6 * Copyright (c) 2005 Nathan Keynes.
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 #define MODULE sh4_module
22 #include "sh4/sh4mmio.h"
23 #include "sh4/sh4core.h"
24 #include "sh4/sh4trans.h"
28 #ifdef HAVE_FRAME_ADDRESS
29 #define RETURN_VIA(exc) do{ *(((void **)__builtin_frame_address(0))+1) = exc; return; } while(0)
31 #define RETURN_VIA(exc) return MMU_VMA_ERROR
34 /* The MMU (practically unique in the system) is allowed to raise exceptions
35 * directly, with a return code indicating that one was raised and the caller
36 * had better behave appropriately.
38 #define RAISE_TLB_ERROR(code, vpn) \
39 MMIO_WRITE(MMU, TEA, vpn); \
40 MMIO_WRITE(MMU, PTEH, ((MMIO_READ(MMU, PTEH) & 0x000003FF) | (vpn&0xFFFFFC00))); \
41 sh4_raise_tlb_exception(code);
43 #define RAISE_MEM_ERROR(code, vpn) \
44 MMIO_WRITE(MMU, TEA, vpn); \
45 MMIO_WRITE(MMU, PTEH, ((MMIO_READ(MMU, PTEH) & 0x000003FF) | (vpn&0xFFFFFC00))); \
46 sh4_raise_exception(code);
48 #define RAISE_OTHER_ERROR(code) \
49 sh4_raise_exception(code);
51 * Abort with a non-MMU address error. Caused by user-mode code attempting
52 * to access privileged regions, or alignment faults.
54 #define MMU_READ_ADDR_ERROR() RAISE_OTHER_ERROR(EXC_DATA_ADDR_READ)
55 #define MMU_WRITE_ADDR_ERROR() RAISE_OTHER_ERROR(EXC_DATA_ADDR_WRITE)
57 #define MMU_TLB_READ_MISS_ERROR(vpn) RAISE_TLB_ERROR(EXC_TLB_MISS_READ, vpn)
58 #define MMU_TLB_WRITE_MISS_ERROR(vpn) RAISE_TLB_ERROR(EXC_TLB_MISS_WRITE, vpn)
59 #define MMU_TLB_INITIAL_WRITE_ERROR(vpn) RAISE_MEM_ERROR(EXC_INIT_PAGE_WRITE, vpn)
60 #define MMU_TLB_READ_PROT_ERROR(vpn) RAISE_MEM_ERROR(EXC_TLB_PROT_READ, vpn)
61 #define MMU_TLB_WRITE_PROT_ERROR(vpn) RAISE_MEM_ERROR(EXC_TLB_PROT_WRITE, vpn)
62 #define MMU_TLB_MULTI_HIT_ERROR(vpn) sh4_raise_reset(EXC_TLB_MULTI_HIT); \
63 MMIO_WRITE(MMU, TEA, vpn); \
64 MMIO_WRITE(MMU, PTEH, ((MMIO_READ(MMU, PTEH) & 0x000003FF) | (vpn&0xFFFFFC00)));
67 #define OCRAM_START (0x1C000000>>LXDREAM_PAGE_BITS)
68 #define OCRAM_END (0x20000000>>LXDREAM_PAGE_BITS)
71 static struct itlb_entry mmu_itlb[ITLB_ENTRY_COUNT];
72 static struct utlb_entry mmu_utlb[UTLB_ENTRY_COUNT];
73 static uint32_t mmu_urc;
74 static uint32_t mmu_urb;
75 static uint32_t mmu_lrui;
76 static uint32_t mmu_asid; // current asid
78 static struct utlb_sort_entry mmu_utlb_sorted[UTLB_ENTRY_COUNT];
79 static uint32_t mmu_utlb_entries; // Number of entries in mmu_utlb_sorted.
81 static sh4ptr_t cache = NULL;
83 static void mmu_invalidate_tlb();
84 static void mmu_utlb_sorted_reset();
85 static void mmu_utlb_sorted_reload();
87 static uint32_t get_mask_for_flags( uint32_t flags )
89 switch( flags & TLB_SIZE_MASK ) {
90 case TLB_SIZE_1K: return MASK_1K;
91 case TLB_SIZE_4K: return MASK_4K;
92 case TLB_SIZE_64K: return MASK_64K;
93 case TLB_SIZE_1M: return MASK_1M;
94 default: return 0; /* Unreachable */
98 MMIO_REGION_READ_FN( MMU, reg )
103 return MMIO_READ( MMU, MMUCR) | (mmu_urc<<10) | (mmu_urb<<18) | (mmu_lrui<<26);
105 return MMIO_READ( MMU, reg );
109 MMIO_REGION_WRITE_FN( MMU, reg, val )
118 if( (val & 0xFF) != mmu_asid ) {
120 sh4_icache.page_vma = -1; // invalidate icache as asid has changed
137 if( val & MMUCR_TI ) {
138 mmu_invalidate_tlb();
140 mmu_urc = (val >> 10) & 0x3F;
141 mmu_urb = (val >> 18) & 0x3F;
142 mmu_lrui = (val >> 26) & 0x3F;
144 tmp = MMIO_READ( MMU, MMUCR );
145 if( (val ^ tmp) & (MMUCR_AT|MMUCR_SV) ) {
146 // AT flag has changed state - flush the xlt cache as all bets
147 // are off now. We also need to force an immediate exit from the
149 MMIO_WRITE( MMU, MMUCR, val );
154 CCN_set_cache_control( val );
158 /* Note that if the high bit is set, this appears to reset the machine.
159 * Not emulating this behaviour yet until we know why...
168 PMM_write_control(0, val);
172 PMM_write_control(1, val);
178 MMIO_WRITE( MMU, reg, val );
188 mmio_region_MMU_write( CCR, 0 );
189 mmio_region_MMU_write( MMUCR, 0 );
190 mmu_utlb_sorted_reload();
193 void MMU_save_state( FILE *f )
195 fwrite( &mmu_itlb, sizeof(mmu_itlb), 1, f );
196 fwrite( &mmu_utlb, sizeof(mmu_utlb), 1, f );
197 fwrite( &mmu_urc, sizeof(mmu_urc), 1, f );
198 fwrite( &mmu_urb, sizeof(mmu_urb), 1, f );
199 fwrite( &mmu_lrui, sizeof(mmu_lrui), 1, f );
200 fwrite( &mmu_asid, sizeof(mmu_asid), 1, f );
203 int MMU_load_state( FILE *f )
205 if( fread( &mmu_itlb, sizeof(mmu_itlb), 1, f ) != 1 ) {
208 if( fread( &mmu_utlb, sizeof(mmu_utlb), 1, f ) != 1 ) {
211 if( fread( &mmu_urc, sizeof(mmu_urc), 1, f ) != 1 ) {
214 if( fread( &mmu_urc, sizeof(mmu_urb), 1, f ) != 1 ) {
217 if( fread( &mmu_lrui, sizeof(mmu_lrui), 1, f ) != 1 ) {
220 if( fread( &mmu_asid, sizeof(mmu_asid), 1, f ) != 1 ) {
223 mmu_utlb_sorted_reload();
228 /******************* Sorted TLB data structure ****************/
230 * mmu_utlb_sorted maintains a list of all active (valid) entries,
231 * sorted by masked VPN and then ASID. Multi-hit entries are resolved
232 * ahead of time, and have -1 recorded as the corresponding PPN.
234 * FIXME: Multi-hit detection doesn't pick up cases where two pages
235 * overlap due to different sizes (and don't share the same base
238 static void mmu_utlb_sorted_reset()
240 mmu_utlb_entries = 0;
244 * Find an entry in the sorted table (VPN+ASID check).
246 static inline int mmu_utlb_sorted_find( sh4addr_t vma )
249 int high = mmu_utlb_entries;
250 uint32_t lookup = (vma & 0xFFFFFC00) + mmu_asid;
253 if( mmu_urc == mmu_urb || mmu_urc == 0x40 ) {
257 while( low != high ) {
258 int posn = (high+low)>>1;
259 int masked = lookup & mmu_utlb_sorted[posn].mask;
260 if( mmu_utlb_sorted[posn].key < masked ) {
262 } else if( mmu_utlb_sorted[posn].key > masked ) {
265 return mmu_utlb_sorted[posn].entryNo;
272 static void mmu_utlb_insert_entry( int entry )
275 int high = mmu_utlb_entries;
276 uint32_t key = (mmu_utlb[entry].vpn & mmu_utlb[entry].mask) + mmu_utlb[entry].asid;
278 assert( mmu_utlb_entries < UTLB_ENTRY_COUNT );
279 /* Find the insertion point */
280 while( low != high ) {
281 int posn = (high+low)>>1;
282 if( mmu_utlb_sorted[posn].key < key ) {
284 } else if( mmu_utlb_sorted[posn].key > key ) {
287 /* Exact match - multi-hit */
288 mmu_utlb_sorted[posn].entryNo = -2;
292 memmove( &mmu_utlb_sorted[low+1], &mmu_utlb_sorted[low],
293 (mmu_utlb_entries - low) * sizeof(struct utlb_sort_entry) );
294 mmu_utlb_sorted[low].key = key;
295 mmu_utlb_sorted[low].mask = mmu_utlb[entry].mask | 0x000000FF;
296 mmu_utlb_sorted[low].entryNo = entry;
300 static void mmu_utlb_remove_entry( int entry )
303 int high = mmu_utlb_entries;
304 uint32_t key = (mmu_utlb[entry].vpn & mmu_utlb[entry].mask) + mmu_utlb[entry].asid;
305 while( low != high ) {
306 int posn = (high+low)>>1;
307 if( mmu_utlb_sorted[posn].key < key ) {
309 } else if( mmu_utlb_sorted[posn].key > key ) {
312 if( mmu_utlb_sorted[posn].entryNo == -2 ) {
313 /* Multiple-entry recorded - rebuild the whole table minus entry */
315 mmu_utlb_entries = 0;
316 for( i=0; i< UTLB_ENTRY_COUNT; i++ ) {
317 if( i != entry && (mmu_utlb[i].flags & TLB_VALID) ) {
318 mmu_utlb_insert_entry(i);
323 memmove( &mmu_utlb_sorted[posn], &mmu_utlb_sorted[posn+1],
324 (mmu_utlb_entries - posn)*sizeof(struct utlb_sort_entry) );
329 assert( 0 && "UTLB key not found!" );
332 static void mmu_utlb_sorted_reload()
335 mmu_utlb_entries = 0;
336 for( i=0; i<UTLB_ENTRY_COUNT; i++ ) {
337 if( mmu_utlb[i].flags & TLB_VALID )
338 mmu_utlb_insert_entry( i );
342 /* TLB maintanence */
345 * LDTLB instruction implementation. Copies PTEH, PTEL and PTEA into the UTLB
346 * entry identified by MMUCR.URC. Does not modify MMUCR or the ITLB.
350 if( mmu_utlb[mmu_urc].flags & TLB_VALID )
351 mmu_utlb_remove_entry( mmu_urc );
352 mmu_utlb[mmu_urc].vpn = MMIO_READ(MMU, PTEH) & 0xFFFFFC00;
353 mmu_utlb[mmu_urc].asid = MMIO_READ(MMU, PTEH) & 0x000000FF;
354 mmu_utlb[mmu_urc].ppn = MMIO_READ(MMU, PTEL) & 0x1FFFFC00;
355 mmu_utlb[mmu_urc].flags = MMIO_READ(MMU, PTEL) & 0x00001FF;
356 mmu_utlb[mmu_urc].pcmcia = MMIO_READ(MMU, PTEA);
357 mmu_utlb[mmu_urc].mask = get_mask_for_flags(mmu_utlb[mmu_urc].flags);
358 if( mmu_utlb[mmu_urc].ppn >= 0x1C000000 )
359 mmu_utlb[mmu_urc].ppn |= 0xE0000000;
360 if( mmu_utlb[mmu_urc].flags & TLB_VALID )
361 mmu_utlb_insert_entry( mmu_urc );
364 static void mmu_invalidate_tlb()
367 for( i=0; i<ITLB_ENTRY_COUNT; i++ ) {
368 mmu_itlb[i].flags &= (~TLB_VALID);
370 for( i=0; i<UTLB_ENTRY_COUNT; i++ ) {
371 mmu_utlb[i].flags &= (~TLB_VALID);
373 mmu_utlb_entries = 0;
376 #define ITLB_ENTRY(addr) ((addr>>7)&0x03)
378 int32_t FASTCALL mmu_itlb_addr_read( sh4addr_t addr )
380 struct itlb_entry *ent = &mmu_itlb[ITLB_ENTRY(addr)];
381 return ent->vpn | ent->asid | (ent->flags & TLB_VALID);
383 int32_t FASTCALL mmu_itlb_data_read( sh4addr_t addr )
385 struct itlb_entry *ent = &mmu_itlb[ITLB_ENTRY(addr)];
386 return (ent->ppn & 0x1FFFFC00) | ent->flags;
389 void FASTCALL mmu_itlb_addr_write( sh4addr_t addr, uint32_t val )
391 struct itlb_entry *ent = &mmu_itlb[ITLB_ENTRY(addr)];
392 ent->vpn = val & 0xFFFFFC00;
393 ent->asid = val & 0x000000FF;
394 ent->flags = (ent->flags & ~(TLB_VALID)) | (val&TLB_VALID);
397 void FASTCALL mmu_itlb_data_write( sh4addr_t addr, uint32_t val )
399 struct itlb_entry *ent = &mmu_itlb[ITLB_ENTRY(addr)];
400 ent->ppn = val & 0x1FFFFC00;
401 ent->flags = val & 0x00001DA;
402 ent->mask = get_mask_for_flags(val);
403 if( ent->ppn >= 0x1C000000 )
404 ent->ppn |= 0xE0000000;
407 #define UTLB_ENTRY(addr) ((addr>>8)&0x3F)
408 #define UTLB_ASSOC(addr) (addr&0x80)
409 #define UTLB_DATA2(addr) (addr&0x00800000)
411 int32_t FASTCALL mmu_utlb_addr_read( sh4addr_t addr )
413 struct utlb_entry *ent = &mmu_utlb[UTLB_ENTRY(addr)];
414 return ent->vpn | ent->asid | (ent->flags & TLB_VALID) |
415 ((ent->flags & TLB_DIRTY)<<7);
417 int32_t FASTCALL mmu_utlb_data_read( sh4addr_t addr )
419 struct utlb_entry *ent = &mmu_utlb[UTLB_ENTRY(addr)];
420 if( UTLB_DATA2(addr) ) {
423 return (ent->ppn&0x1FFFFC00) | ent->flags;
428 * Find a UTLB entry for the associative TLB write - same as the normal
429 * lookup but ignores the valid bit.
431 static inline int mmu_utlb_lookup_assoc( uint32_t vpn, uint32_t asid )
435 for( i = 0; i < UTLB_ENTRY_COUNT; i++ ) {
436 if( (mmu_utlb[i].flags & TLB_VALID) &&
437 ((mmu_utlb[i].flags & TLB_SHARE) || asid == mmu_utlb[i].asid) &&
438 ((mmu_utlb[i].vpn ^ vpn) & mmu_utlb[i].mask) == 0 ) {
440 fprintf( stderr, "TLB Multi hit: %d %d\n", result, i );
450 * Find a ITLB entry for the associative TLB write - same as the normal
451 * lookup but ignores the valid bit.
453 static inline int mmu_itlb_lookup_assoc( uint32_t vpn, uint32_t asid )
457 for( i = 0; i < ITLB_ENTRY_COUNT; i++ ) {
458 if( (mmu_itlb[i].flags & TLB_VALID) &&
459 ((mmu_itlb[i].flags & TLB_SHARE) || asid == mmu_itlb[i].asid) &&
460 ((mmu_itlb[i].vpn ^ vpn) & mmu_itlb[i].mask) == 0 ) {
470 void FASTCALL mmu_utlb_addr_write( sh4addr_t addr, uint32_t val )
472 if( UTLB_ASSOC(addr) ) {
473 int utlb = mmu_utlb_lookup_assoc( val, mmu_asid );
475 struct utlb_entry *ent = &mmu_utlb[utlb];
476 uint32_t old_flags = ent->flags;
477 ent->flags = ent->flags & ~(TLB_DIRTY|TLB_VALID);
478 ent->flags |= (val & TLB_VALID);
479 ent->flags |= ((val & 0x200)>>7);
480 if( (old_flags & TLB_VALID) && !(ent->flags&TLB_VALID) ) {
481 mmu_utlb_remove_entry( utlb );
482 } else if( !(old_flags & TLB_VALID) && (ent->flags&TLB_VALID) ) {
483 mmu_utlb_insert_entry( utlb );
487 int itlb = mmu_itlb_lookup_assoc( val, mmu_asid );
489 struct itlb_entry *ent = &mmu_itlb[itlb];
490 ent->flags = (ent->flags & (~TLB_VALID)) | (val & TLB_VALID);
493 if( itlb == -2 || utlb == -2 ) {
494 MMU_TLB_MULTI_HIT_ERROR(addr);
498 struct utlb_entry *ent = &mmu_utlb[UTLB_ENTRY(addr)];
499 if( ent->flags & TLB_VALID )
500 mmu_utlb_remove_entry( UTLB_ENTRY(addr) );
501 ent->vpn = (val & 0xFFFFFC00);
502 ent->asid = (val & 0xFF);
503 ent->flags = (ent->flags & ~(TLB_DIRTY|TLB_VALID));
504 ent->flags |= (val & TLB_VALID);
505 ent->flags |= ((val & 0x200)>>7);
506 if( ent->flags & TLB_VALID )
507 mmu_utlb_insert_entry( UTLB_ENTRY(addr) );
511 void FASTCALL mmu_utlb_data_write( sh4addr_t addr, uint32_t val )
513 struct utlb_entry *ent = &mmu_utlb[UTLB_ENTRY(addr)];
514 if( UTLB_DATA2(addr) ) {
515 ent->pcmcia = val & 0x0000000F;
517 if( ent->flags & TLB_VALID )
518 mmu_utlb_remove_entry( UTLB_ENTRY(addr) );
519 ent->ppn = (val & 0x1FFFFC00);
520 ent->flags = (val & 0x000001FF);
521 ent->mask = get_mask_for_flags(val);
522 if( mmu_utlb[mmu_urc].ppn >= 0x1C000000 )
523 mmu_utlb[mmu_urc].ppn |= 0xE0000000;
524 if( ent->flags & TLB_VALID )
525 mmu_utlb_insert_entry( UTLB_ENTRY(addr) );
529 /******************************************************************************/
530 /* MMU TLB address translation */
531 /******************************************************************************/
534 * The translations are excessively complicated, but unfortunately it's a
535 * complicated system. TODO: make this not be painfully slow.
539 * Perform the actual utlb lookup w/ asid matching.
540 * Possible utcomes are:
541 * 0..63 Single match - good, return entry found
542 * -1 No match - raise a tlb data miss exception
543 * -2 Multiple matches - raise a multi-hit exception (reset)
544 * @param vpn virtual address to resolve
545 * @return the resultant UTLB entry, or an error.
547 static inline int mmu_utlb_lookup_vpn_asid( uint32_t vpn )
553 if( mmu_urc == mmu_urb || mmu_urc == 0x40 ) {
557 for( i = 0; i < UTLB_ENTRY_COUNT; i++ ) {
558 if( (mmu_utlb[i].flags & TLB_VALID) &&
559 ((mmu_utlb[i].flags & TLB_SHARE) || mmu_asid == mmu_utlb[i].asid) &&
560 ((mmu_utlb[i].vpn ^ vpn) & mmu_utlb[i].mask) == 0 ) {
571 * Perform the actual utlb lookup matching on vpn only
572 * Possible utcomes are:
573 * 0..63 Single match - good, return entry found
574 * -1 No match - raise a tlb data miss exception
575 * -2 Multiple matches - raise a multi-hit exception (reset)
576 * @param vpn virtual address to resolve
577 * @return the resultant UTLB entry, or an error.
579 static inline int mmu_utlb_lookup_vpn( uint32_t vpn )
585 if( mmu_urc == mmu_urb || mmu_urc == 0x40 ) {
589 for( i = 0; i < UTLB_ENTRY_COUNT; i++ ) {
590 if( (mmu_utlb[i].flags & TLB_VALID) &&
591 ((mmu_utlb[i].vpn ^ vpn) & mmu_utlb[i].mask) == 0 ) {
603 * Update the ITLB by replacing the LRU entry with the specified UTLB entry.
604 * @return the number (0-3) of the replaced entry.
606 static int inline mmu_itlb_update_from_utlb( int entryNo )
609 /* Determine entry to replace based on lrui */
610 if( (mmu_lrui & 0x38) == 0x38 ) {
612 mmu_lrui = mmu_lrui & 0x07;
613 } else if( (mmu_lrui & 0x26) == 0x06 ) {
615 mmu_lrui = (mmu_lrui & 0x19) | 0x20;
616 } else if( (mmu_lrui & 0x15) == 0x01 ) {
618 mmu_lrui = (mmu_lrui & 0x3E) | 0x14;
619 } else { // Note - gets invalid entries too
621 mmu_lrui = (mmu_lrui | 0x0B);
624 mmu_itlb[replace].vpn = mmu_utlb[entryNo].vpn;
625 mmu_itlb[replace].mask = mmu_utlb[entryNo].mask;
626 mmu_itlb[replace].ppn = mmu_utlb[entryNo].ppn;
627 mmu_itlb[replace].asid = mmu_utlb[entryNo].asid;
628 mmu_itlb[replace].flags = mmu_utlb[entryNo].flags & 0x01DA;
633 * Perform the actual itlb lookup w/ asid protection
634 * Possible utcomes are:
635 * 0..63 Single match - good, return entry found
636 * -1 No match - raise a tlb data miss exception
637 * -2 Multiple matches - raise a multi-hit exception (reset)
638 * @param vpn virtual address to resolve
639 * @return the resultant ITLB entry, or an error.
641 static inline int mmu_itlb_lookup_vpn_asid( uint32_t vpn )
646 for( i = 0; i < ITLB_ENTRY_COUNT; i++ ) {
647 if( (mmu_itlb[i].flags & TLB_VALID) &&
648 ((mmu_itlb[i].flags & TLB_SHARE) || mmu_asid == mmu_itlb[i].asid) &&
649 ((mmu_itlb[i].vpn ^ vpn) & mmu_itlb[i].mask) == 0 ) {
658 int utlbEntry = mmu_utlb_sorted_find( vpn );
659 if( utlbEntry < 0 ) {
662 return mmu_itlb_update_from_utlb( utlbEntry );
667 case 0: mmu_lrui = (mmu_lrui & 0x07); break;
668 case 1: mmu_lrui = (mmu_lrui & 0x19) | 0x20; break;
669 case 2: mmu_lrui = (mmu_lrui & 0x3E) | 0x14; break;
670 case 3: mmu_lrui = (mmu_lrui | 0x0B); break;
677 * Perform the actual itlb lookup on vpn only
678 * Possible utcomes are:
679 * 0..63 Single match - good, return entry found
680 * -1 No match - raise a tlb data miss exception
681 * -2 Multiple matches - raise a multi-hit exception (reset)
682 * @param vpn virtual address to resolve
683 * @return the resultant ITLB entry, or an error.
685 static inline int mmu_itlb_lookup_vpn( uint32_t vpn )
690 for( i = 0; i < ITLB_ENTRY_COUNT; i++ ) {
691 if( (mmu_itlb[i].flags & TLB_VALID) &&
692 ((mmu_itlb[i].vpn ^ vpn) & mmu_itlb[i].mask) == 0 ) {
701 int utlbEntry = mmu_utlb_lookup_vpn( vpn );
702 if( utlbEntry < 0 ) {
705 return mmu_itlb_update_from_utlb( utlbEntry );
710 case 0: mmu_lrui = (mmu_lrui & 0x07); break;
711 case 1: mmu_lrui = (mmu_lrui & 0x19) | 0x20; break;
712 case 2: mmu_lrui = (mmu_lrui & 0x3E) | 0x14; break;
713 case 3: mmu_lrui = (mmu_lrui | 0x0B); break;
719 #ifdef HAVE_FRAME_ADDRESS
720 sh4addr_t FASTCALL mmu_vma_to_phys_read( sh4vma_t addr, void *exc )
722 sh4addr_t FASTCALL mmu_vma_to_phys_read( sh4vma_t addr )
725 uint32_t mmucr = MMIO_READ(MMU,MMUCR);
726 if( addr & 0x80000000 ) {
727 if( IS_SH4_PRIVMODE() ) {
728 if( addr >= 0xE0000000 ) {
729 return addr; /* P4 - passthrough */
730 } else if( addr < 0xC0000000 ) {
731 /* P1, P2 regions are pass-through (no translation) */
732 return VMA_TO_EXT_ADDR(addr);
735 if( addr >= 0xE0000000 && addr < 0xE4000000 &&
736 ((mmucr&MMUCR_SQMD) == 0) ) {
737 /* Conditional user-mode access to the store-queue (no translation) */
740 MMU_READ_ADDR_ERROR();
745 if( (mmucr & MMUCR_AT) == 0 ) {
746 return VMA_TO_EXT_ADDR(addr);
749 /* If we get this far, translation is required */
751 if( ((mmucr & MMUCR_SV) == 0) || !IS_SH4_PRIVMODE() ) {
752 entryNo = mmu_utlb_sorted_find( addr );
754 entryNo = mmu_utlb_lookup_vpn( addr );
759 MMU_TLB_READ_MISS_ERROR(addr);
762 MMU_TLB_MULTI_HIT_ERROR(addr);
765 if( (mmu_utlb[entryNo].flags & TLB_USERMODE) == 0 &&
766 !IS_SH4_PRIVMODE() ) {
767 /* protection violation */
768 MMU_TLB_READ_PROT_ERROR(addr);
772 /* finally generate the target address */
773 return (mmu_utlb[entryNo].ppn & mmu_utlb[entryNo].mask) |
774 (addr & (~mmu_utlb[entryNo].mask));
778 #ifdef HAVE_FRAME_ADDRESS
779 sh4addr_t FASTCALL mmu_vma_to_phys_write( sh4vma_t addr, void *exc )
781 sh4addr_t FASTCALL mmu_vma_to_phys_write( sh4vma_t addr )
784 uint32_t mmucr = MMIO_READ(MMU,MMUCR);
785 if( addr & 0x80000000 ) {
786 if( IS_SH4_PRIVMODE() ) {
787 if( addr >= 0xE0000000 ) {
788 return addr; /* P4 - passthrough */
789 } else if( addr < 0xC0000000 ) {
790 /* P1, P2 regions are pass-through (no translation) */
791 return VMA_TO_EXT_ADDR(addr);
794 if( addr >= 0xE0000000 && addr < 0xE4000000 &&
795 ((mmucr&MMUCR_SQMD) == 0) ) {
796 /* Conditional user-mode access to the store-queue (no translation) */
799 MMU_WRITE_ADDR_ERROR();
804 if( (mmucr & MMUCR_AT) == 0 ) {
805 return VMA_TO_EXT_ADDR(addr);
808 /* If we get this far, translation is required */
810 if( ((mmucr & MMUCR_SV) == 0) || !IS_SH4_PRIVMODE() ) {
811 entryNo = mmu_utlb_sorted_find( addr );
813 entryNo = mmu_utlb_lookup_vpn( addr );
818 MMU_TLB_WRITE_MISS_ERROR(addr);
821 MMU_TLB_MULTI_HIT_ERROR(addr);
824 if( IS_SH4_PRIVMODE() ? ((mmu_utlb[entryNo].flags & TLB_WRITABLE) == 0)
825 : ((mmu_utlb[entryNo].flags & TLB_USERWRITABLE) != TLB_USERWRITABLE) ) {
826 /* protection violation */
827 MMU_TLB_WRITE_PROT_ERROR(addr);
831 if( (mmu_utlb[entryNo].flags & TLB_DIRTY) == 0 ) {
832 MMU_TLB_INITIAL_WRITE_ERROR(addr);
836 /* finally generate the target address */
837 sh4addr_t pma = (mmu_utlb[entryNo].ppn & mmu_utlb[entryNo].mask) |
838 (addr & (~mmu_utlb[entryNo].mask));
844 * Update the icache for an untranslated address
846 static inline void mmu_update_icache_phys( sh4addr_t addr )
848 if( (addr & 0x1C000000) == 0x0C000000 ) {
850 sh4_icache.page_vma = addr & 0xFF000000;
851 sh4_icache.page_ppa = 0x0C000000;
852 sh4_icache.mask = 0xFF000000;
853 sh4_icache.page = sh4_main_ram;
854 } else if( (addr & 0x1FE00000) == 0 ) {
856 sh4_icache.page_vma = addr & 0xFFE00000;
857 sh4_icache.page_ppa = 0;
858 sh4_icache.mask = 0xFFE00000;
859 sh4_icache.page = mem_get_region(0);
862 sh4_icache.page_vma = -1;
867 * Update the sh4_icache structure to describe the page(s) containing the
868 * given vma. If the address does not reference a RAM/ROM region, the icache
869 * will be invalidated instead.
870 * If AT is on, this method will raise TLB exceptions normally
871 * (hence this method should only be used immediately prior to execution of
872 * code), and otherwise will set the icache according to the matching TLB entry.
873 * If AT is off, this method will set the entire referenced RAM/ROM region in
875 * @return TRUE if the update completed (successfully or otherwise), FALSE
876 * if an exception was raised.
878 gboolean FASTCALL mmu_update_icache( sh4vma_t addr )
881 if( IS_SH4_PRIVMODE() ) {
882 if( addr & 0x80000000 ) {
883 if( addr < 0xC0000000 ) {
884 /* P1, P2 and P4 regions are pass-through (no translation) */
885 mmu_update_icache_phys(addr);
887 } else if( addr >= 0xE0000000 && addr < 0xFFFFFF00 ) {
888 MMU_READ_ADDR_ERROR();
893 uint32_t mmucr = MMIO_READ(MMU,MMUCR);
894 if( (mmucr & MMUCR_AT) == 0 ) {
895 mmu_update_icache_phys(addr);
899 if( (mmucr & MMUCR_SV) == 0 )
900 entryNo = mmu_itlb_lookup_vpn_asid( addr );
902 entryNo = mmu_itlb_lookup_vpn( addr );
904 if( addr & 0x80000000 ) {
905 MMU_READ_ADDR_ERROR();
909 uint32_t mmucr = MMIO_READ(MMU,MMUCR);
910 if( (mmucr & MMUCR_AT) == 0 ) {
911 mmu_update_icache_phys(addr);
915 entryNo = mmu_itlb_lookup_vpn_asid( addr );
917 if( entryNo != -1 && (mmu_itlb[entryNo].flags & TLB_USERMODE) == 0 ) {
918 MMU_TLB_READ_PROT_ERROR(addr);
925 MMU_TLB_READ_MISS_ERROR(addr);
928 MMU_TLB_MULTI_HIT_ERROR(addr);
931 sh4_icache.page_ppa = mmu_itlb[entryNo].ppn & mmu_itlb[entryNo].mask;
932 sh4_icache.page = mem_get_region( sh4_icache.page_ppa );
933 if( sh4_icache.page == NULL ) {
934 sh4_icache.page_vma = -1;
936 sh4_icache.page_vma = mmu_itlb[entryNo].vpn & mmu_itlb[entryNo].mask;
937 sh4_icache.mask = mmu_itlb[entryNo].mask;
944 * Translate address for disassembly purposes (ie performs an instruction
945 * lookup) - does not raise exceptions or modify any state, and ignores
946 * protection bits. Returns the translated address, or MMU_VMA_ERROR
947 * on translation failure.
949 sh4addr_t FASTCALL mmu_vma_to_phys_disasm( sh4vma_t vma )
951 if( vma & 0x80000000 ) {
952 if( vma < 0xC0000000 ) {
953 /* P1, P2 and P4 regions are pass-through (no translation) */
954 return VMA_TO_EXT_ADDR(vma);
955 } else if( vma >= 0xE0000000 && vma < 0xFFFFFF00 ) {
956 /* Not translatable */
957 return MMU_VMA_ERROR;
961 uint32_t mmucr = MMIO_READ(MMU,MMUCR);
962 if( (mmucr & MMUCR_AT) == 0 ) {
963 return VMA_TO_EXT_ADDR(vma);
966 int entryNo = mmu_itlb_lookup_vpn( vma );
967 if( entryNo == -2 ) {
968 entryNo = mmu_itlb_lookup_vpn_asid( vma );
971 return MMU_VMA_ERROR;
973 return (mmu_itlb[entryNo].ppn & mmu_itlb[entryNo].mask) |
974 (vma & (~mmu_itlb[entryNo].mask));
978 void FASTCALL sh4_flush_store_queue( sh4addr_t addr )
980 int queue = (addr&0x20)>>2;
981 uint32_t hi = MMIO_READ( MMU, QACR0 + (queue>>1)) << 24;
982 sh4ptr_t src = (sh4ptr_t)&sh4r.store_queue[queue];
983 sh4addr_t target = (addr&0x03FFFFE0) | hi;
984 ext_address_space[target>>12]->write_burst( target, src );
987 gboolean FASTCALL sh4_flush_store_queue_mmu( sh4addr_t addr )
989 uint32_t mmucr = MMIO_READ(MMU,MMUCR);
990 int queue = (addr&0x20)>>2;
991 sh4ptr_t src = (sh4ptr_t)&sh4r.store_queue[queue];
993 /* Store queue operation */
996 if( ((mmucr & MMUCR_SV) == 0) || !IS_SH4_PRIVMODE() ) {
997 entryNo = mmu_utlb_lookup_vpn_asid( addr );
999 entryNo = mmu_utlb_lookup_vpn( addr );
1003 MMU_TLB_WRITE_MISS_ERROR(addr);
1006 MMU_TLB_MULTI_HIT_ERROR(addr);
1009 if( IS_SH4_PRIVMODE() ? ((mmu_utlb[entryNo].flags & TLB_WRITABLE) == 0)
1010 : ((mmu_utlb[entryNo].flags & TLB_USERWRITABLE) != TLB_USERWRITABLE) ) {
1011 /* protection violation */
1012 MMU_TLB_WRITE_PROT_ERROR(addr);
1016 if( (mmu_utlb[entryNo].flags & TLB_DIRTY) == 0 ) {
1017 MMU_TLB_INITIAL_WRITE_ERROR(addr);
1021 /* finally generate the target address */
1022 target = ((mmu_utlb[entryNo].ppn & mmu_utlb[entryNo].mask) |
1023 (addr & (~mmu_utlb[entryNo].mask))) & 0xFFFFFFE0;
1026 ext_address_space[target>>12]->write_burst( target, src );
.