diff options
author | Christoffer Dall <christoffer.dall@linaro.org> | 2014-01-31 14:47:38 +0000 |
---|---|---|
committer | Peter Maydell <peter.maydell@linaro.org> | 2014-01-31 14:47:38 +0000 |
commit | 5b0adce156216fb24dcc5f1683e8b686f3793fff (patch) | |
tree | c00b631a06d4c273a22b53a60a5f60ca59c53eac /hw/intc | |
parent | 41ab7b55108e2699e7c2e77788465cb52a0b2c08 (diff) | |
download | qemu-5b0adce156216fb24dcc5f1683e8b686f3793fff.tar.gz qemu-5b0adce156216fb24dcc5f1683e8b686f3793fff.tar.bz2 qemu-5b0adce156216fb24dcc5f1683e8b686f3793fff.zip |
arm_gic: Fix GICD_ICPENDR and GICD_ISPENDR writes
Fix two bugs that would allow changing the state of SGIs through the
ICPENDR and ISPENDRs.
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Diffstat (limited to 'hw/intc')
-rw-r--r-- | hw/intc/arm_gic.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/hw/intc/arm_gic.c b/hw/intc/arm_gic.c index 98c6ff5ccb..1c4a1143af 100644 --- a/hw/intc/arm_gic.c +++ b/hw/intc/arm_gic.c @@ -428,7 +428,7 @@ static void gic_dist_writeb(void *opaque, hwaddr offset, if (irq >= s->num_irq) goto bad_reg; if (irq < GIC_NR_SGIS) { - irq = 0; + value = 0; } for (i = 0; i < 8; i++) { @@ -441,6 +441,10 @@ static void gic_dist_writeb(void *opaque, hwaddr offset, irq = (offset - 0x280) * 8 + GIC_BASE_IRQ; if (irq >= s->num_irq) goto bad_reg; + if (irq < GIC_NR_SGIS) { + value = 0; + } + for (i = 0; i < 8; i++) { /* ??? This currently clears the pending bit for all CPUs, even for per-CPU interrupts. It's unclear whether this is the |