@@ -523,9 +523,9 @@ static target_ulong h_rtas(PowerPCCPU *cpu, sPAPREnvironment *spapr,
target_ulong opcode, target_ulong *args)
{
target_ulong rtas_r3 = args[0];
- uint32_t token = ldl_be_phys(rtas_r3);
- uint32_t nargs = ldl_be_phys(rtas_r3 + 4);
- uint32_t nret = ldl_be_phys(rtas_r3 + 8);
+ uint32_t token = rtas_ld(rtas_r3, 0);
+ uint32_t nargs = rtas_ld(rtas_r3, 1);
+ uint32_t nret = rtas_ld(rtas_r3, 2);
return spapr_rtas_call(cpu, spapr, token, nargs, rtas_r3 + 12,
nret, rtas_r3 + 12 + 4*nargs);
@@ -340,14 +340,19 @@ static inline int spapr_allocate_lsi(int hint)
return spapr_allocate_irq(hint, true);
}
+static inline uint64_t ppc64_phys_to_real(uint64_t addr)
+{
+ return addr & ~0xF000000000000000ULL;
+}
+
static inline uint32_t rtas_ld(target_ulong phys, int n)
{
- return ldl_be_phys(phys + 4*n);
+ return ldl_be_phys(ppc64_phys_to_real(phys + 4*n));
}
static inline void rtas_st(target_ulong phys, int n, uint32_t val)
{
- stl_be_phys(phys + 4*n, val);
+ stl_be_phys(ppc64_phys_to_real(phys + 4*n), val);
}
typedef void (*spapr_rtas_fn)(PowerPCCPU *cpu, sPAPREnvironment *spapr,
On the real hardware, RTAS is called in real mode and therefore top 4 bits of the address passed in the call are ignored. So does the patch. This converts h_rtas() to use existing rtas_ld() handlers. This fixed rtas_ld()/rtas_st() to ignore top 4 bits. Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru> --- Changes: v3: * ldl_be_phys() replaced with rtas_ld() which is already there * rtas_ld()/rtas_st() fixed to chop top 4 bits v2: * masking from replaced with the use of cpu_ldl_data which can handle realmode case properly --- hw/ppc/spapr_hcall.c | 6 +++--- include/hw/ppc/spapr.h | 9 +++++++-- 2 files changed, 10 insertions(+), 5 deletions(-)