nkeynes@550: /** nkeynes@586: * $Id$ nkeynes@550: * nkeynes@550: * MMU implementation nkeynes@550: * nkeynes@550: * Copyright (c) 2005 Nathan Keynes. nkeynes@550: * nkeynes@550: * This program is free software; you can redistribute it and/or modify nkeynes@550: * it under the terms of the GNU General Public License as published by nkeynes@550: * the Free Software Foundation; either version 2 of the License, or nkeynes@550: * (at your option) any later version. nkeynes@550: * nkeynes@550: * This program is distributed in the hope that it will be useful, nkeynes@550: * but WITHOUT ANY WARRANTY; without even the implied warranty of nkeynes@550: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the nkeynes@550: * GNU General Public License for more details. nkeynes@550: */ nkeynes@550: #define MODULE sh4_module nkeynes@550: nkeynes@550: #include nkeynes@550: #include "sh4/sh4mmio.h" nkeynes@550: #include "sh4/sh4core.h" nkeynes@669: #include "sh4/sh4trans.h" nkeynes@550: #include "mem.h" nkeynes@550: nkeynes@586: #define VMA_TO_EXT_ADDR(vma) ((vma)&0x1FFFFFFF) nkeynes@586: nkeynes@586: /* The MMU (practically unique in the system) is allowed to raise exceptions nkeynes@586: * directly, with a return code indicating that one was raised and the caller nkeynes@586: * had better behave appropriately. nkeynes@586: */ nkeynes@586: #define RAISE_TLB_ERROR(code, vpn) \ nkeynes@586: MMIO_WRITE(MMU, TEA, vpn); \ nkeynes@586: MMIO_WRITE(MMU, PTEH, ((MMIO_READ(MMU, PTEH) & 0x000003FF) | (vpn&0xFFFFFC00))); \ nkeynes@586: sh4_raise_tlb_exception(code); nkeynes@586: nkeynes@586: #define RAISE_MEM_ERROR(code, vpn) \ nkeynes@586: MMIO_WRITE(MMU, TEA, vpn); \ nkeynes@586: MMIO_WRITE(MMU, PTEH, ((MMIO_READ(MMU, PTEH) & 0x000003FF) | (vpn&0xFFFFFC00))); \ nkeynes@586: sh4_raise_exception(code); nkeynes@586: nkeynes@586: #define RAISE_OTHER_ERROR(code) \ nkeynes@586: sh4_raise_exception(code); nkeynes@586: /** nkeynes@586: * Abort with a non-MMU address error. Caused by user-mode code attempting nkeynes@586: * to access privileged regions, or alignment faults. nkeynes@586: */ nkeynes@586: #define MMU_READ_ADDR_ERROR() RAISE_OTHER_ERROR(EXC_DATA_ADDR_READ) nkeynes@586: #define MMU_WRITE_ADDR_ERROR() RAISE_OTHER_ERROR(EXC_DATA_ADDR_WRITE) nkeynes@586: nkeynes@586: #define MMU_TLB_READ_MISS_ERROR(vpn) RAISE_TLB_ERROR(EXC_TLB_MISS_READ, vpn) nkeynes@586: #define MMU_TLB_WRITE_MISS_ERROR(vpn) RAISE_TLB_ERROR(EXC_TLB_MISS_WRITE, vpn) nkeynes@586: #define MMU_TLB_INITIAL_WRITE_ERROR(vpn) RAISE_MEM_ERROR(EXC_INIT_PAGE_WRITE, vpn) nkeynes@586: #define MMU_TLB_READ_PROT_ERROR(vpn) RAISE_MEM_ERROR(EXC_TLB_PROT_READ, vpn) nkeynes@586: #define MMU_TLB_WRITE_PROT_ERROR(vpn) RAISE_MEM_ERROR(EXC_TLB_PROT_WRITE, vpn) nkeynes@586: #define MMU_TLB_MULTI_HIT_ERROR(vpn) sh4_raise_reset(EXC_TLB_MULTI_HIT); \ nkeynes@586: MMIO_WRITE(MMU, TEA, vpn); \ nkeynes@586: MMIO_WRITE(MMU, PTEH, ((MMIO_READ(MMU, PTEH) & 0x000003FF) | (vpn&0xFFFFFC00))); nkeynes@586: nkeynes@586: nkeynes@796: #define OCRAM_START (0x1C000000>>LXDREAM_PAGE_BITS) nkeynes@796: #define OCRAM_END (0x20000000>>LXDREAM_PAGE_BITS) nkeynes@550: nkeynes@550: #define ITLB_ENTRY_COUNT 4 nkeynes@550: #define UTLB_ENTRY_COUNT 64 nkeynes@550: nkeynes@550: /* Entry address */ nkeynes@550: #define TLB_VALID 0x00000100 nkeynes@550: #define TLB_USERMODE 0x00000040 nkeynes@550: #define TLB_WRITABLE 0x00000020 nkeynes@586: #define TLB_USERWRITABLE (TLB_WRITABLE|TLB_USERMODE) nkeynes@550: #define TLB_SIZE_MASK 0x00000090 nkeynes@550: #define TLB_SIZE_1K 0x00000000 nkeynes@550: #define TLB_SIZE_4K 0x00000010 nkeynes@550: #define TLB_SIZE_64K 0x00000080 nkeynes@550: #define TLB_SIZE_1M 0x00000090 nkeynes@550: #define TLB_CACHEABLE 0x00000008 nkeynes@550: #define TLB_DIRTY 0x00000004 nkeynes@550: #define TLB_SHARE 0x00000002 nkeynes@550: #define TLB_WRITETHRU 0x00000001 nkeynes@550: nkeynes@586: #define MASK_1K 0xFFFFFC00 nkeynes@586: #define MASK_4K 0xFFFFF000 nkeynes@586: #define MASK_64K 0xFFFF0000 nkeynes@586: #define MASK_1M 0xFFF00000 nkeynes@550: nkeynes@550: struct itlb_entry { nkeynes@550: sh4addr_t vpn; // Virtual Page Number nkeynes@550: uint32_t asid; // Process ID nkeynes@586: uint32_t mask; nkeynes@550: sh4addr_t ppn; // Physical Page Number nkeynes@550: uint32_t flags; nkeynes@550: }; nkeynes@550: nkeynes@550: struct utlb_entry { nkeynes@550: sh4addr_t vpn; // Virtual Page Number nkeynes@586: uint32_t mask; // Page size mask nkeynes@550: uint32_t asid; // Process ID nkeynes@550: sh4addr_t ppn; // Physical Page Number nkeynes@550: uint32_t flags; nkeynes@550: uint32_t pcmcia; // extra pcmcia data - not used nkeynes@550: }; nkeynes@550: nkeynes@550: static struct itlb_entry mmu_itlb[ITLB_ENTRY_COUNT]; nkeynes@550: static struct utlb_entry mmu_utlb[UTLB_ENTRY_COUNT]; nkeynes@550: static uint32_t mmu_urc; nkeynes@550: static uint32_t mmu_urb; nkeynes@550: static uint32_t mmu_lrui; nkeynes@586: static uint32_t mmu_asid; // current asid nkeynes@550: nkeynes@550: static sh4ptr_t cache = NULL; nkeynes@550: nkeynes@550: static void mmu_invalidate_tlb(); nkeynes@550: nkeynes@550: nkeynes@586: static uint32_t get_mask_for_flags( uint32_t flags ) nkeynes@586: { nkeynes@586: switch( flags & TLB_SIZE_MASK ) { nkeynes@586: case TLB_SIZE_1K: return MASK_1K; nkeynes@586: case TLB_SIZE_4K: return MASK_4K; nkeynes@586: case TLB_SIZE_64K: return MASK_64K; nkeynes@586: case TLB_SIZE_1M: return MASK_1M; nkeynes@669: default: return 0; /* Unreachable */ nkeynes@586: } nkeynes@586: } nkeynes@586: nkeynes@550: int32_t mmio_region_MMU_read( uint32_t reg ) nkeynes@550: { nkeynes@550: switch( reg ) { nkeynes@550: case MMUCR: nkeynes@736: return MMIO_READ( MMU, MMUCR) | (mmu_urc<<10) | (mmu_urb<<18) | (mmu_lrui<<26); nkeynes@550: default: nkeynes@736: return MMIO_READ( MMU, reg ); nkeynes@550: } nkeynes@550: } nkeynes@550: nkeynes@550: void mmio_region_MMU_write( uint32_t reg, uint32_t val ) nkeynes@550: { nkeynes@586: uint32_t tmp; nkeynes@550: switch(reg) { nkeynes@818: case SH4VER: nkeynes@818: return; nkeynes@550: case PTEH: nkeynes@736: val &= 0xFFFFFCFF; nkeynes@736: if( (val & 0xFF) != mmu_asid ) { nkeynes@736: mmu_asid = val&0xFF; nkeynes@736: sh4_icache.page_vma = -1; // invalidate icache as asid has changed nkeynes@736: } nkeynes@736: break; nkeynes@550: case PTEL: nkeynes@736: val &= 0x1FFFFDFF; nkeynes@736: break; nkeynes@550: case PTEA: nkeynes@736: val &= 0x0000000F; nkeynes@736: break; nkeynes@550: case MMUCR: nkeynes@736: if( val & MMUCR_TI ) { nkeynes@736: mmu_invalidate_tlb(); nkeynes@736: } nkeynes@736: mmu_urc = (val >> 10) & 0x3F; nkeynes@736: mmu_urb = (val >> 18) & 0x3F; nkeynes@736: mmu_lrui = (val >> 26) & 0x3F; nkeynes@736: val &= 0x00000301; nkeynes@736: tmp = MMIO_READ( MMU, MMUCR ); nkeynes@740: if( (val ^ tmp) & MMUCR_AT ) { nkeynes@736: // AT flag has changed state - flush the xlt cache as all bets nkeynes@736: // are off now. We also need to force an immediate exit from the nkeynes@736: // current block nkeynes@736: MMIO_WRITE( MMU, MMUCR, val ); nkeynes@740: sh4_flush_icache(); nkeynes@736: } nkeynes@736: break; nkeynes@550: case CCR: nkeynes@817: mmu_set_cache_mode( val & (CCR_OIX|CCR_ORA|CCR_OCE) ); nkeynes@817: val &= 0x81A7; nkeynes@736: break; nkeynes@550: default: nkeynes@736: break; nkeynes@550: } nkeynes@550: MMIO_WRITE( MMU, reg, val ); nkeynes@550: } nkeynes@550: nkeynes@550: nkeynes@550: void MMU_init() nkeynes@550: { nkeynes@550: cache = mem_alloc_pages(2); nkeynes@550: } nkeynes@550: nkeynes@550: void MMU_reset() nkeynes@550: { nkeynes@550: mmio_region_MMU_write( CCR, 0 ); nkeynes@586: mmio_region_MMU_write( MMUCR, 0 ); nkeynes@550: } nkeynes@550: nkeynes@550: void MMU_save_state( FILE *f ) nkeynes@550: { nkeynes@550: fwrite( cache, 4096, 2, f ); nkeynes@550: fwrite( &mmu_itlb, sizeof(mmu_itlb), 1, f ); nkeynes@550: fwrite( &mmu_utlb, sizeof(mmu_utlb), 1, f ); nkeynes@586: fwrite( &mmu_urc, sizeof(mmu_urc), 1, f ); nkeynes@586: fwrite( &mmu_urb, sizeof(mmu_urb), 1, f ); nkeynes@586: fwrite( &mmu_lrui, sizeof(mmu_lrui), 1, f ); nkeynes@586: fwrite( &mmu_asid, sizeof(mmu_asid), 1, f ); nkeynes@550: } nkeynes@550: nkeynes@550: int MMU_load_state( FILE *f ) nkeynes@550: { nkeynes@550: /* Setup the cache mode according to the saved register value nkeynes@550: * (mem_load runs before this point to load all MMIO data) nkeynes@550: */ nkeynes@550: mmio_region_MMU_write( CCR, MMIO_READ(MMU, CCR) ); nkeynes@550: if( fread( cache, 4096, 2, f ) != 2 ) { nkeynes@736: return 1; nkeynes@550: } nkeynes@550: if( fread( &mmu_itlb, sizeof(mmu_itlb), 1, f ) != 1 ) { nkeynes@736: return 1; nkeynes@550: } nkeynes@550: if( fread( &mmu_utlb, sizeof(mmu_utlb), 1, f ) != 1 ) { nkeynes@736: return 1; nkeynes@550: } nkeynes@586: if( fread( &mmu_urc, sizeof(mmu_urc), 1, f ) != 1 ) { nkeynes@736: return 1; nkeynes@586: } nkeynes@586: if( fread( &mmu_urc, sizeof(mmu_urb), 1, f ) != 1 ) { nkeynes@736: return 1; nkeynes@586: } nkeynes@586: if( fread( &mmu_lrui, sizeof(mmu_lrui), 1, f ) != 1 ) { nkeynes@736: return 1; nkeynes@586: } nkeynes@586: if( fread( &mmu_asid, sizeof(mmu_asid), 1, f ) != 1 ) { nkeynes@736: return 1; nkeynes@586: } nkeynes@550: return 0; nkeynes@550: } nkeynes@550: nkeynes@550: void mmu_set_cache_mode( int mode ) nkeynes@550: { nkeynes@550: uint32_t i; nkeynes@550: switch( mode ) { nkeynes@736: case MEM_OC_INDEX0: /* OIX=0 */ nkeynes@736: for( i=OCRAM_START; i>(25-LXDREAM_PAGE_BITS)); nkeynes@736: break; nkeynes@736: default: /* disabled */ nkeynes@736: for( i=OCRAM_START; i>7)&0x03) nkeynes@550: nkeynes@550: int32_t mmu_itlb_addr_read( sh4addr_t addr ) nkeynes@550: { nkeynes@550: struct itlb_entry *ent = &mmu_itlb[ITLB_ENTRY(addr)]; nkeynes@550: return ent->vpn | ent->asid | (ent->flags & TLB_VALID); nkeynes@550: } nkeynes@550: int32_t mmu_itlb_data_read( sh4addr_t addr ) nkeynes@550: { nkeynes@550: struct itlb_entry *ent = &mmu_itlb[ITLB_ENTRY(addr)]; nkeynes@550: return ent->ppn | ent->flags; nkeynes@550: } nkeynes@550: nkeynes@550: void mmu_itlb_addr_write( sh4addr_t addr, uint32_t val ) nkeynes@550: { nkeynes@550: struct itlb_entry *ent = &mmu_itlb[ITLB_ENTRY(addr)]; nkeynes@550: ent->vpn = val & 0xFFFFFC00; nkeynes@550: ent->asid = val & 0x000000FF; nkeynes@550: ent->flags = (ent->flags & ~(TLB_VALID)) | (val&TLB_VALID); nkeynes@550: } nkeynes@550: nkeynes@550: void mmu_itlb_data_write( sh4addr_t addr, uint32_t val ) nkeynes@550: { nkeynes@550: struct itlb_entry *ent = &mmu_itlb[ITLB_ENTRY(addr)]; nkeynes@550: ent->ppn = val & 0x1FFFFC00; nkeynes@550: ent->flags = val & 0x00001DA; nkeynes@586: ent->mask = get_mask_for_flags(val); nkeynes@550: } nkeynes@550: nkeynes@550: #define UTLB_ENTRY(addr) ((addr>>8)&0x3F) nkeynes@550: #define UTLB_ASSOC(addr) (addr&0x80) nkeynes@550: #define UTLB_DATA2(addr) (addr&0x00800000) nkeynes@550: nkeynes@550: int32_t mmu_utlb_addr_read( sh4addr_t addr ) nkeynes@550: { nkeynes@550: struct utlb_entry *ent = &mmu_utlb[UTLB_ENTRY(addr)]; nkeynes@550: return ent->vpn | ent->asid | (ent->flags & TLB_VALID) | nkeynes@736: ((ent->flags & TLB_DIRTY)<<7); nkeynes@550: } nkeynes@550: int32_t mmu_utlb_data_read( sh4addr_t addr ) nkeynes@550: { nkeynes@550: struct utlb_entry *ent = &mmu_utlb[UTLB_ENTRY(addr)]; nkeynes@550: if( UTLB_DATA2(addr) ) { nkeynes@736: return ent->pcmcia; nkeynes@550: } else { nkeynes@736: return ent->ppn | ent->flags; nkeynes@550: } nkeynes@550: } nkeynes@550: nkeynes@586: /** nkeynes@586: * Find a UTLB entry for the associative TLB write - same as the normal nkeynes@586: * lookup but ignores the valid bit. nkeynes@586: */ nkeynes@669: static inline int mmu_utlb_lookup_assoc( uint32_t vpn, uint32_t asid ) nkeynes@586: { nkeynes@586: int result = -1; nkeynes@586: unsigned int i; nkeynes@586: for( i = 0; i < UTLB_ENTRY_COUNT; i++ ) { nkeynes@736: if( (mmu_utlb[i].flags & TLB_VALID) && nkeynes@736: ((mmu_utlb[i].flags & TLB_SHARE) || asid == mmu_utlb[i].asid) && nkeynes@736: ((mmu_utlb[i].vpn ^ vpn) & mmu_utlb[i].mask) == 0 ) { nkeynes@736: if( result != -1 ) { nkeynes@736: fprintf( stderr, "TLB Multi hit: %d %d\n", result, i ); nkeynes@736: return -2; nkeynes@736: } nkeynes@736: result = i; nkeynes@736: } nkeynes@586: } nkeynes@586: return result; nkeynes@586: } nkeynes@586: nkeynes@586: /** nkeynes@586: * Find a ITLB entry for the associative TLB write - same as the normal nkeynes@586: * lookup but ignores the valid bit. nkeynes@586: */ nkeynes@669: static inline int mmu_itlb_lookup_assoc( uint32_t vpn, uint32_t asid ) nkeynes@586: { nkeynes@586: int result = -1; nkeynes@586: unsigned int i; nkeynes@586: for( i = 0; i < ITLB_ENTRY_COUNT; i++ ) { nkeynes@736: if( (mmu_itlb[i].flags & TLB_VALID) && nkeynes@736: ((mmu_itlb[i].flags & TLB_SHARE) || asid == mmu_itlb[i].asid) && nkeynes@736: ((mmu_itlb[i].vpn ^ vpn) & mmu_itlb[i].mask) == 0 ) { nkeynes@736: if( result != -1 ) { nkeynes@736: return -2; nkeynes@736: } nkeynes@736: result = i; nkeynes@736: } nkeynes@586: } nkeynes@586: return result; nkeynes@586: } nkeynes@586: nkeynes@550: void mmu_utlb_addr_write( sh4addr_t addr, uint32_t val ) nkeynes@550: { nkeynes@550: if( UTLB_ASSOC(addr) ) { nkeynes@736: int utlb = mmu_utlb_lookup_assoc( val, mmu_asid ); nkeynes@736: if( utlb >= 0 ) { nkeynes@736: struct utlb_entry *ent = &mmu_utlb[utlb]; nkeynes@736: ent->flags = ent->flags & ~(TLB_DIRTY|TLB_VALID); nkeynes@736: ent->flags |= (val & TLB_VALID); nkeynes@736: ent->flags |= ((val & 0x200)>>7); nkeynes@736: } nkeynes@586: nkeynes@736: int itlb = mmu_itlb_lookup_assoc( val, mmu_asid ); nkeynes@736: if( itlb >= 0 ) { nkeynes@736: struct itlb_entry *ent = &mmu_itlb[itlb]; nkeynes@736: ent->flags = (ent->flags & (~TLB_VALID)) | (val & TLB_VALID); nkeynes@736: } nkeynes@586: nkeynes@736: if( itlb == -2 || utlb == -2 ) { nkeynes@736: MMU_TLB_MULTI_HIT_ERROR(addr); nkeynes@736: return; nkeynes@736: } nkeynes@550: } else { nkeynes@736: struct utlb_entry *ent = &mmu_utlb[UTLB_ENTRY(addr)]; nkeynes@736: ent->vpn = (val & 0xFFFFFC00); nkeynes@736: ent->asid = (val & 0xFF); nkeynes@736: ent->flags = (ent->flags & ~(TLB_DIRTY|TLB_VALID)); nkeynes@736: ent->flags |= (val & TLB_VALID); nkeynes@736: ent->flags |= ((val & 0x200)>>7); nkeynes@550: } nkeynes@550: } nkeynes@550: nkeynes@550: void mmu_utlb_data_write( sh4addr_t addr, uint32_t val ) nkeynes@550: { nkeynes@550: struct utlb_entry *ent = &mmu_utlb[UTLB_ENTRY(addr)]; nkeynes@550: if( UTLB_DATA2(addr) ) { nkeynes@736: ent->pcmcia = val & 0x0000000F; nkeynes@550: } else { nkeynes@736: ent->ppn = (val & 0x1FFFFC00); nkeynes@736: ent->flags = (val & 0x000001FF); nkeynes@736: ent->mask = get_mask_for_flags(val); nkeynes@550: } nkeynes@550: } nkeynes@550: nkeynes@550: /* Cache access - not implemented */ nkeynes@550: nkeynes@550: int32_t mmu_icache_addr_read( sh4addr_t addr ) nkeynes@550: { nkeynes@550: return 0; // not implemented nkeynes@550: } nkeynes@550: int32_t mmu_icache_data_read( sh4addr_t addr ) nkeynes@550: { nkeynes@550: return 0; // not implemented nkeynes@550: } nkeynes@550: int32_t mmu_ocache_addr_read( sh4addr_t addr ) nkeynes@550: { nkeynes@550: return 0; // not implemented nkeynes@550: } nkeynes@550: int32_t mmu_ocache_data_read( sh4addr_t addr ) nkeynes@550: { nkeynes@550: return 0; // not implemented nkeynes@550: } nkeynes@550: nkeynes@550: void mmu_icache_addr_write( sh4addr_t addr, uint32_t val ) nkeynes@550: { nkeynes@550: } nkeynes@550: nkeynes@550: void mmu_icache_data_write( sh4addr_t addr, uint32_t val ) nkeynes@550: { nkeynes@550: } nkeynes@550: nkeynes@550: void mmu_ocache_addr_write( sh4addr_t addr, uint32_t val ) nkeynes@550: { nkeynes@550: } nkeynes@550: nkeynes@550: void mmu_ocache_data_write( sh4addr_t addr, uint32_t val ) nkeynes@550: { nkeynes@550: } nkeynes@586: nkeynes@586: /******************************************************************************/ nkeynes@586: /* MMU TLB address translation */ nkeynes@586: /******************************************************************************/ nkeynes@586: nkeynes@586: /** nkeynes@586: * The translations are excessively complicated, but unfortunately it's a nkeynes@586: * complicated system. TODO: make this not be painfully slow. nkeynes@586: */ nkeynes@586: nkeynes@586: /** nkeynes@586: * Perform the actual utlb lookup w/ asid matching. nkeynes@586: * Possible utcomes are: nkeynes@586: * 0..63 Single match - good, return entry found nkeynes@586: * -1 No match - raise a tlb data miss exception nkeynes@586: * -2 Multiple matches - raise a multi-hit exception (reset) nkeynes@586: * @param vpn virtual address to resolve nkeynes@586: * @return the resultant UTLB entry, or an error. nkeynes@586: */ nkeynes@586: static inline int mmu_utlb_lookup_vpn_asid( uint32_t vpn ) nkeynes@586: { nkeynes@586: int result = -1; nkeynes@586: unsigned int i; nkeynes@586: nkeynes@586: mmu_urc++; nkeynes@586: if( mmu_urc == mmu_urb || mmu_urc == 0x40 ) { nkeynes@736: mmu_urc = 0; nkeynes@586: } nkeynes@586: nkeynes@586: for( i = 0; i < UTLB_ENTRY_COUNT; i++ ) { nkeynes@736: if( (mmu_utlb[i].flags & TLB_VALID) && nkeynes@736: ((mmu_utlb[i].flags & TLB_SHARE) || mmu_asid == mmu_utlb[i].asid) && nkeynes@736: ((mmu_utlb[i].vpn ^ vpn) & mmu_utlb[i].mask) == 0 ) { nkeynes@736: if( result != -1 ) { nkeynes@736: return -2; nkeynes@736: } nkeynes@736: result = i; nkeynes@736: } nkeynes@586: } nkeynes@586: return result; nkeynes@586: } nkeynes@586: nkeynes@586: /** nkeynes@586: * Perform the actual utlb lookup matching on vpn only nkeynes@586: * Possible utcomes are: nkeynes@586: * 0..63 Single match - good, return entry found nkeynes@586: * -1 No match - raise a tlb data miss exception nkeynes@586: * -2 Multiple matches - raise a multi-hit exception (reset) nkeynes@586: * @param vpn virtual address to resolve nkeynes@586: * @return the resultant UTLB entry, or an error. nkeynes@586: */ nkeynes@586: static inline int mmu_utlb_lookup_vpn( uint32_t vpn ) nkeynes@586: { nkeynes@586: int result = -1; nkeynes@586: unsigned int i; nkeynes@586: nkeynes@586: mmu_urc++; nkeynes@586: if( mmu_urc == mmu_urb || mmu_urc == 0x40 ) { nkeynes@736: mmu_urc = 0; nkeynes@586: } nkeynes@586: nkeynes@586: for( i = 0; i < UTLB_ENTRY_COUNT; i++ ) { nkeynes@736: if( (mmu_utlb[i].flags & TLB_VALID) && nkeynes@736: ((mmu_utlb[i].vpn ^ vpn) & mmu_utlb[i].mask) == 0 ) { nkeynes@736: if( result != -1 ) { nkeynes@736: return -2; nkeynes@736: } nkeynes@736: result = i; nkeynes@736: } nkeynes@586: } nkeynes@586: nkeynes@586: return result; nkeynes@586: } nkeynes@586: nkeynes@586: /** nkeynes@586: * Update the ITLB by replacing the LRU entry with the specified UTLB entry. nkeynes@586: * @return the number (0-3) of the replaced entry. nkeynes@586: */ nkeynes@586: static int inline mmu_itlb_update_from_utlb( int entryNo ) nkeynes@586: { nkeynes@586: int replace; nkeynes@586: /* Determine entry to replace based on lrui */ nkeynes@586: if( (mmu_lrui & 0x38) == 0x38 ) { nkeynes@736: replace = 0; nkeynes@736: mmu_lrui = mmu_lrui & 0x07; nkeynes@586: } else if( (mmu_lrui & 0x26) == 0x06 ) { nkeynes@736: replace = 1; nkeynes@736: mmu_lrui = (mmu_lrui & 0x19) | 0x20; nkeynes@586: } else if( (mmu_lrui & 0x15) == 0x01 ) { nkeynes@736: replace = 2; nkeynes@736: mmu_lrui = (mmu_lrui & 0x3E) | 0x14; nkeynes@586: } else { // Note - gets invalid entries too nkeynes@736: replace = 3; nkeynes@736: mmu_lrui = (mmu_lrui | 0x0B); nkeynes@586: } nkeynes@586: nkeynes@586: mmu_itlb[replace].vpn = mmu_utlb[entryNo].vpn; nkeynes@586: mmu_itlb[replace].mask = mmu_utlb[entryNo].mask; nkeynes@586: mmu_itlb[replace].ppn = mmu_utlb[entryNo].ppn; nkeynes@586: mmu_itlb[replace].asid = mmu_utlb[entryNo].asid; nkeynes@586: mmu_itlb[replace].flags = mmu_utlb[entryNo].flags & 0x01DA; nkeynes@586: return replace; nkeynes@586: } nkeynes@586: nkeynes@586: /** nkeynes@586: * Perform the actual itlb lookup w/ asid protection nkeynes@586: * Possible utcomes are: nkeynes@586: * 0..63 Single match - good, return entry found nkeynes@586: * -1 No match - raise a tlb data miss exception nkeynes@586: * -2 Multiple matches - raise a multi-hit exception (reset) nkeynes@586: * @param vpn virtual address to resolve nkeynes@586: * @return the resultant ITLB entry, or an error. nkeynes@586: */ nkeynes@586: static inline int mmu_itlb_lookup_vpn_asid( uint32_t vpn ) nkeynes@586: { nkeynes@586: int result = -1; nkeynes@586: unsigned int i; nkeynes@586: nkeynes@586: for( i = 0; i < ITLB_ENTRY_COUNT; i++ ) { nkeynes@736: if( (mmu_itlb[i].flags & TLB_VALID) && nkeynes@736: ((mmu_itlb[i].flags & TLB_SHARE) || mmu_asid == mmu_itlb[i].asid) && nkeynes@736: ((mmu_itlb[i].vpn ^ vpn) & mmu_itlb[i].mask) == 0 ) { nkeynes@736: if( result != -1 ) { nkeynes@736: return -2; nkeynes@736: } nkeynes@736: result = i; nkeynes@736: } nkeynes@586: } nkeynes@586: nkeynes@586: if( result == -1 ) { nkeynes@736: int utlbEntry = mmu_utlb_lookup_vpn_asid( vpn ); nkeynes@736: if( utlbEntry < 0 ) { nkeynes@736: return utlbEntry; nkeynes@736: } else { nkeynes@736: return mmu_itlb_update_from_utlb( utlbEntry ); nkeynes@736: } nkeynes@586: } nkeynes@586: nkeynes@586: switch( result ) { nkeynes@586: case 0: mmu_lrui = (mmu_lrui & 0x07); break; nkeynes@586: case 1: mmu_lrui = (mmu_lrui & 0x19) | 0x20; break; nkeynes@586: case 2: mmu_lrui = (mmu_lrui & 0x3E) | 0x14; break; nkeynes@586: case 3: mmu_lrui = (mmu_lrui | 0x0B); break; nkeynes@586: } nkeynes@736: nkeynes@586: return result; nkeynes@586: } nkeynes@586: nkeynes@586: /** nkeynes@586: * Perform the actual itlb lookup on vpn only nkeynes@586: * Possible utcomes are: nkeynes@586: * 0..63 Single match - good, return entry found nkeynes@586: * -1 No match - raise a tlb data miss exception nkeynes@586: * -2 Multiple matches - raise a multi-hit exception (reset) nkeynes@586: * @param vpn virtual address to resolve nkeynes@586: * @return the resultant ITLB entry, or an error. nkeynes@586: */ nkeynes@586: static inline int mmu_itlb_lookup_vpn( uint32_t vpn ) nkeynes@586: { nkeynes@586: int result = -1; nkeynes@586: unsigned int i; nkeynes@586: nkeynes@586: for( i = 0; i < ITLB_ENTRY_COUNT; i++ ) { nkeynes@736: if( (mmu_itlb[i].flags & TLB_VALID) && nkeynes@736: ((mmu_itlb[i].vpn ^ vpn) & mmu_itlb[i].mask) == 0 ) { nkeynes@736: if( result != -1 ) { nkeynes@736: return -2; nkeynes@736: } nkeynes@736: result = i; nkeynes@736: } nkeynes@586: } nkeynes@586: nkeynes@586: if( result == -1 ) { nkeynes@736: int utlbEntry = mmu_utlb_lookup_vpn( vpn ); nkeynes@736: if( utlbEntry < 0 ) { nkeynes@736: return utlbEntry; nkeynes@736: } else { nkeynes@736: return mmu_itlb_update_from_utlb( utlbEntry ); nkeynes@736: } nkeynes@586: } nkeynes@586: nkeynes@586: switch( result ) { nkeynes@586: case 0: mmu_lrui = (mmu_lrui & 0x07); break; nkeynes@586: case 1: mmu_lrui = (mmu_lrui & 0x19) | 0x20; break; nkeynes@586: case 2: mmu_lrui = (mmu_lrui & 0x3E) | 0x14; break; nkeynes@586: case 3: mmu_lrui = (mmu_lrui | 0x0B); break; nkeynes@586: } nkeynes@736: nkeynes@586: return result; nkeynes@586: } nkeynes@586: nkeynes@586: sh4addr_t mmu_vma_to_phys_read( sh4vma_t addr ) nkeynes@586: { nkeynes@586: uint32_t mmucr = MMIO_READ(MMU,MMUCR); nkeynes@586: if( addr & 0x80000000 ) { nkeynes@736: if( IS_SH4_PRIVMODE() ) { nkeynes@736: if( addr >= 0xE0000000 ) { nkeynes@736: return addr; /* P4 - passthrough */ nkeynes@736: } else if( addr < 0xC0000000 ) { nkeynes@736: /* P1, P2 regions are pass-through (no translation) */ nkeynes@736: return VMA_TO_EXT_ADDR(addr); nkeynes@736: } nkeynes@736: } else { nkeynes@736: if( addr >= 0xE0000000 && addr < 0xE4000000 && nkeynes@736: ((mmucr&MMUCR_SQMD) == 0) ) { nkeynes@736: /* Conditional user-mode access to the store-queue (no translation) */ nkeynes@736: return addr; nkeynes@736: } nkeynes@736: MMU_READ_ADDR_ERROR(); nkeynes@736: return MMU_VMA_ERROR; nkeynes@736: } nkeynes@586: } nkeynes@736: nkeynes@586: if( (mmucr & MMUCR_AT) == 0 ) { nkeynes@736: return VMA_TO_EXT_ADDR(addr); nkeynes@586: } nkeynes@586: nkeynes@586: /* If we get this far, translation is required */ nkeynes@586: int entryNo; nkeynes@586: if( ((mmucr & MMUCR_SV) == 0) || !IS_SH4_PRIVMODE() ) { nkeynes@736: entryNo = mmu_utlb_lookup_vpn_asid( addr ); nkeynes@586: } else { nkeynes@736: entryNo = mmu_utlb_lookup_vpn( addr ); nkeynes@586: } nkeynes@586: nkeynes@586: switch(entryNo) { nkeynes@586: case -1: nkeynes@736: MMU_TLB_READ_MISS_ERROR(addr); nkeynes@736: return MMU_VMA_ERROR; nkeynes@586: case -2: nkeynes@736: MMU_TLB_MULTI_HIT_ERROR(addr); nkeynes@736: return MMU_VMA_ERROR; nkeynes@586: default: nkeynes@736: if( (mmu_utlb[entryNo].flags & TLB_USERMODE) == 0 && nkeynes@736: !IS_SH4_PRIVMODE() ) { nkeynes@736: /* protection violation */ nkeynes@736: MMU_TLB_READ_PROT_ERROR(addr); nkeynes@736: return MMU_VMA_ERROR; nkeynes@736: } nkeynes@586: nkeynes@736: /* finally generate the target address */ nkeynes@810: sh4addr_t pma = (mmu_utlb[entryNo].ppn & mmu_utlb[entryNo].mask) | nkeynes@810: (addr & (~mmu_utlb[entryNo].mask)); nkeynes@810: if( pma > 0x1C000000 ) // Remap 1Cxx .. 1Fxx region to P4 nkeynes@810: pma |= 0xE0000000; nkeynes@810: return pma; nkeynes@586: } nkeynes@586: } nkeynes@586: nkeynes@586: sh4addr_t mmu_vma_to_phys_write( sh4vma_t addr ) nkeynes@586: { nkeynes@586: uint32_t mmucr = MMIO_READ(MMU,MMUCR); nkeynes@586: if( addr & 0x80000000 ) { nkeynes@736: if( IS_SH4_PRIVMODE() ) { nkeynes@736: if( addr >= 0xE0000000 ) { nkeynes@736: return addr; /* P4 - passthrough */ nkeynes@736: } else if( addr < 0xC0000000 ) { nkeynes@736: /* P1, P2 regions are pass-through (no translation) */ nkeynes@736: return VMA_TO_EXT_ADDR(addr); nkeynes@736: } nkeynes@736: } else { nkeynes@736: if( addr >= 0xE0000000 && addr < 0xE4000000 && nkeynes@736: ((mmucr&MMUCR_SQMD) == 0) ) { nkeynes@736: /* Conditional user-mode access to the store-queue (no translation) */ nkeynes@736: return addr; nkeynes@736: } nkeynes@736: MMU_WRITE_ADDR_ERROR(); nkeynes@736: return MMU_VMA_ERROR; nkeynes@736: } nkeynes@586: } nkeynes@736: nkeynes@586: if( (mmucr & MMUCR_AT) == 0 ) { nkeynes@736: return VMA_TO_EXT_ADDR(addr); nkeynes@586: } nkeynes@586: nkeynes@586: /* If we get this far, translation is required */ nkeynes@586: int entryNo; nkeynes@586: if( ((mmucr & MMUCR_SV) == 0) || !IS_SH4_PRIVMODE() ) { nkeynes@736: entryNo = mmu_utlb_lookup_vpn_asid( addr ); nkeynes@586: } else { nkeynes@736: entryNo = mmu_utlb_lookup_vpn( addr ); nkeynes@586: } nkeynes@586: nkeynes@586: switch(entryNo) { nkeynes@586: case -1: nkeynes@736: MMU_TLB_WRITE_MISS_ERROR(addr); nkeynes@736: return MMU_VMA_ERROR; nkeynes@586: case -2: nkeynes@736: MMU_TLB_MULTI_HIT_ERROR(addr); nkeynes@736: return MMU_VMA_ERROR; nkeynes@586: default: nkeynes@736: if( IS_SH4_PRIVMODE() ? ((mmu_utlb[entryNo].flags & TLB_WRITABLE) == 0) nkeynes@736: : ((mmu_utlb[entryNo].flags & TLB_USERWRITABLE) != TLB_USERWRITABLE) ) { nkeynes@736: /* protection violation */ nkeynes@736: MMU_TLB_WRITE_PROT_ERROR(addr); nkeynes@736: return MMU_VMA_ERROR; nkeynes@736: } nkeynes@586: nkeynes@736: if( (mmu_utlb[entryNo].flags & TLB_DIRTY) == 0 ) { nkeynes@736: MMU_TLB_INITIAL_WRITE_ERROR(addr); nkeynes@736: return MMU_VMA_ERROR; nkeynes@736: } nkeynes@586: nkeynes@736: /* finally generate the target address */ nkeynes@810: sh4addr_t pma = (mmu_utlb[entryNo].ppn & mmu_utlb[entryNo].mask) | nkeynes@810: (addr & (~mmu_utlb[entryNo].mask)); nkeynes@810: if( pma > 0x1C000000 ) // Remap 1Cxx .. 1Fxx region to P4 nkeynes@810: pma |= 0xE0000000; nkeynes@810: return pma; nkeynes@586: } nkeynes@586: } nkeynes@586: nkeynes@586: /** nkeynes@586: * Update the icache for an untranslated address nkeynes@586: */ nkeynes@586: void mmu_update_icache_phys( sh4addr_t addr ) nkeynes@586: { nkeynes@586: if( (addr & 0x1C000000) == 0x0C000000 ) { nkeynes@736: /* Main ram */ nkeynes@736: sh4_icache.page_vma = addr & 0xFF000000; nkeynes@736: sh4_icache.page_ppa = 0x0C000000; nkeynes@736: sh4_icache.mask = 0xFF000000; nkeynes@736: sh4_icache.page = sh4_main_ram; nkeynes@586: } else if( (addr & 0x1FE00000) == 0 ) { nkeynes@736: /* BIOS ROM */ nkeynes@736: sh4_icache.page_vma = addr & 0xFFE00000; nkeynes@736: sh4_icache.page_ppa = 0; nkeynes@736: sh4_icache.mask = 0xFFE00000; nkeynes@736: sh4_icache.page = mem_get_region(0); nkeynes@586: } else { nkeynes@736: /* not supported */ nkeynes@736: sh4_icache.page_vma = -1; nkeynes@586: } nkeynes@586: } nkeynes@586: nkeynes@586: /** nkeynes@586: * Update the sh4_icache structure to describe the page(s) containing the nkeynes@586: * given vma. If the address does not reference a RAM/ROM region, the icache nkeynes@586: * will be invalidated instead. nkeynes@586: * If AT is on, this method will raise TLB exceptions normally nkeynes@586: * (hence this method should only be used immediately prior to execution of nkeynes@586: * code), and otherwise will set the icache according to the matching TLB entry. nkeynes@586: * If AT is off, this method will set the entire referenced RAM/ROM region in nkeynes@586: * the icache. nkeynes@586: * @return TRUE if the update completed (successfully or otherwise), FALSE nkeynes@586: * if an exception was raised. nkeynes@586: */ nkeynes@586: gboolean mmu_update_icache( sh4vma_t addr ) nkeynes@586: { nkeynes@586: int entryNo; nkeynes@586: if( IS_SH4_PRIVMODE() ) { nkeynes@736: if( addr & 0x80000000 ) { nkeynes@736: if( addr < 0xC0000000 ) { nkeynes@736: /* P1, P2 and P4 regions are pass-through (no translation) */ nkeynes@736: mmu_update_icache_phys(addr); nkeynes@736: return TRUE; nkeynes@736: } else if( addr >= 0xE0000000 && addr < 0xFFFFFF00 ) { nkeynes@736: MMU_READ_ADDR_ERROR(); nkeynes@736: return FALSE; nkeynes@736: } nkeynes@736: } nkeynes@586: nkeynes@736: uint32_t mmucr = MMIO_READ(MMU,MMUCR); nkeynes@736: if( (mmucr & MMUCR_AT) == 0 ) { nkeynes@736: mmu_update_icache_phys(addr); nkeynes@736: return TRUE; nkeynes@736: } nkeynes@736: nkeynes@807: if( (mmucr & MMUCR_SV) == 0 ) nkeynes@807: entryNo = mmu_itlb_lookup_vpn_asid( addr ); nkeynes@807: else nkeynes@807: entryNo = mmu_itlb_lookup_vpn( addr ); nkeynes@586: } else { nkeynes@736: if( addr & 0x80000000 ) { nkeynes@736: MMU_READ_ADDR_ERROR(); nkeynes@736: return FALSE; nkeynes@736: } nkeynes@586: nkeynes@736: uint32_t mmucr = MMIO_READ(MMU,MMUCR); nkeynes@736: if( (mmucr & MMUCR_AT) == 0 ) { nkeynes@736: mmu_update_icache_phys(addr); nkeynes@736: return TRUE; nkeynes@736: } nkeynes@736: nkeynes@807: entryNo = mmu_itlb_lookup_vpn_asid( addr ); nkeynes@807: nkeynes@736: if( entryNo != -1 && (mmu_itlb[entryNo].flags & TLB_USERMODE) == 0 ) { nkeynes@736: MMU_TLB_READ_PROT_ERROR(addr); nkeynes@736: return FALSE; nkeynes@736: } nkeynes@586: } nkeynes@586: nkeynes@586: switch(entryNo) { nkeynes@586: case -1: nkeynes@736: MMU_TLB_READ_MISS_ERROR(addr); nkeynes@736: return FALSE; nkeynes@586: case -2: nkeynes@736: MMU_TLB_MULTI_HIT_ERROR(addr); nkeynes@736: return FALSE; nkeynes@586: default: nkeynes@736: sh4_icache.page_ppa = mmu_itlb[entryNo].ppn & mmu_itlb[entryNo].mask; nkeynes@736: sh4_icache.page = mem_get_region( sh4_icache.page_ppa ); nkeynes@736: if( sh4_icache.page == NULL ) { nkeynes@736: sh4_icache.page_vma = -1; nkeynes@736: } else { nkeynes@736: sh4_icache.page_vma = mmu_itlb[entryNo].vpn & mmu_itlb[entryNo].mask; nkeynes@736: sh4_icache.mask = mmu_itlb[entryNo].mask; nkeynes@736: } nkeynes@736: return TRUE; nkeynes@586: } nkeynes@586: } nkeynes@586: nkeynes@597: /** nkeynes@597: * Translate address for disassembly purposes (ie performs an instruction nkeynes@597: * lookup) - does not raise exceptions or modify any state, and ignores nkeynes@597: * protection bits. Returns the translated address, or MMU_VMA_ERROR nkeynes@597: * on translation failure. nkeynes@597: */ nkeynes@597: sh4addr_t mmu_vma_to_phys_disasm( sh4vma_t vma ) nkeynes@597: { nkeynes@597: if( vma & 0x80000000 ) { nkeynes@736: if( vma < 0xC0000000 ) { nkeynes@736: /* P1, P2 and P4 regions are pass-through (no translation) */ nkeynes@736: return VMA_TO_EXT_ADDR(vma); nkeynes@736: } else if( vma >= 0xE0000000 && vma < 0xFFFFFF00 ) { nkeynes@736: /* Not translatable */ nkeynes@736: return MMU_VMA_ERROR; nkeynes@736: } nkeynes@597: } nkeynes@597: nkeynes@597: uint32_t mmucr = MMIO_READ(MMU,MMUCR); nkeynes@597: if( (mmucr & MMUCR_AT) == 0 ) { nkeynes@736: return VMA_TO_EXT_ADDR(vma); nkeynes@597: } nkeynes@736: nkeynes@597: int entryNo = mmu_itlb_lookup_vpn( vma ); nkeynes@597: if( entryNo == -2 ) { nkeynes@736: entryNo = mmu_itlb_lookup_vpn_asid( vma ); nkeynes@597: } nkeynes@597: if( entryNo < 0 ) { nkeynes@736: return MMU_VMA_ERROR; nkeynes@597: } else { nkeynes@736: return (mmu_itlb[entryNo].ppn & mmu_itlb[entryNo].mask) | nkeynes@736: (vma & (~mmu_itlb[entryNo].mask)); nkeynes@597: } nkeynes@597: } nkeynes@597: nkeynes@586: gboolean sh4_flush_store_queue( sh4addr_t addr ) nkeynes@586: { nkeynes@586: uint32_t mmucr = MMIO_READ(MMU,MMUCR); nkeynes@586: int queue = (addr&0x20)>>2; nkeynes@586: sh4ptr_t src = (sh4ptr_t)&sh4r.store_queue[queue]; nkeynes@586: sh4addr_t target; nkeynes@586: /* Store queue operation */ nkeynes@586: if( mmucr & MMUCR_AT ) { nkeynes@736: int entryNo; nkeynes@736: if( ((mmucr & MMUCR_SV) == 0) || !IS_SH4_PRIVMODE() ) { nkeynes@736: entryNo = mmu_utlb_lookup_vpn_asid( addr ); nkeynes@736: } else { nkeynes@736: entryNo = mmu_utlb_lookup_vpn( addr ); nkeynes@736: } nkeynes@736: switch(entryNo) { nkeynes@736: case -1: nkeynes@736: MMU_TLB_WRITE_MISS_ERROR(addr); nkeynes@736: return FALSE; nkeynes@736: case -2: nkeynes@736: MMU_TLB_MULTI_HIT_ERROR(addr); nkeynes@736: return FALSE; nkeynes@736: default: nkeynes@736: if( IS_SH4_PRIVMODE() ? ((mmu_utlb[entryNo].flags & TLB_WRITABLE) == 0) nkeynes@736: : ((mmu_utlb[entryNo].flags & TLB_USERWRITABLE) != TLB_USERWRITABLE) ) { nkeynes@736: /* protection violation */ nkeynes@736: MMU_TLB_WRITE_PROT_ERROR(addr); nkeynes@736: return FALSE; nkeynes@736: } nkeynes@736: nkeynes@736: if( (mmu_utlb[entryNo].flags & TLB_DIRTY) == 0 ) { nkeynes@736: MMU_TLB_INITIAL_WRITE_ERROR(addr); nkeynes@736: return FALSE; nkeynes@736: } nkeynes@736: nkeynes@736: /* finally generate the target address */ nkeynes@736: target = ((mmu_utlb[entryNo].ppn & mmu_utlb[entryNo].mask) | nkeynes@736: (addr & (~mmu_utlb[entryNo].mask))) & 0xFFFFFFE0; nkeynes@736: } nkeynes@586: } else { nkeynes@736: uint32_t hi = (MMIO_READ( MMU, (queue == 0 ? QACR0 : QACR1) ) & 0x1C) << 24; nkeynes@736: target = (addr&0x03FFFFE0) | hi; nkeynes@586: } nkeynes@586: mem_copy_to_sh4( target, src, 32 ); nkeynes@586: return TRUE; nkeynes@586: } nkeynes@586: