1b7ecba0fSPeter Maydell.. 2b7ecba0fSPeter Maydell Copyright (c) 2017 Linaro Limited 3b7ecba0fSPeter Maydell Written by Peter Maydell 4b7ecba0fSPeter Maydell 5b7ecba0fSPeter Maydell=================== 6b7ecba0fSPeter MaydellLoad and Store APIs 7b7ecba0fSPeter Maydell=================== 8b7ecba0fSPeter Maydell 9b7ecba0fSPeter MaydellQEMU internally has multiple families of functions for performing 10b7ecba0fSPeter Maydellloads and stores. This document attempts to enumerate them all 11b7ecba0fSPeter Maydelland indicate when to use them. It does not provide detailed 12b7ecba0fSPeter Maydelldocumentation of each API -- for that you should look at the 13b7ecba0fSPeter Maydelldocumentation comments in the relevant header files. 14b7ecba0fSPeter Maydell 15b7ecba0fSPeter Maydell 16b7ecba0fSPeter Maydell``ld*_p and st*_p`` 17b7ecba0fSPeter Maydell~~~~~~~~~~~~~~~~~~~ 18b7ecba0fSPeter Maydell 19b7ecba0fSPeter MaydellThese functions operate on a host pointer, and should be used 20b7ecba0fSPeter Maydellwhen you already have a pointer into host memory (corresponding 21b7ecba0fSPeter Maydellto guest ram or a local buffer). They deal with doing accesses 22b7ecba0fSPeter Maydellwith the desired endianness and with correctly handling 23b7ecba0fSPeter Maydellpotentially unaligned pointer values. 24b7ecba0fSPeter Maydell 25b7ecba0fSPeter MaydellFunction names follow the pattern: 26b7ecba0fSPeter Maydell 27f930224fSPeter Maydellload: ``ld{sign}{size}_{endian}_p(ptr)`` 28b7ecba0fSPeter Maydell 29f930224fSPeter Maydellstore: ``st{size}_{endian}_p(ptr, val)`` 30b7ecba0fSPeter Maydell 31b7ecba0fSPeter Maydell``sign`` 32f930224fSPeter Maydell - (empty) : for 32 or 64 bit sizes 33b7ecba0fSPeter Maydell - ``u`` : unsigned 34b7ecba0fSPeter Maydell - ``s`` : signed 35b7ecba0fSPeter Maydell 36b7ecba0fSPeter Maydell``size`` 37b7ecba0fSPeter Maydell - ``b`` : 8 bits 38b7ecba0fSPeter Maydell - ``w`` : 16 bits 39b7ecba0fSPeter Maydell - ``l`` : 32 bits 40b7ecba0fSPeter Maydell - ``q`` : 64 bits 41b7ecba0fSPeter Maydell 42b7ecba0fSPeter Maydell``endian`` 43b7ecba0fSPeter Maydell - ``he`` : host endian 44b7ecba0fSPeter Maydell - ``be`` : big endian 45b7ecba0fSPeter Maydell - ``le`` : little endian 46b7ecba0fSPeter Maydell 47b7ecba0fSPeter MaydellThe ``_{endian}`` infix is omitted for target-endian accesses. 48b7ecba0fSPeter Maydell 49b7ecba0fSPeter MaydellThe target endian accessors are only available to source 50b7ecba0fSPeter Maydellfiles which are built per-target. 51b7ecba0fSPeter Maydell 52afa4f665SPeter MaydellThere are also functions which take the size as an argument: 53afa4f665SPeter Maydell 54afa4f665SPeter Maydellload: ``ldn{endian}_p(ptr, sz)`` 55afa4f665SPeter Maydell 56afa4f665SPeter Maydellwhich performs an unsigned load of ``sz`` bytes from ``ptr`` 57afa4f665SPeter Maydellas an ``{endian}`` order value and returns it in a uint64_t. 58afa4f665SPeter Maydell 59afa4f665SPeter Maydellstore: ``stn{endian}_p(ptr, sz, val)`` 60afa4f665SPeter Maydell 61afa4f665SPeter Maydellwhich stores ``val`` to ``ptr`` as an ``{endian}`` order value 62afa4f665SPeter Maydellof size ``sz`` bytes. 63afa4f665SPeter Maydell 64afa4f665SPeter Maydell 65b7ecba0fSPeter MaydellRegexes for git grep 66f930224fSPeter Maydell - ``\<ld[us]\?[bwlq]\(_[hbl]e\)\?_p\>`` 67f930224fSPeter Maydell - ``\<st[bwlq]\(_[hbl]e\)\?_p\>`` 68afa4f665SPeter Maydell - ``\<ldn_\([hbl]e\)?_p\>`` 69afa4f665SPeter Maydell - ``\<stn_\([hbl]e\)?_p\>`` 70b7ecba0fSPeter Maydell 71f83bcecbSRichard Henderson``cpu_{ld,st}*_mmu`` 72f83bcecbSRichard Henderson~~~~~~~~~~~~~~~~~~~~ 73b7ecba0fSPeter Maydell 74f83bcecbSRichard HendersonThese functions operate on a guest virtual address, plus a context 75f83bcecbSRichard Hendersonknown as a "mmu index" which controls how that virtual address is 76f83bcecbSRichard Hendersontranslated, plus a ``MemOp`` which contains alignment requirements 77f83bcecbSRichard Hendersonamong other things. The ``MemOp`` and mmu index are combined into 78f83bcecbSRichard Hendersona single argument of type ``MemOpIdx``. 79f83bcecbSRichard Henderson 80f83bcecbSRichard HendersonThe meaning of the indexes are target specific, but specifying a 81f83bcecbSRichard Hendersonparticular index might be necessary if, for instance, the helper 82f83bcecbSRichard Hendersonrequires a "always as non-privileged" access rather than the 83f83bcecbSRichard Hendersondefault access for the current state of the guest CPU. 84b7ecba0fSPeter Maydell 85f4e1bae2SRichard HendersonThese functions may cause a guest CPU exception to be taken 86f4e1bae2SRichard Henderson(e.g. for an alignment fault or MMU fault) which will result in 87f4e1bae2SRichard Hendersonguest CPU state being updated and control longjmp'ing out of the 88f4e1bae2SRichard Hendersonfunction call. They should therefore only be used in code that is 89f4e1bae2SRichard Hendersonimplementing emulation of the guest CPU. 90f4e1bae2SRichard Henderson 91f4e1bae2SRichard HendersonThe ``retaddr`` parameter is used to control unwinding of the 92f4e1bae2SRichard Hendersonguest CPU state in case of a guest CPU exception. This is passed 93f4e1bae2SRichard Hendersonto ``cpu_restore_state()``. Therefore the value should either be 0, 94f4e1bae2SRichard Hendersonto indicate that the guest CPU state is already synchronized, or 95f4e1bae2SRichard Hendersonthe result of ``GETPC()`` from the top level ``HELPER(foo)`` 96a0c0c9f8SEmanuele Giuseppe Espositofunction, which is a return address into the generated code [#gpc]_. 97a0c0c9f8SEmanuele Giuseppe Esposito 98a0c0c9f8SEmanuele Giuseppe Esposito.. [#gpc] Note that ``GETPC()`` should be used with great care: calling 99a0c0c9f8SEmanuele Giuseppe Esposito it in other functions that are *not* the top level 100a0c0c9f8SEmanuele Giuseppe Esposito ``HELPER(foo)`` will cause unexpected behavior. Instead, the 101a0c0c9f8SEmanuele Giuseppe Esposito value of ``GETPC()`` should be read from the helper and passed 102a0c0c9f8SEmanuele Giuseppe Esposito if needed to the functions that the helper calls. 103b7ecba0fSPeter Maydell 104b7ecba0fSPeter MaydellFunction names follow the pattern: 105b7ecba0fSPeter Maydell 106f83bcecbSRichard Hendersonload: ``cpu_ld{size}{end}_mmu(env, ptr, oi, retaddr)`` 107f83bcecbSRichard Henderson 108f83bcecbSRichard Hendersonstore: ``cpu_st{size}{end}_mmu(env, ptr, val, oi, retaddr)`` 109f83bcecbSRichard Henderson 110f83bcecbSRichard Henderson``size`` 111f83bcecbSRichard Henderson - ``b`` : 8 bits 112f83bcecbSRichard Henderson - ``w`` : 16 bits 113f83bcecbSRichard Henderson - ``l`` : 32 bits 114f83bcecbSRichard Henderson - ``q`` : 64 bits 115f83bcecbSRichard Henderson 116f83bcecbSRichard Henderson``end`` 117f83bcecbSRichard Henderson - (empty) : for target endian, or 8 bit sizes 118f83bcecbSRichard Henderson - ``_be`` : big endian 119f83bcecbSRichard Henderson - ``_le`` : little endian 120f83bcecbSRichard Henderson 121f83bcecbSRichard HendersonRegexes for git grep: 122f83bcecbSRichard Henderson - ``\<cpu_ld[bwlq](_[bl]e)\?_mmu\>`` 123f83bcecbSRichard Henderson - ``\<cpu_st[bwlq](_[bl]e)\?_mmu\>`` 124f83bcecbSRichard Henderson 125f83bcecbSRichard Henderson 126f83bcecbSRichard Henderson``cpu_{ld,st}*_mmuidx_ra`` 127f83bcecbSRichard Henderson~~~~~~~~~~~~~~~~~~~~~~~~~~ 128f83bcecbSRichard Henderson 129f83bcecbSRichard HendersonThese functions work like the ``cpu_{ld,st}_mmu`` functions except 130f83bcecbSRichard Hendersonthat the ``mmuidx`` parameter is not combined with a ``MemOp``, 131f83bcecbSRichard Hendersonand therefore there is no required alignment supplied or enforced. 132f83bcecbSRichard Henderson 133f83bcecbSRichard HendersonFunction names follow the pattern: 134f83bcecbSRichard Henderson 135b9e60257SRichard Hendersonload: ``cpu_ld{sign}{size}{end}_mmuidx_ra(env, ptr, mmuidx, retaddr)`` 136b7ecba0fSPeter Maydell 137b9e60257SRichard Hendersonstore: ``cpu_st{size}{end}_mmuidx_ra(env, ptr, val, mmuidx, retaddr)`` 138b7ecba0fSPeter Maydell 139b7ecba0fSPeter Maydell``sign`` 140b7ecba0fSPeter Maydell - (empty) : for 32 or 64 bit sizes 141b7ecba0fSPeter Maydell - ``u`` : unsigned 142b7ecba0fSPeter Maydell - ``s`` : signed 143b7ecba0fSPeter Maydell 144b7ecba0fSPeter Maydell``size`` 145b7ecba0fSPeter Maydell - ``b`` : 8 bits 146b7ecba0fSPeter Maydell - ``w`` : 16 bits 147b7ecba0fSPeter Maydell - ``l`` : 32 bits 148b7ecba0fSPeter Maydell - ``q`` : 64 bits 149b7ecba0fSPeter Maydell 150b9e60257SRichard Henderson``end`` 151b9e60257SRichard Henderson - (empty) : for target endian, or 8 bit sizes 152b9e60257SRichard Henderson - ``_be`` : big endian 153b9e60257SRichard Henderson - ``_le`` : little endian 154b9e60257SRichard Henderson 155f4e1bae2SRichard HendersonRegexes for git grep: 156b9e60257SRichard Henderson - ``\<cpu_ld[us]\?[bwlq](_[bl]e)\?_mmuidx_ra\>`` 157b9e60257SRichard Henderson - ``\<cpu_st[bwlq](_[bl]e)\?_mmuidx_ra\>`` 158b7ecba0fSPeter Maydell 159f4e1bae2SRichard Henderson``cpu_{ld,st}*_data_ra`` 160f4e1bae2SRichard Henderson~~~~~~~~~~~~~~~~~~~~~~~~ 161b7ecba0fSPeter Maydell 162f4e1bae2SRichard HendersonThese functions work like the ``cpu_{ld,st}_mmuidx_ra`` functions 163f4e1bae2SRichard Hendersonexcept that the ``mmuidx`` parameter is taken from the current mode 164f4e1bae2SRichard Hendersonof the guest CPU, as determined by ``cpu_mmu_index(env, false)``. 165b7ecba0fSPeter Maydell 166b7ecba0fSPeter MaydellThese are generally the preferred way to do accesses by guest 167f4e1bae2SRichard Hendersonvirtual address from helper functions, unless the access should 168f83bcecbSRichard Hendersonbe performed with a context other than the default, or alignment 169f83bcecbSRichard Hendersonshould be enforced for the access. 170b7ecba0fSPeter Maydell 171b7ecba0fSPeter MaydellFunction names follow the pattern: 172b7ecba0fSPeter Maydell 173b9e60257SRichard Hendersonload: ``cpu_ld{sign}{size}{end}_data_ra(env, ptr, ra)`` 174b7ecba0fSPeter Maydell 175b9e60257SRichard Hendersonstore: ``cpu_st{size}{end}_data_ra(env, ptr, val, ra)`` 176f4e1bae2SRichard Henderson 177f4e1bae2SRichard Henderson``sign`` 178f4e1bae2SRichard Henderson - (empty) : for 32 or 64 bit sizes 179f4e1bae2SRichard Henderson - ``u`` : unsigned 180f4e1bae2SRichard Henderson - ``s`` : signed 181f4e1bae2SRichard Henderson 182f4e1bae2SRichard Henderson``size`` 183f4e1bae2SRichard Henderson - ``b`` : 8 bits 184f4e1bae2SRichard Henderson - ``w`` : 16 bits 185f4e1bae2SRichard Henderson - ``l`` : 32 bits 186f4e1bae2SRichard Henderson - ``q`` : 64 bits 187f4e1bae2SRichard Henderson 188b9e60257SRichard Henderson``end`` 189b9e60257SRichard Henderson - (empty) : for target endian, or 8 bit sizes 190b9e60257SRichard Henderson - ``_be`` : big endian 191b9e60257SRichard Henderson - ``_le`` : little endian 192b9e60257SRichard Henderson 193f4e1bae2SRichard HendersonRegexes for git grep: 194b9e60257SRichard Henderson - ``\<cpu_ld[us]\?[bwlq](_[bl]e)\?_data_ra\>`` 195b9e60257SRichard Henderson - ``\<cpu_st[bwlq](_[bl]e)\?_data_ra\>`` 196f4e1bae2SRichard Henderson 197f4e1bae2SRichard Henderson``cpu_{ld,st}*_data`` 198f4e1bae2SRichard Henderson~~~~~~~~~~~~~~~~~~~~~ 199f4e1bae2SRichard Henderson 200f4e1bae2SRichard HendersonThese functions work like the ``cpu_{ld,st}_data_ra`` functions 201f4e1bae2SRichard Hendersonexcept that the ``retaddr`` parameter is 0, and thus does not 202f4e1bae2SRichard Hendersonunwind guest CPU state. 203f4e1bae2SRichard Henderson 204f4e1bae2SRichard HendersonThis means they must only be used from helper functions where the 205f4e1bae2SRichard Hendersontranslator has saved all necessary CPU state. These functions are 206f4e1bae2SRichard Hendersonthe right choice for calls made from hooks like the CPU ``do_interrupt`` 207f4e1bae2SRichard Hendersonhook or when you know for certain that the translator had to save all 208f4e1bae2SRichard Hendersonthe CPU state anyway. 209f4e1bae2SRichard Henderson 210f4e1bae2SRichard HendersonFunction names follow the pattern: 211f4e1bae2SRichard Henderson 212b9e60257SRichard Hendersonload: ``cpu_ld{sign}{size}{end}_data(env, ptr)`` 213f4e1bae2SRichard Henderson 214b9e60257SRichard Hendersonstore: ``cpu_st{size}{end}_data(env, ptr, val)`` 215f4e1bae2SRichard Henderson 216f4e1bae2SRichard Henderson``sign`` 217f4e1bae2SRichard Henderson - (empty) : for 32 or 64 bit sizes 218f4e1bae2SRichard Henderson - ``u`` : unsigned 219f4e1bae2SRichard Henderson - ``s`` : signed 220f4e1bae2SRichard Henderson 221f4e1bae2SRichard Henderson``size`` 222f4e1bae2SRichard Henderson - ``b`` : 8 bits 223f4e1bae2SRichard Henderson - ``w`` : 16 bits 224f4e1bae2SRichard Henderson - ``l`` : 32 bits 225f4e1bae2SRichard Henderson - ``q`` : 64 bits 226b7ecba0fSPeter Maydell 227b9e60257SRichard Henderson``end`` 228b9e60257SRichard Henderson - (empty) : for target endian, or 8 bit sizes 229b9e60257SRichard Henderson - ``_be`` : big endian 230b9e60257SRichard Henderson - ``_le`` : little endian 231b9e60257SRichard Henderson 232b7ecba0fSPeter MaydellRegexes for git grep 233b9e60257SRichard Henderson - ``\<cpu_ld[us]\?[bwlq](_[bl]e)\?_data\>`` 234b9e60257SRichard Henderson - ``\<cpu_st[bwlq](_[bl]e)\?_data\+\>`` 235b7ecba0fSPeter Maydell 236f4e1bae2SRichard Henderson``cpu_ld*_code`` 237f4e1bae2SRichard Henderson~~~~~~~~~~~~~~~~ 238f4e1bae2SRichard Henderson 239f4e1bae2SRichard HendersonThese functions perform a read for instruction execution. The ``mmuidx`` 240f4e1bae2SRichard Hendersonparameter is taken from the current mode of the guest CPU, as determined 241f4e1bae2SRichard Hendersonby ``cpu_mmu_index(env, true)``. The ``retaddr`` parameter is 0, and 242f4e1bae2SRichard Hendersonthus does not unwind guest CPU state, because CPU state is always 243f4e1bae2SRichard Hendersonsynchronized while translating instructions. Any guest CPU exception 244f4e1bae2SRichard Hendersonthat is raised will indicate an instruction execution fault rather than 245f4e1bae2SRichard Hendersona data read fault. 246f4e1bae2SRichard Henderson 247f4e1bae2SRichard HendersonIn general these functions should not be used directly during translation. 248f4e1bae2SRichard HendersonThere are wrapper functions that are to be used which also take care of 249f4e1bae2SRichard Hendersonplugins for tracing. 250f4e1bae2SRichard Henderson 251f4e1bae2SRichard HendersonFunction names follow the pattern: 252f4e1bae2SRichard Henderson 253f4e1bae2SRichard Hendersonload: ``cpu_ld{sign}{size}_code(env, ptr)`` 254f4e1bae2SRichard Henderson 255f4e1bae2SRichard Henderson``sign`` 256f4e1bae2SRichard Henderson - (empty) : for 32 or 64 bit sizes 257f4e1bae2SRichard Henderson - ``u`` : unsigned 258f4e1bae2SRichard Henderson - ``s`` : signed 259f4e1bae2SRichard Henderson 260f4e1bae2SRichard Henderson``size`` 261f4e1bae2SRichard Henderson - ``b`` : 8 bits 262f4e1bae2SRichard Henderson - ``w`` : 16 bits 263f4e1bae2SRichard Henderson - ``l`` : 32 bits 264f4e1bae2SRichard Henderson - ``q`` : 64 bits 265f4e1bae2SRichard Henderson 266f4e1bae2SRichard HendersonRegexes for git grep: 267f4e1bae2SRichard Henderson - ``\<cpu_ld[us]\?[bwlq]_code\>`` 268f4e1bae2SRichard Henderson 269f4e1bae2SRichard Henderson``translator_ld*`` 270f4e1bae2SRichard Henderson~~~~~~~~~~~~~~~~~~ 271f4e1bae2SRichard Henderson 272f4e1bae2SRichard HendersonThese functions are a wrapper for ``cpu_ld*_code`` which also perform 273f4e1bae2SRichard Hendersonany actions required by any tracing plugins. They are only to be 274f4e1bae2SRichard Hendersoncalled during the translator callback ``translate_insn``. 275f4e1bae2SRichard Henderson 276f4e1bae2SRichard HendersonThere is a set of functions ending in ``_swap`` which, if the parameter 277f4e1bae2SRichard Hendersonis true, returns the value in the endianness that is the reverse of 278*ee3eb3a7SMarc-André Lureauthe guest native endianness, as determined by ``TARGET_BIG_ENDIAN``. 279f4e1bae2SRichard Henderson 280f4e1bae2SRichard HendersonFunction names follow the pattern: 281f4e1bae2SRichard Henderson 282f4e1bae2SRichard Hendersonload: ``translator_ld{sign}{size}(env, ptr)`` 283f4e1bae2SRichard Henderson 284f4e1bae2SRichard Hendersonswap: ``translator_ld{sign}{size}_swap(env, ptr, swap)`` 285f4e1bae2SRichard Henderson 286f4e1bae2SRichard Henderson``sign`` 287f4e1bae2SRichard Henderson - (empty) : for 32 or 64 bit sizes 288f4e1bae2SRichard Henderson - ``u`` : unsigned 289f4e1bae2SRichard Henderson - ``s`` : signed 290f4e1bae2SRichard Henderson 291f4e1bae2SRichard Henderson``size`` 292f4e1bae2SRichard Henderson - ``b`` : 8 bits 293f4e1bae2SRichard Henderson - ``w`` : 16 bits 294f4e1bae2SRichard Henderson - ``l`` : 32 bits 295f4e1bae2SRichard Henderson - ``q`` : 64 bits 296f4e1bae2SRichard Henderson 297f4e1bae2SRichard HendersonRegexes for git grep 298f4e1bae2SRichard Henderson - ``\<translator_ld[us]\?[bwlq]\(_swap\)\?\>`` 299f4e1bae2SRichard Henderson 300f4e1bae2SRichard Henderson``helper_*_{ld,st}*_mmu`` 301f4e1bae2SRichard Henderson~~~~~~~~~~~~~~~~~~~~~~~~~ 302b7ecba0fSPeter Maydell 303b7ecba0fSPeter MaydellThese functions are intended primarily to be called by the code 304b7ecba0fSPeter Maydellgenerated by the TCG backend. They may also be called by target 305f4e1bae2SRichard HendersonCPU helper function code. Like the ``cpu_{ld,st}_mmuidx_ra`` functions 306f4e1bae2SRichard Hendersonthey perform accesses by guest virtual address, with a given ``mmuidx``. 307b7ecba0fSPeter Maydell 308f4e1bae2SRichard HendersonThese functions specify an ``opindex`` parameter which encodes 309f4e1bae2SRichard Henderson(among other things) the mmu index to use for the access. This parameter 310f4e1bae2SRichard Hendersonshould be created by calling ``make_memop_idx()``. 311b7ecba0fSPeter Maydell 312b7ecba0fSPeter MaydellThe ``retaddr`` parameter should be the result of GETPC() called directly 313b7ecba0fSPeter Maydellfrom the top level HELPER(foo) function (or 0 if no guest CPU state 314b7ecba0fSPeter Maydellunwinding is required). 315b7ecba0fSPeter Maydell 316b7ecba0fSPeter Maydell**TODO** The names of these functions are a bit odd for historical 317b7ecba0fSPeter Maydellreasons because they were originally expected to be called only from 318f4e1bae2SRichard Hendersonwithin generated code. We should rename them to bring them more in 319f4e1bae2SRichard Hendersonline with the other memory access functions. The explicit endianness 320f4e1bae2SRichard Hendersonis the only feature they have beyond ``*_mmuidx_ra``. 321b7ecba0fSPeter Maydell 322b7ecba0fSPeter Maydellload: ``helper_{endian}_ld{sign}{size}_mmu(env, addr, opindex, retaddr)`` 323b7ecba0fSPeter Maydell 324b7ecba0fSPeter Maydellstore: ``helper_{endian}_st{size}_mmu(env, addr, val, opindex, retaddr)`` 325b7ecba0fSPeter Maydell 326b7ecba0fSPeter Maydell``sign`` 327b7ecba0fSPeter Maydell - (empty) : for 32 or 64 bit sizes 328b7ecba0fSPeter Maydell - ``u`` : unsigned 329b7ecba0fSPeter Maydell - ``s`` : signed 330b7ecba0fSPeter Maydell 331b7ecba0fSPeter Maydell``size`` 332b7ecba0fSPeter Maydell - ``b`` : 8 bits 333b7ecba0fSPeter Maydell - ``w`` : 16 bits 334b7ecba0fSPeter Maydell - ``l`` : 32 bits 335b7ecba0fSPeter Maydell - ``q`` : 64 bits 336b7ecba0fSPeter Maydell 337b7ecba0fSPeter Maydell``endian`` 338b7ecba0fSPeter Maydell - ``le`` : little endian 339b7ecba0fSPeter Maydell - ``be`` : big endian 340b7ecba0fSPeter Maydell - ``ret`` : target endianness 341b7ecba0fSPeter Maydell 342b7ecba0fSPeter MaydellRegexes for git grep 343fc4120a3SRichard Henderson - ``\<helper_\(le\|be\|ret\)_ld[us]\?[bwlq]_mmu\>`` 344b7ecba0fSPeter Maydell - ``\<helper_\(le\|be\|ret\)_st[bwlq]_mmu\>`` 345b7ecba0fSPeter Maydell 346b7ecba0fSPeter Maydell``address_space_*`` 347b7ecba0fSPeter Maydell~~~~~~~~~~~~~~~~~~~ 348b7ecba0fSPeter Maydell 349b7ecba0fSPeter MaydellThese functions are the primary ones to use when emulating CPU 350b7ecba0fSPeter Maydellor device memory accesses. They take an AddressSpace, which is the 351b7ecba0fSPeter Maydellway QEMU defines the view of memory that a device or CPU has. 352b7ecba0fSPeter Maydell(They generally correspond to being the "master" end of a hardware bus 353b7ecba0fSPeter Maydellor bus fabric.) 354b7ecba0fSPeter Maydell 355b7ecba0fSPeter MaydellEach CPU has an AddressSpace. Some kinds of CPU have more than 3566fe6d6c9SPeter Maydellone AddressSpace (for instance Arm guest CPUs have an AddressSpace 357b7ecba0fSPeter Maydellfor the Secure world and one for NonSecure if they implement TrustZone). 358b7ecba0fSPeter MaydellDevices which can do DMA-type operations should generally have an 359b7ecba0fSPeter MaydellAddressSpace. There is also a "system address space" which typically 360b7ecba0fSPeter Maydellhas all the devices and memory that all CPUs can see. (Some older 361b7ecba0fSPeter Maydelldevice models use the "system address space" rather than properly 362b7ecba0fSPeter Maydellmodelling that they have an AddressSpace of their own.) 363b7ecba0fSPeter Maydell 364b7ecba0fSPeter MaydellFunctions are provided for doing byte-buffer reads and writes, 365b7ecba0fSPeter Maydelland also for doing one-data-item loads and stores. 366b7ecba0fSPeter Maydell 367b7ecba0fSPeter MaydellIn all cases the caller provides a MemTxAttrs to specify bus 368b7ecba0fSPeter Maydelltransaction attributes, and can check whether the memory transaction 369b7ecba0fSPeter Maydellsucceeded using a MemTxResult return code. 370b7ecba0fSPeter Maydell 371b7ecba0fSPeter Maydell``address_space_read(address_space, addr, attrs, buf, len)`` 372b7ecba0fSPeter Maydell 373b7ecba0fSPeter Maydell``address_space_write(address_space, addr, attrs, buf, len)`` 374b7ecba0fSPeter Maydell 375b7ecba0fSPeter Maydell``address_space_rw(address_space, addr, attrs, buf, len, is_write)`` 376b7ecba0fSPeter Maydell 377b7ecba0fSPeter Maydell``address_space_ld{sign}{size}_{endian}(address_space, addr, attrs, txresult)`` 378b7ecba0fSPeter Maydell 379b7ecba0fSPeter Maydell``address_space_st{size}_{endian}(address_space, addr, val, attrs, txresult)`` 380b7ecba0fSPeter Maydell 381b7ecba0fSPeter Maydell``sign`` 382b7ecba0fSPeter Maydell - (empty) : for 32 or 64 bit sizes 383b7ecba0fSPeter Maydell - ``u`` : unsigned 384b7ecba0fSPeter Maydell 385b7ecba0fSPeter Maydell(No signed load operations are provided.) 386b7ecba0fSPeter Maydell 387b7ecba0fSPeter Maydell``size`` 388b7ecba0fSPeter Maydell - ``b`` : 8 bits 389b7ecba0fSPeter Maydell - ``w`` : 16 bits 390b7ecba0fSPeter Maydell - ``l`` : 32 bits 391b7ecba0fSPeter Maydell - ``q`` : 64 bits 392b7ecba0fSPeter Maydell 393b7ecba0fSPeter Maydell``endian`` 394b7ecba0fSPeter Maydell - ``le`` : little endian 395b7ecba0fSPeter Maydell - ``be`` : big endian 396b7ecba0fSPeter Maydell 397b7ecba0fSPeter MaydellThe ``_{endian}`` suffix is omitted for byte accesses. 398b7ecba0fSPeter Maydell 399b7ecba0fSPeter MaydellRegexes for git grep 400b7ecba0fSPeter Maydell - ``\<address_space_\(read\|write\|rw\)\>`` 401b7ecba0fSPeter Maydell - ``\<address_space_ldu\?[bwql]\(_[lb]e\)\?\>`` 402b7ecba0fSPeter Maydell - ``\<address_space_st[bwql]\(_[lb]e\)\?\>`` 403b7ecba0fSPeter Maydell 4043c8133f9SPeter Maydell``address_space_write_rom`` 4053c8133f9SPeter Maydell~~~~~~~~~~~~~~~~~~~~~~~~~~~ 4063c8133f9SPeter Maydell 4073c8133f9SPeter MaydellThis function performs a write by physical address like 4083c8133f9SPeter Maydell``address_space_write``, except that if the write is to a ROM then 4093c8133f9SPeter Maydellthe ROM contents will be modified, even though a write by the guest 4103c8133f9SPeter MaydellCPU to the ROM would be ignored. This is used for non-guest writes 4113c8133f9SPeter Maydelllike writes from the gdb debug stub or initial loading of ROM contents. 4123c8133f9SPeter Maydell 4133c8133f9SPeter MaydellNote that portions of the write which attempt to write data to a 4143c8133f9SPeter Maydelldevice will be silently ignored -- only real RAM and ROM will 4153c8133f9SPeter Maydellbe written to. 4163c8133f9SPeter Maydell 4173c8133f9SPeter MaydellRegexes for git grep 4183c8133f9SPeter Maydell - ``address_space_write_rom`` 4193c8133f9SPeter Maydell 420b7ecba0fSPeter Maydell``{ld,st}*_phys`` 421b7ecba0fSPeter Maydell~~~~~~~~~~~~~~~~~ 422b7ecba0fSPeter Maydell 423b7ecba0fSPeter MaydellThese are functions which are identical to 424b7ecba0fSPeter Maydell``address_space_{ld,st}*``, except that they always pass 425b7ecba0fSPeter Maydell``MEMTXATTRS_UNSPECIFIED`` for the transaction attributes, and ignore 426b7ecba0fSPeter Maydellwhether the transaction succeeded or failed. 427b7ecba0fSPeter Maydell 428b7ecba0fSPeter MaydellThe fact that they ignore whether the transaction succeeded means 429b7ecba0fSPeter Maydellthey should not be used in new code, unless you know for certain 430b7ecba0fSPeter Maydellthat your code will only be used in a context where the CPU or 431b7ecba0fSPeter Maydelldevice doing the access has no way to report such an error. 432b7ecba0fSPeter Maydell 433b7ecba0fSPeter Maydell``load: ld{sign}{size}_{endian}_phys`` 434b7ecba0fSPeter Maydell 435b7ecba0fSPeter Maydell``store: st{size}_{endian}_phys`` 436b7ecba0fSPeter Maydell 437b7ecba0fSPeter Maydell``sign`` 438b7ecba0fSPeter Maydell - (empty) : for 32 or 64 bit sizes 439b7ecba0fSPeter Maydell - ``u`` : unsigned 440b7ecba0fSPeter Maydell 441b7ecba0fSPeter Maydell(No signed load operations are provided.) 442b7ecba0fSPeter Maydell 443b7ecba0fSPeter Maydell``size`` 444b7ecba0fSPeter Maydell - ``b`` : 8 bits 445b7ecba0fSPeter Maydell - ``w`` : 16 bits 446b7ecba0fSPeter Maydell - ``l`` : 32 bits 447b7ecba0fSPeter Maydell - ``q`` : 64 bits 448b7ecba0fSPeter Maydell 449b7ecba0fSPeter Maydell``endian`` 450b7ecba0fSPeter Maydell - ``le`` : little endian 451b7ecba0fSPeter Maydell - ``be`` : big endian 452b7ecba0fSPeter Maydell 453b7ecba0fSPeter MaydellThe ``_{endian}_`` infix is omitted for byte accesses. 454b7ecba0fSPeter Maydell 455b7ecba0fSPeter MaydellRegexes for git grep 456b7ecba0fSPeter Maydell - ``\<ldu\?[bwlq]\(_[bl]e\)\?_phys\>`` 457b7ecba0fSPeter Maydell - ``\<st[bwlq]\(_[bl]e\)\?_phys\>`` 458b7ecba0fSPeter Maydell 459b7ecba0fSPeter Maydell``cpu_physical_memory_*`` 460b7ecba0fSPeter Maydell~~~~~~~~~~~~~~~~~~~~~~~~~ 461b7ecba0fSPeter Maydell 462b7ecba0fSPeter MaydellThese are convenience functions which are identical to 463b7ecba0fSPeter Maydell``address_space_*`` but operate specifically on the system address space, 464b7ecba0fSPeter Maydellalways pass a ``MEMTXATTRS_UNSPECIFIED`` set of memory attributes and 465b7ecba0fSPeter Maydellignore whether the memory transaction succeeded or failed. 466b7ecba0fSPeter MaydellFor new code they are better avoided: 467b7ecba0fSPeter Maydell 468b7ecba0fSPeter Maydell* there is likely to be behaviour you need to model correctly for a 469b7ecba0fSPeter Maydell failed read or write operation 470b7ecba0fSPeter Maydell* a device should usually perform operations on its own AddressSpace 471b7ecba0fSPeter Maydell rather than using the system address space 472b7ecba0fSPeter Maydell 473b7ecba0fSPeter Maydell``cpu_physical_memory_read`` 474b7ecba0fSPeter Maydell 475b7ecba0fSPeter Maydell``cpu_physical_memory_write`` 476b7ecba0fSPeter Maydell 477b7ecba0fSPeter Maydell``cpu_physical_memory_rw`` 478b7ecba0fSPeter Maydell 479b7ecba0fSPeter MaydellRegexes for git grep 480b7ecba0fSPeter Maydell - ``\<cpu_physical_memory_\(read\|write\|rw\)\>`` 481b7ecba0fSPeter Maydell 482b7ecba0fSPeter Maydell``cpu_memory_rw_debug`` 483b7ecba0fSPeter Maydell~~~~~~~~~~~~~~~~~~~~~~~ 484b7ecba0fSPeter Maydell 485b7ecba0fSPeter MaydellAccess CPU memory by virtual address for debug purposes. 486b7ecba0fSPeter Maydell 487b7ecba0fSPeter MaydellThis function is intended for use by the GDB stub and similar code. 488b7ecba0fSPeter MaydellIt takes a virtual address, converts it to a physical address via 489b7ecba0fSPeter Maydellan MMU lookup using the current settings of the specified CPU, 490b7ecba0fSPeter Maydelland then performs the access (using ``address_space_rw`` for 491b7ecba0fSPeter Maydellreads or ``cpu_physical_memory_write_rom`` for writes). 492b7ecba0fSPeter MaydellThis means that if the access is a write to a ROM then this 493b7ecba0fSPeter Maydellfunction will modify the contents (whereas a normal guest CPU access 494b7ecba0fSPeter Maydellwould ignore the write attempt). 495b7ecba0fSPeter Maydell 496b7ecba0fSPeter Maydell``cpu_memory_rw_debug`` 497b7ecba0fSPeter Maydell 498b7ecba0fSPeter Maydell``dma_memory_*`` 499b7ecba0fSPeter Maydell~~~~~~~~~~~~~~~~ 500b7ecba0fSPeter Maydell 501b7ecba0fSPeter MaydellThese behave like ``address_space_*``, except that they perform a DMA 502b7ecba0fSPeter Maydellbarrier operation first. 503b7ecba0fSPeter Maydell 504b7ecba0fSPeter Maydell**TODO**: We should provide guidance on when you need the DMA 505b7ecba0fSPeter Maydellbarrier operation and when it's OK to use ``address_space_*``, and 506b7ecba0fSPeter Maydellmake sure our existing code is doing things correctly. 507b7ecba0fSPeter Maydell 508b7ecba0fSPeter Maydell``dma_memory_read`` 509b7ecba0fSPeter Maydell 510b7ecba0fSPeter Maydell``dma_memory_write`` 511b7ecba0fSPeter Maydell 512b7ecba0fSPeter Maydell``dma_memory_rw`` 513b7ecba0fSPeter Maydell 514b7ecba0fSPeter MaydellRegexes for git grep 515b7ecba0fSPeter Maydell - ``\<dma_memory_\(read\|write\|rw\)\>`` 516a6195b5bSPhilippe Mathieu-Daudé - ``\<ldu\?[bwlq]\(_[bl]e\)\?_dma\>`` 517a6195b5bSPhilippe Mathieu-Daudé - ``\<st[bwlq]\(_[bl]e\)\?_dma\>`` 518b7ecba0fSPeter Maydell 519b7ecba0fSPeter Maydell``pci_dma_*`` and ``{ld,st}*_pci_dma`` 520b7ecba0fSPeter Maydell~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 521b7ecba0fSPeter Maydell 522b7ecba0fSPeter MaydellThese functions are specifically for PCI device models which need to 523b7ecba0fSPeter Maydellperform accesses where the PCI device is a bus master. You pass them a 524b7ecba0fSPeter Maydell``PCIDevice *`` and they will do ``dma_memory_*`` operations on the 525b7ecba0fSPeter Maydellcorrect address space for that device. 526b7ecba0fSPeter Maydell 527b7ecba0fSPeter Maydell``pci_dma_read`` 528b7ecba0fSPeter Maydell 529b7ecba0fSPeter Maydell``pci_dma_write`` 530b7ecba0fSPeter Maydell 531b7ecba0fSPeter Maydell``pci_dma_rw`` 532b7ecba0fSPeter Maydell 533b7ecba0fSPeter Maydell``load: ld{sign}{size}_{endian}_pci_dma`` 534b7ecba0fSPeter Maydell 535b7ecba0fSPeter Maydell``store: st{size}_{endian}_pci_dma`` 536b7ecba0fSPeter Maydell 537b7ecba0fSPeter Maydell``sign`` 538b7ecba0fSPeter Maydell - (empty) : for 32 or 64 bit sizes 539b7ecba0fSPeter Maydell - ``u`` : unsigned 540b7ecba0fSPeter Maydell 541b7ecba0fSPeter Maydell(No signed load operations are provided.) 542b7ecba0fSPeter Maydell 543b7ecba0fSPeter Maydell``size`` 544b7ecba0fSPeter Maydell - ``b`` : 8 bits 545b7ecba0fSPeter Maydell - ``w`` : 16 bits 546b7ecba0fSPeter Maydell - ``l`` : 32 bits 547b7ecba0fSPeter Maydell - ``q`` : 64 bits 548b7ecba0fSPeter Maydell 549b7ecba0fSPeter Maydell``endian`` 550b7ecba0fSPeter Maydell - ``le`` : little endian 551b7ecba0fSPeter Maydell - ``be`` : big endian 552b7ecba0fSPeter Maydell 553b7ecba0fSPeter MaydellThe ``_{endian}_`` infix is omitted for byte accesses. 554b7ecba0fSPeter Maydell 555b7ecba0fSPeter MaydellRegexes for git grep 556b7ecba0fSPeter Maydell - ``\<pci_dma_\(read\|write\|rw\)\>`` 557b7ecba0fSPeter Maydell - ``\<ldu\?[bwlq]\(_[bl]e\)\?_pci_dma\>`` 558b7ecba0fSPeter Maydell - ``\<st[bwlq]\(_[bl]e\)\?_pci_dma\>`` 559