[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL 36/39] hw/intc/arm_gicv3_its: In MAPC with V=0, don't check rdbase
|
From: |
Peter Maydell |
|
Subject: |
[PULL 36/39] hw/intc/arm_gicv3_its: In MAPC with V=0, don't check rdbase field |
|
Date: |
Tue, 8 Feb 2022 11:39:45 +0000 |
In the MAPC command, if V=0 this is a request to delete a collection
table entry and the rdbase field of the command packet will not be
used. In particular, the specification says that the "UNPREDICTABLE
if rdbase is not valid" only applies for V=1.
We were doing a check-and-log-guest-error on rdbase regardless of
whether the V bit was set, and also (harmlessly but confusingly)
storing the contents of the rdbase field into the updated collection
table entry. Update the code so that if V=0 we don't check or use
the rdbase field value.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20220201193207.2771604-12-peter.maydell@linaro.org
---
hw/intc/arm_gicv3_its.c | 24 ++++++++++++------------
1 file changed, 12 insertions(+), 12 deletions(-)
diff --git a/hw/intc/arm_gicv3_its.c b/hw/intc/arm_gicv3_its.c
index 9735d609df2..069991f7f36 100644
--- a/hw/intc/arm_gicv3_its.c
+++ b/hw/intc/arm_gicv3_its.c
@@ -468,21 +468,21 @@ static ItsCmdResult process_mapc(GICv3ITSState *s, const
uint64_t *cmdpkt)
CTEntry cte;
icid = cmdpkt[2] & ICID_MASK;
-
- cte.rdbase = (cmdpkt[2] & R_MAPC_RDBASE_MASK) >> R_MAPC_RDBASE_SHIFT;
- cte.rdbase &= RDBASE_PROCNUM_MASK;
-
cte.valid = cmdpkt[2] & CMD_FIELD_VALID_MASK;
+ if (cte.valid) {
+ cte.rdbase = (cmdpkt[2] & R_MAPC_RDBASE_MASK) >> R_MAPC_RDBASE_SHIFT;
+ cte.rdbase &= RDBASE_PROCNUM_MASK;
+ } else {
+ cte.rdbase = 0;
+ }
- if ((icid >= s->ct.num_entries) || (cte.rdbase >= s->gicv3->num_cpu)) {
+ if (icid >= s->ct.num_entries) {
+ qemu_log_mask(LOG_GUEST_ERROR, "ITS MAPC: invalid ICID 0x%d", icid);
+ return CMD_CONTINUE;
+ }
+ if (cte.valid && cte.rdbase >= s->gicv3->num_cpu) {
qemu_log_mask(LOG_GUEST_ERROR,
- "ITS MAPC: invalid collection table attributes "
- "icid %d rdbase %u\n", icid, cte.rdbase);
- /*
- * in this implementation, in case of error
- * we ignore this command and move onto the next
- * command in the queue
- */
+ "ITS MAPC: invalid RDBASE %u ", cte.rdbase);
return CMD_CONTINUE;
}
--
2.25.1
- [PULL 22/39] hw/arm: versal-virt: Always call arm_load_kernel(), (continued)
- [PULL 22/39] hw/arm: versal-virt: Always call arm_load_kernel(), Peter Maydell, 2022/02/08
- [PULL 20/39] hw/arm/boot: Drop nb_cpus field from arm_boot_info, Peter Maydell, 2022/02/08
- [PULL 21/39] hw/arm/boot: Drop existing dtb /psci node rather than retaining it, Peter Maydell, 2022/02/08
- [PULL 26/39] hw/intc/arm_gicv3_its: Use address_space_map() to access command queue packets, Peter Maydell, 2022/02/08
- [PULL 24/39] hw/timer/armv7m_systick: Update clock source before enabling timer, Peter Maydell, 2022/02/08
- [PULL 33/39] hw/intc/arm_gicv3_its: Pass ITE values back from get_ite() via a struct, Peter Maydell, 2022/02/08
- [PULL 30/39] hw/intc/arm_gicv3_its: Pass CTEntry to update_cte(), Peter Maydell, 2022/02/08
- [PULL 31/39] hw/intc/arm_gicv3_its: Fix address calculation in get_ite() and update_ite(), Peter Maydell, 2022/02/08
- [PULL 18/39] hw/arm/boot: Don't write secondary boot stub if using PSCI, Peter Maydell, 2022/02/08
- [PULL 25/39] hw/arm/smmuv3: Fix device reset, Peter Maydell, 2022/02/08
- [PULL 36/39] hw/intc/arm_gicv3_its: In MAPC with V=0, don't check rdbase field,
Peter Maydell <=
- [PULL 34/39] hw/intc/arm_gicv3_its: Make update_ite() use ITEntry, Peter Maydell, 2022/02/08
- [PULL 19/39] hw/arm/highbank: Drop unused secondary boot stub code, Peter Maydell, 2022/02/08
- [PULL 35/39] hw/intc/arm_gicv3_its: Drop TableDesc and CmdQDesc valid fields, Peter Maydell, 2022/02/08
- [PULL 37/39] hw/intc/arm_gicv3_its: Don't allow intid 1023 in MAPI/MAPTI, Peter Maydell, 2022/02/08
- [PULL 32/39] hw/intc/arm_gicv3_its: Avoid nested ifs in get_ite(), Peter Maydell, 2022/02/08
- [PULL 38/39] hw/intc/arm_gicv3_its: Split error checks, Peter Maydell, 2022/02/08
- Re: [PULL 00/39] target-arm queue, Peter Maydell, 2022/02/08