1 /* 2 * RISC-V Emulation Helpers for QEMU. 3 * 4 * Copyright (c) 2016-2017 Sagar Karandikar, sagark@eecs.berkeley.edu 5 * Copyright (c) 2017-2018 SiFive, Inc. 6 * Copyright (c) 2022 VRULL GmbH 7 * 8 * This program is free software; you can redistribute it and/or modify it 9 * under the terms and conditions of the GNU General Public License, 10 * version 2 or later, as published by the Free Software Foundation. 11 * 12 * This program is distributed in the hope it will be useful, but WITHOUT 13 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 14 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for 15 * more details. 16 * 17 * You should have received a copy of the GNU General Public License along with 18 * this program. If not, see <http://www.gnu.org/licenses/>. 19 */ 20 21 #include "qemu/osdep.h" 22 #include "cpu.h" 23 #include "internals.h" 24 #include "exec/exec-all.h" 25 #include "exec/cpu_ldst.h" 26 #include "exec/helper-proto.h" 27 #include "trace.h" 28 29 /* Exceptions processing helpers */ 30 G_NORETURN void riscv_raise_exception(CPURISCVState *env, 31 RISCVException exception, 32 uintptr_t pc) 33 { 34 CPUState *cs = env_cpu(env); 35 36 trace_riscv_exception(exception, 37 riscv_cpu_get_trap_name(exception, false), 38 env->pc); 39 40 cs->exception_index = exception; 41 cpu_loop_exit_restore(cs, pc); 42 } 43 44 void helper_raise_exception(CPURISCVState *env, uint32_t exception) 45 { 46 riscv_raise_exception(env, exception, 0); 47 } 48 49 target_ulong helper_csrr(CPURISCVState *env, int csr) 50 { 51 /* 52 * The seed CSR must be accessed with a read-write instruction. A 53 * read-only instruction such as CSRRS/CSRRC with rs1=x0 or CSRRSI/ 54 * CSRRCI with uimm=0 will raise an illegal instruction exception. 55 */ 56 if (csr == CSR_SEED) { 57 riscv_raise_exception(env, RISCV_EXCP_ILLEGAL_INST, GETPC()); 58 } 59 60 target_ulong val = 0; 61 RISCVException ret = riscv_csrr(env, csr, &val); 62 63 if (ret != RISCV_EXCP_NONE) { 64 riscv_raise_exception(env, ret, GETPC()); 65 } 66 return val; 67 } 68 69 void helper_csrw(CPURISCVState *env, int csr, target_ulong src) 70 { 71 target_ulong mask = env->xl == MXL_RV32 ? UINT32_MAX : (target_ulong)-1; 72 RISCVException ret = riscv_csrrw(env, csr, NULL, src, mask); 73 74 if (ret != RISCV_EXCP_NONE) { 75 riscv_raise_exception(env, ret, GETPC()); 76 } 77 } 78 79 target_ulong helper_csrrw(CPURISCVState *env, int csr, 80 target_ulong src, target_ulong write_mask) 81 { 82 target_ulong val = 0; 83 RISCVException ret = riscv_csrrw(env, csr, &val, src, write_mask); 84 85 if (ret != RISCV_EXCP_NONE) { 86 riscv_raise_exception(env, ret, GETPC()); 87 } 88 return val; 89 } 90 91 target_ulong helper_csrr_i128(CPURISCVState *env, int csr) 92 { 93 Int128 rv = int128_zero(); 94 RISCVException ret = riscv_csrr_i128(env, csr, &rv); 95 96 if (ret != RISCV_EXCP_NONE) { 97 riscv_raise_exception(env, ret, GETPC()); 98 } 99 100 env->retxh = int128_gethi(rv); 101 return int128_getlo(rv); 102 } 103 104 void helper_csrw_i128(CPURISCVState *env, int csr, 105 target_ulong srcl, target_ulong srch) 106 { 107 RISCVException ret = riscv_csrrw_i128(env, csr, NULL, 108 int128_make128(srcl, srch), 109 UINT128_MAX); 110 111 if (ret != RISCV_EXCP_NONE) { 112 riscv_raise_exception(env, ret, GETPC()); 113 } 114 } 115 116 target_ulong helper_csrrw_i128(CPURISCVState *env, int csr, 117 target_ulong srcl, target_ulong srch, 118 target_ulong maskl, target_ulong maskh) 119 { 120 Int128 rv = int128_zero(); 121 RISCVException ret = riscv_csrrw_i128(env, csr, &rv, 122 int128_make128(srcl, srch), 123 int128_make128(maskl, maskh)); 124 125 if (ret != RISCV_EXCP_NONE) { 126 riscv_raise_exception(env, ret, GETPC()); 127 } 128 129 env->retxh = int128_gethi(rv); 130 return int128_getlo(rv); 131 } 132 133 134 /* 135 * check_zicbo_envcfg 136 * 137 * Raise virtual exceptions and illegal instruction exceptions for 138 * Zicbo[mz] instructions based on the settings of [mhs]envcfg as 139 * specified in section 2.5.1 of the CMO specification. 140 */ 141 static void check_zicbo_envcfg(CPURISCVState *env, target_ulong envbits, 142 uintptr_t ra) 143 { 144 #ifndef CONFIG_USER_ONLY 145 if ((env->priv < PRV_M) && !get_field(env->menvcfg, envbits)) { 146 riscv_raise_exception(env, RISCV_EXCP_ILLEGAL_INST, ra); 147 } 148 149 if (env->virt_enabled && 150 (((env->priv <= PRV_S) && !get_field(env->henvcfg, envbits)) || 151 ((env->priv < PRV_S) && !get_field(env->senvcfg, envbits)))) { 152 riscv_raise_exception(env, RISCV_EXCP_VIRT_INSTRUCTION_FAULT, ra); 153 } 154 155 if ((env->priv < PRV_S) && !get_field(env->senvcfg, envbits)) { 156 riscv_raise_exception(env, RISCV_EXCP_ILLEGAL_INST, ra); 157 } 158 #endif 159 } 160 161 void helper_cbo_zero(CPURISCVState *env, target_ulong address) 162 { 163 RISCVCPU *cpu = env_archcpu(env); 164 uint16_t cbozlen = cpu->cfg.cboz_blocksize; 165 int mmu_idx = riscv_env_mmu_index(env, false); 166 uintptr_t ra = GETPC(); 167 void *mem; 168 169 check_zicbo_envcfg(env, MENVCFG_CBZE, ra); 170 171 /* Mask off low-bits to align-down to the cache-block. */ 172 address &= ~(cbozlen - 1); 173 174 /* 175 * cbo.zero requires MMU_DATA_STORE access. Do a probe_write() 176 * to raise any exceptions, including PMP. 177 */ 178 mem = probe_write(env, address, cbozlen, mmu_idx, ra); 179 180 if (likely(mem)) { 181 memset(mem, 0, cbozlen); 182 } else { 183 /* 184 * This means that we're dealing with an I/O page. Section 4.2 185 * of cmobase v1.0.1 says: 186 * 187 * "Cache-block zero instructions store zeros independently 188 * of whether data from the underlying memory locations are 189 * cacheable." 190 * 191 * Write zeros in address + cbozlen regardless of not being 192 * a RAM page. 193 */ 194 for (int i = 0; i < cbozlen; i++) { 195 cpu_stb_mmuidx_ra(env, address + i, 0, mmu_idx, ra); 196 } 197 } 198 } 199 200 /* 201 * check_zicbom_access 202 * 203 * Check access permissions (LOAD, STORE or FETCH as specified in 204 * section 2.5.2 of the CMO specification) for Zicbom, raising 205 * either store page-fault (non-virtualized) or store guest-page 206 * fault (virtualized). 207 */ 208 static void check_zicbom_access(CPURISCVState *env, 209 target_ulong address, 210 uintptr_t ra) 211 { 212 RISCVCPU *cpu = env_archcpu(env); 213 int mmu_idx = riscv_env_mmu_index(env, false); 214 uint16_t cbomlen = cpu->cfg.cbom_blocksize; 215 void *phost; 216 int ret; 217 218 /* Mask off low-bits to align-down to the cache-block. */ 219 address &= ~(cbomlen - 1); 220 221 /* 222 * Section 2.5.2 of cmobase v1.0.1: 223 * 224 * "A cache-block management instruction is permitted to 225 * access the specified cache block whenever a load instruction 226 * or store instruction is permitted to access the corresponding 227 * physical addresses. If neither a load instruction nor store 228 * instruction is permitted to access the physical addresses, 229 * but an instruction fetch is permitted to access the physical 230 * addresses, whether a cache-block management instruction is 231 * permitted to access the cache block is UNSPECIFIED." 232 */ 233 ret = probe_access_flags(env, address, cbomlen, MMU_DATA_LOAD, 234 mmu_idx, true, &phost, ra); 235 if (ret != TLB_INVALID_MASK) { 236 /* Success: readable */ 237 return; 238 } 239 240 /* 241 * Since not readable, must be writable. On failure, store 242 * fault/store guest amo fault will be raised by 243 * riscv_cpu_tlb_fill(). PMP exceptions will be caught 244 * there as well. 245 */ 246 probe_write(env, address, cbomlen, mmu_idx, ra); 247 } 248 249 void helper_cbo_clean_flush(CPURISCVState *env, target_ulong address) 250 { 251 uintptr_t ra = GETPC(); 252 check_zicbo_envcfg(env, MENVCFG_CBCFE, ra); 253 check_zicbom_access(env, address, ra); 254 255 /* We don't emulate the cache-hierarchy, so we're done. */ 256 } 257 258 void helper_cbo_inval(CPURISCVState *env, target_ulong address) 259 { 260 uintptr_t ra = GETPC(); 261 check_zicbo_envcfg(env, MENVCFG_CBIE, ra); 262 check_zicbom_access(env, address, ra); 263 264 /* We don't emulate the cache-hierarchy, so we're done. */ 265 } 266 267 #ifndef CONFIG_USER_ONLY 268 269 target_ulong helper_sret(CPURISCVState *env) 270 { 271 uint64_t mstatus; 272 target_ulong prev_priv, prev_virt = env->virt_enabled; 273 const target_ulong src_priv = env->priv; 274 const bool src_virt = env->virt_enabled; 275 276 if (!(env->priv >= PRV_S)) { 277 riscv_raise_exception(env, RISCV_EXCP_ILLEGAL_INST, GETPC()); 278 } 279 280 target_ulong retpc = env->sepc; 281 if (!riscv_has_ext(env, RVC) && (retpc & 0x3)) { 282 riscv_raise_exception(env, RISCV_EXCP_INST_ADDR_MIS, GETPC()); 283 } 284 285 if (get_field(env->mstatus, MSTATUS_TSR) && !(env->priv >= PRV_M)) { 286 riscv_raise_exception(env, RISCV_EXCP_ILLEGAL_INST, GETPC()); 287 } 288 289 if (env->virt_enabled && get_field(env->hstatus, HSTATUS_VTSR)) { 290 riscv_raise_exception(env, RISCV_EXCP_VIRT_INSTRUCTION_FAULT, GETPC()); 291 } 292 293 mstatus = env->mstatus; 294 prev_priv = get_field(mstatus, MSTATUS_SPP); 295 mstatus = set_field(mstatus, MSTATUS_SIE, 296 get_field(mstatus, MSTATUS_SPIE)); 297 mstatus = set_field(mstatus, MSTATUS_SPIE, 1); 298 mstatus = set_field(mstatus, MSTATUS_SPP, PRV_U); 299 300 if (riscv_cpu_cfg(env)->ext_ssdbltrp) { 301 if (riscv_has_ext(env, RVH)) { 302 target_ulong prev_vu = get_field(env->hstatus, HSTATUS_SPV) && 303 prev_priv == PRV_U; 304 /* Returning to VU from HS, vsstatus.sdt = 0 */ 305 if (!env->virt_enabled && prev_vu) { 306 env->vsstatus = set_field(env->vsstatus, MSTATUS_SDT, 0); 307 } 308 } 309 mstatus = set_field(mstatus, MSTATUS_SDT, 0); 310 } 311 if (riscv_cpu_cfg(env)->ext_smdbltrp && env->priv >= PRV_M) { 312 mstatus = set_field(mstatus, MSTATUS_MDT, 0); 313 } 314 if (env->priv_ver >= PRIV_VERSION_1_12_0) { 315 mstatus = set_field(mstatus, MSTATUS_MPRV, 0); 316 } 317 env->mstatus = mstatus; 318 319 if (riscv_has_ext(env, RVH) && !env->virt_enabled) { 320 /* We support Hypervisor extensions and virtulisation is disabled */ 321 target_ulong hstatus = env->hstatus; 322 323 prev_virt = get_field(hstatus, HSTATUS_SPV); 324 hstatus = set_field(hstatus, HSTATUS_SPV, 0); 325 326 env->hstatus = hstatus; 327 328 if (prev_virt) { 329 riscv_cpu_swap_hypervisor_regs(env); 330 } 331 } 332 333 riscv_cpu_set_mode(env, prev_priv, prev_virt); 334 335 /* 336 * If forward cfi enabled for new priv, restore elp status 337 * and clear spelp in mstatus 338 */ 339 if (cpu_get_fcfien(env)) { 340 env->elp = get_field(env->mstatus, MSTATUS_SPELP); 341 } 342 env->mstatus = set_field(env->mstatus, MSTATUS_SPELP, 0); 343 344 if (riscv_cpu_cfg(env)->ext_smctr || riscv_cpu_cfg(env)->ext_ssctr) { 345 riscv_ctr_add_entry(env, env->pc, retpc, CTRDATA_TYPE_EXCEP_INT_RET, 346 src_priv, src_virt); 347 } 348 349 return retpc; 350 } 351 352 static void check_ret_from_m_mode(CPURISCVState *env, target_ulong retpc, 353 target_ulong prev_priv) 354 { 355 if (!(env->priv >= PRV_M)) { 356 riscv_raise_exception(env, RISCV_EXCP_ILLEGAL_INST, GETPC()); 357 } 358 359 if (!riscv_has_ext(env, RVC) && (retpc & 0x3)) { 360 riscv_raise_exception(env, RISCV_EXCP_INST_ADDR_MIS, GETPC()); 361 } 362 363 if (riscv_cpu_cfg(env)->pmp && 364 !pmp_get_num_rules(env) && (prev_priv != PRV_M)) { 365 riscv_raise_exception(env, RISCV_EXCP_INST_ACCESS_FAULT, GETPC()); 366 } 367 } 368 static target_ulong ssdbltrp_mxret(CPURISCVState *env, target_ulong mstatus, 369 target_ulong prev_priv, 370 target_ulong prev_virt) 371 { 372 /* If returning to U, VS or VU, sstatus.sdt = 0 */ 373 if (prev_priv == PRV_U || (prev_virt && 374 (prev_priv == PRV_S || prev_priv == PRV_U))) { 375 mstatus = set_field(mstatus, MSTATUS_SDT, 0); 376 /* If returning to VU, vsstatus.sdt = 0 */ 377 if (prev_virt && prev_priv == PRV_U) { 378 env->vsstatus = set_field(env->vsstatus, MSTATUS_SDT, 0); 379 } 380 } 381 382 return mstatus; 383 } 384 385 target_ulong helper_mret(CPURISCVState *env) 386 { 387 target_ulong retpc = env->mepc; 388 uint64_t mstatus = env->mstatus; 389 target_ulong prev_priv = get_field(mstatus, MSTATUS_MPP); 390 391 check_ret_from_m_mode(env, retpc, prev_priv); 392 393 target_ulong prev_virt = get_field(env->mstatus, MSTATUS_MPV) && 394 (prev_priv != PRV_M); 395 mstatus = set_field(mstatus, MSTATUS_MIE, 396 get_field(mstatus, MSTATUS_MPIE)); 397 mstatus = set_field(mstatus, MSTATUS_MPIE, 1); 398 mstatus = set_field(mstatus, MSTATUS_MPP, 399 riscv_has_ext(env, RVU) ? PRV_U : PRV_M); 400 mstatus = set_field(mstatus, MSTATUS_MPV, 0); 401 if (riscv_cpu_cfg(env)->ext_ssdbltrp) { 402 mstatus = ssdbltrp_mxret(env, mstatus, prev_priv, prev_virt); 403 } 404 if (riscv_cpu_cfg(env)->ext_smdbltrp) { 405 mstatus = set_field(mstatus, MSTATUS_MDT, 0); 406 } 407 if ((env->priv_ver >= PRIV_VERSION_1_12_0) && (prev_priv != PRV_M)) { 408 mstatus = set_field(mstatus, MSTATUS_MPRV, 0); 409 } 410 env->mstatus = mstatus; 411 412 if (riscv_has_ext(env, RVH) && prev_virt) { 413 riscv_cpu_swap_hypervisor_regs(env); 414 } 415 416 riscv_cpu_set_mode(env, prev_priv, prev_virt); 417 /* 418 * If forward cfi enabled for new priv, restore elp status 419 * and clear mpelp in mstatus 420 */ 421 if (cpu_get_fcfien(env)) { 422 env->elp = get_field(env->mstatus, MSTATUS_MPELP); 423 } 424 env->mstatus = set_field(env->mstatus, MSTATUS_MPELP, 0); 425 426 if (riscv_cpu_cfg(env)->ext_smctr || riscv_cpu_cfg(env)->ext_ssctr) { 427 riscv_ctr_add_entry(env, env->pc, retpc, CTRDATA_TYPE_EXCEP_INT_RET, 428 PRV_M, false); 429 } 430 431 return retpc; 432 } 433 434 target_ulong helper_mnret(CPURISCVState *env) 435 { 436 target_ulong retpc = env->mnepc; 437 target_ulong prev_priv = get_field(env->mnstatus, MNSTATUS_MNPP); 438 target_ulong prev_virt; 439 440 check_ret_from_m_mode(env, retpc, prev_priv); 441 442 prev_virt = get_field(env->mnstatus, MNSTATUS_MNPV) && 443 (prev_priv != PRV_M); 444 env->mnstatus = set_field(env->mnstatus, MNSTATUS_NMIE, true); 445 446 /* 447 * If MNRET changes the privilege mode to a mode 448 * less privileged than M, it also sets mstatus.MPRV to 0. 449 */ 450 if (prev_priv < PRV_M) { 451 env->mstatus = set_field(env->mstatus, MSTATUS_MPRV, false); 452 } 453 if (riscv_cpu_cfg(env)->ext_ssdbltrp) { 454 env->mstatus = ssdbltrp_mxret(env, env->mstatus, prev_priv, prev_virt); 455 } 456 457 if (riscv_cpu_cfg(env)->ext_smdbltrp) { 458 if (prev_priv < PRV_M) { 459 env->mstatus = set_field(env->mstatus, MSTATUS_MDT, 0); 460 } 461 } 462 463 if (riscv_has_ext(env, RVH) && prev_virt) { 464 riscv_cpu_swap_hypervisor_regs(env); 465 } 466 467 riscv_cpu_set_mode(env, prev_priv, prev_virt); 468 469 /* 470 * If forward cfi enabled for new priv, restore elp status 471 * and clear mnpelp in mnstatus 472 */ 473 if (cpu_get_fcfien(env)) { 474 env->elp = get_field(env->mnstatus, MNSTATUS_MNPELP); 475 } 476 env->mnstatus = set_field(env->mnstatus, MNSTATUS_MNPELP, 0); 477 478 return retpc; 479 } 480 481 void helper_ctr_add_entry(CPURISCVState *env, target_ulong src, 482 target_ulong dest, target_ulong type) 483 { 484 riscv_ctr_add_entry(env, src, dest, (enum CTRType)type, 485 env->priv, env->virt_enabled); 486 } 487 488 void helper_ctr_clear(CPURISCVState *env) 489 { 490 /* 491 * It's safe to call smstateen_acc_ok() for umode access regardless of the 492 * state of bit 54 (CTR bit in case of m/hstateen) of sstateen. If the bit 493 * is zero, smstateen_acc_ok() will return the correct exception code and 494 * if it's one, smstateen_acc_ok() will return RISCV_EXCP_NONE. In that 495 * scenario the U-mode check below will handle that case. 496 */ 497 RISCVException ret = smstateen_acc_ok(env, 0, SMSTATEEN0_CTR); 498 if (ret != RISCV_EXCP_NONE) { 499 riscv_raise_exception(env, ret, GETPC()); 500 } 501 502 if (env->priv == PRV_U) { 503 /* 504 * One corner case is when sctrclr is executed from VU-mode and 505 * mstateen.CTR = 0, in which case we are supposed to raise 506 * RISCV_EXCP_ILLEGAL_INST. This case is already handled in 507 * smstateen_acc_ok(). 508 */ 509 uint32_t excep = env->virt_enabled ? RISCV_EXCP_VIRT_INSTRUCTION_FAULT : 510 RISCV_EXCP_ILLEGAL_INST; 511 riscv_raise_exception(env, excep, GETPC()); 512 } 513 514 riscv_ctr_clear(env); 515 } 516 517 void helper_wfi(CPURISCVState *env) 518 { 519 CPUState *cs = env_cpu(env); 520 bool rvs = riscv_has_ext(env, RVS); 521 bool prv_u = env->priv == PRV_U; 522 bool prv_s = env->priv == PRV_S; 523 524 if (((prv_s || (!rvs && prv_u)) && get_field(env->mstatus, MSTATUS_TW)) || 525 (rvs && prv_u && !env->virt_enabled)) { 526 riscv_raise_exception(env, RISCV_EXCP_ILLEGAL_INST, GETPC()); 527 } else if (env->virt_enabled && 528 (prv_u || (prv_s && get_field(env->hstatus, HSTATUS_VTW)))) { 529 riscv_raise_exception(env, RISCV_EXCP_VIRT_INSTRUCTION_FAULT, GETPC()); 530 } else { 531 cs->halted = 1; 532 cs->exception_index = EXCP_HLT; 533 cpu_loop_exit(cs); 534 } 535 } 536 537 void helper_wrs_nto(CPURISCVState *env) 538 { 539 if (env->virt_enabled && (env->priv == PRV_S || env->priv == PRV_U) && 540 get_field(env->hstatus, HSTATUS_VTW) && 541 !get_field(env->mstatus, MSTATUS_TW)) { 542 riscv_raise_exception(env, RISCV_EXCP_VIRT_INSTRUCTION_FAULT, GETPC()); 543 } else if (env->priv != PRV_M && get_field(env->mstatus, MSTATUS_TW)) { 544 riscv_raise_exception(env, RISCV_EXCP_ILLEGAL_INST, GETPC()); 545 } 546 } 547 548 void helper_tlb_flush(CPURISCVState *env) 549 { 550 CPUState *cs = env_cpu(env); 551 if (!env->virt_enabled && 552 (env->priv == PRV_U || 553 (env->priv == PRV_S && get_field(env->mstatus, MSTATUS_TVM)))) { 554 riscv_raise_exception(env, RISCV_EXCP_ILLEGAL_INST, GETPC()); 555 } else if (env->virt_enabled && 556 (env->priv == PRV_U || get_field(env->hstatus, HSTATUS_VTVM))) { 557 riscv_raise_exception(env, RISCV_EXCP_VIRT_INSTRUCTION_FAULT, GETPC()); 558 } else { 559 tlb_flush(cs); 560 } 561 } 562 563 void helper_tlb_flush_all(CPURISCVState *env) 564 { 565 CPUState *cs = env_cpu(env); 566 tlb_flush_all_cpus_synced(cs); 567 } 568 569 void helper_hyp_tlb_flush(CPURISCVState *env) 570 { 571 CPUState *cs = env_cpu(env); 572 573 if (env->virt_enabled) { 574 riscv_raise_exception(env, RISCV_EXCP_VIRT_INSTRUCTION_FAULT, GETPC()); 575 } 576 577 if (env->priv == PRV_M || 578 (env->priv == PRV_S && !env->virt_enabled)) { 579 tlb_flush(cs); 580 return; 581 } 582 583 riscv_raise_exception(env, RISCV_EXCP_ILLEGAL_INST, GETPC()); 584 } 585 586 void helper_hyp_gvma_tlb_flush(CPURISCVState *env) 587 { 588 if (env->priv == PRV_S && !env->virt_enabled && 589 get_field(env->mstatus, MSTATUS_TVM)) { 590 riscv_raise_exception(env, RISCV_EXCP_ILLEGAL_INST, GETPC()); 591 } 592 593 helper_hyp_tlb_flush(env); 594 } 595 596 static int check_access_hlsv(CPURISCVState *env, bool x, uintptr_t ra) 597 { 598 if (env->priv == PRV_M) { 599 /* always allowed */ 600 } else if (env->virt_enabled) { 601 riscv_raise_exception(env, RISCV_EXCP_VIRT_INSTRUCTION_FAULT, ra); 602 } else if (env->priv == PRV_U && !get_field(env->hstatus, HSTATUS_HU)) { 603 riscv_raise_exception(env, RISCV_EXCP_ILLEGAL_INST, ra); 604 } 605 606 int mode = get_field(env->hstatus, HSTATUS_SPVP); 607 if (!x && mode == PRV_S && get_field(env->vsstatus, MSTATUS_SUM)) { 608 mode = MMUIdx_S_SUM; 609 } 610 return mode | MMU_2STAGE_BIT; 611 } 612 613 target_ulong helper_hyp_hlv_bu(CPURISCVState *env, target_ulong addr) 614 { 615 uintptr_t ra = GETPC(); 616 int mmu_idx = check_access_hlsv(env, false, ra); 617 MemOpIdx oi = make_memop_idx(MO_UB, mmu_idx); 618 619 return cpu_ldb_mmu(env, adjust_addr_virt(env, addr), oi, ra); 620 } 621 622 target_ulong helper_hyp_hlv_hu(CPURISCVState *env, target_ulong addr) 623 { 624 uintptr_t ra = GETPC(); 625 int mmu_idx = check_access_hlsv(env, false, ra); 626 MemOpIdx oi = make_memop_idx(MO_TEUW, mmu_idx); 627 628 return cpu_ldw_mmu(env, adjust_addr_virt(env, addr), oi, ra); 629 } 630 631 target_ulong helper_hyp_hlv_wu(CPURISCVState *env, target_ulong addr) 632 { 633 uintptr_t ra = GETPC(); 634 int mmu_idx = check_access_hlsv(env, false, ra); 635 MemOpIdx oi = make_memop_idx(MO_TEUL, mmu_idx); 636 637 return cpu_ldl_mmu(env, adjust_addr_virt(env, addr), oi, ra); 638 } 639 640 target_ulong helper_hyp_hlv_d(CPURISCVState *env, target_ulong addr) 641 { 642 uintptr_t ra = GETPC(); 643 int mmu_idx = check_access_hlsv(env, false, ra); 644 MemOpIdx oi = make_memop_idx(MO_TEUQ, mmu_idx); 645 646 return cpu_ldq_mmu(env, adjust_addr_virt(env, addr), oi, ra); 647 } 648 649 void helper_hyp_hsv_b(CPURISCVState *env, target_ulong addr, target_ulong val) 650 { 651 uintptr_t ra = GETPC(); 652 int mmu_idx = check_access_hlsv(env, false, ra); 653 MemOpIdx oi = make_memop_idx(MO_UB, mmu_idx); 654 655 cpu_stb_mmu(env, adjust_addr_virt(env, addr), val, oi, ra); 656 } 657 658 void helper_hyp_hsv_h(CPURISCVState *env, target_ulong addr, target_ulong val) 659 { 660 uintptr_t ra = GETPC(); 661 int mmu_idx = check_access_hlsv(env, false, ra); 662 MemOpIdx oi = make_memop_idx(MO_TEUW, mmu_idx); 663 664 cpu_stw_mmu(env, adjust_addr_virt(env, addr), val, oi, ra); 665 } 666 667 void helper_hyp_hsv_w(CPURISCVState *env, target_ulong addr, target_ulong val) 668 { 669 uintptr_t ra = GETPC(); 670 int mmu_idx = check_access_hlsv(env, false, ra); 671 MemOpIdx oi = make_memop_idx(MO_TEUL, mmu_idx); 672 673 cpu_stl_mmu(env, adjust_addr_virt(env, addr), val, oi, ra); 674 } 675 676 void helper_hyp_hsv_d(CPURISCVState *env, target_ulong addr, target_ulong val) 677 { 678 uintptr_t ra = GETPC(); 679 int mmu_idx = check_access_hlsv(env, false, ra); 680 MemOpIdx oi = make_memop_idx(MO_TEUQ, mmu_idx); 681 682 cpu_stq_mmu(env, adjust_addr_virt(env, addr), val, oi, ra); 683 } 684 685 /* 686 * TODO: These implementations are not quite correct. They perform the 687 * access using execute permission just fine, but the final PMP check 688 * is supposed to have read permission as well. Without replicating 689 * a fair fraction of cputlb.c, fixing this requires adding new mmu_idx 690 * which would imply that exact check in tlb_fill. 691 */ 692 target_ulong helper_hyp_hlvx_hu(CPURISCVState *env, target_ulong addr) 693 { 694 uintptr_t ra = GETPC(); 695 int mmu_idx = check_access_hlsv(env, true, ra); 696 MemOpIdx oi = make_memop_idx(MO_TEUW, mmu_idx); 697 698 return cpu_ldw_code_mmu(env, addr, oi, GETPC()); 699 } 700 701 target_ulong helper_hyp_hlvx_wu(CPURISCVState *env, target_ulong addr) 702 { 703 uintptr_t ra = GETPC(); 704 int mmu_idx = check_access_hlsv(env, true, ra); 705 MemOpIdx oi = make_memop_idx(MO_TEUL, mmu_idx); 706 707 return cpu_ldl_code_mmu(env, addr, oi, ra); 708 } 709 710 #endif /* !CONFIG_USER_ONLY */ 711