On 1/28/26 09:39, Jim Shu wrote:
Current 'iotlb_to_section()' API only finds the sections from CPU's
AddressSpace but not other AddressSpaces. However, If address space
translation is over IOMMUMemoryRegion, like ARM MPC device, it could
return section from other AddressSpaces, which will break
'iotlb_to_section()'.
To fix this bug, store complete MemoryRegionSection pointer in
CPUTLBEntryFull, and we can directly use section pointer in it w/o need
of 'iotlb_to_section()' API.
Besides ARM MPC device, the upcoming RISC-V wgChecker [1] and RISC-V IOPMP [2]
devices also require this bugfix.
From the description it feels like this patch series should NOT be
picked up for qemu-stable, since while the bug is here, but it only
happens in a very specific narrow case, and the fix is rather involved.
Please let me know if I still should pick this one up for qemu-stable.
P.S. This is for the first time when I'm asking if a change
is *not* for stable :)
Thanks,
/mjt
[1] RISC-V WG:
https://patchew.org/QEMU/[email protected]/
[2] RISC-V IOPMP:
https://patchew.org/QEMU/[email protected]/
Jim Shu (2):
accel/tcg: Fix iotlb_to_section() for different AddressSpace
system/physmem: Remove the assertion of page-aligned section number
accel/tcg/cputlb.c | 32 +++++++++++++++-----------------
include/accel/tcg/iommu.h | 15 ---------------
include/exec/cputlb.h | 2 +-
include/hw/core/cpu.h | 12 +++++++-----
system/physmem.c | 31 -------------------------------
5 files changed, 23 insertions(+), 69 deletions(-)
