| Message ID | 20200225031414.15649-2-richard.henderson@linaro.org |
|---|---|
| State | New |
| Headers | show |
| Series | target/arm: Misc cleanups surrounding TBI | expand |
On Tue, 25 Feb 2020 at 03:14, Richard Henderson <richard.henderson@linaro.org> wrote: > > We missed this case within AArch64.ExceptionReturn. > > Signed-off-by: Richard Henderson <richard.henderson@linaro.org> > --- > target/arm/helper-a64.c | 23 ++++++++++++++++++++++- > 1 file changed, 22 insertions(+), 1 deletion(-) > > diff --git a/target/arm/helper-a64.c b/target/arm/helper-a64.c > index 509ae93069..95e9e879ca 100644 > --- a/target/arm/helper-a64.c > +++ b/target/arm/helper-a64.c > @@ -1031,6 +1031,8 @@ void HELPER(exception_return)(CPUARMState *env, uint64_t new_pc) > "AArch32 EL%d PC 0x%" PRIx32 "\n", > cur_el, new_el, env->regs[15]); > } else { > + int tbii; > + > env->aarch64 = 1; > spsr &= aarch64_pstate_valid_mask(&env_archcpu(env)->isar); > pstate_write(env, spsr); > @@ -1038,8 +1040,27 @@ void HELPER(exception_return)(CPUARMState *env, uint64_t new_pc) > env->pstate &= ~PSTATE_SS; > } > aarch64_restore_sp(env, new_el); > - env->pc = new_pc; > helper_rebuild_hflags_a64(env, new_el); > + > + /* > + * Apply TBI to the exception return address. We had to delay this > + * until after we selected the new EL, so that we could select the > + * correct TBI+TBID bits. This is made easier by waiting until after > + * the hflags rebuild, since we can pull the composite TBII field > + * from there. > + */ > + tbii = FIELD_EX32(env->hflags, TBFLAG_A64, TBII); > + if ((tbii >> extract64(new_pc, 55, 1)) & 1) { > + /* TBI is enabled. */ > + int core_mmu_idx = cpu_mmu_index(env, false); > + if (regime_has_2_ranges(core_mmu_idx | ARM_MMU_IDX_A)) { We have core_to_arm_mmu_idx() so you don't need to open-code this. Or just call arm_mmu_idx(env) to get the ARMMMUIdx directly. > + new_pc = sextract64(new_pc, 0, 56); > + } else { > + new_pc = extract64(new_pc, 0, 56); > + } > + } > + env->pc = new_pc; > + > qemu_log_mask(CPU_LOG_INT, "Exception return from AArch64 EL%d to " > "AArch64 EL%d PC 0x%" PRIx64 "\n", > cur_el, new_el, env->pc); thanks -- PMM
diff --git a/target/arm/helper-a64.c b/target/arm/helper-a64.c index 509ae93069..95e9e879ca 100644 --- a/target/arm/helper-a64.c +++ b/target/arm/helper-a64.c @@ -1031,6 +1031,8 @@ void HELPER(exception_return)(CPUARMState *env, uint64_t new_pc) "AArch32 EL%d PC 0x%" PRIx32 "\n", cur_el, new_el, env->regs[15]); } else { + int tbii; + env->aarch64 = 1; spsr &= aarch64_pstate_valid_mask(&env_archcpu(env)->isar); pstate_write(env, spsr); @@ -1038,8 +1040,27 @@ void HELPER(exception_return)(CPUARMState *env, uint64_t new_pc) env->pstate &= ~PSTATE_SS; } aarch64_restore_sp(env, new_el); - env->pc = new_pc; helper_rebuild_hflags_a64(env, new_el); + + /* + * Apply TBI to the exception return address. We had to delay this + * until after we selected the new EL, so that we could select the + * correct TBI+TBID bits. This is made easier by waiting until after + * the hflags rebuild, since we can pull the composite TBII field + * from there. + */ + tbii = FIELD_EX32(env->hflags, TBFLAG_A64, TBII); + if ((tbii >> extract64(new_pc, 55, 1)) & 1) { + /* TBI is enabled. */ + int core_mmu_idx = cpu_mmu_index(env, false); + if (regime_has_2_ranges(core_mmu_idx | ARM_MMU_IDX_A)) { + new_pc = sextract64(new_pc, 0, 56); + } else { + new_pc = extract64(new_pc, 0, 56); + } + } + env->pc = new_pc; + qemu_log_mask(CPU_LOG_INT, "Exception return from AArch64 EL%d to " "AArch64 EL%d PC 0x%" PRIx64 "\n", cur_el, new_el, env->pc);
We missed this case within AArch64.ExceptionReturn. Signed-off-by: Richard Henderson <richard.henderson@linaro.org> --- target/arm/helper-a64.c | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-)