target-arm: avoid undefined behaviour when writing TTBCR

target-arm: avoid undefined behaviour when writing TTBCR

LPAE CPUs have more potentially valid bits in the TTBCR, and so the
simple masking out of invalid bits is no longer sufficient to obtain
the base address width field of the register, which is what we use to
precalculate c2_mask and c2_base_mask.  Explicitly extract the
relevant register field rather than simply shifting by the register
value.

This bug would have had no ill effects in practice, since if the
EAE bit (TTBCR bit 31) is set then we don't use the precalculated
masks, and if EAE is zero then bits 30..3 are all UNK/SBZP, so
well-behaved guests won't set them. However the shift is undefined
behaviour, so we should avoid it.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1372347527-4428-1-git-send-email-peter.maydell@linaro.org