[Qemu-devel] [PATCHv2 9/9] target/ppc: Correct SDR1 masking

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

From: David Gibson <david@gibson.dropbear.id.au>
To: qemu-ppc@nongnu.org, aik@ozlabs.ru, sjitindarsingh@gmail.com,
	aneesh.kumar@linux.vnet.ibm.com
Cc: qemu-devel@nongnu.org, thuth@redhat.com, lvivier@redhat.com,
	agraf@suse.de, mdroth@linux.vnet.ibm.com,
	David Gibson <david@gibson.dropbear.id.au>
Subject: [Qemu-devel] [PATCHv2 9/9] target/ppc: Correct SDR1 masking
Date: Mon, 27 Feb 2017 16:12:39 +1100	[thread overview]
Message-ID: <20170227051239.2680-10-david@gibson.dropbear.id.au> (raw)
In-Reply-To: <20170227051239.2680-1-david@gibson.dropbear.id.au>

SDR_64_HTABORG, which indicates the bits of the SDR1 register to use for
the base of a 64-bit machine's hashed page table (HPT) isn't correct.  It
includes the top 46 bits of the register, but in fact the top 4 bits must
be zero (according to the ISA v2.07).  No actual implementation has
supported close to 2^60 bytes of physical address space, so it's kind of
irrelevant, but we might as well correct this.

In addition, although we checked for bad size values in SDR1, we never
reported an error if entirely invalid bits were set there.  Add this check
to ppc_store_sdr1().

Reported-by: Suraj Jitindar Singh <sjitindarsingh@gmail.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
---
 target/ppc/mmu-hash64.h | 2 +-
 target/ppc/mmu_helper.c | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/target/ppc/mmu-hash64.h b/target/ppc/mmu-hash64.h
index 9c74823..54f1e37 100644
--- a/target/ppc/mmu-hash64.h
+++ b/target/ppc/mmu-hash64.h
@@ -56,7 +56,7 @@ void ppc_hash64_update_rmls(CPUPPCState *env);
  * Hash page table definitions
  */
 
-#define SDR_64_HTABORG         0xFFFFFFFFFFFC0000ULL
+#define SDR_64_HTABORG         0x0FFFFFFFFFFC0000ULL
 #define SDR_64_HTABSIZE        0x000000000000001FULL
 
 #define HPTES_PER_GROUP         8
diff --git a/target/ppc/mmu_helper.c b/target/ppc/mmu_helper.c
index 3bc8030..a1af3d6 100644
--- a/target/ppc/mmu_helper.c
+++ b/target/ppc/mmu_helper.c
@@ -2007,8 +2007,14 @@ void ppc_store_sdr1(CPUPPCState *env, target_ulong value)
     assert(!cpu->vhyp);
 #if defined(TARGET_PPC64)
     if (env->mmu_model & POWERPC_MMU_64) {
+        target_ulong sdr_mask = SDR_64_HTABORG | SDR_64_HTABSIZE;
         target_ulong htabsize = value & SDR_64_HTABSIZE;
 
+        if (value & ~sdr_mask) {
+            error_report("Invalid bits 0x"TARGET_FMT_lx" set in SDR1",
+                         value & ~sdr_mask);
+            value &= sdr_mask;
+        }
         if (htabsize > 28) {
             error_report("Invalid HTABSIZE 0x" TARGET_FMT_lx" stored in SDR1",
                          htabsize);
-- 
2.9.3

     prev parent reply	other threads:[~2017-02-27  5:12 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-02-27  5:12 [Qemu-devel] [PATCHv2 0/9] Cleanups to handling of hash MMU David Gibson
2017-02-27  5:12 ` [Qemu-devel] [PATCHv2 1/9] target/ppc: Fix KVM-HV HPTE accessors David Gibson
2017-02-27  5:12 ` [Qemu-devel] [PATCHv2 2/9] pseries: Minor cleanups to HPT management hypercalls David Gibson
2017-02-27  5:12 ` [Qemu-devel] [PATCHv2 3/9] target/ppc: Merge cpu_ppc_set_vhyp() with cpu_ppc_set_papr() David Gibson
2017-02-27  5:12 ` [Qemu-devel] [PATCHv2 4/9] target/ppc: SDR1 is a hypervisor resource David Gibson
2017-02-27  5:12 ` [Qemu-devel] [PATCHv2 5/9] target/ppc: Cleanup HPTE accessors for 64-bit hash MMU David Gibson
2017-02-27  5:12 ` [Qemu-devel] [PATCHv2 6/9] target/ppc: Eliminate htab_base and htab_mask variables David Gibson
2017-02-27  5:12 ` [Qemu-devel] [PATCHv2 7/9] target/ppc: Manage external HPT via virtual hypervisor David Gibson
2017-02-27  5:12 ` [Qemu-devel] [PATCHv2 8/9] target/ppc: Remove the function ppc_hash64_set_sdr1() David Gibson
2017-02-27  5:12 ` David Gibson [this message]

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:9c74823 dfblob:54f1e37 dfblob:3bc8030 dfblob:a1af3d6 )
 OR (
bs:"[Qemu-devel] [PATCHv2 9/9] target/ppc: Correct SDR1 masking" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20170227051239.2680-10-david@gibson.dropbear.id.au \
    --to=david@gibson.dropbear.id.au \
    --cc=agraf@suse.de \
    --cc=aik@ozlabs.ru \
    --cc=aneesh.kumar@linux.vnet.ibm.com \
    --cc=lvivier@redhat.com \
    --cc=mdroth@linux.vnet.ibm.com \
    --cc=qemu-devel@nongnu.org \
    --cc=qemu-ppc@nongnu.org \
    --cc=sjitindarsingh@gmail.com \
    --cc=thuth@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).