From e9fb085aa1593d512806a8220802819174c47645 Mon Sep 17 00:00:00 2001
From: Peter Maydell <peter.maydell@linaro.org>
Date: Wed, 22 Aug 2018 12:36:09 -0400
Subject: [PATCH] target/arm: Add missing .cp = 15 to HMAIR1 and HAMAIR1
 regdefs

ARMCPRegInfo structs will default to .cp = 15 if they
are ARM_CP_STATE_BOTH, but not if they are ARM_CP_STATE_AA32
(because a coprocessor number of 0 is valid for AArch32).
We forgot to explicitly set .cp = 15 for the HMAIR1 and
HAMAIR1 regdefs, which meant they would UNDEF when the guest
tried to access them under cp15.

Backports commit b5ede85bfb7ba1a8f6086494c82f400b29969f65 from qemu
---
 qemu/target/arm/helper.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/qemu/target/arm/helper.c b/qemu/target/arm/helper.c
index a9bac5c6..a8b87806 100644
--- a/qemu/target/arm/helper.c
+++ b/qemu/target/arm/helper.c
@@ -3356,11 +3356,11 @@ static const ARMCPRegInfo el3_no_el2_cp_reginfo[] = {
       PL2_RW, 0, NULL, 0 },
     { "MAIR_EL2", 0,10,2, 3,4,0, ARM_CP_STATE_BOTH, ARM_CP_CONST,
       PL2_RW, 0, NULL, 0 },
-    { "HMAIR1", 0,10,2, 0,4,1, ARM_CP_STATE_AA32, ARM_CP_CONST,
+    { "HMAIR1", 15,10,2, 0,4,1, ARM_CP_STATE_AA32, ARM_CP_CONST,
       PL2_RW, 0, NULL, 0 },
     { "AMAIR_EL2", 0,10,3, 3,4,0, ARM_CP_STATE_BOTH, ARM_CP_CONST,
       PL2_RW, 0, NULL, 0 },
-    { "HAMAIR1", 0,10,3, 0,4,1, ARM_CP_STATE_AA32, ARM_CP_CONST,
+    { "HAMAIR1", 15,10,3, 0,4,1, ARM_CP_STATE_AA32, ARM_CP_CONST,
       PL2_RW, 0, NULL, 0 },
     { "AFSR0_EL2", 0,5,1, 3,4,0, ARM_CP_STATE_BOTH, ARM_CP_CONST,
       PL2_RW, 0, NULL, 0 },
@@ -3463,12 +3463,12 @@ static const ARMCPRegInfo el2_cp_reginfo[] = {
       cptr_access },
     { "MAIR_EL2", 0,10,2, 3,4,0, ARM_CP_STATE_BOTH, 0,
       PL2_RW, 0, NULL, 0, offsetof(CPUARMState, cp15.mair_el[2]) },
-    { "HMAIR1", 0,10,2, 0,4,1, ARM_CP_STATE_AA32, ARM_CP_ALIAS,
+    { "HMAIR1", 15,10,2, 0,4,1, ARM_CP_STATE_AA32, ARM_CP_ALIAS,
       PL2_RW, 0, NULL, 0, offsetofhigh32(CPUARMState, cp15.mair_el[2]) },
     { "AMAIR_EL2", 0,10,3, 3,4,0, ARM_CP_STATE_BOTH, ARM_CP_CONST,
       PL2_RW, 0, NULL, 0 },
     /* HAMAIR1 is mapped to AMAIR_EL2[63:32] */
-    { "HAMAIR1", 0,10,3, 0,4,1, ARM_CP_STATE_AA32, ARM_CP_CONST,
+    { "HAMAIR1", 15,10,3, 0,4,1, ARM_CP_STATE_AA32, ARM_CP_CONST,
       PL2_RW, 0, NULL, 0 },
     { "AFSR0_EL2", 0,5,1, 3,4,0, ARM_CP_STATE_BOTH, ARM_CP_CONST,
       PL2_RW, 0, NULL, 0 },