A "mtspr SPRMMUCSR0, reg" always flushed TLB0,
because it passed the SPR number 0x3f4 to the flush routine.
But we want to flush either TLB0 or TBL1 depending on the GPR value.
Signed-off-by: Alex Zuepke <alexander.zuepke@hs-rm.de>
[agraf: change subject line, fix TCGv size mismatch]
Signed-off-by: Alexander Graf <agraf@suse.de>
The host kernel implements a KVM_REG_PPC_ARCH_COMPAT register which
this uses to enable a compatibility mode if any chosen.
This sets the KVM_REG_PPC_ARCH_COMPAT register in KVM. ppc_set_compat()
signals the caller if the mode cannot be enabled by the host kernel.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
[agraf: fix TCG compat setting]
Signed-off-by: Alexander Graf <agraf@suse.de>
This puts a limit to the number of threads per core based on the current
compatibility mode. Although PowerISA specs do not specify the maximum
threads per core number, the linux guest still expects that
PowerISA2.05-compatible CPU supports only 2 threads per core as this
is what POWER6 (2.05 compliant CPU) implements, the same is for
POWER7 (2.06, 4 threads) and POWER8 (2.07, 8 threads).
This calls spapr_fixup_cpu_smt_dt() with the maximum allowed number of
threads which affects ibm,ppc-interrupt-server#s and
ibm,ppc-interrupt-gserver#s properties.
The number of CPU nodesremains unchanged.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
This introduces PCR mask for supported compatibility modes.
This will be used later by the ibm,client-architecture-support call.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
This adds basic support for the "compat" CPU option. By specifying
the compat property, the user can manually switch guest CPU mode from
"raw" to "architected".
This defines feature disable bits which are not used yet as, for example,
PowerISA 2.07 says if 2.06 mode is selected, the TM bit does not matter -
transactional memory (TM) will be disabled because 2.06 does not define
it at all. The same is true for VSX and 2.05 mode. So just setting a mode
must be ok.
This does not change the existing behavior as the actual compatibility
mode support is coming in next patches.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
[agraf: fix compilation on 32bit hosts]
Signed-off-by: Alexander Graf <agraf@suse.de>
PowerISA defines a compatibility mode for server POWERPC CPUs which
is supported by the PCR special register which is hypervisor privileged.
To support this mode for guests, SPAPR defines a set of virtual PVRs,
one per PowerISA spec version. When a hypervisor needs a guest to work in
a compatibility mode, it puts a virtual PVR value into @cpu-version
property of a CPU node.
This introduces a "compat" CPU option which defines maximal compatibility
mode enabled. The supported modes are power6/power7/power8.
This does not change the existing behaviour, new property will be used
by next patches.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
POWER7, POWER7+ and POWER8 families use the ILE bit of the LPCR
special purpose register to decide the endianness to use when
entering interrupt handlers. When running a Linux guest, this
provides a hint on the endianness used by the kernel. And when
it comes to dumping a guest, the information is needed to write
ELF headers using the kernel endianness.
Suggested-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
[agraf: change subject line]
Signed-off-by: Alexander Graf <agraf@suse.de>
There are 2 L1 cache control registers - one for data (L1CSR0) and
one for instructions (L1CSR1).
Emulate both of them well enough to give the guest the illusion that
it could actually do anything about its caches.
Signed-off-by: Alexander Graf <agraf@suse.de>
In addition to the L1 data cache configuration register L1CFG0 there is
also another one for the L1 instruction cache called L1CFG1.
Emulate that one with the same values as the data one.
Signed-off-by: Alexander Graf <agraf@suse.de>
The L1CFG0 register on e200 and e500 is "User RO" according to the
specifications. So let's make it user readable and world unwritable.
Signed-off-by: Alexander Graf <agraf@suse.de>
Use MSR mnemonics from cpu.h instead of magic numbers for the CPUPPCState.msr_mask
initialization.
There is one bit in the 401x2 (and subsequent) model that I could not find any
documentation for. It is open coded at little endian bit position 20:
pcc->msr_mask = (1ull << 20) |
(1ull << MSR_KEY) |
(1ull << MSR_POW) |
(1ull << MSR_CE) |
...
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This moves aliases lookup after CPU class lookup. This is to let new generic
CPU to be found first if it is present and only if it is not (TCG case), use
aliases.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
Book3s_64 guests expect the L1 cache size in device tree, so let's give
them proper values for all CPU types we support.
This fixes a "not compliant" warning with sles11 guests on -M pseries for me.
Signed-off-by: Alexander Graf <agraf@suse.de>
Remove MSR_POW from the msr_mask for POWER7/7P/8.
Signed-off-by: Anton Blanchard <anton@samba.org>
Reviewed-by: Cédric Le Goater <clg@fr.ibm.com>
Tested-by: Cédric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Without MSR_VSX we die early during a Linux boot.
Signed-off-by: Anton Blanchard <anton@samba.org>
Reviewed-by: Cédric Le Goater <clg@fr.ibm.com>
Tested-by: Cédric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Add PPC_ISEL to insns_flags.
Signed-off-by: Anton Blanchard <anton@samba.org>
Reviewed-by: Cédric Le Goater <clg@fr.ibm.com>
Tested-by: Cédric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Add MSR_LE to the msr_mask for POWER8.
Signed-off-by: Anton Blanchard <anton@samba.org>
Reviewed-by: Cédric Le Goater <clg@fr.ibm.com>
Tested-by: Cédric Le Goater <clg@fr.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
This flag will be used to decide whether to emulate some bits of
H_SET_MODE hypercall because some are POWER8-only.
While we are here, add 2.05 flag to POWER8 family too. POWER7/7+ already
have it.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
PowerPC kernel expects the number of SMT threads in a core to be a power
of 2. Since QEMU doesn't enforce this, it leads to an early guest kernel
crash if invalid threads count is specified.
Prevent this crash and make it a graceful exit from QEMU itself by
validating the user-supplied threads count.
Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Stewart Smith <stewart@linux.vnet.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
create_new_table() should allocate 0x20 opc_handler_t pointers, but
actually allocates 0x20 opc_handler_t structs. Fix this.
Signed-off-by: Stuart Brady <sdb@zubnet.me.uk>
Reviewed-by: Tom Musta <tommusta@gmail.com>
Tested-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
This resets SPR values to defaults on CPU reset. This should help
with little-endian guests reboot issues.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Note that while such functions may exist both for *-user and softmmu,
only *-user uses the CPUState hook, while softmmu reuses the prototype
for calling it directly.
Signed-off-by: Andreas Färber <afaerber@suse.de>
All targets using it gain the ability to set -cpu name,key=value,...
options via the default TYPE_CPU CPUClass::parse_features() implementation.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Default to false.
Tidy variable naming and inline cast uses while at it.
Tested-by: Jia Liu <proljc@gmail.com> (or32)
Signed-off-by: Andreas Färber <afaerber@suse.de>
This makes use of @cpu_dt_id and related API in:
1. emulated XICS hypercall handlers as they receive fixed CPU indexes;
2. XICS-KVM to enable in-kernel XICS on right CPU;
3. device-tree renderer.
This removes @cpu_index fixup as @cpu_dt_id is used instead so QEMU monitor
can accept command-line CPU indexes again.
This changes kvm_arch_vcpu_id() to use ppc_get_vcpu_dt_id() as at the moment
KVM CPU id and device tree ID are calculated using the same algorithm.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Acked-by: Mike Day <ncmike@ncultra.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
Normally CPUState::cpu_index is used to pick the right CPU for various
operations. However default consecutive numbering does not always work
for POWERPC.
These indexes are reflected in /proc/device-tree/cpus/PowerPC,POWER7@XX
and used to call KVM VCPU's ioctls. In order to achieve this,
kvmppc_fixup_cpu() was introduced. Roughly speaking, it multiplies
cpu_index by the number of threads per core.
This approach has disadvantages such as:
1. NUMA configuration stays broken after the fixup;
2. CPU-targeted commands from the QEMU Monitor do not work properly as
CPU indexes have been fixed and there is no clear way for the user to
know what the new CPU indexes are.
This introduces a @cpu_dt_id field in the CPUPPCState struct which
is initialized from @cpu_index by default and can be fixed later
to meet the device tree requirements.
This adds an API to handle @cpu_dt_id.
This removes kvmppc_fixup_cpu() as it is not more needed, @cpu_dt_id
is calculated in ppc_cpu_realize().
This will be used later in machine code.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Acked-by: Mike Day <ncmike@ncultra.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds a flag that will be used to tag the Altivec instructions
introduced in Power ISA Version 2.07.
The flag is added to Power8 model since P8 supports these instructions.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Book I (user space) Load Quadword (lq) instruction.
This instruction was introduced into Book I in Power ISA V2.07. Previous
versions of the architecture supported this as a privileged instruction.
Previous versions of the architecture also did not support Little Endian
mode.
Note that this patch also adds the PPC_64BX flag to the Power8 model,
which enables the lq instruction.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds a flag to identify the load/store quadword instructions
that are introduced with Power ISA 2.07.
The flag is added to the Power8 model since P8 supports these
instructions.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds support for the Target Address Register (TAR) to the Power8
model.
Because supported SPRs are typically identified in an init_proc_*()
function and because the Power8 model is currently just using the
init_proc_POWER7() function, a new init_proc_POWER8() function
is added and plugged into the P8 model.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds a flag for the bctar instruction. This instruction
is being introduced via Power ISA 2.07.
Also, the flag is added to the Power8 machine model since the P8
processor supports this instruction.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
The frsqrtes instruction was introduced prior to ISA 2.06 and is
support on both the Power7 and Power8 processors. However, this
instruction is handled as illegal in the current QEMU emulation
machines. This patch enables the existing implemention of frsqrtes
in the P7 and P8 machines.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds a flag for Floating Point Test instructions that were
introduced in Power ISA V2.06B.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
The fri* series of instructions was introduced prior to ISA 2.06 and
is supported on Power7 and Power8 hardware. However, the instruction
is still considered illegal in the P7 and P8 QEMU emulation models.
This patch enables these instructions for the P7 and P8 machines.
Also, the existing helper is modified to correctly handle some of
the boundary cases (NaNs and the inexact flag).
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds a flag for the floating point conversion instructions
introduced in Power ISA 2.06B.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds a flag for the atomic instructions introduced
in Power ISA V2.06B.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds a flag for the Divide Extended instructions that
were introduced in Power ISA V2.06B. The flag is added to the
Power7 and Power8 models.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds the Bit Permute Doubleword (bpermd) instruction,
which was introduced in Power ISA 2.06 as part of the base 64-bit
architecture.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
This patch adds a flag to identify those VSX instructions that are
new to Power ISA V2.07. The flag is added to the Power 8 processor
initialization so that the P8 models understand how to decode and
emulate instructions in this category.
Signed-off-by: Tom Musta <tommusta@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Alexander Graf <agraf@suse.de>
The Figure 17 "SPR encodings" of the PowerISA 2.07 describes CTRL SPR as:
priviledged
# spr5-9 spr0-4 name mtspr mfspr len cat
136 00100 01000 CTRL - no 32 S
152 00100 11000 CTRL yes - 32 S
According to this chart, the hypervisor's CTRL (#152) does not support
reading, the user-space's CTRL (UCTRL, #136) does not support writing.
This replaces unsupported operations with the default SPR_NOACCESS hook.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
The LPCR special purpose register was introduced with the PowerPC 970MP family.
This patch initializes LPCR for the following families:
- 970 MP
- POWER5+
- POWER7
- POWER8
Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Due to missing @one_reg_id assignment in _spr_register(),
the kvm_get_one_reg/kvm_set_one_reg API has never really been working.
This reenables the API by assigning the @one_reg_id field in the SPR
descriptor.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
The existing default value (-1) of the AMR register forbids data access
to all 32 classes. Since the guest linux does not change this register,
we end up with the guest hanging right after switching from the real to
protected mode.
This sets the default AMR value to zero what enables data access for all
classes.
The only reason for not hitting this bug before is that
kvm_arch_put_registers() did not put any SPR to KVM due to missing
assignment of @one_reg_id in _spr_register() (which is going to be fixed
by a separate patch).
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
SPR_750FX_HID2 and L2CR are not defined in 970* user manuals nor POWER5
bookIV nor PowerISA 2.04, the numbers assigned to them are not defined
either so remove them.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
PowerISA 2.04+ puts MMUCFG and MMUCSR0 SPRs to "E" (embedded) category so
remove it from POWER7/8 class as it is "S" (server) category.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
The 970GX definition was added in 2007 and it made sense then but this
version has never been released to the markets and it does not exist in
the real world so there is no point in emulating it.
This removes 970GX.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>
PowerISA defines LPCR SPR number as 318=0x13E but QEMU uses the value of
316.
This fixes the definition of LPCR SPR.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alexander Graf <agraf@suse.de>