diff options
-rw-r--r-- | target-i386/cpu.c | 3 | ||||
-rw-r--r-- | target-i386/helper.c | 12 |
2 files changed, 10 insertions, 5 deletions
diff --git a/target-i386/cpu.c b/target-i386/cpu.c index 0f400d4011..c8ef936354 100644 --- a/target-i386/cpu.c +++ b/target-i386/cpu.c @@ -552,8 +552,7 @@ struct X86CPUDefinition { CPUID_PSE36 | CPUID_CLFLUSH | CPUID_ACPI | CPUID_MMX | \ CPUID_FXSR | CPUID_SSE | CPUID_SSE2 | CPUID_SS) /* partly implemented: - CPUID_MTRR, CPUID_MCA, CPUID_CLFLUSH (needed for Win64) - CPUID_PSE36 (needed for Solaris) */ + CPUID_MTRR, CPUID_MCA, CPUID_CLFLUSH (needed for Win64) */ /* missing: CPUID_VME, CPUID_DTS, CPUID_SS, CPUID_HT, CPUID_TM, CPUID_PBE */ #define TCG_EXT_FEATURES (CPUID_EXT_SSE3 | CPUID_EXT_PCLMULQDQ | \ diff --git a/target-i386/helper.c b/target-i386/helper.c index 94081e8838..2b917ad28d 100644 --- a/target-i386/helper.c +++ b/target-i386/helper.c @@ -672,8 +672,13 @@ int x86_cpu_handle_mmu_fault(CPUState *cs, vaddr addr, if ((pde & PG_PSE_MASK) && (env->cr[4] & CR4_PSE_MASK)) { page_size = 4096 * 1024; pte_addr = pde_addr; - pte = pde; - goto do_check_protect; + + /* Bits 20-13 provide bits 39-32 of the address, bit 21 is reserved. + * Leave bits 20-13 in place for setting accessed/dirty bits below. + */ + pte = pde | ((pde & 0x1fe000) << (32 - 13)); + rsvd_mask = 0x200000; + goto do_check_protect_pse36; } if (!(pde & PG_ACCESSED_MASK)) { @@ -696,6 +701,7 @@ int x86_cpu_handle_mmu_fault(CPUState *cs, vaddr addr, do_check_protect: rsvd_mask |= (page_size - 1) & PG_ADDRESS_MASK & ~PG_PSE_PAT_MASK; +do_check_protect_pse36: if (pte & rsvd_mask) { goto do_fault_rsvd; } @@ -882,7 +888,7 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr) if (!(pde & PG_PRESENT_MASK)) return -1; if ((pde & PG_PSE_MASK) && (env->cr[4] & CR4_PSE_MASK)) { - pte = pde & ~0x003ff000; /* align to 4MB */ + pte = pde | ((pde & 0x1fe000) << (32 - 13)); page_size = 4096 * 1024; } else { /* page directory entry */ |