From: Richard Henderson <richard.henderson@linaro.org>
To: qemu-devel@nongnu.org
Cc: qemu-arm@nongnu.org
Subject: [PATCH v2 19/37] target/arm: Implement MRRS, MSRR, SYSP
Date: Tue, 14 Oct 2025 13:07:00 -0700 [thread overview]
Message-ID: <20251014200718.422022-20-richard.henderson@linaro.org> (raw)
In-Reply-To: <20251014200718.422022-1-richard.henderson@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/arm/tcg/translate-a64.c | 169 +++++++++++++++++++++++++--------
target/arm/tcg/a64.decode | 12 ++-
2 files changed, 139 insertions(+), 42 deletions(-)
diff --git a/target/arm/tcg/translate-a64.c b/target/arm/tcg/translate-a64.c
index 918d5ed112..c3b717b408 100644
--- a/target/arm/tcg/translate-a64.c
+++ b/target/arm/tcg/translate-a64.c
@@ -2752,17 +2752,23 @@ redirect_cpreg(DisasContext *s, uint32_t key, bool isread)
/* MRS - move from system register
* MSR (register) - move to system register
+ * MRRS
+ * MSRR
* SYS
* SYSL
+ * SYSP
* These are all essentially the same insn in 'read' and 'write'
* versions, with varying op0 fields.
+ *
+ * RT2 is non-zero if and only if this is a 128-bit access.
*/
static void handle_sys(DisasContext *s, bool isread,
unsigned int op0, unsigned int op1, unsigned int op2,
- unsigned int crn, unsigned int crm, unsigned int rt)
+ unsigned int crn, unsigned int crm, unsigned int rt,
+ unsigned int rt2)
{
uint32_t key = ENCODE_AA64_CP_REG(op0, op1, crn, crm, op2);
- const ARMCPRegInfo *ri = get_arm_cp_reginfo(s->cp_regs, key);
+ const ARMCPRegInfo *ri;
bool need_exit_tb = false;
bool nv_trap_to_el2 = false;
bool nv_redirect_reg = false;
@@ -2770,7 +2776,16 @@ static void handle_sys(DisasContext *s, bool isread,
bool nv2_mem_redirect = false;
TCGv_ptr tcg_ri = NULL;
TCGv_i64 tcg_rt;
- uint32_t syndrome = syn_aa64_sysregtrap(op0, op1, op2, crn, crm, rt, isread);
+ uint32_t syndrome;
+ bool is128 = rt2 != 0;
+
+ if (is128) {
+ key |= CP_REG_AA64_128BIT_MASK;
+ syndrome = syn_aa64_sysreg128trap(op0, op1, op2, crn, crm, rt, isread);
+ } else {
+ syndrome = syn_aa64_sysregtrap(op0, op1, op2, crn, crm, rt, isread);
+ }
+ ri = get_arm_cp_reginfo(s->cp_regs, key);
if (crn == 11 || crn == 15) {
/*
@@ -2790,12 +2805,14 @@ static void handle_sys(DisasContext *s, bool isread,
}
if (!ri) {
- /* Unknown register; this might be a guest error or a QEMU
- * unimplemented feature.
+ /*
+ * Unknown register, or 128-bit access to a 64-bit register.
+ * This might be a guest error or a QEMU unimplemented feature.
*/
- qemu_log_mask(LOG_UNIMP, "%s access to unsupported AArch64 "
+ qemu_log_mask(LOG_UNIMP, "%s%s access to unsupported AArch64 "
"system register op0:%d op1:%d crn:%d crm:%d op2:%d\n",
- isread ? "read" : "write", op0, op1, crn, crm, op2);
+ isread ? "read" : "write", is128 ? "128" : "",
+ op0, op1, crn, crm, op2);
gen_sysreg_undef(s, isread, op0, op1, op2, crn, crm, rt);
return;
}
@@ -2918,7 +2935,7 @@ static void handle_sys(DisasContext *s, bool isread,
* We don't use the EL1 register's access function, and
* fine-grained-traps on EL1 also do not apply here.
*/
- key = ENCODE_AA64_CP_REG(op0, 0, crn, crm, op2);
+ key &= ~CP_REG_ARM64_SYSREG_OP1_MASK;
ri = redirect_cpreg(s, key, isread);
/*
* We might not have done an update_pc earlier, so check we don't
@@ -2933,32 +2950,44 @@ static void handle_sys(DisasContext *s, bool isread,
* This means it is not an IO operation, doesn't change hflags,
* and need not end the TB, because it has no side effects.
*
- * The access is 64-bit single copy atomic, guaranteed aligned because
- * of the definition of VCNR_EL2. Its endianness depends on
- * SCTLR_EL2.EE, not on the data endianness of EL1.
- * It is done under either the EL2 translation regime or the EL2&0
- * translation regime, depending on HCR_EL2.E2H. It behaves as if
- * PSTATE.PAN is 0.
+ * The access is 64-bit (R_VFMQB) or 128-bit (R_BSBZP) single copy
+ * atomic, guaranteed aligned because of the definition of VCNR_EL2.
+ * Its endianness depends on SCTLR_EL2.EE, not on the data endianness
+ * of EL1. It is done under either the EL2 translation regime or
+ * the EL2&0 translation regime, depending on HCR_EL2.E2H.
+ * It behaves as if PSTATE.PAN is 0.
*/
TCGv_i64 ptr = tcg_temp_new_i64();
- MemOp mop = MO_64 | MO_ALIGN | MO_ATOM_IFALIGN;
+ MemOp mop = MO_ALIGN | MO_ATOM_IFALIGN;
ARMMMUIdx armmemidx = s->nv2_mem_e20 ? ARMMMUIdx_E20_2 : ARMMMUIdx_E2;
int memidx = arm_to_core_mmu_idx(armmemidx);
- uint32_t syn;
mop |= (s->nv2_mem_be ? MO_BE : MO_LE);
+ disas_set_insn_syndrome(s, syn_data_abort_vncr(0, !isread, 0));
tcg_gen_ld_i64(ptr, tcg_env, offsetof(CPUARMState, cp15.vncr_el2));
tcg_gen_addi_i64(ptr, ptr,
(ri->nv2_redirect_offset & ~NV2_REDIR_FLAG_MASK));
- tcg_rt = cpu_reg(s, rt);
- syn = syn_data_abort_vncr(0, !isread, 0);
- disas_set_insn_syndrome(s, syn);
- if (isread) {
- tcg_gen_qemu_ld_i64(tcg_rt, ptr, memidx, mop);
+ if (is128) {
+ TCGv_i128 t128 = tcg_temp_new_i128();
+
+ mop |= MO_128;
+ if (isread) {
+ tcg_gen_qemu_ld_i128(t128, ptr, memidx, mop);
+ tcg_gen_extr_i128_i64(cpu_reg(s, rt), cpu_reg(s, rt2), t128);
+ } else {
+ tcg_gen_concat_i64_i128(t128, cpu_reg(s, rt), cpu_reg(s, rt2));
+ tcg_gen_qemu_st_i128(t128, ptr, memidx, mop);
+ }
} else {
- tcg_gen_qemu_st_i64(tcg_rt, ptr, memidx, mop);
+ mop |= MO_64;
+ tcg_rt = cpu_reg(s, rt);
+ if (isread) {
+ tcg_gen_qemu_ld_i64(tcg_rt, ptr, memidx, mop);
+ } else {
+ tcg_gen_qemu_st_i64(tcg_rt, ptr, memidx, mop);
+ }
}
return;
}
@@ -3099,28 +3128,63 @@ static void handle_sys(DisasContext *s, bool isread,
tcg_rt = cpu_reg(s, rt);
- if (isread) {
- if (ri->type & ARM_CP_CONST) {
- tcg_gen_movi_i64(tcg_rt, ri->resetvalue);
- } else if (ri->readfn) {
- if (!tcg_ri) {
- tcg_ri = gen_lookup_cp_reg(key);
+ if (is128) {
+ TCGv_i64 tcg_rt2 = cpu_reg(s, rt2);
+
+ if (isread) {
+ if (ri->type & ARM_CP_CONST) {
+ /* E.g. TTBR0_EL2 is RES0 from EL3 when !FEAT_EL2. */
+ tcg_gen_movi_i64(tcg_rt, ri->resetvalue);
+ tcg_gen_movi_i64(tcg_rt2, 0);
+ } else if (ri->read128fn) {
+ TCGv_i128 t128 = tcg_temp_new_i128();
+ if (!tcg_ri) {
+ tcg_ri = gen_lookup_cp_reg(key);
+ }
+ gen_helper_get_cp_reg128(t128, tcg_env, tcg_ri);
+ tcg_gen_extr_i128_i64(tcg_rt, tcg_rt2, t128);
+ } else {
+ tcg_gen_ld_i64(tcg_rt, tcg_env, ri->fieldoffset);
+ tcg_gen_ld_i64(tcg_rt2, tcg_env, ri->fieldoffsethi);
}
- gen_helper_get_cp_reg64(tcg_rt, tcg_env, tcg_ri);
} else {
- tcg_gen_ld_i64(tcg_rt, tcg_env, ri->fieldoffset);
+ if (ri->type & ARM_CP_CONST) {
+ /* If not forbidden by access permissions, treat as WI */
+ return;
+ } else if (ri->write128fn) {
+ if (!tcg_ri) {
+ tcg_ri = gen_lookup_cp_reg(key);
+ }
+ gen_helper_set_cp_reg128(tcg_env, tcg_ri, tcg_rt, tcg_rt2);
+ } else {
+ tcg_gen_st_i64(tcg_rt, tcg_env, ri->fieldoffset);
+ tcg_gen_st_i64(tcg_rt2, tcg_env, ri->fieldoffsethi);
+ }
}
} else {
- if (ri->type & ARM_CP_CONST) {
- /* If not forbidden by access permissions, treat as WI */
- return;
- } else if (ri->writefn) {
- if (!tcg_ri) {
- tcg_ri = gen_lookup_cp_reg(key);
+ if (isread) {
+ if (ri->type & ARM_CP_CONST) {
+ tcg_gen_movi_i64(tcg_rt, ri->resetvalue);
+ } else if (ri->readfn) {
+ if (!tcg_ri) {
+ tcg_ri = gen_lookup_cp_reg(key);
+ }
+ gen_helper_get_cp_reg64(tcg_rt, tcg_env, tcg_ri);
+ } else {
+ tcg_gen_ld_i64(tcg_rt, tcg_env, ri->fieldoffset);
}
- gen_helper_set_cp_reg64(tcg_env, tcg_ri, tcg_rt);
} else {
- tcg_gen_st_i64(tcg_rt, tcg_env, ri->fieldoffset);
+ if (ri->type & ARM_CP_CONST) {
+ /* If not forbidden by access permissions, treat as WI */
+ return;
+ } else if (ri->writefn) {
+ if (!tcg_ri) {
+ tcg_ri = gen_lookup_cp_reg(key);
+ }
+ gen_helper_set_cp_reg64(tcg_env, tcg_ri, tcg_rt);
+ } else {
+ tcg_gen_st_i64(tcg_rt, tcg_env, ri->fieldoffset);
+ }
}
}
@@ -3144,7 +3208,34 @@ static void handle_sys(DisasContext *s, bool isread,
static bool trans_SYS(DisasContext *s, arg_SYS *a)
{
- handle_sys(s, a->l, a->op0, a->op1, a->op2, a->crn, a->crm, a->rt);
+ handle_sys(s, a->l, a->op0, a->op1, a->op2, a->crn, a->crm, a->rt, 0);
+ return true;
+}
+
+static bool trans_SYS128(DisasContext *s, arg_sys *a)
+{
+ if (!dc_isar_feature(aa64_sysreg128, s) || (a->rt & 1)) {
+ return false;
+ }
+ handle_sys(s, a->l, a->op0, a->op1, a->op2, a->crn, a->crm,
+ a->rt, a->rt + 1);
+ return true;
+}
+
+static bool trans_SYSP(DisasContext *s, arg_sys *a)
+{
+ int rt2;
+ if (!dc_isar_feature(aa64_sysinstr128, s)) {
+ return false;
+ }
+ if (a->rt == 31) {
+ rt2 = 31;
+ } else if (a->rt & 1) {
+ return false;
+ } else {
+ rt2 = a->rt + 1;
+ }
+ handle_sys(s, a->l, a->op0, a->op1, a->op2, a->crn, a->crm, a->rt, rt2);
return true;
}
diff --git a/target/arm/tcg/a64.decode b/target/arm/tcg/a64.decode
index 01b1b3e38b..c76757ed01 100644
--- a/target/arm/tcg/a64.decode
+++ b/target/arm/tcg/a64.decode
@@ -302,9 +302,15 @@ MSR_i_SVCR 1101 0101 0000 0 011 0100 0 mask:2 imm:1 011 11111
# same instruction as far as QEMU is concerned.
# NB: op0 is bits [20:19], but op0=0b00 is other insns, so we have
# to hand-decode it.
-SYS 1101 0101 00 l:1 01 op1:3 crn:4 crm:4 op2:3 rt:5 op0=1
-SYS 1101 0101 00 l:1 10 op1:3 crn:4 crm:4 op2:3 rt:5 op0=2
-SYS 1101 0101 00 l:1 11 op1:3 crn:4 crm:4 op2:3 rt:5 op0=3
+&sys l op0 op1 op2 crn crm rt
+SYS 1101 0101 00 l:1 01 op1:3 crn:4 crm:4 op2:3 rt:5 &sys op0=1
+SYS 1101 0101 00 l:1 10 op1:3 crn:4 crm:4 op2:3 rt:5 &sys op0=2
+SYS 1101 0101 00 l:1 11 op1:3 crn:4 crm:4 op2:3 rt:5 &sys op0=3
+
+# MRRS, MSRR
+SYS128 1101 0101 01 l:1 10 op1:3 crn:4 crm:4 op2:3 rt:5 &sys op0=2
+SYS128 1101 0101 01 l:1 11 op1:3 crn:4 crm:4 op2:3 rt:5 &sys op0=3
+SYSP 1101 0101 01 0 01 op1:3 crn:4 crm:4 op2:3 rt:5 &sys op0=1 l=0
# Exception generation
--
2.43.0
next prev parent reply other threads:[~2025-10-14 20:19 UTC|newest]
Thread overview: 79+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-14 20:06 [PATCH v2 00/37] target/arm: Implement FEAT_SYSREG128 Richard Henderson
2025-10-14 20:06 ` [PATCH v2 01/37] target/arm: Implement isar tests for FEAT_SYSREG128, FEAT_SYSINSTR128 Richard Henderson
2025-10-17 12:34 ` Peter Maydell
2025-10-14 20:06 ` [PATCH v2 02/37] target/arm: Define CP_REG_SIZE_U128 Richard Henderson
2025-10-17 12:37 ` Peter Maydell
2025-10-14 20:06 ` [PATCH v2 03/37] target/arm: Update ARMCPRegInfo for 128-bit sysregs Richard Henderson
2025-10-17 12:56 ` Peter Maydell
2025-10-14 20:06 ` [PATCH v2 04/37] target/arm: Asserts for ARM_CP_128BIT in define_one_arm_cp_reg Richard Henderson
2025-10-17 12:59 ` Peter Maydell
2025-10-17 15:01 ` Richard Henderson
2025-10-14 20:06 ` [PATCH v2 05/37] target/arm: Split add_cpreg_to_hashtable_aa64 Richard Henderson
2025-10-17 13:05 ` Peter Maydell
2025-10-14 20:06 ` [PATCH v2 06/37] target/arm: Add raw_read128, raw_write128 Richard Henderson
2025-10-17 13:07 ` Peter Maydell
2025-10-14 20:06 ` [PATCH v2 07/37] target/arm: Add read_raw_cp_reg128, write_raw_cp_reg128 Richard Henderson
2025-10-17 13:11 ` Peter Maydell
2025-10-17 15:04 ` Richard Henderson
2025-10-20 13:23 ` Peter Maydell
2025-10-14 20:06 ` [PATCH v2 08/37] target/arm: Use cpreg_field_type in arm_gen_one_feature_sysreg Richard Henderson
2025-10-17 13:14 ` Peter Maydell
2025-10-14 20:06 ` [PATCH v2 09/37] target/arm: Merge arm_gen_one_feature_sysreg into the single caller Richard Henderson
2025-10-17 13:16 ` Peter Maydell
2025-10-14 20:06 ` [PATCH v2 10/37] target/arm: Handle MO_128 in arm_gdb_get_sysreg Richard Henderson
2025-10-17 13:18 ` Peter Maydell
2025-10-14 20:06 ` [PATCH v2 11/37] target/arm: Handle ARM_CP_128BIT in cpu reset Richard Henderson
2025-10-17 13:34 ` Peter Maydell
2025-10-14 20:06 ` [PATCH v2 12/37] target/arm: Put 128-bit sysregs into a separate list Richard Henderson
2025-10-20 12:34 ` Peter Maydell
2025-10-14 20:06 ` [PATCH v2 13/37] target/arm/kvm: Assert no 128-bit sysregs in kvm_arm_init_cpreg_list Richard Henderson
2025-10-20 12:34 ` Peter Maydell
2025-10-14 20:06 ` [PATCH v2 14/37] target/arm/hvf: Assert no 128-bit sysregs in hvf_arch_init_vcpu Richard Henderson
2025-10-20 12:35 ` Peter Maydell
2025-10-14 20:06 ` [PATCH v2 15/37] migration: Add vmstate_info_int128 Richard Henderson
2025-10-20 12:41 ` Peter Maydell
2025-10-14 20:06 ` [PATCH v2 16/37] target/arm: Migrate cpreg128 registers Richard Henderson
2025-10-20 12:44 ` Peter Maydell
2025-10-14 20:06 ` [PATCH v2 17/37] target/arm: Add syn_aa64_sysreg128trap Richard Henderson
2025-10-20 12:45 ` Peter Maydell
2025-10-14 20:06 ` [PATCH v2 18/37] target/arm: Introduce helper_{get,set}_cp_reg128 Richard Henderson
2025-10-20 12:49 ` [PATCH v2 18/37] target/arm: Introduce helper_{get, set}_cp_reg128 Peter Maydell
2025-10-14 20:07 ` Richard Henderson [this message]
2025-10-20 13:15 ` [PATCH v2 19/37] target/arm: Implement MRRS, MSRR, SYSP Peter Maydell
2025-10-14 20:07 ` [PATCH v2 20/37] target/arm: Consolidate definitions of PAR Richard Henderson
2025-10-20 13:31 ` Peter Maydell
2025-10-14 20:07 ` [PATCH v2 21/37] target/arm: Extend PAR_EL1 to 128-bit Richard Henderson
2025-10-17 12:49 ` Peter Maydell
2025-10-17 19:03 ` Richard Henderson
2025-10-14 20:07 ` [PATCH v2 22/37] target/arm: Consolidate definitions of TTBR[01] Richard Henderson
2025-10-20 14:00 ` Peter Maydell
2025-10-14 20:07 ` [PATCH v2 23/37] target/arm: Split out flush_if_asid_change Richard Henderson
2025-10-20 14:02 ` Peter Maydell
2025-10-20 14:12 ` Philippe Mathieu-Daudé
2025-10-14 20:07 ` [PATCH v2 24/37] target/arm: Use flush_if_asid_change in vmsa_ttbr_write Richard Henderson
2025-10-20 14:08 ` Peter Maydell
2025-10-14 20:07 ` [PATCH v2 25/37] target/arm: Extend TTBR system registers to 128-bit Richard Henderson
2025-10-20 14:14 ` Peter Maydell
2025-10-14 20:07 ` [PATCH v2 26/37] target/arm: Implement TLBIP IPAS2E1, IPAS2LE1 Richard Henderson
2025-10-20 14:34 ` Peter Maydell
2025-10-14 20:07 ` [PATCH v2 27/37] target/arm: Implement TLBIP IPAS2E1IS, IPAS2LE1IS Richard Henderson
2025-10-20 14:35 ` Peter Maydell
2025-10-14 20:07 ` [PATCH v2 28/37] target/arm: Implement TLBIP RVAE1, RVAAE1, RVALE1, RVAALE1 Richard Henderson
2025-10-20 14:48 ` Peter Maydell
2025-10-14 20:07 ` [PATCH v2 29/37] target/arm: Implement TLBIP RIPAS1E1, RIPAS1LE1, RIPAS2E1IS, RIPAS2LE1IS Richard Henderson
2025-10-20 14:49 ` Peter Maydell
2025-10-14 20:07 ` [PATCH v2 30/37] target/arm: Implement TLBIP RVA{L}E2{IS,OS} Richard Henderson
2025-10-20 14:50 ` Peter Maydell
2025-10-14 20:07 ` [PATCH v2 31/37] target/arm: Implement TLBIP RVA{L}E3{IS,OS} Richard Henderson
2025-10-20 14:50 ` Peter Maydell
2025-10-14 20:07 ` [PATCH v2 32/37] target/arm: Implement TLBIP VA{L}E1{IS,OS} Richard Henderson
2025-10-20 14:52 ` Peter Maydell
2025-10-14 20:07 ` [PATCH v2 33/37] target/arm: Implement TLBIP VAE2, VALE2 Richard Henderson
2025-10-20 14:52 ` Peter Maydell
2025-10-14 20:07 ` [PATCH v2 34/37] target/arm: Implement TLBIP VAE3, VALE3 Richard Henderson
2025-10-20 14:52 ` Peter Maydell
2025-10-14 20:07 ` [PATCH v2 35/37] target/arm: Implement TLBIP VA{L}E2{IS,OS} Richard Henderson
2025-10-20 14:53 ` Peter Maydell
2025-10-14 20:07 ` [PATCH v2 36/37] target/arm: Implement TLBIP VA{L}E3{IS,OS} Richard Henderson
2025-10-20 14:53 ` Peter Maydell
2025-10-14 20:07 ` [PATCH v2 37/37] NOTFORMERGE: Enable FEAT_SYSREG128, FEAT_SYSINSTR128 for cpu max Richard Henderson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251014200718.422022-20-richard.henderson@linaro.org \
--to=richard.henderson@linaro.org \
--cc=qemu-arm@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).