1 /* 2 * PowerPC exception emulation helpers for QEMU. 3 * 4 * Copyright (c) 2003-2007 Jocelyn Mayer 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2.1 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 18 */ 19 #include "qemu/osdep.h" 20 #include "qemu/main-loop.h" 21 #include "qemu/log.h" 22 #include "cpu.h" 23 #include "exec/exec-all.h" 24 #include "internal.h" 25 #include "helper_regs.h" 26 27 #include "trace.h" 28 29 #ifdef CONFIG_TCG 30 #include "exec/helper-proto.h" 31 #include "exec/cpu_ldst.h" 32 #endif 33 34 /*****************************************************************************/ 35 /* Exception processing */ 36 #if !defined(CONFIG_USER_ONLY) 37 38 static const char *powerpc_excp_name(int excp) 39 { 40 switch (excp) { 41 case POWERPC_EXCP_CRITICAL: return "CRITICAL"; 42 case POWERPC_EXCP_MCHECK: return "MCHECK"; 43 case POWERPC_EXCP_DSI: return "DSI"; 44 case POWERPC_EXCP_ISI: return "ISI"; 45 case POWERPC_EXCP_EXTERNAL: return "EXTERNAL"; 46 case POWERPC_EXCP_ALIGN: return "ALIGN"; 47 case POWERPC_EXCP_PROGRAM: return "PROGRAM"; 48 case POWERPC_EXCP_FPU: return "FPU"; 49 case POWERPC_EXCP_SYSCALL: return "SYSCALL"; 50 case POWERPC_EXCP_APU: return "APU"; 51 case POWERPC_EXCP_DECR: return "DECR"; 52 case POWERPC_EXCP_FIT: return "FIT"; 53 case POWERPC_EXCP_WDT: return "WDT"; 54 case POWERPC_EXCP_DTLB: return "DTLB"; 55 case POWERPC_EXCP_ITLB: return "ITLB"; 56 case POWERPC_EXCP_DEBUG: return "DEBUG"; 57 case POWERPC_EXCP_SPEU: return "SPEU"; 58 case POWERPC_EXCP_EFPDI: return "EFPDI"; 59 case POWERPC_EXCP_EFPRI: return "EFPRI"; 60 case POWERPC_EXCP_EPERFM: return "EPERFM"; 61 case POWERPC_EXCP_DOORI: return "DOORI"; 62 case POWERPC_EXCP_DOORCI: return "DOORCI"; 63 case POWERPC_EXCP_GDOORI: return "GDOORI"; 64 case POWERPC_EXCP_GDOORCI: return "GDOORCI"; 65 case POWERPC_EXCP_HYPPRIV: return "HYPPRIV"; 66 case POWERPC_EXCP_RESET: return "RESET"; 67 case POWERPC_EXCP_DSEG: return "DSEG"; 68 case POWERPC_EXCP_ISEG: return "ISEG"; 69 case POWERPC_EXCP_HDECR: return "HDECR"; 70 case POWERPC_EXCP_TRACE: return "TRACE"; 71 case POWERPC_EXCP_HDSI: return "HDSI"; 72 case POWERPC_EXCP_HISI: return "HISI"; 73 case POWERPC_EXCP_HDSEG: return "HDSEG"; 74 case POWERPC_EXCP_HISEG: return "HISEG"; 75 case POWERPC_EXCP_VPU: return "VPU"; 76 case POWERPC_EXCP_PIT: return "PIT"; 77 case POWERPC_EXCP_EMUL: return "EMUL"; 78 case POWERPC_EXCP_IFTLB: return "IFTLB"; 79 case POWERPC_EXCP_DLTLB: return "DLTLB"; 80 case POWERPC_EXCP_DSTLB: return "DSTLB"; 81 case POWERPC_EXCP_FPA: return "FPA"; 82 case POWERPC_EXCP_DABR: return "DABR"; 83 case POWERPC_EXCP_IABR: return "IABR"; 84 case POWERPC_EXCP_SMI: return "SMI"; 85 case POWERPC_EXCP_PERFM: return "PERFM"; 86 case POWERPC_EXCP_THERM: return "THERM"; 87 case POWERPC_EXCP_VPUA: return "VPUA"; 88 case POWERPC_EXCP_SOFTP: return "SOFTP"; 89 case POWERPC_EXCP_MAINT: return "MAINT"; 90 case POWERPC_EXCP_MEXTBR: return "MEXTBR"; 91 case POWERPC_EXCP_NMEXTBR: return "NMEXTBR"; 92 case POWERPC_EXCP_ITLBE: return "ITLBE"; 93 case POWERPC_EXCP_DTLBE: return "DTLBE"; 94 case POWERPC_EXCP_VSXU: return "VSXU"; 95 case POWERPC_EXCP_FU: return "FU"; 96 case POWERPC_EXCP_HV_EMU: return "HV_EMU"; 97 case POWERPC_EXCP_HV_MAINT: return "HV_MAINT"; 98 case POWERPC_EXCP_HV_FU: return "HV_FU"; 99 case POWERPC_EXCP_SDOOR: return "SDOOR"; 100 case POWERPC_EXCP_SDOOR_HV: return "SDOOR_HV"; 101 case POWERPC_EXCP_HVIRT: return "HVIRT"; 102 case POWERPC_EXCP_SYSCALL_VECTORED: return "SYSCALL_VECTORED"; 103 default: 104 g_assert_not_reached(); 105 } 106 } 107 108 static void dump_syscall(CPUPPCState *env) 109 { 110 qemu_log_mask(CPU_LOG_INT, "syscall r0=%016" PRIx64 111 " r3=%016" PRIx64 " r4=%016" PRIx64 " r5=%016" PRIx64 112 " r6=%016" PRIx64 " r7=%016" PRIx64 " r8=%016" PRIx64 113 " nip=" TARGET_FMT_lx "\n", 114 ppc_dump_gpr(env, 0), ppc_dump_gpr(env, 3), 115 ppc_dump_gpr(env, 4), ppc_dump_gpr(env, 5), 116 ppc_dump_gpr(env, 6), ppc_dump_gpr(env, 7), 117 ppc_dump_gpr(env, 8), env->nip); 118 } 119 120 static void dump_hcall(CPUPPCState *env) 121 { 122 qemu_log_mask(CPU_LOG_INT, "hypercall r3=%016" PRIx64 123 " r4=%016" PRIx64 " r5=%016" PRIx64 " r6=%016" PRIx64 124 " r7=%016" PRIx64 " r8=%016" PRIx64 " r9=%016" PRIx64 125 " r10=%016" PRIx64 " r11=%016" PRIx64 " r12=%016" PRIx64 126 " nip=" TARGET_FMT_lx "\n", 127 ppc_dump_gpr(env, 3), ppc_dump_gpr(env, 4), 128 ppc_dump_gpr(env, 5), ppc_dump_gpr(env, 6), 129 ppc_dump_gpr(env, 7), ppc_dump_gpr(env, 8), 130 ppc_dump_gpr(env, 9), ppc_dump_gpr(env, 10), 131 ppc_dump_gpr(env, 11), ppc_dump_gpr(env, 12), 132 env->nip); 133 } 134 135 static void ppc_excp_debug_sw_tlb(CPUPPCState *env, int excp) 136 { 137 const char *es; 138 target_ulong *miss, *cmp; 139 int en; 140 141 if (!qemu_loglevel_mask(CPU_LOG_MMU)) { 142 return; 143 } 144 145 if (excp == POWERPC_EXCP_IFTLB) { 146 es = "I"; 147 en = 'I'; 148 miss = &env->spr[SPR_IMISS]; 149 cmp = &env->spr[SPR_ICMP]; 150 } else { 151 if (excp == POWERPC_EXCP_DLTLB) { 152 es = "DL"; 153 } else { 154 es = "DS"; 155 } 156 en = 'D'; 157 miss = &env->spr[SPR_DMISS]; 158 cmp = &env->spr[SPR_DCMP]; 159 } 160 qemu_log("6xx %sTLB miss: %cM " TARGET_FMT_lx " %cC " 161 TARGET_FMT_lx " H1 " TARGET_FMT_lx " H2 " 162 TARGET_FMT_lx " %08x\n", es, en, *miss, en, *cmp, 163 env->spr[SPR_HASH1], env->spr[SPR_HASH2], 164 env->error_code); 165 } 166 167 #if defined(TARGET_PPC64) 168 static int powerpc_reset_wakeup(CPUState *cs, CPUPPCState *env, int excp, 169 target_ulong *msr) 170 { 171 /* We no longer are in a PM state */ 172 env->resume_as_sreset = false; 173 174 /* Pretend to be returning from doze always as we don't lose state */ 175 *msr |= SRR1_WS_NOLOSS; 176 177 /* Machine checks are sent normally */ 178 if (excp == POWERPC_EXCP_MCHECK) { 179 return excp; 180 } 181 switch (excp) { 182 case POWERPC_EXCP_RESET: 183 *msr |= SRR1_WAKERESET; 184 break; 185 case POWERPC_EXCP_EXTERNAL: 186 *msr |= SRR1_WAKEEE; 187 break; 188 case POWERPC_EXCP_DECR: 189 *msr |= SRR1_WAKEDEC; 190 break; 191 case POWERPC_EXCP_SDOOR: 192 *msr |= SRR1_WAKEDBELL; 193 break; 194 case POWERPC_EXCP_SDOOR_HV: 195 *msr |= SRR1_WAKEHDBELL; 196 break; 197 case POWERPC_EXCP_HV_MAINT: 198 *msr |= SRR1_WAKEHMI; 199 break; 200 case POWERPC_EXCP_HVIRT: 201 *msr |= SRR1_WAKEHVI; 202 break; 203 default: 204 cpu_abort(cs, "Unsupported exception %d in Power Save mode\n", 205 excp); 206 } 207 return POWERPC_EXCP_RESET; 208 } 209 210 /* 211 * AIL - Alternate Interrupt Location, a mode that allows interrupts to be 212 * taken with the MMU on, and which uses an alternate location (e.g., so the 213 * kernel/hv can map the vectors there with an effective address). 214 * 215 * An interrupt is considered to be taken "with AIL" or "AIL applies" if they 216 * are delivered in this way. AIL requires the LPCR to be set to enable this 217 * mode, and then a number of conditions have to be true for AIL to apply. 218 * 219 * First of all, SRESET, MCE, and HMI are always delivered without AIL, because 220 * they specifically want to be in real mode (e.g., the MCE might be signaling 221 * a SLB multi-hit which requires SLB flush before the MMU can be enabled). 222 * 223 * After that, behaviour depends on the current MSR[IR], MSR[DR], MSR[HV], 224 * whether or not the interrupt changes MSR[HV] from 0 to 1, and the current 225 * radix mode (LPCR[HR]). 226 * 227 * POWER8, POWER9 with LPCR[HR]=0 228 * | LPCR[AIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 229 * +-----------+-------------+---------+-------------+-----+ 230 * | a | 00/01/10 | x | x | 0 | 231 * | a | 11 | 0 | 1 | 0 | 232 * | a | 11 | 1 | 1 | a | 233 * | a | 11 | 0 | 0 | a | 234 * +-------------------------------------------------------+ 235 * 236 * POWER9 with LPCR[HR]=1 237 * | LPCR[AIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 238 * +-----------+-------------+---------+-------------+-----+ 239 * | a | 00/01/10 | x | x | 0 | 240 * | a | 11 | x | x | a | 241 * +-------------------------------------------------------+ 242 * 243 * The difference with POWER9 being that MSR[HV] 0->1 interrupts can be sent to 244 * the hypervisor in AIL mode if the guest is radix. This is good for 245 * performance but allows the guest to influence the AIL of hypervisor 246 * interrupts using its MSR, and also the hypervisor must disallow guest 247 * interrupts (MSR[HV] 0->0) from using AIL if the hypervisor does not want to 248 * use AIL for its MSR[HV] 0->1 interrupts. 249 * 250 * POWER10 addresses those issues with a new LPCR[HAIL] bit that is applied to 251 * interrupts that begin execution with MSR[HV]=1 (so both MSR[HV] 0->1 and 252 * MSR[HV] 1->1). 253 * 254 * HAIL=1 is equivalent to AIL=3, for interrupts delivered with MSR[HV]=1. 255 * 256 * POWER10 behaviour is 257 * | LPCR[AIL] | LPCR[HAIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 258 * +-----------+------------+-------------+---------+-------------+-----+ 259 * | a | h | 00/01/10 | 0 | 0 | 0 | 260 * | a | h | 11 | 0 | 0 | a | 261 * | a | h | x | 0 | 1 | h | 262 * | a | h | 00/01/10 | 1 | 1 | 0 | 263 * | a | h | 11 | 1 | 1 | h | 264 * +--------------------------------------------------------------------+ 265 */ 266 static void ppc_excp_apply_ail(PowerPCCPU *cpu, int excp, target_ulong msr, 267 target_ulong *new_msr, target_ulong *vector) 268 { 269 PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cpu); 270 CPUPPCState *env = &cpu->env; 271 bool mmu_all_on = ((msr >> MSR_IR) & 1) && ((msr >> MSR_DR) & 1); 272 bool hv_escalation = !(msr & MSR_HVB) && (*new_msr & MSR_HVB); 273 int ail = 0; 274 275 if (excp == POWERPC_EXCP_MCHECK || 276 excp == POWERPC_EXCP_RESET || 277 excp == POWERPC_EXCP_HV_MAINT) { 278 /* SRESET, MCE, HMI never apply AIL */ 279 return; 280 } 281 282 if (!(pcc->lpcr_mask & LPCR_AIL)) { 283 /* This CPU does not have AIL */ 284 return; 285 } 286 287 /* P8 & P9 */ 288 if (!(pcc->lpcr_mask & LPCR_HAIL)) { 289 if (!mmu_all_on) { 290 /* AIL only works if MSR[IR] and MSR[DR] are both enabled. */ 291 return; 292 } 293 if (hv_escalation && !(env->spr[SPR_LPCR] & LPCR_HR)) { 294 /* 295 * AIL does not work if there is a MSR[HV] 0->1 transition and the 296 * partition is in HPT mode. For radix guests, such interrupts are 297 * allowed to be delivered to the hypervisor in ail mode. 298 */ 299 return; 300 } 301 302 ail = (env->spr[SPR_LPCR] & LPCR_AIL) >> LPCR_AIL_SHIFT; 303 if (ail == 0) { 304 return; 305 } 306 if (ail == 1) { 307 /* AIL=1 is reserved, treat it like AIL=0 */ 308 return; 309 } 310 311 /* P10 and up */ 312 } else { 313 if (!mmu_all_on && !hv_escalation) { 314 /* 315 * AIL works for HV interrupts even with guest MSR[IR/DR] disabled. 316 * Guest->guest and HV->HV interrupts do require MMU on. 317 */ 318 return; 319 } 320 321 if (*new_msr & MSR_HVB) { 322 if (!(env->spr[SPR_LPCR] & LPCR_HAIL)) { 323 /* HV interrupts depend on LPCR[HAIL] */ 324 return; 325 } 326 ail = 3; /* HAIL=1 gives AIL=3 behaviour for HV interrupts */ 327 } else { 328 ail = (env->spr[SPR_LPCR] & LPCR_AIL) >> LPCR_AIL_SHIFT; 329 } 330 if (ail == 0) { 331 return; 332 } 333 if (ail == 1 || ail == 2) { 334 /* AIL=1 and AIL=2 are reserved, treat them like AIL=0 */ 335 return; 336 } 337 } 338 339 /* 340 * AIL applies, so the new MSR gets IR and DR set, and an offset applied 341 * to the new IP. 342 */ 343 *new_msr |= (1 << MSR_IR) | (1 << MSR_DR); 344 345 if (excp != POWERPC_EXCP_SYSCALL_VECTORED) { 346 if (ail == 2) { 347 *vector |= 0x0000000000018000ull; 348 } else if (ail == 3) { 349 *vector |= 0xc000000000004000ull; 350 } 351 } else { 352 /* 353 * scv AIL is a little different. AIL=2 does not change the address, 354 * only the MSR. AIL=3 replaces the 0x17000 base with 0xc...3000. 355 */ 356 if (ail == 3) { 357 *vector &= ~0x0000000000017000ull; /* Un-apply the base offset */ 358 *vector |= 0xc000000000003000ull; /* Apply scv's AIL=3 offset */ 359 } 360 } 361 } 362 #endif 363 364 static void powerpc_reset_excp_state(PowerPCCPU *cpu) 365 { 366 CPUState *cs = CPU(cpu); 367 CPUPPCState *env = &cpu->env; 368 369 /* Reset exception state */ 370 cs->exception_index = POWERPC_EXCP_NONE; 371 env->error_code = 0; 372 } 373 374 static void powerpc_set_excp_state(PowerPCCPU *cpu, target_ulong vector, 375 target_ulong msr) 376 { 377 CPUPPCState *env = &cpu->env; 378 379 assert((msr & env->msr_mask) == msr); 380 381 /* 382 * We don't use hreg_store_msr here as already have treated any 383 * special case that could occur. Just store MSR and update hflags 384 * 385 * Note: We *MUST* not use hreg_store_msr() as-is anyway because it 386 * will prevent setting of the HV bit which some exceptions might need 387 * to do. 388 */ 389 env->nip = vector; 390 env->msr = msr; 391 hreg_compute_hflags(env); 392 393 powerpc_reset_excp_state(cpu); 394 395 /* 396 * Any interrupt is context synchronizing, check if TCG TLB needs 397 * a delayed flush on ppc64 398 */ 399 check_tlb_flush(env, false); 400 401 /* Reset the reservation */ 402 env->reserve_addr = -1; 403 } 404 405 static void powerpc_excp_40x(PowerPCCPU *cpu, int excp) 406 { 407 CPUState *cs = CPU(cpu); 408 CPUPPCState *env = &cpu->env; 409 target_ulong msr, new_msr, vector; 410 int srr0, srr1; 411 412 /* new srr1 value excluding must-be-zero bits */ 413 msr = env->msr & ~0x783f0000ULL; 414 415 /* 416 * new interrupt handler msr preserves existing ME unless 417 * explicitly overriden. 418 */ 419 new_msr = env->msr & (((target_ulong)1 << MSR_ME)); 420 421 /* target registers */ 422 srr0 = SPR_SRR0; 423 srr1 = SPR_SRR1; 424 425 /* 426 * Hypervisor emulation assistance interrupt only exists on server 427 * arch 2.05 server or later. 428 */ 429 if (excp == POWERPC_EXCP_HV_EMU) { 430 excp = POWERPC_EXCP_PROGRAM; 431 } 432 433 vector = env->excp_vectors[excp]; 434 if (vector == (target_ulong)-1ULL) { 435 cpu_abort(cs, "Raised an exception without defined vector %d\n", 436 excp); 437 } 438 439 vector |= env->excp_prefix; 440 441 switch (excp) { 442 case POWERPC_EXCP_CRITICAL: /* Critical input */ 443 srr0 = SPR_40x_SRR2; 444 srr1 = SPR_40x_SRR3; 445 break; 446 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 447 if (!FIELD_EX64(env->msr, MSR, ME)) { 448 /* 449 * Machine check exception is not enabled. Enter 450 * checkstop state. 451 */ 452 fprintf(stderr, "Machine check while not allowed. " 453 "Entering checkstop state\n"); 454 if (qemu_log_separate()) { 455 qemu_log("Machine check while not allowed. " 456 "Entering checkstop state\n"); 457 } 458 cs->halted = 1; 459 cpu_interrupt_exittb(cs); 460 } 461 462 /* machine check exceptions don't have ME set */ 463 new_msr &= ~((target_ulong)1 << MSR_ME); 464 465 srr0 = SPR_40x_SRR2; 466 srr1 = SPR_40x_SRR3; 467 break; 468 case POWERPC_EXCP_DSI: /* Data storage exception */ 469 trace_ppc_excp_dsi(env->spr[SPR_40x_ESR], env->spr[SPR_40x_DEAR]); 470 break; 471 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 472 trace_ppc_excp_isi(msr, env->nip); 473 break; 474 case POWERPC_EXCP_EXTERNAL: /* External input */ 475 break; 476 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 477 break; 478 case POWERPC_EXCP_PROGRAM: /* Program exception */ 479 switch (env->error_code & ~0xF) { 480 case POWERPC_EXCP_FP: 481 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 482 trace_ppc_excp_fp_ignore(); 483 powerpc_reset_excp_state(cpu); 484 return; 485 } 486 env->spr[SPR_40x_ESR] = ESR_FP; 487 break; 488 case POWERPC_EXCP_INVAL: 489 trace_ppc_excp_inval(env->nip); 490 env->spr[SPR_40x_ESR] = ESR_PIL; 491 break; 492 case POWERPC_EXCP_PRIV: 493 env->spr[SPR_40x_ESR] = ESR_PPR; 494 break; 495 case POWERPC_EXCP_TRAP: 496 env->spr[SPR_40x_ESR] = ESR_PTR; 497 break; 498 default: 499 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 500 env->error_code); 501 break; 502 } 503 break; 504 case POWERPC_EXCP_SYSCALL: /* System call exception */ 505 dump_syscall(env); 506 507 /* 508 * We need to correct the NIP which in this case is supposed 509 * to point to the next instruction 510 */ 511 env->nip += 4; 512 break; 513 case POWERPC_EXCP_FIT: /* Fixed-interval timer interrupt */ 514 trace_ppc_excp_print("FIT"); 515 break; 516 case POWERPC_EXCP_WDT: /* Watchdog timer interrupt */ 517 trace_ppc_excp_print("WDT"); 518 break; 519 case POWERPC_EXCP_DTLB: /* Data TLB error */ 520 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 521 break; 522 case POWERPC_EXCP_PIT: /* Programmable interval timer interrupt */ 523 trace_ppc_excp_print("PIT"); 524 break; 525 case POWERPC_EXCP_DEBUG: /* Debug interrupt */ 526 cpu_abort(cs, "%s exception not implemented\n", 527 powerpc_excp_name(excp)); 528 break; 529 default: 530 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 531 break; 532 } 533 534 /* Save PC */ 535 env->spr[srr0] = env->nip; 536 537 /* Save MSR */ 538 env->spr[srr1] = msr; 539 540 powerpc_set_excp_state(cpu, vector, new_msr); 541 } 542 543 static void powerpc_excp_6xx(PowerPCCPU *cpu, int excp) 544 { 545 CPUState *cs = CPU(cpu); 546 CPUPPCState *env = &cpu->env; 547 target_ulong msr, new_msr, vector; 548 549 /* new srr1 value excluding must-be-zero bits */ 550 msr = env->msr & ~0x783f0000ULL; 551 552 /* 553 * new interrupt handler msr preserves existing ME unless 554 * explicitly overriden 555 */ 556 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 557 558 /* 559 * Hypervisor emulation assistance interrupt only exists on server 560 * arch 2.05 server or later. 561 */ 562 if (excp == POWERPC_EXCP_HV_EMU) { 563 excp = POWERPC_EXCP_PROGRAM; 564 } 565 566 vector = env->excp_vectors[excp]; 567 if (vector == (target_ulong)-1ULL) { 568 cpu_abort(cs, "Raised an exception without defined vector %d\n", 569 excp); 570 } 571 572 vector |= env->excp_prefix; 573 574 switch (excp) { 575 case POWERPC_EXCP_CRITICAL: /* Critical input */ 576 break; 577 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 578 if (!FIELD_EX64(env->msr, MSR, ME)) { 579 /* 580 * Machine check exception is not enabled. Enter 581 * checkstop state. 582 */ 583 fprintf(stderr, "Machine check while not allowed. " 584 "Entering checkstop state\n"); 585 if (qemu_log_separate()) { 586 qemu_log("Machine check while not allowed. " 587 "Entering checkstop state\n"); 588 } 589 cs->halted = 1; 590 cpu_interrupt_exittb(cs); 591 } 592 593 /* machine check exceptions don't have ME set */ 594 new_msr &= ~((target_ulong)1 << MSR_ME); 595 596 break; 597 case POWERPC_EXCP_DSI: /* Data storage exception */ 598 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 599 break; 600 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 601 trace_ppc_excp_isi(msr, env->nip); 602 msr |= env->error_code; 603 break; 604 case POWERPC_EXCP_EXTERNAL: /* External input */ 605 break; 606 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 607 /* Get rS/rD and rA from faulting opcode */ 608 /* 609 * Note: the opcode fields will not be set properly for a 610 * direct store load/store, but nobody cares as nobody 611 * actually uses direct store segments. 612 */ 613 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 614 break; 615 case POWERPC_EXCP_PROGRAM: /* Program exception */ 616 switch (env->error_code & ~0xF) { 617 case POWERPC_EXCP_FP: 618 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 619 trace_ppc_excp_fp_ignore(); 620 powerpc_reset_excp_state(cpu); 621 return; 622 } 623 624 /* 625 * FP exceptions always have NIP pointing to the faulting 626 * instruction, so always use store_next and claim we are 627 * precise in the MSR. 628 */ 629 msr |= 0x00100000; 630 break; 631 case POWERPC_EXCP_INVAL: 632 trace_ppc_excp_inval(env->nip); 633 msr |= 0x00080000; 634 break; 635 case POWERPC_EXCP_PRIV: 636 msr |= 0x00040000; 637 break; 638 case POWERPC_EXCP_TRAP: 639 msr |= 0x00020000; 640 break; 641 default: 642 /* Should never occur */ 643 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 644 env->error_code); 645 break; 646 } 647 break; 648 case POWERPC_EXCP_SYSCALL: /* System call exception */ 649 dump_syscall(env); 650 651 /* 652 * We need to correct the NIP which in this case is supposed 653 * to point to the next instruction 654 */ 655 env->nip += 4; 656 break; 657 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 658 case POWERPC_EXCP_DECR: /* Decrementer exception */ 659 break; 660 case POWERPC_EXCP_DTLB: /* Data TLB error */ 661 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 662 break; 663 case POWERPC_EXCP_RESET: /* System reset exception */ 664 if (FIELD_EX64(env->msr, MSR, POW)) { 665 cpu_abort(cs, "Trying to deliver power-saving system reset " 666 "exception %d with no HV support\n", excp); 667 } 668 break; 669 case POWERPC_EXCP_TRACE: /* Trace exception */ 670 break; 671 case POWERPC_EXCP_IFTLB: /* Instruction fetch TLB error */ 672 case POWERPC_EXCP_DLTLB: /* Data load TLB miss */ 673 case POWERPC_EXCP_DSTLB: /* Data store TLB miss */ 674 /* Swap temporary saved registers with GPRs */ 675 if (!(new_msr & ((target_ulong)1 << MSR_TGPR))) { 676 new_msr |= (target_ulong)1 << MSR_TGPR; 677 hreg_swap_gpr_tgpr(env); 678 } 679 680 ppc_excp_debug_sw_tlb(env, excp); 681 682 msr |= env->crf[0] << 28; 683 msr |= env->error_code; /* key, D/I, S/L bits */ 684 /* Set way using a LRU mechanism */ 685 msr |= ((env->last_way + 1) & (env->nb_ways - 1)) << 17; 686 break; 687 case POWERPC_EXCP_FPA: /* Floating-point assist exception */ 688 case POWERPC_EXCP_DABR: /* Data address breakpoint */ 689 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 690 case POWERPC_EXCP_SMI: /* System management interrupt */ 691 case POWERPC_EXCP_MEXTBR: /* Maskable external breakpoint */ 692 case POWERPC_EXCP_NMEXTBR: /* Non maskable external breakpoint */ 693 cpu_abort(cs, "%s exception not implemented\n", 694 powerpc_excp_name(excp)); 695 break; 696 default: 697 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 698 break; 699 } 700 701 /* 702 * Sort out endianness of interrupt, this differs depending on the 703 * CPU, the HV mode, etc... 704 */ 705 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 706 new_msr |= (target_ulong)1 << MSR_LE; 707 } 708 709 /* Save PC */ 710 env->spr[SPR_SRR0] = env->nip; 711 712 /* Save MSR */ 713 env->spr[SPR_SRR1] = msr; 714 715 powerpc_set_excp_state(cpu, vector, new_msr); 716 } 717 718 static void powerpc_excp_7xx(PowerPCCPU *cpu, int excp) 719 { 720 CPUState *cs = CPU(cpu); 721 CPUPPCState *env = &cpu->env; 722 target_ulong msr, new_msr, vector; 723 724 /* new srr1 value excluding must-be-zero bits */ 725 msr = env->msr & ~0x783f0000ULL; 726 727 /* 728 * new interrupt handler msr preserves existing ME unless 729 * explicitly overriden 730 */ 731 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 732 733 /* 734 * Hypervisor emulation assistance interrupt only exists on server 735 * arch 2.05 server or later. 736 */ 737 if (excp == POWERPC_EXCP_HV_EMU) { 738 excp = POWERPC_EXCP_PROGRAM; 739 } 740 741 vector = env->excp_vectors[excp]; 742 if (vector == (target_ulong)-1ULL) { 743 cpu_abort(cs, "Raised an exception without defined vector %d\n", 744 excp); 745 } 746 747 vector |= env->excp_prefix; 748 749 switch (excp) { 750 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 751 if (!FIELD_EX64(env->msr, MSR, ME)) { 752 /* 753 * Machine check exception is not enabled. Enter 754 * checkstop state. 755 */ 756 fprintf(stderr, "Machine check while not allowed. " 757 "Entering checkstop state\n"); 758 if (qemu_log_separate()) { 759 qemu_log("Machine check while not allowed. " 760 "Entering checkstop state\n"); 761 } 762 cs->halted = 1; 763 cpu_interrupt_exittb(cs); 764 } 765 766 /* machine check exceptions don't have ME set */ 767 new_msr &= ~((target_ulong)1 << MSR_ME); 768 769 break; 770 case POWERPC_EXCP_DSI: /* Data storage exception */ 771 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 772 break; 773 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 774 trace_ppc_excp_isi(msr, env->nip); 775 msr |= env->error_code; 776 break; 777 case POWERPC_EXCP_EXTERNAL: /* External input */ 778 break; 779 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 780 /* Get rS/rD and rA from faulting opcode */ 781 /* 782 * Note: the opcode fields will not be set properly for a 783 * direct store load/store, but nobody cares as nobody 784 * actually uses direct store segments. 785 */ 786 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 787 break; 788 case POWERPC_EXCP_PROGRAM: /* Program exception */ 789 switch (env->error_code & ~0xF) { 790 case POWERPC_EXCP_FP: 791 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 792 trace_ppc_excp_fp_ignore(); 793 powerpc_reset_excp_state(cpu); 794 return; 795 } 796 797 /* 798 * FP exceptions always have NIP pointing to the faulting 799 * instruction, so always use store_next and claim we are 800 * precise in the MSR. 801 */ 802 msr |= 0x00100000; 803 break; 804 case POWERPC_EXCP_INVAL: 805 trace_ppc_excp_inval(env->nip); 806 msr |= 0x00080000; 807 break; 808 case POWERPC_EXCP_PRIV: 809 msr |= 0x00040000; 810 break; 811 case POWERPC_EXCP_TRAP: 812 msr |= 0x00020000; 813 break; 814 default: 815 /* Should never occur */ 816 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 817 env->error_code); 818 break; 819 } 820 break; 821 case POWERPC_EXCP_SYSCALL: /* System call exception */ 822 { 823 int lev = env->error_code; 824 825 if (lev == 1 && cpu->vhyp) { 826 dump_hcall(env); 827 } else { 828 dump_syscall(env); 829 } 830 831 /* 832 * We need to correct the NIP which in this case is supposed 833 * to point to the next instruction 834 */ 835 env->nip += 4; 836 837 /* 838 * The Virtual Open Firmware (VOF) relies on the 'sc 1' 839 * instruction to communicate with QEMU. The pegasos2 machine 840 * uses VOF and the 7xx CPUs, so although the 7xx don't have 841 * HV mode, we need to keep hypercall support. 842 */ 843 if (lev == 1 && cpu->vhyp) { 844 PPCVirtualHypervisorClass *vhc = 845 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 846 vhc->hypercall(cpu->vhyp, cpu); 847 return; 848 } 849 850 break; 851 } 852 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 853 case POWERPC_EXCP_DECR: /* Decrementer exception */ 854 break; 855 case POWERPC_EXCP_RESET: /* System reset exception */ 856 if (FIELD_EX64(env->msr, MSR, POW)) { 857 cpu_abort(cs, "Trying to deliver power-saving system reset " 858 "exception %d with no HV support\n", excp); 859 } 860 break; 861 case POWERPC_EXCP_TRACE: /* Trace exception */ 862 break; 863 case POWERPC_EXCP_IFTLB: /* Instruction fetch TLB error */ 864 case POWERPC_EXCP_DLTLB: /* Data load TLB miss */ 865 case POWERPC_EXCP_DSTLB: /* Data store TLB miss */ 866 ppc_excp_debug_sw_tlb(env, excp); 867 868 msr |= env->crf[0] << 28; 869 msr |= env->error_code; /* key, D/I, S/L bits */ 870 /* Set way using a LRU mechanism */ 871 msr |= ((env->last_way + 1) & (env->nb_ways - 1)) << 17; 872 873 break; 874 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 875 case POWERPC_EXCP_SMI: /* System management interrupt */ 876 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 877 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 878 cpu_abort(cs, "%s exception not implemented\n", 879 powerpc_excp_name(excp)); 880 break; 881 default: 882 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 883 break; 884 } 885 886 /* 887 * Sort out endianness of interrupt, this differs depending on the 888 * CPU, the HV mode, etc... 889 */ 890 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 891 new_msr |= (target_ulong)1 << MSR_LE; 892 } 893 894 /* Save PC */ 895 env->spr[SPR_SRR0] = env->nip; 896 897 /* Save MSR */ 898 env->spr[SPR_SRR1] = msr; 899 900 powerpc_set_excp_state(cpu, vector, new_msr); 901 } 902 903 static void powerpc_excp_74xx(PowerPCCPU *cpu, int excp) 904 { 905 CPUState *cs = CPU(cpu); 906 CPUPPCState *env = &cpu->env; 907 target_ulong msr, new_msr, vector; 908 909 /* new srr1 value excluding must-be-zero bits */ 910 msr = env->msr & ~0x783f0000ULL; 911 912 /* 913 * new interrupt handler msr preserves existing ME unless 914 * explicitly overriden 915 */ 916 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 917 918 /* 919 * Hypervisor emulation assistance interrupt only exists on server 920 * arch 2.05 server or later. 921 */ 922 if (excp == POWERPC_EXCP_HV_EMU) { 923 excp = POWERPC_EXCP_PROGRAM; 924 } 925 926 vector = env->excp_vectors[excp]; 927 if (vector == (target_ulong)-1ULL) { 928 cpu_abort(cs, "Raised an exception without defined vector %d\n", 929 excp); 930 } 931 932 vector |= env->excp_prefix; 933 934 switch (excp) { 935 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 936 if (!FIELD_EX64(env->msr, MSR, ME)) { 937 /* 938 * Machine check exception is not enabled. Enter 939 * checkstop state. 940 */ 941 fprintf(stderr, "Machine check while not allowed. " 942 "Entering checkstop state\n"); 943 if (qemu_log_separate()) { 944 qemu_log("Machine check while not allowed. " 945 "Entering checkstop state\n"); 946 } 947 cs->halted = 1; 948 cpu_interrupt_exittb(cs); 949 } 950 951 /* machine check exceptions don't have ME set */ 952 new_msr &= ~((target_ulong)1 << MSR_ME); 953 954 break; 955 case POWERPC_EXCP_DSI: /* Data storage exception */ 956 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 957 break; 958 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 959 trace_ppc_excp_isi(msr, env->nip); 960 msr |= env->error_code; 961 break; 962 case POWERPC_EXCP_EXTERNAL: /* External input */ 963 break; 964 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 965 /* Get rS/rD and rA from faulting opcode */ 966 /* 967 * Note: the opcode fields will not be set properly for a 968 * direct store load/store, but nobody cares as nobody 969 * actually uses direct store segments. 970 */ 971 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 972 break; 973 case POWERPC_EXCP_PROGRAM: /* Program exception */ 974 switch (env->error_code & ~0xF) { 975 case POWERPC_EXCP_FP: 976 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 977 trace_ppc_excp_fp_ignore(); 978 powerpc_reset_excp_state(cpu); 979 return; 980 } 981 982 /* 983 * FP exceptions always have NIP pointing to the faulting 984 * instruction, so always use store_next and claim we are 985 * precise in the MSR. 986 */ 987 msr |= 0x00100000; 988 break; 989 case POWERPC_EXCP_INVAL: 990 trace_ppc_excp_inval(env->nip); 991 msr |= 0x00080000; 992 break; 993 case POWERPC_EXCP_PRIV: 994 msr |= 0x00040000; 995 break; 996 case POWERPC_EXCP_TRAP: 997 msr |= 0x00020000; 998 break; 999 default: 1000 /* Should never occur */ 1001 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 1002 env->error_code); 1003 break; 1004 } 1005 break; 1006 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1007 { 1008 int lev = env->error_code; 1009 1010 if ((lev == 1) && cpu->vhyp) { 1011 dump_hcall(env); 1012 } else { 1013 dump_syscall(env); 1014 } 1015 1016 /* 1017 * We need to correct the NIP which in this case is supposed 1018 * to point to the next instruction 1019 */ 1020 env->nip += 4; 1021 1022 /* 1023 * The Virtual Open Firmware (VOF) relies on the 'sc 1' 1024 * instruction to communicate with QEMU. The pegasos2 machine 1025 * uses VOF and the 74xx CPUs, so although the 74xx don't have 1026 * HV mode, we need to keep hypercall support. 1027 */ 1028 if ((lev == 1) && cpu->vhyp) { 1029 PPCVirtualHypervisorClass *vhc = 1030 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 1031 vhc->hypercall(cpu->vhyp, cpu); 1032 return; 1033 } 1034 1035 break; 1036 } 1037 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1038 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1039 break; 1040 case POWERPC_EXCP_RESET: /* System reset exception */ 1041 if (FIELD_EX64(env->msr, MSR, POW)) { 1042 cpu_abort(cs, "Trying to deliver power-saving system reset " 1043 "exception %d with no HV support\n", excp); 1044 } 1045 break; 1046 case POWERPC_EXCP_TRACE: /* Trace exception */ 1047 break; 1048 case POWERPC_EXCP_VPU: /* Vector unavailable exception */ 1049 break; 1050 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 1051 case POWERPC_EXCP_SMI: /* System management interrupt */ 1052 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 1053 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 1054 case POWERPC_EXCP_VPUA: /* Vector assist exception */ 1055 cpu_abort(cs, "%s exception not implemented\n", 1056 powerpc_excp_name(excp)); 1057 break; 1058 default: 1059 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1060 break; 1061 } 1062 1063 /* 1064 * Sort out endianness of interrupt, this differs depending on the 1065 * CPU, the HV mode, etc... 1066 */ 1067 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 1068 new_msr |= (target_ulong)1 << MSR_LE; 1069 } 1070 1071 /* Save PC */ 1072 env->spr[SPR_SRR0] = env->nip; 1073 1074 /* Save MSR */ 1075 env->spr[SPR_SRR1] = msr; 1076 1077 powerpc_set_excp_state(cpu, vector, new_msr); 1078 } 1079 1080 static void powerpc_excp_booke(PowerPCCPU *cpu, int excp) 1081 { 1082 CPUState *cs = CPU(cpu); 1083 CPUPPCState *env = &cpu->env; 1084 target_ulong msr, new_msr, vector; 1085 int srr0, srr1; 1086 1087 msr = env->msr; 1088 1089 /* 1090 * new interrupt handler msr preserves existing ME unless 1091 * explicitly overriden 1092 */ 1093 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 1094 1095 /* target registers */ 1096 srr0 = SPR_SRR0; 1097 srr1 = SPR_SRR1; 1098 1099 /* 1100 * Hypervisor emulation assistance interrupt only exists on server 1101 * arch 2.05 server or later. 1102 */ 1103 if (excp == POWERPC_EXCP_HV_EMU) { 1104 excp = POWERPC_EXCP_PROGRAM; 1105 } 1106 1107 #ifdef TARGET_PPC64 1108 /* 1109 * SPEU and VPU share the same IVOR but they exist in different 1110 * processors. SPEU is e500v1/2 only and VPU is e6500 only. 1111 */ 1112 if (excp == POWERPC_EXCP_VPU) { 1113 excp = POWERPC_EXCP_SPEU; 1114 } 1115 #endif 1116 1117 vector = env->excp_vectors[excp]; 1118 if (vector == (target_ulong)-1ULL) { 1119 cpu_abort(cs, "Raised an exception without defined vector %d\n", 1120 excp); 1121 } 1122 1123 vector |= env->excp_prefix; 1124 1125 switch (excp) { 1126 case POWERPC_EXCP_CRITICAL: /* Critical input */ 1127 srr0 = SPR_BOOKE_CSRR0; 1128 srr1 = SPR_BOOKE_CSRR1; 1129 break; 1130 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 1131 if (!FIELD_EX64(env->msr, MSR, ME)) { 1132 /* 1133 * Machine check exception is not enabled. Enter 1134 * checkstop state. 1135 */ 1136 fprintf(stderr, "Machine check while not allowed. " 1137 "Entering checkstop state\n"); 1138 if (qemu_log_separate()) { 1139 qemu_log("Machine check while not allowed. " 1140 "Entering checkstop state\n"); 1141 } 1142 cs->halted = 1; 1143 cpu_interrupt_exittb(cs); 1144 } 1145 1146 /* machine check exceptions don't have ME set */ 1147 new_msr &= ~((target_ulong)1 << MSR_ME); 1148 1149 /* FIXME: choose one or the other based on CPU type */ 1150 srr0 = SPR_BOOKE_MCSRR0; 1151 srr1 = SPR_BOOKE_MCSRR1; 1152 1153 env->spr[SPR_BOOKE_CSRR0] = env->nip; 1154 env->spr[SPR_BOOKE_CSRR1] = msr; 1155 1156 break; 1157 case POWERPC_EXCP_DSI: /* Data storage exception */ 1158 trace_ppc_excp_dsi(env->spr[SPR_BOOKE_ESR], env->spr[SPR_BOOKE_DEAR]); 1159 break; 1160 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 1161 trace_ppc_excp_isi(msr, env->nip); 1162 break; 1163 case POWERPC_EXCP_EXTERNAL: /* External input */ 1164 if (env->mpic_proxy) { 1165 /* IACK the IRQ on delivery */ 1166 env->spr[SPR_BOOKE_EPR] = ldl_phys(cs->as, env->mpic_iack); 1167 } 1168 break; 1169 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 1170 break; 1171 case POWERPC_EXCP_PROGRAM: /* Program exception */ 1172 switch (env->error_code & ~0xF) { 1173 case POWERPC_EXCP_FP: 1174 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 1175 trace_ppc_excp_fp_ignore(); 1176 powerpc_reset_excp_state(cpu); 1177 return; 1178 } 1179 1180 /* 1181 * FP exceptions always have NIP pointing to the faulting 1182 * instruction, so always use store_next and claim we are 1183 * precise in the MSR. 1184 */ 1185 msr |= 0x00100000; 1186 env->spr[SPR_BOOKE_ESR] = ESR_FP; 1187 break; 1188 case POWERPC_EXCP_INVAL: 1189 trace_ppc_excp_inval(env->nip); 1190 msr |= 0x00080000; 1191 env->spr[SPR_BOOKE_ESR] = ESR_PIL; 1192 break; 1193 case POWERPC_EXCP_PRIV: 1194 msr |= 0x00040000; 1195 env->spr[SPR_BOOKE_ESR] = ESR_PPR; 1196 break; 1197 case POWERPC_EXCP_TRAP: 1198 msr |= 0x00020000; 1199 env->spr[SPR_BOOKE_ESR] = ESR_PTR; 1200 break; 1201 default: 1202 /* Should never occur */ 1203 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 1204 env->error_code); 1205 break; 1206 } 1207 break; 1208 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1209 dump_syscall(env); 1210 1211 /* 1212 * We need to correct the NIP which in this case is supposed 1213 * to point to the next instruction 1214 */ 1215 env->nip += 4; 1216 break; 1217 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1218 case POWERPC_EXCP_APU: /* Auxiliary processor unavailable */ 1219 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1220 break; 1221 case POWERPC_EXCP_FIT: /* Fixed-interval timer interrupt */ 1222 /* FIT on 4xx */ 1223 trace_ppc_excp_print("FIT"); 1224 break; 1225 case POWERPC_EXCP_WDT: /* Watchdog timer interrupt */ 1226 trace_ppc_excp_print("WDT"); 1227 srr0 = SPR_BOOKE_CSRR0; 1228 srr1 = SPR_BOOKE_CSRR1; 1229 break; 1230 case POWERPC_EXCP_DTLB: /* Data TLB error */ 1231 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 1232 break; 1233 case POWERPC_EXCP_DEBUG: /* Debug interrupt */ 1234 if (env->flags & POWERPC_FLAG_DE) { 1235 /* FIXME: choose one or the other based on CPU type */ 1236 srr0 = SPR_BOOKE_DSRR0; 1237 srr1 = SPR_BOOKE_DSRR1; 1238 1239 env->spr[SPR_BOOKE_CSRR0] = env->nip; 1240 env->spr[SPR_BOOKE_CSRR1] = msr; 1241 1242 /* DBSR already modified by caller */ 1243 } else { 1244 cpu_abort(cs, "Debug exception triggered on unsupported model\n"); 1245 } 1246 break; 1247 case POWERPC_EXCP_SPEU: /* SPE/embedded floating-point unavailable/VPU */ 1248 env->spr[SPR_BOOKE_ESR] = ESR_SPV; 1249 break; 1250 case POWERPC_EXCP_DOORI: /* Embedded doorbell interrupt */ 1251 break; 1252 case POWERPC_EXCP_DOORCI: /* Embedded doorbell critical interrupt */ 1253 srr0 = SPR_BOOKE_CSRR0; 1254 srr1 = SPR_BOOKE_CSRR1; 1255 break; 1256 case POWERPC_EXCP_RESET: /* System reset exception */ 1257 if (FIELD_EX64(env->msr, MSR, POW)) { 1258 cpu_abort(cs, "Trying to deliver power-saving system reset " 1259 "exception %d with no HV support\n", excp); 1260 } 1261 break; 1262 case POWERPC_EXCP_EFPDI: /* Embedded floating-point data interrupt */ 1263 case POWERPC_EXCP_EFPRI: /* Embedded floating-point round interrupt */ 1264 cpu_abort(cs, "%s exception not implemented\n", 1265 powerpc_excp_name(excp)); 1266 break; 1267 default: 1268 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1269 break; 1270 } 1271 1272 #if defined(TARGET_PPC64) 1273 if (env->spr[SPR_BOOKE_EPCR] & EPCR_ICM) { 1274 /* Cat.64-bit: EPCR.ICM is copied to MSR.CM */ 1275 new_msr |= (target_ulong)1 << MSR_CM; 1276 } else { 1277 vector = (uint32_t)vector; 1278 } 1279 #endif 1280 1281 /* Save PC */ 1282 env->spr[srr0] = env->nip; 1283 1284 /* Save MSR */ 1285 env->spr[srr1] = msr; 1286 1287 powerpc_set_excp_state(cpu, vector, new_msr); 1288 } 1289 1290 /* 1291 * When running a nested HV guest under vhyp, external interrupts are 1292 * delivered as HVIRT. 1293 */ 1294 static bool books_vhyp_promotes_external_to_hvirt(PowerPCCPU *cpu) 1295 { 1296 if (cpu->vhyp) { 1297 return vhyp_cpu_in_nested(cpu); 1298 } 1299 return false; 1300 } 1301 1302 #ifdef TARGET_PPC64 1303 /* 1304 * When running under vhyp, hcalls are always intercepted and sent to the 1305 * vhc->hypercall handler. 1306 */ 1307 static bool books_vhyp_handles_hcall(PowerPCCPU *cpu) 1308 { 1309 if (cpu->vhyp) { 1310 return !vhyp_cpu_in_nested(cpu); 1311 } 1312 return false; 1313 } 1314 1315 /* 1316 * When running a nested KVM HV guest under vhyp, HV exceptions are not 1317 * delivered to the guest (because there is no concept of HV support), but 1318 * rather they are sent tothe vhyp to exit from the L2 back to the L1 and 1319 * return from the H_ENTER_NESTED hypercall. 1320 */ 1321 static bool books_vhyp_handles_hv_excp(PowerPCCPU *cpu) 1322 { 1323 if (cpu->vhyp) { 1324 return vhyp_cpu_in_nested(cpu); 1325 } 1326 return false; 1327 } 1328 1329 static void powerpc_excp_books(PowerPCCPU *cpu, int excp) 1330 { 1331 CPUState *cs = CPU(cpu); 1332 CPUPPCState *env = &cpu->env; 1333 target_ulong msr, new_msr, vector; 1334 int srr0, srr1, lev = -1; 1335 1336 /* new srr1 value excluding must-be-zero bits */ 1337 msr = env->msr & ~0x783f0000ULL; 1338 1339 /* 1340 * new interrupt handler msr preserves existing HV and ME unless 1341 * explicitly overriden 1342 */ 1343 new_msr = env->msr & (((target_ulong)1 << MSR_ME) | MSR_HVB); 1344 1345 /* target registers */ 1346 srr0 = SPR_SRR0; 1347 srr1 = SPR_SRR1; 1348 1349 /* 1350 * check for special resume at 0x100 from doze/nap/sleep/winkle on 1351 * P7/P8/P9 1352 */ 1353 if (env->resume_as_sreset) { 1354 excp = powerpc_reset_wakeup(cs, env, excp, &msr); 1355 } 1356 1357 /* 1358 * We don't want to generate a Hypervisor Emulation Assistance 1359 * Interrupt if we don't have HVB in msr_mask (PAPR mode). 1360 */ 1361 if (excp == POWERPC_EXCP_HV_EMU && !(env->msr_mask & MSR_HVB)) { 1362 excp = POWERPC_EXCP_PROGRAM; 1363 } 1364 1365 vector = env->excp_vectors[excp]; 1366 if (vector == (target_ulong)-1ULL) { 1367 cpu_abort(cs, "Raised an exception without defined vector %d\n", 1368 excp); 1369 } 1370 1371 vector |= env->excp_prefix; 1372 1373 switch (excp) { 1374 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 1375 if (!FIELD_EX64(env->msr, MSR, ME)) { 1376 /* 1377 * Machine check exception is not enabled. Enter 1378 * checkstop state. 1379 */ 1380 fprintf(stderr, "Machine check while not allowed. " 1381 "Entering checkstop state\n"); 1382 if (qemu_log_separate()) { 1383 qemu_log("Machine check while not allowed. " 1384 "Entering checkstop state\n"); 1385 } 1386 cs->halted = 1; 1387 cpu_interrupt_exittb(cs); 1388 } 1389 if (env->msr_mask & MSR_HVB) { 1390 /* 1391 * ISA specifies HV, but can be delivered to guest with HV 1392 * clear (e.g., see FWNMI in PAPR). 1393 */ 1394 new_msr |= (target_ulong)MSR_HVB; 1395 } 1396 1397 /* machine check exceptions don't have ME set */ 1398 new_msr &= ~((target_ulong)1 << MSR_ME); 1399 1400 break; 1401 case POWERPC_EXCP_DSI: /* Data storage exception */ 1402 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 1403 break; 1404 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 1405 trace_ppc_excp_isi(msr, env->nip); 1406 msr |= env->error_code; 1407 break; 1408 case POWERPC_EXCP_EXTERNAL: /* External input */ 1409 { 1410 bool lpes0; 1411 1412 /* 1413 * LPES0 is only taken into consideration if we support HV 1414 * mode for this CPU. 1415 */ 1416 if (!env->has_hv_mode) { 1417 break; 1418 } 1419 1420 lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1421 1422 if (!lpes0) { 1423 new_msr |= (target_ulong)MSR_HVB; 1424 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1425 srr0 = SPR_HSRR0; 1426 srr1 = SPR_HSRR1; 1427 } 1428 1429 break; 1430 } 1431 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 1432 /* Get rS/rD and rA from faulting opcode */ 1433 /* 1434 * Note: the opcode fields will not be set properly for a 1435 * direct store load/store, but nobody cares as nobody 1436 * actually uses direct store segments. 1437 */ 1438 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 1439 break; 1440 case POWERPC_EXCP_PROGRAM: /* Program exception */ 1441 switch (env->error_code & ~0xF) { 1442 case POWERPC_EXCP_FP: 1443 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 1444 trace_ppc_excp_fp_ignore(); 1445 powerpc_reset_excp_state(cpu); 1446 return; 1447 } 1448 1449 /* 1450 * FP exceptions always have NIP pointing to the faulting 1451 * instruction, so always use store_next and claim we are 1452 * precise in the MSR. 1453 */ 1454 msr |= 0x00100000; 1455 break; 1456 case POWERPC_EXCP_INVAL: 1457 trace_ppc_excp_inval(env->nip); 1458 msr |= 0x00080000; 1459 break; 1460 case POWERPC_EXCP_PRIV: 1461 msr |= 0x00040000; 1462 break; 1463 case POWERPC_EXCP_TRAP: 1464 msr |= 0x00020000; 1465 break; 1466 default: 1467 /* Should never occur */ 1468 cpu_abort(cs, "Invalid program exception %d. Aborting\n", 1469 env->error_code); 1470 break; 1471 } 1472 break; 1473 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1474 lev = env->error_code; 1475 1476 if ((lev == 1) && cpu->vhyp) { 1477 dump_hcall(env); 1478 } else { 1479 dump_syscall(env); 1480 } 1481 1482 /* 1483 * We need to correct the NIP which in this case is supposed 1484 * to point to the next instruction 1485 */ 1486 env->nip += 4; 1487 1488 /* "PAPR mode" built-in hypercall emulation */ 1489 if ((lev == 1) && books_vhyp_handles_hcall(cpu)) { 1490 PPCVirtualHypervisorClass *vhc = 1491 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 1492 vhc->hypercall(cpu->vhyp, cpu); 1493 return; 1494 } 1495 if (lev == 1) { 1496 new_msr |= (target_ulong)MSR_HVB; 1497 } 1498 break; 1499 case POWERPC_EXCP_SYSCALL_VECTORED: /* scv exception */ 1500 lev = env->error_code; 1501 dump_syscall(env); 1502 env->nip += 4; 1503 new_msr |= env->msr & ((target_ulong)1 << MSR_EE); 1504 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1505 1506 vector += lev * 0x20; 1507 1508 env->lr = env->nip; 1509 env->ctr = msr; 1510 break; 1511 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1512 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1513 break; 1514 case POWERPC_EXCP_RESET: /* System reset exception */ 1515 /* A power-saving exception sets ME, otherwise it is unchanged */ 1516 if (FIELD_EX64(env->msr, MSR, POW)) { 1517 /* indicate that we resumed from power save mode */ 1518 msr |= 0x10000; 1519 new_msr |= ((target_ulong)1 << MSR_ME); 1520 } 1521 if (env->msr_mask & MSR_HVB) { 1522 /* 1523 * ISA specifies HV, but can be delivered to guest with HV 1524 * clear (e.g., see FWNMI in PAPR, NMI injection in QEMU). 1525 */ 1526 new_msr |= (target_ulong)MSR_HVB; 1527 } else { 1528 if (FIELD_EX64(env->msr, MSR, POW)) { 1529 cpu_abort(cs, "Trying to deliver power-saving system reset " 1530 "exception %d with no HV support\n", excp); 1531 } 1532 } 1533 break; 1534 case POWERPC_EXCP_DSEG: /* Data segment exception */ 1535 case POWERPC_EXCP_ISEG: /* Instruction segment exception */ 1536 case POWERPC_EXCP_TRACE: /* Trace exception */ 1537 break; 1538 case POWERPC_EXCP_HISI: /* Hypervisor instruction storage exception */ 1539 msr |= env->error_code; 1540 /* fall through */ 1541 case POWERPC_EXCP_HDECR: /* Hypervisor decrementer exception */ 1542 case POWERPC_EXCP_HDSI: /* Hypervisor data storage exception */ 1543 case POWERPC_EXCP_SDOOR_HV: /* Hypervisor Doorbell interrupt */ 1544 case POWERPC_EXCP_HV_EMU: 1545 case POWERPC_EXCP_HVIRT: /* Hypervisor virtualization */ 1546 srr0 = SPR_HSRR0; 1547 srr1 = SPR_HSRR1; 1548 new_msr |= (target_ulong)MSR_HVB; 1549 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1550 break; 1551 case POWERPC_EXCP_VPU: /* Vector unavailable exception */ 1552 case POWERPC_EXCP_VSXU: /* VSX unavailable exception */ 1553 case POWERPC_EXCP_FU: /* Facility unavailable exception */ 1554 env->spr[SPR_FSCR] |= ((target_ulong)env->error_code << 56); 1555 break; 1556 case POWERPC_EXCP_HV_FU: /* Hypervisor Facility Unavailable Exception */ 1557 env->spr[SPR_HFSCR] |= ((target_ulong)env->error_code << FSCR_IC_POS); 1558 srr0 = SPR_HSRR0; 1559 srr1 = SPR_HSRR1; 1560 new_msr |= (target_ulong)MSR_HVB; 1561 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1562 break; 1563 case POWERPC_EXCP_PERFM_EBB: /* Performance Monitor EBB Exception */ 1564 case POWERPC_EXCP_EXTERNAL_EBB: /* External EBB Exception */ 1565 env->spr[SPR_BESCR] &= ~BESCR_GE; 1566 1567 /* 1568 * Save NIP for rfebb insn in SPR_EBBRR. Next nip is 1569 * stored in the EBB Handler SPR_EBBHR. 1570 */ 1571 env->spr[SPR_EBBRR] = env->nip; 1572 powerpc_set_excp_state(cpu, env->spr[SPR_EBBHR], env->msr); 1573 1574 /* 1575 * This exception is handled in userspace. No need to proceed. 1576 */ 1577 return; 1578 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 1579 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 1580 case POWERPC_EXCP_VPUA: /* Vector assist exception */ 1581 case POWERPC_EXCP_MAINT: /* Maintenance exception */ 1582 case POWERPC_EXCP_SDOOR: /* Doorbell interrupt */ 1583 case POWERPC_EXCP_HV_MAINT: /* Hypervisor Maintenance exception */ 1584 cpu_abort(cs, "%s exception not implemented\n", 1585 powerpc_excp_name(excp)); 1586 break; 1587 default: 1588 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1589 break; 1590 } 1591 1592 /* 1593 * Sort out endianness of interrupt, this differs depending on the 1594 * CPU, the HV mode, etc... 1595 */ 1596 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 1597 new_msr |= (target_ulong)1 << MSR_LE; 1598 } 1599 1600 new_msr |= (target_ulong)1 << MSR_SF; 1601 1602 if (excp != POWERPC_EXCP_SYSCALL_VECTORED) { 1603 /* Save PC */ 1604 env->spr[srr0] = env->nip; 1605 1606 /* Save MSR */ 1607 env->spr[srr1] = msr; 1608 } 1609 1610 if ((new_msr & MSR_HVB) && books_vhyp_handles_hv_excp(cpu)) { 1611 PPCVirtualHypervisorClass *vhc = 1612 PPC_VIRTUAL_HYPERVISOR_GET_CLASS(cpu->vhyp); 1613 /* Deliver interrupt to L1 by returning from the H_ENTER_NESTED call */ 1614 vhc->deliver_hv_excp(cpu, excp); 1615 1616 powerpc_reset_excp_state(cpu); 1617 1618 } else { 1619 /* Sanity check */ 1620 if (!(env->msr_mask & MSR_HVB) && srr0 == SPR_HSRR0) { 1621 cpu_abort(cs, "Trying to deliver HV exception (HSRR) %d with " 1622 "no HV support\n", excp); 1623 } 1624 1625 /* This can update new_msr and vector if AIL applies */ 1626 ppc_excp_apply_ail(cpu, excp, msr, &new_msr, &vector); 1627 1628 powerpc_set_excp_state(cpu, vector, new_msr); 1629 } 1630 } 1631 #else 1632 static inline void powerpc_excp_books(PowerPCCPU *cpu, int excp) 1633 { 1634 g_assert_not_reached(); 1635 } 1636 #endif 1637 1638 static void powerpc_excp(PowerPCCPU *cpu, int excp) 1639 { 1640 CPUState *cs = CPU(cpu); 1641 CPUPPCState *env = &cpu->env; 1642 1643 if (excp <= POWERPC_EXCP_NONE || excp >= POWERPC_EXCP_NB) { 1644 cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp); 1645 } 1646 1647 qemu_log_mask(CPU_LOG_INT, "Raise exception at " TARGET_FMT_lx 1648 " => %s (%d) error=%02x\n", env->nip, powerpc_excp_name(excp), 1649 excp, env->error_code); 1650 1651 switch (env->excp_model) { 1652 case POWERPC_EXCP_40x: 1653 powerpc_excp_40x(cpu, excp); 1654 break; 1655 case POWERPC_EXCP_6xx: 1656 powerpc_excp_6xx(cpu, excp); 1657 break; 1658 case POWERPC_EXCP_7xx: 1659 powerpc_excp_7xx(cpu, excp); 1660 break; 1661 case POWERPC_EXCP_74xx: 1662 powerpc_excp_74xx(cpu, excp); 1663 break; 1664 case POWERPC_EXCP_BOOKE: 1665 powerpc_excp_booke(cpu, excp); 1666 break; 1667 case POWERPC_EXCP_970: 1668 case POWERPC_EXCP_POWER7: 1669 case POWERPC_EXCP_POWER8: 1670 case POWERPC_EXCP_POWER9: 1671 case POWERPC_EXCP_POWER10: 1672 powerpc_excp_books(cpu, excp); 1673 break; 1674 default: 1675 g_assert_not_reached(); 1676 } 1677 } 1678 1679 void ppc_cpu_do_interrupt(CPUState *cs) 1680 { 1681 PowerPCCPU *cpu = POWERPC_CPU(cs); 1682 1683 powerpc_excp(cpu, cs->exception_index); 1684 } 1685 1686 static void ppc_hw_interrupt(CPUPPCState *env) 1687 { 1688 PowerPCCPU *cpu = env_archcpu(env); 1689 bool async_deliver; 1690 1691 /* External reset */ 1692 if (env->pending_interrupts & (1 << PPC_INTERRUPT_RESET)) { 1693 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_RESET); 1694 powerpc_excp(cpu, POWERPC_EXCP_RESET); 1695 return; 1696 } 1697 /* Machine check exception */ 1698 if (env->pending_interrupts & (1 << PPC_INTERRUPT_MCK)) { 1699 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_MCK); 1700 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 1701 return; 1702 } 1703 #if 0 /* TODO */ 1704 /* External debug exception */ 1705 if (env->pending_interrupts & (1 << PPC_INTERRUPT_DEBUG)) { 1706 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_DEBUG); 1707 powerpc_excp(cpu, POWERPC_EXCP_DEBUG); 1708 return; 1709 } 1710 #endif 1711 1712 /* 1713 * For interrupts that gate on MSR:EE, we need to do something a 1714 * bit more subtle, as we need to let them through even when EE is 1715 * clear when coming out of some power management states (in order 1716 * for them to become a 0x100). 1717 */ 1718 async_deliver = FIELD_EX64(env->msr, MSR, EE) || env->resume_as_sreset; 1719 1720 /* Hypervisor decrementer exception */ 1721 if (env->pending_interrupts & (1 << PPC_INTERRUPT_HDECR)) { 1722 /* LPCR will be clear when not supported so this will work */ 1723 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 1724 if ((async_deliver || !FIELD_EX64_HV(env->msr)) && hdice) { 1725 /* HDEC clears on delivery */ 1726 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_HDECR); 1727 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 1728 return; 1729 } 1730 } 1731 1732 /* Hypervisor virtualization interrupt */ 1733 if (env->pending_interrupts & (1 << PPC_INTERRUPT_HVIRT)) { 1734 /* LPCR will be clear when not supported so this will work */ 1735 bool hvice = !!(env->spr[SPR_LPCR] & LPCR_HVICE); 1736 if ((async_deliver || !FIELD_EX64_HV(env->msr)) && hvice) { 1737 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 1738 return; 1739 } 1740 } 1741 1742 /* External interrupt can ignore MSR:EE under some circumstances */ 1743 if (env->pending_interrupts & (1 << PPC_INTERRUPT_EXT)) { 1744 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1745 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 1746 /* HEIC blocks delivery to the hypervisor */ 1747 if ((async_deliver && !(heic && FIELD_EX64_HV(env->msr) && 1748 !FIELD_EX64(env->msr, MSR, PR))) || 1749 (env->has_hv_mode && !FIELD_EX64_HV(env->msr) && !lpes0)) { 1750 if (books_vhyp_promotes_external_to_hvirt(cpu)) { 1751 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 1752 } else { 1753 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 1754 } 1755 return; 1756 } 1757 } 1758 if (FIELD_EX64(env->msr, MSR, CE)) { 1759 /* External critical interrupt */ 1760 if (env->pending_interrupts & (1 << PPC_INTERRUPT_CEXT)) { 1761 powerpc_excp(cpu, POWERPC_EXCP_CRITICAL); 1762 return; 1763 } 1764 } 1765 if (async_deliver != 0) { 1766 /* Watchdog timer on embedded PowerPC */ 1767 if (env->pending_interrupts & (1 << PPC_INTERRUPT_WDT)) { 1768 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_WDT); 1769 powerpc_excp(cpu, POWERPC_EXCP_WDT); 1770 return; 1771 } 1772 if (env->pending_interrupts & (1 << PPC_INTERRUPT_CDOORBELL)) { 1773 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_CDOORBELL); 1774 powerpc_excp(cpu, POWERPC_EXCP_DOORCI); 1775 return; 1776 } 1777 /* Fixed interval timer on embedded PowerPC */ 1778 if (env->pending_interrupts & (1 << PPC_INTERRUPT_FIT)) { 1779 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_FIT); 1780 powerpc_excp(cpu, POWERPC_EXCP_FIT); 1781 return; 1782 } 1783 /* Programmable interval timer on embedded PowerPC */ 1784 if (env->pending_interrupts & (1 << PPC_INTERRUPT_PIT)) { 1785 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_PIT); 1786 powerpc_excp(cpu, POWERPC_EXCP_PIT); 1787 return; 1788 } 1789 /* Decrementer exception */ 1790 if (env->pending_interrupts & (1 << PPC_INTERRUPT_DECR)) { 1791 if (ppc_decr_clear_on_delivery(env)) { 1792 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_DECR); 1793 } 1794 powerpc_excp(cpu, POWERPC_EXCP_DECR); 1795 return; 1796 } 1797 if (env->pending_interrupts & (1 << PPC_INTERRUPT_DOORBELL)) { 1798 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_DOORBELL); 1799 if (is_book3s_arch2x(env)) { 1800 powerpc_excp(cpu, POWERPC_EXCP_SDOOR); 1801 } else { 1802 powerpc_excp(cpu, POWERPC_EXCP_DOORI); 1803 } 1804 return; 1805 } 1806 if (env->pending_interrupts & (1 << PPC_INTERRUPT_HDOORBELL)) { 1807 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_HDOORBELL); 1808 powerpc_excp(cpu, POWERPC_EXCP_SDOOR_HV); 1809 return; 1810 } 1811 if (env->pending_interrupts & (1 << PPC_INTERRUPT_PERFM)) { 1812 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_PERFM); 1813 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 1814 return; 1815 } 1816 /* Thermal interrupt */ 1817 if (env->pending_interrupts & (1 << PPC_INTERRUPT_THERM)) { 1818 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_THERM); 1819 powerpc_excp(cpu, POWERPC_EXCP_THERM); 1820 return; 1821 } 1822 /* EBB exception */ 1823 if (env->pending_interrupts & (1 << PPC_INTERRUPT_EBB)) { 1824 /* 1825 * EBB exception must be taken in problem state and 1826 * with BESCR_GE set. 1827 */ 1828 if (FIELD_EX64(env->msr, MSR, PR) && 1829 (env->spr[SPR_BESCR] & BESCR_GE)) { 1830 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_EBB); 1831 1832 if (env->spr[SPR_BESCR] & BESCR_PMEO) { 1833 powerpc_excp(cpu, POWERPC_EXCP_PERFM_EBB); 1834 } else if (env->spr[SPR_BESCR] & BESCR_EEO) { 1835 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL_EBB); 1836 } 1837 1838 return; 1839 } 1840 } 1841 } 1842 1843 if (env->resume_as_sreset) { 1844 /* 1845 * This is a bug ! It means that has_work took us out of halt without 1846 * anything to deliver while in a PM state that requires getting 1847 * out via a 0x100 1848 * 1849 * This means we will incorrectly execute past the power management 1850 * instruction instead of triggering a reset. 1851 * 1852 * It generally means a discrepancy between the wakeup conditions in the 1853 * processor has_work implementation and the logic in this function. 1854 */ 1855 cpu_abort(env_cpu(env), 1856 "Wakeup from PM state but interrupt Undelivered"); 1857 } 1858 } 1859 1860 void ppc_cpu_do_system_reset(CPUState *cs) 1861 { 1862 PowerPCCPU *cpu = POWERPC_CPU(cs); 1863 1864 powerpc_excp(cpu, POWERPC_EXCP_RESET); 1865 } 1866 1867 void ppc_cpu_do_fwnmi_machine_check(CPUState *cs, target_ulong vector) 1868 { 1869 PowerPCCPU *cpu = POWERPC_CPU(cs); 1870 CPUPPCState *env = &cpu->env; 1871 target_ulong msr = 0; 1872 1873 /* 1874 * Set MSR and NIP for the handler, SRR0/1, DAR and DSISR have already 1875 * been set by KVM. 1876 */ 1877 msr = (1ULL << MSR_ME); 1878 msr |= env->msr & (1ULL << MSR_SF); 1879 if (ppc_interrupts_little_endian(cpu, false)) { 1880 msr |= (1ULL << MSR_LE); 1881 } 1882 1883 /* Anything for nested required here? MSR[HV] bit? */ 1884 1885 powerpc_set_excp_state(cpu, vector, msr); 1886 } 1887 1888 bool ppc_cpu_exec_interrupt(CPUState *cs, int interrupt_request) 1889 { 1890 PowerPCCPU *cpu = POWERPC_CPU(cs); 1891 CPUPPCState *env = &cpu->env; 1892 1893 if (interrupt_request & CPU_INTERRUPT_HARD) { 1894 ppc_hw_interrupt(env); 1895 if (env->pending_interrupts == 0) { 1896 cs->interrupt_request &= ~CPU_INTERRUPT_HARD; 1897 } 1898 return true; 1899 } 1900 return false; 1901 } 1902 1903 #endif /* !CONFIG_USER_ONLY */ 1904 1905 /*****************************************************************************/ 1906 /* Exceptions processing helpers */ 1907 1908 void raise_exception_err_ra(CPUPPCState *env, uint32_t exception, 1909 uint32_t error_code, uintptr_t raddr) 1910 { 1911 CPUState *cs = env_cpu(env); 1912 1913 cs->exception_index = exception; 1914 env->error_code = error_code; 1915 cpu_loop_exit_restore(cs, raddr); 1916 } 1917 1918 void raise_exception_err(CPUPPCState *env, uint32_t exception, 1919 uint32_t error_code) 1920 { 1921 raise_exception_err_ra(env, exception, error_code, 0); 1922 } 1923 1924 void raise_exception(CPUPPCState *env, uint32_t exception) 1925 { 1926 raise_exception_err_ra(env, exception, 0, 0); 1927 } 1928 1929 void raise_exception_ra(CPUPPCState *env, uint32_t exception, 1930 uintptr_t raddr) 1931 { 1932 raise_exception_err_ra(env, exception, 0, raddr); 1933 } 1934 1935 #ifdef CONFIG_TCG 1936 void helper_raise_exception_err(CPUPPCState *env, uint32_t exception, 1937 uint32_t error_code) 1938 { 1939 raise_exception_err_ra(env, exception, error_code, 0); 1940 } 1941 1942 void helper_raise_exception(CPUPPCState *env, uint32_t exception) 1943 { 1944 raise_exception_err_ra(env, exception, 0, 0); 1945 } 1946 #endif 1947 1948 #if !defined(CONFIG_USER_ONLY) 1949 #ifdef CONFIG_TCG 1950 void helper_store_msr(CPUPPCState *env, target_ulong val) 1951 { 1952 uint32_t excp = hreg_store_msr(env, val, 0); 1953 1954 if (excp != 0) { 1955 CPUState *cs = env_cpu(env); 1956 cpu_interrupt_exittb(cs); 1957 raise_exception(env, excp); 1958 } 1959 } 1960 1961 #if defined(TARGET_PPC64) 1962 void helper_scv(CPUPPCState *env, uint32_t lev) 1963 { 1964 if (env->spr[SPR_FSCR] & (1ull << FSCR_SCV)) { 1965 raise_exception_err(env, POWERPC_EXCP_SYSCALL_VECTORED, lev); 1966 } else { 1967 raise_exception_err(env, POWERPC_EXCP_FU, FSCR_IC_SCV); 1968 } 1969 } 1970 1971 void helper_pminsn(CPUPPCState *env, powerpc_pm_insn_t insn) 1972 { 1973 CPUState *cs; 1974 1975 cs = env_cpu(env); 1976 cs->halted = 1; 1977 1978 /* Condition for waking up at 0x100 */ 1979 env->resume_as_sreset = (insn != PPC_PM_STOP) || 1980 (env->spr[SPR_PSSCR] & PSSCR_EC); 1981 } 1982 #endif /* defined(TARGET_PPC64) */ 1983 1984 static void do_rfi(CPUPPCState *env, target_ulong nip, target_ulong msr) 1985 { 1986 CPUState *cs = env_cpu(env); 1987 1988 /* MSR:POW cannot be set by any form of rfi */ 1989 msr &= ~(1ULL << MSR_POW); 1990 1991 /* MSR:TGPR cannot be set by any form of rfi */ 1992 if (env->flags & POWERPC_FLAG_TGPR) 1993 msr &= ~(1ULL << MSR_TGPR); 1994 1995 #if defined(TARGET_PPC64) 1996 /* Switching to 32-bit ? Crop the nip */ 1997 if (!msr_is_64bit(env, msr)) { 1998 nip = (uint32_t)nip; 1999 } 2000 #else 2001 nip = (uint32_t)nip; 2002 #endif 2003 /* XXX: beware: this is false if VLE is supported */ 2004 env->nip = nip & ~((target_ulong)0x00000003); 2005 hreg_store_msr(env, msr, 1); 2006 trace_ppc_excp_rfi(env->nip, env->msr); 2007 /* 2008 * No need to raise an exception here, as rfi is always the last 2009 * insn of a TB 2010 */ 2011 cpu_interrupt_exittb(cs); 2012 /* Reset the reservation */ 2013 env->reserve_addr = -1; 2014 2015 /* Context synchronizing: check if TCG TLB needs flush */ 2016 check_tlb_flush(env, false); 2017 } 2018 2019 void helper_rfi(CPUPPCState *env) 2020 { 2021 do_rfi(env, env->spr[SPR_SRR0], env->spr[SPR_SRR1] & 0xfffffffful); 2022 } 2023 2024 #if defined(TARGET_PPC64) 2025 void helper_rfid(CPUPPCState *env) 2026 { 2027 /* 2028 * The architecture defines a number of rules for which bits can 2029 * change but in practice, we handle this in hreg_store_msr() 2030 * which will be called by do_rfi(), so there is no need to filter 2031 * here 2032 */ 2033 do_rfi(env, env->spr[SPR_SRR0], env->spr[SPR_SRR1]); 2034 } 2035 2036 void helper_rfscv(CPUPPCState *env) 2037 { 2038 do_rfi(env, env->lr, env->ctr); 2039 } 2040 2041 void helper_hrfid(CPUPPCState *env) 2042 { 2043 do_rfi(env, env->spr[SPR_HSRR0], env->spr[SPR_HSRR1]); 2044 } 2045 #endif 2046 2047 #if defined(TARGET_PPC64) && !defined(CONFIG_USER_ONLY) 2048 void helper_rfebb(CPUPPCState *env, target_ulong s) 2049 { 2050 target_ulong msr = env->msr; 2051 2052 /* 2053 * Handling of BESCR bits 32:33 according to PowerISA v3.1: 2054 * 2055 * "If BESCR 32:33 != 0b00 the instruction is treated as if 2056 * the instruction form were invalid." 2057 */ 2058 if (env->spr[SPR_BESCR] & BESCR_INVALID) { 2059 raise_exception_err(env, POWERPC_EXCP_PROGRAM, 2060 POWERPC_EXCP_INVAL | POWERPC_EXCP_INVAL_INVAL); 2061 } 2062 2063 env->nip = env->spr[SPR_EBBRR]; 2064 2065 /* Switching to 32-bit ? Crop the nip */ 2066 if (!msr_is_64bit(env, msr)) { 2067 env->nip = (uint32_t)env->spr[SPR_EBBRR]; 2068 } 2069 2070 if (s) { 2071 env->spr[SPR_BESCR] |= BESCR_GE; 2072 } else { 2073 env->spr[SPR_BESCR] &= ~BESCR_GE; 2074 } 2075 } 2076 2077 /* 2078 * Triggers or queues an 'ebb_excp' EBB exception. All checks 2079 * but FSCR, HFSCR and msr_pr must be done beforehand. 2080 * 2081 * PowerISA v3.1 isn't clear about whether an EBB should be 2082 * postponed or cancelled if the EBB facility is unavailable. 2083 * Our assumption here is that the EBB is cancelled if both 2084 * FSCR and HFSCR EBB facilities aren't available. 2085 */ 2086 static void do_ebb(CPUPPCState *env, int ebb_excp) 2087 { 2088 PowerPCCPU *cpu = env_archcpu(env); 2089 CPUState *cs = CPU(cpu); 2090 2091 /* 2092 * FSCR_EBB and FSCR_IC_EBB are the same bits used with 2093 * HFSCR. 2094 */ 2095 helper_fscr_facility_check(env, FSCR_EBB, 0, FSCR_IC_EBB); 2096 helper_hfscr_facility_check(env, FSCR_EBB, "EBB", FSCR_IC_EBB); 2097 2098 if (ebb_excp == POWERPC_EXCP_PERFM_EBB) { 2099 env->spr[SPR_BESCR] |= BESCR_PMEO; 2100 } else if (ebb_excp == POWERPC_EXCP_EXTERNAL_EBB) { 2101 env->spr[SPR_BESCR] |= BESCR_EEO; 2102 } 2103 2104 if (FIELD_EX64(env->msr, MSR, PR)) { 2105 powerpc_excp(cpu, ebb_excp); 2106 } else { 2107 env->pending_interrupts |= 1 << PPC_INTERRUPT_EBB; 2108 cpu_interrupt(cs, CPU_INTERRUPT_HARD); 2109 } 2110 } 2111 2112 void raise_ebb_perfm_exception(CPUPPCState *env) 2113 { 2114 bool perfm_ebb_enabled = env->spr[SPR_POWER_MMCR0] & MMCR0_EBE && 2115 env->spr[SPR_BESCR] & BESCR_PME && 2116 env->spr[SPR_BESCR] & BESCR_GE; 2117 2118 if (!perfm_ebb_enabled) { 2119 return; 2120 } 2121 2122 do_ebb(env, POWERPC_EXCP_PERFM_EBB); 2123 } 2124 #endif 2125 2126 /*****************************************************************************/ 2127 /* Embedded PowerPC specific helpers */ 2128 void helper_40x_rfci(CPUPPCState *env) 2129 { 2130 do_rfi(env, env->spr[SPR_40x_SRR2], env->spr[SPR_40x_SRR3]); 2131 } 2132 2133 void helper_rfci(CPUPPCState *env) 2134 { 2135 do_rfi(env, env->spr[SPR_BOOKE_CSRR0], env->spr[SPR_BOOKE_CSRR1]); 2136 } 2137 2138 void helper_rfdi(CPUPPCState *env) 2139 { 2140 /* FIXME: choose CSRR1 or DSRR1 based on cpu type */ 2141 do_rfi(env, env->spr[SPR_BOOKE_DSRR0], env->spr[SPR_BOOKE_DSRR1]); 2142 } 2143 2144 void helper_rfmci(CPUPPCState *env) 2145 { 2146 /* FIXME: choose CSRR1 or MCSRR1 based on cpu type */ 2147 do_rfi(env, env->spr[SPR_BOOKE_MCSRR0], env->spr[SPR_BOOKE_MCSRR1]); 2148 } 2149 #endif /* CONFIG_TCG */ 2150 #endif /* !defined(CONFIG_USER_ONLY) */ 2151 2152 #ifdef CONFIG_TCG 2153 void helper_tw(CPUPPCState *env, target_ulong arg1, target_ulong arg2, 2154 uint32_t flags) 2155 { 2156 if (!likely(!(((int32_t)arg1 < (int32_t)arg2 && (flags & 0x10)) || 2157 ((int32_t)arg1 > (int32_t)arg2 && (flags & 0x08)) || 2158 ((int32_t)arg1 == (int32_t)arg2 && (flags & 0x04)) || 2159 ((uint32_t)arg1 < (uint32_t)arg2 && (flags & 0x02)) || 2160 ((uint32_t)arg1 > (uint32_t)arg2 && (flags & 0x01))))) { 2161 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2162 POWERPC_EXCP_TRAP, GETPC()); 2163 } 2164 } 2165 2166 #if defined(TARGET_PPC64) 2167 void helper_td(CPUPPCState *env, target_ulong arg1, target_ulong arg2, 2168 uint32_t flags) 2169 { 2170 if (!likely(!(((int64_t)arg1 < (int64_t)arg2 && (flags & 0x10)) || 2171 ((int64_t)arg1 > (int64_t)arg2 && (flags & 0x08)) || 2172 ((int64_t)arg1 == (int64_t)arg2 && (flags & 0x04)) || 2173 ((uint64_t)arg1 < (uint64_t)arg2 && (flags & 0x02)) || 2174 ((uint64_t)arg1 > (uint64_t)arg2 && (flags & 0x01))))) { 2175 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2176 POWERPC_EXCP_TRAP, GETPC()); 2177 } 2178 } 2179 #endif 2180 #endif 2181 2182 static uint32_t helper_SIMON_LIKE_32_64(uint32_t x, uint64_t key, uint32_t lane) 2183 { 2184 const uint16_t c = 0xfffc; 2185 const uint64_t z0 = 0xfa2561cdf44ac398ULL; 2186 uint16_t z = 0, temp; 2187 uint16_t k[32], eff_k[32], xleft[33], xright[33], fxleft[32]; 2188 2189 for (int i = 3; i >= 0; i--) { 2190 k[i] = key & 0xffff; 2191 key >>= 16; 2192 } 2193 xleft[0] = x & 0xffff; 2194 xright[0] = (x >> 16) & 0xffff; 2195 2196 for (int i = 0; i < 28; i++) { 2197 z = (z0 >> (63 - i)) & 1; 2198 temp = ror16(k[i + 3], 3) ^ k[i + 1]; 2199 k[i + 4] = c ^ z ^ k[i] ^ temp ^ ror16(temp, 1); 2200 } 2201 2202 for (int i = 0; i < 8; i++) { 2203 eff_k[4 * i + 0] = k[4 * i + ((0 + lane) % 4)]; 2204 eff_k[4 * i + 1] = k[4 * i + ((1 + lane) % 4)]; 2205 eff_k[4 * i + 2] = k[4 * i + ((2 + lane) % 4)]; 2206 eff_k[4 * i + 3] = k[4 * i + ((3 + lane) % 4)]; 2207 } 2208 2209 for (int i = 0; i < 32; i++) { 2210 fxleft[i] = (rol16(xleft[i], 1) & 2211 rol16(xleft[i], 8)) ^ rol16(xleft[i], 2); 2212 xleft[i + 1] = xright[i] ^ fxleft[i] ^ eff_k[i]; 2213 xright[i + 1] = xleft[i]; 2214 } 2215 2216 return (((uint32_t)xright[32]) << 16) | xleft[32]; 2217 } 2218 2219 static uint64_t hash_digest(uint64_t ra, uint64_t rb, uint64_t key) 2220 { 2221 uint64_t stage0_h = 0ULL, stage0_l = 0ULL; 2222 uint64_t stage1_h, stage1_l; 2223 2224 for (int i = 0; i < 4; i++) { 2225 stage0_h |= ror64(rb & 0xff, 8 * (2 * i + 1)); 2226 stage0_h |= ((ra >> 32) & 0xff) << (8 * 2 * i); 2227 stage0_l |= ror64((rb >> 32) & 0xff, 8 * (2 * i + 1)); 2228 stage0_l |= (ra & 0xff) << (8 * 2 * i); 2229 rb >>= 8; 2230 ra >>= 8; 2231 } 2232 2233 stage1_h = (uint64_t)helper_SIMON_LIKE_32_64(stage0_h >> 32, key, 0) << 32; 2234 stage1_h |= helper_SIMON_LIKE_32_64(stage0_h, key, 1); 2235 stage1_l = (uint64_t)helper_SIMON_LIKE_32_64(stage0_l >> 32, key, 2) << 32; 2236 stage1_l |= helper_SIMON_LIKE_32_64(stage0_l, key, 3); 2237 2238 return stage1_h ^ stage1_l; 2239 } 2240 2241 #include "qemu/guest-random.h" 2242 2243 #define HELPER_HASH(op, key, store) \ 2244 void helper_##op(CPUPPCState *env, target_ulong ea, target_ulong ra, \ 2245 target_ulong rb) \ 2246 { \ 2247 uint64_t calculated_hash = hash_digest(ra, rb, key), loaded_hash; \ 2248 \ 2249 if (store) { \ 2250 cpu_stq_data_ra(env, ea, calculated_hash, GETPC()); \ 2251 } else { \ 2252 loaded_hash = cpu_ldq_data_ra(env, ea, GETPC()); \ 2253 if (loaded_hash != calculated_hash) { \ 2254 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, \ 2255 POWERPC_EXCP_TRAP, GETPC()); \ 2256 } \ 2257 } \ 2258 } 2259 2260 HELPER_HASH(HASHST, env->spr[SPR_HASHKEYR], true) 2261 HELPER_HASH(HASHCHK, env->spr[SPR_HASHKEYR], false) 2262 HELPER_HASH(HASHSTP, env->spr[SPR_HASHPKEYR], true) 2263 HELPER_HASH(HASHCHKP, env->spr[SPR_HASHPKEYR], false) 2264 2265 #if !defined(CONFIG_USER_ONLY) 2266 2267 #ifdef CONFIG_TCG 2268 2269 /* Embedded.Processor Control */ 2270 static int dbell2irq(target_ulong rb) 2271 { 2272 int msg = rb & DBELL_TYPE_MASK; 2273 int irq = -1; 2274 2275 switch (msg) { 2276 case DBELL_TYPE_DBELL: 2277 irq = PPC_INTERRUPT_DOORBELL; 2278 break; 2279 case DBELL_TYPE_DBELL_CRIT: 2280 irq = PPC_INTERRUPT_CDOORBELL; 2281 break; 2282 case DBELL_TYPE_G_DBELL: 2283 case DBELL_TYPE_G_DBELL_CRIT: 2284 case DBELL_TYPE_G_DBELL_MC: 2285 /* XXX implement */ 2286 default: 2287 break; 2288 } 2289 2290 return irq; 2291 } 2292 2293 void helper_msgclr(CPUPPCState *env, target_ulong rb) 2294 { 2295 int irq = dbell2irq(rb); 2296 2297 if (irq < 0) { 2298 return; 2299 } 2300 2301 env->pending_interrupts &= ~(1 << irq); 2302 } 2303 2304 void helper_msgsnd(target_ulong rb) 2305 { 2306 int irq = dbell2irq(rb); 2307 int pir = rb & DBELL_PIRTAG_MASK; 2308 CPUState *cs; 2309 2310 if (irq < 0) { 2311 return; 2312 } 2313 2314 qemu_mutex_lock_iothread(); 2315 CPU_FOREACH(cs) { 2316 PowerPCCPU *cpu = POWERPC_CPU(cs); 2317 CPUPPCState *cenv = &cpu->env; 2318 2319 if ((rb & DBELL_BRDCAST) || (cenv->spr[SPR_BOOKE_PIR] == pir)) { 2320 cenv->pending_interrupts |= 1 << irq; 2321 cpu_interrupt(cs, CPU_INTERRUPT_HARD); 2322 } 2323 } 2324 qemu_mutex_unlock_iothread(); 2325 } 2326 2327 /* Server Processor Control */ 2328 2329 static bool dbell_type_server(target_ulong rb) 2330 { 2331 /* 2332 * A Directed Hypervisor Doorbell message is sent only if the 2333 * message type is 5. All other types are reserved and the 2334 * instruction is a no-op 2335 */ 2336 return (rb & DBELL_TYPE_MASK) == DBELL_TYPE_DBELL_SERVER; 2337 } 2338 2339 void helper_book3s_msgclr(CPUPPCState *env, target_ulong rb) 2340 { 2341 if (!dbell_type_server(rb)) { 2342 return; 2343 } 2344 2345 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_HDOORBELL); 2346 } 2347 2348 static void book3s_msgsnd_common(int pir, int irq) 2349 { 2350 CPUState *cs; 2351 2352 qemu_mutex_lock_iothread(); 2353 CPU_FOREACH(cs) { 2354 PowerPCCPU *cpu = POWERPC_CPU(cs); 2355 CPUPPCState *cenv = &cpu->env; 2356 2357 /* TODO: broadcast message to all threads of the same processor */ 2358 if (cenv->spr_cb[SPR_PIR].default_value == pir) { 2359 cenv->pending_interrupts |= 1 << irq; 2360 cpu_interrupt(cs, CPU_INTERRUPT_HARD); 2361 } 2362 } 2363 qemu_mutex_unlock_iothread(); 2364 } 2365 2366 void helper_book3s_msgsnd(target_ulong rb) 2367 { 2368 int pir = rb & DBELL_PROCIDTAG_MASK; 2369 2370 if (!dbell_type_server(rb)) { 2371 return; 2372 } 2373 2374 book3s_msgsnd_common(pir, PPC_INTERRUPT_HDOORBELL); 2375 } 2376 2377 #if defined(TARGET_PPC64) 2378 void helper_book3s_msgclrp(CPUPPCState *env, target_ulong rb) 2379 { 2380 helper_hfscr_facility_check(env, HFSCR_MSGP, "msgclrp", HFSCR_IC_MSGP); 2381 2382 if (!dbell_type_server(rb)) { 2383 return; 2384 } 2385 2386 env->pending_interrupts &= ~(1 << PPC_INTERRUPT_DOORBELL); 2387 } 2388 2389 /* 2390 * sends a message to other threads that are on the same 2391 * multi-threaded processor 2392 */ 2393 void helper_book3s_msgsndp(CPUPPCState *env, target_ulong rb) 2394 { 2395 int pir = env->spr_cb[SPR_PIR].default_value; 2396 2397 helper_hfscr_facility_check(env, HFSCR_MSGP, "msgsndp", HFSCR_IC_MSGP); 2398 2399 if (!dbell_type_server(rb)) { 2400 return; 2401 } 2402 2403 /* TODO: TCG supports only one thread */ 2404 2405 book3s_msgsnd_common(pir, PPC_INTERRUPT_DOORBELL); 2406 } 2407 #endif /* TARGET_PPC64 */ 2408 2409 void ppc_cpu_do_unaligned_access(CPUState *cs, vaddr vaddr, 2410 MMUAccessType access_type, 2411 int mmu_idx, uintptr_t retaddr) 2412 { 2413 CPUPPCState *env = cs->env_ptr; 2414 uint32_t insn; 2415 2416 /* Restore state and reload the insn we executed, for filling in DSISR. */ 2417 cpu_restore_state(cs, retaddr, true); 2418 insn = cpu_ldl_code(env, env->nip); 2419 2420 switch (env->mmu_model) { 2421 case POWERPC_MMU_SOFT_4xx: 2422 env->spr[SPR_40x_DEAR] = vaddr; 2423 break; 2424 case POWERPC_MMU_BOOKE: 2425 case POWERPC_MMU_BOOKE206: 2426 env->spr[SPR_BOOKE_DEAR] = vaddr; 2427 break; 2428 default: 2429 env->spr[SPR_DAR] = vaddr; 2430 break; 2431 } 2432 2433 cs->exception_index = POWERPC_EXCP_ALIGN; 2434 env->error_code = insn & 0x03FF0000; 2435 cpu_loop_exit(cs); 2436 } 2437 #endif /* CONFIG_TCG */ 2438 #endif /* !CONFIG_USER_ONLY */ 2439