From patchwork Thu Mar 6 19:33:00 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 25842 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-vc0-f198.google.com (mail-vc0-f198.google.com [209.85.220.198]) by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id A62DD203C3 for ; Thu, 6 Mar 2014 19:33:27 +0000 (UTC) Received: by mail-vc0-f198.google.com with SMTP id lf12sf7129811vcb.9 for ; Thu, 06 Mar 2014 11:33:27 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:delivered-to:from:to:cc:subject :date:message-id:in-reply-to:references:x-original-sender :x-original-authentication-results:precedence:mailing-list:list-id :list-post:list-help:list-archive:list-unsubscribe; bh=MlGVXTH0RDROw5zphLJBkpT/xbc91ntXWkkz9s8zwZU=; b=Kxv0Vx7VpvfHAjg095aRPjPQGx4ARo2r1eXjQG9TV5EHF+2PVj8Qm1kfrO39zvPd11 4sMU0DlVyYS5oKwY3GW75i0gy7m8amrbQBwDUgDEFRcFTc3ztTvbLVFdXo7GI8O6bQ6m HU9JO3hCFAZWVDKEV6Ul2shhx5gapwO7vfxv4VkPUWZefMUQT8cpax0qzdmpLQkpC4dO dySk9NU/GH32g42ntWwwwvjemruS/oz2WKpSL+LfnhfdB0f7gu2z4FdMLW8EWSv8+9M4 7gZcDhEs/NGRnmg6OwBSuPxxbeUmvungQaqKGRX7QZNh0Zt5q0E8g0Xoo083fCWW9iD1 GqKQ== X-Gm-Message-State: ALoCoQl906/INkNcUX0zR7qsRFTjjjwXu4EffZtZ+gnYuwK2iTCNpVg3RyyCZxEZcjufhotpkQTJ X-Received: by 10.236.228.228 with SMTP id f94mr5538493yhq.43.1394134407407; Thu, 06 Mar 2014 11:33:27 -0800 (PST) MIME-Version: 1.0 X-BeenThere: patchwork-forward@linaro.org Received: by 10.140.108.100 with SMTP id i91ls865990qgf.23.gmail; Thu, 06 Mar 2014 11:33:27 -0800 (PST) X-Received: by 10.58.123.70 with SMTP id ly6mr2599257veb.26.1394134407286; Thu, 06 Mar 2014 11:33:27 -0800 (PST) Received: from mail-ve0-f175.google.com (mail-ve0-f175.google.com [209.85.128.175]) by mx.google.com with ESMTPS id zp2si1455179vec.8.2014.03.06.11.33.27 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 06 Mar 2014 11:33:27 -0800 (PST) Received-SPF: neutral (google.com: 209.85.128.175 is neither permitted nor denied by best guess record for domain of patch+caf_=patchwork-forward=linaro.org@linaro.org) client-ip=209.85.128.175; Received: by mail-ve0-f175.google.com with SMTP id oz11so3112523veb.20 for ; Thu, 06 Mar 2014 11:33:27 -0800 (PST) X-Received: by 10.221.37.1 with SMTP id tc1mr1434395vcb.32.1394134407185; Thu, 06 Mar 2014 11:33:27 -0800 (PST) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patches@linaro.org Received: by 10.220.78.9 with SMTP id i9csp61896vck; Thu, 6 Mar 2014 11:33:26 -0800 (PST) X-Received: by 10.194.6.8 with SMTP id w8mr13109177wjw.16.1394134403968; Thu, 06 Mar 2014 11:33:23 -0800 (PST) Received: from mnementh.archaic.org.uk (mnementh.archaic.org.uk. [2001:8b0:1d0::1]) by mx.google.com with ESMTPS id f20si6270666wjz.75.2014.03.06.11.33.23 for (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Thu, 06 Mar 2014 11:33:23 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of pm215@archaic.org.uk designates 2001:8b0:1d0::1 as permitted sender) client-ip=2001:8b0:1d0::1; Received: from pm215 by mnementh.archaic.org.uk with local (Exim 4.80) (envelope-from ) id 1WLe2U-0000TM-5E; Thu, 06 Mar 2014 19:33:06 +0000 From: Peter Maydell To: qemu-devel@nongnu.org Cc: patches@linaro.org, Alexander Graf , Michael Matz , Claudio Fontana , Dirk Mueller , Laurent Desnogues , kvmarm@lists.cs.columbia.edu, Richard Henderson , =?UTF-8?q?Alex=20Benn=C3=A9e?= , Christoffer Dall , Will Newton , Peter Crosthwaite , Rob Herring Subject: [PATCH v4 16/21] target-arm: Implement SP_EL0, SP_EL1 Date: Thu, 6 Mar 2014 19:33:00 +0000 Message-Id: <1394134385-1727-17-git-send-email-peter.maydell@linaro.org> X-Mailer: git-send-email 1.7.10.4 In-Reply-To: <1394134385-1727-1-git-send-email-peter.maydell@linaro.org> References: <1394134385-1727-1-git-send-email-peter.maydell@linaro.org> X-Removed-Original-Auth: Dkim didn't pass. X-Original-Sender: peter.maydell@linaro.org X-Original-Authentication-Results: mx.google.com; spf=neutral (google.com: 209.85.128.175 is neither permitted nor denied by best guess record for domain of patch+caf_=patchwork-forward=linaro.org@linaro.org) smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org Precedence: list Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org List-ID: X-Google-Group-Id: 836684582541 List-Post: , List-Help: , List-Archive: List-Unsubscribe: , Implement handling for the AArch64 SP_EL0 system register. This holds the EL0 stack pointer, and is only accessible when it's not being used as the stack pointer, ie when we're in EL1 and EL1 is using its own stack pointer. We also provide a definition of the SP_EL1 register; this isn't guest visible as a system register for an implementation like QEMU which doesn't provide EL2 or EL3; however it is useful for ensuring the underlying state is migrated. We need to update the state fields in the CPU state whenever switch stack pointers; this happens when we take an exception and also when SPSEL is used to change the bit in PSTATE which indicates which stack pointer EL1 should use. Signed-off-by: Peter Maydell --- target-arm/cpu.h | 2 ++ target-arm/helper.c | 34 ++++++++++++++++++++++++++++++++++ target-arm/internals.h | 25 +++++++++++++++++++++++++ target-arm/kvm64.c | 37 ++++++++++++++++++++++++++++++++++--- target-arm/machine.c | 7 ++++--- target-arm/op_helper.c | 2 +- 6 files changed, 100 insertions(+), 7 deletions(-) diff --git a/target-arm/cpu.h b/target-arm/cpu.h index 7ef2c71..338edc3 100644 --- a/target-arm/cpu.h +++ b/target-arm/cpu.h @@ -163,6 +163,7 @@ typedef struct CPUARMState { uint64_t daif; /* exception masks, in the bits they are in in PSTATE */ uint64_t elr_el1; /* AArch64 ELR_EL1 */ + uint64_t sp_el[2]; /* AArch64 banked stack pointers */ /* System control coprocessor (cp15) */ struct { @@ -431,6 +432,7 @@ int cpu_arm_handle_mmu_fault (CPUARMState *env, target_ulong address, int rw, * Only these are valid when in AArch64 mode; in * AArch32 mode SPSRs are basically CPSR-format. */ +#define PSTATE_SP (1U) #define PSTATE_M (0xFU) #define PSTATE_nRW (1U << 4) #define PSTATE_F (1U << 6) diff --git a/target-arm/helper.c b/target-arm/helper.c index 812fc73..6ee4135 100644 --- a/target-arm/helper.c +++ b/target-arm/helper.c @@ -1682,6 +1682,27 @@ static uint64_t aa64_dczid_read(CPUARMState *env, const ARMCPRegInfo *ri) return cpu->dcz_blocksize | dzp_bit; } +static CPAccessResult sp_el0_access(CPUARMState *env, const ARMCPRegInfo *ri) +{ + if (!env->pstate & PSTATE_SP) { + /* Access to SP_EL0 is undefined if it's being used as + * the stack pointer. + */ + return CP_ACCESS_TRAP_UNCATEGORIZED; + } + return CP_ACCESS_OK; +} + +static uint64_t spsel_read(CPUARMState *env, const ARMCPRegInfo *ri) +{ + return env->pstate & PSTATE_SP; +} + +static void spsel_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t val) +{ + update_spsel(env, val); +} + static const ARMCPRegInfo v8_cp_reginfo[] = { /* Minimal set of EL0-visible registers. This will need to be expanded * significantly for system emulation of AArch64 CPUs. @@ -1814,6 +1835,19 @@ static const ARMCPRegInfo v8_cp_reginfo[] = { .type = ARM_CP_NO_MIGRATE, .opc0 = 3, .opc1 = 0, .crn = 4, .crm = 0, .opc2 = 1, .access = PL1_RW, .fieldoffset = offsetof(CPUARMState, elr_el1) }, + /* We rely on the access checks not allowing the guest to write to the + * state field when SPSel indicates that it's being used as the stack + * pointer. + */ + { .name = "SP_EL0", .state = ARM_CP_STATE_AA64, + .opc0 = 3, .opc1 = 0, .crn = 4, .crm = 1, .opc2 = 0, + .access = PL1_RW, .accessfn = sp_el0_access, + .type = ARM_CP_NO_MIGRATE, + .fieldoffset = offsetof(CPUARMState, sp_el[0]) }, + { .name = "SPSel", .state = ARM_CP_STATE_AA64, + .opc0 = 3, .opc1 = 0, .crn = 4, .crm = 2, .opc2 = 0, + .type = ARM_CP_NO_MIGRATE, + .access = PL1_RW, .readfn = spsel_read, .writefn = spsel_write }, REGINFO_SENTINEL }; diff --git a/target-arm/internals.h b/target-arm/internals.h index 11a7040..97a76c2 100644 --- a/target-arm/internals.h +++ b/target-arm/internals.h @@ -60,6 +60,31 @@ enum arm_fprounding { int arm_rmode_to_sf(int rmode); +static inline void update_spsel(CPUARMState *env, uint32_t imm) +{ + /* Update PSTATE SPSel bit; this requires us to update the + * working stack pointer in xregs[31]. + */ + if (!((imm ^ env->pstate) & PSTATE_SP)) { + return; + } + env->pstate = deposit32(env->pstate, 0, 1, imm); + + /* EL0 has no access rights to update SPSel, and this code + * assumes we are updating SP for EL1 while running as EL1. + */ + assert(arm_current_pl(env) == 1); + if (env->pstate & PSTATE_SP) { + /* Switch from using SP_EL0 to using SP_ELx */ + env->sp_el[0] = env->xregs[31]; + env->xregs[31] = env->sp_el[1]; + } else { + /* Switch from SP_EL0 to SP_ELx */ + env->sp_el[1] = env->xregs[31]; + env->xregs[31] = env->sp_el[0]; + } +} + /* Valid Syndrome Register EC field values */ enum arm_exception_class { EC_UNCATEGORIZED = 0, diff --git a/target-arm/kvm64.c b/target-arm/kvm64.c index ee72748..39c4364 100644 --- a/target-arm/kvm64.c +++ b/target-arm/kvm64.c @@ -121,8 +121,24 @@ int kvm_arch_put_registers(CPUState *cs, int level) } } + /* KVM puts SP_EL0 in regs.sp and SP_EL1 in regs.sp_el1. On the + * QEMU side we keep the current SP in xregs[31] as well. + */ + if (env->pstate & PSTATE_SP) { + env->sp_el[1] = env->xregs[31]; + } else { + env->sp_el[0] = env->xregs[31]; + } + reg.id = AARCH64_CORE_REG(regs.sp); - reg.addr = (uintptr_t) &env->xregs[31]; + reg.addr = (uintptr_t) &env->sp_el[0]; + ret = kvm_vcpu_ioctl(cs, KVM_SET_ONE_REG, ®); + if (ret) { + return ret; + } + + reg.id = AARCH64_CORE_REG(sp_el1); + reg.addr = (uintptr_t) &env->sp_el[1]; ret = kvm_vcpu_ioctl(cs, KVM_SET_ONE_REG, ®); if (ret) { return ret; @@ -152,7 +168,6 @@ int kvm_arch_put_registers(CPUState *cs, int level) } /* TODO: - * SP_EL1 * SPSR[] * FP state * system registers @@ -180,7 +195,14 @@ int kvm_arch_get_registers(CPUState *cs) } reg.id = AARCH64_CORE_REG(regs.sp); - reg.addr = (uintptr_t) &env->xregs[31]; + reg.addr = (uintptr_t) &env->sp_el[0]; + ret = kvm_vcpu_ioctl(cs, KVM_GET_ONE_REG, ®); + if (ret) { + return ret; + } + + reg.id = AARCH64_CORE_REG(sp_el1); + reg.addr = (uintptr_t) &env->sp_el[1]; ret = kvm_vcpu_ioctl(cs, KVM_GET_ONE_REG, ®); if (ret) { return ret; @@ -194,6 +216,15 @@ int kvm_arch_get_registers(CPUState *cs) } pstate_write(env, val); + /* KVM puts SP_EL0 in regs.sp and SP_EL1 in regs.sp_el1. On the + * QEMU side we keep the current SP in xregs[31] as well. + */ + if (env->pstate & PSTATE_SP) { + env->xregs[31] = env->sp_el[1]; + } else { + env->xregs[31] = env->sp_el[0]; + } + reg.id = AARCH64_CORE_REG(regs.pc); reg.addr = (uintptr_t) &env->pc; ret = kvm_vcpu_ioctl(cs, KVM_GET_ONE_REG, ®); diff --git a/target-arm/machine.c b/target-arm/machine.c index 01d8f83..af49662 100644 --- a/target-arm/machine.c +++ b/target-arm/machine.c @@ -222,9 +222,9 @@ static int cpu_post_load(void *opaque, int version_id) const VMStateDescription vmstate_arm_cpu = { .name = "cpu", - .version_id = 15, - .minimum_version_id = 15, - .minimum_version_id_old = 15, + .version_id = 16, + .minimum_version_id = 16, + .minimum_version_id_old = 16, .pre_save = cpu_pre_save, .post_load = cpu_post_load, .fields = (VMStateField[]) { @@ -244,6 +244,7 @@ const VMStateDescription vmstate_arm_cpu = { VMSTATE_UINT32_ARRAY(env.usr_regs, ARMCPU, 5), VMSTATE_UINT32_ARRAY(env.fiq_regs, ARMCPU, 5), VMSTATE_UINT64(env.elr_el1, ARMCPU), + VMSTATE_UINT64_ARRAY(env.sp_el, ARMCPU, 2), /* The length-check must come before the arrays to avoid * incoming data possibly overflowing the array. */ diff --git a/target-arm/op_helper.c b/target-arm/op_helper.c index b1db672..aeb2538 100644 --- a/target-arm/op_helper.c +++ b/target-arm/op_helper.c @@ -349,7 +349,7 @@ void HELPER(msr_i_pstate)(CPUARMState *env, uint32_t op, uint32_t imm) switch (op) { case 0x05: /* SPSel */ - env->pstate = deposit32(env->pstate, 0, 1, imm); + update_spsel(env, imm); break; case 0x1e: /* DAIFSet */ env->daif |= (imm << 6) & PSTATE_DAIF;