The function get_ipa_output_size checks whether the input size
configured by the guest is valid and will return it.
The check is done with the IPS already shifted against
TCR_EL1_IPS_48_BIT. However the constant has been defined with the
shift included, as a result the check is always false.
Fix it by doing the check on the non-shifted value.
This was introduced by commit
7d623b358a "arm/mem_access: Add long-descriptor
based gpt" introduced software page-table walk for stage-1.
Note that the IPS code is now surrounded with #ifdef CONFIG_ARM_64
because the Arm32 compiler will complain of shift bigger than the width
of the variable. This is fine as the code is executed for 64-bit domain only.
Coverity-ID:
1457707
Signed-off-by: Julien Grall <julien.grall@linaro.org>
Reviewed-by: Sergej Proskurin <proskurin@sec.in.tum.de>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
static int get_ipa_output_size(struct domain *d, register_t tcr,
unsigned int *output_size)
{
- unsigned int ips;
+#ifdef CONFIG_ARM_64
+ register_t ips;
static const unsigned int ipa_sizes[7] = {
TCR_EL1_IPS_32_BIT_VAL,
if ( is_64bit_domain(d) )
{
/* Get the intermediate physical address size. */
- ips = (tcr & TCR_EL1_IPS_MASK) >> TCR_EL1_IPS_SHIFT;
+ ips = tcr & TCR_EL1_IPS_MASK;
/*
* Return an error on reserved IPA output-sizes and if the IPA
if ( ips > TCR_EL1_IPS_48_BIT )
return -EFAULT;
- *output_size = ipa_sizes[ips];
+ *output_size = ipa_sizes[ips >> TCR_EL1_IPS_SHIFT];
}
else
+#endif
*output_size = TCR_EL1_IPS_40_BIT_VAL;
return 0;
projects / people / iwj / xen.git / commitdiff