[prev in list] [next in list] [prev in thread] [next in thread]
List: xen-cvs
Subject: [Xen-changelog] [xen stable-4.5] xen/arm: vgic-v2: Correctly handle RAZ/WI registers
From: patchbot () xen ! org
Date: 2015-04-14 10:51:58
Message-ID: E1YhyRi-0007NS-GA () xenbits ! xen ! org
[Download RAW message or body]
commit 009d14dd3eee187a0912a667efe48a184a6e38ca
Author: Julien Grall <julien.grall@linaro.org>
AuthorDate: Mon Feb 16 14:50:51 2015 +0000
Commit: Ian Campbell <ian.campbell@citrix.com>
CommitDate: Thu Apr 2 11:45:04 2015 +0100
xen/arm: vgic-v2: Correctly handle RAZ/WI registers
All the GICv2 registers are word-accessible. Some them are also
byte-accessible (see GICD_IPRIORITYR*).
Those registers are incorrectly implemented when they should be RAZ. Only
word-access size are currently allowed for them.
To avoid further issues, introduce different label following the access-size
of the registers:
- read_as_zero_32 and write_ignore_32: Used for registers accessible
via a word.
- read_as_zero: Used when we don't have to check the access size.
The latter is used when the access size has already been checked in the
register emulation and/or when the register offset is reserved/implementation
defined.
Note that, only used labels has been introduced.
Signed-off-by: Julien Grall <julien.grall@linaro.org>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
(cherry picked from commit 1fefa550274758204a6bf58ea9b9509296197080)
---
xen/arch/arm/vgic-v2.c | 24 +++++++++++++-----------
1 files changed, 13 insertions(+), 11 deletions(-)
diff --git a/xen/arch/arm/vgic-v2.c b/xen/arch/arm/vgic-v2.c
index d82429d..a5c41f4 100644
--- a/xen/arch/arm/vgic-v2.c
+++ b/xen/arch/arm/vgic-v2.c
@@ -72,7 +72,7 @@ static int vgic_v2_distr_mmio_read(struct vcpu *v, mmio_info_t *info)
case GICD_IGROUPR ... GICD_IGROUPRN:
/* We do not implement security extensions for guests, read zero */
- goto read_as_zero;
+ goto read_as_zero_32;
case GICD_ISENABLER ... GICD_ISENABLERN:
if ( dabt.size != DABT_WORD ) goto bad_width;
@@ -164,7 +164,7 @@ static int vgic_v2_distr_mmio_read(struct vcpu *v, mmio_info_t *info)
case GICD_NSACR ... GICD_NSACRN:
/* We do not implement security extensions for guests, read zero */
- goto read_as_zero;
+ goto read_as_zero_32;
case GICD_SGIR:
if ( dabt.size != DABT_WORD ) goto bad_width;
@@ -224,8 +224,9 @@ bad_width:
domain_crash_synchronous();
return 0;
-read_as_zero:
+read_as_zero_32:
if ( dabt.size != DABT_WORD ) goto bad_width;
+read_as_zero:
*r = 0;
return 1;
}
@@ -285,7 +286,7 @@ static int vgic_v2_distr_mmio_write(struct vcpu *v, mmio_info_t *info)
/* R/O -- write ignored */
case GICD_TYPER:
case GICD_IIDR:
- goto write_ignore;
+ goto write_ignore_32;
/* Implementation defined -- write ignored */
case 0x020 ... 0x03c:
@@ -293,7 +294,7 @@ static int vgic_v2_distr_mmio_write(struct vcpu *v, mmio_info_t *info)
case GICD_IGROUPR ... GICD_IGROUPRN:
/* We do not implement security extensions for guests, write ignore */
- goto write_ignore;
+ goto write_ignore_32;
case GICD_ISENABLER ... GICD_ISENABLERN:
if ( dabt.size != DABT_WORD ) goto bad_width;
@@ -359,7 +360,7 @@ static int vgic_v2_distr_mmio_write(struct vcpu *v, mmio_info_t *info)
case GICD_ITARGETSR ... GICD_ITARGETSR + 7:
/* SGI/PPI target is read only */
- goto write_ignore;
+ goto write_ignore_32;
case GICD_ITARGETSR + 8 ... GICD_ITARGETSRN:
{
@@ -432,10 +433,10 @@ static int vgic_v2_distr_mmio_write(struct vcpu *v, mmio_info_t *info)
return 1;
case GICD_ICFGR: /* SGIs */
- goto write_ignore;
+ goto write_ignore_32;
case GICD_ICFGR + 1: /* PPIs */
/* It is implementation defined if these are writeable. We chose not */
- goto write_ignore;
+ goto write_ignore_32;
case GICD_ICFGR + 2 ... GICD_ICFGRN: /* SPIs */
if ( dabt.size != DABT_WORD ) goto bad_width;
rank = vgic_rank_offset(v, 2, gicd_reg - GICD_ICFGR, DABT_WORD);
@@ -447,7 +448,7 @@ static int vgic_v2_distr_mmio_write(struct vcpu *v, mmio_info_t *info)
case GICD_NSACR ... GICD_NSACRN:
/* We do not implement security extensions for guests, write ignore */
- goto write_ignore;
+ goto write_ignore_32;
case GICD_SGIR:
if ( dabt.size != DABT_WORD ) goto bad_width;
@@ -473,7 +474,7 @@ static int vgic_v2_distr_mmio_write(struct vcpu *v, mmio_info_t *info)
/* R/O -- write ignore */
case GICD_ICPIDR2:
- goto write_ignore;
+ goto write_ignore_32;
/* Implementation defined -- write ignored */
case 0xfec ... 0xffc:
@@ -502,8 +503,9 @@ bad_width:
domain_crash_synchronous();
return 0;
-write_ignore:
+write_ignore_32:
if ( dabt.size != DABT_WORD ) goto bad_width;
+write_ignore:
return 1;
}
--
generated by git-patchbot for /home/xen/git/xen.git#stable-4.5
_______________________________________________
Xen-changelog mailing list
Xen-changelog@lists.xen.org
http://lists.xensource.com/xen-changelog
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic