qemu-arm
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] target/arm: fix s2mmu input size check

From: Richard Henderson
Subject: Re: [PATCH] target/arm: fix s2mmu input size check
Date: Thu, 5 May 2022 11:13:06 -0500
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.8.0 
On 5/4/22 22:12, mkei@sfc.wide.ad.jp wrote:

From: Keisuke Iida <mkei@sfc.wide.ad.jp>

The maximum IPA size('inputsize') is constrained by the implemented PA size 
that is
specified by ID_AA64MMFR0_EL1.PARange. Please reference Arm Architecture 
Reference
Manual for A-profile architecture "Supported IPA size" on page D5-4788.

Signed-off-by: Keisuke Iida <mkei@sfc.wide.ad.jp>
---
  target/arm/helper.c | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/target/arm/helper.c b/target/arm/helper.c
index 5a244c3ed9..868e7a2c0b 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -11116,7 +11116,7 @@ static bool check_s2_mmu_setup(ARMCPU *cpu, bool 
is_aa64, int level,
          }
/* Inputsize checks. */ 
-        if (inputsize > outputsize &&
+        if (inputsize > arm_pamax(cpu) &&
This is incorrect -- arm_pamax has already been taken into account in computing outputsize. There are many more constraints than just this.
You need to have a look at the computation of ps and tsz in aa64_va_parameters, and then the computation of outputsize near the beginning of get_phys_addr_lpae, which takes arm_pamax into account by bounding ps against ID_AA64MMFR0.PARANGE, and pamax_map. 

What problem are you encountering?


r~
reply via email to
[Prev in Thread] Current Thread [Next in Thread]