From: "Alex Bennée" <alex.bennee@linaro.org>
To: qemu-devel@nongnu.org
Cc: qemu-arm@nongnu.org, "Alex Bennée" <alex.bennee@linaro.org>,
"Richard Henderson" <richard.henderson@linaro.org>,
"Peter Maydell" <peter.maydell@linaro.org>
Subject: [RFC PATCH] target/arm: don't process FCSE translations on physical TLBs
Date: Fri, 21 Oct 2022 18:23:38 +0100 [thread overview]
Message-ID: <20221021172338.2782240-1-alex.bennee@linaro.org> (raw)
A recent change to the page table walking code missed checking if we
are at the processing the physical translation and bombs attempting to
derive the current EL. Fix this by introducing a new
helper (regime_is_phys) and extending the check around the FCSE
processing.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Fixes: f3639a64f6 (target/arm: Use softmmu tlbs for page table walking)
Cc: Richard Henderson <richard.henderson@linaro.org>
---
target/arm/internals.h | 12 ++++++++++++
target/arm/ptw.c | 2 +-
2 files changed, 13 insertions(+), 1 deletion(-)
diff --git a/target/arm/internals.h b/target/arm/internals.h
index c3c3920ded..0e753203b5 100644
--- a/target/arm/internals.h
+++ b/target/arm/internals.h
@@ -673,6 +673,18 @@ static inline bool regime_is_pan(CPUARMState *env, ARMMMUIdx mmu_idx)
}
}
+static inline bool regime_is_phys(ARMMMUIdx mmu_idx)
+{
+ switch (mmu_idx) {
+ case ARMMMUIdx_Phys_NS:
+ case ARMMMUIdx_Phys_S:
+ return true;
+ default:
+ return false;
+ }
+}
+
+
/* Return the exception level which controls this address translation regime */
static inline uint32_t regime_el(CPUARMState *env, ARMMMUIdx mmu_idx)
{
diff --git a/target/arm/ptw.c b/target/arm/ptw.c
index 6c5ed56a10..1456a2f1de 100644
--- a/target/arm/ptw.c
+++ b/target/arm/ptw.c
@@ -2557,7 +2557,7 @@ static bool get_phys_addr_with_struct(CPUARMState *env, S1Translate *ptw,
* Fast Context Switch Extension. This doesn't exist at all in v8.
* In v7 and earlier it affects all stage 1 translations.
*/
- if (address < 0x02000000 && mmu_idx != ARMMMUIdx_Stage2
+ if (address < 0x02000000 && !(mmu_idx == ARMMMUIdx_Stage2 || regime_is_phys(mmu_idx))
&& !arm_feature(env, ARM_FEATURE_V8)) {
if (regime_el(env, mmu_idx) == 3) {
address += env->cp15.fcseidr_s;
--
2.34.1
next reply other threads:[~2022-10-21 19:20 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-21 17:23 Alex Bennée [this message]
2022-10-22 4:08 ` [RFC PATCH] target/arm: don't process FCSE translations on physical TLBs Richard Henderson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221021172338.2782240-1-alex.bennee@linaro.org \
--to=alex.bennee@linaro.org \
--cc=peter.maydell@linaro.org \
--cc=qemu-arm@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=richard.henderson@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).