 2741 * change but in practice, we handle this in hreg_store_msr() 2742 * which will be called by do_rfi(), so there is no need to filter 2743 * here 2744 */ 2745 do_rfi(env, env->spr[SPR_SRR0], env->spr[SPR_SRR1]); 2746 } 2747 2748 void helper_rfscv(CPUPPCState *env) 2749 { 2750 do_rfi(env, env->lr, env->ctr); 2751 } 2752 2753 void helper_hrfid(CPUPPCState *env) 2754 { 2755 do_rfi(env, env->spr[SPR_HSRR0], env->spr[SPR_HSRR1]); 2756 } 2757 #endif 2758 2759 #if defined(TARGET_PPC64) && !defined(CONFIG_USER_ONLY) 2760 void helper_rfebb(CPUPPCState *env, target_ulong s) 2761 { 2762 target_ulong msr = env->msr; 2763 2764 /* 2765 * Handling of BESCR bits 32:33 according to PowerISA v3.1: 2766 * 2767 * "If BESCR 32:33 != 0b00 the instruction is treated as if 2768 * the instruction form were invalid." 2769 */ 2770 if (env->spr[SPR_BESCR] & BESCR_INVALID) { 2771 raise_exception_err(env, POWERPC_EXCP_PROGRAM, 2772 POWERPC_EXCP_INVAL | POWERPC_EXCP_INVAL_INVAL); 2773 } 2774 2775 env->nip = env->spr[SPR_EBBRR]; 2776 2777 /* Switching to 32-bit ? Crop the nip */ 2778 if (!msr_is_64bit(env, msr)) { 2779 env->nip = (uint32_t)env->spr[SPR_EBBRR]; 2780 } 2781 2782 if (s) { 2783 env->spr[SPR_BESCR] |= BESCR_GE; 2784 } else { 2785 env->spr[SPR_BESCR] &= ~BESCR_GE; 2786 } 2787 } 2788 2789 /* 2790 * Triggers or queues an 'ebb_excp' EBB exception. All checks 2791 * but FSCR, HFSCR and msr_pr must be done beforehand. 2792 * 2793 * PowerISA v3.1 isn't clear about whether an EBB should be 2794 * postponed or cancelled if the EBB facility is unavailable. 2795 * Our assumption here is that the EBB is cancelled if both 2796 * FSCR and HFSCR EBB facilities aren't available. 2797 */ 2798 static void do_ebb(CPUPPCState *env, int ebb_excp) 2799 { 2800 PowerPCCPU *cpu = env_archcpu(env); 2801 2802 /* 2803 * FSCR_EBB and FSCR_IC_EBB are the same bits used with 2804 * HFSCR. 2805 */ 2806 helper_fscr_facility_check(env, FSCR_EBB, 0, FSCR_IC_EBB); 2807 helper_hfscr_facility_check(env, FSCR_EBB, "EBB", FSCR_IC_EBB); 2808 2809 if (ebb_excp == POWERPC_EXCP_PERFM_EBB) { 2810 env->spr[SPR_BESCR] |= BESCR_PMEO; 2811 } else if (ebb_excp == POWERPC_EXCP_EXTERNAL_EBB) { 2812 env->spr[SPR_BESCR] |= BESCR_EEO; 2813 } 2814 2815 if (FIELD_EX64(env->msr, MSR, PR)) { 2816 powerpc_excp(cpu, ebb_excp); 2817 } else { 2818 ppc_set_irq(cpu, PPC_INTERRUPT_EBB, 1); 2819 } 2820 } 2821 2822 void raise_ebb_perfm_exception(CPUPPCState *env) 2823 { 2824 bool perfm_ebb_enabled = env->spr[SPR_POWER_MMCR0] & MMCR0_EBE && 2825 env->spr[SPR_BESCR] & BESCR_PME && 2826 env->spr[SPR_BESCR] & BESCR_GE; 2827 2828 if (!perfm_ebb_enabled) { 2829 return; 2830 } 2831 2832 do_ebb(env, POWERPC_EXCP_PERFM_EBB); 2833 } 2834 #endif 2835 2836 /*****************************************************************************/ 2837 /* Embedded PowerPC specific helpers */ 2838 void helper_40x_rfci(CPUPPCState *env) 2839 { 2840 do_rfi(env, env->spr[SPR_40x_SRR2], env->spr[SPR_40x_SRR3]); 2841 } 2842 2843 void helper_rfci(CPUPPCState *env) 2844 { 2845 do_rfi(env, env->spr[SPR_BOOKE_CSRR0], env->spr[SPR_BOOKE_CSRR1]); 2846 } 2847 2848 void helper_rfdi(CPUPPCState *env) 2849 { 2850 /* FIXME: choose CSRR1 or DSRR1 based on cpu type */ 2851 do_rfi(env, env->spr[SPR_BOOKE_DSRR0], env->spr[SPR_BOOKE_DSRR1]); 2852 } 2853 2854 void helper_rfmci(CPUPPCState *env) 2855 { 2856 /* FIXME: choose CSRR1 or MCSRR1 based on cpu type */ 2857 do_rfi(env, env->spr[SPR_BOOKE_MCSRR0], env->spr[SPR_BOOKE_MCSRR1]); 2858 } 2859 #endif /* CONFIG_TCG */ 2860 #endif /* !defined(CONFIG_USER_ONLY) */ 2861 2862 #ifdef CONFIG_TCG 2863 void helper_tw(CPUPPCState *env, target_ulong arg1, target_ulong arg2, 2864 uint32_t flags) 2865 { 2866 if (!likely(!(((int32_t)arg1 < (int32_t)arg2 && (flags & 0x10)) || 2867 ((int32_t)arg1 > (int32_t)arg2 && (flags & 0x08)) || 2868 ((int32_t)arg1 == (int32_t)arg2 && (flags & 0x04)) || 2869 ((uint32_t)arg1 < (uint32_t)arg2 && (flags & 0x02)) || 2870 ((uint32_t)arg1 > (uint32_t)arg2 && (flags & 0x01))))) { 2871 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2872 POWERPC_EXCP_TRAP, GETPC()); 2873 } 2874 } 2875 2876 #if defined(TARGET_PPC64) 2877 void helper_td(CPUPPCState *env, target_ulong arg1, target_ulong arg2, 2878 uint32_t flags) 2879 { 2880 if (!likely(!(((int64_t)arg1 < (int64_t)arg2 && (flags & 0x10)) || 2881 ((int64_t)arg1 > (int64_t)arg2 && (flags & 0x08)) || 2882 ((int64_t)arg1 == (int64_t)arg2 && (flags & 0x04)) || 2883 ((uint64_t)arg1 < (uint64_t)arg2 && (flags & 0x02)) || 2884 ((uint64_t)arg1 > (uint64_t)arg2 && (flags & 0x01))))) { 2885 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2886 POWERPC_EXCP_TRAP, GETPC()); 2887 } 2888 } 2889 #endif 2890 #endif 2891 2892 #ifdef CONFIG_TCG 2893 static uint32_t helper_SIMON_LIKE_32_64(uint32_t x, uint64_t key, uint32_t lane) 2894 { 2895 const uint16_t c = 0xfffc; 2896 const uint64_t z0 = 0xfa2561cdf44ac398ULL; 2897 uint16_t z = 0, temp; 2898 uint16_t k[32], eff_k[32], xleft[33], xright[33], fxleft[32]; 2899 2900 for (int i = 3; i >= 0; i--) { 2901 k[i] = key & 0xffff; 2902 key >>= 16; 2903 } 2904 xleft[0] = x & 0xffff; 2905 xright[0] = (x >> 16) & 0xffff; 2906 2907 for (int i = 0; i < 28; i++) { 2908 z = (z0 >> (63 - i)) & 1; 2909 temp = ror16(k[i + 3], 3) ^ k[i + 1]; 2910 k[i + 4] = c ^ z ^ k[i] ^ temp ^ ror16(temp, 1); 2911 } 2912 2913 for (int i = 0; i < 8; i++) { 2914 eff_k[4 * i + 0] = k[4 * i + ((0 + lane) % 4)]; 2915 eff_k[4 * i + 1] = k[4 * i + ((1 + lane) % 4)]; 2916 eff_k[4 * i + 2] = k[4 * i + ((2 + lane) % 4)]; 2917 eff_k[4 * i + 3] = k[4 * i + ((3 + lane) % 4)]; 2918 } 2919 2920 for (int i = 0; i < 32; i++) { 2921 fxleft[i] = (rol16(xleft[i], 1) & 2922 rol16(xleft[i], 8)) ^ rol16(xleft[i], 2); 2923 xleft[i + 1] = xright[i] ^ fxleft[i] ^ eff_k[i]; 2924 xright[i + 1] = xleft[i]; 2925 } 2926 2927 return (((uint32_t)xright[32]) << 16) | xleft[32]; 2928 } 2929 2930 static uint64_t hash_digest(uint64_t ra, uint64_t rb, uint64_t key) 2931 { 2932 uint64_t stage0_h = 0ULL, stage0_l = 0ULL; 2933 uint64_t stage1_h, stage1_l; 2934 2935 for (int i = 0; i < 4; i++) { 2936 stage0_h |= ror64(rb & 0xff, 8 * (2 * i + 1)); 2937 stage0_h |= ((ra >> 32) & 0xff) << (8 * 2 * i); 2938 stage0_l |= ror64((rb >> 32) & 0xff, 8 * (2 * i + 1)); 2939 stage0_l |= (ra & 0xff) << (8 * 2 * i); 2940 rb >>= 8; 2941 ra >>= 8; 2942 } 2943 2944 stage1_h = (uint64_t)helper_SIMON_LIKE_32_64(stage0_h >> 32, key, 0) << 32; 2945 stage1_h |= helper_SIMON_LIKE_32_64(stage0_h, key, 1); 2946 stage1_l = (uint64_t)helper_SIMON_LIKE_32_64(stage0_l >> 32, key, 2) << 32; 2947 stage1_l |= helper_SIMON_LIKE_32_64(stage0_l, key, 3); 2948 2949 return stage1_h ^ stage1_l; 2950 } 2951 2952 static void do_hash(CPUPPCState *env, target_ulong ea, target_ulong ra, 2953 target_ulong rb, uint64_t key, bool store) 2954 { 2955 uint64_t calculated_hash = hash_digest(ra, rb, key), loaded_hash; 2956 2957 if (store) { 2958 cpu_stq_data_ra(env, ea, calculated_hash, GETPC()); 2959 } else { 2960 loaded_hash = cpu_ldq_data_ra(env, ea, GETPC()); 2961 if (loaded_hash != calculated_hash) { 2962 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2963 POWERPC_EXCP_TRAP, GETPC()); 2964 } 2965 } 2966 } 2967 2968 #include "qemu/guest-random.h" 2969 2970 #ifdef TARGET_PPC64 2971 #define HELPER_HASH(op, key, store, dexcr_aspect) \ 2972 void helper_##op(CPUPPCState *env, target_ulong ea, target_ulong ra, \ 2973 target_ulong rb) \ 2974 { \ 2975 if (env->msr & R_MSR_PR_MASK) { \ 2976 if (!(env->spr[SPR_DEXCR] & R_DEXCR_PRO_##dexcr_aspect##_MASK || \ 2977 env->spr[SPR_HDEXCR] & R_HDEXCR_ENF_##dexcr_aspect##_MASK)) \ 2978 return; \ 2979 } else if (!(env->msr & R_MSR_HV_MASK)) { \ 2980 if (!(env->spr[SPR_DEXCR] & R_DEXCR_PNH_##dexcr_aspect##_MASK || \ 2981 env->spr[SPR_HDEXCR] & R_HDEXCR_ENF_##dexcr_aspect##_MASK)) \ 2982 return; \ 2983 } else if (!(env->msr & R_MSR_S_MASK)) { \ 2984 if (!(env->spr[SPR_HDEXCR] & R_HDEXCR_HNU_##dexcr_aspect##_MASK)) \ 2985 return; \ 2986 } \ 2987 \ 2988 do_hash(env, ea, ra, rb, key, store); \ 2989 } 2990 #else 2991 #define HELPER_HASH(op, key, store, dexcr_aspect) \ 2992 void helper_##op(CPUPPCState *env, target_ulong ea, target_ulong ra, \ 2993 target_ulong rb) \ 2994 { \ 2995 do_hash(env, ea, ra, rb, key, store); \ 2996 } 2997 #endif /* TARGET_PPC64 */ 2998 2999 HELPER_HASH(HASHST, env->spr[SPR_HASHKEYR], true, NPHIE) 3000 HELPER_HASH(HASHCHK, env->spr[SPR_HASHKEYR], false, NPHIE) 3001 HELPER_HASH(HASHSTP, env->spr[SPR_HASHPKEYR], true, PHIE) 3002 HELPER_HASH(HASHCHKP, env->spr[SPR_HASHPKEYR], false, PHIE) 3003 #endif /* CONFIG_TCG */ 3004 3005 #if !defined(CONFIG_USER_ONLY) 3006 3007 #ifdef CONFIG_TCG 3008 3009 /* Embedded.Processor Control */ 3010 static int dbell2irq(target_ulong rb) 3011 { 3012 int msg = rb & DBELL_TYPE_MASK; 3013 int irq = -1; 3014 3015 switch (msg) { 3016 case DBELL_TYPE_DBELL: 3017 irq = PPC_INTERRUPT_DOORBELL; 3018 break; 3019 case DBELL_TYPE_DBELL_CRIT: 3020 irq = PPC_INTERRUPT_CDOORBELL; 3021 break; 3022 case DBELL_TYPE_G_DBELL: 3023 case DBELL_TYPE_G_DBELL_CRIT: 3024 case DBELL_TYPE_G_DBELL_MC: 3025 /* XXX implement */ 3026 default: 3027 break; 3028 } 3029 3030 return irq; 3031 } 3032 3033 void helper_msgclr(CPUPPCState *env, target_ulong rb) 3034 { 3035 int irq = dbell2irq(rb); 3036 3037 if (irq < 0) { 3038 return; 3039 } 3040 3041 ppc_set_irq(env_archcpu(env), irq, 0); 3042 } 3043 3044 void helper_msgsnd(target_ulong rb) 3045 { 3046 int irq = dbell2irq(rb); 3047 int pir = rb & DBELL_PIRTAG_MASK; 3048 CPUState *cs; 3049 3050 if (irq < 0) { 3051 return; 3052 } 3053 3054 qemu_mutex_lock_iothread(); 3055 CPU_FOREACH(cs) { 3056 PowerPCCPU *cpu = POWERPC_CPU(cs); 3057 CPUPPCState *cenv = &cpu->env; 3058 3059 if ((rb & DBELL_BRDCAST) || (cenv->spr[SPR_BOOKE_PIR] == pir)) { 3060 ppc_set_irq(cpu, irq, 1); 3061 } 3062 } 3063 qemu_mutex_unlock_iothread(); 3064 } 3065 3066 /* Server Processor Control */ 3067 3068 static bool dbell_type_server(target_ulong rb) 3069 { 3070 /* 3071 * A Directed Hypervisor Doorbell message is sent only if the 3072 * message type is 5. All other types are reserved and the 3073 * instruction is a no-op 3074 */ 3075 return (rb & DBELL_TYPE_MASK) == DBELL_TYPE_DBELL_SERVER; 3076 } 3077 3078 void helper_book3s_msgclr(CPUPPCState *env, target_ulong rb) 3079 { 3080 if (!dbell_type_server(rb)) { 3081 return; 3082 } 3083 3084 ppc_set_irq(env_archcpu(env), PPC_INTERRUPT_HDOORBELL, 0); 3085 } 3086 3087 static void book3s_msgsnd_common(int pir, int irq) 3088 { 3089 CPUState *cs; 3090 3091 qemu_mutex_lock_iothread(); 3092 CPU_FOREACH(cs) { 3093 PowerPCCPU *cpu = POWERPC_CPU(cs); 3094 CPUPPCState *cenv = &cpu->env; 3095 3096 /* TODO: broadcast message to all threads of the same processor */ 3097 if (cenv->spr_cb[SPR_PIR].default_value == pir) { 3098 ppc_set_irq(cpu, irq, 1); 3099 } 3100 } 3101 qemu_mutex_unlock_iothread(); 3102 } 3103 3104 void helper_book3s_msgsnd(target_ulong rb) 3105 { 3106 int pir = rb & DBELL_PROCIDTAG_MASK; 3107 3108 if (!dbell_type_server(rb)) { 3109 return; 3110 } 3111 3112 book3s_msgsnd_common(pir, PPC_INTERRUPT_HDOORBELL); 3113 } 3114 3115 #if defined(TARGET_PPC64) 3116 void helper_book3s_msgclrp(CPUPPCState *env, target_ulong rb) 3117 { 3118 helper_hfscr_facility_check(env, HFSCR_MSGP, "msgclrp", HFSCR_IC_MSGP); 3119 3120 if (!dbell_type_server(rb)) { 3121 return; 3122 } 3123 3124 ppc_set_irq(env_archcpu(env), PPC_INTERRUPT_DOORBELL, 0); 3125 } 3126 3127 /* 3128 * sends a message to another thread on the same 3129 * multi-threaded processor 3130 */ 3131 void helper_book3s_msgsndp(CPUPPCState *env, target_ulong rb) 3132 { 3133 CPUState *cs = env_cpu(env); 3134 PowerPCCPU *cpu = POWERPC_CPU(cs); 3135 CPUState *ccs; 3136 uint32_t nr_threads = cs->nr_threads; 3137 int ttir = rb & PPC_BITMASK(57, 63); 3138 3139 helper_hfscr_facility_check(env, HFSCR_MSGP, "msgsndp", HFSCR_IC_MSGP); 3140 3141 if (!(env->flags & POWERPC_FLAG_SMT_1LPAR)) { 3142 nr_threads = 1; /* msgsndp behaves as 1-thread in LPAR-per-thread mode*/ 3143 } 3144 3145 if (!dbell_type_server(rb) || ttir >= nr_threads) { 3146 return; 3147 } 3148 3149 if (nr_threads == 1) { 3150 ppc_set_irq(cpu, PPC_INTERRUPT_DOORBELL, 1); 3151 return; 3152 } 3153 3154 /* Does iothread need to be locked for walking CPU list? */ 3155 qemu_mutex_lock_iothread(); 3156 THREAD_SIBLING_FOREACH(cs, ccs) { 3157 PowerPCCPU *ccpu = POWERPC_CPU(ccs); 3158 uint32_t thread_id = ppc_cpu_tir(ccpu); 3159 3160 if (ttir == thread_id) { 3161 ppc_set_irq(ccpu, PPC_INTERRUPT_DOORBELL, 1); 3162 qemu_mutex_unlock_iothread(); 3163 return; 3164 } 3165 } 3166 3167 g_assert_not_reached(); 3168 } 3169 #endif /* TARGET_PPC64 */ 3170 3171 void ppc_cpu_do_unaligned_access(CPUState *cs, vaddr vaddr, 3172 MMUAccessType access_type, 3173 int mmu_idx, uintptr_t retaddr) 3174 { 3175 CPUPPCState *env = cs->env_ptr; 3176 uint32_t insn; 3177 3178 /* Restore state and reload the insn we executed, for filling in DSISR. */ 3179 cpu_restore_state(cs, retaddr); 3180 insn = ppc_ldl_code(env, env->nip); 3181 3182 switch (env->mmu_model) { 3183 case POWERPC_MMU_SOFT_4xx: 3184 env->spr[SPR_40x_DEAR] = vaddr; 3185 break; 3186 case POWERPC_MMU_BOOKE: 3187 case POWERPC_MMU_BOOKE206: 3188 env->spr[SPR_BOOKE_DEAR] = vaddr; 3189 break; 3190 default: 3191 env->spr[SPR_DAR] = vaddr; 3192 break; 3193 } 3194 3195 cs->exception_index = POWERPC_EXCP_ALIGN; 3196 env->error_code = insn & 0x03FF0000; 3197 cpu_loop_exit(cs); 3198 } 3199 3200 void ppc_cpu_do_transaction_failed(CPUState *cs, hwaddr physaddr, 3201 vaddr vaddr, unsigned size, 3202 MMUAccessType access_type, 3203 int mmu_idx, MemTxAttrs attrs, 3204 MemTxResult response, uintptr_t retaddr) 3205 { 3206 CPUPPCState *env = cs->env_ptr; 3207 3208 switch (env->excp_model) { 3209 #if defined(TARGET_PPC64) 3210 case POWERPC_EXCP_POWER9: 3211 case POWERPC_EXCP_POWER10: 3212 /* 3213 * Machine check codes can be found in processor User Manual or 3214 * Linux or skiboot source. 3215 */ 3216 if (access_type == MMU_DATA_LOAD) { 3217 env->spr[SPR_DAR] = vaddr; 3218 env->spr[SPR_DSISR] = PPC_BIT(57); 3219 env->error_code = PPC_BIT(42); 3220 3221 } else if (access_type == MMU_DATA_STORE) { 3222 /* 3223 * MCE for stores in POWER is asynchronous so hardware does 3224 * not set DAR, but QEMU can do better. 3225 */ 3226 env->spr[SPR_DAR] = vaddr; 3227 env->error_code = PPC_BIT(36) | PPC_BIT(43) | PPC_BIT(45); 3228 env->error_code |= PPC_BIT(42); 3229 3230 } else { /* Fetch */ 3231 env->error_code = PPC_BIT(36) | PPC_BIT(44) | PPC_BIT(45); 3232 } 3233 break; 3234 #endif 3235 default: 3236 /* 3237 * TODO: Check behaviour for other CPUs, for now do nothing. 3238 * Could add a basic MCE even if real hardware ignores. 3239 */ 3240 return; 3241 } 3242 3243 cs->exception_index = POWERPC_EXCP_MCHECK; 3244 cpu_loop_exit_restore(cs, retaddr); 3245 } 3246 #endif /* CONFIG_TCG */ 3247 #endif /* !CONFIG_USER_ONLY */ 3248