aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--target-i386/cpu.c3
-rw-r--r--target-i386/helper.c12
2 files changed, 10 insertions, 5 deletions
diff --git a/target-i386/cpu.c b/target-i386/cpu.c
index 0f400d4011..c8ef936354 100644
--- a/target-i386/cpu.c
+++ b/target-i386/cpu.c
@@ -552,8 +552,7 @@ struct X86CPUDefinition {
CPUID_PSE36 | CPUID_CLFLUSH | CPUID_ACPI | CPUID_MMX | \
CPUID_FXSR | CPUID_SSE | CPUID_SSE2 | CPUID_SS)
/* partly implemented:
- CPUID_MTRR, CPUID_MCA, CPUID_CLFLUSH (needed for Win64)
- CPUID_PSE36 (needed for Solaris) */
+ CPUID_MTRR, CPUID_MCA, CPUID_CLFLUSH (needed for Win64) */
/* missing:
CPUID_VME, CPUID_DTS, CPUID_SS, CPUID_HT, CPUID_TM, CPUID_PBE */
#define TCG_EXT_FEATURES (CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | \
diff --git a/target-i386/helper.c b/target-i386/helper.c
index 94081e8838..2b917ad28d 100644
--- a/target-i386/helper.c
+++ b/target-i386/helper.c
@@ -672,8 +672,13 @@ int x86_cpu_handle_mmu_fault(CPUState *cs, vaddr addr,
if ((pde & PG_PSE_MASK) && (env->cr[4] & CR4_PSE_MASK)) {
page_size = 4096 * 1024;
pte_addr = pde_addr;
- pte = pde;
- goto do_check_protect;
+
+ /* Bits 20-13 provide bits 39-32 of the address, bit 21 is reserved.
+ * Leave bits 20-13 in place for setting accessed/dirty bits below.
+ */
+ pte = pde | ((pde & 0x1fe000) << (32 - 13));
+ rsvd_mask = 0x200000;
+ goto do_check_protect_pse36;
}
if (!(pde & PG_ACCESSED_MASK)) {
@@ -696,6 +701,7 @@ int x86_cpu_handle_mmu_fault(CPUState *cs, vaddr addr,
do_check_protect:
rsvd_mask |= (page_size - 1) & PG_ADDRESS_MASK & ~PG_PSE_PAT_MASK;
+do_check_protect_pse36:
if (pte & rsvd_mask) {
goto do_fault_rsvd;
}
@@ -882,7 +888,7 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
if (!(pde & PG_PRESENT_MASK))
return -1;
if ((pde & PG_PSE_MASK) && (env->cr[4] & CR4_PSE_MASK)) {
- pte = pde & ~0x003ff000; /* align to 4MB */
+ pte = pde | ((pde & 0x1fe000) << (32 - 13));
page_size = 4096 * 1024;
} else {
/* page directory entry */