target/ppc/mmu-hash64.c | 2 +- target/ppc/mmu-hash64.h | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-)
When updating the R bit of a PTE, the Hash64 MMU was using a wrong byte
offset, causing the first byte of the adjacent PTE to be corrupted.
This caused a panic when booting FreeBSD, using the Hash MMU.
Fixes: a2dd4e83e76b ("ppc/hash64: Rework R and C bit updates")
Signed-off-by: Leandro Lupori <leandro.lupori@eldorado.org.br>
---
Changes from v1:
- Add and use a new define for the byte offset of PTE bit R
---
target/ppc/mmu-hash64.c | 2 +-
target/ppc/mmu-hash64.h | 3 +++
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/target/ppc/mmu-hash64.c b/target/ppc/mmu-hash64.c
index 19832c4b46..0968927744 100644
--- a/target/ppc/mmu-hash64.c
+++ b/target/ppc/mmu-hash64.c
@@ -786,7 +786,7 @@ static void ppc_hash64_set_dsi(CPUState *cs, int mmu_idx, uint64_t dar, uint64_t
static void ppc_hash64_set_r(PowerPCCPU *cpu, hwaddr ptex, uint64_t pte1)
{
- hwaddr base, offset = ptex * HASH_PTE_SIZE_64 + 16;
+ hwaddr base, offset = ptex * HASH_PTE_SIZE_64 + HPTE64_R_R_BYTE_OFFSET;
if (cpu->vhyp) {
PPCVirtualHypervisorClass *vhc =
diff --git a/target/ppc/mmu-hash64.h b/target/ppc/mmu-hash64.h
index c5b2f97ff7..40bb901262 100644
--- a/target/ppc/mmu-hash64.h
+++ b/target/ppc/mmu-hash64.h
@@ -97,6 +97,9 @@ void ppc_hash64_finalize(PowerPCCPU *cpu);
#define HPTE64_V_1TB_SEG 0x4000000000000000ULL
#define HPTE64_V_VRMA_MASK 0x4001ffffff000000ULL
+/* PTE byte offsets */
+#define HPTE64_R_R_BYTE_OFFSET 14
+
/* Format changes for ARCH v3 */
#define HPTE64_V_COMMON_BITS 0x000fffffffffffffULL
#define HPTE64_R_3_0_SSIZE_SHIFT 58
--
2.25.1
On Thu, Nov 25, 2021 at 03:33:22PM -0300, Leandro Lupori wrote:
> When updating the R bit of a PTE, the Hash64 MMU was using a wrong byte
> offset, causing the first byte of the adjacent PTE to be corrupted.
> This caused a panic when booting FreeBSD, using the Hash MMU.
>
> Fixes: a2dd4e83e76b ("ppc/hash64: Rework R and C bit updates")
> Signed-off-by: Leandro Lupori <leandro.lupori@eldorado.org.br>
If you're introducing the constant, it would make sense to also use it
in spapr_hpte_set_r().
> ---
> Changes from v1:
> - Add and use a new define for the byte offset of PTE bit R
> ---
> target/ppc/mmu-hash64.c | 2 +-
> target/ppc/mmu-hash64.h | 3 +++
> 2 files changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/target/ppc/mmu-hash64.c b/target/ppc/mmu-hash64.c
> index 19832c4b46..0968927744 100644
> --- a/target/ppc/mmu-hash64.c
> +++ b/target/ppc/mmu-hash64.c
> @@ -786,7 +786,7 @@ static void ppc_hash64_set_dsi(CPUState *cs, int mmu_idx, uint64_t dar, uint64_t
>
> static void ppc_hash64_set_r(PowerPCCPU *cpu, hwaddr ptex, uint64_t pte1)
> {
> - hwaddr base, offset = ptex * HASH_PTE_SIZE_64 + 16;
> + hwaddr base, offset = ptex * HASH_PTE_SIZE_64 + HPTE64_R_R_BYTE_OFFSET;
>
> if (cpu->vhyp) {
> PPCVirtualHypervisorClass *vhc =
> diff --git a/target/ppc/mmu-hash64.h b/target/ppc/mmu-hash64.h
> index c5b2f97ff7..40bb901262 100644
> --- a/target/ppc/mmu-hash64.h
> +++ b/target/ppc/mmu-hash64.h
> @@ -97,6 +97,9 @@ void ppc_hash64_finalize(PowerPCCPU *cpu);
> #define HPTE64_V_1TB_SEG 0x4000000000000000ULL
> #define HPTE64_V_VRMA_MASK 0x4001ffffff000000ULL
>
> +/* PTE byte offsets */
> +#define HPTE64_R_R_BYTE_OFFSET 14
> +
> /* Format changes for ARCH v3 */
> #define HPTE64_V_COMMON_BITS 0x000fffffffffffffULL
> #define HPTE64_R_3_0_SSIZE_SHIFT 58
--
David Gibson | I'll have my music baroque, and my code
david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson
Hello,
Curiously, I didn't get the v2 email.
On 11/26/21 02:13, David Gibson wrote:
> On Thu, Nov 25, 2021 at 03:33:22PM -0300, Leandro Lupori wrote:
>> When updating the R bit of a PTE, the Hash64 MMU was using a wrong byte
>> offset, causing the first byte of the adjacent PTE to be corrupted.
>> This caused a panic when booting FreeBSD, using the Hash MMU.
>>
>> Fixes: a2dd4e83e76b ("ppc/hash64: Rework R and C bit updates")
>> Signed-off-by: Leandro Lupori <leandro.lupori@eldorado.org.br>
>
> If you're introducing the constant, it would make sense to also use it
> in spapr_hpte_set_r().
I agree and please add one for the C bit also since it's the same
kind of twiddling.
Thanks,
C.
>> ---
>> Changes from v1:
>> - Add and use a new define for the byte offset of PTE bit R
>> ---
>> target/ppc/mmu-hash64.c | 2 +-
>> target/ppc/mmu-hash64.h | 3 +++
>> 2 files changed, 4 insertions(+), 1 deletion(-)
>>
>> diff --git a/target/ppc/mmu-hash64.c b/target/ppc/mmu-hash64.c
>> index 19832c4b46..0968927744 100644
>> --- a/target/ppc/mmu-hash64.c
>> +++ b/target/ppc/mmu-hash64.c
>> @@ -786,7 +786,7 @@ static void ppc_hash64_set_dsi(CPUState *cs, int mmu_idx, uint64_t dar, uint64_t
>>
>> static void ppc_hash64_set_r(PowerPCCPU *cpu, hwaddr ptex, uint64_t pte1)
>> {
>> - hwaddr base, offset = ptex * HASH_PTE_SIZE_64 + 16;
>> + hwaddr base, offset = ptex * HASH_PTE_SIZE_64 + HPTE64_R_R_BYTE_OFFSET;
>>
>> if (cpu->vhyp) {
>> PPCVirtualHypervisorClass *vhc =
>> diff --git a/target/ppc/mmu-hash64.h b/target/ppc/mmu-hash64.h
>> index c5b2f97ff7..40bb901262 100644
>> --- a/target/ppc/mmu-hash64.h
>> +++ b/target/ppc/mmu-hash64.h
>> @@ -97,6 +97,9 @@ void ppc_hash64_finalize(PowerPCCPU *cpu);
>> #define HPTE64_V_1TB_SEG 0x4000000000000000ULL
>> #define HPTE64_V_VRMA_MASK 0x4001ffffff000000ULL
>>
>> +/* PTE byte offsets */
>> +#define HPTE64_R_R_BYTE_OFFSET 14>> +
>> /* Format changes for ARCH v3 */
>> #define HPTE64_V_COMMON_BITS 0x000fffffffffffffULL
>> #define HPTE64_R_3_0_SSIZE_SHIFT 58
>
On 26/11/2021 06:18, Cédric Le Goater wrote: > > Hello, > > Curiously, I didn't get the v2 email. > I've received an e-mail from postmaster, saying that delivery to recipients @kaod.org have been delayed, but I don't know why.
On 11/25/21 15:33, Leandro Lupori wrote:
> When updating the R bit of a PTE, the Hash64 MMU was using a wrong byte
> offset, causing the first byte of the adjacent PTE to be corrupted.
> This caused a panic when booting FreeBSD, using the Hash MMU.
>
> Fixes: a2dd4e83e76b ("ppc/hash64: Rework R and C bit updates")
> Signed-off-by: Leandro Lupori <leandro.lupori@eldorado.org.br>
> ---
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
> Changes from v1:
> - Add and use a new define for the byte offset of PTE bit R
> ---
> target/ppc/mmu-hash64.c | 2 +-
> target/ppc/mmu-hash64.h | 3 +++
> 2 files changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/target/ppc/mmu-hash64.c b/target/ppc/mmu-hash64.c
> index 19832c4b46..0968927744 100644
> --- a/target/ppc/mmu-hash64.c
> +++ b/target/ppc/mmu-hash64.c
> @@ -786,7 +786,7 @@ static void ppc_hash64_set_dsi(CPUState *cs, int mmu_idx, uint64_t dar, uint64_t
>
> static void ppc_hash64_set_r(PowerPCCPU *cpu, hwaddr ptex, uint64_t pte1)
> {
> - hwaddr base, offset = ptex * HASH_PTE_SIZE_64 + 16;
> + hwaddr base, offset = ptex * HASH_PTE_SIZE_64 + HPTE64_R_R_BYTE_OFFSET;
>
> if (cpu->vhyp) {
> PPCVirtualHypervisorClass *vhc =
> diff --git a/target/ppc/mmu-hash64.h b/target/ppc/mmu-hash64.h
> index c5b2f97ff7..40bb901262 100644
> --- a/target/ppc/mmu-hash64.h
> +++ b/target/ppc/mmu-hash64.h
> @@ -97,6 +97,9 @@ void ppc_hash64_finalize(PowerPCCPU *cpu);
> #define HPTE64_V_1TB_SEG 0x4000000000000000ULL
> #define HPTE64_V_VRMA_MASK 0x4001ffffff000000ULL
>
> +/* PTE byte offsets */
> +#define HPTE64_R_R_BYTE_OFFSET 14
> +
> /* Format changes for ARCH v3 */
> #define HPTE64_V_COMMON_BITS 0x000fffffffffffffULL
> #define HPTE64_R_3_0_SSIZE_SHIFT 58
>
© 2016 - 2026 Red Hat, Inc.