From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1HCvCj-0006IB-H3
	for qemu-devel@nongnu.org; Fri, 02 Feb 2007 04:59:37 -0500
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1HCvCf-0006HG-Rn
	for qemu-devel@nongnu.org; Fri, 02 Feb 2007 04:59:37 -0500
Received: from [199.232.76.173] (helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1HCvCf-0006H9-C8
	for qemu-devel@nongnu.org; Fri, 02 Feb 2007 04:59:33 -0500
Received: from anchor-post-34.mail.demon.net ([194.217.242.92])
	by monty-python.gnu.org with esmtp (Exim 4.52) id 1HCvCe-0004fq-V1
	for qemu-devel@nongnu.org; Fri, 02 Feb 2007 04:59:33 -0500
Received: from dyn-62-56-109-199.dslaccess.co.uk ([62.56.109.199]
	helo=buttercup.gerph.org)
	by anchor-post-34.mail.demon.net with esmtpa (AUTH gerph) (Exim 4.42)
	id 1HCvCI-0002uG-EP
	for qemu-devel@nongnu.org; Fri, 02 Feb 2007 09:59:11 +0000
Received: from localhost (localhost [127.0.0.1])
	by buttercup.gerph.org (Postfix) with ESMTP id BB7A44B9B8
	for <qemu-devel@nongnu.org>; Fri,  2 Feb 2007 09:58:52 +0000 (GMT)
Date: Fri, 2 Feb 2007 09:58:52 +0000 (GMT)
From: Justin Fletcher <gerph@gerph.org>
Subject: Re: [Qemu-devel] [PATCH] ARM MMU translation - fix small (4k) page
	access
In-Reply-To: <45C2CA29.1010107@hoko.org>
Message-ID: <Pine.LNX.4.63.0702020951190.2647@buttercup.gerph.org>
References: <45C2CA29.1010107@hoko.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org

On Fri, 2 Feb 2007, Scott Oom wrote:

> Hello,
> Found a problem when using small pages and getting permission faults.
> This patch corrects the decoding of access permissions for small pages
> on ARM, was just off by 2 bits.

I may be confused on this, but it still doesn't seem right to me.

You have...

-                ap = (desc >> (4 + ((address >> 13) & 6))) & 3;
+                ap = (desc >> (4 + ((address >> 11) & 6))) & 3; /* SRO */

For 4K pages, the L2 table is ...
   b0-1 = 2
   b2   = B
   b3   = C
   b4-5 = AP0
   b6-7 = AP1
   b8-9 = AP2
   b10-11=AP3
   b12-31=physical address
(from ARMARM 'D', 3.3.7)

The use of AP0-AP3 is dependant on bits 10 and 11. So, the code should be 
more like...

                 ap = (desc >> (4 + ((address >> 10) & 3) )) & 3;

That is, (address>>10) & 3 => bits 10 and 11
          add on 4 as the offset to the AP fields in the descriptor
          shift down and & 3 to leave just those two bits.

The AP bits haven't been used all that often in my own use of qemu, and I 
imagine that most uses set all 3 to the same value.

-- 
Gerph <http://gerph.org/>
... It's only a lifetime.