From: Sergey Fedorov <s.fedorov@samsung.com>
Date: Tue, 10 Dec 2013 06:41:49 +0000 (+0400)
Subject: target-arm: fix TTBCR write masking
X-Git-Url: http://git.maquefel.me/?a=commitdiff_plain;h=74f1c6ddec8dc7566d9b75574bb006214cc7d3b4;p=qemu.git

target-arm: fix TTBCR write masking

Current implementation is not accurate according to ARMv7-AR reference
manual. See "B4.1.153 TTBCR, Translation Table Base Control Register,
VMSA | TTBCR format when using the Long-descriptor translation table
format". When LPAE feature is supported, EAE, bit[31] selects
translation descriptor format and, therefore, TTBCR format.

Signed-off-by: Sergey Fedorov <s.fedorov@samsung.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1386657709-23399-1-git-send-email-s.fedorov@samsung.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---

diff --git a/target-arm/helper.c b/target-arm/helper.c
index 8ec4cb1cd1..5e5e5aad2b 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -1173,7 +1173,7 @@ static int vmsa_ttbcr_raw_write(CPUARMState *env, const ARMCPRegInfo *ri,
 {
     int maskshift = extract32(value, 0, 3);
 
-    if (arm_feature(env, ARM_FEATURE_LPAE)) {
+    if (arm_feature(env, ARM_FEATURE_LPAE) && (value & (1 << 31))) {
         value &= ~((7 << 19) | (3 << 14) | (0xf << 3));
     } else {
         value &= 7;