탐색 도움말
가입하기 로그인
FangSoftSoft
/
qemu
의 미러 https://github.com/utmapp/qemu.git
2
0
포크 0
파일 이슈 0 위키
소스 검색

target/arm: trap DCC access in user mode emulation

Accessing EL0-accessible Debug Communication Channel (DCC) registers in
user mode emulation is currently enabled.  However, it does not match
Linux behavior as Linux sets MDSCR_EL1.TDCC on startup to disable EL0
access to DCC (see __cpu_setup() in arch/arm64/mm/proc.S).

This patch fixes access_tdcc() to check MDSCR_EL1.TDCC for EL0 and sets
MDSCR_EL1.TDCC for user mode emulation to match Linux.

Signed-off-by: Zhuojia Shen <chaosdefinition@hotmail.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: DS7PR12MB630905198DD8E69F6817544CAC4EA@DS7PR12MB6309.namprd12.prod.outlook.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Zhuojia Shen 2 년 전
부모
c81e4ab370
커밋
f9ac778898
2개의 변경된 파일7개의 추가작업 그리고 0개의 파일을 삭제
통합 보기 변경상태 보기
  1. 2 0
      target/arm/cpu.c
  2. 5 0
      target/arm/debug_helper.c

+ 2 - 0
target/arm/cpu.c
파일 보기 

@@ -289,6 +289,8 @@ static void arm_cpu_reset_hold(Object *obj)
 
          * This is not yet exposed from the Linux kernel in any way.
 
          * This is not yet exposed from the Linux kernel in any way.
 
          */
 
          */
 
         env->cp15.sctlr_el[1] |= SCTLR_TSCXT;
 
         env->cp15.sctlr_el[1] |= SCTLR_TSCXT;
 
+        /* Disable access to Debug Communication Channel (DCC). */
 
+        env->cp15.mdscr_el1 |= 1 << 12;
 
 #else
 
 #else
 
         /* Reset into the highest available EL */
 
         /* Reset into the highest available EL */
 
         if (arm_feature(env, ARM_FEATURE_EL3)) {
 
         if (arm_feature(env, ARM_FEATURE_EL3)) {

+ 5 - 0
target/arm/debug_helper.c
파일 보기 

@@ -842,12 +842,14 @@ static CPAccessResult access_tda(CPUARMState *env, const ARMCPRegInfo *ri,
 
  * is implemented then these are controlled by MDCR_EL2.TDCC for
 
  * is implemented then these are controlled by MDCR_EL2.TDCC for
 
  * EL2 and MDCR_EL3.TDCC for EL3. They are also controlled by
 
  * EL2 and MDCR_EL3.TDCC for EL3. They are also controlled by
 
  * the general debug access trap bits MDCR_EL2.TDA and MDCR_EL3.TDA.
 
  * the general debug access trap bits MDCR_EL2.TDA and MDCR_EL3.TDA.
 
+ * For EL0, they are also controlled by MDSCR_EL1.TDCC.
 
  */
 
  */
 
 static CPAccessResult access_tdcc(CPUARMState *env, const ARMCPRegInfo *ri,
 
 static CPAccessResult access_tdcc(CPUARMState *env, const ARMCPRegInfo *ri,
 
                                   bool isread)
 
                                   bool isread)
 
 {
 
 {
 
     int el = arm_current_el(env);
 
     int el = arm_current_el(env);
 
     uint64_t mdcr_el2 = arm_mdcr_el2_eff(env);
 
     uint64_t mdcr_el2 = arm_mdcr_el2_eff(env);
 
+    bool mdscr_el1_tdcc = extract32(env->cp15.mdscr_el1, 12, 1);
 
     bool mdcr_el2_tda = (mdcr_el2 & MDCR_TDA) || (mdcr_el2 & MDCR_TDE) ||
 
     bool mdcr_el2_tda = (mdcr_el2 & MDCR_TDA) || (mdcr_el2 & MDCR_TDE) ||
 
         (arm_hcr_el2_eff(env) & HCR_TGE);
 
         (arm_hcr_el2_eff(env) & HCR_TGE);
 
     bool mdcr_el2_tdcc = cpu_isar_feature(aa64_fgt, env_archcpu(env)) &&
 
     bool mdcr_el2_tdcc = cpu_isar_feature(aa64_fgt, env_archcpu(env)) &&
 
@@ -855,6 +857,9 @@ static CPAccessResult access_tdcc(CPUARMState *env, const ARMCPRegInfo *ri,
 
     bool mdcr_el3_tdcc = cpu_isar_feature(aa64_fgt, env_archcpu(env)) &&
 
     bool mdcr_el3_tdcc = cpu_isar_feature(aa64_fgt, env_archcpu(env)) &&
 
                                           (env->cp15.mdcr_el3 & MDCR_TDCC);
 
                                           (env->cp15.mdcr_el3 & MDCR_TDCC);
 
 
 
+    if (el < 1 && mdscr_el1_tdcc) {
 
+        return CP_ACCESS_TRAP;
 
+    }
 
     if (el < 2 && (mdcr_el2_tda || mdcr_el2_tdcc)) {
 
     if (el < 2 && (mdcr_el2_tda || mdcr_el2_tdcc)) {
 
         return CP_ACCESS_TRAP_EL2;
 
         return CP_ACCESS_TRAP_EL2;
 
     }
 
     }