1 /* 2 * QEMU RISC-V CPU 3 * 4 * Copyright (c) 2016-2017 Sagar Karandikar, sagark@eecs.berkeley.edu 5 * Copyright (c) 2017-2018 SiFive, Inc. 6 * 7 * This program is free software; you can redistribute it and/or modify it 8 * under the terms and conditions of the GNU General Public License, 9 * version 2 or later, as published by the Free Software Foundation. 10 * 11 * This program is distributed in the hope it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for 14 * more details. 15 * 16 * You should have received a copy of the GNU General Public License along with 17 * this program. If not, see <http://www.gnu.org/licenses/>. 18 */ 19 20 #ifndef RISCV_CPU_H 21 #define RISCV_CPU_H 22 23 #include "hw/core/cpu.h" 24 #include "hw/registerfields.h" 25 #include "exec/cpu-defs.h" 26 #include "fpu/softfloat-types.h" 27 #include "qom/object.h" 28 #include "qemu/int128.h" 29 #include "cpu_bits.h" 30 31 #define TCG_GUEST_DEFAULT_MO 0 32 33 #define TYPE_RISCV_CPU "riscv-cpu" 34 35 #define RISCV_CPU_TYPE_SUFFIX "-" TYPE_RISCV_CPU 36 #define RISCV_CPU_TYPE_NAME(name) (name RISCV_CPU_TYPE_SUFFIX) 37 #define CPU_RESOLVING_TYPE TYPE_RISCV_CPU 38 39 #define TYPE_RISCV_CPU_ANY RISCV_CPU_TYPE_NAME("any") 40 #define TYPE_RISCV_CPU_BASE32 RISCV_CPU_TYPE_NAME("rv32") 41 #define TYPE_RISCV_CPU_BASE64 RISCV_CPU_TYPE_NAME("rv64") 42 #define TYPE_RISCV_CPU_BASE128 RISCV_CPU_TYPE_NAME("x-rv128") 43 #define TYPE_RISCV_CPU_IBEX RISCV_CPU_TYPE_NAME("lowrisc-ibex") 44 #define TYPE_RISCV_CPU_SHAKTI_C RISCV_CPU_TYPE_NAME("shakti-c") 45 #define TYPE_RISCV_CPU_SIFIVE_E31 RISCV_CPU_TYPE_NAME("sifive-e31") 46 #define TYPE_RISCV_CPU_SIFIVE_E34 RISCV_CPU_TYPE_NAME("sifive-e34") 47 #define TYPE_RISCV_CPU_SIFIVE_E51 RISCV_CPU_TYPE_NAME("sifive-e51") 48 #define TYPE_RISCV_CPU_SIFIVE_U34 RISCV_CPU_TYPE_NAME("sifive-u34") 49 #define TYPE_RISCV_CPU_SIFIVE_U54 RISCV_CPU_TYPE_NAME("sifive-u54") 50 #define TYPE_RISCV_CPU_HOST RISCV_CPU_TYPE_NAME("host") 51 52 #if defined(TARGET_RISCV32) 53 # define TYPE_RISCV_CPU_BASE TYPE_RISCV_CPU_BASE32 54 #elif defined(TARGET_RISCV64) 55 # define TYPE_RISCV_CPU_BASE TYPE_RISCV_CPU_BASE64 56 #endif 57 58 #define RV(x) ((target_ulong)1 << (x - 'A')) 59 60 #define RVI RV('I') 61 #define RVE RV('E') /* E and I are mutually exclusive */ 62 #define RVM RV('M') 63 #define RVA RV('A') 64 #define RVF RV('F') 65 #define RVD RV('D') 66 #define RVV RV('V') 67 #define RVC RV('C') 68 #define RVS RV('S') 69 #define RVU RV('U') 70 #define RVH RV('H') 71 #define RVJ RV('J') 72 73 /* S extension denotes that Supervisor mode exists, however it is possible 74 to have a core that support S mode but does not have an MMU and there 75 is currently no bit in misa to indicate whether an MMU exists or not 76 so a cpu features bitfield is required, likewise for optional PMP support */ 77 enum { 78 RISCV_FEATURE_MMU, 79 RISCV_FEATURE_PMP, 80 RISCV_FEATURE_EPMP, 81 RISCV_FEATURE_MISA 82 }; 83 84 #define PRIV_VERSION_1_10_0 0x00011000 85 #define PRIV_VERSION_1_11_0 0x00011100 86 87 #define VEXT_VERSION_1_00_0 0x00010000 88 89 enum { 90 TRANSLATE_SUCCESS, 91 TRANSLATE_FAIL, 92 TRANSLATE_PMP_FAIL, 93 TRANSLATE_G_STAGE_FAIL 94 }; 95 96 #define MMU_USER_IDX 3 97 98 #define MAX_RISCV_PMPS (16) 99 100 typedef struct CPURISCVState CPURISCVState; 101 102 #if !defined(CONFIG_USER_ONLY) 103 #include "pmp.h" 104 #endif 105 106 #define RV_VLEN_MAX 1024 107 108 FIELD(VTYPE, VLMUL, 0, 3) 109 FIELD(VTYPE, VSEW, 3, 3) 110 FIELD(VTYPE, VTA, 6, 1) 111 FIELD(VTYPE, VMA, 7, 1) 112 FIELD(VTYPE, VEDIV, 8, 2) 113 FIELD(VTYPE, RESERVED, 10, sizeof(target_ulong) * 8 - 11) 114 115 struct CPURISCVState { 116 target_ulong gpr[32]; 117 target_ulong gprh[32]; /* 64 top bits of the 128-bit registers */ 118 uint64_t fpr[32]; /* assume both F and D extensions */ 119 120 /* vector coprocessor state. */ 121 uint64_t vreg[32 * RV_VLEN_MAX / 64] QEMU_ALIGNED(16); 122 target_ulong vxrm; 123 target_ulong vxsat; 124 target_ulong vl; 125 target_ulong vstart; 126 target_ulong vtype; 127 bool vill; 128 129 target_ulong pc; 130 target_ulong load_res; 131 target_ulong load_val; 132 133 target_ulong frm; 134 135 target_ulong badaddr; 136 uint32_t bins; 137 138 target_ulong guest_phys_fault_addr; 139 140 target_ulong priv_ver; 141 target_ulong bext_ver; 142 target_ulong vext_ver; 143 144 /* RISCVMXL, but uint32_t for vmstate migration */ 145 uint32_t misa_mxl; /* current mxl */ 146 uint32_t misa_mxl_max; /* max mxl for this cpu */ 147 uint32_t misa_ext; /* current extensions */ 148 uint32_t misa_ext_mask; /* max ext for this cpu */ 149 uint32_t xl; /* current xlen */ 150 151 /* 128-bit helpers upper part return value */ 152 target_ulong retxh; 153 154 uint32_t features; 155 156 #ifdef CONFIG_USER_ONLY 157 uint32_t elf_flags; 158 #endif 159 160 #ifndef CONFIG_USER_ONLY 161 target_ulong priv; 162 /* This contains QEMU specific information about the virt state. */ 163 target_ulong virt; 164 target_ulong geilen; 165 target_ulong resetvec; 166 167 target_ulong mhartid; 168 /* 169 * For RV32 this is 32-bit mstatus and 32-bit mstatush. 170 * For RV64 this is a 64-bit mstatus. 171 */ 172 uint64_t mstatus; 173 174 target_ulong mip; 175 176 uint32_t miclaim; 177 178 target_ulong mie; 179 target_ulong mideleg; 180 181 target_ulong satp; /* since: priv-1.10.0 */ 182 target_ulong stval; 183 target_ulong medeleg; 184 185 target_ulong stvec; 186 target_ulong sepc; 187 target_ulong scause; 188 189 target_ulong mtvec; 190 target_ulong mepc; 191 target_ulong mcause; 192 target_ulong mtval; /* since: priv-1.10.0 */ 193 194 /* Hypervisor CSRs */ 195 target_ulong hstatus; 196 target_ulong hedeleg; 197 target_ulong hideleg; 198 target_ulong hcounteren; 199 target_ulong htval; 200 target_ulong htinst; 201 target_ulong hgatp; 202 target_ulong hgeie; 203 target_ulong hgeip; 204 uint64_t htimedelta; 205 206 /* Upper 64-bits of 128-bit CSRs */ 207 uint64_t mscratchh; 208 uint64_t sscratchh; 209 210 /* Virtual CSRs */ 211 /* 212 * For RV32 this is 32-bit vsstatus and 32-bit vsstatush. 213 * For RV64 this is a 64-bit vsstatus. 214 */ 215 uint64_t vsstatus; 216 target_ulong vstvec; 217 target_ulong vsscratch; 218 target_ulong vsepc; 219 target_ulong vscause; 220 target_ulong vstval; 221 target_ulong vsatp; 222 223 target_ulong mtval2; 224 target_ulong mtinst; 225 226 /* HS Backup CSRs */ 227 target_ulong stvec_hs; 228 target_ulong sscratch_hs; 229 target_ulong sepc_hs; 230 target_ulong scause_hs; 231 target_ulong stval_hs; 232 target_ulong satp_hs; 233 uint64_t mstatus_hs; 234 235 /* Signals whether the current exception occurred with two-stage address 236 translation active. */ 237 bool two_stage_lookup; 238 239 target_ulong scounteren; 240 target_ulong mcounteren; 241 242 target_ulong sscratch; 243 target_ulong mscratch; 244 245 /* temporary htif regs */ 246 uint64_t mfromhost; 247 uint64_t mtohost; 248 uint64_t timecmp; 249 250 /* physical memory protection */ 251 pmp_table_t pmp_state; 252 target_ulong mseccfg; 253 254 /* machine specific rdtime callback */ 255 uint64_t (*rdtime_fn)(uint32_t); 256 uint32_t rdtime_fn_arg; 257 258 /* True if in debugger mode. */ 259 bool debugger; 260 261 /* 262 * CSRs for PointerMasking extension 263 */ 264 target_ulong mmte; 265 target_ulong mpmmask; 266 target_ulong mpmbase; 267 target_ulong spmmask; 268 target_ulong spmbase; 269 target_ulong upmmask; 270 target_ulong upmbase; 271 #endif 272 target_ulong cur_pmmask; 273 target_ulong cur_pmbase; 274 275 float_status fp_status; 276 277 /* Fields from here on are preserved across CPU reset. */ 278 QEMUTimer *timer; /* Internal timer */ 279 280 hwaddr kernel_addr; 281 hwaddr fdt_addr; 282 283 /* kvm timer */ 284 bool kvm_timer_dirty; 285 uint64_t kvm_timer_time; 286 uint64_t kvm_timer_compare; 287 uint64_t kvm_timer_state; 288 uint64_t kvm_timer_frequency; 289 }; 290 291 OBJECT_DECLARE_TYPE(RISCVCPU, RISCVCPUClass, 292 RISCV_CPU) 293 294 /** 295 * RISCVCPUClass: 296 * @parent_realize: The parent class' realize handler. 297 * @parent_reset: The parent class' reset handler. 298 * 299 * A RISCV CPU model. 300 */ 301 struct RISCVCPUClass { 302 /*< private >*/ 303 CPUClass parent_class; 304 /*< public >*/ 305 DeviceRealize parent_realize; 306 DeviceReset parent_reset; 307 }; 308 309 struct RISCVCPUConfig { 310 bool ext_i; 311 bool ext_e; 312 bool ext_g; 313 bool ext_m; 314 bool ext_a; 315 bool ext_f; 316 bool ext_d; 317 bool ext_c; 318 bool ext_s; 319 bool ext_u; 320 bool ext_h; 321 bool ext_j; 322 bool ext_v; 323 bool ext_zba; 324 bool ext_zbb; 325 bool ext_zbc; 326 bool ext_zbs; 327 bool ext_counters; 328 bool ext_ifencei; 329 bool ext_icsr; 330 bool ext_zfh; 331 bool ext_zfhmin; 332 bool ext_zve32f; 333 bool ext_zve64f; 334 335 /* Vendor-specific custom extensions */ 336 bool ext_XVentanaCondOps; 337 338 char *priv_spec; 339 char *user_spec; 340 char *bext_spec; 341 char *vext_spec; 342 uint16_t vlen; 343 uint16_t elen; 344 bool mmu; 345 bool pmp; 346 bool epmp; 347 uint64_t resetvec; 348 }; 349 350 typedef struct RISCVCPUConfig RISCVCPUConfig; 351 352 /** 353 * RISCVCPU: 354 * @env: #CPURISCVState 355 * 356 * A RISCV CPU. 357 */ 358 struct RISCVCPU { 359 /*< private >*/ 360 CPUState parent_obj; 361 /*< public >*/ 362 CPUNegativeOffsetState neg; 363 CPURISCVState env; 364 365 char *dyn_csr_xml; 366 char *dyn_vreg_xml; 367 368 /* Configuration Settings */ 369 RISCVCPUConfig cfg; 370 }; 371 372 static inline int riscv_has_ext(CPURISCVState *env, target_ulong ext) 373 { 374 return (env->misa_ext & ext) != 0; 375 } 376 377 static inline bool riscv_feature(CPURISCVState *env, int feature) 378 { 379 return env->features & (1ULL << feature); 380 } 381 382 static inline void riscv_set_feature(CPURISCVState *env, int feature) 383 { 384 env->features |= (1ULL << feature); 385 } 386 387 #include "cpu_user.h" 388 389 extern const char * const riscv_int_regnames[]; 390 extern const char * const riscv_int_regnamesh[]; 391 extern const char * const riscv_fpr_regnames[]; 392 393 const char *riscv_cpu_get_trap_name(target_ulong cause, bool async); 394 void riscv_cpu_do_interrupt(CPUState *cpu); 395 int riscv_cpu_write_elf64_note(WriteCoreDumpFunction f, CPUState *cs, 396 int cpuid, void *opaque); 397 int riscv_cpu_write_elf32_note(WriteCoreDumpFunction f, CPUState *cs, 398 int cpuid, void *opaque); 399 int riscv_cpu_gdb_read_register(CPUState *cpu, GByteArray *buf, int reg); 400 int riscv_cpu_gdb_write_register(CPUState *cpu, uint8_t *buf, int reg); 401 bool riscv_cpu_fp_enabled(CPURISCVState *env); 402 target_ulong riscv_cpu_get_geilen(CPURISCVState *env); 403 void riscv_cpu_set_geilen(CPURISCVState *env, target_ulong geilen); 404 bool riscv_cpu_vector_enabled(CPURISCVState *env); 405 bool riscv_cpu_virt_enabled(CPURISCVState *env); 406 void riscv_cpu_set_virt_enabled(CPURISCVState *env, bool enable); 407 bool riscv_cpu_two_stage_lookup(int mmu_idx); 408 int riscv_cpu_mmu_index(CPURISCVState *env, bool ifetch); 409 hwaddr riscv_cpu_get_phys_page_debug(CPUState *cpu, vaddr addr); 410 void riscv_cpu_do_unaligned_access(CPUState *cs, vaddr addr, 411 MMUAccessType access_type, int mmu_idx, 412 uintptr_t retaddr) QEMU_NORETURN; 413 bool riscv_cpu_tlb_fill(CPUState *cs, vaddr address, int size, 414 MMUAccessType access_type, int mmu_idx, 415 bool probe, uintptr_t retaddr); 416 void riscv_cpu_do_transaction_failed(CPUState *cs, hwaddr physaddr, 417 vaddr addr, unsigned size, 418 MMUAccessType access_type, 419 int mmu_idx, MemTxAttrs attrs, 420 MemTxResult response, uintptr_t retaddr); 421 char *riscv_isa_string(RISCVCPU *cpu); 422 void riscv_cpu_list(void); 423 424 #define cpu_list riscv_cpu_list 425 #define cpu_mmu_index riscv_cpu_mmu_index 426 427 #ifndef CONFIG_USER_ONLY 428 bool riscv_cpu_exec_interrupt(CPUState *cs, int interrupt_request); 429 void riscv_cpu_swap_hypervisor_regs(CPURISCVState *env); 430 int riscv_cpu_claim_interrupts(RISCVCPU *cpu, uint32_t interrupts); 431 uint32_t riscv_cpu_update_mip(RISCVCPU *cpu, uint32_t mask, uint32_t value); 432 #define BOOL_TO_MASK(x) (-!!(x)) /* helper for riscv_cpu_update_mip value */ 433 void riscv_cpu_set_rdtime_fn(CPURISCVState *env, uint64_t (*fn)(uint32_t), 434 uint32_t arg); 435 #endif 436 void riscv_cpu_set_mode(CPURISCVState *env, target_ulong newpriv); 437 438 void riscv_translate_init(void); 439 void QEMU_NORETURN riscv_raise_exception(CPURISCVState *env, 440 uint32_t exception, uintptr_t pc); 441 442 target_ulong riscv_cpu_get_fflags(CPURISCVState *env); 443 void riscv_cpu_set_fflags(CPURISCVState *env, target_ulong); 444 445 #define TB_FLAGS_PRIV_MMU_MASK 3 446 #define TB_FLAGS_PRIV_HYP_ACCESS_MASK (1 << 2) 447 #define TB_FLAGS_MSTATUS_FS MSTATUS_FS 448 #define TB_FLAGS_MSTATUS_VS MSTATUS_VS 449 450 typedef CPURISCVState CPUArchState; 451 typedef RISCVCPU ArchCPU; 452 #include "exec/cpu-all.h" 453 454 FIELD(TB_FLAGS, MEM_IDX, 0, 3) 455 FIELD(TB_FLAGS, LMUL, 3, 3) 456 FIELD(TB_FLAGS, SEW, 6, 3) 457 /* Skip MSTATUS_VS (0x600) bits */ 458 FIELD(TB_FLAGS, VL_EQ_VLMAX, 11, 1) 459 FIELD(TB_FLAGS, VILL, 12, 1) 460 /* Skip MSTATUS_FS (0x6000) bits */ 461 /* Is a Hypervisor instruction load/store allowed? */ 462 FIELD(TB_FLAGS, HLSX, 15, 1) 463 FIELD(TB_FLAGS, MSTATUS_HS_FS, 16, 2) 464 FIELD(TB_FLAGS, MSTATUS_HS_VS, 18, 2) 465 /* The combination of MXL/SXL/UXL that applies to the current cpu mode. */ 466 FIELD(TB_FLAGS, XL, 20, 2) 467 /* If PointerMasking should be applied */ 468 FIELD(TB_FLAGS, PM_MASK_ENABLED, 22, 1) 469 FIELD(TB_FLAGS, PM_BASE_ENABLED, 23, 1) 470 471 #ifdef TARGET_RISCV32 472 #define riscv_cpu_mxl(env) ((void)(env), MXL_RV32) 473 #else 474 static inline RISCVMXL riscv_cpu_mxl(CPURISCVState *env) 475 { 476 return env->misa_mxl; 477 } 478 #endif 479 480 #if defined(TARGET_RISCV32) 481 #define cpu_recompute_xl(env) ((void)(env), MXL_RV32) 482 #else 483 static inline RISCVMXL cpu_recompute_xl(CPURISCVState *env) 484 { 485 RISCVMXL xl = env->misa_mxl; 486 #if !defined(CONFIG_USER_ONLY) 487 /* 488 * When emulating a 32-bit-only cpu, use RV32. 489 * When emulating a 64-bit cpu, and MXL has been reduced to RV32, 490 * MSTATUSH doesn't have UXL/SXL, therefore XLEN cannot be widened 491 * back to RV64 for lower privs. 492 */ 493 if (xl != MXL_RV32) { 494 switch (env->priv) { 495 case PRV_M: 496 break; 497 case PRV_U: 498 xl = get_field(env->mstatus, MSTATUS64_UXL); 499 break; 500 default: /* PRV_S | PRV_H */ 501 xl = get_field(env->mstatus, MSTATUS64_SXL); 502 break; 503 } 504 } 505 #endif 506 return xl; 507 } 508 #endif 509 510 static inline int riscv_cpu_xlen(CPURISCVState *env) 511 { 512 return 16 << env->xl; 513 } 514 515 /* 516 * Encode LMUL to lmul as follows: 517 * LMUL vlmul lmul 518 * 1 000 0 519 * 2 001 1 520 * 4 010 2 521 * 8 011 3 522 * - 100 - 523 * 1/8 101 -3 524 * 1/4 110 -2 525 * 1/2 111 -1 526 * 527 * then, we can calculate VLMAX = vlen >> (vsew + 3 - lmul) 528 * e.g. vlen = 256 bits, SEW = 16, LMUL = 1/8 529 * => VLMAX = vlen >> (1 + 3 - (-3)) 530 * = 256 >> 7 531 * = 2 532 */ 533 static inline uint32_t vext_get_vlmax(RISCVCPU *cpu, target_ulong vtype) 534 { 535 uint8_t sew = FIELD_EX64(vtype, VTYPE, VSEW); 536 int8_t lmul = sextract32(FIELD_EX64(vtype, VTYPE, VLMUL), 0, 3); 537 return cpu->cfg.vlen >> (sew + 3 - lmul); 538 } 539 540 void cpu_get_tb_cpu_state(CPURISCVState *env, target_ulong *pc, 541 target_ulong *cs_base, uint32_t *pflags); 542 543 void riscv_cpu_update_mask(CPURISCVState *env); 544 545 RISCVException riscv_csrrw(CPURISCVState *env, int csrno, 546 target_ulong *ret_value, 547 target_ulong new_value, target_ulong write_mask); 548 RISCVException riscv_csrrw_debug(CPURISCVState *env, int csrno, 549 target_ulong *ret_value, 550 target_ulong new_value, 551 target_ulong write_mask); 552 553 static inline void riscv_csr_write(CPURISCVState *env, int csrno, 554 target_ulong val) 555 { 556 riscv_csrrw(env, csrno, NULL, val, MAKE_64BIT_MASK(0, TARGET_LONG_BITS)); 557 } 558 559 static inline target_ulong riscv_csr_read(CPURISCVState *env, int csrno) 560 { 561 target_ulong val = 0; 562 riscv_csrrw(env, csrno, &val, 0, 0); 563 return val; 564 } 565 566 typedef RISCVException (*riscv_csr_predicate_fn)(CPURISCVState *env, 567 int csrno); 568 typedef RISCVException (*riscv_csr_read_fn)(CPURISCVState *env, int csrno, 569 target_ulong *ret_value); 570 typedef RISCVException (*riscv_csr_write_fn)(CPURISCVState *env, int csrno, 571 target_ulong new_value); 572 typedef RISCVException (*riscv_csr_op_fn)(CPURISCVState *env, int csrno, 573 target_ulong *ret_value, 574 target_ulong new_value, 575 target_ulong write_mask); 576 577 RISCVException riscv_csrrw_i128(CPURISCVState *env, int csrno, 578 Int128 *ret_value, 579 Int128 new_value, Int128 write_mask); 580 581 typedef RISCVException (*riscv_csr_read128_fn)(CPURISCVState *env, int csrno, 582 Int128 *ret_value); 583 typedef RISCVException (*riscv_csr_write128_fn)(CPURISCVState *env, int csrno, 584 Int128 new_value); 585 586 typedef struct { 587 const char *name; 588 riscv_csr_predicate_fn predicate; 589 riscv_csr_read_fn read; 590 riscv_csr_write_fn write; 591 riscv_csr_op_fn op; 592 riscv_csr_read128_fn read128; 593 riscv_csr_write128_fn write128; 594 } riscv_csr_operations; 595 596 /* CSR function table constants */ 597 enum { 598 CSR_TABLE_SIZE = 0x1000 599 }; 600 601 /* CSR function table */ 602 extern riscv_csr_operations csr_ops[CSR_TABLE_SIZE]; 603 604 void riscv_get_csr_ops(int csrno, riscv_csr_operations *ops); 605 void riscv_set_csr_ops(int csrno, riscv_csr_operations *ops); 606 607 void riscv_cpu_register_gdb_regs_for_features(CPUState *cs); 608 609 #endif /* RISCV_CPU_H */ 610