[v3,56/60] target/arm: Enable FEAT_CSV2_2 for -cpu max

Message ID	20220417174426.711829-57-richard.henderson@linaro.org
State	Superseded
Headers	show Delivered-To: patch@linaro.org Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; From: Richard Henderson <richard.henderson@linaro.org> To: qemu-devel@nongnu.org Subject: [PATCH v3 56/60] target/arm: Enable FEAT_CSV2_2 for -cpu max Date: Sun, 17 Apr 2022 10:44:22 -0700 Message-Id: <20220417174426.711829-57-richard.henderson@linaro.org> In-Reply-To: <20220417174426.711829-1-richard.henderson@linaro.org> References: <20220417174426.711829-1-richard.henderson@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=2607:f8b0:4864:20::1035; envelope-from=richard.henderson@linaro.org; helo=mail-pj1-x1035.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action Precedence: list Cc: qemu-arm@nongnu.org Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+patch=linaro.org@nongnu.org>
Series	target/arm: Cleanups, new features, new cpus \| expand [v3,00/60] target/arm: Cleanups, new features, new cpus [v3,01/60] tcg: Add tcg_constant_ptr [v3,02/60] target/arm: Update ISAR fields for ARMv8.8 [v3,03/60] target/arm: Update SCR_EL3 bits to ARMv8.8 [v3,04/60] target/arm: Update SCTLR bits to ARMv9.2 [v3,05/60] target/arm: Change DisasContext.aarch64 to bool [v3,06/60] target/arm: Change CPUArchState.aarch64 to bool [v3,07/60] target/arm: Extend store_cpu_offset to take field size [v3,08/60] target/arm: Change DisasContext.thumb to bool [v3,09/60] target/arm: Change CPUArchState.thumb to bool [v3,10/60] target/arm: Remove fpexc32_access [v3,11/60] target/arm: Split out set_btype_raw [v3,12/60] target/arm: Split out gen_rebuild_hflags [v3,13/60] target/arm: Use tcg_constant in translate-a64.c [v3,14/60] target/arm: Simplify GEN_SHIFT in translate.c [v3,15/60] target/arm: Simplify gen_sar [v3,16/60] target/arm: Simplify aa32 DISAS_WFI [v3,17/60] target/arm: Use tcg_constant in translate.c [v3,18/60] target/arm: Use tcg_constant in translate-m-nocp.c [v3,19/60] target/arm: Use tcg_constant in translate-neon.c [v3,20/60] target/arm: Use smin/smax for do_sat_addsub_32 [v3,21/60] target/arm: Use tcg_constant in translate-sve.c [v3,22/60] target/arm: Use tcg_constant in translate-vfp.c [v3,23/60] target/arm: Use tcg_constant_i32 in translate.h [v3,24/60] target/arm: Split out cpregs.h [v3,25/60] target/arm: Reorg CPAccessResult and access_check_cp_reg [v3,26/60] target/arm: Replace sentinels with ARRAY_SIZE in cpregs.h [v3,27/60] target/arm: Make some more cpreg data static const [v3,28/60] target/arm: Reorg ARMCPRegInfo type field bits [v3,29/60] target/arm: Change cpreg access permissions to enum [v3,30/60] target/arm: Name CPState type [v3,31/60] target/arm: Name CPSecureState type [v3,32/60] target/arm: Update sysreg fields when redirecting for E2H [v3,33/60] target/arm: Store cpregs key in the hash table directly [v3,34/60] target/arm: Cleanup add_cpreg_to_hashtable [v3,35/60] target/arm: Handle cpreg registration for missing EL [v3,36/60] target/arm: Drop EL3 no EL2 fallbacks [v3,37/60] target/arm: Merge zcr reginfo [v3,38/60] target/arm: Add isar predicates for FEAT_Debugv8p2 [v3,39/60] target/arm: Adjust definition of CONTEXTIDR_EL2 [v3,40/60] target/arm: Move cortex impdef sysregs to cpu_tcg.c [v3,41/60] target/arm: Update qemu-system-arm -cpu max to cortex-a57 [v3,42/60] target/arm: Set ID_DFR0.PerfMon for qemu-system-arm -cpu max [v3,43/60] target/arm: Split out aa32_max_features [v3,44/60] target/arm: Annotate arm_max_initfn with FEAT identifiers [v3,45/60] target/arm: Use field names for manipulating EL2 and EL3 modes [v3,46/60] target/arm: Enable FEAT_Debugv8p2 for -cpu max [v3,47/60] target/arm: Enable FEAT_Debugv8p4 for -cpu max [v3,48/60] target/arm: Add isar_feature_{aa64,any}_ras [v3,49/60] target/arm: Add minimal RAS registers [v3,50/60] target/arm: Enable SCR and HCR bits for RAS [v3,51/60] target/arm: Implement virtual SError exceptions [v3,52/60] target/arm: Implement ESB instruction [v3,53/60] target/arm: Enable FEAT_RAS for -cpu max [v3,54/60] target/arm: Enable FEAT_IESB for -cpu max [v3,55/60] target/arm: Enable FEAT_CSV2 for -cpu max [v3,56/60] target/arm: Enable FEAT_CSV2_2 for -cpu max [v3,57/60] target/arm: Enable FEAT_CSV3 for -cpu max [v3,58/60] target/arm: Enable FEAT_DGH for -cpu max [v3,59/60] target/arm: Define cortex-a76 [v3,60/60] target/arm: Define neoverse-n1

Message ID

20220417174426.711829-57-richard.henderson@linaro.org

State

Superseded

Headers

Received-SPF: pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender) client-ip=209.51.188.17;
From: Richard Henderson <richard.henderson@linaro.org>
To: qemu-devel@nongnu.org
Subject: [PATCH v3 56/60] target/arm: Enable FEAT_CSV2_2 for -cpu max
Date: Sun, 17 Apr 2022 10:44:22 -0700
Message-Id: <20220417174426.711829-57-richard.henderson@linaro.org>
In-Reply-To: <20220417174426.711829-1-richard.henderson@linaro.org>
References: <20220417174426.711829-1-richard.henderson@linaro.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=2607:f8b0:4864:20::1035;
 envelope-from=richard.henderson@linaro.org; helo=mail-pj1-x1035.google.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
 T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: qemu-arm@nongnu.org
Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org
Sender: "Qemu-devel" <qemu-devel-bounces+patch=linaro.org@nongnu.org>

Series

target/arm: Cleanups, new features, new cpus | expand

Commit Message

Richard Henderson April 17, 2022, 5:44 p.m. UTC

There is no branch prediction in TCG, therefore there is no
need to actually include the context number into the predictor.
Therefore all we need to do is add the state for SCXTNUM_ELx.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
v2: Update emulation.rst; clear CSV2_FRAC; use decimal; tidy access_scxtnum.
v3: Rely on EL3-no-EL2 squashing during registration.
---
 docs/system/arm/emulation.rst |  3 ++
 target/arm/cpu.h              | 16 +++++++++
 target/arm/cpu64.c            |  3 +-
 target/arm/helper.c           | 66 ++++++++++++++++++++++++++++++++++-
 4 files changed, 86 insertions(+), 2 deletions(-)

Comments

Damien Hedde April 29, 2022, 9:52 a.m. UTC | #1

On 4/17/22 19:44, Richard Henderson wrote:
> There is no branch prediction in TCG, therefore there is no
> need to actually include the context number into the predictor.
> Therefore all we need to do is add the state for SCXTNUM_ELx. >
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
> v2: Update emulation.rst; clear CSV2_FRAC; use decimal; tidy access_scxtnum.
> v3: Rely on EL3-no-EL2 squashing during registration.
> ---
>   docs/system/arm/emulation.rst |  3 ++
>   target/arm/cpu.h              | 16 +++++++++
>   target/arm/cpu64.c            |  3 +-
>   target/arm/helper.c           | 66 ++++++++++++++++++++++++++++++++++-
>   4 files changed, 86 insertions(+), 2 deletions(-)
> 
> diff --git a/target/arm/helper.c b/target/arm/helper.c
> @@ -7233,7 +7243,57 @@ static const ARMCPRegInfo mte_el0_cacheop_reginfo[] = {
>       },
>   };

Hi Richard,

I tried to compare with the pseudocode from arm doc and I've a few 
interrogations. It seems to me there are missing cases in the access 
checks, but I lack the background to know if these are not checked 
somewhere else or guaranteed to never happen.

>   
> -#endif > +static CPAccessResult access_scxtnum(CPUARMState *env, const 
ARMCPRegInfo *ri,
> +                                     bool isread)
> +{
The following checks are missing:
    + for HFG[W/R]TR_EL2.SCXTNUM_EL0/1
    + HCR_EL2.<NV2,NV1,NV> when accessing SCXTNUM_EL1, but maybe these 
are always guaranteed to fail because we don't support the features ?
    + HCR_EL2.NV when accessing SCXTNUM_EL2
> +    int el = arm_current_el(env);
> +
> +    if (el == 0) {
> +        uint64_t hcr = arm_hcr_el2_eff(env);
> +        if ((hcr & (HCR_TGE | HCR_E2H)) != (HCR_TGE | HCR_E2H)) {
> +            if (env->cp15.sctlr_el[1] & SCTLR_TSCXT) {
> +                if (hcr & HCR_TGE) {
> +                    return CP_ACCESS_TRAP_EL2;
> +                }
> +                return CP_ACCESS_TRAP;
> +            }
> +            if (arm_is_el2_enabled(env) && !(hcr & HCR_ENSCXT)) {
This case is also present when accessing SCXTNUM_EL0 from el1 (but 
without "(hcr & (HCR_TGE | HCR_E2H)) != (HCR_TGE | HCR_E2H)" precondition)
> +                return CP_ACCESS_TRAP_EL2;
> +            }
> +            goto no_sctlr_el2;
> +        }
> +    }
> +    if (el < 2 && (env->cp15.sctlr_el[2] & SCTLR_TSCXT)) {
> +        return CP_ACCESS_TRAP_EL2;
> +    }
> + no_sctlr_el2:
> +    if (el < 3
> +        && arm_feature(env, ARM_FEATURE_EL3)
> +        && !(env->cp15.scr_el3 & SCR_ENSCXT)) {
> +        return CP_ACCESS_TRAP_EL3;
> +    }
> +    return CP_ACCESS_OK;
> +}

Regards,
--
Damien

Richard Henderson April 29, 2022, 6:06 p.m. UTC | #2

On 4/29/22 02:52, Damien Hedde wrote:
> The following checks are missing:
>     + for HFG[W/R]TR_EL2.SCXTNUM_EL0/1

We do not yet support FEAT_FGT.

>     + HCR_EL2.<NV2,NV1,NV> when accessing SCXTNUM_EL1, but maybe these are always 
> guaranteed to fail because we don't support the features ?
>     + HCR_EL2.NV when accessing SCXTNUM_EL2

We do not yet support FEAT_NV or FEAT_NV2.

>> +            if (arm_is_el2_enabled(env) && !(hcr & HCR_ENSCXT)) {
> This case is also present when accessing SCXTNUM_EL0 from el1 (but without "(hcr & 
> (HCR_TGE | HCR_E2H)) != (HCR_TGE | HCR_E2H)" precondition)

Quite right.  Will fix.


r~

diff --git a/docs/system/arm/emulation.rst b/docs/system/arm/emulation.rst
index 91fb06c579..aebe3be1ba 100644
--- a/docs/system/arm/emulation.rst
+++ b/docs/system/arm/emulation.rst
@@ -12,6 +12,9 @@  the following architecture extensions:
 - FEAT_BF16 (AArch64 BFloat16 instructions)
 - FEAT_BTI (Branch Target Identification)
 - FEAT_CSV2 (Cache speculation variant 2)
+- FEAT_CSV2_1p1 (Cache speculation variant 2, version 1.1)
+- FEAT_CSV2_1p2 (Cache speculation variant 2, version 1.2)
+- FEAT_CSV2_2 (Cache speculation variant 2, version 2)
 - FEAT_DIT (Data Independent Timing instructions)
 - FEAT_DPB (DC CVAP instruction)
 - FEAT_Debugv8p2 (Debug changes for v8.2)
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
index b90b6d91bd..a7582da7c2 100644
--- a/target/arm/cpu.h
+++ b/target/arm/cpu.h
@@ -687,6 +687,8 @@  typedef struct CPUArchState {
         ARMPACKey apdb;
         ARMPACKey apga;
     } keys;
+
+    uint64_t scxtnum_el[4];
 #endif
 
 #if defined(CONFIG_USER_ONLY)
@@ -1210,6 +1212,7 @@  void pmu_init(ARMCPU *cpu);
 #define SCTLR_WXN     (1U << 19)
 #define SCTLR_ST      (1U << 20) /* up to ??, RAZ in v6 */
 #define SCTLR_UWXN    (1U << 20) /* v7 onward, AArch32 only */
+#define SCTLR_TSCXT   (1U << 20) /* FEAT_CSV2_1p2, AArch64 only */
 #define SCTLR_FI      (1U << 21) /* up to v7, v8 RES0 */
 #define SCTLR_IESB    (1U << 21) /* v8.2-IESB, AArch64 only */
 #define SCTLR_U       (1U << 22) /* up to v6, RAO in v7 */
@@ -4021,6 +4024,19 @@  static inline bool isar_feature_aa64_dit(const ARMISARegisters *id)
     return FIELD_EX64(id->id_aa64pfr0, ID_AA64PFR0, DIT) != 0;
 }
 
+static inline bool isar_feature_aa64_scxtnum(const ARMISARegisters *id)
+{
+    int key = FIELD_EX64(id->id_aa64pfr0, ID_AA64PFR0, CSV2);
+    if (key >= 2) {
+        return true;      /* FEAT_CSV2_2 */
+    }
+    if (key == 1) {
+        key = FIELD_EX64(id->id_aa64pfr1, ID_AA64PFR1, CSV2_FRAC);
+        return key >= 2;  /* FEAT_CSV2_1p2 */
+    }
+    return false;
+}
+
 static inline bool isar_feature_aa64_ssbs(const ARMISARegisters *id)
 {
     return FIELD_EX64(id->id_aa64pfr1, ID_AA64PFR1, SSBS) != 0;
diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c
index b62656f3c3..6ccbcb857d 100644
--- a/target/arm/cpu64.c
+++ b/target/arm/cpu64.c
@@ -748,7 +748,7 @@  static void aarch64_max_initfn(Object *obj)
     t = FIELD_DP64(t, ID_AA64PFR0, SVE, 1);
     t = FIELD_DP64(t, ID_AA64PFR0, SEL2, 1);      /* FEAT_SEL2 */
     t = FIELD_DP64(t, ID_AA64PFR0, DIT, 1);       /* FEAT_DIT */
-    t = FIELD_DP64(t, ID_AA64PFR0, CSV2, 1);      /* FEAT_CSV2 */
+    t = FIELD_DP64(t, ID_AA64PFR0, CSV2, 2);      /* FEAT_CSV2_2 */
     cpu->isar.id_aa64pfr0 = t;
 
     t = cpu->isar.id_aa64pfr1;
@@ -760,6 +760,7 @@  static void aarch64_max_initfn(Object *obj)
      * we do for EL2 with the virtualization=on property.
      */
     t = FIELD_DP64(t, ID_AA64PFR1, MTE, 3);       /* FEAT_MTE3 */
+    t = FIELD_DP64(t, ID_AA64PFR1, CSV2_FRAC, 0); /* FEAT_CSV2_2 */
     cpu->isar.id_aa64pfr1 = t;
 
     t = cpu->isar.id_aa64mmfr0;
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 7e4178c594..22728b9fbf 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -1771,6 +1771,9 @@  static void scr_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value)
         if (cpu_isar_feature(aa64_mte, cpu)) {
             valid_mask |= SCR_ATA;
         }
+        if (cpu_isar_feature(aa64_scxtnum, cpu)) {
+            valid_mask |= SCR_ENSCXT;
+        }
     } else {
         valid_mask &= ~(SCR_RW | SCR_ST);
         if (cpu_isar_feature(aa32_ras, cpu)) {
@@ -5149,6 +5152,9 @@  static void do_hcr_write(CPUARMState *env, uint64_t value, uint64_t valid_mask)
         if (cpu_isar_feature(aa64_mte, cpu)) {
             valid_mask |= HCR_ATA | HCR_DCT | HCR_TID5;
         }
+        if (cpu_isar_feature(aa64_scxtnum, cpu)) {
+            valid_mask |= HCR_ENSCXT;
+        }
     }
 
     /* Clear RES0 bits.  */
@@ -5798,6 +5804,10 @@  static void define_arm_vh_e2h_redirects_aliases(ARMCPU *cpu)
         { K(3, 0,  5, 6, 0), K(3, 4,  5, 6, 0), K(3, 5, 5, 6, 0),
           "TFSR_EL1", "TFSR_EL2", "TFSR_EL12", isar_feature_aa64_mte },
 
+        { K(3, 0, 13, 0, 7), K(3, 4, 13, 0, 7), K(3, 5, 13, 0, 7),
+          "SCXTNUM_EL1", "SCXTNUM_EL2", "SCXTNUM_EL12",
+          isar_feature_aa64_scxtnum },
+
         /* TODO: ARMv8.2-SPE -- PMSCR_EL2 */
         /* TODO: ARMv8.4-Trace -- TRFCR_EL2 */
     };
@@ -7233,7 +7243,57 @@  static const ARMCPRegInfo mte_el0_cacheop_reginfo[] = {
     },
 };
 
-#endif
+static CPAccessResult access_scxtnum(CPUARMState *env, const ARMCPRegInfo *ri,
+                                     bool isread)
+{
+    int el = arm_current_el(env);
+
+    if (el == 0) {
+        uint64_t hcr = arm_hcr_el2_eff(env);
+        if ((hcr & (HCR_TGE | HCR_E2H)) != (HCR_TGE | HCR_E2H)) {
+            if (env->cp15.sctlr_el[1] & SCTLR_TSCXT) {
+                if (hcr & HCR_TGE) {
+                    return CP_ACCESS_TRAP_EL2;
+                }
+                return CP_ACCESS_TRAP;
+            }
+            if (arm_is_el2_enabled(env) && !(hcr & HCR_ENSCXT)) {
+                return CP_ACCESS_TRAP_EL2;
+            }
+            goto no_sctlr_el2;
+        }
+    }
+    if (el < 2 && (env->cp15.sctlr_el[2] & SCTLR_TSCXT)) {
+        return CP_ACCESS_TRAP_EL2;
+    }
+ no_sctlr_el2:
+    if (el < 3
+        && arm_feature(env, ARM_FEATURE_EL3)
+        && !(env->cp15.scr_el3 & SCR_ENSCXT)) {
+        return CP_ACCESS_TRAP_EL3;
+    }
+    return CP_ACCESS_OK;
+}
+
+static const ARMCPRegInfo scxtnum_reginfo[] = {
+    { .name = "SCXTNUM_EL0", .state = ARM_CP_STATE_AA64,
+      .opc0 = 3, .opc1 = 3, .crn = 13, .crm = 0, .opc2 = 7,
+      .access = PL0_RW, .accessfn = access_scxtnum,
+      .fieldoffset = offsetof(CPUARMState, scxtnum_el[0]) },
+    { .name = "SCXTNUM_EL1", .state = ARM_CP_STATE_AA64,
+      .opc0 = 3, .opc1 = 0, .crn = 13, .crm = 0, .opc2 = 7,
+      .access = PL1_RW, .accessfn = access_scxtnum,
+      .fieldoffset = offsetof(CPUARMState, scxtnum_el[1]) },
+    { .name = "SCXTNUM_EL2", .state = ARM_CP_STATE_AA64,
+      .opc0 = 3, .opc1 = 4, .crn = 13, .crm = 0, .opc2 = 7,
+      .access = PL2_RW, .accessfn = access_scxtnum,
+      .fieldoffset = offsetof(CPUARMState, scxtnum_el[2]) },
+    { .name = "SCXTNUM_EL3", .state = ARM_CP_STATE_AA64,
+      .opc0 = 3, .opc1 = 6, .crn = 13, .crm = 0, .opc2 = 7,
+      .access = PL3_RW,
+      .fieldoffset = offsetof(CPUARMState, scxtnum_el[3]) },
+};
+#endif /* TARGET_AARCH64 */
 
 static CPAccessResult access_predinv(CPUARMState *env, const ARMCPRegInfo *ri,
                                      bool isread)
@@ -8372,6 +8432,10 @@  void register_cp_regs_for_features(ARMCPU *cpu)
         define_arm_cp_regs(cpu, mte_tco_ro_reginfo);
         define_arm_cp_regs(cpu, mte_el0_cacheop_reginfo);
     }
+
+    if (cpu_isar_feature(aa64_scxtnum, cpu)) {
+        define_arm_cp_regs(cpu, scxtnum_reginfo);
+    }
 #endif
 
     if (cpu_isar_feature(any_predinv, cpu)) {

[v3,56/60] target/arm: Enable FEAT_CSV2_2 for -cpu max

Commit Message

Comments

Patch