Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/2202601/?format=api
{ "id": 2202601, "url": "http://patchwork.ozlabs.org/api/patches/2202601/?format=api", "web_url": "http://patchwork.ozlabs.org/project/qemu-devel/patch/20260227203627.932864-35-brian.cain@oss.qualcomm.com/", "project": { "id": 14, "url": "http://patchwork.ozlabs.org/api/projects/14/?format=api", "name": "QEMU Development", "link_name": "qemu-devel", "list_id": "qemu-devel.nongnu.org", "list_email": "qemu-devel@nongnu.org", "web_url": "", "scm_url": "", "webscm_url": "", "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20260227203627.932864-35-brian.cain@oss.qualcomm.com>", "list_archive_url": null, "date": "2026-02-27T20:36:24", "name": "[v3,34/37] target/hexagon: Add stubs for modify_ssr/get_exe_mode", "commit_ref": null, "pull_url": null, "state": "new", "archived": false, "hash": "cd7a3795e8c1949a991b38a168281f7b8083e8f0", "submitter": { "id": 89839, "url": "http://patchwork.ozlabs.org/api/people/89839/?format=api", "name": "Brian Cain", "email": "brian.cain@oss.qualcomm.com" }, "delegate": null, "mbox": "http://patchwork.ozlabs.org/project/qemu-devel/patch/20260227203627.932864-35-brian.cain@oss.qualcomm.com/mbox/", "series": [ { "id": 493813, "url": "http://patchwork.ozlabs.org/api/series/493813/?format=api", "web_url": "http://patchwork.ozlabs.org/project/qemu-devel/list/?series=493813", "date": "2026-02-27T20:35:57", "name": "Hexagon system emulation - Part 1/3", "version": 3, "mbox": "http://patchwork.ozlabs.org/series/493813/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/2202601/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/2202601/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>", "X-Original-To": "incoming@patchwork.ozlabs.org", "Delivered-To": "patchwork-incoming@legolas.ozlabs.org", "Authentication-Results": [ "legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=qualcomm.com header.i=@qualcomm.com header.a=rsa-sha256\n header.s=qcppdkim1 header.b=TLsnhXGk;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=oss.qualcomm.com header.i=@oss.qualcomm.com\n header.a=rsa-sha256 header.s=google header.b=gfFb7cc8;\n\tdkim-atps=neutral", "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org\n (client-ip=209.51.188.17; helo=lists.gnu.org;\n envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org;\n receiver=patchwork.ozlabs.org)" ], "Received": [ "from lists.gnu.org (lists.gnu.org [209.51.188.17])\n\t(using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fN0dv2r1kz1xxx\n\tfor <incoming@patchwork.ozlabs.org>; Sat, 28 Feb 2026 07:43:15 +1100 (AEDT)", "from localhost ([::1] helo=lists1p.gnu.org)\n\tby lists.gnu.org with esmtp (Exim 4.90_1)\n\t(envelope-from <qemu-devel-bounces@nongnu.org>)\n\tid 1vw4fu-0001re-HJ; Fri, 27 Feb 2026 15:43:02 -0500", "from eggs.gnu.org ([2001:470:142:3::10])\n by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)\n (Exim 4.90_1) (envelope-from <brian.cain@oss.qualcomm.com>)\n id 1vw4ft-0001rV-CN\n for qemu-devel@nongnu.org; Fri, 27 Feb 2026 15:43:01 -0500", "from mx0b-0031df01.pphosted.com ([205.220.180.131])\n by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)\n (Exim 4.90_1) (envelope-from <brian.cain@oss.qualcomm.com>)\n id 1vw4fq-0007d7-9v\n for qemu-devel@nongnu.org; Fri, 27 Feb 2026 15:43:01 -0500", "from pps.filterd (m0279872.ppops.net [127.0.0.1])\n by mx0a-0031df01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id\n 61RH0M1O527576\n for <qemu-devel@nongnu.org>; Fri, 27 Feb 2026 20:42:56 GMT", "from mail-oo1-f72.google.com (mail-oo1-f72.google.com\n [209.85.161.72])\n by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 4cjw23c9gx-1\n (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NOT)\n for <qemu-devel@nongnu.org>; Fri, 27 Feb 2026 20:42:56 +0000 (GMT)", "by mail-oo1-f72.google.com with SMTP id\n 006d021491bc7-679dcf1f680so60171216eaf.0\n for <qemu-devel@nongnu.org>; Fri, 27 Feb 2026 12:42:56 -0800 (PST)", "from hu-bcain-lv.qualcomm.com (Global_NAT1.qualcomm.com.\n [129.46.96.20]) by smtp.gmail.com with ESMTPSA id\n 586e51a60fabf-4160cbd405fsm5762935fac.0.2026.02.27.12.37.15\n (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);\n Fri, 27 Feb 2026 12:37:16 -0800 (PST)" ], "DKIM-Signature": [ "v=1; a=rsa-sha256; c=relaxed/relaxed; d=qualcomm.com; h=\n cc:content-transfer-encoding:content-type:date:from:in-reply-to\n :message-id:mime-version:references:subject:to; s=qcppdkim1; bh=\n jy7uPdmBgbV3uI3kaPdBjYLn/nxeGlD4FYLXnBxCOiA=; b=TLsnhXGkw4yiaptA\n CD4GQjDd1a1za7oseS8/WjLtZfiMp1KbJFCftvA/BKVnbUF4SHSLnbrxTfyeVSPf\n gcD4P/zxEbqazD8tuLRXXYHozCXIW7Si+fLEa/Kfo8YziqkvkH0ZzE8aNFCtgMtN\n cpYBvX3NdohT7bjL0au7Oes4xJt9Ccy87ZceUPtBQiCt+nWHp3P/Vhf/Vr3UlV3x\n Lme8hzAqElqlb74KK3MnMfijpj1xYBhUAESu+24x81bQAxy8UnvingbGeS09Nd/t\n sQMFNA9OCHHHiqo4+/PZj2/NerkY56t0idPGHZJUaQmI+H7UuuHJA0PPCZhxu/GV\n NyWwgA==", "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=oss.qualcomm.com; s=google; t=1772224976; x=1772829776; darn=nongnu.org;\n h=content-transfer-encoding:mime-version:references:in-reply-to\n :message-id:date:subject:cc:to:from:from:to:cc:subject:date\n :message-id:reply-to;\n bh=jy7uPdmBgbV3uI3kaPdBjYLn/nxeGlD4FYLXnBxCOiA=;\n b=gfFb7cc8ogjT98hfm0J/RckncgtnuwV36J7hY/WS6EoCoTV//ELR6q0Io4YUkORpWb\n 3qgDqT3t2uiCkn5xZ9AuVFdGjmzp5neDg2T+Q8rh0r1V25biYFrpiE1xbF4Sri6e9VmL\n 5jDT4c7UF7kQzEp6XRDAmf2ymJJUI756afeOzgAH4DBNvb6yx61ItEmnRHrp2oTeiN0g\n hpGvzFb4tcAGp5+DfEi8Dm8Bt3N5GSxiLYI7cGPR02jlj5zaSoVr0Uxox+Vqzp95QhX7\n WjH7mMMMLN/PxKyeYIV2T/SLAbGC5A/lAbPZMm4jFcgR0iTv3rbUtU/J38MPCV+aXN0y\n 270w==" ], "X-Google-DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=1e100.net; s=20230601; t=1772224976; x=1772829776;\n h=content-transfer-encoding:mime-version:references:in-reply-to\n :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from\n :to:cc:subject:date:message-id:reply-to;\n bh=jy7uPdmBgbV3uI3kaPdBjYLn/nxeGlD4FYLXnBxCOiA=;\n b=BvWwyD8ZfGFSH7UvoxIpNVIlj8lRkZzH/U/gDLcwfEw1C7kQYr9UEKgEpxdlR90E5D\n u++5Dx46S6nkx7Jt9QVScq/wLndQw+sMrX365VGGY7Pl/Qmj/8Nx446x/Rn6cH82nce0\n SImBnnMA9/d4mOWpvYI4FXKD8qt0LYSGX4cPWuJyvW3ME4ZwkANadGx2wqMZM2jowoPv\n sd91Wz+QM5hj+kcMAKIYxEQ0wahLE49IAQwp6Xx+Ik3upW/hTWSH6RkgGwIEeu/TnLvr\n jaN/SJWFTk9+ipzD6UZd3tH8M4kzjOcJKkoxkywXdVNSQpqfSjQSnpoMLAGQe1EGmRfB\n 3xew==", "X-Gm-Message-State": "AOJu0YxLwQhylDjBMtPy5bDBVXTOM8RGHAqOgg+LtVtpqiuMuvi3Gr1q\n /mLLo+qjNEaEQAEoqWYn2jqqlfVIP6kIz2cdp2W1chL+j9hVtMx6xRBYNLNETqhaovWfdCc+MID\n VhzMLfCbt/L8XM9pWXEAMXAI334wJgTLwXXxSVx6uupWzuCRbFdK1epVOS/Ey0qx8PA==", "X-Gm-Gg": "ATEYQzxfqdl7TQcmAtPbqjDyNziDCKH0Zd2b7Sq514yWGA4IJ4Gj4yFybplsRiErwFG\n 48ZzCgMm25SRsS4ME2ayfVGO/svSUnfgDdVowJJY1kKwdQvu6PWDd2o0b5Nc5kLcEuYewThBa4e\n as1ARPQ7cOuWyuKAusIABenosLawQIafht5SmFRBZ9277ShVuWQ8CzwlI/B24FIkX8IEUKiuHSX\n 2QlHQZV9c/rL31WPX0nGnQFvQetQcFktWp4Bx5AoIDnqFv9rONUoGAjb+Ng19IyuxwWyk6W3C/q\n WEERMYAWfGKy6EgRejfFSCX5B9WfpgmmCIutG+bL3Rnz57Ps+wWk8P+llpz/jlqVK/XmMs/VIlw\n jiMcZDWhFpsKe9tO+CQjDnrNAiEHWV7VIZxshv3dvO5SqL8aBq++bNgKoxQMeAJbyyLNgAw==", "X-Received": [ "by 2002:a05:6870:a451:b0:3ec:7649:f843 with SMTP id\n 586e51a60fabf-416270c8b0cmr2503481fac.38.1772224975507;\n Fri, 27 Feb 2026 12:42:55 -0800 (PST)", "by 2002:a05:6871:7424:b0:409:71aa:aa90 with SMTP id\n 586e51a60fabf-41626b17ae9mr2586799fac.0.1772224636419;\n Fri, 27 Feb 2026 12:37:16 -0800 (PST)" ], "From": "Brian Cain <brian.cain@oss.qualcomm.com>", "To": "qemu-devel@nongnu.org", "Cc": "brian.cain@oss.qualcomm.com, ltaylorsimpson@gmail.com,\n matheus.bernardino@oss.qualcomm.com, marco.liebel@oss.qualcomm.com,\n quic_mburton@quicinc.com, sid.manning@oss.qualcomm.com, ale@rev.ng,\n anjo@rev.ng, Brian Cain <bcain@quicinc.com>", "Subject": "[PATCH v3 34/37] target/hexagon: Add stubs for\n modify_ssr/get_exe_mode", "Date": "Fri, 27 Feb 2026 12:36:24 -0800", "Message-Id": "<20260227203627.932864-35-brian.cain@oss.qualcomm.com>", "X-Mailer": "git-send-email 2.34.1", "In-Reply-To": "<20260227203627.932864-1-brian.cain@oss.qualcomm.com>", "References": "<20260227203627.932864-1-brian.cain@oss.qualcomm.com>", "MIME-Version": "1.0", "Content-Type": "text/plain; charset=\"utf-8\"", "Content-Transfer-Encoding": "base64", "X-Proofpoint-GUID": "YlEsQwF1HPpWPHH7F60D7F0ZG0j6zKOT", "X-Proofpoint-Spam-Details-Enc": "AW1haW4tMjYwMjI3MDE4MiBTYWx0ZWRfXyLOvRWoIvz2N\n 7zw3zOulrHiv8ZNspc9Xpb8tInpokAyD3AEqgLN8m0kiLN4md31rz1U/mz7GBMOynm0PXrXbNKq\n BQDIdWkCvFgy2EtrgRNDL33nKlwITB+/iv+xiS6dRU5H9Jf+cji/5ecZ8+VbuHsximJyNEia2N3\n 6DkBlKZ52rd7mN0nTqGxpp4mT6ctXN/EoPJt/Myvbzkgiv6dtP3d3CYF94IAe/ijjwYSpHCiLbx\n QCi7guUaORPniXofwmYyojgpFzsAMF+T80W2U8ZQXJg1niVOgkI349W6HCx5Okp1pmWUAx9YPro\n nHLeOUpirvouqaQQIEgZB46BSmkmpp9/4VXhNIHe1rPU6MTF9qfciXvutUfuBFjE/RRfRDIH1tH\n QrwAJ/J7DMZizCkpfqLvHE2kKNLYOf/dd0aeExLxBPqG6Y4WZxF5OSvEjAiz6HWD6aHomT6sJXS\n /lLRn6651Nus4tLMrcA==", "X-Authority-Analysis": "v=2.4 cv=cJHtc1eN c=1 sm=1 tr=0 ts=69a201d0 cx=c_pps\n a=wURt19dY5n+H4uQbQt9s7g==:117 a=ouPCqIW2jiPt+lZRy3xVPw==:17\n a=IkcTkHD0fZMA:10 a=HzLeVaNsDn8A:10 a=s4-Qcg_JpJYA:10\n a=VkNPw1HP01LnGYTKEx00:22 a=u7WPNUs3qKkmUXheDGA7:22 a=yx91gb_oNiZeI1HMLzn7:22\n a=COk6AnOGAAAA:8 a=pGLkceISAAAA:8 a=EUspDBNiAAAA:8 a=wRG_beYuZUMGsIG6Vl4A:9\n a=QEXdDO2ut3YA:10 a=-UhsvdU3ccFDOXFxFb4l:22 a=TjNXssC_j7lpFel5tvFf:22", "X-Proofpoint-ORIG-GUID": "YlEsQwF1HPpWPHH7F60D7F0ZG0j6zKOT", "X-Proofpoint-Virus-Version": "vendor=baseguard\n engine=ICAP:2.0.293,Aquarius:18.0.1121,Hydra:6.1.51,FMLib:17.12.100.49\n definitions=2026-02-27_04,2026-02-27_03,2025-10-01_01", "X-Proofpoint-Spam-Details": "rule=outbound_notspam policy=outbound score=0\n bulkscore=0 impostorscore=0 lowpriorityscore=0 phishscore=0 adultscore=0\n spamscore=0 clxscore=1015 priorityscore=1501 suspectscore=0 malwarescore=0\n classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0\n reason=mlx scancount=1 engine=8.22.0-2602130000 definitions=main-2602270182", "Received-SPF": "pass client-ip=205.220.180.131;\n envelope-from=brian.cain@oss.qualcomm.com; helo=mx0b-0031df01.pphosted.com", "X-Spam_score_int": "-16", "X-Spam_score": "-1.7", "X-Spam_bar": "-", "X-Spam_report": "(-1.7 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,\n DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,\n RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.706,\n RCVD_IN_VALIDITY_RPBL_BLOCKED=0.401, SPF_HELO_NONE=0.001,\n SPF_PASS=-0.001 autolearn=no autolearn_force=no", "X-Spam_action": "no action", "X-BeenThere": "qemu-devel@nongnu.org", "X-Mailman-Version": "2.1.29", "Precedence": "list", "List-Id": "qemu development <qemu-devel.nongnu.org>", "List-Unsubscribe": "<https://lists.nongnu.org/mailman/options/qemu-devel>,\n <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>", "List-Archive": "<https://lists.nongnu.org/archive/html/qemu-devel>", "List-Post": "<mailto:qemu-devel@nongnu.org>", "List-Help": "<mailto:qemu-devel-request@nongnu.org?subject=help>", "List-Subscribe": "<https://lists.nongnu.org/mailman/listinfo/qemu-devel>,\n <mailto:qemu-devel-request@nongnu.org?subject=subscribe>", "Errors-To": "qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org", "Sender": "qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org" }, "content": "From: Brian Cain <bcain@quicinc.com>\n\nReviewed-by: Taylor Simpson <ltaylorsimpson@gmail.com>\nSigned-off-by: Brian Cain <brian.cain@oss.qualcomm.com>\n---\n include/hw/hexagon/hexagon_tlb.h | 47 ++++\n target/hexagon/cpu-param.h | 4 +\n target/hexagon/cpu.h | 7 +\n target/hexagon/cpu_helper.h | 2 +\n target/hexagon/hex_mmu.h | 25 ++\n target/hexagon/internal.h | 8 +\n hw/hexagon/hexagon_tlb.c | 457 +++++++++++++++++++++++++++++++\n target/hexagon/cpu.c | 24 +-\n target/hexagon/cpu_helper.c | 8 +\n target/hexagon/hex_mmu.c | 273 ++++++++++++++++++\n target/hexagon/machine.c | 1 +\n target/hexagon/translate.c | 2 +-\n 12 files changed, 856 insertions(+), 2 deletions(-)\n create mode 100644 include/hw/hexagon/hexagon_tlb.h\n create mode 100644 target/hexagon/hex_mmu.h\n create mode 100644 hw/hexagon/hexagon_tlb.c\n create mode 100644 target/hexagon/hex_mmu.c", "diff": "diff --git a/include/hw/hexagon/hexagon_tlb.h b/include/hw/hexagon/hexagon_tlb.h\nnew file mode 100644\nindex 00000000000..799234f5074\n--- /dev/null\n+++ b/include/hw/hexagon/hexagon_tlb.h\n@@ -0,0 +1,47 @@\n+/*\n+ * Hexagon TLB QOM Device\n+ *\n+ * Copyright (c) Qualcomm Technologies, Inc. and/or its subsidiaries.\n+ * SPDX-License-Identifier: GPL-2.0-or-later\n+ */\n+\n+#ifndef HW_HEXAGON_TLB_H\n+#define HW_HEXAGON_TLB_H\n+\n+#include \"hw/core/sysbus.h\"\n+#include \"qom/object.h\"\n+#include \"exec/hwaddr.h\"\n+#include \"exec/mmu-access-type.h\"\n+#include \"exec/target_long.h\"\n+\n+#define TYPE_HEXAGON_TLB \"hexagon-tlb\"\n+OBJECT_DECLARE_SIMPLE_TYPE(HexagonTLBState, HEXAGON_TLB)\n+\n+struct HexagonTLBState {\n+ SysBusDevice parent_obj;\n+\n+ uint32_t num_entries;\n+ uint64_t *entries;\n+};\n+\n+uint64_t hexagon_tlb_read(HexagonTLBState *tlb, uint32_t index);\n+void hexagon_tlb_write(HexagonTLBState *tlb, uint32_t index, uint64_t value);\n+\n+bool hexagon_tlb_find_match(HexagonTLBState *tlb, uint32_t asid,\n+ target_ulong VA, MMUAccessType access_type,\n+ hwaddr *PA, int *prot, uint64_t *size,\n+ int32_t *excp, int *cause_code, int mmu_idx);\n+\n+uint32_t hexagon_tlb_lookup(HexagonTLBState *tlb, uint32_t asid,\n+ uint32_t VA, int *cause_code);\n+\n+int hexagon_tlb_check_overlap(HexagonTLBState *tlb, uint64_t entry,\n+ uint64_t index);\n+\n+void hexagon_tlb_dump(HexagonTLBState *tlb);\n+\n+bool hexagon_tlb_dump_entry(FILE *f, uint64_t entry);\n+\n+uint32_t hexagon_tlb_get_num_entries(HexagonTLBState *tlb);\n+\n+#endif /* HW_HEXAGON_TLB_H */\ndiff --git a/target/hexagon/cpu-param.h b/target/hexagon/cpu-param.h\nindex ccaf6a9d28d..d414ca89d69 100644\n--- a/target/hexagon/cpu-param.h\n+++ b/target/hexagon/cpu-param.h\n@@ -18,7 +18,11 @@\n #ifndef HEXAGON_CPU_PARAM_H\n #define HEXAGON_CPU_PARAM_H\n \n+#ifdef CONFIG_USER_ONLY\n #define TARGET_PAGE_BITS 16 /* 64K pages */\n+#else\n+#define TARGET_PAGE_BITS 12 /* 4K pages */\n+#endif\n \n #define TARGET_PHYS_ADDR_SPACE_BITS 36\n #define TARGET_VIRT_ADDR_SPACE_BITS 32\ndiff --git a/target/hexagon/cpu.h b/target/hexagon/cpu.h\nindex 41865d853eb..3f4f8516f2f 100644\n--- a/target/hexagon/cpu.h\n+++ b/target/hexagon/cpu.h\n@@ -36,6 +36,9 @@\n #error \"Hexagon does not support system emulation\"\n #endif\n \n+#ifndef CONFIG_USER_ONLY\n+#endif\n+\n #define NUM_PREGS 4\n #define TOTAL_PER_THREAD_REGS 64\n \n@@ -185,12 +188,16 @@ struct ArchCPU {\n bool lldb_compat;\n target_ulong lldb_stack_adjust;\n bool short_circuit;\n+#ifndef CONFIG_USER_ONLY\n struct HexagonTLBState *tlb;\n+ uint32_t htid;\n+#endif\n };\n \n #include \"cpu_bits.h\"\n \n FIELD(TB_FLAGS, IS_TIGHT_LOOP, 0, 1)\n+FIELD(TB_FLAGS, MMU_INDEX, 1, 3)\n \n G_NORETURN void hexagon_raise_exception_err(CPUHexagonState *env,\n uint32_t exception,\ndiff --git a/target/hexagon/cpu_helper.h b/target/hexagon/cpu_helper.h\nindex 3d7238c3b06..95928fcd060 100644\n--- a/target/hexagon/cpu_helper.h\n+++ b/target/hexagon/cpu_helper.h\n@@ -14,6 +14,8 @@ uint32_t hexagon_get_sys_pcycle_count_high(CPUHexagonState *env);\n void hexagon_set_sys_pcycle_count(CPUHexagonState *env, uint64_t);\n void hexagon_set_sys_pcycle_count_low(CPUHexagonState *env, uint32_t);\n void hexagon_set_sys_pcycle_count_high(CPUHexagonState *env, uint32_t);\n+void hexagon_modify_ssr(CPUHexagonState *env, uint32_t new, uint32_t old);\n+int get_exe_mode(CPUHexagonState *env);\n \n static inline void arch_set_thread_reg(CPUHexagonState *env, uint32_t reg,\n uint32_t val)\ndiff --git a/target/hexagon/hex_mmu.h b/target/hexagon/hex_mmu.h\nnew file mode 100644\nindex 00000000000..32a99b64ff1\n--- /dev/null\n+++ b/target/hexagon/hex_mmu.h\n@@ -0,0 +1,25 @@\n+/*\n+ * Copyright (c) Qualcomm Technologies, Inc. and/or its subsidiaries.\n+ *\n+ * SPDX-License-Identifier: GPL-2.0-or-later\n+ */\n+\n+#ifndef HEXAGON_MMU_H\n+#define HEXAGON_MMU_H\n+\n+#include \"cpu.h\"\n+\n+extern void hex_tlbw(CPUHexagonState *env, uint32_t index, uint64_t value);\n+extern uint32_t hex_tlb_lookup(CPUHexagonState *env, uint32_t ssr, uint32_t VA);\n+extern void hex_mmu_on(CPUHexagonState *env);\n+extern void hex_mmu_off(CPUHexagonState *env);\n+extern void hex_mmu_mode_change(CPUHexagonState *env);\n+extern bool hex_tlb_find_match(CPUHexagonState *env, target_ulong VA,\n+ MMUAccessType access_type, hwaddr *PA, int *prot,\n+ uint64_t *size, int32_t *excp, int mmu_idx);\n+extern int hex_tlb_check_overlap(CPUHexagonState *env, uint64_t entry,\n+ uint64_t index);\n+extern void hex_tlb_lock(CPUHexagonState *env);\n+extern void hex_tlb_unlock(CPUHexagonState *env);\n+void dump_mmu(CPUHexagonState *env);\n+#endif\ndiff --git a/target/hexagon/internal.h b/target/hexagon/internal.h\nindex d94f84b46a7..1ab50828f26 100644\n--- a/target/hexagon/internal.h\n+++ b/target/hexagon/internal.h\n@@ -36,6 +36,14 @@ void G_NORETURN do_raise_exception(CPUHexagonState *env,\n target_ulong PC,\n uintptr_t retaddr);\n \n+#define hexagon_cpu_mmu_enabled(env) ({ \\\n+ HexagonCPU *cpu = env_archcpu(env); \\\n+ cpu->globalregs ? \\\n+ GET_SYSCFG_FIELD(SYSCFG_MMUEN, \\\n+ arch_get_system_reg(env, HEX_SREG_SYSCFG)) : \\\n+ 0; \\\n+})\n+\n #ifndef CONFIG_USER_ONLY\n extern const VMStateDescription vmstate_hexagon_cpu;\n #endif\ndiff --git a/hw/hexagon/hexagon_tlb.c b/hw/hexagon/hexagon_tlb.c\nnew file mode 100644\nindex 00000000000..6b676fa6593\n--- /dev/null\n+++ b/hw/hexagon/hexagon_tlb.c\n@@ -0,0 +1,457 @@\n+/*\n+ * Hexagon TLB QOM Device\n+ *\n+ * Copyright (c) Qualcomm Technologies, Inc. and/or its subsidiaries.\n+ * SPDX-License-Identifier: GPL-2.0-or-later\n+ */\n+\n+#include \"qemu/osdep.h\"\n+#include \"qemu/log.h\"\n+#include \"hw/hexagon/hexagon_tlb.h\"\n+#include \"hw/core/qdev-properties.h\"\n+#include \"hw/core/resettable.h\"\n+#include \"migration/vmstate.h\"\n+#include \"qapi/error.h\"\n+#include \"target/hexagon/cpu.h\"\n+#include \"target/hexagon/reg_fields.h\"\n+#include \"target/hexagon/cpu_bits.h\"\n+\n+#define fEXTRACTU_BITS(INREG, WIDTH, OFFSET) \\\n+ ((WIDTH) ? extract64((INREG), (OFFSET), (WIDTH)) : 0LL)\n+\n+#define GET_TLB_FIELD(ENTRY, FIELD) \\\n+ ((uint64_t)fEXTRACTU_BITS(ENTRY, reg_field_info[FIELD].width, \\\n+ reg_field_info[FIELD].offset))\n+\n+/* PPD (physical page descriptor) */\n+static inline uint64_t GET_PPD(uint64_t entry)\n+{\n+ return GET_TLB_FIELD(entry, PTE_PPD) |\n+ (GET_TLB_FIELD(entry, PTE_PA35) << reg_field_info[PTE_PPD].width);\n+}\n+\n+#define NO_ASID (1 << 8)\n+\n+typedef enum {\n+ PGSIZE_4K,\n+ PGSIZE_16K,\n+ PGSIZE_64K,\n+ PGSIZE_256K,\n+ PGSIZE_1M,\n+ PGSIZE_4M,\n+ PGSIZE_16M,\n+ PGSIZE_64M,\n+ PGSIZE_256M,\n+ PGSIZE_1G,\n+ NUM_PGSIZE_TYPES\n+} tlb_pgsize_t;\n+\n+static const char *pgsize_str[NUM_PGSIZE_TYPES] = {\n+ \"4K\",\n+ \"16K\",\n+ \"64K\",\n+ \"256K\",\n+ \"1M\",\n+ \"4M\",\n+ \"16M\",\n+ \"64M\",\n+ \"256M\",\n+ \"1G\",\n+};\n+\n+#define INVALID_MASK 0xffffffffLL\n+\n+static const uint64_t encmask_2_mask[] = {\n+ 0x0fffLL, /* 4k, 0000 */\n+ 0x3fffLL, /* 16k, 0001 */\n+ 0xffffLL, /* 64k, 0010 */\n+ 0x3ffffLL, /* 256k, 0011 */\n+ 0xfffffLL, /* 1m, 0100 */\n+ 0x3fffffLL, /* 4m, 0101 */\n+ 0xffffffLL, /* 16m, 0110 */\n+ 0x3ffffffLL, /* 64m, 0111 */\n+ 0xfffffffLL, /* 256m, 1000 */\n+ 0x3fffffffLL, /* 1g, 1001 */\n+ INVALID_MASK, /* RSVD, 0111 */\n+};\n+\n+static inline tlb_pgsize_t hex_tlb_pgsize_type(uint64_t entry)\n+{\n+ if (entry == 0) {\n+ qemu_log_mask(CPU_LOG_MMU, \"%s: Supplied TLB entry was 0!\\n\",\n+ __func__);\n+ return 0;\n+ }\n+ tlb_pgsize_t size = ctz64(entry);\n+ g_assert(size < NUM_PGSIZE_TYPES);\n+ return size;\n+}\n+\n+static inline uint64_t hex_tlb_page_size_bytes(uint64_t entry)\n+{\n+ return 1ull << (TARGET_PAGE_BITS + 2 * hex_tlb_pgsize_type(entry));\n+}\n+\n+static inline uint64_t hex_tlb_phys_page_num(uint64_t entry)\n+{\n+ uint32_t ppd = GET_PPD(entry);\n+ return ppd >> 1;\n+}\n+\n+static inline uint64_t hex_tlb_phys_addr(uint64_t entry)\n+{\n+ uint64_t pagemask = encmask_2_mask[hex_tlb_pgsize_type(entry)];\n+ uint64_t pagenum = hex_tlb_phys_page_num(entry);\n+ uint64_t PA = (pagenum << TARGET_PAGE_BITS) & (~pagemask);\n+ return PA;\n+}\n+\n+static inline uint64_t hex_tlb_virt_addr(uint64_t entry)\n+{\n+ return (uint64_t)GET_TLB_FIELD(entry, PTE_VPN) << TARGET_PAGE_BITS;\n+}\n+\n+bool hexagon_tlb_dump_entry(FILE *f, uint64_t entry)\n+{\n+ if (GET_TLB_FIELD(entry, PTE_V)) {\n+ fprintf(f, \"0x%016\" PRIx64 \": \", entry);\n+ uint64_t PA = hex_tlb_phys_addr(entry);\n+ uint64_t VA = hex_tlb_virt_addr(entry);\n+ fprintf(f, \"V:%\" PRId64 \" G:%\" PRId64\n+ \" A1:%\" PRId64 \" A0:%\" PRId64,\n+ GET_TLB_FIELD(entry, PTE_V),\n+ GET_TLB_FIELD(entry, PTE_G),\n+ GET_TLB_FIELD(entry, PTE_ATR1),\n+ GET_TLB_FIELD(entry, PTE_ATR0));\n+ fprintf(f, \" ASID:0x%02\" PRIx64 \" VA:0x%08\" PRIx64,\n+ GET_TLB_FIELD(entry, PTE_ASID), VA);\n+ fprintf(f,\n+ \" X:%\" PRId64 \" W:%\" PRId64 \" R:%\" PRId64\n+ \" U:%\" PRId64 \" C:%\" PRId64,\n+ GET_TLB_FIELD(entry, PTE_X),\n+ GET_TLB_FIELD(entry, PTE_W),\n+ GET_TLB_FIELD(entry, PTE_R),\n+ GET_TLB_FIELD(entry, PTE_U),\n+ GET_TLB_FIELD(entry, PTE_C));\n+ fprintf(f, \" PA:0x%09\" PRIx64 \" SZ:%s (0x%\" PRIx64 \")\", PA,\n+ pgsize_str[hex_tlb_pgsize_type(entry)],\n+ hex_tlb_page_size_bytes(entry));\n+ fprintf(f, \"\\n\");\n+ return true;\n+ }\n+\n+ /* Not valid */\n+ return false;\n+}\n+\n+static inline bool hex_tlb_entry_match_noperm(uint64_t entry, uint32_t asid,\n+ uint64_t VA)\n+{\n+ if (GET_TLB_FIELD(entry, PTE_V)) {\n+ if (GET_TLB_FIELD(entry, PTE_G)) {\n+ /* Global entry - ignore ASID */\n+ } else if (asid != NO_ASID) {\n+ uint32_t tlb_asid = GET_TLB_FIELD(entry, PTE_ASID);\n+ if (tlb_asid != asid) {\n+ return false;\n+ }\n+ }\n+\n+ uint64_t page_size = hex_tlb_page_size_bytes(entry);\n+ uint64_t page_start =\n+ ROUND_DOWN(hex_tlb_virt_addr(entry), page_size);\n+ if (page_start <= VA && VA < page_start + page_size) {\n+ return true;\n+ }\n+ }\n+ return false;\n+}\n+\n+static inline void hex_tlb_entry_get_perm(uint64_t entry,\n+ MMUAccessType access_type,\n+ int mmu_idx, int *prot,\n+ int32_t *excp, int *cause_code)\n+{\n+ bool perm_x = GET_TLB_FIELD(entry, PTE_X);\n+ bool perm_w = GET_TLB_FIELD(entry, PTE_W);\n+ bool perm_r = GET_TLB_FIELD(entry, PTE_R);\n+ bool perm_u = GET_TLB_FIELD(entry, PTE_U);\n+ bool user_idx = mmu_idx == MMU_USER_IDX;\n+\n+ if (mmu_idx == MMU_KERNEL_IDX) {\n+ *prot = PAGE_VALID | PAGE_READ | PAGE_WRITE | PAGE_EXEC;\n+ return;\n+ }\n+\n+ *prot = PAGE_VALID;\n+ switch (access_type) {\n+ case MMU_INST_FETCH:\n+ if (user_idx && !perm_u) {\n+ *excp = HEX_EVENT_PRECISE;\n+ *cause_code = HEX_CAUSE_FETCH_NO_UPAGE;\n+ } else if (!perm_x) {\n+ *excp = HEX_EVENT_PRECISE;\n+ *cause_code = HEX_CAUSE_FETCH_NO_XPAGE;\n+ }\n+ break;\n+ case MMU_DATA_LOAD:\n+ if (user_idx && !perm_u) {\n+ *excp = HEX_EVENT_PRECISE;\n+ *cause_code = HEX_CAUSE_PRIV_NO_UREAD;\n+ } else if (!perm_r) {\n+ *excp = HEX_EVENT_PRECISE;\n+ *cause_code = HEX_CAUSE_PRIV_NO_READ;\n+ }\n+ break;\n+ case MMU_DATA_STORE:\n+ if (user_idx && !perm_u) {\n+ *excp = HEX_EVENT_PRECISE;\n+ *cause_code = HEX_CAUSE_PRIV_NO_UWRITE;\n+ } else if (!perm_w) {\n+ *excp = HEX_EVENT_PRECISE;\n+ *cause_code = HEX_CAUSE_PRIV_NO_WRITE;\n+ }\n+ break;\n+ }\n+\n+ if (!user_idx || perm_u) {\n+ if (perm_x) {\n+ *prot |= PAGE_EXEC;\n+ }\n+ if (perm_r) {\n+ *prot |= PAGE_READ;\n+ }\n+ if (perm_w) {\n+ *prot |= PAGE_WRITE;\n+ }\n+ }\n+}\n+\n+static inline bool hex_tlb_entry_match(uint64_t entry, uint8_t asid,\n+ target_ulong VA,\n+ MMUAccessType access_type, hwaddr *PA,\n+ int *prot, uint64_t *size,\n+ int32_t *excp, int *cause_code,\n+ int mmu_idx)\n+{\n+ if (hex_tlb_entry_match_noperm(entry, asid, VA)) {\n+ hex_tlb_entry_get_perm(entry, access_type, mmu_idx, prot, excp,\n+ cause_code);\n+ *PA = hex_tlb_phys_addr(entry);\n+ *size = hex_tlb_page_size_bytes(entry);\n+ return true;\n+ }\n+ return false;\n+}\n+\n+static bool hex_tlb_is_match(uint64_t entry1, uint64_t entry2,\n+ bool consider_gbit)\n+{\n+ bool valid1 = GET_TLB_FIELD(entry1, PTE_V);\n+ bool valid2 = GET_TLB_FIELD(entry2, PTE_V);\n+ uint64_t size1 = hex_tlb_page_size_bytes(entry1);\n+ uint64_t vaddr1 = ROUND_DOWN(hex_tlb_virt_addr(entry1), size1);\n+ uint64_t size2 = hex_tlb_page_size_bytes(entry2);\n+ uint64_t vaddr2 = ROUND_DOWN(hex_tlb_virt_addr(entry2), size2);\n+ int asid1 = GET_TLB_FIELD(entry1, PTE_ASID);\n+ int asid2 = GET_TLB_FIELD(entry2, PTE_ASID);\n+ bool gbit1 = GET_TLB_FIELD(entry1, PTE_G);\n+ bool gbit2 = GET_TLB_FIELD(entry2, PTE_G);\n+\n+ if (!valid1 || !valid2) {\n+ return false;\n+ }\n+\n+ if (((vaddr1 <= vaddr2) && (vaddr2 < (vaddr1 + size1))) ||\n+ ((vaddr2 <= vaddr1) && (vaddr1 < (vaddr2 + size2)))) {\n+ if (asid1 == asid2) {\n+ return true;\n+ }\n+ if ((consider_gbit && gbit1) || gbit2) {\n+ return true;\n+ }\n+ }\n+ return false;\n+}\n+\n+/* Public API */\n+\n+uint64_t hexagon_tlb_read(HexagonTLBState *tlb, uint32_t index)\n+{\n+ g_assert(index < tlb->num_entries);\n+ return tlb->entries[index];\n+}\n+\n+void hexagon_tlb_write(HexagonTLBState *tlb, uint32_t index, uint64_t value)\n+{\n+ g_assert(index < tlb->num_entries);\n+ tlb->entries[index] = value;\n+}\n+\n+bool hexagon_tlb_find_match(HexagonTLBState *tlb, uint32_t asid,\n+ target_ulong VA, MMUAccessType access_type,\n+ hwaddr *PA, int *prot, uint64_t *size,\n+ int32_t *excp, int *cause_code, int mmu_idx)\n+{\n+ *PA = 0;\n+ *prot = 0;\n+ *size = 0;\n+ *excp = 0;\n+ *cause_code = 0;\n+\n+ for (uint32_t i = 0; i < tlb->num_entries; i++) {\n+ if (hex_tlb_entry_match(tlb->entries[i], asid, VA, access_type,\n+ PA, prot, size, excp, cause_code, mmu_idx)) {\n+ return true;\n+ }\n+ }\n+ return false;\n+}\n+\n+uint32_t hexagon_tlb_lookup(HexagonTLBState *tlb, uint32_t asid,\n+ uint32_t VA, int *cause_code)\n+{\n+ uint32_t not_found = 0x80000000;\n+ uint32_t idx = not_found;\n+\n+ for (uint32_t i = 0; i < tlb->num_entries; i++) {\n+ uint64_t entry = tlb->entries[i];\n+ if (hex_tlb_entry_match_noperm(entry, asid, VA)) {\n+ if (idx != not_found) {\n+ *cause_code = HEX_CAUSE_IMPRECISE_MULTI_TLB_MATCH;\n+ break;\n+ }\n+ idx = i;\n+ }\n+ }\n+\n+ if (idx == not_found) {\n+ qemu_log_mask(CPU_LOG_MMU,\n+ \"%s: 0x%\" PRIx32 \", 0x%08\" PRIx32 \" => NOT FOUND\\n\",\n+ __func__, asid, VA);\n+ } else {\n+ qemu_log_mask(CPU_LOG_MMU,\n+ \"%s: 0x%\" PRIx32 \", 0x%08\" PRIx32 \" => %d\\n\",\n+ __func__, asid, VA, idx);\n+ }\n+\n+ return idx;\n+}\n+\n+/*\n+ * Return codes:\n+ * 0 or positive index of match\n+ * -1 multiple matches\n+ * -2 no match\n+ */\n+int hexagon_tlb_check_overlap(HexagonTLBState *tlb, uint64_t entry,\n+ uint64_t index)\n+{\n+ int matches = 0;\n+ int last_match = 0;\n+\n+ for (uint32_t i = 0; i < tlb->num_entries; i++) {\n+ if (hex_tlb_is_match(entry, tlb->entries[i], false)) {\n+ matches++;\n+ last_match = i;\n+ }\n+ }\n+\n+ if (matches == 1) {\n+ return last_match;\n+ }\n+ if (matches == 0) {\n+ return -2;\n+ }\n+ return -1;\n+}\n+\n+void hexagon_tlb_dump(HexagonTLBState *tlb)\n+{\n+ for (uint32_t i = 0; i < tlb->num_entries; i++) {\n+ hexagon_tlb_dump_entry(stdout, tlb->entries[i]);\n+ }\n+}\n+\n+uint32_t hexagon_tlb_get_num_entries(HexagonTLBState *tlb)\n+{\n+ return tlb->num_entries;\n+}\n+\n+/* QOM lifecycle */\n+\n+static void hexagon_tlb_init(Object *obj)\n+{\n+}\n+\n+static void hexagon_tlb_realize(DeviceState *dev, Error **errp)\n+{\n+ HexagonTLBState *s = HEXAGON_TLB(dev);\n+\n+ if (s->num_entries == 0 || s->num_entries > MAX_TLB_ENTRIES) {\n+ error_setg(errp, \"Invalid TLB num-entries: %\" PRIu32,\n+ s->num_entries);\n+ return;\n+ }\n+ s->entries = g_new0(uint64_t, s->num_entries);\n+}\n+\n+static void hexagon_tlb_finalize(Object *obj)\n+{\n+ HexagonTLBState *s = HEXAGON_TLB(obj);\n+ g_free(s->entries);\n+ s->entries = NULL;\n+}\n+\n+static void hexagon_tlb_reset_hold(Object *obj, ResetType type)\n+{\n+ HexagonTLBState *s = HEXAGON_TLB(obj);\n+ if (s->entries) {\n+ memset(s->entries, 0, sizeof(uint64_t) * s->num_entries);\n+ }\n+}\n+\n+static const VMStateDescription vmstate_hexagon_tlb = {\n+ .name = \"hexagon-tlb\",\n+ .version_id = 0,\n+ .minimum_version_id = 0,\n+ .fields = (const VMStateField[]) {\n+ VMSTATE_UINT32(num_entries, HexagonTLBState),\n+ VMSTATE_VARRAY_UINT32_ALLOC(entries, HexagonTLBState, num_entries,\n+ 0, vmstate_info_uint64, uint64_t),\n+ VMSTATE_END_OF_LIST()\n+ },\n+};\n+\n+static const Property hexagon_tlb_properties[] = {\n+ DEFINE_PROP_UINT32(\"num-entries\", HexagonTLBState, num_entries,\n+ MAX_TLB_ENTRIES),\n+};\n+\n+static void hexagon_tlb_class_init(ObjectClass *klass, const void *data)\n+{\n+ DeviceClass *dc = DEVICE_CLASS(klass);\n+ ResettableClass *rc = RESETTABLE_CLASS(klass);\n+\n+ dc->realize = hexagon_tlb_realize;\n+ rc->phases.hold = hexagon_tlb_reset_hold;\n+ dc->vmsd = &vmstate_hexagon_tlb;\n+ dc->user_creatable = false;\n+ device_class_set_props(dc, hexagon_tlb_properties);\n+}\n+\n+static const TypeInfo hexagon_tlb_info = {\n+ .name = TYPE_HEXAGON_TLB,\n+ .parent = TYPE_SYS_BUS_DEVICE,\n+ .instance_size = sizeof(HexagonTLBState),\n+ .instance_init = hexagon_tlb_init,\n+ .instance_finalize = hexagon_tlb_finalize,\n+ .class_init = hexagon_tlb_class_init,\n+};\n+\n+static void hexagon_tlb_register_types(void)\n+{\n+ type_register_static(&hexagon_tlb_info);\n+}\n+\n+type_init(hexagon_tlb_register_types)\ndiff --git a/target/hexagon/cpu.c b/target/hexagon/cpu.c\nindex 7469d8a1966..69b5c56b55f 100644\n--- a/target/hexagon/cpu.c\n+++ b/target/hexagon/cpu.c\n@@ -27,6 +27,13 @@\n #include \"tcg/tcg.h\"\n #include \"exec/gdbstub.h\"\n #include \"accel/tcg/cpu-ops.h\"\n+#include \"cpu_helper.h\"\n+#include \"hex_mmu.h\"\n+\n+#ifndef CONFIG_USER_ONLY\n+#include \"sys_macros.h\"\n+#include \"accel/tcg/cpu-ldst.h\"\n+#endif\n \n static void hexagon_v66_cpu_init(Object *obj) { }\n static void hexagon_v67_cpu_init(Object *obj) { }\n@@ -54,6 +61,7 @@ static const Property hexagon_cpu_properties[] = {\n #if !defined(CONFIG_USER_ONLY)\n DEFINE_PROP_LINK(\"tlb\", HexagonCPU, tlb, TYPE_HEXAGON_TLB,\n HexagonTLBState *),\n+ DEFINE_PROP_UINT32(\"htid\", HexagonCPU, htid, 0),\n #endif\n DEFINE_PROP_BOOL(\"lldb-compat\", HexagonCPU, lldb_compat, false),\n DEFINE_PROP_UNSIGNED(\"lldb-stack-adjust\", HexagonCPU, lldb_stack_adjust, 0,\n@@ -280,6 +288,13 @@ static TCGTBCPUState hexagon_get_tb_cpu_state(CPUState *cs)\n hexagon_raise_exception_err(env, HEX_CAUSE_PC_NOT_ALIGNED, 0);\n }\n \n+#ifndef CONFIG_USER_ONLY\n+ hex_flags = FIELD_DP32(hex_flags, TB_FLAGS, MMU_INDEX,\n+ cpu_mmu_index(env_cpu(env), false));\n+#else\n+ hex_flags = FIELD_DP32(hex_flags, TB_FLAGS, MMU_INDEX, MMU_USER_IDX);\n+#endif\n+\n return (TCGTBCPUState){ .pc = pc, .flags = hex_flags };\n }\n \n@@ -297,6 +312,7 @@ static void hexagon_restore_state_to_opc(CPUState *cs,\n cpu_env(cs)->gpr[HEX_REG_PC] = data[0];\n }\n \n+\n static void hexagon_cpu_reset_hold(Object *obj, ResetType type)\n {\n CPUState *cs = CPU(obj);\n@@ -312,9 +328,14 @@ static void hexagon_cpu_reset_hold(Object *obj, ResetType type)\n /* Default NaN value: sign bit set, all frac bits set */\n set_float_default_nan_pattern(0b11111111, &env->fp_status);\n #ifndef CONFIG_USER_ONLY\n+ HexagonCPU *cpu = HEXAGON_CPU(cs);\n+\n memset(env->t_sreg, 0, sizeof(target_ulong) * NUM_SREGS);\n memset(env->greg, 0, sizeof(target_ulong) * NUM_GREGS);\n- env->threadId = cs->cpu_index;\n+\n+ env->t_sreg[HEX_SREG_HTID] = cpu->htid;\n+ env->threadId = cpu->htid;\n+ hexagon_cpu_soft_reset(env);\n env->tlb_lock_state = HEX_LOCK_UNLOCKED;\n env->k0_lock_state = HEX_LOCK_UNLOCKED;\n env->tlb_lock_count = 0;\n@@ -350,6 +371,7 @@ static void hexagon_cpu_realize(DeviceState *dev, Error **errp)\n gdb_find_static_feature(\"hexagon-hvx.xml\"), 0);\n \n qemu_init_vcpu(cs);\n+\n cpu_reset(cs);\n mcc->parent_realize(dev, errp);\n }\ndiff --git a/target/hexagon/cpu_helper.c b/target/hexagon/cpu_helper.c\nindex 8e11cbb20dd..cab40b36cdc 100644\n--- a/target/hexagon/cpu_helper.c\n+++ b/target/hexagon/cpu_helper.c\n@@ -66,5 +66,13 @@ void hexagon_set_sys_pcycle_count(CPUHexagonState *env, uint64_t cycles)\n g_assert_not_reached();\n }\n \n+void hexagon_modify_ssr(CPUHexagonState *env, uint32_t new, uint32_t old)\n+{\n+ g_assert_not_reached();\n+}\n \n+int get_exe_mode(CPUHexagonState *env)\n+{\n+ g_assert_not_reached();\n+}\n #endif\ndiff --git a/target/hexagon/hex_mmu.c b/target/hexagon/hex_mmu.c\nnew file mode 100644\nindex 00000000000..d130a46c285\n--- /dev/null\n+++ b/target/hexagon/hex_mmu.c\n@@ -0,0 +1,273 @@\n+/*\n+ * Copyright (c) Qualcomm Technologies, Inc. and/or its subsidiaries.\n+ *\n+ * SPDX-License-Identifier: GPL-2.0-or-later\n+ */\n+\n+#include \"qemu/osdep.h\"\n+#include \"qemu/log.h\"\n+#include \"qemu/main-loop.h\"\n+#include \"qemu/qemu-print.h\"\n+#include \"cpu.h\"\n+#include \"system/cpus.h\"\n+#include \"internal.h\"\n+#include \"exec/cpu-interrupt.h\"\n+#include \"cpu_helper.h\"\n+#include \"exec/cputlb.h\"\n+#include \"hex_mmu.h\"\n+#include \"macros.h\"\n+#include \"sys_macros.h\"\n+#include \"reg_fields.h\"\n+#include \"hw/hexagon/hexagon_tlb.h\"\n+\n+static inline void hex_log_tlbw(uint32_t index, uint64_t entry)\n+{\n+ if (qemu_loglevel_mask(CPU_LOG_MMU)) {\n+ if (qemu_log_enabled()) {\n+ FILE *logfile = qemu_log_trylock();\n+ if (logfile) {\n+ fprintf(logfile, \"tlbw[%03d]: \", index);\n+ if (!hexagon_tlb_dump_entry(logfile, entry)) {\n+ fprintf(logfile, \"invalid\\n\");\n+ }\n+ qemu_log_unlock(logfile);\n+ }\n+ }\n+ }\n+}\n+\n+void hex_tlbw(CPUHexagonState *env, uint32_t index, uint64_t value)\n+{\n+ uint32_t myidx = fTLB_NONPOW2WRAP(fTLB_IDXMASK(index));\n+ HexagonTLBState *tlb = env_archcpu(env)->tlb;\n+ uint64_t old_entry = hexagon_tlb_read(tlb, myidx);\n+\n+ bool old_entry_valid = extract64(old_entry,\n+ reg_field_info[PTE_V].offset,\n+ reg_field_info[PTE_V].width);\n+ if (old_entry_valid && hexagon_cpu_mmu_enabled(env)) {\n+ CPUState *cs = env_cpu(env);\n+ tlb_flush(cs);\n+ }\n+ hexagon_tlb_write(tlb, myidx, value);\n+ hex_log_tlbw(myidx, value);\n+}\n+\n+void hex_mmu_on(CPUHexagonState *env)\n+{\n+ CPUState *cs = env_cpu(env);\n+ qemu_log_mask(CPU_LOG_MMU, \"Hexagon MMU turned on!\\n\");\n+ tlb_flush(cs);\n+}\n+\n+void hex_mmu_off(CPUHexagonState *env)\n+{\n+ CPUState *cs = env_cpu(env);\n+ qemu_log_mask(CPU_LOG_MMU, \"Hexagon MMU turned off!\\n\");\n+ tlb_flush(cs);\n+}\n+\n+void hex_mmu_mode_change(CPUHexagonState *env)\n+{\n+ qemu_log_mask(CPU_LOG_MMU, \"Hexagon mode change!\\n\");\n+ CPUState *cs = env_cpu(env);\n+ tlb_flush(cs);\n+}\n+\n+bool hex_tlb_find_match(CPUHexagonState *env, target_ulong VA,\n+ MMUAccessType access_type, hwaddr *PA, int *prot,\n+ uint64_t *size, int32_t *excp, int mmu_idx)\n+{\n+ HexagonCPU *cpu = env_archcpu(env);\n+ uint32_t ssr = env->t_sreg[HEX_SREG_SSR];\n+ uint8_t asid = GET_SSR_FIELD(SSR_ASID, ssr);\n+ int cause_code = 0;\n+\n+ bool found = hexagon_tlb_find_match(cpu->tlb, asid, VA, access_type,\n+ PA, prot, size, excp, &cause_code,\n+ mmu_idx);\n+ if (cause_code) {\n+ env->cause_code = cause_code;\n+ }\n+ return found;\n+}\n+\n+/* Called from tlbp instruction */\n+uint32_t hex_tlb_lookup(CPUHexagonState *env, uint32_t ssr, uint32_t VA)\n+{\n+ HexagonCPU *cpu = env_archcpu(env);\n+ uint8_t asid = GET_SSR_FIELD(SSR_ASID, ssr);\n+ int cause_code = 0;\n+\n+ uint32_t result = hexagon_tlb_lookup(cpu->tlb, asid, VA, &cause_code);\n+ if (cause_code) {\n+ env->cause_code = cause_code;\n+ }\n+ return result;\n+}\n+\n+/*\n+ * Return codes:\n+ * 0 or positive index of match\n+ * -1 multiple matches\n+ * -2 no match\n+ */\n+int hex_tlb_check_overlap(CPUHexagonState *env, uint64_t entry, uint64_t index)\n+{\n+ HexagonCPU *cpu = env_archcpu(env);\n+ return hexagon_tlb_check_overlap(cpu->tlb, entry, index);\n+}\n+\n+void dump_mmu(CPUHexagonState *env)\n+{\n+ HexagonCPU *cpu = env_archcpu(env);\n+ hexagon_tlb_dump(cpu->tlb);\n+}\n+\n+static inline void print_thread(const char *str, CPUState *cs)\n+{\n+ g_assert(bql_locked());\n+ CPUHexagonState *thread = cpu_env(cs);\n+ bool is_stopped = cpu_is_stopped(cs);\n+ int exe_mode = get_exe_mode(thread);\n+ hex_lock_state_t lock_state = thread->tlb_lock_state;\n+ qemu_log_mask(CPU_LOG_MMU,\n+ \"%s: threadId = %d: %s, exe_mode = %s, tlb_lock_state = %s\\n\",\n+ str,\n+ thread->threadId,\n+ is_stopped ? \"stopped\" : \"running\",\n+ exe_mode == HEX_EXE_MODE_OFF ? \"off\" :\n+ exe_mode == HEX_EXE_MODE_RUN ? \"run\" :\n+ exe_mode == HEX_EXE_MODE_WAIT ? \"wait\" :\n+ exe_mode == HEX_EXE_MODE_DEBUG ? \"debug\" :\n+ \"unknown\",\n+ lock_state == HEX_LOCK_UNLOCKED ? \"unlocked\" :\n+ lock_state == HEX_LOCK_WAITING ? \"waiting\" :\n+ lock_state == HEX_LOCK_OWNER ? \"owner\" :\n+ \"unknown\");\n+}\n+\n+static inline void print_thread_states(const char *str)\n+{\n+ CPUState *cs;\n+ CPU_FOREACH(cs) {\n+ print_thread(str, cs);\n+ }\n+}\n+\n+void hex_tlb_lock(CPUHexagonState *env)\n+{\n+ qemu_log_mask(CPU_LOG_MMU, \"hex_tlb_lock: \" TARGET_FMT_ld \"\\n\",\n+ env->threadId);\n+ BQL_LOCK_GUARD();\n+ g_assert((env->tlb_lock_count == 0) || (env->tlb_lock_count == 1));\n+\n+ uint32_t syscfg = arch_get_system_reg(env, HEX_SREG_SYSCFG);\n+ uint8_t tlb_lock = GET_SYSCFG_FIELD(SYSCFG_TLBLOCK, syscfg);\n+ if (tlb_lock) {\n+ if (env->tlb_lock_state == HEX_LOCK_QUEUED) {\n+ env->next_PC += 4;\n+ env->tlb_lock_count++;\n+ env->tlb_lock_state = HEX_LOCK_OWNER;\n+ SET_SYSCFG_FIELD(env, SYSCFG_TLBLOCK, 1);\n+ return;\n+ }\n+ if (env->tlb_lock_state == HEX_LOCK_OWNER) {\n+ qemu_log_mask(CPU_LOG_MMU | LOG_GUEST_ERROR,\n+ \"Double tlblock at PC: 0x%x, thread may hang\\n\",\n+ env->next_PC);\n+ env->next_PC += 4;\n+ CPUState *cs = env_cpu(env);\n+ cpu_interrupt(cs, CPU_INTERRUPT_HALT);\n+ return;\n+ }\n+ env->tlb_lock_state = HEX_LOCK_WAITING;\n+ CPUState *cs = env_cpu(env);\n+ cpu_interrupt(cs, CPU_INTERRUPT_HALT);\n+ } else {\n+ env->next_PC += 4;\n+ env->tlb_lock_count++;\n+ env->tlb_lock_state = HEX_LOCK_OWNER;\n+ SET_SYSCFG_FIELD(env, SYSCFG_TLBLOCK, 1);\n+ }\n+\n+ if (qemu_loglevel_mask(CPU_LOG_MMU)) {\n+ qemu_log_mask(CPU_LOG_MMU, \"Threads after hex_tlb_lock:\\n\");\n+ print_thread_states(\"\\tThread\");\n+ }\n+}\n+\n+void hex_tlb_unlock(CPUHexagonState *env)\n+{\n+ BQL_LOCK_GUARD();\n+ g_assert((env->tlb_lock_count == 0) || (env->tlb_lock_count == 1));\n+\n+ /* Nothing to do if the TLB isn't locked by this thread */\n+ uint32_t syscfg = arch_get_system_reg(env, HEX_SREG_SYSCFG);\n+ uint8_t tlb_lock = GET_SYSCFG_FIELD(SYSCFG_TLBLOCK, syscfg);\n+ if ((tlb_lock == 0) ||\n+ (env->tlb_lock_state != HEX_LOCK_OWNER)) {\n+ qemu_log_mask(LOG_GUEST_ERROR,\n+ \"thread %d attempted to tlbunlock without having the \"\n+ \"lock, tlb_lock state = %d\\n\",\n+ env->threadId, env->tlb_lock_state);\n+ g_assert(env->tlb_lock_state != HEX_LOCK_WAITING);\n+ return;\n+ }\n+\n+ env->tlb_lock_count--;\n+ env->tlb_lock_state = HEX_LOCK_UNLOCKED;\n+ SET_SYSCFG_FIELD(env, SYSCFG_TLBLOCK, 0);\n+\n+ /* Look for a thread to unlock */\n+ unsigned int this_threadId = env->threadId;\n+ CPUHexagonState *unlock_thread = NULL;\n+ CPUState *cs;\n+ CPU_FOREACH(cs) {\n+ CPUHexagonState *thread = cpu_env(cs);\n+\n+ /*\n+ * The hardware implements round-robin fairness, so we look for threads\n+ * starting at env->threadId + 1 and incrementing modulo the number of\n+ * threads.\n+ *\n+ * To implement this, we check if thread is a earlier in the modulo\n+ * sequence than unlock_thread.\n+ * if unlock thread is higher than this thread\n+ * thread must be between this thread and unlock_thread\n+ * else\n+ * thread higher than this thread is ahead of unlock_thread\n+ * thread must be lower then unlock thread\n+ */\n+ if (thread->tlb_lock_state == HEX_LOCK_WAITING) {\n+ if (!unlock_thread) {\n+ unlock_thread = thread;\n+ } else if (unlock_thread->threadId > this_threadId) {\n+ if (this_threadId < thread->threadId &&\n+ thread->threadId < unlock_thread->threadId) {\n+ unlock_thread = thread;\n+ }\n+ } else {\n+ if (thread->threadId > this_threadId) {\n+ unlock_thread = thread;\n+ }\n+ if (thread->threadId < unlock_thread->threadId) {\n+ unlock_thread = thread;\n+ }\n+ }\n+ }\n+ }\n+ if (unlock_thread) {\n+ cs = env_cpu(unlock_thread);\n+ print_thread(\"\\tWaiting thread found\", cs);\n+ unlock_thread->tlb_lock_state = HEX_LOCK_QUEUED;\n+ SET_SYSCFG_FIELD(unlock_thread, SYSCFG_TLBLOCK, 1);\n+ cpu_interrupt(cs, CPU_INTERRUPT_TLB_UNLOCK);\n+ }\n+\n+ if (qemu_loglevel_mask(CPU_LOG_MMU)) {\n+ qemu_log_mask(CPU_LOG_MMU, \"Threads after hex_tlb_unlock:\\n\");\n+ print_thread_states(\"\\tThread\");\n+ }\n+\n+}\ndiff --git a/target/hexagon/machine.c b/target/hexagon/machine.c\nindex 78152184569..50e2e420182 100644\n--- a/target/hexagon/machine.c\n+++ b/target/hexagon/machine.c\n@@ -26,6 +26,7 @@ const VMStateDescription vmstate_hexagon_cpu = {\n VMSTATE_UINTTL(env.threadId, HexagonCPU),\n VMSTATE_UINTTL(env.cause_code, HexagonCPU),\n VMSTATE_UINTTL(env.wait_next_pc, HexagonCPU),\n+\n VMSTATE_END_OF_LIST()\n },\n };\ndiff --git a/target/hexagon/translate.c b/target/hexagon/translate.c\nindex f3dc62cec1d..1341720831b 100644\n--- a/target/hexagon/translate.c\n+++ b/target/hexagon/translate.c\n@@ -987,7 +987,7 @@ static void hexagon_tr_init_disas_context(DisasContextBase *dcbase,\n HexagonCPU *hex_cpu = env_archcpu(cpu_env(cs));\n uint32_t hex_flags = dcbase->tb->flags;\n \n- ctx->mem_idx = MMU_USER_IDX;\n+ ctx->mem_idx = FIELD_EX32(hex_flags, TB_FLAGS, MMU_INDEX);\n ctx->num_packets = 0;\n ctx->num_insns = 0;\n ctx->num_hvx_insns = 0;\n", "prefixes": [ "v3", "34/37" ] }