From patchwork Tue Feb 1 19:32:05 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 538970 Delivered-To: patch@linaro.org Received: by 2002:ac0:f7d2:0:0:0:0:0 with SMTP id i18csp1108563imr; Tue, 1 Feb 2022 14:12:14 -0800 (PST) X-Google-Smtp-Source: ABdhPJzYwgYhjmkNp7AKITFrIRVHCNY9k2jYXFYoOdQ1LLXFMHqyluB8Ik3MhWQc6f0/XvLWgRyK X-Received: by 2002:a25:d742:: with SMTP id o63mr38378110ybg.565.1643753534522; Tue, 01 Feb 2022 14:12:14 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1643753534; cv=none; d=google.com; s=arc-20160816; b=KELhVn/E23Jp3rym2t2fpAUYTCqNcDU2LM2MeMiIbly/7q7YsIllEhG8T2N6Q0xzvZ DclcaY6QBKLcgcrFMAhHMYdrSz++ZnyISETMSFWPqlvlDduQCKJeQ6ODIYQfv0GNRWtp 8YBIfwi/vDweRLA5hCWmUbCDiziSEx8GToTPSKGDHPGV5yFPsr04qTUsg4yZg/IZ6Mwe Ypzy5B9wJYM3870DzZ00sP9iJ+xnpkVC4gN0AuPHKXsxyX3ZSheHUifP6kxlq5iPMp3W NQvH/BGvSUEdbf4oRgEtOPlkktZqeSplImtyTmt7bzR93ZwctQgIMALcZVZGWKfqepqo DRaA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :dkim-signature; bh=nPzzTIMjX8+LmKQr0pPoJuhI0Z54vBV3jrfkNEOyMpQ=; b=f/wKxvnyi2CQNlMFmSlS+/dUps+Er+7QjGt7Ig6uOpv3vLi+MGrIkmCqTuYudtC7Hg s9lxM/UkjToqPyuSWPRTcqLT8pojwJY5u3a0wV9iWB3FK8TKRnFuokkLY/FJm6s3GXC1 JZc60llzGBIaM3oBsMRIYZ9wfJ6EEwVx1OnOtbrfhqrlpbjI2+RYVKCFmF6SyvqVXam6 p60Yv1Ae5jTls9L4CwN6ikLyiP01tkHTx78GVHMwS+mc4qrR4kZ/Oaz/FfGVrhwLp2Uz q1RwaZzB+SjK5gt5P8UF1QQ0DPWWw3DgdhmfpoPLE6cPL4kK1/BLQKrKBtI16QKY8aSU rSCg== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=Oojr49pt; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id 62si38332287ybp.751.2022.02.01.14.12.14 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Tue, 01 Feb 2022 14:12:14 -0800 (PST) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=Oojr49pt; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:36616 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1nF1Nl-0003rK-Oe for patch@linaro.org; Tue, 01 Feb 2022 17:12:13 -0500 Received: from eggs.gnu.org ([209.51.188.92]:60750) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1nEytL-0001rQ-Qj for qemu-devel@nongnu.org; Tue, 01 Feb 2022 14:32:39 -0500 Received: from [2a00:1450:4864:20::334] (port=38900 helo=mail-wm1-x334.google.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1nEytI-0002Xo-1R for qemu-devel@nongnu.org; Tue, 01 Feb 2022 14:32:39 -0500 Received: by mail-wm1-x334.google.com with SMTP id o30-20020a05600c511e00b0034f4c3186f4so2818468wms.3 for ; Tue, 01 Feb 2022 11:32:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=nPzzTIMjX8+LmKQr0pPoJuhI0Z54vBV3jrfkNEOyMpQ=; b=Oojr49ptSEYDc2UEYTipQgMfjRt/UNcm4OqFRkXC6pQb6P7JNCwP/oYdgDsjNOBtCr CPTiMNNDlEfoD4p2idxWxqn0mWR1q6iK+D+wjtfd8AqHfUJnv3iJmqVQJS3hN8LVGp1R AV2pstxjV0bIyRMuFlp9hAXXoJdYX5VqL/T1h5xr2TsV42uLGQSouuArdKPjRJmVZR8V q7aUnAo+QSRFeCi0ZjsSyZIsGPfrtr/jdLJ5bU6ccb0a3AAHb/mRJ9/zoG4JwbBEMOp4 Y6XtXrpBIh/6qtlt2RRa/oOxw6txvdnZ8j6xBSFel1Lnv5C0K2X1QXysMKrk2IcMKEbP TUFw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=nPzzTIMjX8+LmKQr0pPoJuhI0Z54vBV3jrfkNEOyMpQ=; b=FWLHiDff8DpJISLSNAeF7kEhinhxpje6KQK2ZjmNmL4E+Um+sxyB0gui7cyClkxm1c tm/+ffySCAv7nqHIVOwWJQTjFybTd3tacJOu6sUV4KgVqBoZy9F56csF36PXzCAw8hUp ogg/VgBr7EdygRdAsg5owBJQyCSYBWs151ho2s0TIMo6D+KreF5NxCPRpkf22koIW3kT jVSlQ3HAlPZJ2pg/PLDECrZqx1q05EChOdOE35ZwWGTdKwv2lahOhGZshHQJg2WDni3Z itVeXcU/ewy/RRbV8f2scNRbviE6vMpfywBBNIQX4HVJIwuZ1j0m7e5ia4ixnKhxhmtA U7Ng== X-Gm-Message-State: AOAM533nkBEE0DnXkjzsqb9T7OFDGpPEDTW+b9RCH/gAemibi0YSQlk/ ZOh6DXryEajA7afNmJrdZ3GG0w== X-Received: by 2002:a05:600c:ac7:: with SMTP id c7mr3128130wmr.61.1643743939232; Tue, 01 Feb 2022 11:32:19 -0800 (PST) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id z5sm3491265wmp.10.2022.02.01.11.32.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 01 Feb 2022 11:32:18 -0800 (PST) From: Peter Maydell To: qemu-arm@nongnu.org, qemu-devel@nongnu.org Subject: [PATCH 11/13] hw/intc/arm_gicv3_its: In MAPC with V=0, don't check rdbase field Date: Tue, 1 Feb 2022 19:32:05 +0000 Message-Id: <20220201193207.2771604-12-peter.maydell@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220201193207.2771604-1-peter.maydell@linaro.org> References: <20220201193207.2771604-1-peter.maydell@linaro.org> MIME-Version: 1.0 X-Host-Lookup-Failed: Reverse DNS lookup failed for 2a00:1450:4864:20::334 (failed) Received-SPF: pass client-ip=2a00:1450:4864:20::334; envelope-from=peter.maydell@linaro.org; helo=mail-wm1-x334.google.com X-Spam_score_int: -12 X-Spam_score: -1.3 X-Spam_bar: - X-Spam_report: (-1.3 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, PDS_HP_HELO_NORDNS=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RDNS_NONE=0.793, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Richard Henderson , Shashi Mallela , =?utf-8?q?Alex_Benn=C3=A9e?= Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" In the MAPC command, if V=0 this is a request to delete a collection table entry and the rdbase field of the command packet will not be used. In particular, the specification says that the "UNPREDICTABLE if rdbase is not valid" only applies for V=1. We were doing a check-and-log-guest-error on rdbase regardless of whether the V bit was set, and also (harmlessly but confusingly) storing the contents of the rdbase field into the updated collection table entry. Update the code so that if V=0 we don't check or use the rdbase field value. Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson --- hw/intc/arm_gicv3_its.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/hw/intc/arm_gicv3_its.c b/hw/intc/arm_gicv3_its.c index 9735d609df2..069991f7f36 100644 --- a/hw/intc/arm_gicv3_its.c +++ b/hw/intc/arm_gicv3_its.c @@ -468,21 +468,21 @@ static ItsCmdResult process_mapc(GICv3ITSState *s, const uint64_t *cmdpkt) CTEntry cte; icid = cmdpkt[2] & ICID_MASK; - - cte.rdbase = (cmdpkt[2] & R_MAPC_RDBASE_MASK) >> R_MAPC_RDBASE_SHIFT; - cte.rdbase &= RDBASE_PROCNUM_MASK; - cte.valid = cmdpkt[2] & CMD_FIELD_VALID_MASK; + if (cte.valid) { + cte.rdbase = (cmdpkt[2] & R_MAPC_RDBASE_MASK) >> R_MAPC_RDBASE_SHIFT; + cte.rdbase &= RDBASE_PROCNUM_MASK; + } else { + cte.rdbase = 0; + } - if ((icid >= s->ct.num_entries) || (cte.rdbase >= s->gicv3->num_cpu)) { + if (icid >= s->ct.num_entries) { + qemu_log_mask(LOG_GUEST_ERROR, "ITS MAPC: invalid ICID 0x%d", icid); + return CMD_CONTINUE; + } + if (cte.valid && cte.rdbase >= s->gicv3->num_cpu) { qemu_log_mask(LOG_GUEST_ERROR, - "ITS MAPC: invalid collection table attributes " - "icid %d rdbase %u\n", icid, cte.rdbase); - /* - * in this implementation, in case of error - * we ignore this command and move onto the next - * command in the queue - */ + "ITS MAPC: invalid RDBASE %u ", cte.rdbase); return CMD_CONTINUE; }