[Qemu-devel] [PATCH v2 0/4] ppc: booke206: KVM MMU API and info tlb

[Qemu-devel] [PATCH v2 0/4] ppc: booke206: KVM MMU API and info tlb

[Scott Wood]

Scott Wood (4):
  kvm: ppc: Update KVM headers for MMU API
  kvm: ppc: booke206: use MMU API
  ppc: booke206: use MAV=2.0 TSIZE definition, fix 4G pages
  ppc: booke206: add "info tlb" support

 hmp-commands.hx                 |    2 +-
 hw/ppce500_mpc8544ds.c          |    4 +-
 linux-headers/asm-powerpc/kvm.h |   39 +++++++++++++++-
 linux-headers/linux/kvm.h       |   27 ++++++++---
 monitor.c                       |    5 +-
 target-ppc/cpu.h                |    8 +++-
 target-ppc/helper.c             |   93 ++++++++++++++++++++++++++++++++++++++-
 target-ppc/kvm.c                |   83 ++++++++++++++++++++++++++++++++++
 8 files changed, 244 insertions(+), 17 deletions(-)

-- 
1.7.4.1

[Qemu-devel] [PATCH 1/4] kvm: ppc: Update KVM headers for MMU API

[Scott Wood]

Signed-off-by: Scott Wood <scottwood@freescale.com>
---
 linux-headers/asm-powerpc/kvm.h |   39 +++++++++++++++++++++++++++++++++++++--
 linux-headers/linux/kvm.h       |   27 ++++++++++++++++++++-------
 2 files changed, 57 insertions(+), 9 deletions(-)

diff --git a/linux-headers/asm-powerpc/kvm.h b/linux-headers/asm-powerpc/kvm.h
index 777d307..1a6dedf 100644
--- a/linux-headers/asm-powerpc/kvm.h
+++ b/linux-headers/asm-powerpc/kvm.h
@@ -166,8 +166,8 @@ struct kvm_sregs {
 			} ppc64;
 			struct {
 				__u32 sr[16];
-				__u64 ibat[8];
-				__u64 dbat[8];
+				__u64 ibat[8]; 
+				__u64 dbat[8]; 
 			} ppc32;
 		} s;
 		struct {
@@ -272,4 +272,39 @@ struct kvm_guest_debug_arch {
 #define KVM_INTERRUPT_UNSET	-2U
 #define KVM_INTERRUPT_SET_LEVEL	-3U
 
+struct kvm_book3e_206_tlb_entry {
+	__u32 mas8;
+	__u32 mas1;
+	__u64 mas2;
+	__u64 mas7_3;
+};
+
+struct kvm_book3e_206_tlb_params {
+	/*
+	 * For mmu types KVM_MMU_FSL_BOOKE_NOHV and KVM_MMU_FSL_BOOKE_HV:
+	 *
+	 * - The number of ways of TLB0 must be a power of two between 2 and
+	 *   16.
+	 * - TLB1 must be fully associative.
+	 * - The size of TLB0 must be a multiple of the number of ways, and
+	 *   the number of sets must be a power of two.
+	 * - The size of TLB1 may not exceed 64 entries.
+	 * - TLB0 supports 4 KiB pages.
+	 * - The page sizes supported by TLB1 are as indicated by
+	 *   TLB1CFG (if MMUCFG[MAVN] = 0) or TLB1PS (if MMUCFG[MAVN] = 1)
+	 *   as returned by KVM_GET_SREGS.
+	 * - TLB2 and TLB3 are reserved, and their entries in tlb_sizes[]
+	 *   and tlb_ways[] must be zero.
+	 *
+	 * tlb_ways[n] = tlb_sizes[n] means the array is fully associative.
+	 *
+	 * KVM will adjust TLBnCFG based on the sizes configured here,
+	 * though arrays greater than 2048 entries will have TLBnCFG[NENTRY]
+	 * set to zero.
+	 */
+	__u32 tlb_sizes[4];
+	__u32 tlb_ways[4];
+	__u32 reserved[8];
+};
+
 #endif /* __LINUX_KVM_POWERPC_H */
diff --git a/linux-headers/linux/kvm.h b/linux-headers/linux/kvm.h
index fc63b73..2228642 100644
--- a/linux-headers/linux/kvm.h
+++ b/linux-headers/linux/kvm.h
@@ -544,6 +544,7 @@ struct kvm_ppc_pvinfo {
 #define KVM_CAP_TSC_CONTROL 60
 #define KVM_CAP_GET_TSC_KHZ 61
 #define KVM_CAP_PPC_BOOKE_SREGS 62
+#define KVM_CAP_SW_TLB 63
 
 #ifdef KVM_CAP_IRQ_ROUTING
 
@@ -623,6 +624,21 @@ struct kvm_clock_data {
 	__u32 pad[9];
 };
 
+#define KVM_MMU_FSL_BOOKE_NOHV		0
+#define KVM_MMU_FSL_BOOKE_HV		1
+
+struct kvm_config_tlb {
+	__u64 params;
+	__u64 array;
+	__u32 mmu_type;
+	__u32 array_len;
+};
+
+struct kvm_dirty_tlb {
+	__u64 bitmap;
+	__u32 num_dirty;
+};
+
 /*
  * ioctls for VM fds
  */
@@ -746,6 +762,9 @@ struct kvm_clock_data {
 /* Available with KVM_CAP_XCRS */
 #define KVM_GET_XCRS		  _IOR(KVMIO,  0xa6, struct kvm_xcrs)
 #define KVM_SET_XCRS		  _IOW(KVMIO,  0xa7, struct kvm_xcrs)
+/* Available with KVM_CAP_SW_TLB */
+#define KVM_CONFIG_TLB		  _IOW(KVMIO,  0xa8, struct kvm_config_tlb)
+#define KVM_DIRTY_TLB		  _IOW(KVMIO,  0xa9, struct kvm_dirty_tlb)
 
 #define KVM_DEV_ASSIGN_ENABLE_IOMMU	(1 << 0)
 
@@ -773,20 +792,14 @@ struct kvm_assigned_pci_dev {
 
 struct kvm_assigned_irq {
 	__u32 assigned_dev_id;
-	__u32 host_irq;
+	__u32 host_irq; /* ignored (legacy field) */
 	__u32 guest_irq;
 	__u32 flags;
 	union {
-		struct {
-			__u32 addr_lo;
-			__u32 addr_hi;
-			__u32 data;
-		} guest_msi;
 		__u32 reserved[12];
 	};
 };
 
-
 struct kvm_assigned_msix_nr {
 	__u32 assigned_dev_id;
 	__u16 entry_nr;
-- 
1.7.4.1

[Qemu-devel] [PATCH v2 2/4] kvm: ppc: booke206: use MMU API

[Scott Wood]

Share the TLB array with KVM.  This allows us to set the initial TLB
both on initial boot and reset, is useful for debugging, and could
eventually be used to support migration.

Signed-off-by: Scott Wood <scottwood@freescale.com>
---
v2:
 - rebase on top of current tree, remove now-unneeded ifdefs
 - add some asserts and comments as requested

 hw/ppce500_mpc8544ds.c |    2 +
 target-ppc/cpu.h       |    2 +
 target-ppc/kvm.c       |   83 ++++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 87 insertions(+), 0 deletions(-)

diff --git a/hw/ppce500_mpc8544ds.c b/hw/ppce500_mpc8544ds.c
index b739ce2..3626e26 100644
--- a/hw/ppce500_mpc8544ds.c
+++ b/hw/ppce500_mpc8544ds.c
@@ -202,6 +202,8 @@ static void mmubooke_create_initial_mapping(CPUState *env,
     tlb->mas2 = va & TARGET_PAGE_MASK;
     tlb->mas7_3 = pa & TARGET_PAGE_MASK;
     tlb->mas7_3 |= MAS3_UR | MAS3_UW | MAS3_UX | MAS3_SR | MAS3_SW | MAS3_SX;
+
+    env->tlb_dirty = true;
 }
 
 static void mpc8544ds_cpu_reset(void *opaque)
diff --git a/target-ppc/cpu.h b/target-ppc/cpu.h
index 84f8ff6..f8bf2b1 100644
--- a/target-ppc/cpu.h
+++ b/target-ppc/cpu.h
@@ -921,6 +921,8 @@ struct CPUPPCState {
     ppc_tlb_t tlb;   /* TLB is optional. Allocate them only if needed        */
     /* 403 dedicated access protection registers */
     target_ulong pb[4];
+    bool tlb_dirty;   /* Set to non-zero when modifying TLB                  */
+    bool kvm_sw_tlb;  /* non-zero if KVM SW TLB API is active                */
 #endif
 
     /* Other registers */
diff --git a/target-ppc/kvm.c b/target-ppc/kvm.c
index 21f35af7..e18c931 100644
--- a/target-ppc/kvm.c
+++ b/target-ppc/kvm.c
@@ -105,6 +105,50 @@ static int kvm_arch_sync_sregs(CPUState *cenv)
     return kvm_vcpu_ioctl(cenv, KVM_SET_SREGS, &sregs);
 }
 
+/* Set up a shared TLB array with KVM */
+static int kvm_booke206_tlb_init(CPUState *env)
+{
+    struct kvm_book3e_206_tlb_params params = {};
+    struct kvm_config_tlb cfg = {};
+    size_t array_len;
+    unsigned int entries = 0;
+    int ret, i;
+
+    if (!kvm_enabled() ||
+        !kvm_check_extension(env->kvm_state, KVM_CAP_SW_TLB)) {
+        return 0;
+    }
+
+    assert(ARRAY_SIZE(params.tlb_sizes) == BOOKE206_MAX_TLBN);
+
+    for (i = 0; i < BOOKE206_MAX_TLBN; i++) {
+        params.tlb_sizes[i] = booke206_tlb_size(env, i);
+        params.tlb_ways[i] = booke206_tlb_ways(env, i);
+        entries += params.tlb_sizes[i];
+    }
+
+    assert(entries == env->nb_tlb);
+    assert(sizeof(struct kvm_book3e_206_tlb_entry) == sizeof(ppcmas_tlb_t));
+
+    array_len = sizeof(ppcmas_tlb_t) * entries;
+    env->tlb_dirty = true;
+
+    cfg.array = (uintptr_t)env->tlb.tlbm;
+    cfg.array_len = sizeof(ppcmas_tlb_t) * entries;
+    cfg.params = (uintptr_t)&params;
+    cfg.mmu_type = KVM_MMU_FSL_BOOKE_NOHV;
+
+    ret = kvm_vcpu_ioctl(env, KVM_CONFIG_TLB, &cfg);
+    if (ret < 0) {
+        fprintf(stderr, "%s: couldn't KVM_CONFIG_TLB: %s\n",
+                __func__, strerror(-ret));
+        return ret;
+    }
+
+    env->kvm_sw_tlb = true;
+    return 0;
+}
+
 int kvm_arch_init_vcpu(CPUState *cenv)
 {
     int ret;
@@ -116,6 +160,15 @@ int kvm_arch_init_vcpu(CPUState *cenv)
 
     idle_timer = qemu_new_timer_ns(vm_clock, kvm_kick_env, cenv);
 
+    /* Some targets support access to KVM's guest TLB. */
+    switch (cenv->mmu_model) {
+    case POWERPC_MMU_BOOKE206:
+        ret = kvm_booke206_tlb_init(cenv);
+        break;
+    default:
+        break;
+    }
+
     return ret;
 }
 
@@ -123,6 +176,31 @@ void kvm_arch_reset_vcpu(CPUState *env)
 {
 }
 
+static void kvm_sw_tlb_put(CPUState *env)
+{
+    struct kvm_dirty_tlb dirty_tlb;
+    unsigned char *bitmap;
+    int ret;
+
+    if (!env->kvm_sw_tlb) {
+        return;
+    }
+
+    bitmap = qemu_malloc((env->nb_tlb + 7) / 8);
+    memset(bitmap, 0xFF, (env->nb_tlb + 7) / 8);
+
+    dirty_tlb.bitmap = (uintptr_t)bitmap;
+    dirty_tlb.num_dirty = env->nb_tlb;
+
+    ret = kvm_vcpu_ioctl(env, KVM_DIRTY_TLB, &dirty_tlb);
+    if (ret) {
+        fprintf(stderr, "%s: KVM_DIRTY_TLB: %s\n",
+                __func__, strerror(-ret));
+    }
+
+    qemu_free(bitmap);
+}
+
 int kvm_arch_put_registers(CPUState *env, int level)
 {
     struct kvm_regs regs;
@@ -160,6 +238,11 @@ int kvm_arch_put_registers(CPUState *env, int level)
     if (ret < 0)
         return ret;
 
+    if (env->tlb_dirty) {
+        kvm_sw_tlb_put(env);
+        env->tlb_dirty = false;
+    }
+
     return ret;
 }
 
-- 
1.7.4.1

[Qemu-devel] [PATCH 3/4] ppc: booke206: use MAV=2.0 TSIZE definition, fix 4G pages

[Scott Wood]

This definition is backward compatible with MAV=1.0 as long as
the guest does not set reserved bits in MAS1/MAS4.

Also, fix the shift in booke206_tlb_to_page_size -- it's the base
that should be able to hold a 4G page size, not the shift count.

Signed-off-by: Scott Wood <scottwood@freescale.com>
---
Unchanged in patchset v2

 hw/ppce500_mpc8544ds.c |    2 +-
 target-ppc/cpu.h       |    4 ++--
 target-ppc/helper.c    |    5 +++--
 3 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/hw/ppce500_mpc8544ds.c b/hw/ppce500_mpc8544ds.c
index 3626e26..1aed612 100644
--- a/hw/ppce500_mpc8544ds.c
+++ b/hw/ppce500_mpc8544ds.c
@@ -187,7 +187,7 @@ out:
 /* Create -kernel TLB entries for BookE, linearly spanning 256MB.  */
 static inline target_phys_addr_t booke206_page_size_to_tlb(uint64_t size)
 {
-    return (ffs(size >> 10) - 1) >> 1;
+    return ffs(size >> 10) - 1;
 }
 
 static void mmubooke_create_initial_mapping(CPUState *env,
diff --git a/target-ppc/cpu.h b/target-ppc/cpu.h
index f8bf2b1..9cf8327 100644
--- a/target-ppc/cpu.h
+++ b/target-ppc/cpu.h
@@ -654,8 +654,8 @@ enum {
 #define MAS0_ATSEL_TLB     0
 #define MAS0_ATSEL_LRAT    MAS0_ATSEL
 
-#define MAS1_TSIZE_SHIFT   8
-#define MAS1_TSIZE_MASK    (0xf << MAS1_TSIZE_SHIFT)
+#define MAS1_TSIZE_SHIFT   7
+#define MAS1_TSIZE_MASK    (0x1f << MAS1_TSIZE_SHIFT)
 
 #define MAS1_TS_SHIFT      12
 #define MAS1_TS            (1 << MAS1_TS_SHIFT)
diff --git a/target-ppc/helper.c b/target-ppc/helper.c
index 176128a..892c6e3 100644
--- a/target-ppc/helper.c
+++ b/target-ppc/helper.c
@@ -1293,7 +1293,7 @@ target_phys_addr_t booke206_tlb_to_page_size(CPUState *env, ppcmas_tlb_t *tlb)
 {
     uint32_t tlbncfg;
     int tlbn = booke206_tlbm_to_tlbn(env, tlb);
-    target_phys_addr_t tlbm_size;
+    int tlbm_size;
 
     tlbncfg = env->spr[SPR_BOOKE_TLB0CFG + tlbn];
 
@@ -1301,9 +1301,10 @@ target_phys_addr_t booke206_tlb_to_page_size(CPUState *env, ppcmas_tlb_t *tlb)
         tlbm_size = (tlb->mas1 & MAS1_TSIZE_MASK) >> MAS1_TSIZE_SHIFT;
     } else {
         tlbm_size = (tlbncfg & TLBnCFG_MINSIZE) >> TLBnCFG_MINSIZE_SHIFT;
+        tlbm_size <<= 1;
     }
 
-    return (1 << (tlbm_size << 1)) << 10;
+    return 1024ULL << tlbm_size;
 }
 
 /* TLB check function for MAS based SoftTLBs */
-- 
1.7.4.1

Re: [Qemu-devel] [PATCH 3/4] ppc: booke206: use MAV=2.0 TSIZE definition, fix 4G pages

[Fabien Chouteau]

Hi Scott,

I'm a little bit late, but this patch is not compatible with e500.

In fact all the modification breaks e500v2 MMU support. What kind PPC
core are you working on?

Regards,

On 07/08/2011 01:44 AM, Scott Wood wrote:
> This definition is backward compatible with MAV=1.0 as long as
> the guest does not set reserved bits in MAS1/MAS4.
> 
> Also, fix the shift in booke206_tlb_to_page_size -- it's the base
> that should be able to hold a 4G page size, not the shift count.
> 
> Signed-off-by: Scott Wood <scottwood@freescale.com>
> ---
> Unchanged in patchset v2
> 
>  hw/ppce500_mpc8544ds.c |    2 +-
>  target-ppc/cpu.h       |    4 ++--
>  target-ppc/helper.c    |    5 +++--
>  3 files changed, 6 insertions(+), 5 deletions(-)
> 
> diff --git a/hw/ppce500_mpc8544ds.c b/hw/ppce500_mpc8544ds.c
> index 3626e26..1aed612 100644
> --- a/hw/ppce500_mpc8544ds.c
> +++ b/hw/ppce500_mpc8544ds.c
> @@ -187,7 +187,7 @@ out:
>  /* Create -kernel TLB entries for BookE, linearly spanning 256MB.  */
>  static inline target_phys_addr_t booke206_page_size_to_tlb(uint64_t size)
>  {
> -    return (ffs(size >> 10) - 1) >> 1;
> +    return ffs(size >> 10) - 1;
>  }
>  
>  static void mmubooke_create_initial_mapping(CPUState *env,
> diff --git a/target-ppc/cpu.h b/target-ppc/cpu.h
> index f8bf2b1..9cf8327 100644
> --- a/target-ppc/cpu.h
> +++ b/target-ppc/cpu.h
> @@ -654,8 +654,8 @@ enum {
>  #define MAS0_ATSEL_TLB     0
>  #define MAS0_ATSEL_LRAT    MAS0_ATSEL
>  
> -#define MAS1_TSIZE_SHIFT   8
> -#define MAS1_TSIZE_MASK    (0xf << MAS1_TSIZE_SHIFT)
> +#define MAS1_TSIZE_SHIFT   7
> +#define MAS1_TSIZE_MASK    (0x1f << MAS1_TSIZE_SHIFT)
>  
>  #define MAS1_TS_SHIFT      12
>  #define MAS1_TS            (1 << MAS1_TS_SHIFT)
> diff --git a/target-ppc/helper.c b/target-ppc/helper.c
> index 176128a..892c6e3 100644
> --- a/target-ppc/helper.c
> +++ b/target-ppc/helper.c
> @@ -1293,7 +1293,7 @@ target_phys_addr_t booke206_tlb_to_page_size(CPUState *env, ppcmas_tlb_t *tlb)
>  {
>      uint32_t tlbncfg;
>      int tlbn = booke206_tlbm_to_tlbn(env, tlb);
> -    target_phys_addr_t tlbm_size;
> +    int tlbm_size;
>  
>      tlbncfg = env->spr[SPR_BOOKE_TLB0CFG + tlbn];
>  
> @@ -1301,9 +1301,10 @@ target_phys_addr_t booke206_tlb_to_page_size(CPUState *env, ppcmas_tlb_t *tlb)
>          tlbm_size = (tlb->mas1 & MAS1_TSIZE_MASK) >> MAS1_TSIZE_SHIFT;
>      } else {
>          tlbm_size = (tlbncfg & TLBnCFG_MINSIZE) >> TLBnCFG_MINSIZE_SHIFT;
> +        tlbm_size <<= 1;
>      }
>  
> -    return (1 << (tlbm_size << 1)) << 10;
> +    return 1024ULL << tlbm_size;
>  }
>  
>  /* TLB check function for MAS based SoftTLBs */


-- 
Fabien Chouteau

Re: [Qemu-devel] [PATCH 3/4] ppc: booke206: use MAV=2.0 TSIZE definition, fix 4G pages

[Alexander Graf]

Hi Fabien,

Could you please elaborate a bit on the case that broke for you with these? The patches shouldn't change any guest facing behavior :o.


Alex

On 07.05.2012, at 17:47, Fabien Chouteau wrote:

> Hi Scott,
> 
> I'm a little bit late, but this patch is not compatible with e500.
> 
> In fact all the modification breaks e500v2 MMU support. What kind PPC
> core are you working on?
> 
> Regards,
> 
> On 07/08/2011 01:44 AM, Scott Wood wrote:
>> This definition is backward compatible with MAV=1.0 as long as
>> the guest does not set reserved bits in MAS1/MAS4.
>> 
>> Also, fix the shift in booke206_tlb_to_page_size -- it's the base
>> that should be able to hold a 4G page size, not the shift count.
>> 
>> Signed-off-by: Scott Wood <scottwood@freescale.com>
>> ---
>> Unchanged in patchset v2
>> 
>> hw/ppce500_mpc8544ds.c |    2 +-
>> target-ppc/cpu.h       |    4 ++--
>> target-ppc/helper.c    |    5 +++--
>> 3 files changed, 6 insertions(+), 5 deletions(-)
>> 
>> diff --git a/hw/ppce500_mpc8544ds.c b/hw/ppce500_mpc8544ds.c
>> index 3626e26..1aed612 100644
>> --- a/hw/ppce500_mpc8544ds.c
>> +++ b/hw/ppce500_mpc8544ds.c
>> @@ -187,7 +187,7 @@ out:
>> /* Create -kernel TLB entries for BookE, linearly spanning 256MB.  */
>> static inline target_phys_addr_t booke206_page_size_to_tlb(uint64_t size)
>> {
>> -    return (ffs(size >> 10) - 1) >> 1;
>> +    return ffs(size >> 10) - 1;
>> }
>> 
>> static void mmubooke_create_initial_mapping(CPUState *env,
>> diff --git a/target-ppc/cpu.h b/target-ppc/cpu.h
>> index f8bf2b1..9cf8327 100644
>> --- a/target-ppc/cpu.h
>> +++ b/target-ppc/cpu.h
>> @@ -654,8 +654,8 @@ enum {
>> #define MAS0_ATSEL_TLB     0
>> #define MAS0_ATSEL_LRAT    MAS0_ATSEL
>> 
>> -#define MAS1_TSIZE_SHIFT   8
>> -#define MAS1_TSIZE_MASK    (0xf << MAS1_TSIZE_SHIFT)
>> +#define MAS1_TSIZE_SHIFT   7
>> +#define MAS1_TSIZE_MASK    (0x1f << MAS1_TSIZE_SHIFT)
>> 
>> #define MAS1_TS_SHIFT      12
>> #define MAS1_TS            (1 << MAS1_TS_SHIFT)
>> diff --git a/target-ppc/helper.c b/target-ppc/helper.c
>> index 176128a..892c6e3 100644
>> --- a/target-ppc/helper.c
>> +++ b/target-ppc/helper.c
>> @@ -1293,7 +1293,7 @@ target_phys_addr_t booke206_tlb_to_page_size(CPUState *env, ppcmas_tlb_t *tlb)
>> {
>>     uint32_t tlbncfg;
>>     int tlbn = booke206_tlbm_to_tlbn(env, tlb);
>> -    target_phys_addr_t tlbm_size;
>> +    int tlbm_size;
>> 
>>     tlbncfg = env->spr[SPR_BOOKE_TLB0CFG + tlbn];
>> 
>> @@ -1301,9 +1301,10 @@ target_phys_addr_t booke206_tlb_to_page_size(CPUState *env, ppcmas_tlb_t *tlb)
>>         tlbm_size = (tlb->mas1 & MAS1_TSIZE_MASK) >> MAS1_TSIZE_SHIFT;
>>     } else {
>>         tlbm_size = (tlbncfg & TLBnCFG_MINSIZE) >> TLBnCFG_MINSIZE_SHIFT;
>> +        tlbm_size <<= 1;
>>     }
>> 
>> -    return (1 << (tlbm_size << 1)) << 10;
>> +    return 1024ULL << tlbm_size;
>> }
>> 
>> /* TLB check function for MAS based SoftTLBs */
> 
> 
> -- 
> Fabien Chouteau

Re: [Qemu-devel] [PATCH 3/4] ppc: booke206: use MAV=2.0 TSIZE definition, fix 4G pages

[Andreas Färber]

Am 07.05.2012 18:28, schrieb Alexander Graf:
> Hi Fabien,
> 
> Could you please elaborate a bit on the case that broke for you with these? The patches shouldn't change any guest facing behavior :o.
> 
> 
> Alex
> 
> On 07.05.2012, at 17:47, Fabien Chouteau wrote:
> 
>> Hi Scott,
>>
>> I'm a little bit late, but this patch is not compatible with e500.
>>
>> In fact all the modification breaks e500v2 MMU support. What kind PPC
>> core are you working on?
>>
>> Regards,
>>
>> On 07/08/2011 01:44 AM, Scott Wood wrote:
>>> This definition is backward compatible with MAV=1.0 as long as
>>> the guest does not set reserved bits in MAS1/MAS4.
>>>
>>> Also, fix the shift in booke206_tlb_to_page_size -- it's the base
>>> that should be able to hold a 4G page size, not the shift count.
>>>
>>> Signed-off-by: Scott Wood <scottwood@freescale.com>
>>> ---
>>> Unchanged in patchset v2
>>>
>>> hw/ppce500_mpc8544ds.c |    2 +-
>>> target-ppc/cpu.h       |    4 ++--
>>> target-ppc/helper.c    |    5 +++--
>>> 3 files changed, 6 insertions(+), 5 deletions(-)
>>>
>>> diff --git a/hw/ppce500_mpc8544ds.c b/hw/ppce500_mpc8544ds.c
>>> index 3626e26..1aed612 100644
>>> --- a/hw/ppce500_mpc8544ds.c
>>> +++ b/hw/ppce500_mpc8544ds.c
>>> @@ -187,7 +187,7 @@ out:
>>> /* Create -kernel TLB entries for BookE, linearly spanning 256MB.  */
>>> static inline target_phys_addr_t booke206_page_size_to_tlb(uint64_t size)
>>> {
>>> -    return (ffs(size >> 10) - 1) >> 1;
>>> +    return ffs(size >> 10) - 1;
>>> }
>>>
>>> static void mmubooke_create_initial_mapping(CPUState *env,
>>> diff --git a/target-ppc/cpu.h b/target-ppc/cpu.h
>>> index f8bf2b1..9cf8327 100644
>>> --- a/target-ppc/cpu.h
>>> +++ b/target-ppc/cpu.h
>>> @@ -654,8 +654,8 @@ enum {
>>> #define MAS0_ATSEL_TLB     0
>>> #define MAS0_ATSEL_LRAT    MAS0_ATSEL
>>>
>>> -#define MAS1_TSIZE_SHIFT   8
>>> -#define MAS1_TSIZE_MASK    (0xf << MAS1_TSIZE_SHIFT)
>>> +#define MAS1_TSIZE_SHIFT   7
>>> +#define MAS1_TSIZE_MASK    (0x1f << MAS1_TSIZE_SHIFT)
>>>
>>> #define MAS1_TS_SHIFT      12
>>> #define MAS1_TS            (1 << MAS1_TS_SHIFT)
>>> diff --git a/target-ppc/helper.c b/target-ppc/helper.c
>>> index 176128a..892c6e3 100644
>>> --- a/target-ppc/helper.c
>>> +++ b/target-ppc/helper.c
>>> @@ -1293,7 +1293,7 @@ target_phys_addr_t booke206_tlb_to_page_size(CPUState *env, ppcmas_tlb_t *tlb)
>>> {
>>>     uint32_t tlbncfg;
>>>     int tlbn = booke206_tlbm_to_tlbn(env, tlb);
>>> -    target_phys_addr_t tlbm_size;
>>> +    int tlbm_size;
>>>
>>>     tlbncfg = env->spr[SPR_BOOKE_TLB0CFG + tlbn];
>>>
>>> @@ -1301,9 +1301,10 @@ target_phys_addr_t booke206_tlb_to_page_size(CPUState *env, ppcmas_tlb_t *tlb)
>>>         tlbm_size = (tlb->mas1 & MAS1_TSIZE_MASK) >> MAS1_TSIZE_SHIFT;
>>>     } else {
>>>         tlbm_size = (tlbncfg & TLBnCFG_MINSIZE) >> TLBnCFG_MINSIZE_SHIFT;
>>> +        tlbm_size <<= 1;
>>>     }
>>>
>>> -    return (1 << (tlbm_size << 1)) << 10;
>>> +    return 1024ULL << tlbm_size;

Here the page size changes, doesn't it? The << 1 shift is only happening
in the else branch whereas it was always done before.

Andreas

>>> }
>>>
>>> /* TLB check function for MAS based SoftTLBs */

-- 
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg

Re: [Qemu-devel] [PATCH 3/4] ppc: booke206: use MAV=2.0 TSIZE definition, fix 4G pages

[Fabien Chouteau]

On 05/07/2012 06:28 PM, Alexander Graf wrote:
> Hi Fabien,
> 
> Could you please elaborate a bit on the case that broke for you with these? The patches shouldn't change any guest facing behavior :o.
> 
> 

My bad,

The problem comes from my initialization of tlb entries at board reset.
I use MAS1_TSIZE_SHIFT:

    size = 0x1 << MAS1_TSIZE_SHIFT; /* 4 KBytes */

but since the definition as changed, the value is incorrect. It should
be:

    size = 0x10 << MAS1_TSIZE_SHIFT; /* 4 KBytes */

Sorry for the noise...

> Alex
> 
> On 07.05.2012, at 17:47, Fabien Chouteau wrote:
> 
>> Hi Scott,
>>
>> I'm a little bit late, but this patch is not compatible with e500.
>>
>> In fact all the modification breaks e500v2 MMU support. What kind PPC
>> core are you working on?
>>
>> Regards,
>>
>> On 07/08/2011 01:44 AM, Scott Wood wrote:
>>> This definition is backward compatible with MAV=1.0 as long as
>>> the guest does not set reserved bits in MAS1/MAS4.
>>>
>>> Also, fix the shift in booke206_tlb_to_page_size -- it's the base
>>> that should be able to hold a 4G page size, not the shift count.
>>>
>>> Signed-off-by: Scott Wood <scottwood@freescale.com>
>>> ---
>>> Unchanged in patchset v2
>>>
>>> hw/ppce500_mpc8544ds.c |    2 +-
>>> target-ppc/cpu.h       |    4 ++--
>>> target-ppc/helper.c    |    5 +++--
>>> 3 files changed, 6 insertions(+), 5 deletions(-)
>>>
>>> diff --git a/hw/ppce500_mpc8544ds.c b/hw/ppce500_mpc8544ds.c
>>> index 3626e26..1aed612 100644
>>> --- a/hw/ppce500_mpc8544ds.c
>>> +++ b/hw/ppce500_mpc8544ds.c
>>> @@ -187,7 +187,7 @@ out:
>>> /* Create -kernel TLB entries for BookE, linearly spanning 256MB.  */
>>> static inline target_phys_addr_t booke206_page_size_to_tlb(uint64_t size)
>>> {
>>> -    return (ffs(size >> 10) - 1) >> 1;
>>> +    return ffs(size >> 10) - 1;
>>> }
>>>
>>> static void mmubooke_create_initial_mapping(CPUState *env,
>>> diff --git a/target-ppc/cpu.h b/target-ppc/cpu.h
>>> index f8bf2b1..9cf8327 100644
>>> --- a/target-ppc/cpu.h
>>> +++ b/target-ppc/cpu.h
>>> @@ -654,8 +654,8 @@ enum {
>>> #define MAS0_ATSEL_TLB     0
>>> #define MAS0_ATSEL_LRAT    MAS0_ATSEL
>>>
>>> -#define MAS1_TSIZE_SHIFT   8
>>> -#define MAS1_TSIZE_MASK    (0xf << MAS1_TSIZE_SHIFT)
>>> +#define MAS1_TSIZE_SHIFT   7
>>> +#define MAS1_TSIZE_MASK    (0x1f << MAS1_TSIZE_SHIFT)
>>>
>>> #define MAS1_TS_SHIFT      12
>>> #define MAS1_TS            (1 << MAS1_TS_SHIFT)
>>> diff --git a/target-ppc/helper.c b/target-ppc/helper.c
>>> index 176128a..892c6e3 100644
>>> --- a/target-ppc/helper.c
>>> +++ b/target-ppc/helper.c
>>> @@ -1293,7 +1293,7 @@ target_phys_addr_t booke206_tlb_to_page_size(CPUState *env, ppcmas_tlb_t *tlb)
>>> {
>>>     uint32_t tlbncfg;
>>>     int tlbn = booke206_tlbm_to_tlbn(env, tlb);
>>> -    target_phys_addr_t tlbm_size;
>>> +    int tlbm_size;
>>>
>>>     tlbncfg = env->spr[SPR_BOOKE_TLB0CFG + tlbn];
>>>
>>> @@ -1301,9 +1301,10 @@ target_phys_addr_t booke206_tlb_to_page_size(CPUState *env, ppcmas_tlb_t *tlb)
>>>         tlbm_size = (tlb->mas1 & MAS1_TSIZE_MASK) >> MAS1_TSIZE_SHIFT;
>>>     } else {
>>>         tlbm_size = (tlbncfg & TLBnCFG_MINSIZE) >> TLBnCFG_MINSIZE_SHIFT;
>>> +        tlbm_size <<= 1;
>>>     }
>>>
>>> -    return (1 << (tlbm_size << 1)) << 10;
>>> +    return 1024ULL << tlbm_size;
>>> }
>>>
>>> /* TLB check function for MAS based SoftTLBs */
>>
>>
>> -- 
>> Fabien Chouteau
> 


-- 
Fabien Chouteau

Re: [Qemu-devel] [PATCH 3/4] ppc: booke206: use MAV=2.0 TSIZE definition, fix 4G pages

[Scott Wood]

On 05/09/2012 05:54 AM, Fabien Chouteau wrote:
> On 05/07/2012 06:28 PM, Alexander Graf wrote:
>> Hi Fabien,
>>
>> Could you please elaborate a bit on the case that broke for you with these? The patches shouldn't change any guest facing behavior :o.
>>
>>
> 
> My bad,
> 
> The problem comes from my initialization of tlb entries at board reset.
> I use MAS1_TSIZE_SHIFT:
> 
>     size = 0x1 << MAS1_TSIZE_SHIFT; /* 4 KBytes */
> 
> but since the definition as changed, the value is incorrect. It should
> be:
> 
>     size = 0x10 << MAS1_TSIZE_SHIFT; /* 4 KBytes */

You should be using booke206_bytes_to_tsize(), or perhaps create some
#defines for the various tsizes.

-Scott

Re: [Qemu-devel] [PATCH 3/4] ppc: booke206: use MAV=2.0 TSIZE definition, fix 4G pages

[Fabien Chouteau]

On 05/15/2012 05:28 PM, Scott Wood wrote:
> On 05/09/2012 05:54 AM, Fabien Chouteau wrote:
>> On 05/07/2012 06:28 PM, Alexander Graf wrote:
>>> Hi Fabien,
>>>
>>> Could you please elaborate a bit on the case that broke for you with these? The patches shouldn't change any guest facing behavior :o.
>>>
>>>
>>
>> My bad,
>>
>> The problem comes from my initialization of tlb entries at board reset.
>> I use MAS1_TSIZE_SHIFT:
>>
>>     size = 0x1 << MAS1_TSIZE_SHIFT; /* 4 KBytes */
>>
>> but since the definition as changed, the value is incorrect. It should
>> be:
>>
>>     size = 0x10 << MAS1_TSIZE_SHIFT; /* 4 KBytes */
> 
> You should be using booke206_bytes_to_tsize(), or perhaps create some
> #defines for the various tsizes.
> 

Do you mean booke206_page_size_to_tlb()?

BTW, this function is defined locally twice and with different
implementations.

hw/ppce500_mpc8544ds.c:176:static inline target_phys_addr_t booke206_page_size_to_tlb(uint64_t size)
hw/ppce500_mpc8544ds.c-177-{
hw/ppce500_mpc8544ds.c-178-    return ffs(size >> 10) - 1;
hw/ppce500_mpc8544ds.c-179-}
--
hw/ppce500_spin.c:71:static inline target_phys_addr_t booke206_page_size_to_tlb(uint64_t size)
hw/ppce500_spin.c-72-{
hw/ppce500_spin.c-73-    return (ffs(size >> 10) - 1) >> 1;
hw/ppce500_spin.c-74-}

-- 
Fabien Chouteau

Re: [Qemu-devel] [PATCH 3/4] ppc: booke206: use MAV=2.0 TSIZE definition, fix 4G pages

[Scott Wood]

On 05/15/2012 11:50 AM, Fabien Chouteau wrote:
> On 05/15/2012 05:28 PM, Scott Wood wrote:
>> On 05/09/2012 05:54 AM, Fabien Chouteau wrote:
>>> On 05/07/2012 06:28 PM, Alexander Graf wrote:
>>>> Hi Fabien,
>>>>
>>>> Could you please elaborate a bit on the case that broke for you with these? The patches shouldn't change any guest facing behavior :o.
>>>>
>>>>
>>>
>>> My bad,
>>>
>>> The problem comes from my initialization of tlb entries at board reset.
>>> I use MAS1_TSIZE_SHIFT:
>>>
>>>     size = 0x1 << MAS1_TSIZE_SHIFT; /* 4 KBytes */
>>>
>>> but since the definition as changed, the value is incorrect. It should
>>> be:
>>>
>>>     size = 0x10 << MAS1_TSIZE_SHIFT; /* 4 KBytes */
>>
>> You should be using booke206_bytes_to_tsize(), or perhaps create some
>> #defines for the various tsizes.
>>
> 
> Do you mean booke206_page_size_to_tlb()?

No, I was referring to something on an internal branch, sorry.

-Scott

[Qemu-devel] [PATCH v2 4/4] ppc: booke206: add "info tlb" support

[Scott Wood]

Signed-off-by: Scott Wood <scottwood@freescale.com>
---
v2: Remove redundant "valid?" comment

 hmp-commands.hx     |    2 +-
 monitor.c           |    5 ++-
 target-ppc/cpu.h    |    2 +
 target-ppc/helper.c |   88 +++++++++++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 94 insertions(+), 3 deletions(-)

diff --git a/hmp-commands.hx b/hmp-commands.hx
index 6ad8806..014a4fb 100644
--- a/hmp-commands.hx
+++ b/hmp-commands.hx
@@ -1306,7 +1306,7 @@ show i8259 (PIC) state
 @item info pci
 show emulated PCI device info
 @item info tlb
-show virtual to physical memory mappings (i386, SH4 and SPARC only)
+show virtual to physical memory mappings (i386, SH4, SPARC, and PPC only)
 @item info mem
 show the active virtual memory mappings (i386 only)
 @item info jit
diff --git a/monitor.c b/monitor.c
index 67ceb46..7b9c2b1 100644
--- a/monitor.c
+++ b/monitor.c
@@ -2408,7 +2408,7 @@ static void tlb_info(Monitor *mon)
 
 #endif
 
-#if defined(TARGET_SPARC)
+#if defined(TARGET_SPARC) || defined(TARGET_PPC)
 static void tlb_info(Monitor *mon)
 {
     CPUState *env1 = mon_get_cpu();
@@ -2901,7 +2901,8 @@ static const mon_cmd_t info_cmds[] = {
         .user_print = do_pci_info_print,
         .mhandler.info_new = do_pci_info,
     },
-#if defined(TARGET_I386) || defined(TARGET_SH4) || defined(TARGET_SPARC)
+#if defined(TARGET_I386) || defined(TARGET_SH4) || defined(TARGET_SPARC) || \
+    defined(TARGET_PPC)
     {
         .name       = "tlb",
         .args_type  = "",
diff --git a/target-ppc/cpu.h b/target-ppc/cpu.h
index 9cf8327..0d04779 100644
--- a/target-ppc/cpu.h
+++ b/target-ppc/cpu.h
@@ -2032,4 +2032,6 @@ static inline void cpu_pc_from_tb(CPUState *env, TranslationBlock *tb)
     env->nip = tb->pc;
 }
 
+void dump_mmu(FILE *f, fprintf_function cpu_fprintf, CPUState *env);
+
 #endif /* !defined (__CPU_PPC_H__) */
diff --git a/target-ppc/helper.c b/target-ppc/helper.c
index 892c6e3..a3b7283 100644
--- a/target-ppc/helper.c
+++ b/target-ppc/helper.c
@@ -1466,6 +1466,94 @@ found_tlb:
     return ret;
 }
 
+static const char *book3e_tsize_to_str[32] = {
+    "1K", "2K", "4K", "8K", "16K", "32K", "64K", "128K", "256K", "512K",
+    "1M", "2M", "4M", "8M", "16M", "32M", "64M", "128M", "256M", "512M",
+    "1G", "2G", "4G", "8G", "16G", "32G", "64G", "128G", "256G", "512G",
+    "1T", "2T"
+};
+
+static void mmubooke206_dump_one_tlb(FILE *f, fprintf_function cpu_fprintf,
+                                     CPUState *env, int tlbn, int offset,
+                                     int tlbsize)
+{
+    ppcmas_tlb_t *entry;
+    int i;
+
+    cpu_fprintf(f, "\nTLB%d:\n", tlbn);
+    cpu_fprintf(f, "Effective          Physical           Size TID   TS SRWX URWX WIMGE U0123\n");
+
+    entry = &env->tlb.tlbm[offset];
+    for (i = 0; i < tlbsize; i++, entry++) {
+        target_phys_addr_t ea, pa, size;
+        int tsize;
+
+        if (!(entry->mas1 & MAS1_VALID)) {
+            continue;
+        }
+
+        tsize = (entry->mas1 & MAS1_TSIZE_MASK) >> MAS1_TSIZE_SHIFT;
+        size = 1024ULL << tsize;
+        ea = entry->mas2 & ~(size - 1);
+        pa = entry->mas7_3 & ~(size - 1);
+
+        cpu_fprintf(f, "0x%016" PRIx64 " 0x%016" PRIx64 " %4s %-5u %1u  S%c%c%c U%c%c%c %c%c%c%c%c U%c%c%c%c\n",
+                    (uint64_t)ea, (uint64_t)pa,
+                    book3e_tsize_to_str[tsize],
+                    (entry->mas1 & MAS1_TID_MASK) >> MAS1_TID_SHIFT,
+                    (entry->mas1 & MAS1_TS) >> MAS1_TS_SHIFT,
+                    entry->mas7_3 & MAS3_SR ? 'R' : '-',
+                    entry->mas7_3 & MAS3_SW ? 'W' : '-',
+                    entry->mas7_3 & MAS3_SX ? 'X' : '-',
+                    entry->mas7_3 & MAS3_UR ? 'R' : '-',
+                    entry->mas7_3 & MAS3_UW ? 'W' : '-',
+                    entry->mas7_3 & MAS3_UX ? 'X' : '-',
+                    entry->mas2 & MAS2_W ? 'W' : '-',
+                    entry->mas2 & MAS2_I ? 'I' : '-',
+                    entry->mas2 & MAS2_M ? 'M' : '-',
+                    entry->mas2 & MAS2_G ? 'G' : '-',
+                    entry->mas2 & MAS2_E ? 'E' : '-',
+                    entry->mas7_3 & MAS3_U0 ? '0' : '-',
+                    entry->mas7_3 & MAS3_U1 ? '1' : '-',
+                    entry->mas7_3 & MAS3_U2 ? '2' : '-',
+                    entry->mas7_3 & MAS3_U3 ? '3' : '-');
+    }
+}
+
+static void mmubooke206_dump_mmu(FILE *f, fprintf_function cpu_fprintf,
+                                 CPUState *env)
+{
+    int offset = 0;
+    int i;
+
+    if (kvm_enabled() && !env->kvm_sw_tlb) {
+        cpu_fprintf(f, "Cannot access KVM TLB\n");
+        return;
+    }
+
+    for (i = 0; i < BOOKE206_MAX_TLBN; i++) {
+        int size = booke206_tlb_size(env, i);
+
+        if (size == 0) {
+            continue;
+        }
+
+        mmubooke206_dump_one_tlb(f, cpu_fprintf, env, i, offset, size);
+        offset += size;
+    }
+}
+
+void dump_mmu(FILE *f, fprintf_function cpu_fprintf, CPUState *env)
+{
+    switch (env->mmu_model) {
+    case POWERPC_MMU_BOOKE206:
+        mmubooke206_dump_mmu(f, cpu_fprintf, env);
+        break;
+    default:
+        cpu_fprintf(f, "%s: unimplemented\n", __func__);
+    }
+}
+
 static inline int check_physical(CPUState *env, mmu_ctx_t *ctx,
                                  target_ulong eaddr, int rw)
 {
-- 
1.7.4.1