[PATCH] hw/arm/smmuv3: Fix incorrect reserved mask for SMMU CR0 register

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] hw/arm/smmuv3: Fix incorrect reserved mask for SMMU CR0 register
@ 2025-06-05  2:26 taotang2025
  2025-06-05 14:47 ` Eric Auger
  2025-06-09 14:32 ` Peter Maydell
  0 siblings, 2 replies; 3+ messages in thread
From: taotang2025 @ 2025-06-05  2:26 UTC (permalink / raw)
  To: qemu-devel; +Cc: eric.auger, peter.maydell, qemu-arm, Tao Tang

From: Tao Tang <taotang2025@gmail.com>

The current definition of the SMMU_CR0_RESERVED mask is incorrect.
It mistakenly treats bit 10 (DPT_WALK_EN) as a reserved bit while
treating bit 9 (RES0) as an implemented bit.

According to the SMMU architecture specification, the layout for CR0 is:
| 31:11| RES0           |
| 10   | DPT_WALK_EN    |
| 9    | RES0           |
| 8:6  | VMW            |
| 5    | RES0           |
| 4    | ATSCHK         |
| 3    | CMDQEN         |
| 2    | EVENTQEN       |
| 1    | PRIQEN         |
| 0    | SMMUEN         |

Signed-off-by: Tao Tang <taotang2025@gmail.com>
---
 hw/arm/smmuv3-internal.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/arm/smmuv3-internal.h b/hw/arm/smmuv3-internal.h
index b6b7399347..42ac77e654 100644
--- a/hw/arm/smmuv3-internal.h
+++ b/hw/arm/smmuv3-internal.h
@@ -120,7 +120,7 @@ REG32(CR0,                 0x20)
     FIELD(CR0, EVENTQEN,      2, 1)
     FIELD(CR0, CMDQEN,        3, 1)
 
-#define SMMU_CR0_RESERVED 0xFFFFFC20
+#define SMMU_CR0_RESERVED 0xFFFFFA20
 
 REG32(CR0ACK,              0x24)
 REG32(CR1,                 0x28)
-- 
2.34.1



^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH] hw/arm/smmuv3: Fix incorrect reserved mask for SMMU CR0 register
  2025-06-05  2:26 [PATCH] hw/arm/smmuv3: Fix incorrect reserved mask for SMMU CR0 register taotang2025
@ 2025-06-05 14:47 ` Eric Auger
  2025-06-09 14:32 ` Peter Maydell
  1 sibling, 0 replies; 3+ messages in thread
From: Eric Auger @ 2025-06-05 14:47 UTC (permalink / raw)
  To: taotang2025, qemu-devel; +Cc: peter.maydell, qemu-arm

Hi,

On 6/5/25 4:26 AM, taotang2025@gmail.com wrote:
> From: Tao Tang <taotang2025@gmail.com>
>
> The current definition of the SMMU_CR0_RESERVED mask is incorrect.
> It mistakenly treats bit 10 (DPT_WALK_EN) as a reserved bit while
> treating bit 9 (RES0) as an implemented bit.
>
> According to the SMMU architecture specification, the layout for CR0 is:
> | 31:11| RES0           |
> | 10   | DPT_WALK_EN    |
> | 9    | RES0           |
> | 8:6  | VMW            |
> | 5    | RES0           |
> | 4    | ATSCHK         |
> | 3    | CMDQEN         |
> | 2    | EVENTQEN       |
> | 1    | PRIQEN         |
> | 0    | SMMUEN         |
>
> Signed-off-by: Tao Tang <taotang2025@gmail.com>
Reviewed-by: Eric Auger <eric.auger@redhat.com>

Thanks!

Eric

> ---
>  hw/arm/smmuv3-internal.h | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/hw/arm/smmuv3-internal.h b/hw/arm/smmuv3-internal.h
> index b6b7399347..42ac77e654 100644
> --- a/hw/arm/smmuv3-internal.h
> +++ b/hw/arm/smmuv3-internal.h
> @@ -120,7 +120,7 @@ REG32(CR0,                 0x20)
>      FIELD(CR0, EVENTQEN,      2, 1)
>      FIELD(CR0, CMDQEN,        3, 1)
>  
> -#define SMMU_CR0_RESERVED 0xFFFFFC20
> +#define SMMU_CR0_RESERVED 0xFFFFFA20
>  
>  REG32(CR0ACK,              0x24)
>  REG32(CR1,                 0x28)



^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] hw/arm/smmuv3: Fix incorrect reserved mask for SMMU CR0 register
  2025-06-05  2:26 [PATCH] hw/arm/smmuv3: Fix incorrect reserved mask for SMMU CR0 register taotang2025
  2025-06-05 14:47 ` Eric Auger
@ 2025-06-09 14:32 ` Peter Maydell
  1 sibling, 0 replies; 3+ messages in thread
From: Peter Maydell @ 2025-06-09 14:32 UTC (permalink / raw)
  To: taotang2025; +Cc: qemu-devel, eric.auger, qemu-arm

On Thu, 5 Jun 2025 at 03:26, <taotang2025@gmail.com> wrote:
>
> From: Tao Tang <taotang2025@gmail.com>
>
> The current definition of the SMMU_CR0_RESERVED mask is incorrect.
> It mistakenly treats bit 10 (DPT_WALK_EN) as a reserved bit

This is because our implementation pre-dates the revision
of the SMMUv3 spec which adds the DPT and this DPT_WALK_EN bit.
So for us it is/was legitimately reserved. We use this constant
value to update SMMU_CR0ACK when the guest writes to SMMU_CR0,
so ideally we shouldn't mark bits as non-reserved unless we
actually implement the feature that they correspond to.

We don't get this right for VMW and ATSCHK, which are both
"RES0 unless the ID register indicates presence of some
feature" fields, but which we allow the guest to write to
(and cause updates to CR0ACK) anyway.

> while
> treating bit 9 (RES0) as an implemented bit.

This part is a bug; nice catch.

thanks
-- PMM

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2025-06-09 14:33 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-06-05  2:26 [PATCH] hw/arm/smmuv3: Fix incorrect reserved mask for SMMU CR0 register taotang2025
2025-06-05 14:47 ` Eric Auger
2025-06-09 14:32 ` Peter Maydell

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).