[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [for-4.7 2/2] xen/arm: traps: Correctly interpret the content of the register HPFAR_EL2

On 13/04/16 16:55, Julien Grall wrote:
> The register HPFAR_EL2 (resp. HPFAR on arm32) contains the bits [47:12]
> (resp. [39:12]) of the faulting IPA. Unlike other registers that represent
> an address, the upper bits of the IPA are stored in the register bits
> [4:39] (resp. [4:21]).
> 
> However, Xen assumes that the register contains the faulting IPA correctly
> offsetted. This will result to get a wrong IPA when the fault is happening
> during a translation table walk. Note this is only affecting  memaccess.
> 
> Introduce a new helper to get the faulting IPA from HPFAR_EL2 and
> replace direct read from the register by the helper.
> 
> Signed-off-by: Julien Grall <julien.grall@xxxxxxx>

Reviewed-by: Andre Przywara <andre.przywara@xxxxxxx>

Thanks for the catch!

Cheers,
Andre.

> 
> ---
> Cc: tamas@xxxxxxxxxxxxx
> 
> This is a bug fix for Xen 4.7 and should also be backported to Xen 4.6.
> Without this patch, the faulting IPA reported to memaccess may be wrong.
> 
> ---
>  xen/arch/arm/traps.c            | 11 +++++++++--
>  xen/include/asm-arm/processor.h |  7 +++++++
>  2 files changed, 16 insertions(+), 2 deletions(-)
> 
> diff --git a/xen/arch/arm/traps.c b/xen/arch/arm/traps.c
> index 1516abd..5e865cf 100644
> --- a/xen/arch/arm/traps.c
> +++ b/xen/arch/arm/traps.c
> @@ -2363,6 +2363,13 @@ done:
>      if (first) unmap_domain_page(first);
>  }
>  
> +static inline paddr_t get_faulting_ipa(void)
> +{
> +    register_t hpfar = READ_SYSREG(HPFAR_EL2);
> +
> +    return ((paddr_t)(hpfar & HPFAR_MASK) << (12 - 4));
> +}
> +
>  static void do_trap_instr_abort_guest(struct cpu_user_regs *regs,
>                                        const union hsr hsr)
>  {
> @@ -2381,7 +2388,7 @@ static void do_trap_instr_abort_guest(struct 
> cpu_user_regs *regs,
>          };
>  
>          if ( hsr.iabt.s1ptw )
> -            gpa = READ_SYSREG(HPFAR_EL2);
> +            gpa = get_faulting_ipa();
>          else
>          {
>              /*
> @@ -2431,7 +2438,7 @@ static void do_trap_data_abort_guest(struct 
> cpu_user_regs *regs,
>  #endif
>  
>      if ( dabt.s1ptw )
> -        info.gpa = READ_SYSREG(HPFAR_EL2);
> +        info.gpa = get_faulting_ipa();
>      else
>      {
>          rc = gva_to_ipa(info.gva, &info.gpa, GV2M_READ);
> diff --git a/xen/include/asm-arm/processor.h b/xen/include/asm-arm/processor.h
> index 7e6eb66..6789cd0 100644
> --- a/xen/include/asm-arm/processor.h
> +++ b/xen/include/asm-arm/processor.h
> @@ -565,6 +565,13 @@ union hsr {
>  
>  #define FSC_LL_MASK    (_AC(0x03,U)<<0)
>  
> +/* HPFAR_EL2: Hypervisor IPA Fault Address Register */
> +#ifdef CONFIG_ARM_64
> +#define HPFAR_MASK   GENMASK(39, 4)
> +#else
> +#define HPFAR_MASK   GENMASK(31, 4)
> +#endif
> +
>  /* Time counter hypervisor control register */
>  #define CNTHCTL_EL2_EL1PCTEN (1u<<0) /* Kernel/user access to physical 
> counter */
>  #define CNTHCTL_EL2_EL1PCEN  (1u<<1) /* Kernel/user access to CNTP timer 
> regs */
> 


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.