From nobody Wed Apr 16 00:19:35 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1716905567; cv=none; d=zohomail.com; s=zohoarc; b=BNpj9z90Rcie7kdHx+OzWIj2doypPDr12Zsy8uWJsEG8fSQlsPbkViL/iWqzo/+oMeUlw0ghnwrWqu8JTbSblN+AD6Nxv17P6p25kMu7L4R+Esfm7ngNYhX4cP1iaqenQ85RGpe/CnF4O46XWtxTWnvvkTfIsMSNJd3jcN8FtGs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1716905567; h=Content-Type:Content-Transfer-Encoding:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To:Cc; bh=cix61aPqu8KvNLcJRTXQi8LmaQzXhkWR11FG/+cNvi0=; b=hog7WuMPa7TDvCEbBGxRFabLI+Wkycz3OuUsVLoE+qlP+dRgMXtKqcKCHW5vG049jzgUzWGkKY3uN/8ayn3Vmo6BTXH4S/eBEcGCkE7MmPOsYvm28UaXKIp4TG2dvAx7CUPmBxFKRLbQZBxiYsTlJjFQEezo0KL6PWqntmbXs+w= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1716905567180932.3928975126046; Tue, 28 May 2024 07:12:47 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sBxUi-0001W9-Dj; Tue, 28 May 2024 10:08:04 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sBxUg-0001Um-FK for qemu-devel@nongnu.org; Tue, 28 May 2024 10:08:02 -0400 Received: from mail-wr1-x435.google.com ([2a00:1450:4864:20::435]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sBxUe-00070Z-Cc for qemu-devel@nongnu.org; Tue, 28 May 2024 10:08:02 -0400 Received: by mail-wr1-x435.google.com with SMTP id ffacd0b85a97d-357d533b744so813748f8f.2 for ; Tue, 28 May 2024 07:08:00 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3564afc3577sm11361473f8f.102.2024.05.28.07.07.58 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 28 May 2024 07:07:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1716905279; x=1717510079; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=cix61aPqu8KvNLcJRTXQi8LmaQzXhkWR11FG/+cNvi0=; b=LMDnWw8JnxOoRF2pqsijhJnw717kJke9xP83Z1Vn0AE2pVdNuZ+/tn5/+6PxfTvPMY LTxIf1LGWjBUgYUXwNpCe2THaG9Ewxco3sDLhv0TqAGvoVFRMSYtchV2rbd29+o1LEFf 9ynpQharuWnIa9qXHOFvF+bZdPDWoZ5sTPQ2N8OrdMFhW9O6CNl0xhBtDGYaNXzo4zOc ur43O1Z05eEbad2zank4QbUn3/pxBpfgeXc9VWQOENwovp+AxiqqBwjY6giW5JbL4tXW mLNkI82AjA5ps1b6gKrcKhCQOB/3mrcyxCJWdU3Wvhwk+ey/a5gsoJNnlrRiBjCuQ4+P dD4g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1716905279; x=1717510079; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=cix61aPqu8KvNLcJRTXQi8LmaQzXhkWR11FG/+cNvi0=; b=jdBh8wZ2blerELxIdwqdpNQ8MW4WqOpSFDgyFh1Z1y+BRAY1C3VRuOXCjIasr2XY5X gGi7TZX1Bf4aZ44PIwlcwXzuZg3BwUQrZgeJU/IgvbercOFlzyDKxj0+hdFdkxXgo32D DcwacZBIzhSmur62liCOKTOHE7zgt8htu5Db9f172V0q9EndibOPO5Nrwr48xB+xoVNR mVtA9Axn+dAL7P7mMOlJMxLIJWcr+9I29Yz2YKfRmojOBMAuqTPKp7PSQvfIc3qSm8wP 3Rly5dsd/T/6hdPmoNoeWMZ8kjmugXyfwhRIVYemBItcQu7HjMtOi7NbD3oqXUuwDgJ4 Kq6w== X-Gm-Message-State: AOJu0Yww/UQImn+m955+cl3cm/Z6mogwL15cWJI8W3tVRzrV+/1twEcF S4/RhAFgmh9cFfB7FLxrCNjO1LzuylHxQ222AWb20VB3X103BK/3ukgtqhJhTLyOF/tr+Qev7iL y X-Google-Smtp-Source: AGHT+IG5zdJy7zjm6sDaJHWYSG3nZshYG0orQbSzDa6KcjSmQGny9P2ulGojgBXnYzRoh6iaz8+HtA== X-Received: by 2002:a5d:6911:0:b0:354:fb2a:7daf with SMTP id ffacd0b85a97d-3552fdef9cbmr9002016f8f.57.1716905279101; Tue, 28 May 2024 07:07:59 -0700 (PDT) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PULL 05/42] hw/intc/arm_gic: Fix handling of NS view of GICC_APR Date: Tue, 28 May 2024 15:07:16 +0100 Message-Id: <20240528140753.3620597-6-peter.maydell@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240528140753.3620597-1-peter.maydell@linaro.org> References: <20240528140753.3620597-1-peter.maydell@linaro.org> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2a00:1450:4864:20::435; envelope-from=peter.maydell@linaro.org; helo=mail-wr1-x435.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @linaro.org) X-ZM-MESSAGEID: 1716905569082100003 From: Andrey Shumilin In gic_cpu_read() and gic_cpu_write(), we delegate the handling of reading and writing the Non-Secure view of the GICC_APR registers to functions gic_apr_ns_view() and gic_apr_write_ns_view(). Unfortunately we got the order of the arguments wrong, swapping the CPU number and the register number (which the compiler doesn't catch because they're both integers). Most guests probably didn't notice this bug because directly accessing the APR registers is typically something only done by firmware when it is doing state save for going into a sleep mode. Correct the mismatched call arguments. Found by Linux Verification Center (linuxtesting.org) with SVACE. Cc: qemu-stable@nongnu.org Fixes: 51fd06e0ee ("hw/intc/arm_gic: Fix handling of GICC_APR, GICC_NSAP= R registers") Signed-off-by: Andrey Shumilin [PMM: Rewrote commit message] Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Alex Benn=C3=A9e --- hw/intc/arm_gic.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hw/intc/arm_gic.c b/hw/intc/arm_gic.c index 074cf50af25..e4b8437f8b8 100644 --- a/hw/intc/arm_gic.c +++ b/hw/intc/arm_gic.c @@ -1658,7 +1658,7 @@ static MemTxResult gic_cpu_read(GICState *s, int cpu,= int offset, *data =3D s->h_apr[gic_get_vcpu_real_id(cpu)]; } else if (gic_cpu_ns_access(s, cpu, attrs)) { /* NS view of GICC_APR is the top half of GIC_NSAPR */ - *data =3D gic_apr_ns_view(s, regno, cpu); + *data =3D gic_apr_ns_view(s, cpu, regno); } else { *data =3D s->apr[regno][cpu]; } @@ -1746,7 +1746,7 @@ static MemTxResult gic_cpu_write(GICState *s, int cpu= , int offset, s->h_apr[gic_get_vcpu_real_id(cpu)] =3D value; } else if (gic_cpu_ns_access(s, cpu, attrs)) { /* NS view of GICC_APR is the top half of GIC_NSAPR */ - gic_apr_write_ns_view(s, regno, cpu, value); + gic_apr_write_ns_view(s, cpu, regno, value); } else { s->apr[regno][cpu] =3D value; } --=20 2.34.1