1 /* 2 * PowerPC exception emulation helpers for QEMU. 3 * 4 * Copyright (c) 2003-2007 Jocelyn Mayer 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2.1 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 18 */ 19 #include "qemu/osdep.h" 20 #include "qemu/main-loop.h" 21 #include "qemu/log.h" 22 #include "cpu.h" 23 #include "exec/exec-all.h" 24 #include "internal.h" 25 #include "helper_regs.h" 26 #include "hw/ppc/ppc.h" 27 28 #include "trace.h" 29 30 #ifdef CONFIG_TCG 31 #include "sysemu/tcg.h" 32 #include "exec/helper-proto.h" 33 #include "exec/cpu_ldst.h" 34 #endif 35 36 /*****************************************************************************/ 37 /* Exception processing */ 38 #if !defined(CONFIG_USER_ONLY) 39 40 static const char *powerpc_excp_name(int excp) 41 { 42 switch (excp) { 43 case POWERPC_EXCP_CRITICAL: return "CRITICAL"; 44 case POWERPC_EXCP_MCHECK: return "MCHECK"; 45 case POWERPC_EXCP_DSI: return "DSI"; 46 case POWERPC_EXCP_ISI: return "ISI"; 47 case POWERPC_EXCP_EXTERNAL: return "EXTERNAL"; 48 case POWERPC_EXCP_ALIGN: return "ALIGN"; 49 case POWERPC_EXCP_PROGRAM: return "PROGRAM"; 50 case POWERPC_EXCP_FPU: return "FPU"; 51 case POWERPC_EXCP_SYSCALL: return "SYSCALL"; 52 case POWERPC_EXCP_APU: return "APU"; 53 case POWERPC_EXCP_DECR: return "DECR"; 54 case POWERPC_EXCP_FIT: return "FIT"; 55 case POWERPC_EXCP_WDT: return "WDT"; 56 case POWERPC_EXCP_DTLB: return "DTLB"; 57 case POWERPC_EXCP_ITLB: return "ITLB"; 58 case POWERPC_EXCP_DEBUG: return "DEBUG"; 59 case POWERPC_EXCP_SPEU: return "SPEU"; 60 case POWERPC_EXCP_EFPDI: return "EFPDI"; 61 case POWERPC_EXCP_EFPRI: return "EFPRI"; 62 case POWERPC_EXCP_EPERFM: return "EPERFM"; 63 case POWERPC_EXCP_DOORI: return "DOORI"; 64 case POWERPC_EXCP_DOORCI: return "DOORCI"; 65 case POWERPC_EXCP_GDOORI: return "GDOORI"; 66 case POWERPC_EXCP_GDOORCI: return "GDOORCI"; 67 case POWERPC_EXCP_HYPPRIV: return "HYPPRIV"; 68 case POWERPC_EXCP_RESET: return "RESET"; 69 case POWERPC_EXCP_DSEG: return "DSEG"; 70 case POWERPC_EXCP_ISEG: return "ISEG"; 71 case POWERPC_EXCP_HDECR: return "HDECR"; 72 case POWERPC_EXCP_TRACE: return "TRACE"; 73 case POWERPC_EXCP_HDSI: return "HDSI"; 74 case POWERPC_EXCP_HISI: return "HISI"; 75 case POWERPC_EXCP_HDSEG: return "HDSEG"; 76 case POWERPC_EXCP_HISEG: return "HISEG"; 77 case POWERPC_EXCP_VPU: return "VPU"; 78 case POWERPC_EXCP_PIT: return "PIT"; 79 case POWERPC_EXCP_EMUL: return "EMUL"; 80 case POWERPC_EXCP_IFTLB: return "IFTLB"; 81 case POWERPC_EXCP_DLTLB: return "DLTLB"; 82 case POWERPC_EXCP_DSTLB: return "DSTLB"; 83 case POWERPC_EXCP_FPA: return "FPA"; 84 case POWERPC_EXCP_DABR: return "DABR"; 85 case POWERPC_EXCP_IABR: return "IABR"; 86 case POWERPC_EXCP_SMI: return "SMI"; 87 case POWERPC_EXCP_PERFM: return "PERFM"; 88 case POWERPC_EXCP_THERM: return "THERM"; 89 case POWERPC_EXCP_VPUA: return "VPUA"; 90 case POWERPC_EXCP_SOFTP: return "SOFTP"; 91 case POWERPC_EXCP_MAINT: return "MAINT"; 92 case POWERPC_EXCP_MEXTBR: return "MEXTBR"; 93 case POWERPC_EXCP_NMEXTBR: return "NMEXTBR"; 94 case POWERPC_EXCP_ITLBE: return "ITLBE"; 95 case POWERPC_EXCP_DTLBE: return "DTLBE"; 96 case POWERPC_EXCP_VSXU: return "VSXU"; 97 case POWERPC_EXCP_FU: return "FU"; 98 case POWERPC_EXCP_HV_EMU: return "HV_EMU"; 99 case POWERPC_EXCP_HV_MAINT: return "HV_MAINT"; 100 case POWERPC_EXCP_HV_FU: return "HV_FU"; 101 case POWERPC_EXCP_SDOOR: return "SDOOR"; 102 case POWERPC_EXCP_SDOOR_HV: return "SDOOR_HV"; 103 case POWERPC_EXCP_HVIRT: return "HVIRT"; 104 case POWERPC_EXCP_SYSCALL_VECTORED: return "SYSCALL_VECTORED"; 105 default: 106 g_assert_not_reached(); 107 } 108 } 109 110 static void dump_syscall(CPUPPCState *env) 111 { 112 qemu_log_mask(CPU_LOG_INT, "syscall r0=%016" PRIx64 113 " r3=%016" PRIx64 " r4=%016" PRIx64 " r5=%016" PRIx64 114 " r6=%016" PRIx64 " r7=%016" PRIx64 " r8=%016" PRIx64 115 " nip=" TARGET_FMT_lx "\n", 116 ppc_dump_gpr(env, 0), ppc_dump_gpr(env, 3), 117 ppc_dump_gpr(env, 4), ppc_dump_gpr(env, 5), 118 ppc_dump_gpr(env, 6), ppc_dump_gpr(env, 7), 119 ppc_dump_gpr(env, 8), env->nip); 120 } 121 122 static void dump_hcall(CPUPPCState *env) 123 { 124 qemu_log_mask(CPU_LOG_INT, "hypercall r3=%016" PRIx64 125 " r4=%016" PRIx64 " r5=%016" PRIx64 " r6=%016" PRIx64 126 " r7=%016" PRIx64 " r8=%016" PRIx64 " r9=%016" PRIx64 127 " r10=%016" PRIx64 " r11=%016" PRIx64 " r12=%016" PRIx64 128 " nip=" TARGET_FMT_lx "\n", 129 ppc_dump_gpr(env, 3), ppc_dump_gpr(env, 4), 130 ppc_dump_gpr(env, 5), ppc_dump_gpr(env, 6), 131 ppc_dump_gpr(env, 7), ppc_dump_gpr(env, 8), 132 ppc_dump_gpr(env, 9), ppc_dump_gpr(env, 10), 133 ppc_dump_gpr(env, 11), ppc_dump_gpr(env, 12), 134 env->nip); 135 } 136 137 #ifdef CONFIG_TCG 138 /* Return true iff byteswap is needed to load instruction */ 139 static inline bool insn_need_byteswap(CPUArchState *env) 140 { 141 /* SYSTEM builds TARGET_BIG_ENDIAN. Need to swap when MSR[LE] is set */ 142 return !!(env->msr & ((target_ulong)1 << MSR_LE)); 143 } 144 145 static uint32_t ppc_ldl_code(CPUArchState *env, abi_ptr addr) 146 { 147 uint32_t insn = cpu_ldl_code(env, addr); 148 149 if (insn_need_byteswap(env)) { 150 insn = bswap32(insn); 151 } 152 153 return insn; 154 } 155 #endif 156 157 static void ppc_excp_debug_sw_tlb(CPUPPCState *env, int excp) 158 { 159 const char *es; 160 target_ulong *miss, *cmp; 161 int en; 162 163 if (!qemu_loglevel_mask(CPU_LOG_MMU)) { 164 return; 165 } 166 167 if (excp == POWERPC_EXCP_IFTLB) { 168 es = "I"; 169 en = 'I'; 170 miss = &env->spr[SPR_IMISS]; 171 cmp = &env->spr[SPR_ICMP]; 172 } else { 173 if (excp == POWERPC_EXCP_DLTLB) { 174 es = "DL"; 175 } else { 176 es = "DS"; 177 } 178 en = 'D'; 179 miss = &env->spr[SPR_DMISS]; 180 cmp = &env->spr[SPR_DCMP]; 181 } 182 qemu_log("6xx %sTLB miss: %cM " TARGET_FMT_lx " %cC " 183 TARGET_FMT_lx " H1 " TARGET_FMT_lx " H2 " 184 TARGET_FMT_lx " %08x\n", es, en, *miss, en, *cmp, 185 env->spr[SPR_HASH1], env->spr[SPR_HASH2], 186 env->error_code); 187 } 188 189 #if defined(TARGET_PPC64) 190 static int powerpc_reset_wakeup(CPUPPCState *env, int excp, target_ulong *msr) 191 { 192 /* We no longer are in a PM state */ 193 env->resume_as_sreset = false; 194 195 /* Pretend to be returning from doze always as we don't lose state */ 196 *msr |= SRR1_WS_NOLOSS; 197 198 /* Machine checks are sent normally */ 199 if (excp == POWERPC_EXCP_MCHECK) { 200 return excp; 201 } 202 switch (excp) { 203 case POWERPC_EXCP_RESET: 204 *msr |= SRR1_WAKERESET; 205 break; 206 case POWERPC_EXCP_EXTERNAL: 207 *msr |= SRR1_WAKEEE; 208 break; 209 case POWERPC_EXCP_DECR: 210 *msr |= SRR1_WAKEDEC; 211 break; 212 case POWERPC_EXCP_SDOOR: 213 *msr |= SRR1_WAKEDBELL; 214 break; 215 case POWERPC_EXCP_SDOOR_HV: 216 *msr |= SRR1_WAKEHDBELL; 217 break; 218 case POWERPC_EXCP_HV_MAINT: 219 *msr |= SRR1_WAKEHMI; 220 break; 221 case POWERPC_EXCP_HVIRT: 222 *msr |= SRR1_WAKEHVI; 223 break; 224 default: 225 cpu_abort(env_cpu(env), 226 "Unsupported exception %d in Power Save mode\n", excp); 227 } 228 return POWERPC_EXCP_RESET; 229 } 230 231 /* 232 * AIL - Alternate Interrupt Location, a mode that allows interrupts to be 233 * taken with the MMU on, and which uses an alternate location (e.g., so the 234 * kernel/hv can map the vectors there with an effective address). 235 * 236 * An interrupt is considered to be taken "with AIL" or "AIL applies" if they 237 * are delivered in this way. AIL requires the LPCR to be set to enable this 238 * mode, and then a number of conditions have to be true for AIL to apply. 239 * 240 * First of all, SRESET, MCE, and HMI are always delivered without AIL, because 241 * they specifically want to be in real mode (e.g., the MCE might be signaling 242 * a SLB multi-hit which requires SLB flush before the MMU can be enabled). 243 * 244 * After that, behaviour depends on the current MSR[IR], MSR[DR], MSR[HV], 245 * whether or not the interrupt changes MSR[HV] from 0 to 1, and the current 246 * radix mode (LPCR[HR]). 247 * 248 * POWER8, POWER9 with LPCR[HR]=0 249 * | LPCR[AIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 250 * +-----------+-------------+---------+-------------+-----+ 251 * | a | 00/01/10 | x | x | 0 | 252 * | a | 11 | 0 | 1 | 0 | 253 * | a | 11 | 1 | 1 | a | 254 * | a | 11 | 0 | 0 | a | 255 * +-------------------------------------------------------+ 256 * 257 * POWER9 with LPCR[HR]=1 258 * | LPCR[AIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 259 * +-----------+-------------+---------+-------------+-----+ 260 * | a | 00/01/10 | x | x | 0 | 261 * | a | 11 | x | x | a | 262 * +-------------------------------------------------------+ 263 * 264 * The difference with POWER9 being that MSR[HV] 0->1 interrupts can be sent to 265 * the hypervisor in AIL mode if the guest is radix. This is good for 266 * performance but allows the guest to influence the AIL of hypervisor 267 * interrupts using its MSR, and also the hypervisor must disallow guest 268 * interrupts (MSR[HV] 0->0) from using AIL if the hypervisor does not want to 269 * use AIL for its MSR[HV] 0->1 interrupts. 270 * 271 * POWER10 addresses those issues with a new LPCR[HAIL] bit that is applied to 272 * interrupts that begin execution with MSR[HV]=1 (so both MSR[HV] 0->1 and 273 * MSR[HV] 1->1). 274 * 275 * HAIL=1 is equivalent to AIL=3, for interrupts delivered with MSR[HV]=1. 276 * 277 * POWER10 behaviour is 278 * | LPCR[AIL] | LPCR[HAIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 279 * +-----------+------------+-------------+---------+-------------+-----+ 280 * | a | h | 00/01/10 | 0 | 0 | 0 | 281 * | a | h | 11 | 0 | 0 | a | 282 * | a | h | x | 0 | 1 | h | 283 * | a | h | 00/01/10 | 1 | 1 | 0 | 284 * | a | h | 11 | 1 | 1 | h | 285 * +--------------------------------------------------------------------+ 286 */ 287 static void ppc_excp_apply_ail(PowerPCCPU *cpu, int excp, target_ulong msr, 288 target_ulong *new_msr, target_ulong *vector) 289 { 290 PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cpu); 291 CPUPPCState *env = &cpu->env; 292 bool mmu_all_on = ((msr >> MSR_IR) & 1) && ((msr >> MSR_DR) & 1); 293 bool hv_escalation = !(msr & MSR_HVB) && (*new_msr & MSR_HVB); 294 int ail = 0; 295 296 if (excp == POWERPC_EXCP_MCHECK || 297 excp == POWERPC_EXCP_RESET || 298 excp == POWERPC_EXCP_HV_MAINT) { 299 /* SRESET, MCE, HMI never apply AIL */ 300 return; 301 } 302 303 if (!(pcc->lpcr_mask & LPCR_AIL)) { 304 /* This CPU does not have AIL */ 305 return; 306 } 307 308 /* P8 & P9 */ 309 if (!(pcc->lpcr_mask & LPCR_HAIL)) { 310 if (!mmu_all_on) { 311 /* AIL only works if MSR[IR] and MSR[DR] are both enabled. */ 312 return; 313 } 314 if (hv_escalation && !(env->spr[SPR_LPCR] & LPCR_HR)) { 315 /* 316 * AIL does not work if there is a MSR[HV] 0->1 transition and the 317 * partition is in HPT mode. For radix guests, such interrupts are 318 * allowed to be delivered to the hypervisor in ail mode. 319 */ 320 return; 321 } 322 323 ail = (env->spr[SPR_LPCR] & LPCR_AIL) >> LPCR_AIL_SHIFT; 324 if (ail == 0) { 325 return; 326 } 327 if (ail == 1) { 328 /* AIL=1 is reserved, treat it like AIL=0 */ 329 return; 330 } 331 332 /* P10 and up */ 333 } else { 334 if (!mmu_all_on && !hv_escalation) { 335 /* 336 * AIL works for HV interrupts even with guest MSR[IR/DR] disabled. 337 * Guest->guest and HV->HV interrupts do require MMU on. 338 */ 339 return; 340 } 341 342 if (*new_msr & MSR_HVB) { 343 if (!(env->spr[SPR_LPCR] & LPCR_HAIL)) { 344 /* HV interrupts depend on LPCR[HAIL] */ 345 return; 346 } 347 ail = 3; /* HAIL=1 gives AIL=3 behaviour for HV interrupts */ 348 } else { 349 ail = (env->spr[SPR_LPCR] & LPCR_AIL) >> LPCR_AIL_SHIFT; 350 } 351 if (ail == 0) { 352 return; 353 } 354 if (ail == 1 || ail == 2) { 355 /* AIL=1 and AIL=2 are reserved, treat them like AIL=0 */ 356 return; 357 } 358 } 359 360 /* 361 * AIL applies, so the new MSR gets IR and DR set, and an offset applied 362 * to the new IP. 363 */ 364 *new_msr |= (1 << MSR_IR) | (1 << MSR_DR); 365 366 if (excp != POWERPC_EXCP_SYSCALL_VECTORED) { 367 if (ail == 2) { 368 *vector |= 0x0000000000018000ull; 369 } else if (ail == 3) { 370 *vector |= 0xc000000000004000ull; 371 } 372 } else { 373 /* 374 * scv AIL is a little different. AIL=2 does not change the address, 375 * only the MSR. AIL=3 replaces the 0x17000 base with 0xc...3000. 376 */ 377 if (ail == 3) { 378 *vector &= ~0x0000000000017000ull; /* Un-apply the base offset */ 379 *vector |= 0xc000000000003000ull; /* Apply scv's AIL=3 offset */ 380 } 381 } 382 } 383 #endif 384 385 static void powerpc_reset_excp_state(PowerPCCPU *cpu) 386 { 387 CPUState *cs = CPU(cpu); 388 CPUPPCState *env = &cpu->env; 389 390 /* Reset exception state */ 391 cs->exception_index = POWERPC_EXCP_NONE; 392 env->error_code = 0; 393 } 394 395 static void powerpc_set_excp_state(PowerPCCPU *cpu, target_ulong vector, 396 target_ulong msr) 397 { 398 CPUPPCState *env = &cpu->env; 399 400 assert((msr & env->msr_mask) == msr); 401 402 /* 403 * We don't use hreg_store_msr here as already have treated any 404 * special case that could occur. Just store MSR and update hflags 405 * 406 * Note: We *MUST* not use hreg_store_msr() as-is anyway because it 407 * will prevent setting of the HV bit which some exceptions might need 408 * to do. 409 */ 410 env->nip = vector; 411 env->msr = msr; 412 hreg_compute_hflags(env); 413 ppc_maybe_interrupt(env); 414 415 powerpc_reset_excp_state(cpu); 416 417 /* 418 * Any interrupt is context synchronizing, check if TCG TLB needs 419 * a delayed flush on ppc64 420 */ 421 check_tlb_flush(env, false); 422 423 /* Reset the reservation */ 424 env->reserve_addr = -1; 425 } 426 427 static void powerpc_mcheck_checkstop(CPUPPCState *env) 428 { 429 CPUState *cs = env_cpu(env); 430 431 if (FIELD_EX64(env->msr, MSR, ME)) { 432 return; 433 } 434 435 /* Machine check exception is not enabled. Enter checkstop state. */ 436 fprintf(stderr, "Machine check while not allowed. " 437 "Entering checkstop state\n"); 438 if (qemu_log_separate()) { 439 qemu_log("Machine check while not allowed. " 440 "Entering checkstop state\n"); 441 } 442 cs->halted = 1; 443 cpu_interrupt_exittb(cs); 444 } 445 446 static void powerpc_excp_40x(PowerPCCPU *cpu, int excp) 447 { 448 CPUState *cs = CPU(cpu); 449 CPUPPCState *env = &cpu->env; 450 target_ulong msr, new_msr, vector; 451 int srr0, srr1; 452 453 /* new srr1 value excluding must-be-zero bits */ 454 msr = env->msr & ~0x783f0000ULL; 455 456 /* 457 * new interrupt handler msr preserves existing ME unless 458 * explicitly overriden. 459 */ 460 new_msr = env->msr & (((target_ulong)1 << MSR_ME)); 461 462 /* target registers */ 463 srr0 = SPR_SRR0; 464 srr1 = SPR_SRR1; 465 466 /* 467 * Hypervisor emulation assistance interrupt only exists on server 468 * arch 2.05 server or later. 469 */ 470 if (excp == POWERPC_EXCP_HV_EMU) { 471 excp = POWERPC_EXCP_PROGRAM; 472 } 473 474 vector = env->excp_vectors[excp]; 475 if (vector == (target_ulong)-1ULL) { 476 cpu_abort(cs, "Raised an exception without defined vector %d\n", 477 excp); 478 } 479 480 vector |= env->excp_prefix; 481 482 switch (excp) { 483 case POWERPC_EXCP_CRITICAL: /* Critical input */ 484 srr0 = SPR_40x_SRR2; 485 srr1 = SPR_40x_SRR3; 486 break; 487 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 488 powerpc_mcheck_checkstop(env); 489 /* machine check exceptions don't have ME set */ 490 new_msr &= ~((target_ulong)1 << MSR_ME); 491 492 srr0 = SPR_40x_SRR2; 493 srr1 = SPR_40x_SRR3; 494 break; 495 case POWERPC_EXCP_DSI: /* Data storage exception */ 496 trace_ppc_excp_dsi(env->spr[SPR_40x_ESR], env->spr[SPR_40x_DEAR]); 497 break; 498 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 499 trace_ppc_excp_isi(msr, env->nip); 500 break; 501 case POWERPC_EXCP_EXTERNAL: /* External input */ 502 break; 503 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 504 break; 505 case POWERPC_EXCP_PROGRAM: /* Program exception */ 506 switch (env->error_code & ~0xF) { 507 case POWERPC_EXCP_FP: 508 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 509 trace_ppc_excp_fp_ignore(); 510 powerpc_reset_excp_state(cpu); 511 return; 512 } 513 env->spr[SPR_40x_ESR] = ESR_FP; 514 break; 515 case POWERPC_EXCP_INVAL: 516 trace_ppc_excp_inval(env->nip); 517 env->spr[SPR_40x_ESR] = ESR_PIL; 518 break; 519 case POWERPC_EXCP_PRIV: 520 env->spr[SPR_40x_ESR] = ESR_PPR; 521 break; 522 case POWERPC_EXCP_TRAP: 523 env->spr[SPR_40x_ESR] = ESR_PTR; 524 break; 525 default: 526 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 527 env->error_code); 528 break; 529 } 530 break; 531 case POWERPC_EXCP_SYSCALL: /* System call exception */ 532 dump_syscall(env); 533 534 /* 535 * We need to correct the NIP which in this case is supposed 536 * to point to the next instruction 537 */ 538 env->nip += 4; 539 break; 540 case POWERPC_EXCP_FIT: /* Fixed-interval timer interrupt */ 541 trace_ppc_excp_print("FIT"); 542 break; 543 case POWERPC_EXCP_WDT: /* Watchdog timer interrupt */ 544 trace_ppc_excp_print("WDT"); 545 break; 546 case POWERPC_EXCP_DTLB: /* Data TLB error */ 547 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 548 break; 549 case POWERPC_EXCP_PIT: /* Programmable interval timer interrupt */ 550 trace_ppc_excp_print("PIT"); 551 break; 552 case POWERPC_EXCP_DEBUG: /* Debug interrupt */ 553 cpu_abort(cs, "%s exception not implemented\n", 554 powerpc_excp_name(excp)); 555 break; 556 default: 557 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 558 break; 559 } 560 561 /* Save PC */ 562 env->spr[srr0] = env->nip; 563 564 /* Save MSR */ 565 env->spr[srr1] = msr; 566 567 powerpc_set_excp_state(cpu, vector, new_msr); 568 } 569 570 static void powerpc_excp_6xx(PowerPCCPU *cpu, int excp) 571 { 572 CPUState *cs = CPU(cpu); 573 CPUPPCState *env = &cpu->env; 574 target_ulong msr, new_msr, vector; 575 576 /* new srr1 value excluding must-be-zero bits */ 577 msr = env->msr & ~0x783f0000ULL; 578 579 /* 580 * new interrupt handler msr preserves existing ME unless 581 * explicitly overriden 582 */ 583 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 584 585 /* 586 * Hypervisor emulation assistance interrupt only exists on server 587 * arch 2.05 server or later. 588 */ 589 if (excp == POWERPC_EXCP_HV_EMU) { 590 excp = POWERPC_EXCP_PROGRAM; 591 } 592 593 vector = env->excp_vectors[excp]; 594 if (vector == (target_ulong)-1ULL) { 595 cpu_abort(cs, "Raised an exception without defined vector %d\n", 596 excp); 597 } 598 599 vector |= env->excp_prefix; 600 601 switch (excp) { 602 case POWERPC_EXCP_CRITICAL: /* Critical input */ 603 break; 604 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 605 powerpc_mcheck_checkstop(env); 606 /* machine check exceptions don't have ME set */ 607 new_msr &= ~((target_ulong)1 << MSR_ME); 608 609 break; 610 case POWERPC_EXCP_DSI: /* Data storage exception */ 611 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 612 break; 613 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 614 trace_ppc_excp_isi(msr, env->nip); 615 msr |= env->error_code; 616 break; 617 case POWERPC_EXCP_EXTERNAL: /* External input */ 618 break; 619 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 620 /* Get rS/rD and rA from faulting opcode */ 621 /* 622 * Note: the opcode fields will not be set properly for a 623 * direct store load/store, but nobody cares as nobody 624 * actually uses direct store segments. 625 */ 626 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 627 break; 628 case POWERPC_EXCP_PROGRAM: /* Program exception */ 629 switch (env->error_code & ~0xF) { 630 case POWERPC_EXCP_FP: 631 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 632 trace_ppc_excp_fp_ignore(); 633 powerpc_reset_excp_state(cpu); 634 return; 635 } 636 637 /* 638 * FP exceptions always have NIP pointing to the faulting 639 * instruction, so always use store_next and claim we are 640 * precise in the MSR. 641 */ 642 msr |= 0x00100000; 643 break; 644 case POWERPC_EXCP_INVAL: 645 trace_ppc_excp_inval(env->nip); 646 msr |= 0x00080000; 647 break; 648 case POWERPC_EXCP_PRIV: 649 msr |= 0x00040000; 650 break; 651 case POWERPC_EXCP_TRAP: 652 msr |= 0x00020000; 653 break; 654 default: 655 /* Should never occur */ 656 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 657 env->error_code); 658 break; 659 } 660 break; 661 case POWERPC_EXCP_SYSCALL: /* System call exception */ 662 dump_syscall(env); 663 664 /* 665 * We need to correct the NIP which in this case is supposed 666 * to point to the next instruction 667 */ 668 env->nip += 4; 669 break; 670 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 671 case POWERPC_EXCP_DECR: /* Decrementer exception */ 672 break; 673 case POWERPC_EXCP_DTLB: /* Data TLB error */ 674 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 675 break; 676 case POWERPC_EXCP_RESET: /* System reset exception */ 677 if (FIELD_EX64(env->msr, MSR, POW)) { 678 cpu_abort(cs, "Trying to deliver power-saving system reset " 679 "exception %d with no HV support\n", excp); 680 } 681 break; 682 case POWERPC_EXCP_TRACE: /* Trace exception */ 683 break; 684 case POWERPC_EXCP_IFTLB: /* Instruction fetch TLB error */ 685 case POWERPC_EXCP_DLTLB: /* Data load TLB miss */ 686 case POWERPC_EXCP_DSTLB: /* Data store TLB miss */ 687 /* Swap temporary saved registers with GPRs */ 688 if (!(new_msr & ((target_ulong)1 << MSR_TGPR))) { 689 new_msr |= (target_ulong)1 << MSR_TGPR; 690 hreg_swap_gpr_tgpr(env); 691 } 692 693 ppc_excp_debug_sw_tlb(env, excp); 694 695 msr |= env->crf[0] << 28; 696 msr |= env->error_code; /* key, D/I, S/L bits */ 697 /* Set way using a LRU mechanism */ 698 msr |= ((env->last_way + 1) & (env->nb_ways - 1)) << 17; 699 break; 700 case POWERPC_EXCP_FPA: /* Floating-point assist exception */ 701 case POWERPC_EXCP_DABR: /* Data address breakpoint */ 702 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 703 case POWERPC_EXCP_SMI: /* System management interrupt */ 704 case POWERPC_EXCP_MEXTBR: /* Maskable external breakpoint */ 705 case POWERPC_EXCP_NMEXTBR: /* Non maskable external breakpoint */ 706 cpu_abort(cs, "%s exception not implemented\n", 707 powerpc_excp_name(excp)); 708 break; 709 default: 710 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 711 break; 712 } 713 714 /* 715 * Sort out endianness of interrupt, this differs depending on the 716 * CPU, the HV mode, etc... 717 */ 718 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 719 new_msr |= (target_ulong)1 << MSR_LE; 720 } 721 722 /* Save PC */ 723 env->spr[SPR_SRR0] = env->nip; 724 725 /* Save MSR */ 726 env->spr[SPR_SRR1] = msr; 727 728 powerpc_set_excp_state(cpu, vector, new_msr); 729 } 730 731 static void powerpc_excp_7xx(PowerPCCPU *cpu, int excp) 732 { 733 CPUState *cs = CPU(cpu); 734 CPUPPCState *env = &cpu->env; 735 target_ulong msr, new_msr, vector; 736 737 /* new srr1 value excluding must-be-zero bits */ 738 msr = env->msr & ~0x783f0000ULL; 739 740 /* 741 * new interrupt handler msr preserves existing ME unless 742 * explicitly overriden 743 */ 744 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 745 746 /* 747 * Hypervisor emulation assistance interrupt only exists on server 748 * arch 2.05 server or later. 749 */ 750 if (excp == POWERPC_EXCP_HV_EMU) { 751 excp = POWERPC_EXCP_PROGRAM; 752 } 753 754 vector = env->excp_vectors[excp]; 755 if (vector == (target_ulong)-1ULL) { 756 cpu_abort(cs, "Raised an exception without defined vector %d\n", 757 excp); 758 } 759 760 vector |= env->excp_prefix; 761 762 switch (excp) { 763 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 764 powerpc_mcheck_checkstop(env); 765 /* machine check exceptions don't have ME set */ 766 new_msr &= ~((target_ulong)1 << MSR_ME); 767 768 break; 769 case POWERPC_EXCP_DSI: /* Data storage exception */ 770 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 771 break; 772 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 773 trace_ppc_excp_isi(msr, env->nip); 774 msr |= env->error_code; 775 break; 776 case POWERPC_EXCP_EXTERNAL: /* External input */ 777 break; 778 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 779 /* Get rS/rD and rA from faulting opcode */ 780 /* 781 * Note: the opcode fields will not be set properly for a 782 * direct store load/store, but nobody cares as nobody 783 * actually uses direct store segments. 784 */ 785 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 786 break; 787 case POWERPC_EXCP_PROGRAM: /* Program exception */ 788 switch (env->error_code & ~0xF) { 789 case POWERPC_EXCP_FP: 790 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 791 trace_ppc_excp_fp_ignore(); 792 powerpc_reset_excp_state(cpu); 793 return; 794 } 795 796 /* 797 * FP exceptions always have NIP pointing to the faulting 798 * instruction, so always use store_next and claim we are 799 * precise in the MSR. 800 */ 801 msr |= 0x00100000; 802 break; 803 case POWERPC_EXCP_INVAL: 804 trace_ppc_excp_inval(env->nip); 805 msr |= 0x00080000; 806 break; 807 case POWERPC_EXCP_PRIV: 808 msr |= 0x00040000; 809 break; 810 case POWERPC_EXCP_TRAP: 811 msr |= 0x00020000; 812 break; 813 default: 814 /* Should never occur */ 815 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 816 env->error_code); 817 break; 818 } 819 break; 820 case POWERPC_EXCP_SYSCALL: /* System call exception */ 821 { 822 int lev = env->error_code; 823 824 if (lev == 1 && cpu->vhyp) { 825 dump_hcall(env); 826 } else { 827 dump_syscall(env); 828 } 829 830 /* 831 * We need to correct the NIP which in this case is supposed 832 * to point to the next instruction 833 */ 834 env->nip += 4; 835 836 /* 837 * The Virtual Open Firmware (VOF) relies on the 'sc 1' 838 * instruction to communicate with QEMU. The pegasos2 machine 839 * uses VOF and the 7xx CPUs, so although the 7xx don't have 840 * HV mode, we need to keep hypercall support. 841 */ 842 if (lev == 1 && cpu->vhyp) { 843 PPCVirtualHypervisorClass *vhc = 844 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 845 vhc->hypercall(cpu->vhyp, cpu); 846 return; 847 } 848 849 break; 850 } 851 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 852 case POWERPC_EXCP_DECR: /* Decrementer exception */ 853 break; 854 case POWERPC_EXCP_RESET: /* System reset exception */ 855 if (FIELD_EX64(env->msr, MSR, POW)) { 856 cpu_abort(cs, "Trying to deliver power-saving system reset " 857 "exception %d with no HV support\n", excp); 858 } 859 break; 860 case POWERPC_EXCP_TRACE: /* Trace exception */ 861 break; 862 case POWERPC_EXCP_IFTLB: /* Instruction fetch TLB error */ 863 case POWERPC_EXCP_DLTLB: /* Data load TLB miss */ 864 case POWERPC_EXCP_DSTLB: /* Data store TLB miss */ 865 ppc_excp_debug_sw_tlb(env, excp); 866 867 msr |= env->crf[0] << 28; 868 msr |= env->error_code; /* key, D/I, S/L bits */ 869 /* Set way using a LRU mechanism */ 870 msr |= ((env->last_way + 1) & (env->nb_ways - 1)) << 17; 871 872 break; 873 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 874 case POWERPC_EXCP_SMI: /* System management interrupt */ 875 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 876 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 877 cpu_abort(cs, "%s exception not implemented\n", 878 powerpc_excp_name(excp)); 879 break; 880 default: 881 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 882 break; 883 } 884 885 /* 886 * Sort out endianness of interrupt, this differs depending on the 887 * CPU, the HV mode, etc... 888 */ 889 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 890 new_msr |= (target_ulong)1 << MSR_LE; 891 } 892 893 /* Save PC */ 894 env->spr[SPR_SRR0] = env->nip; 895 896 /* Save MSR */ 897 env->spr[SPR_SRR1] = msr; 898 899 powerpc_set_excp_state(cpu, vector, new_msr); 900 } 901 902 static void powerpc_excp_74xx(PowerPCCPU *cpu, int excp) 903 { 904 CPUState *cs = CPU(cpu); 905 CPUPPCState *env = &cpu->env; 906 target_ulong msr, new_msr, vector; 907 908 /* new srr1 value excluding must-be-zero bits */ 909 msr = env->msr & ~0x783f0000ULL; 910 911 /* 912 * new interrupt handler msr preserves existing ME unless 913 * explicitly overriden 914 */ 915 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 916 917 /* 918 * Hypervisor emulation assistance interrupt only exists on server 919 * arch 2.05 server or later. 920 */ 921 if (excp == POWERPC_EXCP_HV_EMU) { 922 excp = POWERPC_EXCP_PROGRAM; 923 } 924 925 vector = env->excp_vectors[excp]; 926 if (vector == (target_ulong)-1ULL) { 927 cpu_abort(cs, "Raised an exception without defined vector %d\n", 928 excp); 929 } 930 931 vector |= env->excp_prefix; 932 933 switch (excp) { 934 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 935 powerpc_mcheck_checkstop(env); 936 /* machine check exceptions don't have ME set */ 937 new_msr &= ~((target_ulong)1 << MSR_ME); 938 939 break; 940 case POWERPC_EXCP_DSI: /* Data storage exception */ 941 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 942 break; 943 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 944 trace_ppc_excp_isi(msr, env->nip); 945 msr |= env->error_code; 946 break; 947 case POWERPC_EXCP_EXTERNAL: /* External input */ 948 break; 949 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 950 /* Get rS/rD and rA from faulting opcode */ 951 /* 952 * Note: the opcode fields will not be set properly for a 953 * direct store load/store, but nobody cares as nobody 954 * actually uses direct store segments. 955 */ 956 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 957 break; 958 case POWERPC_EXCP_PROGRAM: /* Program exception */ 959 switch (env->error_code & ~0xF) { 960 case POWERPC_EXCP_FP: 961 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 962 trace_ppc_excp_fp_ignore(); 963 powerpc_reset_excp_state(cpu); 964 return; 965 } 966 967 /* 968 * FP exceptions always have NIP pointing to the faulting 969 * instruction, so always use store_next and claim we are 970 * precise in the MSR. 971 */ 972 msr |= 0x00100000; 973 break; 974 case POWERPC_EXCP_INVAL: 975 trace_ppc_excp_inval(env->nip); 976 msr |= 0x00080000; 977 break; 978 case POWERPC_EXCP_PRIV: 979 msr |= 0x00040000; 980 break; 981 case POWERPC_EXCP_TRAP: 982 msr |= 0x00020000; 983 break; 984 default: 985 /* Should never occur */ 986 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 987 env->error_code); 988 break; 989 } 990 break; 991 case POWERPC_EXCP_SYSCALL: /* System call exception */ 992 { 993 int lev = env->error_code; 994 995 if (lev == 1 && cpu->vhyp) { 996 dump_hcall(env); 997 } else { 998 dump_syscall(env); 999 } 1000 1001 /* 1002 * We need to correct the NIP which in this case is supposed 1003 * to point to the next instruction 1004 */ 1005 env->nip += 4; 1006 1007 /* 1008 * The Virtual Open Firmware (VOF) relies on the 'sc 1' 1009 * instruction to communicate with QEMU. The pegasos2 machine 1010 * uses VOF and the 74xx CPUs, so although the 74xx don't have 1011 * HV mode, we need to keep hypercall support. 1012 */ 1013 if (lev == 1 && cpu->vhyp) { 1014 PPCVirtualHypervisorClass *vhc = 1015 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 1016 vhc->hypercall(cpu->vhyp, cpu); 1017 return; 1018 } 1019 1020 break; 1021 } 1022 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1023 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1024 break; 1025 case POWERPC_EXCP_RESET: /* System reset exception */ 1026 if (FIELD_EX64(env->msr, MSR, POW)) { 1027 cpu_abort(cs, "Trying to deliver power-saving system reset " 1028 "exception %d with no HV support\n", excp); 1029 } 1030 break; 1031 case POWERPC_EXCP_TRACE: /* Trace exception */ 1032 break; 1033 case POWERPC_EXCP_VPU: /* Vector unavailable exception */ 1034 break; 1035 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 1036 case POWERPC_EXCP_SMI: /* System management interrupt */ 1037 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 1038 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 1039 case POWERPC_EXCP_VPUA: /* Vector assist exception */ 1040 cpu_abort(cs, "%s exception not implemented\n", 1041 powerpc_excp_name(excp)); 1042 break; 1043 default: 1044 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1045 break; 1046 } 1047 1048 /* 1049 * Sort out endianness of interrupt, this differs depending on the 1050 * CPU, the HV mode, etc... 1051 */ 1052 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 1053 new_msr |= (target_ulong)1 << MSR_LE; 1054 } 1055 1056 /* Save PC */ 1057 env->spr[SPR_SRR0] = env->nip; 1058 1059 /* Save MSR */ 1060 env->spr[SPR_SRR1] = msr; 1061 1062 powerpc_set_excp_state(cpu, vector, new_msr); 1063 } 1064 1065 static void powerpc_excp_booke(PowerPCCPU *cpu, int excp) 1066 { 1067 CPUState *cs = CPU(cpu); 1068 CPUPPCState *env = &cpu->env; 1069 target_ulong msr, new_msr, vector; 1070 int srr0, srr1; 1071 1072 msr = env->msr; 1073 1074 /* 1075 * new interrupt handler msr preserves existing ME unless 1076 * explicitly overriden 1077 */ 1078 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 1079 1080 /* target registers */ 1081 srr0 = SPR_SRR0; 1082 srr1 = SPR_SRR1; 1083 1084 /* 1085 * Hypervisor emulation assistance interrupt only exists on server 1086 * arch 2.05 server or later. 1087 */ 1088 if (excp == POWERPC_EXCP_HV_EMU) { 1089 excp = POWERPC_EXCP_PROGRAM; 1090 } 1091 1092 #ifdef TARGET_PPC64 1093 /* 1094 * SPEU and VPU share the same IVOR but they exist in different 1095 * processors. SPEU is e500v1/2 only and VPU is e6500 only. 1096 */ 1097 if (excp == POWERPC_EXCP_VPU) { 1098 excp = POWERPC_EXCP_SPEU; 1099 } 1100 #endif 1101 1102 vector = env->excp_vectors[excp]; 1103 if (vector == (target_ulong)-1ULL) { 1104 cpu_abort(cs, "Raised an exception without defined vector %d\n", 1105 excp); 1106 } 1107 1108 vector |= env->excp_prefix; 1109 1110 switch (excp) { 1111 case POWERPC_EXCP_CRITICAL: /* Critical input */ 1112 srr0 = SPR_BOOKE_CSRR0; 1113 srr1 = SPR_BOOKE_CSRR1; 1114 break; 1115 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 1116 powerpc_mcheck_checkstop(env); 1117 /* machine check exceptions don't have ME set */ 1118 new_msr &= ~((target_ulong)1 << MSR_ME); 1119 1120 /* FIXME: choose one or the other based on CPU type */ 1121 srr0 = SPR_BOOKE_MCSRR0; 1122 srr1 = SPR_BOOKE_MCSRR1; 1123 1124 env->spr[SPR_BOOKE_CSRR0] = env->nip; 1125 env->spr[SPR_BOOKE_CSRR1] = msr; 1126 1127 break; 1128 case POWERPC_EXCP_DSI: /* Data storage exception */ 1129 trace_ppc_excp_dsi(env->spr[SPR_BOOKE_ESR], env->spr[SPR_BOOKE_DEAR]); 1130 break; 1131 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 1132 trace_ppc_excp_isi(msr, env->nip); 1133 break; 1134 case POWERPC_EXCP_EXTERNAL: /* External input */ 1135 if (env->mpic_proxy) { 1136 /* IACK the IRQ on delivery */ 1137 env->spr[SPR_BOOKE_EPR] = ldl_phys(cs->as, env->mpic_iack); 1138 } 1139 break; 1140 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 1141 break; 1142 case POWERPC_EXCP_PROGRAM: /* Program exception */ 1143 switch (env->error_code & ~0xF) { 1144 case POWERPC_EXCP_FP: 1145 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 1146 trace_ppc_excp_fp_ignore(); 1147 powerpc_reset_excp_state(cpu); 1148 return; 1149 } 1150 1151 /* 1152 * FP exceptions always have NIP pointing to the faulting 1153 * instruction, so always use store_next and claim we are 1154 * precise in the MSR. 1155 */ 1156 msr |= 0x00100000; 1157 env->spr[SPR_BOOKE_ESR] = ESR_FP; 1158 break; 1159 case POWERPC_EXCP_INVAL: 1160 trace_ppc_excp_inval(env->nip); 1161 msr |= 0x00080000; 1162 env->spr[SPR_BOOKE_ESR] = ESR_PIL; 1163 break; 1164 case POWERPC_EXCP_PRIV: 1165 msr |= 0x00040000; 1166 env->spr[SPR_BOOKE_ESR] = ESR_PPR; 1167 break; 1168 case POWERPC_EXCP_TRAP: 1169 msr |= 0x00020000; 1170 env->spr[SPR_BOOKE_ESR] = ESR_PTR; 1171 break; 1172 default: 1173 /* Should never occur */ 1174 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 1175 env->error_code); 1176 break; 1177 } 1178 break; 1179 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1180 dump_syscall(env); 1181 1182 /* 1183 * We need to correct the NIP which in this case is supposed 1184 * to point to the next instruction 1185 */ 1186 env->nip += 4; 1187 break; 1188 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1189 case POWERPC_EXCP_APU: /* Auxiliary processor unavailable */ 1190 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1191 break; 1192 case POWERPC_EXCP_FIT: /* Fixed-interval timer interrupt */ 1193 /* FIT on 4xx */ 1194 trace_ppc_excp_print("FIT"); 1195 break; 1196 case POWERPC_EXCP_WDT: /* Watchdog timer interrupt */ 1197 trace_ppc_excp_print("WDT"); 1198 srr0 = SPR_BOOKE_CSRR0; 1199 srr1 = SPR_BOOKE_CSRR1; 1200 break; 1201 case POWERPC_EXCP_DTLB: /* Data TLB error */ 1202 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 1203 break; 1204 case POWERPC_EXCP_DEBUG: /* Debug interrupt */ 1205 if (env->flags & POWERPC_FLAG_DE) { 1206 /* FIXME: choose one or the other based on CPU type */ 1207 srr0 = SPR_BOOKE_DSRR0; 1208 srr1 = SPR_BOOKE_DSRR1; 1209 1210 env->spr[SPR_BOOKE_CSRR0] = env->nip; 1211 env->spr[SPR_BOOKE_CSRR1] = msr; 1212 1213 /* DBSR already modified by caller */ 1214 } else { 1215 cpu_abort(cs, "Debug exception triggered on unsupported model\n"); 1216 } 1217 break; 1218 case POWERPC_EXCP_SPEU: /* SPE/embedded floating-point unavailable/VPU */ 1219 env->spr[SPR_BOOKE_ESR] = ESR_SPV; 1220 break; 1221 case POWERPC_EXCP_DOORI: /* Embedded doorbell interrupt */ 1222 break; 1223 case POWERPC_EXCP_DOORCI: /* Embedded doorbell critical interrupt */ 1224 srr0 = SPR_BOOKE_CSRR0; 1225 srr1 = SPR_BOOKE_CSRR1; 1226 break; 1227 case POWERPC_EXCP_RESET: /* System reset exception */ 1228 if (FIELD_EX64(env->msr, MSR, POW)) { 1229 cpu_abort(cs, "Trying to deliver power-saving system reset " 1230 "exception %d with no HV support\n", excp); 1231 } 1232 break; 1233 case POWERPC_EXCP_EFPDI: /* Embedded floating-point data interrupt */ 1234 case POWERPC_EXCP_EFPRI: /* Embedded floating-point round interrupt */ 1235 cpu_abort(cs, "%s exception not implemented\n", 1236 powerpc_excp_name(excp)); 1237 break; 1238 default: 1239 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1240 break; 1241 } 1242 1243 #if defined(TARGET_PPC64) 1244 if (env->spr[SPR_BOOKE_EPCR] & EPCR_ICM) { 1245 /* Cat.64-bit: EPCR.ICM is copied to MSR.CM */ 1246 new_msr |= (target_ulong)1 << MSR_CM; 1247 } else { 1248 vector = (uint32_t)vector; 1249 } 1250 #endif 1251 1252 /* Save PC */ 1253 env->spr[srr0] = env->nip; 1254 1255 /* Save MSR */ 1256 env->spr[srr1] = msr; 1257 1258 powerpc_set_excp_state(cpu, vector, new_msr); 1259 } 1260 1261 /* 1262 * When running a nested HV guest under vhyp, external interrupts are 1263 * delivered as HVIRT. 1264 */ 1265 static bool books_vhyp_promotes_external_to_hvirt(PowerPCCPU *cpu) 1266 { 1267 if (cpu->vhyp) { 1268 return vhyp_cpu_in_nested(cpu); 1269 } 1270 return false; 1271 } 1272 1273 #ifdef TARGET_PPC64 1274 /* 1275 * When running under vhyp, hcalls are always intercepted and sent to the 1276 * vhc->hypercall handler. 1277 */ 1278 static bool books_vhyp_handles_hcall(PowerPCCPU *cpu) 1279 { 1280 if (cpu->vhyp) { 1281 return !vhyp_cpu_in_nested(cpu); 1282 } 1283 return false; 1284 } 1285 1286 /* 1287 * When running a nested KVM HV guest under vhyp, HV exceptions are not 1288 * delivered to the guest (because there is no concept of HV support), but 1289 * rather they are sent tothe vhyp to exit from the L2 back to the L1 and 1290 * return from the H_ENTER_NESTED hypercall. 1291 */ 1292 static bool books_vhyp_handles_hv_excp(PowerPCCPU *cpu) 1293 { 1294 if (cpu->vhyp) { 1295 return vhyp_cpu_in_nested(cpu); 1296 } 1297 return false; 1298 } 1299 1300 #ifdef CONFIG_TCG 1301 static bool is_prefix_insn(CPUPPCState *env, uint32_t insn) 1302 { 1303 if (!(env->insns_flags2 & PPC2_ISA310)) { 1304 return false; 1305 } 1306 return ((insn & 0xfc000000) == 0x04000000); 1307 } 1308 1309 static bool is_prefix_insn_excp(PowerPCCPU *cpu, int excp) 1310 { 1311 CPUPPCState *env = &cpu->env; 1312 1313 if (!tcg_enabled()) { 1314 /* 1315 * This does not load instructions and set the prefix bit correctly 1316 * for injected interrupts with KVM. That may have to be discovered 1317 * and set by the KVM layer before injecting. 1318 */ 1319 return false; 1320 } 1321 1322 switch (excp) { 1323 case POWERPC_EXCP_HDSI: 1324 /* HDSI PRTABLE_FAULT has the originating access type in error_code */ 1325 if ((env->spr[SPR_HDSISR] & DSISR_PRTABLE_FAULT) && 1326 (env->error_code == MMU_INST_FETCH)) { 1327 /* 1328 * Fetch failed due to partition scope translation, so prefix 1329 * indication is not relevant (and attempting to load the 1330 * instruction at NIP would cause recursive faults with the same 1331 * translation). 1332 */ 1333 break; 1334 } 1335 /* fall through */ 1336 case POWERPC_EXCP_MCHECK: 1337 case POWERPC_EXCP_DSI: 1338 case POWERPC_EXCP_DSEG: 1339 case POWERPC_EXCP_ALIGN: 1340 case POWERPC_EXCP_PROGRAM: 1341 case POWERPC_EXCP_FPU: 1342 case POWERPC_EXCP_TRACE: 1343 case POWERPC_EXCP_HV_EMU: 1344 case POWERPC_EXCP_VPU: 1345 case POWERPC_EXCP_VSXU: 1346 case POWERPC_EXCP_FU: 1347 case POWERPC_EXCP_HV_FU: { 1348 uint32_t insn = ppc_ldl_code(env, env->nip); 1349 if (is_prefix_insn(env, insn)) { 1350 return true; 1351 } 1352 break; 1353 } 1354 default: 1355 break; 1356 } 1357 return false; 1358 } 1359 #else 1360 static bool is_prefix_insn_excp(PowerPCCPU *cpu, int excp) 1361 { 1362 return false; 1363 } 1364 #endif 1365 1366 static void powerpc_excp_books(PowerPCCPU *cpu, int excp) 1367 { 1368 CPUState *cs = CPU(cpu); 1369 CPUPPCState *env = &cpu->env; 1370 target_ulong msr, new_msr, vector; 1371 int srr0, srr1, lev = -1; 1372 1373 /* new srr1 value excluding must-be-zero bits */ 1374 msr = env->msr & ~0x783f0000ULL; 1375 1376 /* 1377 * new interrupt handler msr preserves existing HV and ME unless 1378 * explicitly overriden 1379 */ 1380 new_msr = env->msr & (((target_ulong)1 << MSR_ME) | MSR_HVB); 1381 1382 /* target registers */ 1383 srr0 = SPR_SRR0; 1384 srr1 = SPR_SRR1; 1385 1386 /* 1387 * check for special resume at 0x100 from doze/nap/sleep/winkle on 1388 * P7/P8/P9 1389 */ 1390 if (env->resume_as_sreset) { 1391 excp = powerpc_reset_wakeup(env, excp, &msr); 1392 } 1393 1394 /* 1395 * We don't want to generate a Hypervisor Emulation Assistance 1396 * Interrupt if we don't have HVB in msr_mask (PAPR mode), 1397 * unless running a nested-hv guest, in which case the L1 1398 * kernel wants the interrupt. 1399 */ 1400 if (excp == POWERPC_EXCP_HV_EMU && !(env->msr_mask & MSR_HVB) && 1401 !books_vhyp_handles_hv_excp(cpu)) { 1402 excp = POWERPC_EXCP_PROGRAM; 1403 } 1404 1405 vector = env->excp_vectors[excp]; 1406 if (vector == (target_ulong)-1ULL) { 1407 cpu_abort(cs, "Raised an exception without defined vector %d\n", 1408 excp); 1409 } 1410 1411 vector |= env->excp_prefix; 1412 1413 if (is_prefix_insn_excp(cpu, excp)) { 1414 msr |= PPC_BIT(34); 1415 } 1416 1417 switch (excp) { 1418 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 1419 powerpc_mcheck_checkstop(env); 1420 if (env->msr_mask & MSR_HVB) { 1421 /* 1422 * ISA specifies HV, but can be delivered to guest with HV 1423 * clear (e.g., see FWNMI in PAPR). 1424 */ 1425 new_msr |= (target_ulong)MSR_HVB; 1426 } 1427 1428 /* machine check exceptions don't have ME set */ 1429 new_msr &= ~((target_ulong)1 << MSR_ME); 1430 1431 break; 1432 case POWERPC_EXCP_DSI: /* Data storage exception */ 1433 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 1434 break; 1435 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 1436 trace_ppc_excp_isi(msr, env->nip); 1437 msr |= env->error_code; 1438 break; 1439 case POWERPC_EXCP_EXTERNAL: /* External input */ 1440 { 1441 bool lpes0; 1442 1443 /* 1444 * LPES0 is only taken into consideration if we support HV 1445 * mode for this CPU. 1446 */ 1447 if (!env->has_hv_mode) { 1448 break; 1449 } 1450 1451 lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1452 1453 if (!lpes0) { 1454 new_msr |= (target_ulong)MSR_HVB; 1455 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1456 srr0 = SPR_HSRR0; 1457 srr1 = SPR_HSRR1; 1458 } 1459 1460 break; 1461 } 1462 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 1463 /* Optional DSISR update was removed from ISA v3.0 */ 1464 if (!(env->insns_flags2 & PPC2_ISA300)) { 1465 /* Get rS/rD and rA from faulting opcode */ 1466 /* 1467 * Note: the opcode fields will not be set properly for a 1468 * direct store load/store, but nobody cares as nobody 1469 * actually uses direct store segments. 1470 */ 1471 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 1472 } 1473 break; 1474 case POWERPC_EXCP_PROGRAM: /* Program exception */ 1475 switch (env->error_code & ~0xF) { 1476 case POWERPC_EXCP_FP: 1477 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 1478 trace_ppc_excp_fp_ignore(); 1479 powerpc_reset_excp_state(cpu); 1480 return; 1481 } 1482 1483 /* 1484 * FP exceptions always have NIP pointing to the faulting 1485 * instruction, so always use store_next and claim we are 1486 * precise in the MSR. 1487 */ 1488 msr |= 0x00100000; 1489 break; 1490 case POWERPC_EXCP_INVAL: 1491 trace_ppc_excp_inval(env->nip); 1492 msr |= 0x00080000; 1493 break; 1494 case POWERPC_EXCP_PRIV: 1495 msr |= 0x00040000; 1496 break; 1497 case POWERPC_EXCP_TRAP: 1498 msr |= 0x00020000; 1499 break; 1500 default: 1501 /* Should never occur */ 1502 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 1503 env->error_code); 1504 break; 1505 } 1506 break; 1507 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1508 lev = env->error_code; 1509 1510 if (lev == 1 && cpu->vhyp) { 1511 dump_hcall(env); 1512 } else { 1513 dump_syscall(env); 1514 } 1515 1516 /* 1517 * We need to correct the NIP which in this case is supposed 1518 * to point to the next instruction 1519 */ 1520 env->nip += 4; 1521 1522 /* "PAPR mode" built-in hypercall emulation */ 1523 if (lev == 1 && books_vhyp_handles_hcall(cpu)) { 1524 PPCVirtualHypervisorClass *vhc = 1525 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 1526 vhc->hypercall(cpu->vhyp, cpu); 1527 return; 1528 } 1529 if (env->insns_flags2 & PPC2_ISA310) { 1530 /* ISAv3.1 puts LEV into SRR1 */ 1531 msr |= lev << 20; 1532 } 1533 if (lev == 1) { 1534 new_msr |= (target_ulong)MSR_HVB; 1535 } 1536 break; 1537 case POWERPC_EXCP_SYSCALL_VECTORED: /* scv exception */ 1538 lev = env->error_code; 1539 dump_syscall(env); 1540 env->nip += 4; 1541 new_msr |= env->msr & ((target_ulong)1 << MSR_EE); 1542 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1543 1544 vector += lev * 0x20; 1545 1546 env->lr = env->nip; 1547 env->ctr = msr; 1548 break; 1549 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1550 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1551 break; 1552 case POWERPC_EXCP_RESET: /* System reset exception */ 1553 /* A power-saving exception sets ME, otherwise it is unchanged */ 1554 if (FIELD_EX64(env->msr, MSR, POW)) { 1555 /* indicate that we resumed from power save mode */ 1556 msr |= 0x10000; 1557 new_msr |= ((target_ulong)1 << MSR_ME); 1558 } 1559 if (env->msr_mask & MSR_HVB) { 1560 /* 1561 * ISA specifies HV, but can be delivered to guest with HV 1562 * clear (e.g., see FWNMI in PAPR, NMI injection in QEMU). 1563 */ 1564 new_msr |= (target_ulong)MSR_HVB; 1565 } else { 1566 if (FIELD_EX64(env->msr, MSR, POW)) { 1567 cpu_abort(cs, "Trying to deliver power-saving system reset " 1568 "exception %d with no HV support\n", excp); 1569 } 1570 } 1571 break; 1572 case POWERPC_EXCP_DSEG: /* Data segment exception */ 1573 case POWERPC_EXCP_ISEG: /* Instruction segment exception */ 1574 case POWERPC_EXCP_TRACE: /* Trace exception */ 1575 case POWERPC_EXCP_SDOOR: /* Doorbell interrupt */ 1576 case POWERPC_EXCP_PERFM: /* Performance monitor interrupt */ 1577 break; 1578 case POWERPC_EXCP_HISI: /* Hypervisor instruction storage exception */ 1579 msr |= env->error_code; 1580 /* fall through */ 1581 case POWERPC_EXCP_HDECR: /* Hypervisor decrementer exception */ 1582 case POWERPC_EXCP_HDSI: /* Hypervisor data storage exception */ 1583 case POWERPC_EXCP_SDOOR_HV: /* Hypervisor Doorbell interrupt */ 1584 case POWERPC_EXCP_HVIRT: /* Hypervisor virtualization */ 1585 srr0 = SPR_HSRR0; 1586 srr1 = SPR_HSRR1; 1587 new_msr |= (target_ulong)MSR_HVB; 1588 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1589 break; 1590 #ifdef CONFIG_TCG 1591 case POWERPC_EXCP_HV_EMU: { 1592 uint32_t insn = ppc_ldl_code(env, env->nip); 1593 env->spr[SPR_HEIR] = insn; 1594 if (is_prefix_insn(env, insn)) { 1595 uint32_t insn2 = ppc_ldl_code(env, env->nip + 4); 1596 env->spr[SPR_HEIR] <<= 32; 1597 env->spr[SPR_HEIR] |= insn2; 1598 } 1599 srr0 = SPR_HSRR0; 1600 srr1 = SPR_HSRR1; 1601 new_msr |= (target_ulong)MSR_HVB; 1602 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1603 break; 1604 } 1605 #endif 1606 case POWERPC_EXCP_VPU: /* Vector unavailable exception */ 1607 case POWERPC_EXCP_VSXU: /* VSX unavailable exception */ 1608 case POWERPC_EXCP_FU: /* Facility unavailable exception */ 1609 env->spr[SPR_FSCR] |= ((target_ulong)env->error_code << 56); 1610 break; 1611 case POWERPC_EXCP_HV_FU: /* Hypervisor Facility Unavailable Exception */ 1612 env->spr[SPR_HFSCR] |= ((target_ulong)env->error_code << FSCR_IC_POS); 1613 srr0 = SPR_HSRR0; 1614 srr1 = SPR_HSRR1; 1615 new_msr |= (target_ulong)MSR_HVB; 1616 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1617 break; 1618 case POWERPC_EXCP_PERFM_EBB: /* Performance Monitor EBB Exception */ 1619 case POWERPC_EXCP_EXTERNAL_EBB: /* External EBB Exception */ 1620 env->spr[SPR_BESCR] &= ~BESCR_GE; 1621 1622 /* 1623 * Save NIP for rfebb insn in SPR_EBBRR. Next nip is 1624 * stored in the EBB Handler SPR_EBBHR. 1625 */ 1626 env->spr[SPR_EBBRR] = env->nip; 1627 powerpc_set_excp_state(cpu, env->spr[SPR_EBBHR], env->msr); 1628 1629 /* 1630 * This exception is handled in userspace. No need to proceed. 1631 */ 1632 return; 1633 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 1634 case POWERPC_EXCP_VPUA: /* Vector assist exception */ 1635 case POWERPC_EXCP_MAINT: /* Maintenance exception */ 1636 case POWERPC_EXCP_HV_MAINT: /* Hypervisor Maintenance exception */ 1637 cpu_abort(cs, "%s exception not implemented\n", 1638 powerpc_excp_name(excp)); 1639 break; 1640 default: 1641 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1642 break; 1643 } 1644 1645 /* 1646 * Sort out endianness of interrupt, this differs depending on the 1647 * CPU, the HV mode, etc... 1648 */ 1649 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 1650 new_msr |= (target_ulong)1 << MSR_LE; 1651 } 1652 1653 new_msr |= (target_ulong)1 << MSR_SF; 1654 1655 if (excp != POWERPC_EXCP_SYSCALL_VECTORED) { 1656 /* Save PC */ 1657 env->spr[srr0] = env->nip; 1658 1659 /* Save MSR */ 1660 env->spr[srr1] = msr; 1661 } 1662 1663 if ((new_msr & MSR_HVB) && books_vhyp_handles_hv_excp(cpu)) { 1664 PPCVirtualHypervisorClass *vhc = 1665 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 1666 /* Deliver interrupt to L1 by returning from the H_ENTER_NESTED call */ 1667 vhc->deliver_hv_excp(cpu, excp); 1668 1669 powerpc_reset_excp_state(cpu); 1670 1671 } else { 1672 /* Sanity check */ 1673 if (!(env->msr_mask & MSR_HVB) && srr0 == SPR_HSRR0) { 1674 cpu_abort(cs, "Trying to deliver HV exception (HSRR) %d with " 1675 "no HV support\n", excp); 1676 } 1677 1678 /* This can update new_msr and vector if AIL applies */ 1679 ppc_excp_apply_ail(cpu, excp, msr, &new_msr, &vector); 1680 1681 powerpc_set_excp_state(cpu, vector, new_msr); 1682 } 1683 } 1684 #else 1685 static inline void powerpc_excp_books(PowerPCCPU *cpu, int excp) 1686 { 1687 g_assert_not_reached(); 1688 } 1689 #endif 1690 1691 static void powerpc_excp(PowerPCCPU *cpu, int excp) 1692 { 1693 CPUState *cs = CPU(cpu); 1694 CPUPPCState *env = &cpu->env; 1695 1696 if (excp <= POWERPC_EXCP_NONE || excp >= POWERPC_EXCP_NB) { 1697 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1698 } 1699 1700 qemu_log_mask(CPU_LOG_INT, "Raise exception at " TARGET_FMT_lx 1701 " => %s (%d) error=%02x\n", env->nip, powerpc_excp_name(excp), 1702 excp, env->error_code); 1703 env->excp_stats[excp]++; 1704 1705 switch (env->excp_model) { 1706 case POWERPC_EXCP_40x: 1707 powerpc_excp_40x(cpu, excp); 1708 break; 1709 case POWERPC_EXCP_6xx: 1710 powerpc_excp_6xx(cpu, excp); 1711 break; 1712 case POWERPC_EXCP_7xx: 1713 powerpc_excp_7xx(cpu, excp); 1714 break; 1715 case POWERPC_EXCP_74xx: 1716 powerpc_excp_74xx(cpu, excp); 1717 break; 1718 case POWERPC_EXCP_BOOKE: 1719 powerpc_excp_booke(cpu, excp); 1720 break; 1721 case POWERPC_EXCP_970: 1722 case POWERPC_EXCP_POWER7: 1723 case POWERPC_EXCP_POWER8: 1724 case POWERPC_EXCP_POWER9: 1725 case POWERPC_EXCP_POWER10: 1726 powerpc_excp_books(cpu, excp); 1727 break; 1728 default: 1729 g_assert_not_reached(); 1730 } 1731 } 1732 1733 void ppc_cpu_do_interrupt(CPUState *cs) 1734 { 1735 PowerPCCPU *cpu = POWERPC_CPU(cs); 1736 1737 powerpc_excp(cpu, cs->exception_index); 1738 } 1739 1740 #if defined(TARGET_PPC64) 1741 #define P7_UNUSED_INTERRUPTS \ 1742 (PPC_INTERRUPT_RESET | PPC_INTERRUPT_HVIRT | PPC_INTERRUPT_CEXT | \ 1743 PPC_INTERRUPT_WDT | PPC_INTERRUPT_CDOORBELL | PPC_INTERRUPT_FIT | \ 1744 PPC_INTERRUPT_PIT | PPC_INTERRUPT_DOORBELL | PPC_INTERRUPT_HDOORBELL | \ 1745 PPC_INTERRUPT_THERM | PPC_INTERRUPT_EBB) 1746 1747 static int p7_interrupt_powersave(CPUPPCState *env) 1748 { 1749 if ((env->pending_interrupts & PPC_INTERRUPT_EXT) && 1750 (env->spr[SPR_LPCR] & LPCR_P7_PECE0)) { 1751 return PPC_INTERRUPT_EXT; 1752 } 1753 if ((env->pending_interrupts & PPC_INTERRUPT_DECR) && 1754 (env->spr[SPR_LPCR] & LPCR_P7_PECE1)) { 1755 return PPC_INTERRUPT_DECR; 1756 } 1757 if ((env->pending_interrupts & PPC_INTERRUPT_MCK) && 1758 (env->spr[SPR_LPCR] & LPCR_P7_PECE2)) { 1759 return PPC_INTERRUPT_MCK; 1760 } 1761 if ((env->pending_interrupts & PPC_INTERRUPT_HMI) && 1762 (env->spr[SPR_LPCR] & LPCR_P7_PECE2)) { 1763 return PPC_INTERRUPT_HMI; 1764 } 1765 if (env->pending_interrupts & PPC_INTERRUPT_RESET) { 1766 return PPC_INTERRUPT_RESET; 1767 } 1768 return 0; 1769 } 1770 1771 static int p7_next_unmasked_interrupt(CPUPPCState *env) 1772 { 1773 CPUState *cs = env_cpu(env); 1774 1775 /* Ignore MSR[EE] when coming out of some power management states */ 1776 bool msr_ee = FIELD_EX64(env->msr, MSR, EE) || env->resume_as_sreset; 1777 1778 assert((env->pending_interrupts & P7_UNUSED_INTERRUPTS) == 0); 1779 1780 if (cs->halted) { 1781 /* LPCR[PECE] controls which interrupts can exit power-saving mode */ 1782 return p7_interrupt_powersave(env); 1783 } 1784 1785 /* Machine check exception */ 1786 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 1787 return PPC_INTERRUPT_MCK; 1788 } 1789 1790 /* Hypervisor decrementer exception */ 1791 if (env->pending_interrupts & PPC_INTERRUPT_HDECR) { 1792 /* LPCR will be clear when not supported so this will work */ 1793 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 1794 if ((msr_ee || !FIELD_EX64_HV(env->msr)) && hdice) { 1795 /* HDEC clears on delivery */ 1796 return PPC_INTERRUPT_HDECR; 1797 } 1798 } 1799 1800 /* External interrupt can ignore MSR:EE under some circumstances */ 1801 if (env->pending_interrupts & PPC_INTERRUPT_EXT) { 1802 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1803 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 1804 /* HEIC blocks delivery to the hypervisor */ 1805 if ((msr_ee && !(heic && FIELD_EX64_HV(env->msr) && 1806 !FIELD_EX64(env->msr, MSR, PR))) || 1807 (env->has_hv_mode && !FIELD_EX64_HV(env->msr) && !lpes0)) { 1808 return PPC_INTERRUPT_EXT; 1809 } 1810 } 1811 if (msr_ee != 0) { 1812 /* Decrementer exception */ 1813 if (env->pending_interrupts & PPC_INTERRUPT_DECR) { 1814 return PPC_INTERRUPT_DECR; 1815 } 1816 if (env->pending_interrupts & PPC_INTERRUPT_PERFM) { 1817 return PPC_INTERRUPT_PERFM; 1818 } 1819 } 1820 1821 return 0; 1822 } 1823 1824 #define P8_UNUSED_INTERRUPTS \ 1825 (PPC_INTERRUPT_RESET | PPC_INTERRUPT_DEBUG | PPC_INTERRUPT_HVIRT | \ 1826 PPC_INTERRUPT_CEXT | PPC_INTERRUPT_WDT | PPC_INTERRUPT_CDOORBELL | \ 1827 PPC_INTERRUPT_FIT | PPC_INTERRUPT_PIT | PPC_INTERRUPT_THERM) 1828 1829 static int p8_interrupt_powersave(CPUPPCState *env) 1830 { 1831 if ((env->pending_interrupts & PPC_INTERRUPT_EXT) && 1832 (env->spr[SPR_LPCR] & LPCR_P8_PECE2)) { 1833 return PPC_INTERRUPT_EXT; 1834 } 1835 if ((env->pending_interrupts & PPC_INTERRUPT_DECR) && 1836 (env->spr[SPR_LPCR] & LPCR_P8_PECE3)) { 1837 return PPC_INTERRUPT_DECR; 1838 } 1839 if ((env->pending_interrupts & PPC_INTERRUPT_MCK) && 1840 (env->spr[SPR_LPCR] & LPCR_P8_PECE4)) { 1841 return PPC_INTERRUPT_MCK; 1842 } 1843 if ((env->pending_interrupts & PPC_INTERRUPT_HMI) && 1844 (env->spr[SPR_LPCR] & LPCR_P8_PECE4)) { 1845 return PPC_INTERRUPT_HMI; 1846 } 1847 if ((env->pending_interrupts & PPC_INTERRUPT_DOORBELL) && 1848 (env->spr[SPR_LPCR] & LPCR_P8_PECE0)) { 1849 return PPC_INTERRUPT_DOORBELL; 1850 } 1851 if ((env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) && 1852 (env->spr[SPR_LPCR] & LPCR_P8_PECE1)) { 1853 return PPC_INTERRUPT_HDOORBELL; 1854 } 1855 if (env->pending_interrupts & PPC_INTERRUPT_RESET) { 1856 return PPC_INTERRUPT_RESET; 1857 } 1858 return 0; 1859 } 1860 1861 static int p8_next_unmasked_interrupt(CPUPPCState *env) 1862 { 1863 CPUState *cs = env_cpu(env); 1864 1865 /* Ignore MSR[EE] when coming out of some power management states */ 1866 bool msr_ee = FIELD_EX64(env->msr, MSR, EE) || env->resume_as_sreset; 1867 1868 assert((env->pending_interrupts & P8_UNUSED_INTERRUPTS) == 0); 1869 1870 if (cs->halted) { 1871 /* LPCR[PECE] controls which interrupts can exit power-saving mode */ 1872 return p8_interrupt_powersave(env); 1873 } 1874 1875 /* Machine check exception */ 1876 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 1877 return PPC_INTERRUPT_MCK; 1878 } 1879 1880 /* Hypervisor decrementer exception */ 1881 if (env->pending_interrupts & PPC_INTERRUPT_HDECR) { 1882 /* LPCR will be clear when not supported so this will work */ 1883 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 1884 if ((msr_ee || !FIELD_EX64_HV(env->msr)) && hdice) { 1885 /* HDEC clears on delivery */ 1886 return PPC_INTERRUPT_HDECR; 1887 } 1888 } 1889 1890 /* External interrupt can ignore MSR:EE under some circumstances */ 1891 if (env->pending_interrupts & PPC_INTERRUPT_EXT) { 1892 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1893 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 1894 /* HEIC blocks delivery to the hypervisor */ 1895 if ((msr_ee && !(heic && FIELD_EX64_HV(env->msr) && 1896 !FIELD_EX64(env->msr, MSR, PR))) || 1897 (env->has_hv_mode && !FIELD_EX64_HV(env->msr) && !lpes0)) { 1898 return PPC_INTERRUPT_EXT; 1899 } 1900 } 1901 if (msr_ee != 0) { 1902 /* Decrementer exception */ 1903 if (env->pending_interrupts & PPC_INTERRUPT_DECR) { 1904 return PPC_INTERRUPT_DECR; 1905 } 1906 if (env->pending_interrupts & PPC_INTERRUPT_DOORBELL) { 1907 return PPC_INTERRUPT_DOORBELL; 1908 } 1909 if (env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) { 1910 return PPC_INTERRUPT_HDOORBELL; 1911 } 1912 if (env->pending_interrupts & PPC_INTERRUPT_PERFM) { 1913 return PPC_INTERRUPT_PERFM; 1914 } 1915 /* EBB exception */ 1916 if (env->pending_interrupts & PPC_INTERRUPT_EBB) { 1917 /* 1918 * EBB exception must be taken in problem state and 1919 * with BESCR_GE set. 1920 */ 1921 if (FIELD_EX64(env->msr, MSR, PR) && 1922 (env->spr[SPR_BESCR] & BESCR_GE)) { 1923 return PPC_INTERRUPT_EBB; 1924 } 1925 } 1926 } 1927 1928 return 0; 1929 } 1930 1931 #define P9_UNUSED_INTERRUPTS \ 1932 (PPC_INTERRUPT_RESET | PPC_INTERRUPT_DEBUG | PPC_INTERRUPT_CEXT | \ 1933 PPC_INTERRUPT_WDT | PPC_INTERRUPT_CDOORBELL | PPC_INTERRUPT_FIT | \ 1934 PPC_INTERRUPT_PIT | PPC_INTERRUPT_THERM) 1935 1936 static int p9_interrupt_powersave(CPUPPCState *env) 1937 { 1938 /* External Exception */ 1939 if ((env->pending_interrupts & PPC_INTERRUPT_EXT) && 1940 (env->spr[SPR_LPCR] & LPCR_EEE)) { 1941 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 1942 if (!heic || !FIELD_EX64_HV(env->msr) || 1943 FIELD_EX64(env->msr, MSR, PR)) { 1944 return PPC_INTERRUPT_EXT; 1945 } 1946 } 1947 /* Decrementer Exception */ 1948 if ((env->pending_interrupts & PPC_INTERRUPT_DECR) && 1949 (env->spr[SPR_LPCR] & LPCR_DEE)) { 1950 return PPC_INTERRUPT_DECR; 1951 } 1952 /* Machine Check or Hypervisor Maintenance Exception */ 1953 if (env->spr[SPR_LPCR] & LPCR_OEE) { 1954 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 1955 return PPC_INTERRUPT_MCK; 1956 } 1957 if (env->pending_interrupts & PPC_INTERRUPT_HMI) { 1958 return PPC_INTERRUPT_HMI; 1959 } 1960 } 1961 /* Privileged Doorbell Exception */ 1962 if ((env->pending_interrupts & PPC_INTERRUPT_DOORBELL) && 1963 (env->spr[SPR_LPCR] & LPCR_PDEE)) { 1964 return PPC_INTERRUPT_DOORBELL; 1965 } 1966 /* Hypervisor Doorbell Exception */ 1967 if ((env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) && 1968 (env->spr[SPR_LPCR] & LPCR_HDEE)) { 1969 return PPC_INTERRUPT_HDOORBELL; 1970 } 1971 /* Hypervisor virtualization exception */ 1972 if ((env->pending_interrupts & PPC_INTERRUPT_HVIRT) && 1973 (env->spr[SPR_LPCR] & LPCR_HVEE)) { 1974 return PPC_INTERRUPT_HVIRT; 1975 } 1976 if (env->pending_interrupts & PPC_INTERRUPT_RESET) { 1977 return PPC_INTERRUPT_RESET; 1978 } 1979 return 0; 1980 } 1981 1982 static int p9_next_unmasked_interrupt(CPUPPCState *env) 1983 { 1984 CPUState *cs = env_cpu(env); 1985 1986 /* Ignore MSR[EE] when coming out of some power management states */ 1987 bool msr_ee = FIELD_EX64(env->msr, MSR, EE) || env->resume_as_sreset; 1988 1989 assert((env->pending_interrupts & P9_UNUSED_INTERRUPTS) == 0); 1990 1991 if (cs->halted) { 1992 if (env->spr[SPR_PSSCR] & PSSCR_EC) { 1993 /* 1994 * When PSSCR[EC] is set, LPCR[PECE] controls which interrupts can 1995 * wakeup the processor 1996 */ 1997 return p9_interrupt_powersave(env); 1998 } else { 1999 /* 2000 * When it's clear, any system-caused exception exits power-saving 2001 * mode, even the ones that gate on MSR[EE]. 2002 */ 2003 msr_ee = true; 2004 } 2005 } 2006 2007 /* Machine check exception */ 2008 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 2009 return PPC_INTERRUPT_MCK; 2010 } 2011 2012 /* Hypervisor decrementer exception */ 2013 if (env->pending_interrupts & PPC_INTERRUPT_HDECR) { 2014 /* LPCR will be clear when not supported so this will work */ 2015 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 2016 if ((msr_ee || !FIELD_EX64_HV(env->msr)) && hdice) { 2017 /* HDEC clears on delivery */ 2018 return PPC_INTERRUPT_HDECR; 2019 } 2020 } 2021 2022 /* Hypervisor virtualization interrupt */ 2023 if (env->pending_interrupts & PPC_INTERRUPT_HVIRT) { 2024 /* LPCR will be clear when not supported so this will work */ 2025 bool hvice = !!(env->spr[SPR_LPCR] & LPCR_HVICE); 2026 if ((msr_ee || !FIELD_EX64_HV(env->msr)) && hvice) { 2027 return PPC_INTERRUPT_HVIRT; 2028 } 2029 } 2030 2031 /* External interrupt can ignore MSR:EE under some circumstances */ 2032 if (env->pending_interrupts & PPC_INTERRUPT_EXT) { 2033 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 2034 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 2035 /* HEIC blocks delivery to the hypervisor */ 2036 if ((msr_ee && !(heic && FIELD_EX64_HV(env->msr) && 2037 !FIELD_EX64(env->msr, MSR, PR))) || 2038 (env->has_hv_mode && !FIELD_EX64_HV(env->msr) && !lpes0)) { 2039 return PPC_INTERRUPT_EXT; 2040 } 2041 } 2042 if (msr_ee != 0) { 2043 /* Decrementer exception */ 2044 if (env->pending_interrupts & PPC_INTERRUPT_DECR) { 2045 return PPC_INTERRUPT_DECR; 2046 } 2047 if (env->pending_interrupts & PPC_INTERRUPT_DOORBELL) { 2048 return PPC_INTERRUPT_DOORBELL; 2049 } 2050 if (env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) { 2051 return PPC_INTERRUPT_HDOORBELL; 2052 } 2053 if (env->pending_interrupts & PPC_INTERRUPT_PERFM) { 2054 return PPC_INTERRUPT_PERFM; 2055 } 2056 /* EBB exception */ 2057 if (env->pending_interrupts & PPC_INTERRUPT_EBB) { 2058 /* 2059 * EBB exception must be taken in problem state and 2060 * with BESCR_GE set. 2061 */ 2062 if (FIELD_EX64(env->msr, MSR, PR) && 2063 (env->spr[SPR_BESCR] & BESCR_GE)) { 2064 return PPC_INTERRUPT_EBB; 2065 } 2066 } 2067 } 2068 2069 return 0; 2070 } 2071 #endif 2072 2073 static int ppc_next_unmasked_interrupt_generic(CPUPPCState *env) 2074 { 2075 bool async_deliver; 2076 2077 /* External reset */ 2078 if (env->pending_interrupts & PPC_INTERRUPT_RESET) { 2079 return PPC_INTERRUPT_RESET; 2080 } 2081 /* Machine check exception */ 2082 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 2083 return PPC_INTERRUPT_MCK; 2084 } 2085 #if 0 /* TODO */ 2086 /* External debug exception */ 2087 if (env->pending_interrupts & PPC_INTERRUPT_DEBUG) { 2088 return PPC_INTERRUPT_DEBUG; 2089 } 2090 #endif 2091 2092 /* 2093 * For interrupts that gate on MSR:EE, we need to do something a 2094 * bit more subtle, as we need to let them through even when EE is 2095 * clear when coming out of some power management states (in order 2096 * for them to become a 0x100). 2097 */ 2098 async_deliver = FIELD_EX64(env->msr, MSR, EE) || env->resume_as_sreset; 2099 2100 /* Hypervisor decrementer exception */ 2101 if (env->pending_interrupts & PPC_INTERRUPT_HDECR) { 2102 /* LPCR will be clear when not supported so this will work */ 2103 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 2104 if ((async_deliver || !FIELD_EX64_HV(env->msr)) && hdice) { 2105 /* HDEC clears on delivery */ 2106 return PPC_INTERRUPT_HDECR; 2107 } 2108 } 2109 2110 /* Hypervisor virtualization interrupt */ 2111 if (env->pending_interrupts & PPC_INTERRUPT_HVIRT) { 2112 /* LPCR will be clear when not supported so this will work */ 2113 bool hvice = !!(env->spr[SPR_LPCR] & LPCR_HVICE); 2114 if ((async_deliver || !FIELD_EX64_HV(env->msr)) && hvice) { 2115 return PPC_INTERRUPT_HVIRT; 2116 } 2117 } 2118 2119 /* External interrupt can ignore MSR:EE under some circumstances */ 2120 if (env->pending_interrupts & PPC_INTERRUPT_EXT) { 2121 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 2122 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 2123 /* HEIC blocks delivery to the hypervisor */ 2124 if ((async_deliver && !(heic && FIELD_EX64_HV(env->msr) && 2125 !FIELD_EX64(env->msr, MSR, PR))) || 2126 (env->has_hv_mode && !FIELD_EX64_HV(env->msr) && !lpes0)) { 2127 return PPC_INTERRUPT_EXT; 2128 } 2129 } 2130 if (FIELD_EX64(env->msr, MSR, CE)) { 2131 /* External critical interrupt */ 2132 if (env->pending_interrupts & PPC_INTERRUPT_CEXT) { 2133 return PPC_INTERRUPT_CEXT; 2134 } 2135 } 2136 if (async_deliver != 0) { 2137 /* Watchdog timer on embedded PowerPC */ 2138 if (env->pending_interrupts & PPC_INTERRUPT_WDT) { 2139 return PPC_INTERRUPT_WDT; 2140 } 2141 if (env->pending_interrupts & PPC_INTERRUPT_CDOORBELL) { 2142 return PPC_INTERRUPT_CDOORBELL; 2143 } 2144 /* Fixed interval timer on embedded PowerPC */ 2145 if (env->pending_interrupts & PPC_INTERRUPT_FIT) { 2146 return PPC_INTERRUPT_FIT; 2147 } 2148 /* Programmable interval timer on embedded PowerPC */ 2149 if (env->pending_interrupts & PPC_INTERRUPT_PIT) { 2150 return PPC_INTERRUPT_PIT; 2151 } 2152 /* Decrementer exception */ 2153 if (env->pending_interrupts & PPC_INTERRUPT_DECR) { 2154 return PPC_INTERRUPT_DECR; 2155 } 2156 if (env->pending_interrupts & PPC_INTERRUPT_DOORBELL) { 2157 return PPC_INTERRUPT_DOORBELL; 2158 } 2159 if (env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) { 2160 return PPC_INTERRUPT_HDOORBELL; 2161 } 2162 if (env->pending_interrupts & PPC_INTERRUPT_PERFM) { 2163 return PPC_INTERRUPT_PERFM; 2164 } 2165 /* Thermal interrupt */ 2166 if (env->pending_interrupts & PPC_INTERRUPT_THERM) { 2167 return PPC_INTERRUPT_THERM; 2168 } 2169 /* EBB exception */ 2170 if (env->pending_interrupts & PPC_INTERRUPT_EBB) { 2171 /* 2172 * EBB exception must be taken in problem state and 2173 * with BESCR_GE set. 2174 */ 2175 if (FIELD_EX64(env->msr, MSR, PR) && 2176 (env->spr[SPR_BESCR] & BESCR_GE)) { 2177 return PPC_INTERRUPT_EBB; 2178 } 2179 } 2180 } 2181 2182 return 0; 2183 } 2184 2185 static int ppc_next_unmasked_interrupt(CPUPPCState *env) 2186 { 2187 switch (env->excp_model) { 2188 #if defined(TARGET_PPC64) 2189 case POWERPC_EXCP_POWER7: 2190 return p7_next_unmasked_interrupt(env); 2191 case POWERPC_EXCP_POWER8: 2192 return p8_next_unmasked_interrupt(env); 2193 case POWERPC_EXCP_POWER9: 2194 case POWERPC_EXCP_POWER10: 2195 return p9_next_unmasked_interrupt(env); 2196 #endif 2197 default: 2198 return ppc_next_unmasked_interrupt_generic(env); 2199 } 2200 } 2201 2202 /* 2203 * Sets CPU_INTERRUPT_HARD if there is at least one unmasked interrupt to be 2204 * delivered and clears CPU_INTERRUPT_HARD otherwise. 2205 * 2206 * This method is called by ppc_set_interrupt when an interrupt is raised or 2207 * lowered, and should also be called whenever an interrupt masking condition 2208 * is changed, e.g.: 2209 * - When relevant bits of MSR are altered, like EE, HV, PR, etc.; 2210 * - When relevant bits of LPCR are altered, like PECE, HDICE, HVICE, etc.; 2211 * - When PSSCR[EC] or env->resume_as_sreset are changed; 2212 * - When cs->halted is changed and the CPU has a different interrupt masking 2213 * logic in power-saving mode (e.g., POWER7/8/9/10); 2214 */ 2215 void ppc_maybe_interrupt(CPUPPCState *env) 2216 { 2217 CPUState *cs = env_cpu(env); 2218 QEMU_IOTHREAD_LOCK_GUARD(); 2219 2220 if (ppc_next_unmasked_interrupt(env)) { 2221 cpu_interrupt(cs, CPU_INTERRUPT_HARD); 2222 } else { 2223 cpu_reset_interrupt(cs, CPU_INTERRUPT_HARD); 2224 } 2225 } 2226 2227 #if defined(TARGET_PPC64) 2228 static void p7_deliver_interrupt(CPUPPCState *env, int interrupt) 2229 { 2230 PowerPCCPU *cpu = env_archcpu(env); 2231 CPUState *cs = env_cpu(env); 2232 2233 switch (interrupt) { 2234 case PPC_INTERRUPT_MCK: /* Machine check exception */ 2235 env->pending_interrupts &= ~PPC_INTERRUPT_MCK; 2236 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 2237 break; 2238 2239 case PPC_INTERRUPT_HDECR: /* Hypervisor decrementer exception */ 2240 /* HDEC clears on delivery */ 2241 env->pending_interrupts &= ~PPC_INTERRUPT_HDECR; 2242 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 2243 break; 2244 2245 case PPC_INTERRUPT_EXT: 2246 if (books_vhyp_promotes_external_to_hvirt(cpu)) { 2247 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2248 } else { 2249 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 2250 } 2251 break; 2252 2253 case PPC_INTERRUPT_DECR: /* Decrementer exception */ 2254 powerpc_excp(cpu, POWERPC_EXCP_DECR); 2255 break; 2256 case PPC_INTERRUPT_PERFM: 2257 env->pending_interrupts &= ~PPC_INTERRUPT_PERFM; 2258 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 2259 break; 2260 case 0: 2261 /* 2262 * This is a bug ! It means that has_work took us out of halt without 2263 * anything to deliver while in a PM state that requires getting 2264 * out via a 0x100 2265 * 2266 * This means we will incorrectly execute past the power management 2267 * instruction instead of triggering a reset. 2268 * 2269 * It generally means a discrepancy between the wakeup conditions in the 2270 * processor has_work implementation and the logic in this function. 2271 */ 2272 assert(!env->resume_as_sreset); 2273 break; 2274 default: 2275 cpu_abort(cs, "Invalid PowerPC interrupt %d. Aborting\n", interrupt); 2276 } 2277 } 2278 2279 static void p8_deliver_interrupt(CPUPPCState *env, int interrupt) 2280 { 2281 PowerPCCPU *cpu = env_archcpu(env); 2282 CPUState *cs = env_cpu(env); 2283 2284 switch (interrupt) { 2285 case PPC_INTERRUPT_MCK: /* Machine check exception */ 2286 env->pending_interrupts &= ~PPC_INTERRUPT_MCK; 2287 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 2288 break; 2289 2290 case PPC_INTERRUPT_HDECR: /* Hypervisor decrementer exception */ 2291 /* HDEC clears on delivery */ 2292 env->pending_interrupts &= ~PPC_INTERRUPT_HDECR; 2293 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 2294 break; 2295 2296 case PPC_INTERRUPT_EXT: 2297 if (books_vhyp_promotes_external_to_hvirt(cpu)) { 2298 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2299 } else { 2300 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 2301 } 2302 break; 2303 2304 case PPC_INTERRUPT_DECR: /* Decrementer exception */ 2305 powerpc_excp(cpu, POWERPC_EXCP_DECR); 2306 break; 2307 case PPC_INTERRUPT_DOORBELL: 2308 env->pending_interrupts &= ~PPC_INTERRUPT_DOORBELL; 2309 if (is_book3s_arch2x(env)) { 2310 powerpc_excp(cpu, POWERPC_EXCP_SDOOR); 2311 } else { 2312 powerpc_excp(cpu, POWERPC_EXCP_DOORI); 2313 } 2314 break; 2315 case PPC_INTERRUPT_HDOORBELL: 2316 env->pending_interrupts &= ~PPC_INTERRUPT_HDOORBELL; 2317 powerpc_excp(cpu, POWERPC_EXCP_SDOOR_HV); 2318 break; 2319 case PPC_INTERRUPT_PERFM: 2320 env->pending_interrupts &= ~PPC_INTERRUPT_PERFM; 2321 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 2322 break; 2323 case PPC_INTERRUPT_EBB: /* EBB exception */ 2324 env->pending_interrupts &= ~PPC_INTERRUPT_EBB; 2325 if (env->spr[SPR_BESCR] & BESCR_PMEO) { 2326 powerpc_excp(cpu, POWERPC_EXCP_PERFM_EBB); 2327 } else if (env->spr[SPR_BESCR] & BESCR_EEO) { 2328 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL_EBB); 2329 } 2330 break; 2331 case 0: 2332 /* 2333 * This is a bug ! It means that has_work took us out of halt without 2334 * anything to deliver while in a PM state that requires getting 2335 * out via a 0x100 2336 * 2337 * This means we will incorrectly execute past the power management 2338 * instruction instead of triggering a reset. 2339 * 2340 * It generally means a discrepancy between the wakeup conditions in the 2341 * processor has_work implementation and the logic in this function. 2342 */ 2343 assert(!env->resume_as_sreset); 2344 break; 2345 default: 2346 cpu_abort(cs, "Invalid PowerPC interrupt %d. Aborting\n", interrupt); 2347 } 2348 } 2349 2350 static void p9_deliver_interrupt(CPUPPCState *env, int interrupt) 2351 { 2352 PowerPCCPU *cpu = env_archcpu(env); 2353 CPUState *cs = env_cpu(env); 2354 2355 if (cs->halted && !(env->spr[SPR_PSSCR] & PSSCR_EC) && 2356 !FIELD_EX64(env->msr, MSR, EE)) { 2357 /* 2358 * A pending interrupt took us out of power-saving, but MSR[EE] says 2359 * that we should return to NIP+4 instead of delivering it. 2360 */ 2361 return; 2362 } 2363 2364 switch (interrupt) { 2365 case PPC_INTERRUPT_MCK: /* Machine check exception */ 2366 env->pending_interrupts &= ~PPC_INTERRUPT_MCK; 2367 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 2368 break; 2369 2370 case PPC_INTERRUPT_HDECR: /* Hypervisor decrementer exception */ 2371 /* HDEC clears on delivery */ 2372 env->pending_interrupts &= ~PPC_INTERRUPT_HDECR; 2373 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 2374 break; 2375 case PPC_INTERRUPT_HVIRT: /* Hypervisor virtualization interrupt */ 2376 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2377 break; 2378 2379 case PPC_INTERRUPT_EXT: 2380 if (books_vhyp_promotes_external_to_hvirt(cpu)) { 2381 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2382 } else { 2383 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 2384 } 2385 break; 2386 2387 case PPC_INTERRUPT_DECR: /* Decrementer exception */ 2388 powerpc_excp(cpu, POWERPC_EXCP_DECR); 2389 break; 2390 case PPC_INTERRUPT_DOORBELL: 2391 env->pending_interrupts &= ~PPC_INTERRUPT_DOORBELL; 2392 powerpc_excp(cpu, POWERPC_EXCP_SDOOR); 2393 break; 2394 case PPC_INTERRUPT_HDOORBELL: 2395 env->pending_interrupts &= ~PPC_INTERRUPT_HDOORBELL; 2396 powerpc_excp(cpu, POWERPC_EXCP_SDOOR_HV); 2397 break; 2398 case PPC_INTERRUPT_PERFM: 2399 env->pending_interrupts &= ~PPC_INTERRUPT_PERFM; 2400 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 2401 break; 2402 case PPC_INTERRUPT_EBB: /* EBB exception */ 2403 env->pending_interrupts &= ~PPC_INTERRUPT_EBB; 2404 if (env->spr[SPR_BESCR] & BESCR_PMEO) { 2405 powerpc_excp(cpu, POWERPC_EXCP_PERFM_EBB); 2406 } else if (env->spr[SPR_BESCR] & BESCR_EEO) { 2407 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL_EBB); 2408 } 2409 break; 2410 case 0: 2411 /* 2412 * This is a bug ! It means that has_work took us out of halt without 2413 * anything to deliver while in a PM state that requires getting 2414 * out via a 0x100 2415 * 2416 * This means we will incorrectly execute past the power management 2417 * instruction instead of triggering a reset. 2418 * 2419 * It generally means a discrepancy between the wakeup conditions in the 2420 * processor has_work implementation and the logic in this function. 2421 */ 2422 assert(!env->resume_as_sreset); 2423 break; 2424 default: 2425 cpu_abort(cs, "Invalid PowerPC interrupt %d. Aborting\n", interrupt); 2426 } 2427 } 2428 #endif 2429 2430 static void ppc_deliver_interrupt_generic(CPUPPCState *env, int interrupt) 2431 { 2432 PowerPCCPU *cpu = env_archcpu(env); 2433 CPUState *cs = env_cpu(env); 2434 2435 switch (interrupt) { 2436 case PPC_INTERRUPT_RESET: /* External reset */ 2437 env->pending_interrupts &= ~PPC_INTERRUPT_RESET; 2438 powerpc_excp(cpu, POWERPC_EXCP_RESET); 2439 break; 2440 case PPC_INTERRUPT_MCK: /* Machine check exception */ 2441 env->pending_interrupts &= ~PPC_INTERRUPT_MCK; 2442 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 2443 break; 2444 2445 case PPC_INTERRUPT_HDECR: /* Hypervisor decrementer exception */ 2446 /* HDEC clears on delivery */ 2447 env->pending_interrupts &= ~PPC_INTERRUPT_HDECR; 2448 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 2449 break; 2450 case PPC_INTERRUPT_HVIRT: /* Hypervisor virtualization interrupt */ 2451 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2452 break; 2453 2454 case PPC_INTERRUPT_EXT: 2455 if (books_vhyp_promotes_external_to_hvirt(cpu)) { 2456 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2457 } else { 2458 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 2459 } 2460 break; 2461 case PPC_INTERRUPT_CEXT: /* External critical interrupt */ 2462 powerpc_excp(cpu, POWERPC_EXCP_CRITICAL); 2463 break; 2464 2465 case PPC_INTERRUPT_WDT: /* Watchdog timer on embedded PowerPC */ 2466 env->pending_interrupts &= ~PPC_INTERRUPT_WDT; 2467 powerpc_excp(cpu, POWERPC_EXCP_WDT); 2468 break; 2469 case PPC_INTERRUPT_CDOORBELL: 2470 env->pending_interrupts &= ~PPC_INTERRUPT_CDOORBELL; 2471 powerpc_excp(cpu, POWERPC_EXCP_DOORCI); 2472 break; 2473 case PPC_INTERRUPT_FIT: /* Fixed interval timer on embedded PowerPC */ 2474 env->pending_interrupts &= ~PPC_INTERRUPT_FIT; 2475 powerpc_excp(cpu, POWERPC_EXCP_FIT); 2476 break; 2477 case PPC_INTERRUPT_PIT: /* Programmable interval timer on embedded ppc */ 2478 env->pending_interrupts &= ~PPC_INTERRUPT_PIT; 2479 powerpc_excp(cpu, POWERPC_EXCP_PIT); 2480 break; 2481 case PPC_INTERRUPT_DECR: /* Decrementer exception */ 2482 if (ppc_decr_clear_on_delivery(env)) { 2483 env->pending_interrupts &= ~PPC_INTERRUPT_DECR; 2484 } 2485 powerpc_excp(cpu, POWERPC_EXCP_DECR); 2486 break; 2487 case PPC_INTERRUPT_DOORBELL: 2488 env->pending_interrupts &= ~PPC_INTERRUPT_DOORBELL; 2489 if (is_book3s_arch2x(env)) { 2490 powerpc_excp(cpu, POWERPC_EXCP_SDOOR); 2491 } else { 2492 powerpc_excp(cpu, POWERPC_EXCP_DOORI); 2493 } 2494 break; 2495 case PPC_INTERRUPT_HDOORBELL: 2496 env->pending_interrupts &= ~PPC_INTERRUPT_HDOORBELL; 2497 powerpc_excp(cpu, POWERPC_EXCP_SDOOR_HV); 2498 break; 2499 case PPC_INTERRUPT_PERFM: 2500 env->pending_interrupts &= ~PPC_INTERRUPT_PERFM; 2501 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 2502 break; 2503 case PPC_INTERRUPT_THERM: /* Thermal interrupt */ 2504 env->pending_interrupts &= ~PPC_INTERRUPT_THERM; 2505 powerpc_excp(cpu, POWERPC_EXCP_THERM); 2506 break; 2507 case PPC_INTERRUPT_EBB: /* EBB exception */ 2508 env->pending_interrupts &= ~PPC_INTERRUPT_EBB; 2509 if (env->spr[SPR_BESCR] & BESCR_PMEO) { 2510 powerpc_excp(cpu, POWERPC_EXCP_PERFM_EBB); 2511 } else if (env->spr[SPR_BESCR] & BESCR_EEO) { 2512 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL_EBB); 2513 } 2514 break; 2515 case 0: 2516 /* 2517 * This is a bug ! It means that has_work took us out of halt without 2518 * anything to deliver while in a PM state that requires getting 2519 * out via a 0x100 2520 * 2521 * This means we will incorrectly execute past the power management 2522 * instruction instead of triggering a reset. 2523 * 2524 * It generally means a discrepancy between the wakeup conditions in the 2525 * processor has_work implementation and the logic in this function. 2526 */ 2527 assert(!env->resume_as_sreset); 2528 break; 2529 default: 2530 cpu_abort(cs, "Invalid PowerPC interrupt %d. Aborting\n", interrupt); 2531 } 2532 } 2533 2534 static void ppc_deliver_interrupt(CPUPPCState *env, int interrupt) 2535 { 2536 switch (env->excp_model) { 2537 #if defined(TARGET_PPC64) 2538 case POWERPC_EXCP_POWER7: 2539 p7_deliver_interrupt(env, interrupt); 2540 break; 2541 case POWERPC_EXCP_POWER8: 2542 p8_deliver_interrupt(env, interrupt); 2543 break; 2544 case POWERPC_EXCP_POWER9: 2545 case POWERPC_EXCP_POWER10: 2546 p9_deliver_interrupt(env, interrupt); 2547 break; 2548 #endif 2549 default: 2550 ppc_deliver_interrupt_generic(env, interrupt); 2551 } 2552 } 2553 2554 void ppc_cpu_do_system_reset(CPUState *cs) 2555 { 2556 PowerPCCPU *cpu = POWERPC_CPU(cs); 2557 2558 powerpc_excp(cpu, POWERPC_EXCP_RESET); 2559 } 2560 2561 void ppc_cpu_do_fwnmi_machine_check(CPUState *cs, target_ulong vector) 2562 { 2563 PowerPCCPU *cpu = POWERPC_CPU(cs); 2564 CPUPPCState *env = &cpu->env; 2565 target_ulong msr = 0; 2566 2567 /* 2568 * Set MSR and NIP for the handler, SRR0/1, DAR and DSISR have already 2569 * been set by KVM. 2570 */ 2571 msr = (1ULL << MSR_ME); 2572 msr |= env->msr & (1ULL << MSR_SF); 2573 if (ppc_interrupts_little_endian(cpu, false)) { 2574 msr |= (1ULL << MSR_LE); 2575 } 2576 2577 /* Anything for nested required here? MSR[HV] bit? */ 2578 2579 powerpc_set_excp_state(cpu, vector, msr); 2580 } 2581 2582 bool ppc_cpu_exec_interrupt(CPUState *cs, int interrupt_request) 2583 { 2584 PowerPCCPU *cpu = POWERPC_CPU(cs); 2585 CPUPPCState *env = &cpu->env; 2586 int interrupt; 2587 2588 if ((interrupt_request & CPU_INTERRUPT_HARD) == 0) { 2589 return false; 2590 } 2591 2592 interrupt = ppc_next_unmasked_interrupt(env); 2593 if (interrupt == 0) { 2594 return false; 2595 } 2596 2597 ppc_deliver_interrupt(env, interrupt); 2598 if (env->pending_interrupts == 0) { 2599 cpu_reset_interrupt(cs, CPU_INTERRUPT_HARD); 2600 } 2601 return true; 2602 } 2603 2604 #endif /* !CONFIG_USER_ONLY */ 2605 2606 /*****************************************************************************/ 2607 /* Exceptions processing helpers */ 2608 2609 void raise_exception_err_ra(CPUPPCState *env, uint32_t exception, 2610 uint32_t error_code, uintptr_t raddr) 2611 { 2612 CPUState *cs = env_cpu(env); 2613 2614 cs->exception_index = exception; 2615 env->error_code = error_code; 2616 cpu_loop_exit_restore(cs, raddr); 2617 } 2618 2619 void raise_exception_err(CPUPPCState *env, uint32_t exception, 2620 uint32_t error_code) 2621 { 2622 raise_exception_err_ra(env, exception, error_code, 0); 2623 } 2624 2625 void raise_exception(CPUPPCState *env, uint32_t exception) 2626 { 2627 raise_exception_err_ra(env, exception, 0, 0); 2628 } 2629 2630 void raise_exception_ra(CPUPPCState *env, uint32_t exception, 2631 uintptr_t raddr) 2632 { 2633 raise_exception_err_ra(env, exception, 0, raddr); 2634 } 2635 2636 #ifdef CONFIG_TCG 2637 void helper_raise_exception_err(CPUPPCState *env, uint32_t exception, 2638 uint32_t error_code) 2639 { 2640 raise_exception_err_ra(env, exception, error_code, 0); 2641 } 2642 2643 void helper_raise_exception(CPUPPCState *env, uint32_t exception) 2644 { 2645 raise_exception_err_ra(env, exception, 0, 0); 2646 } 2647 #endif 2648 2649 #if !defined(CONFIG_USER_ONLY) 2650 #ifdef CONFIG_TCG 2651 void helper_store_msr(CPUPPCState *env, target_ulong val) 2652 { 2653 uint32_t excp = hreg_store_msr(env, val, 0); 2654 2655 if (excp != 0) { 2656 cpu_interrupt_exittb(env_cpu(env)); 2657 raise_exception(env, excp); 2658 } 2659 } 2660 2661 void helper_ppc_maybe_interrupt(CPUPPCState *env) 2662 { 2663 ppc_maybe_interrupt(env); 2664 } 2665 2666 #if defined(TARGET_PPC64) 2667 void helper_scv(CPUPPCState *env, uint32_t lev) 2668 { 2669 if (env->spr[SPR_FSCR] & (1ull << FSCR_SCV)) { 2670 raise_exception_err(env, POWERPC_EXCP_SYSCALL_VECTORED, lev); 2671 } else { 2672 raise_exception_err(env, POWERPC_EXCP_FU, FSCR_IC_SCV); 2673 } 2674 } 2675 2676 void helper_pminsn(CPUPPCState *env, uint32_t insn) 2677 { 2678 CPUState *cs = env_cpu(env); 2679 2680 cs->halted = 1; 2681 2682 /* Condition for waking up at 0x100 */ 2683 env->resume_as_sreset = (insn != PPC_PM_STOP) || 2684 (env->spr[SPR_PSSCR] & PSSCR_EC); 2685 2686 ppc_maybe_interrupt(env); 2687 } 2688 #endif /* defined(TARGET_PPC64) */ 2689 2690 static void do_rfi(CPUPPCState *env, target_ulong nip, target_ulong msr) 2691 { 2692 /* MSR:POW cannot be set by any form of rfi */ 2693 msr &= ~(1ULL << MSR_POW); 2694 2695 /* MSR:TGPR cannot be set by any form of rfi */ 2696 if (env->flags & POWERPC_FLAG_TGPR) 2697 msr &= ~(1ULL << MSR_TGPR); 2698 2699 #if defined(TARGET_PPC64) 2700 /* Switching to 32-bit ? Crop the nip */ 2701 if (!msr_is_64bit(env, msr)) { 2702 nip = (uint32_t)nip; 2703 } 2704 #else 2705 nip = (uint32_t)nip; 2706 #endif 2707 /* XXX: beware: this is false if VLE is supported */ 2708 env->nip = nip & ~((target_ulong)0x00000003); 2709 hreg_store_msr(env, msr, 1); 2710 trace_ppc_excp_rfi(env->nip, env->msr); 2711 /* 2712 * No need to raise an exception here, as rfi is always the last 2713 * insn of a TB 2714 */ 2715 cpu_interrupt_exittb(env_cpu(env)); 2716 /* Reset the reservation */ 2717 env->reserve_addr = -1; 2718 2719 /* Context synchronizing: check if TCG TLB needs flush */ 2720 check_tlb_flush(env, false); 2721 } 2722 2723 void helper_rfi(CPUPPCState *env) 2724 { 2725 do_rfi(env, env->spr[SPR_SRR0], env->spr[SPR_SRR1] & 0xfffffffful); 2726 } 2727 2728 #if defined(TARGET_PPC64) 2729 void helper_rfid(CPUPPCState *env) 2730 { 2731 /* 2732 * The architecture defines a number of rules for which bits can 2733 * change but in practice, we handle this in hreg_store_msr() 2734 * which will be called by do_rfi(), so there is no need to filter 2735 * here 2736 */ 2737 do_rfi(env, env->spr[SPR_SRR0], env->spr[SPR_SRR1]); 2738 } 2739 2740 void helper_rfscv(CPUPPCState *env) 2741 { 2742 do_rfi(env, env->lr, env->ctr); 2743 } 2744 2745 void helper_hrfid(CPUPPCState *env) 2746 { 2747 do_rfi(env, env->spr[SPR_HSRR0], env->spr[SPR_HSRR1]); 2748 } 2749 #endif 2750 2751 #if defined(TARGET_PPC64) && !defined(CONFIG_USER_ONLY) 2752 void helper_rfebb(CPUPPCState *env, target_ulong s) 2753 { 2754 target_ulong msr = env->msr; 2755 2756 /* 2757 * Handling of BESCR bits 32:33 according to PowerISA v3.1: 2758 * 2759 * "If BESCR 32:33 != 0b00 the instruction is treated as if 2760 * the instruction form were invalid." 2761 */ 2762 if (env->spr[SPR_BESCR] & BESCR_INVALID) { 2763 raise_exception_err(env, POWERPC_EXCP_PROGRAM, 2764 POWERPC_EXCP_INVAL | POWERPC_EXCP_INVAL_INVAL); 2765 } 2766 2767 env->nip = env->spr[SPR_EBBRR]; 2768 2769 /* Switching to 32-bit ? Crop the nip */ 2770 if (!msr_is_64bit(env, msr)) { 2771 env->nip = (uint32_t)env->spr[SPR_EBBRR]; 2772 } 2773 2774 if (s) { 2775 env->spr[SPR_BESCR] |= BESCR_GE; 2776 } else { 2777 env->spr[SPR_BESCR] &= ~BESCR_GE; 2778 } 2779 } 2780 2781 /* 2782 * Triggers or queues an 'ebb_excp' EBB exception. All checks 2783 * but FSCR, HFSCR and msr_pr must be done beforehand. 2784 * 2785 * PowerISA v3.1 isn't clear about whether an EBB should be 2786 * postponed or cancelled if the EBB facility is unavailable. 2787 * Our assumption here is that the EBB is cancelled if both 2788 * FSCR and HFSCR EBB facilities aren't available. 2789 */ 2790 static void do_ebb(CPUPPCState *env, int ebb_excp) 2791 { 2792 PowerPCCPU *cpu = env_archcpu(env); 2793 2794 /* 2795 * FSCR_EBB and FSCR_IC_EBB are the same bits used with 2796 * HFSCR. 2797 */ 2798 helper_fscr_facility_check(env, FSCR_EBB, 0, FSCR_IC_EBB); 2799 helper_hfscr_facility_check(env, FSCR_EBB, "EBB", FSCR_IC_EBB); 2800 2801 if (ebb_excp == POWERPC_EXCP_PERFM_EBB) { 2802 env->spr[SPR_BESCR] |= BESCR_PMEO; 2803 } else if (ebb_excp == POWERPC_EXCP_EXTERNAL_EBB) { 2804 env->spr[SPR_BESCR] |= BESCR_EEO; 2805 } 2806 2807 if (FIELD_EX64(env->msr, MSR, PR)) { 2808 powerpc_excp(cpu, ebb_excp); 2809 } else { 2810 ppc_set_irq(cpu, PPC_INTERRUPT_EBB, 1); 2811 } 2812 } 2813 2814 void raise_ebb_perfm_exception(CPUPPCState *env) 2815 { 2816 bool perfm_ebb_enabled = env->spr[SPR_POWER_MMCR0] & MMCR0_EBE && 2817 env->spr[SPR_BESCR] & BESCR_PME && 2818 env->spr[SPR_BESCR] & BESCR_GE; 2819 2820 if (!perfm_ebb_enabled) { 2821 return; 2822 } 2823 2824 do_ebb(env, POWERPC_EXCP_PERFM_EBB); 2825 } 2826 #endif 2827 2828 /*****************************************************************************/ 2829 /* Embedded PowerPC specific helpers */ 2830 void helper_40x_rfci(CPUPPCState *env) 2831 { 2832 do_rfi(env, env->spr[SPR_40x_SRR2], env->spr[SPR_40x_SRR3]); 2833 } 2834 2835 void helper_rfci(CPUPPCState *env) 2836 { 2837 do_rfi(env, env->spr[SPR_BOOKE_CSRR0], env->spr[SPR_BOOKE_CSRR1]); 2838 } 2839 2840 void helper_rfdi(CPUPPCState *env) 2841 { 2842 /* FIXME: choose CSRR1 or DSRR1 based on cpu type */ 2843 do_rfi(env, env->spr[SPR_BOOKE_DSRR0], env->spr[SPR_BOOKE_DSRR1]); 2844 } 2845 2846 void helper_rfmci(CPUPPCState *env) 2847 { 2848 /* FIXME: choose CSRR1 or MCSRR1 based on cpu type */ 2849 do_rfi(env, env->spr[SPR_BOOKE_MCSRR0], env->spr[SPR_BOOKE_MCSRR1]); 2850 } 2851 #endif /* CONFIG_TCG */ 2852 #endif /* !defined(CONFIG_USER_ONLY) */ 2853 2854 #ifdef CONFIG_TCG 2855 void helper_tw(CPUPPCState *env, target_ulong arg1, target_ulong arg2, 2856 uint32_t flags) 2857 { 2858 if (!likely(!(((int32_t)arg1 < (int32_t)arg2 && (flags & 0x10)) || 2859 ((int32_t)arg1 > (int32_t)arg2 && (flags & 0x08)) || 2860 ((int32_t)arg1 == (int32_t)arg2 && (flags & 0x04)) || 2861 ((uint32_t)arg1 < (uint32_t)arg2 && (flags & 0x02)) || 2862 ((uint32_t)arg1 > (uint32_t)arg2 && (flags & 0x01))))) { 2863 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2864 POWERPC_EXCP_TRAP, GETPC()); 2865 } 2866 } 2867 2868 #if defined(TARGET_PPC64) 2869 void helper_td(CPUPPCState *env, target_ulong arg1, target_ulong arg2, 2870 uint32_t flags) 2871 { 2872 if (!likely(!(((int64_t)arg1 < (int64_t)arg2 && (flags & 0x10)) || 2873 ((int64_t)arg1 > (int64_t)arg2 && (flags & 0x08)) || 2874 ((int64_t)arg1 == (int64_t)arg2 && (flags & 0x04)) || 2875 ((uint64_t)arg1 < (uint64_t)arg2 && (flags & 0x02)) || 2876 ((uint64_t)arg1 > (uint64_t)arg2 && (flags & 0x01))))) { 2877 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2878 POWERPC_EXCP_TRAP, GETPC()); 2879 } 2880 } 2881 #endif 2882 #endif 2883 2884 #ifdef CONFIG_TCG 2885 static uint32_t helper_SIMON_LIKE_32_64(uint32_t x, uint64_t key, uint32_t lane) 2886 { 2887 const uint16_t c = 0xfffc; 2888 const uint64_t z0 = 0xfa2561cdf44ac398ULL; 2889 uint16_t z = 0, temp; 2890 uint16_t k[32], eff_k[32], xleft[33], xright[33], fxleft[32]; 2891 2892 for (int i = 3; i >= 0; i--) { 2893 k[i] = key & 0xffff; 2894 key >>= 16; 2895 } 2896 xleft[0] = x & 0xffff; 2897 xright[0] = (x >> 16) & 0xffff; 2898 2899 for (int i = 0; i < 28; i++) { 2900 z = (z0 >> (63 - i)) & 1; 2901 temp = ror16(k[i + 3], 3) ^ k[i + 1]; 2902 k[i + 4] = c ^ z ^ k[i] ^ temp ^ ror16(temp, 1); 2903 } 2904 2905 for (int i = 0; i < 8; i++) { 2906 eff_k[4 * i + 0] = k[4 * i + ((0 + lane) % 4)]; 2907 eff_k[4 * i + 1] = k[4 * i + ((1 + lane) % 4)]; 2908 eff_k[4 * i + 2] = k[4 * i + ((2 + lane) % 4)]; 2909 eff_k[4 * i + 3] = k[4 * i + ((3 + lane) % 4)]; 2910 } 2911 2912 for (int i = 0; i < 32; i++) { 2913 fxleft[i] = (rol16(xleft[i], 1) & 2914 rol16(xleft[i], 8)) ^ rol16(xleft[i], 2); 2915 xleft[i + 1] = xright[i] ^ fxleft[i] ^ eff_k[i]; 2916 xright[i + 1] = xleft[i]; 2917 } 2918 2919 return (((uint32_t)xright[32]) << 16) | xleft[32]; 2920 } 2921 2922 static uint64_t hash_digest(uint64_t ra, uint64_t rb, uint64_t key) 2923 { 2924 uint64_t stage0_h = 0ULL, stage0_l = 0ULL; 2925 uint64_t stage1_h, stage1_l; 2926 2927 for (int i = 0; i < 4; i++) { 2928 stage0_h |= ror64(rb & 0xff, 8 * (2 * i + 1)); 2929 stage0_h |= ((ra >> 32) & 0xff) << (8 * 2 * i); 2930 stage0_l |= ror64((rb >> 32) & 0xff, 8 * (2 * i + 1)); 2931 stage0_l |= (ra & 0xff) << (8 * 2 * i); 2932 rb >>= 8; 2933 ra >>= 8; 2934 } 2935 2936 stage1_h = (uint64_t)helper_SIMON_LIKE_32_64(stage0_h >> 32, key, 0) << 32; 2937 stage1_h |= helper_SIMON_LIKE_32_64(stage0_h, key, 1); 2938 stage1_l = (uint64_t)helper_SIMON_LIKE_32_64(stage0_l >> 32, key, 2) << 32; 2939 stage1_l |= helper_SIMON_LIKE_32_64(stage0_l, key, 3); 2940 2941 return stage1_h ^ stage1_l; 2942 } 2943 2944 static void do_hash(CPUPPCState *env, target_ulong ea, target_ulong ra, 2945 target_ulong rb, uint64_t key, bool store) 2946 { 2947 uint64_t calculated_hash = hash_digest(ra, rb, key), loaded_hash; 2948 2949 if (store) { 2950 cpu_stq_data_ra(env, ea, calculated_hash, GETPC()); 2951 } else { 2952 loaded_hash = cpu_ldq_data_ra(env, ea, GETPC()); 2953 if (loaded_hash != calculated_hash) { 2954 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2955 POWERPC_EXCP_TRAP, GETPC()); 2956 } 2957 } 2958 } 2959 2960 #include "qemu/guest-random.h" 2961 2962 #ifdef TARGET_PPC64 2963 #define HELPER_HASH(op, key, store, dexcr_aspect) \ 2964 void helper_##op(CPUPPCState *env, target_ulong ea, target_ulong ra, \ 2965 target_ulong rb) \ 2966 { \ 2967 if (env->msr & R_MSR_PR_MASK) { \ 2968 if (!(env->spr[SPR_DEXCR] & R_DEXCR_PRO_##dexcr_aspect##_MASK || \ 2969 env->spr[SPR_HDEXCR] & R_HDEXCR_ENF_##dexcr_aspect##_MASK)) \ 2970 return; \ 2971 } else if (!(env->msr & R_MSR_HV_MASK)) { \ 2972 if (!(env->spr[SPR_DEXCR] & R_DEXCR_PNH_##dexcr_aspect##_MASK || \ 2973 env->spr[SPR_HDEXCR] & R_HDEXCR_ENF_##dexcr_aspect##_MASK)) \ 2974 return; \ 2975 } else if (!(env->msr & R_MSR_S_MASK)) { \ 2976 if (!(env->spr[SPR_HDEXCR] & R_HDEXCR_HNU_##dexcr_aspect##_MASK)) \ 2977 return; \ 2978 } \ 2979 \ 2980 do_hash(env, ea, ra, rb, key, store); \ 2981 } 2982 #else 2983 #define HELPER_HASH(op, key, store, dexcr_aspect) \ 2984 void helper_##op(CPUPPCState *env, target_ulong ea, target_ulong ra, \ 2985 target_ulong rb) \ 2986 { \ 2987 do_hash(env, ea, ra, rb, key, store); \ 2988 } 2989 #endif /* TARGET_PPC64 */ 2990 2991 HELPER_HASH(HASHST, env->spr[SPR_HASHKEYR], true, NPHIE) 2992 HELPER_HASH(HASHCHK, env->spr[SPR_HASHKEYR], false, NPHIE) 2993 HELPER_HASH(HASHSTP, env->spr[SPR_HASHPKEYR], true, PHIE) 2994 HELPER_HASH(HASHCHKP, env->spr[SPR_HASHPKEYR], false, PHIE) 2995 #endif /* CONFIG_TCG */ 2996 2997 #if !defined(CONFIG_USER_ONLY) 2998 2999 #ifdef CONFIG_TCG 3000 3001 /* Embedded.Processor Control */ 3002 static int dbell2irq(target_ulong rb) 3003 { 3004 int msg = rb & DBELL_TYPE_MASK; 3005 int irq = -1; 3006 3007 switch (msg) { 3008 case DBELL_TYPE_DBELL: 3009 irq = PPC_INTERRUPT_DOORBELL; 3010 break; 3011 case DBELL_TYPE_DBELL_CRIT: 3012 irq = PPC_INTERRUPT_CDOORBELL; 3013 break; 3014 case DBELL_TYPE_G_DBELL: 3015 case DBELL_TYPE_G_DBELL_CRIT: 3016 case DBELL_TYPE_G_DBELL_MC: 3017 /* XXX implement */ 3018 default: 3019 break; 3020 } 3021 3022 return irq; 3023 } 3024 3025 void helper_msgclr(CPUPPCState *env, target_ulong rb) 3026 { 3027 int irq = dbell2irq(rb); 3028 3029 if (irq < 0) { 3030 return; 3031 } 3032 3033 ppc_set_irq(env_archcpu(env), irq, 0); 3034 } 3035 3036 void helper_msgsnd(target_ulong rb) 3037 { 3038 int irq = dbell2irq(rb); 3039 int pir = rb & DBELL_PIRTAG_MASK; 3040 CPUState *cs; 3041 3042 if (irq < 0) { 3043 return; 3044 } 3045 3046 qemu_mutex_lock_iothread(); 3047 CPU_FOREACH(cs) { 3048 PowerPCCPU *cpu = POWERPC_CPU(cs); 3049 CPUPPCState *cenv = &cpu->env; 3050 3051 if ((rb & DBELL_BRDCAST) || (cenv->spr[SPR_BOOKE_PIR] == pir)) { 3052 ppc_set_irq(cpu, irq, 1); 3053 } 3054 } 3055 qemu_mutex_unlock_iothread(); 3056 } 3057 3058 /* Server Processor Control */ 3059 3060 static bool dbell_type_server(target_ulong rb) 3061 { 3062 /* 3063 * A Directed Hypervisor Doorbell message is sent only if the 3064 * message type is 5. All other types are reserved and the 3065 * instruction is a no-op 3066 */ 3067 return (rb & DBELL_TYPE_MASK) == DBELL_TYPE_DBELL_SERVER; 3068 } 3069 3070 void helper_book3s_msgclr(CPUPPCState *env, target_ulong rb) 3071 { 3072 if (!dbell_type_server(rb)) { 3073 return; 3074 } 3075 3076 ppc_set_irq(env_archcpu(env), PPC_INTERRUPT_HDOORBELL, 0); 3077 } 3078 3079 static void book3s_msgsnd_common(int pir, int irq) 3080 { 3081 CPUState *cs; 3082 3083 qemu_mutex_lock_iothread(); 3084 CPU_FOREACH(cs) { 3085 PowerPCCPU *cpu = POWERPC_CPU(cs); 3086 CPUPPCState *cenv = &cpu->env; 3087 3088 /* TODO: broadcast message to all threads of the same processor */ 3089 if (cenv->spr_cb[SPR_PIR].default_value == pir) { 3090 ppc_set_irq(cpu, irq, 1); 3091 } 3092 } 3093 qemu_mutex_unlock_iothread(); 3094 } 3095 3096 void helper_book3s_msgsnd(target_ulong rb) 3097 { 3098 int pir = rb & DBELL_PROCIDTAG_MASK; 3099 3100 if (!dbell_type_server(rb)) { 3101 return; 3102 } 3103 3104 book3s_msgsnd_common(pir, PPC_INTERRUPT_HDOORBELL); 3105 } 3106 3107 #if defined(TARGET_PPC64) 3108 void helper_book3s_msgclrp(CPUPPCState *env, target_ulong rb) 3109 { 3110 helper_hfscr_facility_check(env, HFSCR_MSGP, "msgclrp", HFSCR_IC_MSGP); 3111 3112 if (!dbell_type_server(rb)) { 3113 return; 3114 } 3115 3116 ppc_set_irq(env_archcpu(env), PPC_INTERRUPT_DOORBELL, 0); 3117 } 3118 3119 /* 3120 * sends a message to another thread on the same 3121 * multi-threaded processor 3122 */ 3123 void helper_book3s_msgsndp(CPUPPCState *env, target_ulong rb) 3124 { 3125 CPUState *cs = env_cpu(env); 3126 PowerPCCPU *cpu = POWERPC_CPU(cs); 3127 CPUState *ccs; 3128 uint32_t nr_threads = cs->nr_threads; 3129 int ttir = rb & PPC_BITMASK(57, 63); 3130 3131 helper_hfscr_facility_check(env, HFSCR_MSGP, "msgsndp", HFSCR_IC_MSGP); 3132 3133 if (!dbell_type_server(rb) || ttir >= nr_threads) { 3134 return; 3135 } 3136 3137 if (nr_threads == 1) { 3138 ppc_set_irq(cpu, PPC_INTERRUPT_DOORBELL, 1); 3139 return; 3140 } 3141 3142 /* Does iothread need to be locked for walking CPU list? */ 3143 qemu_mutex_lock_iothread(); 3144 THREAD_SIBLING_FOREACH(cs, ccs) { 3145 PowerPCCPU *ccpu = POWERPC_CPU(ccs); 3146 uint32_t thread_id = ppc_cpu_tir(ccpu); 3147 3148 if (ttir == thread_id) { 3149 ppc_set_irq(ccpu, PPC_INTERRUPT_DOORBELL, 1); 3150 qemu_mutex_unlock_iothread(); 3151 return; 3152 } 3153 } 3154 3155 g_assert_not_reached(); 3156 } 3157 #endif /* TARGET_PPC64 */ 3158 3159 void ppc_cpu_do_unaligned_access(CPUState *cs, vaddr vaddr, 3160 MMUAccessType access_type, 3161 int mmu_idx, uintptr_t retaddr) 3162 { 3163 CPUPPCState *env = cs->env_ptr; 3164 uint32_t insn; 3165 3166 /* Restore state and reload the insn we executed, for filling in DSISR. */ 3167 cpu_restore_state(cs, retaddr); 3168 insn = ppc_ldl_code(env, env->nip); 3169 3170 switch (env->mmu_model) { 3171 case POWERPC_MMU_SOFT_4xx: 3172 env->spr[SPR_40x_DEAR] = vaddr; 3173 break; 3174 case POWERPC_MMU_BOOKE: 3175 case POWERPC_MMU_BOOKE206: 3176 env->spr[SPR_BOOKE_DEAR] = vaddr; 3177 break; 3178 default: 3179 env->spr[SPR_DAR] = vaddr; 3180 break; 3181 } 3182 3183 cs->exception_index = POWERPC_EXCP_ALIGN; 3184 env->error_code = insn & 0x03FF0000; 3185 cpu_loop_exit(cs); 3186 } 3187 #endif /* CONFIG_TCG */ 3188 #endif /* !CONFIG_USER_ONLY */ 3189