SYS-OSS/FRET-qemu
4
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

target/arm/hvf: sign extend the data for a load operation when SSE=1

Browse Source 
In the syndrome value for a data abort, bit 21 is SSE, which is
set to indicate that the abort was on a sign-extending load. When
we handle the data abort from the guest via address_space_read(),
we forgot to handle this and so would return the wrong value if
the guest did a sign-extending load to an MMIO region. Add the
sign-extension of the returned data.

Cc: qemu-stable@nongnu.org
Signed-off-by: Joelle van Dyne <j@getutm.app>
Message-id: 20250224184123.50780-1-j@getutm.app
[PMM: Drop an unnecessary check on 'len'; expand commit message]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This commit is contained in:
Joelle van Dyne 2025-02-24 10:41:23 -08:00 committed by Peter Maydell
parent fd207677a8
commit 12c365315a
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
target/arm/hvf/hvf.c
View File

@ -1983,6 +1983,7 @@ int hvf_vcpu_exec(CPUState *cpu)
bool isv = syndrome & ARM_EL_ISV; bool isv = syndrome & ARM_EL_ISV;
bool iswrite = (syndrome >> 6) & 1; bool iswrite = (syndrome >> 6) & 1;
bool s1ptw = (syndrome >> 7) & 1; bool s1ptw = (syndrome >> 7) & 1;
bool sse = (syndrome >> 21) & 1;
uint32_t sas = (syndrome >> 22) & 3; uint32_t sas = (syndrome >> 22) & 3;
uint32_t len = 1 << sas; uint32_t len = 1 << sas;
uint32_t srt = (syndrome >> 16) & 0x1f; uint32_t srt = (syndrome >> 16) & 0x1f;
@ -2010,6 +2011,9 @@ int hvf_vcpu_exec(CPUState *cpu)
address_space_read(&address_space_memory, address_space_read(&address_space_memory,
hvf_exit->exception.physical_address, hvf_exit->exception.physical_address,
MEMTXATTRS_UNSPECIFIED, &val, len); MEMTXATTRS_UNSPECIFIED, &val, len);
if (sse) {
val = sextract64(val, 0, len * 8);
}
hvf_set_reg(cpu, srt, val); hvf_set_reg(cpu, srt, val);
} }