From patchwork Tue Feb 8 11:39:45 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 540769 Delivered-To: patch@linaro.org Received: by 2002:ad5:420f:0:0:0:0:0 with SMTP id e15csp460979imo; Tue, 8 Feb 2022 04:48:35 -0800 (PST) X-Google-Smtp-Source: ABdhPJzuq8B8WYa0gW5Jx336knyaAUmENn4/V4EH30OJkRGa8/WY375ECVIRpd6wXC1zM5/kU9db X-Received: by 2002:a81:f10b:: with SMTP id h11mr4610267ywm.396.1644324515307; Tue, 08 Feb 2022 04:48:35 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1644324515; cv=none; d=google.com; s=arc-20160816; b=AFudZ8mBx/LtsoRZkzppQBtNjtNDDht1g+ezDLr9sRIo88mYtEGLnfacO+9emJahio JbSQGqASCv5/1jbseZQ1z4+FRFzjzWTeNEtWvf8/o4dKSYJYHq2kfEgMqA/wz6IzM/Yl 1bksdp5Mh0IrfeDFbwWhwPTNRnXyqi/dSD0eJBVFFXuWV2TBN7yynhMAI9V7z6MhUI51 EJ059qUkPef8/4jK8L1Qq8JNDz2OO8JCGlDEolCWJ7AQUWZOfWtnvzU6v1Ef1oizQGFh SAWhprYWc0ud951gC+GZzLfc0U9Pb6f16DfXGc1pBJWTsgPk+NJi+9r6XAEy0dDGebZX 7dCA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :dkim-signature; bh=uJSi79pD20H9mn2ISVJzcWT+Ek0/1qEnDg0RX82vzg4=; b=Fnr3D9VNTH5+vO0JmfjQ/zNN/mHceez7r8g5ZV5095rXMK4e3Ybi/gLnMJw+JFnNqw 2HpAvHRY0mAs+YbHdn45tu3Is0jBclF5Ph5s2v+RNoqrO+47UxGS/m8Eb5Uf54dqQEZE vmjkNbOYaTjTEoaOvt5lH9swvNdWRF9kHkxrbPbv2Z4wC3iGsPYkxmtMjc0eod+HNNhh XapCHp2kOM87h2xic9UvNmunPhrullxnXVF9esQ3RKDCC+ci4fa8xLd4ACCkJl+c83w/ enXYd3YTEVCz8UDpeHw9VUThXamz9veOrq/soTjN2X4RUx/U2XnJnZk3IB3locUYNG8k WlQg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=uvPUH5cg; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id u5si9791061yba.619.2022.02.08.04.48.35 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Tue, 08 Feb 2022 04:48:35 -0800 (PST) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=uvPUH5cg; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:41122 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1nHPv7-0006Sd-7N for patch@linaro.org; Tue, 08 Feb 2022 07:48:34 -0500 Received: from eggs.gnu.org ([209.51.188.92]:35134) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1nHOrT-00016A-4c for qemu-devel@nongnu.org; Tue, 08 Feb 2022 06:40:45 -0500 Received: from [2a00:1450:4864:20::330] (port=33396 helo=mail-wm1-x330.google.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1nHOr1-0002Md-E7 for qemu-devel@nongnu.org; Tue, 08 Feb 2022 06:40:22 -0500 Received: by mail-wm1-x330.google.com with SMTP id y6-20020a7bc186000000b0037bdc5a531eso737687wmi.0 for ; Tue, 08 Feb 2022 03:40:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=uJSi79pD20H9mn2ISVJzcWT+Ek0/1qEnDg0RX82vzg4=; b=uvPUH5cgksrJgQnxcGUSVFr/PIYVyy8o8aFbfc0eY8NJMu0Z9jcS1ud7ds6G6K2j5a zyh/7GrMHK2d2D8krtJedCK8zd80aVqsQ9dNTG2sdUi7Y6wOhGALsIRwIkoctlct0N63 aMN73whJkh64lYLPI4OaperCB2NS1Z0eYP9HKOl1ylK8QEPkYU0FHYzPGoYD7fHRPC0m ot4hmW2sVZgzN6zrJLvTp58Yxwr0rgvo4QaLKAtEJwn8B3pqjFq4ycZJdfFOFz0HaK1g xdql0jU2Ana25H4lrqnfg2gzVCFYV8DuOaXVKlVy06mgwbLzS3i+E4WGYXCr8y1jAR8C I7GA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=uJSi79pD20H9mn2ISVJzcWT+Ek0/1qEnDg0RX82vzg4=; b=EsvjkfBqNqmriZj6ZydTc6CA0iqfDM4DSLVCONr1Y8eDvbaJ7ogkJf0pcie/Vtx1xK dpDkOBSTNAEq2NEUA/nGrVnPb3zsw5KoSDubBnibvrXNmvmxJ09QRC2uQC1HF0mcxC53 AImhSYqV+xw36mNYeHLYS76u6DJwVwnLlFuDyrR0Uf+Th/UpPNkEIMWwwfaHMNCKyHvl Hy0Xl9TL8kFw/IMNmB6zVfJlqDw/BJE4K6SJ8a5mVvxgSBqV1d7zEDsttftiBrxmQMfm nhdqWXMIqK4fQSuvc0K7IMGKOBhYMAsoXygq4JD9cM9BfCo+//qhnKEsmVBZp3DLsw87 8UHw== X-Gm-Message-State: AOAM532NHwX6qRHFDwQHUIOivRlR1TlcZtrkBjoovv4Co53UW8V8ZK+G GTIJh/6CsZkKip8GZUVXHm+ODooI4DMm4w== X-Received: by 2002:a1c:f210:: with SMTP id s16mr769201wmc.121.1644320414084; Tue, 08 Feb 2022 03:40:14 -0800 (PST) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id r11sm4245199wrt.28.2022.02.08.03.40.13 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Feb 2022 03:40:13 -0800 (PST) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PULL 36/39] hw/intc/arm_gicv3_its: In MAPC with V=0, don't check rdbase field Date: Tue, 8 Feb 2022 11:39:45 +0000 Message-Id: <20220208113948.3217356-37-peter.maydell@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220208113948.3217356-1-peter.maydell@linaro.org> References: <20220208113948.3217356-1-peter.maydell@linaro.org> MIME-Version: 1.0 X-Host-Lookup-Failed: Reverse DNS lookup failed for 2a00:1450:4864:20::330 (failed) Received-SPF: pass client-ip=2a00:1450:4864:20::330; envelope-from=peter.maydell@linaro.org; helo=mail-wm1-x330.google.com X-Spam_score_int: -12 X-Spam_score: -1.3 X-Spam_bar: - X-Spam_report: (-1.3 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, PDS_HP_HELO_NORDNS=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RDNS_NONE=0.793, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" In the MAPC command, if V=0 this is a request to delete a collection table entry and the rdbase field of the command packet will not be used. In particular, the specification says that the "UNPREDICTABLE if rdbase is not valid" only applies for V=1. We were doing a check-and-log-guest-error on rdbase regardless of whether the V bit was set, and also (harmlessly but confusingly) storing the contents of the rdbase field into the updated collection table entry. Update the code so that if V=0 we don't check or use the rdbase field value. Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson Message-id: 20220201193207.2771604-12-peter.maydell@linaro.org --- hw/intc/arm_gicv3_its.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/hw/intc/arm_gicv3_its.c b/hw/intc/arm_gicv3_its.c index 9735d609df2..069991f7f36 100644 --- a/hw/intc/arm_gicv3_its.c +++ b/hw/intc/arm_gicv3_its.c @@ -468,21 +468,21 @@ static ItsCmdResult process_mapc(GICv3ITSState *s, const uint64_t *cmdpkt) CTEntry cte; icid = cmdpkt[2] & ICID_MASK; - - cte.rdbase = (cmdpkt[2] & R_MAPC_RDBASE_MASK) >> R_MAPC_RDBASE_SHIFT; - cte.rdbase &= RDBASE_PROCNUM_MASK; - cte.valid = cmdpkt[2] & CMD_FIELD_VALID_MASK; + if (cte.valid) { + cte.rdbase = (cmdpkt[2] & R_MAPC_RDBASE_MASK) >> R_MAPC_RDBASE_SHIFT; + cte.rdbase &= RDBASE_PROCNUM_MASK; + } else { + cte.rdbase = 0; + } - if ((icid >= s->ct.num_entries) || (cte.rdbase >= s->gicv3->num_cpu)) { + if (icid >= s->ct.num_entries) { + qemu_log_mask(LOG_GUEST_ERROR, "ITS MAPC: invalid ICID 0x%d", icid); + return CMD_CONTINUE; + } + if (cte.valid && cte.rdbase >= s->gicv3->num_cpu) { qemu_log_mask(LOG_GUEST_ERROR, - "ITS MAPC: invalid collection table attributes " - "icid %d rdbase %u\n", icid, cte.rdbase); - /* - * in this implementation, in case of error - * we ignore this command and move onto the next - * command in the queue - */ + "ITS MAPC: invalid RDBASE %u ", cte.rdbase); return CMD_CONTINUE; }