1 /* 2 * PowerPC exception emulation helpers for QEMU. 3 * 4 * Copyright (c) 2003-2007 Jocelyn Mayer 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2.1 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 18 */ 19 #include "qemu/osdep.h" 20 #include "qemu/main-loop.h" 21 #include "qemu/log.h" 22 #include "cpu.h" 23 #include "exec/exec-all.h" 24 #include "internal.h" 25 #include "helper_regs.h" 26 #include "hw/ppc/ppc.h" 27 28 #include "trace.h" 29 30 #ifdef CONFIG_TCG 31 #include "sysemu/tcg.h" 32 #include "exec/helper-proto.h" 33 #include "exec/cpu_ldst.h" 34 #endif 35 36 /*****************************************************************************/ 37 /* Exception processing */ 38 #ifndef CONFIG_USER_ONLY 39 40 static const char *powerpc_excp_name(int excp) 41 { 42 switch (excp) { 43 case POWERPC_EXCP_CRITICAL: return "CRITICAL"; 44 case POWERPC_EXCP_MCHECK: return "MCHECK"; 45 case POWERPC_EXCP_DSI: return "DSI"; 46 case POWERPC_EXCP_ISI: return "ISI"; 47 case POWERPC_EXCP_EXTERNAL: return "EXTERNAL"; 48 case POWERPC_EXCP_ALIGN: return "ALIGN"; 49 case POWERPC_EXCP_PROGRAM: return "PROGRAM"; 50 case POWERPC_EXCP_FPU: return "FPU"; 51 case POWERPC_EXCP_SYSCALL: return "SYSCALL"; 52 case POWERPC_EXCP_APU: return "APU"; 53 case POWERPC_EXCP_DECR: return "DECR"; 54 case POWERPC_EXCP_FIT: return "FIT"; 55 case POWERPC_EXCP_WDT: return "WDT"; 56 case POWERPC_EXCP_DTLB: return "DTLB"; 57 case POWERPC_EXCP_ITLB: return "ITLB"; 58 case POWERPC_EXCP_DEBUG: return "DEBUG"; 59 case POWERPC_EXCP_SPEU: return "SPEU"; 60 case POWERPC_EXCP_EFPDI: return "EFPDI"; 61 case POWERPC_EXCP_EFPRI: return "EFPRI"; 62 case POWERPC_EXCP_EPERFM: return "EPERFM"; 63 case POWERPC_EXCP_DOORI: return "DOORI"; 64 case POWERPC_EXCP_DOORCI: return "DOORCI"; 65 case POWERPC_EXCP_GDOORI: return "GDOORI"; 66 case POWERPC_EXCP_GDOORCI: return "GDOORCI"; 67 case POWERPC_EXCP_HYPPRIV: return "HYPPRIV"; 68 case POWERPC_EXCP_RESET: return "RESET"; 69 case POWERPC_EXCP_DSEG: return "DSEG"; 70 case POWERPC_EXCP_ISEG: return "ISEG"; 71 case POWERPC_EXCP_HDECR: return "HDECR"; 72 case POWERPC_EXCP_TRACE: return "TRACE"; 73 case POWERPC_EXCP_HDSI: return "HDSI"; 74 case POWERPC_EXCP_HISI: return "HISI"; 75 case POWERPC_EXCP_HDSEG: return "HDSEG"; 76 case POWERPC_EXCP_HISEG: return "HISEG"; 77 case POWERPC_EXCP_VPU: return "VPU"; 78 case POWERPC_EXCP_PIT: return "PIT"; 79 case POWERPC_EXCP_EMUL: return "EMUL"; 80 case POWERPC_EXCP_IFTLB: return "IFTLB"; 81 case POWERPC_EXCP_DLTLB: return "DLTLB"; 82 case POWERPC_EXCP_DSTLB: return "DSTLB"; 83 case POWERPC_EXCP_FPA: return "FPA"; 84 case POWERPC_EXCP_DABR: return "DABR"; 85 case POWERPC_EXCP_IABR: return "IABR"; 86 case POWERPC_EXCP_SMI: return "SMI"; 87 case POWERPC_EXCP_PERFM: return "PERFM"; 88 case POWERPC_EXCP_THERM: return "THERM"; 89 case POWERPC_EXCP_VPUA: return "VPUA"; 90 case POWERPC_EXCP_SOFTP: return "SOFTP"; 91 case POWERPC_EXCP_MAINT: return "MAINT"; 92 case POWERPC_EXCP_MEXTBR: return "MEXTBR"; 93 case POWERPC_EXCP_NMEXTBR: return "NMEXTBR"; 94 case POWERPC_EXCP_ITLBE: return "ITLBE"; 95 case POWERPC_EXCP_DTLBE: return "DTLBE"; 96 case POWERPC_EXCP_VSXU: return "VSXU"; 97 case POWERPC_EXCP_FU: return "FU"; 98 case POWERPC_EXCP_HV_EMU: return "HV_EMU"; 99 case POWERPC_EXCP_HV_MAINT: return "HV_MAINT"; 100 case POWERPC_EXCP_HV_FU: return "HV_FU"; 101 case POWERPC_EXCP_SDOOR: return "SDOOR"; 102 case POWERPC_EXCP_SDOOR_HV: return "SDOOR_HV"; 103 case POWERPC_EXCP_HVIRT: return "HVIRT"; 104 case POWERPC_EXCP_SYSCALL_VECTORED: return "SYSCALL_VECTORED"; 105 default: 106 g_assert_not_reached(); 107 } 108 } 109 110 static void dump_syscall(CPUPPCState *env) 111 { 112 qemu_log_mask(CPU_LOG_INT, "syscall r0=%016" PRIx64 113 " r3=%016" PRIx64 " r4=%016" PRIx64 " r5=%016" PRIx64 114 " r6=%016" PRIx64 " r7=%016" PRIx64 " r8=%016" PRIx64 115 " nip=" TARGET_FMT_lx "\n", 116 ppc_dump_gpr(env, 0), ppc_dump_gpr(env, 3), 117 ppc_dump_gpr(env, 4), ppc_dump_gpr(env, 5), 118 ppc_dump_gpr(env, 6), ppc_dump_gpr(env, 7), 119 ppc_dump_gpr(env, 8), env->nip); 120 } 121 122 static void dump_hcall(CPUPPCState *env) 123 { 124 qemu_log_mask(CPU_LOG_INT, "hypercall r3=%016" PRIx64 125 " r4=%016" PRIx64 " r5=%016" PRIx64 " r6=%016" PRIx64 126 " r7=%016" PRIx64 " r8=%016" PRIx64 " r9=%016" PRIx64 127 " r10=%016" PRIx64 " r11=%016" PRIx64 " r12=%016" PRIx64 128 " nip=" TARGET_FMT_lx "\n", 129 ppc_dump_gpr(env, 3), ppc_dump_gpr(env, 4), 130 ppc_dump_gpr(env, 5), ppc_dump_gpr(env, 6), 131 ppc_dump_gpr(env, 7), ppc_dump_gpr(env, 8), 132 ppc_dump_gpr(env, 9), ppc_dump_gpr(env, 10), 133 ppc_dump_gpr(env, 11), ppc_dump_gpr(env, 12), 134 env->nip); 135 } 136 137 #ifdef CONFIG_TCG 138 /* Return true iff byteswap is needed to load instruction */ 139 static inline bool insn_need_byteswap(CPUArchState *env) 140 { 141 /* SYSTEM builds TARGET_BIG_ENDIAN. Need to swap when MSR[LE] is set */ 142 return !!(env->msr & ((target_ulong)1 << MSR_LE)); 143 } 144 145 static uint32_t ppc_ldl_code(CPUArchState *env, target_ulong addr) 146 { 147 uint32_t insn = cpu_ldl_code(env, addr); 148 149 if (insn_need_byteswap(env)) { 150 insn = bswap32(insn); 151 } 152 153 return insn; 154 } 155 #endif 156 157 static void ppc_excp_debug_sw_tlb(CPUPPCState *env, int excp) 158 { 159 const char *es; 160 target_ulong *miss, *cmp; 161 int en; 162 163 if (!qemu_loglevel_mask(CPU_LOG_MMU)) { 164 return; 165 } 166 167 if (excp == POWERPC_EXCP_IFTLB) { 168 es = "I"; 169 en = 'I'; 170 miss = &env->spr[SPR_IMISS]; 171 cmp = &env->spr[SPR_ICMP]; 172 } else { 173 if (excp == POWERPC_EXCP_DLTLB) { 174 es = "DL"; 175 } else { 176 es = "DS"; 177 } 178 en = 'D'; 179 miss = &env->spr[SPR_DMISS]; 180 cmp = &env->spr[SPR_DCMP]; 181 } 182 qemu_log("6xx %sTLB miss: %cM " TARGET_FMT_lx " %cC " 183 TARGET_FMT_lx " H1 " TARGET_FMT_lx " H2 " 184 TARGET_FMT_lx " %08x\n", es, en, *miss, en, *cmp, 185 env->spr[SPR_HASH1], env->spr[SPR_HASH2], 186 env->error_code); 187 } 188 189 #ifdef TARGET_PPC64 190 static int powerpc_reset_wakeup(CPUPPCState *env, int excp, target_ulong *msr) 191 { 192 /* We no longer are in a PM state */ 193 env->resume_as_sreset = false; 194 195 /* Pretend to be returning from doze always as we don't lose state */ 196 *msr |= SRR1_WS_NOLOSS; 197 198 /* Machine checks are sent normally */ 199 if (excp == POWERPC_EXCP_MCHECK) { 200 return excp; 201 } 202 switch (excp) { 203 case POWERPC_EXCP_RESET: 204 *msr |= SRR1_WAKERESET; 205 break; 206 case POWERPC_EXCP_EXTERNAL: 207 *msr |= SRR1_WAKEEE; 208 break; 209 case POWERPC_EXCP_DECR: 210 *msr |= SRR1_WAKEDEC; 211 break; 212 case POWERPC_EXCP_SDOOR: 213 *msr |= SRR1_WAKEDBELL; 214 break; 215 case POWERPC_EXCP_SDOOR_HV: 216 *msr |= SRR1_WAKEHDBELL; 217 break; 218 case POWERPC_EXCP_HV_MAINT: 219 *msr |= SRR1_WAKEHMI; 220 break; 221 case POWERPC_EXCP_HVIRT: 222 *msr |= SRR1_WAKEHVI; 223 break; 224 default: 225 cpu_abort(env_cpu(env), 226 "Unsupported exception %d in Power Save mode\n", excp); 227 } 228 return POWERPC_EXCP_RESET; 229 } 230 231 /* 232 * AIL - Alternate Interrupt Location, a mode that allows interrupts to be 233 * taken with the MMU on, and which uses an alternate location (e.g., so the 234 * kernel/hv can map the vectors there with an effective address). 235 * 236 * An interrupt is considered to be taken "with AIL" or "AIL applies" if they 237 * are delivered in this way. AIL requires the LPCR to be set to enable this 238 * mode, and then a number of conditions have to be true for AIL to apply. 239 * 240 * First of all, SRESET, MCE, and HMI are always delivered without AIL, because 241 * they specifically want to be in real mode (e.g., the MCE might be signaling 242 * a SLB multi-hit which requires SLB flush before the MMU can be enabled). 243 * 244 * After that, behaviour depends on the current MSR[IR], MSR[DR], MSR[HV], 245 * whether or not the interrupt changes MSR[HV] from 0 to 1, and the current 246 * radix mode (LPCR[HR]). 247 * 248 * POWER8, POWER9 with LPCR[HR]=0 249 * | LPCR[AIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 250 * +-----------+-------------+---------+-------------+-----+ 251 * | a | 00/01/10 | x | x | 0 | 252 * | a | 11 | 0 | 1 | 0 | 253 * | a | 11 | 1 | 1 | a | 254 * | a | 11 | 0 | 0 | a | 255 * +-------------------------------------------------------+ 256 * 257 * POWER9 with LPCR[HR]=1 258 * | LPCR[AIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 259 * +-----------+-------------+---------+-------------+-----+ 260 * | a | 00/01/10 | x | x | 0 | 261 * | a | 11 | x | x | a | 262 * +-------------------------------------------------------+ 263 * 264 * The difference with POWER9 being that MSR[HV] 0->1 interrupts can be sent to 265 * the hypervisor in AIL mode if the guest is radix. This is good for 266 * performance but allows the guest to influence the AIL of hypervisor 267 * interrupts using its MSR, and also the hypervisor must disallow guest 268 * interrupts (MSR[HV] 0->0) from using AIL if the hypervisor does not want to 269 * use AIL for its MSR[HV] 0->1 interrupts. 270 * 271 * POWER10 addresses those issues with a new LPCR[HAIL] bit that is applied to 272 * interrupts that begin execution with MSR[HV]=1 (so both MSR[HV] 0->1 and 273 * MSR[HV] 1->1). 274 * 275 * HAIL=1 is equivalent to AIL=3, for interrupts delivered with MSR[HV]=1. 276 * 277 * POWER10 behaviour is 278 * | LPCR[AIL] | LPCR[HAIL] | MSR[IR||DR] | MSR[HV] | new MSR[HV] | AIL | 279 * +-----------+------------+-------------+---------+-------------+-----+ 280 * | a | h | 00/01/10 | 0 | 0 | 0 | 281 * | a | h | 11 | 0 | 0 | a | 282 * | a | h | x | 0 | 1 | h | 283 * | a | h | 00/01/10 | 1 | 1 | 0 | 284 * | a | h | 11 | 1 | 1 | h | 285 * +--------------------------------------------------------------------+ 286 */ 287 static void ppc_excp_apply_ail(PowerPCCPU *cpu, int excp, target_ulong msr, 288 target_ulong *new_msr, target_ulong *vector) 289 { 290 PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cpu); 291 CPUPPCState *env = &cpu->env; 292 bool mmu_all_on = ((msr >> MSR_IR) & 1) && ((msr >> MSR_DR) & 1); 293 bool hv_escalation = !(msr & MSR_HVB) && (*new_msr & MSR_HVB); 294 int ail = 0; 295 296 if (excp == POWERPC_EXCP_MCHECK || 297 excp == POWERPC_EXCP_RESET || 298 excp == POWERPC_EXCP_HV_MAINT) { 299 /* SRESET, MCE, HMI never apply AIL */ 300 return; 301 } 302 303 if (!(pcc->lpcr_mask & LPCR_AIL)) { 304 /* This CPU does not have AIL */ 305 return; 306 } 307 308 /* P8 & P9 */ 309 if (!(pcc->lpcr_mask & LPCR_HAIL)) { 310 if (!mmu_all_on) { 311 /* AIL only works if MSR[IR] and MSR[DR] are both enabled. */ 312 return; 313 } 314 if (hv_escalation && !(env->spr[SPR_LPCR] & LPCR_HR)) { 315 /* 316 * AIL does not work if there is a MSR[HV] 0->1 transition and the 317 * partition is in HPT mode. For radix guests, such interrupts are 318 * allowed to be delivered to the hypervisor in ail mode. 319 */ 320 return; 321 } 322 323 ail = (env->spr[SPR_LPCR] & LPCR_AIL) >> LPCR_AIL_SHIFT; 324 if (ail == 0) { 325 return; 326 } 327 if (ail == 1) { 328 /* AIL=1 is reserved, treat it like AIL=0 */ 329 return; 330 } 331 332 /* P10 and up */ 333 } else { 334 if (!mmu_all_on && !hv_escalation) { 335 /* 336 * AIL works for HV interrupts even with guest MSR[IR/DR] disabled. 337 * Guest->guest and HV->HV interrupts do require MMU on. 338 */ 339 return; 340 } 341 342 if (*new_msr & MSR_HVB) { 343 if (!(env->spr[SPR_LPCR] & LPCR_HAIL)) { 344 /* HV interrupts depend on LPCR[HAIL] */ 345 return; 346 } 347 ail = 3; /* HAIL=1 gives AIL=3 behaviour for HV interrupts */ 348 } else { 349 ail = (env->spr[SPR_LPCR] & LPCR_AIL) >> LPCR_AIL_SHIFT; 350 } 351 if (ail == 0) { 352 return; 353 } 354 if (ail == 1 || ail == 2) { 355 /* AIL=1 and AIL=2 are reserved, treat them like AIL=0 */ 356 return; 357 } 358 } 359 360 /* 361 * AIL applies, so the new MSR gets IR and DR set, and an offset applied 362 * to the new IP. 363 */ 364 *new_msr |= (1 << MSR_IR) | (1 << MSR_DR); 365 366 if (excp != POWERPC_EXCP_SYSCALL_VECTORED) { 367 if (ail == 2) { 368 *vector |= 0x0000000000018000ull; 369 } else if (ail == 3) { 370 *vector |= 0xc000000000004000ull; 371 } 372 } else { 373 /* 374 * scv AIL is a little different. AIL=2 does not change the address, 375 * only the MSR. AIL=3 replaces the 0x17000 base with 0xc...3000. 376 */ 377 if (ail == 3) { 378 *vector &= ~0x0000000000017000ull; /* Un-apply the base offset */ 379 *vector |= 0xc000000000003000ull; /* Apply scv's AIL=3 offset */ 380 } 381 } 382 } 383 #endif /* TARGET_PPC64 */ 384 385 static void powerpc_reset_excp_state(PowerPCCPU *cpu) 386 { 387 CPUState *cs = CPU(cpu); 388 CPUPPCState *env = &cpu->env; 389 390 /* Reset exception state */ 391 cs->exception_index = POWERPC_EXCP_NONE; 392 env->error_code = 0; 393 } 394 395 static void powerpc_set_excp_state(PowerPCCPU *cpu, target_ulong vector, 396 target_ulong msr) 397 { 398 CPUPPCState *env = &cpu->env; 399 400 assert((msr & env->msr_mask) == msr); 401 402 /* 403 * We don't use hreg_store_msr here as already have treated any 404 * special case that could occur. Just store MSR and update hflags 405 * 406 * Note: We *MUST* not use hreg_store_msr() as-is anyway because it will 407 * prevent setting of the HV bit which some exceptions might need to do. 408 */ 409 env->nip = vector; 410 env->msr = msr; 411 hreg_compute_hflags(env); 412 ppc_maybe_interrupt(env); 413 414 powerpc_reset_excp_state(cpu); 415 416 /* 417 * Any interrupt is context synchronizing, check if TCG TLB needs 418 * a delayed flush on ppc64 419 */ 420 check_tlb_flush(env, false); 421 422 /* Reset the reservation */ 423 env->reserve_addr = -1; 424 } 425 426 static void powerpc_mcheck_checkstop(CPUPPCState *env) 427 { 428 CPUState *cs = env_cpu(env); 429 430 if (FIELD_EX64(env->msr, MSR, ME)) { 431 return; 432 } 433 434 /* Machine check exception is not enabled. Enter checkstop state. */ 435 fprintf(stderr, "Machine check while not allowed. " 436 "Entering checkstop state\n"); 437 if (qemu_log_separate()) { 438 qemu_log("Machine check while not allowed. " 439 "Entering checkstop state\n"); 440 } 441 cs->halted = 1; 442 cpu_interrupt_exittb(cs); 443 } 444 445 static void powerpc_excp_40x(PowerPCCPU *cpu, int excp) 446 { 447 CPUPPCState *env = &cpu->env; 448 target_ulong msr, new_msr, vector; 449 int srr0 = SPR_SRR0, srr1 = SPR_SRR1; 450 451 /* new srr1 value excluding must-be-zero bits */ 452 msr = env->msr & ~0x783f0000ULL; 453 454 /* new interrupt handler msr preserves ME unless explicitly overridden */ 455 new_msr = env->msr & (((target_ulong)1 << MSR_ME)); 456 457 /* HV emu assistance interrupt only exists on server arch 2.05 or later */ 458 if (excp == POWERPC_EXCP_HV_EMU) { 459 excp = POWERPC_EXCP_PROGRAM; 460 } 461 462 vector = env->excp_vectors[excp]; 463 if (vector == (target_ulong)-1ULL) { 464 cpu_abort(env_cpu(env), 465 "Raised an exception without defined vector %d\n", excp); 466 } 467 vector |= env->excp_prefix; 468 469 switch (excp) { 470 case POWERPC_EXCP_CRITICAL: /* Critical input */ 471 srr0 = SPR_40x_SRR2; 472 srr1 = SPR_40x_SRR3; 473 break; 474 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 475 powerpc_mcheck_checkstop(env); 476 /* machine check exceptions don't have ME set */ 477 new_msr &= ~((target_ulong)1 << MSR_ME); 478 srr0 = SPR_40x_SRR2; 479 srr1 = SPR_40x_SRR3; 480 break; 481 case POWERPC_EXCP_DSI: /* Data storage exception */ 482 trace_ppc_excp_dsi(env->spr[SPR_40x_ESR], env->spr[SPR_40x_DEAR]); 483 break; 484 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 485 trace_ppc_excp_isi(msr, env->nip); 486 break; 487 case POWERPC_EXCP_EXTERNAL: /* External input */ 488 break; 489 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 490 break; 491 case POWERPC_EXCP_PROGRAM: /* Program exception */ 492 switch (env->error_code & ~0xF) { 493 case POWERPC_EXCP_FP: 494 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 495 trace_ppc_excp_fp_ignore(); 496 powerpc_reset_excp_state(cpu); 497 return; 498 } 499 env->spr[SPR_40x_ESR] = ESR_FP; 500 break; 501 case POWERPC_EXCP_INVAL: 502 trace_ppc_excp_inval(env->nip); 503 env->spr[SPR_40x_ESR] = ESR_PIL; 504 break; 505 case POWERPC_EXCP_PRIV: 506 env->spr[SPR_40x_ESR] = ESR_PPR; 507 break; 508 case POWERPC_EXCP_TRAP: 509 env->spr[SPR_40x_ESR] = ESR_PTR; 510 break; 511 default: 512 cpu_abort(env_cpu(env), "Invalid program exception %d. Aborting\n", 513 env->error_code); 514 break; 515 } 516 break; 517 case POWERPC_EXCP_SYSCALL: /* System call exception */ 518 dump_syscall(env); 519 520 /* 521 * We need to correct the NIP which in this case is supposed 522 * to point to the next instruction 523 */ 524 env->nip += 4; 525 break; 526 case POWERPC_EXCP_FIT: /* Fixed-interval timer interrupt */ 527 trace_ppc_excp_print("FIT"); 528 break; 529 case POWERPC_EXCP_WDT: /* Watchdog timer interrupt */ 530 trace_ppc_excp_print("WDT"); 531 break; 532 case POWERPC_EXCP_DTLB: /* Data TLB error */ 533 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 534 break; 535 case POWERPC_EXCP_PIT: /* Programmable interval timer interrupt */ 536 trace_ppc_excp_print("PIT"); 537 break; 538 case POWERPC_EXCP_DEBUG: /* Debug interrupt */ 539 cpu_abort(env_cpu(env), "%s exception not implemented\n", 540 powerpc_excp_name(excp)); 541 break; 542 default: 543 cpu_abort(env_cpu(env), "Invalid PowerPC exception %d. Aborting\n", 544 excp); 545 break; 546 } 547 548 env->spr[srr0] = env->nip; 549 env->spr[srr1] = msr; 550 powerpc_set_excp_state(cpu, vector, new_msr); 551 } 552 553 static void powerpc_excp_6xx(PowerPCCPU *cpu, int excp) 554 { 555 CPUPPCState *env = &cpu->env; 556 target_ulong msr, new_msr, vector; 557 558 /* new srr1 value excluding must-be-zero bits */ 559 msr = env->msr & ~0x783f0000ULL; 560 561 /* new interrupt handler msr preserves ME unless explicitly overridden */ 562 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 563 564 /* HV emu assistance interrupt only exists on server arch 2.05 or later */ 565 if (excp == POWERPC_EXCP_HV_EMU) { 566 excp = POWERPC_EXCP_PROGRAM; 567 } 568 569 vector = env->excp_vectors[excp]; 570 if (vector == (target_ulong)-1ULL) { 571 cpu_abort(env_cpu(env), 572 "Raised an exception without defined vector %d\n", excp); 573 } 574 vector |= env->excp_prefix; 575 576 switch (excp) { 577 case POWERPC_EXCP_CRITICAL: /* Critical input */ 578 break; 579 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 580 powerpc_mcheck_checkstop(env); 581 /* machine check exceptions don't have ME set */ 582 new_msr &= ~((target_ulong)1 << MSR_ME); 583 break; 584 case POWERPC_EXCP_DSI: /* Data storage exception */ 585 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 586 break; 587 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 588 trace_ppc_excp_isi(msr, env->nip); 589 msr |= env->error_code; 590 break; 591 case POWERPC_EXCP_EXTERNAL: /* External input */ 592 break; 593 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 594 /* Get rS/rD and rA from faulting opcode */ 595 /* 596 * Note: the opcode fields will not be set properly for a 597 * direct store load/store, but nobody cares as nobody 598 * actually uses direct store segments. 599 */ 600 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 601 break; 602 case POWERPC_EXCP_PROGRAM: /* Program exception */ 603 switch (env->error_code & ~0xF) { 604 case POWERPC_EXCP_FP: 605 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 606 trace_ppc_excp_fp_ignore(); 607 powerpc_reset_excp_state(cpu); 608 return; 609 } 610 /* 611 * NIP always points to the faulting instruction for FP exceptions, 612 * so always use store_next and claim we are precise in the MSR. 613 */ 614 msr |= 0x00100000; 615 break; 616 case POWERPC_EXCP_INVAL: 617 trace_ppc_excp_inval(env->nip); 618 msr |= 0x00080000; 619 break; 620 case POWERPC_EXCP_PRIV: 621 msr |= 0x00040000; 622 break; 623 case POWERPC_EXCP_TRAP: 624 msr |= 0x00020000; 625 break; 626 default: 627 /* Should never occur */ 628 cpu_abort(env_cpu(env), "Invalid program exception %d. Aborting\n", 629 env->error_code); 630 break; 631 } 632 break; 633 case POWERPC_EXCP_SYSCALL: /* System call exception */ 634 dump_syscall(env); 635 636 /* 637 * We need to correct the NIP which in this case is supposed 638 * to point to the next instruction 639 */ 640 env->nip += 4; 641 break; 642 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 643 case POWERPC_EXCP_DECR: /* Decrementer exception */ 644 break; 645 case POWERPC_EXCP_DTLB: /* Data TLB error */ 646 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 647 break; 648 case POWERPC_EXCP_RESET: /* System reset exception */ 649 if (FIELD_EX64(env->msr, MSR, POW)) { 650 cpu_abort(env_cpu(env), 651 "Trying to deliver power-saving system reset exception " 652 "%d with no HV support\n", excp); 653 } 654 break; 655 case POWERPC_EXCP_TRACE: /* Trace exception */ 656 break; 657 case POWERPC_EXCP_IFTLB: /* Instruction fetch TLB error */ 658 case POWERPC_EXCP_DLTLB: /* Data load TLB miss */ 659 case POWERPC_EXCP_DSTLB: /* Data store TLB miss */ 660 /* Swap temporary saved registers with GPRs */ 661 if (!(new_msr & ((target_ulong)1 << MSR_TGPR))) { 662 new_msr |= (target_ulong)1 << MSR_TGPR; 663 hreg_swap_gpr_tgpr(env); 664 } 665 666 ppc_excp_debug_sw_tlb(env, excp); 667 668 msr |= env->crf[0] << 28; 669 msr |= env->error_code; /* key, D/I, S/L bits */ 670 /* Set way using a LRU mechanism */ 671 msr |= ((env->last_way + 1) & (env->nb_ways - 1)) << 17; 672 break; 673 case POWERPC_EXCP_FPA: /* Floating-point assist exception */ 674 case POWERPC_EXCP_DABR: /* Data address breakpoint */ 675 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 676 case POWERPC_EXCP_SMI: /* System management interrupt */ 677 case POWERPC_EXCP_MEXTBR: /* Maskable external breakpoint */ 678 case POWERPC_EXCP_NMEXTBR: /* Non maskable external breakpoint */ 679 cpu_abort(env_cpu(env), "%s exception not implemented\n", 680 powerpc_excp_name(excp)); 681 break; 682 default: 683 cpu_abort(env_cpu(env), "Invalid PowerPC exception %d. Aborting\n", 684 excp); 685 break; 686 } 687 688 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 689 new_msr |= (target_ulong)1 << MSR_LE; 690 } 691 env->spr[SPR_SRR0] = env->nip; 692 env->spr[SPR_SRR1] = msr; 693 powerpc_set_excp_state(cpu, vector, new_msr); 694 } 695 696 static void powerpc_excp_7xx(PowerPCCPU *cpu, int excp) 697 { 698 CPUPPCState *env = &cpu->env; 699 target_ulong msr, new_msr, vector; 700 701 /* new srr1 value excluding must-be-zero bits */ 702 msr = env->msr & ~0x783f0000ULL; 703 704 /* new interrupt handler msr preserves ME unless explicitly overridden */ 705 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 706 707 /* HV emu assistance interrupt only exists on server arch 2.05 or later */ 708 if (excp == POWERPC_EXCP_HV_EMU) { 709 excp = POWERPC_EXCP_PROGRAM; 710 } 711 712 vector = env->excp_vectors[excp]; 713 if (vector == (target_ulong)-1ULL) { 714 cpu_abort(env_cpu(env), 715 "Raised an exception without defined vector %d\n", excp); 716 } 717 vector |= env->excp_prefix; 718 719 switch (excp) { 720 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 721 powerpc_mcheck_checkstop(env); 722 /* machine check exceptions don't have ME set */ 723 new_msr &= ~((target_ulong)1 << MSR_ME); 724 break; 725 case POWERPC_EXCP_DSI: /* Data storage exception */ 726 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 727 break; 728 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 729 trace_ppc_excp_isi(msr, env->nip); 730 msr |= env->error_code; 731 break; 732 case POWERPC_EXCP_EXTERNAL: /* External input */ 733 break; 734 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 735 /* Get rS/rD and rA from faulting opcode */ 736 /* 737 * Note: the opcode fields will not be set properly for a 738 * direct store load/store, but nobody cares as nobody 739 * actually uses direct store segments. 740 */ 741 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 742 break; 743 case POWERPC_EXCP_PROGRAM: /* Program exception */ 744 switch (env->error_code & ~0xF) { 745 case POWERPC_EXCP_FP: 746 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 747 trace_ppc_excp_fp_ignore(); 748 powerpc_reset_excp_state(cpu); 749 return; 750 } 751 /* 752 * NIP always points to the faulting instruction for FP exceptions, 753 * so always use store_next and claim we are precise in the MSR. 754 */ 755 msr |= 0x00100000; 756 break; 757 case POWERPC_EXCP_INVAL: 758 trace_ppc_excp_inval(env->nip); 759 msr |= 0x00080000; 760 break; 761 case POWERPC_EXCP_PRIV: 762 msr |= 0x00040000; 763 break; 764 case POWERPC_EXCP_TRAP: 765 msr |= 0x00020000; 766 break; 767 default: 768 /* Should never occur */ 769 cpu_abort(env_cpu(env), "Invalid program exception %d. Aborting\n", 770 env->error_code); 771 break; 772 } 773 break; 774 case POWERPC_EXCP_SYSCALL: /* System call exception */ 775 { 776 int lev = env->error_code; 777 778 if (lev == 1 && cpu->vhyp) { 779 dump_hcall(env); 780 } else { 781 dump_syscall(env); 782 } 783 784 /* 785 * We need to correct the NIP which in this case is supposed 786 * to point to the next instruction 787 */ 788 env->nip += 4; 789 790 /* 791 * The Virtual Open Firmware (VOF) relies on the 'sc 1' 792 * instruction to communicate with QEMU. The pegasos2 machine 793 * uses VOF and the 7xx CPUs, so although the 7xx don't have 794 * HV mode, we need to keep hypercall support. 795 */ 796 if (lev == 1 && cpu->vhyp) { 797 cpu->vhyp_class->hypercall(cpu->vhyp, cpu); 798 powerpc_reset_excp_state(cpu); 799 return; 800 } 801 802 break; 803 } 804 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 805 case POWERPC_EXCP_DECR: /* Decrementer exception */ 806 break; 807 case POWERPC_EXCP_RESET: /* System reset exception */ 808 if (FIELD_EX64(env->msr, MSR, POW)) { 809 cpu_abort(env_cpu(env), 810 "Trying to deliver power-saving system reset exception " 811 "%d with no HV support\n", excp); 812 } 813 break; 814 case POWERPC_EXCP_TRACE: /* Trace exception */ 815 break; 816 case POWERPC_EXCP_IFTLB: /* Instruction fetch TLB error */ 817 case POWERPC_EXCP_DLTLB: /* Data load TLB miss */ 818 case POWERPC_EXCP_DSTLB: /* Data store TLB miss */ 819 ppc_excp_debug_sw_tlb(env, excp); 820 msr |= env->crf[0] << 28; 821 msr |= env->error_code; /* key, D/I, S/L bits */ 822 /* Set way using a LRU mechanism */ 823 msr |= ((env->last_way + 1) & (env->nb_ways - 1)) << 17; 824 break; 825 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 826 case POWERPC_EXCP_SMI: /* System management interrupt */ 827 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 828 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 829 cpu_abort(env_cpu(env), "%s exception not implemented\n", 830 powerpc_excp_name(excp)); 831 break; 832 default: 833 cpu_abort(env_cpu(env), "Invalid PowerPC exception %d. Aborting\n", 834 excp); 835 break; 836 } 837 838 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 839 new_msr |= (target_ulong)1 << MSR_LE; 840 } 841 env->spr[SPR_SRR0] = env->nip; 842 env->spr[SPR_SRR1] = msr; 843 powerpc_set_excp_state(cpu, vector, new_msr); 844 } 845 846 static void powerpc_excp_74xx(PowerPCCPU *cpu, int excp) 847 { 848 CPUPPCState *env = &cpu->env; 849 target_ulong msr, new_msr, vector; 850 851 /* new srr1 value excluding must-be-zero bits */ 852 msr = env->msr & ~0x783f0000ULL; 853 854 /* new interrupt handler msr preserves ME unless explicitly overridden */ 855 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 856 857 /* HV emu assistance interrupt only exists on server arch 2.05 or later */ 858 if (excp == POWERPC_EXCP_HV_EMU) { 859 excp = POWERPC_EXCP_PROGRAM; 860 } 861 862 vector = env->excp_vectors[excp]; 863 if (vector == (target_ulong)-1ULL) { 864 cpu_abort(env_cpu(env), 865 "Raised an exception without defined vector %d\n", excp); 866 } 867 vector |= env->excp_prefix; 868 869 switch (excp) { 870 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 871 powerpc_mcheck_checkstop(env); 872 /* machine check exceptions don't have ME set */ 873 new_msr &= ~((target_ulong)1 << MSR_ME); 874 break; 875 case POWERPC_EXCP_DSI: /* Data storage exception */ 876 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 877 break; 878 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 879 trace_ppc_excp_isi(msr, env->nip); 880 msr |= env->error_code; 881 break; 882 case POWERPC_EXCP_EXTERNAL: /* External input */ 883 break; 884 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 885 /* Get rS/rD and rA from faulting opcode */ 886 /* 887 * Note: the opcode fields will not be set properly for a 888 * direct store load/store, but nobody cares as nobody 889 * actually uses direct store segments. 890 */ 891 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 892 break; 893 case POWERPC_EXCP_PROGRAM: /* Program exception */ 894 switch (env->error_code & ~0xF) { 895 case POWERPC_EXCP_FP: 896 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 897 trace_ppc_excp_fp_ignore(); 898 powerpc_reset_excp_state(cpu); 899 return; 900 } 901 /* 902 * NIP always points to the faulting instruction for FP exceptions, 903 * so always use store_next and claim we are precise in the MSR. 904 */ 905 msr |= 0x00100000; 906 break; 907 case POWERPC_EXCP_INVAL: 908 trace_ppc_excp_inval(env->nip); 909 msr |= 0x00080000; 910 break; 911 case POWERPC_EXCP_PRIV: 912 msr |= 0x00040000; 913 break; 914 case POWERPC_EXCP_TRAP: 915 msr |= 0x00020000; 916 break; 917 default: 918 /* Should never occur */ 919 cpu_abort(env_cpu(env), "Invalid program exception %d. Aborting\n", 920 env->error_code); 921 break; 922 } 923 break; 924 case POWERPC_EXCP_SYSCALL: /* System call exception */ 925 { 926 int lev = env->error_code; 927 928 if (lev == 1 && cpu->vhyp) { 929 dump_hcall(env); 930 } else { 931 dump_syscall(env); 932 } 933 934 /* 935 * We need to correct the NIP which in this case is supposed 936 * to point to the next instruction 937 */ 938 env->nip += 4; 939 940 /* 941 * The Virtual Open Firmware (VOF) relies on the 'sc 1' 942 * instruction to communicate with QEMU. The pegasos2 machine 943 * uses VOF and the 74xx CPUs, so although the 74xx don't have 944 * HV mode, we need to keep hypercall support. 945 */ 946 if (lev == 1 && cpu->vhyp) { 947 cpu->vhyp_class->hypercall(cpu->vhyp, cpu); 948 powerpc_reset_excp_state(cpu); 949 return; 950 } 951 952 break; 953 } 954 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 955 case POWERPC_EXCP_DECR: /* Decrementer exception */ 956 break; 957 case POWERPC_EXCP_RESET: /* System reset exception */ 958 if (FIELD_EX64(env->msr, MSR, POW)) { 959 cpu_abort(env_cpu(env), 960 "Trying to deliver power-saving system reset " 961 "exception %d with no HV support\n", excp); 962 } 963 break; 964 case POWERPC_EXCP_TRACE: /* Trace exception */ 965 break; 966 case POWERPC_EXCP_VPU: /* Vector unavailable exception */ 967 break; 968 case POWERPC_EXCP_IABR: /* Instruction address breakpoint */ 969 case POWERPC_EXCP_SMI: /* System management interrupt */ 970 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 971 case POWERPC_EXCP_PERFM: /* Embedded performance monitor interrupt */ 972 case POWERPC_EXCP_VPUA: /* Vector assist exception */ 973 cpu_abort(env_cpu(env), "%s exception not implemented\n", 974 powerpc_excp_name(excp)); 975 break; 976 default: 977 cpu_abort(env_cpu(env), "Invalid PowerPC exception %d. Aborting\n", 978 excp); 979 break; 980 } 981 982 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 983 new_msr |= (target_ulong)1 << MSR_LE; 984 } 985 env->spr[SPR_SRR0] = env->nip; 986 env->spr[SPR_SRR1] = msr; 987 powerpc_set_excp_state(cpu, vector, new_msr); 988 } 989 990 static void powerpc_excp_booke(PowerPCCPU *cpu, int excp) 991 { 992 CPUPPCState *env = &cpu->env; 993 target_ulong msr, new_msr, vector; 994 int srr0 = SPR_SRR0, srr1 = SPR_SRR1; 995 996 /* 997 * Book E does not play games with certain bits of xSRR1 being MSR save 998 * bits and others being error status. xSRR1 is the old MSR, period. 999 */ 1000 msr = env->msr; 1001 1002 /* new interrupt handler msr preserves ME unless explicitly overridden */ 1003 new_msr = env->msr & ((target_ulong)1 << MSR_ME); 1004 1005 /* HV emu assistance interrupt only exists on server arch 2.05 or later */ 1006 if (excp == POWERPC_EXCP_HV_EMU) { 1007 excp = POWERPC_EXCP_PROGRAM; 1008 } 1009 1010 #ifdef TARGET_PPC64 1011 /* 1012 * SPEU and VPU share the same IVOR but they exist in different 1013 * processors. SPEU is e500v1/2 only and VPU is e6500 only. 1014 */ 1015 if (excp == POWERPC_EXCP_VPU) { 1016 excp = POWERPC_EXCP_SPEU; 1017 } 1018 #endif 1019 1020 vector = env->excp_vectors[excp]; 1021 if (vector == (target_ulong)-1ULL) { 1022 cpu_abort(env_cpu(env), 1023 "Raised an exception without defined vector %d\n", excp); 1024 } 1025 vector |= env->excp_prefix; 1026 1027 switch (excp) { 1028 case POWERPC_EXCP_CRITICAL: /* Critical input */ 1029 srr0 = SPR_BOOKE_CSRR0; 1030 srr1 = SPR_BOOKE_CSRR1; 1031 break; 1032 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 1033 powerpc_mcheck_checkstop(env); 1034 /* machine check exceptions don't have ME set */ 1035 new_msr &= ~((target_ulong)1 << MSR_ME); 1036 1037 /* FIXME: choose one or the other based on CPU type */ 1038 srr0 = SPR_BOOKE_MCSRR0; 1039 srr1 = SPR_BOOKE_MCSRR1; 1040 1041 env->spr[SPR_BOOKE_CSRR0] = env->nip; 1042 env->spr[SPR_BOOKE_CSRR1] = msr; 1043 1044 break; 1045 case POWERPC_EXCP_DSI: /* Data storage exception */ 1046 trace_ppc_excp_dsi(env->spr[SPR_BOOKE_ESR], env->spr[SPR_BOOKE_DEAR]); 1047 break; 1048 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 1049 trace_ppc_excp_isi(msr, env->nip); 1050 break; 1051 case POWERPC_EXCP_EXTERNAL: /* External input */ 1052 if (env->mpic_proxy) { 1053 CPUState *cs = env_cpu(env); 1054 /* IACK the IRQ on delivery */ 1055 env->spr[SPR_BOOKE_EPR] = ldl_phys(cs->as, env->mpic_iack); 1056 } 1057 break; 1058 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 1059 break; 1060 case POWERPC_EXCP_PROGRAM: /* Program exception */ 1061 switch (env->error_code & ~0xF) { 1062 case POWERPC_EXCP_FP: 1063 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 1064 trace_ppc_excp_fp_ignore(); 1065 powerpc_reset_excp_state(cpu); 1066 return; 1067 } 1068 /* 1069 * NIP always points to the faulting instruction for FP exceptions, 1070 * so always use store_next and claim we are precise in the MSR. 1071 */ 1072 msr |= 0x00100000; 1073 env->spr[SPR_BOOKE_ESR] = ESR_FP; 1074 break; 1075 case POWERPC_EXCP_INVAL: 1076 trace_ppc_excp_inval(env->nip); 1077 msr |= 0x00080000; 1078 env->spr[SPR_BOOKE_ESR] = ESR_PIL; 1079 break; 1080 case POWERPC_EXCP_PRIV: 1081 msr |= 0x00040000; 1082 env->spr[SPR_BOOKE_ESR] = ESR_PPR; 1083 break; 1084 case POWERPC_EXCP_TRAP: 1085 msr |= 0x00020000; 1086 env->spr[SPR_BOOKE_ESR] = ESR_PTR; 1087 break; 1088 default: 1089 /* Should never occur */ 1090 cpu_abort(env_cpu(env), "Invalid program exception %d. Aborting\n", 1091 env->error_code); 1092 break; 1093 } 1094 break; 1095 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1096 dump_syscall(env); 1097 1098 /* 1099 * We need to correct the NIP which in this case is supposed 1100 * to point to the next instruction 1101 */ 1102 env->nip += 4; 1103 break; 1104 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1105 case POWERPC_EXCP_APU: /* Auxiliary processor unavailable */ 1106 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1107 break; 1108 case POWERPC_EXCP_FIT: /* Fixed-interval timer interrupt */ 1109 /* FIT on 4xx */ 1110 trace_ppc_excp_print("FIT"); 1111 break; 1112 case POWERPC_EXCP_WDT: /* Watchdog timer interrupt */ 1113 trace_ppc_excp_print("WDT"); 1114 srr0 = SPR_BOOKE_CSRR0; 1115 srr1 = SPR_BOOKE_CSRR1; 1116 break; 1117 case POWERPC_EXCP_DTLB: /* Data TLB error */ 1118 case POWERPC_EXCP_ITLB: /* Instruction TLB error */ 1119 break; 1120 case POWERPC_EXCP_DEBUG: /* Debug interrupt */ 1121 if (env->flags & POWERPC_FLAG_DE) { 1122 /* FIXME: choose one or the other based on CPU type */ 1123 srr0 = SPR_BOOKE_DSRR0; 1124 srr1 = SPR_BOOKE_DSRR1; 1125 1126 env->spr[SPR_BOOKE_CSRR0] = env->nip; 1127 env->spr[SPR_BOOKE_CSRR1] = msr; 1128 1129 /* DBSR already modified by caller */ 1130 } else { 1131 cpu_abort(env_cpu(env), 1132 "Debug exception triggered on unsupported model\n"); 1133 } 1134 break; 1135 case POWERPC_EXCP_SPEU: /* SPE/embedded floating-point unavailable/VPU */ 1136 env->spr[SPR_BOOKE_ESR] = ESR_SPV; 1137 break; 1138 case POWERPC_EXCP_DOORI: /* Embedded doorbell interrupt */ 1139 break; 1140 case POWERPC_EXCP_DOORCI: /* Embedded doorbell critical interrupt */ 1141 srr0 = SPR_BOOKE_CSRR0; 1142 srr1 = SPR_BOOKE_CSRR1; 1143 break; 1144 case POWERPC_EXCP_RESET: /* System reset exception */ 1145 if (FIELD_EX64(env->msr, MSR, POW)) { 1146 cpu_abort(env_cpu(env), 1147 "Trying to deliver power-saving system reset " 1148 "exception %d with no HV support\n", excp); 1149 } 1150 break; 1151 case POWERPC_EXCP_EFPDI: /* Embedded floating-point data interrupt */ 1152 case POWERPC_EXCP_EFPRI: /* Embedded floating-point round interrupt */ 1153 cpu_abort(env_cpu(env), "%s exception not implemented\n", 1154 powerpc_excp_name(excp)); 1155 break; 1156 default: 1157 cpu_abort(env_cpu(env), "Invalid PowerPC exception %d. Aborting\n", 1158 excp); 1159 break; 1160 } 1161 1162 #ifdef TARGET_PPC64 1163 if (env->spr[SPR_BOOKE_EPCR] & EPCR_ICM) { 1164 /* Cat.64-bit: EPCR.ICM is copied to MSR.CM */ 1165 new_msr |= (target_ulong)1 << MSR_CM; 1166 } else { 1167 vector = (uint32_t)vector; 1168 } 1169 #endif 1170 1171 env->spr[srr0] = env->nip; 1172 env->spr[srr1] = msr; 1173 powerpc_set_excp_state(cpu, vector, new_msr); 1174 } 1175 1176 /* 1177 * When running a nested HV guest under vhyp, external interrupts are 1178 * delivered as HVIRT. 1179 */ 1180 static bool books_vhyp_promotes_external_to_hvirt(PowerPCCPU *cpu) 1181 { 1182 if (cpu->vhyp) { 1183 return vhyp_cpu_in_nested(cpu); 1184 } 1185 return false; 1186 } 1187 1188 #ifdef TARGET_PPC64 1189 /* 1190 * When running under vhyp, hcalls are always intercepted and sent to the 1191 * vhc->hypercall handler. 1192 */ 1193 static bool books_vhyp_handles_hcall(PowerPCCPU *cpu) 1194 { 1195 if (cpu->vhyp) { 1196 return !vhyp_cpu_in_nested(cpu); 1197 } 1198 return false; 1199 } 1200 1201 /* 1202 * When running a nested KVM HV guest under vhyp, HV exceptions are not 1203 * delivered to the guest (because there is no concept of HV support), but 1204 * rather they are sent to the vhyp to exit from the L2 back to the L1 and 1205 * return from the H_ENTER_NESTED hypercall. 1206 */ 1207 static bool books_vhyp_handles_hv_excp(PowerPCCPU *cpu) 1208 { 1209 if (cpu->vhyp) { 1210 return vhyp_cpu_in_nested(cpu); 1211 } 1212 return false; 1213 } 1214 1215 #ifdef CONFIG_TCG 1216 static bool is_prefix_insn(CPUPPCState *env, uint32_t insn) 1217 { 1218 if (!(env->insns_flags2 & PPC2_ISA310)) { 1219 return false; 1220 } 1221 return ((insn & 0xfc000000) == 0x04000000); 1222 } 1223 1224 static bool is_prefix_insn_excp(PowerPCCPU *cpu, int excp) 1225 { 1226 CPUPPCState *env = &cpu->env; 1227 1228 if (!(env->insns_flags2 & PPC2_ISA310)) { 1229 return false; 1230 } 1231 1232 if (!tcg_enabled()) { 1233 /* 1234 * This does not load instructions and set the prefix bit correctly 1235 * for injected interrupts with KVM. That may have to be discovered 1236 * and set by the KVM layer before injecting. 1237 */ 1238 return false; 1239 } 1240 1241 switch (excp) { 1242 case POWERPC_EXCP_MCHECK: 1243 if (!(env->error_code & PPC_BIT(42))) { 1244 /* 1245 * Fetch attempt caused a machine check, so attempting to fetch 1246 * again would cause a recursive machine check. 1247 */ 1248 return false; 1249 } 1250 break; 1251 case POWERPC_EXCP_HDSI: 1252 /* HDSI PRTABLE_FAULT has the originating access type in error_code */ 1253 if ((env->spr[SPR_HDSISR] & DSISR_PRTABLE_FAULT) && 1254 (env->error_code == MMU_INST_FETCH)) { 1255 /* 1256 * Fetch failed due to partition scope translation, so prefix 1257 * indication is not relevant (and attempting to load the 1258 * instruction at NIP would cause recursive faults with the same 1259 * translation). 1260 */ 1261 return false; 1262 } 1263 break; 1264 1265 case POWERPC_EXCP_DSI: 1266 case POWERPC_EXCP_DSEG: 1267 case POWERPC_EXCP_ALIGN: 1268 case POWERPC_EXCP_PROGRAM: 1269 case POWERPC_EXCP_FPU: 1270 case POWERPC_EXCP_TRACE: 1271 case POWERPC_EXCP_HV_EMU: 1272 case POWERPC_EXCP_VPU: 1273 case POWERPC_EXCP_VSXU: 1274 case POWERPC_EXCP_FU: 1275 case POWERPC_EXCP_HV_FU: 1276 break; 1277 default: 1278 return false; 1279 } 1280 1281 return is_prefix_insn(env, ppc_ldl_code(env, env->nip)); 1282 } 1283 #else 1284 static bool is_prefix_insn_excp(PowerPCCPU *cpu, int excp) 1285 { 1286 return false; 1287 } 1288 #endif 1289 1290 static void powerpc_excp_books(PowerPCCPU *cpu, int excp) 1291 { 1292 CPUPPCState *env = &cpu->env; 1293 target_ulong msr, new_msr, vector; 1294 int srr0 = SPR_SRR0, srr1 = SPR_SRR1, lev = -1; 1295 1296 /* new srr1 value excluding must-be-zero bits */ 1297 msr = env->msr & ~0x783f0000ULL; 1298 1299 /* 1300 * new interrupt handler msr preserves HV and ME unless explicitly 1301 * overridden 1302 */ 1303 new_msr = env->msr & (((target_ulong)1 << MSR_ME) | MSR_HVB); 1304 1305 /* 1306 * check for special resume at 0x100 from doze/nap/sleep/winkle on 1307 * P7/P8/P9 1308 */ 1309 if (env->resume_as_sreset) { 1310 excp = powerpc_reset_wakeup(env, excp, &msr); 1311 } 1312 1313 /* 1314 * We don't want to generate a Hypervisor Emulation Assistance 1315 * Interrupt if we don't have HVB in msr_mask (PAPR mode), 1316 * unless running a nested-hv guest, in which case the L1 1317 * kernel wants the interrupt. 1318 */ 1319 if (excp == POWERPC_EXCP_HV_EMU && !(env->msr_mask & MSR_HVB) && 1320 !books_vhyp_handles_hv_excp(cpu)) { 1321 excp = POWERPC_EXCP_PROGRAM; 1322 } 1323 1324 vector = env->excp_vectors[excp]; 1325 if (vector == (target_ulong)-1ULL) { 1326 cpu_abort(env_cpu(env), 1327 "Raised an exception without defined vector %d\n", excp); 1328 } 1329 vector |= env->excp_prefix; 1330 1331 if (is_prefix_insn_excp(cpu, excp)) { 1332 msr |= PPC_BIT(34); 1333 } 1334 1335 switch (excp) { 1336 case POWERPC_EXCP_MCHECK: /* Machine check exception */ 1337 powerpc_mcheck_checkstop(env); 1338 if (env->msr_mask & MSR_HVB) { 1339 /* 1340 * ISA specifies HV, but can be delivered to guest with HV 1341 * clear (e.g., see FWNMI in PAPR). 1342 */ 1343 new_msr |= (target_ulong)MSR_HVB; 1344 1345 /* HV machine check exceptions don't have ME set */ 1346 new_msr &= ~((target_ulong)1 << MSR_ME); 1347 } 1348 1349 msr |= env->error_code; 1350 break; 1351 1352 case POWERPC_EXCP_DSI: /* Data storage exception */ 1353 trace_ppc_excp_dsi(env->spr[SPR_DSISR], env->spr[SPR_DAR]); 1354 break; 1355 case POWERPC_EXCP_ISI: /* Instruction storage exception */ 1356 trace_ppc_excp_isi(msr, env->nip); 1357 msr |= env->error_code; 1358 break; 1359 case POWERPC_EXCP_EXTERNAL: /* External input */ 1360 { 1361 bool lpes0; 1362 1363 /* LPES0 is only taken into consideration if we support HV mode */ 1364 if (!env->has_hv_mode) { 1365 break; 1366 } 1367 lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1368 if (!lpes0) { 1369 new_msr |= (target_ulong)MSR_HVB; 1370 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1371 srr0 = SPR_HSRR0; 1372 srr1 = SPR_HSRR1; 1373 } 1374 break; 1375 } 1376 case POWERPC_EXCP_ALIGN: /* Alignment exception */ 1377 /* Optional DSISR update was removed from ISA v3.0 */ 1378 if (!(env->insns_flags2 & PPC2_ISA300)) { 1379 /* Get rS/rD and rA from faulting opcode */ 1380 /* 1381 * Note: the opcode fields will not be set properly for a 1382 * direct store load/store, but nobody cares as nobody 1383 * actually uses direct store segments. 1384 */ 1385 env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; 1386 } 1387 break; 1388 case POWERPC_EXCP_PROGRAM: /* Program exception */ 1389 switch (env->error_code & ~0xF) { 1390 case POWERPC_EXCP_FP: 1391 if (!FIELD_EX64_FE(env->msr) || !FIELD_EX64(env->msr, MSR, FP)) { 1392 trace_ppc_excp_fp_ignore(); 1393 powerpc_reset_excp_state(cpu); 1394 return; 1395 } 1396 /* 1397 * NIP always points to the faulting instruction for FP exceptions, 1398 * so always use store_next and claim we are precise in the MSR. 1399 */ 1400 msr |= 0x00100000; 1401 break; 1402 case POWERPC_EXCP_INVAL: 1403 trace_ppc_excp_inval(env->nip); 1404 msr |= 0x00080000; 1405 break; 1406 case POWERPC_EXCP_PRIV: 1407 msr |= 0x00040000; 1408 break; 1409 case POWERPC_EXCP_TRAP: 1410 msr |= 0x00020000; 1411 break; 1412 default: 1413 /* Should never occur */ 1414 cpu_abort(env_cpu(env), "Invalid program exception %d. Aborting\n", 1415 env->error_code); 1416 break; 1417 } 1418 break; 1419 case POWERPC_EXCP_SYSCALL: /* System call exception */ 1420 lev = env->error_code; 1421 1422 if (lev == 1 && cpu->vhyp) { 1423 dump_hcall(env); 1424 } else { 1425 dump_syscall(env); 1426 } 1427 1428 /* 1429 * We need to correct the NIP which in this case is supposed 1430 * to point to the next instruction 1431 */ 1432 env->nip += 4; 1433 1434 /* "PAPR mode" built-in hypercall emulation */ 1435 if (lev == 1 && books_vhyp_handles_hcall(cpu)) { 1436 cpu->vhyp_class->hypercall(cpu->vhyp, cpu); 1437 powerpc_reset_excp_state(cpu); 1438 return; 1439 } 1440 if (env->insns_flags2 & PPC2_ISA310) { 1441 /* ISAv3.1 puts LEV into SRR1 */ 1442 msr |= lev << 20; 1443 } 1444 if (lev == 1) { 1445 new_msr |= (target_ulong)MSR_HVB; 1446 } 1447 break; 1448 case POWERPC_EXCP_SYSCALL_VECTORED: /* scv exception */ 1449 lev = env->error_code; 1450 dump_syscall(env); 1451 env->nip += 4; 1452 new_msr |= env->msr & ((target_ulong)1 << MSR_EE); 1453 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1454 1455 vector += lev * 0x20; 1456 1457 env->lr = env->nip; 1458 env->ctr = msr; 1459 break; 1460 case POWERPC_EXCP_FPU: /* Floating-point unavailable exception */ 1461 case POWERPC_EXCP_DECR: /* Decrementer exception */ 1462 break; 1463 case POWERPC_EXCP_RESET: /* System reset exception */ 1464 /* A power-saving exception sets ME, otherwise it is unchanged */ 1465 if (FIELD_EX64(env->msr, MSR, POW)) { 1466 /* indicate that we resumed from power save mode */ 1467 msr |= 0x10000; 1468 new_msr |= ((target_ulong)1 << MSR_ME); 1469 } 1470 if (env->msr_mask & MSR_HVB) { 1471 /* 1472 * ISA specifies HV, but can be delivered to guest with HV 1473 * clear (e.g., see FWNMI in PAPR, NMI injection in QEMU). 1474 */ 1475 new_msr |= (target_ulong)MSR_HVB; 1476 } else { 1477 if (FIELD_EX64(env->msr, MSR, POW)) { 1478 cpu_abort(env_cpu(env), 1479 "Trying to deliver power-saving system reset " 1480 "exception %d with no HV support\n", excp); 1481 } 1482 } 1483 break; 1484 case POWERPC_EXCP_TRACE: /* Trace exception */ 1485 msr |= env->error_code; 1486 /* fall through */ 1487 case POWERPC_EXCP_DSEG: /* Data segment exception */ 1488 case POWERPC_EXCP_ISEG: /* Instruction segment exception */ 1489 case POWERPC_EXCP_SDOOR: /* Doorbell interrupt */ 1490 case POWERPC_EXCP_PERFM: /* Performance monitor interrupt */ 1491 break; 1492 case POWERPC_EXCP_HISI: /* Hypervisor instruction storage exception */ 1493 msr |= env->error_code; 1494 /* fall through */ 1495 case POWERPC_EXCP_HDECR: /* Hypervisor decrementer exception */ 1496 case POWERPC_EXCP_HDSI: /* Hypervisor data storage exception */ 1497 case POWERPC_EXCP_SDOOR_HV: /* Hypervisor Doorbell interrupt */ 1498 case POWERPC_EXCP_HVIRT: /* Hypervisor virtualization */ 1499 srr0 = SPR_HSRR0; 1500 srr1 = SPR_HSRR1; 1501 new_msr |= (target_ulong)MSR_HVB; 1502 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1503 break; 1504 #ifdef CONFIG_TCG 1505 case POWERPC_EXCP_HV_EMU: { 1506 uint32_t insn = ppc_ldl_code(env, env->nip); 1507 env->spr[SPR_HEIR] = insn; 1508 if (is_prefix_insn(env, insn)) { 1509 uint32_t insn2 = ppc_ldl_code(env, env->nip + 4); 1510 env->spr[SPR_HEIR] <<= 32; 1511 env->spr[SPR_HEIR] |= insn2; 1512 } 1513 srr0 = SPR_HSRR0; 1514 srr1 = SPR_HSRR1; 1515 new_msr |= (target_ulong)MSR_HVB; 1516 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1517 break; 1518 } 1519 #endif 1520 case POWERPC_EXCP_VPU: /* Vector unavailable exception */ 1521 case POWERPC_EXCP_VSXU: /* VSX unavailable exception */ 1522 case POWERPC_EXCP_FU: /* Facility unavailable exception */ 1523 env->spr[SPR_FSCR] |= ((target_ulong)env->error_code << 56); 1524 break; 1525 case POWERPC_EXCP_HV_FU: /* Hypervisor Facility Unavailable Exception */ 1526 env->spr[SPR_HFSCR] |= ((target_ulong)env->error_code << FSCR_IC_POS); 1527 srr0 = SPR_HSRR0; 1528 srr1 = SPR_HSRR1; 1529 new_msr |= (target_ulong)MSR_HVB; 1530 new_msr |= env->msr & ((target_ulong)1 << MSR_RI); 1531 break; 1532 case POWERPC_EXCP_PERFM_EBB: /* Performance Monitor EBB Exception */ 1533 case POWERPC_EXCP_EXTERNAL_EBB: /* External EBB Exception */ 1534 env->spr[SPR_BESCR] &= ~BESCR_GE; 1535 1536 /* 1537 * Save NIP for rfebb insn in SPR_EBBRR. Next nip is 1538 * stored in the EBB Handler SPR_EBBHR. 1539 */ 1540 env->spr[SPR_EBBRR] = env->nip; 1541 powerpc_set_excp_state(cpu, env->spr[SPR_EBBHR], env->msr); 1542 1543 /* 1544 * This exception is handled in userspace. No need to proceed. 1545 */ 1546 return; 1547 case POWERPC_EXCP_THERM: /* Thermal interrupt */ 1548 case POWERPC_EXCP_VPUA: /* Vector assist exception */ 1549 case POWERPC_EXCP_MAINT: /* Maintenance exception */ 1550 case POWERPC_EXCP_HV_MAINT: /* Hypervisor Maintenance exception */ 1551 cpu_abort(env_cpu(env), "%s exception not implemented\n", 1552 powerpc_excp_name(excp)); 1553 break; 1554 default: 1555 cpu_abort(env_cpu(env), "Invalid PowerPC exception %d. Aborting\n", 1556 excp); 1557 break; 1558 } 1559 1560 if (ppc_interrupts_little_endian(cpu, !!(new_msr & MSR_HVB))) { 1561 new_msr |= (target_ulong)1 << MSR_LE; 1562 } 1563 new_msr |= (target_ulong)1 << MSR_SF; 1564 1565 if (excp != POWERPC_EXCP_SYSCALL_VECTORED) { 1566 env->spr[srr0] = env->nip; 1567 env->spr[srr1] = msr; 1568 } 1569 1570 if ((new_msr & MSR_HVB) && books_vhyp_handles_hv_excp(cpu)) { 1571 /* Deliver interrupt to L1 by returning from the H_ENTER_NESTED call */ 1572 cpu->vhyp_class->deliver_hv_excp(cpu, excp); 1573 powerpc_reset_excp_state(cpu); 1574 } else { 1575 /* Sanity check */ 1576 if (!(env->msr_mask & MSR_HVB) && srr0 == SPR_HSRR0) { 1577 cpu_abort(env_cpu(env), "Trying to deliver HV exception (HSRR) %d " 1578 "with no HV support\n", excp); 1579 } 1580 /* This can update new_msr and vector if AIL applies */ 1581 ppc_excp_apply_ail(cpu, excp, msr, &new_msr, &vector); 1582 powerpc_set_excp_state(cpu, vector, new_msr); 1583 } 1584 } 1585 #else 1586 static inline void powerpc_excp_books(PowerPCCPU *cpu, int excp) 1587 { 1588 g_assert_not_reached(); 1589 } 1590 #endif /* TARGET_PPC64 */ 1591 1592 static void powerpc_excp(PowerPCCPU *cpu, int excp) 1593 { 1594 CPUPPCState *env = &cpu->env; 1595 1596 if (excp <= POWERPC_EXCP_NONE || excp >= POWERPC_EXCP_NB) { 1597 cpu_abort(env_cpu(env), "Invalid PowerPC exception %d. Aborting\n", 1598 excp); 1599 } 1600 1601 qemu_log_mask(CPU_LOG_INT, "Raise exception at " TARGET_FMT_lx 1602 " => %s (%d) error=%02x\n", env->nip, powerpc_excp_name(excp), 1603 excp, env->error_code); 1604 env->excp_stats[excp]++; 1605 1606 switch (env->excp_model) { 1607 case POWERPC_EXCP_40x: 1608 powerpc_excp_40x(cpu, excp); 1609 break; 1610 case POWERPC_EXCP_6xx: 1611 powerpc_excp_6xx(cpu, excp); 1612 break; 1613 case POWERPC_EXCP_7xx: 1614 powerpc_excp_7xx(cpu, excp); 1615 break; 1616 case POWERPC_EXCP_74xx: 1617 powerpc_excp_74xx(cpu, excp); 1618 break; 1619 case POWERPC_EXCP_BOOKE: 1620 powerpc_excp_booke(cpu, excp); 1621 break; 1622 case POWERPC_EXCP_970: 1623 case POWERPC_EXCP_POWER7: 1624 case POWERPC_EXCP_POWER8: 1625 case POWERPC_EXCP_POWER9: 1626 case POWERPC_EXCP_POWER10: 1627 powerpc_excp_books(cpu, excp); 1628 break; 1629 default: 1630 g_assert_not_reached(); 1631 } 1632 } 1633 1634 void ppc_cpu_do_interrupt(CPUState *cs) 1635 { 1636 PowerPCCPU *cpu = POWERPC_CPU(cs); 1637 1638 powerpc_excp(cpu, cs->exception_index); 1639 } 1640 1641 #ifdef TARGET_PPC64 1642 #define P7_UNUSED_INTERRUPTS \ 1643 (PPC_INTERRUPT_RESET | PPC_INTERRUPT_HVIRT | PPC_INTERRUPT_CEXT | \ 1644 PPC_INTERRUPT_WDT | PPC_INTERRUPT_CDOORBELL | PPC_INTERRUPT_FIT | \ 1645 PPC_INTERRUPT_PIT | PPC_INTERRUPT_DOORBELL | PPC_INTERRUPT_HDOORBELL | \ 1646 PPC_INTERRUPT_THERM | PPC_INTERRUPT_EBB) 1647 1648 static int p7_interrupt_powersave(CPUPPCState *env) 1649 { 1650 if ((env->pending_interrupts & PPC_INTERRUPT_EXT) && 1651 (env->spr[SPR_LPCR] & LPCR_P7_PECE0)) { 1652 return PPC_INTERRUPT_EXT; 1653 } 1654 if ((env->pending_interrupts & PPC_INTERRUPT_DECR) && 1655 (env->spr[SPR_LPCR] & LPCR_P7_PECE1)) { 1656 return PPC_INTERRUPT_DECR; 1657 } 1658 if ((env->pending_interrupts & PPC_INTERRUPT_MCK) && 1659 (env->spr[SPR_LPCR] & LPCR_P7_PECE2)) { 1660 return PPC_INTERRUPT_MCK; 1661 } 1662 if ((env->pending_interrupts & PPC_INTERRUPT_HMI) && 1663 (env->spr[SPR_LPCR] & LPCR_P7_PECE2)) { 1664 return PPC_INTERRUPT_HMI; 1665 } 1666 if (env->pending_interrupts & PPC_INTERRUPT_RESET) { 1667 return PPC_INTERRUPT_RESET; 1668 } 1669 return 0; 1670 } 1671 1672 static int p7_next_unmasked_interrupt(CPUPPCState *env) 1673 { 1674 CPUState *cs = env_cpu(env); 1675 1676 /* Ignore MSR[EE] when coming out of some power management states */ 1677 bool msr_ee = FIELD_EX64(env->msr, MSR, EE) || env->resume_as_sreset; 1678 1679 assert((env->pending_interrupts & P7_UNUSED_INTERRUPTS) == 0); 1680 1681 if (cs->halted) { 1682 /* LPCR[PECE] controls which interrupts can exit power-saving mode */ 1683 return p7_interrupt_powersave(env); 1684 } 1685 1686 /* Machine check exception */ 1687 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 1688 return PPC_INTERRUPT_MCK; 1689 } 1690 1691 /* Hypervisor decrementer exception */ 1692 if (env->pending_interrupts & PPC_INTERRUPT_HDECR) { 1693 /* LPCR will be clear when not supported so this will work */ 1694 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 1695 if ((msr_ee || !FIELD_EX64_HV(env->msr)) && hdice) { 1696 /* HDEC clears on delivery */ 1697 return PPC_INTERRUPT_HDECR; 1698 } 1699 } 1700 1701 /* External interrupt can ignore MSR:EE under some circumstances */ 1702 if (env->pending_interrupts & PPC_INTERRUPT_EXT) { 1703 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1704 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 1705 /* HEIC blocks delivery to the hypervisor */ 1706 if ((msr_ee && !(heic && FIELD_EX64_HV(env->msr) && 1707 !FIELD_EX64(env->msr, MSR, PR))) || 1708 (env->has_hv_mode && !FIELD_EX64_HV(env->msr) && !lpes0)) { 1709 return PPC_INTERRUPT_EXT; 1710 } 1711 } 1712 if (msr_ee != 0) { 1713 /* Decrementer exception */ 1714 if (env->pending_interrupts & PPC_INTERRUPT_DECR) { 1715 return PPC_INTERRUPT_DECR; 1716 } 1717 if (env->pending_interrupts & PPC_INTERRUPT_PERFM) { 1718 return PPC_INTERRUPT_PERFM; 1719 } 1720 } 1721 1722 return 0; 1723 } 1724 1725 #define P8_UNUSED_INTERRUPTS \ 1726 (PPC_INTERRUPT_RESET | PPC_INTERRUPT_DEBUG | PPC_INTERRUPT_HVIRT | \ 1727 PPC_INTERRUPT_CEXT | PPC_INTERRUPT_WDT | PPC_INTERRUPT_CDOORBELL | \ 1728 PPC_INTERRUPT_FIT | PPC_INTERRUPT_PIT | PPC_INTERRUPT_THERM) 1729 1730 static int p8_interrupt_powersave(CPUPPCState *env) 1731 { 1732 if ((env->pending_interrupts & PPC_INTERRUPT_EXT) && 1733 (env->spr[SPR_LPCR] & LPCR_P8_PECE2)) { 1734 return PPC_INTERRUPT_EXT; 1735 } 1736 if ((env->pending_interrupts & PPC_INTERRUPT_DECR) && 1737 (env->spr[SPR_LPCR] & LPCR_P8_PECE3)) { 1738 return PPC_INTERRUPT_DECR; 1739 } 1740 if ((env->pending_interrupts & PPC_INTERRUPT_MCK) && 1741 (env->spr[SPR_LPCR] & LPCR_P8_PECE4)) { 1742 return PPC_INTERRUPT_MCK; 1743 } 1744 if ((env->pending_interrupts & PPC_INTERRUPT_HMI) && 1745 (env->spr[SPR_LPCR] & LPCR_P8_PECE4)) { 1746 return PPC_INTERRUPT_HMI; 1747 } 1748 if ((env->pending_interrupts & PPC_INTERRUPT_DOORBELL) && 1749 (env->spr[SPR_LPCR] & LPCR_P8_PECE0)) { 1750 return PPC_INTERRUPT_DOORBELL; 1751 } 1752 if ((env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) && 1753 (env->spr[SPR_LPCR] & LPCR_P8_PECE1)) { 1754 return PPC_INTERRUPT_HDOORBELL; 1755 } 1756 if (env->pending_interrupts & PPC_INTERRUPT_RESET) { 1757 return PPC_INTERRUPT_RESET; 1758 } 1759 return 0; 1760 } 1761 1762 static int p8_next_unmasked_interrupt(CPUPPCState *env) 1763 { 1764 CPUState *cs = env_cpu(env); 1765 1766 /* Ignore MSR[EE] when coming out of some power management states */ 1767 bool msr_ee = FIELD_EX64(env->msr, MSR, EE) || env->resume_as_sreset; 1768 1769 assert((env->pending_interrupts & P8_UNUSED_INTERRUPTS) == 0); 1770 1771 if (cs->halted) { 1772 /* LPCR[PECE] controls which interrupts can exit power-saving mode */ 1773 return p8_interrupt_powersave(env); 1774 } 1775 1776 /* Machine check exception */ 1777 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 1778 return PPC_INTERRUPT_MCK; 1779 } 1780 1781 /* Hypervisor decrementer exception */ 1782 if (env->pending_interrupts & PPC_INTERRUPT_HDECR) { 1783 /* LPCR will be clear when not supported so this will work */ 1784 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 1785 if ((msr_ee || !FIELD_EX64_HV(env->msr)) && hdice) { 1786 /* HDEC clears on delivery */ 1787 return PPC_INTERRUPT_HDECR; 1788 } 1789 } 1790 1791 /* External interrupt can ignore MSR:EE under some circumstances */ 1792 if (env->pending_interrupts & PPC_INTERRUPT_EXT) { 1793 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1794 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 1795 /* HEIC blocks delivery to the hypervisor */ 1796 if ((msr_ee && !(heic && FIELD_EX64_HV(env->msr) && 1797 !FIELD_EX64(env->msr, MSR, PR))) || 1798 (env->has_hv_mode && !FIELD_EX64_HV(env->msr) && !lpes0)) { 1799 return PPC_INTERRUPT_EXT; 1800 } 1801 } 1802 if (msr_ee != 0) { 1803 /* Decrementer exception */ 1804 if (env->pending_interrupts & PPC_INTERRUPT_DECR) { 1805 return PPC_INTERRUPT_DECR; 1806 } 1807 if (env->pending_interrupts & PPC_INTERRUPT_DOORBELL) { 1808 return PPC_INTERRUPT_DOORBELL; 1809 } 1810 if (env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) { 1811 return PPC_INTERRUPT_HDOORBELL; 1812 } 1813 if (env->pending_interrupts & PPC_INTERRUPT_PERFM) { 1814 return PPC_INTERRUPT_PERFM; 1815 } 1816 /* EBB exception */ 1817 if (env->pending_interrupts & PPC_INTERRUPT_EBB) { 1818 /* 1819 * EBB exception must be taken in problem state and 1820 * with BESCR_GE set. 1821 */ 1822 if (FIELD_EX64(env->msr, MSR, PR) && 1823 (env->spr[SPR_BESCR] & BESCR_GE)) { 1824 return PPC_INTERRUPT_EBB; 1825 } 1826 } 1827 } 1828 1829 return 0; 1830 } 1831 1832 #define P9_UNUSED_INTERRUPTS \ 1833 (PPC_INTERRUPT_RESET | PPC_INTERRUPT_DEBUG | PPC_INTERRUPT_CEXT | \ 1834 PPC_INTERRUPT_WDT | PPC_INTERRUPT_CDOORBELL | PPC_INTERRUPT_FIT | \ 1835 PPC_INTERRUPT_PIT | PPC_INTERRUPT_THERM) 1836 1837 static int p9_interrupt_powersave(CPUPPCState *env) 1838 { 1839 /* External Exception */ 1840 if ((env->pending_interrupts & PPC_INTERRUPT_EXT) && 1841 (env->spr[SPR_LPCR] & LPCR_EEE)) { 1842 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 1843 if (!heic || !FIELD_EX64_HV(env->msr) || 1844 FIELD_EX64(env->msr, MSR, PR)) { 1845 return PPC_INTERRUPT_EXT; 1846 } 1847 } 1848 /* Decrementer Exception */ 1849 if ((env->pending_interrupts & PPC_INTERRUPT_DECR) && 1850 (env->spr[SPR_LPCR] & LPCR_DEE)) { 1851 return PPC_INTERRUPT_DECR; 1852 } 1853 /* Machine Check or Hypervisor Maintenance Exception */ 1854 if (env->spr[SPR_LPCR] & LPCR_OEE) { 1855 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 1856 return PPC_INTERRUPT_MCK; 1857 } 1858 if (env->pending_interrupts & PPC_INTERRUPT_HMI) { 1859 return PPC_INTERRUPT_HMI; 1860 } 1861 } 1862 /* Privileged Doorbell Exception */ 1863 if ((env->pending_interrupts & PPC_INTERRUPT_DOORBELL) && 1864 (env->spr[SPR_LPCR] & LPCR_PDEE)) { 1865 return PPC_INTERRUPT_DOORBELL; 1866 } 1867 /* Hypervisor Doorbell Exception */ 1868 if ((env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) && 1869 (env->spr[SPR_LPCR] & LPCR_HDEE)) { 1870 return PPC_INTERRUPT_HDOORBELL; 1871 } 1872 /* Hypervisor virtualization exception */ 1873 if ((env->pending_interrupts & PPC_INTERRUPT_HVIRT) && 1874 (env->spr[SPR_LPCR] & LPCR_HVEE)) { 1875 return PPC_INTERRUPT_HVIRT; 1876 } 1877 if (env->pending_interrupts & PPC_INTERRUPT_RESET) { 1878 return PPC_INTERRUPT_RESET; 1879 } 1880 return 0; 1881 } 1882 1883 static int p9_next_unmasked_interrupt(CPUPPCState *env) 1884 { 1885 CPUState *cs = env_cpu(env); 1886 1887 /* Ignore MSR[EE] when coming out of some power management states */ 1888 bool msr_ee = FIELD_EX64(env->msr, MSR, EE) || env->resume_as_sreset; 1889 1890 assert((env->pending_interrupts & P9_UNUSED_INTERRUPTS) == 0); 1891 1892 if (cs->halted) { 1893 if (env->spr[SPR_PSSCR] & PSSCR_EC) { 1894 /* 1895 * When PSSCR[EC] is set, LPCR[PECE] controls which interrupts can 1896 * wakeup the processor 1897 */ 1898 return p9_interrupt_powersave(env); 1899 } else { 1900 /* 1901 * When it's clear, any system-caused exception exits power-saving 1902 * mode, even the ones that gate on MSR[EE]. 1903 */ 1904 msr_ee = true; 1905 } 1906 } 1907 1908 /* Machine check exception */ 1909 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 1910 return PPC_INTERRUPT_MCK; 1911 } 1912 1913 /* Hypervisor decrementer exception */ 1914 if (env->pending_interrupts & PPC_INTERRUPT_HDECR) { 1915 /* LPCR will be clear when not supported so this will work */ 1916 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 1917 if ((msr_ee || !FIELD_EX64_HV(env->msr)) && hdice) { 1918 /* HDEC clears on delivery */ 1919 return PPC_INTERRUPT_HDECR; 1920 } 1921 } 1922 1923 /* Hypervisor virtualization interrupt */ 1924 if (env->pending_interrupts & PPC_INTERRUPT_HVIRT) { 1925 /* LPCR will be clear when not supported so this will work */ 1926 bool hvice = !!(env->spr[SPR_LPCR] & LPCR_HVICE); 1927 if ((msr_ee || !FIELD_EX64_HV(env->msr)) && hvice) { 1928 return PPC_INTERRUPT_HVIRT; 1929 } 1930 } 1931 1932 /* External interrupt can ignore MSR:EE under some circumstances */ 1933 if (env->pending_interrupts & PPC_INTERRUPT_EXT) { 1934 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 1935 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 1936 /* HEIC blocks delivery to the hypervisor */ 1937 if ((msr_ee && !(heic && FIELD_EX64_HV(env->msr) && 1938 !FIELD_EX64(env->msr, MSR, PR))) || 1939 (env->has_hv_mode && !FIELD_EX64_HV(env->msr) && !lpes0)) { 1940 return PPC_INTERRUPT_EXT; 1941 } 1942 } 1943 if (msr_ee != 0) { 1944 /* Decrementer exception */ 1945 if (env->pending_interrupts & PPC_INTERRUPT_DECR) { 1946 return PPC_INTERRUPT_DECR; 1947 } 1948 if (env->pending_interrupts & PPC_INTERRUPT_DOORBELL) { 1949 return PPC_INTERRUPT_DOORBELL; 1950 } 1951 if (env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) { 1952 return PPC_INTERRUPT_HDOORBELL; 1953 } 1954 if (env->pending_interrupts & PPC_INTERRUPT_PERFM) { 1955 return PPC_INTERRUPT_PERFM; 1956 } 1957 /* EBB exception */ 1958 if (env->pending_interrupts & PPC_INTERRUPT_EBB) { 1959 /* 1960 * EBB exception must be taken in problem state and 1961 * with BESCR_GE set. 1962 */ 1963 if (FIELD_EX64(env->msr, MSR, PR) && 1964 (env->spr[SPR_BESCR] & BESCR_GE)) { 1965 return PPC_INTERRUPT_EBB; 1966 } 1967 } 1968 } 1969 1970 return 0; 1971 } 1972 #endif /* TARGET_PPC64 */ 1973 1974 static int ppc_next_unmasked_interrupt(CPUPPCState *env) 1975 { 1976 #ifdef TARGET_PPC64 1977 switch (env->excp_model) { 1978 case POWERPC_EXCP_POWER7: 1979 return p7_next_unmasked_interrupt(env); 1980 case POWERPC_EXCP_POWER8: 1981 return p8_next_unmasked_interrupt(env); 1982 case POWERPC_EXCP_POWER9: 1983 case POWERPC_EXCP_POWER10: 1984 return p9_next_unmasked_interrupt(env); 1985 default: 1986 break; 1987 } 1988 #endif 1989 bool async_deliver; 1990 1991 /* External reset */ 1992 if (env->pending_interrupts & PPC_INTERRUPT_RESET) { 1993 return PPC_INTERRUPT_RESET; 1994 } 1995 /* Machine check exception */ 1996 if (env->pending_interrupts & PPC_INTERRUPT_MCK) { 1997 return PPC_INTERRUPT_MCK; 1998 } 1999 #if 0 /* TODO */ 2000 /* External debug exception */ 2001 if (env->pending_interrupts & PPC_INTERRUPT_DEBUG) { 2002 return PPC_INTERRUPT_DEBUG; 2003 } 2004 #endif 2005 2006 /* 2007 * For interrupts that gate on MSR:EE, we need to do something a 2008 * bit more subtle, as we need to let them through even when EE is 2009 * clear when coming out of some power management states (in order 2010 * for them to become a 0x100). 2011 */ 2012 async_deliver = FIELD_EX64(env->msr, MSR, EE) || env->resume_as_sreset; 2013 2014 /* Hypervisor decrementer exception */ 2015 if (env->pending_interrupts & PPC_INTERRUPT_HDECR) { 2016 /* LPCR will be clear when not supported so this will work */ 2017 bool hdice = !!(env->spr[SPR_LPCR] & LPCR_HDICE); 2018 if ((async_deliver || !FIELD_EX64_HV(env->msr)) && hdice) { 2019 /* HDEC clears on delivery */ 2020 return PPC_INTERRUPT_HDECR; 2021 } 2022 } 2023 2024 /* Hypervisor virtualization interrupt */ 2025 if (env->pending_interrupts & PPC_INTERRUPT_HVIRT) { 2026 /* LPCR will be clear when not supported so this will work */ 2027 bool hvice = !!(env->spr[SPR_LPCR] & LPCR_HVICE); 2028 if ((async_deliver || !FIELD_EX64_HV(env->msr)) && hvice) { 2029 return PPC_INTERRUPT_HVIRT; 2030 } 2031 } 2032 2033 /* External interrupt can ignore MSR:EE under some circumstances */ 2034 if (env->pending_interrupts & PPC_INTERRUPT_EXT) { 2035 bool lpes0 = !!(env->spr[SPR_LPCR] & LPCR_LPES0); 2036 bool heic = !!(env->spr[SPR_LPCR] & LPCR_HEIC); 2037 /* HEIC blocks delivery to the hypervisor */ 2038 if ((async_deliver && !(heic && FIELD_EX64_HV(env->msr) && 2039 !FIELD_EX64(env->msr, MSR, PR))) || 2040 (env->has_hv_mode && !FIELD_EX64_HV(env->msr) && !lpes0)) { 2041 return PPC_INTERRUPT_EXT; 2042 } 2043 } 2044 if (FIELD_EX64(env->msr, MSR, CE)) { 2045 /* External critical interrupt */ 2046 if (env->pending_interrupts & PPC_INTERRUPT_CEXT) { 2047 return PPC_INTERRUPT_CEXT; 2048 } 2049 } 2050 if (async_deliver != 0) { 2051 /* Watchdog timer on embedded PowerPC */ 2052 if (env->pending_interrupts & PPC_INTERRUPT_WDT) { 2053 return PPC_INTERRUPT_WDT; 2054 } 2055 if (env->pending_interrupts & PPC_INTERRUPT_CDOORBELL) { 2056 return PPC_INTERRUPT_CDOORBELL; 2057 } 2058 /* Fixed interval timer on embedded PowerPC */ 2059 if (env->pending_interrupts & PPC_INTERRUPT_FIT) { 2060 return PPC_INTERRUPT_FIT; 2061 } 2062 /* Programmable interval timer on embedded PowerPC */ 2063 if (env->pending_interrupts & PPC_INTERRUPT_PIT) { 2064 return PPC_INTERRUPT_PIT; 2065 } 2066 /* Decrementer exception */ 2067 if (env->pending_interrupts & PPC_INTERRUPT_DECR) { 2068 return PPC_INTERRUPT_DECR; 2069 } 2070 if (env->pending_interrupts & PPC_INTERRUPT_DOORBELL) { 2071 return PPC_INTERRUPT_DOORBELL; 2072 } 2073 if (env->pending_interrupts & PPC_INTERRUPT_HDOORBELL) { 2074 return PPC_INTERRUPT_HDOORBELL; 2075 } 2076 if (env->pending_interrupts & PPC_INTERRUPT_PERFM) { 2077 return PPC_INTERRUPT_PERFM; 2078 } 2079 /* Thermal interrupt */ 2080 if (env->pending_interrupts & PPC_INTERRUPT_THERM) { 2081 return PPC_INTERRUPT_THERM; 2082 } 2083 /* EBB exception */ 2084 if (env->pending_interrupts & PPC_INTERRUPT_EBB) { 2085 /* 2086 * EBB exception must be taken in problem state and 2087 * with BESCR_GE set. 2088 */ 2089 if (FIELD_EX64(env->msr, MSR, PR) && 2090 (env->spr[SPR_BESCR] & BESCR_GE)) { 2091 return PPC_INTERRUPT_EBB; 2092 } 2093 } 2094 } 2095 2096 return 0; 2097 } 2098 2099 /* 2100 * Sets CPU_INTERRUPT_HARD if there is at least one unmasked interrupt to be 2101 * delivered and clears CPU_INTERRUPT_HARD otherwise. 2102 * 2103 * This method is called by ppc_set_interrupt when an interrupt is raised or 2104 * lowered, and should also be called whenever an interrupt masking condition 2105 * is changed, e.g.: 2106 * - When relevant bits of MSR are altered, like EE, HV, PR, etc.; 2107 * - When relevant bits of LPCR are altered, like PECE, HDICE, HVICE, etc.; 2108 * - When PSSCR[EC] or env->resume_as_sreset are changed; 2109 * - When cs->halted is changed and the CPU has a different interrupt masking 2110 * logic in power-saving mode (e.g., POWER7/8/9/10); 2111 */ 2112 void ppc_maybe_interrupt(CPUPPCState *env) 2113 { 2114 CPUState *cs = env_cpu(env); 2115 BQL_LOCK_GUARD(); 2116 2117 if (ppc_next_unmasked_interrupt(env)) { 2118 cpu_interrupt(cs, CPU_INTERRUPT_HARD); 2119 } else { 2120 cpu_reset_interrupt(cs, CPU_INTERRUPT_HARD); 2121 } 2122 } 2123 2124 #ifdef TARGET_PPC64 2125 static void p7_deliver_interrupt(CPUPPCState *env, int interrupt) 2126 { 2127 PowerPCCPU *cpu = env_archcpu(env); 2128 2129 switch (interrupt) { 2130 case PPC_INTERRUPT_MCK: /* Machine check exception */ 2131 env->pending_interrupts &= ~PPC_INTERRUPT_MCK; 2132 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 2133 break; 2134 2135 case PPC_INTERRUPT_HDECR: /* Hypervisor decrementer exception */ 2136 /* HDEC clears on delivery */ 2137 env->pending_interrupts &= ~PPC_INTERRUPT_HDECR; 2138 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 2139 break; 2140 2141 case PPC_INTERRUPT_EXT: 2142 if (books_vhyp_promotes_external_to_hvirt(cpu)) { 2143 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2144 } else { 2145 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 2146 } 2147 break; 2148 2149 case PPC_INTERRUPT_DECR: /* Decrementer exception */ 2150 powerpc_excp(cpu, POWERPC_EXCP_DECR); 2151 break; 2152 case PPC_INTERRUPT_PERFM: 2153 env->pending_interrupts &= ~PPC_INTERRUPT_PERFM; 2154 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 2155 break; 2156 case 0: 2157 /* 2158 * This is a bug ! It means that has_work took us out of halt without 2159 * anything to deliver while in a PM state that requires getting 2160 * out via a 0x100 2161 * 2162 * This means we will incorrectly execute past the power management 2163 * instruction instead of triggering a reset. 2164 * 2165 * It generally means a discrepancy between the wakeup conditions in the 2166 * processor has_work implementation and the logic in this function. 2167 */ 2168 assert(!env->resume_as_sreset); 2169 break; 2170 default: 2171 cpu_abort(env_cpu(env), "Invalid PowerPC interrupt %d. Aborting\n", 2172 interrupt); 2173 } 2174 } 2175 2176 static void p8_deliver_interrupt(CPUPPCState *env, int interrupt) 2177 { 2178 PowerPCCPU *cpu = env_archcpu(env); 2179 2180 switch (interrupt) { 2181 case PPC_INTERRUPT_MCK: /* Machine check exception */ 2182 env->pending_interrupts &= ~PPC_INTERRUPT_MCK; 2183 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 2184 break; 2185 2186 case PPC_INTERRUPT_HDECR: /* Hypervisor decrementer exception */ 2187 /* HDEC clears on delivery */ 2188 env->pending_interrupts &= ~PPC_INTERRUPT_HDECR; 2189 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 2190 break; 2191 2192 case PPC_INTERRUPT_EXT: 2193 if (books_vhyp_promotes_external_to_hvirt(cpu)) { 2194 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2195 } else { 2196 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 2197 } 2198 break; 2199 2200 case PPC_INTERRUPT_DECR: /* Decrementer exception */ 2201 powerpc_excp(cpu, POWERPC_EXCP_DECR); 2202 break; 2203 case PPC_INTERRUPT_DOORBELL: 2204 env->pending_interrupts &= ~PPC_INTERRUPT_DOORBELL; 2205 if (is_book3s_arch2x(env)) { 2206 powerpc_excp(cpu, POWERPC_EXCP_SDOOR); 2207 } else { 2208 powerpc_excp(cpu, POWERPC_EXCP_DOORI); 2209 } 2210 break; 2211 case PPC_INTERRUPT_HDOORBELL: 2212 env->pending_interrupts &= ~PPC_INTERRUPT_HDOORBELL; 2213 powerpc_excp(cpu, POWERPC_EXCP_SDOOR_HV); 2214 break; 2215 case PPC_INTERRUPT_PERFM: 2216 env->pending_interrupts &= ~PPC_INTERRUPT_PERFM; 2217 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 2218 break; 2219 case PPC_INTERRUPT_EBB: /* EBB exception */ 2220 env->pending_interrupts &= ~PPC_INTERRUPT_EBB; 2221 if (env->spr[SPR_BESCR] & BESCR_PMEO) { 2222 powerpc_excp(cpu, POWERPC_EXCP_PERFM_EBB); 2223 } else if (env->spr[SPR_BESCR] & BESCR_EEO) { 2224 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL_EBB); 2225 } 2226 break; 2227 case 0: 2228 /* 2229 * This is a bug ! It means that has_work took us out of halt without 2230 * anything to deliver while in a PM state that requires getting 2231 * out via a 0x100 2232 * 2233 * This means we will incorrectly execute past the power management 2234 * instruction instead of triggering a reset. 2235 * 2236 * It generally means a discrepancy between the wakeup conditions in the 2237 * processor has_work implementation and the logic in this function. 2238 */ 2239 assert(!env->resume_as_sreset); 2240 break; 2241 default: 2242 cpu_abort(env_cpu(env), "Invalid PowerPC interrupt %d. Aborting\n", 2243 interrupt); 2244 } 2245 } 2246 2247 static void p9_deliver_interrupt(CPUPPCState *env, int interrupt) 2248 { 2249 PowerPCCPU *cpu = env_archcpu(env); 2250 CPUState *cs = env_cpu(env); 2251 2252 if (cs->halted && !(env->spr[SPR_PSSCR] & PSSCR_EC) && 2253 !FIELD_EX64(env->msr, MSR, EE)) { 2254 /* 2255 * A pending interrupt took us out of power-saving, but MSR[EE] says 2256 * that we should return to NIP+4 instead of delivering it. 2257 */ 2258 return; 2259 } 2260 2261 switch (interrupt) { 2262 case PPC_INTERRUPT_MCK: /* Machine check exception */ 2263 env->pending_interrupts &= ~PPC_INTERRUPT_MCK; 2264 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 2265 break; 2266 2267 case PPC_INTERRUPT_HDECR: /* Hypervisor decrementer exception */ 2268 /* HDEC clears on delivery */ 2269 env->pending_interrupts &= ~PPC_INTERRUPT_HDECR; 2270 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 2271 break; 2272 case PPC_INTERRUPT_HVIRT: /* Hypervisor virtualization interrupt */ 2273 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2274 break; 2275 2276 case PPC_INTERRUPT_EXT: 2277 if (books_vhyp_promotes_external_to_hvirt(cpu)) { 2278 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2279 } else { 2280 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 2281 } 2282 break; 2283 2284 case PPC_INTERRUPT_DECR: /* Decrementer exception */ 2285 powerpc_excp(cpu, POWERPC_EXCP_DECR); 2286 break; 2287 case PPC_INTERRUPT_DOORBELL: 2288 env->pending_interrupts &= ~PPC_INTERRUPT_DOORBELL; 2289 powerpc_excp(cpu, POWERPC_EXCP_SDOOR); 2290 break; 2291 case PPC_INTERRUPT_HDOORBELL: 2292 env->pending_interrupts &= ~PPC_INTERRUPT_HDOORBELL; 2293 powerpc_excp(cpu, POWERPC_EXCP_SDOOR_HV); 2294 break; 2295 case PPC_INTERRUPT_PERFM: 2296 env->pending_interrupts &= ~PPC_INTERRUPT_PERFM; 2297 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 2298 break; 2299 case PPC_INTERRUPT_EBB: /* EBB exception */ 2300 env->pending_interrupts &= ~PPC_INTERRUPT_EBB; 2301 if (env->spr[SPR_BESCR] & BESCR_PMEO) { 2302 powerpc_excp(cpu, POWERPC_EXCP_PERFM_EBB); 2303 } else if (env->spr[SPR_BESCR] & BESCR_EEO) { 2304 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL_EBB); 2305 } 2306 break; 2307 case 0: 2308 /* 2309 * This is a bug ! It means that has_work took us out of halt without 2310 * anything to deliver while in a PM state that requires getting 2311 * out via a 0x100 2312 * 2313 * This means we will incorrectly execute past the power management 2314 * instruction instead of triggering a reset. 2315 * 2316 * It generally means a discrepancy between the wakeup conditions in the 2317 * processor has_work implementation and the logic in this function. 2318 */ 2319 assert(!env->resume_as_sreset); 2320 break; 2321 default: 2322 cpu_abort(env_cpu(env), "Invalid PowerPC interrupt %d. Aborting\n", 2323 interrupt); 2324 } 2325 } 2326 #endif /* TARGET_PPC64 */ 2327 2328 static void ppc_deliver_interrupt(CPUPPCState *env, int interrupt) 2329 { 2330 #ifdef TARGET_PPC64 2331 switch (env->excp_model) { 2332 case POWERPC_EXCP_POWER7: 2333 return p7_deliver_interrupt(env, interrupt); 2334 case POWERPC_EXCP_POWER8: 2335 return p8_deliver_interrupt(env, interrupt); 2336 case POWERPC_EXCP_POWER9: 2337 case POWERPC_EXCP_POWER10: 2338 return p9_deliver_interrupt(env, interrupt); 2339 default: 2340 break; 2341 } 2342 #endif 2343 PowerPCCPU *cpu = env_archcpu(env); 2344 2345 switch (interrupt) { 2346 case PPC_INTERRUPT_RESET: /* External reset */ 2347 env->pending_interrupts &= ~PPC_INTERRUPT_RESET; 2348 powerpc_excp(cpu, POWERPC_EXCP_RESET); 2349 break; 2350 case PPC_INTERRUPT_MCK: /* Machine check exception */ 2351 env->pending_interrupts &= ~PPC_INTERRUPT_MCK; 2352 powerpc_excp(cpu, POWERPC_EXCP_MCHECK); 2353 break; 2354 2355 case PPC_INTERRUPT_HDECR: /* Hypervisor decrementer exception */ 2356 /* HDEC clears on delivery */ 2357 env->pending_interrupts &= ~PPC_INTERRUPT_HDECR; 2358 powerpc_excp(cpu, POWERPC_EXCP_HDECR); 2359 break; 2360 case PPC_INTERRUPT_HVIRT: /* Hypervisor virtualization interrupt */ 2361 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2362 break; 2363 2364 case PPC_INTERRUPT_EXT: 2365 if (books_vhyp_promotes_external_to_hvirt(cpu)) { 2366 powerpc_excp(cpu, POWERPC_EXCP_HVIRT); 2367 } else { 2368 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL); 2369 } 2370 break; 2371 case PPC_INTERRUPT_CEXT: /* External critical interrupt */ 2372 powerpc_excp(cpu, POWERPC_EXCP_CRITICAL); 2373 break; 2374 2375 case PPC_INTERRUPT_WDT: /* Watchdog timer on embedded PowerPC */ 2376 env->pending_interrupts &= ~PPC_INTERRUPT_WDT; 2377 powerpc_excp(cpu, POWERPC_EXCP_WDT); 2378 break; 2379 case PPC_INTERRUPT_CDOORBELL: 2380 env->pending_interrupts &= ~PPC_INTERRUPT_CDOORBELL; 2381 powerpc_excp(cpu, POWERPC_EXCP_DOORCI); 2382 break; 2383 case PPC_INTERRUPT_FIT: /* Fixed interval timer on embedded PowerPC */ 2384 env->pending_interrupts &= ~PPC_INTERRUPT_FIT; 2385 powerpc_excp(cpu, POWERPC_EXCP_FIT); 2386 break; 2387 case PPC_INTERRUPT_PIT: /* Programmable interval timer on embedded ppc */ 2388 env->pending_interrupts &= ~PPC_INTERRUPT_PIT; 2389 powerpc_excp(cpu, POWERPC_EXCP_PIT); 2390 break; 2391 case PPC_INTERRUPT_DECR: /* Decrementer exception */ 2392 if (ppc_decr_clear_on_delivery(env)) { 2393 env->pending_interrupts &= ~PPC_INTERRUPT_DECR; 2394 } 2395 powerpc_excp(cpu, POWERPC_EXCP_DECR); 2396 break; 2397 case PPC_INTERRUPT_DOORBELL: 2398 env->pending_interrupts &= ~PPC_INTERRUPT_DOORBELL; 2399 if (is_book3s_arch2x(env)) { 2400 powerpc_excp(cpu, POWERPC_EXCP_SDOOR); 2401 } else { 2402 powerpc_excp(cpu, POWERPC_EXCP_DOORI); 2403 } 2404 break; 2405 case PPC_INTERRUPT_HDOORBELL: 2406 env->pending_interrupts &= ~PPC_INTERRUPT_HDOORBELL; 2407 powerpc_excp(cpu, POWERPC_EXCP_SDOOR_HV); 2408 break; 2409 case PPC_INTERRUPT_PERFM: 2410 env->pending_interrupts &= ~PPC_INTERRUPT_PERFM; 2411 powerpc_excp(cpu, POWERPC_EXCP_PERFM); 2412 break; 2413 case PPC_INTERRUPT_THERM: /* Thermal interrupt */ 2414 env->pending_interrupts &= ~PPC_INTERRUPT_THERM; 2415 powerpc_excp(cpu, POWERPC_EXCP_THERM); 2416 break; 2417 case PPC_INTERRUPT_EBB: /* EBB exception */ 2418 env->pending_interrupts &= ~PPC_INTERRUPT_EBB; 2419 if (env->spr[SPR_BESCR] & BESCR_PMEO) { 2420 powerpc_excp(cpu, POWERPC_EXCP_PERFM_EBB); 2421 } else if (env->spr[SPR_BESCR] & BESCR_EEO) { 2422 powerpc_excp(cpu, POWERPC_EXCP_EXTERNAL_EBB); 2423 } 2424 break; 2425 case 0: 2426 /* 2427 * This is a bug ! It means that has_work took us out of halt without 2428 * anything to deliver while in a PM state that requires getting 2429 * out via a 0x100 2430 * 2431 * This means we will incorrectly execute past the power management 2432 * instruction instead of triggering a reset. 2433 * 2434 * It generally means a discrepancy between the wakeup conditions in the 2435 * processor has_work implementation and the logic in this function. 2436 */ 2437 assert(!env->resume_as_sreset); 2438 break; 2439 default: 2440 cpu_abort(env_cpu(env), "Invalid PowerPC interrupt %d. Aborting\n", 2441 interrupt); 2442 } 2443 } 2444 2445 void ppc_cpu_do_system_reset(CPUState *cs) 2446 { 2447 PowerPCCPU *cpu = POWERPC_CPU(cs); 2448 2449 powerpc_excp(cpu, POWERPC_EXCP_RESET); 2450 } 2451 2452 void ppc_cpu_do_fwnmi_machine_check(CPUState *cs, target_ulong vector) 2453 { 2454 PowerPCCPU *cpu = POWERPC_CPU(cs); 2455 CPUPPCState *env = &cpu->env; 2456 target_ulong msr = 0; 2457 2458 /* 2459 * Set MSR and NIP for the handler, SRR0/1, DAR and DSISR have already 2460 * been set by KVM. 2461 */ 2462 msr = (1ULL << MSR_ME); 2463 msr |= env->msr & (1ULL << MSR_SF); 2464 if (ppc_interrupts_little_endian(cpu, false)) { 2465 msr |= (1ULL << MSR_LE); 2466 } 2467 2468 /* Anything for nested required here? MSR[HV] bit? */ 2469 2470 powerpc_set_excp_state(cpu, vector, msr); 2471 } 2472 2473 bool ppc_cpu_exec_interrupt(CPUState *cs, int interrupt_request) 2474 { 2475 CPUPPCState *env = cpu_env(cs); 2476 int interrupt; 2477 2478 if ((interrupt_request & CPU_INTERRUPT_HARD) == 0) { 2479 return false; 2480 } 2481 2482 interrupt = ppc_next_unmasked_interrupt(env); 2483 if (interrupt == 0) { 2484 return false; 2485 } 2486 2487 ppc_deliver_interrupt(env, interrupt); 2488 if (env->pending_interrupts == 0) { 2489 cpu_reset_interrupt(cs, CPU_INTERRUPT_HARD); 2490 } 2491 return true; 2492 } 2493 2494 #endif /* !CONFIG_USER_ONLY */ 2495 2496 /*****************************************************************************/ 2497 /* Exceptions processing helpers */ 2498 2499 void raise_exception_err_ra(CPUPPCState *env, uint32_t exception, 2500 uint32_t error_code, uintptr_t raddr) 2501 { 2502 CPUState *cs = env_cpu(env); 2503 2504 cs->exception_index = exception; 2505 env->error_code = error_code; 2506 cpu_loop_exit_restore(cs, raddr); 2507 } 2508 2509 void raise_exception_err(CPUPPCState *env, uint32_t exception, 2510 uint32_t error_code) 2511 { 2512 raise_exception_err_ra(env, exception, error_code, 0); 2513 } 2514 2515 void raise_exception(CPUPPCState *env, uint32_t exception) 2516 { 2517 raise_exception_err_ra(env, exception, 0, 0); 2518 } 2519 2520 void raise_exception_ra(CPUPPCState *env, uint32_t exception, 2521 uintptr_t raddr) 2522 { 2523 raise_exception_err_ra(env, exception, 0, raddr); 2524 } 2525 2526 #ifdef CONFIG_TCG 2527 void helper_raise_exception_err(CPUPPCState *env, uint32_t exception, 2528 uint32_t error_code) 2529 { 2530 raise_exception_err_ra(env, exception, error_code, 0); 2531 } 2532 2533 void helper_raise_exception(CPUPPCState *env, uint32_t exception) 2534 { 2535 raise_exception_err_ra(env, exception, 0, 0); 2536 } 2537 2538 #ifndef CONFIG_USER_ONLY 2539 void helper_store_msr(CPUPPCState *env, target_ulong val) 2540 { 2541 uint32_t excp = hreg_store_msr(env, val, 0); 2542 2543 if (excp != 0) { 2544 cpu_interrupt_exittb(env_cpu(env)); 2545 raise_exception(env, excp); 2546 } 2547 } 2548 2549 void helper_ppc_maybe_interrupt(CPUPPCState *env) 2550 { 2551 ppc_maybe_interrupt(env); 2552 } 2553 2554 #ifdef TARGET_PPC64 2555 void helper_scv(CPUPPCState *env, uint32_t lev) 2556 { 2557 if (env->spr[SPR_FSCR] & (1ull << FSCR_SCV)) { 2558 raise_exception_err(env, POWERPC_EXCP_SYSCALL_VECTORED, lev); 2559 } else { 2560 raise_exception_err(env, POWERPC_EXCP_FU, FSCR_IC_SCV); 2561 } 2562 } 2563 2564 void helper_pminsn(CPUPPCState *env, uint32_t insn) 2565 { 2566 CPUState *cs = env_cpu(env); 2567 2568 cs->halted = 1; 2569 2570 /* Condition for waking up at 0x100 */ 2571 env->resume_as_sreset = (insn != PPC_PM_STOP) || 2572 (env->spr[SPR_PSSCR] & PSSCR_EC); 2573 2574 /* HDECR is not to wake from PM state, it may have already fired */ 2575 if (env->resume_as_sreset) { 2576 PowerPCCPU *cpu = env_archcpu(env); 2577 ppc_set_irq(cpu, PPC_INTERRUPT_HDECR, 0); 2578 } 2579 2580 ppc_maybe_interrupt(env); 2581 } 2582 #endif /* TARGET_PPC64 */ 2583 2584 static void do_rfi(CPUPPCState *env, target_ulong nip, target_ulong msr) 2585 { 2586 /* MSR:POW cannot be set by any form of rfi */ 2587 msr &= ~(1ULL << MSR_POW); 2588 2589 /* MSR:TGPR cannot be set by any form of rfi */ 2590 if (env->flags & POWERPC_FLAG_TGPR) 2591 msr &= ~(1ULL << MSR_TGPR); 2592 2593 #ifdef TARGET_PPC64 2594 /* Switching to 32-bit ? Crop the nip */ 2595 if (!msr_is_64bit(env, msr)) { 2596 nip = (uint32_t)nip; 2597 } 2598 #else 2599 nip = (uint32_t)nip; 2600 #endif 2601 /* XXX: beware: this is false if VLE is supported */ 2602 env->nip = nip & ~((target_ulong)0x00000003); 2603 hreg_store_msr(env, msr, 1); 2604 trace_ppc_excp_rfi(env->nip, env->msr); 2605 /* 2606 * No need to raise an exception here, as rfi is always the last 2607 * insn of a TB 2608 */ 2609 cpu_interrupt_exittb(env_cpu(env)); 2610 /* Reset the reservation */ 2611 env->reserve_addr = -1; 2612 2613 /* Context synchronizing: check if TCG TLB needs flush */ 2614 check_tlb_flush(env, false); 2615 } 2616 2617 void helper_rfi(CPUPPCState *env) 2618 { 2619 do_rfi(env, env->spr[SPR_SRR0], env->spr[SPR_SRR1] & 0xfffffffful); 2620 } 2621 2622 #ifdef TARGET_PPC64 2623 void helper_rfid(CPUPPCState *env) 2624 { 2625 /* 2626 * The architecture defines a number of rules for which bits can 2627 * change but in practice, we handle this in hreg_store_msr() 2628 * which will be called by do_rfi(), so there is no need to filter 2629 * here 2630 */ 2631 do_rfi(env, env->spr[SPR_SRR0], env->spr[SPR_SRR1]); 2632 } 2633 2634 void helper_rfscv(CPUPPCState *env) 2635 { 2636 do_rfi(env, env->lr, env->ctr); 2637 } 2638 2639 void helper_hrfid(CPUPPCState *env) 2640 { 2641 do_rfi(env, env->spr[SPR_HSRR0], env->spr[SPR_HSRR1]); 2642 } 2643 2644 void helper_rfebb(CPUPPCState *env, target_ulong s) 2645 { 2646 target_ulong msr = env->msr; 2647 2648 /* 2649 * Handling of BESCR bits 32:33 according to PowerISA v3.1: 2650 * 2651 * "If BESCR 32:33 != 0b00 the instruction is treated as if 2652 * the instruction form were invalid." 2653 */ 2654 if (env->spr[SPR_BESCR] & BESCR_INVALID) { 2655 raise_exception_err(env, POWERPC_EXCP_PROGRAM, 2656 POWERPC_EXCP_INVAL | POWERPC_EXCP_INVAL_INVAL); 2657 } 2658 2659 env->nip = env->spr[SPR_EBBRR]; 2660 2661 /* Switching to 32-bit ? Crop the nip */ 2662 if (!msr_is_64bit(env, msr)) { 2663 env->nip = (uint32_t)env->spr[SPR_EBBRR]; 2664 } 2665 2666 if (s) { 2667 env->spr[SPR_BESCR] |= BESCR_GE; 2668 } else { 2669 env->spr[SPR_BESCR] &= ~BESCR_GE; 2670 } 2671 } 2672 2673 /* 2674 * Triggers or queues an 'ebb_excp' EBB exception. All checks 2675 * but FSCR, HFSCR and msr_pr must be done beforehand. 2676 * 2677 * PowerISA v3.1 isn't clear about whether an EBB should be 2678 * postponed or cancelled if the EBB facility is unavailable. 2679 * Our assumption here is that the EBB is cancelled if both 2680 * FSCR and HFSCR EBB facilities aren't available. 2681 */ 2682 static void do_ebb(CPUPPCState *env, int ebb_excp) 2683 { 2684 PowerPCCPU *cpu = env_archcpu(env); 2685 2686 /* 2687 * FSCR_EBB and FSCR_IC_EBB are the same bits used with 2688 * HFSCR. 2689 */ 2690 helper_fscr_facility_check(env, FSCR_EBB, 0, FSCR_IC_EBB); 2691 helper_hfscr_facility_check(env, FSCR_EBB, "EBB", FSCR_IC_EBB); 2692 2693 if (ebb_excp == POWERPC_EXCP_PERFM_EBB) { 2694 env->spr[SPR_BESCR] |= BESCR_PMEO; 2695 } else if (ebb_excp == POWERPC_EXCP_EXTERNAL_EBB) { 2696 env->spr[SPR_BESCR] |= BESCR_EEO; 2697 } 2698 2699 if (FIELD_EX64(env->msr, MSR, PR)) { 2700 powerpc_excp(cpu, ebb_excp); 2701 } else { 2702 ppc_set_irq(cpu, PPC_INTERRUPT_EBB, 1); 2703 } 2704 } 2705 2706 void raise_ebb_perfm_exception(CPUPPCState *env) 2707 { 2708 bool perfm_ebb_enabled = env->spr[SPR_POWER_MMCR0] & MMCR0_EBE && 2709 env->spr[SPR_BESCR] & BESCR_PME && 2710 env->spr[SPR_BESCR] & BESCR_GE; 2711 2712 if (!perfm_ebb_enabled) { 2713 return; 2714 } 2715 2716 do_ebb(env, POWERPC_EXCP_PERFM_EBB); 2717 } 2718 #endif /* TARGET_PPC64 */ 2719 2720 /*****************************************************************************/ 2721 /* Embedded PowerPC specific helpers */ 2722 void helper_40x_rfci(CPUPPCState *env) 2723 { 2724 do_rfi(env, env->spr[SPR_40x_SRR2], env->spr[SPR_40x_SRR3]); 2725 } 2726 2727 void helper_rfci(CPUPPCState *env) 2728 { 2729 do_rfi(env, env->spr[SPR_BOOKE_CSRR0], env->spr[SPR_BOOKE_CSRR1]); 2730 } 2731 2732 void helper_rfdi(CPUPPCState *env) 2733 { 2734 /* FIXME: choose CSRR1 or DSRR1 based on cpu type */ 2735 do_rfi(env, env->spr[SPR_BOOKE_DSRR0], env->spr[SPR_BOOKE_DSRR1]); 2736 } 2737 2738 void helper_rfmci(CPUPPCState *env) 2739 { 2740 /* FIXME: choose CSRR1 or MCSRR1 based on cpu type */ 2741 do_rfi(env, env->spr[SPR_BOOKE_MCSRR0], env->spr[SPR_BOOKE_MCSRR1]); 2742 } 2743 #endif /* !CONFIG_USER_ONLY */ 2744 2745 void helper_tw(CPUPPCState *env, target_ulong arg1, target_ulong arg2, 2746 uint32_t flags) 2747 { 2748 if (!likely(!(((int32_t)arg1 < (int32_t)arg2 && (flags & 0x10)) || 2749 ((int32_t)arg1 > (int32_t)arg2 && (flags & 0x08)) || 2750 ((int32_t)arg1 == (int32_t)arg2 && (flags & 0x04)) || 2751 ((uint32_t)arg1 < (uint32_t)arg2 && (flags & 0x02)) || 2752 ((uint32_t)arg1 > (uint32_t)arg2 && (flags & 0x01))))) { 2753 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2754 POWERPC_EXCP_TRAP, GETPC()); 2755 } 2756 } 2757 2758 #ifdef TARGET_PPC64 2759 void helper_td(CPUPPCState *env, target_ulong arg1, target_ulong arg2, 2760 uint32_t flags) 2761 { 2762 if (!likely(!(((int64_t)arg1 < (int64_t)arg2 && (flags & 0x10)) || 2763 ((int64_t)arg1 > (int64_t)arg2 && (flags & 0x08)) || 2764 ((int64_t)arg1 == (int64_t)arg2 && (flags & 0x04)) || 2765 ((uint64_t)arg1 < (uint64_t)arg2 && (flags & 0x02)) || 2766 ((uint64_t)arg1 > (uint64_t)arg2 && (flags & 0x01))))) { 2767 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2768 POWERPC_EXCP_TRAP, GETPC()); 2769 } 2770 } 2771 #endif /* TARGET_PPC64 */ 2772 2773 static uint32_t helper_SIMON_LIKE_32_64(uint32_t x, uint64_t key, uint32_t lane) 2774 { 2775 const uint16_t c = 0xfffc; 2776 const uint64_t z0 = 0xfa2561cdf44ac398ULL; 2777 uint16_t z = 0, temp; 2778 uint16_t k[32], eff_k[32], xleft[33], xright[33], fxleft[32]; 2779 2780 for (int i = 3; i >= 0; i--) { 2781 k[i] = key & 0xffff; 2782 key >>= 16; 2783 } 2784 xleft[0] = x & 0xffff; 2785 xright[0] = (x >> 16) & 0xffff; 2786 2787 for (int i = 0; i < 28; i++) { 2788 z = (z0 >> (63 - i)) & 1; 2789 temp = ror16(k[i + 3], 3) ^ k[i + 1]; 2790 k[i + 4] = c ^ z ^ k[i] ^ temp ^ ror16(temp, 1); 2791 } 2792 2793 for (int i = 0; i < 8; i++) { 2794 eff_k[4 * i + 0] = k[4 * i + ((0 + lane) % 4)]; 2795 eff_k[4 * i + 1] = k[4 * i + ((1 + lane) % 4)]; 2796 eff_k[4 * i + 2] = k[4 * i + ((2 + lane) % 4)]; 2797 eff_k[4 * i + 3] = k[4 * i + ((3 + lane) % 4)]; 2798 } 2799 2800 for (int i = 0; i < 32; i++) { 2801 fxleft[i] = (rol16(xleft[i], 1) & 2802 rol16(xleft[i], 8)) ^ rol16(xleft[i], 2); 2803 xleft[i + 1] = xright[i] ^ fxleft[i] ^ eff_k[i]; 2804 xright[i + 1] = xleft[i]; 2805 } 2806 2807 return (((uint32_t)xright[32]) << 16) | xleft[32]; 2808 } 2809 2810 static uint64_t hash_digest(uint64_t ra, uint64_t rb, uint64_t key) 2811 { 2812 uint64_t stage0_h = 0ULL, stage0_l = 0ULL; 2813 uint64_t stage1_h, stage1_l; 2814 2815 for (int i = 0; i < 4; i++) { 2816 stage0_h |= ror64(rb & 0xff, 8 * (2 * i + 1)); 2817 stage0_h |= ((ra >> 32) & 0xff) << (8 * 2 * i); 2818 stage0_l |= ror64((rb >> 32) & 0xff, 8 * (2 * i + 1)); 2819 stage0_l |= (ra & 0xff) << (8 * 2 * i); 2820 rb >>= 8; 2821 ra >>= 8; 2822 } 2823 2824 stage1_h = (uint64_t)helper_SIMON_LIKE_32_64(stage0_h >> 32, key, 0) << 32; 2825 stage1_h |= helper_SIMON_LIKE_32_64(stage0_h, key, 1); 2826 stage1_l = (uint64_t)helper_SIMON_LIKE_32_64(stage0_l >> 32, key, 2) << 32; 2827 stage1_l |= helper_SIMON_LIKE_32_64(stage0_l, key, 3); 2828 2829 return stage1_h ^ stage1_l; 2830 } 2831 2832 static void do_hash(CPUPPCState *env, target_ulong ea, target_ulong ra, 2833 target_ulong rb, uint64_t key, bool store) 2834 { 2835 uint64_t calculated_hash = hash_digest(ra, rb, key), loaded_hash; 2836 2837 if (store) { 2838 cpu_stq_data_ra(env, ea, calculated_hash, GETPC()); 2839 } else { 2840 loaded_hash = cpu_ldq_data_ra(env, ea, GETPC()); 2841 if (loaded_hash != calculated_hash) { 2842 raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM, 2843 POWERPC_EXCP_TRAP, GETPC()); 2844 } 2845 } 2846 } 2847 2848 #include "qemu/guest-random.h" 2849 2850 #ifdef TARGET_PPC64 2851 #define HELPER_HASH(op, key, store, dexcr_aspect) \ 2852 void helper_##op(CPUPPCState *env, target_ulong ea, target_ulong ra, \ 2853 target_ulong rb) \ 2854 { \ 2855 if (env->msr & R_MSR_PR_MASK) { \ 2856 if (!(env->spr[SPR_DEXCR] & R_DEXCR_PRO_##dexcr_aspect##_MASK || \ 2857 env->spr[SPR_HDEXCR] & R_HDEXCR_ENF_##dexcr_aspect##_MASK)) \ 2858 return; \ 2859 } else if (!(env->msr & R_MSR_HV_MASK)) { \ 2860 if (!(env->spr[SPR_DEXCR] & R_DEXCR_PNH_##dexcr_aspect##_MASK || \ 2861 env->spr[SPR_HDEXCR] & R_HDEXCR_ENF_##dexcr_aspect##_MASK)) \ 2862 return; \ 2863 } else if (!(env->msr & R_MSR_S_MASK)) { \ 2864 if (!(env->spr[SPR_HDEXCR] & R_HDEXCR_HNU_##dexcr_aspect##_MASK)) \ 2865 return; \ 2866 } \ 2867 \ 2868 do_hash(env, ea, ra, rb, key, store); \ 2869 } 2870 #else 2871 #define HELPER_HASH(op, key, store, dexcr_aspect) \ 2872 void helper_##op(CPUPPCState *env, target_ulong ea, target_ulong ra, \ 2873 target_ulong rb) \ 2874 { \ 2875 do_hash(env, ea, ra, rb, key, store); \ 2876 } 2877 #endif /* TARGET_PPC64 */ 2878 2879 HELPER_HASH(HASHST, env->spr[SPR_HASHKEYR], true, NPHIE) 2880 HELPER_HASH(HASHCHK, env->spr[SPR_HASHKEYR], false, NPHIE) 2881 HELPER_HASH(HASHSTP, env->spr[SPR_HASHPKEYR], true, PHIE) 2882 HELPER_HASH(HASHCHKP, env->spr[SPR_HASHPKEYR], false, PHIE) 2883 2884 #ifndef CONFIG_USER_ONLY 2885 /* Embedded.Processor Control */ 2886 static int dbell2irq(target_ulong rb) 2887 { 2888 int msg = rb & DBELL_TYPE_MASK; 2889 int irq = -1; 2890 2891 switch (msg) { 2892 case DBELL_TYPE_DBELL: 2893 irq = PPC_INTERRUPT_DOORBELL; 2894 break; 2895 case DBELL_TYPE_DBELL_CRIT: 2896 irq = PPC_INTERRUPT_CDOORBELL; 2897 break; 2898 case DBELL_TYPE_G_DBELL: 2899 case DBELL_TYPE_G_DBELL_CRIT: 2900 case DBELL_TYPE_G_DBELL_MC: 2901 /* XXX implement */ 2902 default: 2903 break; 2904 } 2905 2906 return irq; 2907 } 2908 2909 void helper_msgclr(CPUPPCState *env, target_ulong rb) 2910 { 2911 int irq = dbell2irq(rb); 2912 2913 if (irq < 0) { 2914 return; 2915 } 2916 2917 ppc_set_irq(env_archcpu(env), irq, 0); 2918 } 2919 2920 void helper_msgsnd(target_ulong rb) 2921 { 2922 int irq = dbell2irq(rb); 2923 int pir = rb & DBELL_PIRTAG_MASK; 2924 CPUState *cs; 2925 2926 if (irq < 0) { 2927 return; 2928 } 2929 2930 bql_lock(); 2931 CPU_FOREACH(cs) { 2932 PowerPCCPU *cpu = POWERPC_CPU(cs); 2933 CPUPPCState *cenv = &cpu->env; 2934 2935 if ((rb & DBELL_BRDCAST) || (cenv->spr[SPR_BOOKE_PIR] == pir)) { 2936 ppc_set_irq(cpu, irq, 1); 2937 } 2938 } 2939 bql_unlock(); 2940 } 2941 2942 /* Server Processor Control */ 2943 2944 static bool dbell_type_server(target_ulong rb) 2945 { 2946 /* 2947 * A Directed Hypervisor Doorbell message is sent only if the 2948 * message type is 5. All other types are reserved and the 2949 * instruction is a no-op 2950 */ 2951 return (rb & DBELL_TYPE_MASK) == DBELL_TYPE_DBELL_SERVER; 2952 } 2953 2954 void helper_book3s_msgclr(CPUPPCState *env, target_ulong rb) 2955 { 2956 if (!dbell_type_server(rb)) { 2957 return; 2958 } 2959 2960 ppc_set_irq(env_archcpu(env), PPC_INTERRUPT_HDOORBELL, 0); 2961 } 2962 2963 static void book3s_msgsnd_common(int pir, int irq) 2964 { 2965 CPUState *cs; 2966 2967 bql_lock(); 2968 CPU_FOREACH(cs) { 2969 PowerPCCPU *cpu = POWERPC_CPU(cs); 2970 CPUPPCState *cenv = &cpu->env; 2971 2972 /* TODO: broadcast message to all threads of the same processor */ 2973 if (cenv->spr_cb[SPR_PIR].default_value == pir) { 2974 ppc_set_irq(cpu, irq, 1); 2975 } 2976 } 2977 bql_unlock(); 2978 } 2979 2980 void helper_book3s_msgsnd(target_ulong rb) 2981 { 2982 int pir = rb & DBELL_PROCIDTAG_MASK; 2983 2984 if (!dbell_type_server(rb)) { 2985 return; 2986 } 2987 2988 book3s_msgsnd_common(pir, PPC_INTERRUPT_HDOORBELL); 2989 } 2990 2991 #ifdef TARGET_PPC64 2992 void helper_book3s_msgclrp(CPUPPCState *env, target_ulong rb) 2993 { 2994 helper_hfscr_facility_check(env, HFSCR_MSGP, "msgclrp", HFSCR_IC_MSGP); 2995 2996 if (!dbell_type_server(rb)) { 2997 return; 2998 } 2999 3000 ppc_set_irq(env_archcpu(env), PPC_INTERRUPT_DOORBELL, 0); 3001 } 3002 3003 /* 3004 * sends a message to another thread on the same 3005 * multi-threaded processor 3006 */ 3007 void helper_book3s_msgsndp(CPUPPCState *env, target_ulong rb) 3008 { 3009 CPUState *cs = env_cpu(env); 3010 PowerPCCPU *cpu = env_archcpu(env); 3011 CPUState *ccs; 3012 uint32_t nr_threads = cs->nr_threads; 3013 int ttir = rb & PPC_BITMASK(57, 63); 3014 3015 helper_hfscr_facility_check(env, HFSCR_MSGP, "msgsndp", HFSCR_IC_MSGP); 3016 3017 if (!(env->flags & POWERPC_FLAG_SMT_1LPAR)) { 3018 nr_threads = 1; /* msgsndp behaves as 1-thread in LPAR-per-thread mode*/ 3019 } 3020 3021 if (!dbell_type_server(rb) || ttir >= nr_threads) { 3022 return; 3023 } 3024 3025 if (nr_threads == 1) { 3026 ppc_set_irq(cpu, PPC_INTERRUPT_DOORBELL, 1); 3027 return; 3028 } 3029 3030 /* Does iothread need to be locked for walking CPU list? */ 3031 bql_lock(); 3032 THREAD_SIBLING_FOREACH(cs, ccs) { 3033 PowerPCCPU *ccpu = POWERPC_CPU(ccs); 3034 uint32_t thread_id = ppc_cpu_tir(ccpu); 3035 3036 if (ttir == thread_id) { 3037 ppc_set_irq(ccpu, PPC_INTERRUPT_DOORBELL, 1); 3038 bql_unlock(); 3039 return; 3040 } 3041 } 3042 3043 g_assert_not_reached(); 3044 } 3045 #endif /* TARGET_PPC64 */ 3046 3047 /* Single-step tracing */ 3048 void helper_book3s_trace(CPUPPCState *env, target_ulong prev_ip) 3049 { 3050 uint32_t error_code = 0; 3051 if (env->insns_flags2 & PPC2_ISA207S) { 3052 /* Load/store reporting, SRR1[35, 36] and SDAR, are not implemented. */ 3053 env->spr[SPR_POWER_SIAR] = prev_ip; 3054 error_code = PPC_BIT(33); 3055 } 3056 raise_exception_err(env, POWERPC_EXCP_TRACE, error_code); 3057 } 3058 3059 void ppc_cpu_do_unaligned_access(CPUState *cs, vaddr vaddr, 3060 MMUAccessType access_type, 3061 int mmu_idx, uintptr_t retaddr) 3062 { 3063 CPUPPCState *env = cpu_env(cs); 3064 uint32_t insn; 3065 3066 /* Restore state and reload the insn we executed, for filling in DSISR. */ 3067 cpu_restore_state(cs, retaddr); 3068 insn = ppc_ldl_code(env, env->nip); 3069 3070 switch (env->mmu_model) { 3071 case POWERPC_MMU_SOFT_4xx: 3072 env->spr[SPR_40x_DEAR] = vaddr; 3073 break; 3074 case POWERPC_MMU_BOOKE: 3075 case POWERPC_MMU_BOOKE206: 3076 env->spr[SPR_BOOKE_DEAR] = vaddr; 3077 break; 3078 default: 3079 env->spr[SPR_DAR] = vaddr; 3080 break; 3081 } 3082 3083 cs->exception_index = POWERPC_EXCP_ALIGN; 3084 env->error_code = insn & 0x03FF0000; 3085 cpu_loop_exit(cs); 3086 } 3087 3088 void ppc_cpu_do_transaction_failed(CPUState *cs, hwaddr physaddr, 3089 vaddr vaddr, unsigned size, 3090 MMUAccessType access_type, 3091 int mmu_idx, MemTxAttrs attrs, 3092 MemTxResult response, uintptr_t retaddr) 3093 { 3094 CPUPPCState *env = cpu_env(cs); 3095 3096 switch (env->excp_model) { 3097 #if defined(TARGET_PPC64) 3098 case POWERPC_EXCP_POWER8: 3099 case POWERPC_EXCP_POWER9: 3100 case POWERPC_EXCP_POWER10: 3101 /* 3102 * Machine check codes can be found in processor User Manual or 3103 * Linux or skiboot source. 3104 */ 3105 if (access_type == MMU_DATA_LOAD) { 3106 env->spr[SPR_DAR] = vaddr; 3107 env->spr[SPR_DSISR] = PPC_BIT(57); 3108 env->error_code = PPC_BIT(42); 3109 3110 } else if (access_type == MMU_DATA_STORE) { 3111 /* 3112 * MCE for stores in POWER is asynchronous so hardware does 3113 * not set DAR, but QEMU can do better. 3114 */ 3115 env->spr[SPR_DAR] = vaddr; 3116 env->error_code = PPC_BIT(36) | PPC_BIT(43) | PPC_BIT(45); 3117 env->error_code |= PPC_BIT(42); 3118 3119 } else { /* Fetch */ 3120 /* 3121 * is_prefix_insn_excp() tests !PPC_BIT(42) to avoid fetching 3122 * the instruction, so that must always be clear for fetches. 3123 */ 3124 env->error_code = PPC_BIT(36) | PPC_BIT(44) | PPC_BIT(45); 3125 } 3126 break; 3127 #endif 3128 default: 3129 /* 3130 * TODO: Check behaviour for other CPUs, for now do nothing. 3131 * Could add a basic MCE even if real hardware ignores. 3132 */ 3133 return; 3134 } 3135 3136 cs->exception_index = POWERPC_EXCP_MCHECK; 3137 cpu_loop_exit_restore(cs, retaddr); 3138 } 3139 3140 void ppc_cpu_debug_excp_handler(CPUState *cs) 3141 { 3142 #if defined(TARGET_PPC64) 3143 CPUPPCState *env = cpu_env(cs); 3144 3145 if (env->insns_flags2 & PPC2_ISA207S) { 3146 if (cs->watchpoint_hit) { 3147 if (cs->watchpoint_hit->flags & BP_CPU) { 3148 env->spr[SPR_DAR] = cs->watchpoint_hit->hitaddr; 3149 env->spr[SPR_DSISR] = PPC_BIT(41); 3150 cs->watchpoint_hit = NULL; 3151 raise_exception(env, POWERPC_EXCP_DSI); 3152 } 3153 cs->watchpoint_hit = NULL; 3154 } else if (cpu_breakpoint_test(cs, env->nip, BP_CPU)) { 3155 raise_exception_err(env, POWERPC_EXCP_TRACE, 3156 PPC_BIT(33) | PPC_BIT(43)); 3157 } 3158 } 3159 #endif 3160 } 3161 3162 bool ppc_cpu_debug_check_breakpoint(CPUState *cs) 3163 { 3164 #if defined(TARGET_PPC64) 3165 CPUPPCState *env = cpu_env(cs); 3166 3167 if (env->insns_flags2 & PPC2_ISA207S) { 3168 target_ulong priv; 3169 3170 priv = env->spr[SPR_CIABR] & PPC_BITMASK(62, 63); 3171 switch (priv) { 3172 case 0x1: /* problem */ 3173 return env->msr & ((target_ulong)1 << MSR_PR); 3174 case 0x2: /* supervisor */ 3175 return (!(env->msr & ((target_ulong)1 << MSR_PR)) && 3176 !(env->msr & ((target_ulong)1 << MSR_HV))); 3177 case 0x3: /* hypervisor */ 3178 return (!(env->msr & ((target_ulong)1 << MSR_PR)) && 3179 (env->msr & ((target_ulong)1 << MSR_HV))); 3180 default: 3181 g_assert_not_reached(); 3182 } 3183 } 3184 #endif 3185 3186 return false; 3187 } 3188 3189 bool ppc_cpu_debug_check_watchpoint(CPUState *cs, CPUWatchpoint *wp) 3190 { 3191 #if defined(TARGET_PPC64) 3192 CPUPPCState *env = cpu_env(cs); 3193 3194 if (env->insns_flags2 & PPC2_ISA207S) { 3195 if (wp == env->dawr0_watchpoint) { 3196 uint32_t dawrx = env->spr[SPR_DAWRX0]; 3197 bool wt = extract32(dawrx, PPC_BIT_NR(59), 1); 3198 bool wti = extract32(dawrx, PPC_BIT_NR(60), 1); 3199 bool hv = extract32(dawrx, PPC_BIT_NR(61), 1); 3200 bool sv = extract32(dawrx, PPC_BIT_NR(62), 1); 3201 bool pr = extract32(dawrx, PPC_BIT_NR(62), 1); 3202 3203 if ((env->msr & ((target_ulong)1 << MSR_PR)) && !pr) { 3204 return false; 3205 } else if ((env->msr & ((target_ulong)1 << MSR_HV)) && !hv) { 3206 return false; 3207 } else if (!sv) { 3208 return false; 3209 } 3210 3211 if (!wti) { 3212 if (env->msr & ((target_ulong)1 << MSR_DR)) { 3213 if (!wt) { 3214 return false; 3215 } 3216 } else { 3217 if (wt) { 3218 return false; 3219 } 3220 } 3221 } 3222 3223 return true; 3224 } 3225 } 3226 #endif 3227 3228 return false; 3229 } 3230 3231 #endif /* !CONFIG_USER_ONLY */ 3232 #endif /* CONFIG_TCG */ 3233