[Qemu-devel] [PATCH] target-arm: fix TTBCR write masking

[Qemu-devel] [PATCH] target-arm: fix TTBCR write masking

[Sergey Fedorov]

Current implementation is not accurate according to ARMv7-AR reference
manual. See "B4.1.153 TTBCR, Translation Table Base Control Register,
VMSA | TTBCR format when using the Long-descriptor translation table
format". When LPAE feature is supported, EAE, bit[31] selects
translation descriptor format and, therefore, TTBCR format.

Signed-off-by: Sergey Fedorov <s.fedorov@samsung.com>
---
 target-arm/helper.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/target-arm/helper.c b/target-arm/helper.c
index 3445813..8b1ddce 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -1173,7 +1173,7 @@ static int vmsa_ttbcr_raw_write(CPUARMState *env, const ARMCPRegInfo *ri,
 {
     int maskshift = extract32(value, 0, 3);
 
-    if (arm_feature(env, ARM_FEATURE_LPAE)) {
+    if (arm_feature(env, ARM_FEATURE_LPAE) && (value & (1 << 31))) {
         value &= ~((7 << 19) | (3 << 14) | (0xf << 3));
     } else {
         value &= 7;
-- 
1.7.9.5

Re: [Qemu-devel] [PATCH] target-arm: fix TTBCR write masking

[Peter Maydell]

On 10 December 2013 06:41, Sergey Fedorov <s.fedorov@samsung.com> wrote:
> Current implementation is not accurate according to ARMv7-AR reference
> manual. See "B4.1.153 TTBCR, Translation Table Base Control Register,
> VMSA | TTBCR format when using the Long-descriptor translation table
> format". When LPAE feature is supported, EAE, bit[31] selects
> translation descriptor format and, therefore, TTBCR format.
>
> Signed-off-by: Sergey Fedorov <s.fedorov@samsung.com>

Yeah, when I wrote that I was relying on the fact that all the
valid bits in a short-format descriptor are also valid in the
long-format mask, so correct guest software won't care (the
other bits are UNK/SBZP). However the implementation side
of UNK/SBZP requires us to treat the bits as RAZ/WI, so this
patch is correct.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>

thanks
-- PMM

Re: [Qemu-devel] [PATCH] target-arm: fix TTBCR write masking

[Fedorov Sergey]

This patch is a prerequisite for the following up TrustZone support patches.

Thanks.

Best regards,
Sergey Fedorov

On 12/10/2013 12:57 PM, Peter Maydell wrote:
> On 10 December 2013 06:41, Sergey Fedorov <s.fedorov@samsung.com> wrote:
>> Current implementation is not accurate according to ARMv7-AR reference
>> manual. See "B4.1.153 TTBCR, Translation Table Base Control Register,
>> VMSA | TTBCR format when using the Long-descriptor translation table
>> format". When LPAE feature is supported, EAE, bit[31] selects
>> translation descriptor format and, therefore, TTBCR format.
>>
>> Signed-off-by: Sergey Fedorov <s.fedorov@samsung.com>
> Yeah, when I wrote that I was relying on the fact that all the
> valid bits in a short-format descriptor are also valid in the
> long-format mask, so correct guest software won't care (the
> other bits are UNK/SBZP). However the implementation side
> of UNK/SBZP requires us to treat the bits as RAZ/WI, so this
> patch is correct.
>
> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
>
> thanks
> -- PMM
>