aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPeter Maydell <peter.maydell@linaro.org>2019-07-22 14:07:39 +0100
committerPeter Maydell <peter.maydell@linaro.org>2019-07-22 14:07:39 +0100
commit8f4821d77e465bc2ef77302d47640d5a43d92b30 (patch)
tree741b2f8554c5b2bb2fc7a42a36ceddc0dc1a03bc
parentbc8c2ecfd07ade1f6b47f6f48929487409e578ff (diff)
downloadqemu-8f4821d77e465bc2ef77302d47640d5a43d92b30.zip
qemu-8f4821d77e465bc2ef77302d47640d5a43d92b30.tar.gz
qemu-8f4821d77e465bc2ef77302d47640d5a43d92b30.tar.bz2
target/arm: Limit ID register assertions to TCG
In arm_cpu_realizefn() we make several assertions about the values of guest ID registers: * if the CPU provides AArch32 v7VE or better it must advertise the ARM_DIV feature * if the CPU provides AArch32 A-profile v6 or better it must advertise the Jazelle feature These are essentially consistency checks that our ID register specifications in cpu.c didn't accidentally miss out a feature, because increasingly the TCG emulation gates features on the values in ID registers rather than using old-style checks of ARM_FEATURE_FOO bits. Unfortunately, these asserts can cause problems if we're running KVM, because in that case we don't control the values of the ID registers -- we read them from the host kernel. In particular, if the host kernel is older than 4.15 then it doesn't expose the ID registers via the KVM_GET_ONE_REG ioctl, and we set up dummy values for some registers and leave the rest at zero. (See the comment in target/arm/kvm64.c kvm_arm_get_host_cpu_features().) This set of dummy values is not sufficient to pass our assertions, and so on those kernels running an AArch32 guest on AArch64 will assert. We could provide a more sophisticated set of dummy ID registers in this case, but that still leaves the possibility of a host CPU which reports bogus ID register values that would cause us to assert. It's more robust to only do these ID register checks if we're using TCG, as that is the only case where this is truly a QEMU code bug. Reported-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Tested-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 20190718125928.20147-1-peter.maydell@linaro.org Fixes: https://bugs.launchpad.net/qemu/+bug/1830864 Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
-rw-r--r--target/arm/cpu.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
index 1959467..9eb40ff 100644
--- a/target/arm/cpu.c
+++ b/target/arm/cpu.c
@@ -1369,6 +1369,9 @@ static void arm_cpu_realizefn(DeviceState *dev, Error **errp)
* There exist AArch64 cpus without AArch32 support. When KVM
* queries ID_ISAR0_EL1 on such a host, the value is UNKNOWN.
* Similarly, we cannot check ID_AA64PFR0 without AArch64 support.
+ * As a general principle, we also do not make ID register
+ * consistency checks anywhere unless using TCG, because only
+ * for TCG would a consistency-check failure be a QEMU bug.
*/
if (arm_feature(&cpu->env, ARM_FEATURE_AARCH64)) {
no_aa32 = !cpu_isar_feature(aa64_aa32, cpu);
@@ -1383,7 +1386,7 @@ static void arm_cpu_realizefn(DeviceState *dev, Error **errp)
* Presence of EL2 itself is ARM_FEATURE_EL2, and of the
* Security Extensions is ARM_FEATURE_EL3.
*/
- assert(no_aa32 || cpu_isar_feature(arm_div, cpu));
+ assert(!tcg_enabled() || no_aa32 || cpu_isar_feature(arm_div, cpu));
set_feature(env, ARM_FEATURE_LPAE);
set_feature(env, ARM_FEATURE_V7);
}
@@ -1409,7 +1412,7 @@ static void arm_cpu_realizefn(DeviceState *dev, Error **errp)
if (arm_feature(env, ARM_FEATURE_V6)) {
set_feature(env, ARM_FEATURE_V5);
if (!arm_feature(env, ARM_FEATURE_M)) {
- assert(no_aa32 || cpu_isar_feature(jazelle, cpu));
+ assert(!tcg_enabled() || no_aa32 || cpu_isar_feature(jazelle, cpu));
set_feature(env, ARM_FEATURE_AUXCR);
}
}