cachepc-qemu

Fork of AMDESE/qemu with changes for cachepc side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-qemu
Log | Files | Refs | Submodules | LICENSE | sfeed.txt

emulation.rst (4543B)

      1A-profile CPU architecture support
      2==================================
      3
      4QEMU's TCG emulation includes support for the Armv5, Armv6, Armv7 and
      5Armv8 versions of the A-profile architecture. It also has support for
      6the following architecture extensions:
      7
      8- FEAT_AA32BF16 (AArch32 BFloat16 instructions)
      9- FEAT_AA32HPD (AArch32 hierarchical permission disables)
     10- FEAT_AA32I8MM (AArch32 Int8 matrix multiplication instructions)
     11- FEAT_AES (AESD and AESE instructions)
     12- FEAT_BF16 (AArch64 BFloat16 instructions)
     13- FEAT_BTI (Branch Target Identification)
     14- FEAT_DIT (Data Independent Timing instructions)
     15- FEAT_DPB (DC CVAP instruction)
     16- FEAT_DotProd (Advanced SIMD dot product instructions)
     17- FEAT_FCMA (Floating-point complex number instructions)
     18- FEAT_FHM (Floating-point half-precision multiplication instructions)
     19- FEAT_FP16 (Half-precision floating-point data processing)
     20- FEAT_FRINTTS (Floating-point to integer instructions)
     21- FEAT_FlagM (Flag manipulation instructions v2)
     22- FEAT_FlagM2 (Enhancements to flag manipulation instructions)
     23- FEAT_HPDS (Hierarchical permission disables)
     24- FEAT_I8MM (AArch64 Int8 matrix multiplication instructions)
     25- FEAT_JSCVT (JavaScript conversion instructions)
     26- FEAT_LOR (Limited ordering regions)
     27- FEAT_LRCPC (Load-acquire RCpc instructions)
     28- FEAT_LRCPC2 (Load-acquire RCpc instructions v2)
     29- FEAT_LSE (Large System Extensions)
     30- FEAT_MTE (Memory Tagging Extension)
     31- FEAT_MTE2 (Memory Tagging Extension)
     32- FEAT_MTE3 (MTE Asymmetric Fault Handling)
     33- FEAT_PAN (Privileged access never)
     34- FEAT_PAN2 (AT S1E1R and AT S1E1W instruction variants affected by PSTATE.PAN)
     35- FEAT_PAuth (Pointer authentication)
     36- FEAT_PMULL (PMULL, PMULL2 instructions)
     37- FEAT_PMUv3p1 (PMU Extensions v3.1)
     38- FEAT_PMUv3p4 (PMU Extensions v3.4)
     39- FEAT_RDM (Advanced SIMD rounding double multiply accumulate instructions)
     40- FEAT_RNG (Random number generator)
     41- FEAT_SB (Speculation Barrier)
     42- FEAT_SEL2 (Secure EL2)
     43- FEAT_SHA1 (SHA1 instructions)
     44- FEAT_SHA256 (SHA256 instructions)
     45- FEAT_SHA3 (Advanced SIMD SHA3 instructions)
     46- FEAT_SHA512 (Advanced SIMD SHA512 instructions)
     47- FEAT_SM3 (Advanced SIMD SM3 instructions)
     48- FEAT_SM4 (Advanced SIMD SM4 instructions)
     49- FEAT_SPECRES (Speculation restriction instructions)
     50- FEAT_SSBS (Speculative Store Bypass Safe)
     51- FEAT_TLBIOS (TLB invalidate instructions in Outer Shareable domain)
     52- FEAT_TLBIRANGE (TLB invalidate range instructions)
     53- FEAT_TTCNP (Translation table Common not private translations)
     54- FEAT_TTST (Small translation tables)
     55- FEAT_UAO (Unprivileged Access Override control)
     56- FEAT_VHE (Virtualization Host Extensions)
     57- FEAT_VMID16 (16-bit VMID)
     58- FEAT_XNX (Translation table stage 2 Unprivileged Execute-never)
     59- SVE (The Scalable Vector Extension)
     60- SVE2 (The Scalable Vector Extension v2)
     61
     62For information on the specifics of these extensions, please refer
     63to the `Armv8-A Arm Architecture Reference Manual
     64<https://developer.arm.com/documentation/ddi0487/latest>`_.
     65
     66When a specific named CPU is being emulated, only those features which
     67are present in hardware for that CPU are emulated. (If a feature is
     68not in the list above then it is not supported, even if the real
     69hardware should have it.) The ``max`` CPU enables all features.
     70
     71R-profile CPU architecture support
     72==================================
     73
     74QEMU's TCG emulation support for R-profile CPUs is currently limited.
     75We emulate only the Cortex-R5 and Cortex-R5F CPUs.
     76
     77M-profile CPU architecture support
     78==================================
     79
     80QEMU's TCG emulation includes support for Armv6-M, Armv7-M, Armv8-M, and
     81Armv8.1-M versions of the M-profile architucture.  It also has support
     82for the following architecture extensions:
     83
     84- FP (Floating-point Extension)
     85- FPCXT (FPCXT access instructions)
     86- HP (Half-precision floating-point instructions)
     87- LOB (Low Overhead loops and Branch future)
     88- M (Main Extension)
     89- MPU (Memory Protection Unit Extension)
     90- PXN (Privileged Execute Never)
     91- RAS (Reliability, Serviceability and Availability): "minimum RAS Extension" only
     92- S (Security Extension)
     93- ST (System Timer Extension)
     94
     95For information on the specifics of these extensions, please refer
     96to the `Armv8-M Arm Architecture Reference Manual
     97<https://developer.arm.com/documentation/ddi0553/latest>`_.
     98
     99When a specific named CPU is being emulated, only those features which
    100are present in hardware for that CPU are emulated. (If a feature is
    101not in the list above then it is not supported, even if the real
    102hardware should have it.) There is no equivalent of the ``max`` CPU for
    103M-profile.