[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Stable-7.2.10 45/47] target/i386: leave the A20 bit set in the final NP
From: |
Michael Tokarev |
Subject: |
[Stable-7.2.10 45/47] target/i386: leave the A20 bit set in the final NPT walk |
Date: |
Wed, 28 Feb 2024 23:35:13 +0300 |
From: Paolo Bonzini <pbonzini@redhat.com>
The A20 mask is only applied to the final memory access. Nested
page tables are always walked with the raw guest-physical address.
Unlike the previous patch, in this one the masking must be kept, but
it was done too early.
Cc: qemu-stable@nongnu.org
Fixes: 4a1e9d4d11c ("target/i386: Use atomic operations for pte updates",
2022-10-18)
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit b5a9de3259f4c791bde2faff086dd5737625e41e)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
diff --git a/target/i386/tcg/sysemu/excp_helper.c
b/target/i386/tcg/sysemu/excp_helper.c
index 61b8d2fdde..5999cdedf5 100644
--- a/target/i386/tcg/sysemu/excp_helper.c
+++ b/target/i386/tcg/sysemu/excp_helper.c
@@ -133,7 +133,6 @@ static inline bool ptw_setl(const PTETranslate *in,
uint32_t old, uint32_t set)
static bool mmu_translate(CPUX86State *env, const TranslateParams *in,
TranslateResult *out, TranslateFault *err)
{
- const int32_t a20_mask = x86_get_a20_mask(env);
const target_ulong addr = in->addr;
const int pg_mode = in->pg_mode;
const bool is_user = (in->mmu_idx == MMU_USER_IDX);
@@ -415,10 +414,13 @@ do_check_protect_pse36:
}
}
- /* align to page_size */
- paddr = (pte & a20_mask & PG_ADDRESS_MASK & ~(page_size - 1))
- | (addr & (page_size - 1));
+ /* merge offset within page */
+ paddr = (pte & PG_ADDRESS_MASK & ~(page_size - 1)) | (addr & (page_size -
1));
+ /*
+ * Note that NPT is walked (for both paging structures and final guest
+ * addresses) using the address with the A20 bit set.
+ */
if (in->ptw_idx == MMU_NESTED_IDX) {
CPUTLBEntryFull *full;
int flags, nested_page_size;
@@ -457,7 +459,7 @@ do_check_protect_pse36:
}
}
- out->paddr = paddr;
+ out->paddr = paddr & x86_get_a20_mask(env);
out->prot = prot;
out->page_size = page_size;
return true;
--
2.39.2
- [Stable-7.2.10 v1 00/47] Patch Round-up for stable 7.2.10, freeze on 2024-03-02, Michael Tokarev, 2024/02/28
- [Stable-7.2.10 33/47] meson: ensure dbus-display generated code is built before other units, Michael Tokarev, 2024/02/28
- [Stable-7.2.10 35/47] docs/system: Update description for input grab key, Michael Tokarev, 2024/02/28
- [Stable-7.2.10 36/47] system/vl: Update description for input grab key, Michael Tokarev, 2024/02/28
- [Stable-7.2.10 37/47] .gitlab-ci.d/windows.yml: Drop msys2-32bit job, Michael Tokarev, 2024/02/28
- [Stable-7.2.10 38/47] target/ppc: Fix lxv/stxv MSR facility check, Michael Tokarev, 2024/02/28
- [Stable-7.2.10 39/47] hw/nvme: fix invalid endian conversion, Michael Tokarev, 2024/02/28
- [Stable-7.2.10 40/47] pl031: Update last RTCLR value on write in case it's read back, Michael Tokarev, 2024/02/28
- [Stable-7.2.10 41/47] target/i386: mask high bits of CR3 in 32-bit mode, Michael Tokarev, 2024/02/28
- [Stable-7.2.10 44/47] target/i386: remove unnecessary/wrong application of the A20 mask, Michael Tokarev, 2024/02/28
- [Stable-7.2.10 45/47] target/i386: leave the A20 bit set in the final NPT walk,
Michael Tokarev <=
- [Stable-7.2.10 42/47] target/i386: check validity of VMCB addresses, Michael Tokarev, 2024/02/28
- [Stable-7.2.10 43/47] target/i386: Fix physical address truncation, Michael Tokarev, 2024/02/28
- [Stable-7.2.10 46/47] tests/vm: update openbsd image to 7.4, Michael Tokarev, 2024/02/28
- [Stable-7.2.10 47/47] tests/vm: avoid re-building the VM images all the time, Michael Tokarev, 2024/02/28