From patchwork Wed Jul 19 15:30:15 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jean-Philippe Brucker X-Patchwork-Id: 13319155 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 1DE8FC001B0 for ; Wed, 19 Jul 2023 15:57:50 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qM9Xv-00038G-2Q; Wed, 19 Jul 2023 11:56:59 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qM9Xq-00036d-V4 for qemu-devel@nongnu.org; Wed, 19 Jul 2023 11:56:55 -0400 Received: from mail-wm1-x335.google.com ([2a00:1450:4864:20::335]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1qM9Xl-0007IS-8A for qemu-devel@nongnu.org; Wed, 19 Jul 2023 11:56:54 -0400 Received: by mail-wm1-x335.google.com with SMTP id 5b1f17b1804b1-3fbdfda88f4so64928055e9.1 for ; Wed, 19 Jul 2023 08:56:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1689782205; x=1690387005; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=WNPqefvQgMivoBtumxDAYGfl0jiPjDA6sqhpbGZ4NhE=; b=b/0hKs0QxDQccRusYNa5gcfxhSGWwRIFg3RS7TS0wQgh2xg/t4sOawHxqaNGQdze5u Y1ZS1No5vF3tbx5w5qdPbQ74gugYWY0XVGl8bOALogHaofJA5C4+8eYamZKn8poVx48A IFpqCc11TaMrB3JdRllZ+M1ZheG03HCZllNjiLBzGroGFcDX57QYxtQqo7vR9JqEShDO uxltFYAXNfBGZM9zMEk2d3pDUSzHsVcx1WS1S2yahaK1zn9UTrNwVxbvK8RwoZafVRTU whrKLmX53YODwWc9yc0AMp2S5DJn/J8FZjp/SIRBhKd3LwRlyDfUVyEbwiO+JZf/94rn Irdg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689782205; x=1690387005; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=WNPqefvQgMivoBtumxDAYGfl0jiPjDA6sqhpbGZ4NhE=; b=NfRWYN8rqCIBpWbMMDFZ4FFNekeEY6vgoHAL04FfTxlF66//c4Sr3q/bPFVPzsxK+P 7vQIA7PT9yEmm+Ydup/FAR0EYiRGoqMFt4dSyDhMTnWlOepvinVGvOKJhUd9b0leYVhp ltV7gJlcQWVHUI4z5FVnBqrzGTZ5DAeJkuP23g7jG2X4jx9daEZWIi7Ssy1A2y9POJRt +LWUu99OQHO9w/jzvxeBA6UeY7gYwHonOO5zkuUNVgWXcdeU36GhFKvY5W4eX2amezTb 8uEgMO7EENrkIryBtKSaaQoWye4CWc0CT6xY4JIdZhpPd5PmCgIo/rl3onbtUKgOJhMa mn6A== X-Gm-Message-State: ABy/qLazkGmp/fwmrLQiRNVoIAuNNR5pGneeFEM/uwF+UBn8aFToM+Q4 cyHq3VOFycU79e77AYnYWbRO5w== X-Google-Smtp-Source: APBJJlGgWzquLKyXi8bSQ01KnUOq2NPGOneufKkjs87wk/2uABNKJmueYB5uSG+K5K7QpbkFlbc51Q== X-Received: by 2002:a05:600c:20d1:b0:3fc:80a:993e with SMTP id y17-20020a05600c20d100b003fc080a993emr4651088wmm.17.1689782205641; Wed, 19 Jul 2023 08:56:45 -0700 (PDT) Received: from localhost.localdomain ([2.219.138.198]) by smtp.gmail.com with ESMTPSA id l14-20020a1c790e000000b003fc3b03caa4sm2351006wme.0.2023.07.19.08.56.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 19 Jul 2023 08:56:45 -0700 (PDT) From: Jean-Philippe Brucker To: peter.maydell@linaro.org Cc: richard.henderson@linaro.org, qemu-arm@nongnu.org, qemu-devel@nongnu.org, Jean-Philippe Brucker Subject: [PATCH 1/5] target/arm/ptw: Load stage-2 tables from realm physical space Date: Wed, 19 Jul 2023 16:30:15 +0100 Message-ID: <20230719153018.1456180-3-jean-philippe@linaro.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230719153018.1456180-2-jean-philippe@linaro.org> References: <20230719153018.1456180-2-jean-philippe@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::335; envelope-from=jean-philippe@linaro.org; helo=mail-wm1-x335.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org In realm state, stage-2 translation tables are fetched from the realm physical address space (R_PGRQD). Signed-off-by: Jean-Philippe Brucker --- target/arm/ptw.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/target/arm/ptw.c b/target/arm/ptw.c index d1de934702..6318e13b98 100644 --- a/target/arm/ptw.c +++ b/target/arm/ptw.c @@ -164,7 +164,11 @@ static ARMMMUIdx ptw_idx_for_stage_2(CPUARMState *env, ARMMMUIdx stage2idx) * an NS stage 1+2 lookup while the NS bit is 0.) */ if (!arm_is_secure_below_el3(env) || !arm_el_is_aa64(env, 3)) { - return ARMMMUIdx_Phys_NS; + if (arm_security_space_below_el3(env) == ARMSS_Realm) { + return ARMMMUIdx_Phys_Realm; + } else { + return ARMMMUIdx_Phys_NS; + } } if (stage2idx == ARMMMUIdx_Stage2_S) { s2walk_secure = !(env->cp15.vstcr_el2 & VSTCR_SW); From patchwork Wed Jul 19 15:30:16 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jean-Philippe Brucker X-Patchwork-Id: 13319156 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id BDA9AEB64DA for ; Wed, 19 Jul 2023 15:58:03 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qM9Y0-0003AA-PA; Wed, 19 Jul 2023 11:57:04 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qM9Xv-000392-RU for qemu-devel@nongnu.org; Wed, 19 Jul 2023 11:57:00 -0400 Received: from mail-lf1-x132.google.com ([2a00:1450:4864:20::132]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1qM9Xl-0007Ib-7X for qemu-devel@nongnu.org; Wed, 19 Jul 2023 11:56:59 -0400 Received: by mail-lf1-x132.google.com with SMTP id 2adb3069b0e04-4fbb281eec6so11519698e87.1 for ; Wed, 19 Jul 2023 08:56:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1689782206; x=1690387006; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=1ZtPVN3lBHeAgdj1nKPqBU2sV0M1JQVXfLkLVtYjNIk=; b=LcMW5US7HuKk425kIMl9dpCMTAV07lLJ+lgPGYmwTXVYLGs1RH2m7Hdsa2tTeWOxtF nDI2OGPOLD7apiSTFojae0QsOAzshIbf9rbz0pKJLvZ6SXzL4IZmA1RRbIR+iUEpwV+N HG+aTkIY7GKJEPzDNS3/HGj6y355LlNJYQy/WQzCdfo0QLf/4sqhlZrzj0TOXcwdAxng MrprCfYEpVKyzqoyTj/detLhIPO6h3xzrBKypEUbTR7oXCaXsfK5AlHlNxqTvhuH5iEC q4HL7JjzD01QQqXAXikG8KdCSxy+zzkdfK/TAMegAj+IrcMmG/z0yZb6cjRWFbSrd8uZ MT1g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689782206; x=1690387006; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=1ZtPVN3lBHeAgdj1nKPqBU2sV0M1JQVXfLkLVtYjNIk=; b=VQgjjnAx/FypqutZtSrlaWP6M0W7SDF7kh7R50ZpBF2yakMmTcte21765MzqhWS32u SE4oz6E2oGEniJ8bNC44M3fgz5OaiCYo+cMNfVxFumnqPvy5SANIuoD7uyhO0/dpWcjC n+xYnTevAQu/DIWhCt1fV8XepyeW2HFuDPLooJzatmkBbVaF/QYCvX/kIRj52C4GRqGc L7NI2wr4Cnw7O7EIHcr68Vn9/76Fke20ztQXE4E7vdPPJedTNpgNRFhfUessfgWx/sIz ezxSTU7dhZT9AhjvDeCf6arxq5D0rN1GhwLQVugxewT3nj8hSNJ1QKYyuJGsRgcfRgeF 9p4Q== X-Gm-Message-State: ABy/qLY2pJWjDW9LUGzlqH6Mqp0Yoi3ced2zI+MPHa+9b4/yCJezBKHw PyyVVhPyKYHgi2hfyBHn2EenHQ== X-Google-Smtp-Source: APBJJlHlNlvRMSlc4Jll7HQ3YuakKyBdn6wh9me28DhBP/VzLFQloZaifSj3owUsPv+6jW3DbC93ag== X-Received: by 2002:a05:6512:2507:b0:4f8:46e9:9f19 with SMTP id be7-20020a056512250700b004f846e99f19mr312891lfb.1.1689782206107; Wed, 19 Jul 2023 08:56:46 -0700 (PDT) Received: from localhost.localdomain ([2.219.138.198]) by smtp.gmail.com with ESMTPSA id l14-20020a1c790e000000b003fc3b03caa4sm2351006wme.0.2023.07.19.08.56.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 19 Jul 2023 08:56:45 -0700 (PDT) From: Jean-Philippe Brucker To: peter.maydell@linaro.org Cc: richard.henderson@linaro.org, qemu-arm@nongnu.org, qemu-devel@nongnu.org, Jean-Philippe Brucker Subject: [PATCH 2/5] target/arm/helper: Fix vae2_tlbmask() Date: Wed, 19 Jul 2023 16:30:16 +0100 Message-ID: <20230719153018.1456180-4-jean-philippe@linaro.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230719153018.1456180-2-jean-philippe@linaro.org> References: <20230719153018.1456180-2-jean-philippe@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::132; envelope-from=jean-philippe@linaro.org; helo=mail-lf1-x132.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org When HCR_EL2.E2H is enabled, TLB entries are formed using the EL2&0 translation regime, instead of the EL2 translation regime. The TLB VAE2* instructions invalidate the regime that corresponds to the current value of HCR_EL2.E2H. At the moment we only invalidate the EL2 translation regime. This causes problems with RMM, which issues TLBI VAE2IS instructions with HCR_EL2.E2H enabled. Update vae2_tlbmask() to take HCR_EL2.E2H into account. Signed-off-by: Jean-Philippe Brucker --- target/arm/helper.c | 26 ++++++++++++++++++-------- 1 file changed, 18 insertions(+), 8 deletions(-) diff --git a/target/arm/helper.c b/target/arm/helper.c index e1b3db6f5f..07a9ac70f5 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -4663,6 +4663,21 @@ static int vae1_tlbmask(CPUARMState *env) return mask; } +static int vae2_tlbmask(CPUARMState *env) +{ + uint64_t hcr = arm_hcr_el2_eff(env); + uint16_t mask; + + if (hcr & HCR_E2H) { + mask = ARMMMUIdxBit_E20_2 | + ARMMMUIdxBit_E20_2_PAN | + ARMMMUIdxBit_E20_0; + } else { + mask = ARMMMUIdxBit_E2; + } + return mask; +} + /* Return 56 if TBI is enabled, 64 otherwise. */ static int tlbbits_for_regime(CPUARMState *env, ARMMMUIdx mmu_idx, uint64_t addr) @@ -4781,7 +4796,7 @@ static void tlbi_aa64_vae2_write(CPUARMState *env, const ARMCPRegInfo *ri, * flush-last-level-only. */ CPUState *cs = env_cpu(env); - int mask = e2_tlbmask(env); + int mask = vae2_tlbmask(env); uint64_t pageaddr = sextract64(value << 12, 0, 56); tlb_flush_page_by_mmuidx(cs, pageaddr, mask); @@ -4838,11 +4853,11 @@ static void tlbi_aa64_vae2is_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value) { CPUState *cs = env_cpu(env); + int mask = vae2_tlbmask(env); uint64_t pageaddr = sextract64(value << 12, 0, 56); int bits = tlbbits_for_regime(env, ARMMMUIdx_E2, pageaddr); - tlb_flush_page_bits_by_mmuidx_all_cpus_synced(cs, pageaddr, - ARMMMUIdxBit_E2, bits); + tlb_flush_page_bits_by_mmuidx_all_cpus_synced(cs, pageaddr, mask, bits); } static void tlbi_aa64_vae3is_write(CPUARMState *env, const ARMCPRegInfo *ri, @@ -5014,11 +5029,6 @@ static void tlbi_aa64_rvae1is_write(CPUARMState *env, do_rvae_write(env, value, vae1_tlbmask(env), true); } -static int vae2_tlbmask(CPUARMState *env) -{ - return ARMMMUIdxBit_E2; -} - static void tlbi_aa64_rvae2_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value) From patchwork Wed Jul 19 15:30:17 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jean-Philippe Brucker X-Patchwork-Id: 13319154 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id A9002C001DE for ; Wed, 19 Jul 2023 15:57:49 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qM9Xz-00039j-HF; Wed, 19 Jul 2023 11:57:03 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qM9Xr-00037S-OA for qemu-devel@nongnu.org; Wed, 19 Jul 2023 11:56:55 -0400 Received: from mail-lf1-x133.google.com ([2a00:1450:4864:20::133]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1qM9Xl-0007In-8B for qemu-devel@nongnu.org; Wed, 19 Jul 2023 11:56:55 -0400 Received: by mail-lf1-x133.google.com with SMTP id 2adb3069b0e04-4fb863edcb6so11964035e87.0 for ; Wed, 19 Jul 2023 08:56:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1689782207; x=1690387007; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=gGmNjom1dWAWIl07haN1UV6R0kEmVNpwwthNJP86YHc=; b=yc3U8vt2vXQK75uiC3aDqfTR6BF9hOFQCZ2Qz6hdQlQHpPvknydPCn303pSPVXxxl7 xR6gnjZwtJK3HCGgZBxhvUGJDD711Kw/8XRlKjAFgJkItCjT9o62gBe9YnIiWLCjKgE5 B5/uSG6ZXMXlY6cnHbF38VgSkwsSm+r5DmQHxWqU4cGjjoip9sFbECzjdr6DtR8mW0W8 WuwqSXKqHApzyQoYj+SaXtYlU46h1FaR+6ohGA0BP1UDZDS/nCVvxPRWwnaozGQ0gRfm xfw3viTwua33px84TKOYCYU7VPz7cTDSoFpYXO1+YhpunEk0vMdPUDpsckCm2KjIYKob gKSg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689782207; x=1690387007; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=gGmNjom1dWAWIl07haN1UV6R0kEmVNpwwthNJP86YHc=; b=BU2jHgHy83lseabIuk1fqZcEmUruaTrgLj9DMGVOeciln3IICxso8Gv36VITLGlqwQ q9an7afc2RfTnA23Tc2DLcmg5Fdzq2+nDIB35WuVmuuwsu7/YiaxiZQ0+d5qzR1kr0Hk ociz6u8LMS3VVUdcV4ODrO65gglilIEZLX5BOnf+cIK2SRGHLfRXxMbbsqgH101DMCeZ lYg5esRnze7a9UB8jC5j6A+Jacffyx0dx7CvF+6A25yeuolsCAVXWDphA3FnzgKZ3KbI OTZ0SUYHO3hZ/EXmQAtJAV/aJskJEx+h/q40hCT3n2kageQApTnKzcL9QX5X/bETttlj cyng== X-Gm-Message-State: ABy/qLbvq8hi/Lsxaju6WR+9FRJ4HNKgTvpj1MRtrYmhFs643mPZ+CYe xsCBkaTZMxOul8m810iywHkGIefSTsoofWJaxJ8= X-Google-Smtp-Source: APBJJlEsvKEjObiAu0mLYDIg+oFDcHy5L43RMfRLXvMnB3UzOu2kYjm/JizryaMbwuG8b+6BfMq8oA== X-Received: by 2002:a05:6512:3b8b:b0:4fb:89f2:594c with SMTP id g11-20020a0565123b8b00b004fb89f2594cmr253129lfv.56.1689782206633; Wed, 19 Jul 2023 08:56:46 -0700 (PDT) Received: from localhost.localdomain ([2.219.138.198]) by smtp.gmail.com with ESMTPSA id l14-20020a1c790e000000b003fc3b03caa4sm2351006wme.0.2023.07.19.08.56.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 19 Jul 2023 08:56:46 -0700 (PDT) From: Jean-Philippe Brucker To: peter.maydell@linaro.org Cc: richard.henderson@linaro.org, qemu-arm@nongnu.org, qemu-devel@nongnu.org, Jean-Philippe Brucker Subject: [PATCH 3/5] target/arm: Skip granule protection checks for AT instructions Date: Wed, 19 Jul 2023 16:30:17 +0100 Message-ID: <20230719153018.1456180-5-jean-philippe@linaro.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230719153018.1456180-2-jean-philippe@linaro.org> References: <20230719153018.1456180-2-jean-philippe@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::133; envelope-from=jean-philippe@linaro.org; helo=mail-lf1-x133.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org GPC checks are not performed on the output address for AT instructions, as stated by ARM DDI 0487J in D8.12.2: When populating PAR_EL1 with the result of an address translation instruction, granule protection checks are not performed on the final output address of a successful translation. Rename get_phys_addr_with_secure(), since it's only used to handle AT instructions. Signed-off-by: Jean-Philippe Brucker Reviewed-by: Peter Maydell --- This incidentally fixes a problem with AT S1E1 instructions which can output an IPA and should definitely not cause a GPC. --- target/arm/internals.h | 25 ++++++++++++++----------- target/arm/helper.c | 8 ++++++-- target/arm/ptw.c | 11 ++++++----- 3 files changed, 26 insertions(+), 18 deletions(-) diff --git a/target/arm/internals.h b/target/arm/internals.h index 0f01bc32a8..fc90c364f7 100644 --- a/target/arm/internals.h +++ b/target/arm/internals.h @@ -1190,12 +1190,11 @@ typedef struct GetPhysAddrResult { } GetPhysAddrResult; /** - * get_phys_addr_with_secure: get the physical address for a virtual address + * get_phys_addr: get the physical address for a virtual address * @env: CPUARMState * @address: virtual address to get physical address for * @access_type: 0 for read, 1 for write, 2 for execute * @mmu_idx: MMU index indicating required translation regime - * @is_secure: security state for the access * @result: set on translation success. * @fi: set to fault info if the translation fails * @@ -1212,26 +1211,30 @@ typedef struct GetPhysAddrResult { * * for PSMAv5 based systems we don't bother to return a full FSR format * value. */ -bool get_phys_addr_with_secure(CPUARMState *env, target_ulong address, - MMUAccessType access_type, - ARMMMUIdx mmu_idx, bool is_secure, - GetPhysAddrResult *result, ARMMMUFaultInfo *fi) +bool get_phys_addr(CPUARMState *env, target_ulong address, + MMUAccessType access_type, ARMMMUIdx mmu_idx, + GetPhysAddrResult *result, ARMMMUFaultInfo *fi) __attribute__((nonnull)); /** - * get_phys_addr: get the physical address for a virtual address + * get_phys_addr_with_secure_nogpc: get the physical address for a virtual + * address * @env: CPUARMState * @address: virtual address to get physical address for * @access_type: 0 for read, 1 for write, 2 for execute * @mmu_idx: MMU index indicating required translation regime + * @is_secure: security state for the access * @result: set on translation success. * @fi: set to fault info if the translation fails * - * Similarly, but use the security regime of @mmu_idx. + * Similar to get_phys_addr, but use the given security regime and don't perform + * a Granule Protection Check on the resulting address. */ -bool get_phys_addr(CPUARMState *env, target_ulong address, - MMUAccessType access_type, ARMMMUIdx mmu_idx, - GetPhysAddrResult *result, ARMMMUFaultInfo *fi) +bool get_phys_addr_with_secure_nogpc(CPUARMState *env, target_ulong address, + MMUAccessType access_type, + ARMMMUIdx mmu_idx, bool is_secure, + GetPhysAddrResult *result, + ARMMMUFaultInfo *fi) __attribute__((nonnull)); bool pmsav8_mpu_lookup(CPUARMState *env, uint32_t address, diff --git a/target/arm/helper.c b/target/arm/helper.c index 07a9ac70f5..3ee2bb5fe1 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -3365,8 +3365,12 @@ static uint64_t do_ats_write(CPUARMState *env, uint64_t value, ARMMMUFaultInfo fi = {}; GetPhysAddrResult res = {}; - ret = get_phys_addr_with_secure(env, value, access_type, mmu_idx, - is_secure, &res, &fi); + /* + * I_MXTJT: Granule protection checks are not performed on the final address + * of a successful translation. + */ + ret = get_phys_addr_with_secure_nogpc(env, value, access_type, mmu_idx, + is_secure, &res, &fi); /* * ATS operations only do S1 or S1+S2 translations, so we never diff --git a/target/arm/ptw.c b/target/arm/ptw.c index 6318e13b98..1aef2b8cef 100644 --- a/target/arm/ptw.c +++ b/target/arm/ptw.c @@ -3412,16 +3412,17 @@ static bool get_phys_addr_gpc(CPUARMState *env, S1Translate *ptw, return false; } -bool get_phys_addr_with_secure(CPUARMState *env, target_ulong address, - MMUAccessType access_type, ARMMMUIdx mmu_idx, - bool is_secure, GetPhysAddrResult *result, - ARMMMUFaultInfo *fi) +bool get_phys_addr_with_secure_nogpc(CPUARMState *env, target_ulong address, + MMUAccessType access_type, + ARMMMUIdx mmu_idx, bool is_secure, + GetPhysAddrResult *result, + ARMMMUFaultInfo *fi) { S1Translate ptw = { .in_mmu_idx = mmu_idx, .in_space = arm_secure_to_space(is_secure), }; - return get_phys_addr_gpc(env, &ptw, address, access_type, result, fi); + return get_phys_addr_nogpc(env, &ptw, address, access_type, result, fi); } bool get_phys_addr(CPUARMState *env, target_ulong address, From patchwork Wed Jul 19 15:30:18 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jean-Philippe Brucker X-Patchwork-Id: 13319152 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 7C6BCEB64DA for ; Wed, 19 Jul 2023 15:57:40 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qM9Xr-00037e-V9; Wed, 19 Jul 2023 11:56:56 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qM9Xq-00036P-Ai for qemu-devel@nongnu.org; Wed, 19 Jul 2023 11:56:54 -0400 Received: from mail-wm1-x335.google.com ([2a00:1450:4864:20::335]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1qM9Xl-0007Iy-80 for qemu-devel@nongnu.org; Wed, 19 Jul 2023 11:56:54 -0400 Received: by mail-wm1-x335.google.com with SMTP id 5b1f17b1804b1-3fbc244d384so65681855e9.0 for ; Wed, 19 Jul 2023 08:56:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1689782207; x=1690387007; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=FZ2bPahlx3LV2sRcFrJrnz1tXtkeMss0dhYnH4Xs6LA=; b=xzLpRR+hUzGzodg93yn4hDtKLGUPfQFnr/koe3PzlsNGsxvnAA5XuvR6Yr0LOS5ZNc EwL3noelyk8srQszf7xT8aHq4OLPZg6EGZf3rBmuC568hr9ZURbjgAyaaZWl7ldpFVaI 6t1akIBKXsS1DZynLvcKB16BzT+JE4FW/iNTCdr2lFvmR0tiKdjWWzxfjzwikSQktQsG ckiWG8z45g/xrkdjHIB9Egt5F3IBunT/Oz2Qns1PMQY4jl74o8c1MrSjuvWzvyvHh6gQ 7C0+DtBTor5xoUx15Q4MV8MDmcNODwoMECzx1AanU0zF2N95VP+rb4tXA2RlmIlP7pZd K1cA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689782207; x=1690387007; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=FZ2bPahlx3LV2sRcFrJrnz1tXtkeMss0dhYnH4Xs6LA=; b=g7KZHLAgNXivqeNriyx/My8c9wUmec8FlSploksdfLXjo01WB9yAG7JOTvzinhEUCH 0URSVaFsBBJl2Xx1JlIxjc8r8SnVo5YM5EQRvFracnDqCVJWhdFO2/3EQL1NuXwKX9vO EW4Lg3MPRN7wPxvWBdlb32XGfU/kb6Btvj9Bl8rwQkruMh3opFgJBo4pGCNv3Ps48TDB CzMkx2Nh8UJRCRuVDyu3dKT8tS9xd9wEu7BtTaWGib8Ow8EsJJpILnhCca1gEfd471tH hWTXqkHXEjKMQZRd2WrkwG8gaOboVoIILRjDH9DqMQoDRWdsnhaTxqTHdssPhzjMJX93 Onlg== X-Gm-Message-State: ABy/qLaUN8JwCdQj0h3pU14n2EyTsoDyYLg9HGgRORnxLRwE3O4OBaNM cxxXnxNb0ejwf7ANK9s6RGGOiGm+wr9gaT7qsFM= X-Google-Smtp-Source: APBJJlEx+Vbt36ibcg/YilWSjRZYOqm+V2DBXUcp2HY235wprVgT8uJwaeFWyBkbsq3Gm0ZwQe7Ouw== X-Received: by 2002:a7b:cd93:0:b0:3fc:1fb:79d3 with SMTP id y19-20020a7bcd93000000b003fc01fb79d3mr4796514wmj.15.1689782207102; Wed, 19 Jul 2023 08:56:47 -0700 (PDT) Received: from localhost.localdomain ([2.219.138.198]) by smtp.gmail.com with ESMTPSA id l14-20020a1c790e000000b003fc3b03caa4sm2351006wme.0.2023.07.19.08.56.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 19 Jul 2023 08:56:46 -0700 (PDT) From: Jean-Philippe Brucker To: peter.maydell@linaro.org Cc: richard.henderson@linaro.org, qemu-arm@nongnu.org, qemu-devel@nongnu.org, Jean-Philippe Brucker Subject: [PATCH 4/5] target/arm: Pass security space rather than flag for AT instructions Date: Wed, 19 Jul 2023 16:30:18 +0100 Message-ID: <20230719153018.1456180-6-jean-philippe@linaro.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230719153018.1456180-2-jean-philippe@linaro.org> References: <20230719153018.1456180-2-jean-philippe@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::335; envelope-from=jean-philippe@linaro.org; helo=mail-wm1-x335.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org At the moment we only handle Secure and Nonsecure security spaces for the AT instructions. Add support for Realm and Root. For AArch64, arm_security_space() gives the desired space. ARM DDI0487J says (R_NYXTL): If EL3 is implemented, then when an address translation instruction that applies to an Exception level lower than EL3 is executed, the Effective value of SCR_EL3.{NSE, NS} determines the target Security state that the instruction applies to. For AArch32, some instructions can access NonSecure space from Secure, so we still need to pass the state explicitly to do_ats_write(). Signed-off-by: Jean-Philippe Brucker Reviewed-by: Peter Maydell --- I haven't tested AT instructions in Realm/Root space yet, but it looks like the patch is needed. RMM doesn't issue AT instructions like KVM does in non-secure state (which triggered the bug in the previous patch). --- target/arm/internals.h | 18 +++++++++--------- target/arm/helper.c | 27 ++++++++++++--------------- target/arm/ptw.c | 12 ++++++------ 3 files changed, 27 insertions(+), 30 deletions(-) diff --git a/target/arm/internals.h b/target/arm/internals.h index fc90c364f7..cf13bb94f5 100644 --- a/target/arm/internals.h +++ b/target/arm/internals.h @@ -1217,24 +1217,24 @@ bool get_phys_addr(CPUARMState *env, target_ulong address, __attribute__((nonnull)); /** - * get_phys_addr_with_secure_nogpc: get the physical address for a virtual - * address + * get_phys_addr_with_space_nogpc: get the physical address for a virtual + * address * @env: CPUARMState * @address: virtual address to get physical address for * @access_type: 0 for read, 1 for write, 2 for execute * @mmu_idx: MMU index indicating required translation regime - * @is_secure: security state for the access + * @space: security space for the access * @result: set on translation success. * @fi: set to fault info if the translation fails * - * Similar to get_phys_addr, but use the given security regime and don't perform + * Similar to get_phys_addr, but use the given security space and don't perform * a Granule Protection Check on the resulting address. */ -bool get_phys_addr_with_secure_nogpc(CPUARMState *env, target_ulong address, - MMUAccessType access_type, - ARMMMUIdx mmu_idx, bool is_secure, - GetPhysAddrResult *result, - ARMMMUFaultInfo *fi) +bool get_phys_addr_with_space_nogpc(CPUARMState *env, target_ulong address, + MMUAccessType access_type, + ARMMMUIdx mmu_idx, ARMSecuritySpace space, + GetPhysAddrResult *result, + ARMMMUFaultInfo *fi) __attribute__((nonnull)); bool pmsav8_mpu_lookup(CPUARMState *env, uint32_t address, diff --git a/target/arm/helper.c b/target/arm/helper.c index 3ee2bb5fe1..2017b11795 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -3357,7 +3357,7 @@ static int par_el1_shareability(GetPhysAddrResult *res) static uint64_t do_ats_write(CPUARMState *env, uint64_t value, MMUAccessType access_type, ARMMMUIdx mmu_idx, - bool is_secure) + ARMSecuritySpace ss) { bool ret; uint64_t par64; @@ -3369,8 +3369,8 @@ static uint64_t do_ats_write(CPUARMState *env, uint64_t value, * I_MXTJT: Granule protection checks are not performed on the final address * of a successful translation. */ - ret = get_phys_addr_with_secure_nogpc(env, value, access_type, mmu_idx, - is_secure, &res, &fi); + ret = get_phys_addr_with_space_nogpc(env, value, access_type, mmu_idx, ss, + &res, &fi); /* * ATS operations only do S1 or S1+S2 translations, so we never @@ -3535,7 +3535,7 @@ static void ats_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value) uint64_t par64; ARMMMUIdx mmu_idx; int el = arm_current_el(env); - bool secure = arm_is_secure_below_el3(env); + ARMSecuritySpace ss = arm_security_space(env); switch (ri->opc2 & 6) { case 0: @@ -3543,10 +3543,9 @@ static void ats_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value) switch (el) { case 3: mmu_idx = ARMMMUIdx_E3; - secure = true; break; case 2: - g_assert(!secure); /* ARMv8.4-SecEL2 is 64-bit only */ + g_assert(ss != ARMSS_Secure); /* ARMv8.4-SecEL2 is 64-bit only */ /* fall through */ case 1: if (ri->crm == 9 && (env->uncached_cpsr & CPSR_PAN)) { @@ -3564,10 +3563,9 @@ static void ats_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value) switch (el) { case 3: mmu_idx = ARMMMUIdx_E10_0; - secure = true; break; case 2: - g_assert(!secure); /* ARMv8.4-SecEL2 is 64-bit only */ + g_assert(ss != ARMSS_Secure); /* ARMv8.4-SecEL2 is 64-bit only */ mmu_idx = ARMMMUIdx_Stage1_E0; break; case 1: @@ -3580,18 +3578,18 @@ static void ats_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value) case 4: /* stage 1+2 NonSecure PL1: ATS12NSOPR, ATS12NSOPW */ mmu_idx = ARMMMUIdx_E10_1; - secure = false; + ss = ARMSS_NonSecure; break; case 6: /* stage 1+2 NonSecure PL0: ATS12NSOUR, ATS12NSOUW */ mmu_idx = ARMMMUIdx_E10_0; - secure = false; + ss = ARMSS_NonSecure; break; default: g_assert_not_reached(); } - par64 = do_ats_write(env, value, access_type, mmu_idx, secure); + par64 = do_ats_write(env, value, access_type, mmu_idx, ss); A32_BANKED_CURRENT_REG_SET(env, par, par64); #else @@ -3608,7 +3606,8 @@ static void ats1h_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t par64; /* There is no SecureEL2 for AArch32. */ - par64 = do_ats_write(env, value, access_type, ARMMMUIdx_E2, false); + par64 = do_ats_write(env, value, access_type, ARMMMUIdx_E2, + ARMSS_NonSecure); A32_BANKED_CURRENT_REG_SET(env, par, par64); #else @@ -3633,7 +3632,6 @@ static void ats_write64(CPUARMState *env, const ARMCPRegInfo *ri, #ifdef CONFIG_TCG MMUAccessType access_type = ri->opc2 & 1 ? MMU_DATA_STORE : MMU_DATA_LOAD; ARMMMUIdx mmu_idx; - int secure = arm_is_secure_below_el3(env); uint64_t hcr_el2 = arm_hcr_el2_eff(env); bool regime_e20 = (hcr_el2 & (HCR_E2H | HCR_TGE)) == (HCR_E2H | HCR_TGE); @@ -3653,7 +3651,6 @@ static void ats_write64(CPUARMState *env, const ARMCPRegInfo *ri, break; case 6: /* AT S1E3R, AT S1E3W */ mmu_idx = ARMMMUIdx_E3; - secure = true; break; default: g_assert_not_reached(); @@ -3673,7 +3670,7 @@ static void ats_write64(CPUARMState *env, const ARMCPRegInfo *ri, } env->cp15.par_el[1] = do_ats_write(env, value, access_type, - mmu_idx, secure); + mmu_idx, arm_security_space(env)); #else /* Handled by hardware accelerator. */ g_assert_not_reached(); diff --git a/target/arm/ptw.c b/target/arm/ptw.c index 1aef2b8cef..d0270776be 100644 --- a/target/arm/ptw.c +++ b/target/arm/ptw.c @@ -3412,15 +3412,15 @@ static bool get_phys_addr_gpc(CPUARMState *env, S1Translate *ptw, return false; } -bool get_phys_addr_with_secure_nogpc(CPUARMState *env, target_ulong address, - MMUAccessType access_type, - ARMMMUIdx mmu_idx, bool is_secure, - GetPhysAddrResult *result, - ARMMMUFaultInfo *fi) +bool get_phys_addr_with_space_nogpc(CPUARMState *env, target_ulong address, + MMUAccessType access_type, + ARMMMUIdx mmu_idx, ARMSecuritySpace space, + GetPhysAddrResult *result, + ARMMMUFaultInfo *fi) { S1Translate ptw = { .in_mmu_idx = mmu_idx, - .in_space = arm_secure_to_space(is_secure), + .in_space = space, }; return get_phys_addr_nogpc(env, &ptw, address, access_type, result, fi); } From patchwork Wed Jul 19 15:30:19 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jean-Philippe Brucker X-Patchwork-Id: 13319153 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 8FF0AEB64DA for ; Wed, 19 Jul 2023 15:57:49 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qM9Xz-00039G-Cz; Wed, 19 Jul 2023 11:57:03 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qM9Xq-00036Y-Mv for qemu-devel@nongnu.org; Wed, 19 Jul 2023 11:56:54 -0400 Received: from mail-wm1-x332.google.com ([2a00:1450:4864:20::332]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1qM9Xl-0007J3-88 for qemu-devel@nongnu.org; Wed, 19 Jul 2023 11:56:54 -0400 Received: by mail-wm1-x332.google.com with SMTP id 5b1f17b1804b1-3fc02a92dcfso66272925e9.0 for ; Wed, 19 Jul 2023 08:56:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1689782207; x=1690387007; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=YiCD4uNJS7qGPlDJ8wSaAHyyMfjOlkg6Lkn5GrdcJ70=; b=gD7+eh4JUBLFGbkWg0JGhNFJGne2eSesOD32ofB/SgHT228XT/DDSlJeYxkGel6y1M tAAZr/Da9d2lJQcAPcGGMy22lDog02M3UGozKmhtsLlGAtz42DkZ4og5MR9UceR31mq0 4C6KTOhup24ybK510uYks7WMM2mvU+gb8Yw3l+n7+OcQoFvny0ufU+KLwCgCkZY76ZGq gIL4Ql6d/RYY9z6SZX/P4omHQ0nSITfAwh4vC+5qMqEM6cZnvtF5oCpN9ZEr8Ud4EidH 113lAMwBGVoMiJqiT+pBJTRcXX1OfYPqIMHwunF+t80DM1kimGAZY5xbIZ7ApSZmPTEF QXLQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689782207; x=1690387007; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=YiCD4uNJS7qGPlDJ8wSaAHyyMfjOlkg6Lkn5GrdcJ70=; b=klKD1cLgv+w3Dl8BovXI3yTp4rho50bhvFqA9F4PRZ/+VhGZamKyMxqpwuiMNp8s+0 x6RnI06Ut+xyIXLPmgsSwp2xbeIKQKZ1zYuPfK2RkKrzGXcrZ9gyVNi9kN3KCkFG7HKl 7FkGzCCevbDZ6N4NY94uXC7OeOJfsEvDyQM2x7HJ+NJsnYb35oHrRR1RkwmKH4Odutxm w3BKJPlBqAan1JmPWGJE7GJagePlLQLc6LEXeplzC1Z3fOutUKCpTINa/6B5EZ19aCr4 +hZuv7EtwEcjGZ6Ap510mMeUOKu6QtM0bzW2ny2sVPPqQEysgT1o30+lKx+5Iy72D92N ll9A== X-Gm-Message-State: ABy/qLbI9qy4f0pT1xIgy+RORqvInmaVEyIJq0rh7QPZgWAA9U/ihCNI 8BAi5dRNp24N5mJyYRR/m2Ztyg== X-Google-Smtp-Source: APBJJlFeAbQromPniler+Q40S3AO/U6xTcr5K+eSmzRDG91dU4xWEnoZOIK/EzY353vcrdmM5MSjDw== X-Received: by 2002:a05:600c:2902:b0:3f9:82f:bad1 with SMTP id i2-20020a05600c290200b003f9082fbad1mr4605336wmd.40.1689782207552; Wed, 19 Jul 2023 08:56:47 -0700 (PDT) Received: from localhost.localdomain ([2.219.138.198]) by smtp.gmail.com with ESMTPSA id l14-20020a1c790e000000b003fc3b03caa4sm2351006wme.0.2023.07.19.08.56.47 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 19 Jul 2023 08:56:47 -0700 (PDT) From: Jean-Philippe Brucker To: peter.maydell@linaro.org Cc: richard.henderson@linaro.org, qemu-arm@nongnu.org, qemu-devel@nongnu.org, Jean-Philippe Brucker Subject: [PATCH 5/5] target/arm/helper: Implement CNTHCTL_EL2.CNT[VP]MASK Date: Wed, 19 Jul 2023 16:30:19 +0100 Message-ID: <20230719153018.1456180-7-jean-philippe@linaro.org> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20230719153018.1456180-2-jean-philippe@linaro.org> References: <20230719153018.1456180-2-jean-philippe@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::332; envelope-from=jean-philippe@linaro.org; helo=mail-wm1-x332.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org When FEAT_RME is implemented, these bits override the value of CNT[VP]_CTL_EL0.IMASK in Realm and Root state. Signed-off-by: Jean-Philippe Brucker --- target/arm/helper.c | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/target/arm/helper.c b/target/arm/helper.c index 2017b11795..5b173a827f 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -2608,6 +2608,23 @@ static uint64_t gt_get_countervalue(CPUARMState *env) return qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) / gt_cntfrq_period_ns(cpu); } +static bool gt_is_masked(CPUARMState *env, int timeridx) +{ + ARMSecuritySpace ss = arm_security_space(env); + + /* + * If bits CNTHCTL_EL2.CNT[VP]MASK are set, they override + * CNT[VP]_CTL_EL0.IMASK. They are RES0 in Secure and NonSecure state. + */ + if ((ss == ARMSS_Root || ss == ARMSS_Realm) && + ((timeridx == GTIMER_VIRT && extract64(env->cp15.cnthctl_el2, 18, 1)) || + (timeridx == GTIMER_PHYS && extract64(env->cp15.cnthctl_el2, 19, 1)))) { + return true; + } + + return env->cp15.c14_timer[timeridx].ctl & 2; +} + static void gt_recalc_timer(ARMCPU *cpu, int timeridx) { ARMGenericTimer *gt = &cpu->env.cp15.c14_timer[timeridx]; @@ -2627,7 +2644,7 @@ static void gt_recalc_timer(ARMCPU *cpu, int timeridx) gt->ctl = deposit32(gt->ctl, 2, 1, istatus); - irqstate = (istatus && !(gt->ctl & 2)); + irqstate = (istatus && !gt_is_masked(&cpu->env, timeridx)); qemu_set_irq(cpu->gt_timer_outputs[timeridx], irqstate); if (istatus) { @@ -2759,7 +2776,7 @@ static void gt_ctl_write(CPUARMState *env, const ARMCPRegInfo *ri, * IMASK toggled: don't need to recalculate, * just set the interrupt line based on ISTATUS */ - int irqstate = (oldval & 4) && !(value & 2); + int irqstate = (oldval & 4) && !gt_is_masked(env, timeridx); trace_arm_gt_imask_toggle(timeridx, irqstate); qemu_set_irq(cpu->gt_timer_outputs[timeridx], irqstate);