From 192c5c665ace1c5e90c45ede9fea87655f058278 Mon Sep 17 00:00:00 2001
From: Fabian Aggeler <aggelerf@ethz.ch>
Date: Mon, 12 Feb 2018 09:07:49 -0500
Subject: [PATCH] target-arm: make IFSR banked

When EL3 is running in AArch32 (or ARMv7 with Security Extensions)
IFSR has a secure and a non-secure instance. Adds IFSR32_EL2 definition and
storage.

Backports commit 88ca1c2d70523486a952065f3ed7b8fc823b5863 from qemu
---
 qemu/target-arm/cpu.h    | 10 +++++++++-
 qemu/target-arm/helper.c |  9 ++++++---
 2 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/qemu/target-arm/cpu.h b/qemu/target-arm/cpu.h
index 154d4857..574f1ab0 100644
--- a/qemu/target-arm/cpu.h
+++ b/qemu/target-arm/cpu.h
@@ -244,7 +244,15 @@ typedef struct CPUARMState {
         uint32_t pmsav5_insn_ap; /* PMSAv5 MPU insn access permissions */
         uint64_t hcr_el2; /* Hypervisor configuration register */
         uint64_t scr_el3; /* Secure configuration register.  */
-        uint32_t ifsr_el2; /* Fault status registers.  */
+        union { /* Fault status registers.  */
+            struct {
+                uint64_t ifsr_ns;
+                uint64_t ifsr_s;
+            };
+            struct {
+                uint64_t ifsr32_el2;
+            };
+        };
         uint64_t esr_el[4];
         uint32_t c6_region[8]; /* MPU base/size registers.  */
         uint64_t far_el[4]; /* Fault address registers.  */
diff --git a/qemu/target-arm/helper.c b/qemu/target-arm/helper.c
index 421b6ac2..03e10d55 100644
--- a/qemu/target-arm/helper.c
+++ b/qemu/target-arm/helper.c
@@ -1411,7 +1411,8 @@ static const ARMCPRegInfo vmsa_cp_reginfo[] = {
       ARM_CP_NO_MIGRATE, PL1_RW, 0, NULL, 0, offsetoflow32(CPUARMState, cp15.esr_el[1]), {0, 0},
       NULL,NULL,NULL,NULL,NULL, arm_cp_reset_ignore, },
     { "IFSR", 15,5,0, 0,0,1, 0,
-      0, PL1_RW, 0, NULL, 0, offsetof(CPUARMState, cp15.ifsr_el2), },
+      0, PL1_RW, 0, NULL, 0, 0,
+      { offsetoflow32(CPUARMState, cp15.ifsr_s), offsetoflow32(CPUARMState, cp15.ifsr_ns) }},
     { "ESR_EL1", 0,5,2, 3,0,0, ARM_CP_STATE_AA64,
       0, PL1_RW, 0, NULL, 0, offsetof(CPUARMState, cp15.esr_el[1]), },
     { "TTBR0_EL1", 0,2,0, 3,0,0, ARM_CP_STATE_BOTH,
@@ -2011,6 +2012,8 @@ static const ARMCPRegInfo v8_el2_cp_reginfo[] = {
       ARM_CP_NO_MIGRATE, PL2_RW, 0, NULL, 0, offsetof(CPUARMState, elr_el[2]) },
     { "ESR_EL2", 0,5,2, 3,4,0, ARM_CP_STATE_AA64,
       ARM_CP_NO_MIGRATE, PL2_RW, 0, NULL, 0, offsetof(CPUARMState, cp15.esr_el[2]) },
+    { "IFSR32_EL2", 0,5,0, 3,4,1, ARM_CP_STATE_AA64,0,
+      PL2_RW, 0, NULL, 0, offsetof(CPUARMState, cp15.ifsr32_el2) },
     { "FAR_EL2", 0,6,0, 3,4,0, ARM_CP_STATE_AA64,
       0, PL2_RW, 0, NULL, 0, offsetof(CPUARMState, cp15.far_el[2]) },
     { "SPSR_EL2", 0,4,0, 3,4,0, ARM_CP_STATE_AA64,
@@ -3823,11 +3826,11 @@ void arm_cpu_do_interrupt(CPUState *cs)
         env->exception.fsr = 2;
         /* Fall through to prefetch abort.  */
     case EXCP_PREFETCH_ABORT:
-        env->cp15.ifsr_el2 = env->exception.fsr;
+        A32_BANKED_CURRENT_REG_SET(env, ifsr, env->exception.fsr);
         env->cp15.far_el[1] = deposit64(env->cp15.far_el[1], 32, 32,
                                         env->exception.vaddress);
         qemu_log_mask(CPU_LOG_INT, "...with IFSR 0x%x IFAR 0x%x\n",
-                      env->cp15.ifsr_el2, (uint32_t)env->exception.vaddress);
+                      env->exception.fsr, (uint32_t)env->exception.vaddress);
         new_mode = ARM_CPU_MODE_ABT;
         addr = 0x0c;
         mask = CPSR_A | CPSR_I;