Commit a2e2d7fc authored by Peter Maydell's avatar Peter Maydell
Browse files

hw/intc/arm_gicv3: Fix secure-GIC NS ICC_PMR and ICC_RPR accesses 

If the GIC has the security extension support enabled, then a
non-secure access to ICC_PMR must take account of the non-secure
view of interrupt priorities, where real priorities 0x00..0x7f
are secure-only and not visible to the non-secure guest, and
priorities 0x80..0xff are shown to the guest as if they were
0x00..0xff. We had the logic here wrong:
 * on reads, the priority is in the secure range if bit 7
   is clear, not if it is set
 * on writes, we want to set bit 7, not mask everything else

Our ICC_RPR read code had the same error as ICC_PMR.

(Compare the GICv3 spec pseudocode functions ICC_RPR_EL1
and ICC_PMR_EL1.)

Fixes: https://bugs.launchpad.net/qemu/+bug/1748434


Signed-off-by: default avatarPeter Maydell <peter.maydell@linaro.org>
Reviewed-by: default avatarAndrew Jones <drjones@redhat.com>
Message-id: 20180315133441.24149-1-peter.maydell@linaro.org
parent 544156ef

hw/intc/arm_gicv3_cpuif.c

+3 −3
Original line number Diff line number Diff line
@@ -836,7 +836,7 @@ static uint64_t icc_pmr_read(CPUARMState *env, const ARMCPRegInfo *ri) 
        /* NS access and Group 0 is inaccessible to NS: return the

         * NS view of the current priority

         */

        if (value & 0x80) {

        if ((value & 0x80) == 0) {

            /* Secure priorities not visible to NS */

            value = 0;

        } else if (value != 0xff) {
@@ -871,7 +871,7 @@ static void icc_pmr_write(CPUARMState *env, const ARMCPRegInfo *ri, 
            /* Current PMR in the secure range, don't allow NS to change it */

            return;

        }

        value = (value >> 1) & 0x80;

        value = (value >> 1) | 0x80;

    }

    cs->icc_pmr_el1 = value;

    gicv3_cpuif_update(cs);
@@ -1609,7 +1609,7 @@ static uint64_t icc_rpr_read(CPUARMState *env, const ARMCPRegInfo *ri) 
    if (arm_feature(env, ARM_FEATURE_EL3) &&

        !arm_is_secure(env) && (env->cp15.scr_el3 & SCR_FIQ)) {

        /* NS GIC access and Group 0 is inaccessible to NS */

        if (prio & 0x80) {

        if ((prio & 0x80) == 0) {

            /* NS mustn't see priorities in the Secure half of the range */

            prio = 0;

        } else if (prio != 0xff) {