[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v3] arm/monitor: Add support for 'info tlb' command
|
From: |
Changbin Du |
|
Subject: |
[PATCH v3] arm/monitor: Add support for 'info tlb' command |
|
Date: |
Sun, 15 Nov 2020 15:53:47 +0800 |
This adds hmp 'info tlb' command support for the arm platform.
The limitation is that this only implements a page walker for
ARMv8-A AArch64 Long Descriptor format, 32bit addressing is
not supported yet.
To reuse existing code, this patch also extracts some APIs from
helper.c, including regime_translation_disabled(),
pt_start_level_stage1(), regime_ttbr().
(qemu) info tlb
vaddr paddr size attr
---------------- ---------------- ----------------
------------------------------
ffff800000000000 0000000040000000 0000000000001000 RW AF PXN
UXN
ffff800000001000 0000000040001000 0000000000001000 RW AF PXN
UXN
ffff800000002000 0000000040002000 0000000000001000 RW AF PXN
UXN
ffff800000003000 0000000040003000 0000000000001000 RW AF PXN
UXN
ffff800000004000 0000000040004000 0000000000001000 RW AF PXN
UXN
ffff800000005000 0000000040005000 0000000000001000 RW AF PXN
UXN
ffff800000006000 0000000040006000 0000000000001000 RW AF PXN
UXN
Signed-off-by: Changbin Du <changbin.du@gmail.com>
---
v3: rebase to latest mainline.
v2:
o fix coding style
o extract common code pt_start_level_stage1()
---
hmp-commands-info.hx | 3 +-
target/arm/helper.c | 30 +------
target/arm/internals.h | 33 ++++++++
target/arm/monitor.c | 183 +++++++++++++++++++++++++++++++++++++++++
4 files changed, 220 insertions(+), 29 deletions(-)
diff --git a/hmp-commands-info.hx b/hmp-commands-info.hx
index 117ba25f91..1b5b3f2616 100644
--- a/hmp-commands-info.hx
+++ b/hmp-commands-info.hx
@@ -222,7 +222,8 @@ SRST
ERST
#if defined(TARGET_I386) || defined(TARGET_SH4) || defined(TARGET_SPARC) || \
- defined(TARGET_PPC) || defined(TARGET_XTENSA) || defined(TARGET_M68K)
+ defined(TARGET_PPC) || defined(TARGET_XTENSA) || defined(TARGET_M68K) || \
+ defined(TARGET_ARM)
{
.name = "tlb",
.args_type = "",
diff --git a/target/arm/helper.c b/target/arm/helper.c
index 11b0803df7..e7f0f27c8e 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -9974,8 +9974,7 @@ static inline uint64_t regime_sctlr(CPUARMState *env,
ARMMMUIdx mmu_idx)
#ifndef CONFIG_USER_ONLY
/* Return true if the specified stage of address translation is disabled */
-static inline bool regime_translation_disabled(CPUARMState *env,
- ARMMMUIdx mmu_idx)
+bool regime_translation_disabled(CPUARMState *env, ARMMMUIdx mmu_idx)
{
if (arm_feature(env, ARM_FEATURE_M)) {
switch (env->v7m.mpu_ctrl[regime_is_secure(env, mmu_idx)] &
@@ -10021,20 +10020,6 @@ static inline bool
regime_translation_big_endian(CPUARMState *env,
return (regime_sctlr(env, mmu_idx) & SCTLR_EE) != 0;
}
-/* Return the TTBR associated with this translation regime */
-static inline uint64_t regime_ttbr(CPUARMState *env, ARMMMUIdx mmu_idx,
- int ttbrn)
-{
- if (mmu_idx == ARMMMUIdx_Stage2) {
- return env->cp15.vttbr_el2;
- }
- if (ttbrn == 0) {
- return env->cp15.ttbr0_el[regime_el(env, mmu_idx)];
- } else {
- return env->cp15.ttbr1_el[regime_el(env, mmu_idx)];
- }
-}
-
#endif /* !CONFIG_USER_ONLY */
/* Convert a possible stage1+2 MMU index into the appropriate
@@ -11077,18 +11062,7 @@ static bool get_phys_addr_lpae(CPUARMState *env,
target_ulong address,
}
if (mmu_idx != ARMMMUIdx_Stage2) {
- /* The starting level depends on the virtual address size (which can
- * be up to 48 bits) and the translation granule size. It indicates
- * the number of strides (stride bits at a time) needed to
- * consume the bits of the input address. In the pseudocode this is:
- * level = 4 - RoundUp((inputsize - grainsize) / stride)
- * where their 'inputsize' is our 'inputsize', 'grainsize' is
- * our 'stride + 3' and 'stride' is our 'stride'.
- * Applying the usual "rounded up m/n is (m+n-1)/n" and simplifying:
- * = 4 - (inputsize - stride - 3 + stride - 1) / stride
- * = 4 - (inputsize - 4) / stride;
- */
- level = 4 - (inputsize - 4) / stride;
+ level = pt_start_level_stage1(inputsize, stride);
} else {
/* For stage 2 translations the starting level is specified by the
* VTCR_EL2.SL0 field (whose interpretation depends on the page size)
diff --git a/target/arm/internals.h b/target/arm/internals.h
index 5460678756..69c21be774 100644
--- a/target/arm/internals.h
+++ b/target/arm/internals.h
@@ -949,6 +949,8 @@ static inline uint32_t regime_el(CPUARMState *env,
ARMMMUIdx mmu_idx)
}
}
+bool regime_translation_disabled(CPUARMState *env, ARMMMUIdx mmu_idx);
+
/* Return the TCR controlling this translation regime */
static inline TCR *regime_tcr(CPUARMState *env, ARMMMUIdx mmu_idx)
{
@@ -958,6 +960,20 @@ static inline TCR *regime_tcr(CPUARMState *env, ARMMMUIdx
mmu_idx)
return &env->cp15.tcr_el[regime_el(env, mmu_idx)];
}
+/* Return the TTBR associated with this translation regime */
+static inline uint64_t regime_ttbr(CPUARMState *env, ARMMMUIdx mmu_idx,
+ int ttbrn)
+{
+ if (mmu_idx == ARMMMUIdx_Stage2) {
+ return env->cp15.vttbr_el2;
+ }
+ if (ttbrn == 0) {
+ return env->cp15.ttbr0_el[regime_el(env, mmu_idx)];
+ } else {
+ return env->cp15.ttbr1_el[regime_el(env, mmu_idx)];
+ }
+}
+
/* Return the FSR value for a debug exception (watchpoint, hardware
* breakpoint or BKPT insn) targeting the specified exception level.
*/
@@ -1291,6 +1307,23 @@ typedef struct ARMCacheAttrs {
unsigned int shareability:2; /* as in the SH field of the VMSAv8-64 PTEs */
} ARMCacheAttrs;
+static inline int pt_start_level_stage1(int inputsize, int stride)
+{
+ /*
+ * The starting level depends on the virtual address size (which can
+ * be up to 48 bits) and the translation granule size. It indicates
+ * the number of strides (stride bits at a time) needed to
+ * consume the bits of the input address. In the pseudocode this is:
+ * level = 4 - RoundUp((inputsize - grainsize) / stride)
+ * where their 'inputsize' is our 'inputsize', 'grainsize' is
+ * our 'stride + 3' and 'stride' is our 'stride'.
+ * Applying the usual "rounded up m/n is (m+n-1)/n" and simplifying:
+ * = 4 - (inputsize - stride - 3 + stride - 1) / stride
+ * = 4 - (inputsize - 4) / stride;
+ */
+ return 4 - (inputsize - 4) / stride;
+}
+
bool get_phys_addr(CPUARMState *env, target_ulong address,
MMUAccessType access_type, ARMMMUIdx mmu_idx,
hwaddr *phys_ptr, MemTxAttrs *attrs, int *prot,
diff --git a/target/arm/monitor.c b/target/arm/monitor.c
index 169d8a64b6..6991533a07 100644
--- a/target/arm/monitor.c
+++ b/target/arm/monitor.c
@@ -31,6 +31,9 @@
#include "qapi/qmp/qerror.h"
#include "qapi/qmp/qdict.h"
#include "qom/qom-qobject.h"
+#include "monitor/monitor.h"
+#include "monitor/hmp-target.h"
+#include "internals.h"
static GICCapability *gic_cap_new(int version)
{
@@ -236,3 +239,183 @@ CpuModelExpansionInfo
*qmp_query_cpu_model_expansion(CpuModelExpansionType type,
return expansion_info;
}
+
+/* Perform linear address sign extension */
+static target_ulong addr_canonical(int va_bits, target_ulong addr)
+{
+#ifdef TARGET_AARCH64
+ if (addr & (1UL << (va_bits - 1))) {
+ addr |= (hwaddr)-(1L << va_bits);
+ }
+#endif
+
+ return addr;
+}
+
+#define PTE_HEADER_FIELDS "vaddr paddr "\
+ "size attr\n"
+#define PTE_HEADER_DELIMITER "---------------- ---------------- "\
+ "----------------
------------------------------\n"
+
+static void print_pte_header(Monitor *mon)
+{
+ monitor_printf(mon, PTE_HEADER_FIELDS);
+ monitor_printf(mon, PTE_HEADER_DELIMITER);
+}
+
+static void
+print_pte_lpae(Monitor *mon, uint32_t tableattrs, int va_bits,
+ target_ulong vaddr, hwaddr paddr, target_ulong size,
+ target_ulong pte)
+{
+ uint32_t ns = extract64(pte, 5, 1) | extract32(tableattrs, 4, 1);
+ uint32_t ap = extract64(pte, 6, 2) & ~extract32(tableattrs, 2, 2);
+ uint32_t af = extract64(pte, 10, 1);
+ uint32_t ng = extract64(pte, 11, 1);
+ uint32_t gp = extract64(pte, 50, 1);
+ uint32_t con = extract64(pte, 52, 1);
+ uint32_t pxn = extract64(pte, 53, 1) | extract32(tableattrs, 0, 1);
+ uint32_t uxn = extract64(pte, 54, 1) | extract32(tableattrs, 1, 1);
+
+ monitor_printf(mon, TARGET_FMT_lx " " TARGET_FMT_plx " " TARGET_FMT_lx
+ " %s %s %s %s %s %s %s %s %s\n",
+ addr_canonical(va_bits, vaddr), paddr, size,
+ ap & 0x2 ? "ro" : "RW",
+ ap & 0x1 ? "USR" : " ",
+ ns ? "NS" : " ",
+ af ? "AF" : " ",
+ ng ? "nG" : " ",
+ gp ? "GP" : " ",
+ con ? "Con" : " ",
+ pxn ? "PXN" : " ",
+ uxn ? "UXN" : " ");
+}
+
+static void
+walk_pte_lpae(Monitor *mon, bool aarch64, uint32_t tableattrs, hwaddr pt_base,
+ target_ulong vstart, int cur_level, int stride, int va_bits)
+{
+ int pg_shift = stride + 3;
+ int descaddr_high = aarch64 ? 47 : 39;
+ int max_level = 3;
+ int ptshift = pg_shift + (max_level - cur_level) * stride;
+ target_ulong pgsize = 1UL << ptshift;
+ int idx;
+
+ for (idx = 0; idx < (1UL << stride) && vstart < (1UL << va_bits);
+ idx++, vstart += pgsize) {
+ hwaddr pte_addr = pt_base + idx * 8;
+ target_ulong pte = 0;
+ hwaddr paddr;
+
+ cpu_physical_memory_read(pte_addr, &pte, 8);
+
+ if (!extract64(pte, 0, 1)) {
+ /* invalid entry */
+ continue;
+ }
+
+ if (cur_level == max_level) {
+ /* leaf entry */
+ paddr = (hwaddr)extract64(pte, pg_shift,
+ descaddr_high - pg_shift + 1) << pg_shift;
+ print_pte_lpae(mon, tableattrs, va_bits, vstart, paddr,
+ pgsize, pte);
+ } else {
+ if (extract64(pte, 1, 1)) {
+ /* table entry */
+ paddr = (hwaddr)extract64(pte, pg_shift,
+ descaddr_high - pg_shift + 1) << pg_shift;
+ tableattrs |= extract64(pte, 59, 5);
+
+ walk_pte_lpae(mon, aarch64, tableattrs, paddr, vstart,
+ cur_level + 1, stride, va_bits);
+ } else {
+ /* block entry */
+ if ((pg_shift == 12 && (cur_level != 1 && cur_level != 2)) ||
+ (pg_shift == 14 && (cur_level != 2)) ||
+ (pg_shift == 16 && (cur_level != 0 && cur_level != 1))) {
+ monitor_printf(mon, "illegal block entry at level%d\n",
+ cur_level);
+ continue;
+ }
+ paddr = (hwaddr)extract64(pte, ptshift,
+ descaddr_high - ptshift + 1) << ptshift;
+ print_pte_lpae(mon, tableattrs, va_bits, vstart, paddr,
+ pgsize, pte);
+ }
+ }
+ }
+}
+
+/* ARMv8-A AArch64 Long Descriptor format */
+static void tlb_info_vmsav8_64(Monitor *mon, CPUArchState *env)
+{
+ ARMMMUIdx mmu_idx = arm_stage1_mmu_idx(env);
+ uint64_t ttbr[2];
+ uint64_t tcr;
+ int tsz[2];
+ bool using16k, using64k;
+ int stride;
+
+ ttbr[0] = regime_ttbr(env, mmu_idx, 0);
+ ttbr[1] = regime_ttbr(env, mmu_idx, 1);
+
+ tcr = regime_tcr(env, mmu_idx)->raw_tcr;
+ using64k = extract32(tcr, 14, 1);
+ using16k = extract32(tcr, 15, 1);
+ tsz[0] = extract32(tcr, 0, 6);
+ tsz[1] = extract32(tcr, 16, 6);
+
+ if (using64k) {
+ stride = 13;
+ } else if (using16k) {
+ stride = 11;
+ } else {
+ stride = 9;
+ }
+
+ /* print header */
+ print_pte_header(mon);
+
+ for (unsigned int i = 0; i < 2; i++) {
+ if (ttbr[i]) {
+ hwaddr base = extract64(ttbr[i], 1, 47) << 1;
+ int va_bits = 64 - tsz[i];
+ target_ulong vstart = (target_ulong)i << (va_bits - 1);
+ int startlevel = pt_start_level_stage1(va_bits, stride);
+
+ /* walk ttbrx page tables, starting from address @vstart */
+ walk_pte_lpae(mon, true, 0, base, vstart, startlevel,
+ stride, va_bits);
+ }
+ }
+}
+
+void hmp_info_tlb(Monitor *mon, const QDict *qdict)
+{
+ CPUArchState *env;
+
+ env = mon_get_cpu_env(mon);
+ if (!env) {
+ monitor_printf(mon, "No CPU available\n");
+ return;
+ }
+
+ if (arm_feature(env, ARM_FEATURE_PMSA)) {
+ monitor_printf(mon, "No MMU\n");
+ return;
+ }
+
+ if (regime_translation_disabled(env, arm_stage1_mmu_idx(env))) {
+ monitor_printf(mon, "MMU disabled\n");
+ return;
+ }
+
+ if (!arm_el_is_aa64(env, 1)) {
+ monitor_printf(mon, "Only AArch64 Long Descriptor is supported\n");
+ return;
+ }
+
+ tlb_info_vmsav8_64(mon, env);
+}
--
2.25.1
- [PATCH v3] arm/monitor: Add support for 'info tlb' command,
Changbin Du <=