1 /* 2 * QEMU RISC-V CPU 3 * 4 * Copyright (c) 2016-2017 Sagar Karandikar, sagark@eecs.berkeley.edu 5 * Copyright (c) 2017-2018 SiFive, Inc. 6 * 7 * This program is free software; you can redistribute it and/or modify it 8 * under the terms and conditions of the GNU General Public License, 9 * version 2 or later, as published by the Free Software Foundation. 10 * 11 * This program is distributed in the hope it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for 14 * more details. 15 * 16 * You should have received a copy of the GNU General Public License along with 17 * this program. If not, see <http://www.gnu.org/licenses/>. 18 */ 19 20 #ifndef RISCV_CPU_H 21 #define RISCV_CPU_H 22 23 #include "hw/core/cpu.h" 24 #include "hw/registerfields.h" 25 #include "exec/cpu-defs.h" 26 #include "fpu/softfloat-types.h" 27 #include "qom/object.h" 28 #include "qemu/int128.h" 29 #include "cpu_bits.h" 30 31 #define TCG_GUEST_DEFAULT_MO 0 32 33 #define TYPE_RISCV_CPU "riscv-cpu" 34 35 #define RISCV_CPU_TYPE_SUFFIX "-" TYPE_RISCV_CPU 36 #define RISCV_CPU_TYPE_NAME(name) (name RISCV_CPU_TYPE_SUFFIX) 37 #define CPU_RESOLVING_TYPE TYPE_RISCV_CPU 38 39 #define TYPE_RISCV_CPU_ANY RISCV_CPU_TYPE_NAME("any") 40 #define TYPE_RISCV_CPU_BASE32 RISCV_CPU_TYPE_NAME("rv32") 41 #define TYPE_RISCV_CPU_BASE64 RISCV_CPU_TYPE_NAME("rv64") 42 #define TYPE_RISCV_CPU_BASE128 RISCV_CPU_TYPE_NAME("x-rv128") 43 #define TYPE_RISCV_CPU_IBEX RISCV_CPU_TYPE_NAME("lowrisc-ibex") 44 #define TYPE_RISCV_CPU_SHAKTI_C RISCV_CPU_TYPE_NAME("shakti-c") 45 #define TYPE_RISCV_CPU_SIFIVE_E31 RISCV_CPU_TYPE_NAME("sifive-e31") 46 #define TYPE_RISCV_CPU_SIFIVE_E34 RISCV_CPU_TYPE_NAME("sifive-e34") 47 #define TYPE_RISCV_CPU_SIFIVE_E51 RISCV_CPU_TYPE_NAME("sifive-e51") 48 #define TYPE_RISCV_CPU_SIFIVE_U34 RISCV_CPU_TYPE_NAME("sifive-u34") 49 #define TYPE_RISCV_CPU_SIFIVE_U54 RISCV_CPU_TYPE_NAME("sifive-u54") 50 #define TYPE_RISCV_CPU_HOST RISCV_CPU_TYPE_NAME("host") 51 52 #if defined(TARGET_RISCV32) 53 # define TYPE_RISCV_CPU_BASE TYPE_RISCV_CPU_BASE32 54 #elif defined(TARGET_RISCV64) 55 # define TYPE_RISCV_CPU_BASE TYPE_RISCV_CPU_BASE64 56 #endif 57 58 #define RV(x) ((target_ulong)1 << (x - 'A')) 59 60 #define RVI RV('I') 61 #define RVE RV('E') /* E and I are mutually exclusive */ 62 #define RVM RV('M') 63 #define RVA RV('A') 64 #define RVF RV('F') 65 #define RVD RV('D') 66 #define RVV RV('V') 67 #define RVC RV('C') 68 #define RVS RV('S') 69 #define RVU RV('U') 70 #define RVH RV('H') 71 #define RVJ RV('J') 72 73 /* S extension denotes that Supervisor mode exists, however it is possible 74 to have a core that support S mode but does not have an MMU and there 75 is currently no bit in misa to indicate whether an MMU exists or not 76 so a cpu features bitfield is required, likewise for optional PMP support */ 77 enum { 78 RISCV_FEATURE_MMU, 79 RISCV_FEATURE_PMP, 80 RISCV_FEATURE_EPMP, 81 RISCV_FEATURE_MISA, 82 RISCV_FEATURE_AIA 83 }; 84 85 #define PRIV_VERSION_1_10_0 0x00011000 86 #define PRIV_VERSION_1_11_0 0x00011100 87 88 #define VEXT_VERSION_1_00_0 0x00010000 89 90 enum { 91 TRANSLATE_SUCCESS, 92 TRANSLATE_FAIL, 93 TRANSLATE_PMP_FAIL, 94 TRANSLATE_G_STAGE_FAIL 95 }; 96 97 #define MMU_USER_IDX 3 98 99 #define MAX_RISCV_PMPS (16) 100 101 typedef struct CPURISCVState CPURISCVState; 102 103 #if !defined(CONFIG_USER_ONLY) 104 #include "pmp.h" 105 #endif 106 107 #define RV_VLEN_MAX 1024 108 109 FIELD(VTYPE, VLMUL, 0, 3) 110 FIELD(VTYPE, VSEW, 3, 3) 111 FIELD(VTYPE, VTA, 6, 1) 112 FIELD(VTYPE, VMA, 7, 1) 113 FIELD(VTYPE, VEDIV, 8, 2) 114 FIELD(VTYPE, RESERVED, 10, sizeof(target_ulong) * 8 - 11) 115 116 struct CPURISCVState { 117 target_ulong gpr[32]; 118 target_ulong gprh[32]; /* 64 top bits of the 128-bit registers */ 119 uint64_t fpr[32]; /* assume both F and D extensions */ 120 121 /* vector coprocessor state. */ 122 uint64_t vreg[32 * RV_VLEN_MAX / 64] QEMU_ALIGNED(16); 123 target_ulong vxrm; 124 target_ulong vxsat; 125 target_ulong vl; 126 target_ulong vstart; 127 target_ulong vtype; 128 bool vill; 129 130 target_ulong pc; 131 target_ulong load_res; 132 target_ulong load_val; 133 134 target_ulong frm; 135 136 target_ulong badaddr; 137 uint32_t bins; 138 139 target_ulong guest_phys_fault_addr; 140 141 target_ulong priv_ver; 142 target_ulong bext_ver; 143 target_ulong vext_ver; 144 145 /* RISCVMXL, but uint32_t for vmstate migration */ 146 uint32_t misa_mxl; /* current mxl */ 147 uint32_t misa_mxl_max; /* max mxl for this cpu */ 148 uint32_t misa_ext; /* current extensions */ 149 uint32_t misa_ext_mask; /* max ext for this cpu */ 150 uint32_t xl; /* current xlen */ 151 152 /* 128-bit helpers upper part return value */ 153 target_ulong retxh; 154 155 uint32_t features; 156 157 #ifdef CONFIG_USER_ONLY 158 uint32_t elf_flags; 159 #endif 160 161 #ifndef CONFIG_USER_ONLY 162 target_ulong priv; 163 /* This contains QEMU specific information about the virt state. */ 164 target_ulong virt; 165 target_ulong geilen; 166 target_ulong resetvec; 167 168 target_ulong mhartid; 169 /* 170 * For RV32 this is 32-bit mstatus and 32-bit mstatush. 171 * For RV64 this is a 64-bit mstatus. 172 */ 173 uint64_t mstatus; 174 175 target_ulong mip; 176 177 uint32_t miclaim; 178 179 target_ulong mie; 180 target_ulong mideleg; 181 182 target_ulong satp; /* since: priv-1.10.0 */ 183 target_ulong stval; 184 target_ulong medeleg; 185 186 target_ulong stvec; 187 target_ulong sepc; 188 target_ulong scause; 189 190 target_ulong mtvec; 191 target_ulong mepc; 192 target_ulong mcause; 193 target_ulong mtval; /* since: priv-1.10.0 */ 194 195 /* Hypervisor CSRs */ 196 target_ulong hstatus; 197 target_ulong hedeleg; 198 target_ulong hideleg; 199 target_ulong hcounteren; 200 target_ulong htval; 201 target_ulong htinst; 202 target_ulong hgatp; 203 target_ulong hgeie; 204 target_ulong hgeip; 205 uint64_t htimedelta; 206 207 /* Upper 64-bits of 128-bit CSRs */ 208 uint64_t mscratchh; 209 uint64_t sscratchh; 210 211 /* Virtual CSRs */ 212 /* 213 * For RV32 this is 32-bit vsstatus and 32-bit vsstatush. 214 * For RV64 this is a 64-bit vsstatus. 215 */ 216 uint64_t vsstatus; 217 target_ulong vstvec; 218 target_ulong vsscratch; 219 target_ulong vsepc; 220 target_ulong vscause; 221 target_ulong vstval; 222 target_ulong vsatp; 223 224 target_ulong mtval2; 225 target_ulong mtinst; 226 227 /* HS Backup CSRs */ 228 target_ulong stvec_hs; 229 target_ulong sscratch_hs; 230 target_ulong sepc_hs; 231 target_ulong scause_hs; 232 target_ulong stval_hs; 233 target_ulong satp_hs; 234 uint64_t mstatus_hs; 235 236 /* Signals whether the current exception occurred with two-stage address 237 translation active. */ 238 bool two_stage_lookup; 239 240 target_ulong scounteren; 241 target_ulong mcounteren; 242 243 target_ulong sscratch; 244 target_ulong mscratch; 245 246 /* temporary htif regs */ 247 uint64_t mfromhost; 248 uint64_t mtohost; 249 uint64_t timecmp; 250 251 /* physical memory protection */ 252 pmp_table_t pmp_state; 253 target_ulong mseccfg; 254 255 /* machine specific rdtime callback */ 256 uint64_t (*rdtime_fn)(uint32_t); 257 uint32_t rdtime_fn_arg; 258 259 /* True if in debugger mode. */ 260 bool debugger; 261 262 /* 263 * CSRs for PointerMasking extension 264 */ 265 target_ulong mmte; 266 target_ulong mpmmask; 267 target_ulong mpmbase; 268 target_ulong spmmask; 269 target_ulong spmbase; 270 target_ulong upmmask; 271 target_ulong upmbase; 272 #endif 273 target_ulong cur_pmmask; 274 target_ulong cur_pmbase; 275 276 float_status fp_status; 277 278 /* Fields from here on are preserved across CPU reset. */ 279 QEMUTimer *timer; /* Internal timer */ 280 281 hwaddr kernel_addr; 282 hwaddr fdt_addr; 283 284 /* kvm timer */ 285 bool kvm_timer_dirty; 286 uint64_t kvm_timer_time; 287 uint64_t kvm_timer_compare; 288 uint64_t kvm_timer_state; 289 uint64_t kvm_timer_frequency; 290 }; 291 292 OBJECT_DECLARE_TYPE(RISCVCPU, RISCVCPUClass, 293 RISCV_CPU) 294 295 /** 296 * RISCVCPUClass: 297 * @parent_realize: The parent class' realize handler. 298 * @parent_reset: The parent class' reset handler. 299 * 300 * A RISCV CPU model. 301 */ 302 struct RISCVCPUClass { 303 /*< private >*/ 304 CPUClass parent_class; 305 /*< public >*/ 306 DeviceRealize parent_realize; 307 DeviceReset parent_reset; 308 }; 309 310 struct RISCVCPUConfig { 311 bool ext_i; 312 bool ext_e; 313 bool ext_g; 314 bool ext_m; 315 bool ext_a; 316 bool ext_f; 317 bool ext_d; 318 bool ext_c; 319 bool ext_s; 320 bool ext_u; 321 bool ext_h; 322 bool ext_j; 323 bool ext_v; 324 bool ext_zba; 325 bool ext_zbb; 326 bool ext_zbc; 327 bool ext_zbs; 328 bool ext_counters; 329 bool ext_ifencei; 330 bool ext_icsr; 331 bool ext_zfh; 332 bool ext_zfhmin; 333 bool ext_zve32f; 334 bool ext_zve64f; 335 336 /* Vendor-specific custom extensions */ 337 bool ext_XVentanaCondOps; 338 339 char *priv_spec; 340 char *user_spec; 341 char *bext_spec; 342 char *vext_spec; 343 uint16_t vlen; 344 uint16_t elen; 345 bool mmu; 346 bool pmp; 347 bool epmp; 348 uint64_t resetvec; 349 }; 350 351 typedef struct RISCVCPUConfig RISCVCPUConfig; 352 353 /** 354 * RISCVCPU: 355 * @env: #CPURISCVState 356 * 357 * A RISCV CPU. 358 */ 359 struct RISCVCPU { 360 /*< private >*/ 361 CPUState parent_obj; 362 /*< public >*/ 363 CPUNegativeOffsetState neg; 364 CPURISCVState env; 365 366 char *dyn_csr_xml; 367 char *dyn_vreg_xml; 368 369 /* Configuration Settings */ 370 RISCVCPUConfig cfg; 371 }; 372 373 static inline int riscv_has_ext(CPURISCVState *env, target_ulong ext) 374 { 375 return (env->misa_ext & ext) != 0; 376 } 377 378 static inline bool riscv_feature(CPURISCVState *env, int feature) 379 { 380 return env->features & (1ULL << feature); 381 } 382 383 static inline void riscv_set_feature(CPURISCVState *env, int feature) 384 { 385 env->features |= (1ULL << feature); 386 } 387 388 #include "cpu_user.h" 389 390 extern const char * const riscv_int_regnames[]; 391 extern const char * const riscv_int_regnamesh[]; 392 extern const char * const riscv_fpr_regnames[]; 393 394 const char *riscv_cpu_get_trap_name(target_ulong cause, bool async); 395 void riscv_cpu_do_interrupt(CPUState *cpu); 396 int riscv_cpu_write_elf64_note(WriteCoreDumpFunction f, CPUState *cs, 397 int cpuid, void *opaque); 398 int riscv_cpu_write_elf32_note(WriteCoreDumpFunction f, CPUState *cs, 399 int cpuid, void *opaque); 400 int riscv_cpu_gdb_read_register(CPUState *cpu, GByteArray *buf, int reg); 401 int riscv_cpu_gdb_write_register(CPUState *cpu, uint8_t *buf, int reg); 402 bool riscv_cpu_fp_enabled(CPURISCVState *env); 403 target_ulong riscv_cpu_get_geilen(CPURISCVState *env); 404 void riscv_cpu_set_geilen(CPURISCVState *env, target_ulong geilen); 405 bool riscv_cpu_vector_enabled(CPURISCVState *env); 406 bool riscv_cpu_virt_enabled(CPURISCVState *env); 407 void riscv_cpu_set_virt_enabled(CPURISCVState *env, bool enable); 408 bool riscv_cpu_two_stage_lookup(int mmu_idx); 409 int riscv_cpu_mmu_index(CPURISCVState *env, bool ifetch); 410 hwaddr riscv_cpu_get_phys_page_debug(CPUState *cpu, vaddr addr); 411 void riscv_cpu_do_unaligned_access(CPUState *cs, vaddr addr, 412 MMUAccessType access_type, int mmu_idx, 413 uintptr_t retaddr) QEMU_NORETURN; 414 bool riscv_cpu_tlb_fill(CPUState *cs, vaddr address, int size, 415 MMUAccessType access_type, int mmu_idx, 416 bool probe, uintptr_t retaddr); 417 void riscv_cpu_do_transaction_failed(CPUState *cs, hwaddr physaddr, 418 vaddr addr, unsigned size, 419 MMUAccessType access_type, 420 int mmu_idx, MemTxAttrs attrs, 421 MemTxResult response, uintptr_t retaddr); 422 char *riscv_isa_string(RISCVCPU *cpu); 423 void riscv_cpu_list(void); 424 425 #define cpu_list riscv_cpu_list 426 #define cpu_mmu_index riscv_cpu_mmu_index 427 428 #ifndef CONFIG_USER_ONLY 429 bool riscv_cpu_exec_interrupt(CPUState *cs, int interrupt_request); 430 void riscv_cpu_swap_hypervisor_regs(CPURISCVState *env); 431 int riscv_cpu_claim_interrupts(RISCVCPU *cpu, uint32_t interrupts); 432 uint32_t riscv_cpu_update_mip(RISCVCPU *cpu, uint32_t mask, uint32_t value); 433 #define BOOL_TO_MASK(x) (-!!(x)) /* helper for riscv_cpu_update_mip value */ 434 void riscv_cpu_set_rdtime_fn(CPURISCVState *env, uint64_t (*fn)(uint32_t), 435 uint32_t arg); 436 #endif 437 void riscv_cpu_set_mode(CPURISCVState *env, target_ulong newpriv); 438 439 void riscv_translate_init(void); 440 void QEMU_NORETURN riscv_raise_exception(CPURISCVState *env, 441 uint32_t exception, uintptr_t pc); 442 443 target_ulong riscv_cpu_get_fflags(CPURISCVState *env); 444 void riscv_cpu_set_fflags(CPURISCVState *env, target_ulong); 445 446 #define TB_FLAGS_PRIV_MMU_MASK 3 447 #define TB_FLAGS_PRIV_HYP_ACCESS_MASK (1 << 2) 448 #define TB_FLAGS_MSTATUS_FS MSTATUS_FS 449 #define TB_FLAGS_MSTATUS_VS MSTATUS_VS 450 451 typedef CPURISCVState CPUArchState; 452 typedef RISCVCPU ArchCPU; 453 #include "exec/cpu-all.h" 454 455 FIELD(TB_FLAGS, MEM_IDX, 0, 3) 456 FIELD(TB_FLAGS, LMUL, 3, 3) 457 FIELD(TB_FLAGS, SEW, 6, 3) 458 /* Skip MSTATUS_VS (0x600) bits */ 459 FIELD(TB_FLAGS, VL_EQ_VLMAX, 11, 1) 460 FIELD(TB_FLAGS, VILL, 12, 1) 461 /* Skip MSTATUS_FS (0x6000) bits */ 462 /* Is a Hypervisor instruction load/store allowed? */ 463 FIELD(TB_FLAGS, HLSX, 15, 1) 464 FIELD(TB_FLAGS, MSTATUS_HS_FS, 16, 2) 465 FIELD(TB_FLAGS, MSTATUS_HS_VS, 18, 2) 466 /* The combination of MXL/SXL/UXL that applies to the current cpu mode. */ 467 FIELD(TB_FLAGS, XL, 20, 2) 468 /* If PointerMasking should be applied */ 469 FIELD(TB_FLAGS, PM_MASK_ENABLED, 22, 1) 470 FIELD(TB_FLAGS, PM_BASE_ENABLED, 23, 1) 471 472 #ifdef TARGET_RISCV32 473 #define riscv_cpu_mxl(env) ((void)(env), MXL_RV32) 474 #else 475 static inline RISCVMXL riscv_cpu_mxl(CPURISCVState *env) 476 { 477 return env->misa_mxl; 478 } 479 #endif 480 481 #if defined(TARGET_RISCV32) 482 #define cpu_recompute_xl(env) ((void)(env), MXL_RV32) 483 #else 484 static inline RISCVMXL cpu_recompute_xl(CPURISCVState *env) 485 { 486 RISCVMXL xl = env->misa_mxl; 487 #if !defined(CONFIG_USER_ONLY) 488 /* 489 * When emulating a 32-bit-only cpu, use RV32. 490 * When emulating a 64-bit cpu, and MXL has been reduced to RV32, 491 * MSTATUSH doesn't have UXL/SXL, therefore XLEN cannot be widened 492 * back to RV64 for lower privs. 493 */ 494 if (xl != MXL_RV32) { 495 switch (env->priv) { 496 case PRV_M: 497 break; 498 case PRV_U: 499 xl = get_field(env->mstatus, MSTATUS64_UXL); 500 break; 501 default: /* PRV_S | PRV_H */ 502 xl = get_field(env->mstatus, MSTATUS64_SXL); 503 break; 504 } 505 } 506 #endif 507 return xl; 508 } 509 #endif 510 511 static inline int riscv_cpu_xlen(CPURISCVState *env) 512 { 513 return 16 << env->xl; 514 } 515 516 /* 517 * Encode LMUL to lmul as follows: 518 * LMUL vlmul lmul 519 * 1 000 0 520 * 2 001 1 521 * 4 010 2 522 * 8 011 3 523 * - 100 - 524 * 1/8 101 -3 525 * 1/4 110 -2 526 * 1/2 111 -1 527 * 528 * then, we can calculate VLMAX = vlen >> (vsew + 3 - lmul) 529 * e.g. vlen = 256 bits, SEW = 16, LMUL = 1/8 530 * => VLMAX = vlen >> (1 + 3 - (-3)) 531 * = 256 >> 7 532 * = 2 533 */ 534 static inline uint32_t vext_get_vlmax(RISCVCPU *cpu, target_ulong vtype) 535 { 536 uint8_t sew = FIELD_EX64(vtype, VTYPE, VSEW); 537 int8_t lmul = sextract32(FIELD_EX64(vtype, VTYPE, VLMUL), 0, 3); 538 return cpu->cfg.vlen >> (sew + 3 - lmul); 539 } 540 541 void cpu_get_tb_cpu_state(CPURISCVState *env, target_ulong *pc, 542 target_ulong *cs_base, uint32_t *pflags); 543 544 void riscv_cpu_update_mask(CPURISCVState *env); 545 546 RISCVException riscv_csrrw(CPURISCVState *env, int csrno, 547 target_ulong *ret_value, 548 target_ulong new_value, target_ulong write_mask); 549 RISCVException riscv_csrrw_debug(CPURISCVState *env, int csrno, 550 target_ulong *ret_value, 551 target_ulong new_value, 552 target_ulong write_mask); 553 554 static inline void riscv_csr_write(CPURISCVState *env, int csrno, 555 target_ulong val) 556 { 557 riscv_csrrw(env, csrno, NULL, val, MAKE_64BIT_MASK(0, TARGET_LONG_BITS)); 558 } 559 560 static inline target_ulong riscv_csr_read(CPURISCVState *env, int csrno) 561 { 562 target_ulong val = 0; 563 riscv_csrrw(env, csrno, &val, 0, 0); 564 return val; 565 } 566 567 typedef RISCVException (*riscv_csr_predicate_fn)(CPURISCVState *env, 568 int csrno); 569 typedef RISCVException (*riscv_csr_read_fn)(CPURISCVState *env, int csrno, 570 target_ulong *ret_value); 571 typedef RISCVException (*riscv_csr_write_fn)(CPURISCVState *env, int csrno, 572 target_ulong new_value); 573 typedef RISCVException (*riscv_csr_op_fn)(CPURISCVState *env, int csrno, 574 target_ulong *ret_value, 575 target_ulong new_value, 576 target_ulong write_mask); 577 578 RISCVException riscv_csrrw_i128(CPURISCVState *env, int csrno, 579 Int128 *ret_value, 580 Int128 new_value, Int128 write_mask); 581 582 typedef RISCVException (*riscv_csr_read128_fn)(CPURISCVState *env, int csrno, 583 Int128 *ret_value); 584 typedef RISCVException (*riscv_csr_write128_fn)(CPURISCVState *env, int csrno, 585 Int128 new_value); 586 587 typedef struct { 588 const char *name; 589 riscv_csr_predicate_fn predicate; 590 riscv_csr_read_fn read; 591 riscv_csr_write_fn write; 592 riscv_csr_op_fn op; 593 riscv_csr_read128_fn read128; 594 riscv_csr_write128_fn write128; 595 } riscv_csr_operations; 596 597 /* CSR function table constants */ 598 enum { 599 CSR_TABLE_SIZE = 0x1000 600 }; 601 602 /* CSR function table */ 603 extern riscv_csr_operations csr_ops[CSR_TABLE_SIZE]; 604 605 void riscv_get_csr_ops(int csrno, riscv_csr_operations *ops); 606 void riscv_set_csr_ops(int csrno, riscv_csr_operations *ops); 607 608 void riscv_cpu_register_gdb_regs_for_features(CPUState *cs); 609 610 #endif /* RISCV_CPU_H */ 611