Lines Matching +full:- +full:- +full:disable +full:- +full:capstone
18 * <http://www.gnu.org/licenses/gpl-2.0.html>
22 #include "qemu/qemu-print.h"
25 #include "exec/page-vary.h"
32 #include "exec/translation-block.h"
33 #include "accel/tcg/cpu-ops.h"
36 #include "cpu-features.h"
38 #include "hw/qdev-properties.h"
50 #include "disas/capstone.h"
53 #include "target/arm/cpu-qom.h"
59 CPUARMState *env = &cpu->env;
62 env->pc = value;
63 env->thumb = false;
65 env->regs[15] = value & ~1;
66 env->thumb = value & 1;
73 CPUARMState *env = &cpu->env;
76 return env->pc;
78 return env->regs[15];
94 env->pc = tb->pc;
96 env->regs[15] = tb->pc;
109 env->pc = (env->pc & TARGET_PAGE_MASK) | data[0];
111 env->pc = data[0];
113 env->condexec_bits = 0;
114 env->exception.syndrome = data[2] << ARM_INSN_START_WORD2_SHIFT;
117 env->regs[15] = (env->regs[15] & TARGET_PAGE_MASK) | data[0];
119 env->regs[15] = data[0];
121 env->condexec_bits = data[1];
122 env->exception.syndrome = data[2] << ARM_INSN_START_WORD2_SHIFT;
145 return (cpu->power_state != PSCI_OFF)
146 && cs->interrupt_request &
159 entry->hook = hook;
160 entry->opaque = opaque;
162 QLIST_INSERT_HEAD(&cpu->pre_el_change_hooks, entry, node);
170 entry->hook = hook;
171 entry->opaque = opaque;
173 QLIST_INSERT_HEAD(&cpu->el_change_hooks, entry, node);
182 if (ri->type & (ARM_CP_SPECIAL_MASK | ARM_CP_ALIAS)) {
186 if (ri->resetfn) {
187 ri->resetfn(&cpu->env, ri);
193 * This is basically only used for fields in non-core coprocessors
196 if (!ri->fieldoffset) {
201 CPREG_FIELD64(&cpu->env, ri) = ri->resetvalue;
203 CPREG_FIELD32(&cpu->env, ri) = ri->resetvalue;
218 if (ri->type & (ARM_CP_SPECIAL_MASK | ARM_CP_ALIAS | ARM_CP_NO_RAW)) {
222 oldvalue = read_raw_cp_reg(&cpu->env, ri);
224 newvalue = read_raw_cp_reg(&cpu->env, ri);
233 CPUARMState *env = &cpu->env;
235 if (acc->parent_phases.hold) {
236 acc->parent_phases.hold(obj, type);
241 g_hash_table_foreach(cpu->cp_regs, cp_reg_reset, cpu);
242 g_hash_table_foreach(cpu->cp_regs, cp_reg_check_reset, cpu);
244 env->vfp.xregs[ARM_VFP_FPSID] = cpu->reset_fpsid;
245 env->vfp.xregs[ARM_VFP_MVFR0] = cpu->isar.mvfr0;
246 env->vfp.xregs[ARM_VFP_MVFR1] = cpu->isar.mvfr1;
247 env->vfp.xregs[ARM_VFP_MVFR2] = cpu->isar.mvfr2;
249 cpu->power_state = cs->start_powered_off ? PSCI_OFF : PSCI_ON;
252 env->iwmmxt.cregs[ARM_IWMMXT_wCID] = 0x69051000 | 'Q';
257 env->aarch64 = true;
259 env->pstate = PSTATE_MODE_EL0t;
261 env->cp15.sctlr_el[1] |= SCTLR_UCT | SCTLR_UCI | SCTLR_DZE;
263 env->cp15.sctlr_el[1] |= (SCTLR_EnIA | SCTLR_EnIB |
266 env->cp15.sctlr_el[1] |= SCTLR_BT0;
269 env->cp15.sctlr_el[1] |= SCTLR_TIDCP;
272 env->cp15.cpacr_el1 = FIELD_DP64(env->cp15.cpacr_el1,
276 env->cp15.cpacr_el1 = FIELD_DP64(env->cp15.cpacr_el1,
278 env->vfp.zcr_el[1] = cpu->sve_default_vq - 1;
282 env->cp15.sctlr_el[1] |= SCTLR_EnTP2;
283 env->cp15.cpacr_el1 = FIELD_DP64(env->cp15.cpacr_el1,
285 env->vfp.smcr_el[1] = cpu->sme_default_vq - 1;
287 env->vfp.smcr_el[1] = FIELD_DP64(env->vfp.smcr_el[1],
292 * Enable 48-bit address space (TODO: take reserved_va into account).
296 env->cp15.tcr_el[1] = 5 | (1ULL << 37);
301 env->cp15.sctlr_el[1] |= SCTLR_ATA0;
304 * This corresponds to Linux current->thread.gcr_incl = 0.
310 env->cp15.gcr_el1 = 0x1ffff;
313 * Disable access to SCXTNUM_EL0 from CSV2_1p2.
316 env->cp15.sctlr_el[1] |= SCTLR_TSCXT;
317 /* Disable access to Debug Communication Channel (DCC). */
318 env->cp15.mdscr_el1 |= 1 << 12;
320 env->cp15.sctlr_el[1] |= SCTLR_MSCEN;
324 env->pstate = PSTATE_MODE_EL3h;
326 env->pstate = PSTATE_MODE_EL2h;
328 env->pstate = PSTATE_MODE_EL1h;
332 env->cp15.rvbar = cpu->rvbar_prop;
333 env->pc = env->cp15.rvbar;
338 env->cp15.cpacr_el1 = FIELD_DP64(env->cp15.cpacr_el1,
340 env->cp15.cpacr_el1 = FIELD_DP64(env->cp15.cpacr_el1,
344 env->cp15.rvbar = cpu->rvbar_prop;
345 env->regs[15] = cpu->rvbar_prop;
350 env->uncached_cpsr = ARM_CPU_MODE_USR;
352 env->vfp.xregs[ARM_VFP_FPEXC] = 1 << 30;
354 env->cp15.c15_cpar = 3;
356 env->cp15.c15_cpar = 1;
367 env->uncached_cpsr = ARM_CPU_MODE_HYP;
369 env->uncached_cpsr = ARM_CPU_MODE_SVC;
371 env->daif = PSTATE_D | PSTATE_A | PSTATE_I | PSTATE_F;
378 env->regs[15] = 0xFFFF0000;
381 env->vfp.xregs[ARM_VFP_FPEXC] = 0;
398 env->v7m.ltpsize = 4;
400 env->v7m.fpdscr[M_REG_NS] = 4 << FPCR_LTPSIZE_SHIFT;
401 env->v7m.fpdscr[M_REG_S] = 4 << FPCR_LTPSIZE_SHIFT;
405 env->v7m.secure = true;
412 env->v7m.aircr = R_V7M_AIRCR_BFHFNMINS_MASK;
417 * v8.1M the guest-visible value of NSACR in a CPU without the
420 env->v7m.nsacr = 0xcff;
427 env->v7m.ccr[M_REG_NS] = R_V7M_CCR_STKALIGN_MASK;
428 env->v7m.ccr[M_REG_S] = R_V7M_CCR_STKALIGN_MASK;
431 env->v7m.ccr[M_REG_NS] |= R_V7M_CCR_NONBASETHRDENA_MASK;
432 env->v7m.ccr[M_REG_S] |= R_V7M_CCR_NONBASETHRDENA_MASK;
435 env->v7m.ccr[M_REG_NS] |= R_V7M_CCR_UNALIGN_TRP_MASK;
436 env->v7m.ccr[M_REG_S] |= R_V7M_CCR_UNALIGN_TRP_MASK;
440 env->v7m.fpccr[M_REG_NS] = R_V7M_FPCCR_ASPEN_MASK;
441 env->v7m.fpccr[M_REG_S] = R_V7M_FPCCR_ASPEN_MASK |
447 env->regs[14] = 0xffffffff;
449 env->v7m.vecbase[M_REG_S] = cpu->init_svtor & 0xffffff80;
450 env->v7m.vecbase[M_REG_NS] = cpu->init_nsvtor & 0xffffff80;
453 vecbase = env->v7m.vecbase[env->v7m.secure];
454 rom = rom_ptr_for_as(cs->as, vecbase, 8);
463 * is in non-modifiable memory and this is a second reset after
467 initial_msp = ldl_phys(cs->as, vecbase);
468 initial_pc = ldl_phys(cs->as, vecbase + 4);
475 env->regs[13] = initial_msp & 0xFFFFFFFC;
476 env->regs[15] = initial_pc & ~1;
477 env->thumb = initial_pc & 1;
480 * For user mode we run non-secure and with access to the FPU.
482 * and is owned by non-secure.
484 env->v7m.secure = false;
485 env->v7m.nsacr = 0xcff;
486 env->v7m.cpacr[M_REG_NS] = 0xf0ffff;
487 env->v7m.fpccr[M_REG_S] &=
489 env->v7m.control[M_REG_S] |= R_V7M_CONTROL_FPCA_MASK;
500 if (cpu->pmsav7_dregion > 0) {
502 memset(env->pmsav8.rbar[M_REG_NS], 0,
503 sizeof(*env->pmsav8.rbar[M_REG_NS])
504 * cpu->pmsav7_dregion);
505 memset(env->pmsav8.rlar[M_REG_NS], 0,
506 sizeof(*env->pmsav8.rlar[M_REG_NS])
507 * cpu->pmsav7_dregion);
509 memset(env->pmsav8.rbar[M_REG_S], 0,
510 sizeof(*env->pmsav8.rbar[M_REG_S])
511 * cpu->pmsav7_dregion);
512 memset(env->pmsav8.rlar[M_REG_S], 0,
513 sizeof(*env->pmsav8.rlar[M_REG_S])
514 * cpu->pmsav7_dregion);
517 memset(env->pmsav7.drbar, 0,
518 sizeof(*env->pmsav7.drbar) * cpu->pmsav7_dregion);
519 memset(env->pmsav7.drsr, 0,
520 sizeof(*env->pmsav7.drsr) * cpu->pmsav7_dregion);
521 memset(env->pmsav7.dracr, 0,
522 sizeof(*env->pmsav7.dracr) * cpu->pmsav7_dregion);
526 if (cpu->pmsav8r_hdregion > 0) {
527 memset(env->pmsav8.hprbar, 0,
528 sizeof(*env->pmsav8.hprbar) * cpu->pmsav8r_hdregion);
529 memset(env->pmsav8.hprlar, 0,
530 sizeof(*env->pmsav8.hprlar) * cpu->pmsav8r_hdregion);
533 env->pmsav7.rnr[M_REG_NS] = 0;
534 env->pmsav7.rnr[M_REG_S] = 0;
535 env->pmsav8.mair0[M_REG_NS] = 0;
536 env->pmsav8.mair0[M_REG_S] = 0;
537 env->pmsav8.mair1[M_REG_NS] = 0;
538 env->pmsav8.mair1[M_REG_S] = 0;
542 if (cpu->sau_sregion > 0) {
543 memset(env->sau.rbar, 0, sizeof(*env->sau.rbar) * cpu->sau_sregion);
544 memset(env->sau.rlar, 0, sizeof(*env->sau.rlar) * cpu->sau_sregion);
546 env->sau.rnr = 0;
548 * the Cortex-M33 does.
550 env->sau.ctrl = 0;
553 set_flush_to_zero(1, &env->vfp.fp_status[FPST_STD]);
554 set_flush_inputs_to_zero(1, &env->vfp.fp_status[FPST_STD]);
555 set_default_nan_mode(1, &env->vfp.fp_status[FPST_STD]);
556 set_default_nan_mode(1, &env->vfp.fp_status[FPST_STD_F16]);
557 set_default_nan_mode(1, &env->vfp.fp_status[FPST_ZA]);
558 set_default_nan_mode(1, &env->vfp.fp_status[FPST_ZA_F16]);
559 arm_set_default_fp_behaviours(&env->vfp.fp_status[FPST_A32]);
560 arm_set_default_fp_behaviours(&env->vfp.fp_status[FPST_A64]);
561 arm_set_default_fp_behaviours(&env->vfp.fp_status[FPST_ZA]);
562 arm_set_default_fp_behaviours(&env->vfp.fp_status[FPST_STD]);
563 arm_set_default_fp_behaviours(&env->vfp.fp_status[FPST_A32_F16]);
564 arm_set_default_fp_behaviours(&env->vfp.fp_status[FPST_A64_F16]);
565 arm_set_default_fp_behaviours(&env->vfp.fp_status[FPST_ZA_F16]);
566 arm_set_default_fp_behaviours(&env->vfp.fp_status[FPST_STD_F16]);
567 arm_set_ah_fp_behaviours(&env->vfp.fp_status[FPST_AH]);
568 set_flush_to_zero(1, &env->vfp.fp_status[FPST_AH]);
569 set_flush_inputs_to_zero(1, &env->vfp.fp_status[FPST_AH]);
570 arm_set_ah_fp_behaviours(&env->vfp.fp_status[FPST_AH_F16]);
589 CPUARMState *env = &cpu->env;
622 if (env->aarch64) {
623 env->cp15.scr_el3 |= SCR_RW;
625 env->cp15.scr_el3 |= SCR_API | SCR_APK;
628 env->cp15.scr_el3 |= SCR_ATA;
631 env->cp15.cptr_el[3] |= R_CPTR_EL3_EZ_MASK;
632 env->vfp.zcr_el[3] = 0xf;
635 env->cp15.cptr_el[3] |= R_CPTR_EL3_ESM_MASK;
636 env->cp15.scr_el3 |= SCR_ENTP2;
637 env->vfp.smcr_el[3] = 0xf;
639 env->vfp.smcr_el[3] |= R_SMCR_EZT0_MASK;
643 env->cp15.scr_el3 |= SCR_HXEN;
646 env->cp15.scr_el3 |= SCR_FGTEN;
652 env->cp15.scr_el3 |= SCR_HCE;
655 /* Put CPU into non-secure state */
656 env->cp15.scr_el3 |= SCR_NS;
658 env->cp15.nsacr |= 3 << 10;
663 if (env->aarch64) {
664 env->cp15.hcr_el2 |= HCR_RW;
669 if (env->aarch64) {
670 env->pstate = aarch64_pstate_mode(target_el, true);
706 env->cp15.sctlr_el[target_el] & SCTLR_NMI && cur_el == target_el) {
707 allIntMask = env->pstate & PSTATE_ALLINT ||
708 ((env->cp15.sctlr_el[target_el] & SCTLR_SPINTMASK) &&
709 (env->pstate & PSTATE_SP));
730 pstate_unmasked = (!(env->daif & PSTATE_F)) && (!allIntMask);
734 pstate_unmasked = (!(env->daif & PSTATE_I)) && (!allIntMask);
742 return !(env->daif & PSTATE_F) && (!allIntMask);
748 return !(env->daif & PSTATE_I) && (!allIntMask);
754 return !(env->daif & PSTATE_A);
788 * The old 32-bit-only environment has a more complicated
804 scr = (env->cp15.scr_el3 & SCR_FIQ);
807 * When EL3 is 32-bit, the SCR.FW bit controls whether the
808 * CPSR.F bit masks FIQ interrupts when taken in non-secure
810 * when non-secure but only when FIQs are only routed to EL3.
812 scr = scr && !((env->cp15.scr_el3 & SCR_FW) && !hcr);
816 * When EL3 execution state is 32-bit, if HCR.IMO is set then
817 * we may override the CPSR.I masking when in non-secure state.
933 env->cp15.hcr_el2 &= ~HCR_VSE;
941 cs->exception_index = excp_idx;
942 env->exception.target_el = target_el;
943 cs->cc->tcg_ops->do_interrupt(cs);
955 CPUARMState *env = &cpu->env;
960 (env->irq_line_state & CPU_INTERRUPT_VIRQ);
962 if (new_state != ((cs->interrupt_request & CPU_INTERRUPT_VIRQ) != 0)) {
977 CPUARMState *env = &cpu->env;
982 (env->irq_line_state & CPU_INTERRUPT_VFIQ);
984 if (new_state != ((cs->interrupt_request & CPU_INTERRUPT_VFIQ) != 0)) {
999 CPUARMState *env = &cpu->env;
1004 (env->irq_line_state & CPU_INTERRUPT_VINMI);
1006 if (new_state != ((cs->interrupt_request & CPU_INTERRUPT_VINMI) != 0)) {
1020 CPUARMState *env = &cpu->env;
1026 if (new_state != ((cs->interrupt_request & CPU_INTERRUPT_VFNMI) != 0)) {
1040 CPUARMState *env = &cpu->env;
1043 bool new_state = env->cp15.hcr_el2 & HCR_VSE;
1045 if (new_state != ((cs->interrupt_request & CPU_INTERRUPT_VSERR) != 0)) {
1058 CPUARMState *env = &cpu->env;
1080 env->irq_line_state |= mask[irq];
1082 env->irq_line_state &= ~mask[irq];
1112 CPUARMState *env = &cpu->env;
1124 /* We're about to come out of WFI/WFE: disable the WFxT timer */
1126 if (cpu->wfxt_timer) {
1127 timer_del(cpu->wfxt_timer);
1143 * function auto-clears the CPU_INTERRUPT_EXITTB flag for us.
1152 CPUARMState *env = &ac->env;
1156 info->cap_arch = CS_ARCH_ARM64;
1157 info->cap_insn_unit = 4;
1158 info->cap_insn_split = 4;
1161 if (env->thumb) {
1162 info->cap_insn_unit = 2;
1163 info->cap_insn_split = 4;
1166 info->cap_insn_unit = 4;
1167 info->cap_insn_split = 4;
1176 info->cap_arch = CS_ARCH_ARM;
1177 info->cap_mode = cap_mode;
1180 info->endian = BFD_ENDIAN_LITTLE;
1182 info->endian = target_big_endian() ? BFD_ENDIAN_LITTLE : BFD_ENDIAN_BIG;
1184 info->flags &= ~INSN_ARM_BE32;
1187 info->flags |= INSN_ARM_BE32;
1195 CPUARMState *env = &cpu->env;
1203 qemu_fprintf(f, " PC=%016" PRIx64 " ", env->pc);
1206 qemu_fprintf(f, " SP=%016" PRIx64 "\n", env->xregs[i]);
1208 qemu_fprintf(f, "X%02d=%016" PRIx64 "%s", i, env->xregs[i],
1214 ns_status = env->cp15.scr_el3 & SCR_NS ? "NS " : "S ";
1220 psr & PSTATE_N ? 'N' : '-',
1221 psr & PSTATE_Z ? 'Z' : '-',
1222 psr & PSTATE_C ? 'C' : '-',
1223 psr & PSTATE_V ? 'V' : '-',
1230 env->svcr,
1231 (FIELD_EX64(env->svcr, SVCR, ZA) ? 'Z' : '-'),
1232 (FIELD_EX64(env->svcr, SVCR, SM) ? 'S' : '-'));
1252 if (cpu_isar_feature(aa64_sme, cpu) && FIELD_EX64(env->svcr, SVCR, SM)) {
1288 for (j = zcr_len / 4; j >= 0; j--) {
1296 env->vfp.pregs[i].p[j],
1308 i, env->vfp.zregs[i].d[1],
1309 env->vfp.zregs[i].d[0], i & 1 ? "\n" : " ");
1314 for (j = zcr_len; j >= 0; j--) {
1316 env->vfp.zregs[i].d[j * 2 + 1],
1317 env->vfp.zregs[i].d[j * 2 + 0],
1331 FIELD_EX64(env->svcr, SVCR, ZA) &&
1339 for (j = zcr_len; j >= 0; --j) {
1341 env->za_state.za[i].d[2 * j + 1],
1342 env->za_state.za[i].d[2 * j],
1352 CPUARMState *env = &cpu->env;
1361 qemu_fprintf(f, "R%02d=%08x", i, env->regs[i]);
1375 ns_status = env->v7m.secure ? "S " : "NS ";
1381 if (env->v7m.control[env->v7m.secure] & R_V7M_CONTROL_NPRIV_MASK) {
1382 mode = "unpriv-thread";
1384 mode = "priv-thread";
1390 xpsr & XPSR_N ? 'N' : '-',
1391 xpsr & XPSR_Z ? 'Z' : '-',
1392 xpsr & XPSR_C ? 'C' : '-',
1393 xpsr & XPSR_V ? 'V' : '-',
1403 ns_status = env->cp15.scr_el3 & SCR_NS ? "NS " : "S ";
1408 psr & CPSR_N ? 'N' : '-',
1409 psr & CPSR_Z ? 'Z' : '-',
1410 psr & CPSR_C ? 'C' : '-',
1411 psr & CPSR_V ? 'V' : '-',
1433 qemu_fprintf(f, "VPR: %08x\n", env->v7m.vpr);
1447 return cpu->mp_affinity;
1454 cpu->cp_regs = g_hash_table_new_full(g_direct_hash, g_direct_equal,
1457 QLIST_INIT(&cpu->pre_el_change_hooks);
1458 QLIST_INIT(&cpu->el_change_hooks);
1463 * The linux kernel defaults to 512-bit for SVE, and 256-bit for SME.
1468 cpu->sve_default_vq = 4;
1469 cpu->sme_default_vq = 2;
1476 * them to maintain the same interface as non-KVM CPUs.
1483 qdev_init_gpio_out(DEVICE(cpu), cpu->gt_timer_outputs,
1484 ARRAY_SIZE(cpu->gt_timer_outputs));
1486 qdev_init_gpio_out_named(DEVICE(cpu), &cpu->gicv3_maintenance_interrupt,
1487 "gicv3-maintenance-interrupt", 1);
1488 qdev_init_gpio_out_named(DEVICE(cpu), &cpu->pmu_interrupt,
1489 "pmu-interrupt", 1);
1496 cpu->dtb_compatible = "qemu,unknown";
1497 cpu->psci_version = QEMU_PSCI_VERSION_0_1; /* By default assume PSCI v0.1 */
1498 cpu->kvm_target = QEMU_KVM_ARM_TARGET_NONE;
1502 cpu->psci_version = QEMU_PSCI_VERSION_1_1;
1515 DEFINE_PROP_UINT64("reset-cbar", ARMCPU, reset_cbar, 0);
1518 DEFINE_PROP_BOOL("reset-hivecs", ARMCPU, reset_hivecs, false);
1534 DEFINE_PROP_BOOL("vfp-d32", ARMCPU, has_vfp_d32, true);
1544 DEFINE_PROP_BOOL("has-mpu", ARMCPU, has_mpu, true);
1547 * because the CPU initfn will have already set cpu->pmsav7_dregion to
1552 DEFINE_PROP_UNSIGNED_NODEFAULT("pmsav7-dregion", ARMCPU,
1561 return cpu->has_pmu;
1573 set_feature(&cpu->env, ARM_FEATURE_PMU);
1575 unset_feature(&cpu->env, ARM_FEATURE_PMU);
1577 cpu->has_pmu = value;
1584 return arm_feature(&cpu->env, ARM_FEATURE_AARCH64);
1599 "unless KVM is enabled and 32-bit EL1 "
1603 unset_feature(&cpu->env, ARM_FEATURE_AARCH64);
1605 set_feature(&cpu->env, ARM_FEATURE_AARCH64);
1614 * muldiv64(qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL), cpu->gt_cntfrq_hz,
1622 * `(NANOSECONDS_PER_SECOND % cpu->gt_cntfrq) > 0` holds. Failing to
1629 return NANOSECONDS_PER_SECOND > cpu->gt_cntfrq_hz ?
1630 NANOSECONDS_PER_SECOND / cpu->gt_cntfrq_hz : 1;
1635 CPUARMState *env = &cpu->env;
1661 * for TCG would a consistency-check failure be a QEMU bug.
1663 if (arm_feature(&cpu->env, ARM_FEATURE_AARCH64)) {
1671 * For QEMU, for backwards-compatibility we implement some
1694 * non-EL3 configs. This is needed by some legacy boards.
1736 if (arm_feature(&cpu->env, ARM_FEATURE_AARCH64)) {
1740 "Set on/off to enable/disable aarch64 "
1744 if (arm_feature(&cpu->env, ARM_FEATURE_CBAR) ||
1745 arm_feature(&cpu->env, ARM_FEATURE_CBAR_RO)) {
1749 if (!arm_feature(&cpu->env, ARM_FEATURE_M)) {
1753 if (arm_feature(&cpu->env, ARM_FEATURE_V8)) {
1755 &cpu->rvbar_prop,
1759 if (arm_feature(&cpu->env, ARM_FEATURE_EL3)) {
1765 object_property_add_link(obj, "secure-memory",
1767 (Object **)&cpu->secure_memory,
1772 if (arm_feature(&cpu->env, ARM_FEATURE_EL2)) {
1777 if (arm_feature(&cpu->env, ARM_FEATURE_PMU)) {
1778 cpu->has_pmu = true;
1783 * Allow user to turn off VFP and Neon support, but only for TCG --
1787 if (arm_feature(&cpu->env, ARM_FEATURE_AARCH64)) {
1789 cpu->has_vfp = true;
1790 cpu->has_vfp_d32 = true;
1797 cpu->has_vfp = true;
1803 cpu->has_vfp_d32 = true;
1806 * Armv8-A are either 0b0000 and 0b0010. On such CPUs,
1810 && !(arm_feature(&cpu->env, ARM_FEATURE_V8)
1811 && !arm_feature(&cpu->env, ARM_FEATURE_M))) {
1818 if (arm_feature(&cpu->env, ARM_FEATURE_NEON)) {
1819 cpu->has_neon = true;
1825 if (arm_feature(&cpu->env, ARM_FEATURE_M) &&
1826 arm_feature(&cpu->env, ARM_FEATURE_THUMB_DSP)) {
1831 if (arm_feature(&cpu->env, ARM_FEATURE_PMSA)) {
1833 if (arm_feature(&cpu->env, ARM_FEATURE_V7)) {
1839 if (arm_feature(&cpu->env, ARM_FEATURE_M_SECURITY)) {
1840 object_property_add_link(obj, "idau", TYPE_IDAU_INTERFACE, &cpu->idau,
1848 object_property_add_uint32_ptr(obj, "init-svtor",
1849 &cpu->init_svtor,
1852 if (arm_feature(&cpu->env, ARM_FEATURE_M)) {
1857 object_property_add_uint32_ptr(obj, "init-nsvtor",
1858 &cpu->init_nsvtor,
1863 object_property_add_uint32_ptr(obj, "psci-conduit",
1864 &cpu->psci_conduit,
1867 if (arm_feature(&cpu->env, ARM_FEATURE_GENERIC_TIMER)) {
1875 if (arm_feature(&cpu->env, ARM_FEATURE_AARCH64) &&
1877 object_property_add_link(obj, "tag-memory",
1879 (Object **)&cpu->tag_memory,
1883 if (arm_feature(&cpu->env, ARM_FEATURE_EL3)) {
1884 object_property_add_link(obj, "secure-tag-memory",
1886 (Object **)&cpu->secure_tag_memory,
1900 g_hash_table_destroy(cpu->cp_regs);
1902 QLIST_FOREACH_SAFE(hook, &cpu->pre_el_change_hooks, node, next) {
1906 QLIST_FOREACH_SAFE(hook, &cpu->el_change_hooks, node, next) {
1911 if (cpu->pmu_timer) {
1912 timer_free(cpu->pmu_timer);
1914 if (cpu->wfxt_timer) {
1915 timer_free(cpu->wfxt_timer);
1924 if (arm_feature(&cpu->env, ARM_FEATURE_AARCH64)) {
1973 ARMISARegisters *isar = &cpu->isar;
1975 CPUARMState *env = &cpu->env;
1979 /* Use pc-relative instructions in system-mode */
1987 if (cpu->host_cpu_probe_failed) {
1996 if (!cpu->gt_cntfrq_hz) {
2004 * We will use the back-compat value:
2005 * - for QEMU CPU types added before we standardized on 1GHz
2006 * - for versioned machine types with a version of 9.0 or earlier
2009 cpu->backcompat_cntfrq) {
2010 cpu->gt_cntfrq_hz = GTIMER_BACKCOMPAT_HZ;
2012 cpu->gt_cntfrq_hz = GTIMER_DEFAULT_HZ;
2017 /* The NVIC and M-profile CPU are two halves of a single piece of
2022 if (!env->nvic) {
2023 error_setg(errp, "This board cannot be used with Cortex-M CPUs");
2027 if (env->nvic) {
2028 error_setg(errp, "This board can only be used with Cortex-M CPUs");
2045 "Cannot enable %s when using an M-profile guest CPU",
2049 if (cpu->has_el3) {
2055 if (cpu->tag_memory) {
2066 cpu->gt_timer[GTIMER_PHYS] = timer_new(QEMU_CLOCK_VIRTUAL, scale,
2068 cpu->gt_timer[GTIMER_VIRT] = timer_new(QEMU_CLOCK_VIRTUAL, scale,
2070 cpu->gt_timer[GTIMER_HYP] = timer_new(QEMU_CLOCK_VIRTUAL, scale,
2072 cpu->gt_timer[GTIMER_SEC] = timer_new(QEMU_CLOCK_VIRTUAL, scale,
2074 cpu->gt_timer[GTIMER_HYPVIRT] = timer_new(QEMU_CLOCK_VIRTUAL, scale,
2076 cpu->gt_timer[GTIMER_S_EL2_PHYS] = timer_new(QEMU_CLOCK_VIRTUAL, scale,
2078 cpu->gt_timer[GTIMER_S_EL2_VIRT] = timer_new(QEMU_CLOCK_VIRTUAL, scale,
2098 * dual-mapped code.
2103 cpu->ctr = FIELD_DP64(cpu->ctr, CTR_EL0, DIC, 0);
2107 cpu->has_vfp != cpu->has_neon) {
2110 * more flexible and permits VFP-no-Neon and Neon-no-VFP.
2117 if (cpu->has_vfp_d32 != cpu->has_neon) {
2118 error_setg(errp, "ARM CPUs must have both VFP-D32 and Neon or neither");
2122 if (!cpu->has_vfp_d32) {
2125 u = cpu->isar.mvfr0;
2127 cpu->isar.mvfr0 = u;
2130 if (!cpu->has_vfp) {
2142 u = cpu->isar.mvfr0;
2152 cpu->isar.mvfr0 = u;
2154 u = cpu->isar.mvfr1;
2161 cpu->isar.mvfr1 = u;
2163 u = cpu->isar.mvfr2;
2165 cpu->isar.mvfr2 = u;
2168 if (!cpu->has_neon) {
2208 u = cpu->isar.mvfr1;
2213 cpu->isar.mvfr1 = u;
2215 u = cpu->isar.mvfr2;
2217 cpu->isar.mvfr2 = u;
2221 if (!cpu->has_neon && !cpu->has_vfp) {
2228 u = cpu->isar.mvfr0;
2230 cpu->isar.mvfr0 = u;
2233 u = cpu->isar.mvfr1;
2235 cpu->isar.mvfr1 = u;
2238 if (arm_feature(env, ARM_FEATURE_M) && !cpu->has_dsp) {
2296 /* This cpu-id-to-MPIDR affinity is used only for TCG; KVM will override it.
2301 if (cpu->mp_affinity == ARM64_AFFINITY_INVALID) {
2302 cpu->mp_affinity = arm_build_mp_affinity(cs->cpu_index,
2306 if (cpu->reset_hivecs) {
2307 cpu->reset_sctlr |= (1 << 13);
2310 if (cpu->cfgend) {
2312 cpu->reset_sctlr |= SCTLR_EE;
2314 cpu->reset_sctlr |= SCTLR_B;
2318 if (!arm_feature(env, ARM_FEATURE_M) && !cpu->has_el3) {
2319 /* If the has_el3 CPU property is disabled then we need to disable the
2325 * Disable the security extension feature bits in the processor
2332 /* Disable the realm management extension, which requires EL3. */
2336 if (!cpu->has_el2) {
2340 if (!cpu->has_pmu) {
2352 cpu->pmu_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, arm_pmu_timer_cb,
2358 cpu->pmceid0 = 0;
2359 cpu->pmceid1 = 0;
2364 * Disable the hypervisor feature bits in the processor feature
2373 * The architectural range of GM blocksize is 2-6, however qemu
2377 assert(cpu->gm_blocksize >= 3 && cpu->gm_blocksize <= 6);
2382 * If we run with TCG and do not have tag-memory provided by
2384 * This matches Cortex-A710 BROADCASTMTE input being LOW.
2386 if (tcg_enabled() && cpu->tag_memory == NULL) {
2394 if (kvm_enabled() && !cpu->kvm_mte) {
2402 cpu->wfxt_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL,
2412 * try to access the non-existent system registers for them.
2418 /* FEAT_TRF (Self-hosted Trace Extension) */
2433 /* MPU can be configured out of a PMSA CPU either by setting has-mpu
2434 * to false or by setting pmsav7-dregion to 0.
2436 if (!cpu->has_mpu || cpu->pmsav7_dregion == 0) {
2437 cpu->has_mpu = false;
2438 cpu->pmsav7_dregion = 0;
2439 cpu->pmsav8r_hdregion = 0;
2444 uint32_t nr = cpu->pmsav7_dregion;
2454 env->pmsav8.rbar[M_REG_NS] = g_new0(uint32_t, nr);
2455 env->pmsav8.rlar[M_REG_NS] = g_new0(uint32_t, nr);
2457 env->pmsav8.rbar[M_REG_S] = g_new0(uint32_t, nr);
2458 env->pmsav8.rlar[M_REG_S] = g_new0(uint32_t, nr);
2461 env->pmsav7.drbar = g_new0(uint32_t, nr);
2462 env->pmsav7.drsr = g_new0(uint32_t, nr);
2463 env->pmsav7.dracr = g_new0(uint32_t, nr);
2467 if (cpu->pmsav8r_hdregion > 0xff) {
2469 cpu->pmsav8r_hdregion);
2473 if (cpu->pmsav8r_hdregion) {
2474 env->pmsav8.hprbar = g_new0(uint32_t,
2475 cpu->pmsav8r_hdregion);
2476 env->pmsav8.hprlar = g_new0(uint32_t,
2477 cpu->pmsav8r_hdregion);
2482 uint32_t nr = cpu->sau_sregion;
2490 env->sau.rbar = g_new0(uint32_t, nr);
2491 env->sau.rlar = g_new0(uint32_t, nr);
2513 unsigned int smp_cpus = ms->smp.cpus;
2514 bool has_secure = cpu->has_el3 || arm_feature(env, ARM_FEATURE_M_SECURITY);
2517 * We must set cs->num_ases to the final value before
2520 if (cpu->tag_memory != NULL) {
2521 cs->num_ases = 3 + has_secure;
2523 cs->num_ases = 1 + has_secure;
2527 if (!cpu->secure_memory) {
2528 cpu->secure_memory = cs->memory;
2530 cpu_address_space_init(cs, ARMASIdx_S, "cpu-secure-memory",
2531 cpu->secure_memory);
2534 if (cpu->tag_memory != NULL) {
2535 cpu_address_space_init(cs, ARMASIdx_TagNS, "cpu-tag-memory",
2536 cpu->tag_memory);
2538 cpu_address_space_init(cs, ARMASIdx_TagS, "cpu-tag-memory",
2539 cpu->secure_tag_memory);
2543 cpu_address_space_init(cs, ARMASIdx_NS, "cpu-memory", cs->memory);
2546 if (cpu->core_count == -1) {
2547 cpu->core_count = smp_cpus;
2552 int dcz_blocklen = 4 << cpu->dcz_blocksize;
2558 * is variable and, for compatibility with -machine virt-2.7,
2578 acc->parent_realize(dev, errp);
2591 /* For backwards compatibility usermode emulation allows "-cpu any",
2592 * which has the same semantics as "-cpu max".
2608 DEFINE_PROP_UINT64("mp-affinity", ARMCPU,
2610 DEFINE_PROP_INT32("node-id", ARMCPU, node_id, CPU_UNSET_NUMA_NODE_ID),
2611 DEFINE_PROP_INT32("core-count", ARMCPU, core_count, -1),
2612 /* True to default to the backward-compat old CNTFRQ rather than 1Ghz */
2613 DEFINE_PROP_BOOL("backcompat-cntfrq", ARMCPU, backcompat_cntfrq, false),
2614 DEFINE_PROP_BOOL("backcompat-pauth-default-use-qarma5", ARMCPU,
2621 CPUARMState *env = &cpu->env;
2635 CPUARMState *env = &cpu->env;
2638 return "aarch64-core.xml";
2641 return "arm-m-profile.xml";
2643 return "arm-core.xml";
2654 * include/accel/tcg/cpu-ldst.h, and not some place linux-user specific.
2656 * Note that arm-*-user will never set tagged_addr_enable.
2661 if (env->tagged_addr_enable) {
2671 #include "hw/core/sysemu-cpu-ops.h"
2692 * Double check that we're not truncating a 40-bit physical address.
2749 &acc->parent_realize);
2754 &acc->parent_phases);
2756 cc->class_by_name = arm_cpu_class_by_name;
2757 cc->dump_state = arm_cpu_dump_state;
2758 cc->set_pc = arm_cpu_set_pc;
2759 cc->get_pc = arm_cpu_get_pc;
2760 cc->gdb_read_register = arm_cpu_gdb_read_register;
2761 cc->gdb_write_register = arm_cpu_gdb_write_register;
2763 cc->sysemu_ops = &arm_sysemu_ops;
2765 cc->gdb_arch_name = arm_gdb_arch_name;
2766 cc->gdb_get_core_xml_file = arm_gdb_get_core_xml_file;
2767 cc->gdb_stop_before_watchpoint = true;
2768 cc->disas_set_info = arm_disas_set_info;
2771 cc->tcg_ops = &arm_tcg_ops;
2779 acc->info->initfn(obj);
2788 acc->info = data;
2789 if (acc->info->deprecation_note) {
2790 cc->deprecation_note = acc->info->deprecation_note;
2799 .class_init = info->class_init ?: cpu_register_class_init,
2803 type_info.name = g_strdup_printf("%s-" TYPE_ARM_CPU, info->name);