1 /* 2 * PowerPC exception emulation helpers for QEMU. 3 * 4 * Copyright (c) 2003-2007 Jocelyn Mayer 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2.1 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 18 */ 19 #include "qemu/osdep.h" 20 #include "qemu/main-loop.h" 21 #include "qemu/log.h" 22 #include "cpu.h" 23 #include "exec/exec-all.h" 24 #include "internal.h" 25 #include "helper_regs.h" 26 #include "hw/ppc/ppc.h" 27 28 #include "trace.h" 29 30 #ifdef CONFIG_TCG 31 #include "sysemu/tcg.h" 32 #include "exec/helper-proto.h" 33 #include "exec/cpu_ldst.h" 34 #endif 35 36 /*****************************************************************************/ 37 /* Exception processing */ 38 #if !defined(CONFIG_USER_ONLY) 39 40 static const char *powerpc_excp_name(int excp) 41 { 42 switch (excp) { 43 case POWERPC_EXCP_CRITICAL: return "CRITICAL"; 44 case POWERPC_EXCP_MCHECK: return "MCHECK"; 45 case POWERPC_EXCP_DSI: return "DSI"; 46 case POWERPC_EXCP_ISI: return "ISI"; 47 case POWERPC_EXCP_EXTERNAL: return "EXTERNAL"; 48 case POWERPC_EXCP_ALIGN: return "ALIGN"; 49 case POWERPC_EXCP_PROGRAM: return "PROGRAM"; 50 case POWERPC_EXCP_FPU: return "FPU"; 51 case POWERPC_EXCP_SYSCALL: return "SYSCALL"; 52 case POWERPC_EXCP_APU: return "APU"; 53 case POWERPC_EXCP_DECR: return "DECR"; 54 case POWERPC_EXCP_FIT: return "FIT"; 55 case POWERPC_EXCP_WDT: return "WDT"; 56 case POWERPC_EXCP_DTLB: return "DTLB"; 57 case POWERPC_EXCP_ITLB: return "ITLB"; 58 case POWERPC_EXCP_DEBUG: return "DEBUG"; 59 case POWERPC_EXCP_SPEU: return "SPEU"; 60 case POWERPC_EXCP_EFPDI: return "EFPDI"; 61 case POWERPC_EXCP_EFPRI: return "EFPRI"; 62 case POWERPC_EXCP_EPERFM: return "EPERFM"; 63 case POWERPC_EXCP_DOORI: return "DOORI"; 64 case POWERPC_EXCP_DOORCI: return "DOORCI"; 65 case POWERPC_EXCP_GDOORI: return "GDOORI"; 66 case POWERPC_EXCP_GDOORCI: return "GDOORCI"; 67 case POWERPC_EXCP_HYPPRIV: return "HYPPRIV"; 68 case POWERPC_EXCP_RESET: return "RESET"; 69 case POWERPC_EXCP_DSEG: return "DSEG"; 70 case POWERPC_EXCP_ISEG: return "ISEG"; 71 case POWERPC_EXCP_HDECR: return "HDECR"; 72 case POWERPC_EXCP_TRACE: return "TRACE"; 73 case POWERPC_EXCP_HDSI: return "HDSI"; 74 case POWERPC_EXCP_HISI: return "HISI"; 75 case POWERPC_EXCP_HDSEG: return "HDSEG"; 76 case POWERPC_EXCP_HISEG: return "HISEG"; 77 case POWERPC_EXCP_VPU: return "VPU"; 78 case POWERPC_EXCP_PIT: return "PIT"; 79 case POWERPC_EXCP_EMUL: return "EMUL"; 80 case POWERPC_EXCP_IFTLB: return "IFTLB"; 81 case POWERPC_EXCP_DLTLB: return "DLTLB"; 82 case POWERPC_EXCP_DSTLB: return "DSTLB"; 83 case POWERPC_EXCP_FPA: return "FPA"; 84 case POWERPC_EXCP_DABR: return "DABR"; 85 case POWERPC_EXCP_IABR: return "IABR"; 86 case POWERPC_EXCP_SMI: return "SMI"; 87 case POWERPC_EXCP_PERFM: return "PERFM"; 88 case POWERPC_EXCP_THERM: return "THERM"; 89 case POWERPC_EXCP_VPUA: return "VPUA"; 90 case POWERPC_EXCP_SOFTP: return "SOFTP"; 91 case POWERPC_EXCP_MAINT: return "MAINT"; 92 case POWERPC_EXCP_MEXTBR: return "MEXTBR"; 93 case POWERPC_EXCP_NMEXTBR: return "NMEXTBR"; 94 case POWERPC_EXCP_ITLBE: return "ITLBE"; 95 case POWERPC_EXCP_DTLBE: return "DTLBE"; 96 case POWERPC_EXCP_VSXU: return "VSXU"; 97 case POWERPC_EXCP_FU: return "FU"; 98 case POWERPC_EXCP_HV_EMU: return "HV_EMU"; 99 case POWERPC_EXCP_HV_MAINT: return "HV_MAINT"; 100 case POWERPC_EXCP_HV_FU: return "HV_FU"; 101 case POWERPC_EXCP_SDOOR: return "SDOOR"; 102 case POWERPC_EXCP_SDOOR_HV: return "SDOOR_HV"; 103 case POWERPC_EXCP_HVIRT: return "HVIRT"; 104 case POWERPC_EXCP_SYSCALL_VECTORED: return "SYSCALL_VECTORED"; 105 default: 106 g_assert_not_reached(); 107 } 108 } 109 110 static void dump_syscall(CPUPPCState *env) 111 { 112 qemu_log_mask(CPU_LOG_INT, "syscall r0=%016" PRIx64 113 " r3=%016" PRIx64 " r4=%016" PRIx64 " r5=%016" PRIx64 114 " r6=%016" PRIx64 " r7=%016" PRIx64 " r8=%016" PRIx64 115 " nip=" TARGET_FMT_lx "\n", 116 ppc_dump_gpr(env, 0), ppc_dump_gpr(env, 3), 117 ppc_dump_gpr(env, 4), ppc_dump_gpr(env, 5), 118 ppc_dump_gpr(env, 6), ppc_dump_gpr(env, 7), 119 ppc_dump_gpr(env, 8), env->nip); 120 } 121 122 static void dump_hcall(CPUPPCState *env) 123 { 124 qemu_log_mask(CPU_LOG_INT, "hypercall r3=%016" PRIx64 125 " r4=%016" PRIx64 " r5=%016" PRIx64 " r6=%016" PRIx64 126 " r7=%016" PRIx64 " r8=%016" PRIx64 " r9=%016" PRIx64 127 " r10=%016" PRIx64 " r11=%016" PRIx64 " r12=%016" PRIx64 128 " nip=" TARGET_FMT_lx "\n", 129 ppc_dump_gpr(env, 3), ppc_dump_gpr(env, 4), 130 ppc_dump_gpr(env, 5), ppc_dump_gpr(env, 6), 131 ppc_dump_gpr(env, 7), ppc_dump_gpr(env, 8), 132 ppc_dump_gpr(env, 9), ppc_dump_gpr(env, 10), 133 ppc_dump_gpr(env, 11), ppc_dump_gpr(env, 12), 134 env->nip); 135 } 136 137 #ifdef CONFIG_TCG 138 /* Return true iff byteswap is needed to load instruction */ 139 static inline bool insn_need_byteswap(CPUArchState *env) 140 { 141 /* SYSTEM builds TARGET_BIG_ENDIAN. Need to swap when MSR[LE] is set */ 142 return !!(env->msr & ((target_ulong)1 << MSR_LE)); 143 } 144 145 static uint32_t ppc_ldl_code(CPUArchState *env, abi_ptr addr) 146 { 147 uint32_t insn = cpu_ldl_code(env, addr); 148 149 if (insn_need_byteswap(env)) { 150 insn = bswap32(insn); 151 } 152 153 return insn; 154 } 155 #endif 156 157 static void ppc_excp_debug_sw_tlb(CPUPPCState *env, int excp) 158 { 159 const char *es; 160 target_ulong *miss, *cmp; 161 int en; 162 163 if (!qemu_loglevel_mask(CPU_LOG_MMU)) { 164 return; 165 } 166 167 if (excp == POWERPC_EXCP_IFTLB) { 168 es = "I"; 169 en = 'I'; 170 miss = &env->spr[SPR_IMISS]; 171 cmp = &env->spr[SPR_ICMP]; 172 } else { 173 if (excp == POWERPC_EXCP_DLTLB) { 174 es = "DL"; 175 } else { 176 es = "DS"; 177 } 178 en = 'D'; 179 miss = &env->spr[SPR_DMISS]; 180 cmp = &env->spr[SPR_DCMP]; 181 } 182 qemu_log("6xx %sTLB miss: %cM " TARGET_FMT_lx " %cC " 183 TARGET_FMT_lx " H1 " TARGET_FMT_lx " H2 " 184 TARGET_FMT_lx " %08x\n", es, en, *miss, en, *cmp, 185 env->spr[SPR_HASH1], env->spr[SPR_HASH2], 186 env->error_code); 187 } 188 189 #if defined(TARGET_PPC64) 190 static int powerpc_reset_wakeup(CPUPPCState *env, int excp, target_ulong *msr) 191 { 192 /* We no longer are in a PM state */ 193 env->resume_as_sreset = false; 194 195 /* Pretend to be returning from doze always as we don't lose state */ 196 *msr |= SRR1_WS_NOLOSS; 197 198 /* Machine checks are sent normally */ 199 if (excp == POWERPC_EXCP_MCHECK) { 200 return excp; 201 } 202 switch (excp) { 203 case POWERPC_EXCP_RESET: 204 *msr |= SRR1_WAKERESET; 205 break; 206 case POWERPC_EXCP_EXTERNAL: 207 *msr |= SRR1_WAKEEE; 208 break; 209 case POWERPC_EXCP_DECR: 210 *msr |= SRR1_WAKEDEC; 211 break; 212 case POWERPC_EXCP_SDOOR: 213 *msr |= SRR1_WAKEDBELL; 214 break; 215 case POWERPC_EXCP_SDOOR_HV: 216 *msr |= SRR1_WAKEHDBELL; 217 break; 218 case POWERPC_EXCP_HV_MAINT: 219 *msr |= SRR1_WAKEHMI; 220 break; 221 case POWERPC_EXCP_HVIRT: 222 *msr |= SRR1_WAKEHVI; 223 break; 224 default: 225 cpu_abort(env_cpu(env), 226 "Unsupported exception %d in Power Save mode\n", excp); 227 } 228 return POWERPC_EXCP_RESET; 229 } 230 231 /* 232 * AIL - Alternate Interrupt Location, a mode that allows interrupts to be 233 * taken with the MMU on, and which uses an alternate location (e.g., so the 234 * kernel/hv can map the vectors there with an effective address). 235 * 236 * An interrupt is considered to be taken "with AIL" or "AIL applies" if they 237 * are delivered in this way. AIL requires the LPCR to be set to enable this 238 * mode, and then a number of conditions have to be true for AIL to apply. 239 * 240 * First of all, SRESET, MCE, and HMI are always delivered without AIL, because 241 * they specifically want to be in real mode (e.g., the MCE might be signaling 242 * a SLB multi-hit which requires SLB flush before the MMU can be enabled). 243 * 244 * After that, behaviour depends on the current MSR[IR], MSR[DR], MSR[HV], 245 * whether or not the interrupt changes MSR[HV] from 0 to 1, and the current 246 * radix mode (LPCR[HR]). 247 * 248 * POWER8, POWER9 with LPCR[HR]=0 249 * | LPCR[AIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 250 * +-----------+-------------+---------+-------------+-----+ 251 * | a | 00/01/10 | x | x | 0 | 252 * | a | 11 | 0 | 1 | 0 | 253 * | a | 11 | 1 | 1 | a | 254 * | a | 11 | 0 | 0 | a | 255 * +-------------------------------------------------------+ 256 * 257 * POWER9 with LPCR[HR]=1 258 * | LPCR[AIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 259 * +-----------+-------------+---------+-------------+-----+ 260 * | a | 00/01/10 | x | x | 0 | 261 * | a | 11 | x | x | a | 262 * +-------------------------------------------------------+ 263 * 264 * The difference with POWER9 being that MSR[HV] 0->1 interrupts can be sent to 265 * the hypervisor in AIL mode if the guest is radix. This is good for 266 * performance but allows the guest to influence the AIL of hypervisor 267 * interrupts using its MSR, and also the hypervisor must disallow guest 268 * interrupts (MSR[HV] 0->0) from using AIL if the hypervisor does not want to 269 * use AIL for its MSR[HV] 0->1 interrupts. 270 * 271 * POWER10 addresses those issues with a new LPCR[HAIL] bit that is applied to 272 * interrupts that begin execution with MSR[HV]=1 (so both MSR[HV] 0->1 and 273 * MSR[HV] 1->1). 274 * 275 * HAIL=1 is equivalent to AIL=3, for interrupts delivered with MSR[HV]=1. 276 * 277 * POWER10 behaviour is 278 * | LPCR[AIL] | LPCR[HAIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 279 * +-----------+------------+-------------+---------+-------------+-----+ 280 * | a | h | 00/01/10 | 0 | 0 | 0 | 281 * | a | h | 11 | 0 | 0 | a | 282 * | a | h | x | 0 | 1 | h | 283 * | a | h | 00/01/10 | 1 | 1 | 0 | 284 * | a | h | 11 | 1 | 1 | h | 285 * +--------------------------------------------------------------------+ 286 */ 287 static void ppc_excp_apply_ail(PowerPCCPU *cpu, int excp, target_ulong msr, 288 target_ulong *new_msr, target_ulong *vector) 289 { 290 PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cpu); 291 CPUPPCState *env = &cpu->env; 292 bool mmu_all_on = ((msr >> MSR_IR) & 1) && ((msr >> MSR_DR) & 1); 293 bool hv_escalation = !(msr & MSR_HVB) && (*new_msr & MSR_HVB); 294 int ail = 0; 295 296 if (excp == POWERPC_EXCP_MCHECK || 297 excp == POWERPC_EXCP_RESET || 298 excp == POWERPC_EXCP_HV_MAINT) { 299 /* SRESET, MCE, HMI never apply AIL */ 300 return; 301 } 302 303 if (!(pcc->lpcr_mask & LPCR_AIL)) { 304 /* This CPU does not have AIL */ 305 return; 306 } 307 308 /* P8 & P9 */ 309 if (!(pcc->lpcr_mask & LPCR_HAIL)) { 310 if (!mmu_all_on) { 311 /* AIL only works if MSR[IR] and MSR[DR] are both enabled. */ 312 return; 313 } 314 if (hv_escalation && !(env->spr[SPR_LPCR] & LPCR_HR)) { 315 /* 316 * AIL does not work if there is a MSR[HV] 0->1 transition and the 317 * partition is in HPT mode. For radix guests, such interrupts are 318 * allowed to be delivered to the hypervisor in ail mode. 319 */ 320 return; 321 } 322 323 ail = (env->spr[SPR_LPCR] & LPCR_AIL) >> LPCR_AIL_SHIFT; 324 if (ail == 0) { 325 return; 326 } 327 if (ail == 1) { 328 /* AIL=1 is reserved, treat it like AIL=0 */ 329 return; 330 } 331 332 /* P10 and up */ 333 } else { 334 if (!mmu_all_on && !hv_escalation) { 335 /* 336 * AIL works for HV interrupts even with guest MSR[IR/DR] disabled. 337 * Guest->guest and HV->HV interrupts do require MMU on. 338 */ 339 return; 340 } 341 342 if (*new_msr & MSR_HVB) { 343 if (!(env->spr[SPR_LPCR] & LPCR_HAIL)) { 344 /* HV interrupts depend on LPCR[HAIL] */ 345 return; 346 } 347 ail = 3; /* HAIL=1 gives AIL=3 behaviour for HV interrupts */ 348 } else { 349 ail = (env->spr[SPR_LPCR] & LPCR_AIL) >> LPCR_AIL_SHIFT; 350 } 351 if (ail == 0) { 352 return; 353 } 354 if (ail == 1 || ail == 2) { 355 /* AIL=1 and AIL=2 are reserved, treat them like AIL=0 */ 356 return; 357 } 358 } 359 360 /* 361 * AIL applies, so the new MSR gets IR and DR set, and an offset applied 362 * to the new IP. 363 */ 364 *new_msr |= (1 << MSR_IR) | (1 << MSR_DR); 365 366 if (excp != POWERPC_EXCP_SYSCALL_VECTORED) { 367 if (ail == 2) { 368 *vector |= 0x0000000000018000ull; 369 } else if (ail == 3) { 370 *vector |= 0xc000000000004000ull; 371 } 372 } else { 373 /* 374 * scv AIL is a little different. AIL=2 does not change the address, 375 * only the MSR. AIL=3 replaces the 0x17000 base with 0xc...3000. 376 */ 377 if (ail == 3) { 378 *vector &= ~0x0000000000017000ull; /* Un-apply the base offset */ 379 *vector |= 0xc000000000003000ull; /* Apply scv's AIL=3 offset */ 380 } 381 } 382 } 383 #endif 384 385 static void powerpc_reset_excp_state(PowerPCCPU *cpu) 386 { 387 CPUState *cs = CPU(cpu); 388 CPUPPCState *env = &cpu->env; 389 390 /* Reset exception state */ 391 cs->exception_index = POWERPC_EXCP_NONE; 392 env->error_code = 0; 393 } 394 395 static void powerpc_set_excp_state(PowerPCCPU *cpu, target_ulong vector, 396 target_ulong msr) 397 { 398 CPUPPCState *env = &cpu->env; 399 400 assert((msr & env->msr_mask) == msr); 401 402 /* 403 * We don't use hreg_store_msr here as already have treated any 404 * special case that could occur. Just store MSR and update hflags 405 * 406 * Note: We *MUST* not use hreg_store_msr() as-is anyway because it 407 * will prevent setting of the HV bit which some exceptions might need 408 * to do. 409 */ 410 env->nip = vector; 411 env->msr = msr; 412 hreg_compute_hflags(env); 413 ppc_maybe_interrupt(env); 414 415 powerpc_reset_excp_state(cpu); 416 417 /* 418 * Any interrupt is context synchronizing, check if TCG TLB needs 419 * a delayed flush on ppc64 420 */ 421 check_tlb_flush(env, false); 422 423 /* Reset the reservation */ 424 env->reserve_addr = -1; 425 } 426 427 static void powerpc_mcheck_checkstop(CPUPPCState *env) 428 { 429 CPUState *cs = env_cpu(env); 430 431 if (FIELD_EX64(env->msr, MSR, ME)) { 432 return; 433 } 434 435 /* Machine check exception is not enabled. Enter checkstop state. */ 436 fprintf(stderr, "Machine check while not allowed. " 437 "Entering checkstop state\n"); 438 if (qemu_log_separate()) { 439 qemu_log("Machine check while not allowed. " 440 "Entering checkstop state\n"); 441 } 442 cs->halted = 1; 443 cpu_interrupt_exittb(cs); 444 } 445 446 static void powerpc_excp_40x(PowerPCCPU *cpu, int excp) 447 { 448 CPUState *cs = CPU(cpu); 449 CPUPPCState *env = &cpu->env; 450 target_ulong msr, new_msr, vector; 451 int srr0, srr1; 452 453 /* new srr1 value excluding must-be-zero bits */ 454 msr = env->msr & ~0x783f0000ULL; 455 456 /* 457 * new interrupt handler msr preserves existing ME unless 458 * explicitly overridden. 459 */ 460 new_msr = env->msr & (((target_ulong)1 << MSR_ME)); 461 462 /* target registers */ 463 srr0 = SPR_SRR0; 464 srr1 = SPR_SRR1; 465 466 /* 467 * Hypervisor emulation assistance interrupt only exists on server 468 * arch 2.05 server or later. 469 */ 470 if (excp == POWERPC_EXCP_HV_EMU) { 471 excp = POWERPC_EXCP_PROGRAM; 472 } 473 474 vector = env->excp_vectors[excp]; 475 if (vector == (target_ulong)-1ULL) { 476 cpu_abort(cs, "Raised an exception without defined vector %d\n", 477 excp); 478 } 479 480 vector |= env->excp_prefix; 481 482 switch (excp) { 483 case POWERPC_EXCP_CRITICAL: /* Critical input */ 484 srr0 = SPR_40x_SRR2; 485 srr1 = SPR_40x_SRR3; 486 break; 487 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 488 powerpc_mcheck_checkstop(env); 489 /* machine check exceptions don't have ME set */ 490 new_msr &= ~((target_ulong)1 << MSR_ME); 491 492 srr0 = SPR_40x_SRR2; 493 srr1 = SPR_40x_SRR3; 494 break; 495 case POWERPC_EXCP_DSI: /* Data storage exception */ 496 trace_ppc_excp_dsi(env->spr[SPR_40x_ESR], env->spr[SPR_40x_DEAR]); 497 break; 498 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 499 trace_ppc_excp_isi(msr, env->nip); 500 break; 501 case POWERPC_EXCP_EXTERNAL: /* External input */ 502 break; 503 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 504 break; 505 case POWERPC_EXCP_PROGRAM: /* Program exception */ 506 switch (env->error_code & ~0xF) { 507 case POWERPC_EXCP_FP: 508 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 509 trace_ppc_excp_fp_ignore(); 510 powerpc_reset_excp_state(cpu); 511 return; 512 } 513 env->spr[SPR_40x_ESR] = ESR_FP; 514 break; 515 case POWERPC_EXCP_INVAL: 516 trace_ppc_excp_inval(env->nip); 517 env->spr[SPR_40x_ESR] = ESR_PIL; 518 break; 519 case POWERPC_EXCP_PRIV: 520 env->spr[SPR_40x_ESR] = ESR_PPR; 521 break; 522 case POWERPC_EXCP_TRAP: 523 env->spr[SPR_40x_ESR] = ESR_PTR; 524 break; 525 default: 526 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 527 env->error_code); 528 break; 529 } 530 break; 531 case POWERPC_EXCP_SYSCALL: /* System call exception */ 532 dump_syscall(env); 533 534 /* 535 * We need to correct the NIP which in this case is supposed 536 * to point to the next instruction 537 */ 538 env->nip += 4; 539 break; 540 case POWERPC_EXCP_FIT: /* Fixed-interval timer interrupt */ 541 trace_ppc_excp_print("FIT"); 542 break; 543 case POWERPC_EXCP_WDT: /* Watchdog timer interrupt */ 544 trace_ppc_excp_print("WDT"); 545 break; 546 case POWERPC_EXCP_DTLB: /* Data TLB error */ 547 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 548 break; 549 case POWERPC_EXCP_PIT: /* Programmable interval timer interrupt */ 550 trace_ppc_excp_print("PIT"); 551 break; 552 case POWERPC_EXCP_DEBUG: /* Debug interrupt */ 553 cpu_abort(cs, "%s exception not implemented\n", 554 powerpc_excp_name(excp)); 555 break; 556 default: 557 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 558 break; 559 } 560 561 /* Save PC */ 562 env->spr[srr0] = env->nip; 563 564 /* Save MSR */ 565 env->spr[srr1] = msr; 566 567 powerpc_set_excp_state(cpu, vector, new_msr); 568 } 569 570 static void powerpc_excp_6xx(PowerPCCPU *cpu, int excp) 571 { 572 CPUState *cs = CPU(cpu); 573 CPUPPCState *env = &cpu->env; 574 target_ulong msr, new_msr, vector; 575 576 /* new srr1 value excluding must-be-zero bits */ 577 msr = env->msr & ~0x783f0000ULL; 578 579 /* 580 * new interrupt handler msr preserves existing ME unless 581 * explicitly overridden 582 */ 583 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 584 585 /* 586 * Hypervisor emulation assistance interrupt only exists on server 587 * arch 2.05 server or later. 588 */ 589 if (excp == POWERPC_EXCP_HV_EMU) { 590 excp = POWERPC_EXCP_PROGRAM; 591 } 592 593 vector = env->excp_vectors[excp]; 594 if (vector == (target_ulong)-1ULL) { 595 cpu_abort(cs, "Raised an exception without defined vector %d\n", 596 excp); 597 } 598 599 vector |= env->excp_prefix; 600 601 switch (excp) { 602 case POWERPC_EXCP_CRITICAL: /* Critical input */ 603 break; 604 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 605 powerpc_mcheck_checkstop(env); 606 /* machine check exceptions don't have ME set */ 607 new_msr &= ~((target_ulong)1 << MSR_ME); 608 609 break; 610 case POWERPC_EXCP_DSI: /* Data storage exception */ 611 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 612 break; 613 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 614 trace_ppc_excp_isi(msr, env->nip); 615 msr |= env->error_code; 616 break; 617 case POWERPC_EXCP_EXTERNAL: /* External input */ 618 break; 619 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 620 /* Get rS/rD and rA from faulting opcode */ 621 /* 622 * Note: the opcode fields will not be set properly for a 623 * direct store load/store, but nobody cares as nobody 624 * actually uses direct store segments. 625 */ 626 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 627 break; 628 case POWERPC_EXCP_PROGRAM: /* Program exception */ 629 switch (env->error_code & ~0xF) { 630 case POWERPC_EXCP_FP: 631 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 632 trace_ppc_excp_fp_ignore(); 633 powerpc_reset_excp_state(cpu); 634 return; 635 } 636 637 /* 638 * FP exceptions always have NIP pointing to the faulting 639 * instruction, so always use store_next and claim we are 640 * precise in the MSR. 641 */ 642 msr |= 0x00100000; 643 break; 644 case POWERPC_EXCP_INVAL: 645 trace_ppc_excp_inval(env->nip); 646 msr |= 0x00080000; 647 break; 648 case POWERPC_EXCP_PRIV: 649 msr |= 0x00040000; 650 break; 651 case POWERPC_EXCP_TRAP: 652 msr |= 0x00020000; 653 break; 654 default: 655 /* Should never occur */ 656 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 657 env->error_code); 658 break; 659 } 660 break; 661 case POWERPC_EXCP_SYSCALL: /* System call exception */ 662 dump_syscall(env); 663 664 /* 665 * We need to correct the NIP which in this case is supposed 666 * to point to the next instruction 667 */ 668 env->nip += 4; 669 break; 670 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 671 case POWERPC_EXCP_DECR: /* Decrementer exception */ 672 break; 673 case POWERPC_EXCP_DTLB: /* Data TLB error */ 674 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 675 break; 676 case POWERPC_EXCP_RESET: /* System reset exception */ 677 if (FIELD_EX64(env->msr, MSR, POW)) { 678 cpu_abort(cs, "Trying to deliver power-saving system reset " 679 "exception %d with no HV support\n", excp); 680 } 681 break; 682 case POWERPC_EXCP_TRACE: /* Trace exception */ 683 break; 684 case POWERPC_EXCP_IFTLB: /* Instruction fetch TLB error */ 685 case POWERPC_EXCP_DLTLB: /* Data load TLB miss */ 686 case POWERPC_EXCP_DSTLB: /* Data store TLB miss */ 687 /* Swap temporary saved registers with GPRs */ 688 if (!(new_msr & ((target_ulong)1 << MSR_TGPR))) { 689 new_msr |= (target_ulong)1 << MSR_TGPR; 690 hreg_swap_gpr_tgpr(env); 691 } 692 693 ppc_excp_debug_sw_tlb(env, excp); 694 695 msr |= env->crf[0] << 28; 696 msr |= env->error_code; /* key, D/I, S/L bits */ 697 /* Set way using a LRU mechanism */ 698 msr |= ((env->last_way + 1) & (env->nb_ways - 1)) << 17; 699 break; 700 case POWERPC_EXCP_FPA: /* Floating-point assist exception */ 701 case POWERPC_EXCP_DABR: /* Data address breakpoint */ 702 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 703 case POWERPC_EXCP_SMI: /* System management interrupt */ 704 case POWERPC_EXCP_MEXTBR: /* Maskable external breakpoint */ 705 case POWERPC_EXCP_NMEXTBR: /* Non maskable external breakpoint */ 706 cpu_abort(cs, "%s exception not implemented\n", 707 powerpc_excp_name(excp)); 708 break; 709 default: 710 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 711 break; 712 } 713 714 /* 715 * Sort out endianness of interrupt, this differs depending on the 716 * CPU, the HV mode, etc... 717 */ 718 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 719 new_msr |= (target_ulong)1 << MSR_LE; 720 } 721 722 /* Save PC */ 723 env->spr[SPR_SRR0] = env->nip; 724 725 /* Save MSR */ 726 env->spr[SPR_SRR1] = msr; 727 728 powerpc_set_excp_state(cpu, vector, new_msr); 729 } 730 731 static void powerpc_excp_7xx(PowerPCCPU *cpu, int excp) 732 { 733 CPUState *cs = CPU(cpu); 734 CPUPPCState *env = &cpu->env; 735 target_ulong msr, new_msr, vector; 736 737 /* new srr1 value excluding must-be-zero bits */ 738 msr = env->msr & ~0x783f0000ULL; 739 740 /* 741 * new interrupt handler msr preserves existing ME unless 742 * explicitly overridden 743 */ 744 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 745 746 /* 747 * Hypervisor emulation assistance interrupt only exists on server 748 * arch 2.05 server or later. 749 */ 750 if (excp == POWERPC_EXCP_HV_EMU) { 751 excp = POWERPC_EXCP_PROGRAM; 752 } 753 754 vector = env->excp_vectors[excp]; 755 if (vector == (target_ulong)-1ULL) { 756 cpu_abort(cs, "Raised an exception without defined vector %d\n", 757 excp); 758 } 759 760 vector |= env->excp_prefix; 761 762 switch (excp) { 763 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 764 powerpc_mcheck_checkstop(env); 765 /* machine check exceptions don't have ME set */ 766 new_msr &= ~((target_ulong)1 << MSR_ME); 767 768 break; 769 case POWERPC_EXCP_DSI: /* Data storage exception */ 770 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 771 break; 772 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 773 trace_ppc_excp_isi(msr, env->nip); 774 msr |= env->error_code; 775 break; 776 case POWERPC_EXCP_EXTERNAL: /* External input */ 777 break; 778 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 779 /* Get rS/rD and rA from faulting opcode */ 780 /* 781 * Note: the opcode fields will not be set properly for a 782 * direct store load/store, but nobody cares as nobody 783 * actually uses direct store segments. 784 */ 785 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 786 break; 787 case POWERPC_EXCP_PROGRAM: /* Program exception */ 788 switch (env->error_code & ~0xF) { 789 case POWERPC_EXCP_FP: 790 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 791 trace_ppc_excp_fp_ignore(); 792 powerpc_reset_excp_state(cpu); 793 return; 794 } 795 796 /* 797 * FP exceptions always have NIP pointing to the faulting 798 * instruction, so always use store_next and claim we are 799 * precise in the MSR. 800 */ 801 msr |= 0x00100000; 802 break; 803 case POWERPC_EXCP_INVAL: 804 trace_ppc_excp_inval(env->nip); 805 msr |= 0x00080000; 806 break; 807 case POWERPC_EXCP_PRIV: 808 msr |= 0x00040000; 809 break; 810 case POWERPC_EXCP_TRAP: 811 msr |= 0x00020000; 812 break; 813 default: 814 /* Should never occur */ 815 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 816 env->error_code); 817 break; 818 } 819 break; 820 case POWERPC_EXCP_SYSCALL: /* System call exception */ 821 { 822 int lev = env->error_code; 823 824 if (lev == 1 && cpu->vhyp) { 825 dump_hcall(env); 826 } else { 827 dump_syscall(env); 828 } 829 830 /* 831 * We need to correct the NIP which in this case is supposed 832 * to point to the next instruction 833 */ 834 env->nip += 4; 835 836 /* 837 * The Virtual Open Firmware (VOF) relies on the 'sc 1' 838 * instruction to communicate with QEMU. The pegasos2 machine 839 * uses VOF and the 7xx CPUs, so although the 7xx don't have 840 * HV mode, we need to keep hypercall support. 841 */ 842 if (lev == 1 && cpu->vhyp) { 843 PPCVirtualHypervisorClass *vhc = 844 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 845 vhc->hypercall(cpu->vhyp, cpu); 846 powerpc_reset_excp_state(cpu); 847 return; 848 } 849 850 break; 851 } 852 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 853 case POWERPC_EXCP_DECR: /* Decrementer exception */ 854 break; 855 case POWERPC_EXCP_RESET: /* System reset exception */ 856 if (FIELD_EX64(env->msr, MSR, POW)) { 857 cpu_abort(cs, "Trying to deliver power-saving system reset " 858 "exception %d with no HV support\n", excp); 859 } 860 break; 861 case POWERPC_EXCP_TRACE: /* Trace exception */ 862 break; 863 case POWERPC_EXCP_IFTLB: /* Instruction fetch TLB error */ 864 case POWERPC_EXCP_DLTLB: /* Data load TLB miss */ 865 case POWERPC_EXCP_DSTLB: /* Data store TLB miss */ 866 ppc_excp_debug_sw_tlb(env, excp); 867 868 msr |= env->crf[0] << 28; 869 msr |= env->error_code; /* key, D/I, S/L bits */ 870 /* Set way using a LRU mechanism */ 871 msr |= ((env->last_way + 1) & (env->nb_ways - 1)) << 17; 872 873 break; 874 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 875 case POWERPC_EXCP_SMI: /* System management interrupt */ 876 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 877 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 878 cpu_abort(cs, "%s exception not implemented\n", 879 powerpc_excp_name(excp)); 880 break; 881 default: 882 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 883 break; 884 } 885 886 /* 887 * Sort out endianness of interrupt, this differs depending on the 888 * CPU, the HV mode, etc... 889 */ 890 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 891 new_msr |= (target_ulong)1 << MSR_LE; 892 } 893 894 /* Save PC */ 895 env->spr[SPR_SRR0] = env->nip; 896 897 /* Save MSR */ 898 env->spr[SPR_SRR1] = msr; 899 900 powerpc_set_excp_state(cpu, vector, new_msr); 901 } 902 903 static void powerpc_excp_74xx(PowerPCCPU *cpu, int excp) 904 { 905 CPUState *cs = CPU(cpu); 906 CPUPPCState *env = &cpu->env; 907 target_ulong msr, new_msr, vector; 908 909 /* new srr1 value excluding must-be-zero bits */ 910 msr = env->msr & ~0x783f0000ULL; 911 912 /* 913 * new interrupt handler msr preserves existing ME unless 914 * explicitly overridden 915 */ 916 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 917 918 /* 919 * Hypervisor emulation assistance interrupt only exists on server 920 * arch 2.05 server or later. 921 */ 922 if (excp == POWERPC_EXCP_HV_EMU) { 923 excp = POWERPC_EXCP_PROGRAM; 924 } 925 926 vector = env->excp_vectors[excp]; 927 if (vector == (target_ulong)-1ULL) { 928 cpu_abort(cs, "Raised an exception without defined vector %d\n", 929 excp); 930 } 931 932 vector |= env->excp_prefix; 933 934 switch (excp) { 935 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 936 powerpc_mcheck_checkstop(env); 937 /* machine check exceptions don't have ME set */ 938 new_msr &= ~((target_ulong)1 << MSR_ME); 939 940 break; 941 case POWERPC_EXCP_DSI: /* Data storage exception */ 942 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 943 break; 944 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 945 trace_ppc_excp_isi(msr, env->nip); 946 msr |= env->error_code; 947 break; 948 case POWERPC_EXCP_EXTERNAL: /* External input */ 949 break; 950 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 951 /* Get rS/rD and rA from faulting opcode */ 952 /* 953 * Note: the opcode fields will not be set properly for a 954 * direct store load/store, but nobody cares as nobody 955 * actually uses direct store segments. 956 */ 957 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 958 break; 959 case POWERPC_EXCP_PROGRAM: /* Program exception */ 960 switch (env->error_code & ~0xF) { 961 case POWERPC_EXCP_FP: 962 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 963 trace_ppc_excp_fp_ignore(); 964 powerpc_reset_excp_state(cpu); 965 return; 966 } 967 968 /* 969 * FP exceptions always have NIP pointing to the faulting 970 * instruction, so always use store_next and claim we are 971 * precise in the MSR. 972 */ 973 msr |= 0x00100000; 974 break; 975 case POWERPC_EXCP_INVAL: 976 trace_ppc_excp_inval(env->nip); 977 msr |= 0x00080000; 978 break; 979 case POWERPC_EXCP_PRIV: 980 msr |= 0x00040000; 981 break; 982 case POWERPC_EXCP_TRAP: 983 msr |= 0x00020000; 984 break; 985 default: 986 /* Should never occur */ 987 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 988 env->error_code); 989 break; 990 } 991 break; 992 case POWERPC_EXCP_SYSCALL: /* System call exception */ 993 { 994 int lev = env->error_code; 995 996 if (lev == 1 && cpu->vhyp) { 997 dump_hcall(env); 998 } else { 999 dump_syscall(env); 1000 } 1001 1002 /* 1003 * We need to correct the NIP which in this case is supposed 1004 * to point to the next instruction 1005 */ 1006 env->nip += 4; 1007 1008 /* 1009 * The Virtual Open Firmware (VOF) relies on the 'sc 1' 1010 * instruction to communicate with QEMU. The pegasos2 machine 1011 * uses VOF and the 74xx CPUs, so although the 74xx don't have 1012 * HV mode, we need to keep hypercall support. 1013 */ 1014 if (lev == 1 && cpu->vhyp) { 1015 PPCVirtualHypervisorClass *vhc = 1016 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 1017 vhc->hypercall(cpu->vhyp, cpu); 1018 powerpc_reset_excp_state(cpu); 1019 return; 1020 } 1021 1022 break; 1023 } 1024 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1025 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1026 break; 1027 case POWERPC_EXCP_RESET: /* System reset exception */ 1028 if (FIELD_EX64(env->msr, MSR, POW)) { 1029 cpu_abort(cs, "Trying to deliver power-saving system reset " 1030 "exception %d with no HV support\n", excp); 1031 } 1032 break; 1033 case POWERPC_EXCP_TRACE: /* Trace exception */ 1034 break; 1035 case POWERPC_EXCP_VPU: /* Vector unavailable exception */ 1036 break; 1037 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 1038 case POWERPC_EXCP_SMI: /* System management interrupt */ 1039 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 1040 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 1041 case POWERPC_EXCP_VPUA: /* Vector assist exception */ 1042 cpu_abort(cs, "%s exception not implemented\n", 1043 powerpc_excp_name(excp)); 1044 break; 1045 default: 1046 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1047 break; 1048 } 1049 1050 /* 1051 * Sort out endianness of interrupt, this differs depending on the 1052 * CPU, the HV mode, etc... 1053 */ 1054 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 1055 new_msr |= (target_ulong)1 << MSR_LE; 1056 } 1057 1058 /* Save PC */ 1059 env->spr[SPR_SRR0] = env->nip; 1060 1061 /* Save MSR */ 1062 env->spr[SPR_SRR1] = msr; 1063 1064 powerpc_set_excp_state(cpu, vector, new_msr); 1065 } 1066 1067 static void powerpc_excp_booke(PowerPCCPU *cpu, int excp) 1068 { 1069 CPUState *cs = CPU(cpu); 1070 CPUPPCState *env = &cpu->env; 1071 target_ulong msr, new_msr, vector; 1072 int srr0, srr1; 1073 1074 msr = env->msr; 1075 1076 /* 1077 * new interrupt handler msr preserves existing ME unless 1078 * explicitly overridden 1079 */ 1080 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 1081 1082 /* target registers */ 1083 srr0 = SPR_SRR0; 1084 srr1 = SPR_SRR1; 1085 1086 /* 1087 * Hypervisor emulation assistance interrupt only exists on server 1088 * arch 2.05 server or later. 1089 */ 1090 if (excp == POWERPC_EXCP_HV_EMU) { 1091 excp = POWERPC_EXCP_PROGRAM; 1092 } 1093 1094 #ifdef TARGET_PPC64 1095 /* 1096 * SPEU and VPU share the same IVOR but they exist in different 1097 * processors. SPEU is e500v1/2 only and VPU is e6500 only. 1098 */ 1099 if (excp == POWERPC_EXCP_VPU) { 1100 excp = POWERPC_EXCP_SPEU; 1101 } 1102 #endif 1103 1104 vector = env->excp_vectors[excp]; 1105 if (vector == (target_ulong)-1ULL) { 1106 cpu_abort(cs, "Raised an exception without defined vector %d\n", 1107 excp); 1108 } 1109 1110 vector |= env->excp_prefix; 1111 1112 switch (excp) { 1113 case POWERPC_EXCP_CRITICAL: /* Critical input */ 1114 srr0 = SPR_BOOKE_CSRR0; 1115 srr1 = SPR_BOOKE_CSRR1; 1116 break; 1117 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 1118 powerpc_mcheck_checkstop(env); 1119 /* machine check exceptions don't have ME set */ 1120 new_msr &= ~((target_ulong)1 << MSR_ME); 1121 1122 /* FIXME: choose one or the other based on CPU type */ 1123 srr0 = SPR_BOOKE_MCSRR0; 1124 srr1 = SPR_BOOKE_MCSRR1; 1125 1126 env->spr[SPR_BOOKE_CSRR0] = env->nip; 1127 env->spr[SPR_BOOKE_CSRR1] = msr; 1128 1129 break; 1130 case POWERPC_EXCP_DSI: /* Data storage exception */ 1131 trace_ppc_excp_dsi(env->spr[SPR_BOOKE_ESR], env->spr[SPR_BOOKE_DEAR]); 1132 break; 1133 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 1134 trace_ppc_excp_isi(msr, env->nip); 1135 break; 1136 case POWERPC_EXCP_EXTERNAL: /* External input */ 1137 if (env->mpic_proxy) { 1138 /* IACK the IRQ on delivery */ 1139 env->spr[SPR_BOOKE_EPR] = ldl_phys(cs->as, env->mpic_iack); 1140 } 1141 break; 1142 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 1143 break; 1144 case POWERPC_EXCP_PROGRAM: /* Program exception */ 1145 switch (env->error_code & ~0xF) { 1146 case POWERPC_EXCP_FP: 1147 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 1148 trace_ppc_excp_fp_ignore(); 1149 powerpc_reset_excp_state(cpu); 1150 return; 1151 } 1152 1153 /* 1154 * FP exceptions always have NIP pointing to the faulting 1155 * instruction, so always use store_next and claim we are 1156 * precise in the MSR. 1157 */ 1158 msr |= 0x00100000; 1159 env->spr[SPR_BOOKE_ESR] = ESR_FP; 1160 break; 1161 case POWERPC_EXCP_INVAL: 1162 trace_ppc_excp_inval(env->nip); 1163 msr |= 0x00080000; 1164 env->spr[SPR_BOOKE_ESR] = ESR_PIL; 1165 break; 1166 case POWERPC_EXCP_PRIV: 1167 msr |= 0x00040000; 1168 env->spr[SPR_BOOKE_ESR] = ESR_PPR; 1169 break; 1170 case POWERPC_EXCP_TRAP: 1171 msr |= 0x00020000; 1172 env->spr[SPR_BOOKE_ESR] = ESR_PTR; 1173 break; 1174 default: 1175 /* Should never occur */ 1176 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 1177 env->error_code); 1178 break; 1179 } 1180 break; 1181 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1182 dump_syscall(env); 1183 1184 /* 1185 * We need to correct the NIP which in this case is supposed 1186 * to point to the next instruction 1187 */ 1188 env->nip += 4; 1189 break; 1190 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1191 case POWERPC_EXCP_APU: /* Auxiliary processor unavailable */ 1192 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1193 break; 1194 case POWERPC_EXCP_FIT: /* Fixed-interval timer interrupt */ 1195 /* FIT on 4xx */ 1196 trace_ppc_excp_print("FIT"); 1197 break; 1198 case POWERPC_EXCP_WDT: /* Watchdog timer interrupt */ 1199 trace_ppc_excp_print("WDT"); 1200 srr0 = SPR_BOOKE_CSRR0; 1201 srr1 = SPR_BOOKE_CSRR1; 1202 break; 1203 case POWERPC_EXCP_DTLB: /* Data TLB error */ 1204 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 1205 break; 1206 case POWERPC_EXCP_DEBUG: /* Debug interrupt */ 1207 if (env->flags & POWERPC_FLAG_DE) { 1208 /* FIXME: choose one or the other based on CPU type */ 1209 srr0 = SPR_BOOKE_DSRR0; 1210 srr1 = SPR_BOOKE_DSRR1; 1211 1212 env->spr[SPR_BOOKE_CSRR0] = env->nip; 1213 env->spr[SPR_BOOKE_CSRR1] = msr; 1214 1215 /* DBSR already modified by caller */ 1216 } else { 1217 cpu_abort(cs, "Debug exception triggered on unsupported model\n"); 1218 } 1219 break; 1220 case POWERPC_EXCP_SPEU: /* SPE/embedded floating-point unavailable/VPU */ 1221 env->spr[SPR_BOOKE_ESR] = ESR_SPV; 1222 break; 1223 case POWERPC_EXCP_DOORI: /* Embedded doorbell interrupt */ 1224 break; 1225 case POWERPC_EXCP_DOORCI: /* Embedded doorbell critical interrupt */ 1226 srr0 = SPR_BOOKE_CSRR0; 1227 srr1 = SPR_BOOKE_CSRR1; 1228 break; 1229 case POWERPC_EXCP_RESET: /* System reset exception */ 1230 if (FIELD_EX64(env->msr, MSR, POW)) { 1231 cpu_abort(cs, "Trying to deliver power-saving system reset " 1232 "exception %d with no HV support\n", excp); 1233 } 1234 break; 1235 case POWERPC_EXCP_EFPDI: /* Embedded floating-point data interrupt */ 1236 case POWERPC_EXCP_EFPRI: /* Embedded floating-point round interrupt */ 1237 cpu_abort(cs, "%s exception not implemented\n", 1238 powerpc_excp_name(excp)); 1239 break; 1240 default: 1241 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1242 break; 1243 } 1244 1245 #if defined(TARGET_PPC64) 1246 if (env->spr[SPR_BOOKE_EPCR] & EPCR_ICM) { 1247 /* Cat.64-bit: EPCR.ICM is copied to MSR.CM */ 1248 new_msr |= (target_ulong)1 << MSR_CM; 1249 } else { 1250 vector = (uint32_t)vector; 1251 } 1252 #endif 1253 1254 /* Save PC */ 1255 env->spr[srr0] = env->nip; 1256 1257 /* Save MSR */ 1258 env->spr[srr1] = msr; 1259 1260 powerpc_set_excp_state(cpu, vector, new_msr); 1261 } 1262 1263 /* 1264 * When running a nested HV guest under vhyp, external interrupts are 1265 * delivered as HVIRT. 1266 */ 1267 static bool books_vhyp_promotes_external_to_hvirt(PowerPCCPU *cpu) 1268 { 1269 if (cpu->vhyp) { 1270 return vhyp_cpu_in_nested(cpu); 1271 } 1272 return false; 1273 } 1274 1275 #ifdef TARGET_PPC64 1276 /* 1277 * When running under vhyp, hcalls are always intercepted and sent to the 1278 * vhc->hypercall handler. 1279 */ 1280 static bool books_vhyp_handles_hcall(PowerPCCPU *cpu) 1281 { 1282 if (cpu->vhyp) { 1283 return !vhyp_cpu_in_nested(cpu); 1284 } 1285 return false; 1286 } 1287 1288 /* 1289 * When running a nested KVM HV guest under vhyp, HV exceptions are not 1290 * delivered to the guest (because there is no concept of HV support), but 1291 * rather they are sent to the vhyp to exit from the L2 back to the L1 and 1292 * return from the H_ENTER_NESTED hypercall. 1293 */ 1294 static bool books_vhyp_handles_hv_excp(PowerPCCPU *cpu) 1295 { 1296 if (cpu->vhyp) { 1297 return vhyp_cpu_in_nested(cpu); 1298 } 1299 return false; 1300 } 1301 1302 #ifdef CONFIG_TCG 1303 static bool is_prefix_insn(CPUPPCState *env, uint32_t insn) 1304 { 1305 if (!(env->insns_flags2 & PPC2_ISA310)) { 1306 return false; 1307 } 1308 return ((insn & 0xfc000000) == 0x04000000); 1309 } 1310 1311 static bool is_prefix_insn_excp(PowerPCCPU *cpu, int excp) 1312 { 1313 CPUPPCState *env = &cpu->env; 1314 1315 if (!(env->insns_flags2 & PPC2_ISA310)) { 1316 return false; 1317 } 1318 1319 if (!tcg_enabled()) { 1320 /* 1321 * This does not load instructions and set the prefix bit correctly 1322 * for injected interrupts with KVM. That may have to be discovered 1323 * and set by the KVM layer before injecting. 1324 */ 1325 return false; 1326 } 1327 1328 switch (excp) { 1329 case POWERPC_EXCP_MCHECK: 1330 if (!(env->error_code & PPC_BIT(42))) { 1331 /* 1332 * Fetch attempt caused a machine check, so attempting to fetch 1333 * again would cause a recursive machine check. 1334 */ 1335 return false; 1336 } 1337 break; 1338 case POWERPC_EXCP_HDSI: 1339 /* HDSI PRTABLE_FAULT has the originating access type in error_code */ 1340 if ((env->spr[SPR_HDSISR] & DSISR_PRTABLE_FAULT) && 1341 (env->error_code == MMU_INST_FETCH)) { 1342 /* 1343 * Fetch failed due to partition scope translation, so prefix 1344 * indication is not relevant (and attempting to load the 1345 * instruction at NIP would cause recursive faults with the same 1346 * translation). 1347 */ 1348 return false; 1349 } 1350 break; 1351 1352 case POWERPC_EXCP_DSI: 1353 case POWERPC_EXCP_DSEG: 1354 case POWERPC_EXCP_ALIGN: 1355 case POWERPC_EXCP_PROGRAM: 1356 case POWERPC_EXCP_FPU: 1357 case POWERPC_EXCP_TRACE: 1358 case POWERPC_EXCP_HV_EMU: 1359 case POWERPC_EXCP_VPU: 1360 case POWERPC_EXCP_VSXU: 1361 case POWERPC_EXCP_FU: 1362 case POWERPC_EXCP_HV_FU: 1363 break; 1364 default: 1365 return false; 1366 } 1367 1368 return is_prefix_insn(env, ppc_ldl_code(env, env->nip)); 1369 } 1370 #else 1371 static bool is_prefix_insn_excp(PowerPCCPU *cpu, int excp) 1372 { 1373 return false; 1374 } 1375 #endif 1376 1377 static void powerpc_excp_books(PowerPCCPU *cpu, int excp) 1378 { 1379 CPUState *cs = CPU(cpu); 1380 CPUPPCState *env = &cpu->env; 1381 target_ulong msr, new_msr, vector; 1382 int srr0, srr1, lev = -1; 1383 1384 /* new srr1 value excluding must-be-zero bits */ 1385 msr = env->msr & ~0x783f0000ULL; 1386 1387 /* 1388 * new interrupt handler msr preserves existing HV and ME unless 1389 * explicitly overridden 1390 */ 1391 new_msr = env->msr & (((target_ulong)1 << MSR_ME) | MSR_HVB); 1392 1393 /* target registers */ 1394 srr0 = SPR_SRR0; 1395 srr1 = SPR_SRR1; 1396 1397 /* 1398 * check for special resume at 0x100 from doze/nap/sleep/winkle on 1399 * P7/P8/P9 1400 */ 1401 if (env->resume_as_sreset) { 1402 excp = powerpc_reset_wakeup(env, excp, &msr); 1403 } 1404 1405 /* 1406 * We don't want to generate a Hypervisor Emulation Assistance 1407 * Interrupt if we don't have HVB in msr_mask (PAPR mode), 1408 * unless running a nested-hv guest, in which case the L1 1409 * kernel wants the interrupt. 1410 */ 1411 if (excp == POWERPC_EXCP_HV_EMU && !(env->msr_mask & MSR_HVB) && 1412 !books_vhyp_handles_hv_excp(cpu)) { 1413 excp = POWERPC_EXCP_PROGRAM; 1414 } 1415 1416 vector = env->excp_vectors[excp]; 1417 if (vector == (target_ulong)-1ULL) { 1418 cpu_abort(cs, "Raised an exception without defined vector %d\n", 1419 excp); 1420 } 1421 1422 vector |= env->excp_prefix; 1423 1424 if (is_prefix_insn_excp(cpu, excp)) { 1425 msr |= PPC_BIT(34); 1426 } 1427 1428 switch (excp) { 1429 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 1430 powerpc_mcheck_checkstop(env); 1431 if (env->msr_mask & MSR_HVB) { 1432 /* 1433 * ISA specifies HV, but can be delivered to guest with HV 1434 * clear (e.g., see FWNMI in PAPR). 1435 */ 1436 new_msr |= (target_ulong)MSR_HVB; 1437 } 1438 1439 /* machine check exceptions don't have ME set */ 1440 new_msr &= ~((target_ulong)1 << MSR_ME); 1441 1442 msr |= env->error_code; 1443 break; 1444 1445 case POWERPC_EXCP_DSI: /* Data storage exception */ 1446 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 1447 break; 1448 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 1449 trace_ppc_excp_isi(msr, env->nip); 1450 msr |= env->error_code; 1451 break; 1452 case POWERPC_EXCP_EXTERNAL: /* External input */ 1453 { 1454 bool lpes0; 1455 1456 /* 1457 * LPES0 is only taken into consideration if we support HV 1458 * mode for this CPU. 1459 */ 1460 if (!env->has_hv_mode) { 1461 break; 1462 } 1463 1464 lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1465 1466 if (!lpes0) { 1467 new_msr |= (target_ulong)MSR_HVB; 1468 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1469 srr0 = SPR_HSRR0; 1470 srr1 = SPR_HSRR1; 1471 } 1472 1473 break; 1474 } 1475 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 1476 /* Optional DSISR update was removed from ISA v3.0 */ 1477 if (!(env->insns_flags2 & PPC2_ISA300)) { 1478 /* Get rS/rD and rA from faulting opcode */ 1479 /* 1480 * Note: the opcode fields will not be set properly for a 1481 * direct store load/store, but nobody cares as nobody 1482 * actually uses direct store segments. 1483 */ 1484 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 1485 } 1486 break; 1487 case POWERPC_EXCP_PROGRAM: /* Program exception */ 1488 switch (env->error_code & ~0xF) { 1489 case POWERPC_EXCP_FP: 1490 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 1491 trace_ppc_excp_fp_ignore(); 1492 powerpc_reset_excp_state(cpu); 1493 return; 1494 } 1495 1496 /* 1497 * FP exceptions always have NIP pointing to the faulting 1498 * instruction, so always use store_next and claim we are 1499 * precise in the MSR. 1500 */ 1501 msr |= 0x00100000; 1502 break; 1503 case POWERPC_EXCP_INVAL: 1504 trace_ppc_excp_inval(env->nip); 1505 msr |= 0x00080000; 1506 break; 1507 case POWERPC_EXCP_PRIV: 1508 msr |= 0x00040000; 1509 break; 1510 case POWERPC_EXCP_TRAP: 1511 msr |= 0x00020000; 1512 break; 1513 default: 1514 /* Should never occur */ 1515 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 1516 env->error_code); 1517 break; 1518 } 1519 break; 1520 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1521 lev = env->error_code; 1522 1523 if (lev == 1 && cpu->vhyp) { 1524 dump_hcall(env); 1525 } else { 1526 dump_syscall(env); 1527 } 1528 1529 /* 1530 * We need to correct the NIP which in this case is supposed 1531 * to point to the next instruction 1532 */ 1533 env->nip += 4; 1534 1535 /* "PAPR mode" built-in hypercall emulation */ 1536 if (lev == 1 && books_vhyp_handles_hcall(cpu)) { 1537 PPCVirtualHypervisorClass *vhc = 1538 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 1539 vhc->hypercall(cpu->vhyp, cpu); 1540 powerpc_reset_excp_state(cpu); 1541 return; 1542 } 1543 if (env->insns_flags2 & PPC2_ISA310) { 1544 /* ISAv3.1 puts LEV into SRR1 */ 1545 msr |= lev << 20; 1546 } 1547 if (lev == 1) { 1548 new_msr |= (target_ulong)MSR_HVB; 1549 } 1550 break; 1551 case POWERPC_EXCP_SYSCALL_VECTORED: /* scv exception */ 1552 lev = env->error_code; 1553 dump_syscall(env); 1554 env->nip += 4; 1555 new_msr |= env->msr & ((target_ulong)1 << MSR_EE); 1556 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1557 1558 vector += lev * 0x20; 1559 1560 env->lr = env->nip; 1561 env->ctr = msr; 1562 break; 1563 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1564 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1565 break; 1566 case POWERPC_EXCP_RESET: /* System reset exception */ 1567 /* A power-saving exception sets ME, otherwise it is unchanged */ 1568 if (FIELD_EX64(env->msr, MSR, POW)) { 1569 /* indicate that we resumed from power save mode */ 1570 msr |= 0x10000; 1571 new_msr |= ((target_ulong)1 << MSR_ME); 1572 } 1573 if (env->msr_mask & MSR_HVB) { 1574 /* 1575 * ISA specifies HV, but can be delivered to guest with HV 1576 * clear (e.g., see FWNMI in PAPR, NMI injection in QEMU). 1577 */ 1578 new_msr |= (target_ulong)MSR_HVB; 1579 } else { 1580 if (FIELD_EX64(env->msr, MSR, POW)) { 1581 cpu_abort(cs, "Trying to deliver power-saving system reset " 1582 "exception %d with no HV support\n", excp); 1583 } 1584 } 1585 break; 1586 case POWERPC_EXCP_TRACE: /* Trace exception */ 1587 msr |= env->error_code; 1588 /* fall through */ 1589 case POWERPC_EXCP_DSEG: /* Data segment exception */ 1590 case POWERPC_EXCP_ISEG: /* Instruction segment exception */ 1591 case POWERPC_EXCP_SDOOR: /* Doorbell interrupt */ 1592 case POWERPC_EXCP_PERFM: /* Performance monitor interrupt */ 1593 break; 1594 case POWERPC_EXCP_HISI: /* Hypervisor instruction storage exception */ 1595 msr |= env->error_code; 1596 /* fall through */ 1597 case POWERPC_EXCP_HDECR: /* Hypervisor decrementer exception */ 1598 case POWERPC_EXCP_HDSI: /* Hypervisor data storage exception */ 1599 case POWERPC_EXCP_SDOOR_HV: /* Hypervisor Doorbell interrupt */ 1600 case POWERPC_EXCP_HVIRT: /* Hypervisor virtualization */ 1601 srr0 = SPR_HSRR0; 1602 srr1 = SPR_HSRR1; 1603 new_msr |= (target_ulong)MSR_HVB; 1604 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1605 break; 1606 #ifdef CONFIG_TCG 1607 case POWERPC_EXCP_HV_EMU: { 1608 uint32_t insn = ppc_ldl_code(env, env->nip); 1609 env->spr[SPR_HEIR] = insn; 1610 if (is_prefix_insn(env, insn)) { 1611 uint32_t insn2 = ppc_ldl_code(env, env->nip + 4); 1612 env->spr[SPR_HEIR] <<= 32; 1613 env->spr[SPR_HEIR] |= insn2; 1614 } 1615 srr0 = SPR_HSRR0; 1616 srr1 = SPR_HSRR1; 1617 new_msr |= (target_ulong)MSR_HVB; 1618 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1619 break; 1620 } 1621 #endif 1622 case POWERPC_EXCP_VPU: /* Vector unavailable exception */ 1623 case POWERPC_EXCP_VSXU: /* VSX unavailable exception */ 1624 case POWERPC_EXCP_FU: /* Facility unavailable exception */ 1625 env->spr[SPR_FSCR] |= ((target_ulong)env->error_code << 56); 1626 break; 1627 case POWERPC_EXCP_HV_FU: /* Hypervisor Facility Unavailable Exception */ 1628 env->spr[SPR_HFSCR] |= ((target_ulong)env->error_code << FSCR_IC_POS); 1629 srr0 = SPR_HSRR0; 1630 srr1 = SPR_HSRR1; 1631 new_msr |= (target_ulong)MSR_HVB; 1632 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1633 break; 1634 case POWERPC_EXCP_PERFM_EBB: /* Performance Monitor EBB Exception */ 1635 case POWERPC_EXCP_EXTERNAL_EBB: /* External EBB Exception */ 1636 env->spr[SPR_BESCR] &= ~BESCR_GE; 1637 1638 /* 1639 * Save NIP for rfebb insn in SPR_EBBRR. Next nip is 1640 * stored in the EBB Handler SPR_EBBHR. 1641 */ 1642 env->spr[SPR_EBBRR] = env->nip; 1643 powerpc_set_excp_state(cpu, env->spr[SPR_EBBHR], env->msr); 1644 1645 /* 1646 * This exception is handled in userspace. No need to proceed. 1647 */ 1648 return; 1649 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 1650 case POWERPC_EXCP_VPUA: /* Vector assist exception */ 1651 case POWERPC_EXCP_MAINT: /* Maintenance exception */ 1652 case POWERPC_EXCP_HV_MAINT: /* Hypervisor Maintenance exception */ 1653 cpu_abort(cs, "%s exception not implemented\n", 1654 powerpc_excp_name(excp)); 1655 break; 1656 default: 1657 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1658 break; 1659 } 1660 1661 /* 1662 * Sort out endianness of interrupt, this differs depending on the 1663 * CPU, the HV mode, etc... 1664 */ 1665 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 1666 new_msr |= (target_ulong)1 << MSR_LE; 1667 } 1668 1669 new_msr |= (target_ulong)1 << MSR_SF; 1670 1671 if (excp != POWERPC_EXCP_SYSCALL_VECTORED) { 1672 /* Save PC */ 1673 env->spr[srr0] = env->nip; 1674 1675 /* Save MSR */ 1676 env->spr[srr1] = msr; 1677 } 1678 1679 if ((new_msr & MSR_HVB) && books_vhyp_handles_hv_excp(cpu)) { 1680 PPCVirtualHypervisorClass *vhc = 1681 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 1682 /* Deliver interrupt to L1 by returning from the H_ENTER_NESTED call */ 1683 vhc->deliver_hv_excp(cpu, excp); 1684 1685 powerpc_reset_excp_state(cpu); 1686 1687 } else { 1688 /* Sanity check */ 1689 if (!(env->msr_mask & MSR_HVB) && srr0 == SPR_HSRR0) { 1690 cpu_abort(cs, "Trying to deliver HV exception (HSRR) %d with " 1691 "no HV support\n", excp); 1692 } 1693 1694 /* This can update new_msr and vector if AIL applies */ 1695 ppc_excp_apply_ail(cpu, excp, msr, &new_msr, &vector); 1696 1697 powerpc_set_excp_state(cpu, vector, new_msr); 1698 } 1699 } 1700 #else 1701 static inline void powerpc_excp_books(PowerPCCPU *cpu, int excp) 1702 { 1703 g_assert_not_reached(); 1704 } 1705 #endif 1706 1707 static void powerpc_excp(PowerPCCPU *cpu, int excp) 1708 { 1709 CPUState *cs = CPU(cpu); 1710 CPUPPCState *env = &cpu->env; 1711 1712 if (excp <= POWERPC_EXCP_NONE || excp >= POWERPC_EXCP_NB) { 1713 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1714 } 1715 1716 qemu_log_mask(CPU_LOG_INT, "Raise exception at " TARGET_FMT_lx 1717 " => %s (%d) error=%02x\n", env->nip, powerpc_excp_name(excp), 1718 excp, env->error_code); 1719 env->excp_stats[excp]++; 1720 1721 switch (env->excp_model) { 1722 case POWERPC_EXCP_40x: 1723 powerpc_excp_40x(cpu, excp); 1724 break; 1725 case POWERPC_EXCP_6xx: 1726 powerpc_excp_6xx(cpu, excp); 1727 break; 1728 case POWERPC_EXCP_7xx: 1729 powerpc_excp_7xx(cpu, excp); 1730 break; 1731 case POWERPC_EXCP_74xx: 1732 powerpc_excp_74xx(cpu, excp); 1733 break; 1734 case POWERPC_EXCP_BOOKE: 1735 powerpc_excp_booke(cpu, excp); 1736 break; 1737 case POWERPC_EXCP_970: 1738 case POWERPC_EXCP_POWER7: 1739 case POWERPC_EXCP_POWER8: 1740 case POWERPC_EXCP_POWER9: 1741 case POWERPC_EXCP_POWER10: 1742 powerpc_excp_books(cpu, excp); 1743 break; 1744 default: 1745 g_assert_not_reached(); 1746 } 1747 } 1748 1749 void ppc_cpu_do_interrupt(CPUState *cs) 1750 { 1751 PowerPCCPU *cpu = POWERPC_CPU(cs); 1752 1753 powerpc_excp(cpu, cs->exception_index); 1754 } 1755 1756 #if defined(TARGET_PPC64) 1757 #define P7_UNUSED_INTERRUPTS \ 1758 (PPC_INTERRUPT_RESET | PPC_INTERRUPT_HVIRT | PPC_INTERRUPT_CEXT | \ 1759 PPC_INTERRUPT_WDT | PPC_INTERRUPT_CDOORBELL | PPC_INTERRUPT_FIT | \ 1760 PPC_INTERRUPT_PIT | PPC_INTERRUPT_DOORBELL | PPC_INTERRUPT_HDOORBELL | \ 1761 PPC_INTERRUPT_THERM | PPC_INTERRUPT_EBB) 1762 1763 static int p7_interrupt_powersave(CPUPPCState *env) 1764 { 1765 if ((env->pending_interrupts & PPC_INTERRUPT_EXT) && 1766 (env->spr[SPR_LPCR] & LPCR_P7_PECE0)) { 1767 return PPC_INTERRUPT_EXT; 1768 } 1769 if ((env->pending_interrupts & PPC_INTERRUPT_DECR) && 1770 (env->spr[SPR_LPCR] & LPCR_P7_PECE1)) { 1771 return PPC_INTERRUPT_DECR; 1772 } 1773 if ((env->pending_interrupts & PPC_INTERRUPT_MCK) && 1774 (env->spr[SPR_LPCR] & LPCR_P7_PECE2)) { 1775 return PPC_INTERRUPT_MCK; 1776 } 1777 if ((env->pending_interrupts & PPC_INTERRUPT_HMI) && 1778 (env->spr[SPR_LPCR] & LPCR_P7_PECE2)) { 1779 return PPC_INTERRUPT_HMI; 1780 } 1781 if (env->pending_interrupts & PPC_INTERRUPT_RESET) { 1782 return PPC_INTERRUPT_RESET; 1783 } 1784 return 0; 1785 } 1786 1787 static int p7_next_unmasked_interrupt(CPUPPCState *env) 1788 { 1789 CPUState *cs = env_cpu(env); 1790 1791 /* Ignore MSR[EE] when coming out of some power management states */ 1792 bool msr_ee = FIELD_EX64(env->msr, MSR, EE) || env->resume_as_sreset; 1793 1794 assert((env->pending_interrupts & P7_UNUSED_INTERRUPTS) == 0); 1795 1796 if (cs->halted) { 1797 /* LPCR[PECE] controls which interrupts can exit power-saving mode */ 1798 return p7_interrupt_powersave(env); 1799 } 1800 1801 /* Machine check exception */ 1802 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 1803 return PPC_INTERRUPT_MCK; 1804 } 1805 1806 /* Hypervisor decrementer exception */ 1807 if (env->pending_interrupts & PPC_INTERRUPT_HDECR) { 1808 /* LPCR will be clear when not supported so this will work */ 1809 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 1810 if ((msr_ee || !FIELD_EX64_HV(env->msr)) && hdice) { 1811 /* HDEC clears on delivery */ 1812 return PPC_INTERRUPT_HDECR; 1813 } 1814 } 1815 1816 /* External interrupt can ignore MSR:EE under some circumstances */ 1817 if (env->pending_interrupts & PPC_INTERRUPT_EXT) { 1818 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1819 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 1820 /* HEIC blocks delivery to the hypervisor */ 1821 if ((msr_ee && !(heic && FIELD_EX64_HV(env->msr) && 1822 !FIELD_EX64(env->msr, MSR, PR))) || 1823 (env->has_hv_mode && !FIELD_EX64_HV(env->msr) && !lpes0)) { 1824 return PPC_INTERRUPT_EXT; 1825 } 1826 } 1827 if (msr_ee != 0) { 1828 /* Decrementer exception */ 1829 if (env->pending_interrupts & PPC_INTERRUPT_DECR) { 1830 return PPC_INTERRUPT_DECR; 1831 } 1832 if (env->pending_interrupts & PPC_INTERRUPT_PERFM) { 1833 return PPC_INTERRUPT_PERFM; 1834 } 1835 } 1836 1837 return 0; 1838 } 1839 1840 #define P8_UNUSED_INTERRUPTS \ 1841 (PPC_INTERRUPT_RESET | PPC_INTERRUPT_DEBUG | PPC_INTERRUPT_HVIRT | \ 1842 PPC_INTERRUPT_CEXT | PPC_INTERRUPT_WDT | PPC_INTERRUPT_CDOORBELL | \ 1843 PPC_INTERRUPT_FIT | PPC_INTERRUPT_PIT | PPC_INTERRUPT_THERM) 1844 1845 static int p8_interrupt_powersave(CPUPPCState *env) 1846 { 1847 if ((env->pending_interrupts & PPC_INTERRUPT_EXT) && 1848 (env->spr[SPR_LPCR] & LPCR_P8_PECE2)) { 1849 return PPC_INTERRUPT_EXT; 1850 } 1851 if ((env->pending_interrupts & PPC_INTERRUPT_DECR) && 1852 (env->spr[SPR_LPCR] & LPCR_P8_PECE3)) { 1853 return PPC_INTERRUPT_DECR; 1854 } 1855 if ((env->pending_interrupts & PPC_INTERRUPT_MCK) && 1856 (env->spr[SPR_LPCR] & LPCR_P8_PECE4)) { 1857 return PPC_INTERRUPT_MCK; 1858 } 1859 if ((env->pending_interrupts & PPC_INTERRUPT_HMI) && 1860 (env->spr[SPR_LPCR] & LPCR_P8_PECE4)) { 1861 return PPC_INTERRUPT_HMI; 1862 } 1863 if ((env->pending_interrupts & PPC_INTERRUPT_DOORBELL) && 1864 (env->spr[SPR_LPCR] & LPCR_P8_PECE0)) { 1865 return PPC_INTERRUPT_DOORBELL; 1866 } 1867 if ((env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) && 1868 (env->spr[SPR_LPCR] & LPCR_P8_PECE1)) { 1869 return PPC_INTERRUPT_HDOORBELL; 1870 } 1871 if (env->pending_interrupts & PPC_INTERRUPT_RESET) { 1872 return PPC_INTERRUPT_RESET; 1873 } 1874 return 0; 1875 } 1876 1877 static int p8_next_unmasked_interrupt(CPUPPCState *env) 1878 { 1879 CPUState *cs = env_cpu(env); 1880 1881 /* Ignore MSR[EE] when coming out of some power management states */ 1882 bool msr_ee = FIELD_EX64(env->msr, MSR, EE) || env->resume_as_sreset; 1883 1884 assert((env->pending_interrupts & P8_UNUSED_INTERRUPTS) == 0); 1885 1886 if (cs->halted) { 1887 /* LPCR[PECE] controls which interrupts can exit power-saving mode */ 1888 return p8_interrupt_powersave(env); 1889 } 1890 1891 /* Machine check exception */ 1892 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 1893 return PPC_INTERRUPT_MCK; 1894 } 1895 1896 /* Hypervisor decrementer exception */ 1897 if (env->pending_interrupts & PPC_INTERRUPT_HDECR) { 1898 /* LPCR will be clear when not supported so this will work */ 1899 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 1900 if ((msr_ee || !FIELD_EX64_HV(env->msr)) && hdice) { 1901 /* HDEC clears on delivery */ 1902 return PPC_INTERRUPT_HDECR; 1903 } 1904 } 1905 1906 /* External interrupt can ignore MSR:EE under some circumstances */ 1907 if (env->pending_interrupts & PPC_INTERRUPT_EXT) { 1908 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1909 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 1910 /* HEIC blocks delivery to the hypervisor */ 1911 if ((msr_ee && !(heic && FIELD_EX64_HV(env->msr) && 1912 !FIELD_EX64(env->msr, MSR, PR))) || 1913 (env->has_hv_mode && !FIELD_EX64_HV(env->msr) && !lpes0)) { 1914 return PPC_INTERRUPT_EXT; 1915 } 1916 } 1917 if (msr_ee != 0) { 1918 /* Decrementer exception */ 1919 if (env->pending_interrupts & PPC_INTERRUPT_DECR) { 1920 return PPC_INTERRUPT_DECR; 1921 } 1922 if (env->pending_interrupts & PPC_INTERRUPT_DOORBELL) { 1923 return PPC_INTERRUPT_DOORBELL; 1924 } 1925 if (env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) { 1926 return PPC_INTERRUPT_HDOORBELL; 1927 } 1928 if (env->pending_interrupts & PPC_INTERRUPT_PERFM) { 1929 return PPC_INTERRUPT_PERFM; 1930 } 1931 /* EBB exception */ 1932 if (env->pending_interrupts & PPC_INTERRUPT_EBB) { 1933 /* 1934 * EBB exception must be taken in problem state and 1935 * with BESCR_GE set. 1936 */ 1937 if (FIELD_EX64(env->msr, MSR, PR) && 1938 (env->spr[SPR_BESCR] & BESCR_GE)) { 1939 return PPC_INTERRUPT_EBB; 1940 } 1941 } 1942 } 1943 1944 return 0; 1945 } 1946 1947 #define P9_UNUSED_INTERRUPTS \ 1948 (PPC_INTERRUPT_RESET | PPC_INTERRUPT_DEBUG | PPC_INTERRUPT_CEXT | \ 1949 PPC_INTERRUPT_WDT | PPC_INTERRUPT_CDOORBELL | PPC_INTERRUPT_FIT | \ 1950 PPC_INTERRUPT_PIT | PPC_INTERRUPT_THERM) 1951 1952 static int p9_interrupt_powersave(CPUPPCState *env) 1953 { 1954 /* External Exception */ 1955 if ((env->pending_interrupts & PPC_INTERRUPT_EXT) && 1956 (env->spr[SPR_LPCR] & LPCR_EEE)) { 1957 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 1958 if (!heic || !FIELD_EX64_HV(env->msr) || 1959 FIELD_EX64(env->msr, MSR, PR)) { 1960 return PPC_INTERRUPT_EXT; 1961 } 1962 } 1963 /* Decrementer Exception */ 1964 if ((env->pending_interrupts & PPC_INTERRUPT_DECR) && 1965 (env->spr[SPR_LPCR] & LPCR_DEE)) { 1966 return PPC_INTERRUPT_DECR; 1967 } 1968 /* Machine Check or Hypervisor Maintenance Exception */ 1969 if (env->spr[SPR_LPCR] & LPCR_OEE) { 1970 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 1971 return PPC_INTERRUPT_MCK; 1972 } 1973 if (env->pending_interrupts & PPC_INTERRUPT_HMI) { 1974 return PPC_INTERRUPT_HMI; 1975 } 1976 } 1977 /* Privileged Doorbell Exception */ 1978 if ((env->pending_interrupts & PPC_INTERRUPT_DOORBELL) && 1979 (env->spr[SPR_LPCR] & LPCR_PDEE)) { 1980 return PPC_INTERRUPT_DOORBELL; 1981 } 1982 /* Hypervisor Doorbell Exception */ 1983 if ((env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) && 1984 (env->spr[SPR_LPCR] & LPCR_HDEE)) { 1985 return PPC_INTERRUPT_HDOORBELL; 1986 } 1987 /* Hypervisor virtualization exception */ 1988 if ((env->pending_interrupts & PPC_INTERRUPT_HVIRT) && 1989 (env->spr[SPR_LPCR] & LPCR_HVEE)) { 1990 return PPC_INTERRUPT_HVIRT; 1991 } 1992 if (env->pending_interrupts & PPC_INTERRUPT_RESET) { 1993 return PPC_INTERRUPT_RESET; 1994 } 1995 return 0; 1996 } 1997 1998 static int p9_next_unmasked_interrupt(CPUPPCState *env) 1999 { 2000 CPUState *cs = env_cpu(env); 2001 2002 /* Ignore MSR[EE] when coming out of some power management states */ 2003 bool msr_ee = FIELD_EX64(env->msr, MSR, EE) || env->resume_as_sreset; 2004 2005 assert((env->pending_interrupts & P9_UNUSED_INTERRUPTS) == 0); 2006 2007 if (cs->halted) { 2008 if (env->spr[SPR_PSSCR] & PSSCR_EC) { 2009 /* 2010 * When PSSCR[EC] is set, LPCR[PECE] controls which interrupts can 2011 * wakeup the processor 2012 */ 2013 return p9_interrupt_powersave(env); 2014 } else { 2015 /* 2016 * When it's clear, any system-caused exception exits power-saving 2017 * mode, even the ones that gate on MSR[EE]. 2018 */ 2019 msr_ee = true; 2020 } 2021 } 2022 2023 /* Machine check exception */ 2024 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 2025 return PPC_INTERRUPT_MCK; 2026 } 2027 2028 /* Hypervisor decrementer exception */ 2029 if (env->pending_interrupts & PPC_INTERRUPT_HDECR) { 2030 /* LPCR will be clear when not supported so this will work */ 2031 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 2032 if ((msr_ee || !FIELD_EX64_HV(env->msr)) && hdice) { 2033 /* HDEC clears on delivery */ 2034 return PPC_INTERRUPT_HDECR; 2035 } 2036 } 2037 2038 /* Hypervisor virtualization interrupt */ 2039 if (env->pending_interrupts & PPC_INTERRUPT_HVIRT) { 2040 /* LPCR will be clear when not supported so this will work */ 2041 bool hvice = !!(env->spr[SPR_LPCR] & LPCR_HVICE); 2042 if ((msr_ee || !FIELD_EX64_HV(env->msr)) && hvice) { 2043 return PPC_INTERRUPT_HVIRT; 2044 } 2045 } 2046 2047 /* External interrupt can ignore MSR:EE under some circumstances */ 2048 if (env->pending_interrupts & PPC_INTERRUPT_EXT) { 2049 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 2050 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 2051 /* HEIC blocks delivery to the hypervisor */ 2052 if ((msr_ee && !(heic && FIELD_EX64_HV(env->msr) && 2053 !FIELD_EX64(env->msr, MSR, PR))) || 2054 (env->has_hv_mode && !FIELD_EX64_HV(env->msr) && !lpes0)) { 2055 return PPC_INTERRUPT_EXT; 2056 } 2057 } 2058 if (msr_ee != 0) { 2059 /* Decrementer exception */ 2060 if (env->pending_interrupts & PPC_INTERRUPT_DECR) { 2061 return PPC_INTERRUPT_DECR; 2062 } 2063 if (env->pending_interrupts & PPC_INTERRUPT_DOORBELL) { 2064 return PPC_INTERRUPT_DOORBELL; 2065 } 2066 if (env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) { 2067 return PPC_INTERRUPT_HDOORBELL; 2068 } 2069 if (env->pending_interrupts & PPC_INTERRUPT_PERFM) { 2070 return PPC_INTERRUPT_PERFM; 2071 } 2072 /* EBB exception */ 2073 if (env->pending_interrupts & PPC_INTERRUPT_EBB) { 2074 /* 2075 * EBB exception must be taken in problem state and 2076 * with BESCR_GE set. 2077 */ 2078 if (FIELD_EX64(env->msr, MSR, PR) && 2079 (env->spr[SPR_BESCR] & BESCR_GE)) { 2080 return PPC_INTERRUPT_EBB; 2081 } 2082 } 2083 } 2084 2085 return 0; 2086 } 2087 #endif 2088 2089 static int ppc_next_unmasked_interrupt_generic(CPUPPCState *env) 2090 { 2091 bool async_deliver; 2092 2093 /* External reset */ 2094 if (env->pending_interrupts & PPC_INTERRUPT_RESET) { 2095 return PPC_INTERRUPT_RESET; 2096 } 2097 /* Machine check exception */ 2098 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 2099 return PPC_INTERRUPT_MCK; 2100 } 2101 #if 0 /* TODO */ 2102 /* External debug exception */ 2103 if (env->pending_interrupts & PPC_INTERRUPT_DEBUG) { 2104 return PPC_INTERRUPT_DEBUG; 2105 } 2106 #endif 2107 2108 /* 2109 * For interrupts that gate on MSR:EE, we need to do something a 2110 * bit more subtle, as we need to let them through even when EE is 2111 * clear when coming out of some power management states (in order 2112 * for them to become a 0x100). 2113 */ 2114 async_deliver = FIELD_EX64(env->msr, MSR, EE) || env->resume_as_sreset; 2115 2116 /* Hypervisor decrementer exception */ 2117 if (env->pending_interrupts & PPC_INTERRUPT_HDECR) { 2118 /* LPCR will be clear when not supported so this will work */ 2119 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 2120 if ((async_deliver || !FIELD_EX64_HV(env->msr)) && hdice) { 2121 /* HDEC clears on delivery */ 2122 return PPC_INTERRUPT_HDECR; 2123 } 2124 } 2125 2126 /* Hypervisor virtualization interrupt */ 2127 if (env->pending_interrupts & PPC_INTERRUPT_HVIRT) { 2128 /* LPCR will be clear when not supported so this will work */ 2129 bool hvice = !!(env->spr[SPR_LPCR] & LPCR_HVICE); 2130 if ((async_deliver || !FIELD_EX64_HV(env->msr)) && hvice) { 2131 return PPC_INTERRUPT_HVIRT; 2132 } 2133 } 2134 2135 /* External interrupt can ignore MSR:EE under some circumstances */ 2136 if (env->pending_interrupts & PPC_INTERRUPT_EXT) { 2137 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 2138 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 2139 /* HEIC blocks delivery to the hypervisor */ 2140 if ((async_deliver && !(heic && FIELD_EX64_HV(env->msr) && 2141 !FIELD_EX64(env->msr, MSR, PR))) || 2142 (env->has_hv_mode && !FIELD_EX64_HV(env->msr) && !lpes0)) { 2143 return PPC_INTERRUPT_EXT; 2144 } 2145 } 2146 if (FIELD_EX64(env->msr, MSR, CE)) { 2147 /* External critical interrupt */ 2148 if (env->pending_interrupts & PPC_INTERRUPT_CEXT) { 2149 return PPC_INTERRUPT_CEXT; 2150 } 2151 } 2152 if (async_deliver != 0) { 2153 /* Watchdog timer on embedded PowerPC */ 2154 if (env->pending_interrupts & PPC_INTERRUPT_WDT) { 2155 return PPC_INTERRUPT_WDT; 2156 } 2157 if (env->pending_interrupts & PPC_INTERRUPT_CDOORBELL) { 2158 return PPC_INTERRUPT_CDOORBELL; 2159 } 2160 /* Fixed interval timer on embedded PowerPC */ 2161 if (env->pending_interrupts & PPC_INTERRUPT_FIT) { 2162 return PPC_INTERRUPT_FIT; 2163 } 2164 /* Programmable interval timer on embedded PowerPC */ 2165 if (env->pending_interrupts & PPC_INTERRUPT_PIT) { 2166 return PPC_INTERRUPT_PIT; 2167 } 2168 /* Decrementer exception */ 2169 if (env->pending_interrupts & PPC_INTERRUPT_DECR) { 2170 return PPC_INTERRUPT_DECR; 2171 } 2172 if (env->pending_interrupts & PPC_INTERRUPT_DOORBELL) { 2173 return PPC_INTERRUPT_DOORBELL; 2174 } 2175 if (env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) { 2176 return PPC_INTERRUPT_HDOORBELL; 2177 } 2178 if (env->pending_interrupts & PPC_INTERRUPT_PERFM) { 2179 return PPC_INTERRUPT_PERFM; 2180 } 2181 /* Thermal interrupt */ 2182 if (env->pending_interrupts & PPC_INTERRUPT_THERM) { 2183 return PPC_INTERRUPT_THERM; 2184 } 2185 /* EBB exception */ 2186 if (env->pending_interrupts & PPC_INTERRUPT_EBB) { 2187 /* 2188 * EBB exception must be taken in problem state and 2189 * with BESCR_GE set. 2190 */ 2191 if (FIELD_EX64(env->msr, MSR, PR) && 2192 (env->spr[SPR_BESCR] & BESCR_GE)) { 2193 return PPC_INTERRUPT_EBB; 2194 } 2195 } 2196 } 2197 2198 return 0; 2199 } 2200 2201 static int ppc_next_unmasked_interrupt(CPUPPCState *env) 2202 { 2203 switch (env->excp_model) { 2204 #if defined(TARGET_PPC64) 2205 case POWERPC_EXCP_POWER7: 2206 return p7_next_unmasked_interrupt(env); 2207 case POWERPC_EXCP_POWER8: 2208 return p8_next_unmasked_interrupt(env); 2209 case POWERPC_EXCP_POWER9: 2210 case POWERPC_EXCP_POWER10: 2211 return p9_next_unmasked_interrupt(env); 2212 #endif 2213 default: 2214 return ppc_next_unmasked_interrupt_generic(env); 2215 } 2216 } 2217 2218 /* 2219 * Sets CPU_INTERRUPT_HARD if there is at least one unmasked interrupt to be 2220 * delivered and clears CPU_INTERRUPT_HARD otherwise. 2221 * 2222 * This method is called by ppc_set_interrupt when an interrupt is raised or 2223 * lowered, and should also be called whenever an interrupt masking condition 2224 * is changed, e.g.: 2225 * - When relevant bits of MSR are altered, like EE, HV, PR, etc.; 2226 * - When relevant bits of LPCR are altered, like PECE, HDICE, HVICE, etc.; 2227 * - When PSSCR[EC] or env->resume_as_sreset are changed; 2228 * - When cs->halted is changed and the CPU has a different interrupt masking 2229 * logic in power-saving mode (e.g., POWER7/8/9/10); 2230 */ 2231 void ppc_maybe_interrupt(CPUPPCState *env) 2232 { 2233 CPUState *cs = env_cpu(env); 2234 BQL_LOCK_GUARD(); 2235 2236 if (ppc_next_unmasked_interrupt(env)) { 2237 cpu_interrupt(cs, CPU_INTERRUPT_HARD); 2238 } else { 2239 cpu_reset_interrupt(cs, CPU_INTERRUPT_HARD); 2240 } 2241 } 2242 2243 #if defined(TARGET_PPC64) 2244 static void p7_deliver_interrupt(CPUPPCState *env, int interrupt) 2245 { 2246 PowerPCCPU *cpu = env_archcpu(env); 2247 CPUState *cs = env_cpu(env); 2248 2249 switch (interrupt) { 2250 case PPC_INTERRUPT_MCK: /* Machine check exception */ 2251 env->pending_interrupts &= ~PPC_INTERRUPT_MCK; 2252 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 2253 break; 2254 2255 case PPC_INTERRUPT_HDECR: /* Hypervisor decrementer exception */ 2256 /* HDEC clears on delivery */ 2257 env->pending_interrupts &= ~PPC_INTERRUPT_HDECR; 2258 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 2259 break; 2260 2261 case PPC_INTERRUPT_EXT: 2262 if (books_vhyp_promotes_external_to_hvirt(cpu)) { 2263 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2264 } else { 2265 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 2266 } 2267 break; 2268 2269 case PPC_INTERRUPT_DECR: /* Decrementer exception */ 2270 powerpc_excp(cpu, POWERPC_EXCP_DECR); 2271 break; 2272 case PPC_INTERRUPT_PERFM: 2273 env->pending_interrupts &= ~PPC_INTERRUPT_PERFM; 2274 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 2275 break; 2276 case 0: 2277 /* 2278 * This is a bug ! It means that has_work took us out of halt without 2279 * anything to deliver while in a PM state that requires getting 2280 * out via a 0x100 2281 * 2282 * This means we will incorrectly execute past the power management 2283 * instruction instead of triggering a reset. 2284 * 2285 * It generally means a discrepancy between the wakeup conditions in the 2286 * processor has_work implementation and the logic in this function. 2287 */ 2288 assert(!env->resume_as_sreset); 2289 break; 2290 default: 2291 cpu_abort(cs, "Invalid PowerPC interrupt %d. Aborting\n", interrupt); 2292 } 2293 } 2294 2295 static void p8_deliver_interrupt(CPUPPCState *env, int interrupt) 2296 { 2297 PowerPCCPU *cpu = env_archcpu(env); 2298 CPUState *cs = env_cpu(env); 2299 2300 switch (interrupt) { 2301 case PPC_INTERRUPT_MCK: /* Machine check exception */ 2302 env->pending_interrupts &= ~PPC_INTERRUPT_MCK; 2303 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 2304 break; 2305 2306 case PPC_INTERRUPT_HDECR: /* Hypervisor decrementer exception */ 2307 /* HDEC clears on delivery */ 2308 env->pending_interrupts &= ~PPC_INTERRUPT_HDECR; 2309 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 2310 break; 2311 2312 case PPC_INTERRUPT_EXT: 2313 if (books_vhyp_promotes_external_to_hvirt(cpu)) { 2314 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2315 } else { 2316 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 2317 } 2318 break; 2319 2320 case PPC_INTERRUPT_DECR: /* Decrementer exception */ 2321 powerpc_excp(cpu, POWERPC_EXCP_DECR); 2322 break; 2323 case PPC_INTERRUPT_DOORBELL: 2324 env->pending_interrupts &= ~PPC_INTERRUPT_DOORBELL; 2325 if (is_book3s_arch2x(env)) { 2326 powerpc_excp(cpu, POWERPC_EXCP_SDOOR); 2327 } else { 2328 powerpc_excp(cpu, POWERPC_EXCP_DOORI); 2329 } 2330 break; 2331 case PPC_INTERRUPT_HDOORBELL: 2332 env->pending_interrupts &= ~PPC_INTERRUPT_HDOORBELL; 2333 powerpc_excp(cpu, POWERPC_EXCP_SDOOR_HV); 2334 break; 2335 case PPC_INTERRUPT_PERFM: 2336 env->pending_interrupts &= ~PPC_INTERRUPT_PERFM; 2337 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 2338 break; 2339 case PPC_INTERRUPT_EBB: /* EBB exception */ 2340 env->pending_interrupts &= ~PPC_INTERRUPT_EBB; 2341 if (env->spr[SPR_BESCR] & BESCR_PMEO) { 2342 powerpc_excp(cpu, POWERPC_EXCP_PERFM_EBB); 2343 } else if (env->spr[SPR_BESCR] & BESCR_EEO) { 2344 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL_EBB); 2345 } 2346 break; 2347 case 0: 2348 /* 2349 * This is a bug ! It means that has_work took us out of halt without 2350 * anything to deliver while in a PM state that requires getting 2351 * out via a 0x100 2352 * 2353 * This means we will incorrectly execute past the power management 2354 * instruction instead of triggering a reset. 2355 * 2356 * It generally means a discrepancy between the wakeup conditions in the 2357 * processor has_work implementation and the logic in this function. 2358 */ 2359 assert(!env->resume_as_sreset); 2360 break; 2361 default: 2362 cpu_abort(cs, "Invalid PowerPC interrupt %d. Aborting\n", interrupt); 2363 } 2364 } 2365 2366 static void p9_deliver_interrupt(CPUPPCState *env, int interrupt) 2367 { 2368 PowerPCCPU *cpu = env_archcpu(env); 2369 CPUState *cs = env_cpu(env); 2370 2371 if (cs->halted && !(env->spr[SPR_PSSCR] & PSSCR_EC) && 2372 !FIELD_EX64(env->msr, MSR, EE)) { 2373 /* 2374 * A pending interrupt took us out of power-saving, but MSR[EE] says 2375 * that we should return to NIP+4 instead of delivering it. 2376 */ 2377 return; 2378 } 2379 2380 switch (interrupt) { 2381 case PPC_INTERRUPT_MCK: /* Machine check exception */ 2382 env->pending_interrupts &= ~PPC_INTERRUPT_MCK; 2383 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 2384 break; 2385 2386 case PPC_INTERRUPT_HDECR: /* Hypervisor decrementer exception */ 2387 /* HDEC clears on delivery */ 2388 env->pending_interrupts &= ~PPC_INTERRUPT_HDECR; 2389 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 2390 break; 2391 case PPC_INTERRUPT_HVIRT: /* Hypervisor virtualization interrupt */ 2392 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2393 break; 2394 2395 case PPC_INTERRUPT_EXT: 2396 if (books_vhyp_promotes_external_to_hvirt(cpu)) { 2397 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2398 } else { 2399 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 2400 } 2401 break; 2402 2403 case PPC_INTERRUPT_DECR: /* Decrementer exception */ 2404 powerpc_excp(cpu, POWERPC_EXCP_DECR); 2405 break; 2406 case PPC_INTERRUPT_DOORBELL: 2407 env->pending_interrupts &= ~PPC_INTERRUPT_DOORBELL; 2408 powerpc_excp(cpu, POWERPC_EXCP_SDOOR); 2409 break; 2410 case PPC_INTERRUPT_HDOORBELL: 2411 env->pending_interrupts &= ~PPC_INTERRUPT_HDOORBELL; 2412 powerpc_excp(cpu, POWERPC_EXCP_SDOOR_HV); 2413 break; 2414 case PPC_INTERRUPT_PERFM: 2415 env->pending_interrupts &= ~PPC_INTERRUPT_PERFM; 2416 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 2417 break; 2418 case PPC_INTERRUPT_EBB: /* EBB exception */ 2419 env->pending_interrupts &= ~PPC_INTERRUPT_EBB; 2420 if (env->spr[SPR_BESCR] & BESCR_PMEO) { 2421 powerpc_excp(cpu, POWERPC_EXCP_PERFM_EBB); 2422 } else if (env->spr[SPR_BESCR] & BESCR_EEO) { 2423 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL_EBB); 2424 } 2425 break; 2426 case 0: 2427 /* 2428 * This is a bug ! It means that has_work took us out of halt without 2429 * anything to deliver while in a PM state that requires getting 2430 * out via a 0x100 2431 * 2432 * This means we will incorrectly execute past the power management 2433 * instruction instead of triggering a reset. 2434 * 2435 * It generally means a discrepancy between the wakeup conditions in the 2436 * processor has_work implementation and the logic in this function. 2437 */ 2438 assert(!env->resume_as_sreset); 2439 break; 2440 default: 2441 cpu_abort(cs, "Invalid PowerPC interrupt %d. Aborting\n", interrupt); 2442 } 2443 } 2444 #endif 2445 2446 static void ppc_deliver_interrupt_generic(CPUPPCState *env, int interrupt) 2447 { 2448 PowerPCCPU *cpu = env_archcpu(env); 2449 CPUState *cs = env_cpu(env); 2450 2451 switch (interrupt) { 2452 case PPC_INTERRUPT_RESET: /* External reset */ 2453 env->pending_interrupts &= ~PPC_INTERRUPT_RESET; 2454 powerpc_excp(cpu, POWERPC_EXCP_RESET); 2455 break; 2456 case PPC_INTERRUPT_MCK: /* Machine check exception */ 2457 env->pending_interrupts &= ~PPC_INTERRUPT_MCK; 2458 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 2459 break; 2460 2461 case PPC_INTERRUPT_HDECR: /* Hypervisor decrementer exception */ 2462 /* HDEC clears on delivery */ 2463 env->pending_interrupts &= ~PPC_INTERRUPT_HDECR; 2464 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 2465 break; 2466 case PPC_INTERRUPT_HVIRT: /* Hypervisor virtualization interrupt */ 2467 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2468 break; 2469 2470 case PPC_INTERRUPT_EXT: 2471 if (books_vhyp_promotes_external_to_hvirt(cpu)) { 2472 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2473 } else { 2474 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 2475 } 2476 break; 2477 case PPC_INTERRUPT_CEXT: /* External critical interrupt */ 2478 powerpc_excp(cpu, POWERPC_EXCP_CRITICAL); 2479 break; 2480 2481 case PPC_INTERRUPT_WDT: /* Watchdog timer on embedded PowerPC */ 2482 env->pending_interrupts &= ~PPC_INTERRUPT_WDT; 2483 powerpc_excp(cpu, POWERPC_EXCP_WDT); 2484 break; 2485 case PPC_INTERRUPT_CDOORBELL: 2486 env->pending_interrupts &= ~PPC_INTERRUPT_CDOORBELL; 2487 powerpc_excp(cpu, POWERPC_EXCP_DOORCI); 2488 break; 2489 case PPC_INTERRUPT_FIT: /* Fixed interval timer on embedded PowerPC */ 2490 env->pending_interrupts &= ~PPC_INTERRUPT_FIT; 2491 powerpc_excp(cpu, POWERPC_EXCP_FIT); 2492 break; 2493 case PPC_INTERRUPT_PIT: /* Programmable interval timer on embedded ppc */ 2494 env->pending_interrupts &= ~PPC_INTERRUPT_PIT; 2495 powerpc_excp(cpu, POWERPC_EXCP_PIT); 2496 break; 2497 case PPC_INTERRUPT_DECR: /* Decrementer exception */ 2498 if (ppc_decr_clear_on_delivery(env)) { 2499 env->pending_interrupts &= ~PPC_INTERRUPT_DECR; 2500 } 2501 powerpc_excp(cpu, POWERPC_EXCP_DECR); 2502 break; 2503 case PPC_INTERRUPT_DOORBELL: 2504 env->pending_interrupts &= ~PPC_INTERRUPT_DOORBELL; 2505 if (is_book3s_arch2x(env)) { 2506 powerpc_excp(cpu, POWERPC_EXCP_SDOOR); 2507 } else { 2508 powerpc_excp(cpu, POWERPC_EXCP_DOORI); 2509 } 2510 break; 2511 case PPC_INTERRUPT_HDOORBELL: 2512 env->pending_interrupts &= ~PPC_INTERRUPT_HDOORBELL; 2513 powerpc_excp(cpu, POWERPC_EXCP_SDOOR_HV); 2514 break; 2515 case PPC_INTERRUPT_PERFM: 2516 env->pending_interrupts &= ~PPC_INTERRUPT_PERFM; 2517 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 2518 break; 2519 case PPC_INTERRUPT_THERM: /* Thermal interrupt */ 2520 env->pending_interrupts &= ~PPC_INTERRUPT_THERM; 2521 powerpc_excp(cpu, POWERPC_EXCP_THERM); 2522 break; 2523 case PPC_INTERRUPT_EBB: /* EBB exception */ 2524 env->pending_interrupts &= ~PPC_INTERRUPT_EBB; 2525 if (env->spr[SPR_BESCR] & BESCR_PMEO) { 2526 powerpc_excp(cpu, POWERPC_EXCP_PERFM_EBB); 2527 } else if (env->spr[SPR_BESCR] & BESCR_EEO) { 2528 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL_EBB); 2529 } 2530 break; 2531 case 0: 2532 /* 2533 * This is a bug ! It means that has_work took us out of halt without 2534 * anything to deliver while in a PM state that requires getting 2535 * out via a 0x100 2536 * 2537 * This means we will incorrectly execute past the power management 2538 * instruction instead of triggering a reset. 2539 * 2540 * It generally means a discrepancy between the wakeup conditions in the 2541 * processor has_work implementation and the logic in this function. 2542 */ 2543 assert(!env->resume_as_sreset); 2544 break; 2545 default: 2546 cpu_abort(cs, "Invalid PowerPC interrupt %d. Aborting\n", interrupt); 2547 } 2548 } 2549 2550 static void ppc_deliver_interrupt(CPUPPCState *env, int interrupt) 2551 { 2552 switch (env->excp_model) { 2553 #if defined(TARGET_PPC64) 2554 case POWERPC_EXCP_POWER7: 2555 p7_deliver_interrupt(env, interrupt); 2556 break; 2557 case POWERPC_EXCP_POWER8: 2558 p8_deliver_interrupt(env, interrupt); 2559 break; 2560 case POWERPC_EXCP_POWER9: 2561 case POWERPC_EXCP_POWER10: 2562 p9_deliver_interrupt(env, interrupt); 2563 break; 2564 #endif 2565 default: 2566 ppc_deliver_interrupt_generic(env, interrupt); 2567 } 2568 } 2569 2570 void ppc_cpu_do_system_reset(CPUState *cs) 2571 { 2572 PowerPCCPU *cpu = POWERPC_CPU(cs); 2573 2574 powerpc_excp(cpu, POWERPC_EXCP_RESET); 2575 } 2576 2577 void ppc_cpu_do_fwnmi_machine_check(CPUState *cs, target_ulong vector) 2578 { 2579 PowerPCCPU *cpu = POWERPC_CPU(cs); 2580 CPUPPCState *env = &cpu->env; 2581 target_ulong msr = 0; 2582 2583 /* 2584 * Set MSR and NIP for the handler, SRR0/1, DAR and DSISR have already 2585 * been set by KVM. 2586 */ 2587 msr = (1ULL << MSR_ME); 2588 msr |= env->msr & (1ULL << MSR_SF); 2589 if (ppc_interrupts_little_endian(cpu, false)) { 2590 msr |= (1ULL << MSR_LE); 2591 } 2592 2593 /* Anything for nested required here? MSR[HV] bit? */ 2594 2595 powerpc_set_excp_state(cpu, vector, msr); 2596 } 2597 2598 bool ppc_cpu_exec_interrupt(CPUState *cs, int interrupt_request) 2599 { 2600 PowerPCCPU *cpu = POWERPC_CPU(cs); 2601 CPUPPCState *env = &cpu->env; 2602 int interrupt; 2603 2604 if ((interrupt_request & CPU_INTERRUPT_HARD) == 0) { 2605 return false; 2606 } 2607 2608 interrupt = ppc_next_unmasked_interrupt(env); 2609 if (interrupt == 0) { 2610 return false; 2611 } 2612 2613 ppc_deliver_interrupt(env, interrupt); 2614 if (env->pending_interrupts == 0) { 2615 cpu_reset_interrupt(cs, CPU_INTERRUPT_HARD); 2616 } 2617 return true; 2618 } 2619 2620 #endif /* !CONFIG_USER_ONLY */ 2621 2622 /*****************************************************************************/ 2623 /* Exceptions processing helpers */ 2624 2625 void raise_exception_err_ra(CPUPPCState *env, uint32_t exception, 2626 uint32_t error_code, uintptr_t raddr) 2627 { 2628 CPUState *cs = env_cpu(env); 2629 2630 cs->exception_index = exception; 2631 env->error_code = error_code; 2632 cpu_loop_exit_restore(cs, raddr); 2633 } 2634 2635 void raise_exception_err(CPUPPCState *env, uint32_t exception, 2636 uint32_t error_code) 2637 { 2638 raise_exception_err_ra(env, exception, error_code, 0); 2639 } 2640 2641 void raise_exception(CPUPPCState *env, uint32_t exception) 2642 { 2643 raise_exception_err_ra(env, exception, 0, 0); 2644 } 2645 2646 void raise_exception_ra(CPUPPCState *env, uint32_t exception, 2647 uintptr_t raddr) 2648 { 2649 raise_exception_err_ra(env, exception, 0, raddr); 2650 } 2651 2652 #ifdef CONFIG_TCG 2653 void helper_raise_exception_err(CPUPPCState *env, uint32_t exception, 2654 uint32_t error_code) 2655 { 2656 raise_exception_err_ra(env, exception, error_code, 0); 2657 } 2658 2659 void helper_raise_exception(CPUPPCState *env, uint32_t exception) 2660 { 2661 raise_exception_err_ra(env, exception, 0, 0); 2662 } 2663 #endif 2664 2665 #if !defined(CONFIG_USER_ONLY) 2666 #ifdef CONFIG_TCG 2667 void helper_store_msr(CPUPPCState *env, target_ulong val) 2668 { 2669 uint32_t excp = hreg_store_msr(env, val, 0); 2670 2671 if (excp != 0) { 2672 cpu_interrupt_exittb(env_cpu(env)); 2673 raise_exception(env, excp); 2674 } 2675 } 2676 2677 void helper_ppc_maybe_interrupt(CPUPPCState *env) 2678 { 2679 ppc_maybe_interrupt(env); 2680 } 2681 2682 #if defined(TARGET_PPC64) 2683 void helper_scv(CPUPPCState *env, uint32_t lev) 2684 { 2685 if (env->spr[SPR_FSCR] & (1ull << FSCR_SCV)) { 2686 raise_exception_err(env, POWERPC_EXCP_SYSCALL_VECTORED, lev); 2687 } else { 2688 raise_exception_err(env, POWERPC_EXCP_FU, FSCR_IC_SCV); 2689 } 2690 } 2691 2692 void helper_pminsn(CPUPPCState *env, uint32_t insn) 2693 { 2694 CPUState *cs = env_cpu(env); 2695 2696 cs->halted = 1; 2697 2698 /* Condition for waking up at 0x100 */ 2699 env->resume_as_sreset = (insn != PPC_PM_STOP) || 2700 (env->spr[SPR_PSSCR] & PSSCR_EC); 2701 2702 /* HDECR is not to wake from PM state, it may have already fired */ 2703 if (env->resume_as_sreset) { 2704 PowerPCCPU *cpu = env_archcpu(env); 2705 ppc_set_irq(cpu, PPC_INTERRUPT_HDECR, 0); 2706 } 2707 2708 ppc_maybe_interrupt(env); 2709 } 2710 #endif /* defined(TARGET_PPC64) */ 2711 2712 static void do_rfi(CPUPPCState *env, target_ulong nip, target_ulong msr) 2713 { 2714 /* MSR:POW cannot be set by any form of rfi */ 2715 msr &= ~(1ULL << MSR_POW); 2716 2717 /* MSR:TGPR cannot be set by any form of rfi */ 2718 if (env->flags & POWERPC_FLAG_TGPR) 2719 msr &= ~(1ULL << MSR_TGPR); 2720 2721 #if defined(TARGET_PPC64) 2722 /* Switching to 32-bit ? Crop the nip */ 2723 if (!msr_is_64bit(env, msr)) { 2724 nip = (uint32_t)nip; 2725 } 2726 #else 2727 nip = (uint32_t)nip; 2728 #endif 2729 /* XXX: beware: this is false if VLE is supported */ 2730 env->nip = nip & ~((target_ulong)0x00000003); 2731 hreg_store_msr(env, msr, 1); 2732 trace_ppc_excp_rfi(env->nip, env->msr); 2733 /* 2734 * No need to raise an exception here, as rfi is always the last 2735 * insn of a TB 2736 */ 2737 cpu_interrupt_exittb(env_cpu(env)); 2738 /* Reset the reservation */ 2739 env->reserve_addr = -1; 2740 2741 /* Context synchronizing: check if TCG TLB needs flush */ 2742 check_tlb_flush(env, false); 2743 } 2744 2745 void helper_rfi(CPUPPCState *env) 2746 { 2747 do_rfi(env, env->spr[SPR_SRR0], env->spr[SPR_SRR1] & 0xfffffffful); 2748 } 2749 2750 #if defined(TARGET_PPC64) 2751 void helper_rfid(CPUPPCState *env) 2752 { 2753 /* 2754 * The architecture defines a number of rules for which bits can 2755 * change but in practice, we handle this in hreg_store_msr() 2756 * which will be called by do_rfi(), so there is no need to filter 2757 * here 2758 */ 2759 do_rfi(env, env->spr[SPR_SRR0], env->spr[SPR_SRR1]); 2760 } 2761 2762 void helper_rfscv(CPUPPCState *env) 2763 { 2764 do_rfi(env, env->lr, env->ctr); 2765 } 2766 2767 void helper_hrfid(CPUPPCState *env) 2768 { 2769 do_rfi(env, env->spr[SPR_HSRR0], env->spr[SPR_HSRR1]); 2770 } 2771 #endif 2772 2773 #if defined(TARGET_PPC64) && !defined(CONFIG_USER_ONLY) 2774 void helper_rfebb(CPUPPCState *env, target_ulong s) 2775 { 2776 target_ulong msr = env->msr; 2777 2778 /* 2779 * Handling of BESCR bits 32:33 according to PowerISA v3.1: 2780 * 2781 * "If BESCR 32:33 != 0b00 the instruction is treated as if 2782 * the instruction form were invalid." 2783 */ 2784 if (env->spr[SPR_BESCR] & BESCR_INVALID) { 2785 raise_exception_err(env, POWERPC_EXCP_PROGRAM, 2786 POWERPC_EXCP_INVAL | POWERPC_EXCP_INVAL_INVAL); 2787 } 2788 2789 env->nip = env->spr[SPR_EBBRR]; 2790 2791 /* Switching to 32-bit ? Crop the nip */ 2792 if (!msr_is_64bit(env, msr)) { 2793 env->nip = (uint32_t)env->spr[SPR_EBBRR]; 2794 } 2795 2796 if (s) { 2797 env->spr[SPR_BESCR] |= BESCR_GE; 2798 } else { 2799 env->spr[SPR_BESCR] &= ~BESCR_GE; 2800 } 2801 } 2802 2803 /* 2804 * Triggers or queues an 'ebb_excp' EBB exception. All checks 2805 * but FSCR, HFSCR and msr_pr must be done beforehand. 2806 * 2807 * PowerISA v3.1 isn't clear about whether an EBB should be 2808 * postponed or cancelled if the EBB facility is unavailable. 2809 * Our assumption here is that the EBB is cancelled if both 2810 * FSCR and HFSCR EBB facilities aren't available. 2811 */ 2812 static void do_ebb(CPUPPCState *env, int ebb_excp) 2813 { 2814 PowerPCCPU *cpu = env_archcpu(env); 2815 2816 /* 2817 * FSCR_EBB and FSCR_IC_EBB are the same bits used with 2818 * HFSCR. 2819 */ 2820 helper_fscr_facility_check(env, FSCR_EBB, 0, FSCR_IC_EBB); 2821 helper_hfscr_facility_check(env, FSCR_EBB, "EBB", FSCR_IC_EBB); 2822 2823 if (ebb_excp == POWERPC_EXCP_PERFM_EBB) { 2824 env->spr[SPR_BESCR] |= BESCR_PMEO; 2825 } else if (ebb_excp == POWERPC_EXCP_EXTERNAL_EBB) { 2826 env->spr[SPR_BESCR] |= BESCR_EEO; 2827 } 2828 2829 if (FIELD_EX64(env->msr, MSR, PR)) { 2830 powerpc_excp(cpu, ebb_excp); 2831 } else { 2832 ppc_set_irq(cpu, PPC_INTERRUPT_EBB, 1); 2833 } 2834 } 2835 2836 void raise_ebb_perfm_exception(CPUPPCState *env) 2837 { 2838 bool perfm_ebb_enabled = env->spr[SPR_POWER_MMCR0] & MMCR0_EBE && 2839 env->spr[SPR_BESCR] & BESCR_PME && 2840 env->spr[SPR_BESCR] & BESCR_GE; 2841 2842 if (!perfm_ebb_enabled) { 2843 return; 2844 } 2845 2846 do_ebb(env, POWERPC_EXCP_PERFM_EBB); 2847 } 2848 #endif 2849 2850 /*****************************************************************************/ 2851 /* Embedded PowerPC specific helpers */ 2852 void helper_40x_rfci(CPUPPCState *env) 2853 { 2854 do_rfi(env, env->spr[SPR_40x_SRR2], env->spr[SPR_40x_SRR3]); 2855 } 2856 2857 void helper_rfci(CPUPPCState *env) 2858 { 2859 do_rfi(env, env->spr[SPR_BOOKE_CSRR0], env->spr[SPR_BOOKE_CSRR1]); 2860 } 2861 2862 void helper_rfdi(CPUPPCState *env) 2863 { 2864 /* FIXME: choose CSRR1 or DSRR1 based on cpu type */ 2865 do_rfi(env, env->spr[SPR_BOOKE_DSRR0], env->spr[SPR_BOOKE_DSRR1]); 2866 } 2867 2868 void helper_rfmci(CPUPPCState *env) 2869 { 2870 /* FIXME: choose CSRR1 or MCSRR1 based on cpu type */ 2871 do_rfi(env, env->spr[SPR_BOOKE_MCSRR0], env->spr[SPR_BOOKE_MCSRR1]); 2872 } 2873 #endif /* CONFIG_TCG */ 2874 #endif /* !defined(CONFIG_USER_ONLY) */ 2875 2876 #ifdef CONFIG_TCG 2877 void helper_tw(CPUPPCState *env, target_ulong arg1, target_ulong arg2, 2878 uint32_t flags) 2879 { 2880 if (!likely(!(((int32_t)arg1 < (int32_t)arg2 && (flags & 0x10)) || 2881 ((int32_t)arg1 > (int32_t)arg2 && (flags & 0x08)) || 2882 ((int32_t)arg1 == (int32_t)arg2 && (flags & 0x04)) || 2883 ((uint32_t)arg1 < (uint32_t)arg2 && (flags & 0x02)) || 2884 ((uint32_t)arg1 > (uint32_t)arg2 && (flags & 0x01))))) { 2885 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2886 POWERPC_EXCP_TRAP, GETPC()); 2887 } 2888 } 2889 2890 #if defined(TARGET_PPC64) 2891 void helper_td(CPUPPCState *env, target_ulong arg1, target_ulong arg2, 2892 uint32_t flags) 2893 { 2894 if (!likely(!(((int64_t)arg1 < (int64_t)arg2 && (flags & 0x10)) || 2895 ((int64_t)arg1 > (int64_t)arg2 && (flags & 0x08)) || 2896 ((int64_t)arg1 == (int64_t)arg2 && (flags & 0x04)) || 2897 ((uint64_t)arg1 < (uint64_t)arg2 && (flags & 0x02)) || 2898 ((uint64_t)arg1 > (uint64_t)arg2 && (flags & 0x01))))) { 2899 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2900 POWERPC_EXCP_TRAP, GETPC()); 2901 } 2902 } 2903 #endif 2904 #endif 2905 2906 #ifdef CONFIG_TCG 2907 static uint32_t helper_SIMON_LIKE_32_64(uint32_t x, uint64_t key, uint32_t lane) 2908 { 2909 const uint16_t c = 0xfffc; 2910 const uint64_t z0 = 0xfa2561cdf44ac398ULL; 2911 uint16_t z = 0, temp; 2912 uint16_t k[32], eff_k[32], xleft[33], xright[33], fxleft[32]; 2913 2914 for (int i = 3; i >= 0; i--) { 2915 k[i] = key & 0xffff; 2916 key >>= 16; 2917 } 2918 xleft[0] = x & 0xffff; 2919 xright[0] = (x >> 16) & 0xffff; 2920 2921 for (int i = 0; i < 28; i++) { 2922 z = (z0 >> (63 - i)) & 1; 2923 temp = ror16(k[i + 3], 3) ^ k[i + 1]; 2924 k[i + 4] = c ^ z ^ k[i] ^ temp ^ ror16(temp, 1); 2925 } 2926 2927 for (int i = 0; i < 8; i++) { 2928 eff_k[4 * i + 0] = k[4 * i + ((0 + lane) % 4)]; 2929 eff_k[4 * i + 1] = k[4 * i + ((1 + lane) % 4)]; 2930 eff_k[4 * i + 2] = k[4 * i + ((2 + lane) % 4)]; 2931 eff_k[4 * i + 3] = k[4 * i + ((3 + lane) % 4)]; 2932 } 2933 2934 for (int i = 0; i < 32; i++) { 2935 fxleft[i] = (rol16(xleft[i], 1) & 2936 rol16(xleft[i], 8)) ^ rol16(xleft[i], 2); 2937 xleft[i + 1] = xright[i] ^ fxleft[i] ^ eff_k[i]; 2938 xright[i + 1] = xleft[i]; 2939 } 2940 2941 return (((uint32_t)xright[32]) << 16) | xleft[32]; 2942 } 2943 2944 static uint64_t hash_digest(uint64_t ra, uint64_t rb, uint64_t key) 2945 { 2946 uint64_t stage0_h = 0ULL, stage0_l = 0ULL; 2947 uint64_t stage1_h, stage1_l; 2948 2949 for (int i = 0; i < 4; i++) { 2950 stage0_h |= ror64(rb & 0xff, 8 * (2 * i + 1)); 2951 stage0_h |= ((ra >> 32) & 0xff) << (8 * 2 * i); 2952 stage0_l |= ror64((rb >> 32) & 0xff, 8 * (2 * i + 1)); 2953 stage0_l |= (ra & 0xff) << (8 * 2 * i); 2954 rb >>= 8; 2955 ra >>= 8; 2956 } 2957 2958 stage1_h = (uint64_t)helper_SIMON_LIKE_32_64(stage0_h >> 32, key, 0) << 32; 2959 stage1_h |= helper_SIMON_LIKE_32_64(stage0_h, key, 1); 2960 stage1_l = (uint64_t)helper_SIMON_LIKE_32_64(stage0_l >> 32, key, 2) << 32; 2961 stage1_l |= helper_SIMON_LIKE_32_64(stage0_l, key, 3); 2962 2963 return stage1_h ^ stage1_l; 2964 } 2965 2966 static void do_hash(CPUPPCState *env, target_ulong ea, target_ulong ra, 2967 target_ulong rb, uint64_t key, bool store) 2968 { 2969 uint64_t calculated_hash = hash_digest(ra, rb, key), loaded_hash; 2970 2971 if (store) { 2972 cpu_stq_data_ra(env, ea, calculated_hash, GETPC()); 2973 } else { 2974 loaded_hash = cpu_ldq_data_ra(env, ea, GETPC()); 2975 if (loaded_hash != calculated_hash) { 2976 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2977 POWERPC_EXCP_TRAP, GETPC()); 2978 } 2979 } 2980 } 2981 2982 #include "qemu/guest-random.h" 2983 2984 #ifdef TARGET_PPC64 2985 #define HELPER_HASH(op, key, store, dexcr_aspect) \ 2986 void helper_##op(CPUPPCState *env, target_ulong ea, target_ulong ra, \ 2987 target_ulong rb) \ 2988 { \ 2989 if (env->msr & R_MSR_PR_MASK) { \ 2990 if (!(env->spr[SPR_DEXCR] & R_DEXCR_PRO_##dexcr_aspect##_MASK || \ 2991 env->spr[SPR_HDEXCR] & R_HDEXCR_ENF_##dexcr_aspect##_MASK)) \ 2992 return; \ 2993 } else if (!(env->msr & R_MSR_HV_MASK)) { \ 2994 if (!(env->spr[SPR_DEXCR] & R_DEXCR_PNH_##dexcr_aspect##_MASK || \ 2995 env->spr[SPR_HDEXCR] & R_HDEXCR_ENF_##dexcr_aspect##_MASK)) \ 2996 return; \ 2997 } else if (!(env->msr & R_MSR_S_MASK)) { \ 2998 if (!(env->spr[SPR_HDEXCR] & R_HDEXCR_HNU_##dexcr_aspect##_MASK)) \ 2999 return; \ 3000 } \ 3001 \ 3002 do_hash(env, ea, ra, rb, key, store); \ 3003 } 3004 #else 3005 #define HELPER_HASH(op, key, store, dexcr_aspect) \ 3006 void helper_##op(CPUPPCState *env, target_ulong ea, target_ulong ra, \ 3007 target_ulong rb) \ 3008 { \ 3009 do_hash(env, ea, ra, rb, key, store); \ 3010 } 3011 #endif /* TARGET_PPC64 */ 3012 3013 HELPER_HASH(HASHST, env->spr[SPR_HASHKEYR], true, NPHIE) 3014 HELPER_HASH(HASHCHK, env->spr[SPR_HASHKEYR], false, NPHIE) 3015 HELPER_HASH(HASHSTP, env->spr[SPR_HASHPKEYR], true, PHIE) 3016 HELPER_HASH(HASHCHKP, env->spr[SPR_HASHPKEYR], false, PHIE) 3017 #endif /* CONFIG_TCG */ 3018 3019 #if !defined(CONFIG_USER_ONLY) 3020 3021 #ifdef CONFIG_TCG 3022 3023 /* Embedded.Processor Control */ 3024 static int dbell2irq(target_ulong rb) 3025 { 3026 int msg = rb & DBELL_TYPE_MASK; 3027 int irq = -1; 3028 3029 switch (msg) { 3030 case DBELL_TYPE_DBELL: 3031 irq = PPC_INTERRUPT_DOORBELL; 3032 break; 3033 case DBELL_TYPE_DBELL_CRIT: 3034 irq = PPC_INTERRUPT_CDOORBELL; 3035 break; 3036 case DBELL_TYPE_G_DBELL: 3037 case DBELL_TYPE_G_DBELL_CRIT: 3038 case DBELL_TYPE_G_DBELL_MC: 3039 /* XXX implement */ 3040 default: 3041 break; 3042 } 3043 3044 return irq; 3045 } 3046 3047 void helper_msgclr(CPUPPCState *env, target_ulong rb) 3048 { 3049 int irq = dbell2irq(rb); 3050 3051 if (irq < 0) { 3052 return; 3053 } 3054 3055 ppc_set_irq(env_archcpu(env), irq, 0); 3056 } 3057 3058 void helper_msgsnd(target_ulong rb) 3059 { 3060 int irq = dbell2irq(rb); 3061 int pir = rb & DBELL_PIRTAG_MASK; 3062 CPUState *cs; 3063 3064 if (irq < 0) { 3065 return; 3066 } 3067 3068 bql_lock(); 3069 CPU_FOREACH(cs) { 3070 PowerPCCPU *cpu = POWERPC_CPU(cs); 3071 CPUPPCState *cenv = &cpu->env; 3072 3073 if ((rb & DBELL_BRDCAST) || (cenv->spr[SPR_BOOKE_PIR] == pir)) { 3074 ppc_set_irq(cpu, irq, 1); 3075 } 3076 } 3077 bql_unlock(); 3078 } 3079 3080 /* Server Processor Control */ 3081 3082 static bool dbell_type_server(target_ulong rb) 3083 { 3084 /* 3085 * A Directed Hypervisor Doorbell message is sent only if the 3086 * message type is 5. All other types are reserved and the 3087 * instruction is a no-op 3088 */ 3089 return (rb & DBELL_TYPE_MASK) == DBELL_TYPE_DBELL_SERVER; 3090 } 3091 3092 void helper_book3s_msgclr(CPUPPCState *env, target_ulong rb) 3093 { 3094 if (!dbell_type_server(rb)) { 3095 return; 3096 } 3097 3098 ppc_set_irq(env_archcpu(env), PPC_INTERRUPT_HDOORBELL, 0); 3099 } 3100 3101 static void book3s_msgsnd_common(int pir, int irq) 3102 { 3103 CPUState *cs; 3104 3105 bql_lock(); 3106 CPU_FOREACH(cs) { 3107 PowerPCCPU *cpu = POWERPC_CPU(cs); 3108 CPUPPCState *cenv = &cpu->env; 3109 3110 /* TODO: broadcast message to all threads of the same processor */ 3111 if (cenv->spr_cb[SPR_PIR].default_value == pir) { 3112 ppc_set_irq(cpu, irq, 1); 3113 } 3114 } 3115 bql_unlock(); 3116 } 3117 3118 void helper_book3s_msgsnd(target_ulong rb) 3119 { 3120 int pir = rb & DBELL_PROCIDTAG_MASK; 3121 3122 if (!dbell_type_server(rb)) { 3123 return; 3124 } 3125 3126 book3s_msgsnd_common(pir, PPC_INTERRUPT_HDOORBELL); 3127 } 3128 3129 #if defined(TARGET_PPC64) 3130 void helper_book3s_msgclrp(CPUPPCState *env, target_ulong rb) 3131 { 3132 helper_hfscr_facility_check(env, HFSCR_MSGP, "msgclrp", HFSCR_IC_MSGP); 3133 3134 if (!dbell_type_server(rb)) { 3135 return; 3136 } 3137 3138 ppc_set_irq(env_archcpu(env), PPC_INTERRUPT_DOORBELL, 0); 3139 } 3140 3141 /* 3142 * sends a message to another thread on the same 3143 * multi-threaded processor 3144 */ 3145 void helper_book3s_msgsndp(CPUPPCState *env, target_ulong rb) 3146 { 3147 CPUState *cs = env_cpu(env); 3148 PowerPCCPU *cpu = env_archcpu(env); 3149 CPUState *ccs; 3150 uint32_t nr_threads = cs->nr_threads; 3151 int ttir = rb & PPC_BITMASK(57, 63); 3152 3153 helper_hfscr_facility_check(env, HFSCR_MSGP, "msgsndp", HFSCR_IC_MSGP); 3154 3155 if (!(env->flags & POWERPC_FLAG_SMT_1LPAR)) { 3156 nr_threads = 1; /* msgsndp behaves as 1-thread in LPAR-per-thread mode*/ 3157 } 3158 3159 if (!dbell_type_server(rb) || ttir >= nr_threads) { 3160 return; 3161 } 3162 3163 if (nr_threads == 1) { 3164 ppc_set_irq(cpu, PPC_INTERRUPT_DOORBELL, 1); 3165 return; 3166 } 3167 3168 /* Does iothread need to be locked for walking CPU list? */ 3169 bql_lock(); 3170 THREAD_SIBLING_FOREACH(cs, ccs) { 3171 PowerPCCPU *ccpu = POWERPC_CPU(ccs); 3172 uint32_t thread_id = ppc_cpu_tir(ccpu); 3173 3174 if (ttir == thread_id) { 3175 ppc_set_irq(ccpu, PPC_INTERRUPT_DOORBELL, 1); 3176 bql_unlock(); 3177 return; 3178 } 3179 } 3180 3181 g_assert_not_reached(); 3182 } 3183 #endif /* TARGET_PPC64 */ 3184 3185 /* Single-step tracing */ 3186 void helper_book3s_trace(CPUPPCState *env, target_ulong prev_ip) 3187 { 3188 uint32_t error_code = 0; 3189 if (env->insns_flags2 & PPC2_ISA207S) { 3190 /* Load/store reporting, SRR1[35, 36] and SDAR, are not implemented. */ 3191 env->spr[SPR_POWER_SIAR] = prev_ip; 3192 error_code = PPC_BIT(33); 3193 } 3194 raise_exception_err(env, POWERPC_EXCP_TRACE, error_code); 3195 } 3196 3197 void ppc_cpu_do_unaligned_access(CPUState *cs, vaddr vaddr, 3198 MMUAccessType access_type, 3199 int mmu_idx, uintptr_t retaddr) 3200 { 3201 CPUPPCState *env = cpu_env(cs); 3202 uint32_t insn; 3203 3204 /* Restore state and reload the insn we executed, for filling in DSISR. */ 3205 cpu_restore_state(cs, retaddr); 3206 insn = ppc_ldl_code(env, env->nip); 3207 3208 switch (env->mmu_model) { 3209 case POWERPC_MMU_SOFT_4xx: 3210 env->spr[SPR_40x_DEAR] = vaddr; 3211 break; 3212 case POWERPC_MMU_BOOKE: 3213 case POWERPC_MMU_BOOKE206: 3214 env->spr[SPR_BOOKE_DEAR] = vaddr; 3215 break; 3216 default: 3217 env->spr[SPR_DAR] = vaddr; 3218 break; 3219 } 3220 3221 cs->exception_index = POWERPC_EXCP_ALIGN; 3222 env->error_code = insn & 0x03FF0000; 3223 cpu_loop_exit(cs); 3224 } 3225 3226 void ppc_cpu_do_transaction_failed(CPUState *cs, hwaddr physaddr, 3227 vaddr vaddr, unsigned size, 3228 MMUAccessType access_type, 3229 int mmu_idx, MemTxAttrs attrs, 3230 MemTxResult response, uintptr_t retaddr) 3231 { 3232 CPUPPCState *env = cpu_env(cs); 3233 3234 switch (env->excp_model) { 3235 #if defined(TARGET_PPC64) 3236 case POWERPC_EXCP_POWER8: 3237 case POWERPC_EXCP_POWER9: 3238 case POWERPC_EXCP_POWER10: 3239 /* 3240 * Machine check codes can be found in processor User Manual or 3241 * Linux or skiboot source. 3242 */ 3243 if (access_type == MMU_DATA_LOAD) { 3244 env->spr[SPR_DAR] = vaddr; 3245 env->spr[SPR_DSISR] = PPC_BIT(57); 3246 env->error_code = PPC_BIT(42); 3247 3248 } else if (access_type == MMU_DATA_STORE) { 3249 /* 3250 * MCE for stores in POWER is asynchronous so hardware does 3251 * not set DAR, but QEMU can do better. 3252 */ 3253 env->spr[SPR_DAR] = vaddr; 3254 env->error_code = PPC_BIT(36) | PPC_BIT(43) | PPC_BIT(45); 3255 env->error_code |= PPC_BIT(42); 3256 3257 } else { /* Fetch */ 3258 /* 3259 * is_prefix_insn_excp() tests !PPC_BIT(42) to avoid fetching 3260 * the instruction, so that must always be clear for fetches. 3261 */ 3262 env->error_code = PPC_BIT(36) | PPC_BIT(44) | PPC_BIT(45); 3263 } 3264 break; 3265 #endif 3266 default: 3267 /* 3268 * TODO: Check behaviour for other CPUs, for now do nothing. 3269 * Could add a basic MCE even if real hardware ignores. 3270 */ 3271 return; 3272 } 3273 3274 cs->exception_index = POWERPC_EXCP_MCHECK; 3275 cpu_loop_exit_restore(cs, retaddr); 3276 } 3277 3278 void ppc_cpu_debug_excp_handler(CPUState *cs) 3279 { 3280 #if defined(TARGET_PPC64) 3281 CPUPPCState *env = cpu_env(cs); 3282 3283 if (env->insns_flags2 & PPC2_ISA207S) { 3284 if (cs->watchpoint_hit) { 3285 if (cs->watchpoint_hit->flags & BP_CPU) { 3286 env->spr[SPR_DAR] = cs->watchpoint_hit->hitaddr; 3287 env->spr[SPR_DSISR] = PPC_BIT(41); 3288 cs->watchpoint_hit = NULL; 3289 raise_exception(env, POWERPC_EXCP_DSI); 3290 } 3291 cs->watchpoint_hit = NULL; 3292 } else if (cpu_breakpoint_test(cs, env->nip, BP_CPU)) { 3293 raise_exception_err(env, POWERPC_EXCP_TRACE, 3294 PPC_BIT(33) | PPC_BIT(43)); 3295 } 3296 } 3297 #endif 3298 } 3299 3300 bool ppc_cpu_debug_check_breakpoint(CPUState *cs) 3301 { 3302 #if defined(TARGET_PPC64) 3303 CPUPPCState *env = cpu_env(cs); 3304 3305 if (env->insns_flags2 & PPC2_ISA207S) { 3306 target_ulong priv; 3307 3308 priv = env->spr[SPR_CIABR] & PPC_BITMASK(62, 63); 3309 switch (priv) { 3310 case 0x1: /* problem */ 3311 return env->msr & ((target_ulong)1 << MSR_PR); 3312 case 0x2: /* supervisor */ 3313 return (!(env->msr & ((target_ulong)1 << MSR_PR)) && 3314 !(env->msr & ((target_ulong)1 << MSR_HV))); 3315 case 0x3: /* hypervisor */ 3316 return (!(env->msr & ((target_ulong)1 << MSR_PR)) && 3317 (env->msr & ((target_ulong)1 << MSR_HV))); 3318 default: 3319 g_assert_not_reached(); 3320 } 3321 } 3322 #endif 3323 3324 return false; 3325 } 3326 3327 bool ppc_cpu_debug_check_watchpoint(CPUState *cs, CPUWatchpoint *wp) 3328 { 3329 #if defined(TARGET_PPC64) 3330 CPUPPCState *env = cpu_env(cs); 3331 3332 if (env->insns_flags2 & PPC2_ISA207S) { 3333 if (wp == env->dawr0_watchpoint) { 3334 uint32_t dawrx = env->spr[SPR_DAWRX0]; 3335 bool wt = extract32(dawrx, PPC_BIT_NR(59), 1); 3336 bool wti = extract32(dawrx, PPC_BIT_NR(60), 1); 3337 bool hv = extract32(dawrx, PPC_BIT_NR(61), 1); 3338 bool sv = extract32(dawrx, PPC_BIT_NR(62), 1); 3339 bool pr = extract32(dawrx, PPC_BIT_NR(62), 1); 3340 3341 if ((env->msr & ((target_ulong)1 << MSR_PR)) && !pr) { 3342 return false; 3343 } else if ((env->msr & ((target_ulong)1 << MSR_HV)) && !hv) { 3344 return false; 3345 } else if (!sv) { 3346 return false; 3347 } 3348 3349 if (!wti) { 3350 if (env->msr & ((target_ulong)1 << MSR_DR)) { 3351 if (!wt) { 3352 return false; 3353 } 3354 } else { 3355 if (wt) { 3356 return false; 3357 } 3358 } 3359 } 3360 3361 return true; 3362 } 3363 } 3364 #endif 3365 3366 return false; 3367 } 3368 3369 #endif /* CONFIG_TCG */ 3370 #endif /* !CONFIG_USER_ONLY */ 3371