xemu/hw
Jean-Philippe Brucker 5d31e1e59a amd_iommu: Fix pte_override_page_mask()
AMD IOMMU PTEs have a special mode allowing to specify an arbitrary page
size. Quoting the AMD IOMMU specification: "When the Next Level bits [of
a pte] are 7h, the size of the page is determined by the first zero bit
in the page address, starting from bit 12."

So if the lowest bits of the page address is 0, the page is 8kB. If the
lowest bits are 011, the page is 32kB. Currently pte_override_page_mask()
doesn't compute the right value for this page size and amdvi_translate()
can return the wrong guest-physical address. With a Linux guest, DMA
from SATA devices accesses the wrong memory and causes probe failure:

qemu-system-x86_64 ... -device amd-iommu -drive id=hd1,file=foo.bin,if=none \
		-device ahci,id=ahci -device ide-hd,drive=hd1,bus=ahci.0
[    6.613093] ata1.00: qc timeout (cmd 0xec)
[    6.615062] ata1.00: failed to IDENTIFY (I/O error, err_mask=0x4)

Fix the page mask.

Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Message-Id: <20210421084007.1190546-1-jean-philippe@linaro.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2021-05-04 07:27:37 -04:00
..
9pfs hw/9pfs/9p-synth: Replaced qemu_mutex_lock with QEMU_LOCK_GUARD 2021-03-16 11:41:49 +01:00
acpi acpi/piix4: reinitialize acpi PM device on reset 2021-04-01 12:19:52 -04:00
adc clock: Add ClockEvent parameter to callbacks 2021-03-08 17:20:01 +00:00
alpha vl: extract softmmu/datadir.c 2020-12-10 12:15:18 -05:00
arm hw/arm/armsse: Make SSE-300 use Cortex-M55 2021-04-17 18:47:11 +01:00
audio hw: Replace anti-social QOM type names 2021-03-19 15:18:43 +01:00
avr hw/avr/arduino: List board schematic links 2021-03-15 00:39:52 +01:00
block hw/block/nvme: fix invalid msix exclusive uninit 2021-04-26 14:55:50 +01:00
char s390x: css: report errors from ccw_dstream_read/write 2021-04-09 10:52:13 +02:00
core target-arm queue: 2021-04-06 16:04:33 +01:00
cpu cpu/core: Fix "help" of CPU core device types 2021-04-09 16:05:16 -04:00
cris hw: Replace anti-social QOM type names 2021-03-19 15:18:43 +01:00
display hw/display/xlnx_dp: Free FIFOs adding xlnx_dp_finalize() 2021-03-30 14:05:33 +01:00
dma target-arm queue: 2021-03-10 13:57:31 +00:00
gpio hw: gpio: implement gpio-pwr driver for qemu reset/poweroff 2021-01-29 10:47:28 +00:00
hppa hw: Use the PCI_SLOT() macro from 'hw/pci/pci.h' 2021-01-04 23:24:44 +01:00
hyperv qdev: Move softmmu properties to qdev-properties-system.h 2020-12-18 15:20:17 -05:00
i2c hw/i2c/npcm7xx_smbus: Simplify npcm7xx_smbus_init() 2021-03-05 15:17:34 +00:00
i386 amd_iommu: Fix pte_override_page_mask() 2021-05-04 07:27:37 -04:00
ide hw/ide: remove 'ide-drive' device 2021-03-18 09:22:55 +00:00
input Remove superfluous timer_del() calls 2021-01-08 15:13:38 +00:00
intc * fixes for i386 TCG paging 2021-03-19 18:01:17 +00:00
ipack
ipmi Remove superfluous timer_del() calls 2021-01-08 15:13:38 +00:00
isa hw/isa/piix4: Migrate Reset Control Register 2021-04-13 12:06:59 +02:00
lm32 hw/lm32/Kconfig: Have MILKYMIST select LM32_DEVICES 2021-03-09 22:37:08 +01:00
m68k m68k: add Virtual M68k Machine 2021-03-15 21:03:06 +01:00
mem memory: add a sparse memory device for fuzzing 2021-03-16 14:30:30 -04:00
microblaze hw: Replace anti-social QOM type names 2021-03-19 15:18:43 +01:00
mips hw/mips/gt64xxx: Trace accesses to ISD registers 2021-03-13 20:29:36 +01:00
misc hw: Replace anti-social QOM type names 2021-03-19 15:18:43 +01:00
moxie moxie: do not use ram_size global 2020-12-10 12:15:08 -05:00
net Revert "net: Move NetClientState.info_str to dynamic allocations" 2021-04-08 17:33:59 +08:00
nios2 * New -action option and set-action QMP command (Alejandro) 2020-12-15 21:24:31 +00:00
nubus
nvram sysemu: Let VMChangeStateHandler take boolean 'running' argument 2021-03-09 23:13:57 +01:00
openrisc target/openrisc: Move pic_cpu code into CPU object proper 2020-12-15 12:04:30 +00:00
pci virtio-pci: compat page aligned ATS 2021-04-06 07:11:36 -04:00
pci-bridge Kconfig: Compile PXB for ARM_VIRT 2021-01-17 06:42:54 -05:00
pci-host hw/pci-host: Introduce SH_PCI Kconfig entry 2021-03-06 16:18:42 +01:00
pcmcia
ppc spapr.c: always pulse guest IRQ in spapr_core_unplug_request() 2021-04-12 12:27:14 +10:00
rdma pvrdma: wean code off pvrdma_ring.h kernel header 2021-03-15 16:41:22 +08:00
remote multi-process: perform device reset in the remote process 2021-02-10 09:23:28 +00:00
riscv hw/riscv: microchip_pfsoc: Map EMMC/SD mux register 2021-03-22 21:54:40 -04:00
rtc goldfish_rtc: re-arm the alarm after migration 2021-03-04 09:43:29 -05:00
rx qtest: delete superfluous inclusions of qtest.h 2021-03-09 06:03:53 +01:00
s390x s390x: css: report errors from ccw_dstream_read/write 2021-04-09 10:52:13 +02:00
scsi mptsas: Remove unused MPTSASState 'pending' field (CVE-2021-3392) 2021-04-19 15:48:12 +01:00
sd hw/sd: sdhci: Reset the data pointer of s->fifo_buffer[] when a different block size is programmed 2021-03-22 16:56:22 +01:00
sh4 hw/sh4/sh7750_regs: Replace link to license by its full content 2021-03-06 16:19:03 +01:00
smbios i386: do not use ram_size global 2020-12-10 12:15:08 -05:00
sparc hw: Replace anti-social QOM type names 2021-03-19 15:18:43 +01:00
sparc64 hw/ide: remove 'ide-drive' device 2021-03-18 09:22:55 +00:00
ssi hw/ssi: xilinx_spips: Remove DMA related dead codes from zynqmp_spips 2021-03-10 13:54:51 +00:00
timer hw/timer/renesas_tmr: Add default-case asserts in read_tcnt() 2021-03-30 14:05:34 +01:00
tpm tpm: put some tpm devices into the correct category 2021-02-20 12:36:19 +01:00
tricore tricore: added triboard with tc27x_soc 2021-03-14 14:41:55 +01:00
unicore32
usb hw/usb/hcd-ehci: Fix crash when showing help of EHCI devices 2021-03-26 11:10:49 +01:00
vfio vfio/migrate: Move switch of dirty tracking into vfio_memory_listener 2021-03-16 10:06:44 -06:00
virtio vhost-user-fs: fix features handling 2021-04-13 16:13:41 +01:00
watchdog clock: Add ClockEvent parameter to callbacks 2021-03-08 17:20:01 +00:00
xen pci: add romsize property 2021-02-05 08:52:58 -05:00
xenpv
xtensa vl: make qemu_get_machine_opts static 2020-12-15 12:51:55 -05:00
Kconfig semihosting: Move hw/semihosting/ -> semihosting/ 2021-03-10 15:34:12 +00:00
meson.build semihosting: Move hw/semihosting/ -> semihosting/ 2021-03-10 15:34:12 +00:00