cpu_init(cpu_model) were replaced by cpu_create(cpu_type) so
no users are left, remove it.
Signed-off-by: NIgor Mammedov <imammedo@redhat.com>
Acked-by: David Gibson <david@gibson.dropbear.id.au> (ppc)
Reviewed-by: NEduardo Habkost <ehabkost@redhat.com>
Message-Id: <1518000027-274608-6-git-send-email-imammedo@redhat.com>
Signed-off-by: NEduardo Habkost <ehabkost@redhat.com>

it will be used for providing to cpu name resolving class for
parsing cpu model for system and user emulation code.

Along with change add target to null-machine tests, so
that when switch to CPU_RESOLVING_TYPE happens,
it would ensure that null-machine usecase still works.
Signed-off-by: NIgor Mammedov <imammedo@redhat.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu> (m68k)
Acked-by: David Gibson <david@gibson.dropbear.id.au> (ppc)
Acked-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de> (tricore)
Message-Id: <1518000027-274608-4-git-send-email-imammedo@redhat.com>
Reviewed-by: NEduardo Habkost <ehabkost@redhat.com>
[ehabkost: Added macro to riscv too]
Signed-off-by: NEduardo Habkost <ehabkost@redhat.com>

Signed-off-by: NIgor Mammedov <imammedo@redhat.com>
Reviewed-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org>
Tested-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <1507211474-188400-37-git-send-email-imammedo@redhat.com>
Signed-off-by: NEduardo Habkost <ehabkost@redhat.com>

now cpu_mips_init() reimplements subset of cpu_generic_init()
tasks, so just drop it and use cpu_generic_init() directly.
Signed-off-by: NIgor Mammedov <imammedo@redhat.com>
Reviewed-by: NHervé Poussineau <hpoussin@reactos.org>
Signed-off-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org>
[PMD: use internal.h instead of cpu.h]
Tested-by: NJames Hogan <james.hogan@imgtec.com>
Reviewed-by: NEduardo Habkost <ehabkost@redhat.com>
Signed-off-by: NYongbok Kim <yongbok.kim@imgtec.com>

no logical change, only code movement (and fix a comment typo).
Signed-off-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org>
Tested-by: NIgor Mammedov <imammedo@redhat.com>
Tested-by: NJames Hogan <james.hogan@imgtec.com>
Acked-by: NEduardo Habkost <ehabkost@redhat.com>
Signed-off-by: NYongbok Kim <yongbok.kim@imgtec.com>

The optional segmentation control registers CP0_SegCtl0, CP0_SegCtl1 &
CP0_SegCtl2 control the behaviour and required privilege of the legacy
virtual memory segments.

Add them to the CP0 interface so they can be read and written when
CP0_Config3.SC=1, and initialise them to describe the standard legacy
layout so they can be used in future patches regardless of whether they
are exposed to the guest.
Signed-off-by: NJames Hogan <james.hogan@imgtec.com>
Cc: Yongbok Kim <yongbok.kim@imgtec.com>
Cc: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: NYongbok Kim <yongbok.kim@imgtec.com>
Signed-off-by: NYongbok Kim <yongbok.kim@imgtec.com>

The segmentation control feature allows a legacy memory segment to
become unmapped uncached at error level (according to CP0_Status.ERL),
and in fact the user segment is already treated in this way by QEMU.

Add a new MMU mode for this state so that QEMU's mappings don't persist
between ERL=0 and ERL=1.
Signed-off-by: NJames Hogan <james.hogan@imgtec.com>
Reviewed-by: NYongbok Kim <yongbok.kim@imgtec.com>
Cc: Aurelien Jarno <aurelien@aurel32.net>
[yongbok.kim@imgtec.com:
  cosmetic changes]
Signed-off-by: NYongbok Kim <yongbok.kim@imgtec.com>

The MIPS mmu_idx is sometimes calculated from hflags without an env
pointer available as cpu_mmu_index() requires.

Create a common hflags_mmu_index() for the purpose of this calculation
which can operate on any hflags, not just with an env pointer, and
update cpu_mmu_index() itself and gen_intermediate_code() to use it.

Also update debug_post_eret() and helper_mtc0_status() to log the MMU
mode with the status change (SM, UM, or nothing for kernel mode) based
on cpu_mmu_index() rather than directly testing hflags.

This will also allow the logic to be more easily updated when a new MMU
mode is added.
Signed-off-by: NJames Hogan <james.hogan@imgtec.com>
Reviewed-by: NYongbok Kim <yongbok.kim@imgtec.com>
Cc: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: NYongbok Kim <yongbok.kim@imgtec.com>

Add support for the CP0_EBase.WG bit, which allows upper bits to be
written (bits 31:30 on MIPS32, or bits 63:30 on MIPS64), along with the
CP0_Config5.CV bit to control whether the exception vector for Cache
Error exceptions is forced into KSeg1.

This is necessary on MIPS32 to support Segmentation Control and Enhanced
Virtual Addressing (EVA) extensions (where KSeg1 addresses may not
represent an unmapped uncached segment).

It is also useful on MIPS64 to allow the exception base to reside in
XKPhys, and possibly out of range of KSEG0 and KSEG1.
Signed-off-by: NJames Hogan <james.hogan@imgtec.com>
Cc: Yongbok Kim <yongbok.kim@imgtec.com>
Cc: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: NYongbok Kim <yongbok.kim@imgtec.com>
[yongbok.kim@imgtec.com:
  minor changes]
Signed-off-by: NYongbok Kim <yongbok.kim@imgtec.com>

Provide a new cpu_supports_isa function which allows callers to
determine whether a CPU supports one of the ISA_ flags, by testing
whether the associated struct mips_def_t sets the ISA flags in its
insn_flags field.

An example use of this is to allow boards which generate bootloader code
to determine the properties of the CPU that will be used, for example
whether the CPU is 64 bit or which architecture revision it implements.
Signed-off-by: NPaul Burton <paul.burton@imgtec.com>
Reviewed-by: NLeon Alrae <leon.alrae@imgtec.com>
Reviewed-by: NPhilippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: NYongbok Kim <yongbok.kim@imgtec.com>

We have never has the concept of global TLB entries which would avoid
the flush so we never actually use this flag. Drop it and make clear
that tlb_flush is the sledge-hammer it has always been.
Signed-off-by: NAlex Bennée <alex.bennee@linaro.org>
Reviewed-by: NRichard Henderson <rth@twiddle.net>
[DG: ppc portions]
Acked-by: NDavid Gibson <david@gibson.dropbear.id.au>

It is a common thing amongst the various cpu reset functions want to
flush the SoftMMU's TLB entries. This is done either by calling
tlb_flush directly or by way of a general memset of the CPU
structure (sometimes both).

This moves the tlb_flush call to the common reset function and
additionally ensures it is only done for the CONFIG_SOFTMMU case and
when tcg is enabled.

In some target cases we add an empty end_of_reset_fields structure to the
target vCPU structure so have a clear end point for any memset which
is resetting value in the structure before CPU_COMMON (where the TLB
structures are).

While this is a nice clean-up in general it is also a precursor for
changes coming to cputlb for MTTCG where the clearing of entries
can't be done arbitrarily across vCPUs. Currently the cpu_reset
function is usually called from the context of another vCPU as the
architectural power up sequence is run. By using the cputlb API
functions we can ensure the right behaviour in the future.
Signed-off-by: NAlex Bennée <alex.bennee@linaro.org>
Reviewed-by: NRichard Henderson <rth@twiddle.net>
Reviewed-by: NDavid Gibson <david@gibson.dropbear.id.au>

We've currently got 18 architectures in QEMU, and thus 18 target-xxx
folders in the root folder of the QEMU source tree. More architectures
(e.g. RISC-V, AVR) are likely to be included soon, too, so the main
folder of the QEMU sources slowly gets quite overcrowded with the
target-xxx folders.
To disburden the main folder a little bit, let's move the target-xxx
folders into a dedicated target/ folder, so that target-xxx/ simply
becomes target/xxx/ instead.

Acked-by: Laurent Vivier <laurent@vivier.eu> [m68k part]
Acked-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de> [tricore part]
Acked-by: Michael Walle <michael@walle.cc> [lm32 part]
Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com> [s390x part]
Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com> [s390x part]
Acked-by: Eduardo Habkost <ehabkost@redhat.com> [i386 part]
Acked-by: Artyom Tarasenko <atar4qemu@gmail.com> [sparc part]
Acked-by: Richard Henderson <rth@twiddle.net> [alpha part]
Acked-by: Max Filippov <jcmvbkbc@gmail.com> [xtensa part]
Reviewed-by: David Gibson <david@gibson.dropbear.id.au> [ppc part]
Acked-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> [cris&microblaze part]
Acked-by: Guan Xuetao <gxt@mprc.pku.edu.cn> [unicore32 part]
Signed-off-by: NThomas Huth <thuth@redhat.com>

Most of them use guard symbols like CPU_$target_H, but we also have
__MIPS_CPU_H__ and __TRICORE_CPU_H__.  They all upset
scripts/clean-header-guards.pl.

The script dislikes CPU_$target_H because they don't match their file
name (they should, to make guard collisions less likely).  The others
are reserved identifiers.

Clean them all up: use guard symbol $target_CPU_H for
target-$target/cpu.h.
Signed-off-by: NMarkus Armbruster <armbru@redhat.com>
Reviewed-by: NRichard Henderson <rth@twiddle.net>

There are functions tlb_fill(), cpu_unaligned_access() and
do_unaligned_access() that are called with access type and mmu index
arguments. But these arguments are named 'is_write' and 'is_user' in their
declarations. The patches fix the arguments to avoid a confusion.
Signed-off-by: NSergey Sorokin <afarallax@yandex.ru>
Reviewed-by: NEduardo Habkost <ehabkost@redhat.com>
Acked-by: NDavid Gibson <david@gibson.dropbear.id.au>
Message-id: 1465907177-1399402-1-git-send-email-afarallax@yandex.ru
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

The read-only Config4.AE bit set denotes extended 10 bits ASID.
Signed-off-by: NPaul Burton <paul.burton@imgtec.com>
Signed-off-by: NJames Hogan <james.hogan@imgtec.com>
Signed-off-by: NLeon Alrae <leon.alrae@imgtec.com>

ASID currently has uint8_t type which is too small since some processors
support more than 8 bits ASID. Therefore change its type to uint16_t.
Signed-off-by: NPaul Burton <paul.burton@imgtec.com>
Signed-off-by: NJames Hogan <james.hogan@imgtec.com>
Signed-off-by: NLeon Alrae <leon.alrae@imgtec.com>

Signed-off-by: NPaul Burton <paul.burton@imgtec.com>
Signed-off-by: NJames Hogan <james.hogan@imgtec.com>
Signed-off-by: NLeon Alrae <leon.alrae@imgtec.com>

Replace hardcoded 0xbfc00000 with exception_base which is initialized with
this default address so there is no functional change here.
However, it is now exposed and consequently it will be possible to modify
it from outside of the CPU.
Signed-off-by: NLeon Alrae <leon.alrae@imgtec.com>

This function needs to be converted to QOM hook and virtualised for
multi-arch. This rename interferes, as cpu-qom will not have access
to the renaming causing name divergence. This rename doesn't really do
anything anyway so just delete it.
Signed-off-by: NPeter Crosthwaite <crosthwaite.peter@gmail.com>
Message-Id: <69bd25a8678b8b31b91cd9760c777bed1aafb44e.1437212383.git.crosthwaite.peter@gmail.com>
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
Signed-off-by: NPeter Crosthwaite <crosthwaitepeter@gmail.com>

Add preprocessor definition of FCR31's FS bit, and update related
code for setting this bit.
Signed-off-by: NAleksandar Markovic <aleksandar.markovic@imgtec.com>
Reviewed-by: NLeon Alrae <leon.alrae@imgtec.com>
Signed-off-by: NLeon Alrae <leon.alrae@imgtec.com>

This patch implements read and write access rules for Mips floating
point control and status register (FCR31). The change can be divided
into following parts:

- Add fields that will keep FCR31's R/W bitmask in procesor
  definitions and processor float_status structure.

- Add appropriate value for FCR31's R/W bitmask for each supported
  processor.

- Add function for setting snan_bit_is_one, and integrate it in
  appropriate places.

- Modify handling of CTC1 (case 31) instruction to use FCR31's R/W
  bitmask.

- Modify handling user mode executables for Mips, in relation to the
  bit EF_MIPS_NAN2008 from ELF header, that is in turn related to
  reading and writing to FCR31.

- Modify gdb behavior in relation to FCR31.
Signed-off-by: NThomas Schwinge <thomas@codesourcery.com>
Signed-off-by: NMaciej W. Rozycki <macro@codesourcery.com>
Signed-off-by: NAleksandar Markovic <aleksandar.markovic@imgtec.com>
Reviewed-by: NLeon Alrae <leon.alrae@imgtec.com>
Signed-off-by: NLeon Alrae <leon.alrae@imgtec.com>

This patch modifies SoftFloat library so that it can be configured in
run-time in relation to the meaning of signaling NaN bit, while, at the
same time, strictly preserving its behavior on all existing platforms.

Background:

In floating-point calculations, there is a need for denoting undefined or
unrepresentable values. This is achieved by defining certain floating-point
numerical values to be NaNs (which stands for "not a number"). For additional
reasons, virtually all modern floating-point unit implementations use two
kinds of NaNs: quiet and signaling. The binary representations of these two
kinds of NaNs, as a rule, differ only in one bit (that bit is, traditionally,
the first bit of mantissa).

Up to 2008, standards for floating-point did not specify all details about
binary representation of NaNs. More specifically, the meaning of the bit
that is used for distinguishing between signaling and quiet NaNs was not
strictly prescribed. (IEEE 754-2008 was the first floating-point standard
that defined that meaning clearly, see [1], p. 35) As a result, different
platforms took different approaches, and that presented considerable
challenge for multi-platform emulators like QEMU.

Mips platform represents the most complex case among QEMU-supported
platforms regarding signaling NaN bit. Up to the Release 6 of Mips
architecture, "1" in signaling NaN bit denoted signaling NaN, which is
opposite to IEEE 754-2008 standard. From Release 6 on, Mips architecture
adopted IEEE standard prescription, and "0" denotes signaling NaN. On top of
that, Mips architecture for SIMD (also known as MSA, or vector instructions)
also specifies signaling bit in accordance to IEEE standard. MSA unit can be
implemented with both pre-Release 6 and Release 6 main processor units.

QEMU uses SoftFloat library to implement various floating-point-related
instructions on all platforms. The current QEMU implementation allows for
defining meaning of signaling NaN bit during build time, and is implemented
via preprocessor macro called SNAN_BIT_IS_ONE.

On the other hand, the change in this patch enables SoftFloat library to be
configured in run-time. This configuration is meant to occur during CPU
initialization, at the moment when it is definitely known what desired
behavior for particular CPU (or any additional FPUs) is.

The change is implemented so that it is consistent with existing
implementation of similar cases. This means that structure float_status is
used for passing the information about desired signaling NaN bit on each
invocation of SoftFloat functions. The additional field in float_status is
called snan_bit_is_one, which supersedes macro SNAN_BIT_IS_ONE.

IMPORTANT:

This change is not meant to create any change in emulator behavior or
functionality on any platform. It just provides the means for SoftFloat
library to be used in a more flexible way - in other words, it will just
prepare SoftFloat library for usage related to Mips platform and its
specifics regarding signaling bit meaning, which is done in some of
subsequent patches from this series.

Further break down of changes:

  1) Added field snan_bit_is_one to the structure float_status, and
     correspondent setter function set_snan_bit_is_one().

  2) Constants <float16|float32|float64|floatx80|float128>_default_nan
     (used both internally and externally) converted to functions
     <float16|float32|float64|floatx80|float128>_default_nan(float_status*).
     This is necessary since they are dependent on signaling bit meaning.
     At the same time, for the sake of code cleanup and simplicity, constants
     <floatx80|float128>_default_nan_<low|high> (used only internally within
     SoftFloat library) are removed, as not needed.

  3) Added a float_status* argument to SoftFloat library functions
     XXX_is_quiet_nan(XXX a_), XXX_is_signaling_nan(XXX a_),
     XXX_maybe_silence_nan(XXX a_). This argument must be present in
     order to enable correct invocation of new version of functions
     XXX_default_nan(). (XXX is <float16|float32|float64|floatx80|float128>
     here)

  4) Updated code for all platforms to reflect changes in SoftFloat library.
     This change is twofolds: it includes modifications of SoftFloat library
     functions invocations, and an addition of invocation of function
     set_snan_bit_is_one() during CPU initialization, with arguments that
     are appropriate for each particular platform. It was established that
     all platforms zero their main CPU data structures, so snan_bit_is_one(0)
     in appropriate places is not added, as it is not needed.

[1] "IEEE Standard for Floating-Point Arithmetic",
    IEEE Computer Society, August 29, 2008.
Signed-off-by: NThomas Schwinge <thomas@codesourcery.com>
Signed-off-by: NMaciej W. Rozycki <macro@codesourcery.com>
Signed-off-by: NAleksandar Markovic <aleksandar.markovic@imgtec.com>
Tested-by: NBastian Koppelmann <kbastian@mail.uni-paderborn.de>
Reviewed-by: NLeon Alrae <leon.alrae@imgtec.com>
Tested-by: NLeon Alrae <leon.alrae@imgtec.com>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
[leon.alrae@imgtec.com:
 * cherry-picked 2 chunks from patch #2 to fix compilation warnings]
Signed-off-by: NLeon Alrae <leon.alrae@imgtec.com>

exec-all.h contains TCG-specific definitions.  It is not needed outside
TCG-specific files such as translate.c, exec.c or *helper.c.

One generic function had snuck into include/exec/exec-all.h; move it to
include/qom/cpu.h.
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>

These are here for historical reasons: they are needed from both gdbstub.c
and op_helper.c, and the latter was compiled with fixed AREG0.  It is
not needed anymore, so uninline them.
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>

Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>

Make MIPSCPU an opaque type within cpu-qom.h, and move all definitions of
private methods, as well as all type definitions that require knowledge
of the layout to cpu.h.  This helps making files independent of NEED_CPU_H
if they only need to pass around CPU pointers.
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>

We are inconsistent with the type of tb->flags: usage varies loosely
between int and uint64_t. Settle to uint32_t everywhere, which is
superior to both: at least one target (aarch64) uses the most significant
bit in the u32, and uint64_t is wasteful.

Compile-tested for all targets.
Suggested-by: NLaurent Desnogues <laurent.desnogues@gmail.com>
Suggested-by: NRichard Henderson <rth@twiddle.net>
Tested-by: NEdgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: NEdgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: NLaurent Desnogues <laurent.desnogues@gmail.com>
Signed-off-by: NEmilio G. Cota <cota@braap.org>
Signed-off-by: NRichard Henderson <rth@twiddle.net>
Message-Id: <1460049562-23517-1-git-send-email-cota@braap.org>

The MAAR register is a read/write register included in Release 5
of the architecture that defines the accessibility attributes of
physical address regions. In particular, MAAR defines whether an
instruction fetch or data load can speculatively access a memory
region within the physical address bounds specified by MAAR.

As QEMU doesn't do speculative access, hence this patch only
provides ability to access the registers.
Signed-off-by: NYongbok Kim <yongbok.kim@imgtec.com>
Reviewed-by: NLeon Alrae <leon.alrae@imgtec.com>
Signed-off-by: NLeon Alrae <leon.alrae@imgtec.com>

Add CP0.ErrCtl register with WST, SPR and ITC bits. In 34K and interAptiv
processors these bits are used to enable CACHE instruction access to
different arrays. When WST=0, SPR=0 and ITC=1 the CACHE instruction will
access ITC tag values.

Generally we do not model caches and we have been treating the CACHE
instruction as NOP. But since CACHE can operate on ITC Tags new
MIPS_HFLAG_ITC_CACHE hflag is introduced to generate the helper only when
CACHE is in the ITC Access mode.
Signed-off-by: NLeon Alrae <leon.alrae@imgtec.com>

Implement ITC as a single object consisting of two memory regions:

1) tag_io: ITC Configuration Tags (i.e. ITCAddressMap{0,1} registers) which
are accessible by the CPU via CACHE instruction. Also adding
MemoryRegion *itc_tag to the CPUMIPSState so that CACHE instruction will
dispatch reads/writes directly.

2) storage_io: memory-mapped ITC Storage whose address space is configurable
(i.e. enabled/remapped/resized) by writing to ITCAddressMap{0,1} registers.

ITC Storage contains FIFO and Semaphore cells. Read-only FIFO bit in the
ITC cell tag indicates the type of the cell. If the ITC Storage contains
both types of cells then FIFOs are located before Semaphores.

Since issuing thread can get blocked on the access to a cell (in E/F
Synchronized and P/V Synchronized Views) each cell has a bitmap to track
which threads are currently blocked.
Signed-off-by: NLeon Alrae <leon.alrae@imgtec.com>

If the user specifies smp > 1 and the CPU with CM GCR support, then
create Coherent Processing System (which takes care of instantiating CPUs)
rather than CPUs directly and connect i8259 and cbus to the pins exposed by
CPS. However, there is no GIC yet, thus CPS exposes CPU's IRQ pins so use
the same pin numbers as before.
Signed-off-by: NLeon Alrae <leon.alrae@imgtec.com>

Physical base address for the memory-mapped Coherency Manager Global
Configuration Register space.
The MIPS default location for the GCR_BASE address is 0x1FBF_8.
This register only exists if Config3 CMGCR is set to one.
Signed-off-by: NYongbok Kim <yongbok.kim@imgtec.com>
[leon.alrae@imgtec.com: move CMGCR enabling to a separate patch]
Signed-off-by: NLeon Alrae <leon.alrae@imgtec.com>

MIPS Release 6 and MIPS SIMD Architecture make it mandatory to have IEEE
754-2008 FPU which is indicated by CP1 FIR.HAS2008, FCSR.ABS2008 and
FCSR.NAN2008 bits set to 1.

In QEMU we still keep these bits cleared as there is no 2008-NaN support.
However, this now causes problems preventing from running R6 Linux with
the v4.5 kernel. Kernel refuses to execute 2008-NaN ELFs on a CPU
whose FPU does not support 2008-NaN encoding:

  (...)
  VFS: Mounted root (ext4 filesystem) readonly on device 8:0.
  devtmpfs: mounted
  Freeing unused kernel memory: 256K (ffffffff806f0000 - ffffffff80730000)
  request_module: runaway loop modprobe binfmt-464c
  Starting init: /sbin/init exists but couldn't execute it (error -8)
  request_module: runaway loop modprobe binfmt-464c
  Starting init: /bin/sh exists but couldn't execute it (error -8)
  Kernel panic - not syncing: No working init found.  Try passing init= option to kernel. See Linux Documentation/init.txt for guidance.

Therefore always indicate presence of 2008-NaN support in R6 as well as in
R5+MSA CPUs, even though this feature is not yet supported by MIPS in QEMU.
Signed-off-by: NLeon Alrae <leon.alrae@imgtec.com>

MIPS Release 6 provides multi-threading features which replace
pre-R6 MT Module. CP0.Config3.MT is always 0 in R6, instead there is new
CP0.Config5.VP (Virtual Processor) bit which indicates presence of
multi-threading support which includes CP0.GlobalNumber register and
DVP/EVP instructions.
Signed-off-by: NYongbok Kim <yongbok.kim@imgtec.com>
Signed-off-by: NLeon Alrae <leon.alrae@imgtec.com>

Clean up includes so that osdep.h is included first and headers
which it implies are not included manually.

This commit was created with scripts/clean-includes.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Reviewed-by: NEric Blake <eblake@redhat.com>

The r4k_tlb_t structure uses the uint_fast*_t types. Most of these
uses are in bitfields and are thus pointless, because the bitfield
itself specifies the width of the type; just use 'unsigned int'
instead. (On glibc uint_fast16_t is defined as either 32 or 64 bits,
so we know the code is not reliant on it being exactly 16 bits.)
There is also one use of uint_fast8_t, which we replace with uint8_t,
because both are exactly 8 bits on glibc and this is the only
place outside the softfloat code which uses an int_fast*_t type.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Reviewed-by: NAurelien Jarno <aurelien@aurel32.net>

CP0IntCtl_IPPC1, the last letter should be 'i', not 'one'.
Signed-off-by: NDongxue Zhang <elta.era@gmail.com>
Reviewed-by: NLeon Alrae <leon.alrae@imgtec.com>
Signed-off-by: NLeon Alrae <leon.alrae@imgtec.com>

CP0.Status.KX/SX/UX bits are responsible for enabling access to 64-bit
Kernel/Supervisor/User Segments. If bit is cleared an access to
corresponding segment should generate Address Error Exception.

However, the guest may still be able to access some pages belonging to
the disabled 64-bit segment because we forget to flush QEMU TLB.

This patch fixes it.
Signed-off-by: NLeon Alrae <leon.alrae@imgtec.com>

Add Performance Counter (4) and XNP (5) register numbers to RDHWR.
Add check_hwrena() to simplify access control checkings.
Add RDHWR support to microMIPS R6.
Signed-off-by: NYongbok Kim <yongbok.kim@imgtec.com>
Reviewed-by: NLeon Alrae <leon.alrae@imgtec.com>
Signed-off-by: NLeon Alrae <leon.alrae@imgtec.com>