From patchwork Mon Jun 27 13:46:20 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 585296 Delivered-To: patch@linaro.org Received: by 2002:a05:7000:5036:0:0:0:0 with SMTP id e22csp3112363mab; Mon, 27 Jun 2022 06:48:06 -0700 (PDT) X-Google-Smtp-Source: AGRyM1t0Fu9KapUl0BLwUOU8i3HSSY0QqUThCWDacOuVSsF48iMt1/H66NbGtQFkRUUzBSdzfLo8 X-Received: by 2002:a05:622a:5d4:b0:31a:ade:2086 with SMTP id d20-20020a05622a05d400b0031a0ade2086mr4151193qtb.569.1656337686473; Mon, 27 Jun 2022 06:48:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1656337686; cv=none; d=google.com; s=arc-20160816; b=LdcYMuJ8vamHf533oJu0vW3c5lbIUxa//uyOauk0f3RxzjCtotNwqmMsD718YlBZhD KkEXCWBx0t9DvGojVM1EPewstamebH9bKUr7z0hHiDMUfyLaRAX0xw9b0xp0qi+qNqvZ iVe0iEhmKxYbiZhgk9Iu0U5ylyoJ5KzFXaaRL/BcR8CNrruzg1M7U2bwkCFnSFYjhck0 LNeXvhcCyTVyvskWAufPbRj49IHvxt+FX3XmxOHRFCoehjT5TWjIWAkWGfD87FD+yM3e fluk/MzUfYnBWbVSOPXQl59zEbqtnx9qQ+zP6vvTerltK0P8LZesplx817QelMhvvS5D 1iaA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:message-id:date:subject:cc:to:from:dkim-signature; bh=14MEsEjQiz9IfzX6JeiSVtQX16foo13qJMvs/LfidH4=; b=KVdFvEL+2zK9iAZxOlwJ6/mzPg36teh9yxku3kG8Kc3/MOjkKF+Cgpz72t+y1VP0O5 ZJe4YrG7jLuPGA6tpINAnTXE9l47HPBATAPzdMMPa3QRCjW5seF7pSu+ytawHaR1VW/L uGksRGBl6v7bPMMKtxf+W0Nj6hnUwX3aE1yO5grcOea3BO5sJqvU03S1zQmFGHgtlRU8 iK4yTNMGKiPzPOwlk1Tdr/94TWkOvvWQs1oVdiLBmke4tx2QoPg/XcUMaXUZCoMUEjkB mRVJc6QHNeaYk5BKwv8ObC4FlPQfciNcALDRhZ5S3XR5AnQ1DPp7Y4fN6MJ5KHydBsBK 17nQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=QIyBX7wH; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id bq13-20020a05620a468d00b006af229b4d6asi1792670qkb.572.2022.06.27.06.48.06 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Mon, 27 Jun 2022 06:48:06 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=QIyBX7wH; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:58198 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1o5p5y-0004E2-2Q for patch@linaro.org; Mon, 27 Jun 2022 09:48:06 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:46856) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1o5p4M-00048P-HN for qemu-devel@nongnu.org; Mon, 27 Jun 2022 09:46:26 -0400 Received: from mail-wm1-x32c.google.com ([2a00:1450:4864:20::32c]:35727) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1o5p4K-0004Rw-Kg for qemu-devel@nongnu.org; Mon, 27 Jun 2022 09:46:26 -0400 Received: by mail-wm1-x32c.google.com with SMTP id l2-20020a05600c4f0200b0039c55c50482so7580456wmq.0 for ; Mon, 27 Jun 2022 06:46:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=14MEsEjQiz9IfzX6JeiSVtQX16foo13qJMvs/LfidH4=; b=QIyBX7wHvxhqHt0CuA3FbRCsu+Hz8sh6RgiWfaHDfYOkYruJ9Rk+ZNYc6ie5h5/ELc 71qoiSd39x5VlO0WGOgF6L0flm4Dz3veTnwXKtd8Mysc5DN6pqndGrhGWK4nUeoHMsu2 QWb9gRbz3Zt+pLJjusdWq5s8zrQLSU+CnCoXaJZ7dVqwcq8ibeSlqkA7A0xOno4KkViQ KOmSAxesFmKq50/E8gZaqE6LiIRRS5o946A7fQ2WtJIXiN2x/c1QEltNyfwo5iLNhAsq fEZH23yivPa/g/ThjQ8a5BsVEhTHp15fSHyguROVCHBY3C6ACeXKNoymXFsqrK1SZWGD Q81g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=14MEsEjQiz9IfzX6JeiSVtQX16foo13qJMvs/LfidH4=; b=VWU/spJiIS9seF8ob/O04E5rJ/B5ifK28/xRiayBv/X34a9yYxA8apltgx+82C5PE+ IcbbrInSP+dQKrDAhC/NrrsYh2q2mB2OvIpDhAkJLapY3mhZAUBC05qQFIx2zg/ttsU0 b4pomQFXxW/y40ChLGBqmh3+qa5KsnZxn8ob2LCBvrrGR1kdEcocIIUfuMi1YNaV1M+Z 2FAieKT4VBu0llbWASUJVQOYWIKX33iO32iFBkreydmlPxZWozg3mWqwrHXDd0kKcP0q M7sy+uDLZOBNcUQT0CDJTit9UWKRNdqopusOPhRBruQHfxhZ6aupfXzFaKZqhTVe5nsG tUWg== X-Gm-Message-State: AJIora+Cs0Pb+3yCpDrR1xiblIaFpFmwzKLedG2BVvMXdPKMYiSe6s2w 2UMtvkLc1o64IWr5ZJmsQW78DQ== X-Received: by 2002:a05:600c:190b:b0:39c:7704:74a4 with SMTP id j11-20020a05600c190b00b0039c770474a4mr15387727wmq.92.1656337582786; Mon, 27 Jun 2022 06:46:22 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id a3-20020a056000100300b0021b943a50b3sm10736528wrx.85.2022.06.27.06.46.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 27 Jun 2022 06:46:22 -0700 (PDT) From: Peter Maydell To: qemu-arm@nongnu.org, qemu-devel@nongnu.org Cc: Richard Henderson , He Zhe Subject: [PATCH] target/arm: Fix qemu-system-arm handling of LPAE block descriptors for highmem Date: Mon, 27 Jun 2022 14:46:20 +0100 Message-Id: <20220627134620.3190252-1-peter.maydell@linaro.org> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::32c; envelope-from=peter.maydell@linaro.org; helo=mail-wm1-x32c.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" In commit 39a1fd25287f5d we fixed a bug in the handling of LPAE block descriptors where we weren't correctly zeroing out some RES0 bits. However this fix has a bug because the calculation of the mask is done at the wrong width: in descaddr &= ~(page_size - 1); page_size is a target_ulong, so in the 'qemu-system-arm' binary it is only 32 bits, and the effect is that we always zero out the top 32 bits of the calculated address. Fix the calculation by forcing the mask to be calculated with the same type as descaddr. This only affects 32-bit CPUs which support LPAE (e.g. cortex-a15) when used on board models which put RAM or devices above the 4GB mark and when the 'qemu-system-arm' executable is being used. It was also masked in 7.0 by the main bug reported in https://gitlab.com/qemu-project/qemu/-/issues/1078 where the virt board incorrectly does not enable 'highmem' for 32-bit CPUs. The workaround is to use 'qemu-system-aarch64' with the same command line. Reported-by: He Zhe Fixes: 39a1fd25287f5de ("target/arm: Fix handling of LPAE block descriptors") Cc: qemu-stable@nongnu.org Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson --- target/arm/ptw.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/target/arm/ptw.c b/target/arm/ptw.c index da478104f05..e71fc1f4293 100644 --- a/target/arm/ptw.c +++ b/target/arm/ptw.c @@ -1257,7 +1257,7 @@ static bool get_phys_addr_lpae(CPUARMState *env, uint64_t address, * clear the lower bits here before ORing in the low vaddr bits. */ page_size = (1ULL << ((stride * (4 - level)) + 3)); - descaddr &= ~(page_size - 1); + descaddr &= ~(hwaddr)(page_size - 1); descaddr |= (address & (page_size - 1)); /* Extract attributes from the descriptor */ attrs = extract64(descriptor, 2, 10)