[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCHv3 3/5] RISC-V: Check PMP during Page Table Walks
|
From: |
Alistair Francis |
|
Subject: |
Re: [Qemu-devel] [PATCHv3 3/5] RISC-V: Check PMP during Page Table Walks |
|
Date: |
Tue, 21 May 2019 15:37:58 -0700 |
On Tue, May 21, 2019 at 3:44 AM Hesham Almatary
<address@hidden> wrote:
>
> The PMP should be checked when doing a page table walk, and report access
> fault exception if the to-be-read PTE failed the PMP check.
>
> Suggested-by: Jonathan Behrens <address@hidden>
> Signed-off-by: Hesham Almatary <address@hidden>
> ---
> target/riscv/cpu.h | 1 +
> target/riscv/cpu_helper.c | 10 +++++++++-
> 2 files changed, 10 insertions(+), 1 deletion(-)
>
> diff --git a/target/riscv/cpu.h b/target/riscv/cpu.h
> index c17184f4e4..ab3ba3f15a 100644
> --- a/target/riscv/cpu.h
> +++ b/target/riscv/cpu.h
> @@ -94,6 +94,7 @@ enum {
> #define PRIV_VERSION_1_09_1 0x00010901
> #define PRIV_VERSION_1_10_0 0x00011000
>
> +#define TRANSLATE_PMP_FAIL 2
> #define TRANSLATE_FAIL 1
> #define TRANSLATE_SUCCESS 0
> #define NB_MMU_MODES 4
> diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c
> index 7c7282c680..d0b0f9cf88 100644
> --- a/target/riscv/cpu_helper.c
> +++ b/target/riscv/cpu_helper.c
> @@ -211,6 +211,12 @@ restart:
>
> /* check that physical address of PTE is legal */
> target_ulong pte_addr = base + idx * ptesize;
> +
> + if (riscv_feature(env, RISCV_FEATURE_PMP) &&
> + !pmp_hart_has_privs(env, pte_addr, sizeof(target_ulong),
> + 1 << MMU_DATA_LOAD)) {
I see a problem here.
pmp_hart_has_privs() checks permissions based on the current value of
env->priv. This might not always be the correct permissions to check,
we should instead use the current mode to check permissions.
The best way to do this to me is to probably provide a privileged mode
override to the function, can you add that?
Alistair
> + return TRANSLATE_PMP_FAIL;
> + }
> #if defined(TARGET_RISCV32)
> target_ulong pte = ldl_phys(cs->as, pte_addr);
> #elif defined(TARGET_RISCV64)
> @@ -405,8 +411,10 @@ bool riscv_cpu_tlb_fill(CPUState *cs, vaddr address, int
> size,
> if (riscv_feature(env, RISCV_FEATURE_PMP) &&
> (ret == TRANSLATE_SUCCESS) &&
> !pmp_hart_has_privs(env, pa, TARGET_PAGE_SIZE, 1 << access_type)) {
> + ret = TRANSLATE_PMP_FAIL;
> + }
> + if (ret == TRANSLATE_PMP_FAIL) {
> pmp_violation = true;
> - ret = TRANSLATE_FAIL;
> }
> if (ret == TRANSLATE_SUCCESS) {
> tlb_set_page(cs, address & TARGET_PAGE_MASK, pa & TARGET_PAGE_MASK,
> --
> 2.17.1
>
>
[Qemu-devel] [PATCHv3 4/5] RISC-V: Fix a PMP bug where it succeeds even if PMP entry is off, Hesham Almatary, 2019/05/21
[Qemu-devel] [PATCHv3 5/5] RISC-V: Fix a PMP check with the correct access size, Hesham Almatary, 2019/05/21