jcs.org
qemu with hax to log dma reads & writes
jcs.org/2018/11/12/vfio
hw/intc/arm_gicv3: GICD_TYPER.SecurityExtn is RAZ if GICD_CTLR.DS == 1
The GICv3 specification says that the GICD_TYPER.SecurityExtn bit
is RAZ if GICD_CTLR.DS is 1. We were incorrectly making it RAZ
if the security extension is unsupported. "Security extension
unsupported" always implies GICD_CTLR.DS == 1, but the guest can
also set DS on a GIC which does support the security extension.
Fix the condition to correctly check the GICD_CTLR.DS bit.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20190524124248.28394-3-peter.maydell@linaro.org
+7
-1
+7
-1
hw/intc/arm_gicv3_dist.c
+7
-1
hw/intc/arm_gicv3_dist.c
···
378
378
* ITLinesNumber == (num external irqs / 32) - 1
379
379
*/
380
380
int itlinesnumber = ((s->num_irq - GIC_INTERNAL) / 32) - 1;
381
+
/*
382
+
* SecurityExtn must be RAZ if GICD_CTLR.DS == 1, and
383
+
* "security extensions not supported" always implies DS == 1,
384
+
* so we only need to check the DS bit.
385
+
*/
386
+
bool sec_extn = !(s->gicd_ctlr & GICD_CTLR_DS);
381
387
382
-
*data = (1 << 25) | (1 << 24) | (s->security_extn << 10) |
388
+
*data = (1 << 25) | (1 << 24) | (sec_extn << 10) |
383
389
(0xf << 19) | itlinesnumber;
384
390
return MEMTX_OK;
385
391
}