[4/4] hw/intc/arm_gicv3: Fix writes to ICC_CTLR_EL3

Message ID	20190520162809.2677-5-peter.maydell@linaro.org
State	Superseded
Headers	show Delivered-To: patch@linaro.org Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; From: Peter Maydell <peter.maydell@linaro.org> To: qemu-arm@nongnu.org, qemu-devel@nongnu.org Date: Mon, 20 May 2019 17:28:09 +0100 Message-Id: <20190520162809.2677-5-peter.maydell@linaro.org> In-Reply-To: <20190520162809.2677-1-peter.maydell@linaro.org> References: <20190520162809.2677-1-peter.maydell@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [Qemu-devel] [PATCH 4/4] hw/intc/arm_gicv3: Fix writes to ICC_CTLR_EL3 Precedence: list Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+patch=linaro.org@nongnu.org>
Series	hw/intc/arm_gicv3: Four simple bugfixes \| expand [0/4] hw/intc/arm_gicv3: Four simple bugfixes [1/4] hw/intc/arm_gicv3: Fix decoding of ID register range [2/4] hw/intc/arm_gicv3: GICD_TYPER.SecurityExtn is RAZ if GICD_CTLR.DS == 1 [3/4] hw/intc/arm_gicv3: Fix write of ICH_VMCR_EL2.{VBPR0, VBPR1} [4/4] hw/intc/arm_gicv3: Fix writes to ICC_CTLR_EL3

Message ID

20190520162809.2677-5-peter.maydell@linaro.org

State

Superseded

Headers

Received-SPF: pass (google.com: domain of
	qemu-devel-bounces+patch=linaro.org@nongnu.org designates
	209.51.188.17 as permitted sender) client-ip=209.51.188.17; 
From: Peter Maydell <peter.maydell@linaro.org>
To: qemu-arm@nongnu.org,
	qemu-devel@nongnu.org
Date: Mon, 20 May 2019 17:28:09 +0100
Message-Id: <20190520162809.2677-5-peter.maydell@linaro.org>
In-Reply-To: <20190520162809.2677-1-peter.maydell@linaro.org>
References: <20190520162809.2677-1-peter.maydell@linaro.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Subject: [Qemu-devel] [PATCH 4/4] hw/intc/arm_gicv3: Fix writes to
	ICC_CTLR_EL3
Precedence: list
Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org
Sender: "Qemu-devel" <qemu-devel-bounces+patch=linaro.org@nongnu.org>

Series

hw/intc/arm_gicv3: Four simple bugfixes | expand

Commit Message

Peter Maydell May 20, 2019, 4:28 p.m. UTC

The ICC_CTLR_EL3 register includes some bits which are aliases
of bits in the ICC_CTLR_EL1(S) and (NS) registers. QEMU chooses
to keep those bits in the cs->icc_ctlr_el1[] struct fields.
Unfortunately a missing '~' in the code to update the bits
in those fields meant that writing to ICC_CTLR_EL3 would corrupt
the ICC_CLTR_EL1 register values.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

---
 hw/intc/arm_gicv3_cpuif.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

-- 
2.20.1

Comments

Philippe Mathieu-Daudé May 20, 2019, 5:20 p.m. UTC | #1

Hi Peter,

On 5/20/19 6:28 PM, Peter Maydell wrote:
> The ICC_CTLR_EL3 register includes some bits which are aliases

> of bits in the ICC_CTLR_EL1(S) and (NS) registers. QEMU chooses

> to keep those bits in the cs->icc_ctlr_el1[] struct fields.

> Unfortunately a missing '~' in the code to update the bits

> in those fields meant that writing to ICC_CTLR_EL3 would corrupt

> the ICC_CLTR_EL1 register values.


How did you notice? Simply reviewing?

> 

> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>


Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>


> ---

>  hw/intc/arm_gicv3_cpuif.c | 4 ++--

>  1 file changed, 2 insertions(+), 2 deletions(-)

> 

> diff --git a/hw/intc/arm_gicv3_cpuif.c b/hw/intc/arm_gicv3_cpuif.c

> index 000bdbd6247..3b212d91c8f 100644

> --- a/hw/intc/arm_gicv3_cpuif.c

> +++ b/hw/intc/arm_gicv3_cpuif.c

> @@ -1856,7 +1856,7 @@ static void icc_ctlr_el3_write(CPUARMState *env, const ARMCPRegInfo *ri,

>      trace_gicv3_icc_ctlr_el3_write(gicv3_redist_affid(cs), value);

>  

>      /* *_EL1NS and *_EL1S bits are aliases into the ICC_CTLR_EL1 bits. */

> -    cs->icc_ctlr_el1[GICV3_NS] &= (ICC_CTLR_EL1_CBPR | ICC_CTLR_EL1_EOIMODE);

> +    cs->icc_ctlr_el1[GICV3_NS] &= ~(ICC_CTLR_EL1_CBPR | ICC_CTLR_EL1_EOIMODE);

>      if (value & ICC_CTLR_EL3_EOIMODE_EL1NS) {

>          cs->icc_ctlr_el1[GICV3_NS] |= ICC_CTLR_EL1_EOIMODE;

>      }

> @@ -1864,7 +1864,7 @@ static void icc_ctlr_el3_write(CPUARMState *env, const ARMCPRegInfo *ri,

>          cs->icc_ctlr_el1[GICV3_NS] |= ICC_CTLR_EL1_CBPR;

>      }

>  

> -    cs->icc_ctlr_el1[GICV3_S] &= (ICC_CTLR_EL1_CBPR | ICC_CTLR_EL1_EOIMODE);

> +    cs->icc_ctlr_el1[GICV3_S] &= ~(ICC_CTLR_EL1_CBPR | ICC_CTLR_EL1_EOIMODE);

>      if (value & ICC_CTLR_EL3_EOIMODE_EL1S) {

>          cs->icc_ctlr_el1[GICV3_S] |= ICC_CTLR_EL1_EOIMODE;

>      }

>

diff --git a/hw/intc/arm_gicv3_cpuif.c b/hw/intc/arm_gicv3_cpuif.c
index 000bdbd6247..3b212d91c8f 100644
--- a/hw/intc/arm_gicv3_cpuif.c
+++ b/hw/intc/arm_gicv3_cpuif.c
@@ -1856,7 +1856,7 @@  static void icc_ctlr_el3_write(CPUARMState *env, const ARMCPRegInfo *ri,
     trace_gicv3_icc_ctlr_el3_write(gicv3_redist_affid(cs), value);
 
     /* *_EL1NS and *_EL1S bits are aliases into the ICC_CTLR_EL1 bits. */
-    cs->icc_ctlr_el1[GICV3_NS] &= (ICC_CTLR_EL1_CBPR | ICC_CTLR_EL1_EOIMODE);
+    cs->icc_ctlr_el1[GICV3_NS] &= ~(ICC_CTLR_EL1_CBPR | ICC_CTLR_EL1_EOIMODE);
     if (value & ICC_CTLR_EL3_EOIMODE_EL1NS) {
         cs->icc_ctlr_el1[GICV3_NS] |= ICC_CTLR_EL1_EOIMODE;
     }
@@ -1864,7 +1864,7 @@  static void icc_ctlr_el3_write(CPUARMState *env, const ARMCPRegInfo *ri,
         cs->icc_ctlr_el1[GICV3_NS] |= ICC_CTLR_EL1_CBPR;
     }
 
-    cs->icc_ctlr_el1[GICV3_S] &= (ICC_CTLR_EL1_CBPR | ICC_CTLR_EL1_EOIMODE);
+    cs->icc_ctlr_el1[GICV3_S] &= ~(ICC_CTLR_EL1_CBPR | ICC_CTLR_EL1_EOIMODE);
     if (value & ICC_CTLR_EL3_EOIMODE_EL1S) {
         cs->icc_ctlr_el1[GICV3_S] |= ICC_CTLR_EL1_EOIMODE;
     }

[4/4] hw/intc/arm_gicv3: Fix writes to ICC_CTLR_EL3

Commit Message

Comments

Patch