[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Stable-8.2.2 65/78] target/ppc: Fix lxv/stxv MSR facility check
|
From: |
Michael Tokarev |
|
Subject: |
[Stable-8.2.2 65/78] target/ppc: Fix lxv/stxv MSR facility check |
|
Date: |
Thu, 29 Feb 2024 01:54:41 +0300 |
From: Nicholas Piggin <npiggin@gmail.com>
The move to decodetree flipped the inequality test for the VEC / VSX
MSR facility check.
This caused application crashes under Linux, where these facility
unavailable interrupts are used for lazy-switching of VEC/VSX register
sets. Getting the incorrect interrupt would result in wrong registers
being loaded, potentially overwriting live values and/or exposing
stale ones.
Cc: qemu-stable@nongnu.org
Reported-by: Joel Stanley <joel@jms.id.au>
Fixes: 70426b5bb738 ("target/ppc: moved stxvx and lxvx from legacy to
decodtree")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1769
Reviewed-by: Harsh Prateek Bora <harshpb@linux.ibm.com>
Tested-by: Harsh Prateek Bora <harshpb@linux.ibm.com>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Tested-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
(cherry picked from commit 2cc0e449d17310877fb28a942d4627ad22bb68ea)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
diff --git a/target/ppc/translate/vsx-impl.c.inc
b/target/ppc/translate/vsx-impl.c.inc
index 6db87ab336..0266f09119 100644
--- a/target/ppc/translate/vsx-impl.c.inc
+++ b/target/ppc/translate/vsx-impl.c.inc
@@ -2268,7 +2268,7 @@ static bool do_lstxv(DisasContext *ctx, int ra, TCGv
displ,
static bool do_lstxv_D(DisasContext *ctx, arg_D *a, bool store, bool paired)
{
- if (paired || a->rt >= 32) {
+ if (paired || a->rt < 32) {
REQUIRE_VSX(ctx);
} else {
REQUIRE_VECTOR(ctx);
--
2.39.2
- [Stable-8.2.2 v2 00/78] Patch Round-up for stable 8.2.2, freeze on 2024-03-02, Michael Tokarev, 2024/02/28
- [Stable-8.2.2 61/78] hw/hppa/Kconfig: Fix building with "configure --without-default-devices", Michael Tokarev, 2024/02/28
- [Stable-8.2.2 63/78] system/vl: Update description for input grab key, Michael Tokarev, 2024/02/28
- [Stable-8.2.2 62/78] docs/system: Update description for input grab key, Michael Tokarev, 2024/02/28
- [Stable-8.2.2 64/78] .gitlab-ci.d/windows.yml: Drop msys2-32bit job, Michael Tokarev, 2024/02/28
- [Stable-8.2.2 65/78] target/ppc: Fix lxv/stxv MSR facility check,
Michael Tokarev <=
- [Stable-8.2.2 69/78] hw/nvme: fix invalid endian conversion, Michael Tokarev, 2024/02/28
- [Stable-8.2.2 66/78] target/ppc: Fix crash on machine check caused by ifetch, Michael Tokarev, 2024/02/28
- [Stable-8.2.2 67/78] update edk2 submodule to edk2-stable202402, Michael Tokarev, 2024/02/28
- [Stable-8.2.2 68/78] update edk2 binaries to edk2-stable202402, Michael Tokarev, 2024/02/28
- [Stable-8.2.2 70/78] pl031: Update last RTCLR value on write in case it's read back, Michael Tokarev, 2024/02/28
- [Stable-8.2.2 71/78] target/i386: mask high bits of CR3 in 32-bit mode, Michael Tokarev, 2024/02/28
- [Stable-8.2.2 73/78] target/i386: Fix physical address truncation, Michael Tokarev, 2024/02/28
- [Stable-8.2.2 72/78] target/i386: check validity of VMCB addresses, Michael Tokarev, 2024/02/28
- [Stable-8.2.2 74/78] target/i386: remove unnecessary/wrong application of the A20 mask, Michael Tokarev, 2024/02/28
- [Stable-8.2.2 75/78] target/i386: leave the A20 bit set in the final NPT walk, Michael Tokarev, 2024/02/28