From: Zenghui Yu <zenghui.yu@linux.dev>
To: qemu-arm@nongnu.org, qemu-devel@nongnu.org
Cc: peter.maydell@linaro.org, richard.henderson@linaro.org,
Zenghui Yu <zenghui.yu@linux.dev>
Subject: [PATCH] target/arm: Don't skip access flag fault for AccessType_AT
Date: Tue, 17 Mar 2026 20:25:17 +0800 [thread overview]
Message-ID: <20260317122517.47627-1-zenghui.yu@linux.dev> (raw)
As per the pseudo code from DDI0487 M.a.a (on J1-16021) AArch64.S1Walk():
// Check descriptor AF bit
elsif (descriptor<10> == '0' && walkparams.ha == '0' &&
(!accdesc.acctype IN {AccessType_DC, AccessType_IC} ||
boolean IMPLEMENTATION_DEFINED "Generate access flag fault on IC/DC operations")) then
fault.statuscode = Fault_AccessFlag;
an access flag fault should be generated for AccessType_AT, if the AF bit
is 0 and !param.ha.
Fixes: efebeec13d07 ("target/arm: Skip AF and DB updates for AccessType_AT")
Signed-off-by: Zenghui Yu <zenghui.yu@linux.dev>
---
target/arm/ptw.c | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
diff --git a/target/arm/ptw.c b/target/arm/ptw.c
index 8b8dc09e72..572048d560 100644
--- a/target/arm/ptw.c
+++ b/target/arm/ptw.c
@@ -2118,6 +2118,12 @@ static bool get_phys_addr_lpae(CPUARMState *env, S1Translate *ptw,
descaddr &= ~(hwaddr)(page_size - 1);
descaddr |= (address & (page_size - 1));
+ /* Check descriptor AF bit */
+ if (!(descriptor & (1 << 10)) && !param.ha) {
+ fi->type = ARMFault_AccessFlag;
+ goto do_fault;
+ }
+
/*
* For AccessType_AT, DB is not updated (AArch64.SetDirtyFlag),
* and it is IMPLEMENTATION DEFINED whether AF is updated
@@ -2127,15 +2133,9 @@ static bool get_phys_addr_lpae(CPUARMState *env, S1Translate *ptw,
/*
* Access flag.
* If HA is enabled, prepare to update the descriptor below.
- * Otherwise, pass the access fault on to software.
*/
- if (!(descriptor & (1 << 10))) {
- if (param.ha) {
- new_descriptor |= 1 << 10; /* AF */
- } else {
- fi->type = ARMFault_AccessFlag;
- goto do_fault;
- }
+ if (!(descriptor & (1 << 10)) && param.ha) {
+ new_descriptor |= 1 << 10; /* AF */
}
/*
--
2.53.0
next reply other threads:[~2026-03-17 12:26 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-17 12:25 Zenghui Yu [this message]
2026-03-19 17:17 ` [PATCH] target/arm: Don't skip access flag fault for AccessType_AT Peter Maydell
2026-03-20 1:56 ` Zenghui Yu
2026-03-24 13:38 ` Peter Maydell
2026-03-24 16:07 ` Zenghui Yu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260317122517.47627-1-zenghui.yu@linux.dev \
--to=zenghui.yu@linux.dev \
--cc=peter.maydell@linaro.org \
--cc=qemu-arm@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=richard.henderson@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.