1 /* 2 * PowerPC exception emulation helpers for QEMU. 3 * 4 * Copyright (c) 2003-2007 Jocelyn Mayer 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2.1 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 18 */ 19 #include "qemu/osdep.h" 20 #include "qemu/main-loop.h" 21 #include "qemu/log.h" 22 #include "cpu.h" 23 #include "exec/exec-all.h" 24 #include "internal.h" 25 #include "helper_regs.h" 26 27 #include "trace.h" 28 29 #ifdef CONFIG_TCG 30 #include "exec/helper-proto.h" 31 #include "exec/cpu_ldst.h" 32 #endif 33 34 /*****************************************************************************/ 35 /* Exception processing */ 36 #if !defined(CONFIG_USER_ONLY) 37 38 static const char *powerpc_excp_name(int excp) 39 { 40 switch (excp) { 41 case POWERPC_EXCP_CRITICAL: return "CRITICAL"; 42 case POWERPC_EXCP_MCHECK: return "MCHECK"; 43 case POWERPC_EXCP_DSI: return "DSI"; 44 case POWERPC_EXCP_ISI: return "ISI"; 45 case POWERPC_EXCP_EXTERNAL: return "EXTERNAL"; 46 case POWERPC_EXCP_ALIGN: return "ALIGN"; 47 case POWERPC_EXCP_PROGRAM: return "PROGRAM"; 48 case POWERPC_EXCP_FPU: return "FPU"; 49 case POWERPC_EXCP_SYSCALL: return "SYSCALL"; 50 case POWERPC_EXCP_APU: return "APU"; 51 case POWERPC_EXCP_DECR: return "DECR"; 52 case POWERPC_EXCP_FIT: return "FIT"; 53 case POWERPC_EXCP_WDT: return "WDT"; 54 case POWERPC_EXCP_DTLB: return "DTLB"; 55 case POWERPC_EXCP_ITLB: return "ITLB"; 56 case POWERPC_EXCP_DEBUG: return "DEBUG"; 57 case POWERPC_EXCP_SPEU: return "SPEU"; 58 case POWERPC_EXCP_EFPDI: return "EFPDI"; 59 case POWERPC_EXCP_EFPRI: return "EFPRI"; 60 case POWERPC_EXCP_EPERFM: return "EPERFM"; 61 case POWERPC_EXCP_DOORI: return "DOORI"; 62 case POWERPC_EXCP_DOORCI: return "DOORCI"; 63 case POWERPC_EXCP_GDOORI: return "GDOORI"; 64 case POWERPC_EXCP_GDOORCI: return "GDOORCI"; 65 case POWERPC_EXCP_HYPPRIV: return "HYPPRIV"; 66 case POWERPC_EXCP_RESET: return "RESET"; 67 case POWERPC_EXCP_DSEG: return "DSEG"; 68 case POWERPC_EXCP_ISEG: return "ISEG"; 69 case POWERPC_EXCP_HDECR: return "HDECR"; 70 case POWERPC_EXCP_TRACE: return "TRACE"; 71 case POWERPC_EXCP_HDSI: return "HDSI"; 72 case POWERPC_EXCP_HISI: return "HISI"; 73 case POWERPC_EXCP_HDSEG: return "HDSEG"; 74 case POWERPC_EXCP_HISEG: return "HISEG"; 75 case POWERPC_EXCP_VPU: return "VPU"; 76 case POWERPC_EXCP_PIT: return "PIT"; 77 case POWERPC_EXCP_EMUL: return "EMUL"; 78 case POWERPC_EXCP_IFTLB: return "IFTLB"; 79 case POWERPC_EXCP_DLTLB: return "DLTLB"; 80 case POWERPC_EXCP_DSTLB: return "DSTLB"; 81 case POWERPC_EXCP_FPA: return "FPA"; 82 case POWERPC_EXCP_DABR: return "DABR"; 83 case POWERPC_EXCP_IABR: return "IABR"; 84 case POWERPC_EXCP_SMI: return "SMI"; 85 case POWERPC_EXCP_PERFM: return "PERFM"; 86 case POWERPC_EXCP_THERM: return "THERM"; 87 case POWERPC_EXCP_VPUA: return "VPUA"; 88 case POWERPC_EXCP_SOFTP: return "SOFTP"; 89 case POWERPC_EXCP_MAINT: return "MAINT"; 90 case POWERPC_EXCP_MEXTBR: return "MEXTBR"; 91 case POWERPC_EXCP_NMEXTBR: return "NMEXTBR"; 92 case POWERPC_EXCP_ITLBE: return "ITLBE"; 93 case POWERPC_EXCP_DTLBE: return "DTLBE"; 94 case POWERPC_EXCP_VSXU: return "VSXU"; 95 case POWERPC_EXCP_FU: return "FU"; 96 case POWERPC_EXCP_HV_EMU: return "HV_EMU"; 97 case POWERPC_EXCP_HV_MAINT: return "HV_MAINT"; 98 case POWERPC_EXCP_HV_FU: return "HV_FU"; 99 case POWERPC_EXCP_SDOOR: return "SDOOR"; 100 case POWERPC_EXCP_SDOOR_HV: return "SDOOR_HV"; 101 case POWERPC_EXCP_HVIRT: return "HVIRT"; 102 case POWERPC_EXCP_SYSCALL_VECTORED: return "SYSCALL_VECTORED"; 103 default: 104 g_assert_not_reached(); 105 } 106 } 107 108 static void dump_syscall(CPUPPCState *env) 109 { 110 qemu_log_mask(CPU_LOG_INT, "syscall r0=%016" PRIx64 111 " r3=%016" PRIx64 " r4=%016" PRIx64 " r5=%016" PRIx64 112 " r6=%016" PRIx64 " r7=%016" PRIx64 " r8=%016" PRIx64 113 " nip=" TARGET_FMT_lx "\n", 114 ppc_dump_gpr(env, 0), ppc_dump_gpr(env, 3), 115 ppc_dump_gpr(env, 4), ppc_dump_gpr(env, 5), 116 ppc_dump_gpr(env, 6), ppc_dump_gpr(env, 7), 117 ppc_dump_gpr(env, 8), env->nip); 118 } 119 120 static void dump_hcall(CPUPPCState *env) 121 { 122 qemu_log_mask(CPU_LOG_INT, "hypercall r3=%016" PRIx64 123 " r4=%016" PRIx64 " r5=%016" PRIx64 " r6=%016" PRIx64 124 " r7=%016" PRIx64 " r8=%016" PRIx64 " r9=%016" PRIx64 125 " r10=%016" PRIx64 " r11=%016" PRIx64 " r12=%016" PRIx64 126 " nip=" TARGET_FMT_lx "\n", 127 ppc_dump_gpr(env, 3), ppc_dump_gpr(env, 4), 128 ppc_dump_gpr(env, 5), ppc_dump_gpr(env, 6), 129 ppc_dump_gpr(env, 7), ppc_dump_gpr(env, 8), 130 ppc_dump_gpr(env, 9), ppc_dump_gpr(env, 10), 131 ppc_dump_gpr(env, 11), ppc_dump_gpr(env, 12), 132 env->nip); 133 } 134 135 static void ppc_excp_debug_sw_tlb(CPUPPCState *env, int excp) 136 { 137 const char *es; 138 target_ulong *miss, *cmp; 139 int en; 140 141 if (!qemu_loglevel_mask(CPU_LOG_MMU)) { 142 return; 143 } 144 145 if (excp == POWERPC_EXCP_IFTLB) { 146 es = "I"; 147 en = 'I'; 148 miss = &env->spr[SPR_IMISS]; 149 cmp = &env->spr[SPR_ICMP]; 150 } else { 151 if (excp == POWERPC_EXCP_DLTLB) { 152 es = "DL"; 153 } else { 154 es = "DS"; 155 } 156 en = 'D'; 157 miss = &env->spr[SPR_DMISS]; 158 cmp = &env->spr[SPR_DCMP]; 159 } 160 qemu_log("6xx %sTLB miss: %cM " TARGET_FMT_lx " %cC " 161 TARGET_FMT_lx " H1 " TARGET_FMT_lx " H2 " 162 TARGET_FMT_lx " %08x\n", es, en, *miss, en, *cmp, 163 env->spr[SPR_HASH1], env->spr[SPR_HASH2], 164 env->error_code); 165 } 166 167 #if defined(TARGET_PPC64) 168 static int powerpc_reset_wakeup(CPUState *cs, CPUPPCState *env, int excp, 169 target_ulong *msr) 170 { 171 /* We no longer are in a PM state */ 172 env->resume_as_sreset = false; 173 174 /* Pretend to be returning from doze always as we don't lose state */ 175 *msr |= SRR1_WS_NOLOSS; 176 177 /* Machine checks are sent normally */ 178 if (excp == POWERPC_EXCP_MCHECK) { 179 return excp; 180 } 181 switch (excp) { 182 case POWERPC_EXCP_RESET: 183 *msr |= SRR1_WAKERESET; 184 break; 185 case POWERPC_EXCP_EXTERNAL: 186 *msr |= SRR1_WAKEEE; 187 break; 188 case POWERPC_EXCP_DECR: 189 *msr |= SRR1_WAKEDEC; 190 break; 191 case POWERPC_EXCP_SDOOR: 192 *msr |= SRR1_WAKEDBELL; 193 break; 194 case POWERPC_EXCP_SDOOR_HV: 195 *msr |= SRR1_WAKEHDBELL; 196 break; 197 case POWERPC_EXCP_HV_MAINT: 198 *msr |= SRR1_WAKEHMI; 199 break; 200 case POWERPC_EXCP_HVIRT: 201 *msr |= SRR1_WAKEHVI; 202 break; 203 default: 204 cpu_abort(cs, "Unsupported exception %d in Power Save mode\n", 205 excp); 206 } 207 return POWERPC_EXCP_RESET; 208 } 209 210 /* 211 * AIL - Alternate Interrupt Location, a mode that allows interrupts to be 212 * taken with the MMU on, and which uses an alternate location (e.g., so the 213 * kernel/hv can map the vectors there with an effective address). 214 * 215 * An interrupt is considered to be taken "with AIL" or "AIL applies" if they 216 * are delivered in this way. AIL requires the LPCR to be set to enable this 217 * mode, and then a number of conditions have to be true for AIL to apply. 218 * 219 * First of all, SRESET, MCE, and HMI are always delivered without AIL, because 220 * they specifically want to be in real mode (e.g., the MCE might be signaling 221 * a SLB multi-hit which requires SLB flush before the MMU can be enabled). 222 * 223 * After that, behaviour depends on the current MSR[IR], MSR[DR], MSR[HV], 224 * whether or not the interrupt changes MSR[HV] from 0 to 1, and the current 225 * radix mode (LPCR[HR]). 226 * 227 * POWER8, POWER9 with LPCR[HR]=0 228 * | LPCR[AIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 229 * +-----------+-------------+---------+-------------+-----+ 230 * | a | 00/01/10 | x | x | 0 | 231 * | a | 11 | 0 | 1 | 0 | 232 * | a | 11 | 1 | 1 | a | 233 * | a | 11 | 0 | 0 | a | 234 * +-------------------------------------------------------+ 235 * 236 * POWER9 with LPCR[HR]=1 237 * | LPCR[AIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 238 * +-----------+-------------+---------+-------------+-----+ 239 * | a | 00/01/10 | x | x | 0 | 240 * | a | 11 | x | x | a | 241 * +-------------------------------------------------------+ 242 * 243 * The difference with POWER9 being that MSR[HV] 0->1 interrupts can be sent to 244 * the hypervisor in AIL mode if the guest is radix. This is good for 245 * performance but allows the guest to influence the AIL of hypervisor 246 * interrupts using its MSR, and also the hypervisor must disallow guest 247 * interrupts (MSR[HV] 0->0) from using AIL if the hypervisor does not want to 248 * use AIL for its MSR[HV] 0->1 interrupts. 249 * 250 * POWER10 addresses those issues with a new LPCR[HAIL] bit that is applied to 251 * interrupts that begin execution with MSR[HV]=1 (so both MSR[HV] 0->1 and 252 * MSR[HV] 1->1). 253 * 254 * HAIL=1 is equivalent to AIL=3, for interrupts delivered with MSR[HV]=1. 255 * 256 * POWER10 behaviour is 257 * | LPCR[AIL] | LPCR[HAIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 258 * +-----------+------------+-------------+---------+-------------+-----+ 259 * | a | h | 00/01/10 | 0 | 0 | 0 | 260 * | a | h | 11 | 0 | 0 | a | 261 * | a | h | x | 0 | 1 | h | 262 * | a | h | 00/01/10 | 1 | 1 | 0 | 263 * | a | h | 11 | 1 | 1 | h | 264 * +--------------------------------------------------------------------+ 265 */ 266 static void ppc_excp_apply_ail(PowerPCCPU *cpu, int excp, target_ulong msr, 267 target_ulong *new_msr, target_ulong *vector) 268 { 269 PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cpu); 270 CPUPPCState *env = &cpu->env; 271 bool mmu_all_on = ((msr >> MSR_IR) & 1) && ((msr >> MSR_DR) & 1); 272 bool hv_escalation = !(msr & MSR_HVB) && (*new_msr & MSR_HVB); 273 int ail = 0; 274 275 if (excp == POWERPC_EXCP_MCHECK || 276 excp == POWERPC_EXCP_RESET || 277 excp == POWERPC_EXCP_HV_MAINT) { 278 /* SRESET, MCE, HMI never apply AIL */ 279 return; 280 } 281 282 if (!(pcc->lpcr_mask & LPCR_AIL)) { 283 /* This CPU does not have AIL */ 284 return; 285 } 286 287 /* P8 & P9 */ 288 if (!(pcc->lpcr_mask & LPCR_HAIL)) { 289 if (!mmu_all_on) { 290 /* AIL only works if MSR[IR] and MSR[DR] are both enabled. */ 291 return; 292 } 293 if (hv_escalation && !(env->spr[SPR_LPCR] & LPCR_HR)) { 294 /* 295 * AIL does not work if there is a MSR[HV] 0->1 transition and the 296 * partition is in HPT mode. For radix guests, such interrupts are 297 * allowed to be delivered to the hypervisor in ail mode. 298 */ 299 return; 300 } 301 302 ail = (env->spr[SPR_LPCR] & LPCR_AIL) >> LPCR_AIL_SHIFT; 303 if (ail == 0) { 304 return; 305 } 306 if (ail == 1) { 307 /* AIL=1 is reserved, treat it like AIL=0 */ 308 return; 309 } 310 311 /* P10 and up */ 312 } else { 313 if (!mmu_all_on && !hv_escalation) { 314 /* 315 * AIL works for HV interrupts even with guest MSR[IR/DR] disabled. 316 * Guest->guest and HV->HV interrupts do require MMU on. 317 */ 318 return; 319 } 320 321 if (*new_msr & MSR_HVB) { 322 if (!(env->spr[SPR_LPCR] & LPCR_HAIL)) { 323 /* HV interrupts depend on LPCR[HAIL] */ 324 return; 325 } 326 ail = 3; /* HAIL=1 gives AIL=3 behaviour for HV interrupts */ 327 } else { 328 ail = (env->spr[SPR_LPCR] & LPCR_AIL) >> LPCR_AIL_SHIFT; 329 } 330 if (ail == 0) { 331 return; 332 } 333 if (ail == 1 || ail == 2) { 334 /* AIL=1 and AIL=2 are reserved, treat them like AIL=0 */ 335 return; 336 } 337 } 338 339 /* 340 * AIL applies, so the new MSR gets IR and DR set, and an offset applied 341 * to the new IP. 342 */ 343 *new_msr |= (1 << MSR_IR) | (1 << MSR_DR); 344 345 if (excp != POWERPC_EXCP_SYSCALL_VECTORED) { 346 if (ail == 2) { 347 *vector |= 0x0000000000018000ull; 348 } else if (ail == 3) { 349 *vector |= 0xc000000000004000ull; 350 } 351 } else { 352 /* 353 * scv AIL is a little different. AIL=2 does not change the address, 354 * only the MSR. AIL=3 replaces the 0x17000 base with 0xc...3000. 355 */ 356 if (ail == 3) { 357 *vector &= ~0x0000000000017000ull; /* Un-apply the base offset */ 358 *vector |= 0xc000000000003000ull; /* Apply scv's AIL=3 offset */ 359 } 360 } 361 } 362 #endif 363 364 static void powerpc_reset_excp_state(PowerPCCPU *cpu) 365 { 366 CPUState *cs = CPU(cpu); 367 CPUPPCState *env = &cpu->env; 368 369 /* Reset exception state */ 370 cs->exception_index = POWERPC_EXCP_NONE; 371 env->error_code = 0; 372 } 373 374 static void powerpc_set_excp_state(PowerPCCPU *cpu, target_ulong vector, 375 target_ulong msr) 376 { 377 CPUPPCState *env = &cpu->env; 378 379 assert((msr & env->msr_mask) == msr); 380 381 /* 382 * We don't use hreg_store_msr here as already have treated any 383 * special case that could occur. Just store MSR and update hflags 384 * 385 * Note: We *MUST* not use hreg_store_msr() as-is anyway because it 386 * will prevent setting of the HV bit which some exceptions might need 387 * to do. 388 */ 389 env->nip = vector; 390 env->msr = msr; 391 hreg_compute_hflags(env); 392 393 powerpc_reset_excp_state(cpu); 394 395 /* 396 * Any interrupt is context synchronizing, check if TCG TLB needs 397 * a delayed flush on ppc64 398 */ 399 check_tlb_flush(env, false); 400 401 /* Reset the reservation */ 402 env->reserve_addr = -1; 403 } 404 405 static void powerpc_excp_40x(PowerPCCPU *cpu, int excp) 406 { 407 CPUState *cs = CPU(cpu); 408 CPUPPCState *env = &cpu->env; 409 target_ulong msr, new_msr, vector; 410 int srr0, srr1; 411 412 /* new srr1 value excluding must-be-zero bits */ 413 msr = env->msr & ~0x783f0000ULL; 414 415 /* 416 * new interrupt handler msr preserves existing ME unless 417 * explicitly overriden. 418 */ 419 new_msr = env->msr & (((target_ulong)1 << MSR_ME)); 420 421 /* target registers */ 422 srr0 = SPR_SRR0; 423 srr1 = SPR_SRR1; 424 425 /* 426 * Hypervisor emulation assistance interrupt only exists on server 427 * arch 2.05 server or later. 428 */ 429 if (excp == POWERPC_EXCP_HV_EMU) { 430 excp = POWERPC_EXCP_PROGRAM; 431 } 432 433 vector = env->excp_vectors[excp]; 434 if (vector == (target_ulong)-1ULL) { 435 cpu_abort(cs, "Raised an exception without defined vector %d\n", 436 excp); 437 } 438 439 vector |= env->excp_prefix; 440 441 switch (excp) { 442 case POWERPC_EXCP_CRITICAL: /* Critical input */ 443 srr0 = SPR_40x_SRR2; 444 srr1 = SPR_40x_SRR3; 445 break; 446 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 447 if (!FIELD_EX64(env->msr, MSR, ME)) { 448 /* 449 * Machine check exception is not enabled. Enter 450 * checkstop state. 451 */ 452 fprintf(stderr, "Machine check while not allowed. " 453 "Entering checkstop state\n"); 454 if (qemu_log_separate()) { 455 qemu_log("Machine check while not allowed. " 456 "Entering checkstop state\n"); 457 } 458 cs->halted = 1; 459 cpu_interrupt_exittb(cs); 460 } 461 462 /* machine check exceptions don't have ME set */ 463 new_msr &= ~((target_ulong)1 << MSR_ME); 464 465 srr0 = SPR_40x_SRR2; 466 srr1 = SPR_40x_SRR3; 467 break; 468 case POWERPC_EXCP_DSI: /* Data storage exception */ 469 trace_ppc_excp_dsi(env->spr[SPR_40x_ESR], env->spr[SPR_40x_DEAR]); 470 break; 471 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 472 trace_ppc_excp_isi(msr, env->nip); 473 break; 474 case POWERPC_EXCP_EXTERNAL: /* External input */ 475 break; 476 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 477 break; 478 case POWERPC_EXCP_PROGRAM: /* Program exception */ 479 switch (env->error_code & ~0xF) { 480 case POWERPC_EXCP_FP: 481 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 482 trace_ppc_excp_fp_ignore(); 483 powerpc_reset_excp_state(cpu); 484 return; 485 } 486 env->spr[SPR_40x_ESR] = ESR_FP; 487 break; 488 case POWERPC_EXCP_INVAL: 489 trace_ppc_excp_inval(env->nip); 490 env->spr[SPR_40x_ESR] = ESR_PIL; 491 break; 492 case POWERPC_EXCP_PRIV: 493 env->spr[SPR_40x_ESR] = ESR_PPR; 494 break; 495 case POWERPC_EXCP_TRAP: 496 env->spr[SPR_40x_ESR] = ESR_PTR; 497 break; 498 default: 499 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 500 env->error_code); 501 break; 502 } 503 break; 504 case POWERPC_EXCP_SYSCALL: /* System call exception */ 505 dump_syscall(env); 506 507 /* 508 * We need to correct the NIP which in this case is supposed 509 * to point to the next instruction 510 */ 511 env->nip += 4; 512 break; 513 case POWERPC_EXCP_FIT: /* Fixed-interval timer interrupt */ 514 trace_ppc_excp_print("FIT"); 515 break; 516 case POWERPC_EXCP_WDT: /* Watchdog timer interrupt */ 517 trace_ppc_excp_print("WDT"); 518 break; 519 case POWERPC_EXCP_DTLB: /* Data TLB error */ 520 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 521 break; 522 case POWERPC_EXCP_PIT: /* Programmable interval timer interrupt */ 523 trace_ppc_excp_print("PIT"); 524 break; 525 case POWERPC_EXCP_DEBUG: /* Debug interrupt */ 526 cpu_abort(cs, "%s exception not implemented\n", 527 powerpc_excp_name(excp)); 528 break; 529 default: 530 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 531 break; 532 } 533 534 /* Save PC */ 535 env->spr[srr0] = env->nip; 536 537 /* Save MSR */ 538 env->spr[srr1] = msr; 539 540 powerpc_set_excp_state(cpu, vector, new_msr); 541 } 542 543 static void powerpc_excp_6xx(PowerPCCPU *cpu, int excp) 544 { 545 CPUState *cs = CPU(cpu); 546 CPUPPCState *env = &cpu->env; 547 target_ulong msr, new_msr, vector; 548 549 /* new srr1 value excluding must-be-zero bits */ 550 msr = env->msr & ~0x783f0000ULL; 551 552 /* 553 * new interrupt handler msr preserves existing ME unless 554 * explicitly overriden 555 */ 556 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 557 558 /* 559 * Hypervisor emulation assistance interrupt only exists on server 560 * arch 2.05 server or later. 561 */ 562 if (excp == POWERPC_EXCP_HV_EMU) { 563 excp = POWERPC_EXCP_PROGRAM; 564 } 565 566 vector = env->excp_vectors[excp]; 567 if (vector == (target_ulong)-1ULL) { 568 cpu_abort(cs, "Raised an exception without defined vector %d\n", 569 excp); 570 } 571 572 vector |= env->excp_prefix; 573 574 switch (excp) { 575 case POWERPC_EXCP_CRITICAL: /* Critical input */ 576 break; 577 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 578 if (!FIELD_EX64(env->msr, MSR, ME)) { 579 /* 580 * Machine check exception is not enabled. Enter 581 * checkstop state. 582 */ 583 fprintf(stderr, "Machine check while not allowed. " 584 "Entering checkstop state\n"); 585 if (qemu_log_separate()) { 586 qemu_log("Machine check while not allowed. " 587 "Entering checkstop state\n"); 588 } 589 cs->halted = 1; 590 cpu_interrupt_exittb(cs); 591 } 592 593 /* machine check exceptions don't have ME set */ 594 new_msr &= ~((target_ulong)1 << MSR_ME); 595 596 break; 597 case POWERPC_EXCP_DSI: /* Data storage exception */ 598 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 599 break; 600 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 601 trace_ppc_excp_isi(msr, env->nip); 602 msr |= env->error_code; 603 break; 604 case POWERPC_EXCP_EXTERNAL: /* External input */ 605 break; 606 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 607 /* Get rS/rD and rA from faulting opcode */ 608 /* 609 * Note: the opcode fields will not be set properly for a 610 * direct store load/store, but nobody cares as nobody 611 * actually uses direct store segments. 612 */ 613 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 614 break; 615 case POWERPC_EXCP_PROGRAM: /* Program exception */ 616 switch (env->error_code & ~0xF) { 617 case POWERPC_EXCP_FP: 618 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 619 trace_ppc_excp_fp_ignore(); 620 powerpc_reset_excp_state(cpu); 621 return; 622 } 623 624 /* 625 * FP exceptions always have NIP pointing to the faulting 626 * instruction, so always use store_next and claim we are 627 * precise in the MSR. 628 */ 629 msr |= 0x00100000; 630 break; 631 case POWERPC_EXCP_INVAL: 632 trace_ppc_excp_inval(env->nip); 633 msr |= 0x00080000; 634 break; 635 case POWERPC_EXCP_PRIV: 636 msr |= 0x00040000; 637 break; 638 case POWERPC_EXCP_TRAP: 639 msr |= 0x00020000; 640 break; 641 default: 642 /* Should never occur */ 643 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 644 env->error_code); 645 break; 646 } 647 break; 648 case POWERPC_EXCP_SYSCALL: /* System call exception */ 649 dump_syscall(env); 650 651 /* 652 * We need to correct the NIP which in this case is supposed 653 * to point to the next instruction 654 */ 655 env->nip += 4; 656 break; 657 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 658 case POWERPC_EXCP_DECR: /* Decrementer exception */ 659 break; 660 case POWERPC_EXCP_DTLB: /* Data TLB error */ 661 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 662 break; 663 case POWERPC_EXCP_RESET: /* System reset exception */ 664 if (FIELD_EX64(env->msr, MSR, POW)) { 665 cpu_abort(cs, "Trying to deliver power-saving system reset " 666 "exception %d with no HV support\n", excp); 667 } 668 break; 669 case POWERPC_EXCP_TRACE: /* Trace exception */ 670 break; 671 case POWERPC_EXCP_IFTLB: /* Instruction fetch TLB error */ 672 case POWERPC_EXCP_DLTLB: /* Data load TLB miss */ 673 case POWERPC_EXCP_DSTLB: /* Data store TLB miss */ 674 /* Swap temporary saved registers with GPRs */ 675 if (!(new_msr & ((target_ulong)1 << MSR_TGPR))) { 676 new_msr |= (target_ulong)1 << MSR_TGPR; 677 hreg_swap_gpr_tgpr(env); 678 } 679 680 ppc_excp_debug_sw_tlb(env, excp); 681 682 msr |= env->crf[0] << 28; 683 msr |= env->error_code; /* key, D/I, S/L bits */ 684 /* Set way using a LRU mechanism */ 685 msr |= ((env->last_way + 1) & (env->nb_ways - 1)) << 17; 686 break; 687 case POWERPC_EXCP_FPA: /* Floating-point assist exception */ 688 case POWERPC_EXCP_DABR: /* Data address breakpoint */ 689 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 690 case POWERPC_EXCP_SMI: /* System management interrupt */ 691 case POWERPC_EXCP_MEXTBR: /* Maskable external breakpoint */ 692 case POWERPC_EXCP_NMEXTBR: /* Non maskable external breakpoint */ 693 cpu_abort(cs, "%s exception not implemented\n", 694 powerpc_excp_name(excp)); 695 break; 696 default: 697 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 698 break; 699 } 700 701 /* 702 * Sort out endianness of interrupt, this differs depending on the 703 * CPU, the HV mode, etc... 704 */ 705 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 706 new_msr |= (target_ulong)1 << MSR_LE; 707 } 708 709 /* Save PC */ 710 env->spr[SPR_SRR0] = env->nip; 711 712 /* Save MSR */ 713 env->spr[SPR_SRR1] = msr; 714 715 powerpc_set_excp_state(cpu, vector, new_msr); 716 } 717 718 static void powerpc_excp_7xx(PowerPCCPU *cpu, int excp) 719 { 720 CPUState *cs = CPU(cpu); 721 CPUPPCState *env = &cpu->env; 722 target_ulong msr, new_msr, vector; 723 724 /* new srr1 value excluding must-be-zero bits */ 725 msr = env->msr & ~0x783f0000ULL; 726 727 /* 728 * new interrupt handler msr preserves existing ME unless 729 * explicitly overriden 730 */ 731 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 732 733 /* 734 * Hypervisor emulation assistance interrupt only exists on server 735 * arch 2.05 server or later. 736 */ 737 if (excp == POWERPC_EXCP_HV_EMU) { 738 excp = POWERPC_EXCP_PROGRAM; 739 } 740 741 vector = env->excp_vectors[excp]; 742 if (vector == (target_ulong)-1ULL) { 743 cpu_abort(cs, "Raised an exception without defined vector %d\n", 744 excp); 745 } 746 747 vector |= env->excp_prefix; 748 749 switch (excp) { 750 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 751 if (!FIELD_EX64(env->msr, MSR, ME)) { 752 /* 753 * Machine check exception is not enabled. Enter 754 * checkstop state. 755 */ 756 fprintf(stderr, "Machine check while not allowed. " 757 "Entering checkstop state\n"); 758 if (qemu_log_separate()) { 759 qemu_log("Machine check while not allowed. " 760 "Entering checkstop state\n"); 761 } 762 cs->halted = 1; 763 cpu_interrupt_exittb(cs); 764 } 765 766 /* machine check exceptions don't have ME set */ 767 new_msr &= ~((target_ulong)1 << MSR_ME); 768 769 break; 770 case POWERPC_EXCP_DSI: /* Data storage exception */ 771 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 772 break; 773 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 774 trace_ppc_excp_isi(msr, env->nip); 775 msr |= env->error_code; 776 break; 777 case POWERPC_EXCP_EXTERNAL: /* External input */ 778 break; 779 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 780 /* Get rS/rD and rA from faulting opcode */ 781 /* 782 * Note: the opcode fields will not be set properly for a 783 * direct store load/store, but nobody cares as nobody 784 * actually uses direct store segments. 785 */ 786 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 787 break; 788 case POWERPC_EXCP_PROGRAM: /* Program exception */ 789 switch (env->error_code & ~0xF) { 790 case POWERPC_EXCP_FP: 791 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 792 trace_ppc_excp_fp_ignore(); 793 powerpc_reset_excp_state(cpu); 794 return; 795 } 796 797 /* 798 * FP exceptions always have NIP pointing to the faulting 799 * instruction, so always use store_next and claim we are 800 * precise in the MSR. 801 */ 802 msr |= 0x00100000; 803 break; 804 case POWERPC_EXCP_INVAL: 805 trace_ppc_excp_inval(env->nip); 806 msr |= 0x00080000; 807 break; 808 case POWERPC_EXCP_PRIV: 809 msr |= 0x00040000; 810 break; 811 case POWERPC_EXCP_TRAP: 812 msr |= 0x00020000; 813 break; 814 default: 815 /* Should never occur */ 816 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 817 env->error_code); 818 break; 819 } 820 break; 821 case POWERPC_EXCP_SYSCALL: /* System call exception */ 822 { 823 int lev = env->error_code; 824 825 if (lev == 1 && cpu->vhyp) { 826 dump_hcall(env); 827 } else { 828 dump_syscall(env); 829 } 830 831 /* 832 * We need to correct the NIP which in this case is supposed 833 * to point to the next instruction 834 */ 835 env->nip += 4; 836 837 /* 838 * The Virtual Open Firmware (VOF) relies on the 'sc 1' 839 * instruction to communicate with QEMU. The pegasos2 machine 840 * uses VOF and the 7xx CPUs, so although the 7xx don't have 841 * HV mode, we need to keep hypercall support. 842 */ 843 if (lev == 1 && cpu->vhyp) { 844 PPCVirtualHypervisorClass *vhc = 845 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 846 vhc->hypercall(cpu->vhyp, cpu); 847 return; 848 } 849 850 break; 851 } 852 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 853 case POWERPC_EXCP_DECR: /* Decrementer exception */ 854 break; 855 case POWERPC_EXCP_RESET: /* System reset exception */ 856 if (FIELD_EX64(env->msr, MSR, POW)) { 857 cpu_abort(cs, "Trying to deliver power-saving system reset " 858 "exception %d with no HV support\n", excp); 859 } 860 break; 861 case POWERPC_EXCP_TRACE: /* Trace exception */ 862 break; 863 case POWERPC_EXCP_IFTLB: /* Instruction fetch TLB error */ 864 case POWERPC_EXCP_DLTLB: /* Data load TLB miss */ 865 case POWERPC_EXCP_DSTLB: /* Data store TLB miss */ 866 ppc_excp_debug_sw_tlb(env, excp); 867 868 msr |= env->crf[0] << 28; 869 msr |= env->error_code; /* key, D/I, S/L bits */ 870 /* Set way using a LRU mechanism */ 871 msr |= ((env->last_way + 1) & (env->nb_ways - 1)) << 17; 872 873 break; 874 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 875 case POWERPC_EXCP_SMI: /* System management interrupt */ 876 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 877 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 878 cpu_abort(cs, "%s exception not implemented\n", 879 powerpc_excp_name(excp)); 880 break; 881 default: 882 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 883 break; 884 } 885 886 /* 887 * Sort out endianness of interrupt, this differs depending on the 888 * CPU, the HV mode, etc... 889 */ 890 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 891 new_msr |= (target_ulong)1 << MSR_LE; 892 } 893 894 /* Save PC */ 895 env->spr[SPR_SRR0] = env->nip; 896 897 /* Save MSR */ 898 env->spr[SPR_SRR1] = msr; 899 900 powerpc_set_excp_state(cpu, vector, new_msr); 901 } 902 903 static void powerpc_excp_74xx(PowerPCCPU *cpu, int excp) 904 { 905 CPUState *cs = CPU(cpu); 906 CPUPPCState *env = &cpu->env; 907 target_ulong msr, new_msr, vector; 908 909 /* new srr1 value excluding must-be-zero bits */ 910 msr = env->msr & ~0x783f0000ULL; 911 912 /* 913 * new interrupt handler msr preserves existing ME unless 914 * explicitly overriden 915 */ 916 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 917 918 /* 919 * Hypervisor emulation assistance interrupt only exists on server 920 * arch 2.05 server or later. 921 */ 922 if (excp == POWERPC_EXCP_HV_EMU) { 923 excp = POWERPC_EXCP_PROGRAM; 924 } 925 926 vector = env->excp_vectors[excp]; 927 if (vector == (target_ulong)-1ULL) { 928 cpu_abort(cs, "Raised an exception without defined vector %d\n", 929 excp); 930 } 931 932 vector |= env->excp_prefix; 933 934 switch (excp) { 935 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 936 if (!FIELD_EX64(env->msr, MSR, ME)) { 937 /* 938 * Machine check exception is not enabled. Enter 939 * checkstop state. 940 */ 941 fprintf(stderr, "Machine check while not allowed. " 942 "Entering checkstop state\n"); 943 if (qemu_log_separate()) { 944 qemu_log("Machine check while not allowed. " 945 "Entering checkstop state\n"); 946 } 947 cs->halted = 1; 948 cpu_interrupt_exittb(cs); 949 } 950 951 /* machine check exceptions don't have ME set */ 952 new_msr &= ~((target_ulong)1 << MSR_ME); 953 954 break; 955 case POWERPC_EXCP_DSI: /* Data storage exception */ 956 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 957 break; 958 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 959 trace_ppc_excp_isi(msr, env->nip); 960 msr |= env->error_code; 961 break; 962 case POWERPC_EXCP_EXTERNAL: /* External input */ 963 break; 964 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 965 /* Get rS/rD and rA from faulting opcode */ 966 /* 967 * Note: the opcode fields will not be set properly for a 968 * direct store load/store, but nobody cares as nobody 969 * actually uses direct store segments. 970 */ 971 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 972 break; 973 case POWERPC_EXCP_PROGRAM: /* Program exception */ 974 switch (env->error_code & ~0xF) { 975 case POWERPC_EXCP_FP: 976 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 977 trace_ppc_excp_fp_ignore(); 978 powerpc_reset_excp_state(cpu); 979 return; 980 } 981 982 /* 983 * FP exceptions always have NIP pointing to the faulting 984 * instruction, so always use store_next and claim we are 985 * precise in the MSR. 986 */ 987 msr |= 0x00100000; 988 break; 989 case POWERPC_EXCP_INVAL: 990 trace_ppc_excp_inval(env->nip); 991 msr |= 0x00080000; 992 break; 993 case POWERPC_EXCP_PRIV: 994 msr |= 0x00040000; 995 break; 996 case POWERPC_EXCP_TRAP: 997 msr |= 0x00020000; 998 break; 999 default: 1000 /* Should never occur */ 1001 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 1002 env->error_code); 1003 break; 1004 } 1005 break; 1006 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1007 { 1008 int lev = env->error_code; 1009 1010 if ((lev == 1) && cpu->vhyp) { 1011 dump_hcall(env); 1012 } else { 1013 dump_syscall(env); 1014 } 1015 1016 /* 1017 * We need to correct the NIP which in this case is supposed 1018 * to point to the next instruction 1019 */ 1020 env->nip += 4; 1021 1022 /* 1023 * The Virtual Open Firmware (VOF) relies on the 'sc 1' 1024 * instruction to communicate with QEMU. The pegasos2 machine 1025 * uses VOF and the 74xx CPUs, so although the 74xx don't have 1026 * HV mode, we need to keep hypercall support. 1027 */ 1028 if ((lev == 1) && cpu->vhyp) { 1029 PPCVirtualHypervisorClass *vhc = 1030 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 1031 vhc->hypercall(cpu->vhyp, cpu); 1032 return; 1033 } 1034 1035 break; 1036 } 1037 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1038 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1039 break; 1040 case POWERPC_EXCP_RESET: /* System reset exception */ 1041 if (FIELD_EX64(env->msr, MSR, POW)) { 1042 cpu_abort(cs, "Trying to deliver power-saving system reset " 1043 "exception %d with no HV support\n", excp); 1044 } 1045 break; 1046 case POWERPC_EXCP_TRACE: /* Trace exception */ 1047 break; 1048 case POWERPC_EXCP_VPU: /* Vector unavailable exception */ 1049 break; 1050 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 1051 case POWERPC_EXCP_SMI: /* System management interrupt */ 1052 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 1053 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 1054 case POWERPC_EXCP_VPUA: /* Vector assist exception */ 1055 cpu_abort(cs, "%s exception not implemented\n", 1056 powerpc_excp_name(excp)); 1057 break; 1058 default: 1059 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1060 break; 1061 } 1062 1063 /* 1064 * Sort out endianness of interrupt, this differs depending on the 1065 * CPU, the HV mode, etc... 1066 */ 1067 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 1068 new_msr |= (target_ulong)1 << MSR_LE; 1069 } 1070 1071 /* Save PC */ 1072 env->spr[SPR_SRR0] = env->nip; 1073 1074 /* Save MSR */ 1075 env->spr[SPR_SRR1] = msr; 1076 1077 powerpc_set_excp_state(cpu, vector, new_msr); 1078 } 1079 1080 static void powerpc_excp_booke(PowerPCCPU *cpu, int excp) 1081 { 1082 CPUState *cs = CPU(cpu); 1083 CPUPPCState *env = &cpu->env; 1084 target_ulong msr, new_msr, vector; 1085 int srr0, srr1; 1086 1087 msr = env->msr; 1088 1089 /* 1090 * new interrupt handler msr preserves existing ME unless 1091 * explicitly overriden 1092 */ 1093 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 1094 1095 /* target registers */ 1096 srr0 = SPR_SRR0; 1097 srr1 = SPR_SRR1; 1098 1099 /* 1100 * Hypervisor emulation assistance interrupt only exists on server 1101 * arch 2.05 server or later. 1102 */ 1103 if (excp == POWERPC_EXCP_HV_EMU) { 1104 excp = POWERPC_EXCP_PROGRAM; 1105 } 1106 1107 #ifdef TARGET_PPC64 1108 /* 1109 * SPEU and VPU share the same IVOR but they exist in different 1110 * processors. SPEU is e500v1/2 only and VPU is e6500 only. 1111 */ 1112 if (excp == POWERPC_EXCP_VPU) { 1113 excp = POWERPC_EXCP_SPEU; 1114 } 1115 #endif 1116 1117 vector = env->excp_vectors[excp]; 1118 if (vector == (target_ulong)-1ULL) { 1119 cpu_abort(cs, "Raised an exception without defined vector %d\n", 1120 excp); 1121 } 1122 1123 vector |= env->excp_prefix; 1124 1125 switch (excp) { 1126 case POWERPC_EXCP_CRITICAL: /* Critical input */ 1127 srr0 = SPR_BOOKE_CSRR0; 1128 srr1 = SPR_BOOKE_CSRR1; 1129 break; 1130 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 1131 if (!FIELD_EX64(env->msr, MSR, ME)) { 1132 /* 1133 * Machine check exception is not enabled. Enter 1134 * checkstop state. 1135 */ 1136 fprintf(stderr, "Machine check while not allowed. " 1137 "Entering checkstop state\n"); 1138 if (qemu_log_separate()) { 1139 qemu_log("Machine check while not allowed. " 1140 "Entering checkstop state\n"); 1141 } 1142 cs->halted = 1; 1143 cpu_interrupt_exittb(cs); 1144 } 1145 1146 /* machine check exceptions don't have ME set */ 1147 new_msr &= ~((target_ulong)1 << MSR_ME); 1148 1149 /* FIXME: choose one or the other based on CPU type */ 1150 srr0 = SPR_BOOKE_MCSRR0; 1151 srr1 = SPR_BOOKE_MCSRR1; 1152 1153 env->spr[SPR_BOOKE_CSRR0] = env->nip; 1154 env->spr[SPR_BOOKE_CSRR1] = msr; 1155 1156 break; 1157 case POWERPC_EXCP_DSI: /* Data storage exception */ 1158 trace_ppc_excp_dsi(env->spr[SPR_BOOKE_ESR], env->spr[SPR_BOOKE_DEAR]); 1159 break; 1160 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 1161 trace_ppc_excp_isi(msr, env->nip); 1162 break; 1163 case POWERPC_EXCP_EXTERNAL: /* External input */ 1164 if (env->mpic_proxy) { 1165 /* IACK the IRQ on delivery */ 1166 env->spr[SPR_BOOKE_EPR] = ldl_phys(cs->as, env->mpic_iack); 1167 } 1168 break; 1169 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 1170 break; 1171 case POWERPC_EXCP_PROGRAM: /* Program exception */ 1172 switch (env->error_code & ~0xF) { 1173 case POWERPC_EXCP_FP: 1174 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 1175 trace_ppc_excp_fp_ignore(); 1176 powerpc_reset_excp_state(cpu); 1177 return; 1178 } 1179 1180 /* 1181 * FP exceptions always have NIP pointing to the faulting 1182 * instruction, so always use store_next and claim we are 1183 * precise in the MSR. 1184 */ 1185 msr |= 0x00100000; 1186 env->spr[SPR_BOOKE_ESR] = ESR_FP; 1187 break; 1188 case POWERPC_EXCP_INVAL: 1189 trace_ppc_excp_inval(env->nip); 1190 msr |= 0x00080000; 1191 env->spr[SPR_BOOKE_ESR] = ESR_PIL; 1192 break; 1193 case POWERPC_EXCP_PRIV: 1194 msr |= 0x00040000; 1195 env->spr[SPR_BOOKE_ESR] = ESR_PPR; 1196 break; 1197 case POWERPC_EXCP_TRAP: 1198 msr |= 0x00020000; 1199 env->spr[SPR_BOOKE_ESR] = ESR_PTR; 1200 break; 1201 default: 1202 /* Should never occur */ 1203 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 1204 env->error_code); 1205 break; 1206 } 1207 break; 1208 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1209 dump_syscall(env); 1210 1211 /* 1212 * We need to correct the NIP which in this case is supposed 1213 * to point to the next instruction 1214 */ 1215 env->nip += 4; 1216 break; 1217 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1218 case POWERPC_EXCP_APU: /* Auxiliary processor unavailable */ 1219 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1220 break; 1221 case POWERPC_EXCP_FIT: /* Fixed-interval timer interrupt */ 1222 /* FIT on 4xx */ 1223 trace_ppc_excp_print("FIT"); 1224 break; 1225 case POWERPC_EXCP_WDT: /* Watchdog timer interrupt */ 1226 trace_ppc_excp_print("WDT"); 1227 srr0 = SPR_BOOKE_CSRR0; 1228 srr1 = SPR_BOOKE_CSRR1; 1229 break; 1230 case POWERPC_EXCP_DTLB: /* Data TLB error */ 1231 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 1232 break; 1233 case POWERPC_EXCP_DEBUG: /* Debug interrupt */ 1234 if (env->flags & POWERPC_FLAG_DE) { 1235 /* FIXME: choose one or the other based on CPU type */ 1236 srr0 = SPR_BOOKE_DSRR0; 1237 srr1 = SPR_BOOKE_DSRR1; 1238 1239 env->spr[SPR_BOOKE_CSRR0] = env->nip; 1240 env->spr[SPR_BOOKE_CSRR1] = msr; 1241 1242 /* DBSR already modified by caller */ 1243 } else { 1244 cpu_abort(cs, "Debug exception triggered on unsupported model\n"); 1245 } 1246 break; 1247 case POWERPC_EXCP_SPEU: /* SPE/embedded floating-point unavailable/VPU */ 1248 env->spr[SPR_BOOKE_ESR] = ESR_SPV; 1249 break; 1250 case POWERPC_EXCP_RESET: /* System reset exception */ 1251 if (FIELD_EX64(env->msr, MSR, POW)) { 1252 cpu_abort(cs, "Trying to deliver power-saving system reset " 1253 "exception %d with no HV support\n", excp); 1254 } 1255 break; 1256 case POWERPC_EXCP_EFPDI: /* Embedded floating-point data interrupt */ 1257 case POWERPC_EXCP_EFPRI: /* Embedded floating-point round interrupt */ 1258 cpu_abort(cs, "%s exception not implemented\n", 1259 powerpc_excp_name(excp)); 1260 break; 1261 default: 1262 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1263 break; 1264 } 1265 1266 #if defined(TARGET_PPC64) 1267 if (env->spr[SPR_BOOKE_EPCR] & EPCR_ICM) { 1268 /* Cat.64-bit: EPCR.ICM is copied to MSR.CM */ 1269 new_msr |= (target_ulong)1 << MSR_CM; 1270 } else { 1271 vector = (uint32_t)vector; 1272 } 1273 #endif 1274 1275 /* Save PC */ 1276 env->spr[srr0] = env->nip; 1277 1278 /* Save MSR */ 1279 env->spr[srr1] = msr; 1280 1281 powerpc_set_excp_state(cpu, vector, new_msr); 1282 } 1283 1284 /* 1285 * When running a nested HV guest under vhyp, external interrupts are 1286 * delivered as HVIRT. 1287 */ 1288 static bool books_vhyp_promotes_external_to_hvirt(PowerPCCPU *cpu) 1289 { 1290 if (cpu->vhyp) { 1291 return vhyp_cpu_in_nested(cpu); 1292 } 1293 return false; 1294 } 1295 1296 #ifdef TARGET_PPC64 1297 /* 1298 * When running under vhyp, hcalls are always intercepted and sent to the 1299 * vhc->hypercall handler. 1300 */ 1301 static bool books_vhyp_handles_hcall(PowerPCCPU *cpu) 1302 { 1303 if (cpu->vhyp) { 1304 return !vhyp_cpu_in_nested(cpu); 1305 } 1306 return false; 1307 } 1308 1309 /* 1310 * When running a nested KVM HV guest under vhyp, HV exceptions are not 1311 * delivered to the guest (because there is no concept of HV support), but 1312 * rather they are sent tothe vhyp to exit from the L2 back to the L1 and 1313 * return from the H_ENTER_NESTED hypercall. 1314 */ 1315 static bool books_vhyp_handles_hv_excp(PowerPCCPU *cpu) 1316 { 1317 if (cpu->vhyp) { 1318 return vhyp_cpu_in_nested(cpu); 1319 } 1320 return false; 1321 } 1322 1323 static void powerpc_excp_books(PowerPCCPU *cpu, int excp) 1324 { 1325 CPUState *cs = CPU(cpu); 1326 CPUPPCState *env = &cpu->env; 1327 target_ulong msr, new_msr, vector; 1328 int srr0, srr1, lev = -1; 1329 1330 /* new srr1 value excluding must-be-zero bits */ 1331 msr = env->msr & ~0x783f0000ULL; 1332 1333 /* 1334 * new interrupt handler msr preserves existing HV and ME unless 1335 * explicitly overriden 1336 */ 1337 new_msr = env->msr & (((target_ulong)1 << MSR_ME) | MSR_HVB); 1338 1339 /* target registers */ 1340 srr0 = SPR_SRR0; 1341 srr1 = SPR_SRR1; 1342 1343 /* 1344 * check for special resume at 0x100 from doze/nap/sleep/winkle on 1345 * P7/P8/P9 1346 */ 1347 if (env->resume_as_sreset) { 1348 excp = powerpc_reset_wakeup(cs, env, excp, &msr); 1349 } 1350 1351 /* 1352 * We don't want to generate a Hypervisor Emulation Assistance 1353 * Interrupt if we don't have HVB in msr_mask (PAPR mode). 1354 */ 1355 if (excp == POWERPC_EXCP_HV_EMU && !(env->msr_mask & MSR_HVB)) { 1356 excp = POWERPC_EXCP_PROGRAM; 1357 } 1358 1359 vector = env->excp_vectors[excp]; 1360 if (vector == (target_ulong)-1ULL) { 1361 cpu_abort(cs, "Raised an exception without defined vector %d\n", 1362 excp); 1363 } 1364 1365 vector |= env->excp_prefix; 1366 1367 switch (excp) { 1368 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 1369 if (!FIELD_EX64(env->msr, MSR, ME)) { 1370 /* 1371 * Machine check exception is not enabled. Enter 1372 * checkstop state. 1373 */ 1374 fprintf(stderr, "Machine check while not allowed. " 1375 "Entering checkstop state\n"); 1376 if (qemu_log_separate()) { 1377 qemu_log("Machine check while not allowed. " 1378 "Entering checkstop state\n"); 1379 } 1380 cs->halted = 1; 1381 cpu_interrupt_exittb(cs); 1382 } 1383 if (env->msr_mask & MSR_HVB) { 1384 /* 1385 * ISA specifies HV, but can be delivered to guest with HV 1386 * clear (e.g., see FWNMI in PAPR). 1387 */ 1388 new_msr |= (target_ulong)MSR_HVB; 1389 } 1390 1391 /* machine check exceptions don't have ME set */ 1392 new_msr &= ~((target_ulong)1 << MSR_ME); 1393 1394 break; 1395 case POWERPC_EXCP_DSI: /* Data storage exception */ 1396 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 1397 break; 1398 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 1399 trace_ppc_excp_isi(msr, env->nip); 1400 msr |= env->error_code; 1401 break; 1402 case POWERPC_EXCP_EXTERNAL: /* External input */ 1403 { 1404 bool lpes0; 1405 1406 /* 1407 * LPES0 is only taken into consideration if we support HV 1408 * mode for this CPU. 1409 */ 1410 if (!env->has_hv_mode) { 1411 break; 1412 } 1413 1414 lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1415 1416 if (!lpes0) { 1417 new_msr |= (target_ulong)MSR_HVB; 1418 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1419 srr0 = SPR_HSRR0; 1420 srr1 = SPR_HSRR1; 1421 } 1422 1423 break; 1424 } 1425 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 1426 /* Get rS/rD and rA from faulting opcode */ 1427 /* 1428 * Note: the opcode fields will not be set properly for a 1429 * direct store load/store, but nobody cares as nobody 1430 * actually uses direct store segments. 1431 */ 1432 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 1433 break; 1434 case POWERPC_EXCP_PROGRAM: /* Program exception */ 1435 switch (env->error_code & ~0xF) { 1436 case POWERPC_EXCP_FP: 1437 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 1438 trace_ppc_excp_fp_ignore(); 1439 powerpc_reset_excp_state(cpu); 1440 return; 1441 } 1442 1443 /* 1444 * FP exceptions always have NIP pointing to the faulting 1445 * instruction, so always use store_next and claim we are 1446 * precise in the MSR. 1447 */ 1448 msr |= 0x00100000; 1449 break; 1450 case POWERPC_EXCP_INVAL: 1451 trace_ppc_excp_inval(env->nip); 1452 msr |= 0x00080000; 1453 break; 1454 case POWERPC_EXCP_PRIV: 1455 msr |= 0x00040000; 1456 break; 1457 case POWERPC_EXCP_TRAP: 1458 msr |= 0x00020000; 1459 break; 1460 default: 1461 /* Should never occur */ 1462 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 1463 env->error_code); 1464 break; 1465 } 1466 break; 1467 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1468 lev = env->error_code; 1469 1470 if ((lev == 1) && cpu->vhyp) { 1471 dump_hcall(env); 1472 } else { 1473 dump_syscall(env); 1474 } 1475 1476 /* 1477 * We need to correct the NIP which in this case is supposed 1478 * to point to the next instruction 1479 */ 1480 env->nip += 4; 1481 1482 /* "PAPR mode" built-in hypercall emulation */ 1483 if ((lev == 1) && books_vhyp_handles_hcall(cpu)) { 1484 PPCVirtualHypervisorClass *vhc = 1485 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 1486 vhc->hypercall(cpu->vhyp, cpu); 1487 return; 1488 } 1489 if (lev == 1) { 1490 new_msr |= (target_ulong)MSR_HVB; 1491 } 1492 break; 1493 case POWERPC_EXCP_SYSCALL_VECTORED: /* scv exception */ 1494 lev = env->error_code; 1495 dump_syscall(env); 1496 env->nip += 4; 1497 new_msr |= env->msr & ((target_ulong)1 << MSR_EE); 1498 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1499 1500 vector += lev * 0x20; 1501 1502 env->lr = env->nip; 1503 env->ctr = msr; 1504 break; 1505 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1506 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1507 break; 1508 case POWERPC_EXCP_RESET: /* System reset exception */ 1509 /* A power-saving exception sets ME, otherwise it is unchanged */ 1510 if (FIELD_EX64(env->msr, MSR, POW)) { 1511 /* indicate that we resumed from power save mode */ 1512 msr |= 0x10000; 1513 new_msr |= ((target_ulong)1 << MSR_ME); 1514 } 1515 if (env->msr_mask & MSR_HVB) { 1516 /* 1517 * ISA specifies HV, but can be delivered to guest with HV 1518 * clear (e.g., see FWNMI in PAPR, NMI injection in QEMU). 1519 */ 1520 new_msr |= (target_ulong)MSR_HVB; 1521 } else { 1522 if (FIELD_EX64(env->msr, MSR, POW)) { 1523 cpu_abort(cs, "Trying to deliver power-saving system reset " 1524 "exception %d with no HV support\n", excp); 1525 } 1526 } 1527 break; 1528 case POWERPC_EXCP_DSEG: /* Data segment exception */ 1529 case POWERPC_EXCP_ISEG: /* Instruction segment exception */ 1530 case POWERPC_EXCP_TRACE: /* Trace exception */ 1531 break; 1532 case POWERPC_EXCP_HISI: /* Hypervisor instruction storage exception */ 1533 msr |= env->error_code; 1534 /* fall through */ 1535 case POWERPC_EXCP_HDECR: /* Hypervisor decrementer exception */ 1536 case POWERPC_EXCP_HDSI: /* Hypervisor data storage exception */ 1537 case POWERPC_EXCP_SDOOR_HV: /* Hypervisor Doorbell interrupt */ 1538 case POWERPC_EXCP_HV_EMU: 1539 case POWERPC_EXCP_HVIRT: /* Hypervisor virtualization */ 1540 srr0 = SPR_HSRR0; 1541 srr1 = SPR_HSRR1; 1542 new_msr |= (target_ulong)MSR_HVB; 1543 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1544 break; 1545 case POWERPC_EXCP_VPU: /* Vector unavailable exception */ 1546 case POWERPC_EXCP_VSXU: /* VSX unavailable exception */ 1547 case POWERPC_EXCP_FU: /* Facility unavailable exception */ 1548 env->spr[SPR_FSCR] |= ((target_ulong)env->error_code << 56); 1549 break; 1550 case POWERPC_EXCP_HV_FU: /* Hypervisor Facility Unavailable Exception */ 1551 env->spr[SPR_HFSCR] |= ((target_ulong)env->error_code << FSCR_IC_POS); 1552 srr0 = SPR_HSRR0; 1553 srr1 = SPR_HSRR1; 1554 new_msr |= (target_ulong)MSR_HVB; 1555 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1556 break; 1557 case POWERPC_EXCP_PERFM_EBB: /* Performance Monitor EBB Exception */ 1558 case POWERPC_EXCP_EXTERNAL_EBB: /* External EBB Exception */ 1559 env->spr[SPR_BESCR] &= ~BESCR_GE; 1560 1561 /* 1562 * Save NIP for rfebb insn in SPR_EBBRR. Next nip is 1563 * stored in the EBB Handler SPR_EBBHR. 1564 */ 1565 env->spr[SPR_EBBRR] = env->nip; 1566 powerpc_set_excp_state(cpu, env->spr[SPR_EBBHR], env->msr); 1567 1568 /* 1569 * This exception is handled in userspace. No need to proceed. 1570 */ 1571 return; 1572 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 1573 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 1574 case POWERPC_EXCP_VPUA: /* Vector assist exception */ 1575 case POWERPC_EXCP_MAINT: /* Maintenance exception */ 1576 case POWERPC_EXCP_SDOOR: /* Doorbell interrupt */ 1577 case POWERPC_EXCP_HV_MAINT: /* Hypervisor Maintenance exception */ 1578 cpu_abort(cs, "%s exception not implemented\n", 1579 powerpc_excp_name(excp)); 1580 break; 1581 default: 1582 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1583 break; 1584 } 1585 1586 /* 1587 * Sort out endianness of interrupt, this differs depending on the 1588 * CPU, the HV mode, etc... 1589 */ 1590 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 1591 new_msr |= (target_ulong)1 << MSR_LE; 1592 } 1593 1594 new_msr |= (target_ulong)1 << MSR_SF; 1595 1596 if (excp != POWERPC_EXCP_SYSCALL_VECTORED) { 1597 /* Save PC */ 1598 env->spr[srr0] = env->nip; 1599 1600 /* Save MSR */ 1601 env->spr[srr1] = msr; 1602 } 1603 1604 if ((new_msr & MSR_HVB) && books_vhyp_handles_hv_excp(cpu)) { 1605 PPCVirtualHypervisorClass *vhc = 1606 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 1607 /* Deliver interrupt to L1 by returning from the H_ENTER_NESTED call */ 1608 vhc->deliver_hv_excp(cpu, excp); 1609 1610 powerpc_reset_excp_state(cpu); 1611 1612 } else { 1613 /* Sanity check */ 1614 if (!(env->msr_mask & MSR_HVB) && srr0 == SPR_HSRR0) { 1615 cpu_abort(cs, "Trying to deliver HV exception (HSRR) %d with " 1616 "no HV support\n", excp); 1617 } 1618 1619 /* This can update new_msr and vector if AIL applies */ 1620 ppc_excp_apply_ail(cpu, excp, msr, &new_msr, &vector); 1621 1622 powerpc_set_excp_state(cpu, vector, new_msr); 1623 } 1624 } 1625 #else 1626 static inline void powerpc_excp_books(PowerPCCPU *cpu, int excp) 1627 { 1628 g_assert_not_reached(); 1629 } 1630 #endif 1631 1632 static void powerpc_excp(PowerPCCPU *cpu, int excp) 1633 { 1634 CPUState *cs = CPU(cpu); 1635 CPUPPCState *env = &cpu->env; 1636 1637 if (excp <= POWERPC_EXCP_NONE || excp >= POWERPC_EXCP_NB) { 1638 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1639 } 1640 1641 qemu_log_mask(CPU_LOG_INT, "Raise exception at " TARGET_FMT_lx 1642 " => %s (%d) error=%02x\n", env->nip, powerpc_excp_name(excp), 1643 excp, env->error_code); 1644 1645 switch (env->excp_model) { 1646 case POWERPC_EXCP_40x: 1647 powerpc_excp_40x(cpu, excp); 1648 break; 1649 case POWERPC_EXCP_6xx: 1650 powerpc_excp_6xx(cpu, excp); 1651 break; 1652 case POWERPC_EXCP_7xx: 1653 powerpc_excp_7xx(cpu, excp); 1654 break; 1655 case POWERPC_EXCP_74xx: 1656 powerpc_excp_74xx(cpu, excp); 1657 break; 1658 case POWERPC_EXCP_BOOKE: 1659 powerpc_excp_booke(cpu, excp); 1660 break; 1661 case POWERPC_EXCP_970: 1662 case POWERPC_EXCP_POWER7: 1663 case POWERPC_EXCP_POWER8: 1664 case POWERPC_EXCP_POWER9: 1665 case POWERPC_EXCP_POWER10: 1666 powerpc_excp_books(cpu, excp); 1667 break; 1668 default: 1669 g_assert_not_reached(); 1670 } 1671 } 1672 1673 void ppc_cpu_do_interrupt(CPUState *cs) 1674 { 1675 PowerPCCPU *cpu = POWERPC_CPU(cs); 1676 1677 powerpc_excp(cpu, cs->exception_index); 1678 } 1679 1680 static void ppc_hw_interrupt(CPUPPCState *env) 1681 { 1682 PowerPCCPU *cpu = env_archcpu(env); 1683 bool async_deliver; 1684 1685 /* External reset */ 1686 if (env->pending_interrupts & (1 << PPC_INTERRUPT_RESET)) { 1687 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_RESET); 1688 powerpc_excp(cpu, POWERPC_EXCP_RESET); 1689 return; 1690 } 1691 /* Machine check exception */ 1692 if (env->pending_interrupts & (1 << PPC_INTERRUPT_MCK)) { 1693 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_MCK); 1694 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 1695 return; 1696 } 1697 #if 0 /* TODO */ 1698 /* External debug exception */ 1699 if (env->pending_interrupts & (1 << PPC_INTERRUPT_DEBUG)) { 1700 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_DEBUG); 1701 powerpc_excp(cpu, POWERPC_EXCP_DEBUG); 1702 return; 1703 } 1704 #endif 1705 1706 /* 1707 * For interrupts that gate on MSR:EE, we need to do something a 1708 * bit more subtle, as we need to let them through even when EE is 1709 * clear when coming out of some power management states (in order 1710 * for them to become a 0x100). 1711 */ 1712 async_deliver = FIELD_EX64(env->msr, MSR, EE) || env->resume_as_sreset; 1713 1714 /* Hypervisor decrementer exception */ 1715 if (env->pending_interrupts & (1 << PPC_INTERRUPT_HDECR)) { 1716 /* LPCR will be clear when not supported so this will work */ 1717 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 1718 if ((async_deliver || !FIELD_EX64_HV(env->msr)) && hdice) { 1719 /* HDEC clears on delivery */ 1720 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_HDECR); 1721 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 1722 return; 1723 } 1724 } 1725 1726 /* Hypervisor virtualization interrupt */ 1727 if (env->pending_interrupts & (1 << PPC_INTERRUPT_HVIRT)) { 1728 /* LPCR will be clear when not supported so this will work */ 1729 bool hvice = !!(env->spr[SPR_LPCR] & LPCR_HVICE); 1730 if ((async_deliver || !FIELD_EX64_HV(env->msr)) && hvice) { 1731 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 1732 return; 1733 } 1734 } 1735 1736 /* External interrupt can ignore MSR:EE under some circumstances */ 1737 if (env->pending_interrupts & (1 << PPC_INTERRUPT_EXT)) { 1738 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1739 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 1740 /* HEIC blocks delivery to the hypervisor */ 1741 if ((async_deliver && !(heic && FIELD_EX64_HV(env->msr) && 1742 !FIELD_EX64(env->msr, MSR, PR))) || 1743 (env->has_hv_mode && !FIELD_EX64_HV(env->msr) && !lpes0)) { 1744 if (books_vhyp_promotes_external_to_hvirt(cpu)) { 1745 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 1746 } else { 1747 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 1748 } 1749 return; 1750 } 1751 } 1752 if (FIELD_EX64(env->msr, MSR, CE)) { 1753 /* External critical interrupt */ 1754 if (env->pending_interrupts & (1 << PPC_INTERRUPT_CEXT)) { 1755 powerpc_excp(cpu, POWERPC_EXCP_CRITICAL); 1756 return; 1757 } 1758 } 1759 if (async_deliver != 0) { 1760 /* Watchdog timer on embedded PowerPC */ 1761 if (env->pending_interrupts & (1 << PPC_INTERRUPT_WDT)) { 1762 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_WDT); 1763 powerpc_excp(cpu, POWERPC_EXCP_WDT); 1764 return; 1765 } 1766 if (env->pending_interrupts & (1 << PPC_INTERRUPT_CDOORBELL)) { 1767 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_CDOORBELL); 1768 powerpc_excp(cpu, POWERPC_EXCP_DOORCI); 1769 return; 1770 } 1771 /* Fixed interval timer on embedded PowerPC */ 1772 if (env->pending_interrupts & (1 << PPC_INTERRUPT_FIT)) { 1773 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_FIT); 1774 powerpc_excp(cpu, POWERPC_EXCP_FIT); 1775 return; 1776 } 1777 /* Programmable interval timer on embedded PowerPC */ 1778 if (env->pending_interrupts & (1 << PPC_INTERRUPT_PIT)) { 1779 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_PIT); 1780 powerpc_excp(cpu, POWERPC_EXCP_PIT); 1781 return; 1782 } 1783 /* Decrementer exception */ 1784 if (env->pending_interrupts & (1 << PPC_INTERRUPT_DECR)) { 1785 if (ppc_decr_clear_on_delivery(env)) { 1786 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_DECR); 1787 } 1788 powerpc_excp(cpu, POWERPC_EXCP_DECR); 1789 return; 1790 } 1791 if (env->pending_interrupts & (1 << PPC_INTERRUPT_DOORBELL)) { 1792 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_DOORBELL); 1793 if (is_book3s_arch2x(env)) { 1794 powerpc_excp(cpu, POWERPC_EXCP_SDOOR); 1795 } else { 1796 powerpc_excp(cpu, POWERPC_EXCP_DOORI); 1797 } 1798 return; 1799 } 1800 if (env->pending_interrupts & (1 << PPC_INTERRUPT_HDOORBELL)) { 1801 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_HDOORBELL); 1802 powerpc_excp(cpu, POWERPC_EXCP_SDOOR_HV); 1803 return; 1804 } 1805 if (env->pending_interrupts & (1 << PPC_INTERRUPT_PERFM)) { 1806 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_PERFM); 1807 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 1808 return; 1809 } 1810 /* Thermal interrupt */ 1811 if (env->pending_interrupts & (1 << PPC_INTERRUPT_THERM)) { 1812 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_THERM); 1813 powerpc_excp(cpu, POWERPC_EXCP_THERM); 1814 return; 1815 } 1816 /* EBB exception */ 1817 if (env->pending_interrupts & (1 << PPC_INTERRUPT_EBB)) { 1818 /* 1819 * EBB exception must be taken in problem state and 1820 * with BESCR_GE set. 1821 */ 1822 if (FIELD_EX64(env->msr, MSR, PR) && 1823 (env->spr[SPR_BESCR] & BESCR_GE)) { 1824 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_EBB); 1825 1826 if (env->spr[SPR_BESCR] & BESCR_PMEO) { 1827 powerpc_excp(cpu, POWERPC_EXCP_PERFM_EBB); 1828 } else if (env->spr[SPR_BESCR] & BESCR_EEO) { 1829 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL_EBB); 1830 } 1831 1832 return; 1833 } 1834 } 1835 } 1836 1837 if (env->resume_as_sreset) { 1838 /* 1839 * This is a bug ! It means that has_work took us out of halt without 1840 * anything to deliver while in a PM state that requires getting 1841 * out via a 0x100 1842 * 1843 * This means we will incorrectly execute past the power management 1844 * instruction instead of triggering a reset. 1845 * 1846 * It generally means a discrepancy between the wakeup conditions in the 1847 * processor has_work implementation and the logic in this function. 1848 */ 1849 cpu_abort(env_cpu(env), 1850 "Wakeup from PM state but interrupt Undelivered"); 1851 } 1852 } 1853 1854 void ppc_cpu_do_system_reset(CPUState *cs) 1855 { 1856 PowerPCCPU *cpu = POWERPC_CPU(cs); 1857 1858 powerpc_excp(cpu, POWERPC_EXCP_RESET); 1859 } 1860 1861 void ppc_cpu_do_fwnmi_machine_check(CPUState *cs, target_ulong vector) 1862 { 1863 PowerPCCPU *cpu = POWERPC_CPU(cs); 1864 CPUPPCState *env = &cpu->env; 1865 target_ulong msr = 0; 1866 1867 /* 1868 * Set MSR and NIP for the handler, SRR0/1, DAR and DSISR have already 1869 * been set by KVM. 1870 */ 1871 msr = (1ULL << MSR_ME); 1872 msr |= env->msr & (1ULL << MSR_SF); 1873 if (ppc_interrupts_little_endian(cpu, false)) { 1874 msr |= (1ULL << MSR_LE); 1875 } 1876 1877 /* Anything for nested required here? MSR[HV] bit? */ 1878 1879 powerpc_set_excp_state(cpu, vector, msr); 1880 } 1881 1882 bool ppc_cpu_exec_interrupt(CPUState *cs, int interrupt_request) 1883 { 1884 PowerPCCPU *cpu = POWERPC_CPU(cs); 1885 CPUPPCState *env = &cpu->env; 1886 1887 if (interrupt_request & CPU_INTERRUPT_HARD) { 1888 ppc_hw_interrupt(env); 1889 if (env->pending_interrupts == 0) { 1890 cs->interrupt_request &= ~CPU_INTERRUPT_HARD; 1891 } 1892 return true; 1893 } 1894 return false; 1895 } 1896 1897 #endif /* !CONFIG_USER_ONLY */ 1898 1899 /*****************************************************************************/ 1900 /* Exceptions processing helpers */ 1901 1902 void raise_exception_err_ra(CPUPPCState *env, uint32_t exception, 1903 uint32_t error_code, uintptr_t raddr) 1904 { 1905 CPUState *cs = env_cpu(env); 1906 1907 cs->exception_index = exception; 1908 env->error_code = error_code; 1909 cpu_loop_exit_restore(cs, raddr); 1910 } 1911 1912 void raise_exception_err(CPUPPCState *env, uint32_t exception, 1913 uint32_t error_code) 1914 { 1915 raise_exception_err_ra(env, exception, error_code, 0); 1916 } 1917 1918 void raise_exception(CPUPPCState *env, uint32_t exception) 1919 { 1920 raise_exception_err_ra(env, exception, 0, 0); 1921 } 1922 1923 void raise_exception_ra(CPUPPCState *env, uint32_t exception, 1924 uintptr_t raddr) 1925 { 1926 raise_exception_err_ra(env, exception, 0, raddr); 1927 } 1928 1929 #ifdef CONFIG_TCG 1930 void helper_raise_exception_err(CPUPPCState *env, uint32_t exception, 1931 uint32_t error_code) 1932 { 1933 raise_exception_err_ra(env, exception, error_code, 0); 1934 } 1935 1936 void helper_raise_exception(CPUPPCState *env, uint32_t exception) 1937 { 1938 raise_exception_err_ra(env, exception, 0, 0); 1939 } 1940 #endif 1941 1942 #if !defined(CONFIG_USER_ONLY) 1943 #ifdef CONFIG_TCG 1944 void helper_store_msr(CPUPPCState *env, target_ulong val) 1945 { 1946 uint32_t excp = hreg_store_msr(env, val, 0); 1947 1948 if (excp != 0) { 1949 CPUState *cs = env_cpu(env); 1950 cpu_interrupt_exittb(cs); 1951 raise_exception(env, excp); 1952 } 1953 } 1954 1955 #if defined(TARGET_PPC64) 1956 void helper_scv(CPUPPCState *env, uint32_t lev) 1957 { 1958 if (env->spr[SPR_FSCR] & (1ull << FSCR_SCV)) { 1959 raise_exception_err(env, POWERPC_EXCP_SYSCALL_VECTORED, lev); 1960 } else { 1961 raise_exception_err(env, POWERPC_EXCP_FU, FSCR_IC_SCV); 1962 } 1963 } 1964 1965 void helper_pminsn(CPUPPCState *env, powerpc_pm_insn_t insn) 1966 { 1967 CPUState *cs; 1968 1969 cs = env_cpu(env); 1970 cs->halted = 1; 1971 1972 /* Condition for waking up at 0x100 */ 1973 env->resume_as_sreset = (insn != PPC_PM_STOP) || 1974 (env->spr[SPR_PSSCR] & PSSCR_EC); 1975 } 1976 #endif /* defined(TARGET_PPC64) */ 1977 1978 static void do_rfi(CPUPPCState *env, target_ulong nip, target_ulong msr) 1979 { 1980 CPUState *cs = env_cpu(env); 1981 1982 /* MSR:POW cannot be set by any form of rfi */ 1983 msr &= ~(1ULL << MSR_POW); 1984 1985 /* MSR:TGPR cannot be set by any form of rfi */ 1986 if (env->flags & POWERPC_FLAG_TGPR) 1987 msr &= ~(1ULL << MSR_TGPR); 1988 1989 #if defined(TARGET_PPC64) 1990 /* Switching to 32-bit ? Crop the nip */ 1991 if (!msr_is_64bit(env, msr)) { 1992 nip = (uint32_t)nip; 1993 } 1994 #else 1995 nip = (uint32_t)nip; 1996 #endif 1997 /* XXX: beware: this is false if VLE is supported */ 1998 env->nip = nip & ~((target_ulong)0x00000003); 1999 hreg_store_msr(env, msr, 1); 2000 trace_ppc_excp_rfi(env->nip, env->msr); 2001 /* 2002 * No need to raise an exception here, as rfi is always the last 2003 * insn of a TB 2004 */ 2005 cpu_interrupt_exittb(cs); 2006 /* Reset the reservation */ 2007 env->reserve_addr = -1; 2008 2009 /* Context synchronizing: check if TCG TLB needs flush */ 2010 check_tlb_flush(env, false); 2011 } 2012 2013 void helper_rfi(CPUPPCState *env) 2014 { 2015 do_rfi(env, env->spr[SPR_SRR0], env->spr[SPR_SRR1] & 0xfffffffful); 2016 } 2017 2018 #if defined(TARGET_PPC64) 2019 void helper_rfid(CPUPPCState *env) 2020 { 2021 /* 2022 * The architecture defines a number of rules for which bits can 2023 * change but in practice, we handle this in hreg_store_msr() 2024 * which will be called by do_rfi(), so there is no need to filter 2025 * here 2026 */ 2027 do_rfi(env, env->spr[SPR_SRR0], env->spr[SPR_SRR1]); 2028 } 2029 2030 void helper_rfscv(CPUPPCState *env) 2031 { 2032 do_rfi(env, env->lr, env->ctr); 2033 } 2034 2035 void helper_hrfid(CPUPPCState *env) 2036 { 2037 do_rfi(env, env->spr[SPR_HSRR0], env->spr[SPR_HSRR1]); 2038 } 2039 #endif 2040 2041 #if defined(TARGET_PPC64) && !defined(CONFIG_USER_ONLY) 2042 void helper_rfebb(CPUPPCState *env, target_ulong s) 2043 { 2044 target_ulong msr = env->msr; 2045 2046 /* 2047 * Handling of BESCR bits 32:33 according to PowerISA v3.1: 2048 * 2049 * "If BESCR 32:33 != 0b00 the instruction is treated as if 2050 * the instruction form were invalid." 2051 */ 2052 if (env->spr[SPR_BESCR] & BESCR_INVALID) { 2053 raise_exception_err(env, POWERPC_EXCP_PROGRAM, 2054 POWERPC_EXCP_INVAL | POWERPC_EXCP_INVAL_INVAL); 2055 } 2056 2057 env->nip = env->spr[SPR_EBBRR]; 2058 2059 /* Switching to 32-bit ? Crop the nip */ 2060 if (!msr_is_64bit(env, msr)) { 2061 env->nip = (uint32_t)env->spr[SPR_EBBRR]; 2062 } 2063 2064 if (s) { 2065 env->spr[SPR_BESCR] |= BESCR_GE; 2066 } else { 2067 env->spr[SPR_BESCR] &= ~BESCR_GE; 2068 } 2069 } 2070 2071 /* 2072 * Triggers or queues an 'ebb_excp' EBB exception. All checks 2073 * but FSCR, HFSCR and msr_pr must be done beforehand. 2074 * 2075 * PowerISA v3.1 isn't clear about whether an EBB should be 2076 * postponed or cancelled if the EBB facility is unavailable. 2077 * Our assumption here is that the EBB is cancelled if both 2078 * FSCR and HFSCR EBB facilities aren't available. 2079 */ 2080 static void do_ebb(CPUPPCState *env, int ebb_excp) 2081 { 2082 PowerPCCPU *cpu = env_archcpu(env); 2083 CPUState *cs = CPU(cpu); 2084 2085 /* 2086 * FSCR_EBB and FSCR_IC_EBB are the same bits used with 2087 * HFSCR. 2088 */ 2089 helper_fscr_facility_check(env, FSCR_EBB, 0, FSCR_IC_EBB); 2090 helper_hfscr_facility_check(env, FSCR_EBB, "EBB", FSCR_IC_EBB); 2091 2092 if (ebb_excp == POWERPC_EXCP_PERFM_EBB) { 2093 env->spr[SPR_BESCR] |= BESCR_PMEO; 2094 } else if (ebb_excp == POWERPC_EXCP_EXTERNAL_EBB) { 2095 env->spr[SPR_BESCR] |= BESCR_EEO; 2096 } 2097 2098 if (FIELD_EX64(env->msr, MSR, PR)) { 2099 powerpc_excp(cpu, ebb_excp); 2100 } else { 2101 env->pending_interrupts |= 1 << PPC_INTERRUPT_EBB; 2102 cpu_interrupt(cs, CPU_INTERRUPT_HARD); 2103 } 2104 } 2105 2106 void raise_ebb_perfm_exception(CPUPPCState *env) 2107 { 2108 bool perfm_ebb_enabled = env->spr[SPR_POWER_MMCR0] & MMCR0_EBE && 2109 env->spr[SPR_BESCR] & BESCR_PME && 2110 env->spr[SPR_BESCR] & BESCR_GE; 2111 2112 if (!perfm_ebb_enabled) { 2113 return; 2114 } 2115 2116 do_ebb(env, POWERPC_EXCP_PERFM_EBB); 2117 } 2118 #endif 2119 2120 /*****************************************************************************/ 2121 /* Embedded PowerPC specific helpers */ 2122 void helper_40x_rfci(CPUPPCState *env) 2123 { 2124 do_rfi(env, env->spr[SPR_40x_SRR2], env->spr[SPR_40x_SRR3]); 2125 } 2126 2127 void helper_rfci(CPUPPCState *env) 2128 { 2129 do_rfi(env, env->spr[SPR_BOOKE_CSRR0], env->spr[SPR_BOOKE_CSRR1]); 2130 } 2131 2132 void helper_rfdi(CPUPPCState *env) 2133 { 2134 /* FIXME: choose CSRR1 or DSRR1 based on cpu type */ 2135 do_rfi(env, env->spr[SPR_BOOKE_DSRR0], env->spr[SPR_BOOKE_DSRR1]); 2136 } 2137 2138 void helper_rfmci(CPUPPCState *env) 2139 { 2140 /* FIXME: choose CSRR1 or MCSRR1 based on cpu type */ 2141 do_rfi(env, env->spr[SPR_BOOKE_MCSRR0], env->spr[SPR_BOOKE_MCSRR1]); 2142 } 2143 #endif /* CONFIG_TCG */ 2144 #endif /* !defined(CONFIG_USER_ONLY) */ 2145 2146 #ifdef CONFIG_TCG 2147 void helper_tw(CPUPPCState *env, target_ulong arg1, target_ulong arg2, 2148 uint32_t flags) 2149 { 2150 if (!likely(!(((int32_t)arg1 < (int32_t)arg2 && (flags & 0x10)) || 2151 ((int32_t)arg1 > (int32_t)arg2 && (flags & 0x08)) || 2152 ((int32_t)arg1 == (int32_t)arg2 && (flags & 0x04)) || 2153 ((uint32_t)arg1 < (uint32_t)arg2 && (flags & 0x02)) || 2154 ((uint32_t)arg1 > (uint32_t)arg2 && (flags & 0x01))))) { 2155 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2156 POWERPC_EXCP_TRAP, GETPC()); 2157 } 2158 } 2159 2160 #if defined(TARGET_PPC64) 2161 void helper_td(CPUPPCState *env, target_ulong arg1, target_ulong arg2, 2162 uint32_t flags) 2163 { 2164 if (!likely(!(((int64_t)arg1 < (int64_t)arg2 && (flags & 0x10)) || 2165 ((int64_t)arg1 > (int64_t)arg2 && (flags & 0x08)) || 2166 ((int64_t)arg1 == (int64_t)arg2 && (flags & 0x04)) || 2167 ((uint64_t)arg1 < (uint64_t)arg2 && (flags & 0x02)) || 2168 ((uint64_t)arg1 > (uint64_t)arg2 && (flags & 0x01))))) { 2169 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2170 POWERPC_EXCP_TRAP, GETPC()); 2171 } 2172 } 2173 #endif 2174 #endif 2175 2176 #if !defined(CONFIG_USER_ONLY) 2177 2178 #ifdef CONFIG_TCG 2179 2180 /* Embedded.Processor Control */ 2181 static int dbell2irq(target_ulong rb) 2182 { 2183 int msg = rb & DBELL_TYPE_MASK; 2184 int irq = -1; 2185 2186 switch (msg) { 2187 case DBELL_TYPE_DBELL: 2188 irq = PPC_INTERRUPT_DOORBELL; 2189 break; 2190 case DBELL_TYPE_DBELL_CRIT: 2191 irq = PPC_INTERRUPT_CDOORBELL; 2192 break; 2193 case DBELL_TYPE_G_DBELL: 2194 case DBELL_TYPE_G_DBELL_CRIT: 2195 case DBELL_TYPE_G_DBELL_MC: 2196 /* XXX implement */ 2197 default: 2198 break; 2199 } 2200 2201 return irq; 2202 } 2203 2204 void helper_msgclr(CPUPPCState *env, target_ulong rb) 2205 { 2206 int irq = dbell2irq(rb); 2207 2208 if (irq < 0) { 2209 return; 2210 } 2211 2212 env->pending_interrupts &= ~(1 << irq); 2213 } 2214 2215 void helper_msgsnd(target_ulong rb) 2216 { 2217 int irq = dbell2irq(rb); 2218 int pir = rb & DBELL_PIRTAG_MASK; 2219 CPUState *cs; 2220 2221 if (irq < 0) { 2222 return; 2223 } 2224 2225 qemu_mutex_lock_iothread(); 2226 CPU_FOREACH(cs) { 2227 PowerPCCPU *cpu = POWERPC_CPU(cs); 2228 CPUPPCState *cenv = &cpu->env; 2229 2230 if ((rb & DBELL_BRDCAST) || (cenv->spr[SPR_BOOKE_PIR] == pir)) { 2231 cenv->pending_interrupts |= 1 << irq; 2232 cpu_interrupt(cs, CPU_INTERRUPT_HARD); 2233 } 2234 } 2235 qemu_mutex_unlock_iothread(); 2236 } 2237 2238 /* Server Processor Control */ 2239 2240 static bool dbell_type_server(target_ulong rb) 2241 { 2242 /* 2243 * A Directed Hypervisor Doorbell message is sent only if the 2244 * message type is 5. All other types are reserved and the 2245 * instruction is a no-op 2246 */ 2247 return (rb & DBELL_TYPE_MASK) == DBELL_TYPE_DBELL_SERVER; 2248 } 2249 2250 void helper_book3s_msgclr(CPUPPCState *env, target_ulong rb) 2251 { 2252 if (!dbell_type_server(rb)) { 2253 return; 2254 } 2255 2256 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_HDOORBELL); 2257 } 2258 2259 static void book3s_msgsnd_common(int pir, int irq) 2260 { 2261 CPUState *cs; 2262 2263 qemu_mutex_lock_iothread(); 2264 CPU_FOREACH(cs) { 2265 PowerPCCPU *cpu = POWERPC_CPU(cs); 2266 CPUPPCState *cenv = &cpu->env; 2267 2268 /* TODO: broadcast message to all threads of the same processor */ 2269 if (cenv->spr_cb[SPR_PIR].default_value == pir) { 2270 cenv->pending_interrupts |= 1 << irq; 2271 cpu_interrupt(cs, CPU_INTERRUPT_HARD); 2272 } 2273 } 2274 qemu_mutex_unlock_iothread(); 2275 } 2276 2277 void helper_book3s_msgsnd(target_ulong rb) 2278 { 2279 int pir = rb & DBELL_PROCIDTAG_MASK; 2280 2281 if (!dbell_type_server(rb)) { 2282 return; 2283 } 2284 2285 book3s_msgsnd_common(pir, PPC_INTERRUPT_HDOORBELL); 2286 } 2287 2288 #if defined(TARGET_PPC64) 2289 void helper_book3s_msgclrp(CPUPPCState *env, target_ulong rb) 2290 { 2291 helper_hfscr_facility_check(env, HFSCR_MSGP, "msgclrp", HFSCR_IC_MSGP); 2292 2293 if (!dbell_type_server(rb)) { 2294 return; 2295 } 2296 2297 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_DOORBELL); 2298 } 2299 2300 /* 2301 * sends a message to other threads that are on the same 2302 * multi-threaded processor 2303 */ 2304 void helper_book3s_msgsndp(CPUPPCState *env, target_ulong rb) 2305 { 2306 int pir = env->spr_cb[SPR_PIR].default_value; 2307 2308 helper_hfscr_facility_check(env, HFSCR_MSGP, "msgsndp", HFSCR_IC_MSGP); 2309 2310 if (!dbell_type_server(rb)) { 2311 return; 2312 } 2313 2314 /* TODO: TCG supports only one thread */ 2315 2316 book3s_msgsnd_common(pir, PPC_INTERRUPT_DOORBELL); 2317 } 2318 #endif /* TARGET_PPC64 */ 2319 2320 void ppc_cpu_do_unaligned_access(CPUState *cs, vaddr vaddr, 2321 MMUAccessType access_type, 2322 int mmu_idx, uintptr_t retaddr) 2323 { 2324 CPUPPCState *env = cs->env_ptr; 2325 uint32_t insn; 2326 2327 /* Restore state and reload the insn we executed, for filling in DSISR. */ 2328 cpu_restore_state(cs, retaddr, true); 2329 insn = cpu_ldl_code(env, env->nip); 2330 2331 switch (env->mmu_model) { 2332 case POWERPC_MMU_SOFT_4xx: 2333 env->spr[SPR_40x_DEAR] = vaddr; 2334 break; 2335 case POWERPC_MMU_BOOKE: 2336 case POWERPC_MMU_BOOKE206: 2337 env->spr[SPR_BOOKE_DEAR] = vaddr; 2338 break; 2339 default: 2340 env->spr[SPR_DAR] = vaddr; 2341 break; 2342 } 2343 2344 cs->exception_index = POWERPC_EXCP_ALIGN; 2345 env->error_code = insn & 0x03FF0000; 2346 cpu_loop_exit(cs); 2347 } 2348 #endif /* CONFIG_TCG */ 2349 #endif /* !CONFIG_USER_ONLY */ 2350