From patchwork Mon Mar 30 21:03:57 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 11466331 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 3269E92C for ; Mon, 30 Mar 2020 21:05:37 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id E742A20714 for ; Mon, 30 Mar 2020 21:05:36 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b="BehRr1B/" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org E742A20714 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Received: from localhost ([::1]:56872 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jJ1bD-00007t-VJ for patchwork-qemu-devel@patchwork.kernel.org; Mon, 30 Mar 2020 17:05:36 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:40521) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jJ1Zn-0006Xg-7d for qemu-devel@nongnu.org; Mon, 30 Mar 2020 17:04:09 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1jJ1Zl-0002e5-2v for qemu-devel@nongnu.org; Mon, 30 Mar 2020 17:04:07 -0400 Received: from mail-wr1-x436.google.com ([2a00:1450:4864:20::436]:45342) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1jJ1Zk-0002ce-Ri for qemu-devel@nongnu.org; Mon, 30 Mar 2020 17:04:05 -0400 Received: by mail-wr1-x436.google.com with SMTP id t7so23376219wrw.12 for ; Mon, 30 Mar 2020 14:04:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=maDxHRQgUTyGHtgfNmBH3SMWBSsRWF4my9ElKI8izmE=; b=BehRr1B/iDPEnX2zz8ca7W0hA01T40trml7jpUXnqbSmELB3KaL5HdbWunIVyA0xFY K5dhX+X2Ej2R5fgFPY9uN407QNoMX7146Ui3zTjj782qJFOGnmdglCHT+b2bDoC9mDfc qIk0VLfNr8bB8TnYyyXJbelG2FKdMn3yd3ZGL+fXzXGSorBEZsWr6fj4j00OQ9opYXcz mIjiYkVlAqjNVxvTAzk+rX7TpBbM6lIwQt8XsWDz29EB1MOwsucFSpqVF3+k8GS53ymt PtzrLaw5++OfnNqIfjY9CcnMvAuZ2LduZL1vwSzo3NmKYTXeHdLaPACpull7RdiB8mmf leQA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=maDxHRQgUTyGHtgfNmBH3SMWBSsRWF4my9ElKI8izmE=; b=E8RxfjPPh4WpSB823TIU0d8yz6Kf0l8jsLN9V/rvwnx3IjGLQ2am09sMO+Ztrxv7kb 5j6yDZJ929Wg5pYMjIy3mYG2EaOjL7YsgOilbmWMHJ8/U2xRNIWvXyfjyVafAS5LoAbs dfu5+IU7BQH1qb+Mh1RJdkQ/JlWzZVM6An6CPLf6lfaYBgZZsIh0flVUcHU6+SMUYJzq xXqFODlLqV0SV7sGuYhJPyuXxkj31JjDpejfAxRr4Ovp05Z5Q+7/K1RM8bNeCsrIkfgV NJDZX/fnusdKLtZrOoTzR5QDkCoGTdfamoapS9DgP8JyAe8EHFIBzWZZ4c3sANY0jDHL LsyA== X-Gm-Message-State: ANhLgQ2h6LjnGwvBA2wpdCa57koW18OpPl5zkw3ZZWNSSHFEFAAuT4ub pu9bCmjIS2KTNXHqPQ9ERVYhRQ== X-Google-Smtp-Source: ADFU+vuiTu/GVxnSGV0GhkxOiYmSHrEHDFvsPyS2hTJajMGXW/WK03vhufrTUK+b3af3WdI6NBD5bQ== X-Received: by 2002:adf:e60c:: with SMTP id p12mr4674892wrm.219.1585602243550; Mon, 30 Mar 2020 14:04:03 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [81.2.115.148]) by smtp.gmail.com with ESMTPSA id p21sm1012700wma.0.2020.03.30.14.04.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 30 Mar 2020 14:04:03 -0700 (PDT) From: Peter Maydell To: qemu-arm@nongnu.org, qemu-devel@nongnu.org Subject: [PATCH 1/4] target/arm: Don't use a TLB for ARMMMUIdx_Stage2 Date: Mon, 30 Mar 2020 22:03:57 +0100 Message-Id: <20200330210400.11724-2-peter.maydell@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200330210400.11724-1-peter.maydell@linaro.org> References: <20200330210400.11724-1-peter.maydell@linaro.org> MIME-Version: 1.0 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:4864:20::436 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Richard Henderson Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" We define ARMMMUIdx_Stage2 as being an MMU index which uses a QEMU TLB. However we never actually use the TLB -- all stage 2 lookups are done by direct calls to get_phys_addr_lpae() followed by a physical address load via address_space_ld*(). Remove Stage2 from the list of ARM MMU indexes which correspond to real core MMU indexes, and instead put it in the set of "NOTLB" ARM MMU indexes. This allows us to drop NB_MMU_MODES to 11. It also means we can safely add support for the ARMv8.3-TTS2UXN extension, which adds permission bits to the stage 2 descriptors which define execute permission separatel for EL0 and EL1; supporting that while keeping Stage2 in a QEMU TLB would require us to use separate TLBs for "Stage2 for an EL0 access" and "Stage2 for an EL1 access", which is a lot of extra complication given we aren't even using the QEMU TLB. In the process of updating the comment on our MMU index use, fix a couple of other minor errors: * NS EL2 EL2&0 was missing from the list in the comment * some text hadn't been updated from when we bumped NB_MMU_MODES above 8 Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson --- target/arm/cpu-param.h | 2 +- target/arm/cpu.h | 21 +++++--- target/arm/helper.c | 112 ++++------------------------------------- 3 files changed, 27 insertions(+), 108 deletions(-) diff --git a/target/arm/cpu-param.h b/target/arm/cpu-param.h index d593b60b28d..6321385b469 100644 --- a/target/arm/cpu-param.h +++ b/target/arm/cpu-param.h @@ -29,6 +29,6 @@ # define TARGET_PAGE_BITS_MIN 10 #endif -#define NB_MMU_MODES 12 +#define NB_MMU_MODES 11 #endif diff --git a/target/arm/cpu.h b/target/arm/cpu.h index 8b9f2961ba0..fe03a74bf08 100644 --- a/target/arm/cpu.h +++ b/target/arm/cpu.h @@ -2801,6 +2801,9 @@ bool write_cpustate_to_list(ARMCPU *cpu, bool kvm_sync); * handling via the TLB. The only way to do a stage 1 translation without * the immediate stage 2 translation is via the ATS or AT system insns, * which can be slow-pathed and always do a page table walk. + * The only use of stage 2 translations is either as part of an s1+2 + * lookup or when loading the descriptors during a stage 1 page table walk, + * and in both those cases we don't use the TLB. * 4. we can also safely fold together the "32 bit EL3" and "64 bit EL3" * translation regimes, because they map reasonably well to each other * and they can't both be active at the same time. @@ -2816,15 +2819,15 @@ bool write_cpustate_to_list(ARMCPU *cpu, bool kvm_sync); * NS EL1 EL1&0 stage 1+2 (aka NS PL1) * NS EL1 EL1&0 stage 1+2 +PAN * NS EL0 EL2&0 + * NS EL2 EL2&0 * NS EL2 EL2&0 +PAN * NS EL2 (aka NS PL2) * S EL0 EL1&0 (aka S PL0) * S EL1 EL1&0 (not used if EL3 is 32 bit) * S EL1 EL1&0 +PAN * S EL3 (aka S PL1) - * NS EL1&0 stage 2 * - * for a total of 12 different mmu_idx. + * for a total of 11 different mmu_idx. * * R profile CPUs have an MPU, but can use the same set of MMU indexes * as A profile. They only need to distinguish NS EL0 and NS EL1 (and @@ -2846,7 +2849,8 @@ bool write_cpustate_to_list(ARMCPU *cpu, bool kvm_sync); * are not quite the same -- different CPU types (most notably M profile * vs A/R profile) would like to use MMU indexes with different semantics, * but since we don't ever need to use all of those in a single CPU we - * can avoid setting NB_MMU_MODES to more than 8. The lower bits of + * can avoid having to set NB_MMU_MODES to "total number of A profile MMU + * modes + total number of M profile MMU modes". The lower bits of * ARMMMUIdx are the core TLB mmu index, and the higher bits are always * the same for any particular CPU. * Variables of type ARMMUIdx are always full values, and the core @@ -2894,8 +2898,6 @@ typedef enum ARMMMUIdx { ARMMMUIdx_SE10_1_PAN = 9 | ARM_MMU_IDX_A, ARMMMUIdx_SE3 = 10 | ARM_MMU_IDX_A, - ARMMMUIdx_Stage2 = 11 | ARM_MMU_IDX_A, - /* * These are not allocated TLBs and are used only for AT system * instructions or for the first stage of an S12 page table walk. @@ -2903,6 +2905,14 @@ typedef enum ARMMMUIdx { ARMMMUIdx_Stage1_E0 = 0 | ARM_MMU_IDX_NOTLB, ARMMMUIdx_Stage1_E1 = 1 | ARM_MMU_IDX_NOTLB, ARMMMUIdx_Stage1_E1_PAN = 2 | ARM_MMU_IDX_NOTLB, + /* + * Not allocated a TLB: used only for second stage of an S12 page + * table walk, or for descriptor loads during first stage of an S1 + * page table walk. Note that if we ever want to have a TLB for this + * then various TLB flush insns which currently are no-ops or flush + * only stage 1 MMU indexes will need to change to flush stage 2. + */ + ARMMMUIdx_Stage2 = 3 | ARM_MMU_IDX_NOTLB, /* * M-profile. @@ -2936,7 +2946,6 @@ typedef enum ARMMMUIdxBit { TO_CORE_BIT(SE10_1), TO_CORE_BIT(SE10_1_PAN), TO_CORE_BIT(SE3), - TO_CORE_BIT(Stage2), TO_CORE_BIT(MUser), TO_CORE_BIT(MPriv), diff --git a/target/arm/helper.c b/target/arm/helper.c index ed7eb8ab54e..a0b3082aad9 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -814,8 +814,7 @@ static void tlbiall_nsnh_write(CPUARMState *env, const ARMCPRegInfo *ri, tlb_flush_by_mmuidx(cs, ARMMMUIdxBit_E10_1 | ARMMMUIdxBit_E10_1_PAN | - ARMMMUIdxBit_E10_0 | - ARMMMUIdxBit_Stage2); + ARMMMUIdxBit_E10_0); } static void tlbiall_nsnh_is_write(CPUARMState *env, const ARMCPRegInfo *ri, @@ -826,46 +825,9 @@ static void tlbiall_nsnh_is_write(CPUARMState *env, const ARMCPRegInfo *ri, tlb_flush_by_mmuidx_all_cpus_synced(cs, ARMMMUIdxBit_E10_1 | ARMMMUIdxBit_E10_1_PAN | - ARMMMUIdxBit_E10_0 | - ARMMMUIdxBit_Stage2); + ARMMMUIdxBit_E10_0); } -static void tlbiipas2_write(CPUARMState *env, const ARMCPRegInfo *ri, - uint64_t value) -{ - /* Invalidate by IPA. This has to invalidate any structures that - * contain only stage 2 translation information, but does not need - * to apply to structures that contain combined stage 1 and stage 2 - * translation information. - * This must NOP if EL2 isn't implemented or SCR_EL3.NS is zero. - */ - CPUState *cs = env_cpu(env); - uint64_t pageaddr; - - if (!arm_feature(env, ARM_FEATURE_EL2) || !(env->cp15.scr_el3 & SCR_NS)) { - return; - } - - pageaddr = sextract64(value << 12, 0, 40); - - tlb_flush_page_by_mmuidx(cs, pageaddr, ARMMMUIdxBit_Stage2); -} - -static void tlbiipas2_is_write(CPUARMState *env, const ARMCPRegInfo *ri, - uint64_t value) -{ - CPUState *cs = env_cpu(env); - uint64_t pageaddr; - - if (!arm_feature(env, ARM_FEATURE_EL2) || !(env->cp15.scr_el3 & SCR_NS)) { - return; - } - - pageaddr = sextract64(value << 12, 0, 40); - - tlb_flush_page_by_mmuidx_all_cpus_synced(cs, pageaddr, - ARMMMUIdxBit_Stage2); -} static void tlbiall_hyp_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value) @@ -4038,8 +4000,7 @@ static void vttbr_write(CPUARMState *env, const ARMCPRegInfo *ri, tlb_flush_by_mmuidx(cs, ARMMMUIdxBit_E10_1 | ARMMMUIdxBit_E10_1_PAN | - ARMMMUIdxBit_E10_0 | - ARMMMUIdxBit_Stage2); + ARMMMUIdxBit_E10_0); raw_write(env, ri, value); } } @@ -4521,11 +4482,6 @@ static int alle1_tlbmask(CPUARMState *env) return ARMMMUIdxBit_SE10_1 | ARMMMUIdxBit_SE10_1_PAN | ARMMMUIdxBit_SE10_0; - } else if (arm_feature(env, ARM_FEATURE_EL2)) { - return ARMMMUIdxBit_E10_1 | - ARMMMUIdxBit_E10_1_PAN | - ARMMMUIdxBit_E10_0 | - ARMMMUIdxBit_Stage2; } else { return ARMMMUIdxBit_E10_1 | ARMMMUIdxBit_E10_1_PAN | @@ -4672,44 +4628,6 @@ static void tlbi_aa64_vae3is_write(CPUARMState *env, const ARMCPRegInfo *ri, ARMMMUIdxBit_SE3); } -static void tlbi_aa64_ipas2e1_write(CPUARMState *env, const ARMCPRegInfo *ri, - uint64_t value) -{ - /* Invalidate by IPA. This has to invalidate any structures that - * contain only stage 2 translation information, but does not need - * to apply to structures that contain combined stage 1 and stage 2 - * translation information. - * This must NOP if EL2 isn't implemented or SCR_EL3.NS is zero. - */ - ARMCPU *cpu = env_archcpu(env); - CPUState *cs = CPU(cpu); - uint64_t pageaddr; - - if (!arm_feature(env, ARM_FEATURE_EL2) || !(env->cp15.scr_el3 & SCR_NS)) { - return; - } - - pageaddr = sextract64(value << 12, 0, 48); - - tlb_flush_page_by_mmuidx(cs, pageaddr, ARMMMUIdxBit_Stage2); -} - -static void tlbi_aa64_ipas2e1is_write(CPUARMState *env, const ARMCPRegInfo *ri, - uint64_t value) -{ - CPUState *cs = env_cpu(env); - uint64_t pageaddr; - - if (!arm_feature(env, ARM_FEATURE_EL2) || !(env->cp15.scr_el3 & SCR_NS)) { - return; - } - - pageaddr = sextract64(value << 12, 0, 48); - - tlb_flush_page_by_mmuidx_all_cpus_synced(cs, pageaddr, - ARMMMUIdxBit_Stage2); -} - static CPAccessResult aa64_zva_access(CPUARMState *env, const ARMCPRegInfo *ri, bool isread) { @@ -4948,12 +4866,10 @@ static const ARMCPRegInfo v8_cp_reginfo[] = { .writefn = tlbi_aa64_vae1_write }, { .name = "TLBI_IPAS2E1IS", .state = ARM_CP_STATE_AA64, .opc0 = 1, .opc1 = 4, .crn = 8, .crm = 0, .opc2 = 1, - .access = PL2_W, .type = ARM_CP_NO_RAW, - .writefn = tlbi_aa64_ipas2e1is_write }, + .access = PL2_W, .type = ARM_CP_NOP }, { .name = "TLBI_IPAS2LE1IS", .state = ARM_CP_STATE_AA64, .opc0 = 1, .opc1 = 4, .crn = 8, .crm = 0, .opc2 = 5, - .access = PL2_W, .type = ARM_CP_NO_RAW, - .writefn = tlbi_aa64_ipas2e1is_write }, + .access = PL2_W, .type = ARM_CP_NOP }, { .name = "TLBI_ALLE1IS", .state = ARM_CP_STATE_AA64, .opc0 = 1, .opc1 = 4, .crn = 8, .crm = 3, .opc2 = 4, .access = PL2_W, .type = ARM_CP_NO_RAW, @@ -4964,12 +4880,10 @@ static const ARMCPRegInfo v8_cp_reginfo[] = { .writefn = tlbi_aa64_alle1is_write }, { .name = "TLBI_IPAS2E1", .state = ARM_CP_STATE_AA64, .opc0 = 1, .opc1 = 4, .crn = 8, .crm = 4, .opc2 = 1, - .access = PL2_W, .type = ARM_CP_NO_RAW, - .writefn = tlbi_aa64_ipas2e1_write }, + .access = PL2_W, .type = ARM_CP_NOP }, { .name = "TLBI_IPAS2LE1", .state = ARM_CP_STATE_AA64, .opc0 = 1, .opc1 = 4, .crn = 8, .crm = 4, .opc2 = 5, - .access = PL2_W, .type = ARM_CP_NO_RAW, - .writefn = tlbi_aa64_ipas2e1_write }, + .access = PL2_W, .type = ARM_CP_NOP }, { .name = "TLBI_ALLE1", .state = ARM_CP_STATE_AA64, .opc0 = 1, .opc1 = 4, .crn = 8, .crm = 7, .opc2 = 4, .access = PL2_W, .type = ARM_CP_NO_RAW, @@ -5050,20 +4964,16 @@ static const ARMCPRegInfo v8_cp_reginfo[] = { .writefn = tlbimva_hyp_is_write }, { .name = "TLBIIPAS2", .cp = 15, .opc1 = 4, .crn = 8, .crm = 4, .opc2 = 1, - .type = ARM_CP_NO_RAW, .access = PL2_W, - .writefn = tlbiipas2_write }, + .type = ARM_CP_NOP, .access = PL2_W }, { .name = "TLBIIPAS2IS", .cp = 15, .opc1 = 4, .crn = 8, .crm = 0, .opc2 = 1, - .type = ARM_CP_NO_RAW, .access = PL2_W, - .writefn = tlbiipas2_is_write }, + .type = ARM_CP_NOP, .access = PL2_W }, { .name = "TLBIIPAS2L", .cp = 15, .opc1 = 4, .crn = 8, .crm = 4, .opc2 = 5, - .type = ARM_CP_NO_RAW, .access = PL2_W, - .writefn = tlbiipas2_write }, + .type = ARM_CP_NOP, .access = PL2_W }, { .name = "TLBIIPAS2LIS", .cp = 15, .opc1 = 4, .crn = 8, .crm = 0, .opc2 = 5, - .type = ARM_CP_NO_RAW, .access = PL2_W, - .writefn = tlbiipas2_is_write }, + .type = ARM_CP_NOP, .access = PL2_W }, /* 32 bit cache operations */ { .name = "ICIALLUIS", .cp = 15, .opc1 = 0, .crn = 7, .crm = 1, .opc2 = 0, .type = ARM_CP_NOP, .access = PL1_W, .accessfn = aa64_cacheop_pou_access }, From patchwork Mon Mar 30 21:03:58 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 11466335 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id BFF3781 for ; Mon, 30 Mar 2020 21:07:05 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 9389520757 for ; Mon, 30 Mar 2020 21:07:05 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b="WkaCBPWd" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 9389520757 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Received: from localhost ([::1]:56916 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jJ1ce-000235-Oz for patchwork-qemu-devel@patchwork.kernel.org; Mon, 30 Mar 2020 17:07:04 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:40515) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jJ1Zm-0006Xd-Vo for qemu-devel@nongnu.org; Mon, 30 Mar 2020 17:04:07 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1jJ1Zl-0002f6-MT for qemu-devel@nongnu.org; Mon, 30 Mar 2020 17:04:06 -0400 Received: from mail-wm1-x342.google.com ([2a00:1450:4864:20::342]:54564) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1jJ1Zl-0002dp-Gl for qemu-devel@nongnu.org; Mon, 30 Mar 2020 17:04:05 -0400 Received: by mail-wm1-x342.google.com with SMTP id c81so332443wmd.4 for ; Mon, 30 Mar 2020 14:04:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=WqiXoh1J9BtTrhWN+j6OnxXdf1TSrsiVrhfZHgXBlRg=; b=WkaCBPWdeWkGfQl3m6Ac54Yce0SfMAhgkIU6+WnBNE2YJfT/UrJshpd0XXTYg8vdK+ wReBJ++ZYJGPBw++tT2TBa1BPxeiFteVJMpbHKmClijog2Ol4sXixnoJ5OAtlc9atpcc FyrC2icPeCzojsiXuT2nZJr3aejx41j2efLKzSO0+54JED89HLG5A0K59UbMSBtym1jc 2icoqOJm2YW2u2No5oNASK5swu9HkAGRNqO0SY0CGy2Vl3OnQMbzd5Hc1EJdTrttcDyL GcpcJMD7sanLy/socn1E6PSH1KAySmWhJnkhDa9WRN2yfZnOJVmp2zI3ll3OXo15INqb yj3w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=WqiXoh1J9BtTrhWN+j6OnxXdf1TSrsiVrhfZHgXBlRg=; b=BdifgRYk5dipf9kwmxX7vN0A/qFZVDw3xAY9LdhhJ0J2xKmpP0NQALJlu1KgwwFQC/ cHa3JWSXYN9gnf6BZJ0AsoZ+dONJVopCq+EON4UCfQs7DeBbtdR0ulVpAjMtJTnAP7EU ojnpdZVg58SAYulSlF0ep3MP6h9ENnUycYqqctbVlagMq6zP6dDEIl6jnwM5aQVuYcw8 0avWBzo//7s5M8Skh4XWT1ubLI6BNzmhEUJWC2At4WIYC91NX/dWrizlKSCgduGaLxYQ +iBN1Wvp7W1G+uXXALge3N6No/DcDGJGYICF68jRkztf2dJMsnvaC3MqHDR9tNaZsSXq ghyQ== X-Gm-Message-State: ANhLgQ1FQRaG3bpkthvR2LIfwkq4r0/8LH6FKj5XbXEi2/kuDWIcoJNX iDKqpEXhKkia2bKBZdo9nRSEi3JI5kHCzw== X-Google-Smtp-Source: ADFU+vu6d/7J2ebVmTAL+E+4aathT5ZW0Mmxxiefvmf8BBp8yDH1QWUldt6ezEMjVjX9WJCy3OhcSA== X-Received: by 2002:a05:600c:da:: with SMTP id u26mr1213739wmm.117.1585602244471; Mon, 30 Mar 2020 14:04:04 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [81.2.115.148]) by smtp.gmail.com with ESMTPSA id p21sm1012700wma.0.2020.03.30.14.04.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 30 Mar 2020 14:04:04 -0700 (PDT) From: Peter Maydell To: qemu-arm@nongnu.org, qemu-devel@nongnu.org Subject: [PATCH 2/4] target/arm: Use enum constant in get_phys_addr_lpae() call Date: Mon, 30 Mar 2020 22:03:58 +0100 Message-Id: <20200330210400.11724-3-peter.maydell@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200330210400.11724-1-peter.maydell@linaro.org> References: <20200330210400.11724-1-peter.maydell@linaro.org> MIME-Version: 1.0 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:4864:20::342 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Richard Henderson Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" The access_type argument to get_phys_addr_lpae() is an MMUAccessType; use the enum constant MMU_DATA_LOAD rather than a literal 0 when we call it in S1_ptw_translate(). Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson --- target/arm/helper.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/target/arm/helper.c b/target/arm/helper.c index a0b3082aad9..25439bf6fd9 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -10035,8 +10035,9 @@ static hwaddr S1_ptw_translate(CPUARMState *env, ARMMMUIdx mmu_idx, pcacheattrs = &cacheattrs; } - ret = get_phys_addr_lpae(env, addr, 0, ARMMMUIdx_Stage2, &s2pa, - &txattrs, &s2prot, &s2size, fi, pcacheattrs); + ret = get_phys_addr_lpae(env, addr, MMU_DATA_LOAD, ARMMMUIdx_Stage2, + &s2pa, &txattrs, &s2prot, &s2size, fi, + pcacheattrs); if (ret) { assert(fi->type != ARMFault_None); fi->s2addr = addr; From patchwork Mon Mar 30 21:03:59 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 11466329 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 6D4A181 for ; Mon, 30 Mar 2020 21:05:14 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 4269620714 for ; Mon, 30 Mar 2020 21:05:14 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b="y0tqWz0d" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 4269620714 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Received: from localhost ([::1]:56868 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jJ1ar-0008CC-BU for patchwork-qemu-devel@patchwork.kernel.org; Mon, 30 Mar 2020 17:05:13 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:40553) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jJ1Zo-0006Xz-6j for qemu-devel@nongnu.org; Mon, 30 Mar 2020 17:04:09 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1jJ1Zm-0002gI-N8 for qemu-devel@nongnu.org; Mon, 30 Mar 2020 17:04:08 -0400 Received: from mail-wm1-x341.google.com ([2a00:1450:4864:20::341]:39483) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1jJ1Zm-0002fS-Gm for qemu-devel@nongnu.org; Mon, 30 Mar 2020 17:04:06 -0400 Received: by mail-wm1-x341.google.com with SMTP id e9so361490wme.4 for ; Mon, 30 Mar 2020 14:04:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=ace17zOZApynr6koxMRZ66roRKXXaZNKYw00Y2JeNxs=; b=y0tqWz0dKsYhvpxQP/MCKg5anmIE647vIIhg7IsytaQz4hJt+Yqypf4cRulW1B2ZOU 5m2R5SbPFvlQzG2hZnDQV5neQYLCkTHrE8wWMG9i7Nn0B9JYGYYDLJUJEjdA5xCIRR0E lCWlhDmzkkloHACtx9ns/YVktrpcYMWJarhn+gzl/bpMV2Unyre9/8rugENAUh1FwcoJ bnkR6Ke8+rHB3AHtGzOsy1tojsjnQcxo0WgJ7kpBgxQxJpVufBT34XLKL1+bdXSWa0LK UDEg7Np2PmB8tZyTpIpzhYr/V7Vu2MYL0KVCoFoVKnFi1xbcBh6KpJl1OFSg0+Lg/DUM g8Ww== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=ace17zOZApynr6koxMRZ66roRKXXaZNKYw00Y2JeNxs=; b=FBbsiS8xdgCR87wz7dL+NG08RJvYDoPbhO3JYlYZ96AJqUzIVyBtC7rM0jxcQqzE5x pnkF9O9EEkksFJh0vZnAYJ9gGrJKI/mn6HTLc+B2gJQTkNkfSgbbu3FnJ9dlHVGx3lr9 R6mtEmNbO6refxIbTl5MZig5GJuKBsaPTUXBDtBL3JoY/zp60AWoLiDVboASSqAq5lqY nd2oCKyrl9PQOlcz0FrgswbfKe+iWp3RJ1XDAwS1YMjE7z5LEdtT3TnZpPah0HSmVzKd bTc1pj5ksL+ZOsXjITg5ZYS5x/my2Dg3eAyZXDUyV3i/5Df06hnGECx3i5lyJp5eakHI YfMA== X-Gm-Message-State: ANhLgQ17cuzcSdSPdhfYcjYrQAiLrwvt2eZ3/S9ton5HzZIOTABgpvVq KKiF2mluXUkdePcxivz5egxe4w== X-Google-Smtp-Source: ADFU+vtjxMBwO1ifJ1cxMX0xHxUQSvjeI9k2hl3jberFykSZrXGinrmoszj6aKDsGRznC96Q9qyZ2Q== X-Received: by 2002:a1c:6505:: with SMTP id z5mr1227546wmb.137.1585602245494; Mon, 30 Mar 2020 14:04:05 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [81.2.115.148]) by smtp.gmail.com with ESMTPSA id p21sm1012700wma.0.2020.03.30.14.04.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 30 Mar 2020 14:04:04 -0700 (PDT) From: Peter Maydell To: qemu-arm@nongnu.org, qemu-devel@nongnu.org Subject: [PATCH 3/4] target/arm: Add new 's1_is_el0' argument to get_phys_addr_lpae() Date: Mon, 30 Mar 2020 22:03:59 +0100 Message-Id: <20200330210400.11724-4-peter.maydell@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200330210400.11724-1-peter.maydell@linaro.org> References: <20200330210400.11724-1-peter.maydell@linaro.org> MIME-Version: 1.0 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:4864:20::341 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Richard Henderson Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" For ARMv8.2-TTS2UXN, the stage 2 page table walk wants to know whether the stage 1 access is for EL0 or not, because whether exec permission is given can depend on whether this is an EL0 or EL1 access. Add a new argument to get_phys_addr_lpae() so the call sites can pass this information in. Since get_phys_addr_lpae() doesn't already have a doc comment, add one so we have a place to put the documentation of the semantics of the new s1_is_el0 argument. Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson --- target/arm/helper.c | 29 ++++++++++++++++++++++++++++- 1 file changed, 28 insertions(+), 1 deletion(-) diff --git a/target/arm/helper.c b/target/arm/helper.c index 25439bf6fd9..47a175b8e9d 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -41,6 +41,7 @@ static bool get_phys_addr_lpae(CPUARMState *env, target_ulong address, MMUAccessType access_type, ARMMMUIdx mmu_idx, + bool s1_is_el0, hwaddr *phys_ptr, MemTxAttrs *txattrs, int *prot, target_ulong *page_size_ptr, ARMMMUFaultInfo *fi, ARMCacheAttrs *cacheattrs); @@ -10036,6 +10037,7 @@ static hwaddr S1_ptw_translate(CPUARMState *env, ARMMMUIdx mmu_idx, } ret = get_phys_addr_lpae(env, addr, MMU_DATA_LOAD, ARMMMUIdx_Stage2, + false, &s2pa, &txattrs, &s2prot, &s2size, fi, pcacheattrs); if (ret) { @@ -10638,8 +10640,32 @@ static ARMVAParameters aa32_va_parameters(CPUARMState *env, uint32_t va, }; } +/** + * get_phys_addr_lpae: perform one stage of page table walk, LPAE format + * + * Returns false if the translation was successful. Otherwise, phys_ptr, attrs, + * prot and page_size may not be filled in, and the populated fsr value provides + * information on why the translation aborted, in the format of a long-format + * DFSR/IFSR fault register, with the following caveats: + * * the WnR bit is never set (the caller must do this). + * + * @env: CPUARMState + * @address: virtual address to get physical address for + * @access_type: MMU_DATA_LOAD, MMU_DATA_STORE or MMU_INST_FETCH + * @mmu_idx: MMU index indicating required translation regime + * @s1_is_el0: if @mmu_idx is ARMMMUIdx_Stage2 (so this is a stage 2 page table + * walk), must be true if this is stage 2 of a stage 1+2 walk for an + * EL0 access). If @mmu_idx is anything else, @s1_is_el0 is ignored. + * @phys_ptr: set to the physical address corresponding to the virtual address + * @attrs: set to the memory transaction attributes to use + * @prot: set to the permissions for the page containing phys_ptr + * @page_size_ptr: set to the size of the page containing phys_ptr + * @fi: set to fault info if the translation fails + * @cacheattrs: (if non-NULL) set to the cacheability/shareability attributes + */ static bool get_phys_addr_lpae(CPUARMState *env, target_ulong address, MMUAccessType access_type, ARMMMUIdx mmu_idx, + bool s1_is_el0, hwaddr *phys_ptr, MemTxAttrs *txattrs, int *prot, target_ulong *page_size_ptr, ARMMMUFaultInfo *fi, ARMCacheAttrs *cacheattrs) @@ -11736,6 +11762,7 @@ bool get_phys_addr(CPUARMState *env, target_ulong address, /* S1 is done. Now do S2 translation. */ ret = get_phys_addr_lpae(env, ipa, access_type, ARMMMUIdx_Stage2, + mmu_idx == ARMMMUIdx_E10_0, phys_ptr, attrs, &s2_prot, page_size, fi, cacheattrs != NULL ? &cacheattrs2 : NULL); @@ -11860,7 +11887,7 @@ bool get_phys_addr(CPUARMState *env, target_ulong address, } if (regime_using_lpae_format(env, mmu_idx)) { - return get_phys_addr_lpae(env, address, access_type, mmu_idx, + return get_phys_addr_lpae(env, address, access_type, mmu_idx, false, phys_ptr, attrs, prot, page_size, fi, cacheattrs); } else if (regime_sctlr(env, mmu_idx) & SCTLR_XP) { From patchwork Mon Mar 30 21:04:00 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 11466337 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 3344C81 for ; Mon, 30 Mar 2020 21:08:04 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 075D020658 for ; Mon, 30 Mar 2020 21:08:04 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b="rRn/fRV3" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 075D020658 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Received: from localhost ([::1]:56938 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jJ1db-00031L-6M for patchwork-qemu-devel@patchwork.kernel.org; Mon, 30 Mar 2020 17:08:03 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:40574) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jJ1Zp-0006YV-3N for qemu-devel@nongnu.org; Mon, 30 Mar 2020 17:04:10 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1jJ1Zn-0002ha-Nl for qemu-devel@nongnu.org; Mon, 30 Mar 2020 17:04:09 -0400 Received: from mail-wr1-x443.google.com ([2a00:1450:4864:20::443]:45687) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1jJ1Zn-0002gQ-HS for qemu-devel@nongnu.org; Mon, 30 Mar 2020 17:04:07 -0400 Received: by mail-wr1-x443.google.com with SMTP id t7so23376371wrw.12 for ; Mon, 30 Mar 2020 14:04:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Xwn3cC+kkWDU3qbOHlus1u59utOB7m1NhZTU25s+Z3I=; b=rRn/fRV36kzerrPWtvd81Uv7oqVpAId6q6Rax5W3B91ObZLyfdIHoyBxmr1BWxfSS2 fcSYojWnmbKXfUE024RQSOfpOd1vBAXlNfodC4dx7TIoUblfwUxS0SgANzvgLAvupdrr BaETpItJ/FpPaMFtXm8pN2uM0m+QzN7iC9/nBX56XO/eF/KVRfPBwUJYts8hoXbbK012 soxLgm58kNL5InvyhCOHO0LkbSq0M3zleCTrcCAxisnvGYopSLUSdjRKm5u3xnuGuVkI iFp3LRgglgKjzAeRw/1t0uYUytZ2qeaPshUQZH/c5j3U3GgRVYh1pS6O3wGsqk8ZVYeZ Z5NA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Xwn3cC+kkWDU3qbOHlus1u59utOB7m1NhZTU25s+Z3I=; b=K9R2Yz+/h0xUxa7rKkSuMzl4XhV8mMhsWohibhwd9mdqQAgHYUU1K1jsMBksAldK0S CS0FFCUV3d1SQHLIxcOQMoOIw2PIJzXWF1JvfL4esIxvqQMFPSn4TNOCovb9t5/HNbz/ 0X8THVMFRaWdqZfvmGzXASm/DG5zDiHJzLAnja7y0+nP63c+Kes+e2URe8F8/QlttNh9 dDkDZ2lOOovCjceBv/Q0W5bGqbp59xeMs746dZG8djCjM+212vCXZS+TSz7t/G2gRosC POtyKGJeuF1cvKlKMMWCVrJAa+xCZLLIC9xnLOYTChGWoaiDI3Fb/yjhn58pqhW3cGbZ h3Cw== X-Gm-Message-State: ANhLgQ0WcMoCK4YDLkcQSMqZJWGPTvTJ3M9ZMFoLSwWCmoB7UoH+FKC7 fnurw5HP3O09fixlpEWF6epAWv3IHI/5Ew== X-Google-Smtp-Source: ADFU+vtYM7v/+pjqutFqt/xhE6qIL8VJt0dneNW68orLoO62ueh07LKIM4vGiqFU6mUhEvowYqjBPQ== X-Received: by 2002:a5d:4004:: with SMTP id n4mr16953382wrp.180.1585602246496; Mon, 30 Mar 2020 14:04:06 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [81.2.115.148]) by smtp.gmail.com with ESMTPSA id p21sm1012700wma.0.2020.03.30.14.04.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 30 Mar 2020 14:04:06 -0700 (PDT) From: Peter Maydell To: qemu-arm@nongnu.org, qemu-devel@nongnu.org Subject: [PATCH 4/4] target/arm: Implement ARMv8.2-TTS2UXN Date: Mon, 30 Mar 2020 22:04:00 +0100 Message-Id: <20200330210400.11724-5-peter.maydell@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200330210400.11724-1-peter.maydell@linaro.org> References: <20200330210400.11724-1-peter.maydell@linaro.org> MIME-Version: 1.0 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:4864:20::443 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Richard Henderson Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" The ARMv8.2-TTS2UXN feature extends the XN field in stage 2 translation table descriptors from just bit [54] to bits [54:53], allowing stage 2 to control execution permissions separately for EL0 and EL1. Implement the new semantics of the XN field and enable the feature for our 'max' CPU. Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson --- target/arm/cpu.h | 15 +++++++++++++++ target/arm/cpu.c | 1 + target/arm/cpu64.c | 2 ++ target/arm/helper.c | 37 +++++++++++++++++++++++++++++++------ 4 files changed, 49 insertions(+), 6 deletions(-) diff --git a/target/arm/cpu.h b/target/arm/cpu.h index fe03a74bf08..9aae324d0f6 100644 --- a/target/arm/cpu.h +++ b/target/arm/cpu.h @@ -3610,6 +3610,11 @@ static inline bool isar_feature_aa32_ccidx(const ARMISARegisters *id) return FIELD_EX32(id->id_mmfr4, ID_MMFR4, CCIDX) != 0; } +static inline bool isar_feature_aa32_tts2uxn(const ARMISARegisters *id) +{ + return FIELD_EX32(id->id_mmfr4, ID_MMFR4, XNX) != 0; +} + /* * 64-bit feature tests via id registers. */ @@ -3822,6 +3827,11 @@ static inline bool isar_feature_aa64_ccidx(const ARMISARegisters *id) return FIELD_EX64(id->id_aa64mmfr2, ID_AA64MMFR2, CCIDX) != 0; } +static inline bool isar_feature_aa64_tts2uxn(const ARMISARegisters *id) +{ + return FIELD_EX64(id->id_aa64mmfr1, ID_AA64MMFR1, XNX) != 0; +} + /* * Feature tests for "does this exist in either 32-bit or 64-bit?" */ @@ -3850,6 +3860,11 @@ static inline bool isar_feature_any_ccidx(const ARMISARegisters *id) return isar_feature_aa64_ccidx(id) || isar_feature_aa32_ccidx(id); } +static inline bool isar_feature_any_tts2uxn(const ARMISARegisters *id) +{ + return isar_feature_aa64_tts2uxn(id) || isar_feature_aa32_tts2uxn(id); +} + /* * Forward to the above feature tests given an ARMCPU pointer. */ diff --git a/target/arm/cpu.c b/target/arm/cpu.c index a79f233b170..d5dfb30525d 100644 --- a/target/arm/cpu.c +++ b/target/arm/cpu.c @@ -2684,6 +2684,7 @@ static void arm_max_initfn(Object *obj) t = FIELD_DP32(t, ID_MMFR4, HPDS, 1); /* AA32HPD */ t = FIELD_DP32(t, ID_MMFR4, AC2, 1); /* ACTLR2, HACTLR2 */ t = FIELD_DP32(t, ID_MMFR4, CNP, 1); /* TTCNP */ + t = FIELD_DP32(t, ID_MMFR4, XNX, 1); /* TTS2UXN */ cpu->isar.id_mmfr4 = t; } #endif diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c index 62d36f9e8d3..5fc6330c968 100644 --- a/target/arm/cpu64.c +++ b/target/arm/cpu64.c @@ -673,6 +673,7 @@ static void aarch64_max_initfn(Object *obj) t = FIELD_DP64(t, ID_AA64MMFR1, VH, 1); t = FIELD_DP64(t, ID_AA64MMFR1, PAN, 2); /* ATS1E1 */ t = FIELD_DP64(t, ID_AA64MMFR1, VMIDBITS, 2); /* VMID16 */ + t = FIELD_DP64(t, ID_AA64MMFR1, XNX, 1); /* TTS2UXN */ cpu->isar.id_aa64mmfr1 = t; t = cpu->isar.id_aa64mmfr2; @@ -706,6 +707,7 @@ static void aarch64_max_initfn(Object *obj) u = FIELD_DP32(u, ID_MMFR4, HPDS, 1); /* AA32HPD */ u = FIELD_DP32(u, ID_MMFR4, AC2, 1); /* ACTLR2, HACTLR2 */ u = FIELD_DP32(t, ID_MMFR4, CNP, 1); /* TTCNP */ + u = FIELD_DP32(t, ID_MMFR4, XNX, 1); /* TTS2UXN */ cpu->isar.id_mmfr4 = u; u = cpu->isar.id_aa64dfr0; diff --git a/target/arm/helper.c b/target/arm/helper.c index 47a175b8e9d..cba8ac57983 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -9891,9 +9891,10 @@ simple_ap_to_rw_prot(CPUARMState *env, ARMMMUIdx mmu_idx, int ap) * * @env: CPUARMState * @s2ap: The 2-bit stage2 access permissions (S2AP) - * @xn: XN (execute-never) bit + * @xn: XN (execute-never) bits + * @s1_is_el0: true if this is S2 of an S1+2 walk for EL0 */ -static int get_S2prot(CPUARMState *env, int s2ap, int xn) +static int get_S2prot(CPUARMState *env, int s2ap, int xn, bool s1_is_el0) { int prot = 0; @@ -9903,9 +9904,32 @@ static int get_S2prot(CPUARMState *env, int s2ap, int xn) if (s2ap & 2) { prot |= PAGE_WRITE; } - if (!xn) { - if (arm_el_is_aa64(env, 2) || prot & PAGE_READ) { + + if (cpu_isar_feature(any_tts2uxn, env_archcpu(env))) { + switch (xn) { + case 0: prot |= PAGE_EXEC; + break; + case 1: + if (s1_is_el0) { + prot |= PAGE_EXEC; + } + break; + case 2: + break; + case 3: + if (!s1_is_el0) { + prot |= PAGE_EXEC; + } + break; + default: + g_assert_not_reached(); + } + } else { + if (!extract32(xn, 1, 1)) { + if (arm_el_is_aa64(env, 2) || prot & PAGE_READ) { + prot |= PAGE_EXEC; + } } } return prot; @@ -10889,13 +10913,14 @@ static bool get_phys_addr_lpae(CPUARMState *env, target_ulong address, } ap = extract32(attrs, 4, 2); - xn = extract32(attrs, 12, 1); if (mmu_idx == ARMMMUIdx_Stage2) { ns = true; - *prot = get_S2prot(env, ap, xn); + xn = extract32(attrs, 11, 2); + *prot = get_S2prot(env, ap, xn, s1_is_el0); } else { ns = extract32(attrs, 3, 1); + xn = extract32(attrs, 12, 1); pxn = extract32(attrs, 11, 1); *prot = get_S1prot(env, mmu_idx, aarch64, ap, ns, xn, pxn); }