qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH for-2.5] target-arm: Don't mask out bits [47:40]

From: Edgar E. Iglesias
Subject: Re: [Qemu-devel] [PATCH for-2.5] target-arm: Don't mask out bits [47:40] in LPAE descriptors for v8
Date: Mon, 23 Nov 2015 12:58:44 +0100
User-agent: Mutt/1.5.21 (2010-09-15) 
On Fri, Nov 20, 2015 at 02:32:51PM +0000, Peter Maydell wrote:
> In an LPAE format descriptor in ARMv8 the address field extends
> up to bit 47, not just bit 39. Correct the masking so we don't
> give incorrect results if the output address size is greater
> than 40 bits, as it can be for AArch64.
> 
> (Note that we don't yet support the new-in-v8 Address Size fault which
> should be generated if any translation table entry or TTBR contains
> an address with non-zero bits above the most significant bit of the
> maximum output address size.)
> 
> Signed-off-by: Peter Maydell <address@hidden>


Reviewed-by: Edgar E. Iglesias <address@hidden>


> ---
> This is worth fixing for 2.5 I think. As the commit message notes,
> we don't support the Addres Size faults we ought to take in some
> cases, but that seems more 2.6-ish.
> ---
>  target-arm/helper.c | 12 +++++++++++-
>  1 file changed, 11 insertions(+), 1 deletion(-)
> 
> diff --git a/target-arm/helper.c b/target-arm/helper.c
> index 4ecae61..afc4163 100644
> --- a/target-arm/helper.c
> +++ b/target-arm/helper.c
> @@ -6642,6 +6642,7 @@ static bool get_phys_addr_lpae(CPUARMState *env, 
> target_ulong address,
>      int ap, ns, xn, pxn;
>      uint32_t el = regime_el(env, mmu_idx);
>      bool ttbr1_valid = true;
> +    uint64_t descaddrmask;
>  
>      /* TODO:
>       * This code does not handle the different format TCR for VTCR_EL2.
> @@ -6831,6 +6832,15 @@ static bool get_phys_addr_lpae(CPUARMState *env, 
> target_ulong address,
>      descaddr = extract64(ttbr, 0, 48);
>      descaddr &= ~((1ULL << (inputsize - (stride * (4 - level)))) - 1);
>  
> +    /* The address field in the descriptor goes up to bit 39 for ARMv7
> +     * but up to bit 47 for ARMv8.
> +     */
> +    if (arm_feature(env, ARM_FEATURE_V8)) {
> +        descaddrmask = 0xfffffffff000ULL;
> +    } else {
> +        descaddrmask = 0xfffffff000ULL;
> +    }
> +
>      /* Secure accesses start with the page table in secure memory and
>       * can be downgraded to non-secure at any step. Non-secure accesses
>       * remain non-secure. We implement this by just ORing in the NSTable/NS
> @@ -6854,7 +6864,7 @@ static bool get_phys_addr_lpae(CPUARMState *env, 
> target_ulong address,
>              /* Invalid, or the Reserved level 3 encoding */
>              goto do_fault;
>          }
> -        descaddr = descriptor & 0xfffffff000ULL;
> +        descaddr = descriptor & descaddrmask;
>  
>          if ((descriptor & 2) && (level < 3)) {
>              /* Table entry. The top five bits are attributes which  may
> -- 
> 1.9.1
>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]