From: Jose Martins <josemartins90@gmail.com>
To: qemu-riscv@nongnu.org
Cc: Jose Martins <josemartins90@gmail.com>,
palmer@dabbelt.com, Alistair.Francis@wdc.com,
qemu-devel@nongnu.org
Subject: [PATCH v2] target/riscv: fix check of guest pa top bits
Date: Fri, 1 May 2020 19:51:06 +0100 [thread overview]
Message-ID: <20200501185106.88767-1-josemartins90@gmail.com> (raw)
The spec states that on sv39x4 guest physical "address bits 63:41 must
all be zeros, or else a guest-page-fault exception occurs.". However,
the check performed for these top bits of the virtual address on the
second stage is the same as the one performed for virtual addresses on
the first stage except with the 2-bit extension, effectively creating
the same kind of "hole" in the guest's physical address space. I believe
the following patch fixes this issue:
Signed-off-by: Jose Martins <josemartins90@gmail.com>
---
target/riscv/cpu_helper.c | 20 +++++++++++++-------
1 file changed, 13 insertions(+), 7 deletions(-)
diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c
index 247304d850..ae22c30bdd 100644
--- a/target/riscv/cpu_helper.c
+++ b/target/riscv/cpu_helper.c
@@ -426,15 +426,21 @@ static int get_physical_address(CPURISCVState *env, hwaddr *physical,
int va_bits = PGSHIFT + levels * ptidxbits + widened;
target_ulong mask, masked_msbs;
- if (TARGET_LONG_BITS > (va_bits - 1)) {
- mask = (1L << (TARGET_LONG_BITS - (va_bits - 1))) - 1;
+ if (!first_stage) {
+ if ((addr >> va_bits) != 0) {
+ return TRANSLATE_FAIL;
+ }
} else {
- mask = 0;
- }
- masked_msbs = (addr >> (va_bits - 1)) & mask;
+ if (TARGET_LONG_BITS > (va_bits - 1)) {
+ mask = (1L << (TARGET_LONG_BITS - (va_bits - 1))) - 1;
+ } else {
+ mask = 0;
+ }
+ masked_msbs = (addr >> (va_bits - 1)) & mask;
- if (masked_msbs != 0 && masked_msbs != mask) {
- return TRANSLATE_FAIL;
+ if (masked_msbs != 0 && masked_msbs != mask) {
+ return TRANSLATE_FAIL;
+ }
}
int ptshift = (levels - 1) * ptidxbits;
--
2.25.1
next reply other threads:[~2020-05-01 18:52 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-01 18:51 Jose Martins [this message]
2020-05-05 20:40 ` [PATCH v2] target/riscv: fix check of guest pa top bits Alistair Francis
2020-05-06 21:07 ` Alistair Francis
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200501185106.88767-1-josemartins90@gmail.com \
--to=josemartins90@gmail.com \
--cc=Alistair.Francis@wdc.com \
--cc=palmer@dabbelt.com \
--cc=qemu-devel@nongnu.org \
--cc=qemu-riscv@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).