[Qemu-devel] [PULL 15/50] target/ppc: Correct SDR1 masking

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [PULL 15/50] target/ppc: Correct SDR1 masking

From:	David Gibson
Subject:	[Qemu-devel] [PULL 15/50] target/ppc: Correct SDR1 masking
Date:	Wed, 1 Mar 2017 15:43:30 +1100

SDR_64_HTABORG, which indicates the bits of the SDR1 register to use for
the base of a 64-bit machine's hashed page table (HPT) isn't correct.  It
includes the top 46 bits of the register, but in fact the top 4 bits must
be zero (according to the ISA v2.07).  No actual implementation has
supported close to 2^60 bytes of physical address space, so it's kind of
irrelevant, but we might as well correct this.

In addition, although we checked for bad size values in SDR1, we never
reported an error if entirely invalid bits were set there.  Add this check
to ppc_store_sdr1().

Reported-by: Suraj Jitindar Singh <address@hidden>
Signed-off-by: David Gibson <address@hidden>
---
 target/ppc/mmu-hash64.h | 2 +-
 target/ppc/mmu_helper.c | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/target/ppc/mmu-hash64.h b/target/ppc/mmu-hash64.h
index 9c74823..54f1e37 100644
--- a/target/ppc/mmu-hash64.h
+++ b/target/ppc/mmu-hash64.h
@@ -56,7 +56,7 @@ void ppc_hash64_update_rmls(CPUPPCState *env);
  * Hash page table definitions
  */
 
-#define SDR_64_HTABORG         0xFFFFFFFFFFFC0000ULL
+#define SDR_64_HTABORG         0x0FFFFFFFFFFC0000ULL
 #define SDR_64_HTABSIZE        0x000000000000001FULL
 
 #define HPTES_PER_GROUP         8
diff --git a/target/ppc/mmu_helper.c b/target/ppc/mmu_helper.c
index 3bc8030..a1af3d6 100644
--- a/target/ppc/mmu_helper.c
+++ b/target/ppc/mmu_helper.c
@@ -2007,8 +2007,14 @@ void ppc_store_sdr1(CPUPPCState *env, target_ulong value)
     assert(!cpu->vhyp);
 #if defined(TARGET_PPC64)
     if (env->mmu_model & POWERPC_MMU_64) {
+        target_ulong sdr_mask = SDR_64_HTABORG | SDR_64_HTABSIZE;
         target_ulong htabsize = value & SDR_64_HTABSIZE;
 
+        if (value & ~sdr_mask) {
+            error_report("Invalid bits 0x"TARGET_FMT_lx" set in SDR1",
+                         value & ~sdr_mask);
+            value &= sdr_mask;
+        }
         if (htabsize > 28) {
             error_report("Invalid HTABSIZE 0x" TARGET_FMT_lx" stored in SDR1",
                          htabsize);
-- 
2.9.3

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PULL 09/50] target/ppc: Merge cpu_ppc_set_vhyp() with cpu_ppc_set_papr(), (continued)
- [Qemu-devel] [PULL 09/50] target/ppc: Merge cpu_ppc_set_vhyp() with cpu_ppc_set_papr(), David Gibson, 2017/02/28
- [Qemu-devel] [PULL 03/50] PCI: add missing classes in pci_ids.h to build device tree, David Gibson, 2017/02/28
- [Qemu-devel] [PULL 07/50] target/ppc: Fix KVM-HV HPTE accessors, David Gibson, 2017/02/28
- [Qemu-devel] [PULL 08/50] pseries: Minor cleanups to HPT management hypercalls, David Gibson, 2017/02/28
- [Qemu-devel] [PULL 16/50] target/ppc: support for 32-bit carry and overflow, David Gibson, 2017/02/28
- [Qemu-devel] [PULL 23/50] target/ppc: add mcrxrx instruction, David Gibson, 2017/02/28
- [Qemu-devel] [PULL 06/50] sysemu: support up to 1024 vCPUs, David Gibson, 2017/02/28
- [Qemu-devel] [PULL 20/50] target/ppc: use tcg ops for neg instruction, David Gibson, 2017/02/28
- [Qemu-devel] [PULL 14/50] target/ppc: Remove the function ppc_hash64_set_sdr1(), David Gibson, 2017/02/28
- [Qemu-devel] [PULL 11/50] target/ppc: Cleanup HPTE accessors for 64-bit hash MMU, David Gibson, 2017/02/28
- [Qemu-devel] [PULL 15/50] target/ppc: Correct SDR1 masking, David Gibson <=
- [Qemu-devel] [PULL 19/50] target/ppc: update overflow flags for add/sub, David Gibson, 2017/02/28
- [Qemu-devel] [PULL 32/50] ppc/xics: use the QOM interface to get irqs, David Gibson, 2017/02/28
- [Qemu-devel] [PULL 34/50] ppc/xics: remove xics_find_source(), David Gibson, 2017/02/28
- [Qemu-devel] [PULL 30/50] ppc/xics: introduce a XICSFabric QOM interface to handle ICSs, David Gibson, 2017/02/28
- [Qemu-devel] [PULL 24/50] spapr/pci: populate PCI DT in reverse order, David Gibson, 2017/02/28
- [Qemu-devel] [PULL 25/50] xics: XICS should not be a SysBusDevice, David Gibson, 2017/02/28
- [Qemu-devel] [PULL 33/50] ppc/xics: use the QOM interface to resend irqs, David Gibson, 2017/02/28
- [Qemu-devel] [PULL 21/50] target/ppc: add ov32 flag for multiply low insns, David Gibson, 2017/02/28
- [Qemu-devel] [PULL 13/50] target/ppc: Manage external HPT via virtual hypervisor, David Gibson, 2017/02/28
- [Qemu-devel] [PULL 12/50] target/ppc: Eliminate htab_base and htab_mask variables, David Gibson, 2017/02/28

Prev by Date: [Qemu-devel] [PULL 11/50] target/ppc: Cleanup HPTE accessors for 64-bit hash MMU
Next by Date: [Qemu-devel] [PULL 19/50] target/ppc: update overflow flags for add/sub
Previous by thread: [Qemu-devel] [PULL 11/50] target/ppc: Cleanup HPTE accessors for 64-bit hash MMU
Next by thread: [Qemu-devel] [PULL 19/50] target/ppc: update overflow flags for add/sub
Index(es):
- Date
- Thread