[v4,41/45] target/arm: Enable FEAT_CSV2_2 for -cpu max

Message ID	20220501055028.646596-42-richard.henderson@linaro.org
State	Superseded
Headers	show Delivered-To: patch@linaro.org Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; From: Richard Henderson <richard.henderson@linaro.org> To: qemu-devel@nongnu.org Subject: [PATCH v4 41/45] target/arm: Enable FEAT_CSV2_2 for -cpu max Date: Sat, 30 Apr 2022 22:50:23 -0700 Message-Id: <20220501055028.646596-42-richard.henderson@linaro.org> In-Reply-To: <20220501055028.646596-1-richard.henderson@linaro.org> References: <20220501055028.646596-1-richard.henderson@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=2607:f8b0:4864:20::62a; envelope-from=richard.henderson@linaro.org; helo=mail-pl1-x62a.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action Precedence: list Cc: qemu-arm@nongnu.org Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+patch=linaro.org@nongnu.org>
Series	target/arm: Cleanups, new features, new cpus \| expand [v4,00/45] target/arm: Cleanups, new features, new cpus [v4,01/45] target/arm: Split out cpregs.h [v4,02/45] target/arm: Reorg CPAccessResult and access_check_cp_reg [v4,03/45] target/arm: Replace sentinels with ARRAY_SIZE in cpregs.h [v4,04/45] target/arm: Make some more cpreg data static const [v4,05/45] target/arm: Reorg ARMCPRegInfo type field bits [v4,06/45] target/arm: Avoid bare abort() or assert(0) [v4,07/45] target/arm: Change cpreg access permissions to enum [v4,08/45] target/arm: Name CPState type [v4,09/45] target/arm: Name CPSecureState type [v4,10/45] target/arm: Drop always-true test in define_arm_vh_e2h_redirects_aliases [v4,11/45] target/arm: Store cpregs key in the hash table directly [v4,12/45] target/arm: Merge allocation of the cpreg and its name [v4,13/45] target/arm: Hoist computation of key in add_cpreg_to_hashtable [v4,14/45] target/arm: Consolidate cpreg updates in add_cpreg_to_hashtable [v4,15/45] target/arm: Use bool for is64 and ns in add_cpreg_to_hashtable [v4,16/45] target/arm: Hoist isbanked computation in add_cpreg_to_hashtable [v4,17/45] target/arm: Perform override check early in add_cpreg_to_hashtable [v4,18/45] target/arm: Reformat comments in add_cpreg_to_hashtable [v4,19/45] target/arm: Remove HOST_BIG_ENDIAN ifdef in add_cpreg_to_hashtable [v4,20/45] target/arm: Handle cpreg registration for missing EL [v4,21/45] target/arm: Drop EL3 no EL2 fallbacks [v4,22/45] target/arm: Merge zcr reginfo [v4,23/45] target/arm: Add isar predicates for FEAT_Debugv8p2 [v4,24/45] target/arm: Adjust definition of CONTEXTIDR_EL2 [v4,25/45] target/arm: Move cortex impdef sysregs to cpu_tcg.c [v4,26/45] target/arm: Update qemu-system-arm -cpu max to cortex-a57 [v4,27/45] target/arm: Set ID_DFR0.PerfMon for qemu-system-arm -cpu max [v4,28/45] target/arm: Split out aa32_max_features [v4,29/45] target/arm: Annotate arm_max_initfn with FEAT identifiers [v4,30/45] target/arm: Use field names for manipulating EL2 and EL3 modes [v4,31/45] target/arm: Enable FEAT_Debugv8p2 for -cpu max [v4,32/45] target/arm: Enable FEAT_Debugv8p4 for -cpu max [v4,33/45] target/arm: Add isar_feature_{aa64,any}_ras [v4,34/45] target/arm: Add minimal RAS registers [v4,35/45] target/arm: Enable SCR and HCR bits for RAS [v4,36/45] target/arm: Implement virtual SError exceptions [v4,37/45] target/arm: Implement ESB instruction [v4,38/45] target/arm: Enable FEAT_RAS for -cpu max [v4,39/45] target/arm: Enable FEAT_IESB for -cpu max [v4,40/45] target/arm: Enable FEAT_CSV2 for -cpu max [v4,41/45] target/arm: Enable FEAT_CSV2_2 for -cpu max [v4,42/45] target/arm: Enable FEAT_CSV3 for -cpu max [v4,43/45] target/arm: Enable FEAT_DGH for -cpu max [v4,44/45] target/arm: Define cortex-a76 [v4,45/45] target/arm: Define neoverse-n1

Message ID

20220501055028.646596-42-richard.henderson@linaro.org

State

Superseded

Headers

Received-SPF: pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender) client-ip=209.51.188.17;
From: Richard Henderson <richard.henderson@linaro.org>
To: qemu-devel@nongnu.org
Subject: [PATCH v4 41/45] target/arm: Enable FEAT_CSV2_2 for -cpu max
Date: Sat, 30 Apr 2022 22:50:23 -0700
Message-Id: <20220501055028.646596-42-richard.henderson@linaro.org>
In-Reply-To: <20220501055028.646596-1-richard.henderson@linaro.org>
References: <20220501055028.646596-1-richard.henderson@linaro.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=2607:f8b0:4864:20::62a;
 envelope-from=richard.henderson@linaro.org; helo=mail-pl1-x62a.google.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
 T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: qemu-arm@nongnu.org
Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org
Sender: "Qemu-devel" <qemu-devel-bounces+patch=linaro.org@nongnu.org>

Series

target/arm: Cleanups, new features, new cpus | expand

Commit Message

Richard Henderson May 1, 2022, 5:50 a.m. UTC

There is no branch prediction in TCG, therefore there is no
need to actually include the context number into the predictor.
Therefore all we need to do is add the state for SCXTNUM_ELx.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
v2: Update emulation.rst; clear CSV2_FRAC; use decimal; tidy access_scxtnum.
v3: Rely on EL3-no-EL2 squashing during registration.
---
 docs/system/arm/emulation.rst |  3 ++
 target/arm/cpu.h              | 16 +++++++++
 target/arm/cpu64.c            |  3 +-
 target/arm/helper.c           | 61 ++++++++++++++++++++++++++++++++++-
 4 files changed, 81 insertions(+), 2 deletions(-)

Comments

Peter Maydell May 3, 2022, 5:10 p.m. UTC | #1

On Sun, 1 May 2022 at 08:16, Richard Henderson
<richard.henderson@linaro.org> wrote:
>
> There is no branch prediction in TCG, therefore there is no
> need to actually include the context number into the predictor.
> Therefore all we need to do is add the state for SCXTNUM_ELx.
>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
> v2: Update emulation.rst; clear CSV2_FRAC; use decimal; tidy access_scxtnum.
> v3: Rely on EL3-no-EL2 squashing during registration.
> ---
>  docs/system/arm/emulation.rst |  3 ++
>  target/arm/cpu.h              | 16 +++++++++
>  target/arm/cpu64.c            |  3 +-
>  target/arm/helper.c           | 61 ++++++++++++++++++++++++++++++++++-
>  4 files changed, 81 insertions(+), 2 deletions(-)

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>

(The handling of SCXTNUM_EL0 should Just Work for user-mode-only,
right?)

thanks
-- PMM

Richard Henderson May 3, 2022, 7:33 p.m. UTC | #2

On 5/3/22 10:10, Peter Maydell wrote:
> On Sun, 1 May 2022 at 08:16, Richard Henderson
> <richard.henderson@linaro.org> wrote:
>>
>> There is no branch prediction in TCG, therefore there is no
>> need to actually include the context number into the predictor.
>> Therefore all we need to do is add the state for SCXTNUM_ELx.
>>
>> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
>> ---
>> v2: Update emulation.rst; clear CSV2_FRAC; use decimal; tidy access_scxtnum.
>> v3: Rely on EL3-no-EL2 squashing during registration.
>> ---
>>   docs/system/arm/emulation.rst |  3 ++
>>   target/arm/cpu.h              | 16 +++++++++
>>   target/arm/cpu64.c            |  3 +-
>>   target/arm/helper.c           | 61 ++++++++++++++++++++++++++++++++++-
>>   4 files changed, 81 insertions(+), 2 deletions(-)
> 
> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
> 
> (The handling of SCXTNUM_EL0 should Just Work for user-mode-only,
> right?)

Hmm, interesting.

The linux master does not support CSV2_1.2+.  This bit is supposed to be RES1 when the 
feature is not enabled, so when booted with TCG at EL1 access *should* be trapped, when 
the guest kernel is not buggy.  This falls into the

     /* ??? Lots of these bits are not implemented.  */

fixme in sctlr_write.  If the guest kernel is buggy... ya gets what ya gets.

We are particularly sloppy with SCTLR_EL1 with user-only; the res1 bits are not set,
which means that we'll expose the register at user-only.

Although context swapping is not an issue for user-only, I think we should not expose the 
value at this time.  It's plausible that the register will *never* be exposed to EL0.  We 
might get, for instance, a prctl to set a new thread/process-level random value instead.

Will provide a minimal user-only fix for v5, and work on sctlr_write another day.

r~

diff --git a/docs/system/arm/emulation.rst b/docs/system/arm/emulation.rst
index b2a3e2a437..9765ee3eaf 100644
--- a/docs/system/arm/emulation.rst
+++ b/docs/system/arm/emulation.rst
@@ -13,6 +13,9 @@  the following architecture extensions:
 - FEAT_BF16 (AArch64 BFloat16 instructions)
 - FEAT_BTI (Branch Target Identification)
 - FEAT_CSV2 (Cache speculation variant 2)
+- FEAT_CSV2_1p1 (Cache speculation variant 2, version 1.1)
+- FEAT_CSV2_1p2 (Cache speculation variant 2, version 1.2)
+- FEAT_CSV2_2 (Cache speculation variant 2, version 2)
 - FEAT_DIT (Data Independent Timing instructions)
 - FEAT_DPB (DC CVAP instruction)
 - FEAT_Debugv8p2 (Debug changes for v8.2)
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
index aade9237bd..18ca61e8e2 100644
--- a/target/arm/cpu.h
+++ b/target/arm/cpu.h
@@ -688,6 +688,8 @@  typedef struct CPUArchState {
         ARMPACKey apdb;
         ARMPACKey apga;
     } keys;
+
+    uint64_t scxtnum_el[4];
 #endif
 
 #if defined(CONFIG_USER_ONLY)
@@ -1211,6 +1213,7 @@  void pmu_init(ARMCPU *cpu);
 #define SCTLR_WXN     (1U << 19)
 #define SCTLR_ST      (1U << 20) /* up to ??, RAZ in v6 */
 #define SCTLR_UWXN    (1U << 20) /* v7 onward, AArch32 only */
+#define SCTLR_TSCXT   (1U << 20) /* FEAT_CSV2_1p2, AArch64 only */
 #define SCTLR_FI      (1U << 21) /* up to v7, v8 RES0 */
 #define SCTLR_IESB    (1U << 21) /* v8.2-IESB, AArch64 only */
 #define SCTLR_U       (1U << 22) /* up to v6, RAO in v7 */
@@ -4022,6 +4025,19 @@  static inline bool isar_feature_aa64_dit(const ARMISARegisters *id)
     return FIELD_EX64(id->id_aa64pfr0, ID_AA64PFR0, DIT) != 0;
 }
 
+static inline bool isar_feature_aa64_scxtnum(const ARMISARegisters *id)
+{
+    int key = FIELD_EX64(id->id_aa64pfr0, ID_AA64PFR0, CSV2);
+    if (key >= 2) {
+        return true;      /* FEAT_CSV2_2 */
+    }
+    if (key == 1) {
+        key = FIELD_EX64(id->id_aa64pfr1, ID_AA64PFR1, CSV2_FRAC);
+        return key >= 2;  /* FEAT_CSV2_1p2 */
+    }
+    return false;
+}
+
 static inline bool isar_feature_aa64_ssbs(const ARMISARegisters *id)
 {
     return FIELD_EX64(id->id_aa64pfr1, ID_AA64PFR1, SSBS) != 0;
diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c
index 25fe74f928..07b44a62be 100644
--- a/target/arm/cpu64.c
+++ b/target/arm/cpu64.c
@@ -748,7 +748,7 @@  static void aarch64_max_initfn(Object *obj)
     t = FIELD_DP64(t, ID_AA64PFR0, SVE, 1);
     t = FIELD_DP64(t, ID_AA64PFR0, SEL2, 1);      /* FEAT_SEL2 */
     t = FIELD_DP64(t, ID_AA64PFR0, DIT, 1);       /* FEAT_DIT */
-    t = FIELD_DP64(t, ID_AA64PFR0, CSV2, 1);      /* FEAT_CSV2 */
+    t = FIELD_DP64(t, ID_AA64PFR0, CSV2, 2);      /* FEAT_CSV2_2 */
     cpu->isar.id_aa64pfr0 = t;
 
     t = cpu->isar.id_aa64pfr1;
@@ -760,6 +760,7 @@  static void aarch64_max_initfn(Object *obj)
      * we do for EL2 with the virtualization=on property.
      */
     t = FIELD_DP64(t, ID_AA64PFR1, MTE, 3);       /* FEAT_MTE3 */
+    t = FIELD_DP64(t, ID_AA64PFR1, CSV2_FRAC, 0); /* FEAT_CSV2_2 */
     cpu->isar.id_aa64pfr1 = t;
 
     t = cpu->isar.id_aa64mmfr0;
diff --git a/target/arm/helper.c b/target/arm/helper.c
index f62d16a456..7e31f11904 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -1770,6 +1770,9 @@  static void scr_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value)
         if (cpu_isar_feature(aa64_mte, cpu)) {
             valid_mask |= SCR_ATA;
         }
+        if (cpu_isar_feature(aa64_scxtnum, cpu)) {
+            valid_mask |= SCR_ENSCXT;
+        }
     } else {
         valid_mask &= ~(SCR_RW | SCR_ST);
         if (cpu_isar_feature(aa32_ras, cpu)) {
@@ -5149,6 +5152,9 @@  static void do_hcr_write(CPUARMState *env, uint64_t value, uint64_t valid_mask)
         if (cpu_isar_feature(aa64_mte, cpu)) {
             valid_mask |= HCR_ATA | HCR_DCT | HCR_TID5;
         }
+        if (cpu_isar_feature(aa64_scxtnum, cpu)) {
+            valid_mask |= HCR_ENSCXT;
+        }
     }
 
     /* Clear RES0 bits.  */
@@ -5800,6 +5806,10 @@  static void define_arm_vh_e2h_redirects_aliases(ARMCPU *cpu)
         { K(3, 0,  5, 6, 0), K(3, 4,  5, 6, 0), K(3, 5, 5, 6, 0),
           "TFSR_EL1", "TFSR_EL2", "TFSR_EL12", isar_feature_aa64_mte },
 
+        { K(3, 0, 13, 0, 7), K(3, 4, 13, 0, 7), K(3, 5, 13, 0, 7),
+          "SCXTNUM_EL1", "SCXTNUM_EL2", "SCXTNUM_EL12",
+          isar_feature_aa64_scxtnum },
+
         /* TODO: ARMv8.2-SPE -- PMSCR_EL2 */
         /* TODO: ARMv8.4-Trace -- TRFCR_EL2 */
     };
@@ -7223,7 +7233,52 @@  static const ARMCPRegInfo mte_el0_cacheop_reginfo[] = {
     },
 };
 
-#endif
+static CPAccessResult access_scxtnum(CPUARMState *env, const ARMCPRegInfo *ri,
+                                     bool isread)
+{
+    uint64_t hcr = arm_hcr_el2_eff(env);
+    int el = arm_current_el(env);
+
+    if (el == 0 && !((hcr & HCR_E2H) && (hcr & HCR_TGE))) {
+        if (env->cp15.sctlr_el[1] & SCTLR_TSCXT) {
+            if (hcr & HCR_TGE) {
+                return CP_ACCESS_TRAP_EL2;
+            }
+            return CP_ACCESS_TRAP;
+        }
+    } else if (el < 2 && (env->cp15.sctlr_el[2] & SCTLR_TSCXT)) {
+        return CP_ACCESS_TRAP_EL2;
+    }
+    if (el < 2 && arm_is_el2_enabled(env) && !(hcr & HCR_ENSCXT)) {
+        return CP_ACCESS_TRAP_EL2;
+    }
+    if (el < 3
+        && arm_feature(env, ARM_FEATURE_EL3)
+        && !(env->cp15.scr_el3 & SCR_ENSCXT)) {
+        return CP_ACCESS_TRAP_EL3;
+    }
+    return CP_ACCESS_OK;
+}
+
+static const ARMCPRegInfo scxtnum_reginfo[] = {
+    { .name = "SCXTNUM_EL0", .state = ARM_CP_STATE_AA64,
+      .opc0 = 3, .opc1 = 3, .crn = 13, .crm = 0, .opc2 = 7,
+      .access = PL0_RW, .accessfn = access_scxtnum,
+      .fieldoffset = offsetof(CPUARMState, scxtnum_el[0]) },
+    { .name = "SCXTNUM_EL1", .state = ARM_CP_STATE_AA64,
+      .opc0 = 3, .opc1 = 0, .crn = 13, .crm = 0, .opc2 = 7,
+      .access = PL1_RW, .accessfn = access_scxtnum,
+      .fieldoffset = offsetof(CPUARMState, scxtnum_el[1]) },
+    { .name = "SCXTNUM_EL2", .state = ARM_CP_STATE_AA64,
+      .opc0 = 3, .opc1 = 4, .crn = 13, .crm = 0, .opc2 = 7,
+      .access = PL2_RW, .accessfn = access_scxtnum,
+      .fieldoffset = offsetof(CPUARMState, scxtnum_el[2]) },
+    { .name = "SCXTNUM_EL3", .state = ARM_CP_STATE_AA64,
+      .opc0 = 3, .opc1 = 6, .crn = 13, .crm = 0, .opc2 = 7,
+      .access = PL3_RW,
+      .fieldoffset = offsetof(CPUARMState, scxtnum_el[3]) },
+};
+#endif /* TARGET_AARCH64 */
 
 static CPAccessResult access_predinv(CPUARMState *env, const ARMCPRegInfo *ri,
                                      bool isread)
@@ -8362,6 +8417,10 @@  void register_cp_regs_for_features(ARMCPU *cpu)
         define_arm_cp_regs(cpu, mte_tco_ro_reginfo);
         define_arm_cp_regs(cpu, mte_el0_cacheop_reginfo);
     }
+
+    if (cpu_isar_feature(aa64_scxtnum, cpu)) {
+        define_arm_cp_regs(cpu, scxtnum_reginfo);
+    }
 #endif
 
     if (cpu_isar_feature(any_predinv, cpu)) {

[v4,41/45] target/arm: Enable FEAT_CSV2_2 for -cpu max

Commit Message

Comments

Patch