1 /* 2 * QEMU RISC-V CPU 3 * 4 * Copyright (c) 2016-2017 Sagar Karandikar, sagark@eecs.berkeley.edu 5 * Copyright (c) 2017-2018 SiFive, Inc. 6 * 7 * This program is free software; you can redistribute it and/or modify it 8 * under the terms and conditions of the GNU General Public License, 9 * version 2 or later, as published by the Free Software Foundation. 10 * 11 * This program is distributed in the hope it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for 14 * more details. 15 * 16 * You should have received a copy of the GNU General Public License along with 17 * this program. If not, see <http://www.gnu.org/licenses/>. 18 */ 19 20 #ifndef RISCV_CPU_H 21 #define RISCV_CPU_H 22 23 #include "hw/core/cpu.h" 24 #include "hw/registerfields.h" 25 #include "exec/cpu-defs.h" 26 #include "fpu/softfloat-types.h" 27 #include "qom/object.h" 28 #include "qemu/int128.h" 29 #include "cpu_bits.h" 30 31 #define TCG_GUEST_DEFAULT_MO 0 32 33 #define TYPE_RISCV_CPU "riscv-cpu" 34 35 #define RISCV_CPU_TYPE_SUFFIX "-" TYPE_RISCV_CPU 36 #define RISCV_CPU_TYPE_NAME(name) (name RISCV_CPU_TYPE_SUFFIX) 37 #define CPU_RESOLVING_TYPE TYPE_RISCV_CPU 38 39 #define TYPE_RISCV_CPU_ANY RISCV_CPU_TYPE_NAME("any") 40 #define TYPE_RISCV_CPU_BASE32 RISCV_CPU_TYPE_NAME("rv32") 41 #define TYPE_RISCV_CPU_BASE64 RISCV_CPU_TYPE_NAME("rv64") 42 #define TYPE_RISCV_CPU_BASE128 RISCV_CPU_TYPE_NAME("x-rv128") 43 #define TYPE_RISCV_CPU_IBEX RISCV_CPU_TYPE_NAME("lowrisc-ibex") 44 #define TYPE_RISCV_CPU_SHAKTI_C RISCV_CPU_TYPE_NAME("shakti-c") 45 #define TYPE_RISCV_CPU_SIFIVE_E31 RISCV_CPU_TYPE_NAME("sifive-e31") 46 #define TYPE_RISCV_CPU_SIFIVE_E34 RISCV_CPU_TYPE_NAME("sifive-e34") 47 #define TYPE_RISCV_CPU_SIFIVE_E51 RISCV_CPU_TYPE_NAME("sifive-e51") 48 #define TYPE_RISCV_CPU_SIFIVE_U34 RISCV_CPU_TYPE_NAME("sifive-u34") 49 #define TYPE_RISCV_CPU_SIFIVE_U54 RISCV_CPU_TYPE_NAME("sifive-u54") 50 #define TYPE_RISCV_CPU_HOST RISCV_CPU_TYPE_NAME("host") 51 52 #if defined(TARGET_RISCV32) 53 # define TYPE_RISCV_CPU_BASE TYPE_RISCV_CPU_BASE32 54 #elif defined(TARGET_RISCV64) 55 # define TYPE_RISCV_CPU_BASE TYPE_RISCV_CPU_BASE64 56 #endif 57 58 #define RV(x) ((target_ulong)1 << (x - 'A')) 59 60 #define RVI RV('I') 61 #define RVE RV('E') /* E and I are mutually exclusive */ 62 #define RVM RV('M') 63 #define RVA RV('A') 64 #define RVF RV('F') 65 #define RVD RV('D') 66 #define RVV RV('V') 67 #define RVC RV('C') 68 #define RVS RV('S') 69 #define RVU RV('U') 70 #define RVH RV('H') 71 #define RVJ RV('J') 72 73 /* S extension denotes that Supervisor mode exists, however it is possible 74 to have a core that support S mode but does not have an MMU and there 75 is currently no bit in misa to indicate whether an MMU exists or not 76 so a cpu features bitfield is required, likewise for optional PMP support */ 77 enum { 78 RISCV_FEATURE_MMU, 79 RISCV_FEATURE_PMP, 80 RISCV_FEATURE_EPMP, 81 RISCV_FEATURE_MISA 82 }; 83 84 #define PRIV_VERSION_1_10_0 0x00011000 85 #define PRIV_VERSION_1_11_0 0x00011100 86 87 #define VEXT_VERSION_1_00_0 0x00010000 88 89 enum { 90 TRANSLATE_SUCCESS, 91 TRANSLATE_FAIL, 92 TRANSLATE_PMP_FAIL, 93 TRANSLATE_G_STAGE_FAIL 94 }; 95 96 #define MMU_USER_IDX 3 97 98 #define MAX_RISCV_PMPS (16) 99 100 typedef struct CPURISCVState CPURISCVState; 101 102 #if !defined(CONFIG_USER_ONLY) 103 #include "pmp.h" 104 #endif 105 106 #define RV_VLEN_MAX 1024 107 108 FIELD(VTYPE, VLMUL, 0, 3) 109 FIELD(VTYPE, VSEW, 3, 3) 110 FIELD(VTYPE, VTA, 6, 1) 111 FIELD(VTYPE, VMA, 7, 1) 112 FIELD(VTYPE, VEDIV, 8, 2) 113 FIELD(VTYPE, RESERVED, 10, sizeof(target_ulong) * 8 - 11) 114 FIELD(VTYPE, VILL, sizeof(target_ulong) * 8 - 1, 1) 115 116 struct CPURISCVState { 117 target_ulong gpr[32]; 118 target_ulong gprh[32]; /* 64 top bits of the 128-bit registers */ 119 uint64_t fpr[32]; /* assume both F and D extensions */ 120 121 /* vector coprocessor state. */ 122 uint64_t vreg[32 * RV_VLEN_MAX / 64] QEMU_ALIGNED(16); 123 target_ulong vxrm; 124 target_ulong vxsat; 125 target_ulong vl; 126 target_ulong vstart; 127 target_ulong vtype; 128 129 target_ulong pc; 130 target_ulong load_res; 131 target_ulong load_val; 132 133 target_ulong frm; 134 135 target_ulong badaddr; 136 uint32_t bins; 137 138 target_ulong guest_phys_fault_addr; 139 140 target_ulong priv_ver; 141 target_ulong bext_ver; 142 target_ulong vext_ver; 143 144 /* RISCVMXL, but uint32_t for vmstate migration */ 145 uint32_t misa_mxl; /* current mxl */ 146 uint32_t misa_mxl_max; /* max mxl for this cpu */ 147 uint32_t misa_ext; /* current extensions */ 148 uint32_t misa_ext_mask; /* max ext for this cpu */ 149 uint32_t xl; /* current xlen */ 150 151 /* 128-bit helpers upper part return value */ 152 target_ulong retxh; 153 154 uint32_t features; 155 156 #ifdef CONFIG_USER_ONLY 157 uint32_t elf_flags; 158 #endif 159 160 #ifndef CONFIG_USER_ONLY 161 target_ulong priv; 162 /* This contains QEMU specific information about the virt state. */ 163 target_ulong virt; 164 target_ulong resetvec; 165 166 target_ulong mhartid; 167 /* 168 * For RV32 this is 32-bit mstatus and 32-bit mstatush. 169 * For RV64 this is a 64-bit mstatus. 170 */ 171 uint64_t mstatus; 172 173 target_ulong mip; 174 175 uint32_t miclaim; 176 177 target_ulong mie; 178 target_ulong mideleg; 179 180 target_ulong satp; /* since: priv-1.10.0 */ 181 target_ulong stval; 182 target_ulong medeleg; 183 184 target_ulong stvec; 185 target_ulong sepc; 186 target_ulong scause; 187 188 target_ulong mtvec; 189 target_ulong mepc; 190 target_ulong mcause; 191 target_ulong mtval; /* since: priv-1.10.0 */ 192 193 /* Hypervisor CSRs */ 194 target_ulong hstatus; 195 target_ulong hedeleg; 196 target_ulong hideleg; 197 target_ulong hcounteren; 198 target_ulong htval; 199 target_ulong htinst; 200 target_ulong hgatp; 201 uint64_t htimedelta; 202 203 /* Upper 64-bits of 128-bit CSRs */ 204 uint64_t mscratchh; 205 uint64_t sscratchh; 206 207 /* Virtual CSRs */ 208 /* 209 * For RV32 this is 32-bit vsstatus and 32-bit vsstatush. 210 * For RV64 this is a 64-bit vsstatus. 211 */ 212 uint64_t vsstatus; 213 target_ulong vstvec; 214 target_ulong vsscratch; 215 target_ulong vsepc; 216 target_ulong vscause; 217 target_ulong vstval; 218 target_ulong vsatp; 219 220 target_ulong mtval2; 221 target_ulong mtinst; 222 223 /* HS Backup CSRs */ 224 target_ulong stvec_hs; 225 target_ulong sscratch_hs; 226 target_ulong sepc_hs; 227 target_ulong scause_hs; 228 target_ulong stval_hs; 229 target_ulong satp_hs; 230 uint64_t mstatus_hs; 231 232 /* Signals whether the current exception occurred with two-stage address 233 translation active. */ 234 bool two_stage_lookup; 235 236 target_ulong scounteren; 237 target_ulong mcounteren; 238 239 target_ulong sscratch; 240 target_ulong mscratch; 241 242 /* temporary htif regs */ 243 uint64_t mfromhost; 244 uint64_t mtohost; 245 uint64_t timecmp; 246 247 /* physical memory protection */ 248 pmp_table_t pmp_state; 249 target_ulong mseccfg; 250 251 /* machine specific rdtime callback */ 252 uint64_t (*rdtime_fn)(uint32_t); 253 uint32_t rdtime_fn_arg; 254 255 /* True if in debugger mode. */ 256 bool debugger; 257 258 /* 259 * CSRs for PointerMasking extension 260 */ 261 target_ulong mmte; 262 target_ulong mpmmask; 263 target_ulong mpmbase; 264 target_ulong spmmask; 265 target_ulong spmbase; 266 target_ulong upmmask; 267 target_ulong upmbase; 268 #endif 269 270 float_status fp_status; 271 272 /* Fields from here on are preserved across CPU reset. */ 273 QEMUTimer *timer; /* Internal timer */ 274 275 hwaddr kernel_addr; 276 hwaddr fdt_addr; 277 278 /* kvm timer */ 279 bool kvm_timer_dirty; 280 uint64_t kvm_timer_time; 281 uint64_t kvm_timer_compare; 282 uint64_t kvm_timer_state; 283 uint64_t kvm_timer_frequency; 284 }; 285 286 OBJECT_DECLARE_TYPE(RISCVCPU, RISCVCPUClass, 287 RISCV_CPU) 288 289 /** 290 * RISCVCPUClass: 291 * @parent_realize: The parent class' realize handler. 292 * @parent_reset: The parent class' reset handler. 293 * 294 * A RISCV CPU model. 295 */ 296 struct RISCVCPUClass { 297 /*< private >*/ 298 CPUClass parent_class; 299 /*< public >*/ 300 DeviceRealize parent_realize; 301 DeviceReset parent_reset; 302 }; 303 304 /** 305 * RISCVCPU: 306 * @env: #CPURISCVState 307 * 308 * A RISCV CPU. 309 */ 310 struct RISCVCPU { 311 /*< private >*/ 312 CPUState parent_obj; 313 /*< public >*/ 314 CPUNegativeOffsetState neg; 315 CPURISCVState env; 316 317 char *dyn_csr_xml; 318 char *dyn_vreg_xml; 319 320 /* Configuration Settings */ 321 struct { 322 bool ext_i; 323 bool ext_e; 324 bool ext_g; 325 bool ext_m; 326 bool ext_a; 327 bool ext_f; 328 bool ext_d; 329 bool ext_c; 330 bool ext_s; 331 bool ext_u; 332 bool ext_h; 333 bool ext_j; 334 bool ext_v; 335 bool ext_zba; 336 bool ext_zbb; 337 bool ext_zbc; 338 bool ext_zbs; 339 bool ext_counters; 340 bool ext_ifencei; 341 bool ext_icsr; 342 bool ext_zfh; 343 bool ext_zfhmin; 344 bool ext_zve32f; 345 bool ext_zve64f; 346 347 char *priv_spec; 348 char *user_spec; 349 char *bext_spec; 350 char *vext_spec; 351 uint16_t vlen; 352 uint16_t elen; 353 bool mmu; 354 bool pmp; 355 bool epmp; 356 uint64_t resetvec; 357 } cfg; 358 }; 359 360 static inline int riscv_has_ext(CPURISCVState *env, target_ulong ext) 361 { 362 return (env->misa_ext & ext) != 0; 363 } 364 365 static inline bool riscv_feature(CPURISCVState *env, int feature) 366 { 367 return env->features & (1ULL << feature); 368 } 369 370 #include "cpu_user.h" 371 372 extern const char * const riscv_int_regnames[]; 373 extern const char * const riscv_int_regnamesh[]; 374 extern const char * const riscv_fpr_regnames[]; 375 376 const char *riscv_cpu_get_trap_name(target_ulong cause, bool async); 377 void riscv_cpu_do_interrupt(CPUState *cpu); 378 int riscv_cpu_write_elf64_note(WriteCoreDumpFunction f, CPUState *cs, 379 int cpuid, void *opaque); 380 int riscv_cpu_write_elf32_note(WriteCoreDumpFunction f, CPUState *cs, 381 int cpuid, void *opaque); 382 int riscv_cpu_gdb_read_register(CPUState *cpu, GByteArray *buf, int reg); 383 int riscv_cpu_gdb_write_register(CPUState *cpu, uint8_t *buf, int reg); 384 bool riscv_cpu_fp_enabled(CPURISCVState *env); 385 bool riscv_cpu_vector_enabled(CPURISCVState *env); 386 bool riscv_cpu_virt_enabled(CPURISCVState *env); 387 void riscv_cpu_set_virt_enabled(CPURISCVState *env, bool enable); 388 bool riscv_cpu_two_stage_lookup(int mmu_idx); 389 int riscv_cpu_mmu_index(CPURISCVState *env, bool ifetch); 390 hwaddr riscv_cpu_get_phys_page_debug(CPUState *cpu, vaddr addr); 391 void riscv_cpu_do_unaligned_access(CPUState *cs, vaddr addr, 392 MMUAccessType access_type, int mmu_idx, 393 uintptr_t retaddr) QEMU_NORETURN; 394 bool riscv_cpu_tlb_fill(CPUState *cs, vaddr address, int size, 395 MMUAccessType access_type, int mmu_idx, 396 bool probe, uintptr_t retaddr); 397 void riscv_cpu_do_transaction_failed(CPUState *cs, hwaddr physaddr, 398 vaddr addr, unsigned size, 399 MMUAccessType access_type, 400 int mmu_idx, MemTxAttrs attrs, 401 MemTxResult response, uintptr_t retaddr); 402 char *riscv_isa_string(RISCVCPU *cpu); 403 void riscv_cpu_list(void); 404 405 #define cpu_list riscv_cpu_list 406 #define cpu_mmu_index riscv_cpu_mmu_index 407 408 #ifndef CONFIG_USER_ONLY 409 bool riscv_cpu_exec_interrupt(CPUState *cs, int interrupt_request); 410 void riscv_cpu_swap_hypervisor_regs(CPURISCVState *env); 411 int riscv_cpu_claim_interrupts(RISCVCPU *cpu, uint32_t interrupts); 412 uint32_t riscv_cpu_update_mip(RISCVCPU *cpu, uint32_t mask, uint32_t value); 413 #define BOOL_TO_MASK(x) (-!!(x)) /* helper for riscv_cpu_update_mip value */ 414 void riscv_cpu_set_rdtime_fn(CPURISCVState *env, uint64_t (*fn)(uint32_t), 415 uint32_t arg); 416 #endif 417 void riscv_cpu_set_mode(CPURISCVState *env, target_ulong newpriv); 418 419 void riscv_translate_init(void); 420 void QEMU_NORETURN riscv_raise_exception(CPURISCVState *env, 421 uint32_t exception, uintptr_t pc); 422 423 target_ulong riscv_cpu_get_fflags(CPURISCVState *env); 424 void riscv_cpu_set_fflags(CPURISCVState *env, target_ulong); 425 426 #define TB_FLAGS_PRIV_MMU_MASK 3 427 #define TB_FLAGS_PRIV_HYP_ACCESS_MASK (1 << 2) 428 #define TB_FLAGS_MSTATUS_FS MSTATUS_FS 429 #define TB_FLAGS_MSTATUS_VS MSTATUS_VS 430 431 typedef CPURISCVState CPUArchState; 432 typedef RISCVCPU ArchCPU; 433 #include "exec/cpu-all.h" 434 435 FIELD(TB_FLAGS, MEM_IDX, 0, 3) 436 FIELD(TB_FLAGS, LMUL, 3, 3) 437 FIELD(TB_FLAGS, SEW, 6, 3) 438 /* Skip MSTATUS_VS (0x600) bits */ 439 FIELD(TB_FLAGS, VL_EQ_VLMAX, 11, 1) 440 FIELD(TB_FLAGS, VILL, 12, 1) 441 /* Skip MSTATUS_FS (0x6000) bits */ 442 /* Is a Hypervisor instruction load/store allowed? */ 443 FIELD(TB_FLAGS, HLSX, 15, 1) 444 FIELD(TB_FLAGS, MSTATUS_HS_FS, 16, 2) 445 FIELD(TB_FLAGS, MSTATUS_HS_VS, 18, 2) 446 /* The combination of MXL/SXL/UXL that applies to the current cpu mode. */ 447 FIELD(TB_FLAGS, XL, 20, 2) 448 /* If PointerMasking should be applied */ 449 FIELD(TB_FLAGS, PM_ENABLED, 22, 1) 450 451 #ifdef TARGET_RISCV32 452 #define riscv_cpu_mxl(env) ((void)(env), MXL_RV32) 453 #else 454 static inline RISCVMXL riscv_cpu_mxl(CPURISCVState *env) 455 { 456 return env->misa_mxl; 457 } 458 #endif 459 460 #if defined(TARGET_RISCV32) 461 #define cpu_recompute_xl(env) ((void)(env), MXL_RV32) 462 #else 463 static inline RISCVMXL cpu_recompute_xl(CPURISCVState *env) 464 { 465 RISCVMXL xl = env->misa_mxl; 466 #if !defined(CONFIG_USER_ONLY) 467 /* 468 * When emulating a 32-bit-only cpu, use RV32. 469 * When emulating a 64-bit cpu, and MXL has been reduced to RV32, 470 * MSTATUSH doesn't have UXL/SXL, therefore XLEN cannot be widened 471 * back to RV64 for lower privs. 472 */ 473 if (xl != MXL_RV32) { 474 switch (env->priv) { 475 case PRV_M: 476 break; 477 case PRV_U: 478 xl = get_field(env->mstatus, MSTATUS64_UXL); 479 break; 480 default: /* PRV_S | PRV_H */ 481 xl = get_field(env->mstatus, MSTATUS64_SXL); 482 break; 483 } 484 } 485 #endif 486 return xl; 487 } 488 #endif 489 490 /* 491 * Encode LMUL to lmul as follows: 492 * LMUL vlmul lmul 493 * 1 000 0 494 * 2 001 1 495 * 4 010 2 496 * 8 011 3 497 * - 100 - 498 * 1/8 101 -3 499 * 1/4 110 -2 500 * 1/2 111 -1 501 * 502 * then, we can calculate VLMAX = vlen >> (vsew + 3 - lmul) 503 * e.g. vlen = 256 bits, SEW = 16, LMUL = 1/8 504 * => VLMAX = vlen >> (1 + 3 - (-3)) 505 * = 256 >> 7 506 * = 2 507 */ 508 static inline uint32_t vext_get_vlmax(RISCVCPU *cpu, target_ulong vtype) 509 { 510 uint8_t sew = FIELD_EX64(vtype, VTYPE, VSEW); 511 int8_t lmul = sextract32(FIELD_EX64(vtype, VTYPE, VLMUL), 0, 3); 512 return cpu->cfg.vlen >> (sew + 3 - lmul); 513 } 514 515 void cpu_get_tb_cpu_state(CPURISCVState *env, target_ulong *pc, 516 target_ulong *cs_base, uint32_t *pflags); 517 518 RISCVException riscv_csrrw(CPURISCVState *env, int csrno, 519 target_ulong *ret_value, 520 target_ulong new_value, target_ulong write_mask); 521 RISCVException riscv_csrrw_debug(CPURISCVState *env, int csrno, 522 target_ulong *ret_value, 523 target_ulong new_value, 524 target_ulong write_mask); 525 526 static inline void riscv_csr_write(CPURISCVState *env, int csrno, 527 target_ulong val) 528 { 529 riscv_csrrw(env, csrno, NULL, val, MAKE_64BIT_MASK(0, TARGET_LONG_BITS)); 530 } 531 532 static inline target_ulong riscv_csr_read(CPURISCVState *env, int csrno) 533 { 534 target_ulong val = 0; 535 riscv_csrrw(env, csrno, &val, 0, 0); 536 return val; 537 } 538 539 typedef RISCVException (*riscv_csr_predicate_fn)(CPURISCVState *env, 540 int csrno); 541 typedef RISCVException (*riscv_csr_read_fn)(CPURISCVState *env, int csrno, 542 target_ulong *ret_value); 543 typedef RISCVException (*riscv_csr_write_fn)(CPURISCVState *env, int csrno, 544 target_ulong new_value); 545 typedef RISCVException (*riscv_csr_op_fn)(CPURISCVState *env, int csrno, 546 target_ulong *ret_value, 547 target_ulong new_value, 548 target_ulong write_mask); 549 550 RISCVException riscv_csrrw_i128(CPURISCVState *env, int csrno, 551 Int128 *ret_value, 552 Int128 new_value, Int128 write_mask); 553 554 typedef RISCVException (*riscv_csr_read128_fn)(CPURISCVState *env, int csrno, 555 Int128 *ret_value); 556 typedef RISCVException (*riscv_csr_write128_fn)(CPURISCVState *env, int csrno, 557 Int128 new_value); 558 559 typedef struct { 560 const char *name; 561 riscv_csr_predicate_fn predicate; 562 riscv_csr_read_fn read; 563 riscv_csr_write_fn write; 564 riscv_csr_op_fn op; 565 riscv_csr_read128_fn read128; 566 riscv_csr_write128_fn write128; 567 } riscv_csr_operations; 568 569 /* CSR function table constants */ 570 enum { 571 CSR_TABLE_SIZE = 0x1000 572 }; 573 574 /* CSR function table */ 575 extern riscv_csr_operations csr_ops[CSR_TABLE_SIZE]; 576 577 void riscv_get_csr_ops(int csrno, riscv_csr_operations *ops); 578 void riscv_set_csr_ops(int csrno, riscv_csr_operations *ops); 579 580 void riscv_cpu_register_gdb_regs_for_features(CPUState *cs); 581 582 #endif /* RISCV_CPU_H */ 583