| Message ID | 20211128135255.22089-2-liweiwei@iscas.ac.cn (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | support subsets of virtual memory extension | expand |
On Sun, Nov 28, 2021 at 11:54 PM liweiwei <liweiwei@iscas.ac.cn> wrote: > Can you add a commit message that describes what you are changing? Alistair > Signed-off-by: liweiwei <liweiwei@iscas.ac.cn> > Signed-off-by: wangjunqiang <wangjunqiang@iscas.ac.cn> > --- > target/riscv/cpu_bits.h | 1 + > target/riscv/cpu_helper.c | 18 ++++++++++++------ > 2 files changed, 13 insertions(+), 6 deletions(-) > > diff --git a/target/riscv/cpu_bits.h b/target/riscv/cpu_bits.h > index 9913fa9f77..70391424b0 100644 > --- a/target/riscv/cpu_bits.h > +++ b/target/riscv/cpu_bits.h > @@ -473,6 +473,7 @@ typedef enum { > #define PTE_A 0x040 /* Accessed */ > #define PTE_D 0x080 /* Dirty */ > #define PTE_SOFT 0x300 /* Reserved for Software */ > +#define PTE_N 0x8000000000000000 > > /* Page table PPN shift amount */ > #define PTE_PPN_SHIFT 10 > diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c > index 9eeed38c7e..e68db3e119 100644 > --- a/target/riscv/cpu_helper.c > +++ b/target/riscv/cpu_helper.c > @@ -588,7 +588,7 @@ restart: > return TRANSLATE_FAIL; > } > > - hwaddr ppn = pte >> PTE_PPN_SHIFT; > + hwaddr ppn = (pte & ~(target_ulong)PTE_N) >> PTE_PPN_SHIFT; > > if (!(pte & PTE_V)) { > /* Invalid PTE */ > @@ -668,8 +668,17 @@ restart: > /* for superpage mappings, make a fake leaf PTE for the TLB's > benefit. */ > target_ulong vpn = addr >> PGSHIFT; > - *physical = ((ppn | (vpn & ((1L << ptshift) - 1))) << PGSHIFT) | > - (addr & ~TARGET_PAGE_MASK); > + > + int napot_bits = ((pte & PTE_N) ? (ctzl(ppn) + 1) : 0); > + if (((pte & PTE_N) && ((ppn == 0) || (i != (levels - 1)))) || > + (napot_bits != 0 && napot_bits != 4)) { > + return TRANSLATE_FAIL; > + } > + > + *physical = (((ppn & ~(((target_ulong)1 << napot_bits) - 1)) | > + (vpn & (((target_ulong)1 << napot_bits) - 1)) | > + (vpn & (((target_ulong)1 << ptshift) - 1)) > + ) << PGSHIFT) | (addr & ~TARGET_PAGE_MASK); > > /* set permissions on the TLB entry */ > if ((pte & PTE_R) || ((pte & PTE_X) && mxr)) { > @@ -856,7 +865,6 @@ bool riscv_cpu_tlb_fill(CPUState *cs, vaddr address, int size, > ret = get_physical_address(env, &pa, &prot, address, > &env->guest_phys_fault_addr, access_type, > mmu_idx, true, true, false); > - > /* > * A G-stage exception may be triggered during two state lookup. > * And the env->guest_phys_fault_addr has already been set in > @@ -879,7 +887,6 @@ bool riscv_cpu_tlb_fill(CPUState *cs, vaddr address, int size, > ret = get_physical_address(env, &pa, &prot2, im_address, NULL, > access_type, mmu_idx, false, true, > false); > - > qemu_log_mask(CPU_LOG_MMU, > "%s 2nd-stage address=%" VADDR_PRIx " ret %d physical " > TARGET_FMT_plx " prot %d\n", > @@ -914,7 +921,6 @@ bool riscv_cpu_tlb_fill(CPUState *cs, vaddr address, int size, > /* Single stage lookup */ > ret = get_physical_address(env, &pa, &prot, address, NULL, > access_type, mmu_idx, true, false, false); > - > qemu_log_mask(CPU_LOG_MMU, > "%s address=%" VADDR_PRIx " ret %d physical " > TARGET_FMT_plx " prot %d\n", > -- > 2.17.1 > >
diff --git a/target/riscv/cpu_bits.h b/target/riscv/cpu_bits.h index 9913fa9f77..70391424b0 100644 --- a/target/riscv/cpu_bits.h +++ b/target/riscv/cpu_bits.h @@ -473,6 +473,7 @@ typedef enum { #define PTE_A 0x040 /* Accessed */ #define PTE_D 0x080 /* Dirty */ #define PTE_SOFT 0x300 /* Reserved for Software */ +#define PTE_N 0x8000000000000000 /* Page table PPN shift amount */ #define PTE_PPN_SHIFT 10 diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index 9eeed38c7e..e68db3e119 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -588,7 +588,7 @@ restart: return TRANSLATE_FAIL; } - hwaddr ppn = pte >> PTE_PPN_SHIFT; + hwaddr ppn = (pte & ~(target_ulong)PTE_N) >> PTE_PPN_SHIFT; if (!(pte & PTE_V)) { /* Invalid PTE */ @@ -668,8 +668,17 @@ restart: /* for superpage mappings, make a fake leaf PTE for the TLB's benefit. */ target_ulong vpn = addr >> PGSHIFT; - *physical = ((ppn | (vpn & ((1L << ptshift) - 1))) << PGSHIFT) | - (addr & ~TARGET_PAGE_MASK); + + int napot_bits = ((pte & PTE_N) ? (ctzl(ppn) + 1) : 0); + if (((pte & PTE_N) && ((ppn == 0) || (i != (levels - 1)))) || + (napot_bits != 0 && napot_bits != 4)) { + return TRANSLATE_FAIL; + } + + *physical = (((ppn & ~(((target_ulong)1 << napot_bits) - 1)) | + (vpn & (((target_ulong)1 << napot_bits) - 1)) | + (vpn & (((target_ulong)1 << ptshift) - 1)) + ) << PGSHIFT) | (addr & ~TARGET_PAGE_MASK); /* set permissions on the TLB entry */ if ((pte & PTE_R) || ((pte & PTE_X) && mxr)) { @@ -856,7 +865,6 @@ bool riscv_cpu_tlb_fill(CPUState *cs, vaddr address, int size, ret = get_physical_address(env, &pa, &prot, address, &env->guest_phys_fault_addr, access_type, mmu_idx, true, true, false); - /* * A G-stage exception may be triggered during two state lookup. * And the env->guest_phys_fault_addr has already been set in @@ -879,7 +887,6 @@ bool riscv_cpu_tlb_fill(CPUState *cs, vaddr address, int size, ret = get_physical_address(env, &pa, &prot2, im_address, NULL, access_type, mmu_idx, false, true, false); - qemu_log_mask(CPU_LOG_MMU, "%s 2nd-stage address=%" VADDR_PRIx " ret %d physical " TARGET_FMT_plx " prot %d\n", @@ -914,7 +921,6 @@ bool riscv_cpu_tlb_fill(CPUState *cs, vaddr address, int size, /* Single stage lookup */ ret = get_physical_address(env, &pa, &prot, address, NULL, access_type, mmu_idx, true, false, false); - qemu_log_mask(CPU_LOG_MMU, "%s address=%" VADDR_PRIx " ret %d physical " TARGET_FMT_plx " prot %d\n",