On Mon, 2013-10-07 at 12:37 +0100, Ian Campbell wrote:
> I've been testing this with a hack DTB which uses only the AEM
> fastmodel's 36-bit alias of DRAM and a hacked up boot-wrapper to load
> at the appropriate addresses etc.

I forgot to say that this currently gets as far as loading the dom0
kernel before it fails because the "at s12el1r" instruction used by
gva_to_ma_par (and therefore copy_to_user) is failing.

This appears to be because it is truncating the high address given as
input to 32-bits as part of the stage 1 translation, and so the stage 2
translation fails because the input IPA is invalid.

I have reported this as a potential model bug because stage 1
translation is not enabled (SCTLR_EL1.M == 0) and therefore IPA<0:47> is
supposed to be equal to VA<0:47>.


