[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-riscv] [PATCH 1/2] target/riscv/pmp.c: Don't try further once matc
|
From: |
Anup Patel |
|
Subject: |
[Qemu-riscv] [PATCH 1/2] target/riscv/pmp.c: Don't try further once matching PMP entry found |
|
Date: |
Wed, 5 Dec 2018 13:57:02 +0530 |
As-per RISC-V privilege spec, we should only consider first matching
PMP entry. This is not enforced by current pmp_has_access().
Let's say we have two PMP entries configured by M-mode code:
PMP0: 0x0000000080000000-0x000000008001ffff (A)
PMP1: 0x0000000000000000-0xffffffffffffffff (A,R,W,X)
Now if S-mode code tries to access 0x80000000 then it should
generate trap to M-mode because PMP0 blocks the access.
The current implementation of pmp_has_access() checks PMP0 which gives
result=0 so it continues and tries PMP1 which gives result=1 hence
the access to 0x80000000 from S-mode is allowed.
This patch fixes pmp_has_access() to return immediatiely once
a matching entry is found (irrespective to the value of result).
Signed-off-by: Anup Patel <address@hidden>
---
target/riscv/pmp.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/target/riscv/pmp.c b/target/riscv/pmp.c
index 3dbb87c69d..936a52b6ba 100644
--- a/target/riscv/pmp.c
+++ b/target/riscv/pmp.c
@@ -193,8 +193,11 @@ bool pmp_has_access(CPURISCVState *env, target_ulong addr,
int size, int rw,
/* breaks iff other covering entries (invalid config). Punt */
*tlb_size = roundpow2(ea - sa);
}
- goto match;
}
+
+ /* only first matching PMP entry applies */
+ if (sa <= addr && (addr + size - 1) < ea)
+ goto match;
}
/* only allow M mode if no rules are present */
--
2.17.1
- [Qemu-riscv] [PATCH 1/2] target/riscv/pmp.c: Don't try further once matching PMP entry found,
Anup Patel <=