diff mbox

[v2] target-ppc: Handle memory-forced I/O controller access

Message ID 1308086876-64159-1-git-send-email-andreas.faerber@web.de
State New
Headers show

Commit Message

Andreas Färber June 14, 2011, 9:27 p.m. UTC 
From: Hervé Poussineau <hpoussin@reactos.org>

On at least the PowerPC 601, a direct-store (T=1) with bus unit ID 0x07F
is special-cased as memory-forced I/O controller access. It is supposed
to be checked immediately if T=1, bypassing all protection mechanisms
and acting cache-inhibited and global.

Signed-off-by: Hervé Poussineau <hpoussin@reactos.org>

Simplified by avoiding reindentation. Added explanatory comments.

Cc: Alexander Graf <agraf@suse.de>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
---
 target-ppc/helper.c |   16 ++++++++++++++++
 1 files changed, 16 insertions(+), 0 deletions(-)

Comments

Alexander Graf June 15, 2011, 8:05 a.m. UTC | #1 
On 14.06.2011, at 23:27, Andreas Färber wrote:

> From: Hervé Poussineau <hpoussin@reactos.org>
> 
> On at least the PowerPC 601, a direct-store (T=1) with bus unit ID 0x07F
> is special-cased as memory-forced I/O controller access. It is supposed
> to be checked immediately if T=1, bypassing all protection mechanisms
> and acting cache-inhibited and global.

Thanks, applied to ppc-next.


Alex
diff mbox

Patch

diff --git a/target-ppc/helper.c b/target-ppc/helper.c
index cf2a368..2944b06 100644
--- a/target-ppc/helper.c
+++ b/target-ppc/helper.c
@@ -949,8 +949,24 @@  static inline int get_segment(CPUState *env, mmu_ctx_t *ctx,
             ret = -3;
         }
     } else {
+        target_ulong sr;
         LOG_MMU("direct store...\n");
         /* Direct-store segment : absolutely *BUGGY* for now */
+
+        /* Direct-store implies a 32-bit MMU.
+         * Check the Segment Register's bus unit ID (BUID).
+         */
+        sr = env->sr[eaddr >> 28];
+        if ((sr & 0x1FF00000) >> 20 == 0x07f) {
+            /* Memory-forced I/O controller interface access */
+            /* If T=1 and BUID=x'07F', the 601 performs a memory access
+             * to SR[28-31] LA[4-31], bypassing all protection mechanisms.
+             */
+            ctx->raddr = ((sr & 0xF) << 28) | (eaddr & 0x0FFFFFFF);
+            ctx->prot = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
+            return 0;
+        }
+
         switch (type) {
         case ACCESS_INT:
             /* Integer load/store : only access allowed */