[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH 11/35] target/arm: Make EL2 cpreg accessfns safe for FEAT_NV EL1
From: |
Peter Maydell |
Subject: |
[PATCH 11/35] target/arm: Make EL2 cpreg accessfns safe for FEAT_NV EL1 accesses |
Date: |
Mon, 18 Dec 2023 11:32:41 +0000 |
FEAT_NV and FEAT_NV2 will allow EL1 to attempt to access cpregs that
only exist at EL2. This means we're going to want to run their
accessfns when the CPU is at EL1. In almost all cases, the behaviour
we want is "the accessfn returns OK if at EL1".
Mostly the accessfn already does the right thing; in a few cases we
need to explicitly check that the EL is not 1 before applying various
trap controls, or split out an accessfn used both for an _EL1 and an
_EL2 register into two so we can handle the FEAT_NV case correctly
for the _EL2 register.
There are two registers where we want the accessfn to trap for
a FEAT_NV EL1 access: VSTTBR_EL2 and VSTCR_EL2 should UNDEF
an access from NonSecure EL1, not trap to EL2 under FEAT_NV.
The way we have written sel2_access() already results in this
behaviour.
We can identify the registers we care about here because they
all have opc1 == 4 or 5.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/debug_helper.c | 12 +++++++-
target/arm/helper.c | 65 ++++++++++++++++++++++++++++++++++-----
2 files changed, 69 insertions(+), 8 deletions(-)
diff --git a/target/arm/debug_helper.c b/target/arm/debug_helper.c
index 83d2619080f..b39144d5b93 100644
--- a/target/arm/debug_helper.c
+++ b/target/arm/debug_helper.c
@@ -844,6 +844,16 @@ static CPAccessResult access_tda(CPUARMState *env, const
ARMCPRegInfo *ri,
return CP_ACCESS_OK;
}
+static CPAccessResult access_dbgvcr32(CPUARMState *env, const ARMCPRegInfo *ri,
+ bool isread)
+{
+ /* MCDR_EL3.TDMA doesn't apply for FEAT_NV traps */
+ if (arm_current_el(env) == 2 && (env->cp15.mdcr_el3 & MDCR_TDA)) {
+ return CP_ACCESS_TRAP_EL3;
+ }
+ return CP_ACCESS_OK;
+}
+
/*
* Check for traps to Debug Comms Channel registers. If FEAT_FGT
* is implemented then these are controlled by MDCR_EL2.TDCC for
@@ -1062,7 +1072,7 @@ static const ARMCPRegInfo debug_aa32_el1_reginfo[] = {
*/
{ .name = "DBGVCR32_EL2", .state = ARM_CP_STATE_AA64,
.opc0 = 2, .opc1 = 4, .crn = 0, .crm = 7, .opc2 = 0,
- .access = PL2_RW, .accessfn = access_tda,
+ .access = PL2_RW, .accessfn = access_dbgvcr32,
.type = ARM_CP_NOP | ARM_CP_EL3_NO_EL2_KEEP },
};
diff --git a/target/arm/helper.c b/target/arm/helper.c
index e90eb5e16f3..44005665d12 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -3308,6 +3308,11 @@ static const ARMCPRegInfo generic_timer_cp_reginfo[] = {
static CPAccessResult e2h_access(CPUARMState *env, const ARMCPRegInfo *ri,
bool isread)
{
+ if (arm_current_el(env) == 1) {
+ /* This must be a FEAT_NV access */
+ /* TODO: FEAT_ECV will need to check CNTHCTL_EL2 here */
+ return CP_ACCESS_OK;
+ }
if (!(arm_hcr_el2_eff(env) & HCR_E2H)) {
return CP_ACCESS_TRAP;
}
@@ -5998,7 +6003,7 @@ static void hcrx_write(CPUARMState *env, const
ARMCPRegInfo *ri,
static CPAccessResult access_hxen(CPUARMState *env, const ARMCPRegInfo *ri,
bool isread)
{
- if (arm_current_el(env) < 3
+ if (arm_current_el(env) == 2
&& arm_feature(env, ARM_FEATURE_EL3)
&& !(env->cp15.scr_el3 & SCR_HXEN)) {
return CP_ACCESS_TRAP_EL3;
@@ -6523,6 +6528,15 @@ static CPAccessResult el2_e2h_e12_access(CPUARMState
*env,
const ARMCPRegInfo *ri,
bool isread)
{
+ if (arm_current_el(env) == 1) {
+ /*
+ * This must be a FEAT_NV access (will either trap or redirect
+ * to memory). None of the registers with _EL12 aliases want to
+ * apply their trap controls for this kind of access, so don't
+ * call the orig_accessfn or do the "UNDEF when E2H is 0" check.
+ */
+ return CP_ACCESS_OK;
+ }
/* FOO_EL12 aliases only exist when E2H is 1; otherwise they UNDEF */
if (!(arm_hcr_el2_eff(env) & HCR_E2H)) {
return CP_ACCESS_TRAP_UNCATEGORIZED;
@@ -6999,10 +7013,21 @@ static CPAccessResult access_tpidr2(CPUARMState *env,
const ARMCPRegInfo *ri,
return CP_ACCESS_OK;
}
-static CPAccessResult access_esm(CPUARMState *env, const ARMCPRegInfo *ri,
- bool isread)
+static CPAccessResult access_smprimap(CPUARMState *env, const ARMCPRegInfo *ri,
+ bool isread)
+{
+ /* If EL1 this is a FEAT_NV access and CPTR_EL3.ESM doesn't apply */
+ if (arm_current_el(env) == 2
+ && arm_feature(env, ARM_FEATURE_EL3)
+ && !FIELD_EX64(env->cp15.cptr_el[3], CPTR_EL3, ESM)) {
+ return CP_ACCESS_TRAP_EL3;
+ }
+ return CP_ACCESS_OK;
+}
+
+static CPAccessResult access_smpri(CPUARMState *env, const ARMCPRegInfo *ri,
+ bool isread)
{
- /* TODO: FEAT_FGT for SMPRI_EL1 but not SMPRIMAP_EL2 */
if (arm_current_el(env) < 3
&& arm_feature(env, ARM_FEATURE_EL3)
&& !FIELD_EX64(env->cp15.cptr_el[3], CPTR_EL3, ESM)) {
@@ -7121,12 +7146,12 @@ static const ARMCPRegInfo sme_reginfo[] = {
*/
{ .name = "SMPRI_EL1", .state = ARM_CP_STATE_AA64,
.opc0 = 3, .opc1 = 0, .crn = 1, .crm = 2, .opc2 = 4,
- .access = PL1_RW, .accessfn = access_esm,
+ .access = PL1_RW, .accessfn = access_smpri,
.fgt = FGT_NSMPRI_EL1,
.type = ARM_CP_CONST, .resetvalue = 0 },
{ .name = "SMPRIMAP_EL2", .state = ARM_CP_STATE_AA64,
.opc0 = 3, .opc1 = 4, .crn = 1, .crm = 2, .opc2 = 5,
- .access = PL2_RW, .accessfn = access_esm,
+ .access = PL2_RW, .accessfn = access_smprimap,
.type = ARM_CP_CONST, .resetvalue = 0 },
};
@@ -7769,7 +7794,33 @@ static CPAccessResult access_mte(CPUARMState *env, const
ARMCPRegInfo *ri,
bool isread)
{
int el = arm_current_el(env);
+ if (el < 2 && arm_is_el2_enabled(env)) {
+ uint64_t hcr = arm_hcr_el2_eff(env);
+ if (!(hcr & HCR_ATA) && (!(hcr & HCR_E2H) || !(hcr & HCR_TGE))) {
+ return CP_ACCESS_TRAP_EL2;
+ }
+ }
+ if (el < 3 &&
+ arm_feature(env, ARM_FEATURE_EL3) &&
+ !(env->cp15.scr_el3 & SCR_ATA)) {
+ return CP_ACCESS_TRAP_EL3;
+ }
+ return CP_ACCESS_OK;
+}
+static CPAccessResult access_tfsr_el2(CPUARMState *env, const ARMCPRegInfo *ri,
+ bool isread)
+{
+ /*
+ * TFSR_EL2: similar to generic access_mte(), but we need to
+ * account for FEAT_NV. At EL1 this must be a FEAT_NV access;
+ * we will trap to EL2 and the HCR/SCR traps do not apply.
+ */
+ int el = arm_current_el(env);
+
+ if (el == 1) {
+ return CP_ACCESS_OK;
+ }
if (el < 2 && arm_is_el2_enabled(env)) {
uint64_t hcr = arm_hcr_el2_eff(env);
if (!(hcr & HCR_ATA) && (!(hcr & HCR_E2H) || !(hcr & HCR_TGE))) {
@@ -7805,7 +7856,7 @@ static const ARMCPRegInfo mte_reginfo[] = {
.fieldoffset = offsetof(CPUARMState, cp15.tfsr_el[1]) },
{ .name = "TFSR_EL2", .state = ARM_CP_STATE_AA64,
.opc0 = 3, .opc1 = 4, .crn = 5, .crm = 6, .opc2 = 0,
- .access = PL2_RW, .accessfn = access_mte,
+ .access = PL2_RW, .accessfn = access_tfsr_el2,
.fieldoffset = offsetof(CPUARMState, cp15.tfsr_el[2]) },
{ .name = "TFSR_EL3", .state = ARM_CP_STATE_AA64,
.opc0 = 3, .opc1 = 6, .crn = 5, .crm = 6, .opc2 = 0,
--
2.34.1
- [PATCH 02/35] target/arm: Set CTR_EL0.{IDC,DIC} for the 'max' CPU, (continued)
- [PATCH 02/35] target/arm: Set CTR_EL0.{IDC,DIC} for the 'max' CPU, Peter Maydell, 2023/12/18
- [PATCH 06/35] target/arm: Enable trapping of ERET for FEAT_NV, Peter Maydell, 2023/12/18
- [PATCH 07/35] target/arm: Always honour HCR_EL2.TSC when HCR_EL2.NV is set, Peter Maydell, 2023/12/18
- [PATCH 08/35] target/arm: Allow use of upper 32 bits of TBFLAG_A64, Peter Maydell, 2023/12/18
- [PATCH 09/35] target/arm: Record correct opcode fields in cpreg for E2H aliases, Peter Maydell, 2023/12/18
- [PATCH 11/35] target/arm: Make EL2 cpreg accessfns safe for FEAT_NV EL1 accesses,
Peter Maydell <=
- [PATCH 10/35] target/arm: *_EL12 registers should UNDEF when HCR_EL2.E2H is 0, Peter Maydell, 2023/12/18
- [PATCH 12/35] target/arm: Move FPU/SVE/SME access checks up above ARM_CP_SPECIAL_MASK check, Peter Maydell, 2023/12/18
- [PATCH 13/35] target/arm: Trap sysreg accesses for FEAT_NV, Peter Maydell, 2023/12/18
- [PATCH 18/35] target/arm: Don't honour PSTATE.PAN when HCR_EL2.{NV, NV1} == {1, 1}, Peter Maydell, 2023/12/18
- [PATCH 19/35] target/arm: Treat LDTR* and STTR* as LDR/STR when NV, NV1 is 1, 1, Peter Maydell, 2023/12/18