From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1HD3J6-0002ay-EM
	for qemu-devel@nongnu.org; Fri, 02 Feb 2007 13:38:44 -0500
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1HD3J5-0002ag-0U
	for qemu-devel@nongnu.org; Fri, 02 Feb 2007 13:38:44 -0500
Received: from [199.232.76.173] (helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1HD3J4-0002ad-Qp
	for qemu-devel@nongnu.org; Fri, 02 Feb 2007 13:38:42 -0500
Received: from nlpi029.sbcis.sbc.com ([207.115.36.58])
	by monty-python.gnu.org with esmtp (Exim 4.52) id 1HD3J4-00051x-Dz
	for qemu-devel@nongnu.org; Fri, 02 Feb 2007 13:38:42 -0500
Received: from mail.hoko.org (adsl-76-212-56-81.dsl.klmzmi.sbcglobal.net
	[76.212.56.81])
	by nlpi029.sbcis.sbc.com (8.13.8 out.dk.spool/8.13.8) with ESMTP id
	l12IWdLk024716
	for <qemu-devel@nongnu.org>; Fri, 2 Feb 2007 12:32:39 -0600
Received: from [192.168.2.254] (lithium.hoko.org [192.168.2.254])
	by mail.hoko.org (Postfix) with ESMTP id 18F681B2CFE4
	for <qemu-devel@nongnu.org>; Fri,  2 Feb 2007 13:33:16 -0500 (EST)
Message-ID: <45C383E8.3040907@hoko.org>
Date: Fri, 02 Feb 2007 13:33:12 -0500
From: Scott Oom <other+qemudev@hoko.org>
MIME-Version: 1.0
Subject: Re: [Qemu-devel] [PATCH] ARM MMU translation - fix small (4k) page
	access
References: <45C2CA29.1010107@hoko.org>
	<Pine.LNX.4.63.0702020951190.2647@buttercup.gerph.org>
In-Reply-To: <Pine.LNX.4.63.0702020951190.2647@buttercup.gerph.org>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org

Justin Fletcher wrote:
> 
> I may be confused on this, but it still doesn't seem right to me.
> 
> You have...
> 
> -                ap = (desc >> (4 + ((address >> 13) & 6))) & 3;
> +                ap = (desc >> (4 + ((address >> 11) & 6))) & 3; /* SRO */
> 
> For 4K pages, the L2 table is ...
>   b0-1 = 2
>   b2   = B
>   b3   = C
>   b4-5 = AP0
>   b6-7 = AP1
>   b8-9 = AP2
>   b10-11=AP3
>   b12-31=physical address
> (from ARMARM 'D', 3.3.7)
> 
> The use of AP0-AP3 is dependant on bits 10 and 11. So, the code should
> be more like...
> 
>                 ap = (desc >> (4 + ((address >> 10) & 3) )) & 3;
> 
> That is, (address>>10) & 3 => bits 10 and 11
>          add on 4 as the offset to the AP fields in the descriptor
>          shift down and & 3 to leave just those two bits.
> 
Well, we need to take b10-11 and use them to index either 4-5, 6-7, 8-9
or 10-11.
(address >> 10) & 3 gives us 0, 1, 2 or 3, shift that left one to double
it (because each AP field is two bits).  Adding 4 gives 4, 6, 8, 10.  So
I believe the correct solution is:
                ap = (desc >> (4 + ((address >> 9) & 6))) & 3;

I thought if was just 2 bits different from the large page descriptor,
but the difference, the SBZ field, is 4 bits.  Comparing to the large
page descriptor:
                ap = (desc >> (4 + ((address >> 13) & 6))) & 3;


-Scott