1 /* 2 * PowerPC exception emulation helpers for QEMU. 3 * 4 * Copyright (c) 2003-2007 Jocelyn Mayer 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2.1 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 18 */ 19 #include "qemu/osdep.h" 20 #include "qemu/main-loop.h" 21 #include "cpu.h" 22 #include "exec/exec-all.h" 23 #include "internal.h" 24 #include "helper_regs.h" 25 26 #include "trace.h" 27 28 #ifdef CONFIG_TCG 29 #include "exec/helper-proto.h" 30 #include "exec/cpu_ldst.h" 31 #endif 32 33 /*****************************************************************************/ 34 /* Exception processing */ 35 #if !defined(CONFIG_USER_ONLY) 36 37 static const char *powerpc_excp_name(int excp) 38 { 39 switch (excp) { 40 case POWERPC_EXCP_CRITICAL: return "CRITICAL"; 41 case POWERPC_EXCP_MCHECK: return "MCHECK"; 42 case POWERPC_EXCP_DSI: return "DSI"; 43 case POWERPC_EXCP_ISI: return "ISI"; 44 case POWERPC_EXCP_EXTERNAL: return "EXTERNAL"; 45 case POWERPC_EXCP_ALIGN: return "ALIGN"; 46 case POWERPC_EXCP_PROGRAM: return "PROGRAM"; 47 case POWERPC_EXCP_FPU: return "FPU"; 48 case POWERPC_EXCP_SYSCALL: return "SYSCALL"; 49 case POWERPC_EXCP_APU: return "APU"; 50 case POWERPC_EXCP_DECR: return "DECR"; 51 case POWERPC_EXCP_FIT: return "FIT"; 52 case POWERPC_EXCP_WDT: return "WDT"; 53 case POWERPC_EXCP_DTLB: return "DTLB"; 54 case POWERPC_EXCP_ITLB: return "ITLB"; 55 case POWERPC_EXCP_DEBUG: return "DEBUG"; 56 case POWERPC_EXCP_SPEU: return "SPEU"; 57 case POWERPC_EXCP_EFPDI: return "EFPDI"; 58 case POWERPC_EXCP_EFPRI: return "EFPRI"; 59 case POWERPC_EXCP_EPERFM: return "EPERFM"; 60 case POWERPC_EXCP_DOORI: return "DOORI"; 61 case POWERPC_EXCP_DOORCI: return "DOORCI"; 62 case POWERPC_EXCP_GDOORI: return "GDOORI"; 63 case POWERPC_EXCP_GDOORCI: return "GDOORCI"; 64 case POWERPC_EXCP_HYPPRIV: return "HYPPRIV"; 65 case POWERPC_EXCP_RESET: return "RESET"; 66 case POWERPC_EXCP_DSEG: return "DSEG"; 67 case POWERPC_EXCP_ISEG: return "ISEG"; 68 case POWERPC_EXCP_HDECR: return "HDECR"; 69 case POWERPC_EXCP_TRACE: return "TRACE"; 70 case POWERPC_EXCP_HDSI: return "HDSI"; 71 case POWERPC_EXCP_HISI: return "HISI"; 72 case POWERPC_EXCP_HDSEG: return "HDSEG"; 73 case POWERPC_EXCP_HISEG: return "HISEG"; 74 case POWERPC_EXCP_VPU: return "VPU"; 75 case POWERPC_EXCP_PIT: return "PIT"; 76 case POWERPC_EXCP_EMUL: return "EMUL"; 77 case POWERPC_EXCP_IFTLB: return "IFTLB"; 78 case POWERPC_EXCP_DLTLB: return "DLTLB"; 79 case POWERPC_EXCP_DSTLB: return "DSTLB"; 80 case POWERPC_EXCP_FPA: return "FPA"; 81 case POWERPC_EXCP_DABR: return "DABR"; 82 case POWERPC_EXCP_IABR: return "IABR"; 83 case POWERPC_EXCP_SMI: return "SMI"; 84 case POWERPC_EXCP_PERFM: return "PERFM"; 85 case POWERPC_EXCP_THERM: return "THERM"; 86 case POWERPC_EXCP_VPUA: return "VPUA"; 87 case POWERPC_EXCP_SOFTP: return "SOFTP"; 88 case POWERPC_EXCP_MAINT: return "MAINT"; 89 case POWERPC_EXCP_MEXTBR: return "MEXTBR"; 90 case POWERPC_EXCP_NMEXTBR: return "NMEXTBR"; 91 case POWERPC_EXCP_ITLBE: return "ITLBE"; 92 case POWERPC_EXCP_DTLBE: return "DTLBE"; 93 case POWERPC_EXCP_VSXU: return "VSXU"; 94 case POWERPC_EXCP_FU: return "FU"; 95 case POWERPC_EXCP_HV_EMU: return "HV_EMU"; 96 case POWERPC_EXCP_HV_MAINT: return "HV_MAINT"; 97 case POWERPC_EXCP_HV_FU: return "HV_FU"; 98 case POWERPC_EXCP_SDOOR: return "SDOOR"; 99 case POWERPC_EXCP_SDOOR_HV: return "SDOOR_HV"; 100 case POWERPC_EXCP_HVIRT: return "HVIRT"; 101 case POWERPC_EXCP_SYSCALL_VECTORED: return "SYSCALL_VECTORED"; 102 default: 103 g_assert_not_reached(); 104 } 105 } 106 107 static void dump_syscall(CPUPPCState *env) 108 { 109 qemu_log_mask(CPU_LOG_INT, "syscall r0=%016" PRIx64 110 " r3=%016" PRIx64 " r4=%016" PRIx64 " r5=%016" PRIx64 111 " r6=%016" PRIx64 " r7=%016" PRIx64 " r8=%016" PRIx64 112 " nip=" TARGET_FMT_lx "\n", 113 ppc_dump_gpr(env, 0), ppc_dump_gpr(env, 3), 114 ppc_dump_gpr(env, 4), ppc_dump_gpr(env, 5), 115 ppc_dump_gpr(env, 6), ppc_dump_gpr(env, 7), 116 ppc_dump_gpr(env, 8), env->nip); 117 } 118 119 static void dump_hcall(CPUPPCState *env) 120 { 121 qemu_log_mask(CPU_LOG_INT, "hypercall r3=%016" PRIx64 122 " r4=%016" PRIx64 " r5=%016" PRIx64 " r6=%016" PRIx64 123 " r7=%016" PRIx64 " r8=%016" PRIx64 " r9=%016" PRIx64 124 " r10=%016" PRIx64 " r11=%016" PRIx64 " r12=%016" PRIx64 125 " nip=" TARGET_FMT_lx "\n", 126 ppc_dump_gpr(env, 3), ppc_dump_gpr(env, 4), 127 ppc_dump_gpr(env, 5), ppc_dump_gpr(env, 6), 128 ppc_dump_gpr(env, 7), ppc_dump_gpr(env, 8), 129 ppc_dump_gpr(env, 9), ppc_dump_gpr(env, 10), 130 ppc_dump_gpr(env, 11), ppc_dump_gpr(env, 12), 131 env->nip); 132 } 133 134 static void ppc_excp_debug_sw_tlb(CPUPPCState *env, int excp) 135 { 136 const char *es; 137 target_ulong *miss, *cmp; 138 int en; 139 140 if (!qemu_loglevel_mask(CPU_LOG_MMU)) { 141 return; 142 } 143 144 if (excp == POWERPC_EXCP_IFTLB) { 145 es = "I"; 146 en = 'I'; 147 miss = &env->spr[SPR_IMISS]; 148 cmp = &env->spr[SPR_ICMP]; 149 } else { 150 if (excp == POWERPC_EXCP_DLTLB) { 151 es = "DL"; 152 } else { 153 es = "DS"; 154 } 155 en = 'D'; 156 miss = &env->spr[SPR_DMISS]; 157 cmp = &env->spr[SPR_DCMP]; 158 } 159 qemu_log("6xx %sTLB miss: %cM " TARGET_FMT_lx " %cC " 160 TARGET_FMT_lx " H1 " TARGET_FMT_lx " H2 " 161 TARGET_FMT_lx " %08x\n", es, en, *miss, en, *cmp, 162 env->spr[SPR_HASH1], env->spr[SPR_HASH2], 163 env->error_code); 164 } 165 166 #if defined(TARGET_PPC64) 167 static int powerpc_reset_wakeup(CPUState *cs, CPUPPCState *env, int excp, 168 target_ulong *msr) 169 { 170 /* We no longer are in a PM state */ 171 env->resume_as_sreset = false; 172 173 /* Pretend to be returning from doze always as we don't lose state */ 174 *msr |= SRR1_WS_NOLOSS; 175 176 /* Machine checks are sent normally */ 177 if (excp == POWERPC_EXCP_MCHECK) { 178 return excp; 179 } 180 switch (excp) { 181 case POWERPC_EXCP_RESET: 182 *msr |= SRR1_WAKERESET; 183 break; 184 case POWERPC_EXCP_EXTERNAL: 185 *msr |= SRR1_WAKEEE; 186 break; 187 case POWERPC_EXCP_DECR: 188 *msr |= SRR1_WAKEDEC; 189 break; 190 case POWERPC_EXCP_SDOOR: 191 *msr |= SRR1_WAKEDBELL; 192 break; 193 case POWERPC_EXCP_SDOOR_HV: 194 *msr |= SRR1_WAKEHDBELL; 195 break; 196 case POWERPC_EXCP_HV_MAINT: 197 *msr |= SRR1_WAKEHMI; 198 break; 199 case POWERPC_EXCP_HVIRT: 200 *msr |= SRR1_WAKEHVI; 201 break; 202 default: 203 cpu_abort(cs, "Unsupported exception %d in Power Save mode\n", 204 excp); 205 } 206 return POWERPC_EXCP_RESET; 207 } 208 209 /* 210 * AIL - Alternate Interrupt Location, a mode that allows interrupts to be 211 * taken with the MMU on, and which uses an alternate location (e.g., so the 212 * kernel/hv can map the vectors there with an effective address). 213 * 214 * An interrupt is considered to be taken "with AIL" or "AIL applies" if they 215 * are delivered in this way. AIL requires the LPCR to be set to enable this 216 * mode, and then a number of conditions have to be true for AIL to apply. 217 * 218 * First of all, SRESET, MCE, and HMI are always delivered without AIL, because 219 * they specifically want to be in real mode (e.g., the MCE might be signaling 220 * a SLB multi-hit which requires SLB flush before the MMU can be enabled). 221 * 222 * After that, behaviour depends on the current MSR[IR], MSR[DR], MSR[HV], 223 * whether or not the interrupt changes MSR[HV] from 0 to 1, and the current 224 * radix mode (LPCR[HR]). 225 * 226 * POWER8, POWER9 with LPCR[HR]=0 227 * | LPCR[AIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 228 * +-----------+-------------+---------+-------------+-----+ 229 * | a | 00/01/10 | x | x | 0 | 230 * | a | 11 | 0 | 1 | 0 | 231 * | a | 11 | 1 | 1 | a | 232 * | a | 11 | 0 | 0 | a | 233 * +-------------------------------------------------------+ 234 * 235 * POWER9 with LPCR[HR]=1 236 * | LPCR[AIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 237 * +-----------+-------------+---------+-------------+-----+ 238 * | a | 00/01/10 | x | x | 0 | 239 * | a | 11 | x | x | a | 240 * +-------------------------------------------------------+ 241 * 242 * The difference with POWER9 being that MSR[HV] 0->1 interrupts can be sent to 243 * the hypervisor in AIL mode if the guest is radix. This is good for 244 * performance but allows the guest to influence the AIL of hypervisor 245 * interrupts using its MSR, and also the hypervisor must disallow guest 246 * interrupts (MSR[HV] 0->0) from using AIL if the hypervisor does not want to 247 * use AIL for its MSR[HV] 0->1 interrupts. 248 * 249 * POWER10 addresses those issues with a new LPCR[HAIL] bit that is applied to 250 * interrupts that begin execution with MSR[HV]=1 (so both MSR[HV] 0->1 and 251 * MSR[HV] 1->1). 252 * 253 * HAIL=1 is equivalent to AIL=3, for interrupts delivered with MSR[HV]=1. 254 * 255 * POWER10 behaviour is 256 * | LPCR[AIL] | LPCR[HAIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 257 * +-----------+------------+-------------+---------+-------------+-----+ 258 * | a | h | 00/01/10 | 0 | 0 | 0 | 259 * | a | h | 11 | 0 | 0 | a | 260 * | a | h | x | 0 | 1 | h | 261 * | a | h | 00/01/10 | 1 | 1 | 0 | 262 * | a | h | 11 | 1 | 1 | h | 263 * +--------------------------------------------------------------------+ 264 */ 265 static void ppc_excp_apply_ail(PowerPCCPU *cpu, int excp, target_ulong msr, 266 target_ulong *new_msr, target_ulong *vector) 267 { 268 PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cpu); 269 CPUPPCState *env = &cpu->env; 270 bool mmu_all_on = ((msr >> MSR_IR) & 1) && ((msr >> MSR_DR) & 1); 271 bool hv_escalation = !(msr & MSR_HVB) && (*new_msr & MSR_HVB); 272 int ail = 0; 273 274 if (excp == POWERPC_EXCP_MCHECK || 275 excp == POWERPC_EXCP_RESET || 276 excp == POWERPC_EXCP_HV_MAINT) { 277 /* SRESET, MCE, HMI never apply AIL */ 278 return; 279 } 280 281 if (!(pcc->lpcr_mask & LPCR_AIL)) { 282 /* This CPU does not have AIL */ 283 return; 284 } 285 286 /* P8 & P9 */ 287 if (!(pcc->lpcr_mask & LPCR_HAIL)) { 288 if (!mmu_all_on) { 289 /* AIL only works if MSR[IR] and MSR[DR] are both enabled. */ 290 return; 291 } 292 if (hv_escalation && !(env->spr[SPR_LPCR] & LPCR_HR)) { 293 /* 294 * AIL does not work if there is a MSR[HV] 0->1 transition and the 295 * partition is in HPT mode. For radix guests, such interrupts are 296 * allowed to be delivered to the hypervisor in ail mode. 297 */ 298 return; 299 } 300 301 ail = (env->spr[SPR_LPCR] & LPCR_AIL) >> LPCR_AIL_SHIFT; 302 if (ail == 0) { 303 return; 304 } 305 if (ail == 1) { 306 /* AIL=1 is reserved, treat it like AIL=0 */ 307 return; 308 } 309 310 /* P10 and up */ 311 } else { 312 if (!mmu_all_on && !hv_escalation) { 313 /* 314 * AIL works for HV interrupts even with guest MSR[IR/DR] disabled. 315 * Guest->guest and HV->HV interrupts do require MMU on. 316 */ 317 return; 318 } 319 320 if (*new_msr & MSR_HVB) { 321 if (!(env->spr[SPR_LPCR] & LPCR_HAIL)) { 322 /* HV interrupts depend on LPCR[HAIL] */ 323 return; 324 } 325 ail = 3; /* HAIL=1 gives AIL=3 behaviour for HV interrupts */ 326 } else { 327 ail = (env->spr[SPR_LPCR] & LPCR_AIL) >> LPCR_AIL_SHIFT; 328 } 329 if (ail == 0) { 330 return; 331 } 332 if (ail == 1 || ail == 2) { 333 /* AIL=1 and AIL=2 are reserved, treat them like AIL=0 */ 334 return; 335 } 336 } 337 338 /* 339 * AIL applies, so the new MSR gets IR and DR set, and an offset applied 340 * to the new IP. 341 */ 342 *new_msr |= (1 << MSR_IR) | (1 << MSR_DR); 343 344 if (excp != POWERPC_EXCP_SYSCALL_VECTORED) { 345 if (ail == 2) { 346 *vector |= 0x0000000000018000ull; 347 } else if (ail == 3) { 348 *vector |= 0xc000000000004000ull; 349 } 350 } else { 351 /* 352 * scv AIL is a little different. AIL=2 does not change the address, 353 * only the MSR. AIL=3 replaces the 0x17000 base with 0xc...3000. 354 */ 355 if (ail == 3) { 356 *vector &= ~0x0000000000017000ull; /* Un-apply the base offset */ 357 *vector |= 0xc000000000003000ull; /* Apply scv's AIL=3 offset */ 358 } 359 } 360 } 361 #endif 362 363 static void powerpc_reset_excp_state(PowerPCCPU *cpu) 364 { 365 CPUState *cs = CPU(cpu); 366 CPUPPCState *env = &cpu->env; 367 368 /* Reset exception state */ 369 cs->exception_index = POWERPC_EXCP_NONE; 370 env->error_code = 0; 371 } 372 373 static void powerpc_set_excp_state(PowerPCCPU *cpu, target_ulong vector, 374 target_ulong msr) 375 { 376 CPUPPCState *env = &cpu->env; 377 378 assert((msr & env->msr_mask) == msr); 379 380 /* 381 * We don't use hreg_store_msr here as already have treated any 382 * special case that could occur. Just store MSR and update hflags 383 * 384 * Note: We *MUST* not use hreg_store_msr() as-is anyway because it 385 * will prevent setting of the HV bit which some exceptions might need 386 * to do. 387 */ 388 env->nip = vector; 389 env->msr = msr; 390 hreg_compute_hflags(env); 391 392 powerpc_reset_excp_state(cpu); 393 394 /* 395 * Any interrupt is context synchronizing, check if TCG TLB needs 396 * a delayed flush on ppc64 397 */ 398 check_tlb_flush(env, false); 399 400 /* Reset the reservation */ 401 env->reserve_addr = -1; 402 } 403 404 static void powerpc_excp_40x(PowerPCCPU *cpu, int excp) 405 { 406 CPUState *cs = CPU(cpu); 407 CPUPPCState *env = &cpu->env; 408 target_ulong msr, new_msr, vector; 409 int srr0, srr1; 410 411 /* new srr1 value excluding must-be-zero bits */ 412 msr = env->msr & ~0x783f0000ULL; 413 414 /* 415 * new interrupt handler msr preserves existing ME unless 416 * explicitly overriden. 417 */ 418 new_msr = env->msr & (((target_ulong)1 << MSR_ME)); 419 420 /* target registers */ 421 srr0 = SPR_SRR0; 422 srr1 = SPR_SRR1; 423 424 /* 425 * Hypervisor emulation assistance interrupt only exists on server 426 * arch 2.05 server or later. 427 */ 428 if (excp == POWERPC_EXCP_HV_EMU) { 429 excp = POWERPC_EXCP_PROGRAM; 430 } 431 432 vector = env->excp_vectors[excp]; 433 if (vector == (target_ulong)-1ULL) { 434 cpu_abort(cs, "Raised an exception without defined vector %d\n", 435 excp); 436 } 437 438 vector |= env->excp_prefix; 439 440 switch (excp) { 441 case POWERPC_EXCP_CRITICAL: /* Critical input */ 442 srr0 = SPR_40x_SRR2; 443 srr1 = SPR_40x_SRR3; 444 break; 445 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 446 if (msr_me == 0) { 447 /* 448 * Machine check exception is not enabled. Enter 449 * checkstop state. 450 */ 451 fprintf(stderr, "Machine check while not allowed. " 452 "Entering checkstop state\n"); 453 if (qemu_log_separate()) { 454 qemu_log("Machine check while not allowed. " 455 "Entering checkstop state\n"); 456 } 457 cs->halted = 1; 458 cpu_interrupt_exittb(cs); 459 } 460 461 /* machine check exceptions don't have ME set */ 462 new_msr &= ~((target_ulong)1 << MSR_ME); 463 464 srr0 = SPR_40x_SRR2; 465 srr1 = SPR_40x_SRR3; 466 break; 467 case POWERPC_EXCP_DSI: /* Data storage exception */ 468 trace_ppc_excp_dsi(env->spr[SPR_40x_ESR], env->spr[SPR_40x_DEAR]); 469 break; 470 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 471 trace_ppc_excp_isi(msr, env->nip); 472 break; 473 case POWERPC_EXCP_EXTERNAL: /* External input */ 474 break; 475 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 476 break; 477 case POWERPC_EXCP_PROGRAM: /* Program exception */ 478 switch (env->error_code & ~0xF) { 479 case POWERPC_EXCP_FP: 480 if ((msr_fe0 == 0 && msr_fe1 == 0) || msr_fp == 0) { 481 trace_ppc_excp_fp_ignore(); 482 powerpc_reset_excp_state(cpu); 483 return; 484 } 485 env->spr[SPR_40x_ESR] = ESR_FP; 486 break; 487 case POWERPC_EXCP_INVAL: 488 trace_ppc_excp_inval(env->nip); 489 env->spr[SPR_40x_ESR] = ESR_PIL; 490 break; 491 case POWERPC_EXCP_PRIV: 492 env->spr[SPR_40x_ESR] = ESR_PPR; 493 break; 494 case POWERPC_EXCP_TRAP: 495 env->spr[SPR_40x_ESR] = ESR_PTR; 496 break; 497 default: 498 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 499 env->error_code); 500 break; 501 } 502 break; 503 case POWERPC_EXCP_SYSCALL: /* System call exception */ 504 dump_syscall(env); 505 506 /* 507 * We need to correct the NIP which in this case is supposed 508 * to point to the next instruction 509 */ 510 env->nip += 4; 511 break; 512 case POWERPC_EXCP_FIT: /* Fixed-interval timer interrupt */ 513 trace_ppc_excp_print("FIT"); 514 break; 515 case POWERPC_EXCP_WDT: /* Watchdog timer interrupt */ 516 trace_ppc_excp_print("WDT"); 517 break; 518 case POWERPC_EXCP_DTLB: /* Data TLB error */ 519 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 520 break; 521 case POWERPC_EXCP_PIT: /* Programmable interval timer interrupt */ 522 trace_ppc_excp_print("PIT"); 523 break; 524 case POWERPC_EXCP_DEBUG: /* Debug interrupt */ 525 cpu_abort(cs, "%s exception not implemented\n", 526 powerpc_excp_name(excp)); 527 break; 528 default: 529 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 530 break; 531 } 532 533 /* Save PC */ 534 env->spr[srr0] = env->nip; 535 536 /* Save MSR */ 537 env->spr[srr1] = msr; 538 539 powerpc_set_excp_state(cpu, vector, new_msr); 540 } 541 542 static void powerpc_excp_6xx(PowerPCCPU *cpu, int excp) 543 { 544 CPUState *cs = CPU(cpu); 545 CPUPPCState *env = &cpu->env; 546 target_ulong msr, new_msr, vector; 547 548 /* new srr1 value excluding must-be-zero bits */ 549 msr = env->msr & ~0x783f0000ULL; 550 551 /* 552 * new interrupt handler msr preserves existing ME unless 553 * explicitly overriden 554 */ 555 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 556 557 /* 558 * Hypervisor emulation assistance interrupt only exists on server 559 * arch 2.05 server or later. 560 */ 561 if (excp == POWERPC_EXCP_HV_EMU) { 562 excp = POWERPC_EXCP_PROGRAM; 563 } 564 565 vector = env->excp_vectors[excp]; 566 if (vector == (target_ulong)-1ULL) { 567 cpu_abort(cs, "Raised an exception without defined vector %d\n", 568 excp); 569 } 570 571 vector |= env->excp_prefix; 572 573 switch (excp) { 574 case POWERPC_EXCP_CRITICAL: /* Critical input */ 575 break; 576 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 577 if (msr_me == 0) { 578 /* 579 * Machine check exception is not enabled. Enter 580 * checkstop state. 581 */ 582 fprintf(stderr, "Machine check while not allowed. " 583 "Entering checkstop state\n"); 584 if (qemu_log_separate()) { 585 qemu_log("Machine check while not allowed. " 586 "Entering checkstop state\n"); 587 } 588 cs->halted = 1; 589 cpu_interrupt_exittb(cs); 590 } 591 592 /* machine check exceptions don't have ME set */ 593 new_msr &= ~((target_ulong)1 << MSR_ME); 594 595 break; 596 case POWERPC_EXCP_DSI: /* Data storage exception */ 597 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 598 break; 599 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 600 trace_ppc_excp_isi(msr, env->nip); 601 msr |= env->error_code; 602 break; 603 case POWERPC_EXCP_EXTERNAL: /* External input */ 604 break; 605 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 606 /* Get rS/rD and rA from faulting opcode */ 607 /* 608 * Note: the opcode fields will not be set properly for a 609 * direct store load/store, but nobody cares as nobody 610 * actually uses direct store segments. 611 */ 612 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 613 break; 614 case POWERPC_EXCP_PROGRAM: /* Program exception */ 615 switch (env->error_code & ~0xF) { 616 case POWERPC_EXCP_FP: 617 if ((msr_fe0 == 0 && msr_fe1 == 0) || msr_fp == 0) { 618 trace_ppc_excp_fp_ignore(); 619 powerpc_reset_excp_state(cpu); 620 return; 621 } 622 623 /* 624 * FP exceptions always have NIP pointing to the faulting 625 * instruction, so always use store_next and claim we are 626 * precise in the MSR. 627 */ 628 msr |= 0x00100000; 629 break; 630 case POWERPC_EXCP_INVAL: 631 trace_ppc_excp_inval(env->nip); 632 msr |= 0x00080000; 633 break; 634 case POWERPC_EXCP_PRIV: 635 msr |= 0x00040000; 636 break; 637 case POWERPC_EXCP_TRAP: 638 msr |= 0x00020000; 639 break; 640 default: 641 /* Should never occur */ 642 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 643 env->error_code); 644 break; 645 } 646 break; 647 case POWERPC_EXCP_SYSCALL: /* System call exception */ 648 dump_syscall(env); 649 650 /* 651 * We need to correct the NIP which in this case is supposed 652 * to point to the next instruction 653 */ 654 env->nip += 4; 655 break; 656 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 657 case POWERPC_EXCP_DECR: /* Decrementer exception */ 658 break; 659 case POWERPC_EXCP_DTLB: /* Data TLB error */ 660 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 661 break; 662 case POWERPC_EXCP_RESET: /* System reset exception */ 663 if (msr_pow) { 664 cpu_abort(cs, "Trying to deliver power-saving system reset " 665 "exception %d with no HV support\n", excp); 666 } 667 break; 668 case POWERPC_EXCP_TRACE: /* Trace exception */ 669 break; 670 case POWERPC_EXCP_IFTLB: /* Instruction fetch TLB error */ 671 case POWERPC_EXCP_DLTLB: /* Data load TLB miss */ 672 case POWERPC_EXCP_DSTLB: /* Data store TLB miss */ 673 /* Swap temporary saved registers with GPRs */ 674 if (!(new_msr & ((target_ulong)1 << MSR_TGPR))) { 675 new_msr |= (target_ulong)1 << MSR_TGPR; 676 hreg_swap_gpr_tgpr(env); 677 } 678 679 ppc_excp_debug_sw_tlb(env, excp); 680 681 msr |= env->crf[0] << 28; 682 msr |= env->error_code; /* key, D/I, S/L bits */ 683 /* Set way using a LRU mechanism */ 684 msr |= ((env->last_way + 1) & (env->nb_ways - 1)) << 17; 685 break; 686 case POWERPC_EXCP_FPA: /* Floating-point assist exception */ 687 case POWERPC_EXCP_DABR: /* Data address breakpoint */ 688 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 689 case POWERPC_EXCP_SMI: /* System management interrupt */ 690 case POWERPC_EXCP_MEXTBR: /* Maskable external breakpoint */ 691 case POWERPC_EXCP_NMEXTBR: /* Non maskable external breakpoint */ 692 cpu_abort(cs, "%s exception not implemented\n", 693 powerpc_excp_name(excp)); 694 break; 695 default: 696 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 697 break; 698 } 699 700 /* 701 * Sort out endianness of interrupt, this differs depending on the 702 * CPU, the HV mode, etc... 703 */ 704 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 705 new_msr |= (target_ulong)1 << MSR_LE; 706 } 707 708 /* Save PC */ 709 env->spr[SPR_SRR0] = env->nip; 710 711 /* Save MSR */ 712 env->spr[SPR_SRR1] = msr; 713 714 powerpc_set_excp_state(cpu, vector, new_msr); 715 } 716 717 static void powerpc_excp_7xx(PowerPCCPU *cpu, int excp) 718 { 719 CPUState *cs = CPU(cpu); 720 CPUPPCState *env = &cpu->env; 721 target_ulong msr, new_msr, vector; 722 723 /* new srr1 value excluding must-be-zero bits */ 724 msr = env->msr & ~0x783f0000ULL; 725 726 /* 727 * new interrupt handler msr preserves existing ME unless 728 * explicitly overriden 729 */ 730 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 731 732 /* 733 * Hypervisor emulation assistance interrupt only exists on server 734 * arch 2.05 server or later. 735 */ 736 if (excp == POWERPC_EXCP_HV_EMU) { 737 excp = POWERPC_EXCP_PROGRAM; 738 } 739 740 vector = env->excp_vectors[excp]; 741 if (vector == (target_ulong)-1ULL) { 742 cpu_abort(cs, "Raised an exception without defined vector %d\n", 743 excp); 744 } 745 746 vector |= env->excp_prefix; 747 748 switch (excp) { 749 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 750 if (msr_me == 0) { 751 /* 752 * Machine check exception is not enabled. Enter 753 * checkstop state. 754 */ 755 fprintf(stderr, "Machine check while not allowed. " 756 "Entering checkstop state\n"); 757 if (qemu_log_separate()) { 758 qemu_log("Machine check while not allowed. " 759 "Entering checkstop state\n"); 760 } 761 cs->halted = 1; 762 cpu_interrupt_exittb(cs); 763 } 764 765 /* machine check exceptions don't have ME set */ 766 new_msr &= ~((target_ulong)1 << MSR_ME); 767 768 break; 769 case POWERPC_EXCP_DSI: /* Data storage exception */ 770 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 771 break; 772 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 773 trace_ppc_excp_isi(msr, env->nip); 774 msr |= env->error_code; 775 break; 776 case POWERPC_EXCP_EXTERNAL: /* External input */ 777 break; 778 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 779 /* Get rS/rD and rA from faulting opcode */ 780 /* 781 * Note: the opcode fields will not be set properly for a 782 * direct store load/store, but nobody cares as nobody 783 * actually uses direct store segments. 784 */ 785 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 786 break; 787 case POWERPC_EXCP_PROGRAM: /* Program exception */ 788 switch (env->error_code & ~0xF) { 789 case POWERPC_EXCP_FP: 790 if ((msr_fe0 == 0 && msr_fe1 == 0) || msr_fp == 0) { 791 trace_ppc_excp_fp_ignore(); 792 powerpc_reset_excp_state(cpu); 793 return; 794 } 795 796 /* 797 * FP exceptions always have NIP pointing to the faulting 798 * instruction, so always use store_next and claim we are 799 * precise in the MSR. 800 */ 801 msr |= 0x00100000; 802 break; 803 case POWERPC_EXCP_INVAL: 804 trace_ppc_excp_inval(env->nip); 805 msr |= 0x00080000; 806 break; 807 case POWERPC_EXCP_PRIV: 808 msr |= 0x00040000; 809 break; 810 case POWERPC_EXCP_TRAP: 811 msr |= 0x00020000; 812 break; 813 default: 814 /* Should never occur */ 815 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 816 env->error_code); 817 break; 818 } 819 break; 820 case POWERPC_EXCP_SYSCALL: /* System call exception */ 821 { 822 int lev = env->error_code; 823 824 if (lev == 1 && cpu->vhyp) { 825 dump_hcall(env); 826 } else { 827 dump_syscall(env); 828 } 829 830 /* 831 * We need to correct the NIP which in this case is supposed 832 * to point to the next instruction 833 */ 834 env->nip += 4; 835 836 /* 837 * The Virtual Open Firmware (VOF) relies on the 'sc 1' 838 * instruction to communicate with QEMU. The pegasos2 machine 839 * uses VOF and the 7xx CPUs, so although the 7xx don't have 840 * HV mode, we need to keep hypercall support. 841 */ 842 if (lev == 1 && cpu->vhyp) { 843 PPCVirtualHypervisorClass *vhc = 844 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 845 vhc->hypercall(cpu->vhyp, cpu); 846 return; 847 } 848 849 break; 850 } 851 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 852 case POWERPC_EXCP_DECR: /* Decrementer exception */ 853 break; 854 case POWERPC_EXCP_RESET: /* System reset exception */ 855 if (msr_pow) { 856 cpu_abort(cs, "Trying to deliver power-saving system reset " 857 "exception %d with no HV support\n", excp); 858 } 859 break; 860 case POWERPC_EXCP_TRACE: /* Trace exception */ 861 break; 862 case POWERPC_EXCP_IFTLB: /* Instruction fetch TLB error */ 863 case POWERPC_EXCP_DLTLB: /* Data load TLB miss */ 864 case POWERPC_EXCP_DSTLB: /* Data store TLB miss */ 865 ppc_excp_debug_sw_tlb(env, excp); 866 867 msr |= env->crf[0] << 28; 868 msr |= env->error_code; /* key, D/I, S/L bits */ 869 /* Set way using a LRU mechanism */ 870 msr |= ((env->last_way + 1) & (env->nb_ways - 1)) << 17; 871 872 break; 873 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 874 case POWERPC_EXCP_SMI: /* System management interrupt */ 875 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 876 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 877 cpu_abort(cs, "%s exception not implemented\n", 878 powerpc_excp_name(excp)); 879 break; 880 default: 881 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 882 break; 883 } 884 885 /* 886 * Sort out endianness of interrupt, this differs depending on the 887 * CPU, the HV mode, etc... 888 */ 889 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 890 new_msr |= (target_ulong)1 << MSR_LE; 891 } 892 893 /* Save PC */ 894 env->spr[SPR_SRR0] = env->nip; 895 896 /* Save MSR */ 897 env->spr[SPR_SRR1] = msr; 898 899 powerpc_set_excp_state(cpu, vector, new_msr); 900 } 901 902 static void powerpc_excp_74xx(PowerPCCPU *cpu, int excp) 903 { 904 CPUState *cs = CPU(cpu); 905 CPUPPCState *env = &cpu->env; 906 target_ulong msr, new_msr, vector; 907 908 /* new srr1 value excluding must-be-zero bits */ 909 msr = env->msr & ~0x783f0000ULL; 910 911 /* 912 * new interrupt handler msr preserves existing ME unless 913 * explicitly overriden 914 */ 915 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 916 917 /* 918 * Hypervisor emulation assistance interrupt only exists on server 919 * arch 2.05 server or later. 920 */ 921 if (excp == POWERPC_EXCP_HV_EMU) { 922 excp = POWERPC_EXCP_PROGRAM; 923 } 924 925 vector = env->excp_vectors[excp]; 926 if (vector == (target_ulong)-1ULL) { 927 cpu_abort(cs, "Raised an exception without defined vector %d\n", 928 excp); 929 } 930 931 vector |= env->excp_prefix; 932 933 switch (excp) { 934 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 935 if (msr_me == 0) { 936 /* 937 * Machine check exception is not enabled. Enter 938 * checkstop state. 939 */ 940 fprintf(stderr, "Machine check while not allowed. " 941 "Entering checkstop state\n"); 942 if (qemu_log_separate()) { 943 qemu_log("Machine check while not allowed. " 944 "Entering checkstop state\n"); 945 } 946 cs->halted = 1; 947 cpu_interrupt_exittb(cs); 948 } 949 950 /* machine check exceptions don't have ME set */ 951 new_msr &= ~((target_ulong)1 << MSR_ME); 952 953 break; 954 case POWERPC_EXCP_DSI: /* Data storage exception */ 955 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 956 break; 957 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 958 trace_ppc_excp_isi(msr, env->nip); 959 msr |= env->error_code; 960 break; 961 case POWERPC_EXCP_EXTERNAL: /* External input */ 962 break; 963 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 964 /* Get rS/rD and rA from faulting opcode */ 965 /* 966 * Note: the opcode fields will not be set properly for a 967 * direct store load/store, but nobody cares as nobody 968 * actually uses direct store segments. 969 */ 970 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 971 break; 972 case POWERPC_EXCP_PROGRAM: /* Program exception */ 973 switch (env->error_code & ~0xF) { 974 case POWERPC_EXCP_FP: 975 if ((msr_fe0 == 0 && msr_fe1 == 0) || msr_fp == 0) { 976 trace_ppc_excp_fp_ignore(); 977 powerpc_reset_excp_state(cpu); 978 return; 979 } 980 981 /* 982 * FP exceptions always have NIP pointing to the faulting 983 * instruction, so always use store_next and claim we are 984 * precise in the MSR. 985 */ 986 msr |= 0x00100000; 987 break; 988 case POWERPC_EXCP_INVAL: 989 trace_ppc_excp_inval(env->nip); 990 msr |= 0x00080000; 991 break; 992 case POWERPC_EXCP_PRIV: 993 msr |= 0x00040000; 994 break; 995 case POWERPC_EXCP_TRAP: 996 msr |= 0x00020000; 997 break; 998 default: 999 /* Should never occur */ 1000 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 1001 env->error_code); 1002 break; 1003 } 1004 break; 1005 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1006 { 1007 int lev = env->error_code; 1008 1009 if ((lev == 1) && cpu->vhyp) { 1010 dump_hcall(env); 1011 } else { 1012 dump_syscall(env); 1013 } 1014 1015 /* 1016 * We need to correct the NIP which in this case is supposed 1017 * to point to the next instruction 1018 */ 1019 env->nip += 4; 1020 1021 /* 1022 * The Virtual Open Firmware (VOF) relies on the 'sc 1' 1023 * instruction to communicate with QEMU. The pegasos2 machine 1024 * uses VOF and the 74xx CPUs, so although the 74xx don't have 1025 * HV mode, we need to keep hypercall support. 1026 */ 1027 if ((lev == 1) && cpu->vhyp) { 1028 PPCVirtualHypervisorClass *vhc = 1029 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 1030 vhc->hypercall(cpu->vhyp, cpu); 1031 return; 1032 } 1033 1034 break; 1035 } 1036 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1037 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1038 break; 1039 case POWERPC_EXCP_RESET: /* System reset exception */ 1040 if (msr_pow) { 1041 cpu_abort(cs, "Trying to deliver power-saving system reset " 1042 "exception %d with no HV support\n", excp); 1043 } 1044 break; 1045 case POWERPC_EXCP_TRACE: /* Trace exception */ 1046 break; 1047 case POWERPC_EXCP_VPU: /* Vector unavailable exception */ 1048 break; 1049 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 1050 case POWERPC_EXCP_SMI: /* System management interrupt */ 1051 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 1052 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 1053 case POWERPC_EXCP_VPUA: /* Vector assist exception */ 1054 cpu_abort(cs, "%s exception not implemented\n", 1055 powerpc_excp_name(excp)); 1056 break; 1057 default: 1058 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1059 break; 1060 } 1061 1062 /* 1063 * Sort out endianness of interrupt, this differs depending on the 1064 * CPU, the HV mode, etc... 1065 */ 1066 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 1067 new_msr |= (target_ulong)1 << MSR_LE; 1068 } 1069 1070 /* Save PC */ 1071 env->spr[SPR_SRR0] = env->nip; 1072 1073 /* Save MSR */ 1074 env->spr[SPR_SRR1] = msr; 1075 1076 powerpc_set_excp_state(cpu, vector, new_msr); 1077 } 1078 1079 static void powerpc_excp_booke(PowerPCCPU *cpu, int excp) 1080 { 1081 CPUState *cs = CPU(cpu); 1082 CPUPPCState *env = &cpu->env; 1083 target_ulong msr, new_msr, vector; 1084 int srr0, srr1; 1085 1086 msr = env->msr; 1087 1088 /* 1089 * new interrupt handler msr preserves existing ME unless 1090 * explicitly overriden 1091 */ 1092 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 1093 1094 /* target registers */ 1095 srr0 = SPR_SRR0; 1096 srr1 = SPR_SRR1; 1097 1098 /* 1099 * Hypervisor emulation assistance interrupt only exists on server 1100 * arch 2.05 server or later. 1101 */ 1102 if (excp == POWERPC_EXCP_HV_EMU) { 1103 excp = POWERPC_EXCP_PROGRAM; 1104 } 1105 1106 #ifdef TARGET_PPC64 1107 /* 1108 * SPEU and VPU share the same IVOR but they exist in different 1109 * processors. SPEU is e500v1/2 only and VPU is e6500 only. 1110 */ 1111 if (excp == POWERPC_EXCP_VPU) { 1112 excp = POWERPC_EXCP_SPEU; 1113 } 1114 #endif 1115 1116 vector = env->excp_vectors[excp]; 1117 if (vector == (target_ulong)-1ULL) { 1118 cpu_abort(cs, "Raised an exception without defined vector %d\n", 1119 excp); 1120 } 1121 1122 vector |= env->excp_prefix; 1123 1124 switch (excp) { 1125 case POWERPC_EXCP_CRITICAL: /* Critical input */ 1126 srr0 = SPR_BOOKE_CSRR0; 1127 srr1 = SPR_BOOKE_CSRR1; 1128 break; 1129 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 1130 if (msr_me == 0) { 1131 /* 1132 * Machine check exception is not enabled. Enter 1133 * checkstop state. 1134 */ 1135 fprintf(stderr, "Machine check while not allowed. " 1136 "Entering checkstop state\n"); 1137 if (qemu_log_separate()) { 1138 qemu_log("Machine check while not allowed. " 1139 "Entering checkstop state\n"); 1140 } 1141 cs->halted = 1; 1142 cpu_interrupt_exittb(cs); 1143 } 1144 1145 /* machine check exceptions don't have ME set */ 1146 new_msr &= ~((target_ulong)1 << MSR_ME); 1147 1148 /* FIXME: choose one or the other based on CPU type */ 1149 srr0 = SPR_BOOKE_MCSRR0; 1150 srr1 = SPR_BOOKE_MCSRR1; 1151 1152 env->spr[SPR_BOOKE_CSRR0] = env->nip; 1153 env->spr[SPR_BOOKE_CSRR1] = msr; 1154 1155 break; 1156 case POWERPC_EXCP_DSI: /* Data storage exception */ 1157 trace_ppc_excp_dsi(env->spr[SPR_BOOKE_ESR], env->spr[SPR_BOOKE_DEAR]); 1158 break; 1159 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 1160 trace_ppc_excp_isi(msr, env->nip); 1161 break; 1162 case POWERPC_EXCP_EXTERNAL: /* External input */ 1163 if (env->mpic_proxy) { 1164 /* IACK the IRQ on delivery */ 1165 env->spr[SPR_BOOKE_EPR] = ldl_phys(cs->as, env->mpic_iack); 1166 } 1167 break; 1168 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 1169 break; 1170 case POWERPC_EXCP_PROGRAM: /* Program exception */ 1171 switch (env->error_code & ~0xF) { 1172 case POWERPC_EXCP_FP: 1173 if ((msr_fe0 == 0 && msr_fe1 == 0) || msr_fp == 0) { 1174 trace_ppc_excp_fp_ignore(); 1175 powerpc_reset_excp_state(cpu); 1176 return; 1177 } 1178 1179 /* 1180 * FP exceptions always have NIP pointing to the faulting 1181 * instruction, so always use store_next and claim we are 1182 * precise in the MSR. 1183 */ 1184 msr |= 0x00100000; 1185 env->spr[SPR_BOOKE_ESR] = ESR_FP; 1186 break; 1187 case POWERPC_EXCP_INVAL: 1188 trace_ppc_excp_inval(env->nip); 1189 msr |= 0x00080000; 1190 env->spr[SPR_BOOKE_ESR] = ESR_PIL; 1191 break; 1192 case POWERPC_EXCP_PRIV: 1193 msr |= 0x00040000; 1194 env->spr[SPR_BOOKE_ESR] = ESR_PPR; 1195 break; 1196 case POWERPC_EXCP_TRAP: 1197 msr |= 0x00020000; 1198 env->spr[SPR_BOOKE_ESR] = ESR_PTR; 1199 break; 1200 default: 1201 /* Should never occur */ 1202 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 1203 env->error_code); 1204 break; 1205 } 1206 break; 1207 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1208 dump_syscall(env); 1209 1210 /* 1211 * We need to correct the NIP which in this case is supposed 1212 * to point to the next instruction 1213 */ 1214 env->nip += 4; 1215 break; 1216 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1217 case POWERPC_EXCP_APU: /* Auxiliary processor unavailable */ 1218 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1219 break; 1220 case POWERPC_EXCP_FIT: /* Fixed-interval timer interrupt */ 1221 /* FIT on 4xx */ 1222 trace_ppc_excp_print("FIT"); 1223 break; 1224 case POWERPC_EXCP_WDT: /* Watchdog timer interrupt */ 1225 trace_ppc_excp_print("WDT"); 1226 srr0 = SPR_BOOKE_CSRR0; 1227 srr1 = SPR_BOOKE_CSRR1; 1228 break; 1229 case POWERPC_EXCP_DTLB: /* Data TLB error */ 1230 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 1231 break; 1232 case POWERPC_EXCP_DEBUG: /* Debug interrupt */ 1233 if (env->flags & POWERPC_FLAG_DE) { 1234 /* FIXME: choose one or the other based on CPU type */ 1235 srr0 = SPR_BOOKE_DSRR0; 1236 srr1 = SPR_BOOKE_DSRR1; 1237 1238 env->spr[SPR_BOOKE_CSRR0] = env->nip; 1239 env->spr[SPR_BOOKE_CSRR1] = msr; 1240 1241 /* DBSR already modified by caller */ 1242 } else { 1243 cpu_abort(cs, "Debug exception triggered on unsupported model\n"); 1244 } 1245 break; 1246 case POWERPC_EXCP_SPEU: /* SPE/embedded floating-point unavailable/VPU */ 1247 env->spr[SPR_BOOKE_ESR] = ESR_SPV; 1248 break; 1249 case POWERPC_EXCP_RESET: /* System reset exception */ 1250 if (msr_pow) { 1251 cpu_abort(cs, "Trying to deliver power-saving system reset " 1252 "exception %d with no HV support\n", excp); 1253 } 1254 break; 1255 case POWERPC_EXCP_EFPDI: /* Embedded floating-point data interrupt */ 1256 case POWERPC_EXCP_EFPRI: /* Embedded floating-point round interrupt */ 1257 cpu_abort(cs, "%s exception not implemented\n", 1258 powerpc_excp_name(excp)); 1259 break; 1260 default: 1261 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1262 break; 1263 } 1264 1265 #if defined(TARGET_PPC64) 1266 if (env->spr[SPR_BOOKE_EPCR] & EPCR_ICM) { 1267 /* Cat.64-bit: EPCR.ICM is copied to MSR.CM */ 1268 new_msr |= (target_ulong)1 << MSR_CM; 1269 } else { 1270 vector = (uint32_t)vector; 1271 } 1272 #endif 1273 1274 /* Save PC */ 1275 env->spr[srr0] = env->nip; 1276 1277 /* Save MSR */ 1278 env->spr[srr1] = msr; 1279 1280 powerpc_set_excp_state(cpu, vector, new_msr); 1281 } 1282 1283 /* 1284 * When running a nested HV guest under vhyp, external interrupts are 1285 * delivered as HVIRT. 1286 */ 1287 static bool books_vhyp_promotes_external_to_hvirt(PowerPCCPU *cpu) 1288 { 1289 if (cpu->vhyp) { 1290 return vhyp_cpu_in_nested(cpu); 1291 } 1292 return false; 1293 } 1294 1295 #ifdef TARGET_PPC64 1296 /* 1297 * When running under vhyp, hcalls are always intercepted and sent to the 1298 * vhc->hypercall handler. 1299 */ 1300 static bool books_vhyp_handles_hcall(PowerPCCPU *cpu) 1301 { 1302 if (cpu->vhyp) { 1303 return !vhyp_cpu_in_nested(cpu); 1304 } 1305 return false; 1306 } 1307 1308 /* 1309 * When running a nested KVM HV guest under vhyp, HV exceptions are not 1310 * delivered to the guest (because there is no concept of HV support), but 1311 * rather they are sent tothe vhyp to exit from the L2 back to the L1 and 1312 * return from the H_ENTER_NESTED hypercall. 1313 */ 1314 static bool books_vhyp_handles_hv_excp(PowerPCCPU *cpu) 1315 { 1316 if (cpu->vhyp) { 1317 return vhyp_cpu_in_nested(cpu); 1318 } 1319 return false; 1320 } 1321 1322 static void powerpc_excp_books(PowerPCCPU *cpu, int excp) 1323 { 1324 CPUState *cs = CPU(cpu); 1325 CPUPPCState *env = &cpu->env; 1326 target_ulong msr, new_msr, vector; 1327 int srr0, srr1, lev = -1; 1328 1329 /* new srr1 value excluding must-be-zero bits */ 1330 msr = env->msr & ~0x783f0000ULL; 1331 1332 /* 1333 * new interrupt handler msr preserves existing HV and ME unless 1334 * explicitly overriden 1335 */ 1336 new_msr = env->msr & (((target_ulong)1 << MSR_ME) | MSR_HVB); 1337 1338 /* target registers */ 1339 srr0 = SPR_SRR0; 1340 srr1 = SPR_SRR1; 1341 1342 /* 1343 * check for special resume at 0x100 from doze/nap/sleep/winkle on 1344 * P7/P8/P9 1345 */ 1346 if (env->resume_as_sreset) { 1347 excp = powerpc_reset_wakeup(cs, env, excp, &msr); 1348 } 1349 1350 /* 1351 * We don't want to generate a Hypervisor Emulation Assistance 1352 * Interrupt if we don't have HVB in msr_mask (PAPR mode). 1353 */ 1354 if (excp == POWERPC_EXCP_HV_EMU && !(env->msr_mask & MSR_HVB)) { 1355 excp = POWERPC_EXCP_PROGRAM; 1356 } 1357 1358 vector = env->excp_vectors[excp]; 1359 if (vector == (target_ulong)-1ULL) { 1360 cpu_abort(cs, "Raised an exception without defined vector %d\n", 1361 excp); 1362 } 1363 1364 vector |= env->excp_prefix; 1365 1366 switch (excp) { 1367 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 1368 if (msr_me == 0) { 1369 /* 1370 * Machine check exception is not enabled. Enter 1371 * checkstop state. 1372 */ 1373 fprintf(stderr, "Machine check while not allowed. " 1374 "Entering checkstop state\n"); 1375 if (qemu_log_separate()) { 1376 qemu_log("Machine check while not allowed. " 1377 "Entering checkstop state\n"); 1378 } 1379 cs->halted = 1; 1380 cpu_interrupt_exittb(cs); 1381 } 1382 if (env->msr_mask & MSR_HVB) { 1383 /* 1384 * ISA specifies HV, but can be delivered to guest with HV 1385 * clear (e.g., see FWNMI in PAPR). 1386 */ 1387 new_msr |= (target_ulong)MSR_HVB; 1388 } 1389 1390 /* machine check exceptions don't have ME set */ 1391 new_msr &= ~((target_ulong)1 << MSR_ME); 1392 1393 break; 1394 case POWERPC_EXCP_DSI: /* Data storage exception */ 1395 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 1396 break; 1397 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 1398 trace_ppc_excp_isi(msr, env->nip); 1399 msr |= env->error_code; 1400 break; 1401 case POWERPC_EXCP_EXTERNAL: /* External input */ 1402 { 1403 bool lpes0; 1404 1405 /* 1406 * LPES0 is only taken into consideration if we support HV 1407 * mode for this CPU. 1408 */ 1409 if (!env->has_hv_mode) { 1410 break; 1411 } 1412 1413 lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1414 1415 if (!lpes0) { 1416 new_msr |= (target_ulong)MSR_HVB; 1417 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1418 srr0 = SPR_HSRR0; 1419 srr1 = SPR_HSRR1; 1420 } 1421 1422 break; 1423 } 1424 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 1425 /* Get rS/rD and rA from faulting opcode */ 1426 /* 1427 * Note: the opcode fields will not be set properly for a 1428 * direct store load/store, but nobody cares as nobody 1429 * actually uses direct store segments. 1430 */ 1431 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 1432 break; 1433 case POWERPC_EXCP_PROGRAM: /* Program exception */ 1434 switch (env->error_code & ~0xF) { 1435 case POWERPC_EXCP_FP: 1436 if ((msr_fe0 == 0 && msr_fe1 == 0) || msr_fp == 0) { 1437 trace_ppc_excp_fp_ignore(); 1438 powerpc_reset_excp_state(cpu); 1439 return; 1440 } 1441 1442 /* 1443 * FP exceptions always have NIP pointing to the faulting 1444 * instruction, so always use store_next and claim we are 1445 * precise in the MSR. 1446 */ 1447 msr |= 0x00100000; 1448 break; 1449 case POWERPC_EXCP_INVAL: 1450 trace_ppc_excp_inval(env->nip); 1451 msr |= 0x00080000; 1452 break; 1453 case POWERPC_EXCP_PRIV: 1454 msr |= 0x00040000; 1455 break; 1456 case POWERPC_EXCP_TRAP: 1457 msr |= 0x00020000; 1458 break; 1459 default: 1460 /* Should never occur */ 1461 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 1462 env->error_code); 1463 break; 1464 } 1465 break; 1466 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1467 lev = env->error_code; 1468 1469 if ((lev == 1) && cpu->vhyp) { 1470 dump_hcall(env); 1471 } else { 1472 dump_syscall(env); 1473 } 1474 1475 /* 1476 * We need to correct the NIP which in this case is supposed 1477 * to point to the next instruction 1478 */ 1479 env->nip += 4; 1480 1481 /* "PAPR mode" built-in hypercall emulation */ 1482 if ((lev == 1) && books_vhyp_handles_hcall(cpu)) { 1483 PPCVirtualHypervisorClass *vhc = 1484 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 1485 vhc->hypercall(cpu->vhyp, cpu); 1486 return; 1487 } 1488 if (lev == 1) { 1489 new_msr |= (target_ulong)MSR_HVB; 1490 } 1491 break; 1492 case POWERPC_EXCP_SYSCALL_VECTORED: /* scv exception */ 1493 lev = env->error_code; 1494 dump_syscall(env); 1495 env->nip += 4; 1496 new_msr |= env->msr & ((target_ulong)1 << MSR_EE); 1497 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1498 1499 vector += lev * 0x20; 1500 1501 env->lr = env->nip; 1502 env->ctr = msr; 1503 break; 1504 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1505 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1506 break; 1507 case POWERPC_EXCP_RESET: /* System reset exception */ 1508 /* A power-saving exception sets ME, otherwise it is unchanged */ 1509 if (msr_pow) { 1510 /* indicate that we resumed from power save mode */ 1511 msr |= 0x10000; 1512 new_msr |= ((target_ulong)1 << MSR_ME); 1513 } 1514 if (env->msr_mask & MSR_HVB) { 1515 /* 1516 * ISA specifies HV, but can be delivered to guest with HV 1517 * clear (e.g., see FWNMI in PAPR, NMI injection in QEMU). 1518 */ 1519 new_msr |= (target_ulong)MSR_HVB; 1520 } else { 1521 if (msr_pow) { 1522 cpu_abort(cs, "Trying to deliver power-saving system reset " 1523 "exception %d with no HV support\n", excp); 1524 } 1525 } 1526 break; 1527 case POWERPC_EXCP_DSEG: /* Data segment exception */ 1528 case POWERPC_EXCP_ISEG: /* Instruction segment exception */ 1529 case POWERPC_EXCP_TRACE: /* Trace exception */ 1530 break; 1531 case POWERPC_EXCP_HISI: /* Hypervisor instruction storage exception */ 1532 msr |= env->error_code; 1533 /* fall through */ 1534 case POWERPC_EXCP_HDECR: /* Hypervisor decrementer exception */ 1535 case POWERPC_EXCP_HDSI: /* Hypervisor data storage exception */ 1536 case POWERPC_EXCP_SDOOR_HV: /* Hypervisor Doorbell interrupt */ 1537 case POWERPC_EXCP_HV_EMU: 1538 case POWERPC_EXCP_HVIRT: /* Hypervisor virtualization */ 1539 srr0 = SPR_HSRR0; 1540 srr1 = SPR_HSRR1; 1541 new_msr |= (target_ulong)MSR_HVB; 1542 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1543 break; 1544 case POWERPC_EXCP_VPU: /* Vector unavailable exception */ 1545 case POWERPC_EXCP_VSXU: /* VSX unavailable exception */ 1546 case POWERPC_EXCP_FU: /* Facility unavailable exception */ 1547 env->spr[SPR_FSCR] |= ((target_ulong)env->error_code << 56); 1548 break; 1549 case POWERPC_EXCP_HV_FU: /* Hypervisor Facility Unavailable Exception */ 1550 env->spr[SPR_HFSCR] |= ((target_ulong)env->error_code << FSCR_IC_POS); 1551 srr0 = SPR_HSRR0; 1552 srr1 = SPR_HSRR1; 1553 new_msr |= (target_ulong)MSR_HVB; 1554 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1555 break; 1556 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 1557 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 1558 case POWERPC_EXCP_VPUA: /* Vector assist exception */ 1559 case POWERPC_EXCP_MAINT: /* Maintenance exception */ 1560 case POWERPC_EXCP_SDOOR: /* Doorbell interrupt */ 1561 case POWERPC_EXCP_HV_MAINT: /* Hypervisor Maintenance exception */ 1562 cpu_abort(cs, "%s exception not implemented\n", 1563 powerpc_excp_name(excp)); 1564 break; 1565 default: 1566 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1567 break; 1568 } 1569 1570 /* 1571 * Sort out endianness of interrupt, this differs depending on the 1572 * CPU, the HV mode, etc... 1573 */ 1574 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 1575 new_msr |= (target_ulong)1 << MSR_LE; 1576 } 1577 1578 new_msr |= (target_ulong)1 << MSR_SF; 1579 1580 if (excp != POWERPC_EXCP_SYSCALL_VECTORED) { 1581 /* Save PC */ 1582 env->spr[srr0] = env->nip; 1583 1584 /* Save MSR */ 1585 env->spr[srr1] = msr; 1586 } 1587 1588 if ((new_msr & MSR_HVB) && books_vhyp_handles_hv_excp(cpu)) { 1589 PPCVirtualHypervisorClass *vhc = 1590 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 1591 /* Deliver interrupt to L1 by returning from the H_ENTER_NESTED call */ 1592 vhc->deliver_hv_excp(cpu, excp); 1593 1594 powerpc_reset_excp_state(cpu); 1595 1596 } else { 1597 /* Sanity check */ 1598 if (!(env->msr_mask & MSR_HVB) && srr0 == SPR_HSRR0) { 1599 cpu_abort(cs, "Trying to deliver HV exception (HSRR) %d with " 1600 "no HV support\n", excp); 1601 } 1602 1603 /* This can update new_msr and vector if AIL applies */ 1604 ppc_excp_apply_ail(cpu, excp, msr, &new_msr, &vector); 1605 1606 powerpc_set_excp_state(cpu, vector, new_msr); 1607 } 1608 } 1609 #else 1610 static inline void powerpc_excp_books(PowerPCCPU *cpu, int excp) 1611 { 1612 g_assert_not_reached(); 1613 } 1614 #endif 1615 1616 static void powerpc_excp(PowerPCCPU *cpu, int excp) 1617 { 1618 CPUState *cs = CPU(cpu); 1619 CPUPPCState *env = &cpu->env; 1620 1621 if (excp <= POWERPC_EXCP_NONE || excp >= POWERPC_EXCP_NB) { 1622 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1623 } 1624 1625 qemu_log_mask(CPU_LOG_INT, "Raise exception at " TARGET_FMT_lx 1626 " => %s (%d) error=%02x\n", env->nip, powerpc_excp_name(excp), 1627 excp, env->error_code); 1628 1629 switch (env->excp_model) { 1630 case POWERPC_EXCP_40x: 1631 powerpc_excp_40x(cpu, excp); 1632 break; 1633 case POWERPC_EXCP_6xx: 1634 powerpc_excp_6xx(cpu, excp); 1635 break; 1636 case POWERPC_EXCP_7xx: 1637 powerpc_excp_7xx(cpu, excp); 1638 break; 1639 case POWERPC_EXCP_74xx: 1640 powerpc_excp_74xx(cpu, excp); 1641 break; 1642 case POWERPC_EXCP_BOOKE: 1643 powerpc_excp_booke(cpu, excp); 1644 break; 1645 case POWERPC_EXCP_970: 1646 case POWERPC_EXCP_POWER7: 1647 case POWERPC_EXCP_POWER8: 1648 case POWERPC_EXCP_POWER9: 1649 case POWERPC_EXCP_POWER10: 1650 powerpc_excp_books(cpu, excp); 1651 break; 1652 default: 1653 g_assert_not_reached(); 1654 } 1655 } 1656 1657 void ppc_cpu_do_interrupt(CPUState *cs) 1658 { 1659 PowerPCCPU *cpu = POWERPC_CPU(cs); 1660 1661 powerpc_excp(cpu, cs->exception_index); 1662 } 1663 1664 static void ppc_hw_interrupt(CPUPPCState *env) 1665 { 1666 PowerPCCPU *cpu = env_archcpu(env); 1667 bool async_deliver; 1668 1669 /* External reset */ 1670 if (env->pending_interrupts & (1 << PPC_INTERRUPT_RESET)) { 1671 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_RESET); 1672 powerpc_excp(cpu, POWERPC_EXCP_RESET); 1673 return; 1674 } 1675 /* Machine check exception */ 1676 if (env->pending_interrupts & (1 << PPC_INTERRUPT_MCK)) { 1677 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_MCK); 1678 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 1679 return; 1680 } 1681 #if 0 /* TODO */ 1682 /* External debug exception */ 1683 if (env->pending_interrupts & (1 << PPC_INTERRUPT_DEBUG)) { 1684 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_DEBUG); 1685 powerpc_excp(cpu, POWERPC_EXCP_DEBUG); 1686 return; 1687 } 1688 #endif 1689 1690 /* 1691 * For interrupts that gate on MSR:EE, we need to do something a 1692 * bit more subtle, as we need to let them through even when EE is 1693 * clear when coming out of some power management states (in order 1694 * for them to become a 0x100). 1695 */ 1696 async_deliver = (msr_ee != 0) || env->resume_as_sreset; 1697 1698 /* Hypervisor decrementer exception */ 1699 if (env->pending_interrupts & (1 << PPC_INTERRUPT_HDECR)) { 1700 /* LPCR will be clear when not supported so this will work */ 1701 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 1702 if ((async_deliver || msr_hv == 0) && hdice) { 1703 /* HDEC clears on delivery */ 1704 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_HDECR); 1705 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 1706 return; 1707 } 1708 } 1709 1710 /* Hypervisor virtualization interrupt */ 1711 if (env->pending_interrupts & (1 << PPC_INTERRUPT_HVIRT)) { 1712 /* LPCR will be clear when not supported so this will work */ 1713 bool hvice = !!(env->spr[SPR_LPCR] & LPCR_HVICE); 1714 if ((async_deliver || msr_hv == 0) && hvice) { 1715 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 1716 return; 1717 } 1718 } 1719 1720 /* External interrupt can ignore MSR:EE under some circumstances */ 1721 if (env->pending_interrupts & (1 << PPC_INTERRUPT_EXT)) { 1722 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1723 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 1724 /* HEIC blocks delivery to the hypervisor */ 1725 if ((async_deliver && !(heic && msr_hv && !msr_pr)) || 1726 (env->has_hv_mode && msr_hv == 0 && !lpes0)) { 1727 if (books_vhyp_promotes_external_to_hvirt(cpu)) { 1728 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 1729 } else { 1730 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 1731 } 1732 return; 1733 } 1734 } 1735 if (msr_ce != 0) { 1736 /* External critical interrupt */ 1737 if (env->pending_interrupts & (1 << PPC_INTERRUPT_CEXT)) { 1738 powerpc_excp(cpu, POWERPC_EXCP_CRITICAL); 1739 return; 1740 } 1741 } 1742 if (async_deliver != 0) { 1743 /* Watchdog timer on embedded PowerPC */ 1744 if (env->pending_interrupts & (1 << PPC_INTERRUPT_WDT)) { 1745 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_WDT); 1746 powerpc_excp(cpu, POWERPC_EXCP_WDT); 1747 return; 1748 } 1749 if (env->pending_interrupts & (1 << PPC_INTERRUPT_CDOORBELL)) { 1750 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_CDOORBELL); 1751 powerpc_excp(cpu, POWERPC_EXCP_DOORCI); 1752 return; 1753 } 1754 /* Fixed interval timer on embedded PowerPC */ 1755 if (env->pending_interrupts & (1 << PPC_INTERRUPT_FIT)) { 1756 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_FIT); 1757 powerpc_excp(cpu, POWERPC_EXCP_FIT); 1758 return; 1759 } 1760 /* Programmable interval timer on embedded PowerPC */ 1761 if (env->pending_interrupts & (1 << PPC_INTERRUPT_PIT)) { 1762 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_PIT); 1763 powerpc_excp(cpu, POWERPC_EXCP_PIT); 1764 return; 1765 } 1766 /* Decrementer exception */ 1767 if (env->pending_interrupts & (1 << PPC_INTERRUPT_DECR)) { 1768 if (ppc_decr_clear_on_delivery(env)) { 1769 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_DECR); 1770 } 1771 powerpc_excp(cpu, POWERPC_EXCP_DECR); 1772 return; 1773 } 1774 if (env->pending_interrupts & (1 << PPC_INTERRUPT_DOORBELL)) { 1775 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_DOORBELL); 1776 if (is_book3s_arch2x(env)) { 1777 powerpc_excp(cpu, POWERPC_EXCP_SDOOR); 1778 } else { 1779 powerpc_excp(cpu, POWERPC_EXCP_DOORI); 1780 } 1781 return; 1782 } 1783 if (env->pending_interrupts & (1 << PPC_INTERRUPT_HDOORBELL)) { 1784 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_HDOORBELL); 1785 powerpc_excp(cpu, POWERPC_EXCP_SDOOR_HV); 1786 return; 1787 } 1788 if (env->pending_interrupts & (1 << PPC_INTERRUPT_PERFM)) { 1789 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_PERFM); 1790 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 1791 return; 1792 } 1793 /* Thermal interrupt */ 1794 if (env->pending_interrupts & (1 << PPC_INTERRUPT_THERM)) { 1795 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_THERM); 1796 powerpc_excp(cpu, POWERPC_EXCP_THERM); 1797 return; 1798 } 1799 } 1800 1801 if (env->resume_as_sreset) { 1802 /* 1803 * This is a bug ! It means that has_work took us out of halt without 1804 * anything to deliver while in a PM state that requires getting 1805 * out via a 0x100 1806 * 1807 * This means we will incorrectly execute past the power management 1808 * instruction instead of triggering a reset. 1809 * 1810 * It generally means a discrepancy between the wakeup conditions in the 1811 * processor has_work implementation and the logic in this function. 1812 */ 1813 cpu_abort(env_cpu(env), 1814 "Wakeup from PM state but interrupt Undelivered"); 1815 } 1816 } 1817 1818 void ppc_cpu_do_system_reset(CPUState *cs) 1819 { 1820 PowerPCCPU *cpu = POWERPC_CPU(cs); 1821 1822 powerpc_excp(cpu, POWERPC_EXCP_RESET); 1823 } 1824 1825 void ppc_cpu_do_fwnmi_machine_check(CPUState *cs, target_ulong vector) 1826 { 1827 PowerPCCPU *cpu = POWERPC_CPU(cs); 1828 CPUPPCState *env = &cpu->env; 1829 target_ulong msr = 0; 1830 1831 /* 1832 * Set MSR and NIP for the handler, SRR0/1, DAR and DSISR have already 1833 * been set by KVM. 1834 */ 1835 msr = (1ULL << MSR_ME); 1836 msr |= env->msr & (1ULL << MSR_SF); 1837 if (ppc_interrupts_little_endian(cpu, false)) { 1838 msr |= (1ULL << MSR_LE); 1839 } 1840 1841 /* Anything for nested required here? MSR[HV] bit? */ 1842 1843 powerpc_set_excp_state(cpu, vector, msr); 1844 } 1845 1846 bool ppc_cpu_exec_interrupt(CPUState *cs, int interrupt_request) 1847 { 1848 PowerPCCPU *cpu = POWERPC_CPU(cs); 1849 CPUPPCState *env = &cpu->env; 1850 1851 if (interrupt_request & CPU_INTERRUPT_HARD) { 1852 ppc_hw_interrupt(env); 1853 if (env->pending_interrupts == 0) { 1854 cs->interrupt_request &= ~CPU_INTERRUPT_HARD; 1855 } 1856 return true; 1857 } 1858 return false; 1859 } 1860 1861 #endif /* !CONFIG_USER_ONLY */ 1862 1863 /*****************************************************************************/ 1864 /* Exceptions processing helpers */ 1865 1866 void raise_exception_err_ra(CPUPPCState *env, uint32_t exception, 1867 uint32_t error_code, uintptr_t raddr) 1868 { 1869 CPUState *cs = env_cpu(env); 1870 1871 cs->exception_index = exception; 1872 env->error_code = error_code; 1873 cpu_loop_exit_restore(cs, raddr); 1874 } 1875 1876 void raise_exception_err(CPUPPCState *env, uint32_t exception, 1877 uint32_t error_code) 1878 { 1879 raise_exception_err_ra(env, exception, error_code, 0); 1880 } 1881 1882 void raise_exception(CPUPPCState *env, uint32_t exception) 1883 { 1884 raise_exception_err_ra(env, exception, 0, 0); 1885 } 1886 1887 void raise_exception_ra(CPUPPCState *env, uint32_t exception, 1888 uintptr_t raddr) 1889 { 1890 raise_exception_err_ra(env, exception, 0, raddr); 1891 } 1892 1893 #ifdef CONFIG_TCG 1894 void helper_raise_exception_err(CPUPPCState *env, uint32_t exception, 1895 uint32_t error_code) 1896 { 1897 raise_exception_err_ra(env, exception, error_code, 0); 1898 } 1899 1900 void helper_raise_exception(CPUPPCState *env, uint32_t exception) 1901 { 1902 raise_exception_err_ra(env, exception, 0, 0); 1903 } 1904 #endif 1905 1906 #if !defined(CONFIG_USER_ONLY) 1907 #ifdef CONFIG_TCG 1908 void helper_store_msr(CPUPPCState *env, target_ulong val) 1909 { 1910 uint32_t excp = hreg_store_msr(env, val, 0); 1911 1912 if (excp != 0) { 1913 CPUState *cs = env_cpu(env); 1914 cpu_interrupt_exittb(cs); 1915 raise_exception(env, excp); 1916 } 1917 } 1918 1919 #if defined(TARGET_PPC64) 1920 void helper_scv(CPUPPCState *env, uint32_t lev) 1921 { 1922 if (env->spr[SPR_FSCR] & (1ull << FSCR_SCV)) { 1923 raise_exception_err(env, POWERPC_EXCP_SYSCALL_VECTORED, lev); 1924 } else { 1925 raise_exception_err(env, POWERPC_EXCP_FU, FSCR_IC_SCV); 1926 } 1927 } 1928 1929 void helper_pminsn(CPUPPCState *env, powerpc_pm_insn_t insn) 1930 { 1931 CPUState *cs; 1932 1933 cs = env_cpu(env); 1934 cs->halted = 1; 1935 1936 /* Condition for waking up at 0x100 */ 1937 env->resume_as_sreset = (insn != PPC_PM_STOP) || 1938 (env->spr[SPR_PSSCR] & PSSCR_EC); 1939 } 1940 #endif /* defined(TARGET_PPC64) */ 1941 1942 static void do_rfi(CPUPPCState *env, target_ulong nip, target_ulong msr) 1943 { 1944 CPUState *cs = env_cpu(env); 1945 1946 /* MSR:POW cannot be set by any form of rfi */ 1947 msr &= ~(1ULL << MSR_POW); 1948 1949 /* MSR:TGPR cannot be set by any form of rfi */ 1950 if (env->flags & POWERPC_FLAG_TGPR) 1951 msr &= ~(1ULL << MSR_TGPR); 1952 1953 #if defined(TARGET_PPC64) 1954 /* Switching to 32-bit ? Crop the nip */ 1955 if (!msr_is_64bit(env, msr)) { 1956 nip = (uint32_t)nip; 1957 } 1958 #else 1959 nip = (uint32_t)nip; 1960 #endif 1961 /* XXX: beware: this is false if VLE is supported */ 1962 env->nip = nip & ~((target_ulong)0x00000003); 1963 hreg_store_msr(env, msr, 1); 1964 trace_ppc_excp_rfi(env->nip, env->msr); 1965 /* 1966 * No need to raise an exception here, as rfi is always the last 1967 * insn of a TB 1968 */ 1969 cpu_interrupt_exittb(cs); 1970 /* Reset the reservation */ 1971 env->reserve_addr = -1; 1972 1973 /* Context synchronizing: check if TCG TLB needs flush */ 1974 check_tlb_flush(env, false); 1975 } 1976 1977 void helper_rfi(CPUPPCState *env) 1978 { 1979 do_rfi(env, env->spr[SPR_SRR0], env->spr[SPR_SRR1] & 0xfffffffful); 1980 } 1981 1982 #define MSR_BOOK3S_MASK 1983 #if defined(TARGET_PPC64) 1984 void helper_rfid(CPUPPCState *env) 1985 { 1986 /* 1987 * The architecture defines a number of rules for which bits can 1988 * change but in practice, we handle this in hreg_store_msr() 1989 * which will be called by do_rfi(), so there is no need to filter 1990 * here 1991 */ 1992 do_rfi(env, env->spr[SPR_SRR0], env->spr[SPR_SRR1]); 1993 } 1994 1995 void helper_rfscv(CPUPPCState *env) 1996 { 1997 do_rfi(env, env->lr, env->ctr); 1998 } 1999 2000 void helper_hrfid(CPUPPCState *env) 2001 { 2002 do_rfi(env, env->spr[SPR_HSRR0], env->spr[SPR_HSRR1]); 2003 } 2004 #endif 2005 2006 #if defined(TARGET_PPC64) && !defined(CONFIG_USER_ONLY) 2007 void helper_rfebb(CPUPPCState *env, target_ulong s) 2008 { 2009 target_ulong msr = env->msr; 2010 2011 /* 2012 * Handling of BESCR bits 32:33 according to PowerISA v3.1: 2013 * 2014 * "If BESCR 32:33 != 0b00 the instruction is treated as if 2015 * the instruction form were invalid." 2016 */ 2017 if (env->spr[SPR_BESCR] & BESCR_INVALID) { 2018 raise_exception_err(env, POWERPC_EXCP_PROGRAM, 2019 POWERPC_EXCP_INVAL | POWERPC_EXCP_INVAL_INVAL); 2020 } 2021 2022 env->nip = env->spr[SPR_EBBRR]; 2023 2024 /* Switching to 32-bit ? Crop the nip */ 2025 if (!msr_is_64bit(env, msr)) { 2026 env->nip = (uint32_t)env->spr[SPR_EBBRR]; 2027 } 2028 2029 if (s) { 2030 env->spr[SPR_BESCR] |= BESCR_GE; 2031 } else { 2032 env->spr[SPR_BESCR] &= ~BESCR_GE; 2033 } 2034 } 2035 #endif 2036 2037 /*****************************************************************************/ 2038 /* Embedded PowerPC specific helpers */ 2039 void helper_40x_rfci(CPUPPCState *env) 2040 { 2041 do_rfi(env, env->spr[SPR_40x_SRR2], env->spr[SPR_40x_SRR3]); 2042 } 2043 2044 void helper_rfci(CPUPPCState *env) 2045 { 2046 do_rfi(env, env->spr[SPR_BOOKE_CSRR0], env->spr[SPR_BOOKE_CSRR1]); 2047 } 2048 2049 void helper_rfdi(CPUPPCState *env) 2050 { 2051 /* FIXME: choose CSRR1 or DSRR1 based on cpu type */ 2052 do_rfi(env, env->spr[SPR_BOOKE_DSRR0], env->spr[SPR_BOOKE_DSRR1]); 2053 } 2054 2055 void helper_rfmci(CPUPPCState *env) 2056 { 2057 /* FIXME: choose CSRR1 or MCSRR1 based on cpu type */ 2058 do_rfi(env, env->spr[SPR_BOOKE_MCSRR0], env->spr[SPR_BOOKE_MCSRR1]); 2059 } 2060 #endif /* CONFIG_TCG */ 2061 #endif /* !defined(CONFIG_USER_ONLY) */ 2062 2063 #ifdef CONFIG_TCG 2064 void helper_tw(CPUPPCState *env, target_ulong arg1, target_ulong arg2, 2065 uint32_t flags) 2066 { 2067 if (!likely(!(((int32_t)arg1 < (int32_t)arg2 && (flags & 0x10)) || 2068 ((int32_t)arg1 > (int32_t)arg2 && (flags & 0x08)) || 2069 ((int32_t)arg1 == (int32_t)arg2 && (flags & 0x04)) || 2070 ((uint32_t)arg1 < (uint32_t)arg2 && (flags & 0x02)) || 2071 ((uint32_t)arg1 > (uint32_t)arg2 && (flags & 0x01))))) { 2072 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2073 POWERPC_EXCP_TRAP, GETPC()); 2074 } 2075 } 2076 2077 #if defined(TARGET_PPC64) 2078 void helper_td(CPUPPCState *env, target_ulong arg1, target_ulong arg2, 2079 uint32_t flags) 2080 { 2081 if (!likely(!(((int64_t)arg1 < (int64_t)arg2 && (flags & 0x10)) || 2082 ((int64_t)arg1 > (int64_t)arg2 && (flags & 0x08)) || 2083 ((int64_t)arg1 == (int64_t)arg2 && (flags & 0x04)) || 2084 ((uint64_t)arg1 < (uint64_t)arg2 && (flags & 0x02)) || 2085 ((uint64_t)arg1 > (uint64_t)arg2 && (flags & 0x01))))) { 2086 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2087 POWERPC_EXCP_TRAP, GETPC()); 2088 } 2089 } 2090 #endif 2091 #endif 2092 2093 #if !defined(CONFIG_USER_ONLY) 2094 2095 #ifdef CONFIG_TCG 2096 2097 /* Embedded.Processor Control */ 2098 static int dbell2irq(target_ulong rb) 2099 { 2100 int msg = rb & DBELL_TYPE_MASK; 2101 int irq = -1; 2102 2103 switch (msg) { 2104 case DBELL_TYPE_DBELL: 2105 irq = PPC_INTERRUPT_DOORBELL; 2106 break; 2107 case DBELL_TYPE_DBELL_CRIT: 2108 irq = PPC_INTERRUPT_CDOORBELL; 2109 break; 2110 case DBELL_TYPE_G_DBELL: 2111 case DBELL_TYPE_G_DBELL_CRIT: 2112 case DBELL_TYPE_G_DBELL_MC: 2113 /* XXX implement */ 2114 default: 2115 break; 2116 } 2117 2118 return irq; 2119 } 2120 2121 void helper_msgclr(CPUPPCState *env, target_ulong rb) 2122 { 2123 int irq = dbell2irq(rb); 2124 2125 if (irq < 0) { 2126 return; 2127 } 2128 2129 env->pending_interrupts &= ~(1 << irq); 2130 } 2131 2132 void helper_msgsnd(target_ulong rb) 2133 { 2134 int irq = dbell2irq(rb); 2135 int pir = rb & DBELL_PIRTAG_MASK; 2136 CPUState *cs; 2137 2138 if (irq < 0) { 2139 return; 2140 } 2141 2142 qemu_mutex_lock_iothread(); 2143 CPU_FOREACH(cs) { 2144 PowerPCCPU *cpu = POWERPC_CPU(cs); 2145 CPUPPCState *cenv = &cpu->env; 2146 2147 if ((rb & DBELL_BRDCAST) || (cenv->spr[SPR_BOOKE_PIR] == pir)) { 2148 cenv->pending_interrupts |= 1 << irq; 2149 cpu_interrupt(cs, CPU_INTERRUPT_HARD); 2150 } 2151 } 2152 qemu_mutex_unlock_iothread(); 2153 } 2154 2155 /* Server Processor Control */ 2156 2157 static bool dbell_type_server(target_ulong rb) 2158 { 2159 /* 2160 * A Directed Hypervisor Doorbell message is sent only if the 2161 * message type is 5. All other types are reserved and the 2162 * instruction is a no-op 2163 */ 2164 return (rb & DBELL_TYPE_MASK) == DBELL_TYPE_DBELL_SERVER; 2165 } 2166 2167 void helper_book3s_msgclr(CPUPPCState *env, target_ulong rb) 2168 { 2169 if (!dbell_type_server(rb)) { 2170 return; 2171 } 2172 2173 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_HDOORBELL); 2174 } 2175 2176 static void book3s_msgsnd_common(int pir, int irq) 2177 { 2178 CPUState *cs; 2179 2180 qemu_mutex_lock_iothread(); 2181 CPU_FOREACH(cs) { 2182 PowerPCCPU *cpu = POWERPC_CPU(cs); 2183 CPUPPCState *cenv = &cpu->env; 2184 2185 /* TODO: broadcast message to all threads of the same processor */ 2186 if (cenv->spr_cb[SPR_PIR].default_value == pir) { 2187 cenv->pending_interrupts |= 1 << irq; 2188 cpu_interrupt(cs, CPU_INTERRUPT_HARD); 2189 } 2190 } 2191 qemu_mutex_unlock_iothread(); 2192 } 2193 2194 void helper_book3s_msgsnd(target_ulong rb) 2195 { 2196 int pir = rb & DBELL_PROCIDTAG_MASK; 2197 2198 if (!dbell_type_server(rb)) { 2199 return; 2200 } 2201 2202 book3s_msgsnd_common(pir, PPC_INTERRUPT_HDOORBELL); 2203 } 2204 2205 #if defined(TARGET_PPC64) 2206 void helper_book3s_msgclrp(CPUPPCState *env, target_ulong rb) 2207 { 2208 helper_hfscr_facility_check(env, HFSCR_MSGP, "msgclrp", HFSCR_IC_MSGP); 2209 2210 if (!dbell_type_server(rb)) { 2211 return; 2212 } 2213 2214 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_DOORBELL); 2215 } 2216 2217 /* 2218 * sends a message to other threads that are on the same 2219 * multi-threaded processor 2220 */ 2221 void helper_book3s_msgsndp(CPUPPCState *env, target_ulong rb) 2222 { 2223 int pir = env->spr_cb[SPR_PIR].default_value; 2224 2225 helper_hfscr_facility_check(env, HFSCR_MSGP, "msgsndp", HFSCR_IC_MSGP); 2226 2227 if (!dbell_type_server(rb)) { 2228 return; 2229 } 2230 2231 /* TODO: TCG supports only one thread */ 2232 2233 book3s_msgsnd_common(pir, PPC_INTERRUPT_DOORBELL); 2234 } 2235 #endif /* TARGET_PPC64 */ 2236 2237 void ppc_cpu_do_unaligned_access(CPUState *cs, vaddr vaddr, 2238 MMUAccessType access_type, 2239 int mmu_idx, uintptr_t retaddr) 2240 { 2241 CPUPPCState *env = cs->env_ptr; 2242 uint32_t insn; 2243 2244 /* Restore state and reload the insn we executed, for filling in DSISR. */ 2245 cpu_restore_state(cs, retaddr, true); 2246 insn = cpu_ldl_code(env, env->nip); 2247 2248 switch (env->mmu_model) { 2249 case POWERPC_MMU_SOFT_4xx: 2250 env->spr[SPR_40x_DEAR] = vaddr; 2251 break; 2252 case POWERPC_MMU_BOOKE: 2253 case POWERPC_MMU_BOOKE206: 2254 env->spr[SPR_BOOKE_DEAR] = vaddr; 2255 break; 2256 default: 2257 env->spr[SPR_DAR] = vaddr; 2258 break; 2259 } 2260 2261 cs->exception_index = POWERPC_EXCP_ALIGN; 2262 env->error_code = insn & 0x03FF0000; 2263 cpu_loop_exit(cs); 2264 } 2265 #endif /* CONFIG_TCG */ 2266 #endif /* !CONFIG_USER_ONLY */ 2267