| 1 | This bug seemed worth fixing for 8.0 since we need an rc4 anyway: | 1 | v2: minor tweak to fix format string issue on Windows hosts... |
|---|---|---|---|
| 2 | we were using uninitialized data for the guarded bit when | ||
| 3 | combining stage 1 and stage 2 attrs. | ||
| 4 | 2 | ||
| 5 | thanks | ||
| 6 | -- PMM | ||
| 7 | 3 | ||
| 8 | The following changes since commit 08dede07030973c1053868bc64de7e10bfa02ad6: | 4 | The following changes since commit 6eeea6725a70e6fcb5abba0764496bdab07ddfb3: |
| 9 | 5 | ||
| 10 | Merge tag 'pull-ppc-20230409' of https://github.com/legoater/qemu into staging (2023-04-10 11:47:52 +0100) | 6 | Merge remote-tracking branch 'remotes/huth-gitlab/tags/pull-request-2020-10-06' into staging (2020-10-06 21:13:34 +0100) |
| 11 | 7 | ||
| 12 | are available in the Git repository at: | 8 | are available in the Git repository at: |
| 13 | 9 | ||
| 14 | https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20230410 | 10 | https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20201008-1 |
| 15 | 11 | ||
| 16 | for you to fetch changes up to 8539dc00552e8ea60420856fc1262c8299bc6308: | 12 | for you to fetch changes up to d1b6b7017572e8d82f26eb827a1dba0e8cf3cae6: |
| 17 | 13 | ||
| 18 | target/arm: Copy guarded bit in combine_cacheattrs (2023-04-10 14:31:40 +0100) | 14 | target/arm: Make '-cpu max' have a 48-bit PA (2020-10-08 21:40:01 +0100) |
| 19 | 15 | ||
| 20 | ---------------------------------------------------------------- | 16 | ---------------------------------------------------------------- |
| 21 | target-arm: Fix bug where we weren't initializing | 17 | target-arm queue: |
| 22 | guarded bit state when combining S1/S2 attrs | 18 | * hw/ssi/npcm7xx_fiu: Fix handling of unsigned integer |
| 19 | * hw/arm/fsl-imx25: Fix a typo | ||
| 20 | * hw/arm/sbsa-ref : Fix SMMUv3 Initialisation | ||
| 21 | * hw/arm/sbsa-ref : allocate IRQs for SMMUv3 | ||
| 22 | * hw/char/bcm2835_aux: Allow less than 32-bit accesses | ||
| 23 | * hw/arm/virt: Implement kvm-steal-time | ||
| 24 | * target/arm: Make '-cpu max' have a 48-bit PA | ||
| 23 | 25 | ||
| 24 | ---------------------------------------------------------------- | 26 | ---------------------------------------------------------------- |
| 25 | Richard Henderson (2): | 27 | Andrew Jones (6): |
| 26 | target/arm: PTE bit GP only applies to stage1 | 28 | linux headers: sync to 5.9-rc7 |
| 27 | target/arm: Copy guarded bit in combine_cacheattrs | 29 | target/arm/kvm: Make uncalled stubs explicitly unreachable |
| 30 | hw/arm/virt: Move post cpu realize check into its own function | ||
| 31 | hw/arm/virt: Move kvm pmu setup to virt_cpu_post_init | ||
| 32 | tests/qtest: Restore aarch64 arm-cpu-features test | ||
| 33 | hw/arm/virt: Implement kvm-steal-time | ||
| 28 | 34 | ||
| 29 | target/arm/ptw.c | 11 ++++++----- | 35 | Graeme Gregory (2): |
| 30 | 1 file changed, 6 insertions(+), 5 deletions(-) | 36 | hw/arm/sbsa-ref : Fix SMMUv3 Initialisation |
| 37 | hw/arm/sbsa-ref : allocate IRQs for SMMUv3 | ||
| 38 | |||
| 39 | Peter Maydell (1): | ||
| 40 | target/arm: Make '-cpu max' have a 48-bit PA | ||
| 41 | |||
| 42 | Philippe Mathieu-Daudé (3): | ||
| 43 | hw/ssi/npcm7xx_fiu: Fix handling of unsigned integer | ||
| 44 | hw/arm/fsl-imx25: Fix a typo | ||
| 45 | hw/char/bcm2835_aux: Allow less than 32-bit accesses | ||
| 46 | |||
| 47 | docs/system/arm/cpu-features.rst | 11 ++++ | ||
| 48 | include/hw/arm/fsl-imx25.h | 2 +- | ||
| 49 | include/hw/arm/virt.h | 5 ++ | ||
| 50 | linux-headers/linux/kvm.h | 6 ++- | ||
| 51 | target/arm/cpu.h | 4 ++ | ||
| 52 | target/arm/kvm_arm.h | 94 ++++++++++++++++++++++++++------- | ||
| 53 | hw/arm/sbsa-ref.c | 3 +- | ||
| 54 | hw/arm/virt.c | 111 ++++++++++++++++++++++++++++----------- | ||
| 55 | hw/char/bcm2835_aux.c | 4 +- | ||
| 56 | hw/ssi/npcm7xx_fiu.c | 12 ++--- | ||
| 57 | target/arm/cpu.c | 8 +++ | ||
| 58 | target/arm/cpu64.c | 4 ++ | ||
| 59 | target/arm/kvm.c | 16 ++++++ | ||
| 60 | target/arm/kvm64.c | 64 ++++++++++++++++++++-- | ||
| 61 | target/arm/monitor.c | 2 +- | ||
| 62 | tests/qtest/arm-cpu-features.c | 25 +++++++-- | ||
| 63 | hw/ssi/trace-events | 2 +- | ||
| 64 | tests/qtest/meson.build | 3 +- | ||
| 65 | 18 files changed, 304 insertions(+), 72 deletions(-) | ||
| 66 | diff view generated by jsdifflib |
Deleted patch | |||
|---|---|---|---|
| 1 | From: Richard Henderson <richard.henderson@linaro.org> | ||
| 2 | 1 | ||
| 3 | Only perform the extract of GP during the stage1 walk. | ||
| 4 | |||
| 5 | Reported-by: Peter Maydell <peter.maydell@linaro.org> | ||
| 6 | Signed-off-by: Richard Henderson <richard.henderson@linaro.org> | ||
| 7 | Reviewed-by: Peter Maydell <peter.maydell@linaro.org> | ||
| 8 | Message-id: 20230407185149.3253946-2-richard.henderson@linaro.org | ||
| 9 | Signed-off-by: Peter Maydell <peter.maydell@linaro.org> | ||
| 10 | --- | ||
| 11 | target/arm/ptw.c | 10 +++++----- | ||
| 12 | 1 file changed, 5 insertions(+), 5 deletions(-) | ||
| 13 | |||
| 14 | diff --git a/target/arm/ptw.c b/target/arm/ptw.c | ||
| 15 | index XXXXXXX..XXXXXXX 100644 | ||
| 16 | --- a/target/arm/ptw.c | ||
| 17 | +++ b/target/arm/ptw.c | ||
| 18 | @@ -XXX,XX +XXX,XX @@ static bool get_phys_addr_lpae(CPUARMState *env, S1Translate *ptw, | ||
| 19 | result->f.attrs.secure = false; | ||
| 20 | } | ||
| 21 | |||
| 22 | - /* When in aarch64 mode, and BTI is enabled, remember GP in the TLB. */ | ||
| 23 | - if (aarch64 && cpu_isar_feature(aa64_bti, cpu)) { | ||
| 24 | - result->f.guarded = extract64(attrs, 50, 1); /* GP */ | ||
| 25 | - } | ||
| 26 | - | ||
| 27 | if (regime_is_stage2(mmu_idx)) { | ||
| 28 | result->cacheattrs.is_s2_format = true; | ||
| 29 | result->cacheattrs.attrs = extract32(attrs, 2, 4); | ||
| 30 | @@ -XXX,XX +XXX,XX @@ static bool get_phys_addr_lpae(CPUARMState *env, S1Translate *ptw, | ||
| 31 | assert(attrindx <= 7); | ||
| 32 | result->cacheattrs.is_s2_format = false; | ||
| 33 | result->cacheattrs.attrs = extract64(mair, attrindx * 8, 8); | ||
| 34 | + | ||
| 35 | + /* When in aarch64 mode, and BTI is enabled, remember GP in the TLB. */ | ||
| 36 | + if (aarch64 && cpu_isar_feature(aa64_bti, cpu)) { | ||
| 37 | + result->f.guarded = extract64(attrs, 50, 1); /* GP */ | ||
| 38 | + } | ||
| 39 | } | ||
| 40 | |||
| 41 | /* | ||
| 42 | -- | ||
| 43 | 2.34.1 | diff view generated by jsdifflib |
Deleted patch | |||
|---|---|---|---|
| 1 | From: Richard Henderson <richard.henderson@linaro.org> | ||
| 2 | 1 | ||
| 3 | The guarded bit comes from the stage1 walk. | ||
| 4 | |||
| 5 | Fixes: Coverity CID 1507929 | ||
| 6 | Signed-off-by: Richard Henderson <richard.henderson@linaro.org> | ||
| 7 | Reviewed-by: Peter Maydell <peter.maydell@linaro.org> | ||
| 8 | Message-id: 20230407185149.3253946-3-richard.henderson@linaro.org | ||
| 9 | Signed-off-by: Peter Maydell <peter.maydell@linaro.org> | ||
| 10 | --- | ||
| 11 | target/arm/ptw.c | 1 + | ||
| 12 | 1 file changed, 1 insertion(+) | ||
| 13 | |||
| 14 | diff --git a/target/arm/ptw.c b/target/arm/ptw.c | ||
| 15 | index XXXXXXX..XXXXXXX 100644 | ||
| 16 | --- a/target/arm/ptw.c | ||
| 17 | +++ b/target/arm/ptw.c | ||
| 18 | @@ -XXX,XX +XXX,XX @@ static ARMCacheAttrs combine_cacheattrs(uint64_t hcr, | ||
| 19 | |||
| 20 | assert(!s1.is_s2_format); | ||
| 21 | ret.is_s2_format = false; | ||
| 22 | + ret.guarded = s1.guarded; | ||
| 23 | |||
| 24 | if (s1.attrs == 0xf0) { | ||
| 25 | tagged = true; | ||
| 26 | -- | ||
| 27 | 2.34.1 | diff view generated by jsdifflib |