1 /* 2 * QEMU RISC-V CPU 3 * 4 * Copyright (c) 2016-2017 Sagar Karandikar, sagark@eecs.berkeley.edu 5 * Copyright (c) 2017-2018 SiFive, Inc. 6 * 7 * This program is free software; you can redistribute it and/or modify it 8 * under the terms and conditions of the GNU General Public License, 9 * version 2 or later, as published by the Free Software Foundation. 10 * 11 * This program is distributed in the hope it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for 14 * more details. 15 * 16 * You should have received a copy of the GNU General Public License along with 17 * this program. If not, see <http://www.gnu.org/licenses/>. 18 */ 19 20 #ifndef RISCV_CPU_H 21 #define RISCV_CPU_H 22 23 #include "hw/core/cpu.h" 24 #include "hw/registerfields.h" 25 #include "exec/cpu-defs.h" 26 #include "fpu/softfloat-types.h" 27 #include "qom/object.h" 28 #include "qemu/int128.h" 29 #include "cpu_bits.h" 30 31 #define TCG_GUEST_DEFAULT_MO 0 32 33 #define TYPE_RISCV_CPU "riscv-cpu" 34 35 #define RISCV_CPU_TYPE_SUFFIX "-" TYPE_RISCV_CPU 36 #define RISCV_CPU_TYPE_NAME(name) (name RISCV_CPU_TYPE_SUFFIX) 37 #define CPU_RESOLVING_TYPE TYPE_RISCV_CPU 38 39 #define TYPE_RISCV_CPU_ANY RISCV_CPU_TYPE_NAME("any") 40 #define TYPE_RISCV_CPU_BASE32 RISCV_CPU_TYPE_NAME("rv32") 41 #define TYPE_RISCV_CPU_BASE64 RISCV_CPU_TYPE_NAME("rv64") 42 #define TYPE_RISCV_CPU_BASE128 RISCV_CPU_TYPE_NAME("x-rv128") 43 #define TYPE_RISCV_CPU_IBEX RISCV_CPU_TYPE_NAME("lowrisc-ibex") 44 #define TYPE_RISCV_CPU_SHAKTI_C RISCV_CPU_TYPE_NAME("shakti-c") 45 #define TYPE_RISCV_CPU_SIFIVE_E31 RISCV_CPU_TYPE_NAME("sifive-e31") 46 #define TYPE_RISCV_CPU_SIFIVE_E34 RISCV_CPU_TYPE_NAME("sifive-e34") 47 #define TYPE_RISCV_CPU_SIFIVE_E51 RISCV_CPU_TYPE_NAME("sifive-e51") 48 #define TYPE_RISCV_CPU_SIFIVE_U34 RISCV_CPU_TYPE_NAME("sifive-u34") 49 #define TYPE_RISCV_CPU_SIFIVE_U54 RISCV_CPU_TYPE_NAME("sifive-u54") 50 #define TYPE_RISCV_CPU_HOST RISCV_CPU_TYPE_NAME("host") 51 52 #if defined(TARGET_RISCV32) 53 # define TYPE_RISCV_CPU_BASE TYPE_RISCV_CPU_BASE32 54 #elif defined(TARGET_RISCV64) 55 # define TYPE_RISCV_CPU_BASE TYPE_RISCV_CPU_BASE64 56 #endif 57 58 #define RV(x) ((target_ulong)1 << (x - 'A')) 59 60 #define RVI RV('I') 61 #define RVE RV('E') /* E and I are mutually exclusive */ 62 #define RVM RV('M') 63 #define RVA RV('A') 64 #define RVF RV('F') 65 #define RVD RV('D') 66 #define RVV RV('V') 67 #define RVC RV('C') 68 #define RVS RV('S') 69 #define RVU RV('U') 70 #define RVH RV('H') 71 #define RVJ RV('J') 72 73 /* S extension denotes that Supervisor mode exists, however it is possible 74 to have a core that support S mode but does not have an MMU and there 75 is currently no bit in misa to indicate whether an MMU exists or not 76 so a cpu features bitfield is required, likewise for optional PMP support */ 77 enum { 78 RISCV_FEATURE_MMU, 79 RISCV_FEATURE_PMP, 80 RISCV_FEATURE_EPMP, 81 RISCV_FEATURE_MISA 82 }; 83 84 #define PRIV_VERSION_1_10_0 0x00011000 85 #define PRIV_VERSION_1_11_0 0x00011100 86 87 #define VEXT_VERSION_1_00_0 0x00010000 88 89 enum { 90 TRANSLATE_SUCCESS, 91 TRANSLATE_FAIL, 92 TRANSLATE_PMP_FAIL, 93 TRANSLATE_G_STAGE_FAIL 94 }; 95 96 #define MMU_USER_IDX 3 97 98 #define MAX_RISCV_PMPS (16) 99 100 typedef struct CPURISCVState CPURISCVState; 101 102 #if !defined(CONFIG_USER_ONLY) 103 #include "pmp.h" 104 #endif 105 106 #define RV_VLEN_MAX 1024 107 108 FIELD(VTYPE, VLMUL, 0, 3) 109 FIELD(VTYPE, VSEW, 3, 3) 110 FIELD(VTYPE, VTA, 6, 1) 111 FIELD(VTYPE, VMA, 7, 1) 112 FIELD(VTYPE, VEDIV, 8, 2) 113 FIELD(VTYPE, RESERVED, 10, sizeof(target_ulong) * 8 - 11) 114 115 struct CPURISCVState { 116 target_ulong gpr[32]; 117 target_ulong gprh[32]; /* 64 top bits of the 128-bit registers */ 118 uint64_t fpr[32]; /* assume both F and D extensions */ 119 120 /* vector coprocessor state. */ 121 uint64_t vreg[32 * RV_VLEN_MAX / 64] QEMU_ALIGNED(16); 122 target_ulong vxrm; 123 target_ulong vxsat; 124 target_ulong vl; 125 target_ulong vstart; 126 target_ulong vtype; 127 bool vill; 128 129 target_ulong pc; 130 target_ulong load_res; 131 target_ulong load_val; 132 133 target_ulong frm; 134 135 target_ulong badaddr; 136 uint32_t bins; 137 138 target_ulong guest_phys_fault_addr; 139 140 target_ulong priv_ver; 141 target_ulong bext_ver; 142 target_ulong vext_ver; 143 144 /* RISCVMXL, but uint32_t for vmstate migration */ 145 uint32_t misa_mxl; /* current mxl */ 146 uint32_t misa_mxl_max; /* max mxl for this cpu */ 147 uint32_t misa_ext; /* current extensions */ 148 uint32_t misa_ext_mask; /* max ext for this cpu */ 149 uint32_t xl; /* current xlen */ 150 151 /* 128-bit helpers upper part return value */ 152 target_ulong retxh; 153 154 uint32_t features; 155 156 #ifdef CONFIG_USER_ONLY 157 uint32_t elf_flags; 158 #endif 159 160 #ifndef CONFIG_USER_ONLY 161 target_ulong priv; 162 /* This contains QEMU specific information about the virt state. */ 163 target_ulong virt; 164 target_ulong resetvec; 165 166 target_ulong mhartid; 167 /* 168 * For RV32 this is 32-bit mstatus and 32-bit mstatush. 169 * For RV64 this is a 64-bit mstatus. 170 */ 171 uint64_t mstatus; 172 173 target_ulong mip; 174 175 uint32_t miclaim; 176 177 target_ulong mie; 178 target_ulong mideleg; 179 180 target_ulong satp; /* since: priv-1.10.0 */ 181 target_ulong stval; 182 target_ulong medeleg; 183 184 target_ulong stvec; 185 target_ulong sepc; 186 target_ulong scause; 187 188 target_ulong mtvec; 189 target_ulong mepc; 190 target_ulong mcause; 191 target_ulong mtval; /* since: priv-1.10.0 */ 192 193 /* Hypervisor CSRs */ 194 target_ulong hstatus; 195 target_ulong hedeleg; 196 target_ulong hideleg; 197 target_ulong hcounteren; 198 target_ulong htval; 199 target_ulong htinst; 200 target_ulong hgatp; 201 uint64_t htimedelta; 202 203 /* Upper 64-bits of 128-bit CSRs */ 204 uint64_t mscratchh; 205 uint64_t sscratchh; 206 207 /* Virtual CSRs */ 208 /* 209 * For RV32 this is 32-bit vsstatus and 32-bit vsstatush. 210 * For RV64 this is a 64-bit vsstatus. 211 */ 212 uint64_t vsstatus; 213 target_ulong vstvec; 214 target_ulong vsscratch; 215 target_ulong vsepc; 216 target_ulong vscause; 217 target_ulong vstval; 218 target_ulong vsatp; 219 220 target_ulong mtval2; 221 target_ulong mtinst; 222 223 /* HS Backup CSRs */ 224 target_ulong stvec_hs; 225 target_ulong sscratch_hs; 226 target_ulong sepc_hs; 227 target_ulong scause_hs; 228 target_ulong stval_hs; 229 target_ulong satp_hs; 230 uint64_t mstatus_hs; 231 232 /* Signals whether the current exception occurred with two-stage address 233 translation active. */ 234 bool two_stage_lookup; 235 236 target_ulong scounteren; 237 target_ulong mcounteren; 238 239 target_ulong sscratch; 240 target_ulong mscratch; 241 242 /* temporary htif regs */ 243 uint64_t mfromhost; 244 uint64_t mtohost; 245 uint64_t timecmp; 246 247 /* physical memory protection */ 248 pmp_table_t pmp_state; 249 target_ulong mseccfg; 250 251 /* machine specific rdtime callback */ 252 uint64_t (*rdtime_fn)(uint32_t); 253 uint32_t rdtime_fn_arg; 254 255 /* True if in debugger mode. */ 256 bool debugger; 257 258 /* 259 * CSRs for PointerMasking extension 260 */ 261 target_ulong mmte; 262 target_ulong mpmmask; 263 target_ulong mpmbase; 264 target_ulong spmmask; 265 target_ulong spmbase; 266 target_ulong upmmask; 267 target_ulong upmbase; 268 #endif 269 target_ulong cur_pmmask; 270 target_ulong cur_pmbase; 271 272 float_status fp_status; 273 274 /* Fields from here on are preserved across CPU reset. */ 275 QEMUTimer *timer; /* Internal timer */ 276 277 hwaddr kernel_addr; 278 hwaddr fdt_addr; 279 280 /* kvm timer */ 281 bool kvm_timer_dirty; 282 uint64_t kvm_timer_time; 283 uint64_t kvm_timer_compare; 284 uint64_t kvm_timer_state; 285 uint64_t kvm_timer_frequency; 286 }; 287 288 OBJECT_DECLARE_TYPE(RISCVCPU, RISCVCPUClass, 289 RISCV_CPU) 290 291 /** 292 * RISCVCPUClass: 293 * @parent_realize: The parent class' realize handler. 294 * @parent_reset: The parent class' reset handler. 295 * 296 * A RISCV CPU model. 297 */ 298 struct RISCVCPUClass { 299 /*< private >*/ 300 CPUClass parent_class; 301 /*< public >*/ 302 DeviceRealize parent_realize; 303 DeviceReset parent_reset; 304 }; 305 306 /** 307 * RISCVCPU: 308 * @env: #CPURISCVState 309 * 310 * A RISCV CPU. 311 */ 312 struct RISCVCPU { 313 /*< private >*/ 314 CPUState parent_obj; 315 /*< public >*/ 316 CPUNegativeOffsetState neg; 317 CPURISCVState env; 318 319 char *dyn_csr_xml; 320 char *dyn_vreg_xml; 321 322 /* Configuration Settings */ 323 struct { 324 bool ext_i; 325 bool ext_e; 326 bool ext_g; 327 bool ext_m; 328 bool ext_a; 329 bool ext_f; 330 bool ext_d; 331 bool ext_c; 332 bool ext_s; 333 bool ext_u; 334 bool ext_h; 335 bool ext_j; 336 bool ext_v; 337 bool ext_zba; 338 bool ext_zbb; 339 bool ext_zbc; 340 bool ext_zbs; 341 bool ext_counters; 342 bool ext_ifencei; 343 bool ext_icsr; 344 bool ext_zfh; 345 bool ext_zfhmin; 346 bool ext_zve32f; 347 bool ext_zve64f; 348 349 char *priv_spec; 350 char *user_spec; 351 char *bext_spec; 352 char *vext_spec; 353 uint16_t vlen; 354 uint16_t elen; 355 bool mmu; 356 bool pmp; 357 bool epmp; 358 uint64_t resetvec; 359 } cfg; 360 }; 361 362 static inline int riscv_has_ext(CPURISCVState *env, target_ulong ext) 363 { 364 return (env->misa_ext & ext) != 0; 365 } 366 367 static inline bool riscv_feature(CPURISCVState *env, int feature) 368 { 369 return env->features & (1ULL << feature); 370 } 371 372 #include "cpu_user.h" 373 374 extern const char * const riscv_int_regnames[]; 375 extern const char * const riscv_int_regnamesh[]; 376 extern const char * const riscv_fpr_regnames[]; 377 378 const char *riscv_cpu_get_trap_name(target_ulong cause, bool async); 379 void riscv_cpu_do_interrupt(CPUState *cpu); 380 int riscv_cpu_write_elf64_note(WriteCoreDumpFunction f, CPUState *cs, 381 int cpuid, void *opaque); 382 int riscv_cpu_write_elf32_note(WriteCoreDumpFunction f, CPUState *cs, 383 int cpuid, void *opaque); 384 int riscv_cpu_gdb_read_register(CPUState *cpu, GByteArray *buf, int reg); 385 int riscv_cpu_gdb_write_register(CPUState *cpu, uint8_t *buf, int reg); 386 bool riscv_cpu_fp_enabled(CPURISCVState *env); 387 bool riscv_cpu_vector_enabled(CPURISCVState *env); 388 bool riscv_cpu_virt_enabled(CPURISCVState *env); 389 void riscv_cpu_set_virt_enabled(CPURISCVState *env, bool enable); 390 bool riscv_cpu_two_stage_lookup(int mmu_idx); 391 int riscv_cpu_mmu_index(CPURISCVState *env, bool ifetch); 392 hwaddr riscv_cpu_get_phys_page_debug(CPUState *cpu, vaddr addr); 393 void riscv_cpu_do_unaligned_access(CPUState *cs, vaddr addr, 394 MMUAccessType access_type, int mmu_idx, 395 uintptr_t retaddr) QEMU_NORETURN; 396 bool riscv_cpu_tlb_fill(CPUState *cs, vaddr address, int size, 397 MMUAccessType access_type, int mmu_idx, 398 bool probe, uintptr_t retaddr); 399 void riscv_cpu_do_transaction_failed(CPUState *cs, hwaddr physaddr, 400 vaddr addr, unsigned size, 401 MMUAccessType access_type, 402 int mmu_idx, MemTxAttrs attrs, 403 MemTxResult response, uintptr_t retaddr); 404 char *riscv_isa_string(RISCVCPU *cpu); 405 void riscv_cpu_list(void); 406 407 #define cpu_list riscv_cpu_list 408 #define cpu_mmu_index riscv_cpu_mmu_index 409 410 #ifndef CONFIG_USER_ONLY 411 bool riscv_cpu_exec_interrupt(CPUState *cs, int interrupt_request); 412 void riscv_cpu_swap_hypervisor_regs(CPURISCVState *env); 413 int riscv_cpu_claim_interrupts(RISCVCPU *cpu, uint32_t interrupts); 414 uint32_t riscv_cpu_update_mip(RISCVCPU *cpu, uint32_t mask, uint32_t value); 415 #define BOOL_TO_MASK(x) (-!!(x)) /* helper for riscv_cpu_update_mip value */ 416 void riscv_cpu_set_rdtime_fn(CPURISCVState *env, uint64_t (*fn)(uint32_t), 417 uint32_t arg); 418 #endif 419 void riscv_cpu_set_mode(CPURISCVState *env, target_ulong newpriv); 420 421 void riscv_translate_init(void); 422 void QEMU_NORETURN riscv_raise_exception(CPURISCVState *env, 423 uint32_t exception, uintptr_t pc); 424 425 target_ulong riscv_cpu_get_fflags(CPURISCVState *env); 426 void riscv_cpu_set_fflags(CPURISCVState *env, target_ulong); 427 428 #define TB_FLAGS_PRIV_MMU_MASK 3 429 #define TB_FLAGS_PRIV_HYP_ACCESS_MASK (1 << 2) 430 #define TB_FLAGS_MSTATUS_FS MSTATUS_FS 431 #define TB_FLAGS_MSTATUS_VS MSTATUS_VS 432 433 typedef CPURISCVState CPUArchState; 434 typedef RISCVCPU ArchCPU; 435 #include "exec/cpu-all.h" 436 437 FIELD(TB_FLAGS, MEM_IDX, 0, 3) 438 FIELD(TB_FLAGS, LMUL, 3, 3) 439 FIELD(TB_FLAGS, SEW, 6, 3) 440 /* Skip MSTATUS_VS (0x600) bits */ 441 FIELD(TB_FLAGS, VL_EQ_VLMAX, 11, 1) 442 FIELD(TB_FLAGS, VILL, 12, 1) 443 /* Skip MSTATUS_FS (0x6000) bits */ 444 /* Is a Hypervisor instruction load/store allowed? */ 445 FIELD(TB_FLAGS, HLSX, 15, 1) 446 FIELD(TB_FLAGS, MSTATUS_HS_FS, 16, 2) 447 FIELD(TB_FLAGS, MSTATUS_HS_VS, 18, 2) 448 /* The combination of MXL/SXL/UXL that applies to the current cpu mode. */ 449 FIELD(TB_FLAGS, XL, 20, 2) 450 /* If PointerMasking should be applied */ 451 FIELD(TB_FLAGS, PM_MASK_ENABLED, 22, 1) 452 FIELD(TB_FLAGS, PM_BASE_ENABLED, 23, 1) 453 454 #ifdef TARGET_RISCV32 455 #define riscv_cpu_mxl(env) ((void)(env), MXL_RV32) 456 #else 457 static inline RISCVMXL riscv_cpu_mxl(CPURISCVState *env) 458 { 459 return env->misa_mxl; 460 } 461 #endif 462 463 #if defined(TARGET_RISCV32) 464 #define cpu_recompute_xl(env) ((void)(env), MXL_RV32) 465 #else 466 static inline RISCVMXL cpu_recompute_xl(CPURISCVState *env) 467 { 468 RISCVMXL xl = env->misa_mxl; 469 #if !defined(CONFIG_USER_ONLY) 470 /* 471 * When emulating a 32-bit-only cpu, use RV32. 472 * When emulating a 64-bit cpu, and MXL has been reduced to RV32, 473 * MSTATUSH doesn't have UXL/SXL, therefore XLEN cannot be widened 474 * back to RV64 for lower privs. 475 */ 476 if (xl != MXL_RV32) { 477 switch (env->priv) { 478 case PRV_M: 479 break; 480 case PRV_U: 481 xl = get_field(env->mstatus, MSTATUS64_UXL); 482 break; 483 default: /* PRV_S | PRV_H */ 484 xl = get_field(env->mstatus, MSTATUS64_SXL); 485 break; 486 } 487 } 488 #endif 489 return xl; 490 } 491 #endif 492 493 static inline int riscv_cpu_xlen(CPURISCVState *env) 494 { 495 return 16 << env->xl; 496 } 497 498 /* 499 * Encode LMUL to lmul as follows: 500 * LMUL vlmul lmul 501 * 1 000 0 502 * 2 001 1 503 * 4 010 2 504 * 8 011 3 505 * - 100 - 506 * 1/8 101 -3 507 * 1/4 110 -2 508 * 1/2 111 -1 509 * 510 * then, we can calculate VLMAX = vlen >> (vsew + 3 - lmul) 511 * e.g. vlen = 256 bits, SEW = 16, LMUL = 1/8 512 * => VLMAX = vlen >> (1 + 3 - (-3)) 513 * = 256 >> 7 514 * = 2 515 */ 516 static inline uint32_t vext_get_vlmax(RISCVCPU *cpu, target_ulong vtype) 517 { 518 uint8_t sew = FIELD_EX64(vtype, VTYPE, VSEW); 519 int8_t lmul = sextract32(FIELD_EX64(vtype, VTYPE, VLMUL), 0, 3); 520 return cpu->cfg.vlen >> (sew + 3 - lmul); 521 } 522 523 void cpu_get_tb_cpu_state(CPURISCVState *env, target_ulong *pc, 524 target_ulong *cs_base, uint32_t *pflags); 525 526 void riscv_cpu_update_mask(CPURISCVState *env); 527 528 RISCVException riscv_csrrw(CPURISCVState *env, int csrno, 529 target_ulong *ret_value, 530 target_ulong new_value, target_ulong write_mask); 531 RISCVException riscv_csrrw_debug(CPURISCVState *env, int csrno, 532 target_ulong *ret_value, 533 target_ulong new_value, 534 target_ulong write_mask); 535 536 static inline void riscv_csr_write(CPURISCVState *env, int csrno, 537 target_ulong val) 538 { 539 riscv_csrrw(env, csrno, NULL, val, MAKE_64BIT_MASK(0, TARGET_LONG_BITS)); 540 } 541 542 static inline target_ulong riscv_csr_read(CPURISCVState *env, int csrno) 543 { 544 target_ulong val = 0; 545 riscv_csrrw(env, csrno, &val, 0, 0); 546 return val; 547 } 548 549 typedef RISCVException (*riscv_csr_predicate_fn)(CPURISCVState *env, 550 int csrno); 551 typedef RISCVException (*riscv_csr_read_fn)(CPURISCVState *env, int csrno, 552 target_ulong *ret_value); 553 typedef RISCVException (*riscv_csr_write_fn)(CPURISCVState *env, int csrno, 554 target_ulong new_value); 555 typedef RISCVException (*riscv_csr_op_fn)(CPURISCVState *env, int csrno, 556 target_ulong *ret_value, 557 target_ulong new_value, 558 target_ulong write_mask); 559 560 RISCVException riscv_csrrw_i128(CPURISCVState *env, int csrno, 561 Int128 *ret_value, 562 Int128 new_value, Int128 write_mask); 563 564 typedef RISCVException (*riscv_csr_read128_fn)(CPURISCVState *env, int csrno, 565 Int128 *ret_value); 566 typedef RISCVException (*riscv_csr_write128_fn)(CPURISCVState *env, int csrno, 567 Int128 new_value); 568 569 typedef struct { 570 const char *name; 571 riscv_csr_predicate_fn predicate; 572 riscv_csr_read_fn read; 573 riscv_csr_write_fn write; 574 riscv_csr_op_fn op; 575 riscv_csr_read128_fn read128; 576 riscv_csr_write128_fn write128; 577 } riscv_csr_operations; 578 579 /* CSR function table constants */ 580 enum { 581 CSR_TABLE_SIZE = 0x1000 582 }; 583 584 /* CSR function table */ 585 extern riscv_csr_operations csr_ops[CSR_TABLE_SIZE]; 586 587 void riscv_get_csr_ops(int csrno, riscv_csr_operations *ops); 588 void riscv_set_csr_ops(int csrno, riscv_csr_operations *ops); 589 590 void riscv_cpu_register_gdb_regs_for_features(CPUState *cs); 591 592 #endif /* RISCV_CPU_H */ 593