accel/hvf: Do not abort in hvf_arm_get_*_ipa_bit_size()

[PATCH-for-10.1 2/3] accel/hvf: Do not abort in hvf_arm_get_*_ipa_bit_size()

Posted by Philippe Mathieu-Daudé 4 months ago

Do not abort in hvf_arm_get_default_ipa_bit_size()
and hvf_arm_get_max_ipa_bit_size() when the IPA can
not be fetched. Return 0 (and document it).

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
---
 target/arm/hvf_arm.h | 11 +++++++++++
 target/arm/hvf/hvf.c |  8 ++------
 2 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/target/arm/hvf_arm.h b/target/arm/hvf_arm.h
index ea82f2691df..21a69e7d105 100644
--- a/target/arm/hvf_arm.h
+++ b/target/arm/hvf_arm.h
@@ -22,7 +22,18 @@ void hvf_arm_init_debug(void);
 
 void hvf_arm_set_cpu_features_from_host(ARMCPU *cpu);
 
+/**
+ * hvf_arm_get_default_ipa_bit_size:
+ *
+ * Returns the default intermediate physical address bit length or 0 on error.
+ */
 uint32_t hvf_arm_get_default_ipa_bit_size(void);
+
+/**
+ * hvf_arm_get_max_ipa_bit_size:
+ *
+ * Returns the maximum intermediate physical address bit length or 0 on error.
+ */
 uint32_t hvf_arm_get_max_ipa_bit_size(void);
 
 #endif
diff --git a/target/arm/hvf/hvf.c b/target/arm/hvf/hvf.c
index c9cfcdc08bb..180fd94def2 100644
--- a/target/arm/hvf/hvf.c
+++ b/target/arm/hvf/hvf.c
@@ -943,24 +943,20 @@ uint32_t hvf_arm_get_default_ipa_bit_size(void)
 {
     uint32_t default_ipa_size;
     hv_return_t ret = hv_vm_config_get_default_ipa_size(&default_ipa_size);
-    assert_hvf_ok(ret);
-
-    return default_ipa_size;
+    return ret == HV_SUCCESS ? default_ipa_size : 0;
 }
 
 uint32_t hvf_arm_get_max_ipa_bit_size(void)
 {
     uint32_t max_ipa_size;
     hv_return_t ret = hv_vm_config_get_max_ipa_size(&max_ipa_size);
-    assert_hvf_ok(ret);
-
     /*
      * We clamp any IPA size we want to back the VM with to a valid PARange
      * value so the guest doesn't try and map memory outside of the valid range.
      * This logic just clamps the passed in IPA bit size to the first valid
      * PARange value <= to it.
      */
-    return round_down_to_parange_bit_size(max_ipa_size);
+    return ret == HV_SUCCESS ? round_down_to_parange_bit_size(max_ipa_size) : 0;
 }
 
 void hvf_arm_set_cpu_features_from_host(ARMCPU *cpu)
-- 
2.49.0

Re: [PATCH-for-10.1 2/3] accel/hvf: Do not abort in hvf_arm_get_*_ipa_bit_size()

Posted by Mads Ynddal 4 months ago

> On 16 Jul 2025, at 19.28, Philippe Mathieu-Daudé <philmd@linaro.org> wrote:
> 
> Do not abort in hvf_arm_get_default_ipa_bit_size()
> and hvf_arm_get_max_ipa_bit_size() when the IPA can
> not be fetched. Return 0 (and document it).
> 
> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
> ---
> target/arm/hvf_arm.h | 11 +++++++++++
> target/arm/hvf/hvf.c |  8 ++------
> 2 files changed, 13 insertions(+), 6 deletions(-)

I looked up the different uses of hvf_arm_get_max_ipa_bit_size. There's
an unchecked use in clamp_id_aa64mmfr0_parange_to_ipa_size, but I guess
it'll never reach that far, with your changes to
virt_hvf_get_physical_address_range.

clamp_id_aa64mmfr0_parange_to_ipa_size is already surrounded by other
hv-calls and assert_hvf_ok, so either leave it, or assert ipa_size!=0?

[PATCH-for-10.1 1/3] accel/hvf: Display executable bit as 'X'
[PATCH-for-10.1 2/3] accel/hvf: Do not abort in hvf_arm_get_*_ipa_bit_size()
[PATCH-for-10.1 3/3] hw/arm/virt: Warn when HVF doesn't report IPA bit length