[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH 05/26] target/arm: Honour M-profile FP enable bits
From: |
Peter Maydell |
Subject: |
[Qemu-devel] [PATCH 05/26] target/arm: Honour M-profile FP enable bits |
Date: |
Tue, 16 Apr 2019 13:57:23 +0100 |
Like AArch64, M-profile floating point has no FPEXC enable
bit to gate floating point; so always set the VFPEN TB flag.
M-profile also has CPACR and NSACR similar to A-profile;
they behave slightly differently:
* the CPACR is banked between Secure and Non-Secure
* if the NSACR forces a trap then this is taken to
the Secure state, not the Non-Secure state
Honour the CPACR and NSACR settings. The NSACR handling
requires us to borrow the exception.target_el field
(usually meaningless for M profile) to distinguish the
NOCP UsageFault taken to Secure state from the more
usual fault taken to the current security state.
Signed-off-by: Peter Maydell <address@hidden>
---
target/arm/helper.c | 55 +++++++++++++++++++++++++++++++++++++++---
target/arm/translate.c | 10 ++++++--
2 files changed, 60 insertions(+), 5 deletions(-)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index a36f4b3d699..27e5f98bc73 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -7561,6 +7561,25 @@ uint32_t arm_phys_excp_target_el(CPUState *cs, uint32_t
excp_idx,
return target_el;
}
+/*
+ * Return true if the v7M CPACR permits access to the FPU for the specified
+ * security state and privilege level.
+ */
+static bool v7m_cpacr_pass(CPUARMState *env, bool is_secure, bool is_priv)
+{
+ switch (extract32(env->v7m.cpacr[is_secure], 20, 2)) {
+ case 0:
+ case 2: /* UNPREDICTABLE: we treat like 0 */
+ return false;
+ case 1:
+ return is_priv;
+ case 3:
+ return true;
+ default:
+ g_assert_not_reached();
+ }
+}
+
static bool v7m_stack_write(ARMCPU *cpu, uint32_t addr, uint32_t value,
ARMMMUIdx mmu_idx, bool ignfault)
{
@@ -8820,9 +8839,23 @@ void arm_v7m_cpu_do_interrupt(CPUState *cs)
env->v7m.cfsr[env->v7m.secure] |= R_V7M_CFSR_UNDEFINSTR_MASK;
break;
case EXCP_NOCP:
- armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_USAGE, env->v7m.secure);
- env->v7m.cfsr[env->v7m.secure] |= R_V7M_CFSR_NOCP_MASK;
+ {
+ /*
+ * NOCP might be directed to something other than the current
+ * security state if this fault is because of NSACR; we indicate
+ * the target security state using exception.target_el.
+ */
+ int target_secstate;
+
+ if (env->exception.target_el == 3) {
+ target_secstate = M_REG_S;
+ } else {
+ target_secstate = env->v7m.secure;
+ }
+ armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_USAGE, target_secstate);
+ env->v7m.cfsr[target_secstate] |= R_V7M_CFSR_NOCP_MASK;
break;
+ }
case EXCP_INVSTATE:
armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_USAGE, env->v7m.secure);
env->v7m.cfsr[env->v7m.secure] |= R_V7M_CFSR_INVSTATE_MASK;
@@ -12756,6 +12789,22 @@ int fp_exception_el(CPUARMState *env, int cur_el)
return 0;
}
+ if (arm_feature(env, ARM_FEATURE_M)) {
+ /* CPACR can cause a NOCP UsageFault taken to current security state */
+ if (!v7m_cpacr_pass(env, env->v7m.secure, cur_el != 0)) {
+ return 1;
+ }
+
+ if (arm_feature(env, ARM_FEATURE_M_SECURITY) && !env->v7m.secure) {
+ if (!extract32(env->v7m.nsacr, 10, 1)) {
+ /* FP insns cause a NOCP UsageFault taken to Secure */
+ return 3;
+ }
+ }
+
+ return 0;
+ }
+
/* The CPACR controls traps to EL1, or PL1 if we're 32 bit:
* 0, 2 : trap EL0 and EL1/PL1 accesses
* 1 : trap only EL0 accesses
@@ -12943,7 +12992,7 @@ void cpu_get_tb_cpu_state(CPUARMState *env,
target_ulong *pc,
flags = FIELD_DP32(flags, TBFLAG_A32, SCTLR_B, arm_sctlr_b(env));
flags = FIELD_DP32(flags, TBFLAG_A32, NS, !access_secure_reg(env));
if (env->vfp.xregs[ARM_VFP_FPEXC] & (1 << 30)
- || arm_el_is_aa64(env, 1)) {
+ || arm_el_is_aa64(env, 1) || arm_feature(env, ARM_FEATURE_M)) {
flags = FIELD_DP32(flags, TBFLAG_A32, VFPEN, 1);
}
flags = FIELD_DP32(flags, TBFLAG_A32, XSCALE_CPAR, env->cp15.c15_cpar);
diff --git a/target/arm/translate.c b/target/arm/translate.c
index d56488ec847..bb539111179 100644
--- a/target/arm/translate.c
+++ b/target/arm/translate.c
@@ -3398,8 +3398,14 @@ static int disas_vfp_insn(DisasContext *s, uint32_t insn)
* for attempts to execute invalid vfp/neon encodings with FP disabled.
*/
if (s->fp_excp_el) {
- gen_exception_insn(s, 4, EXCP_UDEF,
- syn_fp_access_trap(1, 0xe, false), s->fp_excp_el);
+ if (arm_dc_feature(s, ARM_FEATURE_M)) {
+ gen_exception_insn(s, 4, EXCP_NOCP, syn_uncategorized(),
+ s->fp_excp_el);
+ } else {
+ gen_exception_insn(s, 4, EXCP_UDEF,
+ syn_fp_access_trap(1, 0xe, false),
+ s->fp_excp_el);
+ }
return 0;
}
--
2.20.1
- [Qemu-devel] [PATCH 04/26] target/arm: Disable most VFP sysregs for M-profile, (continued)
- [Qemu-devel] [PATCH 04/26] target/arm: Disable most VFP sysregs for M-profile, Peter Maydell, 2019/04/16
- [Qemu-devel] [PATCH 06/26] target/arm: Decode FP instructions for M profile, Peter Maydell, 2019/04/16
- [Qemu-devel] [PATCH 07/26] target/arm: Clear CONTROL_S.SFPA in SG insn if FPU present, Peter Maydell, 2019/04/16
- [Qemu-devel] [PATCH 09/26] target/arm/helper: don't return early for STKOF faults during stacking, Peter Maydell, 2019/04/16
- [Qemu-devel] [PATCH 10/26] target/arm: Handle floating point registers in exception entry, Peter Maydell, 2019/04/16
- [Qemu-devel] [PATCH 05/26] target/arm: Honour M-profile FP enable bits,
Peter Maydell <=
- [Qemu-devel] [PATCH 08/26] target/arm: Handle SFPA and FPCA bits in reads and writes of CONTROL, Peter Maydell, 2019/04/16
- [Qemu-devel] [PATCH 11/26] target/arm: Implement v7m_update_fpccr(), Peter Maydell, 2019/04/16
- [Qemu-devel] [PATCH 12/26] target/arm: Clear CONTROL.SFPA in BXNS and BLXNS, Peter Maydell, 2019/04/16
- [Qemu-devel] [PATCH 14/26] target/arm: Allow for floating point in callee stack integrity check, Peter Maydell, 2019/04/16
- [Qemu-devel] [PATCH 13/26] target/arm: Clean excReturn bits when tail chaining, Peter Maydell, 2019/04/16