From 028616130d5f0abc8a3b96f28963da51a875024b Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:01:38 -0800 Subject: [PATCH 01/38] target/riscv: Convert MIP CSR to target_ulong The MIP CSR is a xlen CSR, it was only 32-bits to allow atomic access. Now that we don't use atomics for MIP we can change this back to a xlen CSR. Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/cpu.c | 2 +- target/riscv/cpu.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c index 8c86ebc109..efbd676edb 100644 --- a/target/riscv/cpu.c +++ b/target/riscv/cpu.c @@ -224,7 +224,7 @@ static void riscv_cpu_dump_state(CPUState *cs, FILE *f, int flags) #ifndef CONFIG_USER_ONLY qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "mhartid ", env->mhartid); qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "mstatus ", env->mstatus); - qemu_fprintf(f, " %s 0x%x\n", "mip ", env->mip); + qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "mip ", env->mip); qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "mie ", env->mie); qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "mideleg ", env->mideleg); qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "medeleg ", env->medeleg); diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index de0a8d893a..95de9e58a2 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -121,7 +121,7 @@ struct CPURISCVState { target_ulong mhartid; target_ulong mstatus; - uint32_t mip; + target_ulong mip; uint32_t miclaim; target_ulong mie; From af1fa0039c799a350bcde07b3d8a71dfde07d11b Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:01:41 -0800 Subject: [PATCH 02/38] target/riscv: Add the Hypervisor extension Signed-off-by: Alistair Francis Reviewed-by: Chih-Min Chao Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/cpu.h | 1 + 1 file changed, 1 insertion(+) diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index 95de9e58a2..010125efd6 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -67,6 +67,7 @@ #define RVC RV('C') #define RVS RV('S') #define RVU RV('U') +#define RVH RV('H') /* S extension denotes that Supervisor mode exists, however it is possible to have a core that support S mode but does not have an MMU and there From bd023ce33b85d73791b7bc78fd04a8115c60995e Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:01:43 -0800 Subject: [PATCH 03/38] target/riscv: Add the Hypervisor CSRs to CPUState Add the Hypervisor CSRs to CPUState and at the same time (to avoid bisect issues) update the CSR macros for the v0.5 Hyp spec. Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/cpu.h | 21 +++++++++++++++++++++ target/riscv/cpu_bits.h | 34 +++++++++++++++++++++------------- target/riscv/gdbstub.c | 11 ++++++----- 3 files changed, 48 insertions(+), 18 deletions(-) diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index 010125efd6..c7f7ae5c38 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -143,6 +143,27 @@ struct CPURISCVState { target_ulong mcause; target_ulong mtval; /* since: priv-1.10.0 */ + /* Hypervisor CSRs */ + target_ulong hstatus; + target_ulong hedeleg; + target_ulong hideleg; + target_ulong hcounteren; + target_ulong htval; + target_ulong htinst; + target_ulong hgatp; + + /* Virtual CSRs */ + target_ulong vsstatus; + target_ulong vstvec; + target_ulong vsscratch; + target_ulong vsepc; + target_ulong vscause; + target_ulong vstval; + target_ulong vsatp; + + target_ulong mtval2; + target_ulong mtinst; + target_ulong scounteren; target_ulong mcounteren; diff --git a/target/riscv/cpu_bits.h b/target/riscv/cpu_bits.h index e99834856c..25c0fb258d 100644 --- a/target/riscv/cpu_bits.h +++ b/target/riscv/cpu_bits.h @@ -177,8 +177,14 @@ #define CSR_HSTATUS 0x600 #define CSR_HEDELEG 0x602 #define CSR_HIDELEG 0x603 -#define CSR_HCOUNTERNEN 0x606 +#define CSR_HIE 0x604 +#define CSR_HCOUNTEREN 0x606 +#define CSR_HTVAL 0x643 +#define CSR_HIP 0x644 +#define CSR_HTINST 0x64A #define CSR_HGATP 0x680 +#define CSR_HTIMEDELTA 0x605 +#define CSR_HTIMEDELTAH 0x615 #if defined(TARGET_RISCV32) #define HGATP_MODE SATP32_MODE @@ -191,6 +197,20 @@ #define HGATP_PPN SATP64_PPN #endif +/* Virtual CSRs */ +#define CSR_VSSTATUS 0x200 +#define CSR_VSIE 0x204 +#define CSR_VSTVEC 0x205 +#define CSR_VSSCRATCH 0x240 +#define CSR_VSEPC 0x241 +#define CSR_VSCAUSE 0x242 +#define CSR_VSTVAL 0x243 +#define CSR_VSIP 0x244 +#define CSR_VSATP 0x280 + +#define CSR_MTINST 0x34a +#define CSR_MTVAL2 0x34b + /* Physical Memory Protection */ #define CSR_PMPCFG0 0x3a0 #define CSR_PMPCFG1 0x3a1 @@ -313,17 +333,6 @@ #define CSR_MHPMCOUNTER30H 0xb9e #define CSR_MHPMCOUNTER31H 0xb9f -/* Legacy Hypervisor Trap Setup (priv v1.9.1) */ -#define CSR_HIE 0x204 -#define CSR_HTVEC 0x205 - -/* Legacy Hypervisor Trap Handling (priv v1.9.1) */ -#define CSR_HSCRATCH 0x240 -#define CSR_HEPC 0x241 -#define CSR_HCAUSE 0x242 -#define CSR_HBADADDR 0x243 -#define CSR_HIP 0x244 - /* Legacy Machine Protection and Translation (priv v1.9.1) */ #define CSR_MBASE 0x380 #define CSR_MBOUND 0x381 @@ -400,7 +409,6 @@ /* hstatus CSR bits */ #define HSTATUS_SPRV 0x00000001 -#define HSTATUS_STL 0x00000040 #define HSTATUS_SPV 0x00000080 #define HSTATUS_SP2P 0x00000100 #define HSTATUS_SP2V 0x00000200 diff --git a/target/riscv/gdbstub.c b/target/riscv/gdbstub.c index 1a72f7be9c..2f32750f2f 100644 --- a/target/riscv/gdbstub.c +++ b/target/riscv/gdbstub.c @@ -130,6 +130,8 @@ static int csr_register_map[] = { CSR_MCAUSE, CSR_MTVAL, CSR_MIP, + CSR_MTINST, + CSR_MTVAL2, CSR_PMPCFG0, CSR_PMPCFG1, CSR_PMPCFG2, @@ -252,12 +254,11 @@ static int csr_register_map[] = { CSR_HEDELEG, CSR_HIDELEG, CSR_HIE, - CSR_HTVEC, - CSR_HSCRATCH, - CSR_HEPC, - CSR_HCAUSE, - CSR_HBADADDR, + CSR_HCOUNTEREN, + CSR_HTVAL, CSR_HIP, + CSR_HTINST, + CSR_HGATP, CSR_MBASE, CSR_MBOUND, CSR_MIBASE, From ab67a1d07a4f6f1b4d577c5c47013273b9804551 Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:01:46 -0800 Subject: [PATCH 04/38] target/riscv: Add support for the new execption numbers The v0.5 Hypervisor spec add new execption numbers, let's add support for those. Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/cpu.c | 8 ++++++++ target/riscv/cpu_bits.h | 35 +++++++++++++++++++---------------- target/riscv/cpu_helper.c | 7 +++++-- target/riscv/csr.c | 7 +++++-- 4 files changed, 37 insertions(+), 20 deletions(-) diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c index efbd676edb..2f62f5ea19 100644 --- a/target/riscv/cpu.c +++ b/target/riscv/cpu.c @@ -67,6 +67,14 @@ const char * const riscv_excp_names[] = { "load_page_fault", "reserved", "store_page_fault" + "reserved", + "reserved", + "reserved", + "reserved", + "guest_exec_page_fault", + "guest_load_page_fault", + "reserved", + "guest_store_page_fault" }; const char * const riscv_intr_names[] = { diff --git a/target/riscv/cpu_bits.h b/target/riscv/cpu_bits.h index 25c0fb258d..9ce73c36de 100644 --- a/target/riscv/cpu_bits.h +++ b/target/riscv/cpu_bits.h @@ -488,22 +488,25 @@ #define DEFAULT_RSTVEC 0x1000 /* Exception causes */ -#define EXCP_NONE -1 /* sentinel value */ -#define RISCV_EXCP_INST_ADDR_MIS 0x0 -#define RISCV_EXCP_INST_ACCESS_FAULT 0x1 -#define RISCV_EXCP_ILLEGAL_INST 0x2 -#define RISCV_EXCP_BREAKPOINT 0x3 -#define RISCV_EXCP_LOAD_ADDR_MIS 0x4 -#define RISCV_EXCP_LOAD_ACCESS_FAULT 0x5 -#define RISCV_EXCP_STORE_AMO_ADDR_MIS 0x6 -#define RISCV_EXCP_STORE_AMO_ACCESS_FAULT 0x7 -#define RISCV_EXCP_U_ECALL 0x8 -#define RISCV_EXCP_S_ECALL 0x9 -#define RISCV_EXCP_H_ECALL 0xa -#define RISCV_EXCP_M_ECALL 0xb -#define RISCV_EXCP_INST_PAGE_FAULT 0xc /* since: priv-1.10.0 */ -#define RISCV_EXCP_LOAD_PAGE_FAULT 0xd /* since: priv-1.10.0 */ -#define RISCV_EXCP_STORE_PAGE_FAULT 0xf /* since: priv-1.10.0 */ +#define EXCP_NONE -1 /* sentinel value */ +#define RISCV_EXCP_INST_ADDR_MIS 0x0 +#define RISCV_EXCP_INST_ACCESS_FAULT 0x1 +#define RISCV_EXCP_ILLEGAL_INST 0x2 +#define RISCV_EXCP_BREAKPOINT 0x3 +#define RISCV_EXCP_LOAD_ADDR_MIS 0x4 +#define RISCV_EXCP_LOAD_ACCESS_FAULT 0x5 +#define RISCV_EXCP_STORE_AMO_ADDR_MIS 0x6 +#define RISCV_EXCP_STORE_AMO_ACCESS_FAULT 0x7 +#define RISCV_EXCP_U_ECALL 0x8 +#define RISCV_EXCP_S_ECALL 0x9 +#define RISCV_EXCP_VS_ECALL 0xa +#define RISCV_EXCP_M_ECALL 0xb +#define RISCV_EXCP_INST_PAGE_FAULT 0xc /* since: priv-1.10.0 */ +#define RISCV_EXCP_LOAD_PAGE_FAULT 0xd /* since: priv-1.10.0 */ +#define RISCV_EXCP_STORE_PAGE_FAULT 0xf /* since: priv-1.10.0 */ +#define RISCV_EXCP_INST_GUEST_PAGE_FAULT 0x14 +#define RISCV_EXCP_LOAD_GUEST_ACCESS_FAULT 0x15 +#define RISCV_EXCP_STORE_GUEST_AMO_ACCESS_FAULT 0x17 #define RISCV_EXCP_INT_FLAG 0x80000000 #define RISCV_EXCP_INT_MASK 0x7fffffff diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index 85403da9c8..a10582b310 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -528,13 +528,16 @@ void riscv_cpu_do_interrupt(CPUState *cs) static const int ecall_cause_map[] = { [PRV_U] = RISCV_EXCP_U_ECALL, [PRV_S] = RISCV_EXCP_S_ECALL, - [PRV_H] = RISCV_EXCP_H_ECALL, + [PRV_H] = RISCV_EXCP_VS_ECALL, [PRV_M] = RISCV_EXCP_M_ECALL }; if (!async) { /* set tval to badaddr for traps with address information */ switch (cause) { + case RISCV_EXCP_INST_GUEST_PAGE_FAULT: + case RISCV_EXCP_LOAD_GUEST_ACCESS_FAULT: + case RISCV_EXCP_STORE_GUEST_AMO_ACCESS_FAULT: case RISCV_EXCP_INST_ADDR_MIS: case RISCV_EXCP_INST_ACCESS_FAULT: case RISCV_EXCP_LOAD_ADDR_MIS: @@ -556,7 +559,7 @@ void riscv_cpu_do_interrupt(CPUState *cs) } } - trace_riscv_trap(env->mhartid, async, cause, env->pc, tval, cause < 16 ? + trace_riscv_trap(env->mhartid, async, cause, env->pc, tval, cause < 23 ? (async ? riscv_intr_names : riscv_excp_names)[cause] : "(unknown)"); if (env->priv <= PRV_S && diff --git a/target/riscv/csr.c b/target/riscv/csr.c index 0e34c292c5..ca27359c7e 100644 --- a/target/riscv/csr.c +++ b/target/riscv/csr.c @@ -242,11 +242,14 @@ static const target_ulong delegable_excps = (1ULL << (RISCV_EXCP_STORE_AMO_ACCESS_FAULT)) | (1ULL << (RISCV_EXCP_U_ECALL)) | (1ULL << (RISCV_EXCP_S_ECALL)) | - (1ULL << (RISCV_EXCP_H_ECALL)) | + (1ULL << (RISCV_EXCP_VS_ECALL)) | (1ULL << (RISCV_EXCP_M_ECALL)) | (1ULL << (RISCV_EXCP_INST_PAGE_FAULT)) | (1ULL << (RISCV_EXCP_LOAD_PAGE_FAULT)) | - (1ULL << (RISCV_EXCP_STORE_PAGE_FAULT)); + (1ULL << (RISCV_EXCP_STORE_PAGE_FAULT)) | + (1ULL << (RISCV_EXCP_INST_GUEST_PAGE_FAULT)) | + (1ULL << (RISCV_EXCP_LOAD_GUEST_ACCESS_FAULT)) | + (1ULL << (RISCV_EXCP_STORE_GUEST_AMO_ACCESS_FAULT)); static const target_ulong sstatus_v1_9_mask = SSTATUS_SIE | SSTATUS_SPIE | SSTATUS_UIE | SSTATUS_UPIE | SSTATUS_SPP | SSTATUS_FS | SSTATUS_XS | SSTATUS_SUM | SSTATUS_SD; From 205377f8940898e4c53d1b44350a3d4934a2da72 Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:01:49 -0800 Subject: [PATCH 05/38] target/riscv: Rename the H irqs to VS irqs Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/cpu.c | 6 +++--- target/riscv/cpu_bits.h | 12 ++++++------ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c index 2f62f5ea19..f7a35c74c2 100644 --- a/target/riscv/cpu.c +++ b/target/riscv/cpu.c @@ -80,14 +80,14 @@ const char * const riscv_excp_names[] = { const char * const riscv_intr_names[] = { "u_software", "s_software", - "h_software", + "vs_software", "m_software", "u_timer", "s_timer", - "h_timer", + "vs_timer", "m_timer", "u_external", - "s_external", + "vs_external", "h_external", "m_external", "reserved", diff --git a/target/riscv/cpu_bits.h b/target/riscv/cpu_bits.h index 9ce73c36de..eeaa03c0f8 100644 --- a/target/riscv/cpu_bits.h +++ b/target/riscv/cpu_bits.h @@ -514,29 +514,29 @@ /* Interrupt causes */ #define IRQ_U_SOFT 0 #define IRQ_S_SOFT 1 -#define IRQ_H_SOFT 2 /* reserved */ +#define IRQ_VS_SOFT 2 #define IRQ_M_SOFT 3 #define IRQ_U_TIMER 4 #define IRQ_S_TIMER 5 -#define IRQ_H_TIMER 6 /* reserved */ +#define IRQ_VS_TIMER 6 #define IRQ_M_TIMER 7 #define IRQ_U_EXT 8 #define IRQ_S_EXT 9 -#define IRQ_H_EXT 10 /* reserved */ +#define IRQ_VS_EXT 10 #define IRQ_M_EXT 11 /* mip masks */ #define MIP_USIP (1 << IRQ_U_SOFT) #define MIP_SSIP (1 << IRQ_S_SOFT) -#define MIP_HSIP (1 << IRQ_H_SOFT) +#define MIP_VSSIP (1 << IRQ_VS_SOFT) #define MIP_MSIP (1 << IRQ_M_SOFT) #define MIP_UTIP (1 << IRQ_U_TIMER) #define MIP_STIP (1 << IRQ_S_TIMER) -#define MIP_HTIP (1 << IRQ_H_TIMER) +#define MIP_VSTIP (1 << IRQ_VS_TIMER) #define MIP_MTIP (1 << IRQ_M_TIMER) #define MIP_UEIP (1 << IRQ_U_EXT) #define MIP_SEIP (1 << IRQ_S_EXT) -#define MIP_HEIP (1 << IRQ_H_EXT) +#define MIP_VSEIP (1 << IRQ_VS_EXT) #define MIP_MEIP (1 << IRQ_M_EXT) /* sip masks */ From ef6bb7b62682badefdcb744831510aaa5971684f Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:01:51 -0800 Subject: [PATCH 06/38] target/riscv: Add the virtulisation mode Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/cpu.h | 4 ++++ target/riscv/cpu_bits.h | 3 +++ target/riscv/cpu_helper.c | 18 ++++++++++++++++++ 3 files changed, 25 insertions(+) diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index c7f7ae5c38..a9cbd8584e 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -117,6 +117,8 @@ struct CPURISCVState { #ifndef CONFIG_USER_ONLY target_ulong priv; + /* This contains QEMU specific information about the virt state. */ + target_ulong virt; target_ulong resetvec; target_ulong mhartid; @@ -269,6 +271,8 @@ int riscv_cpu_gdb_read_register(CPUState *cpu, uint8_t *buf, int reg); int riscv_cpu_gdb_write_register(CPUState *cpu, uint8_t *buf, int reg); bool riscv_cpu_exec_interrupt(CPUState *cs, int interrupt_request); bool riscv_cpu_fp_enabled(CPURISCVState *env); +bool riscv_cpu_virt_enabled(CPURISCVState *env); +void riscv_cpu_set_virt_enabled(CPURISCVState *env, bool enable); int riscv_cpu_mmu_index(CPURISCVState *env, bool ifetch); hwaddr riscv_cpu_get_phys_page_debug(CPUState *cpu, vaddr addr); void riscv_cpu_do_unaligned_access(CPUState *cs, vaddr addr, diff --git a/target/riscv/cpu_bits.h b/target/riscv/cpu_bits.h index eeaa03c0f8..2cdb0de4fe 100644 --- a/target/riscv/cpu_bits.h +++ b/target/riscv/cpu_bits.h @@ -430,6 +430,9 @@ #define PRV_H 2 /* Reserved */ #define PRV_M 3 +/* Virtulisation Register Fields */ +#define VIRT_ONOFF 1 + /* RV32 satp CSR field masks */ #define SATP32_MODE 0x80000000 #define SATP32_ASID 0x7fc00000 diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index a10582b310..e5311160e7 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -82,6 +82,24 @@ bool riscv_cpu_fp_enabled(CPURISCVState *env) return false; } +bool riscv_cpu_virt_enabled(CPURISCVState *env) +{ + if (!riscv_has_ext(env, RVH)) { + return false; + } + + return get_field(env->virt, VIRT_ONOFF); +} + +void riscv_cpu_set_virt_enabled(CPURISCVState *env, bool enable) +{ + if (!riscv_has_ext(env, RVH)) { + return; + } + + env->virt = set_field(env->virt, VIRT_ONOFF, enable); +} + int riscv_cpu_claim_interrupts(RISCVCPU *cpu, uint32_t interrupts) { CPURISCVState *env = &cpu->env; From c7b1bbc80fc2af17395d3986c346fd2307e57829 Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:01:54 -0800 Subject: [PATCH 07/38] target/riscv: Add the force HS exception mode Add a FORCE_HS_EXCEP mode to the RISC-V virtulisation status. This bit specifies if an exeption should be taken to HS mode no matter the current delegation status. This is used when an exeption must be taken to HS mode, such as when handling interrupts. Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/cpu.h | 2 ++ target/riscv/cpu_bits.h | 6 ++++++ target/riscv/cpu_helper.c | 18 ++++++++++++++++++ 3 files changed, 26 insertions(+) diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index a9cbd8584e..42720d65f9 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -273,6 +273,8 @@ bool riscv_cpu_exec_interrupt(CPUState *cs, int interrupt_request); bool riscv_cpu_fp_enabled(CPURISCVState *env); bool riscv_cpu_virt_enabled(CPURISCVState *env); void riscv_cpu_set_virt_enabled(CPURISCVState *env, bool enable); +bool riscv_cpu_force_hs_excep_enabled(CPURISCVState *env); +void riscv_cpu_set_force_hs_excep(CPURISCVState *env, bool enable); int riscv_cpu_mmu_index(CPURISCVState *env, bool ifetch); hwaddr riscv_cpu_get_phys_page_debug(CPUState *cpu, vaddr addr); void riscv_cpu_do_unaligned_access(CPUState *cs, vaddr addr, diff --git a/target/riscv/cpu_bits.h b/target/riscv/cpu_bits.h index 2cdb0de4fe..ad6479796c 100644 --- a/target/riscv/cpu_bits.h +++ b/target/riscv/cpu_bits.h @@ -432,6 +432,12 @@ /* Virtulisation Register Fields */ #define VIRT_ONOFF 1 +/* This is used to save state for when we take an exception. If this is set + * that means that we want to force a HS level exception (no matter what the + * delegation is set to). This will occur for things such as a second level + * page table fault. + */ +#define FORCE_HS_EXCEP 2 /* RV32 satp CSR field masks */ #define SATP32_MODE 0x80000000 diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index e5311160e7..e36ee7d58e 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -100,6 +100,24 @@ void riscv_cpu_set_virt_enabled(CPURISCVState *env, bool enable) env->virt = set_field(env->virt, VIRT_ONOFF, enable); } +bool riscv_cpu_force_hs_excep_enabled(CPURISCVState *env) +{ + if (!riscv_has_ext(env, RVH)) { + return false; + } + + return get_field(env->virt, FORCE_HS_EXCEP); +} + +void riscv_cpu_set_force_hs_excep(CPURISCVState *env, bool enable) +{ + if (!riscv_has_ext(env, RVH)) { + return; + } + + env->virt = set_field(env->virt, FORCE_HS_EXCEP, enable); +} + int riscv_cpu_claim_interrupts(RISCVCPU *cpu, uint32_t interrupts) { CPURISCVState *env = &cpu->env; From 0a42f4c4408824dc7cb9ff60c9bdce6dcc0d24a5 Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:01:56 -0800 Subject: [PATCH 08/38] target/riscv: Fix CSR perm checking for HS mode Update the CSR permission checking to work correctly when we are in HS-mode. Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/csr.c | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/target/riscv/csr.c b/target/riscv/csr.c index ca27359c7e..c63b2f980c 100644 --- a/target/riscv/csr.c +++ b/target/riscv/csr.c @@ -801,12 +801,22 @@ int riscv_csrrw(CPURISCVState *env, int csrno, target_ulong *ret_value, /* check privileges and return -1 if check fails */ #if !defined(CONFIG_USER_ONLY) - int csr_priv = get_field(csrno, 0x300); + int effective_priv = env->priv; int read_only = get_field(csrno, 0xC00) == 3; - if ((!env->debugger) && (env->priv < csr_priv)) { - return -1; + + if (riscv_has_ext(env, RVH) && + env->priv == PRV_S && + !riscv_cpu_virt_enabled(env)) { + /* + * We are in S mode without virtualisation, therefore we are in HS Mode. + * Add 1 to the effective privledge level to allow us to access the + * Hypervisor CSRs. + */ + effective_priv++; } - if (write_mask && read_only) { + + if ((write_mask && read_only) || + (!env->debugger && (effective_priv < get_field(csrno, 0x300)))) { return -1; } #endif From 35f690391bd69922a1987d44546b884adaf29a57 Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:01:59 -0800 Subject: [PATCH 09/38] target/riscv: Print priv and virt in disas log Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/translate.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/target/riscv/translate.c b/target/riscv/translate.c index d5de7f468a..eff064dc44 100644 --- a/target/riscv/translate.c +++ b/target/riscv/translate.c @@ -810,7 +810,15 @@ static void riscv_tr_tb_stop(DisasContextBase *dcbase, CPUState *cpu) static void riscv_tr_disas_log(const DisasContextBase *dcbase, CPUState *cpu) { +#ifndef CONFIG_USER_ONLY + RISCVCPU *rvcpu = RISCV_CPU(cpu); + CPURISCVState *env = &rvcpu->env; +#endif + qemu_log("IN: %s\n", lookup_symbol(dcbase->pc_first)); +#ifndef CONFIG_USER_ONLY + qemu_log("Priv: "TARGET_FMT_ld"; Virt: "TARGET_FMT_ld"\n", env->priv, env->virt); +#endif log_target_disas(cpu, dcbase->pc_first, dcbase->tb->size); } From df30e652d42f9528e538d0a8de44879643a7fc0a Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:02:02 -0800 Subject: [PATCH 10/38] target/riscv: Dump Hypervisor registers if enabled Dump the Hypervisor registers and the current Hypervisor state. While we are editing this code let's also dump stvec and scause. Signed-off-by: Alistair Francis Signed-off-by: Atish Patra Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/cpu.c | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c index f7a35c74c2..44ad768a84 100644 --- a/target/riscv/cpu.c +++ b/target/riscv/cpu.c @@ -228,17 +228,50 @@ static void riscv_cpu_dump_state(CPUState *cs, FILE *f, int flags) CPURISCVState *env = &cpu->env; int i; +#if !defined(CONFIG_USER_ONLY) + if (riscv_has_ext(env, RVH)) { + qemu_fprintf(f, " %s %d\n", "V = ", riscv_cpu_virt_enabled(env)); + } +#endif qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "pc ", env->pc); #ifndef CONFIG_USER_ONLY qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "mhartid ", env->mhartid); qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "mstatus ", env->mstatus); + if (riscv_has_ext(env, RVH)) { + qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "hstatus ", env->hstatus); + qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "vsstatus ", env->vsstatus); + } qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "mip ", env->mip); qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "mie ", env->mie); qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "mideleg ", env->mideleg); + if (riscv_has_ext(env, RVH)) { + qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "hideleg ", env->hideleg); + } qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "medeleg ", env->medeleg); + if (riscv_has_ext(env, RVH)) { + qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "hedeleg ", env->hedeleg); + } qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "mtvec ", env->mtvec); + qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "stvec ", env->stvec); + if (riscv_has_ext(env, RVH)) { + qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "vstvec ", env->vstvec); + } qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "mepc ", env->mepc); + qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "sepc ", env->sepc); + if (riscv_has_ext(env, RVH)) { + qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "vsepc ", env->vsepc); + } qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "mcause ", env->mcause); + qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "scause ", env->scause); + if (riscv_has_ext(env, RVH)) { + qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "vscause ", env->vscause); + } + qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "mtval ", env->mtval); + qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "stval ", env->sbadaddr); + if (riscv_has_ext(env, RVH)) { + qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "htval ", env->htval); + qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "mtval2 ", env->mtval2); + } #endif for (i = 0; i < 32; i++) { From ff2cc1294cd8179d87de299b8e7a16bdb1e69523 Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:02:04 -0800 Subject: [PATCH 11/38] target/riscv: Add Hypervisor CSR access functions Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/csr.c | 136 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 134 insertions(+), 2 deletions(-) diff --git a/target/riscv/csr.c b/target/riscv/csr.c index c63b2f980c..bee639e92e 100644 --- a/target/riscv/csr.c +++ b/target/riscv/csr.c @@ -98,6 +98,20 @@ static int smode(CPURISCVState *env, int csrno) return -!riscv_has_ext(env, RVS); } +static int hmode(CPURISCVState *env, int csrno) +{ + if (riscv_has_ext(env, RVS) && + riscv_has_ext(env, RVH)) { + /* Hypervisor extension is supported */ + if ((env->priv == PRV_S && !riscv_cpu_virt_enabled(env)) || + env->priv == PRV_M) { + return 0; + } + } + + return -1; +} + static int pmp(CPURISCVState *env, int csrno) { return -!riscv_feature(env, RISCV_FEATURE_PMP); @@ -226,8 +240,9 @@ static int read_timeh(CPURISCVState *env, int csrno, target_ulong *val) /* Machine constants */ -#define M_MODE_INTERRUPTS (MIP_MSIP | MIP_MTIP | MIP_MEIP) -#define S_MODE_INTERRUPTS (MIP_SSIP | MIP_STIP | MIP_SEIP) +#define M_MODE_INTERRUPTS (MIP_MSIP | MIP_MTIP | MIP_MEIP) +#define S_MODE_INTERRUPTS (MIP_SSIP | MIP_STIP | MIP_SEIP) +#define VS_MODE_INTERRUPTS (MIP_VSSIP | MIP_VSTIP | MIP_VSEIP) static const target_ulong delegable_ints = S_MODE_INTERRUPTS; static const target_ulong all_ints = M_MODE_INTERRUPTS | S_MODE_INTERRUPTS; @@ -257,6 +272,7 @@ static const target_ulong sstatus_v1_10_mask = SSTATUS_SIE | SSTATUS_SPIE | SSTATUS_UIE | SSTATUS_UPIE | SSTATUS_SPP | SSTATUS_FS | SSTATUS_XS | SSTATUS_SUM | SSTATUS_MXR | SSTATUS_SD; static const target_ulong sip_writable_mask = SIP_SSIP | MIP_USIP | MIP_UEIP; +static const target_ulong hip_writable_mask = MIP_VSSIP | MIP_VSTIP | MIP_VSEIP; #if defined(TARGET_RISCV32) static const char valid_vm_1_09[16] = { @@ -756,6 +772,112 @@ static int write_satp(CPURISCVState *env, int csrno, target_ulong val) return 0; } +/* Hypervisor Extensions */ +static int read_hstatus(CPURISCVState *env, int csrno, target_ulong *val) +{ + *val = env->hstatus; + return 0; +} + +static int write_hstatus(CPURISCVState *env, int csrno, target_ulong val) +{ + env->hstatus = val; + return 0; +} + +static int read_hedeleg(CPURISCVState *env, int csrno, target_ulong *val) +{ + *val = env->hedeleg; + return 0; +} + +static int write_hedeleg(CPURISCVState *env, int csrno, target_ulong val) +{ + env->hedeleg = val; + return 0; +} + +static int read_hideleg(CPURISCVState *env, int csrno, target_ulong *val) +{ + *val = env->hideleg; + return 0; +} + +static int write_hideleg(CPURISCVState *env, int csrno, target_ulong val) +{ + env->hideleg = val; + return 0; +} + +static int rmw_hip(CPURISCVState *env, int csrno, target_ulong *ret_value, + target_ulong new_value, target_ulong write_mask) +{ + int ret = rmw_mip(env, 0, ret_value, new_value, + write_mask & hip_writable_mask); + + return ret; +} + +static int read_hie(CPURISCVState *env, int csrno, target_ulong *val) +{ + *val = env->mie & VS_MODE_INTERRUPTS; + return 0; +} + +static int write_hie(CPURISCVState *env, int csrno, target_ulong val) +{ + target_ulong newval = (env->mie & ~VS_MODE_INTERRUPTS) | (val & VS_MODE_INTERRUPTS); + return write_mie(env, CSR_MIE, newval); +} + +static int read_hcounteren(CPURISCVState *env, int csrno, target_ulong *val) +{ + *val = env->hcounteren; + return 0; +} + +static int write_hcounteren(CPURISCVState *env, int csrno, target_ulong val) +{ + env->hcounteren = val; + return 0; +} + +static int read_htval(CPURISCVState *env, int csrno, target_ulong *val) +{ + *val = env->htval; + return 0; +} + +static int write_htval(CPURISCVState *env, int csrno, target_ulong val) +{ + env->htval = val; + return 0; +} + +static int read_htinst(CPURISCVState *env, int csrno, target_ulong *val) +{ + *val = env->htinst; + return 0; +} + +static int write_htinst(CPURISCVState *env, int csrno, target_ulong val) +{ + env->htinst = val; + return 0; +} + +static int read_hgatp(CPURISCVState *env, int csrno, target_ulong *val) +{ + *val = env->hgatp; + return 0; +} + +static int write_hgatp(CPURISCVState *env, int csrno, target_ulong val) +{ + env->hgatp = val; + return 0; +} + /* Physical Memory Protection */ static int read_pmpcfg(CPURISCVState *env, int csrno, target_ulong *val) { @@ -959,6 +1081,16 @@ static riscv_csr_operations csr_ops[CSR_TABLE_SIZE] = { /* Supervisor Protection and Translation */ [CSR_SATP] = { smode, read_satp, write_satp }, + [CSR_HSTATUS] = { hmode, read_hstatus, write_hstatus }, + [CSR_HEDELEG] = { hmode, read_hedeleg, write_hedeleg }, + [CSR_HIDELEG] = { hmode, read_hideleg, write_hideleg }, + [CSR_HIP] = { hmode, NULL, NULL, rmw_hip }, + [CSR_HIE] = { hmode, read_hie, write_hie }, + [CSR_HCOUNTEREN] = { hmode, read_hcounteren, write_hcounteren }, + [CSR_HTVAL] = { hmode, read_htval, write_htval }, + [CSR_HTINST] = { hmode, read_htinst, write_htinst }, + [CSR_HGATP] = { hmode, read_hgatp, write_hgatp }, + /* Physical Memory Protection */ [CSR_PMPCFG0 ... CSR_PMPADDR9] = { pmp, read_pmpcfg, write_pmpcfg }, [CSR_PMPADDR0 ... CSR_PMPADDR15] = { pmp, read_pmpaddr, write_pmpaddr }, From 8747c9eeb2aaec8441d0900b198725ab33af4951 Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:02:07 -0800 Subject: [PATCH 12/38] target/riscv: Add Hypervisor virtual CSRs accesses Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/csr.c | 116 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 116 insertions(+) diff --git a/target/riscv/csr.c b/target/riscv/csr.c index bee639e92e..3fa8d2cfda 100644 --- a/target/riscv/csr.c +++ b/target/riscv/csr.c @@ -273,6 +273,7 @@ static const target_ulong sstatus_v1_10_mask = SSTATUS_SIE | SSTATUS_SPIE | SSTATUS_SUM | SSTATUS_MXR | SSTATUS_SD; static const target_ulong sip_writable_mask = SIP_SSIP | MIP_USIP | MIP_UEIP; static const target_ulong hip_writable_mask = MIP_VSSIP | MIP_VSTIP | MIP_VSEIP; +static const target_ulong vsip_writable_mask = MIP_VSSIP; #if defined(TARGET_RISCV32) static const char valid_vm_1_09[16] = { @@ -878,6 +879,111 @@ static int write_hgatp(CPURISCVState *env, int csrno, target_ulong val) return 0; } +/* Virtual CSR Registers */ +static int read_vsstatus(CPURISCVState *env, int csrno, target_ulong *val) +{ + *val = env->vsstatus; + return 0; +} + +static int write_vsstatus(CPURISCVState *env, int csrno, target_ulong val) +{ + env->vsstatus = val; + return 0; +} + +static int rmw_vsip(CPURISCVState *env, int csrno, target_ulong *ret_value, + target_ulong new_value, target_ulong write_mask) +{ + int ret = rmw_mip(env, 0, ret_value, new_value, + write_mask & env->mideleg & vsip_writable_mask); + return ret; +} + +static int read_vsie(CPURISCVState *env, int csrno, target_ulong *val) +{ + *val = env->mie & env->mideleg & VS_MODE_INTERRUPTS; + return 0; +} + +static int write_vsie(CPURISCVState *env, int csrno, target_ulong val) +{ + target_ulong newval = (env->mie & ~env->mideleg) | (val & env->mideleg & MIP_VSSIP); + return write_mie(env, CSR_MIE, newval); +} + +static int read_vstvec(CPURISCVState *env, int csrno, target_ulong *val) +{ + *val = env->vstvec; + return 0; +} + +static int write_vstvec(CPURISCVState *env, int csrno, target_ulong val) +{ + env->vstvec = val; + return 0; +} + +static int read_vsscratch(CPURISCVState *env, int csrno, target_ulong *val) +{ + *val = env->vsscratch; + return 0; +} + +static int write_vsscratch(CPURISCVState *env, int csrno, target_ulong val) +{ + env->vsscratch = val; + return 0; +} + +static int read_vsepc(CPURISCVState *env, int csrno, target_ulong *val) +{ + *val = env->vsepc; + return 0; +} + +static int write_vsepc(CPURISCVState *env, int csrno, target_ulong val) +{ + env->vsepc = val; + return 0; +} + +static int read_vscause(CPURISCVState *env, int csrno, target_ulong *val) +{ + *val = env->vscause; + return 0; +} + +static int write_vscause(CPURISCVState *env, int csrno, target_ulong val) +{ + env->vscause = val; + return 0; +} + +static int read_vstval(CPURISCVState *env, int csrno, target_ulong *val) +{ + *val = env->vstval; + return 0; +} + +static int write_vstval(CPURISCVState *env, int csrno, target_ulong val) +{ + env->vstval = val; + return 0; +} + +static int read_vsatp(CPURISCVState *env, int csrno, target_ulong *val) +{ + *val = env->vsatp; + return 0; +} + +static int write_vsatp(CPURISCVState *env, int csrno, target_ulong val) +{ + env->vsatp = val; + return 0; +} + /* Physical Memory Protection */ static int read_pmpcfg(CPURISCVState *env, int csrno, target_ulong *val) { @@ -1091,6 +1197,16 @@ static riscv_csr_operations csr_ops[CSR_TABLE_SIZE] = { [CSR_HTINST] = { hmode, read_htinst, write_htinst }, [CSR_HGATP] = { hmode, read_hgatp, write_hgatp }, + [CSR_VSSTATUS] = { hmode, read_vsstatus, write_vsstatus }, + [CSR_VSIP] = { hmode, NULL, NULL, rmw_vsip }, + [CSR_VSIE] = { hmode, read_vsie, write_vsie }, + [CSR_VSTVEC] = { hmode, read_vstvec, write_vstvec }, + [CSR_VSSCRATCH] = { hmode, read_vsscratch, write_vsscratch }, + [CSR_VSEPC] = { hmode, read_vsepc, write_vsepc }, + [CSR_VSCAUSE] = { hmode, read_vscause, write_vscause }, + [CSR_VSTVAL] = { hmode, read_vstval, write_vstval }, + [CSR_VSATP] = { hmode, read_vsatp, write_vsatp }, + /* Physical Memory Protection */ [CSR_PMPCFG0 ... CSR_PMPADDR9] = { pmp, read_pmpcfg, write_pmpcfg }, [CSR_PMPADDR0 ... CSR_PMPADDR15] = { pmp, read_pmpaddr, write_pmpaddr }, From 34cfb5f61842d495c6f6fc3eeb4197b5b44fd570 Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:02:10 -0800 Subject: [PATCH 13/38] target/riscv: Add Hypervisor machine CSRs accesses Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/csr.c | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/target/riscv/csr.c b/target/riscv/csr.c index 3fa8d2cfda..f7333286bd 100644 --- a/target/riscv/csr.c +++ b/target/riscv/csr.c @@ -984,6 +984,30 @@ static int write_vsatp(CPURISCVState *env, int csrno, target_ulong val) return 0; } +static int read_mtval2(CPURISCVState *env, int csrno, target_ulong *val) +{ + *val = env->mtval2; + return 0; +} + +static int write_mtval2(CPURISCVState *env, int csrno, target_ulong val) +{ + env->mtval2 = val; + return 0; +} + +static int read_mtinst(CPURISCVState *env, int csrno, target_ulong *val) +{ + *val = env->mtinst; + return 0; +} + +static int write_mtinst(CPURISCVState *env, int csrno, target_ulong val) +{ + env->mtinst = val; + return 0; +} + /* Physical Memory Protection */ static int read_pmpcfg(CPURISCVState *env, int csrno, target_ulong *val) { @@ -1207,6 +1231,9 @@ static riscv_csr_operations csr_ops[CSR_TABLE_SIZE] = { [CSR_VSTVAL] = { hmode, read_vstval, write_vstval }, [CSR_VSATP] = { hmode, read_vsatp, write_vsatp }, + [CSR_MTVAL2] = { hmode, read_mtval2, write_mtval2 }, + [CSR_MTINST] = { hmode, read_mtinst, write_mtinst }, + /* Physical Memory Protection */ [CSR_PMPCFG0 ... CSR_PMPADDR9] = { pmp, read_pmpcfg, write_pmpcfg }, [CSR_PMPADDR0 ... CSR_PMPADDR15] = { pmp, read_pmpaddr, write_pmpaddr }, From 66e594f2800ddc55f908830bf9e8dc4cda1304fe Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:02:12 -0800 Subject: [PATCH 14/38] target/riscv: Add virtual register swapping function Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/cpu.h | 11 +++++++ target/riscv/cpu_bits.h | 7 +++++ target/riscv/cpu_helper.c | 61 +++++++++++++++++++++++++++++++++++++++ 3 files changed, 79 insertions(+) diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index 42720d65f9..5b889a0065 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -125,6 +125,7 @@ struct CPURISCVState { target_ulong mstatus; target_ulong mip; + uint32_t miclaim; target_ulong mie; @@ -166,6 +167,15 @@ struct CPURISCVState { target_ulong mtval2; target_ulong mtinst; + /* HS Backup CSRs */ + target_ulong stvec_hs; + target_ulong sscratch_hs; + target_ulong sepc_hs; + target_ulong scause_hs; + target_ulong stval_hs; + target_ulong satp_hs; + target_ulong mstatus_hs; + target_ulong scounteren; target_ulong mcounteren; @@ -296,6 +306,7 @@ void riscv_cpu_list(void); #define cpu_mmu_index riscv_cpu_mmu_index #ifndef CONFIG_USER_ONLY +void riscv_cpu_swap_hypervisor_regs(CPURISCVState *env); int riscv_cpu_claim_interrupts(RISCVCPU *cpu, uint32_t interrupts); uint32_t riscv_cpu_update_mip(RISCVCPU *cpu, uint32_t mask, uint32_t value); #define BOOL_TO_MASK(x) (-!!(x)) /* helper for riscv_cpu_update_mip value */ diff --git a/target/riscv/cpu_bits.h b/target/riscv/cpu_bits.h index ad6479796c..a24654d137 100644 --- a/target/riscv/cpu_bits.h +++ b/target/riscv/cpu_bits.h @@ -553,4 +553,11 @@ #define SIP_STIP MIP_STIP #define SIP_SEIP MIP_SEIP +/* MIE masks */ +#define MIE_SEIE (1 << IRQ_S_EXT) +#define MIE_UEIE (1 << IRQ_U_EXT) +#define MIE_STIE (1 << IRQ_S_TIMER) +#define MIE_UTIE (1 << IRQ_U_TIMER) +#define MIE_SSIE (1 << IRQ_S_SOFT) +#define MIE_USIE (1 << IRQ_U_SOFT) #endif diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index e36ee7d58e..9d5a06499f 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -82,6 +82,67 @@ bool riscv_cpu_fp_enabled(CPURISCVState *env) return false; } +void riscv_cpu_swap_hypervisor_regs(CPURISCVState *env) +{ + target_ulong mstatus_mask = MSTATUS_MXR | MSTATUS_SUM | MSTATUS_FS | + MSTATUS_SPP | MSTATUS_SPIE | MSTATUS_SIE; + bool current_virt = riscv_cpu_virt_enabled(env); + + g_assert(riscv_has_ext(env, RVH)); + +#if defined(TARGET_RISCV64) + mstatus_mask |= MSTATUS64_UXL; +#endif + + if (current_virt) { + /* Current V=1 and we are about to change to V=0 */ + env->vsstatus = env->mstatus & mstatus_mask; + env->mstatus &= ~mstatus_mask; + env->mstatus |= env->mstatus_hs; + + env->vstvec = env->stvec; + env->stvec = env->stvec_hs; + + env->vsscratch = env->sscratch; + env->sscratch = env->sscratch_hs; + + env->vsepc = env->sepc; + env->sepc = env->sepc_hs; + + env->vscause = env->scause; + env->scause = env->scause_hs; + + env->vstval = env->sbadaddr; + env->sbadaddr = env->stval_hs; + + env->vsatp = env->satp; + env->satp = env->satp_hs; + } else { + /* Current V=0 and we are about to change to V=1 */ + env->mstatus_hs = env->mstatus & mstatus_mask; + env->mstatus &= ~mstatus_mask; + env->mstatus |= env->vsstatus; + + env->stvec_hs = env->stvec; + env->stvec = env->vstvec; + + env->sscratch_hs = env->sscratch; + env->sscratch = env->vsscratch; + + env->sepc_hs = env->sepc; + env->sepc = env->vsepc; + + env->scause_hs = env->scause; + env->scause = env->vscause; + + env->stval_hs = env->sbadaddr; + env->sbadaddr = env->vstval; + + env->satp_hs = env->satp; + env->satp = env->vsatp; + } +} + bool riscv_cpu_virt_enabled(CPURISCVState *env) { if (!riscv_has_ext(env, RVH)) { From 713d8363deb3774db14fb88a9fcd99687dcef114 Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:02:15 -0800 Subject: [PATCH 15/38] target/riscv: Set VS bits in mideleg for Hyp extension Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/csr.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/target/riscv/csr.c b/target/riscv/csr.c index f7333286bd..c0e942684d 100644 --- a/target/riscv/csr.c +++ b/target/riscv/csr.c @@ -448,6 +448,9 @@ static int read_mideleg(CPURISCVState *env, int csrno, target_ulong *val) static int write_mideleg(CPURISCVState *env, int csrno, target_ulong val) { env->mideleg = (env->mideleg & ~delegable_ints) | (val & delegable_ints); + if (riscv_has_ext(env, RVH)) { + env->mideleg |= VS_MODE_INTERRUPTS; + } return 0; } From d0e53ce33ec8f66ffa597c634d50be73264aeadb Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:02:17 -0800 Subject: [PATCH 16/38] target/riscv: Extend the MIE CSR to support virtulisation Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/csr.c | 24 ++++++++++++++++++++---- 1 file changed, 20 insertions(+), 4 deletions(-) diff --git a/target/riscv/csr.c b/target/riscv/csr.c index c0e942684d..918678789a 100644 --- a/target/riscv/csr.c +++ b/target/riscv/csr.c @@ -244,8 +244,10 @@ static int read_timeh(CPURISCVState *env, int csrno, target_ulong *val) #define S_MODE_INTERRUPTS (MIP_SSIP | MIP_STIP | MIP_SEIP) #define VS_MODE_INTERRUPTS (MIP_VSSIP | MIP_VSTIP | MIP_VSEIP) -static const target_ulong delegable_ints = S_MODE_INTERRUPTS; -static const target_ulong all_ints = M_MODE_INTERRUPTS | S_MODE_INTERRUPTS; +static const target_ulong delegable_ints = S_MODE_INTERRUPTS | + VS_MODE_INTERRUPTS; +static const target_ulong all_ints = M_MODE_INTERRUPTS | S_MODE_INTERRUPTS | + VS_MODE_INTERRUPTS; static const target_ulong delegable_excps = (1ULL << (RISCV_EXCP_INST_ADDR_MIS)) | (1ULL << (RISCV_EXCP_INST_ACCESS_FAULT)) | @@ -630,13 +632,27 @@ static int write_sstatus(CPURISCVState *env, int csrno, target_ulong val) static int read_sie(CPURISCVState *env, int csrno, target_ulong *val) { - *val = env->mie & env->mideleg; + if (riscv_cpu_virt_enabled(env)) { + /* Tell the guest the VS bits, shifted to the S bit locations */ + *val = (env->mie & env->mideleg & VS_MODE_INTERRUPTS) >> 1; + } else { + *val = env->mie & env->mideleg; + } return 0; } static int write_sie(CPURISCVState *env, int csrno, target_ulong val) { - target_ulong newval = (env->mie & ~env->mideleg) | (val & env->mideleg); + target_ulong newval; + + if (riscv_cpu_virt_enabled(env)) { + /* Shift the guests S bits to VS */ + newval = (env->mie & ~VS_MODE_INTERRUPTS) | + ((val << 1) & VS_MODE_INTERRUPTS); + } else { + newval = (env->mie & ~S_MODE_INTERRUPTS) | (val & S_MODE_INTERRUPTS); + } + return write_mie(env, CSR_MIE, newval); } From a2e9f57d06279220b1834eca2494e52adae121b8 Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:02:20 -0800 Subject: [PATCH 17/38] target/riscv: Extend the SIP CSR to support virtulisation Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/csr.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/target/riscv/csr.c b/target/riscv/csr.c index 918678789a..2e6700bbeb 100644 --- a/target/riscv/csr.c +++ b/target/riscv/csr.c @@ -743,8 +743,19 @@ static int write_sbadaddr(CPURISCVState *env, int csrno, target_ulong val) static int rmw_sip(CPURISCVState *env, int csrno, target_ulong *ret_value, target_ulong new_value, target_ulong write_mask) { - int ret = rmw_mip(env, CSR_MSTATUS, ret_value, new_value, + int ret; + + if (riscv_cpu_virt_enabled(env)) { + /* Shift the new values to line up with the VS bits */ + ret = rmw_mip(env, CSR_MSTATUS, ret_value, new_value << 1, + (write_mask & sip_writable_mask) << 1 & env->mideleg); + ret &= vsip_writable_mask; + ret >>= 1; + } else { + ret = rmw_mip(env, CSR_MSTATUS, ret_value, new_value, write_mask & env->mideleg & sip_writable_mask); + } + *ret_value &= env->mideleg; return ret; } From 3ef10a098b0d3ebb02bf8e1325adc3b77af92f0b Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:02:23 -0800 Subject: [PATCH 18/38] target/riscv: Add support for virtual interrupt setting Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/cpu_helper.c | 33 ++++++++++++++++++++++++++++----- 1 file changed, 28 insertions(+), 5 deletions(-) diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index 9d5a06499f..ccf67aca05 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -37,13 +37,36 @@ int riscv_cpu_mmu_index(CPURISCVState *env, bool ifetch) #ifndef CONFIG_USER_ONLY static int riscv_cpu_local_irq_pending(CPURISCVState *env) { + target_ulong irqs; + target_ulong mstatus_mie = get_field(env->mstatus, MSTATUS_MIE); target_ulong mstatus_sie = get_field(env->mstatus, MSTATUS_SIE); - target_ulong pending = env->mip & env->mie; - target_ulong mie = env->priv < PRV_M || (env->priv == PRV_M && mstatus_mie); - target_ulong sie = env->priv < PRV_S || (env->priv == PRV_S && mstatus_sie); - target_ulong irqs = (pending & ~env->mideleg & -mie) | - (pending & env->mideleg & -sie); + target_ulong hs_mstatus_sie = get_field(env->mstatus_hs, MSTATUS_SIE); + + target_ulong pending = env->mip & env->mie & + ~(MIP_VSSIP | MIP_VSTIP | MIP_VSEIP); + target_ulong vspending = (env->mip & env->mie & + (MIP_VSSIP | MIP_VSTIP | MIP_VSEIP)) >> 1; + + target_ulong mie = env->priv < PRV_M || + (env->priv == PRV_M && mstatus_mie); + target_ulong sie = env->priv < PRV_S || + (env->priv == PRV_S && mstatus_sie); + target_ulong hs_sie = env->priv < PRV_S || + (env->priv == PRV_S && hs_mstatus_sie); + + if (riscv_cpu_virt_enabled(env)) { + target_ulong pending_hs_irq = pending & -hs_sie; + + if (pending_hs_irq) { + riscv_cpu_set_force_hs_excep(env, FORCE_HS_EXCEP); + return ctz64(pending_hs_irq); + } + + pending = vspending; + } + + irqs = (pending & ~env->mideleg & -mie) | (pending & env->mideleg & -sie); if (irqs) { return ctz64(irqs); /* since non-zero */ From eccc5a12c2fd1c646c69a1e7de29183b7a559973 Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:02:25 -0800 Subject: [PATCH 19/38] target/ricsv: Flush the TLB on virtulisation mode changes To ensure our TLB isn't out-of-date we flush it on all virt mode changes. Unlike priv mode this isn't saved in the mmu_idx as all guests share V=1. The easiest option is just to flush on all changes. Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/cpu_helper.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index ccf67aca05..a8b114ae16 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -181,6 +181,11 @@ void riscv_cpu_set_virt_enabled(CPURISCVState *env, bool enable) return; } + /* Flush the TLB on all virt mode changes. */ + if (get_field(env->virt, VIRT_ONOFF) != enable) { + tlb_flush(env_cpu(env)); + } + env->virt = set_field(env->virt, VIRT_ONOFF, enable); } From 9d0d11269671646be7475cc01142e9d3ed8ae59c Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:02:28 -0800 Subject: [PATCH 20/38] target/riscv: Generate illegal instruction on WFI when V=1 Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/op_helper.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/target/riscv/op_helper.c b/target/riscv/op_helper.c index e87c9115bc..455eb28907 100644 --- a/target/riscv/op_helper.c +++ b/target/riscv/op_helper.c @@ -130,9 +130,10 @@ void helper_wfi(CPURISCVState *env) { CPUState *cs = env_cpu(env); - if (env->priv == PRV_S && + if ((env->priv == PRV_S && env->priv_ver >= PRIV_VERSION_1_10_0 && - get_field(env->mstatus, MSTATUS_TW)) { + get_field(env->mstatus, MSTATUS_TW)) || + riscv_cpu_virt_enabled(env)) { riscv_raise_exception(env, RISCV_EXCP_ILLEGAL_INST, GETPC()); } else { cs->halted = 1; From 5eb9e782f523d2898e2dacd86c6e41365dae74b3 Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:02:30 -0800 Subject: [PATCH 21/38] target/riscv: Add hypvervisor trap support Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/cpu_helper.c | 69 +++++++++++++++++++++++++++++++++------ 1 file changed, 59 insertions(+), 10 deletions(-) diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index a8b114ae16..895b6ca25d 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -641,6 +641,8 @@ void riscv_cpu_do_interrupt(CPUState *cs) RISCVCPU *cpu = RISCV_CPU(cs); CPURISCVState *env = &cpu->env; + bool force_hs_execp = riscv_cpu_force_hs_excep_enabled(env); + target_ulong s; /* cs->exception is 32-bits wide unlike mcause which is XLEN-bits wide * so we mask off the MSB and separate into trap type and cause. @@ -650,19 +652,14 @@ void riscv_cpu_do_interrupt(CPUState *cs) target_ulong deleg = async ? env->mideleg : env->medeleg; target_ulong tval = 0; - static const int ecall_cause_map[] = { - [PRV_U] = RISCV_EXCP_U_ECALL, - [PRV_S] = RISCV_EXCP_S_ECALL, - [PRV_H] = RISCV_EXCP_VS_ECALL, - [PRV_M] = RISCV_EXCP_M_ECALL - }; - if (!async) { /* set tval to badaddr for traps with address information */ switch (cause) { case RISCV_EXCP_INST_GUEST_PAGE_FAULT: case RISCV_EXCP_LOAD_GUEST_ACCESS_FAULT: case RISCV_EXCP_STORE_GUEST_AMO_ACCESS_FAULT: + force_hs_execp = true; + /* fallthrough */ case RISCV_EXCP_INST_ADDR_MIS: case RISCV_EXCP_INST_ACCESS_FAULT: case RISCV_EXCP_LOAD_ADDR_MIS: @@ -680,7 +677,16 @@ void riscv_cpu_do_interrupt(CPUState *cs) /* ecall is dispatched as one cause so translate based on mode */ if (cause == RISCV_EXCP_U_ECALL) { assert(env->priv <= 3); - cause = ecall_cause_map[env->priv]; + + if (env->priv == PRV_M) { + cause = RISCV_EXCP_M_ECALL; + } else if (env->priv == PRV_S && riscv_cpu_virt_enabled(env)) { + cause = RISCV_EXCP_VS_ECALL; + } else if (env->priv == PRV_S && !riscv_cpu_virt_enabled(env)) { + cause = RISCV_EXCP_S_ECALL; + } else if (env->priv == PRV_U) { + cause = RISCV_EXCP_U_ECALL; + } } } @@ -690,7 +696,36 @@ void riscv_cpu_do_interrupt(CPUState *cs) if (env->priv <= PRV_S && cause < TARGET_LONG_BITS && ((deleg >> cause) & 1)) { /* handle the trap in S-mode */ - target_ulong s = env->mstatus; + if (riscv_has_ext(env, RVH)) { + target_ulong hdeleg = async ? env->hideleg : env->hedeleg; + + if (riscv_cpu_virt_enabled(env) && ((hdeleg >> cause) & 1) && + !force_hs_execp) { + /* Trap to VS mode */ + } else if (riscv_cpu_virt_enabled(env)) { + /* Trap into HS mode, from virt */ + riscv_cpu_swap_hypervisor_regs(env); + env->hstatus = set_field(env->hstatus, HSTATUS_SP2V, + get_field(env->hstatus, HSTATUS_SPV)); + env->hstatus = set_field(env->hstatus, HSTATUS_SP2P, + get_field(env->mstatus, SSTATUS_SPP)); + env->hstatus = set_field(env->hstatus, HSTATUS_SPV, + riscv_cpu_virt_enabled(env)); + + riscv_cpu_set_virt_enabled(env, 0); + riscv_cpu_set_force_hs_excep(env, 0); + } else { + /* Trap into HS mode */ + env->hstatus = set_field(env->hstatus, HSTATUS_SP2V, + get_field(env->hstatus, HSTATUS_SPV)); + env->hstatus = set_field(env->hstatus, HSTATUS_SP2P, + get_field(env->mstatus, SSTATUS_SPP)); + env->hstatus = set_field(env->hstatus, HSTATUS_SPV, + riscv_cpu_virt_enabled(env)); + } + } + + s = env->mstatus; s = set_field(s, MSTATUS_SPIE, env->priv_ver >= PRIV_VERSION_1_10_0 ? get_field(s, MSTATUS_SIE) : get_field(s, MSTATUS_UIE << env->priv)); s = set_field(s, MSTATUS_SPP, env->priv); @@ -704,7 +739,21 @@ void riscv_cpu_do_interrupt(CPUState *cs) riscv_cpu_set_mode(env, PRV_S); } else { /* handle the trap in M-mode */ - target_ulong s = env->mstatus; + if (riscv_has_ext(env, RVH)) { + if (riscv_cpu_virt_enabled(env)) { + riscv_cpu_swap_hypervisor_regs(env); + } + env->mstatus = set_field(env->mstatus, MSTATUS_MPV, + riscv_cpu_virt_enabled(env)); + env->mstatus = set_field(env->mstatus, MSTATUS_MTL, + riscv_cpu_force_hs_excep_enabled(env)); + + /* Trapping to M mode, virt is disabled */ + riscv_cpu_set_virt_enabled(env, 0); + riscv_cpu_set_force_hs_excep(env, 0); + } + + s = env->mstatus; s = set_field(s, MSTATUS_MPIE, env->priv_ver >= PRIV_VERSION_1_10_0 ? get_field(s, MSTATUS_MIE) : get_field(s, MSTATUS_UIE << env->priv)); s = set_field(s, MSTATUS_MPP, env->priv); From e3fba4bab668a41f7cec6405c5aeb21497bd7c83 Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:02:33 -0800 Subject: [PATCH 22/38] target/riscv: Add Hypervisor trap return support Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/op_helper.c | 62 +++++++++++++++++++++++++++++++++------- 1 file changed, 52 insertions(+), 10 deletions(-) diff --git a/target/riscv/op_helper.c b/target/riscv/op_helper.c index 455eb28907..804936e9d5 100644 --- a/target/riscv/op_helper.c +++ b/target/riscv/op_helper.c @@ -73,6 +73,8 @@ target_ulong helper_csrrc(CPURISCVState *env, target_ulong src, target_ulong helper_sret(CPURISCVState *env, target_ulong cpu_pc_deb) { + target_ulong prev_priv, prev_virt, mstatus; + if (!(env->priv >= PRV_S)) { riscv_raise_exception(env, RISCV_EXCP_ILLEGAL_INST, GETPC()); } @@ -87,16 +89,46 @@ target_ulong helper_sret(CPURISCVState *env, target_ulong cpu_pc_deb) riscv_raise_exception(env, RISCV_EXCP_ILLEGAL_INST, GETPC()); } - target_ulong mstatus = env->mstatus; - target_ulong prev_priv = get_field(mstatus, MSTATUS_SPP); - mstatus = set_field(mstatus, - env->priv_ver >= PRIV_VERSION_1_10_0 ? - MSTATUS_SIE : MSTATUS_UIE << prev_priv, - get_field(mstatus, MSTATUS_SPIE)); - mstatus = set_field(mstatus, MSTATUS_SPIE, 1); - mstatus = set_field(mstatus, MSTATUS_SPP, PRV_U); + mstatus = env->mstatus; + + if (riscv_has_ext(env, RVH) && !riscv_cpu_virt_enabled(env)) { + /* We support Hypervisor extensions and virtulisation is disabled */ + target_ulong hstatus = env->hstatus; + + prev_priv = get_field(mstatus, MSTATUS_SPP); + prev_virt = get_field(hstatus, HSTATUS_SPV); + + hstatus = set_field(hstatus, HSTATUS_SPV, + get_field(hstatus, HSTATUS_SP2V)); + mstatus = set_field(mstatus, MSTATUS_SPP, + get_field(hstatus, HSTATUS_SP2P)); + hstatus = set_field(hstatus, HSTATUS_SP2V, 0); + hstatus = set_field(hstatus, HSTATUS_SP2P, 0); + mstatus = set_field(mstatus, SSTATUS_SIE, + get_field(mstatus, SSTATUS_SPIE)); + mstatus = set_field(mstatus, SSTATUS_SPIE, 1); + + env->mstatus = mstatus; + env->hstatus = hstatus; + + if (prev_virt) { + riscv_cpu_swap_hypervisor_regs(env); + } + + riscv_cpu_set_virt_enabled(env, prev_virt); + } else { + prev_priv = get_field(mstatus, MSTATUS_SPP); + + mstatus = set_field(mstatus, + env->priv_ver >= PRIV_VERSION_1_10_0 ? + MSTATUS_SIE : MSTATUS_UIE << prev_priv, + get_field(mstatus, MSTATUS_SPIE)); + mstatus = set_field(mstatus, MSTATUS_SPIE, 1); + mstatus = set_field(mstatus, MSTATUS_SPP, PRV_U); + env->mstatus = mstatus; + } + riscv_cpu_set_mode(env, prev_priv); - env->mstatus = mstatus; return retpc; } @@ -114,14 +146,24 @@ target_ulong helper_mret(CPURISCVState *env, target_ulong cpu_pc_deb) target_ulong mstatus = env->mstatus; target_ulong prev_priv = get_field(mstatus, MSTATUS_MPP); + target_ulong prev_virt = get_field(mstatus, MSTATUS_MPV); mstatus = set_field(mstatus, env->priv_ver >= PRIV_VERSION_1_10_0 ? MSTATUS_MIE : MSTATUS_UIE << prev_priv, get_field(mstatus, MSTATUS_MPIE)); mstatus = set_field(mstatus, MSTATUS_MPIE, 1); mstatus = set_field(mstatus, MSTATUS_MPP, PRV_U); - riscv_cpu_set_mode(env, prev_priv); + mstatus = set_field(mstatus, MSTATUS_MPV, 0); env->mstatus = mstatus; + riscv_cpu_set_mode(env, prev_priv); + + if (riscv_has_ext(env, RVH)) { + if (prev_virt) { + riscv_cpu_swap_hypervisor_regs(env); + } + + riscv_cpu_set_virt_enabled(env, prev_virt); + } return retpc; } From 895c412cb6e79b7b08bd3c2d2fcb70a3cab6ff8a Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:02:36 -0800 Subject: [PATCH 23/38] target/riscv: Add hfence instructions Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/insn32.decode | 23 ++++++----- .../riscv/insn_trans/trans_privileged.inc.c | 40 +++++++++++++++++++ 2 files changed, 54 insertions(+), 9 deletions(-) diff --git a/target/riscv/insn32.decode b/target/riscv/insn32.decode index 77f794ed70..cfd9ca6d2b 100644 --- a/target/riscv/insn32.decode +++ b/target/riscv/insn32.decode @@ -63,20 +63,25 @@ @r2_rm ....... ..... ..... ... ..... ....... %rs1 %rm %rd @r2 ....... ..... ..... ... ..... ....... %rs1 %rd +@hfence_gvma ....... ..... ..... ... ..... ....... %rs2 %rs1 +@hfence_bvma ....... ..... ..... ... ..... ....... %rs2 %rs1 + @sfence_vma ....... ..... ..... ... ..... ....... %rs2 %rs1 @sfence_vm ....... ..... ..... ... ..... ....... %rs1 # *** Privileged Instructions *** -ecall 000000000000 00000 000 00000 1110011 -ebreak 000000000001 00000 000 00000 1110011 -uret 0000000 00010 00000 000 00000 1110011 -sret 0001000 00010 00000 000 00000 1110011 -hret 0010000 00010 00000 000 00000 1110011 -mret 0011000 00010 00000 000 00000 1110011 -wfi 0001000 00101 00000 000 00000 1110011 -sfence_vma 0001001 ..... ..... 000 00000 1110011 @sfence_vma -sfence_vm 0001000 00100 ..... 000 00000 1110011 @sfence_vm +ecall 000000000000 00000 000 00000 1110011 +ebreak 000000000001 00000 000 00000 1110011 +uret 0000000 00010 00000 000 00000 1110011 +sret 0001000 00010 00000 000 00000 1110011 +hret 0010000 00010 00000 000 00000 1110011 +mret 0011000 00010 00000 000 00000 1110011 +wfi 0001000 00101 00000 000 00000 1110011 +hfence_gvma 0110001 ..... ..... 000 00000 1110011 @hfence_gvma +hfence_bvma 0010001 ..... ..... 000 00000 1110011 @hfence_bvma +sfence_vma 0001001 ..... ..... 000 00000 1110011 @sfence_vma +sfence_vm 0001000 00100 ..... 000 00000 1110011 @sfence_vm # *** RV32I Base Instruction Set *** lui .................... ..... 0110111 @u diff --git a/target/riscv/insn_trans/trans_privileged.inc.c b/target/riscv/insn_trans/trans_privileged.inc.c index c5e4b3e49a..b9b5a89b52 100644 --- a/target/riscv/insn_trans/trans_privileged.inc.c +++ b/target/riscv/insn_trans/trans_privileged.inc.c @@ -108,3 +108,43 @@ static bool trans_sfence_vm(DisasContext *ctx, arg_sfence_vm *a) #endif return false; } + +static bool trans_hfence_gvma(DisasContext *ctx, arg_sfence_vma *a) +{ +#ifndef CONFIG_USER_ONLY + if (ctx->priv_ver >= PRIV_VERSION_1_10_0 && + has_ext(ctx, RVH)) { + /* Hpervisor extensions exist */ + /* + * if (env->priv == PRV_M || + * (env->priv == PRV_S && + * !riscv_cpu_virt_enabled(env) && + * get_field(ctx->mstatus_fs, MSTATUS_TVM))) { + */ + gen_helper_tlb_flush(cpu_env); + return true; + /* } */ + } +#endif + return false; +} + +static bool trans_hfence_bvma(DisasContext *ctx, arg_sfence_vma *a) +{ +#ifndef CONFIG_USER_ONLY + if (ctx->priv_ver >= PRIV_VERSION_1_10_0 && + has_ext(ctx, RVH)) { + /* Hpervisor extensions exist */ + /* + * if (env->priv == PRV_M || + * (env->priv == PRV_S && + * !riscv_cpu_virt_enabled(env) && + * get_field(ctx->mstatus_fs, MSTATUS_TVM))) { + */ + gen_helper_tlb_flush(cpu_env); + return true; + /* } */ + } +#endif + return false; +} From 0736febb2d0e1bb503ca07091c16a16e78480366 Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:02:38 -0800 Subject: [PATCH 24/38] target/riscv: Remove the hret instruction The hret instruction does not exist in the new spec versions, so remove it from QEMU. Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/insn32.decode | 1 - target/riscv/insn_trans/trans_privileged.inc.c | 5 ----- 2 files changed, 6 deletions(-) diff --git a/target/riscv/insn32.decode b/target/riscv/insn32.decode index cfd9ca6d2b..b883672e63 100644 --- a/target/riscv/insn32.decode +++ b/target/riscv/insn32.decode @@ -75,7 +75,6 @@ ecall 000000000000 00000 000 00000 1110011 ebreak 000000000001 00000 000 00000 1110011 uret 0000000 00010 00000 000 00000 1110011 sret 0001000 00010 00000 000 00000 1110011 -hret 0010000 00010 00000 000 00000 1110011 mret 0011000 00010 00000 000 00000 1110011 wfi 0001000 00101 00000 000 00000 1110011 hfence_gvma 0110001 ..... ..... 000 00000 1110011 @hfence_gvma diff --git a/target/riscv/insn_trans/trans_privileged.inc.c b/target/riscv/insn_trans/trans_privileged.inc.c index b9b5a89b52..76c2fad71c 100644 --- a/target/riscv/insn_trans/trans_privileged.inc.c +++ b/target/riscv/insn_trans/trans_privileged.inc.c @@ -58,11 +58,6 @@ static bool trans_sret(DisasContext *ctx, arg_sret *a) #endif } -static bool trans_hret(DisasContext *ctx, arg_hret *a) -{ - return false; -} - static bool trans_mret(DisasContext *ctx, arg_mret *a) { #ifndef CONFIG_USER_ONLY From e28eaed87902c5e852c3ed043b27204e879aa4e2 Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:02:41 -0800 Subject: [PATCH 25/38] target/riscv: Only set TB flags with FP status if enabled Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/cpu.h | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index 5b889a0065..aa04e5cca7 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -332,7 +332,10 @@ static inline void cpu_get_tb_cpu_state(CPURISCVState *env, target_ulong *pc, #ifdef CONFIG_USER_ONLY *flags = TB_FLAGS_MSTATUS_FS; #else - *flags = cpu_mmu_index(env, 0) | (env->mstatus & MSTATUS_FS); + *flags = cpu_mmu_index(env, 0); + if (riscv_cpu_fp_enabled(env)) { + *flags |= env->mstatus & MSTATUS_FS; + } #endif } From 29409c1d921d607873268671bf11a088efb5558e Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:02:44 -0800 Subject: [PATCH 26/38] target/riscv: Disable guest FP support based on virtual status When the Hypervisor extension is in use we only enable floating point support when both status and vsstatus have enabled floating point support. Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/cpu_helper.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index 895b6ca25d..d9a29d702a 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -99,6 +99,9 @@ bool riscv_cpu_exec_interrupt(CPUState *cs, int interrupt_request) bool riscv_cpu_fp_enabled(CPURISCVState *env) { if (env->mstatus & MSTATUS_FS) { + if (riscv_cpu_virt_enabled(env) && !(env->mstatus_hs & MSTATUS_FS)) { + return false; + } return true; } From 45b4dc8b403aa5473ec015336adf7d14d88e85c5 Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:02:46 -0800 Subject: [PATCH 27/38] target/riscv: Mark both sstatus and msstatus_hs as dirty Mark both sstatus and vsstatus as dirty (3). Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/translate.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/target/riscv/translate.c b/target/riscv/translate.c index eff064dc44..3ce86adb89 100644 --- a/target/riscv/translate.c +++ b/target/riscv/translate.c @@ -44,6 +44,8 @@ typedef struct DisasContext { /* pc_succ_insn points to the instruction following base.pc_next */ target_ulong pc_succ_insn; target_ulong priv_ver; + bool virt_enabled; + uint32_t opcode; uint32_t mstatus_fs; uint32_t misa; uint32_t mem_idx; @@ -395,6 +397,12 @@ static void mark_fs_dirty(DisasContext *ctx) tcg_gen_ld_tl(tmp, cpu_env, offsetof(CPURISCVState, mstatus)); tcg_gen_ori_tl(tmp, tmp, MSTATUS_FS | MSTATUS_SD); tcg_gen_st_tl(tmp, cpu_env, offsetof(CPURISCVState, mstatus)); + + if (ctx->virt_enabled) { + tcg_gen_ld_tl(tmp, cpu_env, offsetof(CPURISCVState, mstatus_hs)); + tcg_gen_ori_tl(tmp, tmp, MSTATUS_FS | MSTATUS_SD); + tcg_gen_st_tl(tmp, cpu_env, offsetof(CPURISCVState, mstatus_hs)); + } tcg_temp_free(tmp); } #else @@ -742,6 +750,11 @@ static void riscv_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cs) ctx->mem_idx = ctx->base.tb->flags & TB_FLAGS_MMU_MASK; ctx->mstatus_fs = ctx->base.tb->flags & TB_FLAGS_MSTATUS_FS; ctx->priv_ver = env->priv_ver; +#if !defined(CONFIG_USER_ONLY) + ctx->virt_enabled = riscv_cpu_virt_enabled(env); +#else + ctx->virt_enabled = false; +#endif ctx->misa = env->misa; ctx->frm = -1; /* unknown rounding mode */ ctx->ext_ifencei = cpu->cfg.ext_ifencei; From ae84dd0ab7eaf7e98cd6ee05b2063cce8ff9bc02 Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:02:49 -0800 Subject: [PATCH 28/38] target/riscv: Respect MPRV and SPRV for floating point ops mark_fs_dirty() is the only place in translate.c that uses the virt_enabled bool. Let's respect the contents of MSTATUS.MPRV and HSTATUS.SPRV when setting the bool as this is used for performing floating point operations when V=0. Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/translate.c | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/target/riscv/translate.c b/target/riscv/translate.c index 3ce86adb89..b51ab92068 100644 --- a/target/riscv/translate.c +++ b/target/riscv/translate.c @@ -751,7 +751,21 @@ static void riscv_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cs) ctx->mstatus_fs = ctx->base.tb->flags & TB_FLAGS_MSTATUS_FS; ctx->priv_ver = env->priv_ver; #if !defined(CONFIG_USER_ONLY) - ctx->virt_enabled = riscv_cpu_virt_enabled(env); + if (riscv_has_ext(env, RVH)) { + ctx->virt_enabled = riscv_cpu_virt_enabled(env); + if (env->priv_ver == PRV_M && + get_field(env->mstatus, MSTATUS_MPRV) && + get_field(env->mstatus, MSTATUS_MPV)) { + ctx->virt_enabled = true; + } else if (env->priv == PRV_S && + !riscv_cpu_virt_enabled(env) && + get_field(env->hstatus, HSTATUS_SPRV) && + get_field(env->hstatus, HSTATUS_SPV)) { + ctx->virt_enabled = true; + } + } else { + ctx->virt_enabled = false; + } #else ctx->virt_enabled = false; #endif From 1448689c7b23690f49a4cce248c6e4ac973d37b8 Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:02:53 -0800 Subject: [PATCH 29/38] target/riscv: Allow specifying MMU stage Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/cpu_helper.c | 37 ++++++++++++++++++++++++++++--------- 1 file changed, 28 insertions(+), 9 deletions(-) diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index d9a29d702a..8ae1038bcd 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -277,10 +277,19 @@ void riscv_cpu_set_mode(CPURISCVState *env, target_ulong newpriv) * * Adapted from Spike's mmu_t::translate and mmu_t::walk * + * @env: CPURISCVState + * @physical: This will be set to the calculated physical address + * @prot: The returned protection attributes + * @addr: The virtual address to be translated + * @access_type: The type of MMU access + * @mmu_idx: Indicates current privilege level + * @first_stage: Are we in first stage translation? + * Second stage is used for hypervisor guest translation */ static int get_physical_address(CPURISCVState *env, hwaddr *physical, int *prot, target_ulong addr, - int access_type, int mmu_idx) + int access_type, int mmu_idx, + bool first_stage) { /* NOTE: the env->pc value visible here will not be * correct, but the value visible to the exception handler @@ -485,13 +494,21 @@ restart: } static void raise_mmu_exception(CPURISCVState *env, target_ulong address, - MMUAccessType access_type, bool pmp_violation) + MMUAccessType access_type, bool pmp_violation, + bool first_stage) { CPUState *cs = env_cpu(env); - int page_fault_exceptions = - (env->priv_ver >= PRIV_VERSION_1_10_0) && - get_field(env->satp, SATP_MODE) != VM_1_10_MBARE && - !pmp_violation; + int page_fault_exceptions; + if (first_stage) { + page_fault_exceptions = + (env->priv_ver >= PRIV_VERSION_1_10_0) && + get_field(env->satp, SATP_MODE) != VM_1_10_MBARE && + !pmp_violation; + } else { + page_fault_exceptions = + get_field(env->hgatp, HGATP_MODE) != VM_1_10_MBARE && + !pmp_violation; + } switch (access_type) { case MMU_INST_FETCH: cs->exception_index = page_fault_exceptions ? @@ -518,7 +535,8 @@ hwaddr riscv_cpu_get_phys_page_debug(CPUState *cs, vaddr addr) int prot; int mmu_idx = cpu_mmu_index(&cpu->env, false); - if (get_physical_address(&cpu->env, &phys_addr, &prot, addr, 0, mmu_idx)) { + if (get_physical_address(&cpu->env, &phys_addr, &prot, addr, 0, mmu_idx, + true)) { return -1; } return phys_addr; @@ -583,7 +601,8 @@ bool riscv_cpu_tlb_fill(CPUState *cs, vaddr address, int size, qemu_log_mask(CPU_LOG_MMU, "%s ad %" VADDR_PRIx " rw %d mmu_idx %d\n", __func__, address, access_type, mmu_idx); - ret = get_physical_address(env, &pa, &prot, address, access_type, mmu_idx); + ret = get_physical_address(env, &pa, &prot, address, access_type, mmu_idx, + true); if (mode == PRV_M && access_type != MMU_INST_FETCH) { if (get_field(env->mstatus, MSTATUS_MPRV)) { @@ -610,7 +629,7 @@ bool riscv_cpu_tlb_fill(CPUState *cs, vaddr address, int size, } else if (probe) { return false; } else { - raise_mmu_exception(env, address, access_type, pmp_violation); + raise_mmu_exception(env, address, access_type, pmp_violation, true); riscv_raise_exception(env, cs->exception_index, retaddr); } #else From 36a18664bafcfafa5e997b47458387f6fe53d537 Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:02:56 -0800 Subject: [PATCH 30/38] target/riscv: Implement second stage MMU Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/cpu.h | 1 + target/riscv/cpu_helper.c | 193 ++++++++++++++++++++++++++++++++++---- 2 files changed, 175 insertions(+), 19 deletions(-) diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index aa04e5cca7..a8534fdf2b 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -104,6 +104,7 @@ struct CPURISCVState { target_ulong frm; target_ulong badaddr; + target_ulong guest_phys_fault_addr; target_ulong priv_ver; target_ulong misa; diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index 8ae1038bcd..584b0c71fb 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -285,11 +285,12 @@ void riscv_cpu_set_mode(CPURISCVState *env, target_ulong newpriv) * @mmu_idx: Indicates current privilege level * @first_stage: Are we in first stage translation? * Second stage is used for hypervisor guest translation + * @two_stage: Are we going to perform two stage translation */ static int get_physical_address(CPURISCVState *env, hwaddr *physical, int *prot, target_ulong addr, int access_type, int mmu_idx, - bool first_stage) + bool first_stage, bool two_stage) { /* NOTE: the env->pc value visible here will not be * correct, but the value visible to the exception handler @@ -297,13 +298,40 @@ static int get_physical_address(CPURISCVState *env, hwaddr *physical, MemTxResult res; MemTxAttrs attrs = MEMTXATTRS_UNSPECIFIED; int mode = mmu_idx; + bool use_background = false; + /* + * Check if we should use the background registers for the two + * stage translation. We don't need to check if we actually need + * two stage translation as that happened before this function + * was called. Background registers will be used if the guest has + * forced a two stage translation to be on (in HS or M mode). + */ if (mode == PRV_M && access_type != MMU_INST_FETCH) { if (get_field(env->mstatus, MSTATUS_MPRV)) { mode = get_field(env->mstatus, MSTATUS_MPP); + + if (riscv_has_ext(env, RVH) && + get_field(env->mstatus, MSTATUS_MPV)) { + use_background = true; + } } } + if (mode == PRV_S && access_type != MMU_INST_FETCH && + riscv_has_ext(env, RVH) && !riscv_cpu_virt_enabled(env)) { + if (get_field(env->hstatus, HSTATUS_SPRV)) { + mode = get_field(env->mstatus, SSTATUS_SPP); + use_background = true; + } + } + + if (first_stage == false) { + /* We are in stage 2 translation, this is similar to stage 1. */ + /* Stage 2 is always taken as U-mode */ + mode = PRV_U; + } + if (mode == PRV_M || !riscv_feature(env, RISCV_FEATURE_MMU)) { *physical = addr; *prot = PAGE_READ | PAGE_WRITE | PAGE_EXEC; @@ -313,13 +341,30 @@ static int get_physical_address(CPURISCVState *env, hwaddr *physical, *prot = 0; hwaddr base; - int levels, ptidxbits, ptesize, vm, sum; - int mxr = get_field(env->mstatus, MSTATUS_MXR); + int levels, ptidxbits, ptesize, vm, sum, mxr, widened; + + if (first_stage == true) { + mxr = get_field(env->mstatus, MSTATUS_MXR); + } else { + mxr = get_field(env->vsstatus, MSTATUS_MXR); + } if (env->priv_ver >= PRIV_VERSION_1_10_0) { - base = (hwaddr)get_field(env->satp, SATP_PPN) << PGSHIFT; + if (first_stage == true) { + if (use_background) { + base = (hwaddr)get_field(env->vsatp, SATP_PPN) << PGSHIFT; + vm = get_field(env->vsatp, SATP_MODE); + } else { + base = (hwaddr)get_field(env->satp, SATP_PPN) << PGSHIFT; + vm = get_field(env->satp, SATP_MODE); + } + widened = 0; + } else { + base = (hwaddr)get_field(env->hgatp, HGATP_PPN) << PGSHIFT; + vm = get_field(env->hgatp, HGATP_MODE); + widened = 2; + } sum = get_field(env->mstatus, MSTATUS_SUM); - vm = get_field(env->satp, SATP_MODE); switch (vm) { case VM_1_10_SV32: levels = 2; ptidxbits = 10; ptesize = 4; break; @@ -337,6 +382,7 @@ static int get_physical_address(CPURISCVState *env, hwaddr *physical, g_assert_not_reached(); } } else { + widened = 0; base = (hwaddr)(env->sptbr) << PGSHIFT; sum = !get_field(env->mstatus, MSTATUS_PUM); vm = get_field(env->mstatus, MSTATUS_VM); @@ -357,9 +403,16 @@ static int get_physical_address(CPURISCVState *env, hwaddr *physical, } CPUState *cs = env_cpu(env); - int va_bits = PGSHIFT + levels * ptidxbits; - target_ulong mask = (1L << (TARGET_LONG_BITS - (va_bits - 1))) - 1; - target_ulong masked_msbs = (addr >> (va_bits - 1)) & mask; + int va_bits = PGSHIFT + levels * ptidxbits + widened; + target_ulong mask, masked_msbs; + + if (TARGET_LONG_BITS > (va_bits - 1)) { + mask = (1L << (TARGET_LONG_BITS - (va_bits - 1))) - 1; + } else { + mask = 0; + } + masked_msbs = (addr >> (va_bits - 1)) & mask; + if (masked_msbs != 0 && masked_msbs != mask) { return TRANSLATE_FAIL; } @@ -371,11 +424,29 @@ static int get_physical_address(CPURISCVState *env, hwaddr *physical, restart: #endif for (i = 0; i < levels; i++, ptshift -= ptidxbits) { - target_ulong idx = (addr >> (PGSHIFT + ptshift)) & + target_ulong idx; + if (i == 0) { + idx = (addr >> (PGSHIFT + ptshift)) & + ((1 << (ptidxbits + widened)) - 1); + } else { + idx = (addr >> (PGSHIFT + ptshift)) & ((1 << ptidxbits) - 1); + } /* check that physical address of PTE is legal */ - hwaddr pte_addr = base + idx * ptesize; + hwaddr pte_addr; + + if (two_stage && first_stage) { + hwaddr vbase; + + /* Do the second stage translation on the base PTE address. */ + get_physical_address(env, &vbase, prot, base, access_type, + mmu_idx, false, true); + + pte_addr = vbase + idx * ptesize; + } else { + pte_addr = base + idx * ptesize; + } if (riscv_feature(env, RISCV_FEATURE_PMP) && !pmp_hart_has_privs(env, pte_addr, sizeof(target_ulong), @@ -472,7 +543,12 @@ restart: /* for superpage mappings, make a fake leaf PTE for the TLB's benefit. */ target_ulong vpn = addr >> PGSHIFT; - *physical = (ppn | (vpn & ((1L << ptshift) - 1))) << PGSHIFT; + if (i == 0) { + *physical = (ppn | (vpn & ((1L << (ptshift + widened)) - 1))) << + PGSHIFT; + } else { + *physical = (ppn | (vpn & ((1L << ptshift) - 1))) << PGSHIFT; + } /* set permissions on the TLB entry */ if ((pte & PTE_R) || ((pte & PTE_X) && mxr)) { @@ -531,14 +607,23 @@ static void raise_mmu_exception(CPURISCVState *env, target_ulong address, hwaddr riscv_cpu_get_phys_page_debug(CPUState *cs, vaddr addr) { RISCVCPU *cpu = RISCV_CPU(cs); + CPURISCVState *env = &cpu->env; hwaddr phys_addr; int prot; int mmu_idx = cpu_mmu_index(&cpu->env, false); - if (get_physical_address(&cpu->env, &phys_addr, &prot, addr, 0, mmu_idx, - true)) { + if (get_physical_address(env, &phys_addr, &prot, addr, 0, mmu_idx, + true, riscv_cpu_virt_enabled(env))) { return -1; } + + if (riscv_cpu_virt_enabled(env)) { + if (get_physical_address(env, &phys_addr, &prot, phys_addr, + 0, mmu_idx, false, true)) { + return -1; + } + } + return phys_addr; } @@ -592,17 +677,37 @@ bool riscv_cpu_tlb_fill(CPUState *cs, vaddr address, int size, RISCVCPU *cpu = RISCV_CPU(cs); CPURISCVState *env = &cpu->env; #ifndef CONFIG_USER_ONLY + vaddr im_address; hwaddr pa = 0; int prot; bool pmp_violation = false; + bool m_mode_two_stage = false; + bool hs_mode_two_stage = false; + bool first_stage_error = true; int ret = TRANSLATE_FAIL; int mode = mmu_idx; + env->guest_phys_fault_addr = 0; + qemu_log_mask(CPU_LOG_MMU, "%s ad %" VADDR_PRIx " rw %d mmu_idx %d\n", __func__, address, access_type, mmu_idx); - ret = get_physical_address(env, &pa, &prot, address, access_type, mmu_idx, - true); + /* + * Determine if we are in M mode and MPRV is set or in HS mode and SPRV is + * set and we want to access a virtulisation address. + */ + if (riscv_has_ext(env, RVH)) { + m_mode_two_stage = env->priv == PRV_M && + access_type != MMU_INST_FETCH && + get_field(env->mstatus, MSTATUS_MPRV) && + get_field(env->mstatus, MSTATUS_MPV); + + hs_mode_two_stage = env->priv == PRV_S && + !riscv_cpu_virt_enabled(env) && + access_type != MMU_INST_FETCH && + get_field(env->hstatus, HSTATUS_SPRV) && + get_field(env->hstatus, HSTATUS_SPV); + } if (mode == PRV_M && access_type != MMU_INST_FETCH) { if (get_field(env->mstatus, MSTATUS_MPRV)) { @@ -610,9 +715,55 @@ bool riscv_cpu_tlb_fill(CPUState *cs, vaddr address, int size, } } - qemu_log_mask(CPU_LOG_MMU, - "%s address=%" VADDR_PRIx " ret %d physical " TARGET_FMT_plx - " prot %d\n", __func__, address, ret, pa, prot); + if (riscv_cpu_virt_enabled(env) || m_mode_two_stage || hs_mode_two_stage) { + /* Two stage lookup */ + ret = get_physical_address(env, &pa, &prot, address, access_type, + mmu_idx, true, true); + + qemu_log_mask(CPU_LOG_MMU, + "%s 1st-stage address=%" VADDR_PRIx " ret %d physical " + TARGET_FMT_plx " prot %d\n", + __func__, address, ret, pa, prot); + + if (ret != TRANSLATE_FAIL) { + /* Second stage lookup */ + im_address = pa; + + ret = get_physical_address(env, &pa, &prot, im_address, + access_type, mmu_idx, false, true); + + qemu_log_mask(CPU_LOG_MMU, + "%s 2nd-stage address=%" VADDR_PRIx " ret %d physical " + TARGET_FMT_plx " prot %d\n", + __func__, im_address, ret, pa, prot); + + if (riscv_feature(env, RISCV_FEATURE_PMP) && + (ret == TRANSLATE_SUCCESS) && + !pmp_hart_has_privs(env, pa, size, 1 << access_type, mode)) { + ret = TRANSLATE_PMP_FAIL; + } + + if (ret != TRANSLATE_SUCCESS) { + /* + * Guest physical address translation failed, this is a HS + * level exception + */ + first_stage_error = false; + env->guest_phys_fault_addr = (im_address | + (address & + (TARGET_PAGE_SIZE - 1))) >> 2; + } + } + } else { + /* Single stage lookup */ + ret = get_physical_address(env, &pa, &prot, address, access_type, + mmu_idx, true, false); + + qemu_log_mask(CPU_LOG_MMU, + "%s address=%" VADDR_PRIx " ret %d physical " + TARGET_FMT_plx " prot %d\n", + __func__, address, ret, pa, prot); + } if (riscv_feature(env, RISCV_FEATURE_PMP) && (ret == TRANSLATE_SUCCESS) && @@ -622,6 +773,7 @@ bool riscv_cpu_tlb_fill(CPUState *cs, vaddr address, int size, if (ret == TRANSLATE_PMP_FAIL) { pmp_violation = true; } + if (ret == TRANSLATE_SUCCESS) { tlb_set_page(cs, address & TARGET_PAGE_MASK, pa & TARGET_PAGE_MASK, prot, mmu_idx, TARGET_PAGE_SIZE); @@ -629,9 +781,12 @@ bool riscv_cpu_tlb_fill(CPUState *cs, vaddr address, int size, } else if (probe) { return false; } else { - raise_mmu_exception(env, address, access_type, pmp_violation, true); + raise_mmu_exception(env, address, access_type, pmp_violation, first_stage_error); riscv_raise_exception(env, cs->exception_index, retaddr); } + + return true; + #else switch (access_type) { case MMU_INST_FETCH: From b2ef6ab9fee6948cf016f9e741feecdfb333fcbe Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:02:59 -0800 Subject: [PATCH 31/38] target/riscv: Raise the new execptions when 2nd stage translation fails Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/cpu_helper.c | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index 584b0c71fb..9e28b19c29 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -587,16 +587,28 @@ static void raise_mmu_exception(CPURISCVState *env, target_ulong address, } switch (access_type) { case MMU_INST_FETCH: - cs->exception_index = page_fault_exceptions ? - RISCV_EXCP_INST_PAGE_FAULT : RISCV_EXCP_INST_ACCESS_FAULT; + if (riscv_cpu_virt_enabled(env) && !first_stage) { + cs->exception_index = RISCV_EXCP_INST_GUEST_PAGE_FAULT; + } else { + cs->exception_index = page_fault_exceptions ? + RISCV_EXCP_INST_PAGE_FAULT : RISCV_EXCP_INST_ACCESS_FAULT; + } break; case MMU_DATA_LOAD: - cs->exception_index = page_fault_exceptions ? - RISCV_EXCP_LOAD_PAGE_FAULT : RISCV_EXCP_LOAD_ACCESS_FAULT; + if (riscv_cpu_virt_enabled(env) && !first_stage) { + cs->exception_index = RISCV_EXCP_LOAD_GUEST_ACCESS_FAULT; + } else { + cs->exception_index = page_fault_exceptions ? + RISCV_EXCP_LOAD_PAGE_FAULT : RISCV_EXCP_LOAD_ACCESS_FAULT; + } break; case MMU_DATA_STORE: - cs->exception_index = page_fault_exceptions ? - RISCV_EXCP_STORE_PAGE_FAULT : RISCV_EXCP_STORE_AMO_ACCESS_FAULT; + if (riscv_cpu_virt_enabled(env) && !first_stage) { + cs->exception_index = RISCV_EXCP_STORE_GUEST_AMO_ACCESS_FAULT; + } else { + cs->exception_index = page_fault_exceptions ? + RISCV_EXCP_STORE_PAGE_FAULT : RISCV_EXCP_STORE_AMO_ACCESS_FAULT; + } break; default: g_assert_not_reached(); From 3067553993ae986b76a92df8a978778134ecdc84 Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:03:02 -0800 Subject: [PATCH 32/38] target/riscv: Set htval and mtval2 on execptions Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/cpu_helper.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index 9e28b19c29..d3b764e694 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -840,6 +840,8 @@ void riscv_cpu_do_interrupt(CPUState *cs) target_ulong cause = cs->exception_index & RISCV_EXCP_INT_MASK; target_ulong deleg = async ? env->mideleg : env->medeleg; target_ulong tval = 0; + target_ulong htval = 0; + target_ulong mtval2 = 0; if (!async) { /* set tval to badaddr for traps with address information */ @@ -901,6 +903,8 @@ void riscv_cpu_do_interrupt(CPUState *cs) env->hstatus = set_field(env->hstatus, HSTATUS_SPV, riscv_cpu_virt_enabled(env)); + htval = env->guest_phys_fault_addr; + riscv_cpu_set_virt_enabled(env, 0); riscv_cpu_set_force_hs_excep(env, 0); } else { @@ -911,6 +915,8 @@ void riscv_cpu_do_interrupt(CPUState *cs) get_field(env->mstatus, SSTATUS_SPP)); env->hstatus = set_field(env->hstatus, HSTATUS_SPV, riscv_cpu_virt_enabled(env)); + + htval = env->guest_phys_fault_addr; } } @@ -923,6 +929,7 @@ void riscv_cpu_do_interrupt(CPUState *cs) env->scause = cause | ((target_ulong)async << (TARGET_LONG_BITS - 1)); env->sepc = env->pc; env->sbadaddr = tval; + env->htval = htval; env->pc = (env->stvec >> 2 << 2) + ((async && (env->stvec & 3) == 1) ? cause * 4 : 0); riscv_cpu_set_mode(env, PRV_S); @@ -937,6 +944,8 @@ void riscv_cpu_do_interrupt(CPUState *cs) env->mstatus = set_field(env->mstatus, MSTATUS_MTL, riscv_cpu_force_hs_excep_enabled(env)); + mtval2 = env->guest_phys_fault_addr; + /* Trapping to M mode, virt is disabled */ riscv_cpu_set_virt_enabled(env, 0); riscv_cpu_set_force_hs_excep(env, 0); @@ -951,6 +960,7 @@ void riscv_cpu_do_interrupt(CPUState *cs) env->mcause = cause | ~(((target_ulong)-1) >> async); env->mepc = env->pc; env->mbadaddr = tval; + env->mtval2 = mtval2; env->pc = (env->mtvec >> 2 << 2) + ((async && (env->mtvec & 3) == 1) ? cause * 4 : 0); riscv_cpu_set_mode(env, PRV_M); From 551fa7e8a695ea5fd1cca8ffd318556855bbf54f Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:03:05 -0800 Subject: [PATCH 33/38] target/riscv: Add support for the 32-bit MSTATUSH CSR Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/cpu.c | 3 +++ target/riscv/cpu.h | 10 ++++++++++ target/riscv/cpu_bits.h | 3 +++ target/riscv/cpu_helper.c | 17 +++++++++++++++++ target/riscv/csr.c | 25 +++++++++++++++++++++++++ target/riscv/op_helper.c | 4 ++++ 6 files changed, 62 insertions(+) diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c index 44ad768a84..b27066f6a7 100644 --- a/target/riscv/cpu.c +++ b/target/riscv/cpu.c @@ -237,6 +237,9 @@ static void riscv_cpu_dump_state(CPUState *cs, FILE *f, int flags) #ifndef CONFIG_USER_ONLY qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "mhartid ", env->mhartid); qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "mstatus ", env->mstatus); +#ifdef TARGET_RISCV32 + qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "mstatush ", env->mstatush); +#endif if (riscv_has_ext(env, RVH)) { qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "hstatus ", env->hstatus); qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "vsstatus ", env->vsstatus); diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index a8534fdf2b..6f9c29322a 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -127,6 +127,10 @@ struct CPURISCVState { target_ulong mip; +#ifdef TARGET_RISCV32 + target_ulong mstatush; +#endif + uint32_t miclaim; target_ulong mie; @@ -164,6 +168,9 @@ struct CPURISCVState { target_ulong vscause; target_ulong vstval; target_ulong vsatp; +#ifdef TARGET_RISCV32 + target_ulong vsstatush; +#endif target_ulong mtval2; target_ulong mtinst; @@ -176,6 +183,9 @@ struct CPURISCVState { target_ulong stval_hs; target_ulong satp_hs; target_ulong mstatus_hs; +#ifdef TARGET_RISCV32 + target_ulong mstatush_hs; +#endif target_ulong scounteren; target_ulong mcounteren; diff --git a/target/riscv/cpu_bits.h b/target/riscv/cpu_bits.h index a24654d137..049032f2ae 100644 --- a/target/riscv/cpu_bits.h +++ b/target/riscv/cpu_bits.h @@ -135,6 +135,9 @@ #define CSR_MTVEC 0x305 #define CSR_MCOUNTEREN 0x306 +/* 32-bit only */ +#define CSR_MSTATUSH 0x310 + /* Legacy Counter Setup (priv v1.9.1) */ /* Update to #define CSR_MCOUNTINHIBIT 0x320 for 1.11.0 */ #define CSR_MUCOUNTEREN 0x320 diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index d3b764e694..10f246ddf8 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -126,6 +126,11 @@ void riscv_cpu_swap_hypervisor_regs(CPURISCVState *env) env->mstatus &= ~mstatus_mask; env->mstatus |= env->mstatus_hs; +#if defined(TARGET_RISCV32) + env->vsstatush = env->mstatush; + env->mstatush |= env->mstatush_hs; +#endif + env->vstvec = env->stvec; env->stvec = env->stvec_hs; @@ -149,6 +154,11 @@ void riscv_cpu_swap_hypervisor_regs(CPURISCVState *env) env->mstatus &= ~mstatus_mask; env->mstatus |= env->vsstatus; +#if defined(TARGET_RISCV32) + env->mstatush_hs = env->mstatush; + env->mstatush |= env->vsstatush; +#endif + env->stvec_hs = env->stvec; env->stvec = env->vstvec; @@ -939,10 +949,17 @@ void riscv_cpu_do_interrupt(CPUState *cs) if (riscv_cpu_virt_enabled(env)) { riscv_cpu_swap_hypervisor_regs(env); } +#ifdef TARGET_RISCV32 + env->mstatush = set_field(env->mstatush, MSTATUS_MPV, + riscv_cpu_virt_enabled(env)); + env->mstatush = set_field(env->mstatush, MSTATUS_MTL, + riscv_cpu_force_hs_excep_enabled(env)); +#else env->mstatus = set_field(env->mstatus, MSTATUS_MPV, riscv_cpu_virt_enabled(env)); env->mstatus = set_field(env->mstatus, MSTATUS_MTL, riscv_cpu_force_hs_excep_enabled(env)); +#endif mtval2 = env->guest_phys_fault_addr; diff --git a/target/riscv/csr.c b/target/riscv/csr.c index 2e6700bbeb..572a478e8c 100644 --- a/target/riscv/csr.c +++ b/target/riscv/csr.c @@ -371,6 +371,27 @@ static int write_mstatus(CPURISCVState *env, int csrno, target_ulong val) return 0; } +#ifdef TARGET_RISCV32 +static int read_mstatush(CPURISCVState *env, int csrno, target_ulong *val) +{ + *val = env->mstatush; + return 0; +} + +static int write_mstatush(CPURISCVState *env, int csrno, target_ulong val) +{ + if ((val ^ env->mstatush) & (MSTATUS_MPV)) { + tlb_flush(env_cpu(env)); + } + + val &= MSTATUS_MPV | MSTATUS_MTL; + + env->mstatush = val; + + return 0; +} +#endif + static int read_misa(CPURISCVState *env, int csrno, target_ulong *val) { *val = env->misa; @@ -1214,6 +1235,10 @@ static riscv_csr_operations csr_ops[CSR_TABLE_SIZE] = { [CSR_MTVEC] = { any, read_mtvec, write_mtvec }, [CSR_MCOUNTEREN] = { any, read_mcounteren, write_mcounteren }, +#if defined(TARGET_RISCV32) + [CSR_MSTATUSH] = { any, read_mstatush, write_mstatush }, +#endif + /* Legacy Counter Setup (priv v1.9.1) */ [CSR_MUCOUNTEREN] = { any, read_mucounteren, write_mucounteren }, [CSR_MSCOUNTEREN] = { any, read_mscounteren, write_mscounteren }, diff --git a/target/riscv/op_helper.c b/target/riscv/op_helper.c index 804936e9d5..dca68fa96e 100644 --- a/target/riscv/op_helper.c +++ b/target/riscv/op_helper.c @@ -153,7 +153,11 @@ target_ulong helper_mret(CPURISCVState *env, target_ulong cpu_pc_deb) get_field(mstatus, MSTATUS_MPIE)); mstatus = set_field(mstatus, MSTATUS_MPIE, 1); mstatus = set_field(mstatus, MSTATUS_MPP, PRV_U); +#ifdef TARGET_RISCV32 + env->mstatush = set_field(env->mstatush, MSTATUS_MPV, 0); +#else mstatus = set_field(mstatus, MSTATUS_MPV, 0); +#endif env->mstatus = mstatus; riscv_cpu_set_mode(env, prev_priv); From e44b50b5b2e508fdd24915ab0e44ac49685e1de3 Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:03:08 -0800 Subject: [PATCH 34/38] target/riscv: Add the MSTATUS_MPV_ISSET helper macro Add a helper macro MSTATUS_MPV_ISSET() which will determine if the MSTATUS_MPV bit is set for both 32-bit and 64-bit RISC-V. Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/cpu_bits.h | 11 +++++++++++ target/riscv/cpu_helper.c | 4 ++-- target/riscv/op_helper.c | 2 +- target/riscv/translate.c | 2 +- 4 files changed, 15 insertions(+), 4 deletions(-) diff --git a/target/riscv/cpu_bits.h b/target/riscv/cpu_bits.h index 049032f2ae..7f64ee1174 100644 --- a/target/riscv/cpu_bits.h +++ b/target/riscv/cpu_bits.h @@ -363,8 +363,19 @@ #define MSTATUS_TVM 0x00100000 /* since: priv-1.10 */ #define MSTATUS_TW 0x20000000 /* since: priv-1.10 */ #define MSTATUS_TSR 0x40000000 /* since: priv-1.10 */ +#if defined(TARGET_RISCV64) #define MSTATUS_MTL 0x4000000000ULL #define MSTATUS_MPV 0x8000000000ULL +#elif defined(TARGET_RISCV32) +#define MSTATUS_MTL 0x00000040 +#define MSTATUS_MPV 0x00000080 +#endif + +#ifdef TARGET_RISCV32 +# define MSTATUS_MPV_ISSET(env) get_field(env->mstatush, MSTATUS_MPV) +#else +# define MSTATUS_MPV_ISSET(env) get_field(env->mstatus, MSTATUS_MPV) +#endif #define MSTATUS64_UXL 0x0000000300000000ULL #define MSTATUS64_SXL 0x0000000C00000000ULL diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index 10f246ddf8..29a1b37d88 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -322,7 +322,7 @@ static int get_physical_address(CPURISCVState *env, hwaddr *physical, mode = get_field(env->mstatus, MSTATUS_MPP); if (riscv_has_ext(env, RVH) && - get_field(env->mstatus, MSTATUS_MPV)) { + MSTATUS_MPV_ISSET(env)) { use_background = true; } } @@ -722,7 +722,7 @@ bool riscv_cpu_tlb_fill(CPUState *cs, vaddr address, int size, m_mode_two_stage = env->priv == PRV_M && access_type != MMU_INST_FETCH && get_field(env->mstatus, MSTATUS_MPRV) && - get_field(env->mstatus, MSTATUS_MPV); + MSTATUS_MPV_ISSET(env); hs_mode_two_stage = env->priv == PRV_S && !riscv_cpu_virt_enabled(env) && diff --git a/target/riscv/op_helper.c b/target/riscv/op_helper.c index dca68fa96e..8736f689c2 100644 --- a/target/riscv/op_helper.c +++ b/target/riscv/op_helper.c @@ -146,7 +146,7 @@ target_ulong helper_mret(CPURISCVState *env, target_ulong cpu_pc_deb) target_ulong mstatus = env->mstatus; target_ulong prev_priv = get_field(mstatus, MSTATUS_MPP); - target_ulong prev_virt = get_field(mstatus, MSTATUS_MPV); + target_ulong prev_virt = MSTATUS_MPV_ISSET(env); mstatus = set_field(mstatus, env->priv_ver >= PRIV_VERSION_1_10_0 ? MSTATUS_MIE : MSTATUS_UIE << prev_priv, diff --git a/target/riscv/translate.c b/target/riscv/translate.c index b51ab92068..43bf7e39a6 100644 --- a/target/riscv/translate.c +++ b/target/riscv/translate.c @@ -755,7 +755,7 @@ static void riscv_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cs) ctx->virt_enabled = riscv_cpu_virt_enabled(env); if (env->priv_ver == PRV_M && get_field(env->mstatus, MSTATUS_MPRV) && - get_field(env->mstatus, MSTATUS_MPV)) { + MSTATUS_MPV_ISSET(env)) { ctx->virt_enabled = true; } else if (env->priv == PRV_S && !riscv_cpu_virt_enabled(env) && From c9eefe05a42d05d7a6dc49805f123579e5558d5d Mon Sep 17 00:00:00 2001 From: Alistair Francis Date: Fri, 31 Jan 2020 17:03:11 -0800 Subject: [PATCH 35/38] target/riscv: Allow enabling the Hypervisor extension Signed-off-by: Alistair Francis Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- target/riscv/cpu.c | 5 +++++ target/riscv/cpu.h | 1 + 2 files changed, 6 insertions(+) diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c index b27066f6a7..c47d10b739 100644 --- a/target/riscv/cpu.c +++ b/target/riscv/cpu.c @@ -453,6 +453,9 @@ static void riscv_cpu_realize(DeviceState *dev, Error **errp) if (cpu->cfg.ext_u) { target_misa |= RVU; } + if (cpu->cfg.ext_h) { + target_misa |= RVH; + } set_misa(env, RVXLEN | target_misa); } @@ -488,6 +491,8 @@ static Property riscv_cpu_properties[] = { DEFINE_PROP_BOOL("c", RISCVCPU, cfg.ext_c, true), DEFINE_PROP_BOOL("s", RISCVCPU, cfg.ext_s, true), DEFINE_PROP_BOOL("u", RISCVCPU, cfg.ext_u, true), + /* This is experimental so mark with 'x-' */ + DEFINE_PROP_BOOL("x-h", RISCVCPU, cfg.ext_h, false), DEFINE_PROP_BOOL("Counters", RISCVCPU, cfg.ext_counters, true), DEFINE_PROP_BOOL("Zifencei", RISCVCPU, cfg.ext_ifencei, true), DEFINE_PROP_BOOL("Zicsr", RISCVCPU, cfg.ext_icsr, true), diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index 6f9c29322a..d52f209361 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -258,6 +258,7 @@ typedef struct RISCVCPU { bool ext_c; bool ext_s; bool ext_u; + bool ext_h; bool ext_counters; bool ext_ifencei; bool ext_icsr; From acead54c78c7294612f529413673eb4286fb8b18 Mon Sep 17 00:00:00 2001 From: Bin Meng Date: Fri, 22 Nov 2019 07:27:52 -0800 Subject: [PATCH 36/38] riscv: virt: Allow PCI address 0 When testing e1000 with the virt machine, e1000's I/O space cannot be accessed. Debugging shows that the I/O BAR (BAR1) is correctly written with address 0 plus I/O enable bit, but QEMU's "info pci" shows that: Bus 0, device 1, function 0: Ethernet controller: PCI device 8086:100e ... BAR1: I/O at 0xffffffffffffffff [0x003e]. ... It turns out we should set pci_allow_0_address to true to allow 0 PCI address, otherwise pci_bar_address() treats such address as PCI_BAR_UNMAPPED. Signed-off-by: Bin Meng Reviewed-by: Palmer Dabbelt Signed-off-by: Palmer Dabbelt --- hw/riscv/virt.c | 1 + 1 file changed, 1 insertion(+) diff --git a/hw/riscv/virt.c b/hw/riscv/virt.c index 7f9e1e5176..5d175d5c9e 100644 --- a/hw/riscv/virt.c +++ b/hw/riscv/virt.c @@ -641,6 +641,7 @@ static void riscv_virt_machine_class_init(ObjectClass *oc, void *data) mc->init = riscv_virt_board_init; mc->max_cpus = 8; mc->default_cpu_type = VIRT_CPU; + mc->pci_allow_0_address = true; } static const TypeInfo riscv_virt_machine_typeinfo = { From c695724868ce4049fd79c5a509880dbdf171e744 Mon Sep 17 00:00:00 2001 From: Anup Patel Date: Sun, 2 Feb 2020 19:12:16 +0530 Subject: [PATCH 37/38] target/riscv: Emulate TIME CSRs for privileged mode Currently, TIME CSRs are emulated only for user-only mode. This patch add TIME CSRs emulation for privileged mode. For privileged mode, the TIME CSRs will return value provided by rdtime callback which is registered by QEMU machine/platform emulation (i.e. CLINT emulation). If rdtime callback is not available then the monitor (i.e. OpenSBI) will trap-n-emulate TIME CSRs in software. We see 25+% performance improvement in hackbench numbers when TIME CSRs are not trap-n-emulated. Signed-off-by: Anup Patel Reviewed-by: Alistair Francis Signed-off-by: Palmer Dabbelt --- target/riscv/cpu.h | 5 +++ target/riscv/cpu_helper.c | 5 +++ target/riscv/csr.c | 86 +++++++++++++++++++++++++++++++++++++-- 3 files changed, 92 insertions(+), 4 deletions(-) diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h index d52f209361..3dcdf92227 100644 --- a/target/riscv/cpu.h +++ b/target/riscv/cpu.h @@ -159,6 +159,7 @@ struct CPURISCVState { target_ulong htval; target_ulong htinst; target_ulong hgatp; + uint64_t htimedelta; /* Virtual CSRs */ target_ulong vsstatus; @@ -201,6 +202,9 @@ struct CPURISCVState { /* physical memory protection */ pmp_table_t pmp_state; + /* machine specific rdtime callback */ + uint64_t (*rdtime_fn)(void); + /* True if in debugger mode. */ bool debugger; #endif @@ -322,6 +326,7 @@ void riscv_cpu_swap_hypervisor_regs(CPURISCVState *env); int riscv_cpu_claim_interrupts(RISCVCPU *cpu, uint32_t interrupts); uint32_t riscv_cpu_update_mip(RISCVCPU *cpu, uint32_t mask, uint32_t value); #define BOOL_TO_MASK(x) (-!!(x)) /* helper for riscv_cpu_update_mip value */ +void riscv_cpu_set_rdtime_fn(CPURISCVState *env, uint64_t (*fn)(void)); #endif void riscv_cpu_set_mode(CPURISCVState *env, target_ulong newpriv); diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index 29a1b37d88..5ea5d133aa 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -258,6 +258,11 @@ uint32_t riscv_cpu_update_mip(RISCVCPU *cpu, uint32_t mask, uint32_t value) return old; } +void riscv_cpu_set_rdtime_fn(CPURISCVState *env, uint64_t (*fn)(void)) +{ + env->rdtime_fn = fn; +} + void riscv_cpu_set_mode(CPURISCVState *env, target_ulong newpriv) { if (newpriv > PRV_M) { diff --git a/target/riscv/csr.c b/target/riscv/csr.c index 572a478e8c..11d184cd16 100644 --- a/target/riscv/csr.c +++ b/target/riscv/csr.c @@ -238,6 +238,32 @@ static int read_timeh(CPURISCVState *env, int csrno, target_ulong *val) #else /* CONFIG_USER_ONLY */ +static int read_time(CPURISCVState *env, int csrno, target_ulong *val) +{ + uint64_t delta = riscv_cpu_virt_enabled(env) ? env->htimedelta : 0; + + if (!env->rdtime_fn) { + return -1; + } + + *val = env->rdtime_fn() + delta; + return 0; +} + +#if defined(TARGET_RISCV32) +static int read_timeh(CPURISCVState *env, int csrno, target_ulong *val) +{ + uint64_t delta = riscv_cpu_virt_enabled(env) ? env->htimedelta : 0; + + if (!env->rdtime_fn) { + return -1; + } + + *val = (env->rdtime_fn() + delta) >> 32; + return 0; +} +#endif + /* Machine constants */ #define M_MODE_INTERRUPTS (MIP_MSIP | MIP_MTIP | MIP_MEIP) @@ -930,6 +956,56 @@ static int write_hgatp(CPURISCVState *env, int csrno, target_ulong val) return 0; } +static int read_htimedelta(CPURISCVState *env, int csrno, target_ulong *val) +{ + if (!env->rdtime_fn) { + return -1; + } + +#if defined(TARGET_RISCV32) + *val = env->htimedelta & 0xffffffff; +#else + *val = env->htimedelta; +#endif + return 0; +} + +static int write_htimedelta(CPURISCVState *env, int csrno, target_ulong val) +{ + if (!env->rdtime_fn) { + return -1; + } + +#if defined(TARGET_RISCV32) + env->htimedelta = deposit64(env->htimedelta, 0, 32, (uint64_t)val); +#else + env->htimedelta = val; +#endif + return 0; +} + +#if defined(TARGET_RISCV32) +static int read_htimedeltah(CPURISCVState *env, int csrno, target_ulong *val) +{ + if (!env->rdtime_fn) { + return -1; + } + + *val = env->htimedelta >> 32; + return 0; +} + +static int write_htimedeltah(CPURISCVState *env, int csrno, target_ulong val) +{ + if (!env->rdtime_fn) { + return -1; + } + + env->htimedelta = deposit64(env->htimedelta, 32, 32, (uint64_t)val); + return 0; +} +#endif + /* Virtual CSR Registers */ static int read_vsstatus(CPURISCVState *env, int csrno, target_ulong *val) { @@ -1202,14 +1278,12 @@ static riscv_csr_operations csr_ops[CSR_TABLE_SIZE] = { [CSR_INSTRETH] = { ctr, read_instreth }, #endif - /* User-level time CSRs are only available in linux-user - * In privileged mode, the monitor emulates these CSRs */ -#if defined(CONFIG_USER_ONLY) + /* In privileged mode, the monitor will have to emulate TIME CSRs only if + * rdtime callback is not provided by machine/platform emulation */ [CSR_TIME] = { ctr, read_time }, #if defined(TARGET_RISCV32) [CSR_TIMEH] = { ctr, read_timeh }, #endif -#endif #if !defined(CONFIG_USER_ONLY) /* Machine Timers and Counters */ @@ -1275,6 +1349,10 @@ static riscv_csr_operations csr_ops[CSR_TABLE_SIZE] = { [CSR_HTVAL] = { hmode, read_htval, write_htval }, [CSR_HTINST] = { hmode, read_htinst, write_htinst }, [CSR_HGATP] = { hmode, read_hgatp, write_hgatp }, + [CSR_HTIMEDELTA] = { hmode, read_htimedelta, write_htimedelta }, +#if defined(TARGET_RISCV32) + [CSR_HTIMEDELTAH] = { hmode, read_htimedeltah, write_htimedeltah}, +#endif [CSR_VSSTATUS] = { hmode, read_vsstatus, write_vsstatus }, [CSR_VSIP] = { hmode, NULL, NULL, rmw_vsip }, From 5f3616ccceb5d5c49f99838c78498e581fb42fc5 Mon Sep 17 00:00:00 2001 From: Anup Patel Date: Sun, 2 Feb 2020 19:12:17 +0530 Subject: [PATCH 38/38] hw/riscv: Provide rdtime callback for TCG in CLINT emulation This patch extends CLINT emulation to provide rdtime callback for TCG. This rdtime callback will be called wheneven TIME CSRs are read in privileged modes. Signed-off-by: Anup Patel Reviewed-by: Alistair Francis Signed-off-by: Palmer Dabbelt --- hw/riscv/sifive_clint.c | 6 +++++- hw/riscv/sifive_e.c | 2 +- hw/riscv/sifive_u.c | 2 +- hw/riscv/spike.c | 9 ++++++--- hw/riscv/virt.c | 2 +- include/hw/riscv/sifive_clint.h | 3 ++- 6 files changed, 16 insertions(+), 8 deletions(-) diff --git a/hw/riscv/sifive_clint.c b/hw/riscv/sifive_clint.c index e2feee871b..e933d35092 100644 --- a/hw/riscv/sifive_clint.c +++ b/hw/riscv/sifive_clint.c @@ -227,7 +227,8 @@ type_init(sifive_clint_register_types) * Create CLINT device. */ DeviceState *sifive_clint_create(hwaddr addr, hwaddr size, uint32_t num_harts, - uint32_t sip_base, uint32_t timecmp_base, uint32_t time_base) + uint32_t sip_base, uint32_t timecmp_base, uint32_t time_base, + bool provide_rdtime) { int i; for (i = 0; i < num_harts; i++) { @@ -236,6 +237,9 @@ DeviceState *sifive_clint_create(hwaddr addr, hwaddr size, uint32_t num_harts, if (!env) { continue; } + if (provide_rdtime) { + riscv_cpu_set_rdtime_fn(env, cpu_riscv_read_rtc); + } env->timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, &sifive_clint_timer_cb, cpu); env->timecmp = 0; diff --git a/hw/riscv/sifive_e.c b/hw/riscv/sifive_e.c index 8a6b0348df..a254cad489 100644 --- a/hw/riscv/sifive_e.c +++ b/hw/riscv/sifive_e.c @@ -164,7 +164,7 @@ static void riscv_sifive_e_soc_realize(DeviceState *dev, Error **errp) memmap[SIFIVE_E_PLIC].size); sifive_clint_create(memmap[SIFIVE_E_CLINT].base, memmap[SIFIVE_E_CLINT].size, ms->smp.cpus, - SIFIVE_SIP_BASE, SIFIVE_TIMECMP_BASE, SIFIVE_TIME_BASE); + SIFIVE_SIP_BASE, SIFIVE_TIMECMP_BASE, SIFIVE_TIME_BASE, false); create_unimplemented_device("riscv.sifive.e.aon", memmap[SIFIVE_E_AON].base, memmap[SIFIVE_E_AON].size); sifive_e_prci_create(memmap[SIFIVE_E_PRCI].base); diff --git a/hw/riscv/sifive_u.c b/hw/riscv/sifive_u.c index 0e12b3ccef..156a003642 100644 --- a/hw/riscv/sifive_u.c +++ b/hw/riscv/sifive_u.c @@ -549,7 +549,7 @@ static void riscv_sifive_u_soc_realize(DeviceState *dev, Error **errp) serial_hd(1), qdev_get_gpio_in(DEVICE(s->plic), SIFIVE_U_UART1_IRQ)); sifive_clint_create(memmap[SIFIVE_U_CLINT].base, memmap[SIFIVE_U_CLINT].size, ms->smp.cpus, - SIFIVE_SIP_BASE, SIFIVE_TIMECMP_BASE, SIFIVE_TIME_BASE); + SIFIVE_SIP_BASE, SIFIVE_TIMECMP_BASE, SIFIVE_TIME_BASE, false); object_property_set_bool(OBJECT(&s->prci), true, "realized", &err); sysbus_mmio_map(SYS_BUS_DEVICE(&s->prci), 0, memmap[SIFIVE_U_PRCI].base); diff --git a/hw/riscv/spike.c b/hw/riscv/spike.c index 8823681783..6e5723a171 100644 --- a/hw/riscv/spike.c +++ b/hw/riscv/spike.c @@ -227,7 +227,8 @@ static void spike_board_init(MachineState *machine) /* Core Local Interruptor (timer and IPI) */ sifive_clint_create(memmap[SPIKE_CLINT].base, memmap[SPIKE_CLINT].size, - smp_cpus, SIFIVE_SIP_BASE, SIFIVE_TIMECMP_BASE, SIFIVE_TIME_BASE); + smp_cpus, SIFIVE_SIP_BASE, SIFIVE_TIMECMP_BASE, SIFIVE_TIME_BASE, + false); } static void spike_v1_10_0_board_init(MachineState *machine) @@ -316,7 +317,8 @@ static void spike_v1_10_0_board_init(MachineState *machine) /* Core Local Interruptor (timer and IPI) */ sifive_clint_create(memmap[SPIKE_CLINT].base, memmap[SPIKE_CLINT].size, - smp_cpus, SIFIVE_SIP_BASE, SIFIVE_TIMECMP_BASE, SIFIVE_TIME_BASE); + smp_cpus, SIFIVE_SIP_BASE, SIFIVE_TIMECMP_BASE, SIFIVE_TIME_BASE, + false); } static void spike_v1_09_1_board_init(MachineState *machine) @@ -424,7 +426,8 @@ static void spike_v1_09_1_board_init(MachineState *machine) /* Core Local Interruptor (timer and IPI) */ sifive_clint_create(memmap[SPIKE_CLINT].base, memmap[SPIKE_CLINT].size, - smp_cpus, SIFIVE_SIP_BASE, SIFIVE_TIMECMP_BASE, SIFIVE_TIME_BASE); + smp_cpus, SIFIVE_SIP_BASE, SIFIVE_TIMECMP_BASE, SIFIVE_TIME_BASE, + false); g_free(config_string); } diff --git a/hw/riscv/virt.c b/hw/riscv/virt.c index 5d175d5c9e..85ec9e22aa 100644 --- a/hw/riscv/virt.c +++ b/hw/riscv/virt.c @@ -593,7 +593,7 @@ static void riscv_virt_board_init(MachineState *machine) memmap[VIRT_PLIC].size); sifive_clint_create(memmap[VIRT_CLINT].base, memmap[VIRT_CLINT].size, smp_cpus, - SIFIVE_SIP_BASE, SIFIVE_TIMECMP_BASE, SIFIVE_TIME_BASE); + SIFIVE_SIP_BASE, SIFIVE_TIMECMP_BASE, SIFIVE_TIME_BASE, true); sifive_test_create(memmap[VIRT_TEST].base); for (i = 0; i < VIRTIO_COUNT; i++) { diff --git a/include/hw/riscv/sifive_clint.h b/include/hw/riscv/sifive_clint.h index ae8286c884..4a720bfece 100644 --- a/include/hw/riscv/sifive_clint.h +++ b/include/hw/riscv/sifive_clint.h @@ -41,7 +41,8 @@ typedef struct SiFiveCLINTState { } SiFiveCLINTState; DeviceState *sifive_clint_create(hwaddr addr, hwaddr size, uint32_t num_harts, - uint32_t sip_base, uint32_t timecmp_base, uint32_t time_base); + uint32_t sip_base, uint32_t timecmp_base, uint32_t time_base, + bool provide_rdtime); enum { SIFIVE_SIP_BASE = 0x0,