summaryrefslogtreecommitdiffstats
path: root/target-i386/helper.c
Commit message (Collapse)AuthorAgeFilesLines
* target-i386: Enable control registers for MPXRichard Henderson2016-02-121-0/+2
| | | | | | Enable and disable at CPL changes, MSR changes, and XRSTOR changes. Signed-off-by: Richard Henderson <rth@twiddle.net>
* target-i386: Add XSAVE extensionRichard Henderson2016-02-121-4/+8
| | | | | | | This includes XSAVE, XRSTOR, XGETBV, XSETBV, which are all related, as well as the associate cpuid bits. Signed-off-by: Richard Henderson <rth@twiddle.net>
* target-i386: fix PSE36 modePaolo Bonzini2016-02-091-2/+2
| | | | | | | | | | (pde & 0x1fe000) is a 32-bit integer; when shifting it into bits 39-32 the result is zero. Fix it by making the mask (and thus the result of the AND) a 64-bit integer. Reported by Coverity. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* x86: Clean up includesPeter Maydell2016-01-291-0/+1
| | | | | | | | | | Clean up includes so that osdep.h is included first and headers which it implies are not included manually. This commit was created with scripts/clean-includes. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1453832250-766-11-git-send-email-peter.maydell@linaro.org
* target-i386: Rename XMM_[BWLSDQ] helpers to ZMM_*Eduardo Habkost2016-01-211-4/+4
| | | | | | | | | They are helpers for the ZMMReg fields, so name them accordingly. This is just a global search+replace, no other changes are being introduced. Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
* target-i386: do not duplicate page protection checksPaolo Bonzini2016-01-151-42/+23Star
| | | | | | | | | | | | | | x86_cpu_handle_mmu_fault is currently checking twice for writability and executability of pages; the first time to decide whether to trigger a page fault, the second time to compute the "prot" argument to tlb_set_page_with_attrs. Reorganize code so that first "prot" is computed, then it is used to check whether to raise a page fault, then finally PROT_WRITE is removed if the D bit will have to be set. Reviewed-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* target-i386: Move breakpoint related functions to new fileRichard Henderson2015-10-021-128/+0Star
| | | | | | Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
* hmp: added local apic dump statePavel Butsykin2015-09-251-0/+191
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Added the hmp command to query local apic registers state, may be usefull after guest crashes to understand IRQ routing in guest. (qemu) info lapic dumping local APIC state for CPU 0 LVT0 0x00010700 active-hi edge masked ExtINT (vec 0) LVT1 0x00000400 active-hi edge NMI LVTPC 0x00010000 active-hi edge masked Fixed (vec 0) LVTERR 0x000000fe active-hi edge Fixed (vec 254) LVTTHMR 0x00010000 active-hi edge masked Fixed (vec 0) LVTT 0x000000ef active-hi edge one-shot Fixed (vec 239) Timer DCR=0x3 (divide by 16) initial_count = 61360 SPIV 0x000001ff APIC enabled, focus=off, spurious vec 255 ICR 0x000000fd physical edge de-assert no-shorthand ICR2 0x00000001 cpu 1 (X2APIC ID) ESR 0x00000000 ISR (none) IRR 239 APR 0x00 TPR 0x00 DFR 0x0f LDR 0x00 PPR 0x00 Signed-off-by: Pavel Butsykin <pbutsykin@virtuozzo.com> Signed-off-by: Denis V. Lunev <den@openvz.org> CC: Paolo Bonzini <pbonzini@redhat.com> CC: Andreas Färber <afaerber@suse.de> Message-Id: <1442927901-1084-7-git-send-email-den@openvz.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* target-i386: Use correct memory attributes for memory accessesPaolo Bonzini2015-06-051-20/+112
| | | | | | | | | | These include page table walks, SVM accesses and SMM state save accesses. The bulk of the patch is obtained with sed -i 's/\(\<[a-z_]*_phys\(_notdirty\)\?\>(cs\)->as,/x86_\1,/' Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* target-i386: introduce cpu_get_mem_attrsPaolo Bonzini2015-06-051-1/+2
| | | | Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* qemu-log: add log category for MMU infoAntony Pavlov2014-12-161-11/+4Star
| | | | | | | | | | | | | | | | | | | | | | | Running barebox on qemu-system-mips* with '-d unimp' overloads stderr by very very many mips_cpu_handle_mmu_fault() messages: mips_cpu_handle_mmu_fault address=b80003fd ret 0 physical 00000000180003fd prot 3 mips_cpu_handle_mmu_fault address=a0800884 ret 0 physical 0000000000800884 prot 3 mips_cpu_handle_mmu_fault pc a080cd80 ad b80003fd rw 0 mmu_idx 0 So it's very difficult to find LOG_UNIMP message. The mips_cpu_handle_mmu_fault() messages appear on enabling ANY logging! It's not very handy. Adding separate log category for *_cpu_handle_mmu_fault() logging fixes the problem. Signed-off-by: Antony Pavlov <antonynpavlov@gmail.com> Acked-by: Alexander Graf <agraf@suse.de> Reviewed-by: Richard Henderson <rth@twiddle.net> Message-id: 1418489298-1184-1-git-send-email-antonynpavlov@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* target-i386: Use cpu_exec_enter/exit qom hooksRichard Henderson2014-09-251-0/+21
| | | | | | | | | | | Note that the code that was within the "exit" ifdef block was identical to the cpu_compute_eflags inline, so make that simplification at the same time. Signed-off-by: Richard Henderson <rth@twiddle.net> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Message-id: 1410626734-3804-4-git-send-email-rth@twiddle.net Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* cpu-exec: Make debug_excp_handler a QOM CPU methodPeter Maydell2014-09-121-2/+3
| | | | | | | Make the debug_excp_handler target specific hook into a QOM CPU method. Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* target-i386: Don't forbid NX bit on PAE PDEs and PTEsWilliam Grant2014-08-251-2/+2
| | | | | | | | | | | | Commit e8f6d00c30ed88910d0d985f4b2bf41654172ceb ("target-i386: raise page fault for reserved physical address bits") added a check that the NX bit is not set on PAE PDPEs, but it also added it to rsvd_mask for the rest of the function. This caused any PDEs or PTEs with NX set to be erroneously rejected, making PAE guests with NX support unusable. Signed-off-by: William Grant <wgrant@ubuntu.com> Cc: qemu-stable@nongnu.org Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* target-i386: Allow execute from user mode when SMEP is enabled.Ricky Zhou2014-07-151-1/+2
| | | | | | | | Previously, execute would be disabled for all pages with SMEP enabled, regardless of what mode the access took place in. Signed-off-by: Ricky Zhou <ricky@rzhou.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* target-i386: cleanup x86_cpu_get_phys_page_debugPaolo Bonzini2014-06-051-18/+17Star
| | | | | | Make the code a bit more similar to x86_cpu_handle_mmu_fault. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* target-i386: fix protection bits in the TLB for SMEPPaolo Bonzini2014-06-051-1/+3
| | | | | | | | | User pages must be marked as non-executable when running under SMEP; otherwise, fetching the page first and then calling it will fail. With this patch, all SMEP testcases in kvm-unit-tests now pass. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* target-i386: support long addresses for 4MB pages (PSE-36)Paolo Bonzini2014-06-051-3/+9
| | | | | | | 4MB pages can use 40-bit addresses by putting the higher 8 bits in bits 20-13 of the PDE. Bit 21 is reserved. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* target-i386: raise page fault for reserved bits in large pagesPaolo Bonzini2014-06-051-0/+1
| | | | | | In large pages, bit 12 is for PAT, but bits starting at 13 are reserved. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* target-i386: unify reserved bits and NX bit checkPaolo Bonzini2014-06-051-12/+4Star
| | | | Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* target-i386: simplify pte/vaddr calculationPaolo Bonzini2014-06-051-8/+7Star
| | | | | | | They can moved to after the dirty bit processing, and unified between CR0.PG=1 and CR0.PG=0. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* target-i386: raise page fault for reserved physical address bitsPaolo Bonzini2014-06-051-12/+22
| | | | Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* target-i386: test reserved PS bit on PML4EsPaolo Bonzini2014-06-051-0/+3
| | | | Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* target-i386: set correct error code for reserved bit accessPaolo Bonzini2014-06-051-17/+9Star
| | | | | | The correct error code is 9 (present, reserved), not 8. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* target-i386: introduce support for 1 GB pagesPaolo Bonzini2014-06-051-0/+7
| | | | | | | Given the simplifications to the code in the previous patches, this is now very simple to do. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* target-i386: introduce do_check_protect labelPaolo Bonzini2014-06-051-36/+38
| | | | | | This will help adding 1GB page support in the next patch. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* target-i386: tweak handling of PG_NX_MASKPaolo Bonzini2014-06-051-4/+4
| | | | | | | Remove the tail of the PAE case, so that we can use "goto" in the next patch to jump to the protection checks. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* target-i386: commonize checks for PAE and non-PAEPaolo Bonzini2014-06-051-79/+41Star
| | | | Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* target-i386: commonize checks for 4MB and 4KB pagesPaolo Bonzini2014-06-051-77/+41Star
| | | | Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* target-i386: commonize checks for 2MB and 4KB pagesPaolo Bonzini2014-06-051-83/+44Star
| | | | Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* target-i386: fix coding standards in x86_cpu_handle_mmu_faultPaolo Bonzini2014-06-051-5/+9
| | | | Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* target-i386: simplify SMAP handling in MMU_KSMAP_IDXPaolo Bonzini2014-06-051-8/+4Star
| | | | | | | Do not use this MMU index at all if CR4.SMAP is false, and drop the SMAP check from x86_cpu_handle_mmu_fault. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* target-i386: fix kernel accesses with SMAP and CPL = 3Paolo Bonzini2014-06-051-4/+4
| | | | | | | | | With SMAP, implicit kernel accesses from user mode always behave as if AC=0. To do this, kernel mode is not anymore a separate MMU mode. Instead, KERNEL_IDX is renamed to KSMAP_IDX and the kernel mode accessors wrap KSMAP_IDX and KNOSMAP_IDX. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* target-i386: rename KSMAP to KNOSMAPPaolo Bonzini2014-06-051-4/+4
| | | | | | This is the mode where SMAP is overridden, put "NO" in its name. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* target-i386: preserve FPU and MSR state on INITPaolo Bonzini2014-05-131-2/+8
| | | | | | | | | | | | | | | | | | | Most MSRs, plus the FPU, MMX, MXCSR, XMM and YMM registers should not be zeroed on INIT (Table 9-1 in the Intel SDM). Copy them out of CPUX86State and back in, instead of special casing env->pat. The relevant fields are already consecutive except PAT and SMBASE. However: - KVM and Hyper-V MSRs should be reset because they include memory locations written by the hypervisor. These MSRs are moved together at the end of the preserved area. - SVM state can be moved out of the way since it is written by VMRUN. Cc: Andreas Faerber <afaerber@suse.de> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* kvm: forward INIT signals coming from the chipsetPaolo Bonzini2014-05-131-0/+4
| | | | | | Reviewed-by: Gleb Natapov <gnatapov@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* target-i386: x86_cpu_get_phys_page_debug(): support 1GB page translationLuiz Capitulino2014-03-311-0/+11
| | | | | | | | | | | | | | | | | | | | Linux guests, when using more than 4GB of RAM, may end up using 1GB pages to store (kernel) data. When this happens, we're unable to debug a running Linux kernel with GDB: (gdb) p node_data[0]->node_id Cannot access memory at address 0xffff88013fffd3a0 (gdb) GDB returns this error because x86_cpu_get_phys_page_debug() doesn't support translating 1GB pages in IA-32e paging mode and returns an error to GDB. This commit adds support for 1GB page translation for IA32e paging. Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
* cputlb: Change tlb_set_page() argument to CPUStateAndreas Färber2014-03-131-1/+1
| | | | Signed-off-by: Andreas Färber <afaerber@suse.de>
* cputlb: Change tlb_flush() argument to CPUStateAndreas Färber2014-03-131-5/+12
| | | | Signed-off-by: Andreas Färber <afaerber@suse.de>
* cpu-exec: Change cpu_resume_from_signal() argument to CPUStateAndreas Färber2014-03-131-1/+1
| | | | Signed-off-by: Andreas Färber <afaerber@suse.de>
* exec: Change cpu_breakpoint_{insert,remove{,_by_ref,_all}} argumentAndreas Färber2014-03-131-2/+2
| | | | | | Use CPUState. Allows to clean up CPUArchState in gdbstub. Signed-off-by: Andreas Färber <afaerber@suse.de>
* exec: Change cpu_watchpoint_{insert,remove{,_by_ref,_all}} argumentAndreas Färber2014-03-131-3/+8
| | | | | | Use CPUState. This lets us drop a few local env usages. Signed-off-by: Andreas Färber <afaerber@suse.de>
* translate-all: Change cpu_restore_state() argument to CPUStateAndreas Färber2014-03-131-1/+1
| | | | | | This lets us drop some local variables in tlb_fill() functions. Signed-off-by: Andreas Färber <afaerber@suse.de>
* cpu: Move breakpoints field from CPU_COMMON to CPUStateAndreas Färber2014-03-131-1/+2
| | | | | | | | Most targets were using offsetof(CPUFooState, breakpoints) to determine how much of CPUFooState to clear on reset. Use the next field after CPU_COMMON instead, if any, or sizeof(CPUFooState) otherwise. Signed-off-by: Andreas Färber <afaerber@suse.de>
* cpu: Move watchpoint fields from CPU_COMMON to CPUStateAndreas Färber2014-03-131-3/+4
| | | | Signed-off-by: Andreas Färber <afaerber@suse.de>
* cpu: Move exception_index field from CPU_COMMON to CPUStateAndreas Färber2014-03-131-3/+3
| | | | Signed-off-by: Andreas Färber <afaerber@suse.de>
* cpu: Move mem_io_{pc,vaddr} fields from CPU_COMMON to CPUStateAndreas Färber2014-03-131-2/+3
| | | | | | Reset them. Signed-off-by: Andreas Färber <afaerber@suse.de>
* cpu: Turn cpu_handle_mmu_fault() into a CPUClass hookAndreas Färber2014-03-131-8/+12
| | | | | | | | Note that while such functions may exist both for *-user and softmmu, only *-user uses the CPUState hook, while softmmu reuses the prototype for calling it directly. Signed-off-by: Andreas Färber <afaerber@suse.de>
* target-i386: Clean up ENV_GET_CPU() usageAndreas Färber2014-03-131-1/+1
| | | | | | | | | | | | | Commits fdfba1a298ae26dd44bcfdb0429314139a0bc55a, f606604f1c10b60ef294f1b9b229426521a365e3 and 2c17449b3022ca9623c4a7e2a504a4150ac4ad30 added usages of ENV_GET_CPU() macro in target-specific code. Use x86_env_get_cpu() or reuse existing X86CPU variable instead. Cc: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Cc: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Andreas Färber <afaerber@suse.de>
* exec: Make stl_phys_notdirty input an AddressSpaceEdgar E. Iglesias2014-02-111-8/+8
| | | | | Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>