Hi Edgar,
I was just writing a test to verify the correct behavior of the SCR AW/FW
bits and I think there is an issue.
During an SCR write an initial valid mask is set from SCR_MASK which is
defined to not include these bits. Then these bits are hard-coded into the
write value using RES1. Last, the new value is masked against the valid
bits for which these bits are masked off.
I have a number of questions:
- Why are we marking these bits off as reserved? Shouldn't they be RW?
- Are you intending to always enable them or always disable them?
- Why are we attempting to hard-code them 'on' in the value? Is it because
they have no value when VIRT is enabled? If so, we should check for EL2.
Thanks for any insight.
Greg
On 4 August 2014 10:19, Edgar E. Iglesias <edgar.igles...@gmail.com> wrote:
> On Fri, Aug 01, 2014 at 02:34:14PM +0100, Peter Maydell wrote:
> > On 17 June 2014 09:45, Edgar E. Iglesias <edgar.igles...@gmail.com>
> wrote:
> > > From: "Edgar E. Iglesias" <edgar.igles...@xilinx.com>
> > >
> > > Signed-off-by: Edgar E. Iglesias <edgar.igles...@xilinx.com>
> > > ---
> > > target-arm/cpu.h | 16 +++++++++++++++-
> > > target-arm/helper.c | 31 ++++++++++++++++++++++++++++++-
> > > 2 files changed, 45 insertions(+), 2 deletions(-)
> > >
> > > diff --git a/target-arm/cpu.h b/target-arm/cpu.h
> > > index fd57fb5..fa8dee0 100644
> > > --- a/target-arm/cpu.h
> > > +++ b/target-arm/cpu.h
> > > @@ -172,7 +172,6 @@ typedef struct CPUARMState {
> > > uint64_t c1_sys; /* System control register. */
> > > uint64_t c1_coproc; /* Coprocessor access register. */
> > > uint32_t c1_xscaleauxcr; /* XScale auxiliary control
> register. */
> > > - uint32_t c1_scr; /* secure config register. */
> > > uint64_t ttbr0_el1; /* MMU translation table base 0. */
> > > uint64_t ttbr1_el1; /* MMU translation table base 1. */
> > > uint64_t c2_control; /* MMU translation table base control.
> */
> > > @@ -185,6 +184,7 @@ typedef struct CPUARMState {
> > > uint32_t pmsav5_data_ap; /* PMSAv5 MPU data access
> permissions */
> > > uint32_t pmsav5_insn_ap; /* PMSAv5 MPU insn access
> permissions */
> > > uint64_t hcr_el2; /* Hypervisor configuration register */
> > > + uint32_t scr_el3; /* Secure configuration register. */
> > > uint32_t ifsr_el2; /* Fault status registers. */
> > > uint64_t esr_el[4];
> > > uint32_t c6_region[8]; /* MPU base/size registers. */
> > > @@ -562,6 +562,20 @@ static inline void xpsr_write(CPUARMState *env,
> uint32_t val, uint32_t mask)
> > > #define HCR_ID (1ULL << 33)
> > > #define HCR_MASK ((1ULL << 34) - 1)
> > >
> > > +#define SCR_NS (1U << 0)
> > > +#define SCR_IRQ (1U << 1)
> > > +#define SCR_FIQ (1U << 2)
> > > +#define SCR_EA (1U << 3)
> > > +#define SCR_SMD (1U << 7)
> > > +#define SCR_HCE (1U << 8)
> > > +#define SCR_SIF (1U << 9)
> > > +#define SCR_RW (1U << 10)
> > > +#define SCR_ST (1U << 11)
> > > +#define SCR_TWI (1U << 12)
> > > +#define SCR_TWE (1U << 13)
> > > +#define SCR_RES1_MASK (3U << 4)
> > > +#define SCR_MASK (0x3fff & ~SCR_RES1_MASK)
> > > +
> > > /* Return the current FPSCR value. */
> > > uint32_t vfp_get_fpscr(CPUARMState *env);
> > > void vfp_set_fpscr(CPUARMState *env, uint32_t val);
> > > diff --git a/target-arm/helper.c b/target-arm/helper.c
> > > index b04fb5d..6bacc24 100644
> > > --- a/target-arm/helper.c
> > > +++ b/target-arm/helper.c
> > > @@ -793,7 +793,7 @@ static const ARMCPRegInfo v7_cp_reginfo[] = {
> > > .fieldoffset = offsetof(CPUARMState, cp15.vbar_el[1]),
> > > .resetvalue = 0 },
> > > { .name = "SCR", .cp = 15, .crn = 1, .crm = 1, .opc1 = 0, .opc2 =
> 0,
> > > - .access = PL1_RW, .fieldoffset = offsetof(CPUARMState,
> cp15.c1_scr),
> > > + .access = PL1_RW, .fieldoffset = offsetof(CPUARMState,
> cp15.scr_el3),
> > > .resetvalue = 0, },
> >
> > It's awkward that this is now separate from the AArch64 reginfo
> > below, because it makes it non-obvious that they're both the
> > same underlying state. In particular that probably means this
> > one now needs a NO_MIGRATE marker?
>
> Yes, I've moved this into the el3 structure and added NO_MIGRATE.
>
> Thanks,
> Edgar
>
>
> >
> > > { .name = "CCSIDR", .state = ARM_CP_STATE_BOTH,
> > > .opc0 = 3, .crn = 0, .crm = 0, .opc1 = 1, .opc2 = 0,
> > > @@ -2161,6 +2161,31 @@ static const ARMCPRegInfo v8_el2_cp_reginfo[] =
> {
> > > REGINFO_SENTINEL
> > > };
> > >
> > > +static void scr_write(CPUARMState *env, const ARMCPRegInfo *ri,
> uint64_t value)
> > > +{
> > > + uint32_t valid_mask = SCR_MASK;
> > > +
> > > + if (!arm_feature(env, ARM_FEATURE_EL2)) {
> > > + valid_mask &= ~SCR_HCE;
> > > +
> > > + /* On ARMv7, SMD (or SCD as it is called in v7) is only
> > > + * supported if EL2 exists. The bit is UNK/SBZP when
> > > + * EL2 is unavailable. In QEMU ARMv7, we force it to always
> zero
> > > + * when EL2 is unavailable.
> > > + */
> > > + if (arm_feature(env, ARM_FEATURE_V7)) {
> > > + valid_mask &= ~SCR_SMD;
> > > + }
> > > + }
> > > +
> > > + /* Set RES1 bits. */
> > > + value |= SCR_RES1_MASK;
> > > +
> > > + /* Clear RES0 bits. */
> > > + value &= valid_mask;
> > > + raw_write(env, ri, value);
> > > +}
> > > +
> > > static const ARMCPRegInfo v8_el3_cp_reginfo[] = {
> > > { .name = "ELR_EL3", .state = ARM_CP_STATE_AA64,
> > > .type = ARM_CP_NO_MIGRATE,
> > > @@ -2183,6 +2208,10 @@ static const ARMCPRegInfo v8_el3_cp_reginfo[] =
> {
> > > .access = PL3_RW, .writefn = vbar_write,
> > > .fieldoffset = offsetof(CPUARMState, cp15.vbar_el[3]),
> > > .resetvalue = 0 },
> > > + { .name = "SCR_EL3", .state = ARM_CP_STATE_AA64,
> > > + .opc0 = 3, .opc1 = 6, .crn = 1, .crm = 1, .opc2 = 0,
> > > + .access = PL3_RW, .fieldoffset = offsetof(CPUARMState,
> cp15.scr_el3),
> > > + .writefn = scr_write },
> > > REGINFO_SENTINEL
> > > };
> >
> > thanks
> > -- PMM
>
