[BUG] ARM64 KVM: Data abort executing post-indexed LDR on MMIO address
Peter Maydell
peter.maydell at linaro.org
Fri Oct 4 03:40:44 PDT 2024
On Fri, 4 Oct 2024 at 10:47, Ahmad Fatoum <a.fatoum at pengutronix.de> wrote:
> I am investigating a data abort affecting the barebox bootloader built for aarch64
> that only manifests with qemu-system-aarch64 -enable-kvm.
>
> The issue happens when using the post-indexed form of LDR on a MMIO address:
>
> ldr x0, =0x9000fe0 // MMIO address
> ldr w1, [x0], #4 // data abort, but only with -enable-kvm
Don't do this -- KVM doesn't support it. For access to MMIO,
stick to instructions which will set the ISV bit in ESR_EL1.
That is:
* AArch64 loads and stores of a single general-purpose register
(including the register specified with 0b11111, including those
with Acquire/Release semantics, but excluding Load Exclusive
or Store Exclusive and excluding those with writeback).
* AArch32 instructions where the instruction:
- Is an LDR, LDA, LDRT, LDRSH, LDRSHT, LDRH, LDAH, LDRHT,
LDRSB, LDRSBT, LDRB, LDAB, LDRBT, STR, STL, STRT, STRH,
STLH, STRHT, STRB, STLB, or STRBT instruction.
- Is not performing register writeback.
- Is not using R15 as a source or destination register.
Your instruction is doing writeback. Do the address update
as a separate instruction.
Strictly speaking this is a missing feature in KVM (in an
ideal world it would let you do MMIO with any instruction
that you could use on real hardware). In practice it is not
a major issue because you don't typically want to do odd
things when you're doing MMIO, you just want to load or
store a single data item. If you're running into this then
your guest software is usually doing something a bit strange.
thanks
-- PMM
More information about the linux-arm-kernel
mailing list