When HCR_E2H is set, AT S1E2R and AT S1E2W should translate an address
based on both TTBR0_EL2 and TTBR1_EL2.
Signed-off-by: Ake Koomsin <a...@igel.co.jp>
---
target/arm/helper.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index dde64a487a..147f96e752 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -3486,7 +3486,12 @@ static void ats_write64(CPUARMState *env, const
ARMCPRegInfo *ri,
}
break;
case 4: /* AT S1E2R, AT S1E2W */
- mmu_idx = ARMMMUIdx_E2;
+ if (arm_hcr_el2_eff(env) & HCR_E2H) {
+ mmu_idx = env->pstate & PSTATE_PAN ?
+ ARMMMUIdx_E20_2_PAN : ARMMMUIdx_E20_2;
+ } else {
+ mmu_idx = ARMMMUIdx_E2;
+ }
break;
case 6: /* AT S1E3R, AT S1E3W */
mmu_idx = ARMMMUIdx_E3;
--
2.25.1
