From e955687ca5e8a1c4451012f6fabd33d3a1e4f270 Mon Sep 17 00:00:00 2001 From: Fabian Aggeler Date: Mon, 12 Feb 2018 09:01:14 -0500 Subject: [PATCH] target-arm: make DACR banked When EL3 is running in AArch32 (or ARMv7 with Security Extensions) DACR has a secure and a non-secure instance. Adds definition for DACR32_EL2. Backports commit 0c17d68c1d3d6c35f37f5692042d2edb65c8bcc0 from qemu --- qemu/target-arm/cpu.h | 13 +++++++++++-- qemu/target-arm/helper.c | 13 +++++++++---- 2 files changed, 20 insertions(+), 6 deletions(-) diff --git a/qemu/target-arm/cpu.h b/qemu/target-arm/cpu.h index 2d9926d4..154d4857 100644 --- a/qemu/target-arm/cpu.h +++ b/qemu/target-arm/cpu.h @@ -229,8 +229,17 @@ typedef struct CPUARMState { TCR tcr_el[4]; uint32_t c2_data; /* MPU data cachable bits. */ uint32_t c2_insn; /* MPU instruction cachable bits. */ - uint32_t c3; /* MMU domain access control register - MPU write buffer control. */ + union { /* MMU domain access control register + * MPU write buffer control. + */ + struct { + uint64_t dacr_ns; + uint64_t dacr_s; + }; + struct { + uint64_t dacr32_el2; + }; + }; uint32_t pmsav5_data_ap; /* PMSAv5 MPU data access permissions */ uint32_t pmsav5_insn_ap; /* PMSAv5 MPU insn access permissions */ uint64_t hcr_el2; /* Hypervisor configuration register */ diff --git a/qemu/target-arm/helper.c b/qemu/target-arm/helper.c index 10c92f84..421b6ac2 100644 --- a/qemu/target-arm/helper.c +++ b/qemu/target-arm/helper.c @@ -334,7 +334,8 @@ static const ARMCPRegInfo not_v8_cp_reginfo[] = { */ /* MMU Domain access control / MPU write buffer control */ { "DACR", 15,3,CP_ANY, 0,CP_ANY,CP_ANY, 0, - 0, PL1_RW, 0, NULL, 0, offsetof(CPUARMState, cp15.c3), {0, 0}, + 0, PL1_RW, 0, NULL, 0, 0, + { offsetoflow32(CPUARMState, cp15.dacr_s), offsetoflow32(CPUARMState, cp15.dacr_ns) }, NULL, NULL, dacr_write, NULL, raw_write, NULL, }, /* ??? This covers not just the impdef TLB lockdown registers but also * some v7VMSA registers relating to TEX remap, so it is overly broad. @@ -1943,7 +1944,8 @@ static const ARMCPRegInfo v8_cp_reginfo[] = { ARM_CP_NOP, PL1_W }, /* MMU Domain access control / MPU write buffer control */ { "DACR", 15,3,0, 0,0,0, 0, - 0, PL1_RW, 0, NULL, 0, offsetof(CPUARMState, cp15.c3), {0, 0}, + 0, PL1_RW, 0, NULL, 0, 0, + { offsetoflow32(CPUARMState, cp15.dacr_s), offsetoflow32(CPUARMState, cp15.dacr_ns) }, NULL, NULL,dacr_write, NULL,raw_write, }, { "ELR_EL1", 0,4,0, 3,0,1, ARM_CP_STATE_AA64, ARM_CP_NO_MIGRATE, PL1_RW, 0, NULL, 0, offsetof(CPUARMState, elr_el[1]) }, @@ -2002,6 +2004,9 @@ static const ARMCPRegInfo v8_el2_cp_reginfo[] = { { "HCR_EL2", 0,1,1, 3,4,0, ARM_CP_STATE_AA64, 0, PL2_RW, 0, NULL, 0, offsetof(CPUARMState, cp15.hcr_el2), {0, 0}, NULL, NULL, hcr_write }, + { "DACR32_EL2", 0,3,0, 3,4,0, ARM_CP_STATE_AA64,0, + PL2_RW, 0, NULL, 0, offsetof(CPUARMState, cp15.dacr32_el2), {0, 0}, + NULL, NULL, dacr_write, NULL, raw_write }, { "ELR_EL2", 0,4,0, 3,4,1, ARM_CP_STATE_AA64, ARM_CP_NO_MIGRATE, PL2_RW, 0, NULL, 0, offsetof(CPUARMState, elr_el[2]) }, { "ESR_EL2", 0,5,2, 3,4,0, ARM_CP_STATE_AA64, @@ -4020,7 +4025,7 @@ static int get_phys_addr_v5(CPUARMState *env, uint32_t address, int access_type, desc = ldl_phys(cs->as, table); type = (desc & 3); domain = (desc >> 5) & 0x0f; - domain_prot = (env->cp15.c3 >> (domain * 2)) & 3; + domain_prot = (A32_BANKED_CURRENT_REG_GET(env, dacr) >> (domain * 2)) & 3; if (type == 0) { /* Section translation fault. */ code = 5; @@ -4132,7 +4137,7 @@ static int get_phys_addr_v6(CPUARMState *env, uint32_t address, int access_type, /* Page or Section. */ domain = (desc >> 5) & 0x0f; } - domain_prot = (env->cp15.c3 >> (domain * 2)) & 3; + domain_prot = (A32_BANKED_CURRENT_REG_GET(env, dacr) >> (domain * 2)) & 3; if (domain_prot == 0 || domain_prot == 2) { if (type != 1) { code = 9; /* Section domain fault. */