Merge tag 'pull-target-arm-20221122' of https://git.linaro.org/people/pmaydell/qemu-arm into staging

target-arm:
 * Fix broken 5-level pagetable handling
 * Fix debug accesses when EL2 is present

# -----BEGIN PGP SIGNATURE-----
#
# iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmN8+tgZHHBldGVyLm1h
# eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3t+mD/sGzXb5BjKl0JeREHAh6swI
# niodZz0hf67UYITIQJMBu8KiFjAowk726qkwSOJyjQ7ot1N/zy6z3X8SbHLBF8qe
# xHJwVIvDADRKQ4j9y9chVof0Bg8+6274kFwcl/FR/gTFxQex+jzNmk6RzV1D5n3D
# gSKYVT1DJmr/qiWdoNxfuOPsbF44+ADskyeSLKmhN7SgK3JRDSfOTYb0AwIzm4Ue
# CL3rfNBkAsF6j9ygWHH0uff7ztWLZiCY1l+zXtOzzwZbrxMdSK6TCHgliNJ/9F/i
# D1vLr0A+J82ubADOHsTq5dE4tyYUkz/JQLCaoQWul7q08nz4i5XLFxBFUzll+H55
# yHCIzgbt2DOVICW2bzJR9fqI11cyeXY+ftRHVcA17mBKKXLEMg2ziIQ2yw0cugdD
# eaCcOLXgpLpMgCfFLDFOhZb9j0Q0TNEiKu9ZOVJrMDj5uT4HwctJ0PnPlHxaz6pC
# d9CdT1+J/omN8HYvZmBF1t9y3Y1dVKO9cOEFwcT2nTOqfLXirlKH7BeP9rdH96xi
# jSvixFrliUTjFGyW6AK8VoqXIx7rYK5OlWWdTnZhhERdjbVGkbPgc3O9ZYH9dJKO
# lUGmXZAguMbruXjDjGijNOSY1Vf/aTfbjCoOi3NoDbDQqAh8UjXUvUWbdjKo9uF+
# CtY6fnorIekqT2mYWNfkfQ==
# =Oh+/
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 22 Nov 2022 11:37:44 EST
# gpg:                using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg:                issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [full]
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>" [full]
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [full]
# gpg:                 aka "Peter Maydell <peter@archaic.org.uk>" [unknown]
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* tag 'pull-target-arm-20221122' of https://git.linaro.org/people/pmaydell/qemu-arm:
  target/arm: Use signed quantity to represent VMSAv8-64 translation level
  target/arm: Don't do two-stage lookup if stage 2 is disabled

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

1 files changed, 6 insertions, 5 deletions

diff --git a/target/arm/ptw.c b/target/arm/ptw.c
index 9a6277d862..f812734bfb 100644
--- a/target/arm/ptw.c
+++ b/target/arm/ptw.c
@@ -1172,7 +1172,7 @@ static bool get_phys_addr_lpae(CPUARMState *env, S1Translate *ptw,
     ARMCPU *cpu = env_archcpu(env);
     ARMMMUIdx mmu_idx = ptw->in_mmu_idx;
     bool is_secure = ptw->in_secure;
-    uint32_t level;
+    int32_t level;
     ARMVAParameters param;
     uint64_t ttbr;
     hwaddr descaddr, indexmask, indexmask_grainsize;
@@ -1302,7 +1302,7 @@ static bool get_phys_addr_lpae(CPUARMState *env, S1Translate *ptw,
          */
         uint32_t sl0 = extract32(tcr, 6, 2);
         uint32_t sl2 = extract64(tcr, 33, 1);
-        uint32_t startlevel;
+        int32_t startlevel;
         bool ok;
 
         /* SL2 is RES0 unless DS=1 & 4kb granule. */
@@ -2612,8 +2612,8 @@ static bool get_phys_addr_twostage(CPUARMState *env, S1Translate *ptw,
 
     ret = get_phys_addr_with_struct(env, ptw, address, access_type, result, fi);
 
-    /* If S1 fails or S2 is disabled, return early.  */
-    if (ret || regime_translation_disabled(env, ARMMMUIdx_Stage2, is_secure)) {
+    /* If S1 fails, return early.  */
+    if (ret) {
         return ret;
     }
 
@@ -2739,7 +2739,8 @@ static bool get_phys_addr_with_struct(CPUARMState *env, S1Translate *ptw,
          * Otherwise, a stage1+stage2 translation is just stage 1.
          */
         ptw->in_mmu_idx = mmu_idx = s1_mmu_idx;
-        if (arm_feature(env, ARM_FEATURE_EL2)) {
+        if (arm_feature(env, ARM_FEATURE_EL2) &&
+            !regime_translation_disabled(env, ARMMMUIdx_Stage2, is_secure)) {
             return get_phys_addr_twostage(env, ptw, address, access_type,
                                           result, fi);
         }