target/arm: v8M MPU should use background region as default, not always

The "background region" for a v8M MPU is a default which will be used
(if enabled, and if the access is privileged) if the access does
not match any specific MPU region. We were incorrectly using it
always (by putting the condition at the wrong nesting level). This
meant that we would always return the default background permissions
rather than the correct permissions for a specific region, and also
that we would not return the right information in response to a
TT instruction.

Move the check for the background region to the same place in the
logic as the equivalent v8M MPUCheck() pseudocode puts it.
This in turn means we must adjust the condition we use to detect
matches in multiple regions to avoid false-positives.

Backports commit cff21316c666c8053b1f425577e324038d0ca30d from qemu
This commit is contained in:
Peter Maydell 2019-02-22 18:30:31 -05:00 committed by Lioncash
parent 6279d604d3
commit 928f226ed6
No known key found for this signature in database
GPG key ID: 4E3C3CC1031BA9C7

View file

@ -10439,9 +10439,11 @@ static bool pmsav8_mpu_lookup(CPUARMState *env, uint32_t address,
hit = true;
} else if (m_is_ppb_region(env, address)) {
hit = true;
} else if (pmsav7_use_background_region(cpu, mmu_idx, is_user)) {
hit = true;
} else {
if (pmsav7_use_background_region(cpu, mmu_idx, is_user)) {
hit = true;
}
for (n = (int)cpu->pmsav7_dregion - 1; n >= 0; n--) {
/* region search */
/* Note that the base address is bits [31:5] from the register
@ -10479,7 +10481,7 @@ static bool pmsav8_mpu_lookup(CPUARMState *env, uint32_t address,
*is_subpage = true;
}
if (hit) {
if (matchregion != -1) {
/* Multiple regions match -- always a failure (unlike
* PMSAv7 where highest-numbered-region wins)
*/