On Wed, 29 Jan 2020 at 23:56, Richard Henderson <richard.hender...@linaro.org> wrote: > > Since we only support a single ASID, flush the tlb when it changes. > > Note that TCR_EL2, like TCR_EL1, has the A1 bit that chooses between > the two TTBR* registers for the location of the ASID. > > Signed-off-by: Richard Henderson <richard.hender...@linaro.org> > --- > target/arm/helper.c | 22 +++++++++++++++------- > 1 file changed, 15 insertions(+), 7 deletions(-) > > diff --git a/target/arm/helper.c b/target/arm/helper.c > index 0b67cefcbb..708a2ecf91 100644 > --- a/target/arm/helper.c > +++ b/target/arm/helper.c > @@ -3763,7 +3763,7 @@ static void vmsa_ttbcr_reset(CPUARMState *env, const > ARMCPRegInfo *ri) > tcr->base_mask = 0xffffc000u; > } > > -static void vmsa_tcr_el1_write(CPUARMState *env, const ARMCPRegInfo *ri, > +static void vmsa_tcr_el12_write(CPUARMState *env, const ARMCPRegInfo *ri, > uint64_t value) > { > ARMCPU *cpu = env_archcpu(env); > @@ -3789,7 +3789,17 @@ static void vmsa_ttbr_write(CPUARMState *env, const > ARMCPRegInfo *ri, > static void vmsa_tcr_ttbr_el2_write(CPUARMState *env, const ARMCPRegInfo *ri, > uint64_t value) > { > - /* TODO: There are ASID fields in here with HCR_EL2.E2H */ > + /* > + * If we are running with E2&0 regime, then an ASID is active. > + * Flush if that might be changing. Note we're not checking > + * TCR_EL2.A1 to know if this is really the TTBRx_EL2 that > + * holds the active ASID, only checking the field that might. > + */ > + if (extract64(raw_read(env, ri) ^ value, 48, 16) && > + (arm_hcr_el2_eff(env) & HCR_E2H)) { > + tlb_flush_by_mmuidx(env_cpu(env), > + ARMMMUIdxBit_E20_2 | ARMMMUIdxBit_E20_0); > + } > raw_write(env, ri, value); > } > > @@ -3849,7 +3859,7 @@ static const ARMCPRegInfo vmsa_cp_reginfo[] = { > offsetof(CPUARMState, cp15.ttbr1_ns) } }, > { .name = "TCR_EL1", .state = ARM_CP_STATE_AA64, > .opc0 = 3, .crn = 2, .crm = 0, .opc1 = 0, .opc2 = 2, > - .access = PL1_RW, .writefn = vmsa_tcr_el1_write, > + .access = PL1_RW, .writefn = vmsa_tcr_el12_write, > .resetfn = vmsa_ttbcr_reset, .raw_writefn = raw_write, > .fieldoffset = offsetof(CPUARMState, cp15.tcr_el[1]) }, > { .name = "TTBCR", .cp = 15, .crn = 2, .crm = 0, .opc1 = 0, .opc2 = 2, > @@ -5175,10 +5185,8 @@ static const ARMCPRegInfo el2_cp_reginfo[] = { > .resetvalue = 0 }, > { .name = "TCR_EL2", .state = ARM_CP_STATE_BOTH, > .opc0 = 3, .opc1 = 4, .crn = 2, .crm = 0, .opc2 = 2, > - .access = PL2_RW, > - /* no .writefn needed as this can't cause an ASID change; > - * no .raw_writefn or .resetfn needed as we never use mask/base_mask > - */ > + .access = PL2_RW, .writefn = vmsa_tcr_el12_write,
This blows away the entire TLB on a TCR_EL2 write, which is safe but a bit overzealous; we could skip it if E2H was clear (and probably also be a bit more precise about which TLB indexes to clear). But it's not a big deal so I'm happy if we leave this as-is. > + /* no .raw_writefn or .resetfn needed as we never use mask/base_mask */ > .fieldoffset = offsetof(CPUARMState, cp15.tcr_el[2]) }, > { .name = "VTCR", .state = ARM_CP_STATE_AA32, > .cp = 15, .opc1 = 4, .crn = 2, .crm = 1, .opc2 = 2, > -- > 2.20.1 Reviewed-by: Peter Maydell <peter.mayd...@linaro.org> thanks -- PMM