* [PATCH v2 0/8] TriCore Privilege Levels
@ 2023-06-16 15:28 Bastian Koppelmann
2023-06-16 15:28 ` [PATCH v2 1/8] target/tricore: Fix RR_JLI clobbering reg A[11] Bastian Koppelmann
` (7 more replies)
0 siblings, 8 replies; 14+ messages in thread
From: Bastian Koppelmann @ 2023-06-16 15:28 UTC (permalink / raw)
To: qemu-devel; +Cc: kbastian, richard.henderson
Hi,
this patch series tries to properly implement privilege levels for the TriCore,
as discussed in
https://lore.kernel.org/qemu-devel/20230118090319.32n4uto7ogy3gfr6@schnipp.zuhause/.
While implementing privilege traps for the SV/UM1 only insns, I saw that
the RESTORE insn uses the wrong ICR.IE bit. So I fixed that as well.
Cheers,
Bastian
v1 -> v2:
- Fixed bug where JLI clobbered reg A[11] | PATCH [01/08]
- Moved all calls to tcg_gen_exit_tb() to | PATCH [02/08]
tricore_tr_tb_stop() |
- Enable/disable insns now exit to main-loop | PATCH [03/08]
- Indirect jumps us tcg_gen_lookup_and_goto_ptr() | PATCH [04/08]
- Removed (uint32_t) cast | PATCH [05/08]
- Removed psw_write() calling cpu_loop_exit() | PATCH [07/08]
Bastian Koppelmann (8):
target/tricore: Fix RR_JLI clobbering reg A[11]
target/tricore: Introduce DISAS_TARGET_EXIT
target/tricore: ENABLE/DISABLE exit to main-loop
target/tricore: Indirect jump insns use tcg_gen_lookup_and_goto_ptr()
target/tricore: Introduce priv tb flag
target/tricore: Implement privilege level for all insns
target/tricore: Honour privilege changes on PSW write
target/tricore: Fix ICR.IE offset in RESTORE insn
target/tricore/cpu.h | 17 +++++--
target/tricore/translate.c | 98 ++++++++++++++++++++++++++------------
2 files changed, 79 insertions(+), 36 deletions(-)
--
2.40.1
^ permalink raw reply [flat|nested] 14+ messages in thread
* [PATCH v2 1/8] target/tricore: Fix RR_JLI clobbering reg A[11]
2023-06-16 15:28 [PATCH v2 0/8] TriCore Privilege Levels Bastian Koppelmann
@ 2023-06-16 15:28 ` Bastian Koppelmann
2023-06-18 17:30 ` Richard Henderson
2023-06-16 15:28 ` [PATCH v2 2/8] target/tricore: Introduce DISAS_TARGET_EXIT Bastian Koppelmann
` (6 subsequent siblings)
7 siblings, 1 reply; 14+ messages in thread
From: Bastian Koppelmann @ 2023-06-16 15:28 UTC (permalink / raw)
To: qemu-devel; +Cc: kbastian, richard.henderson
if A[r1] == A[11], then we would overwrite the destination address of
the jump with the return address.
Reported-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
---
target/tricore/translate.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/tricore/translate.c b/target/tricore/translate.c
index 6712d98f6e..1d522d3b50 100644
--- a/target/tricore/translate.c
+++ b/target/tricore/translate.c
@@ -6061,8 +6061,8 @@ static void decode_rr_idirect(DisasContext *ctx)
tcg_gen_andi_tl(cpu_PC, cpu_gpr_a[r1], ~0x1);
break;
case OPC2_32_RR_JLI:
- tcg_gen_movi_tl(cpu_gpr_a[11], ctx->pc_succ_insn);
tcg_gen_andi_tl(cpu_PC, cpu_gpr_a[r1], ~0x1);
+ tcg_gen_movi_tl(cpu_gpr_a[11], ctx->pc_succ_insn);
break;
case OPC2_32_RR_CALLI:
gen_helper_1arg(call, ctx->pc_succ_insn);
--
2.40.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [PATCH v2 2/8] target/tricore: Introduce DISAS_TARGET_EXIT
2023-06-16 15:28 [PATCH v2 0/8] TriCore Privilege Levels Bastian Koppelmann
2023-06-16 15:28 ` [PATCH v2 1/8] target/tricore: Fix RR_JLI clobbering reg A[11] Bastian Koppelmann
@ 2023-06-16 15:28 ` Bastian Koppelmann
2023-06-18 17:31 ` Richard Henderson
2023-06-16 15:28 ` [PATCH v2 3/8] target/tricore: ENABLE/DISABLE exit to main-loop Bastian Koppelmann
` (5 subsequent siblings)
7 siblings, 1 reply; 14+ messages in thread
From: Bastian Koppelmann @ 2023-06-16 15:28 UTC (permalink / raw)
To: qemu-devel; +Cc: kbastian, richard.henderson
this replaces all calls to tcg_gen_exit_tb() and moves them to
tricore_tb_stop().
Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
---
target/tricore/translate.c | 25 ++++++++++++-------------
1 file changed, 12 insertions(+), 13 deletions(-)
diff --git a/target/tricore/translate.c b/target/tricore/translate.c
index 1d522d3b50..d4f7415158 100644
--- a/target/tricore/translate.c
+++ b/target/tricore/translate.c
@@ -37,6 +37,7 @@
#include "exec/helper-info.c.inc"
#undef HELPER_H
+#define DISAS_EXIT DISAS_TARGET_0
/*
* TCG registers
@@ -2835,6 +2836,7 @@ static void gen_goto_tb(DisasContext *ctx, int n, target_ulong dest)
gen_save_pc(dest);
tcg_gen_lookup_and_goto_ptr();
}
+ ctx->base.is_jmp = DISAS_NORETURN;
}
static void generate_trap(DisasContext *ctx, int class, int tin)
@@ -2895,8 +2897,7 @@ static void gen_fret(DisasContext *ctx)
tcg_gen_qemu_ld_tl(cpu_gpr_a[11], cpu_gpr_a[10], ctx->mem_idx, MO_LESL);
tcg_gen_addi_tl(cpu_gpr_a[10], cpu_gpr_a[10], 4);
tcg_gen_mov_tl(cpu_PC, temp);
- tcg_gen_exit_tb(NULL, 0);
- ctx->base.is_jmp = DISAS_NORETURN;
+ ctx->base.is_jmp = DISAS_EXIT;
}
static void gen_compute_branch(DisasContext *ctx, uint32_t opc, int r1,
@@ -2995,12 +2996,12 @@ static void gen_compute_branch(DisasContext *ctx, uint32_t opc, int r1,
/* SR-format jumps */
case OPC1_16_SR_JI:
tcg_gen_andi_tl(cpu_PC, cpu_gpr_a[r1], 0xfffffffe);
- tcg_gen_exit_tb(NULL, 0);
+ ctx->base.is_jmp = DISAS_EXIT;
break;
case OPC2_32_SYS_RET:
case OPC2_16_SR_RET:
gen_helper_ret(cpu_env);
- tcg_gen_exit_tb(NULL, 0);
+ ctx->base.is_jmp = DISAS_EXIT;
break;
/* B-format */
case OPC1_32_B_CALLA:
@@ -3152,7 +3153,6 @@ static void gen_compute_branch(DisasContext *ctx, uint32_t opc, int r1,
default:
generate_trap(ctx, TRAPC_INSN_ERR, TIN2_IOPC);
}
- ctx->base.is_jmp = DISAS_NORETURN;
}
@@ -3493,8 +3493,7 @@ static void decode_sr_system(DisasContext *ctx)
break;
case OPC2_16_SR_RFE:
gen_helper_rfe(cpu_env);
- tcg_gen_exit_tb(NULL, 0);
- ctx->base.is_jmp = DISAS_NORETURN;
+ ctx->base.is_jmp = DISAS_EXIT;
break;
case OPC2_16_SR_DEBUG:
/* raise EXCP_DEBUG */
@@ -6075,8 +6074,7 @@ static void decode_rr_idirect(DisasContext *ctx)
default:
generate_trap(ctx, TRAPC_INSN_ERR, TIN2_IOPC);
}
- tcg_gen_exit_tb(NULL, 0);
- ctx->base.is_jmp = DISAS_NORETURN;
+ ctx->base.is_jmp = DISAS_EXIT;
}
static void decode_rr_divide(DisasContext *ctx)
@@ -7907,8 +7905,7 @@ static void decode_sys_interrupts(DisasContext *ctx)
break;
case OPC2_32_SYS_RFE:
gen_helper_rfe(cpu_env);
- tcg_gen_exit_tb(NULL, 0);
- ctx->base.is_jmp = DISAS_NORETURN;
+ ctx->base.is_jmp = DISAS_EXIT;
break;
case OPC2_32_SYS_RFM:
if ((ctx->hflags & TRICORE_HFLAG_KUU) == TRICORE_HFLAG_SM) {
@@ -7920,8 +7917,7 @@ static void decode_sys_interrupts(DisasContext *ctx)
tcg_gen_brcondi_tl(TCG_COND_NE, tmp, 1, l1);
gen_helper_rfm(cpu_env);
gen_set_label(l1);
- tcg_gen_exit_tb(NULL, 0);
- ctx->base.is_jmp = DISAS_NORETURN;
+ ctx->base.is_jmp = DISAS_EXIT;
} else {
/* generate privilege trap */
}
@@ -8383,6 +8379,9 @@ static void tricore_tr_tb_stop(DisasContextBase *dcbase, CPUState *cpu)
case DISAS_TOO_MANY:
gen_goto_tb(ctx, 0, ctx->base.pc_next);
break;
+ case DISAS_EXIT:
+ tcg_gen_exit_tb(NULL, 0);
+ break;
case DISAS_NORETURN:
break;
default:
--
2.40.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [PATCH v2 3/8] target/tricore: ENABLE/DISABLE exit to main-loop
2023-06-16 15:28 [PATCH v2 0/8] TriCore Privilege Levels Bastian Koppelmann
2023-06-16 15:28 ` [PATCH v2 1/8] target/tricore: Fix RR_JLI clobbering reg A[11] Bastian Koppelmann
2023-06-16 15:28 ` [PATCH v2 2/8] target/tricore: Introduce DISAS_TARGET_EXIT Bastian Koppelmann
@ 2023-06-16 15:28 ` Bastian Koppelmann
2023-06-18 17:32 ` Richard Henderson
2023-06-16 15:28 ` [PATCH v2 4/8] target/tricore: Indirect jump insns use tcg_gen_lookup_and_goto_ptr() Bastian Koppelmann
` (4 subsequent siblings)
7 siblings, 1 reply; 14+ messages in thread
From: Bastian Koppelmann @ 2023-06-16 15:28 UTC (permalink / raw)
To: qemu-devel; +Cc: kbastian, richard.henderson
so we can recognize exceptions after re-enabling interrupts.
Reported-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
---
target/tricore/translate.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/target/tricore/translate.c b/target/tricore/translate.c
index d4f7415158..6164ba6539 100644
--- a/target/tricore/translate.c
+++ b/target/tricore/translate.c
@@ -38,6 +38,7 @@
#undef HELPER_H
#define DISAS_EXIT DISAS_TARGET_0
+#define DISAS_EXIT_UPDATE DISAS_TARGET_1
/*
* TCG registers
@@ -7880,11 +7881,13 @@ static void decode_sys_interrupts(DisasContext *ctx)
break;
case OPC2_32_SYS_DISABLE:
tcg_gen_andi_tl(cpu_ICR, cpu_ICR, ~ctx->icr_ie_mask);
+ ctx->base.is_jmp = DISAS_EXIT_UPDATE;
break;
case OPC2_32_SYS_DISABLE_D:
if (has_feature(ctx, TRICORE_FEATURE_16)) {
tcg_gen_extract_tl(cpu_gpr_d[r1], cpu_ICR, ctx->icr_ie_offset, 1);
tcg_gen_andi_tl(cpu_ICR, cpu_ICR, ~ctx->icr_ie_mask);
+ ctx->base.is_jmp = DISAS_EXIT_UPDATE;
} else {
generate_trap(ctx, TRAPC_INSN_ERR, TIN2_IOPC);
}
@@ -7892,6 +7895,7 @@ static void decode_sys_interrupts(DisasContext *ctx)
break;
case OPC2_32_SYS_ENABLE:
tcg_gen_ori_tl(cpu_ICR, cpu_ICR, ctx->icr_ie_mask);
+ ctx->base.is_jmp = DISAS_EXIT_UPDATE;
break;
case OPC2_32_SYS_ISYNC:
break;
@@ -8379,6 +8383,9 @@ static void tricore_tr_tb_stop(DisasContextBase *dcbase, CPUState *cpu)
case DISAS_TOO_MANY:
gen_goto_tb(ctx, 0, ctx->base.pc_next);
break;
+ case DISAS_EXIT_UPDATE:
+ gen_save_pc(ctx->base.pc_next);
+ /* fall through */
case DISAS_EXIT:
tcg_gen_exit_tb(NULL, 0);
break;
--
2.40.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [PATCH v2 4/8] target/tricore: Indirect jump insns use tcg_gen_lookup_and_goto_ptr()
2023-06-16 15:28 [PATCH v2 0/8] TriCore Privilege Levels Bastian Koppelmann
` (2 preceding siblings ...)
2023-06-16 15:28 ` [PATCH v2 3/8] target/tricore: ENABLE/DISABLE exit to main-loop Bastian Koppelmann
@ 2023-06-16 15:28 ` Bastian Koppelmann
2023-06-18 17:34 ` Richard Henderson
2023-06-16 15:28 ` [PATCH v2 5/8] target/tricore: Introduce priv tb flag Bastian Koppelmann
` (3 subsequent siblings)
7 siblings, 1 reply; 14+ messages in thread
From: Bastian Koppelmann @ 2023-06-16 15:28 UTC (permalink / raw)
To: qemu-devel; +Cc: kbastian, richard.henderson
Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
---
target/tricore/translate.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/target/tricore/translate.c b/target/tricore/translate.c
index 6164ba6539..5515dfa3f3 100644
--- a/target/tricore/translate.c
+++ b/target/tricore/translate.c
@@ -39,6 +39,7 @@
#define DISAS_EXIT DISAS_TARGET_0
#define DISAS_EXIT_UPDATE DISAS_TARGET_1
+#define DISAS_JUMP DISAS_TARGET_2
/*
* TCG registers
@@ -6075,7 +6076,7 @@ static void decode_rr_idirect(DisasContext *ctx)
default:
generate_trap(ctx, TRAPC_INSN_ERR, TIN2_IOPC);
}
- ctx->base.is_jmp = DISAS_EXIT;
+ ctx->base.is_jmp = DISAS_JUMP;
}
static void decode_rr_divide(DisasContext *ctx)
@@ -8389,6 +8390,9 @@ static void tricore_tr_tb_stop(DisasContextBase *dcbase, CPUState *cpu)
case DISAS_EXIT:
tcg_gen_exit_tb(NULL, 0);
break;
+ case DISAS_JUMP:
+ tcg_gen_lookup_and_goto_ptr();
+ break;
case DISAS_NORETURN:
break;
default:
--
2.40.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [PATCH v2 5/8] target/tricore: Introduce priv tb flag
2023-06-16 15:28 [PATCH v2 0/8] TriCore Privilege Levels Bastian Koppelmann
` (3 preceding siblings ...)
2023-06-16 15:28 ` [PATCH v2 4/8] target/tricore: Indirect jump insns use tcg_gen_lookup_and_goto_ptr() Bastian Koppelmann
@ 2023-06-16 15:28 ` Bastian Koppelmann
2023-06-16 15:28 ` [PATCH v2 6/8] target/tricore: Implement privilege level for all insns Bastian Koppelmann
` (2 subsequent siblings)
7 siblings, 0 replies; 14+ messages in thread
From: Bastian Koppelmann @ 2023-06-16 15:28 UTC (permalink / raw)
To: qemu-devel; +Cc: kbastian, richard.henderson
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
---
v1 -> v2:
- Removed (uint32_t) cast
target/tricore/cpu.h | 17 ++++++++++++-----
target/tricore/translate.c | 14 ++++++++------
2 files changed, 20 insertions(+), 11 deletions(-)
diff --git a/target/tricore/cpu.h b/target/tricore/cpu.h
index 041fc0b6e5..257fcf3cee 100644
--- a/target/tricore/cpu.h
+++ b/target/tricore/cpu.h
@@ -263,10 +263,11 @@ void icr_set_ie(CPUTriCoreState *env, uint32_t val);
#define MASK_DBGSR_PEVT 0x40
#define MASK_DBGSR_EVTSRC 0x1f00
-#define TRICORE_HFLAG_KUU 0x3
-#define TRICORE_HFLAG_UM0 0x00002 /* user mode-0 flag */
-#define TRICORE_HFLAG_UM1 0x00001 /* user mode-1 flag */
-#define TRICORE_HFLAG_SM 0x00000 /* kernel mode flag */
+enum tricore_priv_levels {
+ TRICORE_PRIV_UM0 = 0x0, /* user mode-0 flag */
+ TRICORE_PRIV_UM1 = 0x1, /* user mode-1 flag */
+ TRICORE_PRIV_SM = 0x2, /* kernel mode flag */
+};
enum tricore_features {
TRICORE_FEATURE_13,
@@ -378,15 +379,21 @@ static inline int cpu_mmu_index(CPUTriCoreState *env, bool ifetch)
#include "exec/cpu-all.h"
+FIELD(TB_FLAGS, PRIV, 0, 2)
+
void cpu_state_reset(CPUTriCoreState *s);
void tricore_tcg_init(void);
static inline void cpu_get_tb_cpu_state(CPUTriCoreState *env, target_ulong *pc,
target_ulong *cs_base, uint32_t *flags)
{
+ uint32_t new_flags = 0;
*pc = env->PC;
*cs_base = 0;
- *flags = 0;
+
+ new_flags |= FIELD_DP32(new_flags, TB_FLAGS, PRIV,
+ extract32(env->PSW, 10, 2));
+ *flags = new_flags;
}
#define TRICORE_CPU_TYPE_SUFFIX "-" TYPE_TRICORE_CPU
diff --git a/target/tricore/translate.c b/target/tricore/translate.c
index 5515dfa3f3..44f1c1022f 100644
--- a/target/tricore/translate.c
+++ b/target/tricore/translate.c
@@ -76,7 +76,7 @@ typedef struct DisasContext {
uint32_t opcode;
/* Routine used to access memory */
int mem_idx;
- uint32_t hflags, saved_hflags;
+ int priv;
uint64_t features;
uint32_t icr_ie_mask, icr_ie_offset;
} DisasContext;
@@ -377,7 +377,7 @@ static inline void gen_mfcr(DisasContext *ctx, TCGv ret, int32_t offset)
static inline void gen_mtcr(DisasContext *ctx, TCGv r1,
int32_t offset)
{
- if ((ctx->hflags & TRICORE_HFLAG_KUU) == TRICORE_HFLAG_SM) {
+ if (ctx->priv == TRICORE_PRIV_SM) {
/* since we're caching PSW make this a special case */
if (offset == 0xfe04) {
gen_helper_psw_write(cpu_env, r1);
@@ -7913,7 +7913,7 @@ static void decode_sys_interrupts(DisasContext *ctx)
ctx->base.is_jmp = DISAS_EXIT;
break;
case OPC2_32_SYS_RFM:
- if ((ctx->hflags & TRICORE_HFLAG_KUU) == TRICORE_HFLAG_SM) {
+ if (ctx->priv == TRICORE_PRIV_SM) {
tmp = tcg_temp_new();
l1 = gen_new_label();
@@ -7935,8 +7935,7 @@ static void decode_sys_interrupts(DisasContext *ctx)
break;
case OPC2_32_SYS_RESTORE:
if (has_feature(ctx, TRICORE_FEATURE_16)) {
- if ((ctx->hflags & TRICORE_HFLAG_KUU) == TRICORE_HFLAG_SM ||
- (ctx->hflags & TRICORE_HFLAG_KUU) == TRICORE_HFLAG_UM1) {
+ if (ctx->priv == TRICORE_PRIV_SM || ctx->priv == TRICORE_PRIV_UM1) {
tcg_gen_deposit_tl(cpu_ICR, cpu_ICR, cpu_gpr_d[r1], 8, 1);
} /* else raise privilege trap */
} else {
@@ -8306,7 +8305,10 @@ static void tricore_tr_init_disas_context(DisasContextBase *dcbase,
DisasContext *ctx = container_of(dcbase, DisasContext, base);
CPUTriCoreState *env = cs->env_ptr;
ctx->mem_idx = cpu_mmu_index(env, false);
- ctx->hflags = (uint32_t)ctx->base.tb->flags;
+
+ uint32_t tb_flags = (uint32_t)ctx->base.tb->flags;
+ ctx->priv = FIELD_EX32(tb_flags, TB_FLAGS, PRIV);
+
ctx->features = env->features;
if (has_feature(ctx, TRICORE_FEATURE_161)) {
ctx->icr_ie_mask = R_ICR_IE_161_MASK;
--
2.40.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [PATCH v2 6/8] target/tricore: Implement privilege level for all insns
2023-06-16 15:28 [PATCH v2 0/8] TriCore Privilege Levels Bastian Koppelmann
` (4 preceding siblings ...)
2023-06-16 15:28 ` [PATCH v2 5/8] target/tricore: Introduce priv tb flag Bastian Koppelmann
@ 2023-06-16 15:28 ` Bastian Koppelmann
2023-06-16 15:28 ` [PATCH v2 7/8] target/tricore: Honour privilege changes on PSW write Bastian Koppelmann
2023-06-16 15:28 ` [PATCH v2 8/8] target/tricore: Fix ICR.IE offset in RESTORE insn Bastian Koppelmann
7 siblings, 0 replies; 14+ messages in thread
From: Bastian Koppelmann @ 2023-06-16 15:28 UTC (permalink / raw)
To: qemu-devel; +Cc: kbastian, richard.henderson
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
---
target/tricore/translate.c | 47 ++++++++++++++++++++++++++++----------
1 file changed, 35 insertions(+), 12 deletions(-)
diff --git a/target/tricore/translate.c b/target/tricore/translate.c
index 44f1c1022f..71e3842601 100644
--- a/target/tricore/translate.c
+++ b/target/tricore/translate.c
@@ -387,7 +387,7 @@ static inline void gen_mtcr(DisasContext *ctx, TCGv r1,
}
}
} else {
- /* generate privilege trap */
+ generate_trap(ctx, TRAPC_PROT, TIN1_PRIV);
}
}
@@ -3373,7 +3373,11 @@ static void decode_sc_opc(DisasContext *ctx, int op1)
tcg_gen_andi_tl(cpu_gpr_d[15], cpu_gpr_d[15], const16);
break;
case OPC1_16_SC_BISR:
- gen_helper_1arg(bisr, const16 & 0xff);
+ if (ctx->priv == TRICORE_PRIV_SM) {
+ gen_helper_1arg(bisr, const16 & 0xff);
+ } else {
+ generate_trap(ctx, TRAPC_PROT, TIN1_PRIV);
+ }
break;
case OPC1_16_SC_LD_A:
gen_offset_ld(ctx, cpu_gpr_a[15], cpu_gpr_a[10], const16 * 4, MO_LESL);
@@ -5234,7 +5238,11 @@ static void decode_rc_serviceroutine(DisasContext *ctx)
switch (op2) {
case OPC2_32_RC_BISR:
- gen_helper_1arg(bisr, const9);
+ if (ctx->priv == TRICORE_PRIV_SM) {
+ gen_helper_1arg(bisr, const9);
+ } else {
+ generate_trap(ctx, TRAPC_PROT, TIN1_PRIV);
+ }
break;
case OPC2_32_RC_SYSCALL:
generate_trap(ctx, TRAPC_SYSCALL, const9 & 0xff);
@@ -7881,22 +7889,35 @@ static void decode_sys_interrupts(DisasContext *ctx)
/* raise EXCP_DEBUG */
break;
case OPC2_32_SYS_DISABLE:
- tcg_gen_andi_tl(cpu_ICR, cpu_ICR, ~ctx->icr_ie_mask);
- ctx->base.is_jmp = DISAS_EXIT_UPDATE;
+ if (ctx->priv == TRICORE_PRIV_SM || ctx->priv == TRICORE_PRIV_UM1) {
+ tcg_gen_andi_tl(cpu_ICR, cpu_ICR, ~ctx->icr_ie_mask);
+ ctx->base.is_jmp = DISAS_EXIT_UPDATE;
+ } else {
+ generate_trap(ctx, TRAPC_PROT, TIN1_PRIV);
+ }
break;
case OPC2_32_SYS_DISABLE_D:
if (has_feature(ctx, TRICORE_FEATURE_16)) {
- tcg_gen_extract_tl(cpu_gpr_d[r1], cpu_ICR, ctx->icr_ie_offset, 1);
- tcg_gen_andi_tl(cpu_ICR, cpu_ICR, ~ctx->icr_ie_mask);
- ctx->base.is_jmp = DISAS_EXIT_UPDATE;
+ if (ctx->priv == TRICORE_PRIV_SM || ctx->priv == TRICORE_PRIV_UM1) {
+ tcg_gen_extract_tl(cpu_gpr_d[r1], cpu_ICR,
+ ctx->icr_ie_offset, 1);
+ tcg_gen_andi_tl(cpu_ICR, cpu_ICR, ~ctx->icr_ie_mask);
+ ctx->base.is_jmp = DISAS_EXIT_UPDATE;
+ } else {
+ generate_trap(ctx, TRAPC_PROT, TIN1_PRIV);
+ }
} else {
generate_trap(ctx, TRAPC_INSN_ERR, TIN2_IOPC);
}
case OPC2_32_SYS_DSYNC:
break;
case OPC2_32_SYS_ENABLE:
- tcg_gen_ori_tl(cpu_ICR, cpu_ICR, ctx->icr_ie_mask);
- ctx->base.is_jmp = DISAS_EXIT_UPDATE;
+ if (ctx->priv == TRICORE_PRIV_SM || ctx->priv == TRICORE_PRIV_UM1) {
+ tcg_gen_ori_tl(cpu_ICR, cpu_ICR, ctx->icr_ie_mask);
+ ctx->base.is_jmp = DISAS_EXIT_UPDATE;
+ } else {
+ generate_trap(ctx, TRAPC_PROT, TIN1_PRIV);
+ }
break;
case OPC2_32_SYS_ISYNC:
break;
@@ -7924,7 +7945,7 @@ static void decode_sys_interrupts(DisasContext *ctx)
gen_set_label(l1);
ctx->base.is_jmp = DISAS_EXIT;
} else {
- /* generate privilege trap */
+ generate_trap(ctx, TRAPC_PROT, TIN1_PRIV);
}
break;
case OPC2_32_SYS_RSLCX:
@@ -7937,7 +7958,9 @@ static void decode_sys_interrupts(DisasContext *ctx)
if (has_feature(ctx, TRICORE_FEATURE_16)) {
if (ctx->priv == TRICORE_PRIV_SM || ctx->priv == TRICORE_PRIV_UM1) {
tcg_gen_deposit_tl(cpu_ICR, cpu_ICR, cpu_gpr_d[r1], 8, 1);
- } /* else raise privilege trap */
+ } else {
+ generate_trap(ctx, TRAPC_PROT, TIN1_PRIV);
+ }
} else {
generate_trap(ctx, TRAPC_INSN_ERR, TIN2_IOPC);
}
--
2.40.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [PATCH v2 7/8] target/tricore: Honour privilege changes on PSW write
2023-06-16 15:28 [PATCH v2 0/8] TriCore Privilege Levels Bastian Koppelmann
` (5 preceding siblings ...)
2023-06-16 15:28 ` [PATCH v2 6/8] target/tricore: Implement privilege level for all insns Bastian Koppelmann
@ 2023-06-16 15:28 ` Bastian Koppelmann
2023-06-18 17:34 ` Richard Henderson
2023-06-16 15:28 ` [PATCH v2 8/8] target/tricore: Fix ICR.IE offset in RESTORE insn Bastian Koppelmann
7 siblings, 1 reply; 14+ messages in thread
From: Bastian Koppelmann @ 2023-06-16 15:28 UTC (permalink / raw)
To: qemu-devel; +Cc: kbastian, richard.henderson
the CPU can change the privilege level by writing the corresponding bits
in PSW. If this happens all instructions after this 'mtcr' in the TB are
translated with the wrong privilege level. So we have to exit to the
cpu_loop() and start translating again with the new privilege level.
Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
---
v1 -> v2:
- Removed helper_psw_write() calling cpu_loop_exit().
Instead we unconditionally exit for each write to psw.
target/tricore/translate.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/tricore/translate.c b/target/tricore/translate.c
index 71e3842601..5f9bc2b558 100644
--- a/target/tricore/translate.c
+++ b/target/tricore/translate.c
@@ -333,7 +333,6 @@ static void gen_swapmsk(DisasContext *ctx, int reg, TCGv ea)
tcg_gen_mov_tl(cpu_gpr_d[reg], temp);
}
-
/* We generate loads and store to core special function register (csfr) through
the function gen_mfcr and gen_mtcr. To handle access permissions, we use 3
makros R, A and E, which allow read-only, all and endinit protected access.
@@ -381,6 +380,7 @@ static inline void gen_mtcr(DisasContext *ctx, TCGv r1,
/* since we're caching PSW make this a special case */
if (offset == 0xfe04) {
gen_helper_psw_write(cpu_env, r1);
+ ctx->base.is_jmp = DISAS_EXIT_UPDATE;
} else {
switch (offset) {
#include "csfr.h.inc"
--
2.40.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [PATCH v2 8/8] target/tricore: Fix ICR.IE offset in RESTORE insn
2023-06-16 15:28 [PATCH v2 0/8] TriCore Privilege Levels Bastian Koppelmann
` (6 preceding siblings ...)
2023-06-16 15:28 ` [PATCH v2 7/8] target/tricore: Honour privilege changes on PSW write Bastian Koppelmann
@ 2023-06-16 15:28 ` Bastian Koppelmann
7 siblings, 0 replies; 14+ messages in thread
From: Bastian Koppelmann @ 2023-06-16 15:28 UTC (permalink / raw)
To: qemu-devel; +Cc: kbastian, richard.henderson
from ISA v1.6.1 onwards the bit position of ICR.IE changed.
ctx->icr_ie_offset contains the correct value for the ISA version used
by the vCPU.
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
---
target/tricore/translate.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/target/tricore/translate.c b/target/tricore/translate.c
index 5f9bc2b558..eb06df2323 100644
--- a/target/tricore/translate.c
+++ b/target/tricore/translate.c
@@ -7957,7 +7957,8 @@ static void decode_sys_interrupts(DisasContext *ctx)
case OPC2_32_SYS_RESTORE:
if (has_feature(ctx, TRICORE_FEATURE_16)) {
if (ctx->priv == TRICORE_PRIV_SM || ctx->priv == TRICORE_PRIV_UM1) {
- tcg_gen_deposit_tl(cpu_ICR, cpu_ICR, cpu_gpr_d[r1], 8, 1);
+ tcg_gen_deposit_tl(cpu_ICR, cpu_ICR, cpu_gpr_d[r1],
+ ctx->icr_ie_offset, 1);
} else {
generate_trap(ctx, TRAPC_PROT, TIN1_PRIV);
}
--
2.40.1
^ permalink raw reply related [flat|nested] 14+ messages in thread
* Re: [PATCH v2 1/8] target/tricore: Fix RR_JLI clobbering reg A[11]
2023-06-16 15:28 ` [PATCH v2 1/8] target/tricore: Fix RR_JLI clobbering reg A[11] Bastian Koppelmann
@ 2023-06-18 17:30 ` Richard Henderson
0 siblings, 0 replies; 14+ messages in thread
From: Richard Henderson @ 2023-06-18 17:30 UTC (permalink / raw)
To: Bastian Koppelmann, qemu-devel
On 6/16/23 17:28, Bastian Koppelmann wrote:
> if A[r1] == A[11], then we would overwrite the destination address of
> the jump with the return address.
>
> Reported-by: Richard Henderson<richard.henderson@linaro.org>
> Signed-off-by: Bastian Koppelmann<kbastian@mail.uni-paderborn.de>
> ---
> target/tricore/translate.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [PATCH v2 2/8] target/tricore: Introduce DISAS_TARGET_EXIT
2023-06-16 15:28 ` [PATCH v2 2/8] target/tricore: Introduce DISAS_TARGET_EXIT Bastian Koppelmann
@ 2023-06-18 17:31 ` Richard Henderson
0 siblings, 0 replies; 14+ messages in thread
From: Richard Henderson @ 2023-06-18 17:31 UTC (permalink / raw)
To: Bastian Koppelmann, qemu-devel
On 6/16/23 17:28, Bastian Koppelmann wrote:
> this replaces all calls to tcg_gen_exit_tb() and moves them to
> tricore_tb_stop().
>
> Signed-off-by: Bastian Koppelmann<kbastian@mail.uni-paderborn.de>
> ---
> target/tricore/translate.c | 25 ++++++++++++-------------
> 1 file changed, 12 insertions(+), 13 deletions(-)
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [PATCH v2 3/8] target/tricore: ENABLE/DISABLE exit to main-loop
2023-06-16 15:28 ` [PATCH v2 3/8] target/tricore: ENABLE/DISABLE exit to main-loop Bastian Koppelmann
@ 2023-06-18 17:32 ` Richard Henderson
0 siblings, 0 replies; 14+ messages in thread
From: Richard Henderson @ 2023-06-18 17:32 UTC (permalink / raw)
To: Bastian Koppelmann, qemu-devel
On 6/16/23 17:28, Bastian Koppelmann wrote:
> so we can recognize exceptions after re-enabling interrupts.
>
> Reported-by: Richard Henderson <richard.henderson@linaro.org>
> Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
> ---
> target/tricore/translate.c | 7 +++++++
> 1 file changed, 7 insertions(+)
>
> diff --git a/target/tricore/translate.c b/target/tricore/translate.c
> index d4f7415158..6164ba6539 100644
> --- a/target/tricore/translate.c
> +++ b/target/tricore/translate.c
> @@ -38,6 +38,7 @@
> #undef HELPER_H
>
> #define DISAS_EXIT DISAS_TARGET_0
> +#define DISAS_EXIT_UPDATE DISAS_TARGET_1
>
> /*
> * TCG registers
> @@ -7880,11 +7881,13 @@ static void decode_sys_interrupts(DisasContext *ctx)
> break;
> case OPC2_32_SYS_DISABLE:
> tcg_gen_andi_tl(cpu_ICR, cpu_ICR, ~ctx->icr_ie_mask);
> + ctx->base.is_jmp = DISAS_EXIT_UPDATE;
> break;
> case OPC2_32_SYS_DISABLE_D:
> if (has_feature(ctx, TRICORE_FEATURE_16)) {
> tcg_gen_extract_tl(cpu_gpr_d[r1], cpu_ICR, ctx->icr_ie_offset, 1);
> tcg_gen_andi_tl(cpu_ICR, cpu_ICR, ~ctx->icr_ie_mask);
> + ctx->base.is_jmp = DISAS_EXIT_UPDATE;
Disable does not require this change, only enable and restore (which may enable interrupts).
Otherwise,
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
> } else {
> generate_trap(ctx, TRAPC_INSN_ERR, TIN2_IOPC);
> }
> @@ -7892,6 +7895,7 @@ static void decode_sys_interrupts(DisasContext *ctx)
> break;
> case OPC2_32_SYS_ENABLE:
> tcg_gen_ori_tl(cpu_ICR, cpu_ICR, ctx->icr_ie_mask);
> + ctx->base.is_jmp = DISAS_EXIT_UPDATE;
> break;
> case OPC2_32_SYS_ISYNC:
> break;
> @@ -8379,6 +8383,9 @@ static void tricore_tr_tb_stop(DisasContextBase *dcbase, CPUState *cpu)
> case DISAS_TOO_MANY:
> gen_goto_tb(ctx, 0, ctx->base.pc_next);
> break;
> + case DISAS_EXIT_UPDATE:
> + gen_save_pc(ctx->base.pc_next);
> + /* fall through */
> case DISAS_EXIT:
> tcg_gen_exit_tb(NULL, 0);
> break;
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [PATCH v2 4/8] target/tricore: Indirect jump insns use tcg_gen_lookup_and_goto_ptr()
2023-06-16 15:28 ` [PATCH v2 4/8] target/tricore: Indirect jump insns use tcg_gen_lookup_and_goto_ptr() Bastian Koppelmann
@ 2023-06-18 17:34 ` Richard Henderson
0 siblings, 0 replies; 14+ messages in thread
From: Richard Henderson @ 2023-06-18 17:34 UTC (permalink / raw)
To: Bastian Koppelmann, qemu-devel
On 6/16/23 17:28, Bastian Koppelmann wrote:
> @@ -6075,7 +6076,7 @@ static void decode_rr_idirect(DisasContext *ctx)
> default:
> generate_trap(ctx, TRAPC_INSN_ERR, TIN2_IOPC);
> }
> - ctx->base.is_jmp = DISAS_EXIT;
> + ctx->base.is_jmp = DISAS_JUMP;
> }
Not quite correct, as generate_trap is NORETURN.
Return early from the function there?
r~
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [PATCH v2 7/8] target/tricore: Honour privilege changes on PSW write
2023-06-16 15:28 ` [PATCH v2 7/8] target/tricore: Honour privilege changes on PSW write Bastian Koppelmann
@ 2023-06-18 17:34 ` Richard Henderson
0 siblings, 0 replies; 14+ messages in thread
From: Richard Henderson @ 2023-06-18 17:34 UTC (permalink / raw)
To: Bastian Koppelmann, qemu-devel
On 6/16/23 17:28, Bastian Koppelmann wrote:
> the CPU can change the privilege level by writing the corresponding bits
> in PSW. If this happens all instructions after this 'mtcr' in the TB are
> translated with the wrong privilege level. So we have to exit to the
> cpu_loop() and start translating again with the new privilege level.
>
> Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
> ---
> v1 -> v2:
> - Removed helper_psw_write() calling cpu_loop_exit().
> Instead we unconditionally exit for each write to psw.
>
>
> target/tricore/translate.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
>
> diff --git a/target/tricore/translate.c b/target/tricore/translate.c
> index 71e3842601..5f9bc2b558 100644
> --- a/target/tricore/translate.c
> +++ b/target/tricore/translate.c
> @@ -333,7 +333,6 @@ static void gen_swapmsk(DisasContext *ctx, int reg, TCGv ea)
> tcg_gen_mov_tl(cpu_gpr_d[reg], temp);
> }
>
> -
> /* We generate loads and store to core special function register (csfr) through
> the function gen_mfcr and gen_mtcr. To handle access permissions, we use 3
> makros R, A and E, which allow read-only, all and endinit protected access.
> @@ -381,6 +380,7 @@ static inline void gen_mtcr(DisasContext *ctx, TCGv r1,
> /* since we're caching PSW make this a special case */
> if (offset == 0xfe04) {
> gen_helper_psw_write(cpu_env, r1);
> + ctx->base.is_jmp = DISAS_EXIT_UPDATE;
> } else {
> switch (offset) {
> #include "csfr.h.inc"
^ permalink raw reply [flat|nested] 14+ messages in thread
end of thread, other threads:[~2023-06-18 17:35 UTC | newest]
Thread overview: 14+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-06-16 15:28 [PATCH v2 0/8] TriCore Privilege Levels Bastian Koppelmann
2023-06-16 15:28 ` [PATCH v2 1/8] target/tricore: Fix RR_JLI clobbering reg A[11] Bastian Koppelmann
2023-06-18 17:30 ` Richard Henderson
2023-06-16 15:28 ` [PATCH v2 2/8] target/tricore: Introduce DISAS_TARGET_EXIT Bastian Koppelmann
2023-06-18 17:31 ` Richard Henderson
2023-06-16 15:28 ` [PATCH v2 3/8] target/tricore: ENABLE/DISABLE exit to main-loop Bastian Koppelmann
2023-06-18 17:32 ` Richard Henderson
2023-06-16 15:28 ` [PATCH v2 4/8] target/tricore: Indirect jump insns use tcg_gen_lookup_and_goto_ptr() Bastian Koppelmann
2023-06-18 17:34 ` Richard Henderson
2023-06-16 15:28 ` [PATCH v2 5/8] target/tricore: Introduce priv tb flag Bastian Koppelmann
2023-06-16 15:28 ` [PATCH v2 6/8] target/tricore: Implement privilege level for all insns Bastian Koppelmann
2023-06-16 15:28 ` [PATCH v2 7/8] target/tricore: Honour privilege changes on PSW write Bastian Koppelmann
2023-06-18 17:34 ` Richard Henderson
2023-06-16 15:28 ` [PATCH v2 8/8] target/tricore: Fix ICR.IE offset in RESTORE insn Bastian Koppelmann
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).