From: Peter Maydell <peter.maydell@linaro.org>
To: qemu-devel@nongnu.org
Subject: [Qemu-devel] [PULL 03/48] target/arm: Implement NSACR gating of floating point
Date: Thu, 13 Jun 2019 13:13:48 +0100 [thread overview]
Message-ID: <20190613121433.5246-4-peter.maydell@linaro.org> (raw)
In-Reply-To: <20190613121433.5246-1-peter.maydell@linaro.org>
The NSACR register allows secure code to configure the FPU
to be inaccessible to non-secure code. If the NSACR.CP10
bit is set then:
* NS accesses to the FPU trap as UNDEF (ie to NS EL1 or EL2)
* CPACR.{CP10,CP11} behave as if RAZ/WI
* HCPTR.{TCP11,TCP10} behave as if RAO/WI
Note that we do not implement the NSACR.NSASEDIS bit which
gates only access to Advanced SIMD, in the same way that
we don't implement the equivalent CPACR.ASEDIS and HCPTR.TASE.
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20190510110357.18825-1-peter.maydell@linaro.org
---
target/arm/helper.c | 75 +++++++++++++++++++++++++++++++++++++++++++--
1 file changed, 73 insertions(+), 2 deletions(-)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 188fb1950ef..df4276f5f6c 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -930,9 +930,36 @@ static void cpacr_write(CPUARMState *env, const ARMCPRegInfo *ri,
}
value &= mask;
}
+
+ /*
+ * For A-profile AArch32 EL3 (but not M-profile secure mode), if NSACR.CP10
+ * is 0 then CPACR.{CP11,CP10} ignore writes and read as 0b00.
+ */
+ if (arm_feature(env, ARM_FEATURE_EL3) && !arm_el_is_aa64(env, 3) &&
+ !arm_is_secure(env) && !extract32(env->cp15.nsacr, 10, 1)) {
+ value &= ~(0xf << 20);
+ value |= env->cp15.cpacr_el1 & (0xf << 20);
+ }
+
env->cp15.cpacr_el1 = value;
}
+static uint64_t cpacr_read(CPUARMState *env, const ARMCPRegInfo *ri)
+{
+ /*
+ * For A-profile AArch32 EL3 (but not M-profile secure mode), if NSACR.CP10
+ * is 0 then CPACR.{CP11,CP10} ignore writes and read as 0b00.
+ */
+ uint64_t value = env->cp15.cpacr_el1;
+
+ if (arm_feature(env, ARM_FEATURE_EL3) && !arm_el_is_aa64(env, 3) &&
+ !arm_is_secure(env) && !extract32(env->cp15.nsacr, 10, 1)) {
+ value &= ~(0xf << 20);
+ }
+ return value;
+}
+
+
static void cpacr_reset(CPUARMState *env, const ARMCPRegInfo *ri)
{
/* Call cpacr_write() so that we reset with the correct RAO bits set
@@ -998,7 +1025,7 @@ static const ARMCPRegInfo v6_cp_reginfo[] = {
{ .name = "CPACR", .state = ARM_CP_STATE_BOTH, .opc0 = 3,
.crn = 1, .crm = 0, .opc1 = 0, .opc2 = 2, .accessfn = cpacr_access,
.access = PL1_RW, .fieldoffset = offsetof(CPUARMState, cp15.cpacr_el1),
- .resetfn = cpacr_reset, .writefn = cpacr_write },
+ .resetfn = cpacr_reset, .writefn = cpacr_write, .readfn = cpacr_read },
REGINFO_SENTINEL
};
@@ -4683,6 +4710,36 @@ uint64_t arm_hcr_el2_eff(CPUARMState *env)
return ret;
}
+static void cptr_el2_write(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value)
+{
+ /*
+ * For A-profile AArch32 EL3, if NSACR.CP10
+ * is 0 then HCPTR.{TCP11,TCP10} ignore writes and read as 1.
+ */
+ if (arm_feature(env, ARM_FEATURE_EL3) && !arm_el_is_aa64(env, 3) &&
+ !arm_is_secure(env) && !extract32(env->cp15.nsacr, 10, 1)) {
+ value &= ~(0x3 << 10);
+ value |= env->cp15.cptr_el[2] & (0x3 << 10);
+ }
+ env->cp15.cptr_el[2] = value;
+}
+
+static uint64_t cptr_el2_read(CPUARMState *env, const ARMCPRegInfo *ri)
+{
+ /*
+ * For A-profile AArch32 EL3, if NSACR.CP10
+ * is 0 then HCPTR.{TCP11,TCP10} ignore writes and read as 1.
+ */
+ uint64_t value = env->cp15.cptr_el[2];
+
+ if (arm_feature(env, ARM_FEATURE_EL3) && !arm_el_is_aa64(env, 3) &&
+ !arm_is_secure(env) && !extract32(env->cp15.nsacr, 10, 1)) {
+ value |= 0x3 << 10;
+ }
+ return value;
+}
+
static const ARMCPRegInfo el2_cp_reginfo[] = {
{ .name = "HCR_EL2", .state = ARM_CP_STATE_AA64,
.type = ARM_CP_IO,
@@ -4730,7 +4787,8 @@ static const ARMCPRegInfo el2_cp_reginfo[] = {
{ .name = "CPTR_EL2", .state = ARM_CP_STATE_BOTH,
.opc0 = 3, .opc1 = 4, .crn = 1, .crm = 1, .opc2 = 2,
.access = PL2_RW, .accessfn = cptr_access, .resetvalue = 0,
- .fieldoffset = offsetof(CPUARMState, cp15.cptr_el[2]) },
+ .fieldoffset = offsetof(CPUARMState, cp15.cptr_el[2]),
+ .readfn = cptr_el2_read, .writefn = cptr_el2_write },
{ .name = "MAIR_EL2", .state = ARM_CP_STATE_BOTH,
.opc0 = 3, .opc1 = 4, .crn = 10, .crm = 2, .opc2 = 0,
.access = PL2_RW, .fieldoffset = offsetof(CPUARMState, cp15.mair_el[2]),
@@ -13587,6 +13645,19 @@ int fp_exception_el(CPUARMState *env, int cur_el)
break;
}
+ /*
+ * The NSACR allows A-profile AArch32 EL3 and M-profile secure mode
+ * to control non-secure access to the FPU. It doesn't have any
+ * effect if EL3 is AArch64 or if EL3 doesn't exist at all.
+ */
+ if ((arm_feature(env, ARM_FEATURE_EL3) && !arm_el_is_aa64(env, 3) &&
+ cur_el <= 2 && !arm_is_secure_below_el3(env))) {
+ if (!extract32(env->cp15.nsacr, 10, 1)) {
+ /* FP insns act as UNDEF */
+ return cur_el == 2 ? 2 : 1;
+ }
+ }
+
/* For the CPTR registers we don't need to guard with an ARM_FEATURE
* check because zero bits in the registers mean "don't trap".
*/
--
2.20.1
next prev parent reply other threads:[~2019-06-13 12:36 UTC|newest]
Thread overview: 52+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-13 12:13 [Qemu-devel] [PULL 00/48] target-arm queue Peter Maydell
2019-06-13 12:13 ` [Qemu-devel] [PULL 01/48] target/arm: Vectorize USHL and SSHL Peter Maydell
2019-06-13 14:11 ` Peter Maydell
2019-06-13 12:13 ` [Qemu-devel] [PULL 02/48] target/arm: Use tcg_gen_gvec_bitsel Peter Maydell
2019-06-13 12:13 ` Peter Maydell [this message]
2019-06-13 12:13 ` [Qemu-devel] [PULL 04/48] hw/arm/smmuv3: Fix decoding of ID register range Peter Maydell
2019-06-13 12:13 ` [Qemu-devel] [PULL 05/48] hw/core/bus.c: Only the main system bus can have no parent Peter Maydell
2019-06-13 12:13 ` [Qemu-devel] [PULL 06/48] target/arm: Fix output of PAuth Auth Peter Maydell
2019-06-13 12:13 ` [Qemu-devel] [PULL 07/48] decodetree: Fix comparison of Field Peter Maydell
2019-06-13 12:13 ` [Qemu-devel] [PULL 08/48] target/arm: Add stubs for AArch32 VFP decodetree Peter Maydell
2019-06-13 12:13 ` [Qemu-devel] [PULL 09/48] target/arm: Factor out VFP access checking code Peter Maydell
2019-06-13 12:13 ` [Qemu-devel] [PULL 10/48] target/arm: Fix Cortex-R5F MVFR values Peter Maydell
2019-06-13 12:13 ` [Qemu-devel] [PULL 11/48] target/arm: Explicitly enable VFP short-vectors for aarch32 -cpu max Peter Maydell
2019-06-13 12:13 ` [Qemu-devel] [PULL 12/48] target/arm: Convert the VSEL instructions to decodetree Peter Maydell
2019-06-13 12:13 ` [Qemu-devel] [PULL 13/48] target/arm: Convert VMINNM, VMAXNM " Peter Maydell
2019-06-13 12:13 ` [Qemu-devel] [PULL 14/48] target/arm: Convert VRINTA/VRINTN/VRINTP/VRINTM " Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 15/48] target/arm: Convert VCVTA/VCVTN/VCVTP/VCVTM " Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 16/48] target/arm: Move the VFP trans_* functions to translate-vfp.inc.c Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 17/48] target/arm: Add helpers for VFP register loads and stores Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 18/48] target/arm: Convert "double-precision" register moves to decodetree Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 19/48] target/arm: Convert "single-precision" " Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 20/48] target/arm: Convert VFP two-register transfer insns " Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 21/48] target/arm: Convert VFP VLDR and VSTR " Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 22/48] target/arm: Convert the VFP load/store multiple insns " Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 23/48] target/arm: Remove VLDR/VSTR/VLDM/VSTM use of cpu_F0s and cpu_F0d Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 24/48] target/arm: Convert VFP VMLA to decodetree Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 25/48] target/arm: Convert VFP VMLS " Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 26/48] target/arm: Convert VFP VNMLS " Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 27/48] target/arm: Convert VFP VNMLA " Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 28/48] target/arm: Convert VMUL " Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 29/48] target/arm: Convert VNMUL " Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 30/48] target/arm: Convert VADD " Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 31/48] target/arm: Convert VSUB " Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 32/48] target/arm: Convert VDIV " Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 33/48] target/arm: Convert VFP fused multiply-add insns " Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 34/48] target/arm: Convert VMOV (imm) " Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 35/48] target/arm: Convert VABS " Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 36/48] target/arm: Convert VNEG " Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 37/48] target/arm: Convert VSQRT " Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 38/48] target/arm: Convert VMOV (register) " Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 39/48] target/arm: Convert VFP comparison insns " Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 40/48] target/arm: Convert the VCVT-from-f16 " Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 41/48] target/arm: Convert the VCVT-to-f16 " Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 42/48] target/arm: Convert VFP round " Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 43/48] target/arm: Convert double-single precision conversion " Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 44/48] target/arm: Convert integer-to-float " Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 45/48] target/arm: Convert VJCVT " Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 46/48] target/arm: Convert VCVT fp/fixed-point conversion insns " Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 47/48] target/arm: Convert float-to-integer VCVT " Peter Maydell
2019-06-13 12:14 ` [Qemu-devel] [PULL 48/48] target/arm: Fix short-vector increment behaviour Peter Maydell
2019-06-13 14:18 ` [Qemu-devel] [PULL 00/48] target-arm queue no-reply
2019-06-13 16:51 ` no-reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190613121433.5246-4-peter.maydell@linaro.org \
--to=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).