From nobody Wed Apr 16 06:33:44 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1513191272622481.66915549615976; Wed, 13 Dec 2017 10:54:32 -0800 (PST) Received: from localhost ([::1]:37047 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ePCAp-0005pu-Rp for importer@patchew.org; Wed, 13 Dec 2017 13:54:31 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:51740) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ePBWm-0004x3-LF for qemu-devel@nongnu.org; Wed, 13 Dec 2017 13:13:10 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ePBWl-0008A6-BR for qemu-devel@nongnu.org; Wed, 13 Dec 2017 13:13:08 -0500 Received: from orth.archaic.org.uk ([2001:8b0:1d0::2]:39146) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ePBWl-00086L-3d for qemu-devel@nongnu.org; Wed, 13 Dec 2017 13:13:07 -0500 Received: from pm215 by orth.archaic.org.uk with local (Exim 4.89) (envelope-from ) id 1ePBWj-0007nY-Rs for qemu-devel@nongnu.org; Wed, 13 Dec 2017 18:13:05 +0000 From: Peter Maydell To: qemu-devel@nongnu.org Date: Wed, 13 Dec 2017 18:12:31 +0000 Message-Id: <1513188761-20784-34-git-send-email-peter.maydell@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1513188761-20784-1-git-send-email-peter.maydell@linaro.org> References: <1513188761-20784-1-git-send-email-peter.maydell@linaro.org> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2001:8b0:1d0::2 Subject: [Qemu-devel] [PULL 33/43] target/arm: Use ARMMMUFaultInfo in deliver_fault() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Now that ARMMMUFaultInfo is guaranteed to have enough information to construct a fault status code, we can pass it in to the deliver_fault() function and let it generate the correct type of FSR for the destination, rather than relying on the value provided by get_phys_addr(). I don't think there are any cases the old code was getting wrong, but this is more obviously correct. Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson Reviewed-by: Edgar E. Iglesias Tested-by: Stefano Stabellini Message-id: 1512503192-2239-10-git-send-email-peter.maydell@linaro.org --- target/arm/op_helper.c | 79 ++++++++++++++--------------------------------= ---- 1 file changed, 22 insertions(+), 57 deletions(-) diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c index a40a84a..38e6993 100644 --- a/target/arm/op_helper.c +++ b/target/arm/op_helper.c @@ -116,12 +116,13 @@ static inline uint32_t merge_syn_data_abort(uint32_t = template_syn, } =20 static void deliver_fault(ARMCPU *cpu, vaddr addr, MMUAccessType access_ty= pe, - uint32_t fsr, uint32_t fsc, ARMMMUFaultInfo *fi) + int mmu_idx, ARMMMUFaultInfo *fi) { CPUARMState *env =3D &cpu->env; int target_el; bool same_el; - uint32_t syn, exc; + uint32_t syn, exc, fsr, fsc; + ARMMMUIdx arm_mmu_idx =3D core_to_arm_mmu_idx(env, mmu_idx); =20 target_el =3D exception_target_el(env); if (fi->stage2) { @@ -130,14 +131,21 @@ static void deliver_fault(ARMCPU *cpu, vaddr addr, MM= UAccessType access_type, } same_el =3D (arm_current_el(env) =3D=3D target_el); =20 - if (fsc =3D=3D 0x3f) { - /* Caller doesn't have a long-format fault status code. This - * should only happen if this fault will never actually be reported - * to an EL that uses a syndrome register. Check that here. - * 0x3f is a (currently) reserved FSC code, in case the constructed - * syndrome does leak into the guest somehow. + if (target_el =3D=3D 2 || arm_el_is_aa64(env, target_el) || + arm_s1_regime_using_lpae_format(env, arm_mmu_idx)) { + /* LPAE format fault status register : bottom 6 bits are + * status code in the same form as needed for syndrome + */ + fsr =3D arm_fi_to_lfsc(fi); + fsc =3D extract32(fsr, 0, 6); + } else { + fsr =3D arm_fi_to_sfsc(fi); + /* Short format FSR : this fault will never actually be reported + * to an EL that uses a syndrome register. Use a (currently) + * reserved FSR code in case the constructed syndrome does leak + * into the guest somehow. */ - assert(target_el !=3D 2 && !arm_el_is_aa64(env, target_el)); + fsc =3D 0x3f; } =20 if (access_type =3D=3D MMU_INST_FETCH) { @@ -174,29 +182,13 @@ void tlb_fill(CPUState *cs, target_ulong addr, MMUAcc= essType access_type, ret =3D arm_tlb_fill(cs, addr, access_type, mmu_idx, &fsr, &fi); if (unlikely(ret)) { ARMCPU *cpu =3D ARM_CPU(cs); - uint32_t fsc; =20 if (retaddr) { /* now we have a real cpu fault */ cpu_restore_state(cs, retaddr); } =20 - if (fsr & (1 << 9)) { - /* LPAE format fault status register : bottom 6 bits are - * status code in the same form as needed for syndrome - */ - fsc =3D extract32(fsr, 0, 6); - } else { - /* Short format FSR : this fault will never actually be report= ed - * to an EL that uses a syndrome register. Use a (currently) - * reserved FSR code in case the constructed syndrome does leak - * into the guest somehow. deliver_fault will assert that - * we don't target an EL using the syndrome. - */ - fsc =3D 0x3f; - } - - deliver_fault(cpu, addr, access_type, fsr, fsc, &fi); + deliver_fault(cpu, addr, access_type, mmu_idx, &fi); } } =20 @@ -206,27 +198,15 @@ void arm_cpu_do_unaligned_access(CPUState *cs, vaddr = vaddr, int mmu_idx, uintptr_t retaddr) { ARMCPU *cpu =3D ARM_CPU(cs); - CPUARMState *env =3D &cpu->env; - uint32_t fsr, fsc; ARMMMUFaultInfo fi =3D {}; - ARMMMUIdx arm_mmu_idx =3D core_to_arm_mmu_idx(env, mmu_idx); =20 if (retaddr) { /* now we have a real cpu fault */ cpu_restore_state(cs, retaddr); } =20 - /* the DFSR for an alignment fault depends on whether we're using - * the LPAE long descriptor format, or the short descriptor format - */ - if (arm_s1_regime_using_lpae_format(env, arm_mmu_idx)) { - fsr =3D (1 << 9) | 0x21; - } else { - fsr =3D 0x1; - } - fsc =3D 0x21; - - deliver_fault(cpu, vaddr, access_type, fsr, fsc, &fi); + fi.type =3D ARMFault_Alignment; + deliver_fault(cpu, vaddr, access_type, mmu_idx, &fi); } =20 /* arm_cpu_do_transaction_failed: handle a memory system error response @@ -240,10 +220,7 @@ void arm_cpu_do_transaction_failed(CPUState *cs, hwadd= r physaddr, MemTxResult response, uintptr_t retaddr) { ARMCPU *cpu =3D ARM_CPU(cs); - CPUARMState *env =3D &cpu->env; - uint32_t fsr, fsc; ARMMMUFaultInfo fi =3D {}; - ARMMMUIdx arm_mmu_idx =3D core_to_arm_mmu_idx(env, mmu_idx); =20 if (retaddr) { /* now we have a real cpu fault */ @@ -256,20 +233,8 @@ void arm_cpu_do_transaction_failed(CPUState *cs, hwadd= r physaddr, * Slave error (1); in QEMU we follow that. */ fi.ea =3D (response !=3D MEMTX_DECODE_ERROR); - - /* The fault status register format depends on whether we're using - * the LPAE long descriptor format, or the short descriptor format. - */ - if (arm_s1_regime_using_lpae_format(env, arm_mmu_idx)) { - /* long descriptor form, STATUS 0b010000: synchronous ext abort */ - fsr =3D (fi.ea << 12) | (1 << 9) | 0x10; - } else { - /* short descriptor form, FSR 0b01000 : synchronous ext abort */ - fsr =3D (fi.ea << 12) | 0x8; - } - fsc =3D 0x10; - - deliver_fault(cpu, addr, access_type, fsr, fsc, &fi); + fi.type =3D ARMFault_SyncExternal; + deliver_fault(cpu, addr, access_type, mmu_idx, &fi); } =20 #endif /* !defined(CONFIG_USER_ONLY) */ --=20 2.7.4