From 8193d4617cfdaec6e95c2087d9a13197dc261ef0 Mon Sep 17 00:00:00 2001 From: Peter Maydell Date: Fri, 2 Jun 2017 11:51:47 +0100 Subject: hw/intc/arm_gicv3_cpuif: Don't let BPR be set below its minimum MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit icc_bpr_write() was not enforcing that writing a value below the minimum for the BPR should behave as if the BPR was set to the minimum value. This doesn't make a difference for the secure BPRs (since we define the minimum for the QEMU implementation as zero) but did mean we were allowing the NS BPR1 to be set to 0 when 1 should be the lowest value. Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daudé Message-id: 1493226792-3237-3-git-send-email-peter.maydell@linaro.org --- hw/intc/arm_gicv3_cpuif.c | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'hw/intc') diff --git a/hw/intc/arm_gicv3_cpuif.c b/hw/intc/arm_gicv3_cpuif.c index d31eba0..e660b3f 100644 --- a/hw/intc/arm_gicv3_cpuif.c +++ b/hw/intc/arm_gicv3_cpuif.c @@ -1388,6 +1388,7 @@ static void icc_bpr_write(CPUARMState *env, const ARMCPRegInfo *ri, { GICv3CPUState *cs = icc_cs_from_env(env); int grp = (ri->crm == 8) ? GICV3_G0 : GICV3_G1; + uint64_t minval; if (icv_access(env, grp == GICV3_G0 ? HCR_FMO : HCR_IMO)) { icv_bpr_write(env, ri, value); @@ -1415,6 +1416,11 @@ static void icc_bpr_write(CPUARMState *env, const ARMCPRegInfo *ri, return; } + minval = (grp == GICV3_G1NS) ? GIC_MIN_BPR_NS : GIC_MIN_BPR; + if (value < minval) { + value = minval; + } + cs->icc_bpr[grp] = value & 7; gicv3_cpuif_update(cs); } -- cgit v1.1