From: "Aggeler Fabian" <aggelerf@student.ethz.ch>
To: Aggeler Fabian <aggelerf@student.ethz.ch>
Cc: "peter.maydell@linaro.org" <peter.maydell@linaro.org>,
"qemu-devel@nongnu.org" <qemu-devel@nongnu.org>,
"greg.bellows@linaro.org" <greg.bellows@linaro.org>
Subject: Re: [Qemu-devel] [PATCH v2] target-arm: implement PD0/PD1 bits for TTBCR
Date: Tue, 10 Jun 2014 17:00:08 +0000 [thread overview]
Message-ID: <FB625300-C11C-4924-99EC-4200A1199F55@ethz.ch> (raw)
In-Reply-To: <1402409556-18574-1-git-send-email-aggelerf@ethz.ch>
Obviously not v2 but v3 (subject). Sorry for that, please ignore it as I am going to resend.
Regards,
Fabian
On 10 Jun 2014, at 16:12, Fabian Aggeler <aggelerf@ethz.ch> wrote:
> Corrected handling of writes to TTBCR for ARMv8 (previously UNK/SBZP
> bits are not RES0) and ARMv7 (new bits PD0/PD1 for CPUs with Security
> Extensions).
>
> Bits PD0/PD1 are now respected in get_phys_addr_v6/v5() and
> get_level1_table_address.
>
> Signed-off-by: Fabian Aggeler <aggelerf@ethz.ch>
> ---
> v2 -> v3:
> * rebased
> * initializing domain in get_phys_addr_v5() as done in get_phys_addr_v6()
>
> v2: http://lists.gnu.org/archive/html/qemu-devel/2014-06/msg01197.html
>
> target-arm/cpu.h | 16 ++++++++++++++
> target-arm/helper.c | 62 +++++++++++++++++++++++++++++++++++++----------------
> 2 files changed, 60 insertions(+), 18 deletions(-)
>
> diff --git a/target-arm/cpu.h b/target-arm/cpu.h
> index 79e7f82..369d472 100644
> --- a/target-arm/cpu.h
> +++ b/target-arm/cpu.h
> @@ -430,6 +430,22 @@ int arm_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int rw,
> /* Execution state bits. MRS read as zero, MSR writes ignored. */
> #define CPSR_EXEC (CPSR_T | CPSR_IT | CPSR_J)
>
> +#define TTBCR_N (7U << 0) /* TTBCR.EAE==0 */
> +#define TTBCR_T0SZ (7U << 0) /* TTBCR.EAE==1 */
> +#define TTBCR_PD0 (1U << 4)
> +#define TTBCR_PD1 (1U << 5)
> +#define TTBCR_EPD0 (1U << 7)
> +#define TTBCR_IRGN0 (3U << 8)
> +#define TTBCR_ORGN0 (3U << 10)
> +#define TTBCR_SH0 (3U << 12)
> +#define TTBCR_T1SZ (3U << 16)
> +#define TTBCR_A1 (1U << 22)
> +#define TTBCR_EPD1 (1U << 23)
> +#define TTBCR_IRGN1 (3U << 24)
> +#define TTBCR_ORGN1 (3U << 26)
> +#define TTBCR_SH1 (1U << 28)
> +#define TTBCR_EAE (1U << 31)
> +
> /* Bit definitions for ARMv8 SPSR (PSTATE) format.
> * Only these are valid when in AArch64 mode; in
> * AArch32 mode SPSRs are basically CPSR-format.
> diff --git a/target-arm/helper.c b/target-arm/helper.c
> index 050c409..12285cd 100644
> --- a/target-arm/helper.c
> +++ b/target-arm/helper.c
> @@ -312,7 +312,7 @@ static inline bool extended_addresses_enabled(CPUARMState *env)
> {
> return arm_el_is_aa64(env, 1)
> || ((arm_feature(env, ARM_FEATURE_LPAE)
> - && (env->cp15.c2_control & (1U << 31))));
> + && (env->cp15.c2_control & TTBCR_EAE)));
> }
>
> static void dacr_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value)
> @@ -1413,11 +1413,22 @@ static void vmsa_ttbcr_raw_write(CPUARMState *env, const ARMCPRegInfo *ri,
> {
> int maskshift = extract32(value, 0, 3);
>
> - if (arm_feature(env, ARM_FEATURE_LPAE) && (value & (1 << 31))) {
> - value &= ~((7 << 19) | (3 << 14) | (0xf << 3));
> - } else {
> - value &= 7;
> + if (!arm_feature(env, ARM_FEATURE_V8)) {
> + if (arm_feature(env, ARM_FEATURE_LPAE) && (value & TTBCR_EAE)) {
> + /* Pre ARMv8 bits [21:19], [15:14] and [6:3] are UNK/SBZP when
> + * using Long-desciptor translation table format */
> + value &= ~((7 << 19) | (3 << 14) | (0xf << 3));
> + } else if (arm_feature(env, ARM_FEATURE_EL3)) {
> + /* In an implementation that includes the Security Extensions
> + * TTBCR has additional fields PD0 [4] and PD1 [5] for
> + * Short-descriptor translation table format.
> + */
> + value &= TTBCR_PD1 | TTBCR_PD0 | TTBCR_N;
> + } else {
> + value &= TTBCR_N;
> + }
> }
> +
> /* Note that we always calculate c2_mask and c2_base_mask, but
> * they are only used for short-descriptor tables (ie if EAE is 0);
> * for long-descriptor tables the TTBCR fields are used differently
> @@ -3540,17 +3551,24 @@ static inline int check_ap(CPUARMState *env, int ap, int domain_prot,
> }
> }
>
> -static uint32_t get_level1_table_address(CPUARMState *env, uint32_t address)
> +static bool get_level1_table_address(CPUARMState *env, uint32_t *table,
> + uint32_t address)
> {
> - uint32_t table;
> -
> - if (address & env->cp15.c2_mask)
> - table = env->cp15.ttbr1_el1 & 0xffffc000;
> - else
> - table = env->cp15.ttbr0_el1 & env->cp15.c2_base_mask;
> -
> - table |= (address >> 18) & 0x3ffc;
> - return table;
> + if (address & env->cp15.c2_mask) {
> + if ((env->cp15.c2_control & TTBCR_PD1)) {
> + /* Translation table walk disabled for TTBR1 */
> + return false;
> + }
> + *table = env->cp15.ttbr1_el1 & 0xffffc000;
> + } else {
> + if ((env->cp15.c2_control & TTBCR_PD0)) {
> + /* Translation table walk disabled for TTBR0 */
> + return false;
> + }
> + *table = env->cp15.ttbr0_el1 & env->cp15.c2_base_mask;
> + }
> + *table |= (address >> 18) & 0x3ffc;
> + return true;
> }
>
> static int get_phys_addr_v5(CPUARMState *env, uint32_t address, int access_type,
> @@ -3563,13 +3581,17 @@ static int get_phys_addr_v5(CPUARMState *env, uint32_t address, int access_type,
> uint32_t desc;
> int type;
> int ap;
> - int domain;
> + int domain = 0;
> int domain_prot;
> hwaddr phys_addr;
>
> /* Pagetable walk. */
> /* Lookup l1 descriptor. */
> - table = get_level1_table_address(env, address);
> + if (!get_level1_table_address(env, &table, address)) {
> + /* Section translation fault if page walk is disabled by PD0 or PD1 */
> + code = 5;
> + goto do_fault;
> + }
> desc = ldl_phys(cs->as, table);
> type = (desc & 3);
> domain = (desc >> 5) & 0x0f;
> @@ -3667,7 +3689,11 @@ static int get_phys_addr_v6(CPUARMState *env, uint32_t address, int access_type,
>
> /* Pagetable walk. */
> /* Lookup l1 descriptor. */
> - table = get_level1_table_address(env, address);
> + if (!get_level1_table_address(env, &table, address)) {
> + /* Section translation fault if page walk is disabled by PD0 or PD1 */
> + code = 5;
> + goto do_fault;
> + }
> desc = ldl_phys(cs->as, table);
> type = (desc & 3);
> if (type == 0 || (type == 3 && !arm_feature(env, ARM_FEATURE_PXN))) {
> --
> 1.8.3.2
>
>
>
next prev parent reply other threads:[~2014-06-10 17:00 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-06-10 14:12 [Qemu-devel] [PATCH v2] target-arm: implement PD0/PD1 bits for TTBCR Fabian Aggeler
2014-06-10 17:00 ` Aggeler Fabian [this message]
2014-06-10 17:27 ` Peter Maydell
-- strict thread matches above, loose matches on Subject: below --
2014-06-05 10:39 Fabian Aggeler
2014-06-05 13:41 ` Greg Bellows
2014-06-09 11:27 ` Peter Maydell
2014-06-09 15:18 ` Peter Maydell
2014-06-10 14:06 ` Aggeler Fabian
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=FB625300-C11C-4924-99EC-4200A1199F55@ethz.ch \
--to=aggelerf@student.ethz.ch \
--cc=greg.bellows@linaro.org \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).